Menu
Currently I am using pyopenssl for extraction of certificate info and validation of chain. But for expiration checking I need to extract signing time of the binary/certificate.
Is there a way to extract this info in Linux Environment ?
864
asked Oct 20 '25 14:10
I had the same need of getting the time a pe_file (Windows Binary) was signed.
It took me a while to figure out how to get this info using signify with python. They key was figuring out how to follow and use the graph in the signify docs here: https://signify.readthedocs.io/en/latest/authenticode.html#pkcs7-objects
See this example:
from signify.authenticode.signed_pe import SignedPEFile
pathname = r"SoftwareUpdate.exe"
with open(pathname, "rb") as f:
pefile = SignedPEFile(f)
print(list(pefile.signed_datas)[0].signer_infos[0].countersigner.signing_time)
I tested this on Ubuntu against the SoftwareUpdate.exe test file in the signify project:
tools/Python$ curl -O https://raw.githubusercontent.com/ralphje/signify/master/tests/test_data/SoftwareUpdate.exe
tools/Python$ python3 get_pefile_signify_time.py
2008-07-25 22:21:53+00:00
Screenshot from Windows for the same:
The snippet above is here: https://github.com/jgstew/tools/blob/master/Python/get_pefile_signify_time.py
This is the script I used to figure this out: https://github.com/jgstew/tools/blob/master/Python/get_pefile_signify.py
I have other pefile related examples in the folder.
Related:
86
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
