为NSIS安装程序设置UAC"发布者"字段

Question

为NSIS安装程序设置UAC"发布者"字段

当我打开我的安装程序(我使用NSIS创建)时,会出现UAC对话框,其中包含有关我的安装程序的信息.字段Publisher是"未知".我听说过对应用程序进行数字签名,您知道如何在NSIS中执行此操作吗？

如何将字段/属性Publisher设置为"我的安装程序"或其他文本？

我认为下面的代码应该设置Publisher字段,但它没有,它仍然是'未知':

InstallDir  "abc"
Name        "def"        
OutFile     "def.exe"

VIProductVersion                 "1.0.0.0"
VIAddVersionKey ProductName      "def"
VIAddVersionKey Comments         "MY DESCRIPTION"
VIAddVersionKey CompanyName      "My Installer"
VIAddVersionKey LegalCopyright   "MY COMPANYNAME"
VIAddVersionKey FileDescription  "MY DESCRIPTION"
VIAddVersionKey FileVersion      1
VIAddVersionKey ProductVersion   1
VIAddVersionKey InternalName     "def"
VIAddVersionKey LegalTrademarks  "PTY LTD"
VIAddVersionKey OriginalFilename "def.exe"

Section
    DetailPrint "Hello World"
SectionEnd

Run Code Online (Sandbox Code Playgroud)

Answer 1

And*_*ers 19

您必须使用Windows信任的证书颁发机构对Authenticode进行签名(如果您想成为Winqual的一部分,那么您需要一个特殊证书而MS只允许您使用VeriSign),因为该字段是从数字证书中提取的(如果一个存在)而不是PE版本信息.

要作为构建过程的一部分进行签名,您可以使用此hack,或者如果您使用的是Unicode分支,则可以使用该!finalize命令.

Answer 2

svc*_*bre 5

为了提供有关该命令的更多详细信息，这些是我在 NSIS 3.03 版本中使用的带有该!finalize命令的行。

重要提示： 您需要在与certificate.pfx文件位于同一目录的passwd.txt文件中提供codesign 证书密码。

!define PRODUCT_NAME "def" !define PRODUCT_VERSION "1.0.0.0" !define OutputFileName "def.exe" Name "${PRODUCT_NAME} ${PRODUCT_VERSION}" OutFile "${OutputFileName}" InstallDir "abc" ShowInstDetails show !define /file OutFileSignPassword ".\CodeSign\passwd.txt" !define OutFileSignCertificate ".\CodeSign\certificate.pfx" !define OutFileSignSHA1 ".\CodeSign\signtool.exe sign /f ${OutFileSignCertificate} /p ${OutFileSignPassword} /fd sha1 /t http://timestamp.comodoca.com /v" !define OutFileSignSHA256 ".\CodeSign\signtool.exe sign /f ${OutFileSignCertificate} /p ${OutFileSignPassword} /fd sha256 /tr http://timestamp.comodoca.com?td=sha256 /td sha256 /as /v" !finalize "PING -n 1 127.0.0.1 >nul" # Delay Next Step to ensure File isn't locked by previous Process !finalize "${OutFileSignSHA1} .\${OutputFileName}" # CodeSigning with SHA1/AuthentiCode !finalize "PING -n 5 127.0.0.1 >nul" # Delay Next Step to ensure File isn't locked by previous Process !finalize "${OutFileSignSHA256} .\${OutputFileName}" # CodeSigning with SHA256/RFC 3161 CRCCheck on Section DetailPrint "Hello World" SectionEnd
Run Code Online (Sandbox Code Playgroud)
之后，您将能够看到类似于以下几行的输出：

The following certificate was selected: Issued to: Your Company Issued by: COMODO RSA Code Signing CA Expires: Sun Mar 15 00:59:59 2020 SHA1 hash: 0A12223C465069798D940317273C4F56A9BCC6D9 Done Adding Additional Store Successfully signed: .\def.exe Number of files successfully Signed: 1 Number of warnings: 0 Number of errors: 0
Run Code Online (Sandbox Code Playgroud)

归档时间：	13 年，6 月前
查看次数：	15886 次
最近记录：	6 年，2 月前