Good news! Thanks to Per Allansson, author of osslsigncode, we know
now that 98C090F33284468D64F30EE7B8C00894135D54C8 is sha1 of Root
Entry unique identifier 84 10 0c 00 00 00 00 00 c0 00 00 00 00 00 00
46.
--
Marc-André Lureau
Hello!
PE signing is already publicly documented by Microsoft, and we have an
open-source tool (osslsigncode) capable of signing PE and Cabinet. A
signed MSI dump easily reveals that the signature is under the
'\005DigitalSignature' stream, and it's a regular pkcs#7 signature,
whose content info t
