Closed se4n01 closed 2 years ago
I've fixed an issue with EC key in f8688bff, could you try again with the latest code on the master branch?
@ebourg Was getting this error with jsign 4.0 (Win10, Java8, Google Cloud HSM). Built against master and I get a successful signature
$ java -jar $HOME\Downloads\jsign-4.0.jar --storetype GOOGLECLOUD ... .\test-setup.exe
Adding Authenticode signature to .\test-setup.exe
jsign: Couldn't sign .\test-setup.exe
java.lang.IllegalArgumentException: Unknown signature type requested: SHA256WITHEC
at net.jsign.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder.generate(Unknown Source)
at net.jsign.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder.find(Unknown Source)
at net.jsign.bouncycastle.operator.jcajce.JcaContentSignerBuilder.<init>(Unknown Source)
at net.jsign.AuthenticodeSigner.createSignedDataGenerator(AuthenticodeSigner.java:407)
at net.jsign.AuthenticodeSigner.createSignedData(AuthenticodeSigner.java:370)
at net.jsign.AuthenticodeSigner.sign(AuthenticodeSigner.java:342)
at net.jsign.SignerHelper.sign(SignerHelper.java:506)
at net.jsign.JsignCLI.execute(JsignCLI.java:116)
at net.jsign.JsignCLI.main(JsignCLI.java:40)
$ java -jar $HOME\jsign\jsign\target\jsign-4.1-SNAPSHOT.jar --storetype GOOGLECLOUD ... .\test-setup.exe
Adding Authenticode signature to .\test-setup.exe
@devsibwarra Thank you for the feedback!
@ebourg yes that works beautifully! Well done all - I guess this issue can close since it is solved nicely in 4.1+
Im trying to sign a binary with an ECC token and I get
$ jsign -s jsign.conf --storetype PKCS11 --storepass XXXXXXX -a "myorg" ./exe.exe Adding Authenticode signature to ./exe.exe jsign: Couldn't sign ./exe.exe java.lang.IllegalArgumentException: Unknown signature type requested: SHA256WITHEC at net.jsign.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder.generate(Unknown Source) at net.jsign.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder.find(Unknown Source) at net.jsign.bouncycastle.operator.jcajce.JcaContentSignerBuilder.(Unknown Source)
at net.jsign.AuthenticodeSigner.createSignedDataGenerator(AuthenticodeSigner.java:407)
at net.jsign.AuthenticodeSigner.createSignedData(AuthenticodeSigner.java:370)
at net.jsign.AuthenticodeSigner.sign(AuthenticodeSigner.java:342)
at net.jsign.SignerHelper.sign(SignerHelper.java:506)
at net.jsign.JsignCLI.execute(JsignCLI.java:116)
at net.jsign.JsignCLI.main(JsignCLI.java:40)
Try `jsign --help' for more information.
I suspect this is an issue in that jsign is only supporting RSA since SHA256WITHEC makes no sense.