I have a solution consisting of 5 projects, each of which compile to separate assemblies. Right now I'm code-signing them, but I'm pretty sure I'm doing it wrong. What's the best practice here? Sign each with a different key; make sure the passwords are different Sign each with a different key; use the same password if you want Sign ea...
Is it possible to sign only part of an applet? Ie, have an applet that pops up no security warnings about being signed, but if some particular function is used (that requires privileges) then use the signed jar? From what I can tell, some (perhaps most) browsers will pop up the warning for a signed applet even if you don't request priv...
I have a self-signed root certificate with just the code signing extension (no other extensions) in my Mac keychain; I use it to sign all code coming out of ∞labs using Apple's codesign tool and it works great. I was looking to expand myself a little and doing some Java development. I know Apple provides a KeyStore implementation that r...
I'm trying to sign an XPI on linux (no gui) using the NSS cert db (cert8.db and key3.db) i copied from another server of mine, on which I can sign XPI's just fine. On the new box I can sign with a brand new test certificate ok, but when i try to use the old cert db, it complains with: signtool: PROBLEM signing data (Unknown issuer) C...
Hi I am trying to deploy an application using webstart. I have a requirement to update a jar which is signed before i actually deploy( basically to update the IP/Port info). I am trying to use ANT to update the jar. Is there are way to achive this? Thanks in advance for any help/suggestions ...
I am working on a project that does a large amount of hashing, signing, and both asymmetric and symmetric encryption. Since these steps have a significant effect on our performance and available load, I was wondering if there is a hardware based solution to offloading the work. I have done some surfing to find out, and the only items I...
What do I need to do to avoid the "Manual Install" in Firefox for a Plugin and where do I have to go or what do I have to do to avoid the (Author not verified) message when downloading a Plugin. Ideally I would like to initiate the installation of the Plugin automatically and if I need to sign the Plugin somehow to show that it is not do...
I am working in Vista 64 bit system. I have a 3rdPartyUsbDriver.sys and 3rdPartyUsbDriver.inf files. I have made the neccesary changes to the vendor & product IDs in the inf file, to work with my custom hardware. This installs and works in 'Unsigned Driver Test mode' just fine. I now want to install this driver in 'Normal mode'. I do ...
I'm developing a site-specific Firefox extension. The official hosting/updating mechanism at addons.mozilla.org forces my users to login to download my plugin (until it get approved for public status), which isn't good for me, especially as my plugin is unlikely to be deemed useful to the web at large and will be stuck in the sandbox for...
I've added a weakly named assembly to my VS2005 project (which is strongly named). I'm now getting the error: "Referenced assembly 'xxxxxxxx' does not have a strong name" Do I need to sign this 3rd party assembly? Thanks in advance Nick ...
I'm a bit stuck here, I have a .net 3.5 sp1 application that I want to deploy locally to other machines on my network using ClickOnce. On installation they get a warning message saying that this application is from an unknown publisher etc. My boss does not want to buy a verisgn certificate. He just want's it to install and without pro...
Hi, I have an application where a user can download a PDF for printing. I want to be able to resrict the number of copies that can be printed. Is it possible to digitally sign/restrict a PDF in this way? Regards ...
I've just discovered J2ME and I love the possibilities that it presents. I'm currently working on a simple application and I'd like to maybe release it as an open-source project sometime in the future. As part of my research into J2ME and mobile devices, I looked into applet signing. It seems that people who want to create applets for...
Is there any certificate authority that allows for programmatic signing of windows mobile applications? At the moment my team uses Geotrust. Our build procedure looks like this: Build app "pre-sign" app with multi-step tool ( fill out form and upload "pre-signed" app on geotrust web site download signed app repeat There must be a b...
What is the difference between encrypting some data vs signing some data (using RSA)? Does it simply reverse the role of the public-private keys? For example, I want to use my private key to generate messages so only I can possibly be the sender. I want my public key to be used to read the messages and I do not care who reads them...
I'm currently developing some software that uses XML Signing to transfer files securely between two machines. We're using X.509 certificates from our own CA as keys. The CA (Windows 2003 server) offers several types of certificates (Email Cert, Server Cert, ...) Which one of those would I need to generate for XML Signature? To my knowl...
I have read many MSDN articles about assembly signing and I haven't found nothing about creating the key, just about creating the file, but the 3 methods listed to create a file needs a pre-generated key. Can you provide me a link to a tutorial to this? ...
The Windows SDK ships with a tool called signtool.exe that lets you sign a file with a certificate. I need to do the same thing but in a background service so I'm on the lookout for a library (preferably managed code, but COM will do) to do the same thing. Any ideas? Found the answer. Here's how to use an X.509 certificate to sign a fil...
I managed to use ILMerge to merge all the assemblies I have in my project into a single assembly, but the problem is there doesn't seem to be a way to sign the merged assembly. Is there some sort of command line option or command that I can run that would let me add a strong name to the merged assembly generated by ILMerge? ...
Built my project. Created my .pfx using sn.exe -k (to create ShellTradingCCMPROD.pfx). Copied the file to the application folder. In VS 2005, I go to the Signing tab, 'Select From File' and browse to the .pfx file. I hit 'Open' and I get the following error: The file 'C:\2009.02.1.1\ShellTrading.CCM.WinUI\ShellTradingCCMPROD.pfx' cou...