protected byte[] GetDistinguishedName(Certificate c) {
CertificateInfo info = c.GetCertificateInfo();
byte[] ret = new byte[info.SubjectcbData];
Marshal.Copy(info.SubjectpbData, ret, 0, ret.Length);
return ret;
}
public bool VerifySignature(Certificate cert, byte[] signature, byte[] hash) {
int provider = 0;
int hashptr = 0;
int pubKey = 0;
try {
if (SspiProvider.CryptAcquireContext(ref provider, IntPtr.Zero, null, SecurityConstants.PROV_RSA_FULL, 0) == 0) {
if (Marshal.GetLastWin32Error() == SecurityConstants.NTE_BAD_KEYSET)
SspiProvider.CryptAcquireContext(ref provider, IntPtr.Zero, null, SecurityConstants.PROV_RSA_FULL, SecurityConstants.CRYPT_NEWKEYSET);
}
if (provider == 0)
throw new CryptographicException("Unable to acquire a cryptographic context.");
if (SspiProvider.CryptCreateHash(provider, SecurityConstants.CALG_SSL3_SHAMD5, 0, 0, out hashptr) == 0)
throw new CryptographicException("Unable to create the SHA-MD5 hash.");
if (SspiProvider.CryptSetHashParam(hashptr, SecurityConstants.HP_HASHVAL, hash, 0) == 0)
throw new CryptographicException("Unable to set the value of the SHA-MD5 hash.");
CertificateInfo ci = cert.GetCertificateInfo();
CERT_PUBLIC_KEY_INFO pki = new CERT_PUBLIC_KEY_INFO(ci);
if (SspiProvider.CryptImportPublicKeyInfo(provider, SecurityConstants.X509_ASN_ENCODING | SecurityConstants.PKCS_7_ASN_ENCODING, ref pki, out pubKey) == 0)
throw new CryptographicException("Unable to get a handle to the public key of the specified certificate.");
byte[] sign_rev = new byte[signature.Length];
Array.Copy(signature, 0, sign_rev, 0, signature.Length);
Array.Reverse(sign_rev);
return SspiProvider.CryptVerifySignature(hashptr, sign_rev, sign_rev.Length, pubKey, IntPtr.Zero, 0) != 0;
} finally {
if (pubKey != 0)
SspiProvider.CryptDestroyKey(pubKey);
if (hashptr != 0)
SspiProvider.CryptDestroyHash(hashptr);
if (provider != 0)
SspiProvider.CryptReleaseContext(provider, 0);
}
}