void m_initialize2(Wincrypt.CRYPT_ATTRIBUTE blob)
{
Oid = new Oid(blob.pszObjId);
Wincrypt.CRYPTOAPI_BLOB attrStruct = (Wincrypt.CRYPTOAPI_BLOB)Marshal.PtrToStructure(blob.rgValue, typeof(Wincrypt.CRYPTOAPI_BLOB));
RawData = new Byte[attrStruct.cbData];
Marshal.Copy(attrStruct.pbData, RawData, 0, RawData.Length);
}
void getAttributes()
{
if (reqData.cAttribute <= 0)
{
return;
}
IntPtr rgAttribute = reqData.rgAttribute;
for (Int32 index = 0; index < reqData.cAttribute; index++)
{
Wincrypt.CRYPT_ATTRIBUTE attrib = (Wincrypt.CRYPT_ATTRIBUTE)Marshal.PtrToStructure(rgAttribute, typeof(Wincrypt.CRYPT_ATTRIBUTE));
Oid attriboid = new Oid(attrib.pszObjId);
Wincrypt.CRYPTOAPI_BLOB blob = (Wincrypt.CRYPTOAPI_BLOB)Marshal.PtrToStructure(attrib.rgValue, typeof(Wincrypt.CRYPTOAPI_BLOB));
Byte[] bytes = new Byte[blob.cbData];
Marshal.Copy(blob.pbData, bytes, 0, (Int32)blob.cbData);
if (attrib.pszObjId == "1.2.840.113549.1.9.14")
{
getExtensions(bytes);
}
else
{
_attribs.Add(new X509Attribute(attriboid, bytes));
}
rgAttribute = (IntPtr)((UInt64)rgAttribute + (UInt32)Marshal.SizeOf(typeof(Wincrypt.CRYPT_ATTRIBUTE)));
}
}
void decodeEncryptedHash(Wincrypt.CRYPTOAPI_BLOB blob)
{
if (blob.cbData == 0)
{
return;
}
EncryptedHash = new Byte[blob.cbData];
Marshal.Copy(blob.pbData, EncryptedHash, 0, EncryptedHash.Length);
}
public static extern IntPtr CertCreateSelfSignCertificate(
[In, Optional] IntPtr phProv,
[In] Wincrypt.CRYPTOAPI_BLOB pSubjectIssuerBlob,
[In] UInt32 flags,
[In, Optional] Wincrypt.CRYPT_KEY_PROV_INFO pKeyProvInfo,
[In, Optional] IntPtr pSignatureAlgorithm,
[In, Optional] Wincrypt.SystemTime pStartTime,
[In, Optional] Wincrypt.SystemTime pEndTime,
[Optional] Wincrypt.CERT_EXTENSIONS pExtensions
);
void decodeHashId(Wincrypt.CRYPTOAPI_BLOB blob)
{
if (blob.cbData == 0)
{
return;
}
Byte[] rawBytes = new Byte[blob.cbData];
Marshal.Copy(blob.pbData, rawBytes, 0, rawBytes.Length);
Value = String.Concat(rawBytes.Select(x => x.ToString("X2")).ToArray());
}
void decodeSignerInfos(Wincrypt.CRYPTOAPI_BLOB blob)
{
if (blob.cbData == 0)
{
return;
}
Byte[] signerBytes = new Byte[blob.cbData];
Marshal.Copy(blob.pbData, signerBytes, 0, signerBytes.Length);
Asn1Reader asn = new Asn1Reader(signerBytes);
asn.MoveNext();
do
{
_signerInfos.Add(new PkcsSignerInfo(asn.GetTagRawData(), _certificates));
} while (asn.MoveNextCurrentLevel());
}
/// <summary>
/// Attempts to decode the outer layer of a BLOB as a PFX packet
/// </summary>
/// <param name="rawData">A byte array that the method will attempt to decode as a PFX packet</param>
/// <exception cref="ArgumentNullException">If the <strong>rawData</strong> parameter is null.</exception>
/// <returns>The function returns <strong>TRUE</strong> if the BLOB can be decoded as a PFX packet. If the outer
/// layer of the BLOB cannot be decoded as a PFX packet, the method returns <strong>FALSE.</strong></returns>
public static Boolean PfxisPfxBlob(Byte[] rawData)
{
if (rawData != null)
{
IntPtr ptr = Marshal.AllocHGlobal(rawData.Length);
Marshal.Copy(rawData, 0, ptr, rawData.Length);
Wincrypt.CRYPTOAPI_BLOB PPfx = new Wincrypt.CRYPTOAPI_BLOB {
cbData = (UInt32)rawData.Length,
pbData = ptr
};
Boolean result = Crypt32.PFXIsPFXBlob(PPfx);
Marshal.FreeHGlobal(ptr);
return(result);
}
throw new ArgumentNullException("rawData");
}
// TODO
//void decodeCmcContentInfo(IntPtr rgTaggedRequest, UInt32 cTaggedRequest) {
//}
//void decodeCmcOtherMsg(IntPtr rgTaggedRequest, UInt32 cTaggedRequest) {
//}
void decodeCerts(Wincrypt.CRYPTOAPI_BLOB blob)
{
if (blob.cbData == 0)
{
return;
}
Byte[] certBytes = new Byte[blob.cbData];
Marshal.Copy(blob.pbData, certBytes, 0, certBytes.Length);
Asn1Reader asn = new Asn1Reader(certBytes);
asn.MoveNext();
do
{
_certificates.Add(new X509Certificate2(asn.GetTagRawData()));
} while (asn.MoveNextCurrentLevel());
}
/// <summary>
/// attempts to decode the outer layer of a BLOB as a Personal Information Exchange (PFX) packet and to decrypt it
/// with the given password.
/// </summary>
/// <param name="rawData">A byte array that the method will attempt to decode as a PFX packet</param>
/// <param name="password">String password to be checked. For this function to succeed, this password must be exactly the same
/// as the password used to encrypt the packet.
/// <para>If you set this value to an empty string or <strong>NULL</strong>, this function typically attempts to decrypt the
/// password embedded in the PFX BLOB by using the empty string or <strong>NULL</strong>.</para>
/// <para>However, beginning with Windows 8 and Windows Server 2012, if a <strong>NULL</strong> or empty password was specified
/// when the PFX BLOB was created and the application also specified that the password should be protected to an Active
/// Directory (AD) principal, the Cryptography API (CAPI) randomly generates a password, encrypts it to the AD principal
/// and embeds it in the PFX BLOB. The PFXVerifyPassword function will then try to use the specified AD principal (current
/// user, computer, or AD group member) to decrypt the password.</para>
/// </param>
/// <exception cref="ArgumentNullException">If the <strong>rawData</strong> parameter is null.</exception>
/// <returns>The method return <strong>TRUE</strong> if the password appears correct; otherwise,
/// it returns <strong>FALSE</strong>.
/// </returns>
public static Boolean PfxVerifyPassword(Byte[] rawData, String password)
{
if (rawData != null)
{
IntPtr ptr = Marshal.AllocHGlobal(rawData.Length);
Marshal.Copy(rawData, 0, ptr, rawData.Length);
Wincrypt.CRYPTOAPI_BLOB PPfx = new Wincrypt.CRYPTOAPI_BLOB {
cbData = (UInt32)rawData.Length,
pbData = ptr
};
Boolean result = Crypt32.PFXVerifyPassword(PPfx, password, 0);
Marshal.FreeHGlobal(ptr);
return(result);
}
throw new ArgumentNullException(nameof(rawData));
}
void decodeCrls(Wincrypt.CRYPTOAPI_BLOB blob)
{
if (blob.cbData == 0)
{
return;
}
Byte[] crlBytes = new Byte[blob.cbData];
Marshal.Copy(blob.pbData, crlBytes, 0, (Int32)blob.cbData);
Asn1Reader asn = new Asn1Reader(crlBytes);
asn.MoveNext();
do
{
_crls.Add(new X509CRL2(asn.GetTagRawData()));
} while (asn.MoveNextCurrentLevel());
}
void switchInnerType(Wincrypt.CRYPTOAPI_BLOB blob)
{
ContentInfo2 info = new ContentInfo2(blob);
ContentType = info.ContentType;
switch (info.ContentType.Value)
{
case "1.3.6.1.5.5.7.12.2":
decodeCMC(info.RawData);
break;
default:
Content = info.RawData;
break;
}
}
void UnrollPkcs7(Wincrypt.CRYPTOAPI_BLOB sequence)
{
Int32 size = Marshal.SizeOf(typeof(Wincrypt.CRYPTOAPI_BLOB));
IntPtr pValue = sequence.pbData;
for (Int32 index = 0; index < sequence.cbData; index++)
{
Wincrypt.CRYPTOAPI_BLOB blob = (Wincrypt.CRYPTOAPI_BLOB)Marshal.PtrToStructure(pValue, typeof(Wincrypt.CRYPTOAPI_BLOB));
switch (index)
{
case 0:
decodeVersion(blob);
break;
case 1:
decodeAlgorithms(blob);
break;
case 2:
switchInnerType(blob);
break;
default: {
Byte[] nextTag = new Byte[1];
Marshal.Copy(blob.pbData, nextTag, 0, 1);
switch (nextTag[0])
{
case 160:
decodeCerts(blob);
break;
case 161:
decodeCrls(blob);
break;
case 49:
decodeSignerInfos(blob);
break;
}
}
break;
}
pValue += size;
}
}
void setFriendlyName(X509Certificate2 cert)
{
if (!String.IsNullOrWhiteSpace(FriendlyName))
{
Byte[] stringBytes = Encoding.Unicode.GetBytes(FriendlyName);
IntPtr ptr = Marshal.AllocHGlobal(stringBytes.Length);
Marshal.Copy(stringBytes, 0, ptr, stringBytes.Length);
var blob = new Wincrypt.CRYPTOAPI_BLOB {
cbData = (UInt32)stringBytes.Length,
pbData = ptr
};
IntPtr blobPtr = Marshal.AllocHGlobal(Marshal.SizeOf(blob));
Marshal.StructureToPtr(blob, blobPtr, false);
Crypt32.CertSetCertificateContextProperty(cert.Handle, X509CertificatePropertyType.FriendlyName, 0, blobPtr);
Marshal.FreeHGlobal(ptr);
Marshal.FreeHGlobal(blobPtr);
}
}
void decodeAttributes(IntPtr rgTaggedAttribute, UInt32 cTaggedAttribute)
{
if (cTaggedAttribute == 0)
{
return;
}
IntPtr rgValue = rgTaggedAttribute;
Int32 size = Marshal.SizeOf(typeof(Wincrypt.CMC_TAGGED_ATTRIBUTE));
for (Int32 index = 0; index < cTaggedAttribute; index++)
{
Wincrypt.CMC_TAGGED_ATTRIBUTE attr = (Wincrypt.CMC_TAGGED_ATTRIBUTE)Marshal.PtrToStructure(rgValue, typeof(Wincrypt.CMC_TAGGED_ATTRIBUTE));
Wincrypt.CRYPTOAPI_BLOB attrvalue = (Wincrypt.CRYPTOAPI_BLOB)Marshal.PtrToStructure(attr.rgValue, typeof(Wincrypt.CRYPTOAPI_BLOB));
Byte[] bytes = new Byte[attrvalue.cbData];
Marshal.Copy(attrvalue.pbData, bytes, 0, (Int32)attrvalue.cbData);
_attributes.Add(new X509Attribute(new Oid(attr.pszObjId), (Int32)attr.dwBodyPartID, bytes));
rgValue += size;
}
}
void decodeAlgorithms(Wincrypt.CRYPTOAPI_BLOB blob)
{
if (blob.cbData == 0)
{
return;
}
Byte[] rawData = new Byte[blob.cbData];
Marshal.Copy(blob.pbData, rawData, 0, (Int32)blob.cbData);
Asn1Reader asn = new Asn1Reader(rawData);
if (asn.Tag != 49)
{
throw new Asn1InvalidTagException(asn.Offset);
}
asn.MoveNext();
do
{
_digestAlgs.Add(new AlgorithmIdentifier(asn.GetTagRawData()).AlgorithmId);
} while (asn.MoveNextCurrentLevel());
}
void decodeAlgorithms(Wincrypt.CRYPTOAPI_BLOB blob)
{
if (blob.cbData == 0)
{
return;
}
digestAlgs = new List <Oid>();
Byte[] rawData = new Byte[blob.cbData];
Marshal.Copy(blob.pbData, rawData, 0, (Int32)blob.cbData);
Asn1Reader asn = new Asn1Reader(rawData);
if (asn.Tag != 49)
{
throw new InvalidDataException("The data is invalid.");
}
asn.MoveNext();
do
{
digestAlgs.Add(new PKI.ManagedAPI.StructClasses.AlgorithmIdentifier(asn.GetTagRawData()).AlgorithmId);
} while (asn.MoveNextCurrentLevel());
}
void m_initialize2(Wincrypt.CRYPTOAPI_BLOB blob)
{
UInt32 pcbStructInfo = 0;
if (!Crypt32.CryptDecodeObject(1, Wincrypt.PKCS_CONTENT_INFO, blob.pbData, blob.cbData, 0, IntPtr.Zero, ref pcbStructInfo))
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
IntPtr pvStructInfo = Marshal.AllocHGlobal((Int32)pcbStructInfo);
if (!Crypt32.CryptDecodeObject(1, Wincrypt.PKCS_CONTENT_INFO, blob.pbData, blob.cbData, 0, pvStructInfo, ref pcbStructInfo))
{
Marshal.FreeHGlobal(pvStructInfo);
throw new Win32Exception(Marshal.GetLastWin32Error());
}
Wincrypt.CRYPT_CONTENT_INFO contentInfo = (Wincrypt.CRYPT_CONTENT_INFO)Marshal.PtrToStructure(pvStructInfo, typeof(Wincrypt.CRYPT_CONTENT_INFO));
ContentType = new Oid(contentInfo.pszObjId);
RawData = new Byte[contentInfo.cbData];
Marshal.Copy(contentInfo.pbData, RawData, 0, (Int32)contentInfo.cbData);
Marshal.FreeHGlobal(pvStructInfo);
}
void getSequence(ContentInfo2 info)
{
UInt32 pcbStructInfo = 0;
if (!Crypt32.CryptDecodeObject(1, Wincrypt.X509_SEQUENCE_OF_ANY, info.RawData, (UInt32)info.RawData.Length, 0, IntPtr.Zero, ref pcbStructInfo))
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
IntPtr pvStructInfo = Marshal.AllocHGlobal((Int32)pcbStructInfo);
try {
Crypt32.CryptDecodeObject(1, Wincrypt.X509_SEQUENCE_OF_ANY, info.RawData, (UInt32)info.RawData.Length, 0, pvStructInfo, ref pcbStructInfo);
Wincrypt.CRYPTOAPI_BLOB sequence = (Wincrypt.CRYPTOAPI_BLOB)Marshal.PtrToStructure(pvStructInfo, typeof(Wincrypt.CRYPTOAPI_BLOB));
if (sequence.cbData == 0)
{
return;
}
UnrollPkcs7(sequence);
} finally {
Marshal.FreeHGlobal(pvStructInfo);
}
}
void get_ctlentries()
{
if (CTLInfo.cCTLEntry > 0)
{
Entries = new X509CTLEntryCollection();
IntPtr rgCTLEntry = CTLInfo.rgCTLEntry;
for (Int32 index = 0; index < CTLInfo.cCTLEntry; index++)
{
StringBuilder SB = new StringBuilder();
X509AttributeCollection attributes = new X509AttributeCollection();
Wincrypt.CTL_ENTRY CTLEntry = (Wincrypt.CTL_ENTRY)Marshal.PtrToStructure(rgCTLEntry, typeof(Wincrypt.CTL_ENTRY));
byte[] bytes = new Byte[CTLEntry.SubjectIdentifier.cbData];
Marshal.Copy(CTLEntry.SubjectIdentifier.pbData, bytes, 0, bytes.Length);
foreach (Byte item in bytes)
{
SB.Append($"{item:X2}");
}
String thumbprint = SB.ToString();
if (CTLEntry.cAttribute > 0)
{
IntPtr rgAttribute = CTLEntry.rgAttribute;
for (Int32 indexx = 0; indexx < CTLEntry.cAttribute; indexx++)
{
Wincrypt.CRYPT_ATTRIBUTE attrib = (Wincrypt.CRYPT_ATTRIBUTE)Marshal.PtrToStructure(rgAttribute, typeof(Wincrypt.CRYPT_ATTRIBUTE));
Oid pszOid = new Oid(attrib.pszObjId);
Wincrypt.CRYPTOAPI_BLOB blob = (Wincrypt.CRYPTOAPI_BLOB)Marshal.PtrToStructure(attrib.rgValue, typeof(Wincrypt.CRYPTOAPI_BLOB));
bytes = new Byte[blob.cbData];
Marshal.Copy(blob.pbData, bytes, 0, bytes.Length);
attributes.Add(new X509Attribute(pszOid, bytes));
rgAttribute = (IntPtr)((UInt64)rgAttribute + (UInt32)Marshal.SizeOf(typeof(Wincrypt.CRYPT_ATTRIBUTE)));
}
}
Entries.Add(new X509CTLEntry(thumbprint, attributes));
rgCTLEntry = (IntPtr)((UInt64)rgCTLEntry + (UInt32)Marshal.SizeOf(typeof(Wincrypt.CTL_ENTRY)));
}
}
}
internal static extern Boolean PFXVerifyPassword(
[In] Wincrypt.CRYPTOAPI_BLOB pPFX,
[MarshalAs(UnmanagedType.LPWStr)]
[In] String szPassword,
[In] UInt32 dwFlags
);
internal static extern Boolean PFXIsPFXBlob(
[In] Wincrypt.CRYPTOAPI_BLOB pPFX
);
void decodeVersion(Wincrypt.CRYPTOAPI_BLOB blob)
{
Byte[] rawData = new Byte[blob.cbData];
Marshal.Copy(blob.pbData, rawData, 0, (Int32)blob.cbData);
Version = (Int32)Asn1Utils.DecodeInteger(rawData);
}
internal ContentInfo2(Wincrypt.CRYPTOAPI_BLOB blob)
{
m_initialize2(blob);
}
