Signtool
Purpose
This is an investigation of the Microsoft CryptoAPI. This must be the worst documented and implemented API of all time. Although more information seems to be released every day.
This application can query, verify and sign an Authenticode (Microsoft Copyrighted word!) signed file and report some information on it.
Operating Systems
Currently there is support for the following operating systems:
- Microsoft Windows
Comments
This program is seriously beta and expect it to have lots of bugs. It was developed under Borland C++ Builder 5.0. It is released under a "Do what you want with it license". It is just me playing and sharing my attempts with you. The guarantee is therefore of the nature that if it breaks, you get to keep all the little and big pieces.
It is quite important to read the README distributed with the source. Without it it is a lot of work to figure out how to compile this.
From version 0.2.0 you need CAPICOM installed.
Known Bugs
- The CAPICOM version of signing a file assumes that there is only one key in the MY keystore that can be used to sign a file
Download
| Version | Release Date | MS SDK Date Required |
|---|---|---|
| 0.3.0 | 1 February 2003 | October 2002 |
| 0.2.0 | 11 October 2002 | August 2002 |
| 0.1.0 | 23 August 2002 |