signify

0.9.2 verified Mon Apr 27 auth: no python

signify is a Python library for generating and verifying Portable Executable (PE) digital signatures. The current version is 0.9.2. It requires Python >=3.9. The library provides tools to sign PE files and verify existing signatures, primarily for Windows executables. Release cadence is low; updates are infrequent.

pip install signify

Common errors

error ModuleNotFoundError: No module named 'signify' ↓

cause The library is not installed.

fix

Run 'pip install signify'.

error AttributeError: module 'signify' has no attribute 'sign' ↓

cause Incorrect import; the package does not expose sign via top-level import.

fix

Use 'from signify import sign'.

error FileNotFoundError: [Errno 2] No such file or directory: '...' ↓

cause The provided file path does not exist.

fix

Double-check the file path and ensure the file exists.

Warnings

breaking The library requires Python >=3.9 and may not work on older versions. ↓

fix Upgrade Python to 3.9 or later.

gotcha The signing function 'sign' expects a PFX file path and password. For other formats, manual conversion is needed. ↓

fix Ensure your certificate is in PFX format. Use OpenSSL to convert if needed.

gotcha Verification may fail on files without a signature block; check that the file indeed has a PE signature. ↓

fix Use 'pefile' library to inspect PE structure before verification.

Imports

sign
wrong
```
import signify
```
correct
```
from signify import sign
```
Importing top-level package doesn't expose sign; must import explicitly.
verify
```
from signify import verify
```

AuthenticodeSignedData

from signify.authenticode import AuthenticodeSignedData

SignedPe
```
from signify.signed_pe import SignedPe
```

Quickstart

Signs a PE file using a PFX certificate and verifies the signature.

from signify import sign, verify

# Sign a PE file
sign('path/to/file.exe', 'path/to/certificate.pfx', 'password')

# Verify a signature
result = verify('path/to/signed.exe')
print(result)