authenticode

I have a large number of EXE files and need to figure out which ones have digital signatures. Does anyone know if there is a way to check without access to WinVerifyTrust (they're all on a Unix server). I can't seem to find any information on where the digital signature actually is inside the EXE. If I could find out where it is I might be able to open the file and fseek to a location to test. I don't need to do "real" verification on the certificate, I just want to see if a digital signature is present (or, more importantly, NOT present) without having to use WinVerifyTrust. As mentioned

I've been struggling for awhile to amend this code sample from Microsoft that shows (somewhat outdated) way how to retrieve a code signature information from an executable file. It works but it doesn't retrieve information if a binary file is dual-signed. So I did some research and tried to rewrite it to make it recognize dual-signatures that are present in many modern executables in Windows. Unfortunately there are very few (nebulous) suggestion available ( 1 ), ( 2 ), such as those to use UnauthenticatedAttributes and szOID_NESTED_SIGNATURE (whatever that means) but only to retrieve a time

I am writing an assembly information application to be used in our software build process and am trying to read the digital signature information from a signed .Net assembly. I want to do in my C# code what Windows Explorer can do by right-clicking a signed assembly and selecting the "Digital Signatures" tab and then clicking the Details button. e.g. Has anyone got an idea how to do this programmatically in C#? I am currently using the Mono Cecil library to get the rest of the information from the assembly. Your help will be most appreciated. The Mono project provides source code for both

I am trying to write code that reads signatures (certificates) from DLLs or and EXEs. Most DLLs or EXEs have only one signature, and my code reads all certificates associated with this signature correctly. More specifically it reads signing cert, it's issuer (not root), countersigning cert (with timestamp) and its issuer (not root). I have 2 sample programs in C++ and C#, they both return the same certs. This is C# code, C++ is 100 times longer :) static void Main(string[] args) { X509Certificate2Collection collection = new X509Certificate2Collection(); collection.Import(args[0]); } But there

There are many sites that explain how to run signtool.exe on a .pfx certificate file, which boil down to: signtool.exe sign /f mycert.pfx /p mypassword /t http://timestamp.server.com \ /d "My description" file1.exe file2.exe I have a continuous integration CI process setup (using TeamCity) which like most CI processes, does everything: checks out source, compiles, signs all .exes, packages into an installer, and signs the installer .exe. There are currently 3 build agents, running identical VMs, and any of them can run this process. Insecure implementation To accomplish this today, I do a