/*****************************************************************************/
static void CAPIDecryptFile(string szSource, string szDestination, string szPassword)
{
SafeHCRYPTKEY hKey = default;
int dwCount;
// Open source file.
// Open destination file.
using (FileStream hSource = File.OpenRead(szSource), hDestination = File.Create(szDestination))
{
// Get handle to the CSP. In order to be used with different OSs
// with different default provides, the CSP is explicitly set.
// If the Microsoft Enhanced Provider is not installed, set parameter
// three to MS_DEF_PROV
if (!CryptAcquireContext(out var hProv, default, "Microsoft Enhanced Cryptographic Provider v1.0", CryptProviderType.PROV_RSA_FULL, 0))
private static void Main(string[] args)
{
SafeHCRYPTPROV hProv = null;
SafeHCRYPTKEY hPubKey = null;
string szCertificateName = default;
string szStoreName = default;
string szContainerName = default;
var dwOpenFlags = CertStoreFlags.CERT_SYSTEM_STORE_CURRENT_USER;
CryptAcquireContextFlags dwAcquireFlags = 0;
var dwKeySpec = CertKeySpec.AT_SIGNATURE;
ALG_ID AlgId;
if (args.Length != 8)
{
PrintUsage();
return;
}
try
{
// Determine hash algorithm
if (StringComparer.InvariantCultureIgnoreCase.Compare(args[0], "sha1") == 0)
{
AlgId = ALG_ID.CALG_SHA1;
}
else if (StringComparer.InvariantCultureIgnoreCase.Compare(args[0], "md5") == 0)
{
AlgId = ALG_ID.CALG_MD5;
}
else
{
PrintUsage();
return;
}
bool fSign;
if (StringComparer.InvariantCultureIgnoreCase.Compare(args[1], "/s") == 0)
{
fSign = true;
}
else if (StringComparer.InvariantCultureIgnoreCase.Compare(args[1], "/v") == 0)
{
fSign = false;
}
else
{
PrintUsage();
return;
}
var szFileToSign = args[2];
var szSigFile = args[3];
bool fUseCert;
// check to see if user wants to use a certificate
if (StringComparer.InvariantCultureIgnoreCase.Compare(args[4], "/cert") == 0)
{
fUseCert = true;
szCertificateName = args[5];
szStoreName = args[6];
// Determine if we have to use user or machine store
if (StringComparer.InvariantCultureIgnoreCase.Compare(args[7], "u") == 0)
{
dwOpenFlags = CertStoreFlags.CERT_SYSTEM_STORE_CURRENT_USER;
}
else if (StringComparer.InvariantCultureIgnoreCase.Compare(args[7], "m") == 0)
{
dwOpenFlags = CertStoreFlags.CERT_SYSTEM_STORE_LOCAL_MACHINE;
}
else
{
PrintUsage();
return;
}
}
else if (StringComparer.InvariantCultureIgnoreCase.Compare(args[4], "/key") == 0)
{
fUseCert = false;
szContainerName = args[5];
if (StringComparer.InvariantCultureIgnoreCase.Compare(args[6], "u") == 0)
{
dwAcquireFlags = 0;
}
else if (StringComparer.InvariantCultureIgnoreCase.Compare(args[6], "m") == 0)
{
dwAcquireFlags = CryptAcquireContextFlags.CRYPT_MACHINE_KEYSET;
}
else
{
PrintUsage();
return;
}
// Use exchange key or signature key
if (StringComparer.InvariantCultureIgnoreCase.Compare(args[7], "x") == 0)
{
dwKeySpec = CertKeySpec.AT_KEYEXCHANGE;
}
else if (StringComparer.InvariantCultureIgnoreCase.Compare(args[7], "s") == 0)
{
dwKeySpec = CertKeySpec.AT_SIGNATURE;
}
else
{
PrintUsage();
return;
}
}
else
{
PrintUsage();
return;
}
bool fResult;
if (fUseCert)
{
using var pCertContext = GetCertificateContextFromName(szCertificateName, szStoreName, dwOpenFlags);
if (pCertContext.IsInvalid)
{
throw new Exception();
}
fResult = GetRSAKeyFromCert(pCertContext, fSign, out hProv, out hPubKey, out dwKeySpec, out _);
if (!fResult)
{
throw new Exception();
}
}
else
{
fResult = GetRSAKeyFromContainer(szContainerName, dwAcquireFlags, dwKeySpec, out hProv, out hPubKey);
if (!fResult)
{
throw new Exception();
}
}
fResult = SignVerifyFile(hProv, hPubKey, dwKeySpec, AlgId, szFileToSign, szSigFile, fSign);
if (!fResult)
{
throw new Exception();
}
if (fSign)
{
MyPrintf(("File %s hashed and signed successfully!\n"), szFileToSign);
}
else
{
MyPrintf(("File %s verified successfully!\n"), szSigFile);
}
}
finally
{
// Clean up
}
}
