How do I read the digital signature information from a signed .Net assembly?

Asked 11/5, 2012 at 10:41 Answered 18/12, 2019 at 9:45

c#x509certificate digital-signature signed authenticode

I am writing an assembly information application to be used in our software build process and am trying to read the digital signature information from a signed .Net assembly.

I want to do in my C# code what Windows Explorer can do by right-clicking a signed assembly and selecting the "Digital Signatures" tab and then clicking the Details button. e.g.

Windows 7 Explorer can do by right-clicking file properties

Digital signature details

Has anyone got an idea how to do this programmatically in C#? I am currently using the Mono Cecil library to get the rest of the information from the assembly. Your help will be most appreciated.

Suppositive answered 11/5, 2012 at 10:41 Comment(4)

What you show is Authenticode signature, applicable to all PE files. There also exists strongnaming, .NET-specific signature format. Strongnaming is done using a keypair, not a certificate, consequently you can't extract any useful information from the strongnamed assembly. Doing search for Authenticode on StackOverflow will give you plenty of useful information. – Felicefelicia 11/5, 2012 at 13:15

Possibly related questions. – Perversion 11/5, 2012 at 13:18

possible duplicate of How do I read the public key from a signed C# exe – Dinny 15/5, 2012 at 0:44

That did the trick, the X509Certificate.CreateFromSignedFile(exe) works like a charm. However, it raises an exception rather null as shown in the "How do I read the public key from a signed C# exe" link. – Suppositive 15/5, 2012 at 6:48

The Mono project provides source code for both signcode and chktrust that you can re-use inside your own application (open source, MIT X11 licensed).

Both use Mono.Security.dll assembly (which works under Windows, not just Linux and OSX) and include a quite complete Authenticode support.

Guff answered 14/5, 2012 at 22:3 Comment(0)

From this response :

SignCode (for .Net 1.0 and 1.1) uses Authenticode signing, which as far as I'm aware, lacks a .Net Framework managed interface.

Hopefully, it's looks like that some Nuget package implement it:

Pyrene answered 18/12, 2019 at 9:45 Comment(0)

Recommended topics

Hot tags