Signtool modified the Powershell code while signing

173 views Asked by At

We use signtool.exe to sign our Powershell scripts. Recently, we came across a weird issue where signtool removed last of line of Powershell code and then added the signature block.

For example, this is our script

function Method
{
    ...
}

After signing, this became

function Method
{
    ...

# SIG # Begin signature block
...
# SIG # End signature block

Notice how the closing parenthesis } is removed from the file. We tried to reproduce the issue, but could not. My question is there a known issue with Signtool that intermittently causes this problem?

Edit: Found the issue. Apparently, Signtool puts (Signature block + one new line above the signature blob) while signing. The file before signing was having a signature already but with no new line between the code and the signature block. (Still investigating why). So, when our file did not have a new line, signtool replaced the closing parenthesis with new line.

0

There are 0 answers