Click to return to the Security     
Authenticode Glossary     Signing Code with Microso...    
Web Workshop  |  Security & Cryptography

Appendix A: Required Files


To use Microsoft® Authenticode™, a set of client files, publishing tools, and a signing DLL are required.

Client files include the following:

Publishing tools and the signing DLL include the following:

MakeCert.exeCreates an X.509 certificate for testing purposes only.
Cert2SPC.exeCreates an SPC for testing purposes only.
SignCode.exeSigns and time stamps a file.
ChkTrust.exeChecks the validity of the file.
MakeCTL.exeCreates a certificate trust list.
CertMgr.exeManages certificates, CTLs, and CRLs.
SetReg.exeSets registry keys controlling certificate verification.
Signer.dllPerforms signing.

Appendix B: The X.509 Certificate


The X.509 protocols include a structure for public-key certificates. A certificate authority (CA) assigns a unique name to each user and issues a signed certificate containing this name and the user's public key. The following diagram shows an X.509 certificate.

X.509 certificate

These are the meanings for each field:

FieldMeaning
VersionNumber identifying the certificate format.
Serial NumberValue unique to the CA.
Algorithm IdentifierAlgorithm used to sign the certificate, together with any necessary parameters.
IssuerName of the CA.
Period of ValidityDates between which the certificate is valid.
SubjectName of the user.
Subject's Public KeyPublic key of the user, any necessary parameters, and its algorithm name.
SignatureSignature of the CA.

Appendix C: Suggested Reading


The topic of digital signing is discussed more fully in the following documents:



Back to topBack to top

Did you find this topic useful? Suggestions for other topics? Write us!

© 1999 Microsoft Corporation. All rights reserved. Terms of use.