{"id":18894103,"url":"https://github.com/trailofbits/uthenticode","last_synced_at":"2025-04-05T04:08:21.857Z","repository":{"id":37898157,"uuid":"254778492","full_name":"trailofbits/uthenticode","owner":"trailofbits","description":"A cross-platform library for verifying Authenticode signatures","archived":false,"fork":false,"pushed_at":"2025-02-21T21:10:37.000Z","size":603,"stargazers_count":147,"open_issues_count":11,"forks_count":34,"subscribers_count":33,"default_branch":"master","last_synced_at":"2025-03-28T20:36:50.052Z","etag":null,"topics":["authenticode","code-signing","cpp","cryptography","hacktoberfest"],"latest_commit_sha":null,"homepage":"https://trailofbits.github.io/uthenticode/","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/trailofbits.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-04-11T02:36:25.000Z","updated_at":"2025-03-26T08:43:48.000Z","dependencies_parsed_at":"2024-03-18T20:39:32.964Z","dependency_job_id":"75b1e8d7-c279-4b62-8c42-b46a8a0a1cc0","html_url":"https://github.com/trailofbits/uthenticode","commit_stats":null,"previous_names":[],"tags_count":23,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trailofbits%2Futhenticode","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trailofbits%2Futhenticode/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trailofbits%2Futhenticode/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trailofbits%2Futhenticode/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/trailofbits","download_url":"https://codeload.github.com/trailofbits/uthenticode/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247284941,"owners_count":20913704,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authenticode","code-signing","cpp","cryptography","hacktoberfest"],"created_at":"2024-11-08T08:17:56.921Z","updated_at":"2025-04-05T04:08:21.804Z","avatar_url":"https://github.com/trailofbits.png","language":"C++","readme":"# uthenticode\n\n[![Tests](https://github.com/trailofbits/uthenticode/actions/workflows/tests.yml/badge.svg)](https://github.com/trailofbits/uthenticode/actions/workflows/tests.yml)\n\n*uthenticode* (stylized as *μthenticode*) is a small cross-platform library for\npartially verifying [Authenticode](https://docs.microsoft.com/en-us/windows-hardware/drivers/install/authenticode)\ndigital signatures.\n\n\u003e [!WARNING]\\\n\u003e This is not a full implementation of Authenticode; you **must not** use it in a way that assumes\n\u003e that its results are equivalent to verification on a Windows machine. See the [caveats](#caveats)\n\u003e below for more details.\n\n[Read our blog post on verifying Windows binaries without Windows!](https://blog.trailofbits.com/2020/05/27/verifying-windows-binaries-without-windows/)\n\n## What?\n\nAuthenticode is Microsoft's code signing technology, designed to allow signing\nand verification of programs.\n\n*μthenticode* is a cross-platform reimplementation of the verification side of\nAuthenticode. It doesn't attempt to provide the signing side.\n\n## Why?\n\nBecause the official APIs (namely, the `Wintrust` API) for interacting with\nAuthenticode signatures are baked deeply into Windows, making it difficult to\nverify signed Windows executables on non-Windows hosts.\n\nOther available solutions are deficient:\n\n* WINE implements most of `Wintrust`, but is a massive (and arguably non-native)\n  dependency for a single task.\n* [`osslsigncode`](https://github.com/mtrojnar/osslsigncode) can add signatures\n  and check timestamps, but is CLI-focused.\n\n## Caveats\n\n*μthenticode* is **not** identical to the `Wintrust` API. Crucially, it\n**cannot** perform full-chain verifications of Authenticode signatures, as it\nlacks access to the Trusted Publishers store.\n\nYou can use *μthenticode* to cryptographically verify the embedded chain.\nYou **must not** assume that a \"verified\" binary from *μthenticode*'s\nperspective will run on an unmodified Windows system. We make no claim that\n*μthenticode*'s implementation of the Authenticode certificate policy is\ncomplete.\n\n## Building\n\n*μthenticode* depends on [pe-parse](https://github.com/trailofbits/pe-parse)\nand OpenSSL 3.0 or higher, which are installed via `vcpkg` by following these steps:\n\n```bash\n# or set this in your shell environment/profile\nexport VCPKG_ROOT=/path/to/vcpkg\n\ncmake -B build -S . --preset default\ncmake --build build\n\n# the default install prefix is the build directory;\n# use CMAKE_INSTALL_PREFIX to modify it\ncmake --build build --target install\n```\n\nIf you have `doxygen` installed, you can build *μthenticode*'s documentation\nwith the top-level `Makefile`:\n\n```bash\nmake doc\n```\n\nPre-built (master) documentation is hosted\n[here](https://trailofbits.github.io/uthenticode/).\n\nYou can build the (gtest-based) unit tests with `-DBUILD_TESTS=1`.\n\n## Usage\n\n*μthenticode*'s public API is documented in `uthenticode.h` and in the Doxygen\ndocumentation (see above).\n\nThe `svcli` utility also provides a small example of using *μthenticode*'s APIs.\nYou can build it by passing `-DBUILD_SVCLI=1` to `cmake`:\n\n```bash\ncmake -DBUILD_SVCLI=1 -B build -S . -DCMAKE_TOOLCHAIN_FILE=\u003cvcpkg-path\u003e/scripts/buildsystems/vcpkg.cmake\ncmake --build build\n./build/src/svcli/svcli /path/to/some.exe\n```\n\n## Resources\n\nThe following resources were essential to *uthenticode*'s development:\n\n* The [`osslsigncode`](https://github.com/mtrojnar/osslsigncode) codebase\n* ClamAV's [Authenticode documentation](https://www.clamav.net/documents/microsoft-authenticode-signature-verification)\n* Microsoft's\n  [Authenticode specification](http://download.microsoft.com/download/9/c/5/9c5b2167-8017-4bae-9fde-d599bac8184a/Authenticode_PE.docx)\n  (circa 2008)\n* Peter Gutmann's [Authenticode format notes](https://www.cs.auckland.ac.nz/~pgut001/pubs/authenticode.txt)\n* [RFC5652](https://tools.ietf.org/html/rfc5652)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrailofbits%2Futhenticode","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftrailofbits%2Futhenticode","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrailofbits%2Futhenticode/lists"}