VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Signing/sign.bat
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2016-01-16 16:50:33 +0100
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2016-01-17 10:52:26 +0100
commitdd1e62ebcd62338b2cf16ebab6157c9e74416a0e (patch)
treecf1e9e47539727c9c1db34c6a01a874e9d423ee8 /src/Signing/sign.bat
parenta6c6c3dc4abfbd0e55cd7f30d2b6645595840aea (diff)
downloadVeraCrypt-dd1e62ebcd62338b2cf16ebab6157c9e74416a0e.tar.gz
VeraCrypt-dd1e62ebcd62338b2cf16ebab6157c9e74416a0e.zip
Windows: Add SHA-256 EV Code Signing using the new GlobalSign certificate on top of the SHA-1 code signing. Create new SHA256 test code signing certificate and update test signing script.
Diffstat (limited to 'src/Signing/sign.bat')
-rw-r--r--src/Signing/sign.bat13
1 files changed, 7 insertions, 6 deletions
diff --git a/src/Signing/sign.bat b/src/Signing/sign.bat
index 8c1e3920..d1d6652f 100644
--- a/src/Signing/sign.bat
+++ b/src/Signing/sign.bat
@@ -1,12 +1,13 @@
PATH=%PATH%;%WSDK81%\bin\x86
rem sign using SHA-1
-signtool sign /v /a /n IDRIX /ac thawte_Primary_MS_Cross_Cert.cer /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys"
-signtool sign /v /a /n IDRIX /ac Thawt_CodeSigning_CA.crt /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe"
+signtool sign /v /a /n IDRIX /i Thawte /ac thawte_Primary_MS_Cross_Cert.cer /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys"
+signtool sign /v /a /n IDRIX /i Thawte /ac Thawt_CodeSigning_CA.crt /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe"
rem sign using SHA-256
-signtool sign /v /a /n IDRIX /ac thawte_Primary_MS_Cross_Cert.cer /as /fd sha256 /tr http://timestamp.geotrust.com/tsa "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys"
-signtool sign /v /a /n IDRIX /ac Thawt_CodeSigning_CA.crt /as /fd sha256 /tr http://timestamp.geotrust.com/tsa "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe"
+signtool sign /v /a /n "IDRIX SARL" /i GlobalSign /ac GlobalSign_Root_CA_MS_Cross_Cert.crt /as /fd sha256 /tr http://timestamp.globalsign.com/?signature=sha2 /td SHA256 "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys"
+signtool sign /v /a /n "IDRIX SARL" /i GlobalSign /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /as /fd sha256 /tr http://timestamp.globalsign.com/?signature=sha2 /td SHA256 "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe"
+
cd "..\Release\Setup Files\"
@@ -19,8 +20,8 @@ del *.xml
cd "..\..\Signing"
rem sign using SHA-1
-signtool sign /v /a /n IDRIX /ac Thawt_CodeSigning_CA.crt /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt Setup 1.16.exe"
+signtool sign /v /a /n IDRIX /i Thawte /ac Thawt_CodeSigning_CA.crt /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt Setup 1.16.exe"
rem sign using SHA-256
-signtool sign /v /a /n IDRIX /ac Thawt_CodeSigning_CA.crt /as /fd sha256 /tr http://timestamp.geotrust.com/tsa "..\Release\Setup Files\VeraCrypt Setup 1.16.exe"
+signtool sign /v /a /n "IDRIX SARL" /i GlobalSign /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /as /fd sha256 /tr http://timestamp.globalsign.com/?signature=sha2 /td SHA256 "..\Release\Setup Files\VeraCrypt Setup 1.16.exe"
pause