From eaf400b088c147042457a15bd4a3d44941e86cb0 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Fri, 12 Jun 2020 01:44:14 +0200
Subject: Windows: Update IDRIX SHA-1 code signing certificate to latest one.

---
 src/Common/Dlgcode.c                               |  12 ++++-----
 .../DigiCert_Assured_ID_Code_Signing_CA.cer        | Bin 0 -> 1703 bytes
 src/Signing/DigiCert_Assured_ID_MS_Cross_Cert.crt  |  30 +++++++++++++++++++++
 .../DigiCert_High_Assurance_Code_Signing_CA.cer    | Bin 1734 -> 0 bytes
 .../DigiCert_High_Assurance_MS_Cross_Cert.crt      |  30 ---------------------
 src/Signing/sign.bat                               |   6 ++---
 6 files changed, 39 insertions(+), 39 deletions(-)
 create mode 100644 src/Signing/DigiCert_Assured_ID_Code_Signing_CA.cer
 create mode 100644 src/Signing/DigiCert_Assured_ID_MS_Cross_Cert.crt
 delete mode 100644 src/Signing/DigiCert_High_Assurance_Code_Signing_CA.cer
 delete mode 100644 src/Signing/DigiCert_High_Assurance_MS_Cross_Cert.crt

(limited to 'src')

diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c
index 17a2f3fd..fe23deaf 100644
--- a/src/Common/Dlgcode.c
+++ b/src/Common/Dlgcode.c
@@ -381,12 +381,12 @@ static WTHELPERGETPROVSIGNERFROMCHAIN WTHelperGetProvSignerFromChainFn = NULL;
 static WTHELPERGETPROVCERTFROMCHAIN WTHelperGetProvCertFromChainFn = NULL;
 
 static unsigned char gpbSha1CodeSignCertFingerprint[64] = {
-	0x64, 0x4C, 0x59, 0x15, 0xC5, 0xD4, 0x31, 0x2A, 0x73, 0x12, 0xC4, 0xA6,
-	0xF2, 0x2C, 0xE8, 0x7E, 0xA8, 0x05, 0x53, 0xB5, 0x99, 0x9A, 0xF5, 0xD1,
-	0xBE, 0x57, 0x56, 0x3D, 0x2F, 0xCA, 0x0B, 0x2F, 0xEF, 0x57, 0xFB, 0xA0,
-	0x03, 0xEF, 0x66, 0x4D, 0xBF, 0xEE, 0x25, 0xBC, 0x22, 0xDD, 0x5C, 0x15,
-	0x47, 0xD6, 0x6F, 0x57, 0x94, 0xBB, 0x65, 0xBC, 0x5C, 0xAA, 0xE8, 0x80,
-	0xFB, 0xD0, 0xEF, 0x00
+	0x97, 0xE3, 0x36, 0xE0, 0x45, 0x21, 0xE9, 0x8A, 0xA7, 0xEA, 0xE8, 0x68,
+	0x4A, 0x56, 0x02, 0xB2, 0xE7, 0x63, 0x59, 0x3A, 0x37, 0x03, 0x64, 0xC3,
+	0x7D, 0xBF, 0xF8, 0x19, 0xDB, 0x39, 0x57, 0x41, 0x55, 0x00, 0x9C, 0xBE,
+	0xFE, 0xA3, 0xBC, 0x0F, 0xE3, 0xD8, 0x34, 0x2D, 0x2F, 0xB4, 0x80, 0xBE,
+	0xDD, 0xEA, 0xA7, 0xDB, 0xAD, 0x53, 0x07, 0x71, 0x1A, 0x12, 0x42, 0xB4,
+	0xE9, 0x65, 0xA5, 0x61
 };
 
 typedef HRESULT (WINAPI *SHGETKNOWNFOLDERPATH) (
diff --git a/src/Signing/DigiCert_Assured_ID_Code_Signing_CA.cer b/src/Signing/DigiCert_Assured_ID_Code_Signing_CA.cer
new file mode 100644
index 00000000..46fe7f38
Binary files /dev/null and b/src/Signing/DigiCert_Assured_ID_Code_Signing_CA.cer differ
diff --git a/src/Signing/DigiCert_Assured_ID_MS_Cross_Cert.crt b/src/Signing/DigiCert_Assured_ID_MS_Cross_Cert.crt
new file mode 100644
index 00000000..a63e06ec
--- /dev/null
+++ b/src/Signing/DigiCert_Assured_ID_MS_Cross_Cert.crt
@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFNDCCAxygAwIBAgIKYRyyigAAAAAAJjANBgkqhkiG9w0BAQUFADB/MQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe
+MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSkwJwYDVQQDEyBNaWNyb3Nv
+ZnQgQ29kZSBWZXJpZmljYXRpb24gUm9vdDAeFw0xMTA0MTUxOTQxMzdaFw0yMTA0
+MTUxOTUxMzdaMGUxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMx
+GTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xJDAiBgNVBAMTG0RpZ2lDZXJ0IEFz
+c3VyZWQgSUQgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AK0OFc7kQ4BcsYfzt2D5cRKlrtwmlIiq9M71IDkoWGAM+IDaqRWVMmE8tbEohIqK
+3J8KDIMXeo+QrIrneVNcMYQq9g+YMjZ2zN7dPKii72r7IfJSYd+fINcf4rHZ/hhk
+0hJbX/lYGDW8R82hNvlrf9SwOD7BG8OMM9nYLxj+KA+zp4PWw25EwGE1lhb+WZyL
+dm3X8aJLDSv/C3LanmDQjpA1xnhVhyChz+VtCshJfDGYM2wi6YfQMlqiuhOCEe05
+F52ZOnKh5vqk2dUXMXWuhX0irj8BRob2KHnIsdrkVxfEfhwOsLSSplazvbKX7aqn
+8LfFqD+VFtD/oZbrCF8Yd08CAwEAAaOByzCByDARBgNVHSAECjAIMAYGBFUdIAAw
+CwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEXroq/0ksuC
+MS1Ri6enIZ3zbcgPMB8GA1UdIwQYMBaAFGL7CiFbf0NuEdoJVFBr9dKWcfGeMFUG
+A1UdHwROMEwwSqBIoEaGRGh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvY3Js
+L3Byb2R1Y3RzL01pY3Jvc29mdENvZGVWZXJpZlJvb3QuY3JsMA0GCSqGSIb3DQEB
+BQUAA4ICAQBc9bItAs7tAbU1EtgT96pAFMehXKCKVe1+VepqxFcXb9BHIkI2WO/F
+rGHF9ixSzmrmyA2F2rM0Qg6kAiUYJnK5Kk6lfksW8qDkDESc4k2a9HTw+SemaZAx
+wkRlQ0jHSGnQ/IQJ8oYUCsIploV/EeuHExdu0+xr/x1XirF7HqWgfOmiemjl+sax
+YdZyY/o3kWODVZn4HWFPDG+j97yxFSrMjYXjFBfvfklEP7AiwPCsvi/b4QyGsPRY
+XFoQqUvN80SKRlIIPgpiEOlFlQS3i41LB09QDbe75/uMonh4xsU7dmOyz+UhhFpm
+/OBMeYNOz6jucAWGWHzCnNc8o608fnZiXIfQ7XzVxVsUIfS+daJ10unhWtAgMHhB
+Yk1rXm4bFxAkSthYh3XQFddiu/0YVmWEJWGXf6rUnfTzXW2gMcLhngKsPpDDMn7o
+MpA0FtCLFM+VrM7ljFSiZbi/7RhqVwc+0+eaSi8IGgQcSYcaiuYbCKNl2BwxxQ2c
+urNo3fRQdhYGdf7EA+fRPt/chi4QAn5mEpZTTnrzNlh5sSBC2JY/Nb4/jvKZl0P1
+5AzhPGhyjI1J11pStXP7ejWUOmGwhILASIXBlzLTm3JfoNI0j37wRnzyjHKUxwew
+17WyMLgZZfCcgyewoKvQonJ+BQ+zrt25W5tCvMMmY0VrhvEdRkPtyA==
+-----END CERTIFICATE-----
diff --git a/src/Signing/DigiCert_High_Assurance_Code_Signing_CA.cer b/src/Signing/DigiCert_High_Assurance_Code_Signing_CA.cer
deleted file mode 100644
index cddf4d07..00000000
Binary files a/src/Signing/DigiCert_High_Assurance_Code_Signing_CA.cer and /dev/null differ
diff --git a/src/Signing/DigiCert_High_Assurance_MS_Cross_Cert.crt b/src/Signing/DigiCert_High_Assurance_MS_Cross_Cert.crt
deleted file mode 100644
index c42e0fc2..00000000
--- a/src/Signing/DigiCert_High_Assurance_MS_Cross_Cert.crt
+++ /dev/null
@@ -1,30 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIFOzCCAyOgAwIBAgIKYSBNtAAAAAAAJzANBgkqhkiG9w0BAQUFADB/MQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe
-MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSkwJwYDVQQDEyBNaWNyb3Nv
-ZnQgQ29kZSBWZXJpZmljYXRpb24gUm9vdDAeFw0xMTA0MTUxOTQ1MzNaFw0yMTA0
-MTUxOTU1MzNaMGwxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMx
-GTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xKzApBgNVBAMTIkRpZ2lDZXJ0IEhp
-Z2ggQXNzdXJhbmNlIEVWIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQDGzOVz5vvUu+UtLTKm3+WBP8nNJUm2cSrD1ZQ0Z6IKHLBfaaZAscS3
-so/QmKSpQVk609yU1jzbdDikSsxNJYL3SqVTEjju80ltcZF+Y7arpl/DpIT4T2JR
-vvjF7Ns4kuMG5QiRDMQoQVX7y1qJFX5x6DW/TXIJPb46OFBbdzEbjbPHJEWap6xt
-ABRaBLe6E+tRCphBQSJOZWGHgUFQpnlcid4ZSlfVLuZdHFMsfpjNGgYWpGhz0DQE
-E1yhcdNafFXbXmThN4cwVgTlEbQpgBLxeTmIogIRfCdmt4i3ePLKCqg4qwpkwr9m
-XZWEwaElHoddGlALIBLMQbtuC1E4uEvLAgMBAAGjgcswgcgwEQYDVR0gBAowCDAG
-BgRVHSAAMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSx
-PsNpA/i/RwHUmCYaCALvY2QrwzAfBgNVHSMEGDAWgBRi+wohW39DbhHaCVRQa/XS
-lnHxnjBVBgNVHR8ETjBMMEqgSKBGhkRodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20v
-cGtpL2NybC9wcm9kdWN0cy9NaWNyb3NvZnRDb2RlVmVyaWZSb290LmNybDANBgkq
-hkiG9w0BAQUFAAOCAgEAIIzBWe1vnGstwUo+dR1FTEFQHL2A6tmwkosGKhM/Uxae
-VjlqimO2eCR59X24uUehCpbC9su9omafBuGs0nkJDv083KwCDHCvPxvseH7U60sF
-YCbZc2GRIe2waGPglxKrb6AS7dmf0tonPLPkVvnR1IEPcb1CfKaJ3M3VvZWiq/GT
-EX3orDEpqF1mcEGd/HXJ1bMaOSrQhQVQi6yRysSTy3GlnaSUb1gM+m4gxAgxtYWd
-foH50j3KWxiFbAqG7CIJG6V0NE9/KLyVSqsdtpiwXQmkd3Z+76eOXYT2GCTL0W2m
-w6GcwhB1gP+dMv3mz0M6gvfOj+FyKptit1/tlRo5XC+UbUi3AV8zL7vcLXM0iQRC
-ChyLefmj+hfv+qEaEN/gssGV61wMBZc7NT4YiE3bbL8kiY3Ivdifezk6JKDV39Hz
-ShqX9qZveh+wkKmzrAE5kdNht2TxPlc4A6/OetK1kPWu3DmZ1bY8l+2myxbHfWsq
-TJCU5kxU/R7NIOzOaJyHWOlhYL7rDsnVGX2f6Xi9DqwhdQePqW7gjGoqa5zj52W8
-vC08bdwE3GdFNjKvBIG8qABuYUyVxVzUjo6fL8EydL29EWUDB83vt14CV9qG1Boo
-NK+ISbLPpd2CVm9oqhTiWVT+/+ru7+qScCJggeMlI8CfzA9JsjWqWMM6w9kWlBA=
------END CERTIFICATE-----
diff --git a/src/Signing/sign.bat b/src/Signing/sign.bat
index 30058bc6..fb6333c3 100644
--- a/src/Signing/sign.bat
+++ b/src/Signing/sign.bat
@@ -9,8 +9,8 @@ call "..\..\doc\chm\create_chm.bat"
 cd %SIGNINGPATH%
 
 rem sign using SHA-1
-signtool sign /v /sha1 1FE67EF0455A9CC11433542FEC0A86DDD644B405 /ac DigiCert_High_Assurance_MS_Cross_Cert.crt /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys"
-signtool sign /v /sha1 1FE67EF0455A9CC11433542FEC0A86DDD644B405 /ac DigiCert_High_Assurance_Code_Signing_CA.cer /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe"
+signtool sign /v /sha1 85aa2e55cfb9c38fe474c58b38e9521450cd9306 /ac DigiCert_Assured_ID_MS_Cross_Cert.crt /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys"
+signtool sign /v /sha1 85aa2e55cfb9c38fe474c58b38e9521450cd9306 /ac DigiCert_Assured_ID_Code_Signing_CA.cer /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe"
 
 timeout /t 10
 
@@ -58,7 +58,7 @@ rmdir /S /Q docs
 cd %SIGNINGPATH%
 
 rem sign using SHA-1
-signtool sign /v /sha1 1FE67EF0455A9CC11433542FEC0A86DDD644B405 /ac DigiCert_High_Assurance_Code_Signing_CA.cer /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt Setup %VC_VERSION%.exe" "..\Release\Setup Files\VeraCrypt Portable %VC_VERSION%.exe"
+signtool sign /v /sha1 85aa2e55cfb9c38fe474c58b38e9521450cd9306 /ac DigiCert_Assured_ID_Code_Signing_CA.cer /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt Setup %VC_VERSION%.exe" "..\Release\Setup Files\VeraCrypt Portable %VC_VERSION%.exe"
 
 timeout /t 10
 
-- 
cgit v1.2.3