GyanBlog
Shipped2018

Secure Code Signing Framework

A messaging-based framework for signing multiple types of release artifacts securely — adopted across Adobe engineering.

JavaSpring BootSQSSNSAWSHSM

Category

Enterprise

Year

2018

Status

Shipped

The Problem

Code signing at Adobe needed to handle multiple artifact types — binaries, installers, scripts — each with different signing requirements, at release pipeline scale, without becoming a bottleneck.

What I Built

A messaging-based worker framework where signing jobs are queued via SQS, picked up by type-specific signing workers, processed against HSM-backed keys, and results published back — fully asynchronous, horizontally scalable.

Technical Challenges

  • Worker specialization by artifact type without duplicating core infrastructure
  • HSM integration for key security — keys never leave hardware
  • Async pipeline that doesn’t block release builds
  • Retry and failure handling for signing job failures
  • Audit log for every signing event

Architecture

[Diagram to be added]

Results & Impact

  • Adopted broadly across Adobe engineering teams
  • Handling release pipeline signing at enterprise scale
  • Zero key exposure incidents since deployment
← PreviousMeghdoot — Multi-Region Binary Monitoring
Next →Codex — Binary Metadata & Event Platform

Interested in working together?

Get in Touch