mtrojnar/osslsigncode

"-nest" for "add"

westyles opened this issue ยท 10 comments

Hello.
No way to sign a built-in TSA timestamp on the second signature with a separate operation.
For example, add the "-nest" parameter for "add"

Like what I mean:

del /f /q vfd_*.sys
osslsigncode sign       -in vfd.sys   -out vfd_2.sys -h sha1       -time 1420059600 -spc My_Client+Int.crt -key My_.key -ac My_Cross.crt -nolegacy
osslsigncode add        -in vfd_2.sys -out vfd_3.sys -h sha1   -TSA-time 1420059600 -TSA-certs My-TSA1.crt -TSA-key My-TSA.key

osslsigncode sign -nest -in vfd_3.sys -out vfd_4.sys -h sha256     -time 1420059601 -spc My_Client+Int.crt -key My_.key -ac My_Cross.crt -nolegacy
osslsigncode add  -nest -in vfd_4.sys -out vfd_5.sys -h sha256 -TSA-time 1420059601 -TSA-certs My-TSA2.crt -TSA-key My-TSA.key

Or you can add a parameter to specify the certificate index number as is done with signtool.exe
For example: -n 2
If it is not difficult or more convenient to do this.

It is possible to make both options work at once to use according to the situation.
Either the program itself determines, or by the specified index.

2 indexes works, thanks.
If you add a third index, it breaks the second index:
osslsigncode sign -nest
the first and third work, but the second is broken.
was detected during testing. but overall the result is good.

both tests pass with two signatures:

signtool verify /v /pa
signtool verify /v /kp

I tested several signatures on the same certificates.

Please elaborate on what you mean by including the full verification result.

del /f /q vfd_*.sys

:: Index: 0 (Good):
osslsigncode sign          -in vfd.sys   -out vfd_2.sys -h sha1       -time 1420059600 -spc My_Client+Int.crt -key My_.key -ac My_Cross.crt -nolegacy
osslsigncode add           -in vfd_2.sys -out vfd_3.sys -h sha1   -TSA-time 1420059600 -TSA-certs My-TSA1.crt -TSA-key My-TSA.key

:: Index: 1 (Good):
osslsigncode sign -nest    -in vfd_3.sys -out vfd_4.sys -h sha256     -time 1420059601 -spc My_Client+Int.crt -key My_.key -ac My_Cross.crt -nolegacy
osslsigncode add  -index 1 -in vfd_4.sys -out vfd_5.sys -h sha256 -TSA-time 1420059601 -TSA-certs My-TSA2.crt -TSA-key My-TSA.key

:: Index: 2 (remove/replace index: 1 timestamp):
osslsigncode sign -nest    -in vfd_5.sys -out vfd_6.sys -h sha256     -time 1420059602 -spc My_Client+Int.crt -key My_.key -ac My_Cross.crt -nolegacy

More precisely it (Index: 2) seems to remove the timestamp from Index: 1 signature.

I replicate this test:

osslsigncode sign -in unsigned.exe -out signed.exe -h sha1 -time 1556668800 -cert cert.pem -key key.pem
osslsigncode add -in signed.exe -out signed1.exe -h sha1 -TSA-time 1556668800 -TSA-certs TSA.pem -TSA-key TSA.key

osslsigncode sign -nest -in signed1.exe -out nested.exe -h sha256 -time 1556668801 -certs cert.pem -key key.pem
osslsigncode add -index 1 -in nested.exe -out nested1.exe -h sha256 -TSA-time 1556668801 -TSA-certs TSA.pem -TSA-key TSA.key

osslsigncode sign -nest -in nested1.exe -out nested2.exe -h sha384 -time 1556668802 -certs cert.pem -key key.pem
  1. signtool verification:
    Signature Index: 0 (Primary Signature): sha1, timestamped: Wed May 01 01:00:00 2019
    Signature Index: 1: sha384, not timestamped
    Signature Index: 2: sha256, timestamped: Wed May 01 01:00:01 2019
signtool verify /pa /all /v nested2.exe

Verifying: nested2.exe

Signature Index: 0 (Primary Signature)
Hash of file (sha1): 802FC5BA67A9B06DEC18A0D5A380A8A5954B5EF0

Signing Certificate Chain:
    Issued to: Root CA
    Issued by: Root CA
    Expires:   Tue Nov 10 01:00:00 2026
    SHA1 hash: F9D7EF2721C71D88E05B7140F8D350D79350FDFA

        Issued to: Intermediate CA
        Issued by: Root CA
        Expires:   Thu Jan 01 01:00:00 2026
        SHA1 hash: 0DF29EDEBB924E11D29364B1BEF85948DBE8DEB5

            Issued to: Certificate
            Issued by: Intermediate CA
            Expires:   Tue Dec 31 01:00:00 2024
            SHA1 hash: 96698FFC4F2A600B7D72B4D17E882E40DD47A9F2

The signature is timestamped: Wed May 01 01:00:00 2019
Timestamp Verified by:
    Issued to: TSA Root CA
    Issued by: TSA Root CA
    Expires:   Tue Nov 10 01:00:00 2026
    SHA1 hash: DEBD6225D592A1539E6867EDDF44C22E653D07CF

        Issued to: Test TSA
        Issued by: TSA Root CA
        Expires:   Sat Jan 01 01:00:00 2028
        SHA1 hash: 2FB7A7E4667666BDE2B3CB570FF1984FC9DCE582


Signature Index: 1
Hash of file (sha384): 810AA940BD63EEFDB2E11720F9422BEF4E45C7444154D59C6571FB31BCBE9FD2C497091A28B69935A7B693F97FA7A179

Signing Certificate Chain:
    Issued to: Root CA
    Issued by: Root CA
    Expires:   Tue Nov 10 01:00:00 2026
    SHA1 hash: F9D7EF2721C71D88E05B7140F8D350D79350FDFA

        Issued to: Intermediate CA
        Issued by: Root CA
        Expires:   Thu Jan 01 01:00:00 2026
        SHA1 hash: 0DF29EDEBB924E11D29364B1BEF85948DBE8DEB5

            Issued to: Certificate
            Issued by: Intermediate CA
            Expires:   Tue Dec 31 01:00:00 2024
            SHA1 hash: 96698FFC4F2A600B7D72B4D17E882E40DD47A9F2

File is not timestamped.


Signature Index: 2
Hash of file (sha256): 2D2C7B382C8163A419B9FF214A7B651C33F9EA43335907F11377290C5158A7A4

Signing Certificate Chain:
    Issued to: Root CA
    Issued by: Root CA
    Expires:   Tue Nov 10 01:00:00 2026
    SHA1 hash: F9D7EF2721C71D88E05B7140F8D350D79350FDFA

        Issued to: Intermediate CA
        Issued by: Root CA
        Expires:   Thu Jan 01 01:00:00 2026
        SHA1 hash: 0DF29EDEBB924E11D29364B1BEF85948DBE8DEB5

            Issued to: Certificate
            Issued by: Intermediate CA
            Expires:   Tue Dec 31 01:00:00 2024
            SHA1 hash: 96698FFC4F2A600B7D72B4D17E882E40DD47A9F2

The signature is timestamped: Wed May 01 01:00:01 2019
Timestamp Verified by:
    Issued to: TSA Root CA
    Issued by: TSA Root CA
    Expires:   Tue Nov 10 01:00:00 2026
    SHA1 hash: DEBD6225D592A1539E6867EDDF44C22E653D07CF

        Issued to: Test TSA
        Issued by: TSA Root CA
        Expires:   Sat Jan 01 01:00:00 2028
        SHA1 hash: 2FB7A7E4667666BDE2B3CB570FF1984FC9DCE582


Successfully verified: nested2.exe

Number of signatures successfully Verified: 3
Number of warnings: 0
Number of errors: 0
  1. osslsigncode verification:
    Signature Index: 0 (Primary Signature): SHA1, Signing time: May 1 00:00:00 2019 GMT, Timestamp time: May 1 00:00:00 2019 GMT
    Signature Index: 1: SHA384, Sequence number: 2, Signing time: May 1 00:00:02 2019 GMT, Timestamp is not available
    Signature Index: 2: SHA256, Sequence number: 1, Signing time: May 1 00:00:01 2019 GMT, Timestamp time: May 1 00:00:01 2019 GMT
osslsigncode verify -in nested2.exe -CAfile CACert.pem -TSA-CAfile TSACA.pem
PE checksum   : 0001BE6C

Signature Index: 0  (Primary Signature)

Message digest algorithm  : SHA1
Current message digest    : 802FC5BA67A9B06DEC18A0D5A380A8A5954B5EF0
Calculated message digest : 802FC5BA67A9B06DEC18A0D5A380A8A5954B5EF0

Signer's certificate:
        ------------------
        Signer #0:
                Subject: /C=PL/ST=Mazovia Province/L=Warsaw/O=osslsigncode/OU=CSP/CN=Certificate/emailAddress=osslsigncode@example.com
                Issuer : /C=PL/O=osslsigncode/OU=Certification Authority/CN=Intermediate CA
                Serial : 2D6C27FE02DC3CC00EFFBA06AB1E40DF4EA6C5C9
                Certificate expiration date:
                        notBefore : Jan  1 00:00:00 2018 GMT
                        notAfter : Dec 31 00:00:00 2024 GMT

Message digest algorithm: SHA1

Authenticated attributes:
        Signing time: May  1 00:00:00 2019 GMT
        Microsoft Individual Code Signing purpose
        Message digest: E14161E0290DCC17B55D9F43CE188FB830AE3F3E

Countersignatures:
        Timestamp time: May  1 00:00:00 2019 GMT
        Signing time: Jan 25 09:22:28 2024 GMT
        Hash Algorithm: sha1
        Issuer: /C=PL/O=osslsigncode/OU=Timestamp Authority Root CA/CN=TSA Root CA
        Serial: 0711AB5969FE824D8ED27C5478E42FA5CBB41D44

CAfile: CACert.pem
TSA's certificates file: TSACA.pem

Timestamp verified by:
        ------------------
        Signer #1:
                Subject: /C=PL/O=osslsigncode/OU=Timestamp Authority Root CA/CN=TSA Root CA
                Issuer : /C=PL/O=osslsigncode/OU=Timestamp Authority Root CA/CN=TSA Root CA
                Serial : 7F675FF6501C92E071B004FB524B494E91FC1F71
                Certificate expiration date:
                        notBefore : Jan  1 00:00:00 2017 GMT
                        notAfter : Nov 10 00:00:00 2026 GMT

        ------------------
        Signer #0:
                Subject: /C=PL/O=osslsigncode/OU=Timestamp Authority/CN=Test TSA
                Issuer : /C=PL/O=osslsigncode/OU=Timestamp Authority Root CA/CN=TSA Root CA
                Serial : 0711AB5969FE824D8ED27C5478E42FA5CBB41D44
                Certificate expiration date:
                        notBefore : Jan  1 00:00:00 2018 GMT
                        notAfter : Jan  1 00:00:00 2028 GMT

TSA's CRL distribution point: http://127.0.0.1:19254/TSACA
Connecting to http://127.0.0.1:19254/TSACA
CURL failure: Couldn't connect to server http://127.0.0.1:19254/TSACA
Warning: Faild to get CRL from http://127.0.0.1:19254/TSACA

Use the "-TSA-CRLfile" option to add one or more Time-Stamp Authority CRLs in PEM format.

Timestamp serial number: CBE7DF70A7DBD3AC
Timestamp Server Signature verification: ok
Signature verification time: May  1 00:00:00 2019 GMT
Signing Certificate Chain:
        ------------------
        Signer #2:
                Subject: /C=PL/O=osslsigncode/OU=Certification Authority/CN=Root CA
                Issuer : /C=PL/O=osslsigncode/OU=Certification Authority/CN=Root CA
                Serial : 7EE1151CD03FD552C3248F6684036B0677488FAB
                Certificate expiration date:
                        notBefore : Jan  1 00:00:00 2017 GMT
                        notAfter : Nov 10 00:00:00 2026 GMT

        ------------------
        Signer #1:
                Subject: /C=PL/O=osslsigncode/OU=Certification Authority/CN=Intermediate CA
                Issuer : /C=PL/O=osslsigncode/OU=Certification Authority/CN=Root CA
                Serial : 5E17036DBFF7BCFA56A050A67AC2B0D1D6B36F32
                Certificate expiration date:
                        notBefore : Jan  1 00:00:00 2018 GMT
                        notAfter : Jan  1 00:00:00 2026 GMT

        ------------------
        Signer #0:
                Subject: /C=PL/ST=Mazovia Province/L=Warsaw/O=osslsigncode/OU=CSP/CN=Certificate/emailAddress=osslsigncode@example.com
                Issuer : /C=PL/O=osslsigncode/OU=Certification Authority/CN=Intermediate CA
                Serial : 2D6C27FE02DC3CC00EFFBA06AB1E40DF4EA6C5C9
                Certificate expiration date:
                        notBefore : Jan  1 00:00:00 2018 GMT
                        notAfter : Dec 31 00:00:00 2024 GMT

Signature verification: ok


Signature Index: 1

Message digest algorithm  : SHA384
Current message digest    : 810AA940BD63EEFDB2E11720F9422BEF4E45C7444154D59C6571FB31BCBE9FD2C497091A28B69935A7B693F97FA7A179
Calculated message digest : 810AA940BD63EEFDB2E11720F9422BEF4E45C7444154D59C6571FB31BCBE9FD2C497091A28B69935A7B693F97FA7A179

Signer's certificate:
        ------------------
        Signer #0:
                Subject: /C=PL/ST=Mazovia Province/L=Warsaw/O=osslsigncode/OU=CSP/CN=Certificate/emailAddress=osslsigncode@example.com
                Issuer : /C=PL/O=osslsigncode/OU=Certification Authority/CN=Intermediate CA
                Serial : 2D6C27FE02DC3CC00EFFBA06AB1E40DF4EA6C5C9
                Certificate expiration date:
                        notBefore : Jan  1 00:00:00 2018 GMT
                        notAfter : Dec 31 00:00:00 2024 GMT

Message digest algorithm: SHA384

Authenticated attributes:
        Sequence number: 2
        Signing time: May  1 00:00:02 2019 GMT
        Microsoft Individual Code Signing purpose
        Message digest: 7D5318A1023C1BE56BCFB84F491638DF3C4CFA098DFAF4B4F4F6EF7FFE0C397034C4B6680D7211ED1808E61BF6CB07F2

CAfile: CACert.pem
TSA's certificates file: TSACA.pem

Timestamp is not available

Signing Certificate Chain:
        ------------------
        Signer #2:
                Subject: /C=PL/O=osslsigncode/OU=Certification Authority/CN=Root CA
                Issuer : /C=PL/O=osslsigncode/OU=Certification Authority/CN=Root CA
                Serial : 7EE1151CD03FD552C3248F6684036B0677488FAB
                Certificate expiration date:
                        notBefore : Jan  1 00:00:00 2017 GMT
                        notAfter : Nov 10 00:00:00 2026 GMT

        ------------------
        Signer #1:
                Subject: /C=PL/O=osslsigncode/OU=Certification Authority/CN=Intermediate CA
                Issuer : /C=PL/O=osslsigncode/OU=Certification Authority/CN=Root CA
                Serial : 5E17036DBFF7BCFA56A050A67AC2B0D1D6B36F32
                Certificate expiration date:
                        notBefore : Jan  1 00:00:00 2018 GMT
                        notAfter : Jan  1 00:00:00 2026 GMT

        ------------------
        Signer #0:
                Subject: /C=PL/ST=Mazovia Province/L=Warsaw/O=osslsigncode/OU=CSP/CN=Certificate/emailAddress=osslsigncode@example.com
                Issuer : /C=PL/O=osslsigncode/OU=Certification Authority/CN=Intermediate CA
                Serial : 2D6C27FE02DC3CC00EFFBA06AB1E40DF4EA6C5C9
                Certificate expiration date:
                        notBefore : Jan  1 00:00:00 2018 GMT
                        notAfter : Dec 31 00:00:00 2024 GMT

Signature verification: ok


Signature Index: 2

Message digest algorithm  : SHA256
Current message digest    : 2D2C7B382C8163A419B9FF214A7B651C33F9EA43335907F11377290C5158A7A4
Calculated message digest : 2D2C7B382C8163A419B9FF214A7B651C33F9EA43335907F11377290C5158A7A4

Signer's certificate:
        ------------------
        Signer #0:
                Subject: /C=PL/ST=Mazovia Province/L=Warsaw/O=osslsigncode/OU=CSP/CN=Certificate/emailAddress=osslsigncode@example.com
                Issuer : /C=PL/O=osslsigncode/OU=Certification Authority/CN=Intermediate CA
                Serial : 2D6C27FE02DC3CC00EFFBA06AB1E40DF4EA6C5C9
                Certificate expiration date:
                        notBefore : Jan  1 00:00:00 2018 GMT
                        notAfter : Dec 31 00:00:00 2024 GMT

Message digest algorithm: SHA256

Authenticated attributes:
        Sequence number: 1
        Signing time: May  1 00:00:01 2019 GMT
        Microsoft Individual Code Signing purpose
        Message digest: ED2CF03C79C03BCB691002A2E8314493D97302AC6C90D8A472CB1D24B5AB364B

Countersignatures:
        Timestamp time: May  1 00:00:01 2019 GMT
        Signing time: Jan 25 09:22:57 2024 GMT
        Hash Algorithm: sha256
        Issuer: /C=PL/O=osslsigncode/OU=Timestamp Authority Root CA/CN=TSA Root CA
        Serial: 0711AB5969FE824D8ED27C5478E42FA5CBB41D44

CAfile: CACert.pem
TSA's certificates file: TSACA.pem

Timestamp verified by:
        ------------------
        Signer #1:
                Subject: /C=PL/O=osslsigncode/OU=Timestamp Authority Root CA/CN=TSA Root CA
                Issuer : /C=PL/O=osslsigncode/OU=Timestamp Authority Root CA/CN=TSA Root CA
                Serial : 7F675FF6501C92E071B004FB524B494E91FC1F71
                Certificate expiration date:
                        notBefore : Jan  1 00:00:00 2017 GMT
                        notAfter : Nov 10 00:00:00 2026 GMT

        ------------------
        Signer #0:
                Subject: /C=PL/O=osslsigncode/OU=Timestamp Authority/CN=Test TSA
                Issuer : /C=PL/O=osslsigncode/OU=Timestamp Authority Root CA/CN=TSA Root CA
                Serial : 0711AB5969FE824D8ED27C5478E42FA5CBB41D44
                Certificate expiration date:
                        notBefore : Jan  1 00:00:00 2018 GMT
                        notAfter : Jan  1 00:00:00 2028 GMT

TSA's CRL distribution point: http://127.0.0.1:19254/TSACA
Connecting to http://127.0.0.1:19254/TSACA
CURL failure: Couldn't connect to server http://127.0.0.1:19254/TSACA
Warning: Faild to get CRL from http://127.0.0.1:19254/TSACA

Use the "-TSA-CRLfile" option to add one or more Time-Stamp Authority CRLs in PEM format.

Timestamp serial number: 9CA07C9BE77D154E
Timestamp Server Signature verification: ok
Signature verification time: May  1 00:00:01 2019 GMT
Signing Certificate Chain:
        ------------------
        Signer #2:
                Subject: /C=PL/O=osslsigncode/OU=Certification Authority/CN=Root CA
                Issuer : /C=PL/O=osslsigncode/OU=Certification Authority/CN=Root CA
                Serial : 7EE1151CD03FD552C3248F6684036B0677488FAB
                Certificate expiration date:
                        notBefore : Jan  1 00:00:00 2017 GMT
                        notAfter : Nov 10 00:00:00 2026 GMT

        ------------------
        Signer #1:
                Subject: /C=PL/O=osslsigncode/OU=Certification Authority/CN=Intermediate CA
                Issuer : /C=PL/O=osslsigncode/OU=Certification Authority/CN=Root CA
                Serial : 5E17036DBFF7BCFA56A050A67AC2B0D1D6B36F32
                Certificate expiration date:
                        notBefore : Jan  1 00:00:00 2018 GMT
                        notAfter : Jan  1 00:00:00 2026 GMT

        ------------------
        Signer #0:
                Subject: /C=PL/ST=Mazovia Province/L=Warsaw/O=osslsigncode/OU=CSP/CN=Certificate/emailAddress=osslsigncode@example.com
                Issuer : /C=PL/O=osslsigncode/OU=Certification Authority/CN=Intermediate CA
                Serial : 2D6C27FE02DC3CC00EFFBA06AB1E40DF4EA6C5C9
                Certificate expiration date:
                        notBefore : Jan  1 00:00:00 2018 GMT
                        notAfter : Dec 31 00:00:00 2024 GMT

Signature verification: ok

Number of verified signatures: 3
Succeeded

Everything works as expected.

I understood after adding 3 signatures "2 indexes" as sha384, the program swaps 1 and 2 indexes:
0 > 0,1 > 0,2,1
So if you specify -index 1 again for timstamp after "2 index", the timestamp will be set to the new "1 index", which should be the "2 index".
And all three indexes will be working! (2 times add -index 1):


del /f /q vfd_*.sys

:: Index: 0 (Good):
osslsigncode sign          -in vfd.sys   -out vfd_2.sys -h sha1       -time 1420059600 -spc My_Client+Int.crt -key My_.key -ac My_Cross.crt -nolegacy
osslsigncode add           -in vfd_2.sys -out vfd_3.sys -h sha1   -TSA-time 1420059600 -TSA-certs My-TSA1.crt -TSA-key My-TSA.key

:: Index: 1 (Good):
osslsigncode sign -nest    -in vfd_3.sys -out vfd_4.sys -h sha256     -time 1420059601 -spc My_Client+Int.crt -key My_.key -ac My_Cross.crt -nolegacy
osslsigncode add  -index 1 -in vfd_4.sys -out vfd_5.sys -h sha256 -TSA-time 1420059601 -TSA-certs My-TSA2.crt -TSA-key My-TSA.key

:: Index: 2 (this -nest add to Index: 1; swops index: 1 to index: 2):
osslsigncode sign -nest    -in vfd_5.sys -out vfd_6.sys -h sha384     -time 1420059602 -spc My_Client+Int.crt -key My_.key -ac My_Cross.crt -nolegacy
osslsigncode add  -index 1 -in vfd_6.sys -out vfd_7.sys -h sha384 -TSA-time 1420059602 -TSA-certs My-TSA2.crt -TSA-key My-TSA.key

That is, the problem is sorting the indexes when -nest is added a second time.

That is, the problem is sorting the indexes when -nest is added a second time.

Unfortunately, the problem is caused by signtool in your case. It does not preserve the order of displayed signatures from the signed file. Consequently, there is no guarantee about the index of the newly added signature. We try to mimic this behavior in osslsigncode. Please let us know if you find osslsigncode displaying signatures in an order different from signtool.

I haven't used signtool now, I saw in the parameters of file after the commands
osslsigncode above. I added sha384 with the third action.
https://i.imgur.com/Uy9XbFY.png
I'll try to try to do 3 signatures via signtool, probably tomorrow. It's easy to get confused and misinterpret what you see. But in idea the signatures should be added in order next, 0 > 0,1 > 0,1,2 etc.

Checked signtool, an example of how I tried it:

signtool sign     /debug /fd SHA1 /v /f my.pfx /P ****  "vfd2.sys"
signtool timestamp       /t "http://......" "vfd2.sys"

signtool sign /as /debug /fd SHA256 /v /f my.pfx /P ****  "vfd2.sys"
signtool timestamp /tp 1 /tr "http://......" /td SHA256 "vfd2.sys"

signtool sign /as /debug /fd SHA384 /v /f my.pfx /P ****  "vfd2.sys"
signtool timestamp /tp 1 /tr "http://......" /td SHA256 "vfd2.sys"

signtool sign /as /debug /fd SHA512 /v /f my.pfx /P ****  "vfd2.sys"
signtool timestamp /tp 1 /tr "http://......" /td SHA256 "vfd2.sys"

Result: https://i.imgur.com/exwfO6g.png

Right, the signtool has the same principle of adding signatures: 0 > 0,1 > 0,2,1 > 0,3,2,1
it's not logical, but it's true.
This method has a nice advantage: you don't have to figure out which index to put the timestamp in, and the command is always the same when adding a new signature and timestamp.
So you have done everything correctly by repeating the actions of signtool. Well done :)
Then everything's fine. Didn't know about this specificity of multiple signatures.
I usually check everything several times to confirm. I apologize for interrupting.
If I see anything, I'll create a issue.

I'm glad you like it. Thank you for testing.