/build/static/layout/Breadcrumb_cap_w.png

How to check a catalog file is signed

I can check this though signtool.exe and it results in the text output though below command.

signtool.exe verify /v /pa "C:\test\ftdiport.cat"

And this result the output in verbose mode in command prompt or we can redirect it to a text file as below.



Verifying: C:\Users\ur00361883\Desktop\ftdiport.cat

Signing Certificate Chain:
Issued to: Class 3 Public Primary Certification Authority

Issued by: Class 3 Public Primary Certification Authority

Expires: 8/2/2028 5:29:59 AM

SHA1 hash: 742C3192E607E424EB4549542BE1BBC53E6174E2


Issued to: VeriSign Class 3 Code Signing 2004 CA

Issued by: Class 3 Public Primary Certification Authority

Expires: 7/16/2014 5:29:59 AM

SHA1 hash: 197A4AEBDB25F0170079BB8C73CB2D655E0018A4


Issued to: Future Technology Devices International Ltd

Issued by: VeriSign Class 3 Code Signing 2004 CA

Expires: 9/30/2010 5:29:59 AM

SHA1 hash: 029E8FF6146EE9AEDA68092AB030057165B73A20


The signature is timestamped: 3/31/2010 6:10:55 PM

Timestamp Verified by:
Issued to: Thawte Timestamping CA

Issued by: Thawte Timestamping CA

Expires: 1/1/2021 5:29:59 AM

SHA1 hash: BE36A4562FB2EE05DBB3D32323ADF445084ED656


Issued to: VeriSign Time Stamping Services CA

Issued by: Thawte Timestamping CA

Expires: 12/4/2013 5:29:59 AM

SHA1 hash: F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D


Issued to: VeriSign Time Stamping Services Signer - G2

Issued by: VeriSign Time Stamping Services CA

Expires: 6/15/2012 5:29:59 AM

SHA1 hash: ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE


Successfully verified: C:\Users\ur00361883\Desktop\ftdiport.cat


Number of files successfully Verified: 1

Number of warnings: 0

Number of errors: 0


One option is to parse this file and I need to get below details.

Catalog file is Signed/Unsigned and Certificate issued for it and its expiry date.

Is there any option like some libraries instead of parsing this text file whether in c#,vbscript,autoit or powershell or any platform.

If no option, please guide me on how to parse this output.


0 Comments   [ + ] Show comments

Answers (1)

Posted by: jagadeish 8 years ago
Red Belt
0

Comments:
  • Hi jagadeish,

    Thanks for the tool.But again we need to parse the output as a string data.But is there any direct dll or API to read the content.

    If no option, please guide me on how to parse this output. - ur00361883 8 years ago
  • Hi Jagadeish,
    Can you help me hoe to get Certificate issued by and Certificate expiry date of the catalog. - ur00361883 8 years ago
  • Sigcheck is showing a catalog as unsigned if it is signed also but if it is not trusted.How to differentiate it? - ur00361883 8 years ago
    • ok. did you see this link
      http://www.pinvoke.net/default.aspx/wintrust.winverifytrust
      http://www.pinvoke.net/default.aspx/wintrust.IsCatalogFile - jagadeish 8 years ago
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ