Exemple #1
0
 public void CreateInternalHandle(ref int handle, string container)
 {
     if (handle == 0)
     {
         lock (this) {
             if (handle == 0 && !m_Error)
             {
                 int flags, fs = 0, fmk = 0;
                 if (!Environment.UserInteractive && Environment.OSVersion.Platform == PlatformID.Win32NT && Environment.OSVersion.Version.Major >= 5)
                 {
                     fs  = SecurityConstants.CRYPT_SILENT;
                     fmk = SecurityConstants.CRYPT_MACHINE_KEYSET;
                 }
                 for (int i = 0; i < m_Providers.Length; i++)
                 {
                     flags = fs | fmk;
                     m_HandleProviderType = m_Providers[i];
                     if (SspiProvider.CryptAcquireContext(ref handle, container, null, m_Providers[i], flags) == 0)
                     {
                         if (Marshal.GetLastWin32Error() == SecurityConstants.NTE_BAD_KEYSET)
                         {
                             SspiProvider.CryptAcquireContext(ref handle, container, null, m_Providers[i], flags | SecurityConstants.CRYPT_NEWKEYSET);
                         }
                         else if (fmk != 0)
                         {
                             flags = fs;
                             if (SspiProvider.CryptAcquireContext(ref handle, container, null, m_Providers[i], flags) == 0)
                             {
                                 if (Marshal.GetLastWin32Error() == SecurityConstants.NTE_BAD_KEYSET)
                                 {
                                     SspiProvider.CryptAcquireContext(ref handle, container, null, m_Providers[i], flags | SecurityConstants.CRYPT_NEWKEYSET);
                                 }
                             }
                         }
                     }
                     if (handle != 0)
                     {
                         break;
                     }
                 }
                 if (handle == 0)
                 {
                     m_Error = true;
                     m_HandleProviderType = 0;
                 }
             }
             if (m_Error)
             {
                 throw new CryptographicException("Couldn't acquire crypto service provider context.");
             }
         }
     }
 }
        public bool VerifySignature(Certificate cert, byte[] signature, byte[] hash)
        {
            int provider = 0;
            int hashptr  = 0;
            int pubKey   = 0;

            try {
                if (SspiProvider.CryptAcquireContext(ref provider, IntPtr.Zero, null, SecurityConstants.PROV_RSA_FULL, 0) == 0)
                {
                    if (Marshal.GetLastWin32Error() == SecurityConstants.NTE_BAD_KEYSET)
                    {
                        SspiProvider.CryptAcquireContext(ref provider, IntPtr.Zero, null, SecurityConstants.PROV_RSA_FULL, SecurityConstants.CRYPT_NEWKEYSET);
                    }
                }
                if (provider == 0)
                {
                    throw new CryptographicException("Unable to acquire a cryptographic context.");
                }
                if (SspiProvider.CryptCreateHash(provider, SecurityConstants.CALG_SSL3_SHAMD5, 0, 0, out hashptr) == 0)
                {
                    throw new CryptographicException("Unable to create the SHA-MD5 hash.");
                }
                if (SspiProvider.CryptSetHashParam(hashptr, SecurityConstants.HP_HASHVAL, hash, 0) == 0)
                {
                    throw new CryptographicException("Unable to set the value of the SHA-MD5 hash.");
                }
                CertificateInfo      ci  = cert.GetCertificateInfo();
                CERT_PUBLIC_KEY_INFO pki = new CERT_PUBLIC_KEY_INFO(ci);
                if (SspiProvider.CryptImportPublicKeyInfo(provider, SecurityConstants.X509_ASN_ENCODING | SecurityConstants.PKCS_7_ASN_ENCODING, ref pki, out pubKey) == 0)
                {
                    throw new CryptographicException("Unable to get a handle to the public key of the specified certificate.");
                }
                byte[] sign_rev = new byte[signature.Length];
                Array.Copy(signature, 0, sign_rev, 0, signature.Length);
                Array.Reverse(sign_rev);
                return(SspiProvider.CryptVerifySignature(hashptr, sign_rev, sign_rev.Length, pubKey, IntPtr.Zero, 0) != 0);
            } finally {
                if (pubKey != 0)
                {
                    SspiProvider.CryptDestroyKey(pubKey);
                }
                if (hashptr != 0)
                {
                    SspiProvider.CryptDestroyHash(hashptr);
                }
                if (provider != 0)
                {
                    SspiProvider.CryptReleaseContext(provider, 0);
                }
            }
        }