This optional section defines any keys the compiler and Setup can use to verify files using [Files] section's issigverify flag.
Here are two examples of an [ISSigKeys] section:
[ISSigKeys] Name: "MyKey1; \ KeyID: "def0147c3bbc17ab99bf7b7a9c2de1390283f38972152418d7c2a4a7d7131a38"; \ KeyFile: "MyKey1.ispublickey" Name: "MyKey2; \ KeyID: "def020edee3c4835fd54d85eff8b66d4d899b22a777353ca4a114b652e5e7a28"; \ PublicX: "515dc7d6c16d4a46272ceb3d158c5630a96466ab4d948e72c2029d737c823097"; \ PublicY: "f3c21f6b5156c52a35f6f28016ee3e31a3ded60c325b81fb7b1f88c221081a61"
[ISSigKeys] Name: anna: KeyFile: "anna.ispublickey"; Group: exesigner Name: ryan; KeyFile: "ryan.ispublickey"; Group: exesigner Name: ivan; KeyFile: "ivan.ispublickey"; Group: docsigner ; max is trusted for both exe and doc signing Name: max; KeyFile: "max.ispublickey"; Group: exesigner docsigner ; the boss also has a key Name: bosskey; KeyFile: "boss.ispublickey"
See the Remarks section at the bottom of this topic for some important notes.
The following is a list of the supported parameters:
The internal name of the key.
Key names are not stored in the resulting Setup file(s), so you may use personal or non-public information in them, like the names of developers.
Name: MyKey
A space separated list of internal group names, specifying how to group the key.
Group names are not stored in the resulting Setup file(s), so you may use personal or non-public information in them, like the names of developer groups.
Group: exesigner docsigner
Specifies the ID of the key. If specified, the compiler uses it to double check the values of parameters KeyFile, PublicX, and PublicY. Is not used for anything else.
KeyID: "def0147c3bbc17ab99bf7b7a9c2de1390283f38972152418d7c2a4a7d7131a38"
Specifies the private or public key file. The compiler will prepend the path of your installation's source directory if you do not specify a fully qualified pathname.
Must be set if parameters PublicX and PublicY aren't set.
If a private key file is specified, only its public information is stored in the resulting Setup file(s).
KeyFile: "MyKey.ispublickey"
Specifies the "public-x" value of the key.
Must be set if parameter KeyFile isn't set.
PublicX: "e3e943066aff8f28d2219fd71c9ffff4c8d1aa26bc4225434be67180ab5e242d"
Specifies the "public-y" value of the key.
Must be set if parameter KeyFile isn't set.
PublicY: "e419041c3f54551e86a1c47f387005cd535dfc9d64339b30d37f9a4f7866b650"
Specifies the runtime ID of the key, used by ISSigVerify.
Runtime ID's are stored in the resulting Setup file(s), so you should not use personal or non-public information in them.
RuntimeID: def01
Keys and key files should be created using Inno Setup Signature Tool.
Created key files are human readable and can be opened with any text editor to get a key's KeyID, PublicX, and PublicY values. Note that none of these values are required if you set the KeyFile parameter instead.