堆栈内存溢出
  简体   繁体   English

对Visual Studio 2012 VSIX扩展进行数字签名

[英]Digitally sign a Visual Studio 2012 VSIX extension

 原文  2012-11-13 23:15:05       c#/ visual-studio-2010/ visual-studio-2012/ digital-signature/ vsix

问题描述

I am trying to sign a Visual Studio 2012 extension that is packaged as a VSIX file. 我正在尝试签署一个打包为VSIX文件的Visual Studio 2012 extension

I have followed the instructions at http://www.jeff.wilcox.name/2010/03/vsixcodesigning/ ; 我已按照http://www.jeff.wilcox.name/2010/03/vsixcodesigning/上的说明进行操作; however, I am interested in performing signing without specifying a pfx file and password. 但是,我有兴趣在不指定pfx文件和密码的情况下执行签名。

For example, if I were to call 'signtool.exe', my command line would be: 例如,如果我要调用'signtool.exe',我的命令行将是: 

"signtool.exe" sign /n MySubjectName /t 'http://timestamp.verisign.com/scripts/timstamp.dll' /d "MyDescription" MyPackage.vsix

I understand that this command does not work with VSIX files, though it does work for an MSI archive. 我知道这个命令不适用于VSIX文件,尽管它适用于MSI存档。

With this command, I do not need to specify a password or pfx file when calling signtool. 使用此命令,调用signtool时无需指定密码或pfx文件。 The best installed certificate is selected, using the specified subject MySubjectName . 使用指定的主题MySubjectName选择已安装的最佳证书。

Following the code on Jeff's Blog , the signing step requires pfx file name and password to be defined to create the X509Certificate2 used in signing: 按照Jeff博客上的代码,签名步骤需要定义pfx文件名和密码以创建签名中使用的X509Certificate2 

 private static void SignAllParts(Package package, string pfx, string password, string timestamp){
  var signatureManager = new PackageDigitalSignatureManager(package);
  signatureManager.CertificateOption = CertificateEmbeddingOption.InSignaturePart;

  /*...*/

  signatureManager.Sign(toSign, new System.Security.Cryptography.X509Certificates.X509Certificate2(pfx, password));
}

Is there any API involving PackageDigitalSignatureManager that might let me find a X509Certificate based on MySubjectName so that I can sign against that? 是否有任何涉及PackageDigitalSignatureManager API可能让我找到基于MySubjectNameX509Certificate ,以便我可以签名?

1 个解决方案

解决方案1
 1  2015-03-16 09:25:45

I've solved this by iterating over the certificates found in the current user's store. 我通过迭代当前用户商店中的证书来解决这个问题。 I filter by the issuer name and take only valid certificates, then I loop over the matching certificates and return the first one which matches also the subject name: 我按发行者名称过滤并只获取有效证书,然后我循环匹配的证书并返回第一个与主题名称匹配的证书: 

public static X509Certificate2 Find(string issuer, string subject)
{
    var certStore = new X509Store (StoreName.My, StoreLocation.CurrentUser);
    certStore.Open (OpenFlags.ReadOnly);
    var certCollection = certStore.Certificates.Find (X509FindType.FindByIssuerName, issuer, true);

    foreach (var cert in certCollection)
    {
        if (cert.FriendlyName == subject)
        {
            return cert;
        }
    }

    return null;
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Visual Studio 2012扩展VSIX中的测试资源管理器列表 - Test Explorer List in Visual Studio 2012 Extension VSIX IlMerge Visual Studio扩展vsix - IlMerge Visual Studio extension vsix VSIX Visual Studio 扩展项目模板创建 - VSIX Visual studio extension project template Creation 使用 .NET 5.0 编写 Visual Studio 扩展 (VSIX) - Writing Visual Studio Extension (VSIX) with .NET 5.0 在 Visual Studio 中为 Visual Studio 扩展 (VSIX) 获取选定的选项卡 - Get the selected tabs in Visual studio for Visual studio extension (VSIX) VSIX 扩展安装但项目模板未显示在 Visual Studio 中 - VSIX extension install but item-template not shown in visual studio 在.vsix Visual Studio代码段扩展的.pkgdef中制作什么条目 - What entry to make in .pkgdef for a .vsix Visual Studio Snippets Extension Vsix(Visual Studio扩展)右键单击文件的完整路径 - Vsix (Visual Studio extension) full path of right-clicked file VSIX(Visual Studio扩展)“字体和颜色”改变了事件 - VSIX (Visual Studio Extension) “Fonts and Colors” changed event VSIX 凭据的存储位置 - Visual Studio 2017 扩展 - Where to store credentials for VSIX - Visual Studio 2017 Extension
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM