Michał Trojnara
Michał Trojnara
@xtkoba Switching from API 14 to API 16 was more painful than I expected, because the newer NDK switched from GCC to Clang. Convincing autoconf to cooperate took some time,...
You seem to confuse the signingTime attribute (https://datatracker.ietf.org/doc/html/rfc5652#section-11.3) with a timestamp, which is implemented as a a countersignature. You can clearly see that that there are no countersignatures, on that...
I realized that it was the "Timestamp" value in the partially visible "test-osslsigncode-signed.appx Properties" window screenshot. This is a bug in Windows, as the printed value is not derived from...
> Adding CKF_OS_LOCKING_OK to flags in pkcs11_CTX_reload solves the issue. Is there any reason it was not done before ? I don't think so. Apparently, you are the first person...
> So to use osslsigncode we need: > 1) "unpack" .pfx: obtain (and decode) .key, endpointCA, and IntermediateCA. > 2) merge endpointCA and IntermediateCA into single file combined.crt > 3)...
I think https://github.com/mtrojnar/osslsigncode/commit/898a53b2a745e86e5e0ad34ed23d1a77072b79bb may have fixed this issue. Can you please test if it's still reproducible on the current master branch?
@utoni Can you please check if this issue is still reproducible on the current master branch?
@utoni Do you have any results for us?
I really hoped this issue was caused by the order of certificates. I searched for error code 577, and I indeed found some references to an invalid certificate chain, e.g.,...
> Sure. Will do ASAP. Thanks for your support! 👍 Any progress?