11

I am writing an assembly information application to be used in our software build process and am trying to read the digital signature information from a signed .Net assembly.

I want to do in my C# code what Windows Explorer can do by right-clicking a signed assembly and selecting the "Digital Signatures" tab and then clicking the Details button. e.g.

Windows 7 Explorer can do by right-clicking file properties

Digital signature details

Has anyone got an idea how to do this programmatically in C#? I am currently using the Mono Cecil library to get the rest of the information from the assembly. Your help will be most appreciated.

anton.burger
  • 5,637
  • 32
  • 48
VinceJS
  • 1,254
  • 3
  • 18
  • 38
  • 1
    What you show is `Authenticode` signature, applicable to all PE files. There also exists `strongnaming`, .NET-specific signature format. Strongnaming is done using a keypair, not a certificate, consequently you can't extract any useful information from the strongnamed assembly. Doing search for `Authenticode` on StackOverflow will give you plenty of useful information. – Eugene Mayevski 'Callback May 11 '12 at 13:15
  • 1
    [Possibly](http://stackoverflow.com/questions/301024/validate-authenticode-signature-on-exe-c-without-capicom) [related](http://stackoverflow.com/questions/3281057/get-timestamp-from-authenticode-signed-files-in-net) questions. – anton.burger May 11 '12 at 13:18
  • 1
    possible duplicate of [How do I read the public key from a signed C# exe](http://stackoverflow.com/questions/3722610/how-do-i-read-the-public-key-from-a-signed-c-sharp-exe) – Hans Passant May 15 '12 at 00:44
  • That did the trick, the X509Certificate.CreateFromSignedFile(exe) works like a charm. However, it raises an exception rather null as shown in the "How do I read the public key from a signed C# exe" link. – VinceJS May 15 '12 at 06:48

2 Answers2

6

The Mono project provides source code for both signcode and chktrust that you can re-use inside your own application (open source, MIT X11 licensed).

Both use Mono.Security.dll assembly (which works under Windows, not just Linux and OSX) and include a quite complete Authenticode support.

poupou
  • 43,413
  • 6
  • 77
  • 174
1

From this response :

SignCode (for .Net 1.0 and 1.1) uses Authenticode signing, which as far as I'm aware, lacks a .Net Framework managed interface.

Hopefully, it's looks like that some Nuget package implement it:

Orace
  • 7,822
  • 30
  • 45