public static void SignFileFromDisk(FileInfo filePath)
{
X509Certificate2 signingCertificate = GetCodeSigningCertificate();
if (signingCertificate == null)
{
throw new SecurityException("No signing certificate found");
}
const DigitalSignFlags flags = DigitalSignFlags.NoUI;
DigitalSignInfo dsi = new DigitalSignInfo();
IntPtr certificateHandle = signingCertificate.Handle;
try
{
dsi.pwszFileName = filePath.FullName;
dsi.dwSigningCertChoice = DigitalSigningCertificateChoice.Certificate;
dsi.dwAdditionalCertChoice = DigitalSignAdditionalCertificateChoice.AddChainNoRoot;
dsi.dwSubjectChoice = DigitalSignSubjectChoice.File;
dsi.pwszTimestampURL = null;
dsi.pSignExtInfo = IntPtr.Zero;
dsi.pSigningCertContext = certificateHandle;
dsi.dwSize = Marshal.SizeOf(dsi);
bool result = CryptUi.CryptUIWizDigitalSign(flags, IntPtr.Zero, "", ref dsi, ref dsi.pSigningCertContext);
if (!result)
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
}
finally
{
//CryptUi.CryptUIWizFreeDigitalSignContext(dsi.pSigningCertContext);
//- currently throws, from my reading of http://msdn.microsoft.com/en-us/library/windows/desktop/aa380292%28v=vs.85%29.aspx
//I'm not doing any damage by not freeing it.
}
}
public static extern bool CryptUIWizDigitalSign(DigitalSignFlags dwFlags, IntPtr hwndParent, string pwszWizardTitle, ref DigitalSignInfo pDigitalSignInfo, ref IntPtr ppSignContext);
public static extern bool CryptUIWizDigitalSign(DigitalSignFlags dwFlags, IntPtr hwndParent, string pwszWizardTitle, ref DigitalSignInfo pDigitalSignInfo, ref IntPtr ppSignContext);
