@dabh/signcode
Advanced tools
Sign Windows executables and installers from a Mac.
Works with .pem, .p12, and .pfx code signing files.
Signs with sha1 and sha256 signatures by default.
npm install --save-dev signcode
var signcode = require('signcode')
var options = {
cert: '/Users/kevin/certs/cert.pem',
key: '/Users/kevin/certs/key.pem',
overwrite: true,
path: '/Users/kevin/apps/myapp.exe'
}
signcode.sign(options, function (error) {
if (error) {
console.error('Signing failed', error.message)
} else {
console.log(options.path + ' is now signed')
}
})
signcode.verify({ path: '/Users/kevin/apps/myapp.exe' }, function (error) {
if (error) {
console.error('Not signed', error.message)
} else {
console.log(options.path + ' is signed')
}
})
| Name | Type | Required | Description |
|---|---|---|---|
cert | String | Yes | Path to a certificate file. |
path | String | Yes | File path to executable to sign. |
hash | Array | No | Signature types to sign the executable with. Defaults to ['sha1', 'sha256']. |
key | String | No | Path to a .pem key file. Only required if cert is a .pem file. |
name | String | No | Product name to include in the signature. |
overwrite | Boolean | No | true to sign the executable in place, false to write the signed file at the same path but with -signed at the end of it. Defaults to false. |
password | String | No | Password to the certificate or key. |
passwordPath | String | No | Path to a file containing the password for the certificate or key. |
site | String | No | Website URL to include in the signature. |
| Name | Type | Required | Description |
|---|---|---|---|
path | String | Yes | File path to executable to verify. |
hash | String | No | Certificate fingerprint to expect on executable. |
signcode sign /Users/kevin/apps/myapp.exe \
--cert /Users/kevin/certs/cert.p12 \
--prompt \
--name 'My App' \
--url 'http://birthday.pizza'
signcode verify /Users/kevin/apps/myapp.exe
Run signcode -h to see all the supported options.
These commands are helpful when working with certificates.
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -nodes
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem
openssl pkcs12 -export -out ./test/fixtures/cert.p12 -inkey ./test/fixtures/key.pem -in ./test/fixtures/cert.pem
openssl x509 -noout -in ./test/fixtures/cert.pem -fingerprint -sha1
openssl x509 -noout -in ./test/fixtures/cert.pem -fingerprint -sha256
FAQs
Sign Windows executables from a Mac
The npm package @dabh/signcode receives a total of 0 weekly downloads. As such, @dabh/signcode popularity was classified as not popular.
We found that @dabh/signcode demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A malicious npm campaign is targeting Ethereum developers by impersonating Hardhat plugins and the Nomic Foundation, stealing sensitive data like private keys.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.