为什么使用SHA1哈希算法的cant证书来签署appx文件？ [英] Why cant certificates with SHA1 hash algorithm be used to sign the appx file?

问题描述

我想用一个符合SHA1算法的客户端证书签署我的appx文件，以便进行侧面加载。

I want to sign my appx file with a client certificate which adheres to SHA1 algorithm for side loading purpose.

当我尝试签名时，我收到错误 - 指定的算法无法使用或无效。

When I try signing it ,I get an error - Specified algorithm cannot be used or is invalid.

为什么使用带有SHA1哈希算法的cant证书来签署appx文件？

Why cant certificates with SHA1 hash algorithm be used to sign the appx file?

谢谢

推荐答案

我找不到文档那说它不能是SHA-1，但我发现了这个：



SIGNER_SIGNATURE_INFO的 algidHash 成员结构必须与创建应用程序包时使用的哈希算法相同。有关如何从应用程序包中确定哈希算法的信息，请参阅

如何使用SignTool签署应用程序包。  Windows  8默认算法

MakeAppx 和用于创建应用程序包的Visual Studio是"algidHash = CALG_SHA_256"。

I can't find documentation that says it can't be SHA-1, but I found this:

The algidHash member of the SIGNER_SIGNATURE_INFO structure must be the same hash algorithm that was used in creating the app package. For info about how to determine the hash algorithm from the app package, see How to sign an app package using SignTool.  The Windows 8 default algorithm that MakeAppx and Visual Studio use to create app packages is "algidHash = CALG_SHA_256".

https://msdn.microsoft.com/en-us/library/windows/desktop/jj835834（v = vs.85）的.aspx

如果您要使用SHA-1创建应用包，则可能会有效。 你为什么要这样做？

If you were to create the app package using SHA-1, it might work.  Why do you want to do this?

这篇关于为什么使用SHA1哈希算法的cant证书来签署appx文件？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！