internal static Signature SignFile( SigningOption option, string fileName, X509Certificate2 certificate, string timeStampServerUrl, string hashAlgorithm) { using (SignatureHelper.tracer.TraceMethod("file: {0}, cert: {1}", (object)SignatureHelper.GetStringValue(fileName), (object)SignatureHelper.GetCertName(certificate))) { Signature signature = (Signature)null; IntPtr num = IntPtr.Zero; uint error = 0; string hashAlgorithm1 = (string)null; Utils.CheckArgForNullOrEmpty(SignatureHelper.tracer, fileName, nameof(fileName)); Utils.CheckArgForNull(SignatureHelper.tracer, (object)certificate, nameof(certificate)); if (!string.IsNullOrEmpty(timeStampServerUrl) && (timeStampServerUrl.Length <= 7 || timeStampServerUrl.IndexOf("http://", StringComparison.OrdinalIgnoreCase) != 0)) { throw SignatureHelper.tracer.NewArgumentException(nameof(certificate), "Authenticode", "TimeStampUrlRequired"); } if (!string.IsNullOrEmpty(hashAlgorithm)) { IntPtr oidInfo = System.Management.Automation.Security.NativeMethods.CryptFindOIDInfo(2U, hashAlgorithm, 0U); hashAlgorithm1 = !(oidInfo == IntPtr.Zero) ? ((System.Management.Automation.Security.NativeMethods.CRYPT_OID_INFO)Marshal.PtrToStructure(oidInfo, typeof(System.Management.Automation.Security.NativeMethods.CRYPT_OID_INFO))).pszOID : throw SignatureHelper.tracer.NewArgumentException(nameof(certificate), "Authenticode", "InvalidHashAlgorithm"); } if (!SecuritySupport.CertIsGoodForSigning(certificate)) { throw SignatureHelper.tracer.NewArgumentException(nameof(certificate), "Authenticode", "CertNotGoodForSigning"); } SecuritySupport.CheckIfFileExists(fileName); try { string timeStampServerUrl1 = ""; if (!string.IsNullOrEmpty(timeStampServerUrl)) { timeStampServerUrl1 = timeStampServerUrl; } System.Management.Automation.Security.NativeMethods.CRYPTUI_WIZ_DIGITAL_SIGN_INFO wizDigitalSignInfo = System.Management.Automation.Security.NativeMethods.InitSignInfoStruct(fileName, certificate, timeStampServerUrl1, hashAlgorithm1, option); num = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)wizDigitalSignInfo)); Marshal.StructureToPtr((object)wizDigitalSignInfo, num, false); bool flag = System.Management.Automation.Security.NativeMethods.CryptUIWizDigitalSign(1U, IntPtr.Zero, IntPtr.Zero, num, IntPtr.Zero); Marshal.DestroyStructure(wizDigitalSignInfo.pSignExtInfo, typeof(System.Management.Automation.Security.NativeMethods.CRYPTUI_WIZ_DIGITAL_SIGN_EXTENDED_INFO)); Marshal.FreeCoTaskMem(wizDigitalSignInfo.pSignExtInfo); if (!flag) { error = SignatureHelper.GetLastWin32Error(); switch (error) { case 2147500037: case 2147942401: flag = true; break; case 2148073480: throw SignatureHelper.tracer.NewArgumentException(nameof(certificate), "Authenticode", "InvalidHashAlgorithm"); default: SignatureHelper.tracer.TraceError("CryptUIWizDigitalSign: failed: {0:x}", (object)error); break; } } signature = !flag ? new Signature(fileName, error) : (string.IsNullOrEmpty(timeStampServerUrl) ? new Signature(fileName, certificate) : SignatureHelper.GetSignature(fileName, (string)null)); } finally { Marshal.DestroyStructure(num, typeof(System.Management.Automation.Security.NativeMethods.CRYPTUI_WIZ_DIGITAL_SIGN_INFO)); Marshal.FreeCoTaskMem(num); } return(signature); } }