{"id":22367,"library":"signify","title":"signify","description":"signify is a Python library for generating and verifying Portable Executable (PE) digital signatures. The current version is 0.9.2. It requires Python >=3.9. The library provides tools to sign PE files and verify existing signatures, primarily for Windows executables. Release cadence is low; updates are infrequent.","status":"active","version":"0.9.2","language":"python","source_language":"en","source_url":"https://github.com/ralphje/signify","tags":["pe","signature","authenticode","security","windows"],"install":[{"cmd":"pip install signify","lang":"bash","label":"Install from PyPI"}],"dependencies":[],"imports":[{"note":"Importing top-level package doesn't expose sign; must import explicitly.","wrong":"import signify","symbol":"sign","correct":"from signify import sign"},{"note":"","wrong":"","symbol":"verify","correct":"from signify import verify"},{"note":"","wrong":"","symbol":"AuthenticodeSignedData","correct":"from signify.authenticode import AuthenticodeSignedData"},{"note":"","wrong":"","symbol":"SignedPe","correct":"from signify.signed_pe import SignedPe"}],"quickstart":{"code":"from signify import sign, verify\n\n# Sign a PE file\nsign('path/to/file.exe', 'path/to/certificate.pfx', 'password')\n\n# Verify a signature\nresult = verify('path/to/signed.exe')\nprint(result)","lang":"python","description":"Signs a PE file using a PFX certificate and verifies the signature."},"warnings":[{"fix":"Upgrade Python to 3.9 or later.","message":"The library requires Python >=3.9 and may not work on older versions.","severity":"breaking","affected_versions":"<0.9.0"},{"fix":"Ensure your certificate is in PFX format. Use OpenSSL to convert if needed.","message":"The signing function 'sign' expects a PFX file path and password. For other formats, manual conversion is needed.","severity":"gotcha","affected_versions":"all"},{"fix":"Use 'pefile' library to inspect PE structure before verification.","message":"Verification may fail on files without a signature block; check that the file indeed has a PE signature.","severity":"gotcha","affected_versions":"all"}],"env_vars":null,"last_verified":"2026-04-27T00:00:00.000Z","next_check":"2026-07-26T00:00:00.000Z","problems":[{"fix":"Run 'pip install signify'.","cause":"The library is not installed.","error":"ModuleNotFoundError: No module named 'signify'"},{"fix":"Use 'from signify import sign'.","cause":"Incorrect import; the package does not expose sign via top-level import.","error":"AttributeError: module 'signify' has no attribute 'sign'"},{"fix":"Double-check the file path and ensure the file exists.","cause":"The provided file path does not exist.","error":"FileNotFoundError: [Errno 2] No such file or directory: '...'"}],"ecosystem":"pypi","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null}