How to package & sign VeraCrypt for Windows
Open source disk encryption with strong security for the Paranoid
Brought to you by:
idrassi
Menu
▾
▴
I'm trying to create a custom version of VeraCrypt for my testing purposes, and I'm struggling with the Windows packaging & sign.
I'm trying to use the tests certificates inside the
Signing/TestCertificate, and all the signing and packaging seems to work fine, in this link is the output log. The problem is when I try to executeVeraCrypt Setup 1.23.exeneitherVeraCrypt Portable 1.23.exe, I'm getting the following errors:Do you have any idea why I'm having this problem?
Do you know how to create a Code Signing certificate for "Production"?
Last edit: Daniel Ramos 2019-08-09
This error is due to the fact that in RELEASE build we verify that the code signing certificate used is the official one from IDRIX which is hardcoded. In DEBUG build, this check is disabled and so no error is displayed if another code signing certificate is used.
This logic is implemented in the function VerifyModuleSignature in Dlgcode.c at https://sourceforge.net/p/veracrypt/code/ci/master/tree/src/Common/Dlgcode.c#l13709. As you can see, in case of DEBUG, this function always returns TRUE. In your case, you can modify it to use your certificate or simply always return TRUE.
Thanks you Mounir! I'll try doing that and I'll post the results 😃. Thanks you a lot!
It worked in debug mode at least, I'll try to generate my own certificates for the release mode. Thank you a lot Mounir! 🙂