Security Investigate

Windows Authenticode Portable Executable Signature Format

Download now Free registration required

Executive Summary

Authenticode is a digital signature format that is used to determine the origin and integrity of software binaries. Authenticode is based on Public-Key Cryptography Standards (PKCS) #7 signed data and X.509 certificates to bind an Authenticode-signed binary to the identity of a software publisher. This paper contains the structure and technical details of the Authenticode signature format. This paper does not discuss issuing or processing X.509 code signing certificates, use of Windows Software Development Kit tools to sign binaries, deployment of a code signing infrastructure, or related Windows APIs. Information on these topics is available in "Resources" at the end of this paper.

  • Format: WORD
  • Size: 116.2 KB