SignerSignEx2 fails with 0xC0000225 for SHA256 signatures (HSM access from within Docker container)

0

We're running an application within a Windows Docker container. This application calls SignerSignEx2 to add an Authenticode signature to a file. If we use SHA1 as the hashing algorithm everything works just fine, however, if we use SHA256 it fails with 0xC0000225. If we execute the very same application outside of the container it works with SHA256 as well.

It also works if we use the Microsoft Enhanced RSA and AES Cryptographic Provider CSP, so it is a problem of the Luna enhanced RSA and AES provider for Microsoft Windows CSP we're trying to use for our HSM (Hardware Security Module).

Note: it isn't an implementation problem, we run into the same problem when using signtool.exe within the container.

docker
cryptography
hsm
authenticode
safenet
asked on Stack Overflow Jun 12, 2020 by D.R. • edited Jun 12, 2020 by D.R.

0 Answers

Nobody has answered this question yet.


User contributions licensed under CC BY-SA 3.0