Question on the size limit for Sign Tool RRS feed

  • Question

  • https://docs.microsoft.com/en-us/windows/win32/seccrypto/signtool

    In the article above there is an excerpt at the bottom about a 300 MB limit for validating files on systems running Windows XP Service Pack 2 or later.  Does anyone know more about what causes this issue?  Currently my workplace uses some unmanaged code and a signing application that makes use of Sign Tool to sign and verify files.  Recently, the company has started to send files that are over 300 MB in size and I have been trying to investigate this limit to verify that our signed files wont just spontaneously stop getting verified correctly at the windows 7 and 10 end points.  

    The exact excerpt as quoted from the article is given below.  Also, the referenced document in the excerpt no longer exists, which has not really helped my situation at all.  

    "When signing an executable file that is larger than approximately 300 megabytes for use on a computer running Windows XP with Service Pack 2 (SP2) and later, you should use catalog signing with the MakeCat tool rather than use the SignTool tool. Depending on the available system resources of the computer on which the file is verified, some applications may not be able to verify the binary signature of a large file. For more information, see KB article 922225."

    • Edited by Kevin2205 Friday, January 31, 2020 3:44 PM
    Friday, January 31, 2020 3:44 PM

All replies