From b349c599fea6e4cedafde78c036b3c202b2f8396 Mon Sep 17 00:00:00 2001 From: silversword411 Date: Wed, 10 Aug 2022 14:05:18 -0400 Subject: [PATCH] docs - adding authenticode notes https://github.com/Ylianst/MeshCentral/commit/c5315ba0fcdb7bdf19484331aec1db46a02edadc --- docs/docs/meshcentral/codesigning.md | 56 ++++++++++++++++------------ 1 file changed, 32 insertions(+), 24 deletions(-) diff --git a/docs/docs/meshcentral/codesigning.md b/docs/docs/meshcentral/codesigning.md index 5cd7404a..aeea42ef 100644 --- a/docs/docs/meshcentral/codesigning.md +++ b/docs/docs/meshcentral/codesigning.md @@ -20,34 +20,42 @@ Usage: node authenticode.js [command] [options] Commands: info: Show information about an executable. - --exe [file] Required executable to view information. - --json Show information in JSON format. + --exe [file] Required executable to view information. + --json Show information in JSON format. sign: Sign an executable. - --exe [file] Required executable to sign. - --out [file] Resulting signed executable. - --pem [pemfile] Certificate & private key to sign the executable with. - --desc [description] Description string to embbed into signature. - --url [url] URL to embbed into signature. - --hash [method] Default is SHA384, possible value: MD5, SHA224, SHA256, SHA384 or SHA512. - --time [url] The time signing server URL. - --proxy [url] The HTTP proxy to use to contact the time signing server, must start with http:// + --exe [file] Required executable to sign. + --out [file] Resulting signed executable. + --pem [pemfile] Certificate & private key to sign the executable with. + --desc [description] Description string to embbed into signature. + --url [url] URL to embbed into signature. + --hash [method] Default is SHA384, possible value: MD5, SHA224, SHA256, SHA384 or SHA512. + --time [url] The time signing server URL. + --proxy [url] The HTTP proxy to use to contact the time signing server, must start with http:// unsign: Remove the signature from the executable. - --exe [file] Required executable to un-sign. - --out [file] Resulting executable with signature removed. + --exe [file] Required executable to un-sign. + --out [file] Resulting executable with signature removed. createcert: Create a code signging self-signed certificate and key. - --out [pemfile] Required certificate file to create. - --cn [value] Required certificate common name. - --country [value] Certificate country name. - --state [value] Certificate state name. - --locality [value] Certificate locality name. - --org [value] Certificate organization name. - --ou [value] Certificate organization unit name. - --serial [value] Certificate serial number. + --out [pemfile] Required certificate file to create. + --cn [value] Required certificate common name. + --country [value] Certificate country name. + --state [value] Certificate state name. + --locality [value] Certificate locality name. + --org [value] Certificate organization name. + --ou [value] Certificate organization unit name. + --serial [value] Certificate serial number. timestamp: Add a signed timestamp to an already signed executable. - --exe [file] Required executable to sign. - --out [file] Resulting signed executable. - --time [url] The time signing server URL. - --proxy [url] The HTTP proxy to use to contact the time signing server, must start with http:// + --exe [file] Required executable to sign. + --out [file] Resulting signed executable. + --time [url] The time signing server URL. + --proxy [url] The HTTP proxy to use to contact the time signing server, must start with http:// + icons: Show the icon resources in the executable. + --exe [file] Input executable. + saveicons: Save an icon group to a .ico file. + --exe [file] Input executable. + --out [file] Resulting .ico file. + --icongroup [groupNumber] Icon groupnumber to save to file. + --removeicongroup [number] + --icon [groupNumber],[filename.ico] Note that certificate PEM files must first have the signing certificate, followed by all certificates that form the trust chain.