public void CreateInternalHandle(ref int handle, string container) { if (handle == 0) { lock (this) { if (handle == 0 && !m_Error) { int flags, fs = 0, fmk = 0; if (!Environment.UserInteractive && Environment.OSVersion.Platform == PlatformID.Win32NT && Environment.OSVersion.Version.Major >= 5) { fs = SecurityConstants.CRYPT_SILENT; fmk = SecurityConstants.CRYPT_MACHINE_KEYSET; } for (int i = 0; i < m_Providers.Length; i++) { flags = fs | fmk; m_HandleProviderType = m_Providers[i]; if (SspiProvider.CryptAcquireContext(ref handle, container, null, m_Providers[i], flags) == 0) { if (Marshal.GetLastWin32Error() == SecurityConstants.NTE_BAD_KEYSET) { SspiProvider.CryptAcquireContext(ref handle, container, null, m_Providers[i], flags | SecurityConstants.CRYPT_NEWKEYSET); } else if (fmk != 0) { flags = fs; if (SspiProvider.CryptAcquireContext(ref handle, container, null, m_Providers[i], flags) == 0) { if (Marshal.GetLastWin32Error() == SecurityConstants.NTE_BAD_KEYSET) { SspiProvider.CryptAcquireContext(ref handle, container, null, m_Providers[i], flags | SecurityConstants.CRYPT_NEWKEYSET); } } } } if (handle != 0) { break; } } if (handle == 0) { m_Error = true; m_HandleProviderType = 0; } } if (m_Error) { throw new CryptographicException("Couldn't acquire crypto service provider context."); } } } }
public bool VerifySignature(Certificate cert, byte[] signature, byte[] hash) { int provider = 0; int hashptr = 0; int pubKey = 0; try { if (SspiProvider.CryptAcquireContext(ref provider, IntPtr.Zero, null, SecurityConstants.PROV_RSA_FULL, 0) == 0) { if (Marshal.GetLastWin32Error() == SecurityConstants.NTE_BAD_KEYSET) { SspiProvider.CryptAcquireContext(ref provider, IntPtr.Zero, null, SecurityConstants.PROV_RSA_FULL, SecurityConstants.CRYPT_NEWKEYSET); } } if (provider == 0) { throw new CryptographicException("Unable to acquire a cryptographic context."); } if (SspiProvider.CryptCreateHash(provider, SecurityConstants.CALG_SSL3_SHAMD5, 0, 0, out hashptr) == 0) { throw new CryptographicException("Unable to create the SHA-MD5 hash."); } if (SspiProvider.CryptSetHashParam(hashptr, SecurityConstants.HP_HASHVAL, hash, 0) == 0) { throw new CryptographicException("Unable to set the value of the SHA-MD5 hash."); } CertificateInfo ci = cert.GetCertificateInfo(); CERT_PUBLIC_KEY_INFO pki = new CERT_PUBLIC_KEY_INFO(ci); if (SspiProvider.CryptImportPublicKeyInfo(provider, SecurityConstants.X509_ASN_ENCODING | SecurityConstants.PKCS_7_ASN_ENCODING, ref pki, out pubKey) == 0) { throw new CryptographicException("Unable to get a handle to the public key of the specified certificate."); } byte[] sign_rev = new byte[signature.Length]; Array.Copy(signature, 0, sign_rev, 0, signature.Length); Array.Reverse(sign_rev); return(SspiProvider.CryptVerifySignature(hashptr, sign_rev, sign_rev.Length, pubKey, IntPtr.Zero, 0) != 0); } finally { if (pubKey != 0) { SspiProvider.CryptDestroyKey(pubKey); } if (hashptr != 0) { SspiProvider.CryptDestroyHash(hashptr); } if (provider != 0) { SspiProvider.CryptReleaseContext(provider, 0); } } }