DigSig

If you frequently worry about the authenticity of downloaded files and that someone might have tampered with the data, such as a certain type of malware agents, you can use DigSig to check the integrity of digital signatures. These signatures are commonly used when creating and distributing software or making financial transactions.

DigSig is a small-sized application that doesn't need any kind of installation and delivers all options through the command-line window only. This may not please those who are used to the graphical interface, but it certainly gets the job done fast.

The syntax for this tool is DIGSIG [/folder] [/nologo] filepath. To verify the digital signature of a single file, you just have to write its name, such as "digsig.exe file_name.exe". However, the program can also in bulk too because it can run scans on all supported files from a specified directory ("digsig.exe folder_name").

DigSig is capable of returning one of the sixteen error codes available: -1 for invalid parameters on incorrect configuration made on your side, 0 for present and successfully validated signatures for trusted publishers, 1 for no present signatures, 2 for failure to get any signature, 5 for administrators who disabled the user trust, or 6 for unsuccessfully connecting to WinVerifyTrust() in WinTrust.DLL.

Other error codes may appear for unknown errors (7), non-existent files (8), locked files (9), unsupported file types (10), certificates revoked by the issuer (11), expired certificates (12), altered certificates (13), and for the lack of possibility to verify the signature (14).

Since installing the tool isn't necessary, you can keep it stored in your collection of portable software and use it whenever you want to swiftly run a digital signature integrity checkup on suspicious files. DigSig worked smoothly throughout our evaluation.