Software features
The original intention of developing this software: Although Microsoft's code signing tool, signcode, is wizard-based, it can only sign one file at a time, and there are repeated operations for signing multiple files; the signtool command line tool requires manual typing of commands for signature, which is more cumbersome. , puts forward certain requirements for users' DOS use. Among third-party tools, there are several domestic software that do well, but after using it, it is found that these software generally do not support the rfc3161 protocol and do not support key package files. For certificates containing private keys in the system, security is not high.
Function introduction
1. File to be signed: It is the file to be digitally signed, usually in PE format;
2. The key package file, with the suffix name pfx, can be obtained by exporting the certificate private key; if there is a password in the key package file, please fill it in. If there is no password, please leave it blank. Do not type spaces and other characters, otherwise it will be regarded as part of the password, and then causing the signature to fail;
3. Signtool.exe path: Specify the location of the signature program, which can be downloaded from Microsoft or obtained from third-party channels. The signtool GUI has provided the download address on the WoSign site; the program also has version 6.1 of signtool built-in;
4. Timestamp: If you choose a project marked with RFC3161, you need to select at least version 6.0 of signtool in an operating system of Vista or above to operate, otherwise the code signing will still be successful, but the signing timestamp will fail;
5. Cross certificate: There are instructions in the program, please use it under the guidance of professionals, otherwise the code signing will fail. Generally, users do not need to meet regularly, just leave it blank.
it works
it works
it works