10

I am writing an assembly information application to be used in our software build process and am trying to read the digital signature information from a signed .Net assembly.

I want to do in my C# code what Windows Explorer can do by right-clicking a signed assembly and selecting the "Digital Signatures" tab and then clicking the Details button. e.g.

Windows 7 Explorer can do by right-clicking file properties

Digital signature details

Has anyone got an idea how to do this programmatically in C#? I am currently using the Mono Cecil library to get the rest of the information from the assembly. Your help will be most appreciated.

anton.burger
  • 5,579
  • 32
  • 48
VinceJS
  • 1,224
  • 3
  • 17
  • 35
  • 1
    What you show is `Authenticode` signature, applicable to all PE files. There also exists `strongnaming`, .NET-specific signature format. Strongnaming is done using a keypair, not a certificate, consequently you can't extract any useful information from the strongnamed assembly. Doing search for `Authenticode` on StackOverflow will give you plenty of useful information. – Eugene Mayevski 'Callback May 11 '12 at 13:15
  • 1
    [Possibly](http://stackoverflow.com/questions/301024/validate-authenticode-signature-on-exe-c-without-capicom) [related](http://stackoverflow.com/questions/3281057/get-timestamp-from-authenticode-signed-files-in-net) questions. – anton.burger May 11 '12 at 13:18
  • 1
    possible duplicate of [How do I read the public key from a signed C# exe](http://stackoverflow.com/questions/3722610/how-do-i-read-the-public-key-from-a-signed-c-sharp-exe) – Hans Passant May 15 '12 at 00:44
  • That did the trick, the X509Certificate.CreateFromSignedFile(exe) works like a charm. However, it raises an exception rather null as shown in the "How do I read the public key from a signed C# exe" link. – VinceJS May 15 '12 at 06:48

2 Answers2

6

The Mono project provides source code for both signcode and chktrust that you can re-use inside your own application (open source, MIT X11 licensed).

Both use Mono.Security.dll assembly (which works under Windows, not just Linux and OSX) and include a quite complete Authenticode support.

poupou
  • 43,207
  • 6
  • 76
  • 172
0

From this response :

SignCode (for .Net 1.0 and 1.1) uses Authenticode signing, which as far as I'm aware, lacks a .Net Framework managed interface.

Hopefully, it's looks like that some Nuget package implement it:

Orace
  • 6,774
  • 25
  • 42