Code-signing .NET assemblies before starting a download to a client's web browser_问答_开发者

Code-signing .NET assemblies before starting a download to a client's web browser

开发者 https://www.devze.com 2023-01-25 03:34 出处：网络

I\'m using signtool.exe to digitally sign auto-generated downloadable content from C# calling the command line and then stream the file to the client browser. The problem is that while t开发者_开发技巧

I'm using signtool.exe to digitally sign auto-generated downloadable content from C# calling the command line and then stream the file to the client browser. The problem is that while t开发者_开发技巧he signature seems ok on the web, the downloaded file seems to be lacking a segment of it. If you right click on the generated file on the server, you see a perfectly good signature and if you view the certificate, it says that "this digital signature is OK".

The downloaded file looks different. While it's 15 bytes smaller, it's not corrupted but while the issue name is intact, it says that This digital signature is not valid.

Is something happening during transit? I'm using this code to sign the content:

Response.Clear();

Response.ContentType = "application/exe";

Response.AddHeader("content-disposition", "filename=" + filename);

Response.AddHeader("Content-Length", fi.Length.ToString());

Response.TransmitFile(filePath);

Thanks in advance,

Frank.

Is the response sent to the client in the headers the correct length or the wrong (short) one? Use Fiddler or Firebug to check.

If it's correct, but the client isn't receiving the data, try a Reponse.Flush() after the TransmitFile. I think that's probably just superstition, but a lot of people seem to do it.

Try to refresh your FileInfo fi before reading the length for the Content-Length header, it may be caching the old length prior to the signing or so.