From bb2149aac87757aa27a22c42f45e82712d814205 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Sat, 11 Apr 2015 00:31:10 +0200
Subject: [PATCH] Windows: add a test code-signing certificate and a batch file
 to sign binaries and the installer with it.

---
 .../TestCertificate/idrix_TestRootCA.crt      |  35 ++++++++++++++++++
 .../TestCertificate/idrix_codeSign.pfx        | Bin 0 -> 3204 bytes
 src/Signing/sign_test.bat                     |  25 +++++++++++++
 3 files changed, 60 insertions(+)
 create mode 100644 src/Signing/TestCertificate/idrix_TestRootCA.crt
 create mode 100644 src/Signing/TestCertificate/idrix_codeSign.pfx
 create mode 100644 src/Signing/sign_test.bat

diff --git a/src/Signing/TestCertificate/idrix_TestRootCA.crt b/src/Signing/TestCertificate/idrix_TestRootCA.crt
new file mode 100644
index 00000000..38c3c625
--- /dev/null
+++ b/src/Signing/TestCertificate/idrix_TestRootCA.crt
@@ -0,0 +1,35 @@
+-----BEGIN CERTIFICATE-----
+MIIGIDCCBAigAwIBAgIJAPvjSMZai4JVMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYD
+VQQGEwJGUjEPMA0GA1UECBMGRlJBTkNFMQ4wDAYDVQQHEwVQQVJJUzEOMAwGA1UE
+ChMFSURSSVgxITAfBgNVBAsTGFNlcnZpY2UgZGUgQ2VydGlmaWNhdGlvbjEbMBkG
+A1UEAxMSSURSSVggVGVzdCBSb290IENBMR8wHQYJKoZIhvcNAQkBFhBjb250YWN0
+QGlkcml4LmZyMB4XDTE1MDQxMDIxMTM0OFoXDTMwMDQwNjIxMTM0OFowgZ8xCzAJ
+BgNVBAYTAkZSMQ8wDQYDVQQIEwZGUkFOQ0UxDjAMBgNVBAcTBVBBUklTMQ4wDAYD
+VQQKEwVJRFJJWDEhMB8GA1UECxMYU2VydmljZSBkZSBDZXJ0aWZpY2F0aW9uMRsw
+GQYDVQQDExJJRFJJWCBUZXN0IFJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGNvbnRh
+Y3RAaWRyaXguZnIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCc2mN4
+uIcmMKn6dde8WL8l0FQtmOEidLtdoztf9COi4fHtWhIJUegPHEuylx4zepmQduZ6
+mDBHiGktgQJa2NoADd91NE54MBoJ4Lg7/wHb7+XAuTd2FtQlSGz4fG8LKIvuI08I
+Cd5ShNJRnaJ/A1UoMhKWCd/qAR4DUoDB7N2cWy2ieXu+nCx00cAzPKiMdLin29of
+awELV9AGzyCzg6lECpds61BFvmb3nixGOb66hgrlQ1b54V8saFykQbfa6NbpiWaE
+oLd2Q/pWrdKSvZJVktj+1iIylo/uwKgvEr8r385jBP/ENOCfMMrZRnSOfIgaQ9nr
+QWdsNdV5xrpCEX08rSVgBTruYLkWDgApgFKPPbmE3LujuGfkBOCG08ZTGskDn6il
+6ngAEVIAIDm7Z/LMOuipCODFiDG/DVUvt2kOSdE2071P4ZWLNViaa5YfdWsY3obU
+e7Unc+IaqlJ41wUifAc4TGh6Fhw5svGfUUObHcaYCI+Eugm5uU5bA37nIeEVO4Hr
+bAHCRNZQWoLwf/3OKxp+nBkAtCSVUibETBwSKAZmuHJqCvXJaaAym0V28BV3uEtj
+d6JCajtCLHxZfUXfOPIh4X2tq8Hb5zYma7Fdd9QCIGJ8Kzs0LP7diVzMPL7cgshe
+63lx+h/n2UuL5GBSKvDYcLM9gN7c9FGsw3ffnQIDAQABo10wWzAdBgNVHQ4EFgQU
+94yP2FG92lt6mv6YrnhOmpD4pMYwHwYDVR0jBBgwFoAU94yP2FG92lt6mv6YrnhO
+mpD4pMYwDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEFBQAD
+ggIBAHcICiV97giWaAV/LH1a5D0cOLXorZ42bX4Wr8NrJOz6nBcTa9vNibV5Xkmt
+YBLW8kG/JEpJZVt4Sd4u7tXoFR0Hj0tKMUWtLEOZ3TNWjoCHFVRpJ8Aa3SZaTbJT
+oHn/TeIuizJMLyEYMXVFzHJxEjB1OPmXbR+YA89arIuwsqYdiu598VHvppJ2fWSK
+2GzR+slvoPqEjsLxvMJQzUoGSyz3x1SUURK0VKtx0hnCNMcxFrZkpwnSjYl8/DbV
+FzWeAdbrZJaa4uflhyBp9voBuYtNGO8HSfnm4I1nMvZSaGeUjxAQ3eQO2vOc+Ja2
+DJFZc+Fu6S8MOu3ytVOEs5Fk5CSYHPXIB4TftPCTDAJ6BudKVGJT/sJS7ix0mW6v
+oiZAiVaDgx2L5JVfpPwunUStIpgAJZyMMUCaxE12Yq7MJqdbrQhc5532FPgyBu8B
+7VV0mf62caZS8XljCkYRBRwwuOURU0yGU3miWvopTUDDH8gJzbpnbPKFR8MnO4Dq
+y0ae411/geo7C1xgJb6Y3NOw8OEsHGzKSNx0m11jeTgndx7I/fuVP5xOK/OOQatf
+LGGRUE8IepaeQTS22d5PLknOAejv6OqSI0C2DIFezBJhQmCI0fEpZRhGh+blv9Hc
+TarRCDOSVTbbbV25fgzrOLlk7djqjZ6nvoMB1lGn07MByDmt
+-----END CERTIFICATE-----
diff --git a/src/Signing/TestCertificate/idrix_codeSign.pfx b/src/Signing/TestCertificate/idrix_codeSign.pfx
new file mode 100644
index 0000000000000000000000000000000000000000..e2279094ae0b2df938e267160ab8e42eb50b8634
GIT binary patch
literal 3204
zcmY+FcRbXOAICp;&N=JIj*}22>ue$;n=c{j>{V8>XT~|s$lhm0A=x{7=R!C$dlr&a
zL?nK`kH_!#`~H4^yw~gXe!TyDKam&;G#EsL#89X}N$*CeMVwHANI>}*3JC~?LgY#o
zL}H)`|5(s`3>1AO1%g4qRq_7E0U;4kvVUKo06~#(2uv)Ydh}sPT{ajD1JD?#n&z&2
zGIto2$kbw&p)~fqTdP2tS7}qv#&tpk;gW4{JCwG-V%NXXc?u_+f0m!K*X8&nYWz`%
zw9!a{vk-#=)HCb8K;?sW*q>F*uUuN!PEIQatnBFh+vt%4wXBs@(9+BBnHYzZmfu;e
z0t$566+_=qn?;}0pLXWHO}lJ6WpjuyX>z^=`q89|B?MP%rdqo-)yN?ld4=2NM-1M%
z>@NZEjcc9HYwyG?eR>~TB@1^5UzM4SGFkI?8}#-bA1b}cYOYDVCxaS&=QvlWPaS+?
z?PaV=0>M9ZX7hzegqmB?eP@c8@3Aq8qdkIwI!MKDlP#)nRNtJeg_yCGA?1o&pEhms
zUI=>OWyi$F)mBC(pE{*gQxrn%B(lHph&^#LFL)DwLD@ia+<Frt%PJ1k!{d~SABA4G
zUF?okS^Gw3A289An<80iGNJ8I|5p2J6qnIPrlc1k794luS01ZViv_HfP4{q<3U1if
zpYI>J5U96e(0Bl;4&_WbFq+ErcIRKIer=>Rs*p2s<C8K?U*Kx~1UOo3sauzClZ97Q
zvKw4*K7P9HaV~!G0=LbNrKWe;l{A(}6xZU47M~PS+|4f*6SVFqcO|<>7uT#;#5?Sc
zSqE637)K(VPNNG%c`T-sE(>l}Upp*{v-uud6g64+I+6p&xXh&@>xE2x+~|I5lW4R}
zC-LV{%M#Zb@KoC+R+7Bvc$d66y0vRQ($u%sHSWpXS5YS`p;i+5BMGKR3Yh!Y`i$*g
z7^h2Y@3m;V+x%ffl#7>7ALa0I^O1?YVt>$C`P>%=_oaG%2NXhi!csP6bK<|C^ZR&)
zno8lLT!n>qQ`0TOpl`jGGY#u|ErgU~Jm>-BvSL}+;tPV=98E_)q6XTl=X-AMi<U%6
z^yg6U_#~=F6kCiuNsiS*L4EkA9*X%VSr*hkvv=ijW_+V<@JA#jxN%%&e*4}ANLct#
zQBIedxPO8WQgdilRgsfqbd-z{#S!lna2GoUsT4&8?GxSEs;<|bzKdg%LHn*Go?ydx
zY~Iuz6ueE-+Lc@ImLUYNLo6A8P^`5xFu87VTlA)W>o**(Ii=V4DY^X}cj^o_Hz50n
z!zX3GjsIL&wH0G`0Cu6o4&~(%9{zw0tJ-?6)6Qkt$)^Qz@I=2;4Upm)(;cJ6Rp!mm
zmY)@PI&SL(?Xj~*jI;SFBObqyj!=p_g(p~V%jC6`M#T73bMk~07~wmWyToCr!^xMl
zd9ND12=~u<eh<bcA*RYo`OlmK#M~ft1iw+kGn<Q@GqSD$oVpClrnf;^;?fyPeqZ-}
zHR8I3u}Q<e!?X9C_uVUFrZu^9&Nb~SmXD040#xk2WM;vyUr1ZaQb$SNZThsl8*bfN
zWxz9(QrcO_z6>g9Ay!S#5ID+YB1Ob8H|R8HcZBF`A@?-{SB)wFYv?7@S&~UrnYQ2d
zi2smLTT&K=gDg-MZI+g<yo$f&-;UGxda<cT(`4y41Pf+rSz(?aj4@`g-sd@(Zy43-
zUVIj$PLBkpz#SUr((_&o;m)u&UtNjuFyfw@`@B?WbYeRElAKDf@tj3U(0XwA{?a|4
z?Qy}O&Qh(H0gG~`*T>b&a^IKSo^9zeW<B87MByIBRvM|FI>p*;=6Zyb)s7XJdQ$5g
z)@(hw(Pj~{Y504Iz068*j<%Zj`h5mx0Wdi+-)($+qn9gKGs!WNZyno=vPAOcD!GLW
z-5Wwz6UC>dtCxrIUjv#x+^PL@v=Jk4o%1H2LQ;l)ru1yGfJVM{oy>k?usj?)S!41O
z)TMMr{xP^1u6nxa=($MtE-zInNBMi3hu@Bv$FXY$DjuxS;V(wv-uW{i#U7{GFvnn{
z_A1P8%f0AB#4M_SQML8RGY{gf?L>ieak2HP*xk=Ec088ai$OC>%kq^M!^%!~DcNak
zmtX|Wa*c?&caix;oWa7PyFo&ai1hN~xZ5@u`af@q`*hIkl~^Y<uKIg%hV@jtH8D4d
zju@Rv+~fsp-kXe`Ez^vU`icJ1U|p5O5(N+qj@XZ~eMpj=1?2V5OzeiCTpbb=SOm!Q
zJOe!-)ymE=0e^`4BhJO1H+Gnvzq3NBOn5(ClJIaunRtj+W-c&8cVXQ|4~Zeh{SSEZ
zF~rdj3^Ddf4!w#XDEWUdL<R!qV<3A-3}pNN=tT54o$mQ6)zyt{wEs;f2nO<DYLTlV
zQJUq;soTdCHbu`_)6E+`^{j6MY=9}h<vkMmYNg~uu7~{yXPOc(D&H=NV#dfdf=S-I
zfpTazx|NbLUx`Jir81gnJyhtii{&6Xhs?tGpmK-k^}*QgnXv}lLd<Z7g*%VvqrCa@
zAHgTX1!oP*FJ_?AyD(IWBrm3!zRN!R^Pio(3SW9e0DX71OsppWXora1dwG}YG`QW%
zBLlR6%b3{<bJ1SQ?MS55HkqTN13F2_G7*BqQ+TC-C}s~5+1a>!I)5v%tV)=P5P!S`
zNlwnMg6&&Hof3sD>G~Mc_ayFv162aA2O}#NLcJ*;sE2#cx9D&#<6vZ3YARHtxL6Ru
zpFWj~K3G1|z~P7G@hy6V75}82Zl?5641z2tmCIgxlDB<<RRmvOORg$~Woxk5S6tgF
z-}UXvsCu%d6<D=|B@;IB`AFYpo8v>`6aUq0DU5EW=B!2JvjlzuDAPJF>Z9CHN~<0*
zYma>Tty5P!@1^{QO>LE)8mg4;VQZJSiNE%%?|@Ui2D?>#e<{Ljy-#|NMxGu@EklCL
zk}pzHLj8M?)<Eog2R7(s3ubKj(Tq7EzE8YG&*mV`v&buOP>9o4f3Q>zuY=W0vU&V$
z@4RtIN4!B9Z=6nmJiiC_jnviHY3p&~7AZNWVbhl~<S;KehCW4F%5By8l7%J7$Qlir
zEFr~YRW1ut+|p=+TV2(*%v?w1JQ*bwCC%Sj90|p1z;RG2fyrrn-C~F7nTzqEp^^$4
zYowaIioNK0Cf2%!B}Vn5t*WZmn4hb@#10fbH|A#K<B?)3$xIYF*2nljD9MV1Ixvn?
zfoKwVL6iroW35~h+i$ZZrIHo=dX034B<t4*L%OrFS$^rG0+9us2B>{%8I}?jApB+;
zO2<Loh>xfLE?Ucu_p`+MvF%0j+$M*I$*`_n#1B`Yg1bhR<4L8A<GTE3C}DuqgEw|T
zRj-*Hx4elf@2ct8CO0?FP)i-*1|Sn(ejb14u$4B8ZFE65+A2wWa`KKa-B#zESFwuo
zndm**S8-)b=znNvYQ8cVUQ5jmxBOJUH4wN}ZaaXOCTh+c@U7b9>J8&4@oo=f@{2g0
z&HYOupSSzxH4lm+oYhjlBBA@R%frFx_H>DiElY)JR?N3MCD(>>iA)WJFLaxfvYXT1
zlCLTDx2K}ixOoLNxtJ`><qw!Yu+3l&bnL<^;<R4c1#p&+hZ}zr#?_SYH7dvx587{8
z38oiN9%0t~-R-^g+{Eyw=ghS?*fu}Ug=AzGmW4T7UqxAOJ16e<9?}lw3BEvBW*1p-
zr%_NSaHE_g0Z}MH<WB}f4Z>}dl-08zp0`?+Q2F)680V{g>Q~GllJv3Z)7Opdnp$qW
z`Q><yF-KIGT@a1U^*ahsn6hE3nLj7o=_J{$nBt2!Q@@P*dUl@jI3~H=Q9Qhe$dqk~
zrhx1`aJ`AbzE625u<#X2`UY)V)W_br$6VB<tZtw6iX*03nnibdp3MAcune?7BZ9|p
zmxhSAPiDe0ee(Paps!A4h2Zw5l6;@di+NiFeJXE+2NO!%Y9;B|Zwx3iy={#C{PW&g
zGdca8zXHKl^wA;dd=DrG`u+&r5+)fE3Pf`L_dAl(3o$_GK1_zlZ$I5F8x-1D6zn3k
z`9WUXfi(DMiB3rEh6<n#C;@s`*%-J9=mU=dPr&P{Qv_TAyQ}FY@Ca}O?15)j`Po(d
z+j$IlT<tglPp-liu)gXaBZZLcNKz;<FPsR>ObkHio*?l!;)ZIIDW_kgy|Yd<KiOU6
SATSO(&_3?>E6u;3@4o=>uhcUD

literal 0
HcmV?d00001

diff --git a/src/Signing/sign_test.bat b/src/Signing/sign_test.bat
new file mode 100644
index 00000000..d7976828
--- /dev/null
+++ b/src/Signing/sign_test.bat
@@ -0,0 +1,25 @@
+PATH=%PATH%;%DDK%\bin\x86
+
+set PFXNAME=TestCertificate\idrix_codeSign.pfx
+set PFXPASSWORD=idrix
+
+signtool sign /v /a /f %PFXNAME% /p %PFXPASSWORD% /ac TestCertificate\idrix_TestRootCA.crt /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\veracrypt.sys"
+signtool sign /v /a /f %PFXNAME% /p %PFXPASSWORD% /ac TestCertificate\idrix_TestRootCA.crt /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\veracrypt-x64.sys"
+
+signtool sign /v /a /f %PFXNAME% /p %PFXPASSWORD% /ac TestCertificate\idrix_TestRootCA.crt /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt.exe"
+signtool sign /v /a /f %PFXNAME% /p %PFXPASSWORD% /ac TestCertificate\idrix_TestRootCA.crt /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt Format.exe"
+signtool sign /v /a /f %PFXNAME% /p %PFXPASSWORD% /ac TestCertificate\idrix_TestRootCA.crt /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCryptExpander.exe"
+
+cd "..\Release\Setup Files\"
+
+copy /V /Y ..\..\..\Translations\*.xml .
+
+"VeraCrypt Setup.exe" /p
+
+del *.xml
+
+cd "..\..\Signing"
+
+signtool sign /v /a /f %PFXNAME% /p %PFXPASSWORD% /ac TestCertificate\idrix_TestRootCA.crt /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt Setup 1.0f-2.exe"
+
+pause
\ No newline at end of file