|
I'm not a Windows developer. I'm in charge of a team that manages a download server and have been given a fool's errand: Given a pre-compiled and signed Windows application installer, bake in an arbitrary (under 20 chars) ID in a way that doesn't violate the signing of the executable. We also can't use the filename to convey metadata as the end user is likely to rename the file for their own purposes. A few options we've bandied about: 1) Create a standalone .ini and wrap the installer and .ini into a thin executable wrapper 2) Externally overwrite a placeholder in the file properties (unsure if this will violate signing) 3) Quit and burn the building down Will any of these work? Is there an even better solution we're overlooking?
|
#
?
Dec 19, 2014 01:14
|
|
|
|
| # ? May 3, 2024 07:33 |
|
|
I'm think that there are portions of a file that can be manipulated after it's signed. I don't remember exactly, but this thing seems to imply that you can do it by just throwing the data onto the end of the digital signature and manipulating the size of the signature block.
|
|
#
?
Dec 19, 2014 01:40
|
|
|
Question: does it need to be signed by the original producer, or can you just buy your own code-signing key and re-package the app with it?
|
|
#
?
Dec 19, 2014 04:00
|
|
|
We ended up using Mono and signing the binaries on-demand. The extra metadata is injected directly into the signature's metadata section and so we don't need to futz with the binary at all.
|
|
#
?
Jan 19, 2015 02:30
|
|