Click to return to the Security     
Signing and Checking Code...     Appendixes     Signing Code with Microso...    
Web Workshop  |  Security & Cryptography

Authenticode Glossary


X.509 Certificate

A cryptographic certificate that contains a vendor's unique name and the vendor's public key.

PKCS #7 Signed Data

A Public Key Certificate Standard #7 (PKCS #7) signed-data object encapsulates the information used to sign a file. Typically, it includes the signer's certificate and the root certificate.

Certification Authority (CA)

A trusted entity that makes a statement (represented by an X.509 certificate) about the authenticity of another certificate.

Cryptographic Digest

A one-way hash function that takes a variable-length input string and converts it to a fixed-length output string (called a cryptographic digest.) This fixed-length output string is probabilistically unique for every different input string and thus can act as a fingerprint of a file. When a file with a cryptographic digest is downloaded, the receiver recomputes the digest. If the output string matches the digest contained in the file, the receiver has proof that the received file was not tampered with and is identical to the file originally sent.

Local Registration Authority (LRA)

An intermediary between a publisher and a CA. The LRA can, for example, verify a publisher's credentials before sending them to the CA.

Portable Executable (PE) Image

The standard Win32® executable format.

Software Publishing Certificate (SPC)

A PKCS #7 signed-data object containing X.509 certificates.

Trust Provider

The software that decides whether a given file is trusted. This decision is based on the certificate associated with the file.

WIN_CERTIFICATE

A Win32® data structure that contains either a PKCS #7 signed-data object or an X.509 certificate.



Back to topBack to top

Did you find this topic useful? Suggestions for other topics? Write us!

© 1999 Microsoft Corporation. All rights reserved. Terms of use.