Back to product page
SignEXE method
Creates digital signature of the executable
Type
NoneSyntax
- Basic
object.SignEXE Data, OutBlob, TimestampURL, Description, URL
The SignEXE(object,Data,OutBlob,TimestampURL,Description,URL) syntax has these parts:
The SignEXE(object,Data,OutBlob,TimestampURL,Description,URL) syntax has these parts:
object | An expression evaluating to an object of type wodCrypt. |
Data | Required. A Blob object. Contains data to be signed. |
OutBlob | Required. A Blob object. Contains blob where signed file will be saved. |
TimestampURL | Optional. A Variant value. Holds URL to timestamp service. |
Description | Optional. A Variant value. Holds custom description of signed file. |
URL | Optional. A Variant value. Holds URL that is related to signed file. |
Remarks
The SignEXE method can be used to sign executables using Microsoft Authenticode Technology. This technology identifies the publisher of signed software and verifies that it hasn't been tampered with. wodCrypt can easily produce those signatures, assuming you have code signing digital certificate.You should provide TimestampURL during digital signature to have your signature signed for specific date. This is actually important step - without it someone could sign data with expired certificates. There are two URLs you can choose from: http://timestamp.verisign.com/scripts/timstamp.dll and http://timestamp.comodoca.com/authenticode .
You can provide Description and URL that are sometimes shown by the Windows OS based on actions user is making with your executable.
You can check signature using VerifyEXE method.
Code sample
- Basic
In order to sign the executable (or the DLL), you should
1. Load your certificate and the private key
Dim cert As New Certificate
cert.LoadKey "path to your private.key"
cert.Load "path to your certificate.cer"
2. Define FileBlob for original file, and FileBlob for destionation (signed) file
Dim srcfile As New FileBlob
srcfile.FileName = "C:\windows\notepad.exe"
Dim destfile As New FileBlob
destfile.FileName = "C:\windows\signed.exe"
3. Pass those references to wodCrypt
Set Crypt1 = New wodCryptCom
Crypt1.SecretKey = cert
Crypt1.SignEXE srcfile, destfile, "http://timestamp.verisign.com/scripts/timstamp.dll", "My description", "http://my.url.com"
Result of above code is signed file saved as C:\windows\signed.exe . If you go to explorer and right-click on that file, and select 'Properties', you should see that new 'Digital Signature' tab has appeared, where 'Digital signature is OK' is shown. Any changes to the file will cause this signature to be removed, or to show text that 'Signature is invalid'.
1. Load your certificate and the private key
Dim cert As New Certificate
cert.LoadKey "path to your private.key"
cert.Load "path to your certificate.cer"
2. Define FileBlob for original file, and FileBlob for destionation (signed) file
Dim srcfile As New FileBlob
srcfile.FileName = "C:\windows\notepad.exe"
Dim destfile As New FileBlob
destfile.FileName = "C:\windows\signed.exe"
3. Pass those references to wodCrypt
Set Crypt1 = New wodCryptCom
Crypt1.SecretKey = cert
Crypt1.SignEXE srcfile, destfile, "http://timestamp.verisign.com/scripts/timstamp.dll", "My description", "http://my.url.com"
Result of above code is signed file saved as C:\windows\signed.exe . If you go to explorer and right-click on that file, and select 'Properties', you should see that new 'Digital Signature' tab has appeared, where 'Digital signature is OK' is shown. Any changes to the file will cause this signature to be removed, or to show text that 'Signature is invalid'.
You can also use Certificate from the registry instead of loading it from the file as in above example. For instance, something like this would work just fine as step 1.
Dim CertLoc As New CertLocation
Dim c As Certificate
Set c = CertLoc(CurrentUser).Item("My").Item("WeOnlyDo Software")
Dim CertLoc As New CertLocation
Dim c As Certificate
Set c = CertLoc(CurrentUser).Item("My").Item("WeOnlyDo Software")