[The Sign method is available for use in the operating systems specified in the Requirements section. Instead, use Platform Invocation Services (PInvoke) to call the Win32 API SignerSignEx, SignerTimeStampEx, and WinVerifyTrust functions to sign content with an Authenticode digital signature. For information about PInvoke, see Platform Invoke Tutorial. The .NET and CryptoAPI via P/Invoke: Part 1 and .NET and CryptoAPI via P/Invoke: Part 2 subsections of Extending .NET Cryptography with CAPICOM and P/Invoke may also be helpful.]
The Sign method creates an Authenticode digital signature and signs the executable file specified in the SignedCode.FileName property.
- Signer [in, optional]
A Signer object that has access to the private key of the certificate used to sign the code. The default value is Null.
This method does not return a value.
Before the Sign method is called, the file that contains the code must be specified in the FileName property.
If the executable file is already signed, this method overwrites the existing signature.
The following results apply to the Signer parameter value:
- If the Signer parameter is not NULL, this method uses the private key pointed to by the associated certificate to encrypt the signature. If the private key pointed to by the certificate is not available, the method fails.
- If the Signer parameter is NULL and there is exactly one certificate in the CURRENT_USER MY store that has access to a private key with code signing capability, that certificate is used to create the signature.
- If the Signer parameter is NULL, the Settings.EnablePromptForCertificateUI property value is true, and there is more than one certificate in the CURRENT_USER MY store with an available private key with code signing capability, a dialog box appears that allows the user to select which certificate is used.
- If the Signer parameter is NULL and the Settings.EnablePromptForCertificateUI property is false, the method fails.
- If the Signer parameter is NULL and there are no certificates in the CURRENT_USER MY store with an available private key with code signing capability, the method fails.
This method uses the SHA-1 hashing algorithm.
CAPICOM 2.0 or later on Windows Server 2003 and Windows XP