I can check this though signtool.exe and it results in the text output though below command.

signtool.exe verify /v /pa "C:\test\ftdiport.cat"

And this result the output in verbose mode in command prompt or we can redirect it to a text file as below.



Verifying: C:\Users\ur00361883\Desktop\ftdiport.cat

Signing Certificate Chain:
Issued to: Class 3 Public Primary Certification Authority

Issued by: Class 3 Public Primary Certification Authority

Expires: 8/2/2028 5:29:59 AM

SHA1 hash: 742C3192E607E424EB4549542BE1BBC53E6174E2


Issued to: VeriSign Class 3 Code Signing 2004 CA

Issued by: Class 3 Public Primary Certification Authority

Expires: 7/16/2014 5:29:59 AM

SHA1 hash: 197A4AEBDB25F0170079BB8C73CB2D655E0018A4


Issued to: Future Technology Devices International Ltd

Issued by: VeriSign Class 3 Code Signing 2004 CA

Expires: 9/30/2010 5:29:59 AM

SHA1 hash: 029E8FF6146EE9AEDA68092AB030057165B73A20


The signature is timestamped: 3/31/2010 6:10:55 PM

Timestamp Verified by:
Issued to: Thawte Timestamping CA

Issued by: Thawte Timestamping CA

Expires: 1/1/2021 5:29:59 AM

SHA1 hash: BE36A4562FB2EE05DBB3D32323ADF445084ED656


Issued to: VeriSign Time Stamping Services CA

Issued by: Thawte Timestamping CA

Expires: 12/4/2013 5:29:59 AM

SHA1 hash: F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D


Issued to: VeriSign Time Stamping Services Signer - G2

Issued by: VeriSign Time Stamping Services CA

Expires: 6/15/2012 5:29:59 AM

SHA1 hash: ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE


Successfully verified: C:\Users\ur00361883\Desktop\ftdiport.cat


Number of files successfully Verified: 1

Number of warnings: 0

Number of errors: 0


One option is to parse this file and I need to get below details.

Catalog file is Signed/Unsigned and Certificate issued for it and its expiry date.

Is there any option like some libraries instead of parsing this text file whether in c#,vbscript,autoit or powershell or any platform.

If no option, please guide me on how to parse this output.

0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Answers

0
Answered 08/26/2015 by: jagadeish
Red Belt

  • Hi jagadeish,

    Thanks for the tool.But again we need to parse the output as a string data.But is there any direct dll or API to read the content.

    If no option, please guide me on how to parse this output.
  • Hi Jagadeish,
    Can you help me hoe to get Certificate issued by and Certificate expiry date of the catalog.
  • Sigcheck is showing a catalog as unsigned if it is signed also but if it is not trusted.How to differentiate it?
    • ok. did you see this link
      http://www.pinvoke.net/default.aspx/wintrust.winverifytrust
      http://www.pinvoke.net/default.aspx/wintrust.IsCatalogFile
Please log in to comment
Answer this question or Comment on this question for clarity