locked
Signing DLL RRS feed

  • Question

  • Hi,

    I am working on an application which is divided into two parts, the desktop and the windows mobile. The desktop generates some XML files and the DLL's to be consumed by the application. These DLL's are always generated dynamically and they are not fixed. Now since my mobile application consumes these DLL's I need to know as how can I sign these dynamically generated DLL's.

    Thanx in advance

    Best regards
    Amit
    Senior Software Engineer
    Thursday, April 30, 2009 10:19 AM

Answers

  • Hi Amit, just some ideas...

    If you can provide your end-user with the certificate you want to sign the DLLs with, then you can programmatically launch signtool.exe on the PC before copying the DLL, the command being, for example: <“C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\Bin\signtool.exe” sign /f “C:\Program Files\Windows Mobile 6 SDK\Tools\Security\SDK Development Certificates\SamplePrivDeveloper.pfx” myDll.DLL> (I don't know right now where you can grab signtool.exe without having VS2008, maybe you can extract it somehow from WM6 SDK's CabSignTool (C:\Program Files\Windows Mobile 6 SDK\Tools\Security\CabSignTool  -- let us know if that a viable option).

    Or, you can also develop a Web Service (for example) which the PC app uploads the DLL to, and which returns the same DLL after having signed it: this way you don't have to distribute your certificate.


    Thanks,
    ~raffaele
    http://blogs.msdn.com/raffael

    This posting is provided 'as is' with no warranties and confers no rights.
    Tuesday, May 5, 2009 6:28 AM

All replies

  • Hi Amit, just some ideas...

    If you can provide your end-user with the certificate you want to sign the DLLs with, then you can programmatically launch signtool.exe on the PC before copying the DLL, the command being, for example: <“C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\Bin\signtool.exe” sign /f “C:\Program Files\Windows Mobile 6 SDK\Tools\Security\SDK Development Certificates\SamplePrivDeveloper.pfx” myDll.DLL> (I don't know right now where you can grab signtool.exe without having VS2008, maybe you can extract it somehow from WM6 SDK's CabSignTool (C:\Program Files\Windows Mobile 6 SDK\Tools\Security\CabSignTool  -- let us know if that a viable option).

    Or, you can also develop a Web Service (for example) which the PC app uploads the DLL to, and which returns the same DLL after having signed it: this way you don't have to distribute your certificate.


    Thanks,
    ~raffaele
    http://blogs.msdn.com/raffael

    This posting is provided 'as is' with no warranties and confers no rights.
    Tuesday, May 5, 2009 6:28 AM
  • Hi Raffaele,

    First of all I would like to thank you for giving me the reply.

    As per the first solution suggested by you, I am implementing the same thing presently by creating my own certificate. I am not using any third part certificate such as Verisign. Now I need to confirm if I sign my DLL with any third party then will they give me this "pfx" file for signing and if yes then can I distribute to end number of users? I am bit confused as I have read that for signing we need to send our application to that party with whom we want to sign it. Please guide.

    Also, I cannot use Web Service approach due to application constraints.

    Best regards
    Amit
    Senior Software Engineer
    Tuesday, May 5, 2009 10:40 AM
  • So the issue seems more administrative rather than technical.. I would suggest to touch base with arp@microsoft.com, as reported by http://msdn.microsoft.com/en-us/windowsmobile/dd569132.aspx. "Support - For all application testing and signing questions, contact arp@microsoft.com."
    Thanks,
    ~raffaele
    http://blogs.msdn.com/raffael

    This posting is provided 'as is' with no warranties and confers no rights.
    Tuesday, May 5, 2009 1:28 PM