Didona

I've packaged my app using IExpress, and created a self-extracting exe file.

I then try to Authenticode-sign this file.

If the file is < 4MB, everything is fine.

If the file is > 4MB, I get the following error:

SignTool Error: ISignedCode:: Sign returned error: 0x80070057
The parameter is incorrect.

SignTool Error: An error occurred while attempting to sign: c:\myfile.exe

Any suggestions

Thank you,



Re: Application Compatibility for Windows Vista Signtool fails if my file is > 4MB

Mo Nail - MFST

Please provide the name of the tool you are using for signing and the command line you are using.




Re: Application Compatibility for Windows Vista Signtool fails if my file is > 4MB

Didona

I have been using signtool.exe version 6.0.6000.16386 which is part of the Vista RTM DDK.

I also tried version 6.0.6000.16384 which I got with the Vista Platform SDK.

The two ways I tried to use signtool (both fail) are:

1. signtool.exe sign /f myCertificate.pfx /p myPassword /t http://timestamp.verisign.com/scripts/timestamp.dll myFile.exe

I get the following on the command prompt:

Done Adding Additional Store

SignTool Error: ISignedCode:: Sign returned error: 0x80070057

The parameter is incorrect.

SignTool Error: An error occurred while attempting to sign: myFile.exe

Number of errors: 1

2. signtool.exe signwizard

This will pop up a GUI that asks to select the file to sign, I then selected "typical signing options", the certificate to use from the certificate store, no description or timestamp. When I click Finish, I get a "Digital Signature Wizard" error: "The digital signature wizard did not complete". At the command prompt I see: "SignTool Error: An error occurred while signing: ()".

Thank you.





Re: Application Compatibility for Windows Vista Signtool fails if my file is > 4MB

Mo Nail - MFST

See if this info helps.

http://www.verisign.com/support/code-signing-support/code-signing/identity-authentication.html

Select Add a timestamp to the data and in the Timestamp Service URL enter: http://timestamp.verisign.com/scripts/timstamp.dll
Note: "timstamp.dll" does not contain the letter "e"






Re: Application Compatibility for Windows Vista Signtool fails if my file is > 4MB

Didona

I get the same errors when using timstamp.dll.

I followed the instructions from the link, but there's no difference.

Regards,





Re: Application Compatibility for Windows Vista Signtool fails if my file is > 4MB

Mo Nail - MFST

One recommendation is for software installations that are developed using MSI is to use external cabinets.

Only smaller internet downloads tend to be self-contained MSI¡¯s.

The installation source does not have to be self-contained with the install package
itself. Additionally, having them external to the MSI file does not cause
deployment problems. You can use the MsiDigitalSignature and MsiDigitalCertificate
table to ensure that digital signatures on external cabinets are validated before
utilized. So you can still maintain digital signature verification.
Only smaller internet downloads tend to be self-contained MSI¡¯s.

The installation source does not have to be self-contained with the install package
itself. Additionally, having them external to the MSI file does not cause
deployment problems. You can use the MsiDigitalSignature and MsiDigitalCertificate
table to ensure that digital signatures on external cabinets are validated before
utilized. So you can still maintain digital signature verification.

If you are a Microsoft Partner, I suggest you contact Microsoft Support for your region.






Re: Application Compatibility for Windows Vista Signtool fails if my file is > 4MB

Didona

I do not have a software installation that uses MSI!

I have a device driver that uses DPInst for installation, and created the installation package with IExpress!





Re: Application Compatibility for Windows Vista Signtool fails if my file is > 4MB

Mo Nail - MFST

The most current version of the Driver Install Frameworks (DIFx) tools is available in the Windows Driver Kit (WDK).




Re: Application Compatibility for Windows Vista Signtool fails if my file is > 4MB

Didona

I am using the latest WDK tools, including the latest version of DPInst (v2.1).





Re: Application Compatibility for Windows Vista Signtool fails if my file is > 4MB

Mo Nail - MFST

Using this latest information, I still did not find a known issue while searching our internal databases.

If you are a Microsoft Partner, please contact Partner Support for your region.






Re: Application Compatibility for Windows Vista Signtool fails if my file is > 4MB

Didona

It turns out the problem is when signing EXE files created by IExpress.

If you create a CAB file with IExpress you can reserve space in the file for the digital signature; when you create the EXE file - there's probably no space for the signature!

Signtool works fine on self-extracting EXE files created with other tools!





Re: Application Compatibility for Windows Vista Signtool fails if my file is > 4MB

Jaffar Kazi

Hi
In your above comment, you mentioned that signtool works fine on self-extracting EXE files created with other tools.
I'm facing the same problem, and I would be very thankful if you could tell me which other tools can be used for creating the self-extracting EXEs, i.e., basically an alternative to IEXPRESS.

Thanks in advance,
--Jaffar Kazi




Re: Application Compatibility for Windows Vista Signtool fails if my file is > 4MB

Didona

I've used WinRAR only for my test - to create an exe that I could sign.

I still haven't decided how to package the software... There may be better options out there.

It turned out that the size of the archive didn't matter - it was just a failure to sign any EXE created by IExpress.





Re: Application Compatibility for Windows Vista Signtool fails if my file is > 4MB

Miezoo

I've also encountered this error (0x80070057) when the embedded manifest of an EXE was encoded as ANSI.

After reencoding it to UTF-8, the error went away.





Re: Application Compatibility for Windows Vista Signtool fails if my file is > 4MB

Konstantin Kamanin

Miezoo wrote:

I've also encountered this error (0x80070057) when the embedded manifest of an EXE was encoded as ANSI.

After reencoding it to UTF-8, the error went away.


I try to sign a dll file with manifest encoded into UTF-8, but get the same error - 0x80070057. Size of the dll < 4 MB. WTF

TIA.