Sign Wizard 4.1 Software

Posted on by admin
Sign Wizard 4.1 Software 7,6/10 2030 reviews

This CD contains demo versions and complete versions of our Sign Wizard and Neon Wizard software, versions 4.1 and 5.1. Click on Try the Demo for Sign. Sign wizard 4.1 software for windows social advice Users interested in Sign wizard 4.1 software for windows generally download.

  1. Sign Wizard 4.1
  2. Sign Wizard 4.1 Software Download

Sign Wizard, free sign wizard software downloads, Page 3.

-->Sign

The SignTool tool is a command-line tool that digitally signs files, verifies signatures in files, or time stamps files. For information about why signing files is important, see Introduction to Code Signing. The tool is installed in the Bin folder of the Microsoft Windows Software Development Kit (SDK) installation path.

Cara download buku gratis di amazon. SignTool is available as part of the Windows SDK, which you can download from https://go.microsoft.com/fwlink/p/?linkid=84091.

**Windows Server 2008 R2 and Windows 7: **

If you are using the WinVerifyTrust function to verify multiple embedded signatures or support strong cryptography policy, you must include the following files:

  • Microsoft.Windows.Build.Signing.wintrust.dll.manifest
  • Wintrust.dll (downlevel version)

If you want to perform dual signing and make SHA256 catalogs, you must include those files and the following additional files:

  • Makecat.exe
  • Makecat.exe.manifest
  • Microsoft.Windows.Build.Signing.mssign32.dll.manifest
  • Mssign32.dll (downlevel version)
  • Signtool.exe
  • Signtool.exe.manifest

Here is the syntax for SignTool:

signtool [Command][Options][FileName …]

The following commands are supported by SignTool.

CommandDescription
catdbAdds or removes a catalog file to or from a catalog database.
signDigitally signs files.
signwizardThis command is not supported.
Windows Vista and earlier: Launches the signing wizard. Only a single file can be specified for the file name command-line parameter.
timestampTime stamps files.
verifyVerifies the digital signature of files.

The following options apply to the catdb command.

Catdb optionDescription
/dSpecifies that the default catalog database be updated. If neither the /d nor /g option is used, SignTool updates the system component and driver database.
/gGUIDSpecifies that the catalog database identified by the GUID be updated.
/rRemoves the specified catalog from the catalog database. If this option is not specified, SignTool will add the specified catalog to the catalog database.
/uSpecifies that a unique name be automatically generated for the added catalog files. If necessary, the catalog files are renamed to prevent name conflicts with existing catalog files. If this option is not specified, SignTool overwrites any existing catalog that has the same name as the catalog being added.

Note

Catalog databases are used for automatic lookup of catalog files.

The following options apply to the sign command.

Sign optionDescription
/aSelects the best signing certificate automatically. If this option is not present, SignTool expects to find only one valid signing certificate.
/acFileNameSpecifies a file that contains an additional certificate to add to the signature block.
/asAppends this signature. If no primary signature is present, this signature is made the primary signature.
/cCertTemplateNameSpecifies the Certificate Template Name (a Microsoft extension) for the signing certificate.
/cspCSPNameSpecifies the cryptographic service provider (CSP) that contains the private key container.
/dDescSpecifies a description of the signed content.
/dgPathGenerates the to be signed digest and the unsigned PKCS7 files. The output digest and PKCS7 files will be: PathFileName.dig and PathFileName.p7u. To output an additional XML file, see /dxml.
/diPathCreates the signature by ingesting the signed digest to the unsigned PKCS7 file. The input signed digest and unsigned PKCS7 files should be: PathFileName.dig.signed and PathFileName.p7u.
/dlibDLLSpecifies the DLL implementing the AuthenticodeDigestSign function to sign the digest with. This option is equivalent to using SignTool separately with the /dg, /ds, and /di switches, except this option invokes all three as one atomic operation.
/dmdfFileNameWhen used with the /dg option, passes the file’s contents to the AuthenticodeDigestSign function without modification.
/dsSigns the digest only. The input file should be the digest generated by the /dg option. The output file will be: File.signed.
/duURLSpecifies a URL for expanded description of the signed content.
/dxmlWhen used with the /dg option, produces an XML file. The output file will be: PathFileName.dig.xml.
/fSignCertFileSpecifies the signing certificate in a file. Only the Personal Information Exchange (PFX) file format is supported. You can use the PVK2PFX.exe tool to convert SPC and PVK files to PFX format.
If the file is in PFX format protected by a password, use the /p option to specify the password. If the file does not contain private keys, use the /csp and /k options to specify the CSP and private key container name, respectively.
/iIssuerNameSpecifies the name of the issuer of the signing certificate. This value can be a substring of the entire issuer name.
/fdSpecifies the file digest algorithm to use to create file signatures. The default algorithm is Secure Hash Algorithm (SHA-1).
Windows Vista and earlier: This flag is not supported.
/jDLLThis flag is not supported.
Windows Vista and earlier: Specifies the name of a DLL that provides attributes of the signature.
/jpParameterNameThis flag is not supported.
Windows Vista and earlier: Specifies a parameter that is passed to the DLL specified by the /j command.
/kcNameSpecifies the key that contains the name of the private key.
/nSubjectNameSpecifies the name of the subject of the signing certificate. This value can be a substring of the entire subject name.
/nphIf supported, suppresses page hashes for executable files. The default behavior is determined by the SIGNTOOL_PAGE_HASHES environment variable and by the Wintrust.dll version. This option is ignored for non-PE files.
/pPasswordSpecifies the password to use when opening a PFX file. A PFX file can be specified by using the /f option. For information about protecting passwords, see Handling Passwords.
/p7PathSpecifies that for each specified content file, a PKCS #7 file is produced. The produced PKCS #7 file is named PathFileName.p7.
/p7ceValueSpecifies options for the signed PKCS #7 content. Set Value to 'Embedded' to embed the signed content in the PKCS #7 file, or set Value to 'DetachedSignedData' to produce the signed data portion of a detached PKCS #7 file. If this option is not used, then the default choice is 'Embedded'.
/p7coOIDSpecifies the object identifier (OID) that identifies the signed PKCS #7 content.
/phIf supported, generates page hashes for executable files. This option is ignored for non-PE files.
/rRootSubjectNameSpecifies the name of the subject of the root certificate that the signing certificate must chain to. This value can be a substring of the entire subject name of the root certificate.
/sStoreNameSpecifies the store to open when searching for the certificate. If this option is not specified, the My store is opened.
/sha1HashSpecifies the SHA1 hash of the signing certificate.
/smSpecifies that a computer store, instead of a user store, be used.
/snkFileNameThis flag is not supported.
Windows Vista and earlier: Specifies the SNK file that contains the strong name private key.
/sncspNameThis flag is not supported.
Windows Vista and earlier.: Specifies the CSP that contains the strong name private key container.
/snkcNameThis flag is not supported.
Windows Vista and earlier: Specifies the key that contains the name of the strong name private key.
/snks {12}This flag is not supported.
Windows Vista and earlier: Specifies which strong name private key to use. If this argument is not used, the default value 2 is assumed.
The following values are supported:
1
AT_KEYEXCHANGE
2 (default)
AT_SIGNATURE

/tURLSpecifies the URL of the time stamp server. If this option is not present, then the signed file will not be time stamped. A warning is generated if time stamping fails.
/tdalgUsed with the /tr switch to request a digest algorithm used by the RFC 3161 time stamp server.
[!Note]
The /td switch must be declared after the /tr switch, not before. If the /td switch is declared before the /tr switch, the timestamp that is returned is from an SHA1 algorithm instead of the intended SHA256 algorithm.

Windows Vista and earlier: This flag is not supported.
/trURLSpecifies the RFC 3161 time stamp server's URL. If this option (or /t) is not specified, the signed file will not be time stamped. A warning is generated if time stamping fails. This switch cannot be used with the /t switch.
Windows Vista and earlier: This flag is not supported.
/uUsageSpecifies the enhanced key usage (EKU) that must be present in the signing certificate. The usage value can be specified by OID or string. The default usage is 'Code Signing' (1.3.6.1.5.5.7.3.3).
/uwSpecifies using 'Windows System Component Verification' (1.3.6.1.4.1.311.10.3.6).

The following option applies to the timestamp command.

Timestamp optionDescription
/tURLRequired. Specifies the URL of the time stamp server. The file being time stamped must have previously been signed.
/tdindexUsed with the /tr switch to request a digest algorithm used by the RFC 3161 time stamp server.
[!Note]
The /td switch must be declared after the /tr switch, not before. If the /td switch is declared before the /tr switch, the timestamp that is returned is from an SHA1 algorithm instead of the intended SHA256 algorithm.

/tpalgAdds a timestamp to the signature at index.
/trURLSpecifies the RFC 3161 time stamp server's URL. The file being time stamped must have previously been signed. Either the /tr or the /t option is required.
/p7PathAdds a timestamp to PKCS #7 files.

The following options apply to the verify command.

Verify optionDescription
/aSpecifies that all methods can be used to verify the file. First, the catalog databases are searched to determine whether the file is signed in a catalog. If the file is not signed in any catalog, SignTool attempts to verify the file's embedded signature. This option is recommended when verifying files that may or may not be signed in a catalog. Examples of files that may or may not be signed include Windows files or drivers.
/adFinds the catalog by using the default catalog database.
/allVerifies all signatures in a file with multiple signatures.
/asFinds the catalog by using the system component (driver) catalog database.
/agCatDBGUIDFinds the catalog in the catalog database identified by the GUID.
/cCatFileSpecifies the catalog file by name.
/dPrint the description and description URL.
Windows Vista and earlier: This flag is not supported.
/dsIndexVerifies the signature at a certain position.
/hash{SHA1SHA256}Specifies an optional hash algorithm to use when searching for a file in a catalog.
/kpPerforms the verification by using the x64 kernel-mode driver signing policy.
/msUses multiple verification semantics. This is the default behavior of a WinVerifyTrust call.
/oVersionVerifies the file by operating system version. The version parameter is of the form:
PlatformID**:VerMajor.VerMinor.**BuildNumber
The use of the /o switch is recommended. If /o is not specified SignTool may return unexpected results. For example, if you do not include the /o switch, then system catalogs that validate correctly on an older OS may not validate correctly on a newer OS.
/p7Verify PKCS #7 files. No existing policies are used for PKCS #7 validation. The signature is checked and a chain is built for the signing certificate.
/paSpecifies that the Default Authentication Verification Policy is used. If the /pa option is not specified, SignTool uses the Windows Driver Verification Policy. This option cannot be used with the catdb options.
/pgPolicyGUIDSpecifies a verification policy by GUID. The GUID corresponds to the ActionID of the verification policy. This option cannot be used with the catdb options.
/phPrint and verify page hash values.
Windows Vista and earlier: This flag is not supported.
/rRootSubjectNameSpecifies the name of the subject of the root certificate that the signing certificate must chain to. This value can be a substring of the entire subject name of the root certificate.
/twSpecifies that a warning is generated if the signature is not time stamped.

The following display options apply to all SignTool commands.

Sign Wizard 4.1

Global optionDescription
/debugDisplays debugging information.
/qDisplays no output on successful execution and minimal output for failed execution.
/vDisplays verbose output for successful execution, failed execution, and warning messages.
Sign

The SignTool verify command determines whether the signing certificate was issued by a trusted authority, whether the signing certificate has been revoked, and, optionally, whether the signing certificate is valid for a specific policy.

SignTool returns an exit code of zero for successful execution, one for failed execution, and two for execution that completed with warnings. If the SignTool encounters an unhandled exception, however, the return value is undefined.

The following command line shows signing a file automatically using the best certificate.

signtool sign/aMyFile.exe

Sign Wizard 4.1 Software Download

Amt firearms serial numbers. Note

When signing an executable file that is larger than approximately 300 megabytes for use on a computer running Windows XP with Service Pack 2 (SP2) and later, you should use catalog signing with the MakeCat tool rather than use the SignTool tool. Depending on the available system resources of the computer on which the file is verified, some applications may not be able to verify the binary signature of a large file. For more information, see KB article 922225.