private SignatureVerificationResult VerifyAuthenticodePublisher(X509Certificate2 publisherCertificate)
        {
            Debug.Assert(publisherCertificate != null, "publisherCertificate != null");

            // Get the expected name and key hash
            XmlElement publisherIdentity = m_manifestXml.SelectSingleNode("//asm:assembly/asmv2:publisherIdentity",
                                                                          m_namespaceManager) as XmlElement;

            if (publisherIdentity == null)
            {
                return(SignatureVerificationResult.BadSignatureFormat);
            }

            string publisherName          = publisherIdentity.GetAttribute("name");
            string publisherIssuerKeyHash = publisherIdentity.GetAttribute("issuerKeyHash");

            if (String.IsNullOrEmpty(publisherName) || String.IsNullOrEmpty(publisherIssuerKeyHash))
            {
                return(SignatureVerificationResult.BadSignatureFormat);
            }

            // Get the actual key hash
            SafeAxlBufferHandle issuerKeyBuffer = null;
            int hrHash = X509Native.UnsafeNativeMethods._AxlGetIssuerPublicKeyHash(publisherCertificate.Handle,
                                                                                   out issuerKeyBuffer);

            if (hrHash != (int)SignatureVerificationResult.Valid)
            {
                return((SignatureVerificationResult)hrHash);
            }

            string actualKeyHash = null;
            bool   acquired      = false;

            RuntimeHelpers.PrepareConstrainedRegions();
            try {
                issuerKeyBuffer.DangerousAddRef(ref acquired);
                actualKeyHash = Marshal.PtrToStringUni(issuerKeyBuffer.DangerousGetHandle());
            }
            finally {
                if (acquired)
                {
                    issuerKeyBuffer.DangerousRelease();
                }
            }

            if (String.Compare(publisherName, publisherCertificate.SubjectName.Name, StringComparison.Ordinal) != 0 ||
                String.Compare(publisherIssuerKeyHash, actualKeyHash, StringComparison.Ordinal) != 0)
            {
                return(SignatureVerificationResult.PublisherMismatch);
            }

            return(SignatureVerificationResult.Valid);
        }
Пример #2
0
        private SignatureVerificationResult VerifyAuthenticodePublisher(X509Certificate2 publisherCertificate)
        {
            XmlElement element = this.m_manifestXml.SelectSingleNode("//asm:assembly/asmv2:publisherIdentity", this.m_namespaceManager) as XmlElement;

            if (element == null)
            {
                return(SignatureVerificationResult.BadSignatureFormat);
            }
            string attribute = element.GetAttribute("name");
            string str2      = element.GetAttribute("issuerKeyHash");

            if (string.IsNullOrEmpty(attribute) || string.IsNullOrEmpty(str2))
            {
                return(SignatureVerificationResult.BadSignatureFormat);
            }
            SafeAxlBufferHandle ppwszPublicKeyHash = null;
            int num = X509Native.UnsafeNativeMethods._AxlGetIssuerPublicKeyHash(publisherCertificate.Handle, out ppwszPublicKeyHash);

            if (num != 0)
            {
                return((SignatureVerificationResult)num);
            }
            string strB    = null;
            bool   success = false;

            RuntimeHelpers.PrepareConstrainedRegions();
            try
            {
                ppwszPublicKeyHash.DangerousAddRef(ref success);
                strB = Marshal.PtrToStringUni(ppwszPublicKeyHash.DangerousGetHandle());
            }
            finally
            {
                if (success)
                {
                    ppwszPublicKeyHash.DangerousRelease();
                }
            }
            if ((string.Compare(attribute, publisherCertificate.SubjectName.Name, StringComparison.Ordinal) == 0) && (string.Compare(str2, strB, StringComparison.Ordinal) == 0))
            {
                return(SignatureVerificationResult.Valid);
            }
            return(SignatureVerificationResult.PublisherMismatch);
        }