Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How do I read the public key from a signed C# exe

Tags:

c#

public-key

signtool

x509

I'm signing a dot net exe using 

signcode.exe with an spc/pvk combo

The file needs to read its own Public Key at runtime in order to verify some data. I've gone down a number of different avenues.

I've tried 

X509Certificate executingCert = X509Certificate.CreateFromSignedFile(exe);

executingCert is then null. I'm guessing signcode isn't creating an X509 signed file, though if there's a switch to change that I'm happy to go that way.

edited Turns out the above does work.... I had my null check backwards (!= != ==) :) 

Assembly asm = Assembly.GetExecutingAssembly();
string exe = asm.Location;
X509Certificate executingCert = X509Certificate.CreateFromSignedFile(exe); 

if (executingCert != null)
{
    Console.WriteLine("Assembly is signed");
    byte[] assemblyKey = executingCert.GetPublicKey();
}
like image 717
Fiacc Avatar asked Sep 15 '10 23:09

Fiacc

People also ask

What is a signed public key?

A Public Key Signature (PKI Digital Signature) Is the Wax Seal of Internet Communications. A PKI signature is the modern equivalent of a wax seal that people historically would use to secure sensitive communications.

How does public key verify signature?

The recipient uses the sender's public key to decrypt the digital signature's hash. The recipient's computer calculates the hash of the original file and compares it with the decrypted hash. If the two hashes match, the signature is verified.

How do you guarantee the authenticity of Alice's public key?

The verification is done by signing a the certificate using a private key (from this CA), then both peers in the connection will check that the certificate was signed by a trusted CA and validate the connection. In you example, Bob will sign the certificate in a CA that Alice trusts.

1 Answers

SignCode (for .Net 1.0 and 1.1) uses Authenticode signing, which as far as I'm aware, lacks a .Net Framework managed interface. You will likely need to use P/Invoke to call routines in Win32 API such as those found in this KB article: How To Get Information from Authenticode Signed Executables. Likely you'll need to use CryptQueryObject which will get you the certificate, which you will then likely have to find another routine to pull the public key from.

Check out this related StackOverflow question which has a lot of answers: WinVerifyTrust to check for a specific signature?

like image 191
user7116 Avatar answered Sep 21 '22 16:09

user7116
Sign in to Comment

Related questions

NavigationWindow Click Sound
Adding a directory temporarily to Windows 7's DLL search paths
Strategies for testing reactive, asynchronous code
How to mimic Picasa's rendering of reduced quality image to speed up drawing
Efficient foreach child evaluation in parallel
Custom Data Annotations IsValid is never invoked. (ASP.NET MVC 2 .NET 4)
Adverserial search troubles
How do conditionals in lookaround groups work in .NET regex?
C# Open Xml SDK 2.0 Spreadsheet Setting Cell DateTime Format
CEP Engine for .NET
How can you Marshal a byte array in C#?
C# ASP.NET Page Leaving event?
Resize and Save Image While Preserving Metadata
C# Libraries for CouchDB? [closed]
How Refactor Code/DB schema with EF 4 code first - Data Migration
Using .NET/Mono on Linux to serve a high volume web service, a good idea?
How to prevent entry of HTML into ASP.NET Web form text box
Why are string identifiers used to access resource data?
How do I express “not in” using lambdas?
Connecting to SAP Web Service from C# .NET application

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!