Signing (signcode-tf) failed on Windows 7 when multiple hash algorithms are used
See original GitHub issueWhen I try to run build -w
under Windows 7, the signcode-tf library fails as you can see below.
Everything works well on Windows 10, which I know calls electron-builder\node_modules\signcode-tf\vendor\windows-10\signtool.exe instead of the signtool.exe under windows-6.
@develar, I know this is more a signcode-tf issue, but when I go to https://www.npmjs.com/package/signcode-tf, it points me to what I believe is the wrong (maybe before fork) source code (https://github.com/kevinsawicki/signcode), so I am a bit confused, again, maybe I’m doing something wrong.
electron-builder v5.12.1 target: Windows.
I uncommented the console.log line so I could see what was happening.
spawning C:\myfolder\node_modules\electron-builder\node_modules\signcode-tf\vendor\windows-6\signtool.exe sign /t http://timestamp.verisign.com/scripts/timstamp.dll /f build/win.p12 /d My App /du https://www.myurl.com/ /p PASSWORD C:\myfolder\dist\win-unpacked\My App.exe
spawning C:\myfolder\node_modules\electron-builder\node_modules\signcode-tf\vendor\windows-6\signtool.exe sign /tr http://timestamp.comodoca.com/rfc3161 /f build/win.p12 /fd sha256 /td sha256 /d My App /du https://www.myurl.com/ /as /p PASSWORD C:\myfolder\dist\win-unpacked\My App.exe
Error: Signing failed with 1. SignTool Error: A required function is not present
.
This error likely means that you are running SignTool on an OS that
does not support the options you've specified.
at Error (native)
at ChildProcess.<anonymous> (C:\myfolder\node_modules\electron-builder\node_modules\signcode-tf\index.js:155:16)
at emitTwo (events.js:87:13)
at ChildProcess.emit (events.js:172:7)
at maybeClose (internal/child_process.js:827:16)
at Process.ChildProcess._handle.onexit (internal/child_process.js:211:5)
From previous event:
at WinPackager.<anonymous> (C:\myfolder
op.dev\node_modules\electron-builder\src\winPackager.ts:132:43)
at next (native)
From previous event:
at tsAwaiter (C:\myfolderop.dev\node_mo
dules\electron-builder\src\util\awaiter.ts:10:47)
at Object.build (C:\myfolderop.dev\node
_modules\electron-builder\src\builder.ts:190:52)
at Object.<anonymous> (C:\myfolderop.de
v\node_modules\electron-builder\src\build-cli.ts:27:28)
at Module._compile (module.js:409:26)
at Object.Module._extensions..js (module.js:416:10)
at Module.load (module.js:343:32)
at Function.Module._load (module.js:300:12)
at Function.Module.runMain (module.js:441:10)
at startup (node.js:139:18)
at node.js:968:3
Issue Analytics
- State:
- Created 7 years ago
- Comments:10 (10 by maintainers)
Top Results From Across the Web
2019 SHA-2 Code Signing Support requirement for Windows ...
The Secure Hash Algorithm 1 (SHA-1) was developed as an irreversible hashing function and is widely used as a part of code-signing. Unfortunately,...
Read more >Windows Update SHA-1 based endpoints discontinued for ...
In compliance with the Microsoft Secure Hash Algorithm (SHA)-1 deprecation policy, Windows Update is discontinuing its SHA-1 based endpoints in late July ...
Read more >Appendix 4 Driver Signing Issues - Windows - Microsoft Learn
Two known driver signing issues are described below. ... provide a replacement certificate at no cost signed with the SHA1 hash algorithm.
Read more >SHA512 is disabled in Windows when you use TLS 1.2
After you apply this update, the signature and hash algorithm combinations ... Microsoft used the most current virus-detection software that was available ...
Read more >FIX: Communication that uses an MD5 hash algorithm fails ...
Assume that you're using Transport Layer Security (TLS) protocol version 1.2 in Microsoft SQL Server. When the certificate that's used to encrypt the ......
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Ok, I will fix it tomorrow, we support Windows server 2008 R2, so, Windows 7 SP1 should be also supported.
I tried the procedure above, using the files from C:\Program Files (x86)\Windows Kits\8.1\bin\x86, and it worked, for SHA256-only and also for dual signing SHA1/SHA256.
@develar please check https://github.com/develar/signcode/pull/3 for a fix.