Can pefile get the "DigitalSign"?

[GoogleCodeExporter]

pefile is very powerful, the header info, version info, but where is
"DigitalSign"?

Original issue reported on code.google.com by fengmk2 on 25 Jun 2008 at 3:59

[GoogleCodeExporter]

I assume you want pefile to parse the Authenticode PE signature and provide 
access to the fields. Do you have 
any specific use-case in mind?

Original comment by ero.carr...@gmail.com on 25 Jun 2008 at 10:15

• Added labels: Type-Enhancement
• Removed labels: Type-Defect

[GoogleCodeExporter]

just like below:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at
https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, 
Inc.",
C=US; OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", 
C=US

Original comment by fengmk2 on 25 Jun 2008 at 1:30

• Added labels: ****
• Removed labels: ****

Attachments:

• qq_digital.jpg

[GoogleCodeExporter]

I want to check is the PE contain a valid digital signature ..

Original comment by fengmk2 on 25 Jun 2008 at 1:34

• Added labels: ****
• Removed labels: ****

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

I found ‘IMAGE_DIRECTORY_ENTRY_SECURITY’in pefile, but there is no parser...

I also see the pecoff.doc(1999) and pecoff_v8.docx, and found about '5.7 The
Attribute Certificate Table' is different between the two Specification . see 
the two
file image I upload.

Original comment by fengmk2 on 26 Jun 2008 at 6:44

• Added labels: ****
• Removed labels: ****

Attachments:

• cert1999.jpg
• cert_v8.jpg

[GoogleCodeExporter]

I recommend using "verify-sigs" (http://code.google.com/p/verify-sigs/) 

Original comment by ero.carr...@gmail.com on 1 Aug 2011 at 7:20

• Changed state: Fixed
• Added labels: ****
• Removed labels: ****