From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 37576 invoked by alias); 13 Dec 2016 14:36:21 -0000 Mailing-List: contact cygwin-apps-help@cygwin.com; run by ezmlm Precedence: bulk Sender: cygwin-apps-owner@cygwin.com List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Mail-Followup-To: cygwin-apps@cygwin.com Received: (qmail 37403 invoked by uid 89); 13 Dec 2016 14:36:19 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.2 spammy=Who, Hx-languages-length:1621, gitignore, money X-HELO: out1-smtp.messagingengine.com Received: from out1-smtp.messagingengine.com (HELO out1-smtp.messagingengine.com) (66.111.4.25) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Tue, 13 Dec 2016 14:36:09 +0000 Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id E3CC720966 for ; Tue, 13 Dec 2016 09:36:07 -0500 (EST) Received: from frontend2 ([10.202.2.161]) by compute6.internal (MEProxy); Tue, 13 Dec 2016 09:36:07 -0500 X-ME-Sender: Received: from [192.168.1.102] (host86-179-112-226.range86-179.btcentralplus.com [86.179.112.226]) by mail.messagingengine.com (Postfix) with ESMTPA id 8F98125041 for ; Tue, 13 Dec 2016 09:36:07 -0500 (EST) Subject: Re: [PATCH setup 4/4] Codesign setup.exe (DO NOT APPLY) To: cygwin-apps@cygwin.com References: <20161212132929.58904-1-jon.turney@dronecode.org.uk> <20161212132929.58904-5-jon.turney@dronecode.org.uk> <20161212173051.GD3705@calimero.vinschen.de> From: Jon Turney Message-ID: Date: Tue, 13 Dec 2016 14:36:00 -0000 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 MIME-Version: 1.0 In-Reply-To: <20161212173051.GD3705@calimero.vinschen.de> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-SW-Source: 2016-12/txt/msg00022.txt.bz2 On 12/12/2016 17:30, Corinna Vinschen wrote: > Hi Jon, > > On Dec 12 13:29, Jon Turney wrote: >> As discussed in https://cygwin.com/ml/cygwin/2015-04/msg00133.html >> >> This is quite straightforward, but unfortunately, requires a non-technical >> problem to be solved to complete. >> >> 1/ A code signing certificate signed by a CA is required. > > Where do we get one which is trusted, can be checked publically, > and doesn't cost any money? This is a trick question, right? You don't :( > Who will be keymaster and with whom do we share the private key? > >> 2/ The signature should be timestamped, so that it remains vaild after the >> signing key expires, but I assume you have to use the timestamp service of >> the CA that signed the key. This is more saying that we should use osslsigncode's -t option, but I don't quite know how. Looking at this again, all the examples I find use a certain CA's timestamp service, so I think perhaps my assumption is wrong. > Not necessarily. We can workaround that by getting a new key and > release a new setup. > >> +sign: upx >> + @if [ -e `which osslsigncode` ]; then \ >> + osslsigncode sign -certs $(srcdir)/cygwin.crt -key $(srcdir)/cygwin.key -n "Cygwin setup" -i https://cygwin.com/ -in setup$(EXEEXT) -out setup-signed$(EXEEXT) ;\ > ^^^^^^^^^ > $(srcdir)? > > This might not be quite right. We need to store the cert in a reasonable > safe place, certainly not in srcdir (or git). Yes, this could be done better. I added these filesname to .gitignore to make sure they didn't end up in the git repo :)