public static void RegisterSha2OidInformationForRsa() { // On Windows 2003, the default ALGID -> OID mapping for the SHA2 comes back with an unknown // ALG_ID of 0. The v2.0 CLR however expects unknown ALG_IDs to be mapped to -1, and therefore // fails to map this unknown value to the correct SHA-256 ALG_ID. If we're on Windows 2003 and // CLR 2.0, we'll re-register the SHA-256 OID so that the CLR can pick it up. if (Environment.OSVersion.Platform == PlatformID.Win32NT && Environment.OSVersion.Version.Major == 5 && Environment.OSVersion.Version.Minor == 2 && Environment.Version.Major == 2) { Oid2[] sha2Oids = new Oid2[] { new Oid2(CapiNative.WellKnownOids.Sha256, "sha256", OidGroup.HashAlgorithm, (int)CapiNative.AlgorithmID.Sha256, CngAlgorithm.Sha256, null), new Oid2(CapiNative.WellKnownOids.Sha384, "sha384", OidGroup.HashAlgorithm, (int)CapiNative.AlgorithmID.Sha384, CngAlgorithm.Sha384, null), new Oid2(CapiNative.WellKnownOids.Sha512, "sha512", OidGroup.HashAlgorithm, (int)CapiNative.AlgorithmID.Sha512, CngAlgorithm.Sha512, null) }; foreach (Oid2 sha2Oid in sha2Oids) { // If the OID is currently registered to an ALG_ID other than 0, we don't want to break // that registration (or duplicate it) by overwriting our own. Oid2 currentOid = Oid2.FindByValue(sha2Oid.Value, sha2Oid.Group, false); if (currentOid == null || !currentOid.HasAlgorithmId || currentOid.AlgorithmId == 0) { // There is either no current OID registration for the algorithm, or it contains a // CAPI algorithm mapping which will not be understood by the v2.0 CLR. Register a // new mapping which will have the CAPI algorithm ID in it. sha2Oid.Register(OidRegistrationOptions.InstallBeforeDefaultEntries); } } } }
public static void RegisterSha2OidInformationForRsa() { // On Windows 2003, the default ALGID -> OID mapping for the SHA2 comes back with an unknown // ALG_ID of 0. The v2.0 CLR however expects unknown ALG_IDs to be mapped to -1, and therefore // fails to map this unknown value to the correct SHA-256 ALG_ID. If we're on Windows 2003 and // CLR 2.0, we'll re-register the SHA-256 OID so that the CLR can pick it up. if (true || (Environment.OSVersion.Platform == PlatformID.Win32NT && Environment.OSVersion.Version.Major == 5 && Environment.OSVersion.Version.Minor == 2 && Environment.Version.Major == 2)) { Oid2[] sha2Oids = new Oid2[] { new Oid2(CapiNative.WellKnownOids.Sha256, "sha256", OidGroup.HashAlgorithm, (int)CapiNative.AlgorithmID.Sha256, CngAlgorithm.Sha256, null), //new Oid2(CapiNative.WellKnownOids.Sha384, "sha384", OidGroup.HashAlgorithm, (int)CapiNative.AlgorithmID.Sha384, CngAlgorithm.Sha384, null), //new Oid2(CapiNative.WellKnownOids.Sha512, "sha512", OidGroup.HashAlgorithm, (int)CapiNative.AlgorithmID.Sha512, CngAlgorithm.Sha512, null) }; foreach (Oid2 sha2Oid in sha2Oids) { // If the OID is currently registered to an ALG_ID other than 0, we don't want to break // that registration (or duplicate it) by overwriting our own. Oid2 currentOid = Oid2.FindByValue(sha2Oid.Value, sha2Oid.Group, false); if (currentOid == null || !currentOid.HasAlgorithmId || currentOid.AlgorithmId == 0) { // There is either no current OID registration for the algorithm, or it contains a // CAPI algorithm mapping which will not be understood by the v2.0 CLR. Register a // new mapping which will have the CAPI algorithm ID in it. sha2Oid.Register(OidRegistrationOptions.InstallBeforeDefaultEntries); currentOid = Oid2.FindByValue(sha2Oid.Value, sha2Oid.Group, false); if (currentOid == null || !currentOid.HasAlgorithmId || currentOid.AlgorithmId == 0) { throw new Exception("Váš systém nepodporuje SHA2 algoritmy pre podpis!"); } } } } }