public static Signature SetFileSignature(string file, X509Certificate2 cert, string timestamp) { NativeStructs.SigningOption options = NativeStructs.SigningOption.AddFullCertificateChain; string defaultAlgorithm = "SHA1"; if (cert == null) { X509Store store = new X509Store("MY", StoreLocation.CurrentUser); store.Open(OpenFlags.MaxAllowed); foreach (X509Certificate2 storedCert in store.Certificates) { if (CertIsGoodForSigning(storedCert)) { cert = storedCert; break; } } if (cert == null) { throw new InvalidDataException("Could not locate a appropriate certificate"); } } if (timestamp == null) { timestamp = "http://timestamp.comodoca.com/authenticode"; } return(SignFile(options, file, cert, timestamp, defaultAlgorithm)); }
private static Signature SignFile(NativeStructs.SigningOption option, string fileName, X509Certificate2 certificate, string timeStampServerUrl, string hashAlgorithm) { System.Management.Automation.Signature signature = (System.Management.Automation.Signature)null; IntPtr num = IntPtr.Zero; uint error = 0U; string hashAlgorithm1 = (string)null; CheckArgForNullOrEmpty(fileName, "fileName"); CheckArgForNull((object)certificate, "certificate"); if (!string.IsNullOrEmpty(timeStampServerUrl) && (timeStampServerUrl.Length <= 7 || timeStampServerUrl.IndexOf("http://", StringComparison.OrdinalIgnoreCase) != 0)) { throw new ArgumentException("Time stamp server url required"); } if (!string.IsNullOrEmpty(hashAlgorithm)) { IntPtr oidInfo = CRYPT32.CryptFindOIDInfo(2U, Marshal.StringToHGlobalUni(hashAlgorithm), 0U); if (oidInfo == IntPtr.Zero) { throw new ArgumentException("Invalid hash algorithm"); } hashAlgorithm1 = ((NativeStructs.CRYPT_OID_INFO)Marshal.PtrToStructure(oidInfo, typeof(NativeStructs.CRYPT_OID_INFO))).pszOID; } if (!CertIsGoodForSigning(certificate)) { throw new ArgumentException("Supplied certificate cannot be used to sign files."); } CheckIfFileExists(fileName); try { string timeStampServerUrl1 = (string)null; if (!string.IsNullOrEmpty(timeStampServerUrl)) { timeStampServerUrl1 = timeStampServerUrl; } NativeStructs.CRYPTUI_WIZ_DIGITAL_SIGN_INFO wizDigitalSignInfo = NativeStructs.InitSignInfoStruct(fileName, certificate, timeStampServerUrl1, hashAlgorithm1, option); num = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)wizDigitalSignInfo)); Marshal.StructureToPtr((object)wizDigitalSignInfo, num, false); bool flag = CRYPTUI.CryptUIWizDigitalSign(1U, IntPtr.Zero, IntPtr.Zero, num, IntPtr.Zero); Marshal.DestroyStructure(wizDigitalSignInfo.pSignExtInfo, typeof(NativeStructs.CRYPTUI_WIZ_DIGITAL_SIGN_EXTENDED_INFO)); Marshal.FreeCoTaskMem(wizDigitalSignInfo.pSignExtInfo); if (!flag) { error = SignatureHelper.GetLastWin32Error(); switch (error) { case 2147500037U: case 2147942401U: case 2147954407U: flag = true; break; case 2148073480U: throw new ArgumentException("InvalidHashAlgorithm"); default: throw new ArgumentException(string.Format("CryptUIWizDigitalSign: failed: {0:x}", new object[1] { (object)error })); } } signature = !flag?SignatureProxy.GenerateSignature(fileName, error) : SignatureHelper.GetSignature(fileName); } finally { Marshal.DestroyStructure(num, typeof(NativeStructs.CRYPTUI_WIZ_DIGITAL_SIGN_INFO)); Marshal.FreeCoTaskMem(num); } return(signature); }