CODEWITHSUNDEEP
c#
user3368242
user3368242

Reputation: 11

SNK getting Unknown error (8013141e)

I keep getting this error when trying to use an SNK file that I generated and I am using it in Visual Studio 2013 to sign my assemblies:

CSC : error CS1548: Cryptographic failure while signing assembly 'd:\temp\MyDell.dll' -- 'Error signing assembly -- Unknown error (8013141e)'

I have used signtool with my PFX and password everything works fine with it, and it signs the assemblies. So the PFX seems to be good.

I am using this code, which I have used before to generate my SNK, and it has always worked:

       X509Certificate2 cert = new X509Certificate2(@"c:\temp\FILENAME.pfx", "PASSWORD", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet);
        RSACryptoServiceProvider provider = (RSACryptoServiceProvider) cert.PrivateKey;

        byte[] array = provider.ExportCspBlob(!provider.PublicOnly);

        using (FileStream fs = new FileStream(@"c:\temp\FILENAME.snk", FileMode.Create, FileAccess.Write))
        {
            fs.Write(array, 0, array.Length);
        }

Does anybody know why I would getting this error? Is there a better way to generate the SNK file?

Thanks

Upvotes: 1

Views: 1521

Answers (2)

Steven Lovelock
Steven Lovelock

Reputation: 41

We had the same issue at the company where I work. The issue arises with an incorrectly generated PFX file. It is important to remember the -keysig argument in generating the PFX.

openssl pkcs12 -export -inkey private.key -in public.crt -out FILENAME.pfx -keysig

Otherwise by default it seems to use the -keyex argument which is for SSL/Exchange authentication.

You can check this in code at creation time by checking the KeyExchangeAlgorithm of the private key. In my case it was RSA-PKCS1-KeyEx when the error occurred, but null when it was working.

X509Certificate2 cert = new X509Certificate2(@"c:\temp\FILENAME.pfx", "PASSWORD", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet);
RSACryptoServiceProvider provider = (RSACryptoServiceProvider)cert.PrivateKey;
if (provider.KeyExchangeAlgorithm != null)
    throw new Exception("Supplied file has not been generated for signing using the -keysig argument with openssl");
byte[] array = provider.ExportCspBlob(!provider.PublicOnly);

using (FileStream fs = new FileStream(@"c:\temp\FILENAME.snk", FileMode.Create, FileAccess.Write)) {
    fs.Write(array, 0, array.Length);
}

Upvotes: 4

Patrick Hofman
Patrick Hofman

Reputation: 156978

Visual Studio comes with a dialog for creating snk files.

Take a look here.

To access this dialog box, select a project node in Solution Explorer, then on the Project menu, click Properties. When the Project Designer appears, click the Signing tab. On the Signing page, select Sign the assembly, then select from the Choose a strong name key file drop-down list.

Upvotes: 0

Related Questions