Is there a way to automate code signing a VBA project in a Word 2003 and/or Word 2007 document?
By automate I mean via a command line utility or via Word VBA automation?
Motivation: I would like to code sign several Word templates as part of an automated daily build and distribution cycle. Right now we have to do this manually by opening each document in Word and resigning.
Thank you, Malcolm
I've never seen a way to do this. I had an automated build of a template years ago and at the end I popped up a message box saying "you have to go sign the template now" and then opened VBA for them. Just saying I feel your pain I guess.
I do not believe there is an automated way to do this because it would defeat the security of code-signing VBA Project signing.
The two message digests are compared, and if any part of the file has been modified or corrupted, the digests will not match and the contents of the file can't be trusted. The verification process will fail regardless of how the file was modified - whether through corruption, a macro virus, or programmatic changes made by an add-in or Office solution. The verification process will also fail if the file wasn't signed with a valid certificate; that is, if the certificate had expired, or had been forged, altered, or corrupted. If another user modifies the VBA project, the Office 2000 application removes the current signature and prompts the user to re-sign the VBA project; if the user doesn't sign the VBA project or signs it with another certificate, the file may fail the verification process.
Inserted from http://msdn.microsoft.com/en-us/library/aa190113(office.10).aspx
Code signing has the additional level of security in the fact that a developer must compile source code. A macro is not compiled and can be distributed as text. Therefore, automating macro signing would open a large security hole. Manually siging a macro is similar to Outlook prompting the user to allow programmatic access to the address book.