PowerShell-OpenAuthenticode
Cross platform PowerShell implementation of Authenticode signing and verification (by jborean93)
AzureSignTool
SignTool Library and Azure Key Vault Support (by vcsjones)
| PowerShell-OpenAuthenticode | AzureSignTool | |
|---|---|---|
| 1 | 4 | |
| 34 | 338 | |
| - | 2.7% | |
| 5.1 | 7.3 | |
| 1 day ago | 13 days ago | |
| PowerShell | C# | |
| MIT License | MIT License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
PowerShell-OpenAuthenticode
Posts with mentions or reviews of PowerShell-OpenAuthenticode.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-10-28.
-
The Windows installer of ImageMagick will no longer be signed
I’ve found the easiest option available here is through using Azure KeyVault to store the keys. I use a custom module to sign my PowerShell scripts and dlls [1] for this because I can integrate it with OIDC to sign the code using the keys stored in the Azure HSM. While the builtin pwsh Set-Authenticode cmdlet can’t do this currently there are other options that rely on Window’s authenticode APIs like AzureSignTool [2] that I highly recommend.
While I’m unsure if Azure is suitable for actual companies I think the risk is ok for what I need it for and the API quality as well as OIDC support make it quite nice to use with GHA.
[1] https://github.com/jborean93/PowerShell-OpenAuthenticode
AzureSignTool
Posts with mentions or reviews of AzureSignTool.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-11-11.
-
ClickOnce
I never had much luck with ClickOnce, so I was using Squirrel.Windows. I've recently switched to the Clowd.Squirrel fork, since I needed support for AzureSignTool in the build process.
-
The Windows installer of ImageMagick will no longer be signed
[2] https://github.com/vcsjones/AzureSignTool
-
One Game, by One Man, on Six Platforms: The Good, the Bad and the Ugly
The token requirement is a pain. We settled on using Azure Key Vault and AzureSignTool [1]. It costs $5 a month for a HSM key and you can sign things from anywhere.
It's not a protection racket...
[1] https://github.com/vcsjones/AzureSignTool
-
Code signing in Azure DevOps
You can use any certificate authority to generate the security certificate, get a hardware security module (HSM). Then upload your new code signing certificate to Azure Key Vault and use the excellent Azure Sign Tool to pull the certificate from Azure Key Vault into your Azure Pipelines.
What are some alternatives?
When comparing PowerShell-OpenAuthenticode and AzureSignTool you can also consider the following projects:
KeenWrite
sic1 - Single-instruction (subleq) programming game
pyvips - python binding for libvips using cffi
rustypwneddownloader - Rust based pwnedpasswords Downloader