Skip to content
/ acsalt Public

Native implemetation of Azure Code Signing client / signtool plugin

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

imag0r/acsalt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
acsalt
acsalt
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
acsalt.sln
acsalt.sln
 
 

Repository files navigation

ACSAlt

Native implemetation of Azure Code Signing client

  • No external dependencies - no need to install Azure CLI, Python or .NET
  • Way faster and more reliable than the original Microsoft implementation, especially under heavy load when signing multiple files at the same time

Usage

Create metadata.json file. Note that it contains sensitive data, so make sure it's deleted when you no longer need it

{
    "tenant": "acs tenant",
    "client_id": "acs user",
    "secret": "acs pass",
    "endpoint": "https://wus2.codesigning.azure.net/",
    "account": "ACS account name",
    "profile": "ACS signing profile name,
    "correlation_id": "correlation guid"
}

Run

signtool.exe sign /tr <timestamping url> /td sha256 /fd sha256 /v /dlib acsalt.dll /dmdf metadata.json target.exe

Known issues

  • OAuth re-authentication flow is not perfect - the code performs full authentication instead of updating the ticket. But it works and I'm too lazy to fix it.
  • Developed a while ago, not updated specifically for the release of Trusted Signing, but probably still works

About

Native implemetation of Azure Code Signing client / signtool plugin

Topics

visual-studio signing authenticode acs signtool

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages