Signotaur - v1.2.0.161 Released

Releases Signotaur
1

Hi All,

A new version of Signotaur has been released and is available from Signotaur Downloads. The latest stable version of Signotaur is 1.2.0.161.

Changes in v1.2.0.161

New Features

  • Detached CMS signing is now supported for archive and disk-image formats (.zip, .7z, .tar, .gz, .tgz, .bz2, .xz, .iso, .img, .vhd, .vhdx) via the new --detached and --signature-file <Pattern> options.
  • CMS and RDP signing now support ECDSA code-signing certificates in addition to RSA.

Improvements

  • Unsupported file types that are detected to be valid PE images are now automatically signed with Authenticode, including staged .tmp binaries produced by build tools such as InstallShield.
  • The server now translates low-level cryptographic provider errors (CSP/CNG/KSP) into clear, actionable messages when signing or loading certificates, instead of surfacing raw error codes.
  • PKCS#11 signing now verifies each signature before returning it and automatically retries transient token errors, improving reliability with hardware tokens and HSMs.
  • The message shown when an unsupported certificate type is used for signing is now clearer.

Changes

  • The client now returns more specific exit codes for a wider range of failures — including Win32 file errors, additional CMS/cryptographic errors, and AppX/MSIX packaging errors — and previously unmapped errors now map to dedicated codes rather than a generic failure.

Bug Fixes

  • Fixed misleading authentication error messages during first-user setup and two-factor login, and hardened client-side parsing of server error responses.
  • Fixed intermittent ECDSA signature verification failures caused by an ASN.1 integer-encoding error.
  • Fixed a PKCS#11 locking issue where signing and certificate-lookup operations on the same token were not serialised, which could cause spurious “user already logged in” errors.
  • The SMTP password is no longer cleared when email settings are saved without entering a new password.
  • The user-account popup in the store-certificate registration dialog now closes only when its buttons are clicked, rather than on any outside click.
  • The Display Name field is now correctly optional during external-login setup, with its form label linked correctly.

Infrastructure

  • Updated the .NET SDK to v10.0.301.
  • Third-party package updates.

Full change history

Introducing Signotaur

2

This topic was automatically closed after 6 minutes. New replies are no longer allowed.