ZXPSignCmd support for ECDSA

Report · Dec 14, 2022

Hello,

We have an ECDSA (non-RSA) EV certificate we use to sign our code and we have no problem whatsoever using it for Java code signing (ECDSA has been supported in Java for a long time).

However ZXPSignCmd refuses to use it:

Error - Key is not in RSA format. Signing failed.

ECDSA usage is more and more common and preferred to RSA these days so this is a missing functionality IMO.

Is it possible to add suport for ECDSA in ZXPSignCmd?

Thanks!

Report · Dec 16, 2022

Hi there!

I moved this to the "Ideas" section, which is effectively feature requests...

So, it's unlikely that we'll add this support to ZXPSignCmd because it's not under development. Since ZXPSign is used to sign CEP extensions, and we're busy moving from CEP to UXP...

That said, we are exploring different options for signing UXP extensions (especially if they have C++ components, coming soon...), as code-signing is requested frequently from developers.

I've heard a couple of developers ask to be able to use Apple Developer credentials while code signing, which sounds handy.

This is the first time I've heard of ECDSA. Is it very popular? Is it easy to use?

Finally, please let me know which Creative Cloud apps you're developing for. Just one? More than one? Also, do you have dozens of extensions under development, or just one?

Additiionally, it's handy to know how frequently you need to do code signing. (Asking because I saw one integration where new panels were rolled out every night, so signing and deployment were daily occurrences...)