MsiDigitalSignature Table
The MsiDigitalSignature table contains the signature information for every digitally signed object in the installation database.
The MsiDigitalSignature and MsiDigitalCertificate tables are available starting with Windows Installer version 2.0.
Windows Installer version can use digital signatures as a means to detect corrupted resources. Windows Installer 2.0 can only verify the digital signatures of external cabinets, and only by the use of the MsiDigitalSignature and MsiDigitalCertificate tables.
Beginning with Windows Installer 3.0, the Windows Installer can verify the digital signatures of patches (.msp files) by using the MsiPatchCertificate and MsiDigitalCertificate tables. For more information, see Guidelines for Authoring Secure Installations and User Account Control (UAC) Patching.
The MsiDigitalSignature table has the following columns.
| Column | Type | Key | Nullable |
|---|---|---|---|
| Table | Identifier | Y | N |
| SignObject | Text | Y | N |
| DigitalCertificate_ | Identifier | N | N |
| Hash | Binary | N | Y |
Columns
-
Table
-
With the Windows Installer version 2.0, the entry in this field must be "Media" for the Media table. The installer only verifies the digital signatures on external cabinet media entries. This column and the SignObject column together specify the resource that is digitally signed.
-
SignObject
-
A foreign key into the primary key of the table specified by the Table column. This column and the Table column together specify the resource that is digitally signed.
-
DigitalCertificate_
-
A foreign key into the MsiDigitalCertificate table. This identifies the certificate that must exist on the file for the associated action to succeed. The resource (or object) is always required to match this certificate in the MsiDigitalCertificate table.
-
Hash
-
In this field enter the reference hash of the resource (or object) that is to be checked against the actual hash of the resource (or object) obtained at run-time. If only the certificate needs to be verified, the Hash field may be null. Note that the format of the hash depends on the type of the resource (or object) being signed.
The Hash column contains the binary representation of the hash. The actual content is the pbData member of the CRYPT_HASH_BLOB structure, which is part of the CRYPTOAPI_BLOB structure. This may be obtained by calling WinVerifyTrust or MsiGetFileSignatureInformation.
Validation
Related topics
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for