Security Basics mailing list archives
Re: Code signing possible of Linux?
From: Saqib Ali <docbook.xml () gmail com>
Date: Tue, 18 Oct 2005 10:49:59 -0700
Hi Alexander, Thanks for the response. The binaries that we are planning to sign will BE used on Windows and NOT on Linux. However we need to build the Build Signing System on Linux platform i.e. sign binaries on a Linux box. See < http://www.xml-dev.com/blog/?action=viewtopic&id=130 > for a brief description of the design of the system. On 10/18/05, Alexander Klimov <alserkli () inbox ru> wrote:
On Mon, 17 Oct 2005, Saqib Ali wrote:However I would like build this platform on a Linux architecture. I understand that Authenticode for Code Signing is a Microsoft technology, and SignCode.exe is only available for Win32 platform. I was wondering if there any solutions available to sign binaries using the Verisign's Software Publishing Certificates (Authenticode) on a Linux platform?There are two approaches: * sign distribution package and check before installation, * sign executables and check before each execution. IIUC Authenticode is the first approach. The similar approach used by almost every linux distribution: usually they use GPG signatures to ensure that the package is not changed. If you want to use Authenticode itself (not sure how useful are signed windows programs on linux :-) you probably should check MS web site [1]: Microsoft is committed to ensuring that this technology is implemented on UNIX and the Macintosh platforms. For the second approach consider DigSig [2]. [1] http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnauth/html/signfaq.asp [2] http://sourceforge.net/projects/disec -- Regards, ASK
-- In Peace, Saqib Ali http://www.xml-dev.com/blog/ Consensus is good, but informed dictatorship is better.
Current thread:
- Code signing possible of Linux? Saqib Ali (Oct 18)
- Re: Code signing possible of Linux? Alexander Klimov (Oct 18)
- Re: Code signing possible of Linux? Saqib Ali (Oct 18)
- Re: Code signing possible of Linux? Alexander Klimov (Oct 18)