private SignatureVerificationResult VerifyAuthenticodePublisher(X509Certificate2 publisherCertificate)
{
Debug.Assert(publisherCertificate != null, "publisherCertificate != null");
// Get the expected name and key hash
XmlElement publisherIdentity = m_manifestXml.SelectSingleNode("//asm:assembly/asmv2:publisherIdentity",
m_namespaceManager) as XmlElement;
if (publisherIdentity == null)
{
return(SignatureVerificationResult.BadSignatureFormat);
}
string publisherName = publisherIdentity.GetAttribute("name");
string publisherIssuerKeyHash = publisherIdentity.GetAttribute("issuerKeyHash");
if (String.IsNullOrEmpty(publisherName) || String.IsNullOrEmpty(publisherIssuerKeyHash))
{
return(SignatureVerificationResult.BadSignatureFormat);
}
// Get the actual key hash
SafeAxlBufferHandle issuerKeyBuffer = null;
int hrHash = X509Native.UnsafeNativeMethods._AxlGetIssuerPublicKeyHash(publisherCertificate.Handle,
out issuerKeyBuffer);
if (hrHash != (int)SignatureVerificationResult.Valid)
{
return((SignatureVerificationResult)hrHash);
}
string actualKeyHash = null;
bool acquired = false;
RuntimeHelpers.PrepareConstrainedRegions();
try {
issuerKeyBuffer.DangerousAddRef(ref acquired);
actualKeyHash = Marshal.PtrToStringUni(issuerKeyBuffer.DangerousGetHandle());
}
finally {
if (acquired)
{
issuerKeyBuffer.DangerousRelease();
}
}
if (String.Compare(publisherName, publisherCertificate.SubjectName.Name, StringComparison.Ordinal) != 0 ||
String.Compare(publisherIssuerKeyHash, actualKeyHash, StringComparison.Ordinal) != 0)
{
return(SignatureVerificationResult.PublisherMismatch);
}
return(SignatureVerificationResult.Valid);
}
private SignatureVerificationResult VerifyAuthenticodePublisher(X509Certificate2 publisherCertificate)
{
XmlElement element = this.m_manifestXml.SelectSingleNode("//asm:assembly/asmv2:publisherIdentity", this.m_namespaceManager) as XmlElement;
if (element == null)
{
return(SignatureVerificationResult.BadSignatureFormat);
}
string attribute = element.GetAttribute("name");
string str2 = element.GetAttribute("issuerKeyHash");
if (string.IsNullOrEmpty(attribute) || string.IsNullOrEmpty(str2))
{
return(SignatureVerificationResult.BadSignatureFormat);
}
SafeAxlBufferHandle ppwszPublicKeyHash = null;
int num = X509Native.UnsafeNativeMethods._AxlGetIssuerPublicKeyHash(publisherCertificate.Handle, out ppwszPublicKeyHash);
if (num != 0)
{
return((SignatureVerificationResult)num);
}
string strB = null;
bool success = false;
RuntimeHelpers.PrepareConstrainedRegions();
try
{
ppwszPublicKeyHash.DangerousAddRef(ref success);
strB = Marshal.PtrToStringUni(ppwszPublicKeyHash.DangerousGetHandle());
}
finally
{
if (success)
{
ppwszPublicKeyHash.DangerousRelease();
}
}
if ((string.Compare(attribute, publisherCertificate.SubjectName.Name, StringComparison.Ordinal) == 0) && (string.Compare(str2, strB, StringComparison.Ordinal) == 0))
{
return(SignatureVerificationResult.Valid);
}
return(SignatureVerificationResult.PublisherMismatch);
}
public static extern int _AxlPublicKeyBlobToPublicKeyToken(ref CRYPTOAPI_BLOB pCspPublicKeyBlob,
[Out] out SafeAxlBufferHandle ppwszPublicKeyToken);
public static extern int _AxlGetIssuerPublicKeyHash(IntPtr pCertContext,
[Out] out SafeAxlBufferHandle ppwszPublicKeyHash);
