Stack Overflow
Stack Overflow

Questions tagged [authenticode]

Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed by use of a cryptographic hash. Microsoft Authenticode (TM) is Microsoft's implementation of digitally code signing executables.

Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed by use of a cryptographic hash. Microsoft Authenticode (TM) is Microsoft's implementation of digitally code signing executables.

185 questions
1
vote
1 answer

Identify Microsoft Authenticode Certificate

I have a Code Signing Certificate but it looks like I can't use it for Microsoft ClickOnce. It looks like ClickOnce requires the certificate to be an Authenticode Certificate. How can I tell that a (code signing) certificate is indeed an…
Dunken
  • 8,481
  • 7
  • 54
  • 87
1
vote
1 answer

Windows API authenticode get root certificate

I want to walk the certificate chain of a authenticode signed PE binary using the Windows API. To get the certificate store I followed the example from Microsoft:…
user2369952
  • 53
  • 2
  • 4
1
vote
3 answers

How do you know that some fields in structs are arrays?

I'm looking at this piece of C code from Microsoft wincrypt.h header file //+------------------------------------------------------------------------- // Attributes // // Where the Value's PATTR_BLOBs are in their encoded…
vitr
  • 6,766
  • 8
  • 30
  • 50
1
vote
1 answer

Where does signtool.exe store the application name when signing an .MSI file?

We're having the following situation. An .MSI file, after being signed using signtool.exe, will show the following UAC prompt: The same .MSI file, after being signed with a custom tool that uses the CryptUIWizDigitalSign API, shows the following…
Dan
  • 1,927
  • 2
  • 24
  • 35
1
vote
1 answer

SignTool Error: File not found - pfx

I am using signtool.exe to sign binaries with the PFX file. But when I try to execute the command through command line, an error message is displayed. SignTool Error: File not found: D:\Myfile.Pfx But the file D:\Myfile.Pfx exists at that location. …
Muthu R
  • 11
  • 1
  • 4
1
vote
0 answers

Electron and Authenticode - Prevent malicious redistribution

I'm in the works of purchasing authenticode certs from Digicert for an open source Electron project. However I'm concerned with how Electron is built if my certificates will remain safe. From what I can see electron-builder, code signing is only…
Dustin
  • 6,207
  • 19
  • 61
  • 93
1
vote
1 answer

Code signing certificate with lifetime policy not working

I have created a self-signed code signing certificate with the Microsoft lifetime OID 1.3.6.1.4.1.311.10.3.13. The certificate has expired, but the signed program continues to work normally. I was hoping the program would stop working or that…
user118708
  • 197
  • 1
  • 13
1
vote
1 answer

Why ActiveX "Unknown Publisher" error when using signed certificate?

I have been struggling for days trying to get a simple ActiveX DLL to work with no success despite studying several articles on the subject which I have found online. I suspect I have several things coded incorrectly as I am just not familiar with…
Jim
  • 155
  • 2
  • 7
1
vote
0 answers

.NET assembly with Revoked certificate over OCSP - what happens?

I'm a little new to dealing with signed .NET (C#) assemblies (we have an EXE and several DLLs), so there might be a few simple things that I am missing. I recently found an application we were using was taking a very long time to load on a machine…
JPhi1618
  • 783
  • 1
  • 11
  • 21
1
vote
1 answer

Code Signing (Authenticode) then get "The system cannot execute the specified program."

I have problems executing my application after code signing it with Authenticode. This is what I do: build a C++ application sign the executable execute the executable and the system responds with "The system cannot execute the specified…
Manu
  • 21
  • 2
1
vote
2 answers

How can I verify signature of a Powershell .ps1 script using C#?

I have some signed .ps1 script, I need to verify they are properly signed from a C# project, is there any algorithm or library to do this? Thanks!
Joni
  • 113
  • 1
  • 7
1
vote
1 answer

How can I sign an ActiveX control with a code signing certificate and be a verified publisher?

I'm trying to sign an ActiveX control with a code signing certificate issued by Thawte. I was able to successfully sign the control using signtool.exe. When I look at the file properties, it says "The certificate in the signature cannot be…
davidcl
  • 1,187
  • 8
  • 23
1
vote
2 answers

Windows driver installation failure after signing and verifying with signtool using cross signed certificates using SHA-2

I have two driver files which appear to have been singned properly: bobbarker@bobbarker-PC /cygdrive/c/Users/bobbarker/Desktop $ ./SignTool.exe verify /kp /v /ph /d truecrypt.sys Verifying: truecrypt.sys Hash of file (sha1):…
Jason Pyeron
  • 2,388
  • 1
  • 22
  • 31
1
vote
0 answers

Can I use a SSL certificate for both HTTPS and code signing?

I know very little about code signing and haven't been able to find out any definite answer on the internet about this : is it possible to use a single SSL certificate for running an HTTPS server and code-sign Windows executables at the same…
F.X.
  • 6,809
  • 3
  • 49
  • 71
1
vote
0 answers

Why won't my app develop an authenticode reputation

We have now purchased two Code Signing certificates that are supposed to work with Authenticode for downloads. We used Comodo for our source and I am certain we have the correct type of certificate. We set up Installshield to sign the setup package…
user3720189
  • 11
  • 2
1 2 3
12 13