从文件中读取数字证书 [英] Reading digital certificate from the file

问题描述

我使用Signtool.exe对文件进行了签名，现在我正尝试使用以下方法加载附加到文件的证书

I signed a file using Signtool.exe and now I am trying to load the certificate attached to the file using the following method

var cert = X509Certificate2.CreateFromSignedFile(filePath);

但是他的行抛出错误找不到所需的对象".当我尝试从Microsoft签名的dll中读取证书时 EntityFramework.dll ，它可以正常工作.我以为可能是因为我在Trusted Store中没有证书，但是即使将证书添加到Trusted Store中，它仍然会引发错误.有人知道如何解决这个问题吗?

but his line throws an error "Cannot find the requested object.". When I try reading the certificate from a microsoft signed dll e.g. EntityFramework.dll, it works without any problems. I thought it could be because I don't have the certificate in the Trusted Store but even after adding it there, it continues to throw error. Does anyone know how to fix this?

推荐答案

您可以使用wintrust组件来收集签名信息

You can use wintrust component to collect the signature information

   [DllImportAttribute("wintrust.dll", EntryPoint = "WTGetSignatureInfo", CallingConvention = CallingConvention.StdCall)]
    internal static extern int WTGetSignatureInfo([InAttribute()] [MarshalAsAttribute(UnmanagedType.LPWStr)] string pszFile, [InAttribute()] System.IntPtr hFile, SIGNATURE_INFO_FLAGS sigInfoFlags, ref SIGNATURE_INFO psiginfo, ref System.IntPtr ppCertContext, ref System.IntPtr phWVTStateData);

这将从Microsoft规定的所有可签名文件中收集签名详细信息.但是，请确保在单线程单元模型下执行给定的函数.否则，对于签名脚本文件(如.js/.vbs等)，您会发现怪异的结果.

This will collect the signature details from any signable files that microsoft prescribes. But make sure that you execute the given function under single threaded apartment model. Otherwise you will find weird results for signed script files like .js/.vbs and etc.

请参考如何在C#中验证Java的Authenticode 了解更多信息.

这篇关于从文件中读取数字证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！