发表新帖
发表新帖

signtool failing to dual sign SHA2 and SHA1 with timestamps

前端 未结
关注
7 1945
一个人的身影
一个人的身影 2020-12-08 00:45

We need to dual sign our binaries with SHA1 and SHA2 using signtool.exe, our certificate supports 256-bit SHA2.

Using the Windows 8 SDK\'s signtool:

e.g.:

7条回答
  • 夕颜
    夕颜 (楼主)
    2020-12-08 01:43

    I think this link has some nice pointers. Some of it is mentioned in the answer by martin_costello, but this article provides some more details. In particular:

    • 'Dual signing and include an SHA1 file digest' is possible if you sign SHA1 first, and use /as for the SHA256. It only works with signtool v6.3 from the Windows 8.1 SDK (or later) though.
    • Dual signing with 'a FULL SHA1 signature', needed for windows version before XP sp3, requires 2 different certificates.

    (I haven't tested all this myself though.)

    0 讨论(0)
 看不清?
提交回复
热议问题