Closed wilx closed 1 year ago
Jsign can generate a detached PKCS#7 signature, but I don't think signver will be able to verify it. As I understand signver hashes the whole file, but an Authenticode signature hash may skip some parts of the file (such as the checksum field in a PE file, or the header in a MSI file).
Signing an entire file is what I want.
Another point worth noting, the object signed by Authenticode is a SpcIndirectDataContent structure containing the hash of the file. Unless signver knows how to build this structure it won't be able to verify the signature.
Is it possible to use this utility to sign arbitrary data file and produce PKCS#7 detached signature which would be verifiable via, e.g.,
signver
utility?