olszomal
62e8ffd0c9
allow timestamping with the add command
2019-07-20 12:51:23 +02:00
Michał Trojnara
891887a974
Never overwrite or unlink an existing file
...
Fixes #9
The code uses the "x" file access mode flag introduced by the C11
standard (ISO/IEC 9899:2011). It may be unsupported on Windows.
2019-07-13 15:25:41 +02:00
Michał Trojnara
4c44cfdd76
Fix double free
2019-07-11 20:20:47 +02:00
Jemmy Wang
6c8ec4427a
Fix segmentation fault
2019-07-01 22:02:17 +02:00
Jemmy Wang
c740b097df
Fix SpcPageHashLink generation
...
The orginal code handles ASN1_SET improperly, which results in INVALID
page hash SpcLink.
This commit fixes the bug. osslsigncode can now generate valid
signatures with -ph (page hash) option.
2019-07-01 22:02:17 +02:00
Reimar Döffinger
0bea1ac8f6
Ensure variable is initialized.
...
It seem unnecessarily risky to leave it
uninitialized when PKCS7_free is called
on it unconditionally at the end of the
function.
2019-04-25 00:02:33 +02:00
Michał Trojnara
12966f611a
Consistent DO_EXIT_n interface
2019-04-24 06:54:44 +02:00
Reimar Döffinger
044861b323
Make -pkcs11engine option optional. ( #5 )
...
If not specified, load all builtin engines,
most likely the pkcs11 one will be among them.
This makes the pkcs11module option much easier
to use in the most common use-cases.
2019-04-24 06:47:53 +02:00
Michał Trojnara
bed25dcb7d
Error formatting fixes
...
closes #3
2019-04-24 06:17:31 +02:00
Reimar Döffinger
8c82f76905
Remove unused Authenticode object IDs.
2019-04-23 22:55:57 +02:00
barrybingo
342518fcbe
Minorfixes ( #2 )
...
Replace legacy function
2019-04-02 13:52:25 +02:00
Michał Trojnara
fe08daaa4f
use OpenSSL memory allocation
2018-12-09 23:30:20 +01:00
Michał Trojnara
5a01658434
use tohex() for bin2hex conversion
2018-12-09 23:05:13 +01:00
Michał Trojnara
d007c03bb6
signed/unsigned conversion fixes
2018-12-09 22:51:15 +01:00
Michał Trojnara
a935479e7f
fixed a few typos
2018-12-08 22:06:36 +01:00
Michał Trojnara
db559c4769
code simplification
...
Avoid re-implementing common library functions.
2018-12-08 21:55:15 +01:00
Michał Trojnara
2e9113cd41
code deduplication and cleanup
2018-12-08 16:56:29 +01:00
Michał Trojnara
642a290343
more consistent code formatting and indentation
2018-12-05 22:59:41 +01:00
Michał Trojnara
687bd91531
corrected OpenSSL version checks
2018-11-22 08:33:44 +01:00
Michał Trojnara
1f9f8df126
ported to OpenSSL 1.1.x
2018-11-22 07:54:27 +01:00
Per Allansson
e72a1937d1
fixed Windows / Cygwin / MinGW compile
2015-08-31 23:03:58 +02:00
Per Allansson
4ef0e54438
guard against missing defs of TRUE/FALSE
2015-08-31 20:15:01 +02:00
Per Allansson
df25781578
added -noverifypeer option to timestamping
2015-07-07 21:07:42 +02:00
Cory Fields
3be7eb1676
add the attach-signature command
...
Combine a previously extracted signature with an unsigned file and output a
valid, signed result. Accepts binary or pem pkcs7 inputs.
This is helpful for a deterministic build process, where the signer is only
required to provide a detached signature and users or other builders can use
it to create an otherwise deterministic binary.
2015-06-18 17:19:05 -04:00
Cory Fields
36715c1183
add the -pem option in extract-signature mode
...
This changes the extracted output to plaintext PEM format.
2015-06-18 17:18:44 -04:00
Per Allansson
59a42c66b6
Improved error reporting for timestamping errors (patch from Carlo Teubner)
2015-03-10 20:30:50 +01:00
Per Allansson
afd5c5177d
added ability to add an unauthenticated blob a signed PE file (patch from Scott Piper)
2015-03-07 20:25:30 +01:00
Per Allansson
80b92fd778
fixed double free
2015-03-07 08:23:06 +01:00
Per Allansson
50b66a1eb4
pkcs11: don't hardcode pkcs11 engine path - use -pkcs11engine + -pkcs11module args instead
2015-03-06 22:00:48 +01:00
Leif Johansson
89af05898e
pkcs11 support - initial version
2015-02-26 14:07:00 +01:00
Per Allansson
5677522790
verify: print cert serialno as well
2015-01-14 14:49:14 +01:00
Per Allansson
0c15ccc4db
speed up checksum calculation (patch from Veselin Georgiev)
2015-01-06 09:08:26 +01:00
Per Allansson
a912601140
version 1.7.1
2014-07-11 06:55:08 +02:00
Mikkel Krautz
6b9774f6bc
Remove reference to exsig in msi_verify_pkcs7 to fix the -DGSF_CAN_READ_METADATA build.
...
This was broken due to the refactoring that happened during
the introduction of nested signature support.
2014-07-11 06:46:58 +02:00
Mikkel Krautz
180a775702
Add sanity check for the potentially 'dangerous' combination of -add-msi-dse and -nest.
...
We don't want osslsigncode to emit bad signatures when we can avoid it.
2014-07-10 23:47:13 +02:00
Mikkel Krautz
d0c5b350e9
Remove NO_MSI_DIGITALSIGNATUREEX ifndefs.
2014-07-10 23:09:41 +02:00
Mikkel Krautz
ec3d58ad4b
Add the MSI-specific flag '-add-msi-se' to the 'sign' command for explicitly adding a MsiDigitalSignatureEx section.
2014-07-10 23:01:48 +02:00
Per Allansson
9fa7e17770
version 1.7
2014-07-10 07:42:02 +02:00
Per Allansson
71838d3242
Fix a couple of GCC warnings
2014-07-10 07:33:53 +02:00
Mikkel Krautz
0b0be2f97b
Disable the addition of MsiDigitalSignatureEx when signing MSI files. It does not work well with nested signatures.
2014-07-09 20:39:28 +02:00
Mikkel Krautz
fe7dd0076e
Fix leaf hash corruption when verifying nested signatures.
2014-07-06 12:15:18 +02:00
Mikkel Krautz
a4544a1f74
Add support for nested signing and verifying nested signatures for MSI files.
2014-07-06 12:15:01 +02:00
Mikkel Krautz
2fee516164
Add support for nested signing for PE files.
2014-07-06 11:54:39 +02:00
Per Allansson
03848a9c60
removed unused variable
2014-06-03 09:13:06 +02:00
Per Allansson
f4e78ea7f7
Add OpenSSL exception in license
2014-06-03 09:09:47 +02:00
Mikkel Krautz
598bab9632
Add support for verifying nested signatures in PE files.
2014-06-03 09:00:54 +02:00
Per Allansson
6fa669a97e
fix compilation problem with OpenSSL < 1.0.0
2014-01-24 09:13:34 +01:00
Per Allansson
4d458d2dd0
version 1.6
2014-01-21 15:31:32 +01:00
Per Allansson
82e01036b0
add support for '-askpass' and '-readpass <file>'
2014-01-21 15:28:42 +01:00
Per Allansson
f6bc75bdc6
support running osslsigncode on Windows
2014-01-21 13:58:44 +01:00
