Stack Overflow
Stack Overflow

Questions tagged [authenticode]

Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed by use of a cryptographic hash. Microsoft Authenticode (TM) is Microsoft's implementation of digitally code signing executables.

Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed by use of a cryptographic hash. Microsoft Authenticode (TM) is Microsoft's implementation of digitally code signing executables.

185 questions
128
votes
13 answers

Automate Extended Validation (EV) code signing with SafeNet eToken

We recently purchased a DigiCert EV code signing certificate. We are able to sign .exe files using signtool.exe. However, every time we sign a file, it prompts for the SafeNet eToken password. How can we automate this process, without user…
decasteljau
  • 7,655
  • 10
  • 41
  • 58
70
votes
6 answers

Getting around Chrome's Malicious File Warning

I created an application which comprises a number of *.exe files. I've packaged these up into an NSIS installer which I hosted on my website. When I try to download it Chrome reports it as potentially malicious. At first I thought it could be the…
user1242165
  • 701
  • 1
  • 6
  • 3
36
votes
5 answers

Code signing (Microsoft Authenticode)

I have a program which is used by a large number of people who are not always super computer savvy. I want to make sure that rather than having my executable say it is from an unknown author that it says it was signed by me. As far as I know this…
Daisetsu
  • 4,846
  • 11
  • 50
  • 70
28
votes
7 answers

signtool failing to dual sign SHA2 and SHA1 with timestamps

We need to dual sign our binaries with SHA1 and SHA2 using signtool.exe, our certificate supports 256-bit SHA2. Using the Windows 8 SDK's signtool: e.g.: signtool.exe sign /as /fd sha256 /t http://timestamp.verisign.com/scripts/timstamp.dll /f…
JosephA
  • 1,187
  • 3
  • 13
  • 27
22
votes
4 answers

Does code-signing without strong-naming leave your app open to abuse?

Trying to get my head around authenticode code-signing and strong-naming. Am I right in thinking that if I code-sign an exe that references a few dlls (not strong named) that a malicious user could replace my DLLs and distribute the app in a way…
Danny Tuppeny
  • 40,147
  • 24
  • 151
  • 275
22
votes
8 answers

Get timestamp from Authenticode Signed files in .NET

We need to verify that binary files are signed properly with digital signature (Authenticode). This can be achieved with signtool.exe pretty easily. However, we need an automatic way that also verifies signer name and timestamp. This is doable in…
SlavaGu
  • 817
  • 1
  • 8
  • 15
22
votes
2 answers

How do I securely configure a CI server to digitally sign binaries?

There are many sites that explain how to run signtool.exe on a .pfx certificate file, which boil down to: signtool.exe sign /f mycert.pfx /p mypassword /t http://timestamp.server.com \ /d "My description" file1.exe file2.exe I have a continuous…
gregmac
  • 24,276
  • 10
  • 87
  • 118
22
votes
4 answers

Signed INF driver works on the computer where it was signed, not others

My company purchased a Driver Signing Certificate from Go Daddy. I used it to sign a simple INF file that is a driver for some of our USB devices that use Microsoft's usbser.sys. Everything seems to work on the Windows 7 64-bit computer where I…
David Grayson
  • 84,103
  • 24
  • 152
  • 189
20
votes
1 answer

Why are signing keys so expensive?

I was looking into getting an authenticode signing key recently and am shocked by how expensive they are. This got me thinking -- most kinds of signing keys, whether Authenticode, SSL, etc. -- are extremely expensive. Is there a technical reason for…
Billy ONeal
  • 104,103
  • 58
  • 317
  • 552
20
votes
1 answer

.NET: Strong naming vs. Authenticode

Having read about strong names in .NET here, for example, I have the following question: We have an Authenticode code signing certificate with which we sign all our EXE, DLL and MSI files. The benefit of that is that Windows knows the MSI comes from…
Helge Klein
  • 8,829
  • 8
  • 51
  • 71
20
votes
3 answers

How to sign installation files of a Visual Studio .msi

I recently purchased an authenticode certificate from globalsign and am having problems signing my files for deployment. There are a couple of .exe files that are generated by a project and then put into a .msi. When I sign the .exe files with the…
Alex
  • 435
  • 1
  • 3
  • 11
18
votes
5 answers

How do I use signtool.exe correctly in hudson running as a service?

I just purchased a code signing cert (MS authenticode) from THAWTE and have installed it apparently on my build machine. I am logged in as a user and when I open a cmd prompt I can sign EXEs using the cert with signtool.exe. Unfortunately this same…
Tim
  • 20,184
  • 24
  • 117
  • 214
17
votes
1 answer

Signing an appxbundle using CryptUIWizDigitalSign API

I'm facing a rather interesting issue in regards to Authenticode signing an UWP appxbundle file. Some background: The client provided us with a SafeNet USB token containing the signing certificate. The private key is not exportable, of course. I…
mlinka
  • 195
  • 1
  • 8
16
votes
2 answers

Validate Authenticode signature on EXE - C++ without CAPICOM

I'm writing a function for an installer DLL to verify the Authenticode signature of EXE files already installed on the system. The function needs to: A) verify that the signature is valid. B) verify that the signer is our organization. Because…
Brian Gillespie
  • 3,213
  • 5
  • 27
  • 37
15
votes
4 answers

Reading multiple signatures from executable file

I am trying to write code that reads signatures (certificates) from DLLs or and EXEs. Most DLLs or EXEs have only one signature, and my code reads all certificates associated with this signature correctly. More specifically it reads signing cert,…
Dima
  • 699
  • 1
  • 6
  • 18
1
2 3
12 13