|
|
|
|
|
|
by latitude
5389 days ago
|
|
|
For those on Windows, here is a bit of code that can be used to validate Authenticode signature of the update package. https://github.com/apankrat/assorted/blob/master/validate_pa... Basically the idea is to get an Authenticode certificate and sign the update .exe with it. Then, when a program checks for an update and pulls it down, it would validate the package signature and will not proceed if the details - the application and the certificate subject names - are wrong. It is as simple as it gets. |
|
|