DSutils v2 release (signatures)

Hey,

I developed a GUI for signing add-ons:

http://soner.forgesoft.net/ArmA2AS.zip

Have Fun!

Thank you masters of the ArmAverse!

And thanks Soner, that seems like an easy to use and useful tool!

How is this going to work in combination with BinPBO´s "Create signature" function?

Thank you masters of the ArmAverse!

And thanks Soner, that seems like an easy to use and useful tool!

get that on DH.

Interesting part is that you don't have to create a new key, the createKey utility has remained untouched.

well, this is not making a great deal of sense signature files wise. so far as i can see all bi have done is release a new public key against a new internal private key. That's fine and good, and hardly earth shattering.

pbo's themselves and the signatures *they* already have, don't change, nor could they.

the so called version2 stuff might well only work with bi2 bikeys, that's engine functionality, but nothing appears to be any different dsSignature tools wise and i'm suprised (and confused) what purpose re-releasing these 3 exes do for arrowhead that the old tools don't do in any case.

Addonsigner now on DH

http://dev-heaven.net/projects/addon-signer

actually the file will be overwritten using v2 signature

Will this be changed?

these who sign can decide if they use theirs old signature to replace v1 with v2 ignoring backward compatibility

I don't understand the meaning of backward compatibility. The v2 signature works with verifySignature 1 + 2. To be sure, i have tested it with an addon. In which case can it be incompatible?

Servers running older game versions I guess.

Does anyone know about ArmA2 original compatibility with the new sigs, or is it OA only?

This needs a bit more documentation or something.

From what I understand the v2 tool creates a different sign file.

The hash is based on the complete pbo data, while the v1 version only used some data of the pbo.

The key creation has not changed.

Your only advised to create a new key to separate v1 and v2 sign files for pbos.

The recommendation is to use v2 only as the v1 security was compromised.

The compatibility mode to use v1 and v2 is for those who want to take the additional

risk to be able to continue to use old v1 bisign files until addon authors have released

new v2 signs for their addons (pbos).

Edit:

As suggested, DSCreateKey.exe is unmodified.

Only DSSignFile.exe and DSCheckSignatures.exe.

well, this is not making a great deal of sense signature files wise. so far as i can see all bi have done is release a new public key against a new internal private key. That's fine and good, and hardly earth shattering.

pbo's themselves and the signatures *they* already have, don't change, nor could they.

the so called version2 stuff might well only work with bi2 bikeys, that's engine functionality, but nothing appears to be any different dsSignature tools wise and i'm suprised (and confused) what purpose re-releasing these 3 exes do for arrowhead that the old tools don't do in any case.

While DSCreateKey.exe is the same, DSSignFile.exe is different and generates a new, longer (556 instead of 287 bytes long) bisign.

Whether you wish to create a new signature key is up to you but I'd strongly suggest that you do. That way admins and players can easily see whether the said addon is version 2 without having to compare the size.

This should work with BINPBO right? Just shove the new DSSignFile into

C:\Program Files (x86)\Bohemia Interactive\Tools\BinPBO Personal Edition\DSSignFile

Not tried it yet.. but I imagine it will :P.

This should work with BINPBO right? Just shove the new DSSignFile into

C:\Program Files (x86)\Bohemia Interactive\Tools\BinPBO Personal Edition\DSSignFile

Not tried it yet.. but I imagine it will :P.

It does work, yes.

Yep. Every addon has to be signed again with the new tool to get a v2 signature.

The main question is how to achieve this - especially for addons that have their author left the scene.

Hint: Something along the lines of a community sign server - an automated system.

This should work with BINPBO right? Just shove the new DSSignFile into

C:\Program Files (x86)\Bohemia Interactive\Tools\BinPBO Personal Edition\DSSignFile

Not tried it yet.. but I imagine it will :P.

It does work, yes.

Oh great, i´m good to go then. Thx for clarification :)

Yep. Every addon has to be signed again with the new tool to get a v2 signature.

The main question is how to achieve this - especially for addons that have their author left the scene.

Hint: Something along the lines of a community sign server - an automated system.

i resigned all mods for our community with V2 Key´s and gave out the serverkey´s aswell.

i wont waste time with waiting for author.

have a problems with v2 sign.

Addons packed with cPBO and signed with DSUtils2 rejected by the server with wrong signature.

Addons packed with BinPBO and signed with DSUtils2 are good.. but some of addons wont work after BinPBO repack (even without binarize) - for example "celle" island... it says about missing \ca\celle\celle.wrp when I start the server.. also there is no island visible even in editor...

Also signs v2 for almost every old addons wont work without repacking with BinPBO

Maybe I missed something?

P.S. of course I placed .bikey file in arma2\keys directory.

Use eliteness/makepbo.

Many pbos are packed with OFP/a1 tools that make the signature generation not possible / faulty.

The reason why Celle and other addons don't work after repack is because you need to apply the same pboprefix, for Celle this seems to be ca\celle

Perhaps better to ask the original authors to sign with v2.

A repack with mikero's tools should do the job.

The reason the wrp is not the in the pbo is the binpbo settings.