Provide a way to Sign Windows executables using KMS/HSM. [158991827]

Assigned

Feature Request

Status Update

No update yet.

Description

jc...@google.com

created issue #1

Jun 15, 2020 11:01AM

Due to the lack of a Cryptographic Service Provider (CSP) offering from Google, the users are unable to interact with the CryptoAPI (CAPI) [1] which results in the inability to sign Windows executables using KMS/HSM.

The CSP would carry out the cryptographic functions. Without the CSP, the CAPI is unable to provide what is needed for the hardware device to sign Windows executables.

The user would need a CSP extension which implements CAPI for Cloud KMS to install on their Windows computer.

The Feature Request is to write a Google CSP dll or any alternative that would allow for signing Windows executables using KMS/HSM at Google Cloud Platform.

[1]

https://en.wikipedia.org/wiki/Microsoft_CryptoAPI

Comments

ka...@google.com <ka...@google.com> #2Jun 15, 2020 03:43PM

Thanks for the report. I will route this to the appropriate internal team and update this when I hear back from them.

Issue 158991827

Description

Issue summary

Comments

ka...@google.com <ka...@google.com> #2Jun 15, 2020 03:43PM

Add comment

Issue metadata