Inno Setup includes a command-line tool, ISSigTool.exe. This tool is designed to sign files using ECDSA P-256 cryptographic signatures.
Note: ISSigTool.exe does not replace Microsoft's signtool.exe in any way and is in fact not related to Authenticode Code Signing at all. If you are looking for more information about this topic see SignTool instead.
Command line usage is as follows:
issigtool [options] <command> <arguments>
Available commands:
sign <file names> | Signs each specified file. Requires a private key. |
verify <file names> | Verifies the signature of each specified file against the key. |
export-public-key <file name> | Exports the public key used in the signing process to the specified file. |
generate-private-key | Generates a new private key for signing operations. |
Valid options are:
--key-file=<filename> | Specifies the private key filename required for signing. This option overrides the ISSIGTOOL_KEY_FILE environment variable which can also be used. |
--quiet, -q | Suppresses status messages that are normally printed to standard output. |
--help, -? | Prints usage information. |
Examples:
Exit codes:
0 | Success |
1 | A signature verification failed |
2 | Command line parameters were invalid or a fatal error occurred |
Notes: