Announcement

Collapse
No announcement yet.

Code signing from Token

Collapse
This is a sticky topic.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    FYI, for others coming here. If you need more parameters on your signtool command, you will have to modify this helper batch file.

    For my use, previously, I signed files with:
    Code:
    signtool.exe sign /a /s my /t http://timestamp.verisign.com/scripts/timstamp.dll /v %1
    signtool.exe sign /a /s my /fd SHA256 /tr http://sha256timestamp.ws.symantec.com/sha256/timestamp /td sha256 /as /v %1
    to get this to work using SUF, I had to make the helper batch file as follows:

    Code:
    @ECHO OFF
    set adtl_args=%1 %2 %3 %4 %5
    shift
    shift
    shift
    shift
    shift
    /path/to/signtool.exe sign %adtl_args% %1 %2 %3 %4 %5 %6 %7
    This was because on the SHA-256 signing, each of my additional arguments setup below got passed as separate parameters to the batch file which pushed it over the max of 9 arguments without using the shift command.

    My SHA-1 additional arguments setup in SUF as:
    Code:
    /a /s my /v
    and my SHA-256 additional arguments setup in SUF as:
    Code:
    /a /s my /as /v /fd SHA256
    This re-orders the parameters being sent to signtool but it did still work.

    Comment


    • #17
      I have only just now got to catch up here.

      /a /t [SHA-1 timestaming url] [full path of *.tmp file]
      /
      a /tr [SHA-256 timestaming url] /td sha256 [full path of *.tmp file]

      Shouldn't that be "timestamping"?
      ArtistScope - Copy Protection & DRM Software

      Comment


      • #18
        Originally posted by StevenS View Post
        had to make the helper batch file as follows:
        Can you please post the complete .bat file?

        ArtistScope - Copy Protection & DRM Software

        Comment


        • #19
          Using the StevenS example I was getting an error... /d option requires a parameter. Yet I do have Description and Description URL set.

          The problem was too many parameters. So for SHA-256 I used...

          /a /as /v

          But I had to input the password twice, even though I didn't nominate SHA1... when I did do that I had to input password 4 times!
          Last edited by artistscope; 12-18-2020, 07:47 PM.
          ArtistScope - Copy Protection & DRM Software

          Comment

          Working...
          X