WashJones

I'm trying to develop a simple digital code signing API that needs to run in Vista as well as in XP. CAPICOM works fine in XP, and Vista as well, but the MSDN library says that CAPICOM is no longer supported in Vista. I would rather not use an unsupported API in my code.

However, I can't seem to find an alternative API that will perform all the code signing functionality CAPICOM provides! The .NET System.Security.Cryptography classes allow me to access certificate stores, but I can't figure out how to use the signing classes in order to sign code files. It seems that the only APIs that are implemented deal with encrypted message passing only.

What alternatives to CAPICOM exist for Vista implementation, if any

PS -- it seems that Microsoft still uses CAPICOM for SignTool.exe...is this the most recent code signing tool Microsoft provides If so, then Microsoft is using CAPICOM on Vista internally, despite claiming to not support it ...



Re: Application Compatibility for Windows Vista CAPICOM not supported in Vista

Bruce N. Baker - MSFT

Using the .Net Certificate Enrollment API is recommended

http://msdn2.microsoft.com/en-us/library/aa374874.aspx






Re: Application Compatibility for Windows Vista CAPICOM not supported in Vista

WashJones

Thanks,

I've seen the Certificate Enrollment API's interfaces, but I do not understand how it can be used to digitally sign executable files. What interfaces provide this functionality

(CAPICOM has nifty features, such as "stick the DescriptionURL here" and "pass me a URL to a time stamp authority, and I'll take care of it for you". This is the sort of functionality I've been trying to find the equal to)





Re: Application Compatibility for Windows Vista CAPICOM not supported in Vista

71EFBB98-D1FE-4eff-BAC5-F94AC74

Hi there,

Just wondering if you've made any progress on this What is the approved technique for digitally signing on Vista Fingers crossed, is there a managed interface

Thanks.





Re: Application Compatibility for Windows Vista CAPICOM not supported in Vista

WashJones

I can't believe my luck...

I found -- literally 10 minutes ago -- a third-part, managed API that includes the code signing capabilities .NET inconveniently left out:

http://www.mono-project.com/Cryptography

It's not much use to me anymore...i just finished implementing my project entirely in CAPICOM, and need to go on to other projects. But perhaps it will be useful to you