Where is the digital signature stored when code signing a exe file in windows?

The format of a signed PE file is documented by Microsoft:

Windows Authenticode Portable Executable Signature Format [This link downloads a WORD doc]

An embedded digital signature is always appended to the end of the executable file, whether or not you have custom data attached to it. The attached data is included in the hash of the signature.

The location and size of the signature is stored in the security directory of the PE header. Extracting that information goes like this:

• Locate and read the IMAGE_OPTIONAL_HEADER of the PE file.
• IMAGE_OPTIONAL_HEADER::DataDirectory is an array of IMAGE_DATA_DIRECTORY structures. Index it by IMAGE_DIRECTORY_ENTRY_SECURITY (undocumented but declared in winnt.h) to locate the entry of the security directory.
• IMAGE_DATA_DIRECTORY::VirtualAddress contains the file offset (not the RVA) of the signature and IMAGE_DATA_DIRECTORY::Size contains the size of the signature.

References:

• PE Format (MSDN)
• Peering inside the PE (somewhat more readable, with examples)
• IMAGE_DATA_DIRECTORY values
• The Case of the Missing Digital Signatures Tab