-
There are certain things we'd like to do as part of producing usable artifacts which are necessarily not executable in a hermetic context or easily reproducible, an example being authenticode signing …
-
Windows PE binaries also support codesigning and I think the mechanisms are very similar. I'm not 100% sold that support for signing windows binaries should be done in this tool, but wanted to at leas…
-
For Authenticode signing, having reliable version metadata can help with policy rules. We should add this data from something like a common props file for PSSA releases to allow use with locked-down e…
-
We should add the ability to capture Authenticode/SignerInfo data of a PE file object as a native component of the Windows Executable File Object.
-
Just a suggestion for NuGet package search - could you add an option to search only for packages that have been authenticode signed? Or maybe a sort option that allows signed packages to percolate up …
-
Authenticode signing would be best, PGP signing would be the next best, at the very least a SHA512 hash to verify the authenticity of the executable would be great.
-
https://github.com/ralphje/signify
http://signify.readthedocs.io/en/latest/fingerprinter.html
```
>>> with open("file", "rb") as f:
... fingerprinter = AuthenticodeFingerprinter(file_obj)
.…
-
### Is your feature request related to a problem? Please describe.
Signing executables at build time works really badly; but MS's own antivirus cares about signed files
### Describe the solution…
-
Follow up of https://github.com/xamarin/xamarin-macios/issues/3207
## Steps to Reproduce
1. Add a MD2 based X509 certificate if Mono's trust store
2. Run Mono.Security.dll unit tests
or try…
-
nc.exe from [int0x33/nc.exe](https://github.com/int0x33/nc.exe/) is signed and it is verified by signtool.
```
>signtool verify /pa nc.exe
File: nc.exe
Index Algorithm Timestamp
===============…