@certchip/signer 0.1.15 → 0.1.19

package/README.md

@@ -48,11 +48,13 @@ signercli -logout
 # Login (certificate is installed to Windows certificate store)
 signer -login https://signer.example.com username
 
-# Sign using Windows signtool.exe
-signtool sign /n "Your Certificate CN" /fd sha256 /tr http://timestamp.digicert.com /td sha256 myapp.exe
+# Sign directly with signer (same options as signercli)
+signer myapp.exe                              # Default: hash-only mode
+signer myapp.exe -o myapp_signed.exe          # Specify output file
+signer myapp.exe -file-upload -save-signed    # Upload file, save with _signed suffix
 
-# Or sign directly with signer
-signer myapp.exe
+# Or use Windows signtool.exe (after login)
+signtool sign /n "Your Certificate CN" /fd sha256 /tr http://timestamp.digicert.com /td sha256 myapp.exe
 
 # Logout (removes certificate from store)
 signer -logout
@@ -76,10 +78,10 @@ This package provides two CLI tools with different purposes:
 
 | | signercli | signer |
 |---|-----------|--------|
-| **Purpose** | Direct file signing | Windows signtool integration |
+| **Purpose** | Direct file signing | Direct signing + Windows signtool integration |
 | **Platform** | Windows, Linux, macOS | Windows only |
-| **How it works** | Signs files directly via server API | Provides certificates to Windows crypto system |
-| **Best for** | CI/CD, cross-platform, simple signing | Windows developers using signtool.exe |
+| **How it works** | Signs files directly via server API | Signs files directly OR provides certificates to Windows crypto system |
+| **Best for** | CI/CD, cross-platform, simple signing | Windows developers, signtool.exe integration |
 
 ### When to use which tool?
 
@@ -87,7 +89,8 @@ This package provides two CLI tools with different purposes:
 |----------|-------------|
 | CI/CD pipeline (any platform) | signercli |
 | Linux/macOS development | signercli |
-| Simple file signing | signercli |
+| Simple file signing | signercli or signer |
+| Windows direct signing | signer or signercli |
 | Using Windows signtool.exe | signer |
 | Windows certificate store integration | signer |
 | Visual Studio post-build signing | signercli or signer |
@@ -273,6 +276,33 @@ signercli <file> LOG_INF                  # Info output
 # Available: LOG_NON, LOG_ERR, LOG_WRN, LOG_DBG, LOG_INF
 ```
 
+**Version Output:**
+
+The `-version` command displays comprehensive version information:
+
+```
+# signercli -version
+Certchip Signer CLI v0.1.18
+Cross-platform code and document signing tool
+Copyright (c) 2025 Certchip. All rights reserved.
+
+DLL Versions (Local):
+  otpkey.dll:   0.1.18.0
+  Certchip.dll: 0.1.18.0
+
+DLL Versions (System32):
+  otpkey.dll:   0.1.18.0
+  Certchip.dll: 0.1.18.0
+```
+
+| Information | Description |
+|-------------|-------------|
+| CLI Version | signercli/signer executable version |
+| Local DLL | DLL versions in the same directory as the executable |
+| System32 DLL | DLL versions installed in Windows System32 folder |
+
+> **Note:** DLL version information is Windows-only. On Linux/macOS, only the CLI version is displayed.
+
 #### Output Format
 
 Both `signercli` and `signer` support structured output formats for scripting and automation.
@@ -361,19 +391,24 @@ $ signercli -login https://signer.example.com admin -pw secret -format json
 
 ### signer (Windows only)
 
-Windows-specific tool that integrates with the Windows cryptographic system via KSP (Key Storage Provider). Instead of signing files directly, it registers certificates in the Windows certificate store, allowing you to use standard Windows tools like `signtool.exe`.
+Windows-specific tool that integrates with the Windows cryptographic system via KSP (Key Storage Provider). It can both sign files directly (like signercli) and register certificates in the Windows certificate store for use with `signtool.exe`.
 
-**How it works:**
-1. Login fetches your certificate from the server
-2. Certificate is registered in Windows certificate store
-3. KSP provider enables private key operations via the server
-4. Use `signtool.exe` or other Windows signing tools normally
+**Two signing methods:**
+1. **Direct signing** - Sign files directly with `signer <file>` (same as signercli)
+2. **signtool integration** - Login to register certificate, then use Windows signtool.exe
 
 ```bash
 # Authentication (fetches certificate to Windows store)
 signer -login <url> [username]            # Login and register certificate
 signer -logout                            # Logout and remove certificate
-signer -list                              # List available certificates
+
+# File Signing (direct - same options as signercli)
+signer <file> [options]                   # Sign a file directly
+    -o <path>                             # Output file path
+    -hash-only                            # Hash-based signing (default)
+    -file-upload                          # Upload entire file to server
+    -save-signed                          # Save with _signed suffix
+    -profile <name>                       # Use specific signing profile
 
 # Certificate Management
 signer -cert -list                        # List available certificates
@@ -393,11 +428,46 @@ signer -container                         # List key containers
 signer -install                           # Install DLLs to System32
 signer -uninstall                         # Remove DLLs from System32
 
-# After login, use standard Windows signing tools
+# Version & Help
+signer -version                           # Show version and DLL info
+signer -help                              # Show usage help
+
+# After login, use standard Windows signing tools (signtool integration)
 signtool sign /n "Certificate Name" /fd sha256 myapp.exe
 signtool sign /sha1 <thumbprint> /fd sha256 /tr http://timestamp.digicert.com myapp.exe
 ```
 
+**Examples:**
+```bash
+# Direct signing with output path
+signer myapp.exe -o myapp_signed.exe
+
+# Upload entire file for signing
+signer myapp.exe -file-upload -o myapp_signed.exe
+
+# Hash-only signing with _signed suffix
+signer myapp.exe -save-signed
+```
+
+**Version Output:**
+
+```
+# signer -version
+Certchip Signer v0.1.18
+Windows Key Storage Provider and Code Signing Tool
+Copyright (c) 2025 Certchip. All rights reserved.
+
+DLL Versions (Local):
+  otpkey.dll:   0.1.18.0
+  Certchip.dll: 0.1.18.0
+
+DLL Versions (System32):
+  otpkey.dll:   0.1.18.0
+  Certchip.dll: 0.1.18.0
+```
+
+The version output helps diagnose DLL version mismatches between local and system-wide installations.
+
 ---
 
 ### DLL System Installation (Windows)
@@ -533,7 +603,7 @@ signercli -verify myapp.exe -profile automation  # Outputs JSON automatically
 | **Platform** | Windows, Linux, macOS | Windows only |
 | **Dependencies** | None (static build) | otpkey.dll, Certchip.dll |
 | **Size** | 9.3 MB | 420 KB + 6.9 MB DLLs |
-| **Signing method** | Direct (via server API) | Indirect (via Windows crypto) |
+| **Signing method** | Direct (via server API) | Direct OR via Windows crypto (signtool) |
 | **Windows KSP** | No | Yes |
 | **signtool compatible** | No | Yes |
 | **UAC auto-elevation** | Yes | Yes |

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certchip/signer",
-  "version": "0.1.15",
+  "version": "0.1.19",
   "description": "Cross-platform code and document signing CLI tool",
   "main": "lib/index.js",
   "types": "lib/index.d.ts",