Beispiel #1
0
        internal static Signature SignFile(
            SigningOption option,
            string fileName,
            X509Certificate2 certificate,
            string timeStampServerUrl,
            string hashAlgorithm)
        {
            using (SignatureHelper.tracer.TraceMethod("file: {0}, cert: {1}", (object)SignatureHelper.GetStringValue(fileName), (object)SignatureHelper.GetCertName(certificate)))
            {
                Signature signature      = (Signature)null;
                IntPtr    num            = IntPtr.Zero;
                uint      error          = 0;
                string    hashAlgorithm1 = (string)null;
                Utils.CheckArgForNullOrEmpty(SignatureHelper.tracer, fileName, nameof(fileName));
                Utils.CheckArgForNull(SignatureHelper.tracer, (object)certificate, nameof(certificate));
                if (!string.IsNullOrEmpty(timeStampServerUrl) && (timeStampServerUrl.Length <= 7 || timeStampServerUrl.IndexOf("http://", StringComparison.OrdinalIgnoreCase) != 0))
                {
                    throw SignatureHelper.tracer.NewArgumentException(nameof(certificate), "Authenticode", "TimeStampUrlRequired");
                }
                if (!string.IsNullOrEmpty(hashAlgorithm))
                {
                    IntPtr oidInfo = System.Management.Automation.Security.NativeMethods.CryptFindOIDInfo(2U, hashAlgorithm, 0U);
                    hashAlgorithm1 = !(oidInfo == IntPtr.Zero) ? ((System.Management.Automation.Security.NativeMethods.CRYPT_OID_INFO)Marshal.PtrToStructure(oidInfo, typeof(System.Management.Automation.Security.NativeMethods.CRYPT_OID_INFO))).pszOID : throw SignatureHelper.tracer.NewArgumentException(nameof(certificate), "Authenticode", "InvalidHashAlgorithm");
                }
                if (!SecuritySupport.CertIsGoodForSigning(certificate))
                {
                    throw SignatureHelper.tracer.NewArgumentException(nameof(certificate), "Authenticode", "CertNotGoodForSigning");
                }
                SecuritySupport.CheckIfFileExists(fileName);
                try
                {
                    string timeStampServerUrl1 = "";
                    if (!string.IsNullOrEmpty(timeStampServerUrl))
                    {
                        timeStampServerUrl1 = timeStampServerUrl;
                    }
                    System.Management.Automation.Security.NativeMethods.CRYPTUI_WIZ_DIGITAL_SIGN_INFO wizDigitalSignInfo = System.Management.Automation.Security.NativeMethods.InitSignInfoStruct(fileName, certificate, timeStampServerUrl1, hashAlgorithm1, option);
                    num = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)wizDigitalSignInfo));
                    Marshal.StructureToPtr((object)wizDigitalSignInfo, num, false);
                    bool flag = System.Management.Automation.Security.NativeMethods.CryptUIWizDigitalSign(1U, IntPtr.Zero, IntPtr.Zero, num, IntPtr.Zero);
                    Marshal.DestroyStructure(wizDigitalSignInfo.pSignExtInfo, typeof(System.Management.Automation.Security.NativeMethods.CRYPTUI_WIZ_DIGITAL_SIGN_EXTENDED_INFO));
                    Marshal.FreeCoTaskMem(wizDigitalSignInfo.pSignExtInfo);
                    if (!flag)
                    {
                        error = SignatureHelper.GetLastWin32Error();
                        switch (error)
                        {
                        case 2147500037:
                        case 2147942401:
                            flag = true;
                            break;

                        case 2148073480:
                            throw SignatureHelper.tracer.NewArgumentException(nameof(certificate), "Authenticode", "InvalidHashAlgorithm");

                        default:
                            SignatureHelper.tracer.TraceError("CryptUIWizDigitalSign: failed: {0:x}", (object)error);
                            break;
                        }
                    }
                    signature = !flag ? new Signature(fileName, error) : (string.IsNullOrEmpty(timeStampServerUrl) ? new Signature(fileName, certificate) : SignatureHelper.GetSignature(fileName, (string)null));
                }
                finally
                {
                    Marshal.DestroyStructure(num, typeof(System.Management.Automation.Security.NativeMethods.CRYPTUI_WIZ_DIGITAL_SIGN_INFO));
                    Marshal.FreeCoTaskMem(num);
                }
                return(signature);
            }
        }