SiGen.hta Application
M. Gallant 07/06/2002
SiGen.hta is an HTML application using VBScript and CAPICOM 2 designed to:
- list files that support Authenticode signatures
- identify files that have Authenticode signatures
- create CMS/PKCS #7 signature files (attached or included content) for any binary or textual files.
File types currently supporting Authenticode signatures are:
exe, dll, cab, cat, ctl, ocx, js, vbs or wsf
Non-Authenticode file types can optionally be listed as well. If the file is found
to contain a valid Authenticode signature, the file listing is appended with an
S.
For generating CMS/PKCS #7 signatures, a file selection dialog is presented,
followed by a signing-certificate selection dialog (for
the default CurrentUser MY store). The PKCS #7 files generated are created in the
same directory as the original file, with file names:
- original_file_path\_sigb64det_originalfilename.p7s (for detached-content signatures)
- original_file_path\_sigb64inc_originalfilename.p7s (for included-content signatures)
- original_file_path\_sigbindet_originalfilename.p7s (for detached-content bin signatures)
- original_file_path\_sigbininc_originalfilename.p7s (for included-content bin signatures)
If Binary Data is checked, the file data to be signed is read as a pure binary byte array.
Otherwise, the file data to be signed is read and converted to a UNICODE-encoded byte array,
using the default local encoding.
Folders can optionally be fully recursively searched. The file path and
size is also displayed. Maximum number of listed items (folders and files) is
set at 250, but can be changed with the MaxFiles dropdown selection. Checkboxes
show which Authenticode file-types will be displayed. To filter file types, uncheck boxes
and click the Refresh button.
If a file is Authenticode-signed, clicking the file displays the certificates
associated with the signature. For files NOT containing a signature,
clicking the file listing opens the file immediately with the selected text Viewer, if the
file type is included in a list of displayable file types.
Selecting HexDump displays a hex-character dump in a separate window, using an efficient embedded
Java applet, for any file clicked (after certificates are displayed if the file is signed). The
Java applet also provides a scriptable method for a FileDialog selection.
Ctrl+Click any listed file text and the
file's context menu Properties panel is immediately launched.
[Note: The Select Folder button, and Properties features only work on
win32 systems with shell32.dll version 4.71 or higher. The application first detects the OS, and
if Win9x, ME or NT4, checks the shell32.dll version. If version < 4.71 the button and Properties
features are disabled (i.e. Active Desktop not configured)]
To Use:
Download the SiGen.hta application, and run directly to automatically
start the embedded Java applet from the network. Alternatively, download and save
both SiGen.hta and hexdumperapplet.cab to the same directory and start SiGen.hta locally.
You must grant the requested privileges in the security dialog of the signed applet to have the
hexdumper applet functionality.
If this is the first time you have run SiGen.hta, you will be prompted with a
dialog to configure the .hta file type dropHandler which adds an
extra registry setting enabling drag & drop of files/folder onto any .hta file.
After this is done, restart SiGen.hta. (in some cases you may need to restart
Windows for the change to take effect).
SiGen.hta
hexdumperapplet.cab
Screen shot
References:
