I've the following requirement, sign a binary with a certificate, but without signtool.exe; the idea would be to do it via code.
Do you know if it's possible?
Asked
Active
Viewed 1,393 times
3
-
duplicate? http://stackoverflow.com/questions/692565/how-do-you-programmatically-resign-a-net-assembly-with-a-strong-name – Nikolay Mar 29 '12 at 09:51
-
Indeed. thanks for spotting this. That said, how shall I proceed? delete this question, or leave it open as it's not asked the same way? – Vinzz Mar 29 '12 at 11:58
-
Not a duplicate. `signtool.exe` (referenced here) generates Authenticode signatures (for any PE file); "strong naming" (mentioned in the other question) uses `sn.exe` and is for managed assemblies only. – Bradley Grainger Mar 29 '12 at 12:45
-
I think you can leave it – Nikolay Mar 29 '12 at 12:49
1 Answers
4
You will need to use the SignerSign or SignerSignEx functions that are exported from mssign32.dll.
To use these, you'll need to define managed versions of the SIGNER_SUBJECT_INFO, SIGNER_FILE_INFO, SIGNER_CERT, SIGNER_SIGNATURE_INFO, etc. structs, then correctly specify the P/Invoke signature for the native method.
Halfway through this blog post, there is a C++ example of calling SignerSignEx; Mark has ported it to C# in this StackOverflow answer.
Community
- 1
- 1
Bradley Grainger
- 27,458
- 4
- 91
- 108
-
Didn't get it working in C# (didn't spend enought time, was on a very short deadline), but it worked perfectly in good old C++. Thanks! – Vinzz Jun 10 '12 at 12:49
-