From eaf400b088c147042457a15bd4a3d44941e86cb0 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Fri, 12 Jun 2020 01:44:14 +0200 Subject: [PATCH] Windows: Update IDRIX SHA-1 code signing certificate to latest one. --- src/Common/Dlgcode.c | 12 +++---- .../DigiCert_Assured_ID_Code_Signing_CA.cer | Bin 0 -> 1703 bytes .../DigiCert_Assured_ID_MS_Cross_Cert.crt | 30 ++++++++++++++++++ ...igiCert_High_Assurance_Code_Signing_CA.cer | Bin 1734 -> 0 bytes .../DigiCert_High_Assurance_MS_Cross_Cert.crt | 30 ------------------ src/Signing/sign.bat | 6 ++-- 6 files changed, 39 insertions(+), 39 deletions(-) create mode 100644 src/Signing/DigiCert_Assured_ID_Code_Signing_CA.cer create mode 100644 src/Signing/DigiCert_Assured_ID_MS_Cross_Cert.crt delete mode 100644 src/Signing/DigiCert_High_Assurance_Code_Signing_CA.cer delete mode 100644 src/Signing/DigiCert_High_Assurance_MS_Cross_Cert.crt diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index 17a2f3fd..fe23deaf 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -381,12 +381,12 @@ static WTHELPERGETPROVSIGNERFROMCHAIN WTHelperGetProvSignerFromChainFn = NULL; static WTHELPERGETPROVCERTFROMCHAIN WTHelperGetProvCertFromChainFn = NULL; static unsigned char gpbSha1CodeSignCertFingerprint[64] = { - 0x64, 0x4C, 0x59, 0x15, 0xC5, 0xD4, 0x31, 0x2A, 0x73, 0x12, 0xC4, 0xA6, - 0xF2, 0x2C, 0xE8, 0x7E, 0xA8, 0x05, 0x53, 0xB5, 0x99, 0x9A, 0xF5, 0xD1, - 0xBE, 0x57, 0x56, 0x3D, 0x2F, 0xCA, 0x0B, 0x2F, 0xEF, 0x57, 0xFB, 0xA0, - 0x03, 0xEF, 0x66, 0x4D, 0xBF, 0xEE, 0x25, 0xBC, 0x22, 0xDD, 0x5C, 0x15, - 0x47, 0xD6, 0x6F, 0x57, 0x94, 0xBB, 0x65, 0xBC, 0x5C, 0xAA, 0xE8, 0x80, - 0xFB, 0xD0, 0xEF, 0x00 + 0x97, 0xE3, 0x36, 0xE0, 0x45, 0x21, 0xE9, 0x8A, 0xA7, 0xEA, 0xE8, 0x68, + 0x4A, 0x56, 0x02, 0xB2, 0xE7, 0x63, 0x59, 0x3A, 0x37, 0x03, 0x64, 0xC3, + 0x7D, 0xBF, 0xF8, 0x19, 0xDB, 0x39, 0x57, 0x41, 0x55, 0x00, 0x9C, 0xBE, + 0xFE, 0xA3, 0xBC, 0x0F, 0xE3, 0xD8, 0x34, 0x2D, 0x2F, 0xB4, 0x80, 0xBE, + 0xDD, 0xEA, 0xA7, 0xDB, 0xAD, 0x53, 0x07, 0x71, 0x1A, 0x12, 0x42, 0xB4, + 0xE9, 0x65, 0xA5, 0x61 }; typedef HRESULT (WINAPI *SHGETKNOWNFOLDERPATH) ( diff --git a/src/Signing/DigiCert_Assured_ID_Code_Signing_CA.cer b/src/Signing/DigiCert_Assured_ID_Code_Signing_CA.cer new file mode 100644 index 0000000000000000000000000000000000000000..46fe7f38d265f244b93573ca1995c26026fbebba GIT binary patch literal 1703 zcmbtUX;4#F6uvJBsbLY?$TkXwwTP13L{SK6jEQK93PNS3Dy{euLVzUr5=9UTM(1e< z9Z;xK1#Mg^DjixK7pe^{6)G0%$OyHi2=<4dqn)bI3aHR?SsZQq!HBvrpV8%E<{~ozw*j_}mpd zzL2vbS?Y;}#Bdh6sttOBO2=458WSz`#oh#V5qjk2=8Co8qQNDm%|>Z34kRwFaPo@? zrNy$I(P>2*wJ6DKwu)3r?C;w2+gR9~UsoDBr65^yXKT;JOsBA`cJDXi zeMG(I9gjPjYuWh=rzQ+Ue{v({zS(eeH6=cke(zXq2fwps*V-ZV+qM(jOGDkEE@hf^ zccP5ThKg3}bI-P!)3xPU7k6kfes1aeFrdD>(f`Wry|sdm2jUObT$MU9S1zb(a9Xr^ z&GcUmr8=Ibl>IUJ88gr|Pxky)_zYQG`}_3Q*K3=Xctk!+{NQtyx?pIVI`PcT@VQpk zzWib){&vb);W_%AVwonWhwt?;q?+mvQ+8i&)yAY&bGQ_uj@Y;=Y~w2ML^xYNcZwS3 z@!(mpBag%{gy)K#`4gt|;UT@j<-*ZjA~X@tMqL2o9JJH?32WHJ6#G1zxQ}A_IGsaz zi8HL$9JxgD&le@JSh6GN97_bF%Q0IFRx^_aR3pS|Uqo}jO7XW*Nl1xIC=ZFydSpR5 z7|kdhdMnC620%ne1t56 z_$_jYLUPv=FdqgEg>c^Z$x{^1h_i6;xQ!{+XY3x$v?b@2(tuSjSR8iF7>iCLmBaE1 zQ8NC^juj4#nv@NdQcN>eyk!f~GnJQ*H)6Rx%08Q&HJ*yep82|Yvi}`B>-A&(h=hqe zFW#h08P}$r{MNfplmFWt#ZOgF7M4WH@KoXs;`v~&qDc$yAO50mPqR%LvAnpdD&Rn` zvB~}ALIX7y3JrxeF@D*NAe zL-)?E=y{hsAAH#!6A-c~xSmO^U9@|PFmA9?k-0po^Grzd!|JZaFzVerkGSBLDEH7q zX{AdqIKsLWj~Y%^{M8nY^_k<5<_ULjG5=6CIy6u$8t&3)ab4!9GTi7k^-#;ZNmoVRWwc U(Y9T6#r~%^XB_#g^pxxH--eVang9R* literal 0 HcmV?d00001 diff --git a/src/Signing/DigiCert_Assured_ID_MS_Cross_Cert.crt b/src/Signing/DigiCert_Assured_ID_MS_Cross_Cert.crt new file mode 100644 index 00000000..a63e06ec --- /dev/null +++ b/src/Signing/DigiCert_Assured_ID_MS_Cross_Cert.crt @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFNDCCAxygAwIBAgIKYRyyigAAAAAAJjANBgkqhkiG9w0BAQUFADB/MQswCQYD +VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe +MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSkwJwYDVQQDEyBNaWNyb3Nv +ZnQgQ29kZSBWZXJpZmljYXRpb24gUm9vdDAeFw0xMTA0MTUxOTQxMzdaFw0yMTA0 +MTUxOTUxMzdaMGUxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMx +GTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xJDAiBgNVBAMTG0RpZ2lDZXJ0IEFz +c3VyZWQgSUQgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +AK0OFc7kQ4BcsYfzt2D5cRKlrtwmlIiq9M71IDkoWGAM+IDaqRWVMmE8tbEohIqK +3J8KDIMXeo+QrIrneVNcMYQq9g+YMjZ2zN7dPKii72r7IfJSYd+fINcf4rHZ/hhk +0hJbX/lYGDW8R82hNvlrf9SwOD7BG8OMM9nYLxj+KA+zp4PWw25EwGE1lhb+WZyL +dm3X8aJLDSv/C3LanmDQjpA1xnhVhyChz+VtCshJfDGYM2wi6YfQMlqiuhOCEe05 +F52ZOnKh5vqk2dUXMXWuhX0irj8BRob2KHnIsdrkVxfEfhwOsLSSplazvbKX7aqn +8LfFqD+VFtD/oZbrCF8Yd08CAwEAAaOByzCByDARBgNVHSAECjAIMAYGBFUdIAAw +CwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEXroq/0ksuC +MS1Ri6enIZ3zbcgPMB8GA1UdIwQYMBaAFGL7CiFbf0NuEdoJVFBr9dKWcfGeMFUG +A1UdHwROMEwwSqBIoEaGRGh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvY3Js +L3Byb2R1Y3RzL01pY3Jvc29mdENvZGVWZXJpZlJvb3QuY3JsMA0GCSqGSIb3DQEB +BQUAA4ICAQBc9bItAs7tAbU1EtgT96pAFMehXKCKVe1+VepqxFcXb9BHIkI2WO/F +rGHF9ixSzmrmyA2F2rM0Qg6kAiUYJnK5Kk6lfksW8qDkDESc4k2a9HTw+SemaZAx +wkRlQ0jHSGnQ/IQJ8oYUCsIploV/EeuHExdu0+xr/x1XirF7HqWgfOmiemjl+sax +YdZyY/o3kWODVZn4HWFPDG+j97yxFSrMjYXjFBfvfklEP7AiwPCsvi/b4QyGsPRY +XFoQqUvN80SKRlIIPgpiEOlFlQS3i41LB09QDbe75/uMonh4xsU7dmOyz+UhhFpm +/OBMeYNOz6jucAWGWHzCnNc8o608fnZiXIfQ7XzVxVsUIfS+daJ10unhWtAgMHhB +Yk1rXm4bFxAkSthYh3XQFddiu/0YVmWEJWGXf6rUnfTzXW2gMcLhngKsPpDDMn7o +MpA0FtCLFM+VrM7ljFSiZbi/7RhqVwc+0+eaSi8IGgQcSYcaiuYbCKNl2BwxxQ2c +urNo3fRQdhYGdf7EA+fRPt/chi4QAn5mEpZTTnrzNlh5sSBC2JY/Nb4/jvKZl0P1 +5AzhPGhyjI1J11pStXP7ejWUOmGwhILASIXBlzLTm3JfoNI0j37wRnzyjHKUxwew +17WyMLgZZfCcgyewoKvQonJ+BQ+zrt25W5tCvMMmY0VrhvEdRkPtyA== +-----END CERTIFICATE----- diff --git a/src/Signing/DigiCert_High_Assurance_Code_Signing_CA.cer b/src/Signing/DigiCert_High_Assurance_Code_Signing_CA.cer deleted file mode 100644 index cddf4d0758a4136610c858f6d996f4c5722be068..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1734 zcmbtUdrVVT7(e&kwgQ6G0u^xTO;I+iwC4iiMi@eh6BU(!bUqffyDjC8+Lqoj1fNvw za8pralWADU=#tqvj53|CIT6JG8%CJu=5$lX5L`5x=$M;f-{BSAvOmmjavtCJ{l4G% zoyYyKOLhjkq~02arf6DDpS{@i?%Z5|{kB@k`t|cy-~gHLRCk*D_W+8LN)fhjqp`1y z$(G21=%D{o?F>Df%1&B^Lg@WgQe9EW2#j*G$YEgcsS6AvaHGO_r7)d20F znyCL$qq7-JY?ffQ3RW{nisrD3QaybtloT;8DiDF+k9JWMI`>D!uaz&J-5BiI7_%a| zcAL$9x+^|EKcT?m4X>!&vV4C;e(M7Bx|EsTTl2nLbE>-G)0fKyZNlW9!X=9HITGEO zfJoPtV!Sh&UDQliP-teGKzT9^5V$t3up)0%YMjd9R zdfM)93R@^h#g}~lRLOU#YIcN$r*jWF)K^M%2NL=Is;g|fuX<5K?~}JSb<1lN`42lU z-%u1^`dPoUt(RJsYg*PYb8%+uzUhVqs@9U0_*zA)tnF_ zCk(@BN~y_pI_(Ks?LQxvRunDKyj_fTnCv!DaM~P209^(7#*u6qEd4|mm5EZ26%`>C z6(A9rV6>qe=$$AR3E*Lo4!jPq1@H@qM+TS^91ln@&O;*W3+JQc6fWwN6FcK96p9#GMR0_an20H_oi6){u1w0Ojo6ss~R`9Z@ za6ml|JqvjPM2N=0xdFWi7V!?|6OCjo!bsL4YmmJ;UV0?!#i(e77=P`rT@ z5%C$IcKEj?HDsiO%+iwrqD#^64ks=tC#oh%O5VXGr8v1JsV32#Fih#N#6BON<=+f( z&&x1@2pS_%N`iN%F?T|I@{S!^9Pv%1=6;i@-MAf3BH;*0C{}I^KA6-fFnwRoroO9+ z4ELe$@kVvy)5Ql$G87*Q&AGF7<*B-R&1>t=9iM0XNh#cPKaTqTde!E2$vKg++SF{X zcSp~3yId*$HC_s@HK9^QQ|r>Xw7qOX2;b-#15EAGRB zjQy$Qw=3G#y%)%RaQ?@RvAD{qZ0gFJ^>%F~^=&LFPJ3i?bIp2ntm;x9btJWI>lZC$ z?Y}5*bw9e9bi?;_b&*cDA^Q#K=ey)h(*p8Nf7H9WtG%%E=ns3UHXKi{P*;EDDLZ)W zKx2CQ?!8P?-HP$4fw40}ZngGn^&LvjvTSqp$1PXmEdJu$!)rW8>U*ZstL?v`;?}?B YEmXyy2rg|d-+3)Cv0!V<=(6s=0SV0~zW@LL diff --git a/src/Signing/DigiCert_High_Assurance_MS_Cross_Cert.crt b/src/Signing/DigiCert_High_Assurance_MS_Cross_Cert.crt deleted file mode 100644 index c42e0fc2..00000000 --- a/src/Signing/DigiCert_High_Assurance_MS_Cross_Cert.crt +++ /dev/null @@ -1,30 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFOzCCAyOgAwIBAgIKYSBNtAAAAAAAJzANBgkqhkiG9w0BAQUFADB/MQswCQYD -VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe -MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSkwJwYDVQQDEyBNaWNyb3Nv -ZnQgQ29kZSBWZXJpZmljYXRpb24gUm9vdDAeFw0xMTA0MTUxOTQ1MzNaFw0yMTA0 -MTUxOTU1MzNaMGwxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMx -GTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xKzApBgNVBAMTIkRpZ2lDZXJ0IEhp -Z2ggQXNzdXJhbmNlIEVWIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw -ggEKAoIBAQDGzOVz5vvUu+UtLTKm3+WBP8nNJUm2cSrD1ZQ0Z6IKHLBfaaZAscS3 -so/QmKSpQVk609yU1jzbdDikSsxNJYL3SqVTEjju80ltcZF+Y7arpl/DpIT4T2JR -vvjF7Ns4kuMG5QiRDMQoQVX7y1qJFX5x6DW/TXIJPb46OFBbdzEbjbPHJEWap6xt -ABRaBLe6E+tRCphBQSJOZWGHgUFQpnlcid4ZSlfVLuZdHFMsfpjNGgYWpGhz0DQE -E1yhcdNafFXbXmThN4cwVgTlEbQpgBLxeTmIogIRfCdmt4i3ePLKCqg4qwpkwr9m -XZWEwaElHoddGlALIBLMQbtuC1E4uEvLAgMBAAGjgcswgcgwEQYDVR0gBAowCDAG -BgRVHSAAMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSx -PsNpA/i/RwHUmCYaCALvY2QrwzAfBgNVHSMEGDAWgBRi+wohW39DbhHaCVRQa/XS -lnHxnjBVBgNVHR8ETjBMMEqgSKBGhkRodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20v -cGtpL2NybC9wcm9kdWN0cy9NaWNyb3NvZnRDb2RlVmVyaWZSb290LmNybDANBgkq -hkiG9w0BAQUFAAOCAgEAIIzBWe1vnGstwUo+dR1FTEFQHL2A6tmwkosGKhM/Uxae -VjlqimO2eCR59X24uUehCpbC9su9omafBuGs0nkJDv083KwCDHCvPxvseH7U60sF -YCbZc2GRIe2waGPglxKrb6AS7dmf0tonPLPkVvnR1IEPcb1CfKaJ3M3VvZWiq/GT -EX3orDEpqF1mcEGd/HXJ1bMaOSrQhQVQi6yRysSTy3GlnaSUb1gM+m4gxAgxtYWd -foH50j3KWxiFbAqG7CIJG6V0NE9/KLyVSqsdtpiwXQmkd3Z+76eOXYT2GCTL0W2m -w6GcwhB1gP+dMv3mz0M6gvfOj+FyKptit1/tlRo5XC+UbUi3AV8zL7vcLXM0iQRC -ChyLefmj+hfv+qEaEN/gssGV61wMBZc7NT4YiE3bbL8kiY3Ivdifezk6JKDV39Hz -ShqX9qZveh+wkKmzrAE5kdNht2TxPlc4A6/OetK1kPWu3DmZ1bY8l+2myxbHfWsq -TJCU5kxU/R7NIOzOaJyHWOlhYL7rDsnVGX2f6Xi9DqwhdQePqW7gjGoqa5zj52W8 -vC08bdwE3GdFNjKvBIG8qABuYUyVxVzUjo6fL8EydL29EWUDB83vt14CV9qG1Boo -NK+ISbLPpd2CVm9oqhTiWVT+/+ru7+qScCJggeMlI8CfzA9JsjWqWMM6w9kWlBA= ------END CERTIFICATE----- diff --git a/src/Signing/sign.bat b/src/Signing/sign.bat index 30058bc6..fb6333c3 100644 --- a/src/Signing/sign.bat +++ b/src/Signing/sign.bat @@ -9,8 +9,8 @@ call "..\..\doc\chm\create_chm.bat" cd %SIGNINGPATH% rem sign using SHA-1 -signtool sign /v /sha1 1FE67EF0455A9CC11433542FEC0A86DDD644B405 /ac DigiCert_High_Assurance_MS_Cross_Cert.crt /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys" -signtool sign /v /sha1 1FE67EF0455A9CC11433542FEC0A86DDD644B405 /ac DigiCert_High_Assurance_Code_Signing_CA.cer /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" +signtool sign /v /sha1 85aa2e55cfb9c38fe474c58b38e9521450cd9306 /ac DigiCert_Assured_ID_MS_Cross_Cert.crt /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys" +signtool sign /v /sha1 85aa2e55cfb9c38fe474c58b38e9521450cd9306 /ac DigiCert_Assured_ID_Code_Signing_CA.cer /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" timeout /t 10 @@ -58,7 +58,7 @@ rmdir /S /Q docs cd %SIGNINGPATH% rem sign using SHA-1 -signtool sign /v /sha1 1FE67EF0455A9CC11433542FEC0A86DDD644B405 /ac DigiCert_High_Assurance_Code_Signing_CA.cer /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt Setup %VC_VERSION%.exe" "..\Release\Setup Files\VeraCrypt Portable %VC_VERSION%.exe" +signtool sign /v /sha1 85aa2e55cfb9c38fe474c58b38e9521450cd9306 /ac DigiCert_Assured_ID_Code_Signing_CA.cer /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt Setup %VC_VERSION%.exe" "..\Release\Setup Files\VeraCrypt Portable %VC_VERSION%.exe" timeout /t 10