Geek Answers Handbook

Automatic password entry in the file Sn.exe

I need to create a post build event to do the following:

sn -i MyKey.pfx MyKeyContainerName tlbimp $(ConfigurationName)\MyCom.tlb /out:$(ConfigurationName)\NETMyCom.dll /keycontainer:MyKeyContainerName sn -d MyKeyContainerName

When Visual Studio executes the 1st statement, it requires a password and waits until the user specifies it and works.

Microsoft (R) .NET Framework Strong Name Utility Version 2.0.50727.42 Copyright (c) Microsoft Corporation. All rights reserved.

Enter the password for the PKCS # 12 file key: Failed to parse PKCS # 12 blob in mykey.pfx - The handle is invalid.

I tried to specify the password using sn command line arguments, but I could not figure out how to do this.

Please, help.

Regards, Hilmi.

+7
c # signing
source share
5 answers

if I like, you are not using TFS or MSBUILD to build, then there are at least two other ways:

a) run sn.exe from the script and write the password for stdin

see here for an example of C #:

Note: with sn.exe.NET4 it seems impossible to execute it as an external process (at least in Windows XP) and write a password for stdin (I tried with python + with C # and sn.exe seems to just exit, not waiting for the password to be entered).

b) use sn.exe to re-sign the password using pfx already installed.

If you have already installed the pfx file, you can find out the name of the container (usually Visual Studio uses the name VS_KEY_ABAB1234ABAB1234)

If, like me, you don’t know or don’t remember the name of the container, just reinstall the pfx file:

 sn -i myPfxFile VS_KEY_ABAB1234ABAB1234

sn.exe will prompt you to enter a password because it installs the certificate in the pfx file.

You can then make sn.exe a re-subscription of your assembly without any password hints:

 sn -Rca myAssembly.dll myVSkey

The above can be used in the build script, since interaction is not required :-)

NB do not forget to check if the signature really works:

 sn -v myAssembly.dll
+3
source share

I had this problem today, with the C ++ DLL that I use in a ClickOnce C # application.

I set the delay signing in the DLL and then used the post-build event to fire the SN as follows:

 ECHO <your-password-here> | sn.exe -R $(OutDir)$(TargetFileName) $(MSBuildProjectDirectory)<path-to-pfx-file>

Gotta love the old school methods. ECHO <your-password-here> prints your password, pipes | that are displayed along with SN.exe, which takes the password.

You probably won't need to sign the delay and the -R switch like me, but you get the point.

EDIT: THIS IS PROBABLY NO GREAT WORK - my answer has been from 2013, and then I used VS2010.

+2
source share

I have been studying this for almost two days now. I tried old versions of sn.exe (ascending as far as 2.0!), But I could not get echo PASSWORD | trick to work.

At the end, I did the following:

 [void] [System.Reflection.Assembly]::LoadWithPartialName("'System.Windows.Forms") Start-Process "C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\Bin\sn.exe " -ArgumentList "-i `"Certificate.pfx`" VS_KEY_XXXXXXX" -NoNewWindow -Wait [System.Windows.Forms.SendKeys]::SendWait("PASSWORDHERE~")
  • SendWait() sends keys to the currently activated window. Since we start sn.exe using the Start-Process with the -NoNewWindow modifier, our window is already focused.
  • ~ is a special character representing the ENTER button. {ENTER} also possible, but for the Enter button next to the numpad keyboard. It probably doesn't matter, but I just wanted to be sure.

Source I used: https://technet.microsoft.com/en-us/library/ff731008.aspx

I don't need Visual Basic AppActivate() after all because of -NoNewWindow .

Update: Works even better with the -Wait argument!

+2
source share

I need this to automate and find this question. After this answer (thank you very much @Thomas Rijsewijk) I wrote my version:

 # Start the sn.exe process Start-Process $SnExePath -ArgumentList "-i $PfxCertificatePath $LocalContainerName" -NoNewWindow # Wait for the process to start Start-Sleep 2 # This workaround allows to forward the password to the standard input [void] [System.Reflection.Assembly]::LoadWithPartialName("'System.Windows.Forms") [System.Windows.Forms.SendKeys]::SendWait("$($PfxCertificatePassword){ENTER}") Start-Sleep 2 # This ENTER is to return from the sn.exe process [System.Windows.Forms.SendKeys]::SendWait("{ENTER}")

Using the -Wait switch of the Start-process command did not solve the problem, because the PS script was waiting for the sn.exe process to complete before sending the password to it.

0
source share

After much research, I can run sn.ex for various automated environments, such as devure for Azure. My code is here:

 Start-Process cmd.exe Sleep 3 $WshShell = New-Object -ComObject WScript.Shell Sleep 3 $WshShell.sendkeys(".\sn.exe -i $PfxCertificatePath VS_KEY_10D1C85C6387479B{Enter}"); #$WshShell = New-Object -com wscript.shell; Sleep 3; $WshShell.sendkeys("**password**{Enter}"); Sleep 3; $WshShell.sendkeys("{Enter}");
0
source share

More articles:


All Articles