Vernacular digital signature (additional article)-signature EXE file (lower part)

Source: Internet
Author: User


If we. EXE, right-click it, and click "properties". The digital signature page is not displayed, but the signature can be successfully verified in process explorer. What is the problem?

Two Methods for signing an EXE file

In the previous article, if we. EXE, right-click it, and click "properties". The digital signature page is not displayed, but the signature can be successfully verified in process explorer. What is the problem? This is because there are two methods to sign the EXE file: 1. embed the signature data into the EXE file, which is the method described in the previous article. 2. store the signature data to one. in cat files, most programs and drivers in Windows use this method. Therefore, the signature information cannot be found in file properties, but the signature can be successfully verified using process explorer. The following describes the signature method.

Use the secure catalog (. Cat) file to sign the EXE file

Step 1:First, create a directory "C: \ signdemo" under drive C for convenience ". Then copy the unsigned exefile named mathlover121.exe to this directory.Step 2:Create a text file named "123soft. CDF.

Step 3:Download this makecat.rar, decompress it, and copy it to "C: \ signdemo ".

Note that makecat.exe is released with SDK 3.0, So I uploaded it here for convenience.

Step 4:Open the command line and run the "makecat-V 123soft. CDF" command to generate the "123soft. Cat" file.Step 5:Open the command line, run the "signtool signwizard" command, open the signature wizard, and sign the "123soft. Cat" file using the same method as in the previous article.

Step 6:The test3soft.catfile contains the digital signature of mathlover121.exe. Use the "signtool verify-v-pa-C 123soft. Cat mathlover121.exe" command.

Step 7:Verify the signature in automatic mode (without explicitly providing the cat file) because we have not imported 123soft. CAT into the operating system's secure Catalog Database.Step 8:Add 123soft. Cat to the operating system's security catalog database. Run the "signtool catdb-V 123soft. Cat" command on the command line.Step 9:Redo the test in Step 7 and find that the signature can be successfully verified.Step 10:Verify the signature of mathlover121.exe in process assumer.Note:In step 2 above, 123soft. the file list in CDF must be written as "Signature MP3

The embedded signature method can only sign a limited number of file formats, but the cat file method can be used to sign files in any format. The following describes how to sign an MP3 file.Step 1:Copy an MP3 file to "C: \ signdemo ".Step 2:Add the file name to the 123soft. CDF file.Step 3:Re-Generate and sign the cat file according to the previous method.Step 4:Verify the signature.


Kernel-mode CODe signing Walkthrough
Microsoft Authenticode Reference Guide # C # column

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.