Utilities to support code signing Windows executable files

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for ahal from gravatar.com ahal Avatar for mozilla-releng from gravatar.com mozilla-releng

Unverified details

These details have not been verified by PyPI
Meta
Classifiers
Report project as malware

Project description

https://img.shields.io/pypi/v/winsign.svg Documentation Status

winsign is a python module for signing and manipulating Authenticode signatures in PE and MSI files.

  • Works on Python 3.11 and up.

  • Free software: MPL2

Requirements

Most dependencies are specified in pyproject.toml, however, currently you also need osslsigncode installed to perform signing. This utility can be fetched from your distribution’s package repository, or from e.g. https://github.com/mtrojnar/osslsigncode

Signing MSIX/APPX files currently requires Mozilla’s fork of msix-packaging.

Installation

pip install winsign

CLI Usage

usage: winsign [-h] --certs CERTS --key PRIV_KEY [-n COMMENT] [-i URL] -d
               {sha1,sha256} [-t {old,rfc3161}] [-v] [-q]
               infile [outfile]

positional arguments:
  infile            unsigned file to sign
  outfile           where to write output to. defaults to infile

optional arguments:
  -h, --help        show this help message and exit
  --certs CERTS     certificates to include in the signature
  --key PRIV_KEY    private key used to sign
  -n COMMENT        comment to include in signature
  -i URL            url to include in signature
  -d {sha1,sha256}  digest to use for signing. must be one of sha1 or sha256
  -t {old,rfc3161}
  -v, --verbose
  -q, --quiet

Future plans

  • Stop using osslsigncode for PE signatures

  • Refactor code so that osslsigncode functionality is in its own module

  • Add python support for MSI, then we can drop dependency on osslsigncode

Development

Highly recommended to create a virtualenv, then run:

  • pip install -e .

  • make your changes to the source files

  • run local tests: tox

upon successful r+ and merging to master branch, you need to release a new version on PyPi.

  • edit pyproject.toml to adjust the version

  • generate .whl file locally: python setup.py bdist_wheel

  • file will exist in: ./dist/winsign-{version}-py3-none-any.whl

  • (assuming you have pypi access to upload)

  • upload to pypi: twine upload –verbose dist/winsign-{version}-py3-none-any.whl

Credits

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for ahal from gravatar.com ahal Avatar for mozilla-releng from gravatar.com mozilla-releng

Unverified details

These details have not been verified by PyPI
Meta
Classifiers

Release history Release notifications | RSS feed

This version

2.3.0

2.2.4

2.2.3

2.2.2

2.2.1

2.1.0

2.0.0

1.3.0

1.2.0

1.1.0

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

winsign-2.3.0.tar.gz (46.7 MB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

winsign-2.3.0-py3-none-any.whl (32.8 kB view details)

Uploaded Python 3

File details

Details for the file winsign-2.3.0.tar.gz.

File metadata

  • Download URL: winsign-2.3.0.tar.gz
  • Upload date:
  • Size: 46.7 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for winsign-2.3.0.tar.gz
Algorithm Hash digest
SHA256 d850339143a43888280cf95657b4b068c07e1b5a13ab51e01c9b52be3d7b983e
MD5 9cef7c01724b4dadff9389a3eb17193e
BLAKE2b-256 023c10d2cb98db0799cf84bb8833bf25c7f6d0af0028d8f0a28fc3c2f3597523

See more details on using hashes here.

Provenance

The following attestation bundles were made for winsign-2.3.0.tar.gz:

Publisher: pypi-publish.yml on mozilla-releng/winsign

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file winsign-2.3.0-py3-none-any.whl.

File metadata

  • Download URL: winsign-2.3.0-py3-none-any.whl
  • Upload date:
  • Size: 32.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for winsign-2.3.0-py3-none-any.whl
Algorithm Hash digest
SHA256 8a86382a6200be0abd7c00f9807aa696e5b5a3f82b64d4c28c74ca9e438dbbec
MD5 a5b2ecc0d2aa58c34f87313973a186f9
BLAKE2b-256 7d9a8c79782d069a6abca9204a62a2779cde43dc1f20d723771b18550df0c50f

See more details on using hashes here.

Provenance

The following attestation bundles were made for winsign-2.3.0-py3-none-any.whl:

Publisher: pypi-publish.yml on mozilla-releng/winsign

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page