On Mon, Dec 8, 2008 at 7:37 PM, Sebastien Pouliot <[EMAIL PROTECTED]> wrote: > On Mon, 2008-12-08 at 19:09 +0100, Matthew Gertner wrote: >> Hi, >> >> I installed Mono using the yum packages on Centos 5. The version is >> 1.2.4-2.el5.centos. > > Mono 1.2.4 is a rather old release. > >> I'm trying to digitally sign an executable using signcode. I followed >> the instructions here: >> https://developer.mozilla.org/En/Signing_an_executable_with_Authenticode. >> I added the three CA certificates I downloaded from GlobalSign to the >> CA repository as instructed. >> >> I had to extract the .p7b and .pvk files from the .p12 file supplied >> by GlobalSign, which I did by following the instructions here: >> http://wiki.cacert.org/wiki/Authenticode. >> >> Everything seemed to go fine, but when I run the signcode command: >> >> signcode \ >> -spc (path to your public key).p7b \ >> -v (path to your private key).pvk \ >> -a sha1 -$ commercial \ >> -n My\ Application \ >> -i http://www.example.com/ \ >> -t http://timestamp.verisign.com/scripts/timstamp.dll \ >> -tr 10 \ >> MyApp.exe >> >> I get the following output: >> >> Mono SignCode - version 1.2.4.0 >> Sign assemblies and PE files using Authenticode(tm). >> Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. >> BSD licensed. >> >> >> Unhandled Exception: System.FormatException: Invalid length. >> at <0x00000> <unknown method> >> at (wrapper managed-to-native) >> System.Convert:InternalFromBase64String (string,bool) >> at System.Convert.FromBase64String (System.String s) [0x00000] >> at Mono.Security.Authenticode.SoftwarePublisherCertificate.CreateFromFile >> (System.String filename) [0x00000] >> at Mono.Tools.SignCode.GetCertificates (System.String spcfile) [0x00000] >> at Mono.Tools.SignCode.Main (System.String[] args) [0x00000] > > The file you supply as the SPC is not recognized as valid. It's either a > bad binary*, a badly encoded base64 file* or a bug fixed after 1.2.4 > (been too long to recall what was changed since that version). > > * You can try to open the file and check if it looks bad or not. > >> I get the same error if I just run: >> >> signcode -spc <path to my p7b> > > That would be same file, so same badness apply. > >> I'm stuck. Does anyone have any idea what might be causing this? > > Make sure you get everything working using a test certificate. Then > start over and compare each steps (with the test).
Thanks, Sebastien. I upgraded to mono 1.9.1.0. I wasn't sure where to get a test certificate but I did find a sample p7b file here: http://www.jacco2.dds.nl/networking/crtimprt.zip (referenced from http://support.quovadisglobal.com/customer/KBArticle.aspx?articleid=31). I tried the same command, i.e. signcode -spc usercrt.p7b Unfortunately I get exactly the same error message as before with mono 1.9.1.0, both with my p7b file and the sample one I downloaded. Both files look pretty same, with -----BEGIN PKCS7----- followed by a bunch of base64 encoded binary and then -----END PKCS7-----. I'm still stuck. Do you have any other ideas for what I could try? Cheers, Matt _______________________________________________ Mono-list maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-list
