8. windows.wintrust
– Checking signature¶
Note
See sample windows.wintrust
The wintrust
module offers wrapper around wintrust.dll
.
It allows to check the signature of a file.
The signature of a file can be at two differents place:
- In the file itself (
check_signature()
)- In a catalog file (
full_signature_information()
)
8.1. API¶
-
windows.wintrust.
is_signed
(filename)[source]¶ Check if
filename
is signed:- File embeds a valid signature
- File is part of a signed catalog file
Returns: bool
-
windows.wintrust.
full_signature_information
(filename)[source]¶ Returns more information about the signature of
filename
Returns: SignatureData
-
windows.wintrust.
check_signature
(filename)[source]¶ Check if
filename
embeds a valid signature.Returns: int
:0
iffilename
have a valid signature else the error
8.1.1. SignatureData¶
-
class
windows.wintrust.
SignatureData
(signed, catalog, catalogsigned, additionalinfo)¶ Signature information for
FILENAME
:signed
: True ifFILENAME
embeds a valide signaturecatalog
: The filename of the catalogFILENAME
is part of (if any)catalogsigned
: True ifcatalog
embeds a valide signatureadditionalinfo
: The return error ofcheck_signature(FILENAME)
additionalinfo
is useful to know ifFILENAME
signature was rejected for an invalid root / expired cert.-
additionalinfo
¶ Alias for field number 3
-
catalog
¶ Alias for field number 1
-
catalogsigned
¶ Alias for field number 2
-
signed
¶ Alias for field number 0