如何从签名的 C# exe 中读取公钥
来签署 dot net exe
signcode.exe with an spc/pvk combo
我正在使用该文件需要在运行时读取其自己的公钥以验证某些数据 。我走了很多不同的途径。
我尝试过
X509Certificate executingCert = X509Certificate.CreateFromSignedFile(exe);
executingCert 然后为空。我猜测 Signcode 不会创建 X509 签名文件,但如果有一个开关可以更改,我很乐意这样做。
已编辑 事实证明上面的方法确实有效......我向后进行了空检查(!= != ==):)
Assembly asm = Assembly.GetExecutingAssembly();
string exe = asm.Location;
X509Certificate executingCert = X509Certificate.CreateFromSignedFile(exe);
if (executingCert != null)
{
Console.WriteLine("Assembly is signed");
byte[] assemblyKey = executingCert.GetPublicKey();
}
I'm signing a dot net exe using
signcode.exe with an spc/pvk combo
The file needs to read its own Public Key at runtime in order to verify some data. I've gone down a number of different avenues.
I've tried
X509Certificate executingCert = X509Certificate.CreateFromSignedFile(exe);
executingCert is then null. I'm guessing signcode isn't creating an X509 signed file, though if there's a switch to change that I'm happy to go that way.
edited
Turns out the above does work.... I had my null check backwards (!= != ==) :)
Assembly asm = Assembly.GetExecutingAssembly();
string exe = asm.Location;
X509Certificate executingCert = X509Certificate.CreateFromSignedFile(exe);
if (executingCert != null)
{
Console.WriteLine("Assembly is signed");
byte[] assemblyKey = executingCert.GetPublicKey();
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
SignCode(适用于 .Net 1.0 和 1.1)使用 Authenticode 签名,据我所知,它缺少 .Net Framework 托管接口。您可能需要使用 P/Invoke 来调用 Win32 API 中的例程,例如 知识库文章:如何从 Authenticode 签名的可执行文件获取信息。您可能需要使用 CryptQueryObject会给你带来
证书,然后您可能必须找到另一个例程来从中提取公钥。
查看此相关的 StackOverflow 问题,其中有很多答案: WinVerifyTrust 检查具体签名?
SignCode (for .Net 1.0 and 1.1) uses Authenticode signing, which as far as I'm aware, lacks a .Net Framework managed interface. You will likely need to use P/Invoke to call routines in Win32 API such as those found in this KB article: How To Get Information from Authenticode Signed Executables. Likely you'll need to use CryptQueryObject which will get you the
certificate, which you will then likely have to find another routine to pull the public key from.
Check out this related StackOverflow question which has a lot of answers: WinVerifyTrust to check for a specific signature?
尝试类似的方法:
在这种情况下我使用了 GetEntryAssembly,但当然您可以在任何加载的程序集上调用该方法。
Try something like that:
I used GetEntryAssembly in that case, but of course you can call the method on any loaded assembly.