|
5 | 5 |
|
6 | 6 | WinSparkle is a plug-and-forget software update library for Windows |
7 | 7 | applications. It is heavily inspired by the Sparkle framework for OS X |
8 | | -written by Andy Matuschak and others, to the point of sharing the same |
| 8 | +written by Andy Matuschak and others, to the point of sharing the same |
9 | 9 | updates format (appcasts) and having very similar user interface. |
10 | 10 |
|
11 | 11 | See https://winsparkle.org for more information about WinSparkle. |
@@ -56,44 +56,62 @@ in the code preventing it from being compiled by other compilers. |
56 | 56 |
|
57 | 57 | There are also unsupported CMake build files in the cmake directory. |
58 | 58 |
|
59 | | - DSA signatures |
60 | | ---------------- |
| 59 | + Signing updates |
| 60 | +---------------- |
61 | 61 |
|
62 | | -WinSparkle uses exactly same mechanism for signing and signature verification |
63 | | -as [Sparkle Project](https://sparkle-project.org/documentation/#dsa-signatures) |
64 | | -does. Its tools and verification methods are fully compatible. |
| 62 | +Updates must be cryptographically signed to prevent tampering. WinSparkle uses the same mechanism for signing and signature verification |
| 63 | +as [Sparkle Project](https://sparkle-project.org/documentation/#dsa-signatures) does. Its tools and verification methods are fully compatible. |
65 | 64 |
|
66 | | -You may use any compatible way to sign your update. |
67 | | -To achieve this, you need to sign SHA1 (in binary form) of your update file |
68 | | -with DSA private key, using SHA1 digest. |
| 65 | +Signatures use the EdDSA algorithm with the Ed25519 curve. The public key is included in the app and enclosures in the appcast must have a signature attached to them. |
69 | 66 |
|
70 | | -WinSparkle provides tools to generate keys and sign the update using OpenSSL. |
| 67 | +Older DSA-based signatures are also supported, but they are deprecated and will be removed in a future version. [Upgrade your app to EdDSA](https://github.com/vslavik/winsparkle/wiki/Upgrading-from-DSA-to-EdDSA-signatures) if you still use DSA. |
71 | 68 |
|
72 | | -You need `openssl.exe` available on Windows to use those tools (available as |
73 | | -[precompiled binary][OpenSSL binaries]). |
| 69 | +### Companion tool |
74 | 70 |
|
75 | | -Alternatively, you can generate keys and sign your updates even on macOS or Linux, |
76 | | -using [tools provided by Sparkle project](https://github.com/sparkle-project/Sparkle/tree/master/bin). |
| 71 | +WinSparkle provides a companion tool, `winsparkle-tool`, to generate keys and sign your updates using EdDSA signatures. This tool is included in the binary package under `bin` directory, in NuGet package (in `tools` directory, pointed to by `$(WinSparkleTool)` property), or you can be compile it from sources. |
77 | 72 |
|
78 | | -#### Prepare signing with DSA signatures: |
| 73 | +See the output of `winsparkle-tool --help` for more information. |
79 | 74 |
|
80 | | - - First, make yourself a pair of DSA keys. This needs to be done only once. |
81 | | - WinSparkle includes a tool to help: `bin\generate_keys.bat` |
82 | | - - Back up your private key (dsa_priv.pem) and keep it safe. You don’t want |
83 | | - anyone else getting it, and if you lose it, you may not be able to issue any |
84 | | - new updates. |
85 | | - - Add your public key (dsa_pub.pem) to your project either as Windows resource, |
86 | | - or any other suitable way and provide it using WinSparkle API. |
| 75 | +### Prepare signing with EdDSA signatures: |
87 | 76 |
|
88 | | -#### Sign your update |
| 77 | +1. First, make yourself a pair of EdDSA keys, using `winsparkle-tool generate-key`. This needs to be done only once. |
| 78 | +2. Back up your private key (eddsa_priv.pem) and keep it safe. You don’t want anyone else getting it, and if you lose it, you will not be able to issue any new updates! |
| 79 | +3. Add your public key to your project either as Windows resource or by calling `win_sparkle_set_eddsa_public_key()` |
| 80 | + |
| 81 | +For example: |
| 82 | +``` |
| 83 | +$ winsparkle-tool generate-key --file private.key |
| 84 | +Private key saved to private.key |
| 85 | +Public key: pXAx0wfi8kGbeQln11+V4R3tCepSuLXeo7LkOeudc/U= |
| 86 | +
|
| 87 | +Add the public key to the resource file like this: |
| 88 | +
|
| 89 | + EdDSAPub EDDSA {"pXAx0wfi8kGbeQln11+V4R3tCepSuLXeo7LkOeudc/U="} |
| 90 | +
|
| 91 | +or use the API to set it: |
| 92 | +
|
| 93 | + win_sparkle_set_eddsa_public_key("pXAx0wfi8kGbeQln11+V4R3tCepSuLXeo7LkOeudc/U="); |
| 94 | +``` |
| 95 | + |
| 96 | +### Sign your update |
89 | 97 |
|
90 | 98 | When your update is ready (e.g. `Updater.exe`), sign it and include signature |
91 | 99 | to your appcast file: |
92 | 100 |
|
93 | | - - Sign: `bin\sign_update.bat Updater.exe dsa_priv.pem` |
94 | | - - Add standard output of previous command as `sparkle:dsaSignature` attribute |
| 101 | + - Sign: `winsparkle-tool sign -f private.key Updater.exe` |
| 102 | + - Add standard output of previous command as `sparkle:edSignature` attribute |
95 | 103 | of `enclosure` node of your appcast file. |
96 | | - Alternatively `sparkle:dsaSignature` can be a child node of `enclosure`. |
| 104 | + |
| 105 | +For example: |
| 106 | +``` |
| 107 | +$ winsparkle-tool sign --verbose --file private.key Updater.exe |
| 108 | +sparkle:edSignature="JhQ69mgRxjNxS35zmMu6bMd9UlkCC/tkCiSR4SXQOfBwwH1FkqYSgNyT5dbWjnw5F1c/6/LqbCGw+WckvJiOBw==" length="1736832" |
| 109 | +``` |
| 110 | + |
| 111 | + |
| 112 | +### Legacy DSA signatures |
| 113 | + |
| 114 | +If you still use DSA signatures, you can sign your updates using the `bin/legacy_*.bat` scripts and [the old instructions](https://github.com/vslavik/winsparkle/tree/v0.8.3?tab=readme-ov-file#dsa-signatures), as part of [transitioning to EdDSA signatures](https://github.com/vslavik/winsparkle/wiki/Upgrading-from-DSA-to-EdDSA-signatures). |
97 | 115 |
|
98 | 116 |
|
99 | 117 | Where can I get some examples? |
|
0 commit comments