OpenType font signing tool
This tool was developed for use at Microsoft, and is unsupported externally. Microsoft makes no claims and holds no liability regarding the external use of this tool. This tool is copyrighted. Redistribution is restricted. See the tool's End User License Agreement for details.
Besides the tool provided, to sign a font file you will also need a
- *.spc file and a *.pvk file.
You can create a test.spc and test.pvk for testing purposes with the tools provided in the font signing tool, but when you want to sign a font file "for real" you need to obtain these files from Certification Authority such as Verisign. When contacting a Certification Authority apply for a 'Class 3 Authenticode digital signature'. Asking for a 'font-signing certificate' is not a good idea, as the certificate you need is not specific to font signing.
The .spc file containing your public key and other information, resides on your hard drive, and it can be distributed to others.
The .pvk file contains a private key that corresponds to the public key in the .spc file. Once you have received a .pvk file from Certification Authority it is recommended that the file should NEVER be stored on your hard drive and should always be stored on a floppy disk and be used as needed.
Signing OpenType font files
Minimum system requirements:
- Window 2000: Beta 3 or higher, or
- Windows NT 4 + SP 4, or
- Windows 9x + IE 5
Download the tool
download - Select one of the locations listed below and download disg.exe to your computer in a folder such as C:\FontSign
File Details - dsig.exe - 192KB self extracting file Windows 2000 and Windows NT users - You must have administrator privileges to use this tool.
Step 1
- Windows NT/2000: Move mssipotf.dll to winnt\system32
- Windows 9x: Move mssipotf.dll to \windows\system
Step 2
Register the mssipotf.dll with Windows, by typing the following at the command prompt,
- regsvr32 mssipotf.dll
Step 3
To sign a font file eg. myfont.TTF, go to the folder where you downloaded the font signing tool, and at the command prompt type,
- signcode -spc my.spc -v my.pvk -j mssipotf.dll myfont.ttf
The -j mssipotf.dll option is reqired for successfully signing font files and therefore, must be included in the command prompt. This option tells signcode that mssipotf.dll contains code that will perform a series of checks on the font to determine glyph integrity. This process may take a few seconds or many minutes, depending on how many glyphs are in the font file. If the font does not pass this verification test, signing will fail. Signcode has many other command line options and you can learn about them by typing Signcode -? at the command prompt. Other recommended options to include in the command line are,
- -n "My Font name"
- -i
http://www.mycompany.com
- -t
http://timestamp.verisign.com/scripts/timstamp.dll
The three options above will add font's name, link it your site and add a time stamp to the digital signatures certificate.
Step 4
A successfully signed font file can be verified using chktrust.exe:
- chktrust myfont.otf
Another way to verify a signed file on Windows 2000 and Windows 98 is to 'right-click' the font file and select 'properties'. A 'Digital Signatures' tab will be displayed that provides more detail about the signature, including the timestamp (if it was used in signing).
Note that in Windows 2000 the icon associated with a signed font file is the OpenType logo (an O), rather than the TrueType logo (a TT). However, signed TTCs still have the TT logo.
Recommendations
In general you should always test sign a font before signing it for real. You'll need to create a dummy version of your own .cer and .pvk files by going to the directory where you downloaded the font signing tool and type the following on the command line
makecert -n CN=JoeBob -sv test.pvk test.cer
cert2spc test.cer test.spc
setreg 1 TRUE
Makecert will create .cer and .pvk files, and the associated certificate will be called "JoeBob". A dialog box will ask you to provide a password for the .pvk file and then ask to confirm the password each time the .pvk file is used.
Finally, to test sign a font, at the command prompt type the following
- signcode -spc test.spc -v test.pvk -j mssipotf.dll myfont.ttf
Note: In the above example we have used minimal signcode options as we are only test signing a font file.
You can also modify the signdemo.bat provided with the font signing tool according to your font and company then type
- Signdemo MyFont.ttf
If you sign a file with a test certificate, the signed file should NOT be distributed for official purposes.
Troubleshooting
Here are some frequently asked questions:
Q: I've downloaded the font tool but don't see the misipotf.dll.
-
A: You need to set the folder setting to view all files. See Windows documentations on how to do that.
Q: I'm running out of space at the DOS prompt?
-
A: Windows 95 and 98 have by default a limit on how many characters can be typed in at the command prompt. Therefore, depending on what options you use and the length of some options (i.e. your font name, company's URL and timestamp URL) you may not be able to type in all the options you want to use to sign your fonts. In this case, you can edit the "Signdemo.bat" batch file to include all the options you want to use. To open the file, right-click on "Signdemo.bat" and choose the "Edit" option, then modify the options as needed. Close the file and type "Signdemo MyFont.ttf" at the DOS prompt.
Q: I Can't sign the file because the file was read-only.
-
A: Signing alters the file, so it can't be read-only. Change the file attributes and try signing again.
Q: It takes a long time to sign.
-
A: As the -j option invokes code that does glyph integrity checks, signing may take a long time. Be patient.
Q: Will having other copies of mssipotf.dll on the system cause problems?
-
A: Older versions of mssipotf.dll may be invoked if they are in the execution path. It is best to make sure there is only one mssipotf.dll in the entire system (in the \winnt\system32 directory).
Q: I get an error during the signing process
-
A: This will probably be due to the font not meeting the signing criteria listed below.
Font file criteria
As files other than font files are signed in different ways. To identify a file as a font file, the file must meet certain criteria. The criteria are outlined below.
The magic number in the head table is correct.
Given the number of tables value in the offset table, the other values in the offset table are consistent.
The tags in the table directory, which contains pointers to the beginning of each table, must appear in alphabetical order and have no duplicates.
The offset of each table is a multiple of 4. (That is, tables are long word aligned.)
The first actual table in the file comes immediately after the directory of tables.
If the tables are sorted by offset, then for all tables i (where index 0 means the table with the smallest offset),
Offset[i] + Length[i] <= Offset[i+1] and
Offset[i] + Length[i] >= Offset[i+1] - 3.
In other words, the tables do not overlap, and there are at most 3 bytes of padding between tables.
The pad bytes between tables are all zeros.
The offset of the last table in the file plus its length is not greater than the size of the file.
The checksums of all tables are correct.
The file checksum in the head table is correct.
Signcode will not sign and chktrust will not verify if the font file does not meet all of the above criteria.
The philosophy behind these rules is that the more structure that is imposed on a font file, the less likely a malicious entity will be able to disguise a bad font file to look like a good one. This will become more important as other kinds of signatures are employed to sign font files.
Uninstalling
You can disable font signing and verification by unregistering mssipotf.dll:
regsvr32 /u mssipotf.dll
Optionally, you can then delete mssipotf.dll.
END-USER LICENSE AGREEMENT FOR MICROSOFT SOFTWARE
IMPORTANT-READ CAREFULLY: This Microsoft End-User License Agreement ("EULA") is a legal agreement between you (either an individual or a single entity) and Microsoft Corporation for the Microsoft software product identified above, which includes computer software and may include associated media, printed materials, and "online" or electronic documentation ("SOFTWARE PRODUCT"). The SOFTWARE PRODUCT also includes any updates and supplements to the original SOFTWARE PRODUCT provided to you by Microsoft. Any software provided along with the SOFTWARE PRODUCT that is associated with a separate end-user license agreement is licensed to you under the terms of that license agreement. By installing, copying, downloading, accessing or otherwise using the SOFTWARE PRODUCT, you agree to be bound by the terms of this EULA. If you do not agree to the terms of this EULA, do not install or use the SOFTWARE PRODUCT.
SOFTWARE PRODUCT LICENSE
The SOFTWARE PRODUCT is protected by copyright laws and international copyright treaties, as well as other intellectual property laws and treaties. The SOFTWARE PRODUCT is licensed, not sold.
- GRANT OF LICENSE. This EULA grants you the following rights:
- Software Product. You may install and use the SOFTWARE PRODUCT on an unlimited number of computers, including workstations, terminals or other digital electronic devices ("COMPUTERS") residing on your premises for the sole purpose of adding a digital signature to your TrueType or OpenType font.
- DESCRIPTION OF OTHER RIGHTS AND LIMITATIONS.
- Limitations on Reverse Engineering, Decompilation, and Disassembly. You may not reverse engineer, decompile,. or disassemble the SOFTWARE PRODUCT, except and only to the extent that such activity is expressly permitted by applicable law notwithstanding this limitation.
- Rental. You may not rent, lease or lend the SOFTWARE PRODUCT
- Software Transfer. You may permanently transfer all of your rights under this EULA, provided you retain no copies, you transfer all of the SOFTWARE PRODUCT (including all component parts, the media and printed materials, any upgrades, this EULA, and, if applicable, the Certificate of Authenticity) and the recipient agrees to the terms of this EULA. If the SOFTWARE PRODUCT is an upgrade, any transfer must include all prior versions of the SOFTWARE PRODUCT. You may not distribute the SOFTWARE PRODUCT.
- Termination. Without prejudice to any other rights, Microsoft may terminate this EULA if you fail to comply with the terms and conditions of this EULA. In such event, you must destroy all copies of the SOFTWARE PRODUCT and all of its component parts.
COPYRIGHT. All title and intellectual property rights in and to the SOFTWARE PRODUCT (including but not limited to any images, photographs, animations, video, audio, music, text, and "applets" incorporated into the SOFTWARE PRODUCT), the accompanying printed materials, and any copies of the SOFTWARE PRODUCT are owned by Microsoft or its suppliers. All title and intellectual property rights in and to the content which may be accessed through use of the SOFTWARE PRODUCT is the property of the respective content owner and may be protected by applicable copyright or other intellectual property laws and treaties. This EULA grants you no rights to use such content. All rights not expressly granted are reserved by Microsoft.
U.S. GOVERNMENT RESTRICTED RIGHTS. All SOFTWARE PRODUCT provided to the U.S. Government pursuant to solicitations issued on or after December 1, 1995 is provided with the commercial license rights and restrictions described elsewhere herein. All SOFTWARE PRODUCT provided to the U. S. Government pursuant to solicitations issued prior to December 1, 1995 is provided with "Restricted Rights" as provided for in FAR, 48 CFR 52.227-14 (JUNE 1987) or DFAR, 48 CFR 252.227-7013 (OCT 1988), as applicable.
EXPORT RESTRICTIONS. You agree that you will not export or re-export the SOFTWARE PRODUCT, any part thereof, or any process or service that is the direct product of the SOFTWARE PRODUCT (the foregoing collectively referred to as the "Restricted Components"), to any country/region, person or entity subject to U.S. export restrictions. You specifically agree not to export or re-export any of the Restricted Components: (i) to any country/region to which the U.S. has embargoed or restricted the export of goods or services, which currently include, but are not necessarily limited to Cuba, Iran, Iraq, Libya, North Korea, Sudan, Syria, Bosnia and Herzegovina, Croatia, North Macedonia, Serbia, and Slovenia, or to any national of any such country/region, wherever located, who intends to transmit or transport the Restricted Components back to such country/region; (ii) to any person or entity who you know or have reason to know will utilize the Restricted Components in the design, development or production of nuclear, chemical or biological weapons; or (iii) to any person or entity who has been prohibited from participating in U.S. export transactions by any federal agency of the U.S. government. You warrant and represent that neither the BXA nor any other U.S. federal agency has suspended, revoked or denied your export privileges.
MISCELLANEOUS
If you acquired this product in the United States, this EULA is governed by the laws of the State of Washington.
If you acquired this product in Canada, this EULA is governed by the laws of the Province of Ontario, Canada. Each of the parties hereto irrevocably attorns to the jurisdiction of the courts of the Province of Ontario and further agrees to commence any litigation which may arise hereunder in the courts located in the Judicial District of York, Province of Ontario.
If this product was acquired outside the United States, then local law may apply.
Should you have any questions concerning this EULA, or if you desire to contact Microsoft for any reason, please contact Microsoft, or write: Microsoft Sales Information Center/One Microsoft Way/Redmond, WA 98052-6399.
NO WARRANTIES.
DISCLAIMER OF WARRANTIES. To the maximum extent permitted by applicable law, Microsoft and its suppliers provide the SOFTWARE PRODUCT and any (if any) Support Services AS IS AND WITH ALL FAULTS, and hereby disclaim all warranties and conditions, either express, implied or statutory, including, but not limited to, any (if any) implied warranties or conditions of merchantability, of fitness for a particular purpose, of lack of viruses, of accuracy or completeness of responses, of results, and of lack of negligence or lack of workmanlike effort, all with regard to the SOFTWARE PRODUCT, and the provision of or failure to provide Support Services. ALSO, THERE IS NO WARRANTY OR CONDITION OF TITLE, QUIET ENJOYMENT, QUIET POSSESSION, CORRESPONDENCE TO DESCRIPTION OR NON-INFRINGEMENT, WITH REGARD TO THE SOFTWARE PRODUCT. THE ENTIRE RISK AS TO THE QUALITY OF OR ARISING OUT OF USE OR PERFORMANCE OF THE SOFTWARE PRODUCT AND SUPPORT SERVICES, IF ANY, REMAINS WITH YOU.
EXCLUSION OF INCIDENTAL, CONSEQUENTIAL AND CERTAIN OTHER DAMAGES. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL MICROSOFT OR ITS SUPPLIERS BE LIABLE FOR ANY SPECIAL, INCIDENTAL, INDIRECT, PUNITIVE OR CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING, BUT NOT LIMITED TO, DAMAGES FOR LOSS OF PROFITS OR CONFIDENTIAL OR OTHER INFORMATION, FOR BUSINESS INTERRUPTION, FOR PERSONAL INJURY, FOR LOSS OF PRIVACY, FOR FAILURE TO MEET ANY DUTY INCLUDING OF GOOD FAITH OR OF REASONABLE CARE, FOR NEGLIGENCE, AND FOR ANY OTHER PECUNIARY OR OTHER LOSS WHATSOEVER) ARISING OUT OF OR IN ANY WAY RELATED TO THE USE OF OR INABILITY TO USE THE SOFTWARE PRODUCT, THE PROVISION OF OR FAILURE TO PROVIDE SUPPORT SERVICES, OR OTHERWISE UNDER OR IN CONNECTION WITH ANY PROVISION OF THIS EULA, EVEN IN THE EVENT OF THE FAULT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, BREACH OF CONTRACT OR BREACH OF WARRANTY OF MICROSOFT OR ANY SUPPLIER, AND EVEN IF MICROSOFT OR ANY SUPPLIER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
LIMITATION OF LIABILITY AND REMEDIES. Notwithstanding any damages that you might incur for any reason whatsoever (including, without limitation, all damages referenced above and all direct or general damages), the entire liability of Microsoft and any of its suppliers under any provision of this EULA and your exclusive remedy for all of the foregoing shall be limited to the greater of the amount actually paid by you for the SOFTWARE PRODUCT or U.S.$5.00. The foregoing limitations, exclusions and disclaimers shall apply to the maximum extent permitted by applicable law, even if any remedy fails its essential purpose.