Share via


SIP's (Subject Interface Package) and Authenticode

This is my first post so I'll make it short and sweet.

What are SIPs?

They are basically implementations of Subject Interface Packages, which allow the CryptAPI to interact with specific parts of the files in order to put, get, calculate and verify digital signatures on files. In other words, this is how Windows handles Authenticode digital signatures from and to files. They tell the CryptAPI how to hash the file and where to put the signatures.

Where can I find them?

There are some included as part of the OS (at least on Vista). Locate in the %WINDIR%\System32 directory. They usually have a naming ending with sip.dll, i.e. msisip.dll is the Microsoft Installer (.msi) SIP.

How can I use them?

They need to be registered (regsvr32 <dll>) in order to be usable/reachable to digital signature tools, such as SignTool. Signtool will automatically recognize it and be able to use it for different file formats.

Any tips?

Look for MSDN online since installing MSDN locally will not have all available functions documented.

Comments

  • Anonymous
    May 06, 2015
    Hello,
    is there a list of all file formats for which a SIP is available (for free?).

    Thank you!