How to verify digital signatures of .exes?

[ToastyBug]

How can I verify digital signatures of downloaded .exes? Normally in Windows you can right-click the .exe, go to Properties > Digital Signatures tab and see the details

Is there a program for either Windows or Linux/macOS that can view and verify .exe digital signatures? Or something in wine?

[Alisonmond]

You can use SigCheck (Windows) or osslsigncode (Linux/macOS) to check the digital signature of the .exe file. If running in Wine, you can try signtool.exe from the Windows SDK.

[ToastyBug]

Thanks for the help, I found that the easiest way is to download Microsoft Sysinternals Sigcheck and run the following command:

Code: Select all

wine sigcheck64.exe -a "<Windows_formatted_filepath\to\program.exe>"

for example, for CPU-Z:

Code: Select all

wine ~/Downloads/Sigcheck/sigcheck64.exe -a "Z:\Users\username\Downloads\cpu-z_2.14-en\cpuz_x64.exe"

gives the following output:

Code: Select all

z:\users\username\Downloads\cpu-z_2.14-en\cpuz_x64.exe:
        Verified:       Signed
        Signing date:   4:22 PM 2/8/2025
        Publisher:      CPUID
        Company:        CPUID
        Description:    CPU-Z Application
        Product:        CPU-Z Application
        Prod version:   2, 1, 4, 0
        File version:   2, 1, 4, 0
        MachineType:    64-bit
        Binary Version: 2.1.4.0
        Original Name:  cpuz.exe
        Internal Name:  cpuz.exe
        Copyright:      Copyright (C) 2004-2025
        Comments:       n/a
        Entropy:        6.601