public void Dispose()
        {
            if (_signContext != IntPtr.Zero)
            {
                if ((!CryptUi.CryptUIWizFreeDigitalSignContext(_signContext)))
                {
                    //throw new Win32Exception(Marshal.GetLastWin32Error(), "CryptUIWizFreeDigitalSignContext");
                }
            }

            Marshal.FreeCoTaskMem(_digitalSignInfo);
        }
Exemple #2
0
        private static void SignFileImpl(string filename, X509Certificate2 certificate, string timeStampUrl)
        {
            // Variables
            //
            var digitalSignInfo = default(DigitalSignInfo);
            // var signContext = default(DigitalSignContext);

            var pSignContext = IntPtr.Zero;

            // Prepare signing info: exe and cert
            //
            digitalSignInfo                     = new DigitalSignInfo();
            digitalSignInfo.dwSize              = Marshal.SizeOf(digitalSignInfo);
            digitalSignInfo.dwSubjectChoice     = DigitalSignSubjectChoice.File;
            digitalSignInfo.pwszFileName        = filename;
            digitalSignInfo.dwSigningCertChoice = DigitalSigningCertificateChoice.Certificate;
            digitalSignInfo.pSigningCertContext = certificate.Handle;
            digitalSignInfo.pwszTimestampURL    = timeStampUrl; // it's sometimes dying when we give it a timestamp url....

            digitalSignInfo.dwAdditionalCertChoice = DigitalSignAdditionalCertificateChoice.AddChainNoRoot;
            digitalSignInfo.pSignExtInfo           = IntPtr.Zero;

            var digitalSignExtendedInfo = new DigitalSignExtendedInfo("description", "http://moerinfo");
            var ptr = Marshal.AllocCoTaskMem(Marshal.SizeOf(digitalSignExtendedInfo));

            Marshal.StructureToPtr(digitalSignExtendedInfo, ptr, false);
            // digitalSignInfo.pSignExtInfo = ptr;

            // Sign exe
            //
            if ((!CryptUi.CryptUIWizDigitalSign(DigitalSignFlags.NoUI, IntPtr.Zero, null, ref digitalSignInfo, ref pSignContext)))
            {
                var rc = (uint)Marshal.GetLastWin32Error();
                if (rc == 0x8007000d)
                {
                    // this is caused when the timestamp server fails; which seems intermittent for any timestamp service.
                    throw new FailedTimestampException(filename, timeStampUrl);
                }
                throw new DigitalSignFailure(filename, rc);
            }

            // Free blob
            //
            if ((!CryptUi.CryptUIWizFreeDigitalSignContext(pSignContext)))
            {
                throw new Win32Exception(Marshal.GetLastWin32Error(), "CryptUIWizFreeDigitalSignContext");
            }

            // Free additional Info
            Marshal.FreeCoTaskMem(ptr);
        }
Exemple #3
0
        public static void SignFileFromDisk(FileInfo filePath)
        {
            X509Certificate2 signingCertificate = GetCodeSigningCertificate();

            if (signingCertificate == null)
            {
                throw new SecurityException("No signing certificate found");
            }

            const DigitalSignFlags flags = DigitalSignFlags.NoUI;
            DigitalSignInfo        dsi   = new DigitalSignInfo();
            IntPtr certificateHandle     = signingCertificate.Handle;

            try
            {
                dsi.pwszFileName           = filePath.FullName;
                dsi.dwSigningCertChoice    = DigitalSigningCertificateChoice.Certificate;
                dsi.dwAdditionalCertChoice = DigitalSignAdditionalCertificateChoice.AddChainNoRoot;
                dsi.dwSubjectChoice        = DigitalSignSubjectChoice.File;
                dsi.pwszTimestampURL       = null;
                dsi.pSignExtInfo           = IntPtr.Zero;
                dsi.pSigningCertContext    = certificateHandle;
                dsi.dwSize = Marshal.SizeOf(dsi);
                bool result = CryptUi.CryptUIWizDigitalSign(flags, IntPtr.Zero, "", ref dsi, ref dsi.pSigningCertContext);

                if (!result)
                {
                    throw new Win32Exception(Marshal.GetLastWin32Error());
                }
            }

            finally
            {
                //CryptUi.CryptUIWizFreeDigitalSignContext(dsi.pSigningCertContext);
                //- currently throws, from my reading of http://msdn.microsoft.com/en-us/library/windows/desktop/aa380292%28v=vs.85%29.aspx
                //I'm not doing any damage by not freeing it.
            }
        }
        public void Sign(string fileName, string timeStampUrl)
        {
            _signContext = IntPtr.Zero;

            // Prepare signing info: exe and cert
            //
            var digitalSignInfo = new DigitalSignInfo();

            digitalSignInfo.dwSize              = Marshal.SizeOf(digitalSignInfo);
            digitalSignInfo.dwSubjectChoice     = DigitalSignSubjectChoice.File;
            digitalSignInfo.pwszFileName        = fileName;
            digitalSignInfo.dwSigningCertChoice = DigitalSigningCertificateChoice.Certificate;
            digitalSignInfo.pSigningCertContext = _cert.Handle;
            digitalSignInfo.pwszTimestampURL    = timeStampUrl;

            digitalSignInfo.dwAdditionalCertChoice = DigitalSignAdditionalCertificateChoice.AddChainNoRoot;
            digitalSignInfo.pSignExtInfo           = IntPtr.Zero;

            //   var digitalSignExtendedInfo = new DigitalSignExtendedInfo("description", "http://moerinfo");
            // var ptr = Marshal.AllocCoTaskMem(Marshal.SizeOf((object) digitalSignExtendedInfo));
            //Marshal.StructureToPtr(digitalSignExtendedInfo, ptr, false);
            // digitalSignInfo.pSignExtInfo = ptr;

            // Sign exe
            //

            if ((!CryptUi.CryptUIWizDigitalSign(DigitalSignFlags.NoUI, IntPtr.Zero, null, ref digitalSignInfo, ref _signContext)))
            {
                var rc = (uint)Marshal.GetLastWin32Error();
                if (rc == 0x8007000d)
                {
                    // this is caused when the timestamp server fails; which seems intermittent for any timestamp service.
                    // throw new FailedTimestampException(fileName, timeStampUrl);
                }
                //  throw new DigitalSignFailure(fileName, rc);
            }
        }