private void CoSign(CmsSigner signer, bool silent)
{
CAPI.CMSG_SIGNER_ENCODE_INFO signerEncodeInfo = PkcsUtils.CreateSignerEncodeInfo(signer, silent);
try {
SafeLocalAllocHandle pSignerEncodeInfo = CAPI.LocalAlloc(CAPI.LPTR, new IntPtr(Marshal.SizeOf(typeof(CAPI.CMSG_SIGNER_ENCODE_INFO))));
try {
// Marshal to unmanaged memory.
Marshal.StructureToPtr(signerEncodeInfo, pSignerEncodeInfo.DangerousGetHandle(), false);
// Add the signature.
if (!CAPI.CryptMsgControl(m_safeCryptMsgHandle,
0,
CAPI.CMSG_CTRL_ADD_SIGNER,
pSignerEncodeInfo.DangerousGetHandle()))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
}
finally {
Marshal.DestroyStructure(pSignerEncodeInfo.DangerousGetHandle(), typeof(CAPI.CMSG_SIGNER_ENCODE_INFO));
pSignerEncodeInfo.Dispose();
}
}
finally {
// and don't forget to dispose of resources allocated for the structure.
signerEncodeInfo.Dispose();
}
// Finally, add certs to bag of certs.
PkcsUtils.AddCertsToMessage(m_safeCryptMsgHandle, Certificates, PkcsUtils.CreateBagOfCertificates(signer));
}
private unsafe void Sign(CmsSigner signer, bool silent)
{
System.Security.Cryptography.SafeCryptMsgHandle hCryptMsg = null;
System.Security.Cryptography.CAPI.CMSG_SIGNED_ENCODE_INFO cmsg_signed_encode_info = new System.Security.Cryptography.CAPI.CMSG_SIGNED_ENCODE_INFO(Marshal.SizeOf(typeof(System.Security.Cryptography.CAPI.CMSG_SIGNED_ENCODE_INFO)));
System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO structure = PkcsUtils.CreateSignerEncodeInfo(signer, silent);
byte[] encodedMessage = null;
try
{
System.Security.Cryptography.SafeLocalAllocHandle handle2 = System.Security.Cryptography.CAPI.LocalAlloc(0, new IntPtr(Marshal.SizeOf(typeof(System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO))));
try
{
Marshal.StructureToPtr(structure, handle2.DangerousGetHandle(), false);
X509Certificate2Collection certificates = PkcsUtils.CreateBagOfCertificates(signer);
System.Security.Cryptography.SafeLocalAllocHandle handle3 = PkcsUtils.CreateEncodedCertBlob(certificates);
cmsg_signed_encode_info.cSigners = 1;
cmsg_signed_encode_info.rgSigners = handle2.DangerousGetHandle();
cmsg_signed_encode_info.cCertEncoded = (uint)certificates.Count;
if (certificates.Count > 0)
{
cmsg_signed_encode_info.rgCertEncoded = handle3.DangerousGetHandle();
}
if (string.Compare(this.ContentInfo.ContentType.Value, "1.2.840.113549.1.7.1", StringComparison.OrdinalIgnoreCase) == 0)
{
hCryptMsg = System.Security.Cryptography.CAPI.CryptMsgOpenToEncode(0x10001, this.Detached ? 4 : 0, 2, new IntPtr((void *)&cmsg_signed_encode_info), IntPtr.Zero, IntPtr.Zero);
}
else
{
hCryptMsg = System.Security.Cryptography.CAPI.CryptMsgOpenToEncode(0x10001, this.Detached ? 4 : 0, 2, new IntPtr((void *)&cmsg_signed_encode_info), this.ContentInfo.ContentType.Value, IntPtr.Zero);
}
if ((hCryptMsg == null) || hCryptMsg.IsInvalid)
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
if ((this.ContentInfo.Content.Length > 0) && !System.Security.Cryptography.CAPI.CAPISafe.CryptMsgUpdate(hCryptMsg, this.ContentInfo.pContent, (uint)this.ContentInfo.Content.Length, true))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
encodedMessage = PkcsUtils.GetContent(hCryptMsg);
hCryptMsg.Dispose();
handle3.Dispose();
}
finally
{
Marshal.DestroyStructure(handle2.DangerousGetHandle(), typeof(System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO));
handle2.Dispose();
}
}
finally
{
structure.Dispose();
}
hCryptMsg = OpenToDecode(encodedMessage, this.ContentInfo, this.Detached);
if ((this.m_safeCryptMsgHandle != null) && !this.m_safeCryptMsgHandle.IsInvalid)
{
this.m_safeCryptMsgHandle.Dispose();
}
this.m_safeCryptMsgHandle = hCryptMsg;
GC.KeepAlive(signer);
}
private unsafe void Sign(CmsSigner signer, bool silent)
{
SafeCryptMsgHandle safeCryptMsgHandle = null;
CAPI.CMSG_SIGNED_ENCODE_INFO signedEncodeInfo = new CAPI.CMSG_SIGNED_ENCODE_INFO(Marshal.SizeOf(typeof(CAPI.CMSG_SIGNED_ENCODE_INFO)));
SafeCryptProvHandle safeCryptProvHandle;
CAPI.CMSG_SIGNER_ENCODE_INFO signerEncodeInfo = PkcsUtils.CreateSignerEncodeInfo(signer, silent, out safeCryptProvHandle);
byte[] encodedMessage = null;
try {
SafeLocalAllocHandle pSignerEncodeInfo = CAPI.LocalAlloc(CAPI.LMEM_FIXED, new IntPtr(Marshal.SizeOf(typeof(CAPI.CMSG_SIGNER_ENCODE_INFO))));
try {
Marshal.StructureToPtr(signerEncodeInfo, pSignerEncodeInfo.DangerousGetHandle(), false);
X509Certificate2Collection bagOfCerts = PkcsUtils.CreateBagOfCertificates(signer);
SafeLocalAllocHandle pEncodedBagOfCerts = PkcsUtils.CreateEncodedCertBlob(bagOfCerts);
signedEncodeInfo.cSigners = 1;
signedEncodeInfo.rgSigners = pSignerEncodeInfo.DangerousGetHandle();
signedEncodeInfo.cCertEncoded = (uint)bagOfCerts.Count;
if (bagOfCerts.Count > 0)
{
signedEncodeInfo.rgCertEncoded = pEncodedBagOfCerts.DangerousGetHandle();
}
// Because of the way CAPI treats inner content OID, we should pass NULL
// for data type, otherwise detached will not work.
if (String.Compare(this.ContentInfo.ContentType.Value, CAPI.szOID_RSA_data, StringComparison.OrdinalIgnoreCase) == 0)
{
safeCryptMsgHandle = CAPI.CryptMsgOpenToEncode(CAPI.X509_ASN_ENCODING | CAPI.PKCS_7_ASN_ENCODING,
Detached ? CAPI.CMSG_DETACHED_FLAG : 0,
CAPI.CMSG_SIGNED,
new IntPtr(&signedEncodeInfo),
IntPtr.Zero,
IntPtr.Zero);
}
else
{
safeCryptMsgHandle = CAPI.CryptMsgOpenToEncode(CAPI.X509_ASN_ENCODING | CAPI.PKCS_7_ASN_ENCODING,
Detached ? CAPI.CMSG_DETACHED_FLAG : 0,
CAPI.CMSG_SIGNED,
new IntPtr(&signedEncodeInfo),
this.ContentInfo.ContentType.Value,
IntPtr.Zero);
}
if (safeCryptMsgHandle == null || safeCryptMsgHandle.IsInvalid)
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
if (this.ContentInfo.Content.Length > 0)
{
if (!CAPI.CAPISafe.CryptMsgUpdate(safeCryptMsgHandle, this.ContentInfo.pContent, (uint)this.ContentInfo.Content.Length, true))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
}
// Retrieve encoded message.
encodedMessage = PkcsUtils.GetContent(safeCryptMsgHandle);
safeCryptMsgHandle.Dispose();
pEncodedBagOfCerts.Dispose();
}
finally {
Marshal.DestroyStructure(pSignerEncodeInfo.DangerousGetHandle(), typeof(CAPI.CMSG_SIGNER_ENCODE_INFO));
pSignerEncodeInfo.Dispose();
}
}
finally {
// Don't forget to free all the resource still held inside signerEncodeInfo.
signerEncodeInfo.Dispose();
safeCryptProvHandle.Dispose();
}
// Re-open to decode.
safeCryptMsgHandle = OpenToDecode(encodedMessage, this.ContentInfo, this.Detached);
if (m_safeCryptMsgHandle != null && !m_safeCryptMsgHandle.IsInvalid)
{
m_safeCryptMsgHandle.Dispose();
}
m_safeCryptMsgHandle = safeCryptMsgHandle;
GC.KeepAlive(signer);
}
private unsafe void CounterSign(CmsSigner signer)
{
// Sanity check.
Debug.Assert(signer != null);
//
CspParameters parameters = new CspParameters();
if (X509Utils.GetPrivateKeyInfo(X509Utils.GetCertContext(signer.Certificate), ref parameters) == false)
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry entry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Open | KeyContainerPermissionFlags.Sign);
kp.AccessEntries.Add(entry);
kp.Demand();
// Get the signer's index.
uint index = (uint)PkcsUtils.GetSignerIndex(m_signedCms.GetCryptMsgHandle(), this, 0);
// Create CMSG_SIGNER_ENCODE_INFO structure.
SafeLocalAllocHandle pSignerEncodeInfo = CAPI.LocalAlloc(CAPI.LPTR, new IntPtr(Marshal.SizeOf(typeof(CAPI.CMSG_SIGNER_ENCODE_INFO))));
CAPI.CMSG_SIGNER_ENCODE_INFO signerEncodeInfo = PkcsUtils.CreateSignerEncodeInfo(signer);
try {
// Marshal to unmanaged memory.
Marshal.StructureToPtr(signerEncodeInfo, pSignerEncodeInfo.DangerousGetHandle(), false);
// Counter sign.
if (!CAPI.CryptMsgCountersign(m_signedCms.GetCryptMsgHandle(),
index,
1,
pSignerEncodeInfo.DangerousGetHandle()))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
// CAPI requires that the messge be re-encoded if any unauthenticated
// attribute has been added. So, let's re-open it to decode to work
// around this limitation.
m_signedCms.ReopenToDecode();
}
finally {
Marshal.DestroyStructure(pSignerEncodeInfo.DangerousGetHandle(), typeof(CAPI.CMSG_SIGNER_ENCODE_INFO));
pSignerEncodeInfo.Dispose();
// and don't forget to dispose of resources allocated for the structure.
signerEncodeInfo.Dispose();
}
// Finally, add certs to bag of certs.
PkcsUtils.AddCertsToMessage(m_signedCms.GetCryptMsgHandle(), m_signedCms.Certificates, PkcsUtils.CreateBagOfCertificates(signer));
return;
}
private void CoSign(CmsSigner signer, bool silent)
{
using (System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO cmsg_signer_encode_info = PkcsUtils.CreateSignerEncodeInfo(signer, silent))
{
System.Security.Cryptography.SafeLocalAllocHandle handle = System.Security.Cryptography.CAPI.LocalAlloc(0x40, new IntPtr(Marshal.SizeOf(typeof(System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO))));
try
{
Marshal.StructureToPtr(cmsg_signer_encode_info, handle.DangerousGetHandle(), false);
if (!System.Security.Cryptography.CAPI.CryptMsgControl(this.m_safeCryptMsgHandle, 0, 6, handle.DangerousGetHandle()))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
}
finally
{
Marshal.DestroyStructure(handle.DangerousGetHandle(), typeof(System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO));
handle.Dispose();
}
}
PkcsUtils.AddCertsToMessage(this.m_safeCryptMsgHandle, this.Certificates, PkcsUtils.CreateBagOfCertificates(signer));
}
private void CounterSign(CmsSigner signer)
{
CspParameters parameters = new CspParameters();
if (!System.Security.Cryptography.X509Certificates.X509Utils.GetPrivateKeyInfo(System.Security.Cryptography.X509Certificates.X509Utils.GetCertContext(signer.Certificate), ref parameters))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Sign | KeyContainerPermissionFlags.Open);
permission.AccessEntries.Add(accessEntry);
permission.Demand();
uint dwIndex = (uint)PkcsUtils.GetSignerIndex(this.m_signedCms.GetCryptMsgHandle(), this, 0);
System.Security.Cryptography.SafeLocalAllocHandle handle = System.Security.Cryptography.CAPI.LocalAlloc(0x40, new IntPtr(Marshal.SizeOf(typeof(System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO))));
System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO structure = PkcsUtils.CreateSignerEncodeInfo(signer);
try
{
Marshal.StructureToPtr(structure, handle.DangerousGetHandle(), false);
if (!System.Security.Cryptography.CAPI.CryptMsgCountersign(this.m_signedCms.GetCryptMsgHandle(), dwIndex, 1, handle.DangerousGetHandle()))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
this.m_signedCms.ReopenToDecode();
}
finally
{
Marshal.DestroyStructure(handle.DangerousGetHandle(), typeof(System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO));
handle.Dispose();
structure.Dispose();
}
PkcsUtils.AddCertsToMessage(this.m_signedCms.GetCryptMsgHandle(), this.m_signedCms.Certificates, PkcsUtils.CreateBagOfCertificates(signer));
}