System hacks: program digital signature figure out but also can use

Many formal programs have their own digital signatures. A digital signature is a record of information that verifies the authenticity of all files created digitally, and is information that can only be generated by the sender of the message and cannot be forged by anyone else. All files can be digitally signed, but we most often use program signatures, and many installation files add digital signatures to allow users to verify their authenticity. So, how do you view and verify the digital signature of a file? Three methods are described below.

The first can be done through File Explorer for digital signature verification. Select a file to be verified, such as a Photoshop program file, right-click and select “Properties” from the shortcut menu to open the program file properties window. If you see the “Digital Signature” tab, the program has been digitally signed (Figure 1).

1817A-SZQM-1

If the software is not digitally signed, right-clicking on the software and displaying its properties window, the “Digitally Signed” tab will not appear. But this does not mean that the software cannot be installed or run, you will find an EXE green program that is not digitally signed, but still runs normally. Microsoft will make a protective prompt for unsigned driver installations, but the choice is up to the user, which can be solved by selecting “Disable mandatory driver signing” in the advanced startup settings.

Click the “Details” button under the “Digital Signature” tab to see the specific information about the program’s signature, including the name of the signer, email and time of signature (Figure 2).

1817A-SZQM-2

Click the “View Certificate” button to view the details of the signed certificate, including the purpose of issuing the certificate, the issuer and the person to whom the certificate is issued, the validity period of the certificate, the details of the certificate, the path of the certificate, etc.

If it is a trusted software, you can install the certificate and let the system release the software. Click “Install Certificate” to bring up the “Certificate Import Wizard”, and install it according to the wizard. The “Advanced” tab in the “Digital Signature Details” window allows you to see the serial number, algorithm, and other information.

In addition, DigiCert Certificate Utility software can also be used to verify digital signatures. After running the software, click the “I Accept” button to accept the terms of use. After entering the main interface, click on the Code Signing item in the left column, then click on the Check Signature button in the toolbar at the top of the right pane, then find the program you want to check the certificate for in the file dialog window and click on the Open button (Figure 3).

1817A-SZQM-3

In the certificate verification pop-up window, if both round buttons are shown in green, it means that both digital signature and timestamp are valid (Figure 4).

1817A-SZQM-4

There is a SignTool tool in the Microsoft Windows 10 SDK suite that also verifies the digital signature of programs. Since the SDK is mainly aimed at developers, the component is not included in everyday Windows use and needs to be downloaded and installed. Once installed, verify the signed file with the following command.

signtool verify MyFile.exe

Leave a Comment