Microsoft authenticode code signing for SketchUpAPI.dll based on C API

Dear SketchUp C API experts,

Microsoft has updated and moved forward the deprecation date for SHA-1 as an approved code signing algorithm. These requirements were updated in December 2015 in response to the latest attacks against the SHA-1 algorithm.

Effective January 1, 2016, Microsoft Windows (version 7 and higher) and Microsoft Windows Server will no longer trust new code that is signed with a SHA-1 code signing certificate for Mark-of-the-Web(file downloaded from the Internet) related scenarios and that has been time-stamped with a value greater than January 1, 2016. According to the updated digital code signing requirements, new code must use SHA256 algorithm for File digest, certificate signature algorithm and time stamping signature algorithm. Any digitally signed code not meeting the above requirements will cause Microsoft Windows to present a security warning to the users indicating untrustworthiness of the code.

Could you provide the new SketchUpAPI.dll that is signed with SHA-256? Thank you.

Our current SketchUpAPI.dll is time-stamped before 1/1/2016. Do you still see issues with signature validation?

Hi bugra,

SketchUpAPI.dll should be signed with SHA-256 instead of signed with SHA-1 according to Microsoft.

Our next release will be signed with SHA-256. The current release was created in 2015, so it should work with a SHA-1 signature without any issues. (If Iā€™m reading the Microsoft article correctly).

1 Like

Thank you, bugra. We will wait for the next release.