/*****************************************************************************/ static void CAPIDecryptFile(string szSource, string szDestination, string szPassword) { SafeHCRYPTKEY hKey = default; int dwCount; // Open source file. // Open destination file. using (FileStream hSource = File.OpenRead(szSource), hDestination = File.Create(szDestination)) { // Get handle to the CSP. In order to be used with different OSs // with different default provides, the CSP is explicitly set. // If the Microsoft Enhanced Provider is not installed, set parameter // three to MS_DEF_PROV if (!CryptAcquireContext(out var hProv, default, "Microsoft Enhanced Cryptographic Provider v1.0", CryptProviderType.PROV_RSA_FULL, 0))
private static void Main(string[] args) { SafeHCRYPTPROV hProv = null; SafeHCRYPTKEY hPubKey = null; string szCertificateName = default; string szStoreName = default; string szContainerName = default; var dwOpenFlags = CertStoreFlags.CERT_SYSTEM_STORE_CURRENT_USER; CryptAcquireContextFlags dwAcquireFlags = 0; var dwKeySpec = CertKeySpec.AT_SIGNATURE; ALG_ID AlgId; if (args.Length != 8) { PrintUsage(); return; } try { // Determine hash algorithm if (StringComparer.InvariantCultureIgnoreCase.Compare(args[0], "sha1") == 0) { AlgId = ALG_ID.CALG_SHA1; } else if (StringComparer.InvariantCultureIgnoreCase.Compare(args[0], "md5") == 0) { AlgId = ALG_ID.CALG_MD5; } else { PrintUsage(); return; } bool fSign; if (StringComparer.InvariantCultureIgnoreCase.Compare(args[1], "/s") == 0) { fSign = true; } else if (StringComparer.InvariantCultureIgnoreCase.Compare(args[1], "/v") == 0) { fSign = false; } else { PrintUsage(); return; } var szFileToSign = args[2]; var szSigFile = args[3]; bool fUseCert; // check to see if user wants to use a certificate if (StringComparer.InvariantCultureIgnoreCase.Compare(args[4], "/cert") == 0) { fUseCert = true; szCertificateName = args[5]; szStoreName = args[6]; // Determine if we have to use user or machine store if (StringComparer.InvariantCultureIgnoreCase.Compare(args[7], "u") == 0) { dwOpenFlags = CertStoreFlags.CERT_SYSTEM_STORE_CURRENT_USER; } else if (StringComparer.InvariantCultureIgnoreCase.Compare(args[7], "m") == 0) { dwOpenFlags = CertStoreFlags.CERT_SYSTEM_STORE_LOCAL_MACHINE; } else { PrintUsage(); return; } } else if (StringComparer.InvariantCultureIgnoreCase.Compare(args[4], "/key") == 0) { fUseCert = false; szContainerName = args[5]; if (StringComparer.InvariantCultureIgnoreCase.Compare(args[6], "u") == 0) { dwAcquireFlags = 0; } else if (StringComparer.InvariantCultureIgnoreCase.Compare(args[6], "m") == 0) { dwAcquireFlags = CryptAcquireContextFlags.CRYPT_MACHINE_KEYSET; } else { PrintUsage(); return; } // Use exchange key or signature key if (StringComparer.InvariantCultureIgnoreCase.Compare(args[7], "x") == 0) { dwKeySpec = CertKeySpec.AT_KEYEXCHANGE; } else if (StringComparer.InvariantCultureIgnoreCase.Compare(args[7], "s") == 0) { dwKeySpec = CertKeySpec.AT_SIGNATURE; } else { PrintUsage(); return; } } else { PrintUsage(); return; } bool fResult; if (fUseCert) { using var pCertContext = GetCertificateContextFromName(szCertificateName, szStoreName, dwOpenFlags); if (pCertContext.IsInvalid) { throw new Exception(); } fResult = GetRSAKeyFromCert(pCertContext, fSign, out hProv, out hPubKey, out dwKeySpec, out _); if (!fResult) { throw new Exception(); } } else { fResult = GetRSAKeyFromContainer(szContainerName, dwAcquireFlags, dwKeySpec, out hProv, out hPubKey); if (!fResult) { throw new Exception(); } } fResult = SignVerifyFile(hProv, hPubKey, dwKeySpec, AlgId, szFileToSign, szSigFile, fSign); if (!fResult) { throw new Exception(); } if (fSign) { MyPrintf(("File %s hashed and signed successfully!\n"), szFileToSign); } else { MyPrintf(("File %s verified successfully!\n"), szSigFile); } } finally { // Clean up } }