public static void SignFileFromDisk(FileInfo filePath) { X509Certificate2 signingCertificate = GetCodeSigningCertificate(); if (signingCertificate == null) { throw new SecurityException("No signing certificate found"); } const DigitalSignFlags flags = DigitalSignFlags.NoUI; DigitalSignInfo dsi = new DigitalSignInfo(); IntPtr certificateHandle = signingCertificate.Handle; try { dsi.pwszFileName = filePath.FullName; dsi.dwSigningCertChoice = DigitalSigningCertificateChoice.Certificate; dsi.dwAdditionalCertChoice = DigitalSignAdditionalCertificateChoice.AddChainNoRoot; dsi.dwSubjectChoice = DigitalSignSubjectChoice.File; dsi.pwszTimestampURL = null; dsi.pSignExtInfo = IntPtr.Zero; dsi.pSigningCertContext = certificateHandle; dsi.dwSize = Marshal.SizeOf(dsi); bool result = CryptUi.CryptUIWizDigitalSign(flags, IntPtr.Zero, "", ref dsi, ref dsi.pSigningCertContext); if (!result) { throw new Win32Exception(Marshal.GetLastWin32Error()); } } finally { //CryptUi.CryptUIWizFreeDigitalSignContext(dsi.pSigningCertContext); //- currently throws, from my reading of http://msdn.microsoft.com/en-us/library/windows/desktop/aa380292%28v=vs.85%29.aspx //I'm not doing any damage by not freeing it. } }
public static extern bool CryptUIWizDigitalSign(DigitalSignFlags dwFlags, IntPtr hwndParent, string pwszWizardTitle, ref DigitalSignInfo pDigitalSignInfo, ref IntPtr ppSignContext);