Releasing an x86 version of the CNG provider #18
Comments
|
Another vote for this request. I need it for signing MS Office docs as well. |
|
FYI: I can only find the Microsoft Visual Studio SDK VsixSignTool distributed as a 32-bit executable. While the VsixSignTool does have the ability to select a CSP, it does not appear to be possible to use the KMS CNG integration to sign with this tool since the KMS CNG integration only provides a 64-bit dynamic library. |
|
Signtool.exe is distributed in both 32 and 64 bit. |
|
Note that my prior comment is specifically about Visual Studio SDK VsixSignTool.exe which is used to sign Visual Studio extensions. This is distinct from the Microsoft SDK Signtool.exe that can be used to sign Windows executables, libraries, and other scripts. The Microsoft SDK's Signtool.exe does not appear to have support for signing *.vsix artifacts. |
|
I tried building the project in 32 bits mode ( |
Hello,
The current version of the CNG provider is targeting x64 only and while this works, it's a bit counter intuitive as the vast majority of online tutorials for signtool all refer to the x86 version.
As a result, one will get the dreaded "no private key is available" error message as described in Issue #17.
Further to this, Microsoft is providing various accompanying tools for use with signtool in the form of Subject Interface packages that allow signing files beyond the usual binary or powershell script. One of the most popular is for Microsoft Office to allow signing all office documents.
Those Subject Interface packages are DLLs that get registered with the operating system and are only available for the x86 platform which means an x64 signtool will not be able to use them.
As a result, with the current situation, either we can use the CNG (x64) or we can use Office SIPS (x86) but we can't use them at the same time.
I thus believe it would be beneficial for most users to have an x86 version of the CNG.
The text was updated successfully, but these errors were encountered: