I'm signing a dot net exe using
signcode.exe with an spc/pvk combo
The file needs to read its own Public Key at runtime in order to verify some data. I've gone down a number of different avenues.
I've tried
X509Certificate executingCert = X509Certificate.CreateFromSignedFile(exe);
executingCert is then null. I'm guessing signcode isn't creating an X509 signed file, though if there's a switch to change that I'm happy to go that way.
edited Turns out the above does work.... I had my null check backwards (!= != ==) :)
Assembly asm = Assembly.GetExecutingAssembly();
string exe = asm.Location;
X509Certificate executingCert = X509Certificate.CreateFromSignedFile(exe);
if (executingCert != null)
{
Console.WriteLine("Assembly is signed");
byte[] assemblyKey = executingCert.GetPublicKey();
}
SignCode (for .Net 1.0 and 1.1) uses Authenticode signing, which as far as I'm aware, lacks a .Net Framework managed interface. You will likely need to use P/Invoke to call routines in Win32 API such as those found in this KB article: How To Get Information from Authenticode Signed Executables. Likely you'll need to use CryptQueryObject which will get you the certificate, which you will then likely have to find another routine to pull the public key from.
Check out this related StackOverflow question which has a lot of answers: WinVerifyTrust to check for a specific signature?
Try something like that:
Assembly.GetEntryAssembly().GetName().GetPublicKey()
I used GetEntryAssembly in that case, but of course you can call the method on any loaded assembly.
来源:https://stackoverflow.com/questions/3722610/how-do-i-read-the-public-key-from-a-signed-c-sharp-exe