public static Signature SetFileSignature(string file, X509Certificate2 cert, string timestamp)
{
NativeStructs.SigningOption options = NativeStructs.SigningOption.AddFullCertificateChain;
string defaultAlgorithm = "SHA1";
if (cert == null)
{
X509Store store = new X509Store("MY", StoreLocation.CurrentUser);
store.Open(OpenFlags.MaxAllowed);
foreach (X509Certificate2 storedCert in store.Certificates)
{
if (CertIsGoodForSigning(storedCert))
{
cert = storedCert; break;
}
}
if (cert == null)
{
throw new InvalidDataException("Could not locate a appropriate certificate");
}
}
if (timestamp == null)
{
timestamp = "http://timestamp.comodoca.com/authenticode";
}
return(SignFile(options, file, cert, timestamp, defaultAlgorithm));
}
private static Signature SignFile(NativeStructs.SigningOption option, string fileName, X509Certificate2 certificate, string timeStampServerUrl, string hashAlgorithm)
{
System.Management.Automation.Signature signature = (System.Management.Automation.Signature)null;
IntPtr num = IntPtr.Zero;
uint error = 0U;
string hashAlgorithm1 = (string)null;
CheckArgForNullOrEmpty(fileName, "fileName");
CheckArgForNull((object)certificate, "certificate");
if (!string.IsNullOrEmpty(timeStampServerUrl) && (timeStampServerUrl.Length <= 7 || timeStampServerUrl.IndexOf("http://", StringComparison.OrdinalIgnoreCase) != 0))
{
throw new ArgumentException("Time stamp server url required");
}
if (!string.IsNullOrEmpty(hashAlgorithm))
{
IntPtr oidInfo = CRYPT32.CryptFindOIDInfo(2U, Marshal.StringToHGlobalUni(hashAlgorithm), 0U);
if (oidInfo == IntPtr.Zero)
{
throw new ArgumentException("Invalid hash algorithm");
}
hashAlgorithm1 = ((NativeStructs.CRYPT_OID_INFO)Marshal.PtrToStructure(oidInfo, typeof(NativeStructs.CRYPT_OID_INFO))).pszOID;
}
if (!CertIsGoodForSigning(certificate))
{
throw new ArgumentException("Supplied certificate cannot be used to sign files.");
}
CheckIfFileExists(fileName);
try
{
string timeStampServerUrl1 = (string)null;
if (!string.IsNullOrEmpty(timeStampServerUrl))
{
timeStampServerUrl1 = timeStampServerUrl;
}
NativeStructs.CRYPTUI_WIZ_DIGITAL_SIGN_INFO wizDigitalSignInfo = NativeStructs.InitSignInfoStruct(fileName, certificate, timeStampServerUrl1, hashAlgorithm1, option);
num = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)wizDigitalSignInfo));
Marshal.StructureToPtr((object)wizDigitalSignInfo, num, false);
bool flag = CRYPTUI.CryptUIWizDigitalSign(1U, IntPtr.Zero, IntPtr.Zero, num, IntPtr.Zero);
Marshal.DestroyStructure(wizDigitalSignInfo.pSignExtInfo, typeof(NativeStructs.CRYPTUI_WIZ_DIGITAL_SIGN_EXTENDED_INFO));
Marshal.FreeCoTaskMem(wizDigitalSignInfo.pSignExtInfo);
if (!flag)
{
error = SignatureHelper.GetLastWin32Error();
switch (error)
{
case 2147500037U:
case 2147942401U:
case 2147954407U:
flag = true;
break;
case 2148073480U:
throw new ArgumentException("InvalidHashAlgorithm");
default:
throw new ArgumentException(string.Format("CryptUIWizDigitalSign: failed: {0:x}", new object[1]
{
(object)error
}));
}
}
signature = !flag?SignatureProxy.GenerateSignature(fileName, error) : SignatureHelper.GetSignature(fileName);
}
finally
{
Marshal.DestroyStructure(num, typeof(NativeStructs.CRYPTUI_WIZ_DIGITAL_SIGN_INFO));
Marshal.FreeCoTaskMem(num);
}
return(signature);
}
