usabrad86 Posted June 14, 2011 Share Posted June 14, 2011 (edited) i think found a new way to sign a our compiled exe files....(other then scripting.signer or signtool)You may need to download the CAPICOM redistributable from Microsoft:http://www.microsoft.com/downloads/en/details.aspx?FamilyID=860ee43a-a843-462f-abb5-ff88ea5896f6expandcollapse popup;~ --------------------------------- File Handling --------------------------------- If $CmdLine[0]<1 Then $TheFile = FileSaveDialog('Select File', @ScriptDir,"All (*.*)") Else $TheFile=$CmdLine[1] EndIf Sleep(1000) ;~ --------------------------------- Initialize Error Handler ------------------------ $oMyError = ObjEvent("AutoIt.Error","MyErrFunc") ;~ --------------------------------- Create COM objects ------------------------------ $oSignerCode = ObjCreate("CAPICOM.SignedCode.1") $oSigner = ObjCreate("CAPICOM.Signer.1") ;~ --------------------------------- Who Is Signing ---------------------------------- $oSigner.Load ("objectSignCert.p12", "certPassword") ;~ $oSigner.Options = CAPICOM.CAPICOM_CERTIFICATE_INCLUDE_OPTION.CAPICOM_CERTIFICATE_INCLUDE_END_ENTITY_ONLY ;~ --------------------------------- Sign it ----------------------------------------- $oSignerCode.FileName = $TheFile $desc = InputBox("Description","Add a Description.. EX.. My Project Name v.01") if not $desc = "" then $oSignerCode.Description = $desc $oSignerCode.Sign($oSigner) ;~ --------------------------------- TimeStampIt ------------------------------------- $oSignerCode.Timestamp("http://timestamp.verisign.com/scripts/timestamp.dll") ;~ --------------------------------- Clear Memory ------------------------------------ $oSignerCode = "" $oSigner = "" ;~ --------------------------------- Error Handling -------------------------------- Func MyErrFunc() Local $HexNumber=hex($oMyError.number,8) Msgbox(48,@ScriptName,"An error has been encountered" & @CRLF & @CRLF & _ " description: " & @TAB & $oMyError.description & @CRLF & _ " : " & @TAB & $oMyError.windescription & @CRLF & _ " error number: " & @TAB & $HexNumber & @CRLF & _ "last dllerror: " & @TAB & $oMyError.lastdllerror & @CRLF & _ " line number: " & @TAB & $oMyError.scriptline & @CRLF & _ " source: " & @TAB & $oMyError.source & @CRLF & _ " help file: " & @TAB & $oMyError.helpfile & @CRLF & _ " helpcontext: " & @TAB & $oMyError.helpcontext _ ) SetError(1) ;~ to check for after this function returns EndFunc ExitIve set this up as a drag and dropOnTo exe...i wanted to create this because i didn't wanna open up signtool.exe and do pointless clicking every time.and the scripting.signer.... Just doesn't do Time-stamping....let me know if theres a problemI got a little more info and stuff on this madderto only timestamp useing the capicom.dll (you can only timestamp the file after its been signed)expandcollapse popup;~ --------------------------------- File Handling --------------------------------- If $CmdLine[0]<1 Then $TheFile = FileSaveDialog('Select File', @ScriptDir,"All (*.*)") Else $TheFile=$CmdLine[1] EndIf if $TheFile= "" then exit(99) Sleep(1000) ;~ --------------------------------- Initialize Error Handler ------------------------ $oMyError = ObjEvent("AutoIt.Error","MyErrFunc") ;~ --------------------------------- Create COM objects ------------------------------ $oSignerCode = ObjCreate("CAPICOM.SignedCode.1") ;~ --------------------------------- What to Time Stamp ------------------------------ $oSignerCode.FileName = $TheFile ;~ --------------------------------- TimeStampIt ------------------------------------- $oSignerCode.Timestamp("http://timestamp.verisign.com/scripts/timestamp.dll") ;~ --------------------------------- Clear Memory ------------------------------------ $oSignerCode = "" ;~ --------------------------------- Error Handling -------------------------------- Func MyErrFunc() Local $HexNumber=hex($oMyError.number,8) Msgbox(48,@ScriptName,"An error has been encountered" & @CRLF & @CRLF & _ " description: " & @TAB & $oMyError.description & @CRLF & _ " : " & @TAB & $oMyError.windescription & @CRLF & _ " error number: " & @TAB & $HexNumber & @CRLF & _ "last dllerror: " & @TAB & $oMyError.lastdllerror & @CRLF & _ " line number: " & @TAB & $oMyError.scriptline & @CRLF & _ " source: " & @TAB & $oMyError.source & @CRLF & _ " help file: " & @TAB & $oMyError.helpfile & @CRLF & _ " helpcontext: " & @TAB & $oMyError.helpcontext _ ) SetError(1) ;~ to check for after this function returns EndFunc Exitso you can use the "Scripting.Signer" method to sign the file if you wanted too..for more info on the objects in the capicom.dll look athttp://msdn.microsoft.com/en-us/library/aa380254(v=VS.85).aspx Edited June 14, 2011 by usabrad86 Link to comment Share on other sites More sharing options...
shai Posted June 14, 2011 Share Posted June 14, 2011 (edited) the CAPICOM redistributable link is broken real link is: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=860ee43a-a843-462f-abb5-ff88ea5896f6 and http://timestamp.verisign.com/scripts/timestamp.dll says "File not found". i think you can use this: http://www.trustcenter.de/codesigning/timestamp Edited June 14, 2011 by shai Link to comment Share on other sites More sharing options...
Administrators Jon Posted June 14, 2011 Administrators Share Posted June 14, 2011 We sign the autoit exes by driving the signtool GUI which is a bit lame. I've never had the time to look at a scripted solution so this might be useful. Deployment Blog: https://www.autoitconsulting.com/site/blog/ SCCM SDK Programming: https://www.autoitconsulting.com/site/sccm-sdk/ Link to comment Share on other sites More sharing options...
usabrad86 Posted June 14, 2011 Author Share Posted June 14, 2011 http://timestamp.verisign.com/scripts/timestamp.dll says "File not found".i think you can use this:http://www.trustcenter.de/codesigning/timestampthe timestamp.dll from verisign is working for me... its not something you Download... its a link to there timestamper server. witch supplies a RCP connection to a Atomic ClockI suggest looking for the timestamp URL from the provider you got your SSL cert from...We sign the autoit exes by driving the signtool GUI which is a bit lame. I've never had the time to look at a scripted solution so this might be useful.Thanks Jon for showing interest in my script Link to comment Share on other sites More sharing options...
Valik Posted June 14, 2011 Share Posted June 14, 2011 We sign the autoit exes by driving the signtool GUI which is a bit lame. I've never had the time to look at a scripted solution so this might be useful.And I've always hated how we do it but it works and I've never been arsed to bother looking into a cleaner way. One of these days I'm going to set up a self-signed certificate just so I can sign my own personal binaries for UAC prompt purposes, maybe then when I get more familiar with how signing works I'll see a cleaner way. Link to comment Share on other sites More sharing options...
usabrad86 Posted June 14, 2011 Author Share Posted June 14, 2011 (edited) i figured i would give the scripting.signer version also expandcollapse popup;~ --------------------------------- File Handling --------------------------------- If $CmdLine[0]<1 Then $TheFile = FileSaveDialog('Select File', @ScriptDir,"All (*.*)") Else $TheFile=$CmdLine[1] EndIf if $TheFile= "" then exit(99) Sleep(1000) ; --------------------------------- Sign it ---------------------------------- $oSigner = ObjCreate("Scripting.Signer") $oSigner.SignFile ($TheFile, "***Put the name of your signature here***") $oSigner = "" ; --------------------------------- TimeStampIt ------------------------------ $oSignerCode = ObjCreate("CAPICOM.SignedCode.1") $oSignerCode.FileName = $TheFile $oSignerCode.Timestamp("http://timestamp.verisign.com/scripts/timestamp.dll") $oSignerCode = "" ;~ --------------------------------- Error Handling -------------------------------- Func MyErrFunc() Local $HexNumber=hex($oMyError.number,8) Msgbox(48,@ScriptName,"An error has been encountered" & @CRLF & @CRLF & _ " description: " & @TAB & $oMyError.description & @CRLF & _ " : " & @TAB & $oMyError.windescription & @CRLF & _ " error number: " & @TAB & $HexNumber & @CRLF & _ "last dllerror: " & @TAB & $oMyError.lastdllerror & @CRLF & _ " line number: " & @TAB & $oMyError.scriptline & @CRLF & _ " source: " & @TAB & $oMyError.source & @CRLF & _ " help file: " & @TAB & $oMyError.helpfile & @CRLF & _ " helpcontext: " & @TAB & $oMyError.helpcontext _ ) SetError(1) ;~ to check for after this function returns EndFunc Exit Edited June 14, 2011 by usabrad86 Link to comment Share on other sites More sharing options...
Syed23 Posted June 22, 2011 Share Posted June 22, 2011 i figured i would give the scripting.signer version also expandcollapse popup;~ --------------------------------- File Handling --------------------------------- If $CmdLine[0]<1 Then $TheFile = FileSaveDialog('Select File', @ScriptDir,"All (*.*)") Else $TheFile=$CmdLine[1] EndIf if $TheFile= "" then exit(99) Sleep(1000) ; --------------------------------- Sign it ---------------------------------- $oSigner = ObjCreate("Scripting.Signer") $oSigner.SignFile ($TheFile, "***Put the name of your signature here***") $oSigner = "" ; --------------------------------- TimeStampIt ------------------------------ $oSignerCode = ObjCreate("CAPICOM.SignedCode.1") $oSignerCode.FileName = $TheFile $oSignerCode.Timestamp("http://timestamp.verisign.com/scripts/timestamp.dll") $oSignerCode = "" ;~ --------------------------------- Error Handling -------------------------------- Func MyErrFunc() Local $HexNumber=hex($oMyError.number,8) Msgbox(48,@ScriptName,"An error has been encountered" & @CRLF & @CRLF & _ " description: " & @TAB & $oMyError.description & @CRLF & _ " : " & @TAB & $oMyError.windescription & @CRLF & _ " error number: " & @TAB & $HexNumber & @CRLF & _ "last dllerror: " & @TAB & $oMyError.lastdllerror & @CRLF & _ " line number: " & @TAB & $oMyError.scriptline & @CRLF & _ " source: " & @TAB & $oMyError.source & @CRLF & _ " help file: " & @TAB & $oMyError.helpfile & @CRLF & _ " helpcontext: " & @TAB & $oMyError.helpcontext _ ) SetError(1) ;~ to check for after this function returns EndFunc Exit Hi, Today i got an oportunicyt to download this code and i gave a try. but i am getting below messages. could you please help me? i have installed CAPICOM as well... Thank you,Regards,[font="Garamond"][size="4"]K.Syed Ibrahim.[/size][/font] Link to comment Share on other sites More sharing options...
Tlem Posted October 30, 2011 Share Posted October 30, 2011 (edited) May be it's late, but it can help someone else. The Capicom.dll must be regserved and the certificate must be installed in Windows certificate store. I have updated the code for signing with some error handler and some additions. expandcollapse popup; Digital Signatures and Timestamp ; This script is based on this links : ; <a href='http://www.autoitscript.com/forum/topic/66202-digital-code-signing-your-scrip' class='bbc_url' title=''>http://www.autoitscript.com/forum/topic/66202-digital-code-signing-your-scrip</a> ; <a href='http://www.autoitscript.com/forum/topic/129720-digital-signatures-and-timestamp-with-ssl-certificates' class='bbc_url' title=''>http://www.autoitscript.com/forum/topic/129720-digital-signatures-and-timestamp-with-ssl-certificates</a> ; The following are requested : ; The CapiCom.dll must be regserved in Windows system dir. ; The certificate must be installed in Windows certificate store. ; A web access (for TimeStamp). OnAutoItExitRegister("ExitFunc") Global $SrcFile = FileSaveDialog('Select File', @ScriptDir, "Au3 File (*.Au3)") If $SrcFile = "" Then Exit (0) Global $DateAndTime = @YEAR & @MON & @MDAY & "-" & @HOUR & @MIN & @SEC Global $DstFile = StringTrimRight($SrcFile, 4) & "_" & $DateAndTime & "_Signed.au3" Global $TmpFile = $SrcFile & $DateAndTime & ".vbs" Global $SignName = InputBox("Certificate Name", "Type the name of your certificate") If $SignName = "" Then Exit (0) If Not FileCopy($SrcFile, $TmpFile) Then Exit (0) EndIf ; Initialize error handler $oMyError = ObjEvent("AutoIt.Error", "MyErrFunc") ; --------------------------------- Sign it ---------------------------------- $oSigner = ObjCreate("Scripting.Signer") $oSigner.SignFile($TmpFile, $SignName) If @error then Exit $oSigner = "" ; --------------------------------- Sign it ---------------------------------- ; --------------------------------- TimeStampIt ------------------------------ If Ping("www.google.com", 250) Then $oSignerCode = ObjCreate("CAPICOM.SignedCode.1") $oSignerCode.FileName = $TmpFile $oSignerCode.Timestamp("<a href='http://timestamp.verisign.com/scripts/timestamp.dll' class='bbc_url' title='External link' rel='nofollow external'>http://timestamp.verisign.com/scripts/timestamp.dll</a>") If @error then Exit $oSignerCode = "" EndIf ; --------------------------------- TimeStampIt ------------------------------ If Not @error And FileMove($TmpFile, $DstFile) = 1 Then MsgBox(64 + 262144, "SignCode", "The file '" & $DstFile & "' have been created." & @TAB) Exit EndIf ; -------------------------------- Error handler ----------------------------- Func MyErrFunc() Local $HexNumber = Hex($oMyError.number, 8) MsgBox(48, @ScriptName, "An error has been encountered" & @CRLF & @CRLF & _ " description: " & @TAB & $oMyError.description & @CRLF & _ " : " & @TAB & $oMyError.windescription & @CRLF & _ " error number: " & @TAB & $HexNumber & @CRLF & _ "last dllerror: " & @TAB & $oMyError.lastdllerror & @CRLF & _ " line number: " & @TAB & $oMyError.scriptline & @CRLF & _ " source: " & @TAB & $oMyError.source & @CRLF & _ " help file: " & @TAB & $oMyError.helpfile & @CRLF & _ " helpcontext: " & @TAB & $oMyError.helpcontext _ ) SetError(1) ; to check for after this function returns EndFunc ;==>MyErrFunc ; -------------------------------- Error handler ----------------------------- ; -------------------------------- Exit Function ----------------------------- Func ExitFunc() If FileExists($TmpFile) Then FileDelete($TmpFile) EndIf Exit EndFunc ; -------------------------------- Exit Function ----------------------------- Exit ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;; Signature block follows ;;;;;;;; ;;;;;;;; Must be removed before compiling ;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Edited August 11, 2014 by Tlem Best Regards.Thierry Link to comment Share on other sites More sharing options...
prazetto Posted November 26, 2011 Share Posted November 26, 2011 Also make sure Internet Explorer setting are not working on offline mode. Go to Internet Explorer --> File --> make sure are Work Offline menu not be checked. This setting affected to: signcode.exe, capicom.dll and all application based on ie Or you will get this error: description : The timestamp server cannot be reached. error number : 80020009 last dllerror : 0 line number : 18 helpcontext : 0 # Button. Progressbar - Graphical AutoIt3 Control (UDF) # GTK on AutoIt3 - GTK+ Framework | Widgets cig computer instruction graphics http://code.hstn.me Link to comment Share on other sites More sharing options...
Tardis Posted August 11, 2014 Share Posted August 11, 2014 I know this Post is Old but im trying to use the Code posted via Tlem but I get this error - ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^ "sign1.au3"(33,205) : error: syntax error $oSignerCode.Timestamp("<a href='http://timestamp.verisign.com/scripts/timestamp.dll' class='bbc_url' title='External link' rel='nofollow external'>http://timestamp.verisign.com/scripts/timestamp.dll"</a>) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^ "sign1.au3"(33,204) : error: a(): undefined function. any help would be fantastic . Link to comment Share on other sites More sharing options...
Tlem Posted August 11, 2014 Share Posted August 11, 2014 (edited) Hi Tadis. It seems that there is a notation error. Move the double quote after </a> I have edited my previous example code. $oSignerCode.Timestamp("<a href='http://timestamp.verisign.com/scripts/timestamp.dll' class='bbc_url' title='External link' rel='nofollow external'>http://timestamp.verisign.com/scripts/timestamp.dll"</a>) should be $oSignerCode.Timestamp("<a href='http://timestamp.verisign.com/scripts/timestamp.dll' class='bbc_url' title='External link' rel='nofollow external'>http://timestamp.verisign.com/scripts/timestamp.dll</a>") Edited August 11, 2014 by Tlem Best Regards.Thierry Link to comment Share on other sites More sharing options...
Tardis Posted August 11, 2014 Share Posted August 11, 2014 (edited) Thanks Tlem - I was looking there as well just did not click in my head about the speech marks - at least that bit is fixed Problem now is I get this ? Edited August 11, 2014 by Tardis Link to comment Share on other sites More sharing options...
Tlem Posted August 11, 2014 Share Posted August 11, 2014 Have you this requirement? ; The following are requested : ; The CapiCom.dll must be regserved in Windows system dir. ; The certificate must be installed in Windows certificate store. ; A web access (for TimeStamp). Best Regards.Thierry Link to comment Share on other sites More sharing options...
Tardis Posted August 11, 2014 Share Posted August 11, 2014 Ah the CapiCom.dll was in C:Program Files (x86)Common Filesmicrosoft sharedCAPICOM not C:WindowsSystem32 the cert is in C:WindowsSystem32 web - i can get to ? I tyed again now I have this Link to comment Share on other sites More sharing options...
Tardis Posted August 11, 2014 Share Posted August 11, 2014 Ah think I just sorted it the problem - Delete old complie first ! - when I run the Exe The UAC still says Unknown Publisher ? Link to comment Share on other sites More sharing options...
Tlem Posted August 11, 2014 Share Posted August 11, 2014 I confirm that this script is very old. It was intented tu ran on AutoIt v3.3.8.x. And I'm not sure that Timestamp link is still ok. Maybe it must be updated tu run on new version of AutoIt (COM handling and script breaking). ^^ Best Regards.Thierry Link to comment Share on other sites More sharing options...
Tardis Posted August 11, 2014 Share Posted August 11, 2014 Could be the Autoit ?? - Im runinng the 3.3.12.0 , Thank you Tlem for your time maybe some can shead some light on this ? Link to comment Share on other sites More sharing options...
Tlem Posted August 11, 2014 Share Posted August 11, 2014 Well, I have no time to make debugging for that, but to make what you want, I think you probably should use this : http://www.briggsoft.com/signgui.htm If you can understand French, you can read this tuto that I have wrote in 2011. ^^ Best Regards.Thierry Link to comment Share on other sites More sharing options...
Tardis Posted August 11, 2014 Share Posted August 11, 2014 (edited) I tryed the signgui first followed the instutions to the letter though i have problem with framework 4.x SDK cant seam to install it so all i get is a error Edited August 11, 2014 by Tardis Link to comment Share on other sites More sharing options...
Tlem Posted August 11, 2014 Share Posted August 11, 2014 (edited) Extract from my tutorial : Download : .NET Framework 2.0 Software Development Kit (SDK) (x86) or.NET Framework 2.0 Software Development Kit (SDK) (x64) With SevenZip, open the Setup.exe and open again the netfxsd1.cab. From there you can extract where you want : For the x86 version : FL_signtool_exe_102951_____X86.3643236F_FC70_11D3_A536_0090278A1BB8 and rename it signtool.exeFL_CapiCom_dll_141190_____X86.3643236F_FC70_11D3_A536_0090278A1BB8 and rename it CapiCom.dll If you want to make your selfcert, you can extract these files too : FL_makecert_exe_____X86.3643236F_FC70_11D3_A536_0090278A1BB8 and rename it makecert.exe FL_cert2spc_exe_____X86.3643236F_FC70_11D3_A536_0090278A1BB8 and rename it cert2spc.exe FL_certmgr_exe_____X86.3643236F_FC70_11D3_A536_0090278A1BB8 and rename it certmgr.exe With the first 2 tools you can use signgui. With the other, you can create your selfcert (read my tuto). And for exporting your certificate : pvkimprt.exe Edited August 11, 2014 by Tlem Best Regards.Thierry Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now