Jump to content
ur

How to check a catalog file is signed and get certificate details

Recommended Posts

ur

I can check this though signtool.exe and it results in the text output though below command.

signtool.exe verify /v /pa "C:\test\ftdiport.cat"

And this result the output in verbose mode in command prompt or we can redirect it to a text file as below.

 

Verifying: C:\test\ftdiport.cat

Signing Certificate Chain:
    Issued to: Class 3 Public Primary Certification Authority

    Issued by: Class 3 Public Primary Certification Authority

    Expires:   8/2/2028 5:29:59 AM

    SHA1 hash: 742C3192E607E424EB4549542BE1BBC53E6174E2


        Issued to: VeriSign Class 3 Code Signing 2004 CA

        Issued by: Class 3 Public Primary Certification Authority

        Expires:   7/16/2014 5:29:59 AM

        SHA1 hash: 197A4AEBDB25F0170079BB8C73CB2D655E0018A4


            Issued to: Future Technology Devices International Ltd

            Issued by: VeriSign Class 3 Code Signing 2004 CA

            Expires:   9/30/2010 5:29:59 AM

            SHA1 hash: 029E8FF6146EE9AEDA68092AB030057165B73A20


The signature is timestamped: 3/31/2010 6:10:55 PM

Timestamp Verified by:
    Issued to: Thawte Timestamping CA

    Issued by: Thawte Timestamping CA

    Expires:   1/1/2021 5:29:59 AM

    SHA1 hash: BE36A4562FB2EE05DBB3D32323ADF445084ED656


        Issued to: VeriSign Time Stamping Services CA

        Issued by: Thawte Timestamping CA

        Expires:   12/4/2013 5:29:59 AM

        SHA1 hash: F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D


            Issued to: VeriSign Time Stamping Services Signer - G2

            Issued by: VeriSign Time Stamping Services CA

            Expires:   6/15/2012 5:29:59 AM

            SHA1 hash: ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE


Successfully verified: C:\Users\ur00361883\Desktop\ftdiport.cat


Number of files successfully Verified: 1

Number of warnings: 0

Number of errors: 0

 

 

One option is to parse this file and I need to get below details.

Catalog file is Signed/Unsigned and Certificate issued for it and its expiry date.

Is there any option like some libraries instead of parsing this text file whether in c#,vbscript,autoit or powershell or any platform.

If no option, please guide me on how to parse this output.

 

Edited by ur

Share this post


Link to post
Share on other sites
Danyfirex

with the UDF I told you some days ago. I can be done. in the structure CERT_INFO you can get the NotAfter field (Date and time after which the certificate is not valid. )

Saludos

Share this post


Link to post
Share on other sites
ur

with the UDF I told you some days ago. I can be done. in the structure CERT_INFO you can get the NotAfter field (Date and time after which the certificate is not valid. )

Saludos

But that is not for drivers/catalog files, it is only for exe files.

Share this post


Link to post
Share on other sites
Danyfirex

Just need some changes to get expiry date of Catalog. It work with drivers I've tried out.

Saludos

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • toofat
      By toofat
      Not a real GUI but a front-end but it works for what I'm using it for.
      Newer versions of SignTool and MakeCert can be downloaded as part of Windows SDK.
      Newer versions of OpenSSL can be downloaded from https://bintray.com/vszakats/generic/openssl.
      This is my try to give back to community that has given so much to me over this years. Hope someone finds some use for this.
       
      Digital Signature Kit.7z
      DigitalSign.au3
    • argumentum
      By argumentum
       
    • DrLarch
      By DrLarch
      Curious if anyone knows if the permissions UDF can be used with certificates and if so, how.
      This is the code in the UDF for $_SE_OBJECT_TYPE which doesn't state anything about certs and not sure if it would fall under one of the object types listed:
      Global Enum _ ;$_SE_OBJECT_TYPE $SE_UNKNOWN_OBJECT_TYPE = 0, _ ;Unknown object type. $SE_FILE_OBJECT, _ ;Indicates a file or directory. Can be an absolute path, such as FileName.dat, C:\DirectoryName\FileName.dat, or a handle to an opened file $SE_SERVICE, _;Indicates a Windows service. A service object can be a local service, such as ServiceName, or a remote service, such as \\ComputerName\ServiceName, or a handle to a service $SE_PRINTER, _;Indicates a printer. A printer object can be a local printer, such as PrinterName, or a remote printer, such as \\ComputerName\PrinterName. $SE_REGISTRY_KEY, _;Indicates a registry key. The names can be in the format 'HKLM\SOFTWARE\Example', or 'HKEY_LOCAL_MACHINE\SOFTWARE\Example'. It can also be a handle to a registry key $SE_LMSHARE, _;Indicates a network share. A share object can be local, such as ShareName, or remote, such as \\ComputerName\ShareName. $SE_KERNEL_OBJECT, _;Indicates a local kernel object. All types of kernel objects are supported. ie, A process handle obtained with _Permissions_OpenProcess $SE_WINDOW_OBJECT, _;Indicates a window station or desktop object on the local computer. $SE_DS_OBJECT, _;Indicates a directory service object or a property set or property of a directory service object. e.g.CN=SomeObject,OU=ou2,OU=ou1,DC=DomainName,DC=CompanyName,DC=com,O=internet $SE_DS_OBJECT_ALL, _;Indicates a directory service object and all of its property sets and properties. $SE_PROVIDER_DEFINED_OBJECT, _;Indicates a provider-defined object. $SE_WMIGUID_OBJECT, _;Indicates a WMI object. $SE_REGISTRY_WOW64_32KEY;Indicates an object for a registry entry under WOW64. ;$_SE_OBJECT_TYPE What I'm trying to do is add another user to a cert in Certificates (Local  Computer) > Personal > Certificates as if using the "manage private keys" command via the MMC.
      Thanks...
    • Luigi
      By Luigi
      Greetings,
      I want use WinHttpRequest to access a OpenShift API server, it use a self signed certificate.
      Does now work...
      I never try with a self signed certificate, how do this?
      Best regards
      Global $oHTTP = ObjCreate("winhttp.winhttprequest.5.1") $oHTTP.Open("GET", "https://openshift.domain:1234/api/", False) $oHttp.Option(4) = 0x0100 + 0x0200 + 0x1000 + 0x2000 $oHTTP.Option(9) = 0x0080 ;WinHttpRequestOption_SecureProtocols ;~ $oHttp.SetClientCertificate("LOCAL_MACHINE\\Personal\\certificado.crt") $oHttp.Send() $oHttp.WaitForResponse() Local $oAllHeaders = $oHttp.GetAllResponseHeaders() $oReceived = $oHttp.ResponseText $oStatusCode = $oHttp.Status $oHttp = 0 If $oStatusCode = 200 Then ConsoleWrite("$oAllHeaders--------------------" & @LF & $oAllHeaders & "$oAllHeaders--------------------" & @LF) Else ConsoleWrite("< error = " & $oReceived & @LF & $oAllHeaders & @LF) EndIf  
    • colombeen
      By colombeen
      Hi guys,
      I have a pretty advanced question...
       
      This is the issue i'm facing :
      On a regular basis we need to install pfx certificates (with password protection) on devices from external companies.
      To install the certificate we always have to contact the user, setup a really dull and long process to get an RDP session to that device, install the certificate.
       
      I'm looking for :
      a way to generate exe files on the fly, that will include the pfx file and password, and automatically install them without any interaction from the user, and the user not being able to retrieve the password to install the certificate.
       
      Question :
      Is this possible with AutoIT? And if so, does anyone have a working example for the certificate installation part or the auto generate with file include?
       
      Thx in advance
      colombeen
×