Friday, January 16, 2009

Authenticode signing of windows binary from non-windows platform

After I switched OS for my development from Windows to Mac, I always try to find options that minimize the need for starting Windows on VirtualBox. I had to use Windows for digitally signing exes and dlls. Today I found osslsigncode to sign windows binaries on non-windows platform. One less reason to boot Windows and it is much quicker than on Windows :) Here is how I did it on Mac: 1. Download source zip, unzip, compile and install osslsigncode from http://sourceforge.net/projects/osslsigncode/
cd osslsigncode-1.3 ./configure make make install
2. Generate spc and private key files in DER format from .p12 file
openssl pkcs12 -in CodeSigning.p12 -nokeys -clcerts -out CodeSigning-CL.crt.pem openssl pkcs12 -in CodeSigning.p12 -nokeys -cacerts -out CodeSigning-CA.crt.pem openssl pkcs12 -in CodeSigning.p12 -nocerts -nodes -out CodeSigning-CL.key.pem openssl crl2pkcs7 -certfile CodeSigning-CL.crt.pem -certfile CodeSigning-CA.crt.pem -nocrl -outform DER -out CodeSigning-CL.spc.der openssl rsa -in CodeSigning-CL.key.pem -outform DER -out CodeSigning-CL.key.der
3. Now sign the binary
osslsigncode -spc CodeSigning-CL.spc.der -key CodeSigning-CL.key.der -n "Description" -i "http://www.mydomain.com" -in file.dll -out signed-file.dll
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)