•  02-06-2022
  •  | 
  •  

質問

In java it is possible to sign a JAR file using jarsigner tool.

Is it possible to attach a SSL certificate to a python egg?

I searched for this but surprisingly little documentation turned up.

What support is there in python for distributing signed python applications?

役に立ちましたか?

解決

No, the egg format does not have any provisions for code signing. PyPI does provide you with an MD5 signature (as part of the download URL), but current tools do not verify this at the moment.

The newer Wheel binary package format supports both cryptographic hashes and digital (S/MIME ) signatures; an installer is required to verify the hashes upon installation, digital signature verification is optional.

Note that due to Python's dynamic and flexible nature, there is little point in relying on signed code after installation, as another python module can completely change the code structures in any other Python module.

ライセンス: CC-BY-SA帰属
所属していません StackOverflow
scroll top