Discuss this help topic in SecureBlackbox Forum
Get the timestamp of the PE file signature
When you check the signatures of the PE file, each signature may include a timestamp. To access the timestamp, made over the file signature, check Timestamp property of TElAuthenticodeSignature class. When the file is loaded all the timestamps are verified automatically. Check the Validity property for the veirification result. Check other properties of TElAuthenticodeTimestamp class for the details of the timestamp.
if (signature.Timestamp != null)
{
Console.WriteLine("Timestamped by: " + (signature.Timestamp.SigningCertificate == null) ? "UNKNOWN" : signature.Timestamp.SigningCertificate.SubjectName.CommonName);
Console.WriteLine("\t at: " + signature.Timestamp.SigningTime.ToLongDateString());
if (signature.Timestamp.Validity != TSBAuthenticodeValidity.acvValid)
Console.WriteLine("Verification error " + signature.Timestamp.Validity.ToString());
}
The certificates used for timestamping are included into Certificates property, and can be verified in the same way as the certificates, used for signing the file.