nhyatt/osslsigncode
1
0
Fork 0
mirror of https://github.com/mtrojnar/osslsigncode.git synced 2025-04-05 09:08:04 -05:00
Code Issues Projects Releases Wiki Activity
493 Commits 1 Branch 10 Tags
Commit Graph

493 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mikkel Krautz
b96f440b03 PE, MSI: implement -require-leaf-hash for CMD_VERIFY. 2013-07-04 21:02:00 +02:00
Mikkel Krautz
30ee6536c4 MSI: add support for extracting signatures. 2013-07-04 21:01:28 +02:00
Mikkel Krautz
bb65ac4d42 MSI: add support for verifying the signatures of MSI files. 2013-07-04 21:00:23 +02:00
Mikkel Krautz
9904aea27f MSI: add support for remove-signature. 2013-07-04 20:55:31 +02:00
Per Allansson
31facc400d add support for adding additional/cross certificates through -ac option 2013-06-15 09:06:51 +02:00
Mikkel Krautz
a3bc0a4576 MSI: Add support for MsiDigitalSignatureEx signature 2013-04-29 07:46:39 +02:00
Mikkel Krautz
5e811c5825 output hierarchical MSIs correctly 2013-04-28 22:21:54 +02:00
Per Allansson
11cc989cf6 ... and use correct index 2013-04-11 19:43:30 +02:00
Per Allansson
190d3e68dd added support for giving multiple timestamp servers as arguments - first one that succeeds will be used 2013-04-11 19:12:55 +02:00
Per Allansson
c6c234948c valgrind:ed - although everything libgsf-related was ignored... 2013-03-13 20:31:10 +01:00
Per Allansson
f4691ca996 Added support for page hashing (-ph option) 2013-03-13 19:01:58 +01:00
Per Allansson
4fd51c0d7d fixed page hash verification 2013-03-13 17:43:06 +01:00
Per Allansson
4944e9cf46 removed old obsolete hack 2013-03-13 17:28:35 +01:00
Per Allansson
e8bd3c3b68 added support for sha384 and sha512 2013-03-13 17:24:54 +01:00
Per Allansson
9152c925c0 Page hash verification now works 
Had it right from the start, but messed up the python script...
 2013-03-12 20:43:54 +01:00
Per Allansson
0494a7ceb1 1.5.1... 2013-03-12 08:30:10 +01:00
Per Allansson
3bbf757ca4 bump 2013-03-12 07:37:39 +01:00
Per Allansson
3e97269d4e working RFC3161 timestamping 2013-03-11 22:06:41 +01:00
Per Allansson
d4392c2167 - added support for reading certificates from PEM files 
- fixed compiler warnings
- renamed option -spc to -certs
- no need for -pvk option since we can detect pvk files anyway
- updated docs to reflect changes
- added simple test script
- updated RFC3161 timestamping (but still does not result in valid signature)
 2013-03-11 20:12:45 +01:00
Per Allansson
58750a5265 added preliminary support for RGC3161 timestamping 2013-03-10 21:51:56 +01:00
Per Allansson
9b604211e7 Added small python script which can be used to calculate & experiment 
with Authenticode page hashes. Calculating everything but the first
page hash seems to be working and is straightforward. If anyone knows
how this is done, p-p-p-please let me know.
 2013-03-10 17:32:09 +01:00
Per Allansson
e0cf24f1d5 warn if digest doesn't match 2013-03-10 17:30:01 +01:00
Per Allansson
4e11a04ed3 need to recreate BIO mem buf object each time we want to use it 2013-03-08 18:08:51 +01:00
Per Allansson
4fccd43521 verify now also extracts the page hash 2013-03-08 18:08:14 +01:00
Per Allansson
9817812d17 GPLv3 2013-03-08 18:00:46 +01:00
Per Allansson
a4f4729bef doc updates 2013-03-08 18:00:25 +01:00
Per Allansson
f10f5d88ad add support for reading keys from PVK files - requires OpenSSL >= 1.0.0 2013-03-08 17:59:55 +01:00
Per Allansson
9fb9e1503c Added support for removing/extracting/verifying signature on PE files 2013-03-07 22:43:18 +01:00
Per Allansson
bb7c430b8f Mention MSI support in docs 2013-03-07 08:23:36 +01:00
Per Allansson
d16acb6019 - improved checks for valid PE file 
- initialize OpenSSL before we use it
- updated documentation links
- fixed bug in MSI merge (missing CAB OBJID set)
- reindentation + Emacs settings for it
- fixed various warnings
 2013-03-07 08:03:39 +01:00
Per Allansson
b34b3b67e7 fixed merge fail 2013-03-07 07:36:27 +01:00
Per Allansson
2d8764f8f9 Merge remote-tracking branch 'elmarco/master' 2013-03-07 07:31:33 +01:00
Per Allansson
09c664791b Calculate correct PE checksum instead of setting it to 0. 
Patch provided by Roland Schwingel.
 2013-03-07 07:26:56 +01:00
Marc-André Lureau
a1abd3f11f Add MSI signing 
I have tested signing with various MSI files, but I wouldn't be
surprised if we have to refine a little bit the hashing order.

It took me a while to realize that they probably just memcmp the utf16
OLE directory entry name, and take them in order... I got confused
because libgsf uses utf8, and the stream name themself are weirdly
encoded to pack them in utf16, making it hard to understand why a
stream name "FO"<"AA" but "FA">"AA", anyway...
 2013-03-06 23:49:23 +01:00
Marc-André Lureau
0c6c7f042f Use an enum for file type 2013-03-05 11:50:38 +01:00
Marc-André Lureau
7dd6c8d3aa build-sys: remove generated file 2013-03-05 11:50:35 +01:00
Marc-André Lureau
24c95a1338 build-sys: link with libgsf optionnally 2013-03-05 11:50:14 +01:00
Per Allansson
7485a6b7a4 Fixed problem with not being able to decode timestamp with no newlines 2013-02-19 21:53:19 +01:00
Per Allansson
902962ff56 Removed generated files and added autogen.sh 2013-02-19 21:52:05 +01:00
Per Allansson
a755c2e4f6 Added .gitignore 2013-02-19 21:49:50 +01:00
Per Allansson
fdecbbe5dc Correct email address 2013-02-19 21:48:46 +01:00
Per Allansson
af82a27bff Whitespace/Indentation cleanup 2013-02-19 21:47:47 +01:00
Per Allansson
6aa4280d84 Initial commit of osslsigncode 1.4 2013-02-17 10:16:25 +01:00