Authenticode:
software publishers use authenticode to sign either a file or a collection of files(such as a driver package)
Microsoft Authenticode:
Authenticode belong to MS. (I believe it's a key which must be safely saved by microsoft)
digital certificate:
Also refered as signing certificate or authenticode certificate, it identify a publisher(exactly, the signer) and the issuer(CA) and it at least contains a public key and an authenticode. (I believe the info about the public key can be queried from CA)
thumbprint:
a (cryptographic) hash of a file(sha256? or something else?) or a package, the thumbprint can be used as the source of private key.
digital signature:
windows first calc the thumbprint of the file, then use the pulic key(public key and its publisher must previous verified) to decry the digital signature, if they two match, the digital signature is OK.
Trusted Publishers certificate store:
HKEY_LOCAL_MACHINE
Software
Microsoft
SystemCertificates
TrustedPublisher
or the curr user:
HKCU
Software
Microsoft
SystemCertificates
TrustedPublisher
and all certificates in HKEY_LOCAL_MACHINE are inherited by current user
Trusted Root Certification Authorities certificate store:
HKEY_LOCAL_MACHINE
Software
Microsoft
SystemCertificates
CA
Refer:
http://msdn.microsoft.com/en-us/library/windows/hardware/ff543743%28v=vs.85%29.aspx
http://technet.microsoft.com/en-us/library/cc962021.aspx
http://office.microsoft.com/en-us/excel-help/how-to-tell-if-a-digital-signature-is-trustworthy-HA001230875.aspx : How to tell if a digital signature of Office doc is trustworthy
Thank you for giving me an idea about digital signature. I received a file with a special kind of signature attached to it and was just wondering about it. Now I learn that it was a digital signature.
ReplyDeletedigital signature software