npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

yzb-signcode

v1.0.2

Published

Sign Windows executables from a Mac

Downloads

3

Readme

signcode

Travis Build Status js-standard-style npm downloads

Sign Windows executables and installers from a Mac.

Works with .pem, .p12, and .pfx code signing files.

Signs with sha1 and sha256 signatures by default.

Installing

npm install --save-dev signcode

Using

var signcode = require('signcode')

var options = {
  cert: '/Users/kevin/certs/cert.pem',
  key: '/Users/kevin/certs/key.pem',
  overwrite: true,
  path: '/Users/kevin/apps/myapp.exe'
}

signcode.sign(options, function (error) {
  if (error) {
    console.error('Signing failed', error.message)
  } else {
    console.log(options.path + ' is now signed')
  }
})

signcode.verify({ path: '/Users/kevin/apps/myapp.exe' }, function (error) {
  if (error) {
    console.error('Not signed', error.message)
  } else {
    console.log(options.path + ' is signed')
  }
})

Signing Options

| Name | Type | Required | Description | | :------------- | :-------- | :------- | :-------------------------- | | cert | String | Yes | Path to a certificate file. | | path | String | Yes | File path to executable to sign. | | hash | Array | No | Signature types to sign the executable with. Defaults to ['sha1', 'sha256']. | | key | String | No | Path to a .pem key file. Only required if cert is a .pem file. | | name | String | No | Product name to include in the signature. | | overwrite | Boolean | No | true to sign the executable in place, false to write the signed file at the same path but with -signed at the end of it. Defaults to false. | | password | String | No | Password to the certificate or key. | | passwordPath | String | No | Path to a file containing the password for the certificate or key. | | site | String | No | Website URL to include in the signature. |

Verification Options

| Name | Type | Required | Description | | :------------- | :-------- | :------- | :-------------------------- | | path | String | Yes | File path to executable to verify. | | hash | String | No | Certificate fingerprint to expect on executable. |

Command Line Example

signcode sign /Users/kevin/apps/myapp.exe \
  --cert /Users/kevin/certs/cert.p12 \
  --prompt \
  --name 'My App' \
  --url 'http://birthday.pizza'
signcode verify /Users/kevin/apps/myapp.exe

Run signcode -h to see all the supported options.

Cert helpers commands

These commands are helpful when working with certificates.

Create cert and key with no password

openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -nodes

Create cert and key with a password

openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem

Create a p12 with no password

openssl pkcs12 -export -out ./test/fixtures/cert.p12 -inkey ./test/fixtures/key.pem -in ./test/fixtures/cert.pem

Show fingerprint of a cert

openssl x509 -noout -in ./test/fixtures/cert.pem -fingerprint -sha1
openssl x509 -noout -in ./test/fixtures/cert.pem -fingerprint -sha256