/// <summary> /// Signs a ClickOnce manifest or PE file. /// </summary> /// <param name="certThumbprint">Hexadecimal string that contains the SHA-1 hash of the certificate.</param> /// <param name="timestampUrl">URL that specifies an address of a time stamping server.</param> /// <param name="path">Path of the file to sign with the certificate.</param> /// <param name="targetFrameworkVersion">Version of the .NET Framework for the target.</param> public static void SignFile(string certThumbprint, Uri timestampUrl, string path, string targetFrameworkVersion) { System.Resources.ResourceManager resources = new System.Resources.ResourceManager("Microsoft.Build.Tasks.Deployment.ManifestUtilities.Strings", typeof(SecurityUtilities).Module.Assembly); if (String.IsNullOrEmpty(certThumbprint)) { throw new ArgumentNullException("certThumbprint"); } X509Certificate2 cert = GetCert(certThumbprint); if (cert == null) { throw new ArgumentException(resources.GetString("CertNotInStore"), "certThumbprint"); } if (!String.IsNullOrEmpty(targetFrameworkVersion)) { Version targetVersion = Util.GetTargetFrameworkVersion(targetFrameworkVersion); if (targetVersion == null) { throw new ArgumentException("TargetFrameworkVersion"); } // SHA-256 digest can be parsed only with .NET 4.5 or higher. bool isTargetFrameworkSha256Supported = targetVersion.CompareTo(s_dotNet45Version) >= 0; SignFileInternal(cert, timestampUrl, path, isTargetFrameworkSha256Supported, resources); } else { SignFile(cert, timestampUrl, path); } }