OpenOpcSignTool icon indicating copy to clipboard operation
OpenOpcSignTool copied to clipboard
verified publisher icon vcsjones

"Verify" command

Open vcsjones opened this issue 8 years ago • 3 comments

This command will verify the VSIX as closely as the VSIX installer does.

  1. That all digests in the manifest are correct.
  2. That all parts are signed except for the signature part.
  3. That the signature on the manifest is correct.
  4. That the certificate meets the following criteria:
    1. Has an EKU of 1.3.6.1.5.5.7.3.3
    2. That is can build a chain to the certificate.
    3. That if the certificate is expired, the timestamp is within the certificate validity period.
    4. VSIX installer does online revocation checking (perhaps make this a flag?) for all certificate except the root.
  5. If timestamped, validate the timestamp
  6. That the OPC signature algorithm is rsaWithSHA256

vcsjones avatar Apr 28 '17 21:04 vcsjones

Hi,

I have signed the VSIX by using this tool, but I can't verify the VSIX by using this tool. Could you please suggest me how can I verify the VSIX using this tool

ganesanviji avatar Apr 07 '20 06:04 ganesanviji

Microsoft's official vsixsigntool has a verify command. https://docs.microsoft.com/en-us/visualstudio/extensibility/signing-vsix-packages?view=vs-2019

image

vcsjones avatar Apr 08 '20 13:04 vcsjones

Hi @vcsjones

But this command is not working. Show the error like, Could not validate the VSIX. Also, Microsoft tool is not supported for the private key signing

https://developercommunity.visualstudio.com/comments/57884/view.html

So, it would be very great for verify command in this tool.

ganesanviji avatar Apr 09 '20 05:04 ganesanviji