Closed arueckle closed 8 years ago
Hi,
Sorry for the lag on replying. I've been very busy in recent months.
There haven't been any requests for this but it seems reasonable.
I'm not very familiar with adding signatures to VBA files so maybe you can add more information to this thread about what they are, how you create them, any advantages or disadvantages. I prefer to use the Feature Request for discussions on the interface and the PR for discussion on the code.
From a technical point of view the PR needs to be split into two where each one addresses a features request.
Also, the PR should only contain 1 commit. You will need to squash/rebase the changes into a single commit. I'm not against a logical separation on changes into a patchset but the PR cannot contain incremental changes like this bugfix for something added earlier in the patchset: https://github.com/arueckle/XlsxWriter/commit/0d2c159489148480a9977d4e814fa5a9a700888a
It is okay to work off master.
You should also update this feature request with a example of the proposed API.
Hi John,
thanks for your reply.
So why do we want to use VBA signatures? Excel macros / vba can be digitally signed, just like a standard executable. With a signed macro, users can verify that this piece of software comes from a trusted source. Excel users furthermore can decide to only allow the execution of macros from certain sources/developers. In some environments, users are not allowed to execute macros from untrusted resources.
VBA signatures are separate files which are included in the xlsm file, therefore we extended your library with some logic to add such signatures.
I'll ask a collegue of mine to further share some comments on how to create a signed VBA file. Furthermore I'll take care about changing/splitting the pull-request. However, since I'm a bit short on time right now, this may take a while.
Regards, Andreas
I'll ask a collegue of mine to further share some comments on how to create a signed VBA file. Furthermore I'll take care about changing/splitting the pull-request. However, since I'm a bit short on time right now, this may take a while.
No problem. Take you time.
There doesn't seem to be any progress on this and there hasn't been any general interest, so closing.
Note, this feature was eventually merged to main. See #1009
VBA projects in excel can be signed. Users in excel can choose to only execute macros from trusted sources. The vba signature file is named "vbaProjectSignature.bin" and is located in the same folder as the vba project.
We extended the library to support adding vba signatures alongside with the vba file.
This is the fork: https://github.com/arueckle/XlsxWriter This is the pull-request #280