internal static Boolean VerifySignature(PublicKey pubKey, Wincrypt.CERT_SIGNED_CONTENT_INFO signedInfo) { Byte[] data = getSignedBytes(signedInfo); Byte[] signature = pubKey.Oid.Value == "1.2.840.10045.2.1" ? getSignatureBytes(signedInfo, true) : getSignatureBytes(signedInfo, false); Oid hashAlgorithm = new Oid(signedInfo.SignatureAlgorithm.pszObjId); hashAlgorithm = new Oid(hashAlgorithm.FriendlyName.ToLower().Replace("rsa", null).Replace("ecdsa", null)); return(verifySignature(pubKey, data, signature, hashAlgorithm)); }
void getSignature() { UInt32 pcbStructInfo = 0; if (!Crypt32.CryptDecodeObject(65537, Wincrypt.X509_CERT, RawData, (UInt32)RawData.Length, 8, IntPtr.Zero, ref pcbStructInfo)) { throw new Win32Exception(Marshal.GetLastWin32Error()); } IntPtr pvStructInfo = Marshal.AllocHGlobal((Int32)pcbStructInfo); Crypt32.CryptDecodeObject(65537, Wincrypt.X509_CERT, RawData, (UInt32)RawData.Length, 8, pvStructInfo, ref pcbStructInfo); signedData = (Wincrypt.CERT_SIGNED_CONTENT_INFO)Marshal.PtrToStructure(pvStructInfo, typeof(Wincrypt.CERT_SIGNED_CONTENT_INFO)); signature = new Byte[signedData.Signature.cbData]; Marshal.Copy(signedData.Signature.pbData, signature, 0, (Int32)signedData.Signature.cbData); sigUnused = signedData.Signature.cUnusedBits; SignatureAlgorithm = new Oid(signedData.SignatureAlgorithm.pszObjId); Array.Reverse(signature); Marshal.FreeHGlobal(pvStructInfo); }
static Byte[] getSignatureBytes(Wincrypt.CERT_SIGNED_CONTENT_INFO signedData, Boolean cng) { Byte[] signature = new Byte[signedData.Signature.cbData]; Marshal.Copy(signedData.Signature.pbData, signature, 0, (Int32)signedData.Signature.cbData); if (cng) { Asn1Reader asn = new Asn1Reader(signature); asn.MoveNext(); List <byte> sigBuilder = asn.PayloadLength % 2 == 1 ? new List <Byte>(asn.GetPayload().Skip(1)) : new List <Byte>(asn.GetPayload()); asn.MoveNext(); sigBuilder.AddRange( asn.PayloadLength % 2 == 1 ? asn.GetPayload().Skip(1) : asn.GetPayload() ); return(sigBuilder.ToArray()); } return(signature); }
static Byte[] getSignedBytes(Wincrypt.CERT_SIGNED_CONTENT_INFO signedData) { Byte[] tbs = new Byte[signedData.ToBeSigned.cbData]; Marshal.Copy(signedData.ToBeSigned.pbData, tbs, 0, tbs.Length); return(tbs); }