Allow signing with CSP PIN-caches (Smartcard Code Signing asks for PIN too many times)

Request new features that you would like to see in the next version of Advanced Installer.
Post Reply
burnersk
Posts: 38
Joined: Mon Mar 25, 2019 12:26 pm

Allow signing with CSP PIN-caches (Smartcard Code Signing asks for PIN too many times)

Post by burnersk » Sat Jan 11, 2020 3:19 pm

I am using the Digital Signature feature with a code signing certificate stored on a smartcard. The smartcard ist PIN protected, and requires a PIN for every session (not transaction).

When I build setups, I get ask a hundred times (no joke) for the PIN. This takes me about an hour in password entry.

Every other software, I use in the toolchain, utilizes sessions (CSP PIN-caches). So it opens a handle to the Content Security Provider (CSP) and works with this instance/session for the rest of the execution.

Please add this CSP PIN-cache functionality. Basically, it is making the CSP for a build batch run "globally", instead of making a new CSP for every single file which result in hundreds of PIN entry situations. But - in any case - after the build batch run has finished or canceled, explicitly close the CSP session.

Currently, I see not workaround, since Advanced Installer is generating most of the files-to-sign on-the-fly, so I cannot sign them beforehand.
Last edited by burnersk on Sat May 30, 2020 10:00 am, edited 1 time in total.

Catalin
Posts: 3132
Joined: Wed Jun 13, 2018 7:49 am

Re: Allow signing with CSP PIN-caches

Post by Catalin » Mon Jan 13, 2020 8:46 am

Hello,

I have added this on our TODO list of improvements and hopefully this will be added in a future version of Advanced Installer.

Thank you for bringing this to our attention!

Best regards,
Catalin
Catalin Gheorghe - Advanced Installer Team
Follow us: Twitter - Facebook - YouTube

burnersk
Posts: 38
Joined: Mon Mar 25, 2019 12:26 pm

Re: Allow signing with CSP PIN-caches (Smartcard Code Signing asks for PIN too many times)

Post by burnersk » Sat May 30, 2020 9:54 am

Hi Catalin,

almost half a year have passed. Has Caphyons priority list for AI cleanup up a little, so you can give me/us some hint on how long it could take until the AI developers could dig into this? I am not asking about "when it will be released" ( when its done ;) ).

Catalin
Posts: 3132
Joined: Wed Jun 13, 2018 7:49 am

Re: Allow signing with CSP PIN-caches (Smartcard Code Signing asks for PIN too many times)

Post by Catalin » Wed Jun 03, 2020 8:58 am

Hello,

I have discussed this with the developer in charge and this improvement is in his queue for further research and investigations.

Unfortunately, I can not give you an estimation as priorities may change over time (for instance, a critical bug appears).

I will, however, update this thread as soon as this improvement will be implemented in Advanced Installer.

Best regards,
Catalin
Catalin Gheorghe - Advanced Installer Team
Follow us: Twitter - Facebook - YouTube

Post Reply