Can pefile get the "DigitalSign"?

djhenderson / pefile

Automatically exported from code.google.com/p/pefile

Other

0 stars 0 forks source link

Can pefile get the "DigitalSign"? #3

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

pefile is very powerful, the header info, version info, but where is
"DigitalSign"?

Original issue reported on code.google.com by fengmk2 on 25 Jun 2008 at 3:59

GoogleCodeExporter commented 9 years ago

I assume you want pefile to parse the Authenticode PE signature and provide 
access to the fields. Do you have 
any specific use-case in mind?

Original comment by ero.carr...@gmail.com on 25 Jun 2008 at 10:15

Added labels: Type-Enhancement
Removed labels: Type-Defect

GoogleCodeExporter commented 9 years ago

just like below:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at
https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, 
Inc.",
C=US; OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", 
C=US

Original comment by fengmk2 on 25 Jun 2008 at 1:30

Attachments:

qq_digital.jpg

GoogleCodeExporter commented 9 years ago

I want to check is the PE contain a valid digital signature ..

Original comment by fengmk2 on 25 Jun 2008 at 1:34

GoogleCodeExporter commented 9 years ago

[deleted comment]

GoogleCodeExporter commented 9 years ago

I found ‘IMAGE_DIRECTORY_ENTRY_SECURITY’in pefile, but there is no parser...

I also see the pecoff.doc(1999) and pecoff_v8.docx, and found about '5.7 The
Attribute Certificate Table' is different between the two Specification . see 
the two
file image I upload.

Original comment by fengmk2 on 26 Jun 2008 at 6:44

Attachments:

GoogleCodeExporter commented 9 years ago

I recommend using "verify-sigs" (http://code.google.com/p/verify-sigs/)

Original comment by ero.carr...@gmail.com on 1 Aug 2011 at 7:20

Changed state: Fixed