數字簽名的驗證

通常的我們在軟體發布前要對binary（dll，exe）進行數字簽名，數字簽名可以標識軟體的發布商，也可以通過數字簽名來檢查此軟體是否被修改或受病毒影響。

sigcheck是來自sysinternals的數字簽名驗證工具，可以檢視指定的檔案或目錄下的哪些檔案沒有數字簽名。此工具是命令列工具，可以用來批量檢查某個資料夾下相關檔案的數字簽名。

幫助如下：

使用如下：

對目錄c:\program files (x86)\microsoft visual studio 10.0\common7\ide及子目錄下的所有的binaries檢查數字簽名，將沒有簽名的檔案輸出到sigcheck.txt中。

sigcheck -s -q -e -u "c:\program files (x86)\microsoft visual studio 10.0\common7\ide" > sigcheck.txt

執行後的sigcheck.txt類似於如下：

c:\program files (x86)\microsoft visual studio 10.0\common7\ide\coloader80.tlb:

verified: unsigned

file date: 12:17 am 3/18/2010

publisher: microsoft corporation

description: vs loader type library

product: microsoft?visual studio?2010

version: 10.0.30319.1

file version: 10.0.30319.1 built by: rtmrel

c:\program files (x86)\microsoft visual studio 10.0\common7\ide\devenv.com:

verified: unsigned

file date: 3:04 am 3/18/2010

publisher: microsoft corporation

description: microsoft visual studio command line

product: microsoft?visual studio?2010

version: 10.0.30319.1

file version: 10.0.30319.1 built by: rtmrel

c:\program files (x86)\microsoft visual studio 10.0\common7\ide\privateassemblies\microsoft.teamfoundation.officeintegration.common.tlb:

verified: unsigned

file date: 4:28 am 3/18/2010

publisher: microsoft corporation

description: microsoft.teamfoundation.officeintegration.common.dll

product: microsoft?visual studio?2010

version: 10.0.30319.1

file version: 10.0.30319.1 built by: rtmrel

c:\program files (x86)\microsoft visual studio 10.0\common7\ide\privateassemblies\microsoft.visualstudio.ole.interop.dll:

verified: unsigned

file date: 6:22 pm 11/20/2009

publisher: microsoft corporation

description:

product: microsoft?visual studio .net

version: 7.10.6070

file version: 7.10.6070 完！