How to check a catalog file is signed and get certificate details

[ur]

I can check this though signtool.exe and it results in the text output though below command.

signtool.exe verify /v /pa "C:\test\ftdiport.cat"

And this result the output in verbose mode in command prompt or we can redirect it to a text file as below.

 

expandcollapse popup

Verifying: C:\test\ftdiport.cat

Signing Certificate Chain:
    Issued to: Class 3 Public Primary Certification Authority

    Issued by: Class 3 Public Primary Certification Authority

    Expires:   8/2/2028 5:29:59 AM

    SHA1 hash: 742C3192E607E424EB4549542BE1BBC53E6174E2


        Issued to: VeriSign Class 3 Code Signing 2004 CA

        Issued by: Class 3 Public Primary Certification Authority

        Expires:   7/16/2014 5:29:59 AM

        SHA1 hash: 197A4AEBDB25F0170079BB8C73CB2D655E0018A4


            Issued to: Future Technology Devices International Ltd

            Issued by: VeriSign Class 3 Code Signing 2004 CA

            Expires:   9/30/2010 5:29:59 AM

            SHA1 hash: 029E8FF6146EE9AEDA68092AB030057165B73A20


The signature is timestamped: 3/31/2010 6:10:55 PM

Timestamp Verified by:
    Issued to: Thawte Timestamping CA

    Issued by: Thawte Timestamping CA

    Expires:   1/1/2021 5:29:59 AM

    SHA1 hash: BE36A4562FB2EE05DBB3D32323ADF445084ED656


        Issued to: VeriSign Time Stamping Services CA

        Issued by: Thawte Timestamping CA

        Expires:   12/4/2013 5:29:59 AM

        SHA1 hash: F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D


            Issued to: VeriSign Time Stamping Services Signer - G2

            Issued by: VeriSign Time Stamping Services CA

            Expires:   6/15/2012 5:29:59 AM

            SHA1 hash: ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE


Successfully verified: C:\Users\ur00361883\Desktop\ftdiport.cat


Number of files successfully Verified: 1

Number of warnings: 0

Number of errors: 0

 

 

One option is to parse this file and I need to get below details.

Catalog file is Signed/Unsigned and Certificate issued for it and its expiry date.

Is there any option like some libraries instead of parsing this text file whether in c#,vbscript,autoit or powershell or any platform.

If no option, please guide me on how to parse this output.

 

Edited August 25, 2015 by ur

[Surya]

you can get the the output instead of redirecting it to a text file directly and do a _stringbetween to fetch what you need i will give you the code

[Surya]

can you please highlight from the text file you gave which you want to only pase out

[Danyfirex]

with the UDF I told you some days ago. I can be done. in the structure CERT_INFO you can get the NotAfter field (Date and time after which the certificate is not valid. )

Saludos

[ur]

with the UDF I told you some days ago. I can be done. in the structure CERT_INFO you can get the NotAfter field (Date and time after which the certificate is not valid. )

Saludos

But that is not for drivers/catalog files, it is only for exe files.

[Danyfirex]

Just need some changes to get expiry date of Catalog. It work with drivers I've tried out.

Saludos