public static void RegisterSha2OidInformationForRsa()
{
// On Windows 2003, the default ALGID -> OID mapping for the SHA2 comes back with an unknown
// ALG_ID of 0. The v2.0 CLR however expects unknown ALG_IDs to be mapped to -1, and therefore
// fails to map this unknown value to the correct SHA-256 ALG_ID. If we're on Windows 2003 and
// CLR 2.0, we'll re-register the SHA-256 OID so that the CLR can pick it up.
if (Environment.OSVersion.Platform == PlatformID.Win32NT &&
Environment.OSVersion.Version.Major == 5 &&
Environment.OSVersion.Version.Minor == 2 &&
Environment.Version.Major == 2)
{
Oid2[] sha2Oids = new Oid2[]
{
new Oid2(CapiNative.WellKnownOids.Sha256, "sha256", OidGroup.HashAlgorithm, (int)CapiNative.AlgorithmID.Sha256, CngAlgorithm.Sha256, null),
new Oid2(CapiNative.WellKnownOids.Sha384, "sha384", OidGroup.HashAlgorithm, (int)CapiNative.AlgorithmID.Sha384, CngAlgorithm.Sha384, null),
new Oid2(CapiNative.WellKnownOids.Sha512, "sha512", OidGroup.HashAlgorithm, (int)CapiNative.AlgorithmID.Sha512, CngAlgorithm.Sha512, null)
};
foreach (Oid2 sha2Oid in sha2Oids)
{
// If the OID is currently registered to an ALG_ID other than 0, we don't want to break
// that registration (or duplicate it) by overwriting our own.
Oid2 currentOid = Oid2.FindByValue(sha2Oid.Value, sha2Oid.Group, false);
if (currentOid == null || !currentOid.HasAlgorithmId || currentOid.AlgorithmId == 0)
{
// There is either no current OID registration for the algorithm, or it contains a
// CAPI algorithm mapping which will not be understood by the v2.0 CLR. Register a
// new mapping which will have the CAPI algorithm ID in it.
sha2Oid.Register(OidRegistrationOptions.InstallBeforeDefaultEntries);
}
}
}
}
public static void RegisterSha2OidInformationForRsa()
{
// On Windows 2003, the default ALGID -> OID mapping for the SHA2 comes back with an unknown
// ALG_ID of 0. The v2.0 CLR however expects unknown ALG_IDs to be mapped to -1, and therefore
// fails to map this unknown value to the correct SHA-256 ALG_ID. If we're on Windows 2003 and
// CLR 2.0, we'll re-register the SHA-256 OID so that the CLR can pick it up.
if (true || (Environment.OSVersion.Platform == PlatformID.Win32NT &&
Environment.OSVersion.Version.Major == 5 &&
Environment.OSVersion.Version.Minor == 2 &&
Environment.Version.Major == 2))
{
Oid2[] sha2Oids = new Oid2[]
{
new Oid2(CapiNative.WellKnownOids.Sha256, "sha256", OidGroup.HashAlgorithm, (int)CapiNative.AlgorithmID.Sha256, CngAlgorithm.Sha256, null),
//new Oid2(CapiNative.WellKnownOids.Sha384, "sha384", OidGroup.HashAlgorithm, (int)CapiNative.AlgorithmID.Sha384, CngAlgorithm.Sha384, null),
//new Oid2(CapiNative.WellKnownOids.Sha512, "sha512", OidGroup.HashAlgorithm, (int)CapiNative.AlgorithmID.Sha512, CngAlgorithm.Sha512, null)
};
foreach (Oid2 sha2Oid in sha2Oids)
{
// If the OID is currently registered to an ALG_ID other than 0, we don't want to break
// that registration (or duplicate it) by overwriting our own.
Oid2 currentOid = Oid2.FindByValue(sha2Oid.Value, sha2Oid.Group, false);
if (currentOid == null || !currentOid.HasAlgorithmId || currentOid.AlgorithmId == 0)
{
// There is either no current OID registration for the algorithm, or it contains a
// CAPI algorithm mapping which will not be understood by the v2.0 CLR. Register a
// new mapping which will have the CAPI algorithm ID in it.
sha2Oid.Register(OidRegistrationOptions.InstallBeforeDefaultEntries);
currentOid = Oid2.FindByValue(sha2Oid.Value, sha2Oid.Group, false);
if (currentOid == null || !currentOid.HasAlgorithmId || currentOid.AlgorithmId == 0)
{
throw new Exception("Váš systém nepodporuje SHA2 algoritmy pre podpis!");
}
}
}
}
}
