You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Have you considered signing the binaries (dll's, setup exe's and VSIX's) with an Authenticode certificate to help prevent tampering in your official builds?
It's easy to integrate into a CI build as well with the code signing service I wrote (https://github.com/onovotny/SignService). Happy to help set that up for you if you want and it supports all of the file types this project needs.
The text was updated successfully, but these errors were encountered:
Some code signing is already done to help support strong naming, which in turn helps support installation into the GAC? Of course, my understanding is that the private key is checked directly into version control at https://github.com/PistonDevelopers/VisualRust/blob/master/src/VisualRust/Key.snk , so this doesn't really prevent tampering per se.
There is a difference between strong name signing (which is tied to assembly identity and required for the GAC) and Autheticode signing, which is about authenticity and provenance of the binary itself.
Snk files are not a security mechanism -- which is why they're ok to check in. What they do is disambiguate two libraries that might happen to have the same name otherwise.
Authenticode stamps on the public portion of an x509 certificate (so individual or organization) and timestamp from a CA. Things like SmartScreen then check the reputation of the certificate to determine whether to show the "this file is not trusted..." dialog. It is possible to verify that a file hasn't been tampered with during assembly load, but that's generally not done for perf reasons. It's usually at run of a file with the "mark of the web" or the VSIX installer.
Right...that is the requirement. Certum offers cheap ones for OSS projects. Many foundations like the .NET Foundation and the Apache foundation offer them to their member projects.
Have you considered signing the binaries (dll's, setup exe's and VSIX's) with an Authenticode certificate to help prevent tampering in your official builds?
It's easy to integrate into a CI build as well with the code signing service I wrote (https://github.com/onovotny/SignService). Happy to help set that up for you if you want and it supports all of the file types this project needs.
The text was updated successfully, but these errors were encountered: