On Tue, 2008-12-09 at 10:38 +0100, Matthew Gertner wrote: > On Mon, Dec 8, 2008 at 7:37 PM, Sebastien Pouliot > <[EMAIL PROTECTED]> wrote: > > On Mon, 2008-12-08 at 19:09 +0100, Matthew Gertner wrote: > >> Hi, > >> > >> I installed Mono using the yum packages on Centos 5. The version is > >> 1.2.4-2.el5.centos. > > > > Mono 1.2.4 is a rather old release. > > > >> I'm trying to digitally sign an executable using signcode. I followed > >> the instructions here: > >> https://developer.mozilla.org/En/Signing_an_executable_with_Authenticode. > >> I added the three CA certificates I downloaded from GlobalSign to the > >> CA repository as instructed. > >> > >> I had to extract the .p7b and .pvk files from the .p12 file supplied > >> by GlobalSign, which I did by following the instructions here: > >> http://wiki.cacert.org/wiki/Authenticode. > >> > >> Everything seemed to go fine, but when I run the signcode command: > >> > >> signcode \ > >> -spc (path to your public key).p7b \ > >> -v (path to your private key).pvk \ > >> -a sha1 -$ commercial \ > >> -n My\ Application \ > >> -i http://www.example.com/ \ > >> -t http://timestamp.verisign.com/scripts/timstamp.dll \ > >> -tr 10 \ > >> MyApp.exe > >> > >> I get the following output: > >> > >> Mono SignCode - version 1.2.4.0 > >> Sign assemblies and PE files using Authenticode(tm). > >> Copyright 2002, 2003 Motus Technologies. Copyright 2004-2006 Novell. > >> BSD licensed. > >> > >> > >> Unhandled Exception: System.FormatException: Invalid length. > >> at <0x00000> <unknown method> > >> at (wrapper managed-to-native) > >> System.Convert:InternalFromBase64String (string,bool) > >> at System.Convert.FromBase64String (System.String s) [0x00000] > >> at Mono.Security.Authenticode.SoftwarePublisherCertificate.CreateFromFile > >> (System.String filename) [0x00000] > >> at Mono.Tools.SignCode.GetCertificates (System.String spcfile) [0x00000] > >> at Mono.Tools.SignCode.Main (System.String[] args) [0x00000] > > > > The file you supply as the SPC is not recognized as valid. It's either a > > bad binary*, a badly encoded base64 file* or a bug fixed after 1.2.4 > > (been too long to recall what was changed since that version). > > > > * You can try to open the file and check if it looks bad or not. > > > >> I get the same error if I just run: > >> > >> signcode -spc <path to my p7b> > > > > That would be same file, so same badness apply. > > > >> I'm stuck. Does anyone have any idea what might be causing this? > > > > Make sure you get everything working using a test certificate. Then > > start over and compare each steps (with the test). > > Thanks, Sebastien. I upgraded to mono 1.9.1.0. I wasn't sure where to > get a test certificate but I did find a sample p7b file here: > http://www.jacco2.dds.nl/networking/crtimprt.zip (referenced from > http://support.quovadisglobal.com/customer/KBArticle.aspx?articleid=31). > I tried the same command, i.e. > > signcode -spc usercrt.p7b > > Unfortunately I get exactly the same error message as before with mono > 1.9.1.0, both with my p7b file and the sample one I downloaded. Both > files look pretty same, with -----BEGIN PKCS7----- followed by a bunch > of base64 encoded binary and then -----END PKCS7-----. > > I'm still stuck. Do you have any other ideas for what I could try?
Try removing the header/footer around the base64 data (IIRC Windows does not add them) and try again. Next fill a bug report and attach the original (non-working) file and state (in the description) if the previous hack worked or not. I'll have a look at it. Thanks Sebastien _______________________________________________ Mono-list maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-list
