sign
sign copied to clipboard
dotnet
Code Signing CLI tool supporting Authenticode, NuGet, VSIX, and ClickOnce
## Sign * https://github.com/dotnet/sign/issues/559 * https://github.com/dotnet/sign/issues/564 ## ClickOnce * https://github.com/dotnet/sign/issues/563 * https://github.com/dotnet/sign/issues/562 ## NuGet * https://github.com/dotnet/sign/issues/539 * https://github.com/dotnet/sign/issues/547 ## VSIX * https://github.com/dotnet/sign/issues/561 * https://github.com/dotnet/sign/issues/536 * https://github.com/vcsjones/OpenOpcSignTool/issues/76 * https://github.com/vcsjones/OpenOpcSignTool/issues/75 CC @clairernovotny
We should have a test for a subject name that contains internal quotes and commas. Many parsers fail at that. For example, this is a valid DN: `CN="Contoso, Inc", O="Fabrikam,...
> nit: consider an introducing some idiom in the codebase that allows succinct file extension checking. Maybe it's a new LINQ method (`SingleExtension` or `WhereExtension`) or a helper method called...
See https://github.com/dotnet/arcade/issues/7300
https://github.com/dotnet/arcade/blob/main/Documentation/DependencyFlowOnboarding.md
We shouldn't own copies of .NET Framework manifest-signing code (e.g.: [mansign.cs](https://github.com/dotnet/sign/blob/acd95606604d6ff41135556a348c4b1c521c1ef3/src/Sign.Core/Native/mansign.cs) and [mansign2.cs](https://github.com/dotnet/sign/blob/acd95606604d6ff41135556a348c4b1c521c1ef3/src/Sign.Core/Native/mansign2.cs)). We should delete all this code and move to a solution that does this for us. See...
The [`RSAKeyVaultProvider.RSAKeyVault`](https://github.com/novotnyllc/RSAKeyVaultProvider/blob/v2.1.1/RSAKeyVaultProvider/RSAKeyVault.cs) class is the "magic" that enables Sign CLI to integrate with Azure Key Vault with libraries (like NuGet) which otherwise lack native support for Azure Key Vault. Because...
## Repro steps 1. Download InstallerProjects.vsix from https://marketplace.visualstudio.com/items?itemName=VisualStudioClient.MicrosoftVisualStudio2017InstallerProjects. 2. Execute ```text sign code azure-key-vault -kvu **** -kvc MyCertificate -kvm -d Description -u http://description.test -t http://timestamp.digicert.com -b E:\testpass .\InstallerProjects.vsix ``` ##...