Sign the DNUP Linux Executable in a Pipeline #51092
Description
We met with the Microsoft Crypto Review Board and got approval on several signing solutions.
For the dnup executable itself, (dnup), on Linux we got approval to use PGP. This work item tracks the work involved in making the pipeline that produces a dnup build sign the unix executable. You should also write the logic to verify the PGP signature, or find a method to do so, of the signed dnup executable, so dnup can verify itself. For details on the signature - most of this should be handled by the internal signing tool, but you may consult myself or others in our signing group for more context.