Information About the Digital Signatures of .CAB Files Used by Shavlik Protect

Version 2



    This document is intended to provide information about how Shavlik signs the .cab files used for downloading patch definition files.




    Protect currently uses .cab files for downloading and extracting many of the data files and binaries.


    Shavlik does sign the cab files.  We use a standard code signing certificate (from VeriSign).


    The signature algorithm is sha1RSA.

    The digest algorithm is md5.

    The digest encryption algorithm is RSA.


    Affected Product(s)


    Shavlik Protect 9.0.x

    Shavlik Protect 9.1.x