Sign PE file with certificate by programing


Someone needs this function, so I post it.

First, you need to creat a *.cer and *.pvk by makecert.exe.


#include
#pragma comment (lib, "Cryptui.lib")

//////////////////////////////////////////////////////////////////////////////////////////////////
//
// Function: SignFile
//
// Purpose: Sign PE file with certificate. (*.pvk and *.cer)
//
// Arguments:
// pszExeFile (in) The PE file name.
// pszPvkFile (in) The private key file name. (*.pvk)
// pszCertFile (in) The certificate file name. (*.cer, *.spc)
//
// Returns:
// If success, return TURE.
//
// Notes:
//
// Last modified: 2009.01.20

BOOL SignFile(LPTSTR pszExeFile, LPTSTR pszPvkFile, LPTSTR pszCertFile)
{
CRYPTUI_WIZ_DIGITAL_SIGN_INFO signInfo;
CRYPTUI_WIZ_DIGITAL_SIGN_CERT_PVK_INFO pvkInfo;
CRYPTUI_WIZ_DIGITAL_SIGN_PVK_FILE_INFO pvkFileInfo;
BOOL bResult;

pvkFileInfo.dwSize = sizeof(CRYPTUI_WIZ_DIGITAL_SIGN_PVK_FILE_INFO);
pvkFileInfo.pwszPvkFileName = pszPvkFile;
pvkFileInfo.pwszProvName = NULL;
pvkFileInfo.dwProvType = PROV_RSA_FULL;

pvkInfo.dwSize = sizeof(CRYPTUI_WIZ_DIGITAL_SIGN_CERT_PVK_INFO);
pvkInfo.pwszSigningCertFileName = pszCertFile;
pvkInfo.dwPvkChoice = CRYPTUI_WIZ_DIGITAL_SIGN_PVK_FILE;
pvkInfo.pPvkFileInfo = &pvkFileInfo;

signInfo.dwSize = sizeof(CRYPTUI_WIZ_DIGITAL_SIGN_INFO);
signInfo.dwSubjectChoice = CRYPTUI_WIZ_DIGITAL_SIGN_SUBJECT_FILE;
signInfo.pwszFileName = pszExeFile;
signInfo.dwSigningCertChoice = CRYPTUI_WIZ_DIGITAL_SIGN_PVK;
signInfo.pSigningCertPvkInfo = &pvkInfo;
signInfo.pwszTimestampURL = NULL;
signInfo.dwAdditionalCertChoice = CRYPTUI_WIZ_DIGITAL_SIGN_ADD_CHAIN;
signInfo.pSignExtInfo = NULL;

bResult = CryptUIWizDigitalSign(CRYPTUI_WIZ_NO_UI, NULL, NULL, &signInfo, NULL);

return bResult;

} // SignFile()
This post is tagged in:
  • Love
    • Save
    More posts from
    Add a blog to Bloglovin’
    Enter the full blog address (e.g. https://www.fashionsquad.com)
    Contact support
    We're working on your request. This will take just a minute...