Securing Application Deployment with Obfuscation and Code Signing
How to Create 3 Layers of Protection for .NET Release Build
Application Security Series
|
|
Table of Contents 1. Introduction Several Reasons to Implement Code Obfuscation and Signing Additional Benefits of Strong Name Signing Additional Benefits of Authenticode Signing 2. Code Obfuscation and Strong Name Signing Code Obfuscation Tools Obfuscation Project and Strong Name Signing Obfuscation and Strong Name Signing from Command Line 3. Authenticode Code Signing Code Signing Digital Signatures How Code Signing Works Authenticode Code Signing Certificate X.509 Standard Obtaining Code Signing Certificate Signing Certificate Pricing Code Signing Certificate Storage: Hardware vs. Software Time Stamping Certificate Validity (Expiration Date) 4. Implementing Authenticode Signing Code Signing Process à la Microsoft Code Signing Implementation Options: Advantages, Disadvantages, Costs Option 1: “Full Hardware” Option 2: “Basic Software” Option 3: “Combined Software/Hardware” 5. Tips on Implementing “Combined Software/Hardware” Option Requirements to Signing Application 6. Tips on Implementing “Basic Software” Option Installing Code Signing Certificate on Signing Server SignTool Installing SignTool Using SignTool 5. Testing Testing Obfuscation Testing Strong Name Signatures Testing Authenticode Signatures 6. Resources Tools and Products Authenticode Certificates Offered by Public Certificate Authorities Online Authenticode Timestamping Services Standards Articles Books |
|