Software Signing

Yubico aims to cryptographically sign all software that it distributes. We use three different techniques to achieve this.

OpenPGP Software Signing

Source code releases are usually signed by an OpenPGP key of one of Yubico’s developers. Some ZIP files containing Windows executables are also signed using OpenPGP.

Following are the keys for Yubico developers who are currently releasing code.

Following are the keys for developers who have released code in the past.

Windows Software Signing

Our Windows executables are signed with one of two code signing certificates, issued by GoDaddy and one issued by DigiCert:

SHA256 fingerprint


SHA256 fingerprint


Windows software released before 2018-03-12 is signed with:

SHA256 fingerprint


Windows software released before 2017-03-12 is signed with:

SHA256 fingerprint


Windows software released before 2016-03-12 is signed with:

SHA256 fingerprint


Windows software released before 2015-03-12 is signed with:

SHA256 fingerprint


Mac Software Signing

Our Mac executables are signed with a Yubico code signing certificate, issued by Apple.

SHA256 fingerprint


Mac software released before 2017-09-25 is signed with:

SHA256 fingerprint