Þórhildur

@plusvic I saw #1623 and hope that it gets merged. It would also address _this_ issue. > However, my impression is that without actually validating the certificate chain this is...

> I think it meant, that anyone can compute the correct hashes and make a ''valid'' > signature out of them. What, how? A different hash invalidates the signature. And...

> But again, manipulating the chain would probably result in not a very trustworthy signature, but a valid one. Indeed. And I think this data point of being a valid...

Thanks, yes I meant #1623. Sorry. Great to hear.

Hi, regarding that. I have tinkered a bit with it already. It seems straightforward to go from `ASN1_TIME` to `tm` with `ASN1_TIME_to_tm(X509_get0_notBefore(cert)` (e.g. in the `Certificate` ctor). According to the...

Could you be a little clearer what it is you want?! What I am wondering is whether you want one of the `WIN_CERTIFICATE` (incl. the dynamically sized buffer) or something...

There's one thing here. There can reasonably be more than a single `WinCert` (after all µthenticode treats it as `std::vector`). What to do if that's the case? The assumption of...

Does this look about like what you had in mind? * renamed `Makefile` to `GNUmakefile` because it used GNU make-isms anyway and it makes sense to avoid confusion with the...

Probably also worth to mention. So `-x` simply changes one aspect: now `svcli` wants one more positional argument -> the output file name. It's optional, however. If the output is...

... or maybe you'd rather give `SignedData` a method that _takes_ a stream to write the blob into?