locked
Exe is not working after signing with SignTool RRS feed

  • Question

  • Hello everyone,

    I have created a Java application & bundled it in Jar file.
    After that I have create exe with JSmooth & signed it. Its working perfectly fine. But now I want to switch from Jsmooth to Launch4j, this also creating exe like Jsmooth. The exe is working fine, but after signing with Signtool, its shows me error about INVALID Jar, so I think Signtool is not able to sign the exe created by launch4j. So what should I do ?


    Please suggest me, I am using following batch file to sign the exe.

    set File1=LM.exe

    set TimeURL=http://timestamp.comodoca.com/authenticode
    set StorePass=demo111

    signtool.exe sign /f SignCode\LM.p12 /p %StorePass% /v /t %TimeURL% "%File1%"
    signtool.exe verify /v /a  "%File1%"


    Thanks in advance,
    Laxmilal Menaria
    Friday, September 25, 2009 4:43 AM

Answers

  • Warning: guesswork ahead.

    The tool that creates the exe you're using probably works by appending a jar file to a stub executable.  The stub executable is probably looking for the end of itself, and treating the rest of the data as the jar file. My suspicion is that they've done this by encoding the offset of the end of file data at the time of creation.

    Signtool modifies the executable by inserting a digital signature, which may be upsetting the stub executable.

    I would guess you have two options:
    1) contact the makers of the jar->exe tool, and ask them to make it work with signtool.
    2) find the stub executable, if there is a easily found one. Make a backup copy of it. Sign the stub executable with your own certificate.  Then, use the app to convert your jar to an exe.  Restore the backup version of the stub exectuable.

    If you've signed the right executable, and you're lucky, you might now have a working exe-ized jar, stamped with your authenticode signature.
    Monday, September 28, 2009 5:45 PM

All replies

  • Warning: guesswork ahead.

    The tool that creates the exe you're using probably works by appending a jar file to a stub executable.  The stub executable is probably looking for the end of itself, and treating the rest of the data as the jar file. My suspicion is that they've done this by encoding the offset of the end of file data at the time of creation.

    Signtool modifies the executable by inserting a digital signature, which may be upsetting the stub executable.

    I would guess you have two options:
    1) contact the makers of the jar->exe tool, and ask them to make it work with signtool.
    2) find the stub executable, if there is a easily found one. Make a backup copy of it. Sign the stub executable with your own certificate.  Then, use the app to convert your jar to an exe.  Restore the backup version of the stub exectuable.

    If you've signed the right executable, and you're lucky, you might now have a working exe-ized jar, stamped with your authenticode signature.
    Monday, September 28, 2009 5:45 PM
  • Thanks
    Tuesday, September 29, 2009 7:43 AM