internal static unsafe uint AddCertsToMessage(SafeCryptMsgHandle safeCryptMsgHandle, X509Certificate2Collection bagOfCerts, X509Certificate2Collection chainOfCerts)
{
uint num = 0U;
foreach (X509Certificate2 certificate in chainOfCerts)
{
if (bagOfCerts.Find(X509FindType.FindByThumbprint, (object)certificate.Thumbprint, false).Count == 0)
{
CAPI.CERT_CONTEXT certContext = *(CAPI.CERT_CONTEXT *)(void *) X509Utils.GetCertContext(certificate).DangerousGetHandle();
if (!CAPI.CryptMsgControl(safeCryptMsgHandle, 0U, 10U, new IntPtr((long)&new CAPI.CRYPTOAPI_BLOB()
{
cbData = certContext.cbCertEncoded,
pbData = certContext.pbCertEncoded
})))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
++num;
}
}
return(num);
}
private static unsafe int VerifyCertificate(X509Certificate2 certificate, X509Certificate2Collection extraStore)
{
int num1;
int num2 = X509Utils.VerifyCertificate(X509Utils.GetCertContext(certificate), (OidCollection)null, (OidCollection)null, X509RevocationMode.Online, X509RevocationFlag.ExcludeRoot, DateTime.Now, new TimeSpan(0, 0, 0), extraStore, new IntPtr(1L), new IntPtr((void *)&num1));
if (num2 != 0)
{
return(num1);
}
foreach (X509Extension x509Extension in certificate.Extensions)
{
if (string.Compare(x509Extension.Oid.Value, "2.5.29.15", StringComparison.OrdinalIgnoreCase) == 0)
{
X509KeyUsageExtension keyUsageExtension = new X509KeyUsageExtension();
keyUsageExtension.CopyFrom((AsnEncodedData)x509Extension);
if ((keyUsageExtension.KeyUsages & X509KeyUsageFlags.DigitalSignature) == X509KeyUsageFlags.None && (keyUsageExtension.KeyUsages & X509KeyUsageFlags.NonRepudiation) == X509KeyUsageFlags.None)
{
num2 = -2146762480;
break;
}
}
}
return(num2);
}
internal static RecipientInfoType GetRecipientInfoType(X509Certificate2 certificate)
{
RecipientInfoType recipientInfoType = RecipientInfoType.Unknown;
if (certificate != null)
{
switch (X509Utils.OidToAlgId(((CAPI.CERT_INFO)Marshal.PtrToStructure(((CAPI.CERT_CONTEXT)Marshal.PtrToStructure(X509Utils.GetCertContext(certificate).DangerousGetHandle(), typeof(CAPI.CERT_CONTEXT))).pCertInfo, typeof(CAPI.CERT_INFO))).SubjectPublicKeyInfo.Algorithm.pszObjId))
{
case 41984U:
recipientInfoType = RecipientInfoType.KeyTransport;
break;
case 43521U:
case 43522U:
recipientInfoType = RecipientInfoType.KeyAgreement;
break;
default:
recipientInfoType = RecipientInfoType.Unknown;
break;
}
}
return(recipientInfoType);
}
internal static unsafe X509IssuerSerial DecodeIssuerSerial(CAPI.CERT_ISSUER_SERIAL_NUMBER pIssuerAndSerial)
{
SafeLocalAllocHandle invalidHandle = SafeLocalAllocHandle.InvalidHandle;
uint csz = CAPI.CAPISafe.CertNameToStrW(65537U, new IntPtr((void *)&pIssuerAndSerial.Issuer), 33554435U, invalidHandle, 0U);
if (csz <= 1U)
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
SafeLocalAllocHandle psz = CAPI.LocalAlloc(0U, new IntPtr((long)(2U * csz)));
if (CAPI.CAPISafe.CertNameToStrW(65537U, new IntPtr((void *)&pIssuerAndSerial.Issuer), 33554435U, psz, csz) <= 1U)
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
X509IssuerSerial x509IssuerSerial = new X509IssuerSerial();
x509IssuerSerial.IssuerName = Marshal.PtrToStringUni(psz.DangerousGetHandle());
byte[] numArray = new byte[(IntPtr)pIssuerAndSerial.SerialNumber.cbData];
Marshal.Copy(pIssuerAndSerial.SerialNumber.pbData, numArray, 0, numArray.Length);
x509IssuerSerial.SerialNumber = X509Utils.EncodeHexStringFromInt(numArray);
psz.Dispose();
return(x509IssuerSerial);
}
internal static string EncodeHexStringFromInt(byte[] sArray)
{
return(X509Utils.EncodeHexStringFromInt(sArray, 0U, (uint)sArray.Length));
}
internal static uint OidToAlgId(string value)
{
return(CAPI.CryptFindOIDInfo(1U, X509Utils.StringToAnsiPtr(value), 0U).Algid);
}
internal static byte[] DecodeHexString(string s)
{
string str = System.Security.Cryptography.Xml.Utils.DiscardWhiteSpaces(s);
uint num = (uint)str.Length / 2U;
byte[] numArray = new byte[(IntPtr)num];
int index1 = 0;
for (int index2 = 0; (long)index2 < (long)num; ++index2)
{
numArray[index2] = (byte)((uint)X509Utils.HexToByte(str[index1]) << 4 | (uint)X509Utils.HexToByte(str[index1 + 1]));
index1 += 2;
}
return(numArray);
}
private unsafe void Verify(X509Certificate2Collection extraStore, X509Certificate2 certificate, bool verifySignatureOnly)
{
SafeLocalAllocHandle pvData1 = SafeLocalAllocHandle.InvalidHandle;
CAPI.CERT_CONTEXT certContext = (CAPI.CERT_CONTEXT)Marshal.PtrToStructure(X509Utils.GetCertContext(certificate).DangerousGetHandle(), typeof(CAPI.CERT_CONTEXT));
IntPtr ptr1 = new IntPtr((long)new IntPtr((long)certContext.pCertInfo + (long)Marshal.OffsetOf(typeof(CAPI.CERT_INFO), "SubjectPublicKeyInfo")) + (long)Marshal.OffsetOf(typeof(CAPI.CERT_PUBLIC_KEY_INFO), "Algorithm"));
IntPtr num1 = new IntPtr((long)ptr1 + (long)Marshal.OffsetOf(typeof(CAPI.CRYPT_ALGORITHM_IDENTIFIER), "Parameters"));
if ((int)CAPI.CryptFindOIDInfo(1U, Marshal.ReadIntPtr(ptr1), 3U).Algid == 8704)
{
bool flag = false;
IntPtr ptr2 = new IntPtr((long)num1 + (long)Marshal.OffsetOf(typeof(CAPI.CRYPTOAPI_BLOB), "cbData"));
IntPtr ptr3 = new IntPtr((long)num1 + (long)Marshal.OffsetOf(typeof(CAPI.CRYPTOAPI_BLOB), "pbData"));
if (Marshal.ReadInt32(ptr2) == 0)
{
flag = true;
}
else if (Marshal.ReadIntPtr(ptr3) == IntPtr.Zero)
{
flag = true;
}
else if (Marshal.ReadInt32(Marshal.ReadIntPtr(ptr3)) == 5)
{
flag = true;
}
if (flag)
{
SafeCertChainHandle invalidHandle = SafeCertChainHandle.InvalidHandle;
X509Utils.BuildChain(new IntPtr(0L), X509Utils.GetCertContext(certificate), (X509Certificate2Collection)null, (OidCollection)null, (OidCollection)null, X509RevocationMode.NoCheck, X509RevocationFlag.ExcludeRoot, DateTime.Now, new TimeSpan(0, 0, 0), ref invalidHandle);
invalidHandle.Dispose();
uint pcbData = 0U;
if (!CAPI.CAPISafe.CertGetCertificateContextProperty(X509Utils.GetCertContext(certificate), 22U, pvData1, out pcbData))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
if (pcbData > 0U)
{
pvData1 = CAPI.LocalAlloc(64U, new IntPtr((long)pcbData));
if (!CAPI.CAPISafe.CertGetCertificateContextProperty(X509Utils.GetCertContext(certificate), 22U, pvData1, out pcbData))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
Marshal.WriteInt32(ptr2, (int)pcbData);
Marshal.WriteIntPtr(ptr3, pvData1.DangerousGetHandle());
}
}
}
if (this.m_parentSignerInfo == null)
{
if (!CAPI.CryptMsgControl(this.m_signedCms.GetCryptMsgHandle(), 0U, 1U, certContext.pCertInfo))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
}
else
{
int num2 = -1;
int hr = 0;
SafeLocalAllocHandle pvData2;
while (true)
{
try
{
num2 = PkcsUtils.GetSignerIndex(this.m_signedCms.GetCryptMsgHandle(), this.m_parentSignerInfo, num2 + 1);
}
catch (CryptographicException ex)
{
if (hr != 0)
{
throw new CryptographicException(hr);
}
throw;
}
uint cbData = 0U;
pvData2 = SafeLocalAllocHandle.InvalidHandle;
PkcsUtils.GetParam(this.m_signedCms.GetCryptMsgHandle(), 28U, (uint)num2, out pvData2, out cbData);
if ((int)cbData == 0)
{
hr = -2146885618;
}
else
{
fixed(byte *numPtr = this.m_encodedSignerInfo)
{
if (!CAPI.CAPISafe.CryptMsgVerifyCountersignatureEncoded(IntPtr.Zero, 65537U, pvData2.DangerousGetHandle(), cbData, new IntPtr((void *)numPtr), (uint)this.m_encodedSignerInfo.Length, certContext.pCertInfo))
{
hr = Marshal.GetLastWin32Error();
}
else
{
break;
}
}
}
}
// ISSUE: fixed variable is out of scope
// ISSUE: __unpin statement
__unpin(numPtr);
pvData2.Dispose();
}
if (!verifySignatureOnly)
{
int hr = SignerInfo.VerifyCertificate(certificate, extraStore);
if (hr != 0)
{
throw new CryptographicException(hr);
}
}
pvData1.Dispose();
}
internal AlgorithmIdentifier(CAPI.CRYPT_ALGORITHM_IDENTIFIER algorithmIdentifier)
{
int keyLength = 0;
uint cbDecodedValue = 0U;
SafeLocalAllocHandle decodedValue = SafeLocalAllocHandle.InvalidHandle;
byte[] numArray = new byte[0];
uint num = X509Utils.OidToAlgId(algorithmIdentifier.pszObjId);
switch (num)
{
case 26114U:
if (algorithmIdentifier.Parameters.cbData > 0U)
{
if (!CAPI.DecodeObject(new IntPtr(41L), algorithmIdentifier.Parameters.pbData, algorithmIdentifier.Parameters.cbData, out decodedValue, out cbDecodedValue))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
CAPI.CRYPT_RC2_CBC_PARAMETERS rc2CbcParameters = (CAPI.CRYPT_RC2_CBC_PARAMETERS)Marshal.PtrToStructure(decodedValue.DangerousGetHandle(), typeof(CAPI.CRYPT_RC2_CBC_PARAMETERS));
switch (rc2CbcParameters.dwVersion)
{
case 52U:
keyLength = 56;
break;
case 58U:
keyLength = 128;
break;
case 160U:
keyLength = 40;
break;
}
if (rc2CbcParameters.fIV)
{
numArray = (byte[])rc2CbcParameters.rgbIV.Clone();
break;
}
else
{
break;
}
}
else
{
break;
}
case 26625U:
case 26113U:
case 26115U:
if (algorithmIdentifier.Parameters.cbData > 0U)
{
if (!CAPI.DecodeObject(new IntPtr(25L), algorithmIdentifier.Parameters.pbData, algorithmIdentifier.Parameters.cbData, out decodedValue, out cbDecodedValue))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
if (cbDecodedValue > 0U)
{
if ((int)num == 26625)
{
CAPI.CRYPTOAPI_BLOB cryptoapiBlob = (CAPI.CRYPTOAPI_BLOB)Marshal.PtrToStructure(decodedValue.DangerousGetHandle(), typeof(CAPI.CRYPTOAPI_BLOB));
if (cryptoapiBlob.cbData > 0U)
{
numArray = new byte[(IntPtr)cryptoapiBlob.cbData];
Marshal.Copy(cryptoapiBlob.pbData, numArray, 0, numArray.Length);
}
}
else
{
numArray = new byte[(IntPtr)cbDecodedValue];
Marshal.Copy(decodedValue.DangerousGetHandle(), numArray, 0, numArray.Length);
}
}
}
keyLength = (int)num != 26625 ? ((int)num != 26113 ? 192 : 64) : 128 - numArray.Length * 8;
break;
default:
if (algorithmIdentifier.Parameters.cbData > 0U)
{
numArray = new byte[(IntPtr)algorithmIdentifier.Parameters.cbData];
Marshal.Copy(algorithmIdentifier.Parameters.pbData, numArray, 0, numArray.Length);
break;
}
else
{
break;
}
}
this.Reset(new Oid(algorithmIdentifier.pszObjId), keyLength, numArray);
decodedValue.Dispose();
}
internal SubjectIdentifier(CAPI.CRYPTOAPI_BLOB issuer, CAPI.CRYPTOAPI_BLOB serialNumber)
{
bool flag = true;
byte *numPtr = (byte *)(void *)serialNumber.pbData;
for (uint index = 0U; index < serialNumber.cbData; ++index)
{
if ((int)*numPtr++ != 0)
{
flag = false;
break;
}
}
if (flag)
{
byte[] numArray = new byte[(IntPtr)issuer.cbData];
Marshal.Copy(issuer.pbData, numArray, 0, numArray.Length);
if (string.Compare("CN=Dummy Signer", new X500DistinguishedName(numArray).Name, StringComparison.OrdinalIgnoreCase) == 0)
{
this.Reset(SubjectIdentifierType.NoSignature, (object)null);
return;
}
}
if (flag)
{
this.m_type = SubjectIdentifierType.SubjectKeyIdentifier;
this.m_value = (object)string.Empty;
uint cbDecodedValue = 0U;
SafeLocalAllocHandle decodedValue = SafeLocalAllocHandle.InvalidHandle;
if (!CAPI.DecodeObject(new IntPtr(7L), issuer.pbData, issuer.cbData, out decodedValue, out cbDecodedValue))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
using (decodedValue)
{
CAPI.CERT_NAME_INFO certNameInfo = (CAPI.CERT_NAME_INFO)Marshal.PtrToStructure(decodedValue.DangerousGetHandle(), typeof(CAPI.CERT_NAME_INFO));
for (uint index1 = 0U; index1 < certNameInfo.cRDN; ++index1)
{
CAPI.CERT_RDN certRdn = (CAPI.CERT_RDN)Marshal.PtrToStructure(new IntPtr((long)certNameInfo.rgRDN + (long)index1 * (long)Marshal.SizeOf(typeof(CAPI.CERT_RDN))), typeof(CAPI.CERT_RDN));
for (uint index2 = 0U; index2 < certRdn.cRDNAttr; ++index2)
{
CAPI.CERT_RDN_ATTR certRdnAttr = (CAPI.CERT_RDN_ATTR)Marshal.PtrToStructure(new IntPtr((long)certRdn.rgRDNAttr + (long)index2 * (long)Marshal.SizeOf(typeof(CAPI.CERT_RDN_ATTR))), typeof(CAPI.CERT_RDN_ATTR));
if (string.Compare("1.3.6.1.4.1.311.10.7.1", certRdnAttr.pszObjId, StringComparison.OrdinalIgnoreCase) == 0 && (int)certRdnAttr.dwValueType == 2)
{
byte[] numArray = new byte[(IntPtr)certRdnAttr.Value.cbData];
Marshal.Copy(certRdnAttr.Value.pbData, numArray, 0, numArray.Length);
this.Reset(SubjectIdentifierType.SubjectKeyIdentifier, (object)X509Utils.EncodeHexString(numArray));
return;
}
}
}
}
throw new CryptographicException(-2146889715);
}
else
{
CAPI.CERT_ISSUER_SERIAL_NUMBER pIssuerAndSerial;
pIssuerAndSerial.Issuer = issuer;
pIssuerAndSerial.SerialNumber = serialNumber;
this.Reset(SubjectIdentifierType.IssuerAndSerialNumber, (object)PkcsUtils.DecodeIssuerSerial(pIssuerAndSerial));
}
}
internal static unsafe CAPI.CMSG_SIGNER_ENCODE_INFO CreateSignerEncodeInfo(CmsSigner signer, bool silent)
{
CAPI.CMSG_SIGNER_ENCODE_INFO signerEncodeInfo = new CAPI.CMSG_SIGNER_ENCODE_INFO(Marshal.SizeOf(typeof(CAPI.CMSG_SIGNER_ENCODE_INFO)));
SafeCryptProvHandle invalidHandle1 = SafeCryptProvHandle.InvalidHandle;
uint pdwKeySpec = 0U;
bool pfCallerFreeProv = false;
signerEncodeInfo.HashAlgorithm.pszObjId = signer.DigestAlgorithm.Value;
if (string.Compare(signer.Certificate.PublicKey.Oid.Value, "1.2.840.10040.4.1", StringComparison.Ordinal) == 0)
{
signerEncodeInfo.HashEncryptionAlgorithm.pszObjId = "1.2.840.10040.4.3";
}
signerEncodeInfo.cAuthAttr = (uint)signer.SignedAttributes.Count;
signerEncodeInfo.rgAuthAttr = PkcsUtils.CreateCryptAttributes(signer.SignedAttributes);
signerEncodeInfo.cUnauthAttr = (uint)signer.UnsignedAttributes.Count;
signerEncodeInfo.rgUnauthAttr = PkcsUtils.CreateCryptAttributes(signer.UnsignedAttributes);
if (signer.SignerIdentifierType == SubjectIdentifierType.NoSignature)
{
signerEncodeInfo.HashEncryptionAlgorithm.pszObjId = "1.3.6.1.5.5.7.6.2";
signerEncodeInfo.pCertInfo = IntPtr.Zero;
signerEncodeInfo.dwKeySpec = pdwKeySpec;
if (!CAPI.CryptAcquireContext(out invalidHandle1, (string)null, (string)null, 1U, 4026531840U))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
signerEncodeInfo.hCryptProv = invalidHandle1.DangerousGetHandle();
GC.SuppressFinalize((object)invalidHandle1);
signerEncodeInfo.SignerId.dwIdChoice = 1U;
X500DistinguishedName distinguishedName = new X500DistinguishedName("CN=Dummy Signer");
distinguishedName.Oid = new Oid("1.3.6.1.4.1.311.21.9");
signerEncodeInfo.SignerId.Value.IssuerSerialNumber.Issuer.cbData = (uint)distinguishedName.RawData.Length;
SafeLocalAllocHandle localAllocHandle1 = CAPI.LocalAlloc(64U, new IntPtr((long)signerEncodeInfo.SignerId.Value.IssuerSerialNumber.Issuer.cbData));
Marshal.Copy(distinguishedName.RawData, 0, localAllocHandle1.DangerousGetHandle(), distinguishedName.RawData.Length);
signerEncodeInfo.SignerId.Value.IssuerSerialNumber.Issuer.pbData = localAllocHandle1.DangerousGetHandle();
GC.SuppressFinalize((object)localAllocHandle1);
signerEncodeInfo.SignerId.Value.IssuerSerialNumber.SerialNumber.cbData = 1U;
SafeLocalAllocHandle localAllocHandle2 = CAPI.LocalAlloc(64U, new IntPtr((long)signerEncodeInfo.SignerId.Value.IssuerSerialNumber.SerialNumber.cbData));
*(sbyte *)(void *)localAllocHandle2.DangerousGetHandle() = (sbyte)0;
signerEncodeInfo.SignerId.Value.IssuerSerialNumber.SerialNumber.pbData = localAllocHandle2.DangerousGetHandle();
GC.SuppressFinalize((object)localAllocHandle2);
return(signerEncodeInfo);
}
else
{
System.Security.Cryptography.SafeCertContextHandle certContext1 = X509Utils.GetCertContext(signer.Certificate);
if (!CAPI.CAPISafe.CryptAcquireCertificatePrivateKey(certContext1, silent ? 70U : 6U, IntPtr.Zero, out invalidHandle1, out pdwKeySpec, out pfCallerFreeProv))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
signerEncodeInfo.dwKeySpec = pdwKeySpec;
signerEncodeInfo.hCryptProv = invalidHandle1.DangerousGetHandle();
GC.SuppressFinalize((object)invalidHandle1);
CAPI.CERT_CONTEXT certContext2 = *(CAPI.CERT_CONTEXT *)(void *) certContext1.DangerousGetHandle();
signerEncodeInfo.pCertInfo = certContext2.pCertInfo;
if (signer.SignerIdentifierType == SubjectIdentifierType.SubjectKeyIdentifier)
{
uint pcbData = 0U;
SafeLocalAllocHandle invalidHandle2 = SafeLocalAllocHandle.InvalidHandle;
if (!CAPI.CAPISafe.CertGetCertificateContextProperty(certContext1, 20U, invalidHandle2, out pcbData))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
if (pcbData > 0U)
{
SafeLocalAllocHandle pvData = CAPI.LocalAlloc(64U, new IntPtr((long)pcbData));
if (!CAPI.CAPISafe.CertGetCertificateContextProperty(certContext1, 20U, pvData, out pcbData))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
signerEncodeInfo.SignerId.dwIdChoice = 2U;
signerEncodeInfo.SignerId.Value.KeyId.cbData = pcbData;
signerEncodeInfo.SignerId.Value.KeyId.pbData = pvData.DangerousGetHandle();
GC.SuppressFinalize((object)pvData);
}
}
return(signerEncodeInfo);
}
}
internal static unsafe int GetSignerIndex(SafeCryptMsgHandle safeCrytpMsgHandle, SignerInfo signerInfo, int startIndex)
{
uint num1 = 0U;
uint num2 = (uint)Marshal.SizeOf(typeof(uint));
if (!CAPI.CAPISafe.CryptMsgGetParam(safeCrytpMsgHandle, 5U, 0U, new IntPtr((void *)&num1), new IntPtr((void *)&num2)))
{
PkcsUtils.checkErr(Marshal.GetLastWin32Error());
}
for (int index = startIndex; index < (int)num1; ++index)
{
uint num3 = 0U;
if (!CAPI.CAPISafe.CryptMsgGetParam(safeCrytpMsgHandle, 6U, (uint)index, IntPtr.Zero, new IntPtr((void *)&num3)))
{
PkcsUtils.checkErr(Marshal.GetLastWin32Error());
}
if (num3 > 0U)
{
SafeLocalAllocHandle pvData = CAPI.LocalAlloc(0U, new IntPtr((long)num3));
if (!CAPI.CAPISafe.CryptMsgGetParam(safeCrytpMsgHandle, 6U, (uint)index, pvData, new IntPtr((void *)&num3)))
{
PkcsUtils.checkErr(Marshal.GetLastWin32Error());
}
CAPI.CMSG_SIGNER_INFO cmsgSignerInfo1 = signerInfo.GetCmsgSignerInfo();
CAPI.CMSG_SIGNER_INFO cmsgSignerInfo2 = (CAPI.CMSG_SIGNER_INFO)Marshal.PtrToStructure(pvData.DangerousGetHandle(), typeof(CAPI.CMSG_SIGNER_INFO));
if (X509Utils.MemEqual((byte *)(void *)cmsgSignerInfo1.Issuer.pbData, cmsgSignerInfo1.Issuer.cbData, (byte *)(void *)cmsgSignerInfo2.Issuer.pbData, cmsgSignerInfo2.Issuer.cbData) && X509Utils.MemEqual((byte *)(void *)cmsgSignerInfo1.SerialNumber.pbData, cmsgSignerInfo1.SerialNumber.cbData, (byte *)(void *)cmsgSignerInfo2.SerialNumber.pbData, cmsgSignerInfo2.SerialNumber.cbData))
{
return(index);
}
pvData.Dispose();
}
}
throw new CryptographicException(-2146889714);
}