gpt4 book ai didi

windows - Signtool.exe 成功,但向文件添加了零个签名

转载 作者:行者123 更新时间:2023-12-03 11:07:37 32 4
gpt4 key购买 nike

我正在编写自定义 CNG 提供程序( key 存储提供程序)以允许在 Signtool.exe 中使用我们的私有(private) HSM API 进行签名我在我的 CNG 提供程序中实现了 API,并成功安装在我的 Windows 10 系统中。

命令:

signtool.exe sign /v /debug /f cert.cer /csp "Sample Key Storage Provider" /k "keyid" /t http://timestamp.digicert.com /fd sha256 helloworld.exe

Signtool.exe 成功并返回代码 0,但最终没有向文件添加签名。

验证输出:

signtool.exe verify /v /pa helloworld.exe

Verifying: helloworld.exe
Signature Index: 0 (Primary Signature)
Hash of file (sha256): 3338A11DDAB9CBB7B39E65C30F235C2DF8EDE17BB5BE759A3213D25EC286F390

Signing Certificate Chain:
Issued to: Sample Certificate Authority
Issued by: Sample Certificate Authority
Expires: Fri Feb 07 21:37:36 2070
SHA1 hash: 2B5B37DADFCBD018BDB2789176A69708FFCA25E0

Issued to: Sample test certificate
Issued by: Sample Certificate Authority
Expires: Thu May 28 13:40:10 2020
SHA1 hash: A679DF5E89B9C23E57E89AEB434CA98230F52DC3

The signature is timestamped: Sun Mar 29 16:44:01 2020
Timestamp Verified by:
Issued to: DigiCert Assured ID Root CA
Issued by: DigiCert Assured ID Root CA
Expires: Sun Nov 09 17:00:00 2031
SHA1 hash: 0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43

Issued to: DigiCert SHA2 Assured ID Timestamping CA
Issued by: DigiCert Assured ID Root CA
Expires: Tue Jan 07 05:00:00 2031
SHA1 hash: 3BA63A6E4841355772DEBEF9CDCF4D5AF353A297

Issued to: TIMESTAMP-SHA256-2019-10-15
Issued by: DigiCert SHA2 Assured ID Timestamping CA
Expires: Wed Oct 16 17:00:00 2030
SHA1 hash: 0325BD505EDA96302DC22F4FA01E4C28BE2834C5

SignTool Error: No signature found.

Number of files successfully Verified: 0
Number of warnings: 0
Number of errors: 1

但是,当我查看文件属性中的“数字签名”选项卡时,它确实显示了一个条目。当我选择条目时,它说“主题中没有签名”。

我在这里错过了什么?

最佳答案

signtool.exe sign 
/v
/debug
/f cert.cer
/csp "Sample Key Storage Provider"
/k "keyid"
/t http://timestamp.digicert.com
/fd sha256
helloworld.exe

documentation在使用 /f SignCertFile 时说:

  • 如果文件是.pfx,您必须使用/p来指定密码
  • 如果文件不包含私钥,您必须指定
    • /csp CSPName
    • /kc PrivKeyContainerName

我看到你确实指定了/csp:

/csp "Sample Key Storage Provider"

但是你没有指定/kc

我确实看到您指定了 /k - 这没什么。

关于windows - Signtool.exe 成功,但向文件添加了零个签名,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/60944672/

32 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com