Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Signing ELF binaries #269

Open
isagargit opened this issue Dec 13, 2024 · 1 comment
Open

Signing ELF binaries #269

isagargit opened this issue Dec 13, 2024 · 1 comment

Comments

@isagargit
Copy link

We are doing dotnet builds that generates dlls and exes. Alongside them, an extension less binary is generated.

Upon using the file command, I could find that it's an ELF file. I wanted to ask

  1. If anyone has experienced this, are those files necessary to be signed. If yes how ?

@ebourg : Please convert this as a discussion if possible
@ebourg ebourg changed the title [DISCUSSION] Signing extension-less binaries Signing ELF binaries Jan 15, 2025
@ebourg
Copy link
Owner

ebourg commented Jan 15, 2025

ELF binaries are usually for Linux. There is no a canonical way to sign these files. There were experiments like signelf and DigSig but none really took off (see https://stackoverflow.com/questions/1732927/signed-executables-under-linux for more info).

There is no signature verification mechanism at runtime on Linux similar to Authenticode on Windows. The file integrity is instead checked by the package manager using GPG signatures instead of X.509 certificates.

So no, you don't have to sign these files. You may still sign the application package containing the ELF executable, but that's out of the scope of Jsign.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ebourg @isagargit