Windows 10: Signtool.exe hashing process

Discus and support Signtool.exe hashing process in AntiVirus, Firewalls and System Security to solve the problem; Hi,We are not able to generate SHA256 hash of a .exe file, similar to hash generated by Signtool sign's command. We need to learn Signtool's hashing... Discussion in 'AntiVirus, Firewalls and System Security' started by Shivam111Sharma, Mar 17, 2024.

  1. SHIVAM111SHARMA
    Shivam111Sharma Win User

    Signtool.exe hashing process


    Hi,We are not able to generate SHA256 hash of a .exe file, similar to hash generated by Signtool sign's command. We need to learn Signtool's hashing process.We have a requirement for Reproducible Build, origin verification, and Automated Hash validation, as a part of our CodeSigning software.For that we are using client-side hashing, and some extra metadata while sending a /signing request to our server, it generates reproducible build and checks its hash with incoming hash. We have implemented our Key Storage Provider for that.KSP calls this method..SECURITY_STATUSWINAPIKSPSignHash &nb

    :)
     
    Shivam111Sharma, Mar 17, 2024
    #1
  2. TONIANTONIA
    toniantonia Win User

    0x800700C1 in SignTool

    hi

    i hvae made a 32 bit game but im having trouble signing the sertificate off the .appx file

    this is the error that i get

    C:\Program Files (x86)\Windows Kits\10\bin\10.0.17134.0\x86>SignTool sign /fd SHA256 /a /f signingCertx.pfx C:\projectx\snake\PackageFiles\snake.appx

    Done Adding Additional Store

    SignTool Error: SignedCode::Sign returned error: 0x800700C1

    For more information, please see https://aka.ms/badexeformat

    SignTool Error: An error occurred while attempting to sign: C:\projectx\snake\PackageFiles\snake.appx

    i have used desktop app converter to make the EXE into an APPX

    i have done all the steps that has brought me to this code:

    SignTool sign /fd SHA256 /a /f signingCertx.pfx C:\projectx\snake\PackageFiles\snake.appx

    but im stuck coz all i get is the error mentioned above after i type the code below :

    SignTool sign /fd SHA256 /a /f signingCertx.pfx C:\projectx\snake\PackageFiles\snake.appx

    my certificate has no password so i didnt include the /p

    can you help me please

    it would be much apritiated

    i run windows pro

    i have the windows SDK installed

    also i have visual studio 7 that makes it easier

    thank you
     
    toniantonia, Mar 17, 2024
    #2
  3. GNJHA
    GNJha Win User
    Boot Process

    Hi,

    Please suggest me a link that can explain the boot process step by step of ...

    • Windows 7,
    • Windows 8.1,
    • Windows 10,
    • Windows Server 2008 R2 and
    • Windows Server 2012 R2

    With Regards

    InTech
     
    GNJha, Mar 17, 2024
    #3
  4. GOPINATHSADASIVAM
    GopinathSadasivam Win User

    Signtool.exe hashing process

    signtool works on Windows 2016 Server but not on Windows 7

    The same signed vbscript when verified with signtool works with Windows 2016 Server but fails with Windows 7

    Code:
    
From Win 7, where signtool fails:

c:>signtool.exe verify /pa /v myscript.vbs

 

Verifying: myscript.vbs

Hash of file (sha256): 16F0CDEA1E314AA9B3460421620793A485AB9064E27019E1C9B627A20

12F2630


    Code:
    Signing Certificate Chain:

    Issued to: AAA Certificate Services

    Issued by: AAA Certificate Services

    Expires:   Mon Jan 01 05:29:59 2029

    SHA1 hash: D1EB23A46D17D68FD92564C2F1F1601764D8E349


    Code:
            Issued to: USERTrust RSA Certification Authority

        Issued by: AAA Certificate Services

        Expires:   Mon Jan 01 05:29:59 2029

        SHA1 hash: D89E3BD43D5D909B47A18977AA9D5CE36CEE184C


    Code:
                Issued to: Sectigo RSA Code Signing CA

            Issued by: USERTrust RSA Certification Authority

            Expires:   Wed Jan 01 05:29:59 2031

            SHA1 hash: 94C95DA1E850BD85209A4A2AF3E1FB1604F9BB66


    Code:
                    Issued to: My Company Group Limited

                Issued by: Sectigo RSA Code Signing CA

                Expires:   Mon Feb 28 05:29:59 2022

                SHA1 hash: D5B34FFFE99E3F2C7F83C53BEF7CC65E8FA4ABE5


    Code:
    The signature is timestamped: Wed May 13 14:33:01 2020

Timestamp Verified by:

    Issued to: Entrust.net Certification Authority (2048)

    Issued by: Entrust.net Certification Authority (2048)

    Expires:   Tue Jul 24 19:45:12 2029

    SHA1 hash: 503006091D97D4F5AE39F7CBE7927D7D652D3431


    Code:
            Issued to: Entrust Timestamping CA - TS1

        Issued by: Entrust.net Certification Authority (2048)

        Expires:   Sat Jun 23 01:02:54 2029

        SHA1 hash: 58C71A4AE63E768CA510C54EB7A06E30EF8E42E9


    Code:
                Issued to: Entrust Time Stamping Authority

            Issued by: Entrust Timestamping CA - TS1

            Expires:   Sun Jan 06 02:33:23 2030

            SHA1 hash: 4E4DCE57B9F7A48658ED6F3272162B34F85E69BD


    Code:
    SignTool Error: WinVerifyTrust returned error: 0x80096010

        The digital signature of the object did not verify.


    Code:
    Number of files successfully Verified: 0

Number of warnings: 0

Number of errors: 1
    Code:
    -------------
A working Sample from Windows 2016 Server

c:\>signtool.exe verify /pa /v myscript.vbs

 

Verifying: myscript.vbs


    Code:
    Signature Index: 0 (Primary Signature)

Hash of file (sha256): 16F0CDEA1E314AA9B3460421620793A485AB9064E27019E1C9B627A2012F2630


    Code:
    Signing Certificate Chain:

    Issued to: USERTrust RSA Certification Authority

    Issued by: USERTrust RSA Certification Authority

    Expires:   Tue Jan 19 05:29:59 2038

    SHA1 hash: 2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E


    Code:
            Issued to: Sectigo RSA Code Signing CA

        Issued by: USERTrust RSA Certification Authority

        Expires:   Wed Jan 01 05:29:59 2031

        SHA1 hash: 94C95DA1E850BD85209A4A2AF3E1FB1604F9BB66


    Code:
                Issued to: My Company Group Limited

            Issued by: Sectigo RSA Code Signing CA

            Expires:   Mon Feb 28 05:29:59 2022

            SHA1 hash: D5B34FFFE99E3F2C7F83C53BEF7CC65E8FA4ABE5


    Code:
    The signature is timestamped: Wed May 13 14:33:01 2020

Timestamp Verified by:

    Issued to: Entrust.net Certification Authority (2048)

    Issued by: Entrust.net Certification Authority (2048)

    Expires:   Tue Jul 24 19:45:12 2029

    SHA1 hash: 503006091D97D4F5AE39F7CBE7927D7D652D3431


    Code:
            Issued to: Entrust Timestamping CA - TS1

        Issued by: Entrust.net Certification Authority (2048)

        Expires:   Sat Jun 23 01:02:54 2029

        SHA1 hash: 58C71A4AE63E768CA510C54EB7A06E30EF8E42E9


    Code:
                Issued to: Entrust Time Stamping Authority

            Issued by: Entrust Timestamping CA - TS1

            Expires:   Sun Jan 06 02:33:23 2030

            SHA1 hash: 4E4DCE57B9F7A48658ED6F3272162B34F85E69BD


    Code:
    
Successfully verified: oainstall.vbs


    Code:
    Number of files successfully Verified: 1

Number of warnings: 0

Number of errors: 0

---------------------
What could be the reason?Thanks for reading this!
     
    GopinathSadasivam, Mar 17, 2024
    #4
Thema:

Signtool.exe hashing process

Loading...

  1. Signtool.exe hashing process - Similar Threads - Signtool exe hashing

  2. Is this hash a valid...

    in Windows 10 Gaming
    Is this hash a valid...: Please help me verify if this hash 68fa9209563cd30dc7a96419822084761a3726645ee150716887c4a0b9b135af is an authentic kernel32.dll. the file size is only 149kb. the system32 folder has a kernel32legacy.dll and the forwarder folder inside the system32 contains this kernel32.dll....

  3. Is this hash a valid...

    in Windows 10 Software and Apps
    Is this hash a valid...: Please help me verify if this hash 68fa9209563cd30dc7a96419822084761a3726645ee150716887c4a0b9b135af is an authentic kernel32.dll. the file size is only 149kb. the system32 folder has a kernel32legacy.dll and the forwarder folder inside the system32 contains this kernel32.dll....

  4. Is this hash a valid...

    in Windows 10 Installation and Upgrade
    Is this hash a valid...: Please help me verify if this hash 68fa9209563cd30dc7a96419822084761a3726645ee150716887c4a0b9b135af is an authentic kernel32.dll. the file size is only 149kb. the system32 folder has a kernel32legacy.dll and the forwarder folder inside the system32 contains this kernel32.dll....

  5. Signtool.exe hashing process

    in Windows 10 Gaming
    Signtool.exe hashing process: Hi,We are not able to generate SHA256 hash of a .exe file, similar to hash generated by Signtool sign's command. We need to learn Signtool's hashing process.We have a requirement for Reproducible Build, origin verification, and Automated Hash validation, as a part of our...

  6. Signtool.exe hashing process

    in Windows 10 Software and Apps
    Signtool.exe hashing process: Hi,We are not able to generate SHA256 hash of a .exe file, similar to hash generated by Signtool sign's command. We need to learn Signtool's hashing process.We have a requirement for Reproducible Build, origin verification, and Automated Hash validation, as a part of our...

  7. What is the "0vfo21l0.exe" process?

    in Windows 10 Gaming
    What is the "0vfo21l0.exe" process?: I saw it in task manager. I can't find it online. It had a NordVPN icon. I couldn't find it in any NordVPN file folders though.Thanks https://answers.microsoft.com/en-us/windows/forum/all/what-is-the-0vfo21l0exe-process/7ac9861c-3e18-4b41-8a11-8e7c10860d40

  8. What is the "0vfo21l0.exe" process?

    in Windows 10 Software and Apps
    What is the "0vfo21l0.exe" process?: I saw it in task manager. I can't find it online. It had a NordVPN icon. I couldn't find it in any NordVPN file folders though.Thanks https://answers.microsoft.com/en-us/windows/forum/all/what-is-the-0vfo21l0exe-process/7ac9861c-3e18-4b41-8a11-8e7c10860d40

  9. What is rundll32.exe process? Is it a virus?

    in Windows 10 News
    What is rundll32.exe process? Is it a virus?: [ATTACH] [ATTACH]A lot of Windows users have doubts about whether the rundll32.exe process that they see in the Task Manager is a genuine process or a virus. The reason behind these inquiries is the paranoia created by fraud tech support companies [...] This post What is...

  10. 0x800700C1 in SignTool

    in Microsoft Windows 10 Store
    0x800700C1 in SignTool: hi i hvae made a 32 bit game but im having trouble signing the sertificate off the .appx file this is the error that i get C:\Program Files (x86)\Windows Kits\10\bin\10.0.17134.0\x86>SignTool sign /fd SHA256 /a /f signingCertx.pfx...