Windows scripting, Windows Automation, Web Scripting, Automation Software Blog. Developers of Macro Scheduler and WebRecorder for Windows and Web Automation and Testing.

/*!!!!!!!!!!! QuickMenu Core CSS [Do Not Modify!] !!!!!!!!!!!!!*/.qmmc .qmdivider{display:block;font-size:1px;border-width:0px;border-style:solid;position:relative;z-index:1;}.qmmc .qmdividery{float:left;width:0px;}.qmmc .qmtitle{display:block;cursor:default;white-space:nowrap;position:relative;z-index:1;}.qmclear {font-size:1px;height:0px;width:0px;clear:left;line-height:0px;display:block;float:none !important;}.qmmc {position:relative;zoom:1;z-index:10;}.qmmc a, .qmmc li {float:left;display:block;white-space:nowrap;position:relative;z-index:1;}.qmmc div a, .qmmc ul a, .qmmc ul li {float:none;}.qmsh div a {float:left;}.qmmc div{visibility:hidden;position:absolute;}/*!!!!!!!!!!! QuickMenu Styles [Please Modify!] !!!!!!!!!!!*//* QuickMenu 0 */#qm0 a{padding:5px 4px 5px 5px;color:#555555;font-family:Arial;font-size:12px;text-decoration:none;}#qm0 div{padding:10px;margin:-2px 0px 0px 0px;background-color:transparent;border-style:none;}#qm0 div a{padding:3px 10px 3px 5px;background-color:transparent;font-size:12px;border-width:0px;border-style:none;}#qm0 div a:hover{background-color:#DADADA;color:#CC0000;}body #qm0 div .qmactive, body #qm0 div .qmactive:hover{background-color:#DADADA;color:#CC0000;}#qm0 .qmtitle{cursor:default;padding:3px 0px 3px 4px;color:#444444;font-family:arial;font-size:12px;font-weight:bold;}#qm0 .qmdividerx{border-top-width:1px;margin:4px 0px 4px 0px;border-color:#BFBFBF;}#qm0 .qmdividery{border-left-width:1px;height:15px;margin:4px 2px 0px 2px;border-color:#AAAAAA;}#qm0 .qmritem span{border-color:#DADADA;background-color:#F7F7F7;}#qm0 .qmritemcontent{padding:0px 0px 0px 4px;} PRODUCTS

BUY NOW

DOWNLOADS

SUPPORT

CONTACT

ABOUT US

Marcus’ Macro Blog
Mostly tips, tutorials, articles and news about Macro Scheduler & Windows Automation

Download Macro Scheduler
Free 30 Day Trial

Code Signing Compiled Macros

November 9th, 2006 by Marcus Tettmar

What is Code Signing?

In Windows XP when you download an executable file from the Internet the browser checks the file’s Authenticode signature. This verifies who the publisher is. You get a dialog asking if you wish to download software from this publisher. If there is no signature the warning is more severe and it says something like:

The publisher could not be verified. Are you sure you want to run this software? This file does not have a valid digital signature that verifies its publisher. You should only run software from publishers you trust.

In some cases you will also get a similar warning when running applications that haven’t been signed. Apps that have been signed are trusted more by the operating system. And Vista is even more fussy.

Code signing protects against tampering and impersonation. If a signed app is tampered with or modified in some way the signature becomes invalid and so the user will be warned when they try to run it.

How does it work?

A publisher applies for a digital certificate from a Certification Authority. Using the Microsoft Authenticode tools the publisher can sign their applications with their digital certificate. The signing tool basically makes a hash of the code and their private key and appends the signature to the end of the executable. If the code is later modified the signature will therefore be invalid as it is partially based on the application’s code itself.

Should I sign EXEs Compiled with Macro Scheduler?

If you distribute compiled macros to others, or let people download them from the web you should consider signing them. Users can then see who the publisher is and be sure that the file hasn’t been modified in any way, and will no longer see the unknown publisher warning presented by the web browser.

So how do I sign my EXEs?

First you need to obtain an Authenticode Certificate from one of the following Certification Authorities:
- Thawte
- Verisign
- Comodo

You also need the code signing tools. These come with the Microsoft Platform SDK and can be downloaded here:
Platform SDK Redistributable: CAPICOM

Once installed, launch SignTool.exe to sign your EXE. For command line options see: Sign Tool (SignTool.exe)

For more information about Authenticode and Code Signing see Authenticode Overviews and Tutorials on Microsoft.com

Bookmark this at:

Bookmark Code Signing Compiled Macros at del.icio.us

Digg Code Signing Compiled Macros at Digg.com

Bookmark Code Signing Compiled Macros at Spurl.net

Bookmark Code Signing Compiled Macros at Simpy.com

Bookmark Code Signing Compiled Macros at NewsVine

Blink this Code Signing Compiled Macros at blinklist.com

Bookmark Code Signing Compiled Macros at Furl.net

Bookmark Code Signing Compiled Macros at reddit.com

Fark Code Signing Compiled Macros at Fark.com

Bookmark Code Signing Compiled Macros at YahooMyWeb

This entry was posted on Thursday, November 9th, 2006 at 9:34 am and is filed under General. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Windows Vista and the Windows logo are trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries.

Code Signing Compiled Macros

Leave a Reply

Pages

Archives

Categories