-
Notifications
You must be signed in to change notification settings - Fork 124
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Verifying digital signature in offline environment #373
Comments
What is "the command" you tried to run? Does "the command" include the "-ignore-cdp" parameter? |
Sorry. let me begin with that I'm using a self-compiled linux version. From branch 2.8
Output:
I also tried to call it as: and
and
Both gave the same output. Am I missing something? For the test file I use a signed MSI from here: https://support.ccleaner.com/s/article/business-edition-msi-installers?language=en_US |
Also note that in my example I know I'm not even using CRLs, but I'm a bit confused between all these certs and what to use for what and in what format it's allowed :) Of course I'm googling around and trying to find out more and more about the topic in the meanwhile. (Just throwing the things I'm not perfectly understading here, maybe if you have some energy, you can better explain it:
But of course I don't want to bother you and waste your time by teaching basic stuffs to random people, so feel free to omit answering these questions if you feel like) Thank you very much in advance :) |
Does your |
Most probably I'm doing something stupid, but what I've been doing to the steps in the previousy mentioned ticket, quoting:
So the content of the PEM is just the following:
I'm more than sure this does not contain embedded other certs, thus I must be doing something wrong. Just tried to use some online decode tool, but that also just confirmed it's "just" the root CA of Microsoft. Does this mean I have to somehow gather all the potential root CAs and download from somewhere in order to be able to verify them all? |
Before opening issues in a GitHub repository to report a problem, please make sure you have consulted books and internet resources to grasp the basics. This practice helps keep the repository dedicated to solving actual issues. |
Hi, earlier I had a really similar issue, but now I'm a bit confused again, maybe it would be nice to dedicate a section in the readme to this later :)
So, what I'd like to do is to verify digital signatures of various filetypes. Ideally the same way on linux or windows.
(Off, ps.: I'm planning to include it as part of an open source malware analysis toolset, so this tool sounds just ideal)
It must be able to run in offline environments as well - of course certs can be pre-downloaded. I know, this means I may not have the latest CRL at the moment of verification.
Can you help me how to achieve this?
Ps. the other ticket was: #258
If I try to run the command in an offline environment, I get
The text was updated successfully, but these errors were encountered: