Authenticode signature

Authenticode is a code-signing system used by Microsoft Windows. By Authenticode signature, we mean the set of changes that must be made to a file to digitally sign it. The main change is to embed a digital certificate, usually a DER-encoded PKCS#7 certificate.

Only a few file formats are supported, mainly PE and CAB.

Specifications

 * Windows Authenticode Portable Executable Signature Format

Software

 * SignTool
 * Authenticode signature data extraction tool
 * Microsoft Windows can display and export signature information. E.g. right-click on a signed file in Explorer, choose Properties → Digital Signatures → etc.

Links

 * MSDN: Authenticode
 * Signing and Checking Code with Authenticode Certificates
 * PE Format: Appendix A: Calculating Authenticode PE Image Hash
 * Code signing
 * Digital signature