@dabh/signcode
Advanced tools
Sign Windows executables and installers from a Mac.
Works with .pem, .p12, and .pfx code signing files.
Signs with sha1 and sha256 signatures by default.
npm install --save-dev signcode
var signcode = require('signcode')
var options = {
cert: '/Users/kevin/certs/cert.pem',
key: '/Users/kevin/certs/key.pem',
overwrite: true,
path: '/Users/kevin/apps/myapp.exe'
}
signcode.sign(options, function (error) {
if (error) {
console.error('Signing failed', error.message)
} else {
console.log(options.path + ' is now signed')
}
})
signcode.verify({ path: '/Users/kevin/apps/myapp.exe' }, function (error) {
if (error) {
console.error('Not signed', error.message)
} else {
console.log(options.path + ' is signed')
}
})
| Name | Type | Required | Description |
|---|---|---|---|
cert | String | Yes | Path to a certificate file. |
path | String | Yes | File path to executable to sign. |
hash | Array | No | Signature types to sign the executable with. Defaults to ['sha1', 'sha256']. |
key | String | No | Path to a .pem key file. Only required if cert is a .pem file. |
name | String | No | Product name to include in the signature. |
overwrite | Boolean | No | true to sign the executable in place, false to write the signed file at the same path but with -signed at the end of it. Defaults to false. |
password | String | No | Password to the certificate or key. |
passwordPath | String | No | Path to a file containing the password for the certificate or key. |
site | String | No | Website URL to include in the signature. |
| Name | Type | Required | Description |
|---|---|---|---|
path | String | Yes | File path to executable to verify. |
hash | String | No | Certificate fingerprint to expect on executable. |
signcode sign /Users/kevin/apps/myapp.exe \
--cert /Users/kevin/certs/cert.p12 \
--prompt \
--name 'My App' \
--url 'http://birthday.pizza'
signcode verify /Users/kevin/apps/myapp.exe
Run signcode -h to see all the supported options.
These commands are helpful when working with certificates.
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -nodes
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem
openssl pkcs12 -export -out ./test/fixtures/cert.p12 -inkey ./test/fixtures/key.pem -in ./test/fixtures/cert.pem
openssl x509 -noout -in ./test/fixtures/cert.pem -fingerprint -sha1
openssl x509 -noout -in ./test/fixtures/cert.pem -fingerprint -sha256
FAQs
Sign Windows executables from a Mac
The npm package @dabh/signcode receives a total of 1 weekly downloads. As such, @dabh/signcode popularity was classified as not popular.
We found that @dabh/signcode demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A survey of 500 cybersecurity pros reveals high pay isn't enough—lack of growth and flexibility is driving attrition and risking organizational security.
Product
Socket, the leader in open source security, is now available on Google Cloud Marketplace for simplified procurement and enhanced protection against supply chain attacks.
Security News
Corepack will be phased out from future Node.js releases following a TSC vote.