private static unsafe int VerifyCertificate(X509Certificate2 certificate, X509Certificate2Collection extraStore)
{
int num;
int num2 = System.Security.Cryptography.X509Certificates.X509Utils.VerifyCertificate(System.Security.Cryptography.X509Certificates.X509Utils.GetCertContext(certificate), null, null, X509RevocationMode.Online, X509RevocationFlag.ExcludeRoot, DateTime.Now, new TimeSpan(0, 0, 0), extraStore, new IntPtr(1L), new IntPtr((void *)&num));
if (num2 != 0)
{
return(num);
}
X509ExtensionEnumerator enumerator = certificate.Extensions.GetEnumerator();
while (enumerator.MoveNext())
{
X509Extension current = enumerator.Current;
if (string.Compare(current.Oid.Value, "2.5.29.15", StringComparison.OrdinalIgnoreCase) == 0)
{
X509KeyUsageExtension extension2 = new X509KeyUsageExtension();
extension2.CopyFrom(current);
if (((extension2.KeyUsages & X509KeyUsageFlags.DigitalSignature) == X509KeyUsageFlags.None) && ((extension2.KeyUsages & X509KeyUsageFlags.NonRepudiation) == X509KeyUsageFlags.None))
{
return(-2146762480);
}
}
}
return(num2);
}
private static X509BasicConstraintsExtension GetBasicConstraints(X509Certificate2 certificate)
{
X509ExtensionEnumerator enumerator = certificate.Extensions.GetEnumerator();
while (enumerator.MoveNext())
{
X509Extension current = enumerator.Current;
if (current.Oid.FriendlyName == "Basic Constraints")
{
return(current as X509BasicConstraintsExtension);
}
}
return(null);
}
internal static CmsRecipientCollection SelectRecipients(SubjectIdentifierType recipientIdentifierType)
{
X509Store store = new X509Store("AddressBook");
store.Open(OpenFlags.OpenExistingOnly);
X509Certificate2Collection certificates = new X509Certificate2Collection(store.Certificates);
X509Certificate2Enumerator enumerator = store.Certificates.GetEnumerator();
while (enumerator.MoveNext())
{
X509Certificate2 current = enumerator.Current;
if ((current.NotBefore <= DateTime.Now) && (current.NotAfter >= DateTime.Now))
{
bool flag = true;
X509ExtensionEnumerator enumerator2 = current.Extensions.GetEnumerator();
while (enumerator2.MoveNext())
{
X509Extension asnEncodedData = enumerator2.Current;
if (string.Compare(asnEncodedData.Oid.Value, "2.5.29.15", StringComparison.OrdinalIgnoreCase) == 0)
{
X509KeyUsageExtension extension2 = new X509KeyUsageExtension();
extension2.CopyFrom(asnEncodedData);
if (((extension2.KeyUsages & X509KeyUsageFlags.KeyEncipherment) == X509KeyUsageFlags.None) && ((extension2.KeyUsages & X509KeyUsageFlags.KeyAgreement) == X509KeyUsageFlags.None))
{
flag = false;
}
break;
}
}
if (flag)
{
certificates.Add(current);
}
}
}
if (certificates.Count < 1)
{
throw new CryptographicException(-2146889717);
}
X509Certificate2Collection certificates2 = X509Certificate2UI.SelectFromCollection(certificates, null, null, X509SelectionFlag.MultiSelection);
if (certificates2.Count < 1)
{
throw new CryptographicException(0x4c7);
}
return(new CmsRecipientCollection(recipientIdentifierType, certificates2));
}
internal static X509Certificate2 SelectSignerCertificate()
{
X509Store store = new X509Store();
store.Open(OpenFlags.IncludeArchived | OpenFlags.OpenExistingOnly);
X509Certificate2Collection certificates = new X509Certificate2Collection();
X509Certificate2Enumerator enumerator = store.Certificates.GetEnumerator();
while (enumerator.MoveNext())
{
X509Certificate2 current = enumerator.Current;
if ((current.HasPrivateKey && (current.NotBefore <= DateTime.Now)) && (current.NotAfter >= DateTime.Now))
{
bool flag = true;
X509ExtensionEnumerator enumerator2 = current.Extensions.GetEnumerator();
while (enumerator2.MoveNext())
{
X509Extension asnEncodedData = enumerator2.Current;
if (string.Compare(asnEncodedData.Oid.Value, "2.5.29.15", StringComparison.OrdinalIgnoreCase) == 0)
{
X509KeyUsageExtension extension2 = new X509KeyUsageExtension();
extension2.CopyFrom(asnEncodedData);
if (((extension2.KeyUsages & X509KeyUsageFlags.DigitalSignature) == X509KeyUsageFlags.None) && ((extension2.KeyUsages & X509KeyUsageFlags.NonRepudiation) == X509KeyUsageFlags.None))
{
flag = false;
}
break;
}
}
if (flag)
{
certificates.Add(current);
}
}
}
if (certificates.Count < 1)
{
throw new CryptographicException(-2146889714);
}
certificates = X509Certificate2UI.SelectFromCollection(certificates, null, null, X509SelectionFlag.SingleSelection);
if (certificates.Count < 1)
{
throw new CryptographicException(0x4c7);
}
return(certificates[0]);
}
public bool CheckSignature(X509Certificate2 certificate, bool verifySignatureOnly)
{
if (!this.CheckSignature(certificate.PublicKey.Key))
{
return(false);
}
if (verifySignatureOnly)
{
SignedXmlDebugLog.LogVerificationResult(this, certificate, true);
return(true);
}
X509ExtensionEnumerator enumerator = certificate.Extensions.GetEnumerator();
while (enumerator.MoveNext())
{
X509Extension current = enumerator.Current;
if (string.Compare(current.Oid.Value, "2.5.29.15", StringComparison.OrdinalIgnoreCase) == 0)
{
X509KeyUsageExtension keyUsages = new X509KeyUsageExtension();
keyUsages.CopyFrom(current);
SignedXmlDebugLog.LogVerifyKeyUsage(this, certificate, keyUsages);
if (((keyUsages.KeyUsages & X509KeyUsageFlags.DigitalSignature) != X509KeyUsageFlags.None) || ((keyUsages.KeyUsages & X509KeyUsageFlags.NonRepudiation) != X509KeyUsageFlags.None))
{
break;
}
SignedXmlDebugLog.LogVerificationFailure(this, SecurityResources.GetResourceString("Log_VerificationFailed_X509KeyUsage"));
return(false);
}
}
X509Chain chain = new X509Chain();
chain.ChainPolicy.ExtraStore.AddRange(this.BuildBagOfCerts());
bool flag2 = chain.Build(certificate);
SignedXmlDebugLog.LogVerifyX509Chain(this, chain, certificate);
if (!flag2)
{
SignedXmlDebugLog.LogVerificationFailure(this, SecurityResources.GetResourceString("Log_VerificationFailed_X509Chain"));
return(false);
}
SignedXmlDebugLog.LogVerificationResult(this, certificate, true);
return(true);
}
