2nd November 2007, 06:20
|
#1 |
|
Junior Member
Join Date: Nov 2007
Posts: 2
|
CustomerData append and Authenticode
So I was excited that I was able to append a string to an EXE on download, and read that string back in on install. But now I've discovered that appending data seems to invalidate Authenticode signing. Does anyone know how to pass data on the fly to the downloaded EXE from a web session and not break the signing of the binary?
Thanks! |
|
|
|
2nd November 2007, 17:27
|
#2 |
|
M.I.A.
[NSIS Dev, Mod] 
Join Date: Oct 2001
Location: Israel
Posts: 11,343
|
Part of Authenticode's purpose is to keep the file unmodified, so there shouldn't be any magic trick that'd allow you to modify the file regardless unless you're willing to both modify and sign the file for every customer. It seems like you'll have to find another trick. You can consider having the installer itself get this data using one of the HTTP plug-ins.
NSIS FAQ | NSIS Home Page | Donate $ "I hear and I forget. I see and I remember. I do and I understand." -- Confucius |
|
|
|
|
2nd November 2007, 18:58
|
#3 |
|
Junior Member
Join Date: Nov 2007
Posts: 2
|
Agreed. Though it would be really nice for the Authenticode system to allow for some sort of DMZ or unsigned sandbox in which to safely move data through while maintaining the sanctity of the signing.
You know, like appending data to an NSIS EXE after EOF and not messing up NSIS's CRC ;-) |
|
|
|
 |
|
|||||||
«
Previous Thread
|
Next Thread
»
| Thread Tools | Search this Thread |
| Display Modes | |
Linear Mode
|
|
Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.