what happens to exe when we sign it?

Question

After signing exe by using VeriSign, if we right click to exe we can see "digital signature" tab which gives information about certificate. Where exactly this information will be stored? I mean how operating system will come to know which certificate is related to which file? Is there anything embed inside exe while signing? How can I write c# code to extract certificate from signed exe?

Any help is greatly appreciated.

Update : I solved problem though I was not able to find how exactly certificate relationship with assembly stored. We can create X509Certificate object by passing assembly path. My task was to just get serial number and owner. Following code I wrote for this.

 X509Certificate cert = X509Certificate.CreateFromSignedFile("Solo4Orchestra.exe");
            MessageBox.Show(cert.Subject.Split(new char[1]{','})[3].Replace("O=",""));
            MessageBox.Show(cert.GetSerialNumberString());

Thanks. Akie

Answer 1

Windows Authenticode Portable Executable Signature Format might give you some information on the binary format.

There is a Windows API for checking the signature, CryptQueryObject(). Maybe there is also a .NET API for that but apparently not: A related MSDN article with sample code to get revocation list also uses Windows API calls as it seems: How to get information from a CRL (.NET) (might be a good starting point as it implements a wrapper for that function).

Answer 2

As mentioned above, it's Authenticode signature format. As far as I know our PKIBlackbox components are the only ones to support Authenticode (both signing and verification) in .NET.