internal static unsafe System.Security.Cryptography.SafeLocalAllocHandle CreateEncodedCertBlob(X509Certificate2Collection certificates)
{
System.Security.Cryptography.SafeLocalAllocHandle invalidHandle = System.Security.Cryptography.SafeLocalAllocHandle.InvalidHandle;
if (certificates.Count > 0)
{
invalidHandle = System.Security.Cryptography.CAPI.LocalAlloc(0, new IntPtr(certificates.Count * Marshal.SizeOf(typeof(System.Security.Cryptography.CAPI.CRYPTOAPI_BLOB))));
System.Security.Cryptography.CAPI.CRYPTOAPI_BLOB *handle = (System.Security.Cryptography.CAPI.CRYPTOAPI_BLOB *)invalidHandle.DangerousGetHandle();
X509Certificate2Enumerator enumerator = certificates.GetEnumerator();
while (enumerator.MoveNext())
{
System.Security.Cryptography.CAPI.CERT_CONTEXT cert_context = *((System.Security.Cryptography.CAPI.CERT_CONTEXT *)System.Security.Cryptography.X509Certificates.X509Utils.GetCertContext(enumerator.Current).DangerousGetHandle());
handle->cbData = cert_context.cbCertEncoded;
handle->pbData = cert_context.pbCertEncoded;
handle++;
}
}
return(invalidHandle);
}
internal static RecipientInfoType GetRecipientInfoType(X509Certificate2 certificate)
{
RecipientInfoType unknown = RecipientInfoType.Unknown;
if (certificate == null)
{
return(unknown);
}
System.Security.Cryptography.CAPI.CERT_CONTEXT cert_context = (System.Security.Cryptography.CAPI.CERT_CONTEXT)Marshal.PtrToStructure(System.Security.Cryptography.X509Certificates.X509Utils.GetCertContext(certificate).DangerousGetHandle(), typeof(System.Security.Cryptography.CAPI.CERT_CONTEXT));
System.Security.Cryptography.CAPI.CERT_INFO cert_info = (System.Security.Cryptography.CAPI.CERT_INFO)Marshal.PtrToStructure(cert_context.pCertInfo, typeof(System.Security.Cryptography.CAPI.CERT_INFO));
switch (System.Security.Cryptography.X509Certificates.X509Utils.OidToAlgId(cert_info.SubjectPublicKeyInfo.Algorithm.pszObjId))
{
case 0xa400:
return(RecipientInfoType.KeyTransport);
case 0xaa01:
case 0xaa02:
return(RecipientInfoType.KeyAgreement);
}
return(RecipientInfoType.Unknown);
}
internal static unsafe uint AddCertsToMessage(System.Security.Cryptography.SafeCryptMsgHandle safeCryptMsgHandle, X509Certificate2Collection bagOfCerts, X509Certificate2Collection chainOfCerts)
{
uint num = 0;
X509Certificate2Enumerator enumerator = chainOfCerts.GetEnumerator();
while (enumerator.MoveNext())
{
X509Certificate2 current = enumerator.Current;
if (bagOfCerts.Find(X509FindType.FindByThumbprint, current.Thumbprint, false).Count == 0)
{
System.Security.Cryptography.CAPI.CERT_CONTEXT cert_context = *((System.Security.Cryptography.CAPI.CERT_CONTEXT *)System.Security.Cryptography.X509Certificates.X509Utils.GetCertContext(current).DangerousGetHandle());
System.Security.Cryptography.CAPI.CRYPTOAPI_BLOB cryptoapi_blob = new System.Security.Cryptography.CAPI.CRYPTOAPI_BLOB {
cbData = cert_context.cbCertEncoded,
pbData = cert_context.pbCertEncoded
};
if (!System.Security.Cryptography.CAPI.CryptMsgControl(safeCryptMsgHandle, 0, 10, new IntPtr((long)((ulong)((IntPtr) & cryptoapi_blob)))))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
num++;
}
}
return(num);
}
internal static unsafe System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO CreateSignerEncodeInfo(CmsSigner signer, bool silent)
{
System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO cmsg_signer_encode_info = new System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO(Marshal.SizeOf(typeof(System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO)));
System.Security.Cryptography.SafeCryptProvHandle invalidHandle = System.Security.Cryptography.SafeCryptProvHandle.InvalidHandle;
uint pdwKeySpec = 0;
bool pfCallerFreeProv = false;
cmsg_signer_encode_info.HashAlgorithm.pszObjId = signer.DigestAlgorithm.Value;
if (string.Compare(signer.Certificate.PublicKey.Oid.Value, "1.2.840.10040.4.1", StringComparison.Ordinal) == 0)
{
cmsg_signer_encode_info.HashEncryptionAlgorithm.pszObjId = "1.2.840.10040.4.3";
}
cmsg_signer_encode_info.cAuthAttr = (uint)signer.SignedAttributes.Count;
cmsg_signer_encode_info.rgAuthAttr = CreateCryptAttributes(signer.SignedAttributes);
cmsg_signer_encode_info.cUnauthAttr = (uint)signer.UnsignedAttributes.Count;
cmsg_signer_encode_info.rgUnauthAttr = CreateCryptAttributes(signer.UnsignedAttributes);
if (signer.SignerIdentifierType == SubjectIdentifierType.NoSignature)
{
cmsg_signer_encode_info.HashEncryptionAlgorithm.pszObjId = "1.3.6.1.5.5.7.6.2";
cmsg_signer_encode_info.pCertInfo = IntPtr.Zero;
cmsg_signer_encode_info.dwKeySpec = pdwKeySpec;
if (!System.Security.Cryptography.CAPI.CryptAcquireContext(ref invalidHandle, (string)null, (string)null, 1, 0xf0000000))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
cmsg_signer_encode_info.hCryptProv = invalidHandle.DangerousGetHandle();
GC.SuppressFinalize(invalidHandle);
cmsg_signer_encode_info.SignerId.dwIdChoice = 1;
X500DistinguishedName name = new X500DistinguishedName("CN=Dummy Signer")
{
Oid = new Oid("1.3.6.1.4.1.311.21.9")
};
cmsg_signer_encode_info.SignerId.Value.IssuerSerialNumber.Issuer.cbData = (uint)name.RawData.Length;
System.Security.Cryptography.SafeLocalAllocHandle handle2 = System.Security.Cryptography.CAPI.LocalAlloc(0x40, new IntPtr((long)cmsg_signer_encode_info.SignerId.Value.IssuerSerialNumber.Issuer.cbData));
Marshal.Copy(name.RawData, 0, handle2.DangerousGetHandle(), name.RawData.Length);
cmsg_signer_encode_info.SignerId.Value.IssuerSerialNumber.Issuer.pbData = handle2.DangerousGetHandle();
GC.SuppressFinalize(handle2);
cmsg_signer_encode_info.SignerId.Value.IssuerSerialNumber.SerialNumber.cbData = 1;
System.Security.Cryptography.SafeLocalAllocHandle handle3 = System.Security.Cryptography.CAPI.LocalAlloc(0x40, new IntPtr((long)cmsg_signer_encode_info.SignerId.Value.IssuerSerialNumber.SerialNumber.cbData));
byte *handle = (byte *)handle3.DangerousGetHandle();
handle[0] = 0;
cmsg_signer_encode_info.SignerId.Value.IssuerSerialNumber.SerialNumber.pbData = handle3.DangerousGetHandle();
GC.SuppressFinalize(handle3);
return(cmsg_signer_encode_info);
}
System.Security.Cryptography.SafeCertContextHandle certContext = System.Security.Cryptography.X509Certificates.X509Utils.GetCertContext(signer.Certificate);
if (!System.Security.Cryptography.CAPI.CAPISafe.CryptAcquireCertificatePrivateKey(certContext, silent ? 70 : 6, IntPtr.Zero, ref invalidHandle, ref pdwKeySpec, ref pfCallerFreeProv))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
cmsg_signer_encode_info.dwKeySpec = pdwKeySpec;
cmsg_signer_encode_info.hCryptProv = invalidHandle.DangerousGetHandle();
GC.SuppressFinalize(invalidHandle);
System.Security.Cryptography.CAPI.CERT_CONTEXT cert_context = *((System.Security.Cryptography.CAPI.CERT_CONTEXT *)certContext.DangerousGetHandle());
cmsg_signer_encode_info.pCertInfo = cert_context.pCertInfo;
if (signer.SignerIdentifierType == SubjectIdentifierType.SubjectKeyIdentifier)
{
uint pcbData = 0;
System.Security.Cryptography.SafeLocalAllocHandle pvData = System.Security.Cryptography.SafeLocalAllocHandle.InvalidHandle;
if (!System.Security.Cryptography.CAPI.CAPISafe.CertGetCertificateContextProperty(certContext, 20, pvData, ref pcbData))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
if (pcbData <= 0)
{
return(cmsg_signer_encode_info);
}
pvData = System.Security.Cryptography.CAPI.LocalAlloc(0x40, new IntPtr((long)pcbData));
if (!System.Security.Cryptography.CAPI.CAPISafe.CertGetCertificateContextProperty(certContext, 20, pvData, ref pcbData))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
cmsg_signer_encode_info.SignerId.dwIdChoice = 2;
cmsg_signer_encode_info.SignerId.Value.KeyId.cbData = pcbData;
cmsg_signer_encode_info.SignerId.Value.KeyId.pbData = pvData.DangerousGetHandle();
GC.SuppressFinalize(pvData);
}
return(cmsg_signer_encode_info);
}
private unsafe void Verify(X509Certificate2Collection extraStore, X509Certificate2 certificate, bool verifySignatureOnly)
{
System.Security.Cryptography.SafeLocalAllocHandle invalidHandle = System.Security.Cryptography.SafeLocalAllocHandle.InvalidHandle;
System.Security.Cryptography.CAPI.CERT_CONTEXT cert_context = (System.Security.Cryptography.CAPI.CERT_CONTEXT)Marshal.PtrToStructure(System.Security.Cryptography.X509Certificates.X509Utils.GetCertContext(certificate).DangerousGetHandle(), typeof(System.Security.Cryptography.CAPI.CERT_CONTEXT));
IntPtr ptr = new IntPtr(((long)cert_context.pCertInfo) + ((long)Marshal.OffsetOf(typeof(System.Security.Cryptography.CAPI.CERT_INFO), "SubjectPublicKeyInfo")));
IntPtr ptr2 = new IntPtr(((long)ptr) + ((long)Marshal.OffsetOf(typeof(System.Security.Cryptography.CAPI.CERT_PUBLIC_KEY_INFO), "Algorithm")));
IntPtr ptr3 = new IntPtr(((long)ptr2) + ((long)Marshal.OffsetOf(typeof(System.Security.Cryptography.CAPI.CRYPT_ALGORITHM_IDENTIFIER), "Parameters")));
IntPtr pvKey = Marshal.ReadIntPtr(ptr2);
if (System.Security.Cryptography.CAPI.CryptFindOIDInfo(1, pvKey, 3).Algid == 0x2200)
{
bool flag = false;
IntPtr ptr5 = new IntPtr(((long)ptr3) + ((long)Marshal.OffsetOf(typeof(System.Security.Cryptography.CAPI.CRYPTOAPI_BLOB), "cbData")));
IntPtr ptr6 = new IntPtr(((long)ptr3) + ((long)Marshal.OffsetOf(typeof(System.Security.Cryptography.CAPI.CRYPTOAPI_BLOB), "pbData")));
if (Marshal.ReadInt32(ptr5) == 0)
{
flag = true;
}
else if (Marshal.ReadIntPtr(ptr6) == IntPtr.Zero)
{
flag = true;
}
else if (Marshal.ReadInt32(Marshal.ReadIntPtr(ptr6)) == 5)
{
flag = true;
}
if (flag)
{
System.Security.Cryptography.SafeCertChainHandle ppChainContext = System.Security.Cryptography.SafeCertChainHandle.InvalidHandle;
System.Security.Cryptography.X509Certificates.X509Utils.BuildChain(new IntPtr(0L), System.Security.Cryptography.X509Certificates.X509Utils.GetCertContext(certificate), null, null, null, X509RevocationMode.NoCheck, X509RevocationFlag.ExcludeRoot, DateTime.Now, new TimeSpan(0, 0, 0), ref ppChainContext);
ppChainContext.Dispose();
uint pcbData = 0;
if (!System.Security.Cryptography.CAPI.CAPISafe.CertGetCertificateContextProperty(System.Security.Cryptography.X509Certificates.X509Utils.GetCertContext(certificate), 0x16, invalidHandle, ref pcbData))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
if (pcbData > 0)
{
invalidHandle = System.Security.Cryptography.CAPI.LocalAlloc(0x40, new IntPtr((long)pcbData));
if (!System.Security.Cryptography.CAPI.CAPISafe.CertGetCertificateContextProperty(System.Security.Cryptography.X509Certificates.X509Utils.GetCertContext(certificate), 0x16, invalidHandle, ref pcbData))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
Marshal.WriteInt32(ptr5, (int)pcbData);
Marshal.WriteIntPtr(ptr6, invalidHandle.DangerousGetHandle());
}
}
}
if (this.m_parentSignerInfo == null)
{
if (!System.Security.Cryptography.CAPI.CryptMsgControl(this.m_signedCms.GetCryptMsgHandle(), 0, 1, cert_context.pCertInfo))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
goto Label_02F4;
}
int num2 = -1;
int hr = 0;
Label_022F:
try
{
num2 = PkcsUtils.GetSignerIndex(this.m_signedCms.GetCryptMsgHandle(), this.m_parentSignerInfo, num2 + 1);
}
catch (CryptographicException)
{
if (hr == 0)
{
throw;
}
throw new CryptographicException(hr);
}
uint cbData = 0;
System.Security.Cryptography.SafeLocalAllocHandle pvData = System.Security.Cryptography.SafeLocalAllocHandle.InvalidHandle;
PkcsUtils.GetParam(this.m_signedCms.GetCryptMsgHandle(), 0x1c, (uint)num2, out pvData, out cbData);
if (cbData == 0)
{
hr = -2146885618;
goto Label_022F;
}
fixed(byte *numRef = this.m_encodedSignerInfo)
{
if (!System.Security.Cryptography.CAPI.CAPISafe.CryptMsgVerifyCountersignatureEncoded(IntPtr.Zero, 0x10001, pvData.DangerousGetHandle(), cbData, new IntPtr((void *)numRef), (uint)this.m_encodedSignerInfo.Length, cert_context.pCertInfo))
{
hr = Marshal.GetLastWin32Error();
goto Label_022F;
}
}
pvData.Dispose();
Label_02F4:
if (!verifySignatureOnly)
{
int num5 = VerifyCertificate(certificate, extraStore);
if (num5 != 0)
{
throw new CryptographicException(num5);
}
}
invalidHandle.Dispose();
}
