sigstore
Documentation on signing Windows and MacOS apps
After reading your README.md, the elephant missing is: how do I actually sign my releases using a fulcio-issued code signing certificate for Windows and MacOS?
Context: I maintain an open-source project. I sign my releases with PGP and provide documentation to my users on how they can cryptographically verify the authenticity of my releases using gpg. However, despite this, my Windows and MacOS users get annyoing alerts about "untrusted software".
Because I'm an Open Source project without a budget, I'm not about to go pay $100/year for a code signing certificate to be used in the Microsoft ecosystem or an additional $200/year for another certificate for Apple.
So when I saw that sigstore provides temprory-issued code signing certificates like Let's Encrypt does for websites, I was stoked that I may be able to smooth-out this annoyance for my users. But I couldn't find a guide on how to do this.
Please document:
- How to sign a given .exe using a fulcio-issued code signing certificate for Microsoft OSes
- How to sign a given .dmg using a fulcio-issued code signing certificate for Apple OSes
There's nothing conceptually preventing the use of sigstore services for the Windows or MacOS ecosystems, but since the sigstore public Fulcio instance isn't in the trust stores of either operating system by default, you would still have the same UX of having to click through a warning.
We could document the current path but I think most users would be left with the same frustration you described. Solving this for Windows and MacOS is definitely on our radar but we have a bit of a :chicken: / :egg: problem :/
So if fulcio is the "Let's Encrypt for code signing" then this begs the question:
Question: How did Let's Encrypt get into the trusted root store? Answer: Let's Encrypt's CA was cross-signed by
Identruston October 19, 2015.
So then the questions that follow are:
- How do we get a list of all the CAs in the trust stores for Microsoft and Apple Operating Systems?
- Which of the above CAs are friendly with Open Source?
And also: 3. Who do we know at Microsoft and Apple that can help make this a reality?
Just my own two cents, but I think documenting this would have a positive effect on adoption. Right now you're not going to have the attention of any Windows or macOS devs because they won't even be able to figure out how to sign their own apps, even if it's just for the purposes of playing around. But if you do document it you might garner some interest, which may reach the ears of Apple and Microsoft.
For Microsoft there are a few options since Microsoft Authenticode is effectively used for codesigning under Secure Boot. I have written a lot of code for this in Go so writing a utility to get valid signing for EFI executables was fairly trivial:
https://github.com/Foxboron/authenticode-fulcio
But I'm not sure how this would fare on an real Windows binaries. Hooking it up certificate generation from fulcio and handing the certificate to something like https://github.com/rhboot/pesign or https://github.com/mtrojnar/osslsigncode should also be fairly easy to write examples for.
What is the codesigning utility for macOS?
I tried to sign a PE file with my tooling + a few others to see if I could get something valid. But it seems like there is something missing in the certificate chain as none of the tools are capable of creating a valid signature. There is also an issue where the binary would only have a valid signature for 20 minutes so I'm not super sure about the practical use-case yet.
Need to try read a bit more up on Microsoft Authenticode and figure out what is missing.
Any update on this? Free signing for Windows and macOS apps would be pretty great.
There are no current plans to include the Fulcio root in the macOS or Windows trust stores. The way that Sigstore manages and updates its roots of trust through TheUpdateFramework is incompatible with the OSs' trust store requirements.
As for the short expiration, Authenticode supports including a signed timestamp. Sigstore is working on spinning up a timestamping authority (TSA), though you could also request a signed timestamp from a TSA like Digicert's. For any TSA where its root is not trusted by the OS, you will run into the same warnings.
re: https://github.com/sigstore/fulcio/issues/250#issuecomment-1019297096, there may be some X.509 extension or additional value that needs to be set in a Windows code signing certificate. We have a specification for issued certificates in our docs.
Happy to include documentation in this repo if someone wants to explore how to use Fulcio to sign Windows or macOS apps.
I really hope, Microsoft can find a solution for this...
Maybe integrating Fulcio for open source projects.
Just a note here, but Smart Screen (which IMHO is the main reason to sign code on Windows) treats OV and EV certificates differently. EV certificates are trusted by default (assuming the CA is trusted) while OV certificates just allow you to pool the reputation of all the executables they have signed. Here are some examples:
- You don't sign your code. You release MyApp-v1.exe. People get smart screen warnings for a while until the reputation on that file increases. You release MyApp-v2.exe. People get warnings again until MyApp-v2.exe builds up enough reputation.
- You sign your code with an OV certificate. You release MyApp-v1.exe. People get smart screen warnings for a while until the reputation on that certificate increases. You release MyApp-v2.exe. People don't get warnings because the certificate already has a good reputation. Eventually your certificate expires and it comes time to release MyApp-v47.exe. You renew your certificate, but people still get warnings until the new one builds up reputation.
- You sign your code with an EV certificate. People never get warnings.
If you are forced to use OV certificates (for example because EV code signing certificates are not available to individuals) there are 2 tricks to minimizing warnings:
- Buy certificates that are as long lived as possible. AFAIK, this is 3 years.
- When your certificate is close to expiring, buy a new one and start signing your programs with both certificates. This will allow your new certificate to build reputation before the old one expires.
I say all this to say: 10-minute OV certificates are not useful with respect to Smart Screen. I would love it if we could convince Microsoft that a subject rather than a certificate should build reputation, but I imagine you would need some serious pull with Microsoft to make that happen.
Another reason for code signing is that it is needed for "modern" Windows 10/11 applications. Modern Windows 10/11 apps are required to be either:
- Published in Microsoft Store (in which case they are automatically signed my Microsoft's certificate)
- Packaged using MSIX format and signed with expensive certificate that you bought from CA that Microsoft trusts. If you don't do that then it won't be just a warning that you can click through, Windows will outright refuse to install your app.
Why would you want it besides migrating away from ancient MSI/exe installers? It provides better integration with OS because it now has an actual concept of "application" instead of a bunch of random values in registry, it provides easier ways to do basic tasks such as registering file type associations, and more importantly: some new Windows APIs simply won't work if your app is not an "application" in Windows 10 terms.
However, because for such apps code signing is now enforced by OS, many people are unable (including myself) or unwilling to package their apps in a modern way. Having open source and free tool for code signing will go a long way to help this. I hope Microsoft realises it too at some point.
@9072997 the other main reason is to have the UAC prompt be from a "verified publisher," and not be an intimidating yellow
Why would you want it besides migrating away from ancient MSI/exe installers? It provides better integration with OS because it now has an actual concept of "application" instead of a bunch of random values in registry, it provides easier ways to do basic tasks such as registering file type associations, and more importantly: some new Windows APIs simply won't work if your app is not an "application" in Windows 10 terms.
MISX is a complete dumpster fire. I tried it in a production environment last year and I can link you the litany of bugs that microsoft refuses to fix or in some cases even acknowledge. Bugs with multi-page lists of loyal windows developers panicking that they are going to get fired for failing to be able to deploy a working application to their customers. In the end I had to write a lot of custom code to work around janky implementation mistakes in the MSIX and Windows application installer libraries.
Given that, and the comments on this issue, I feel like the best way forward is for everyone to start telling users 'we don't support windows anymore, there is a version you can install but you will have to jump through some hoops to get it working. Report your problems to windows or switch OS.'
Their market share is dropping and linux is getting easier to switch to. Let's put the ball back in their court.
Just dropping support for Windows completely sounds like a terrible idea, sure the market share might be dropping, but it's still the most popular OS by a long shot.
Also, the signing situation on Windows just got worse. You used to be able to sign your apps with an OV signing certificate, which was available for "just" 100$, However, those prices just tripled, because now you have to store the private keys on FIPS compliant hardware. Having a way out for open source projects is more important than ever, however Microsoft, as usual, just pretends we don't exist
I've been following this issue for some time, in the hopes that free or low-cost code signing may soon become available for Windows distributions. After re-reading the topic, can anyone help me understand why the following two workarounds aren't tenable?
- Fulcio is cross signed like Let's Encrypt
- Ask the user to manually install the Fulcio CA into their cert store
I've been following this issue for some time, in the hopes that free or low-cost code signing may soon become available for Windows distributions. After re-reading the topic, can anyone help me understand why the following two workarounds aren't tenable?
- Fulcio is cross signed like Let's Encrypt
- Ask the user to manually install the Fulcio CA into their cert store
Probably as was stated here https://github.com/sigstore/fulcio/issues/250#issuecomment-1208166997 the certificates don't comply with trust requirements, as Authenticode trusted certificates also certify the legal identity of the signer, so if a CA cross-signed fulcio they would probably get untrusted
as for why users not being able to install the certificate idk
2. Ask the user to manually install the Fulcio CA into their cert store
In my opionion that basically defeats the purpose; you can already ask users to install any self-signed cert/ca and then install your app signed with it. Indeed, tools like Zadig self-sign the automatically generated drivers it creates, installs the cert and then installs the driver all in one "admin approved" operation.
Someone security conscious would certainly prefer to install a CA like Fulcio rather than any "random developer" CA, however in reality most users are not that security literate.
If not by being accepted into the root stores or even cross-signed, then I have to wonder if convincing users to install the master/root CA may be the only option. It would require an education campaign, maybe explain how security requires establishing trust and how Fulcio works in that regard. But if we want to break into what feels like a proprietary walled garden and start building a network of trust in the FOSS world, I think it's going to take some convincing of the masses.
Adding onto https://github.com/sigstore/fulcio/issues/250#issuecomment-1676421642, the requirements for inclusion into a trust root are not feasible for an open source project. For example, Microsoft's requirements include a yearly audit, which would be prohibitively costly.
As for "Ask the user to manually install the Fulcio CA into their cert store", there are no technical blockers for users who choose to include the Fulcio root in their trust store. As I noted in https://github.com/sigstore/fulcio/issues/250#issuecomment-1208166997, Sigstore distributes its roots of trust using TheUpdateFramework. Users would have to monitor Sigstore's TUF repository to keep up to date with the latest roots. This isn't a great UX.
Also note that a key part of Sigstore's threat model includes transparency for signing events. Artifact inclusion into a transparency log is checked by Sigstore clients, but would not be checked by the operating system.
If someone would like to author documentation for using Sigstore with Windows/macOS, or create a daemon that loads Fulcio's root from TUF into the OS trust root, I'd be happy to review.
I am also looking into this as an individual developer of open source Windows applications. The current state of affairs doesn't make financial sense for small/individual projects.
How about a solution like the following:
- A new organization dedicated to signing Open Source applications for Windows. This organization would purchase its own EV code signing certificate at one of the existing vendors. (Currently circa $300/year + FIPS compliant hardware).
- This org would then sell or offer a way for other open source projects to have their binaries signed by the org, on behalf of the project. You would upload your files and get back the signed files.
Trust model:
- This would result in the organization being listed as the "publisher" in Windows UAC rather than the original developer.
- This approach would require the developers to trust this organization to not tamper with the binaries before signature. The developer would do this by verifying that the binary they sent for signature matches the signed one they got back.
- This would require the org to trust that the projects developers are not uploading malware for signature… The problem here is that if this happens the reputation of the whole org as a software publisher would be downgraded and all the other projects would suffer from this.
- So this org would probably need to do its own vetting of candidate projects beforehand, working with individual projects and establishing trust via a separate channel.
- Essentially the new org would become its own mini CA, extending the chain of trust one level down.
Anyone seeing a problem in this approach? I have no experience with Mac so I don't know if the same model could be used.
I am not sure if using a $300/year certificate of one vendor for such a use case is against their contracts, so this should be checked first. Maybe it is also possible to contact such a vendor or Microsoft and create a special contract for this organization.
Uploading files to a central organization has some drawbacks. Maybe this can be reduced by only uploading file hashes?
Pros of using hashes:
- Reduced costs because the organization needs less network bandwidth and server resources.
- Faster signing because hashes are faster to transfer.
- Files must not leave the developer computer, so this can also be used for not public projects (maybe for a small fee for financing of the organization).
Drawbacks of using hashes:
- No full file scanning for malicious software possible.
- A custom programmed signtool may be needed that supports this scenario.
Also, there should be some validation of the developer and transparency of what has been signed. Therefore, I suggest the following:
- At least one way of validation of the developer. I suggest something automated like the Let's Encrypt way, for example "this file has been signed for the owner of the domain example.org as of YYYY-MM-DD".
- A public list that includes all signed hashes, the developer, and the sign date. The file name is not needed.
- This list should also include, and mark withdrawn hash certificates, for example if one hash was for malicious software or a developer has been hacked.
@JoanCharmant Well this organization has to assume the responsibility for the signed binaries. If the org will be working only with a small closed circle of vetted developers, I guess it may work, but it does not change the big picture, and a bunch of developers can just as well start a company together for that purpose today (or some sort of non-profit or unofficial partnership).
However if this organization will actually try to be open and allow anyone to sign their binaries, some malware will inevitably slip through, and the cert will be revoked by the parent CA. Even if the org tries to do thorough identity verification of developers similarly to what existing CAs do, since it is not officially a CA it is not as "protected" from actions of its users as regular CAs, and legally signs binaries on its own behalf. I would expect the cert of the org to be revoked very quickly.
@ChristianGalla file hashes do not provide cryptographic authenticity. They provide integrity.
To securely transfer the authenticity of a set of files, you'd need signatures -- not hashes (or a manifest file with hashes that itself is signed).
@maltfield of course I mean normal digital signatures using hashing (HMAC).
Usually, a digital signature / certificate is computed and used the following way:
- Calculate the hash of the data to sign. This hash is easy to calculate but hard to reverse. Also, the hash has a fixed length, so is usually much shorter than the data. Additionally, even if only a small part of the data is changed, another hash would be computed.
- The hash is encrypted using a private key of an asymmetric encryption.
- Attaching of the signature to the data.
- When validating the signature, the corresponding public key is used to decrypt the signature. If the decrypted hash is the same as a new one calculated from the data, the data has not been changed and only the owner of the private key was able to create the signature.
This way, a digital signature guarantees authenticity and integrity, because both are needed.
In my proposal, step 1 could be computed on the local computer of the developer and only step 2 in the environment of the organization.
@JoanCharmant I think you’re looking for the SignPath Foundation. They sign Windows binaries for projects like Mumble or Vim. See also here.
@JoanCharmant I think you’re looking for the SignPath Foundation. They sign Windows binaries for projects like Mumble or Vim. See also here.
I think the price of 500$ defies the reason to use it in the first place. The main idea, the way I see it, is how an open source developer with limited resources to be able to sign for windows applications, given that himself is giving not only thr app, but also the code for free.
I think the price of 500$ defies the reason to use it in the first place.
Disclaimer: I work for SignPath Just wanted to clarify that for approved OSS projects, the SignPath Foundation provides free code signing certificates and of course the usage of our services are also free.
I think the price of 500$ defies the reason to use it in the first place.
Disclaimer: I work for SignPath Just wanted to clarify that for approved OSS projects, the SignPath Foundation provides free code signing certificates and of course the usage of our services are also free.
From what I can tell (https://about.signpath.io/product/editions), it's a standard (OV) certificate, not EV certificate. So, people would still get warnings (as per https://github.com/sigstore/fulcio/issues/250#issuecomment-1289258324).
From what I can tell (https://about.signpath.io/product/editions), it's a standard (OV) certificate, not EV certificate. So, people would still get warnings (as per #250 (comment)).
Hi @agarny, that's correct, there are warnings until Microsoft SmartScreen has seen the software often enough in the wild and decides that it can omit the warnings, then they go away. We are considering providing EV certificate for OSS projects at SignPath also, but are not quite there yet.
Hi @agarny, that's correct, there are warnings until Microsoft SmartScreen has seen the software often enough in the wild and decides that it can omit the warnings, then they go away. We are considering providing EV certificate for OSS projects at SignPath also, but are not quite there yet.
We are looking forward to it :)
Since usually open source projects it's common to have bursts of releases, and "desert" time periods with no releases at all, instead of having timely releases, waiting for SmartScreen to decide when an application is "safe", is not a viable solution.