Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

`chktrust` in Mono can apparently do this. I'm not sure if `osslsigncode` can, but if so, it has less dependencies.


I would have been extremely happy if that worked.

It doesn't check everything and has some bugs. osslsigncode goes most of the way there but you have to write a lot of the remaining parts yourself using a combination of openssl C API and add a ton of extra C code.

And this is the kind of crypto that is challenging to get exactly right with no vulns especially in C/C++.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: