tools: upgrade Windows digital signature to SHA256 (!47206) · Merge requests · Rodrigo Test / Test Group-nodejs / node

Rodrigo Muino Tomonari requested to merge github/fork/tniessen/tools-signtool-sha256 into main Mar 21, 2023

signtool still defaults to SHA1, which is vulnerable to certain collisions. This switches to SHA256, which is stronger and which also matches the hash function used by the signing certificate.

Technically, /fd certHash would be a better choice, but I don't know if it is widely supported.

Admin message

Admin message

tools: upgrade Windows digital signature to SHA256

Merge request reports