Stack Overflow
Stack Overflow

Questions tagged [authenticode]

Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed by use of a cryptographic hash. Microsoft Authenticode (TM) is Microsoft's implementation of digitally code signing executables.

Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed by use of a cryptographic hash. Microsoft Authenticode (TM) is Microsoft's implementation of digitally code signing executables.

185 questions
2
votes
1 answer

Authenticode signature verification - is the slow process. Should I at all?

Please, help me with decision. Recently I start thinking about buying Authenticode certificate and signing all my assemblies in my .NET desktop app and ClickOnce installation. I've read a little bit and suddenly had realized that runtime signature…
Alexander Futoryan
  • 51
  • 6
2
votes
1 answer

Why can I avoid having to sign a referenced dll by signing the exe post build?

I'm working on a ClickOnce application which now I want to sign with a certificate I got from Comodo, solely for the purpose of avoiding the "Unknown Publisher" warning (and now also the SmartScreen ban) when users install it. I managed to sign the…
Juan
  • 15,274
  • 23
  • 105
  • 187
2
votes
0 answers

Code Signing --> Publisher: Unknown - Have correct Chain

Solved! Hope you guys can help! First off. I have gone through every article I could find at SO, as well as MSDN, etc. I am trying to sign an installshield exe. I have a godaddy code signing certificate, and have no problem signing the certificate…
PSSG
  • 31
  • 1
  • 5
2
votes
1 answer

Self-extracting self-checking executable

I am distributing an authenticode signed self-extracting executable whose content I control. It contains a mushroom of MSI-based installers that controls a hot swap of a distributed system, so it cannot easily be an MSI itself. It would be nice to…
Jirka Hanika
  • 13,301
  • 3
  • 46
  • 75
1
vote
2 answers

How to verify a binary signed with a self-signed certificate?

We want to add automatic software updates to our application, but our company isn't yet ready to buy a code-signing certificate from a trusted root CA, so we'll be using a self-signed certificate to sign code updates (.exe and .dll) for…
Vladimir Panteleev
  • 24,651
  • 6
  • 70
  • 114
1
vote
1 answer

Microsoft Partner Center HLKX driver submission: SHA2 error with SHA384 certificate

We've been submitting drivers to Partner Center for validation and signature by Microsoft for a long time. Recently our Authenticode certificate expired, so we purchased a new one. When we submit driver packages signed by the new certificate, we get…
Helge Klein
  • 8,829
  • 8
  • 51
  • 71
1
vote
1 answer

Code-Sign an Authenticode PE file using keys in a HSM in Linux

I need a non-windows (linux or FreeBSD) way of signing a boot executable(EFI binaries) in the Authenticode PE format. Currently there are some tools like pbsign, sbsign, uefisign, osslsigncode on *nix platforms, but the common pattern is they all…
rapidclock
  • 1,677
  • 2
  • 17
  • 32
1
vote
0 answers

How to get the hash from signtool?

I understand that the Microsoft signtool utility and Powershell Set-AuthenticodeSignature cmdlet generate a hash of the data to be signed and use that to compute the signature. I need to get the hash value for auditing purposes. Are there code…
fhcat
  • 971
  • 2
  • 9
  • 28
1
vote
0 answers

Should an authenticode-signed application validate itself, and is it worth the trouble?

My company produces a desktop application, and we are currently assessing the benefits gained by code-signing said desktop application. The application comes pre-installed, and our users are coached, so the application being from an "unknown author"…
Whosdatdev
  • 333
  • 3
  • 10
1
vote
1 answer

Can Authenticode-signed binary call non-authenticode signed binary?

Suppose I authenticode-sign a .exe or .dll [C# (.NET Framework 4.7.2)], which in turn calls third party DLLs that are NOT authenticode-signed. This should work by default in Windows, correct? I.e. no signing errors would be triggered when…
A X
  • 905
  • 2
  • 13
  • 31
1
vote
0 answers

Using SignerSignEx2 with a CNG provider

We currently set the SignerSignEx2's SIGNER_PROVIDER_INFO to a suitable CSP, however, the docs say that CSPs are outdated and we're now using our vendor's CNG provider instead. We could migrate all our other usages, except the SignerSignEx2 call.…
D.R.
  • 20,268
  • 21
  • 102
  • 205
1
vote
1 answer

Signing executables for Windows

I develop a desktop application for use on Windows, and was wondering how I can get my executables signed so they stop showing those horrible looking warning messages about being from an unknown publisher. I am somewhat familiar with signing…
Daisetsu
  • 4,846
  • 11
  • 50
  • 70
1
vote
1 answer

Impact of dropping SHA1 code signing (SHA256 only)

I would like to know what is the impact of dropping SHA1 code signing in favour of SHA256-only code signing as of October 2018. I am currently dual code signing my executables to ensure they will get validated on all versions of Windows starting…
awakecoding
  • 428
  • 5
  • 15
1
vote
0 answers

What files do I need to code sign on Windows Electron app?

I want to sign a Windows Electron app. Do I only need to sign the installer that will be downloaded by the user or do I also need to sign the .exe (or .dll files) before they will be packaged by the installer?
DaveJ
  • 2,357
  • 6
  • 28
  • 35
1
vote
0 answers

Example of proper use of SignerSignEx3

I was looking for any documentation of SignerSignEx3. There are examples of how to use SignerSignEx2, however SignerSignEx3 has almost no documentation,. SignTool uses it and in order to code sign properly and time stamp the signed file,…
Michael Haephrati
  • 3,660
  • 1
  • 33
  • 56
1 2 3
12 13