用于替换 signtool.exe 的 API/库 [英] API/Library to replace signtool.exe
问题描述
Windows SDK 附带一个名为 signtool.exe 的工具,可让您使用证书对文件进行签名.我需要在后台服务中做同样的事情,所以我正在寻找一个库(最好是托管代码,但 COM 会做)来做同样的事情.有什么想法吗?
The Windows SDK ships with a tool called signtool.exe that lets you sign a file with a certificate. I need to do the same thing but in a background service so I'm on the lookout for a library (preferably managed code, but COM will do) to do the same thing. Any ideas?
找到了答案.以下是如何使用 X.509 证书在 .NET 中对文件进行签名:
Found the answer. Here's how to use an X.509 certificate to sign a file in .NET:
CmsSigner signer = new CmsSigner();
signer.Certificate = new X509Certificate2(certificate);
SignedCms content = new SignedCms(new ContentInfo(File.ReadAllBytes(fileToSign)));
content.ComputeSignature(signer, true);
byte[] signedFile = content.Encode();
string signedFileName = fileToSign + ".signed";
File.WriteAllBytes(signedFileName, signedFile);
Console.WriteLine("Signed file: " + signedFileName);
这里,certificate 是包含证书的 .pfx 文件的路径,fileToSign 是要签名的文件.
Here, certificate is the path to the .pfx file containing the certificate and fileToSign is the file to sign.
推荐答案
SignTool 正在使用 CAPICOM,它是 Crypto API 的 COM 包装器.您可以使用任何一种.如果您使用 CAPICOM,您可以查看信息 这里.
SignTool is using CAPICOM which is the COM wrapper for the Crypto API. You can use either one. If you're going with CAPICOM, you can check the information here.
这篇关于用于替换 signtool.exe 的 API/库的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
