Wednesday, October 17, 2007

Code signing large executables

I've been having some trouble signing some of my large (~1.8 GB!) executables. (In case you wonder, they contain a lot of multimedia content packed into a single file for downloading.)

The Microsoft Authenticode tools (signcode.exe, signtool.exe) failed with error messages like "Not enough storage is available to process this command". I've also tried signing them programmatically, using the CAPICOM API, but that also failed (the tools seem to use CAPICOM internally, too).

Looking around on the internet for a solution to this problem, I was very pleased to find out that Mono includes a code signing tool compatible with Authenticode. The tool failed as well... but there is source code! Here's the interesting part:

byte[] file;
using (FileStream fs = new FileStream (fileName, FileMode.Open, FileAccess.Read, FileShare.Read)) {
file = new byte[fs.Length];
fs.Read (file, 0, file.Length);
fs.Close ();
}

;-) After a quick fix and a rebuild, I'm able to successfully sign all my executables so far. Big kudos to the Mono team!
Post a Comment