为什么签名有效,但签名验证无效?
signtool标志/ v / ac comodorsacertificationauthority_kmod.crt / tr http://timestamp.comodoca.com/rfc3161 mydriver.sys
The following certificate was selected:
Issued to: Company, Inc
Issued by: COMODO RSA Extended Validation Code Signing CA
Expires: >..
SHA1 hash: ....
Cross certificate chain (using machine store):
Issued to: Microsoft Code Verification Root
Issued by: Microsoft Code Verification Root
Expires: Sat Nov 01 16:54:03 2025
SHA1 hash: 8FBE4D070EF8AB1BCCAF2A9D5CCAE7282A2C66B3
Issued to: COMODO RSA Certification Authority
Issued by: Microsoft Code Verification Root
Expires: Mon Apr 12 01:16:20 2021
SHA1 hash: 106870659C069F248C8C0A05ACD871CABEB3CC38
Issued to: COMODO RSA Extended Validation Code Signing CA
Issued by: COMODO RSA Certification Authority
Expires: Mon Dec 03 02:59:59 2029
SHA1 hash: 351A78EBC1B4BB6DC366728D334231ABA9AE3EA7
Issued to: Company, Inc
Issued by: COMODO RSA Extended Validation Code Signing CA
Expires: ...
SHA1 hash: ...
Done Adding Additional Store Successfully signed: mydriver.sys
signtool验证/ v / kp mydriver.sys
签名索引:0(主签名) 文件哈希(sha1):1EDBB6F9354413D1B0F1696BF713281954F75130
Signing Certificate Chain: Issued to: COMODO RSA Certification Authority Issued by: COMODO RSA Certification Authority Expires: Tue Jan 19 02:59:59 2038 SHA1 hash: AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4 Issued to: COMODO RSA Extended Validation Code Signing CA Issued by: COMODO RSA Certification Authority Expires: Mon Dec 03 02:59:59 2029 SHA1 hash: 351A78EBC1B4BB6DC366728D334231ABA9AE3EA7 Issued to: MyCompany, Inc Issued by: COMODO RSA Extended Validation Code Signing CA Expires: ... SHA1 hash: ... The signature is timestamped: Thu Oct 25 16:17:01 2018 Timestamp Verified by: Issued to: UTN-USERFirst-Object Issued by: UTN-USERFirst-Object Expires: Tue Jul 09 21:40:36 2019 SHA1 hash: E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46 Issued to: COMODO SHA-1 Time Stamping Signer Issued by: UTN-USERFirst-Object Expires: Tue Jul 09 21:40:36 2019 SHA1 hash: 03A5B14663EB12023091B84A6D6A68BC871DE66B SignTool Error: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. Number of files successfully Verified: 0 Number of warnings: 0 Number of errors: 1
答案 0 :(得分:0)
也许您应该使用验证/ ds 1 / v? / ds 1是索引1,而不是0? https://docs.microsoft.com/en-US/dotnet/framework/tools/signtool-exe