internal CmiAuthenticodeSignerInfo(Win32.AXL_SIGNER_INFO signerInfo, Win32.AXL_TIMESTAMPER_INFO timestamperInfo) { _error = (int)signerInfo.dwError; if (signerInfo.pChainContext != IntPtr.Zero) { _signerChain = new X509Chain(signerInfo.pChainContext); } _algHash = signerInfo.algHash; if (signerInfo.pwszHash != IntPtr.Zero) { _hash = Marshal.PtrToStringUni(signerInfo.pwszHash); } if (signerInfo.pwszDescription != IntPtr.Zero) { _description = Marshal.PtrToStringUni(signerInfo.pwszDescription); } if (signerInfo.pwszDescriptionUrl != IntPtr.Zero) { _descriptionUrl = Marshal.PtrToStringUni(signerInfo.pwszDescriptionUrl); } if ((int)timestamperInfo.dwError != Win32.TRUST_E_NOSIGNATURE) { _timestamperInfo = new CmiAuthenticodeTimestamperInfo(timestamperInfo); } }
internal CmiAuthenticodeSignerInfo(Win32.AXL_SIGNER_INFO signerInfo, Win32.AXL_TIMESTAMPER_INFO timestamperInfo) { this.m_error = (int)signerInfo.dwError; if (signerInfo.pChainContext != IntPtr.Zero) { this.m_signerChain = new X509Chain(signerInfo.pChainContext); } this.m_algHash = signerInfo.algHash; if (signerInfo.pwszHash != IntPtr.Zero) { this.m_hash = Marshal.PtrToStringUni(signerInfo.pwszHash); } if (signerInfo.pwszDescription != IntPtr.Zero) { this.m_description = Marshal.PtrToStringUni(signerInfo.pwszDescription); } if (signerInfo.pwszDescriptionUrl != IntPtr.Zero) { this.m_descriptionUrl = Marshal.PtrToStringUni(signerInfo.pwszDescriptionUrl); } if ((int)timestamperInfo.dwError == -2146762496) { return; } this.m_timestamperInfo = new CmiAuthenticodeTimestamperInfo(timestamperInfo); }
private unsafe void VerifyLicense(CmiManifestVerifyFlags verifyFlags, bool oldFormat) { XmlNamespaceManager namespaceManager = new XmlNamespaceManager(this.m_manifestDom.NameTable); namespaceManager.AddNamespace("asm", "urn:schemas-microsoft-com:asm.v1"); namespaceManager.AddNamespace("asm2", "urn:schemas-microsoft-com:asm.v2"); namespaceManager.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#"); namespaceManager.AddNamespace("msrel", "http://schemas.microsoft.com/windows/rel/2005/reldata"); namespaceManager.AddNamespace("r", "urn:mpeg:mpeg21:2003:01-REL-R-NS"); namespaceManager.AddNamespace("as", "http://schemas.microsoft.com/windows/pki/2005/Authenticode"); XmlElement xmlElement = this.m_manifestDom.SelectSingleNode("asm:assembly/ds:Signature/ds:KeyInfo/msrel:RelData/r:license", namespaceManager) as XmlElement; if (xmlElement == null) { return; } this.VerifyAssemblyIdentity(namespaceManager); this.m_authenticodeSignerInfo = new CmiAuthenticodeSignerInfo(-2146762485); byte[] bytes = Encoding.UTF8.GetBytes(xmlElement.OuterXml); fixed(byte *numPtr = bytes) { Win32.AXL_SIGNER_INFO pSignerInfo = new Win32.AXL_SIGNER_INFO(); pSignerInfo.cbSize = (uint)Marshal.SizeOf(typeof(Win32.AXL_SIGNER_INFO)); Win32.AXL_TIMESTAMPER_INFO pTimestamperInfo = new Win32.AXL_TIMESTAMPER_INFO(); pTimestamperInfo.cbSize = (uint)Marshal.SizeOf(typeof(Win32.AXL_TIMESTAMPER_INFO)); Win32.CRYPT_DATA_BLOB pLicenseBlob = new Win32.CRYPT_DATA_BLOB(); IntPtr num = new IntPtr((void *)numPtr); pLicenseBlob.cbData = (uint)bytes.Length; pLicenseBlob.pbData = num; int hr = Win32.CertVerifyAuthenticodeLicense(ref pLicenseBlob, (uint)verifyFlags, out pSignerInfo, out pTimestamperInfo); if (-2146762496 != (int)pSignerInfo.dwError) { this.m_authenticodeSignerInfo = new CmiAuthenticodeSignerInfo(pSignerInfo, pTimestamperInfo); } Win32.CertFreeAuthenticodeSignerInfo(ref pSignerInfo); Win32.CertFreeAuthenticodeTimestamperInfo(ref pTimestamperInfo); if (hr != 0) { throw new CryptographicException(hr); } } if (oldFormat) { return; } this.VerifyPublisherIdentity(namespaceManager); }
// // Privates. // private void VerifyLicense(CmiManifestVerifyFlags verifyFlags, bool oldFormat) { XmlNamespaceManager nsm = new XmlNamespaceManager(_manifestDom.NameTable); nsm.AddNamespace("asm", AssemblyNamespaceUri); nsm.AddNamespace("asm2", AssemblyV2NamespaceUri); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); nsm.AddNamespace("msrel", MSRelNamespaceUri); nsm.AddNamespace("r", LicenseNamespaceUri); nsm.AddNamespace("as", AuthenticodeNamespaceUri); // We are done if no license. XmlElement licenseNode = _manifestDom.SelectSingleNode("asm:assembly/ds:Signature/ds:KeyInfo/msrel:RelData/r:license", nsm) as XmlElement; if (licenseNode == null) { return; } // Make sure this license is for this manifest. VerifyAssemblyIdentity(nsm); // Found a license, so instantiate signer info property. _authenticodeSignerInfo = new CmiAuthenticodeSignerInfo(Win32.TRUST_E_FAIL); unsafe { byte[] licenseXml = Encoding.UTF8.GetBytes(licenseNode.OuterXml); fixed (byte* pbLicense = licenseXml) { Win32.AXL_SIGNER_INFO signerInfo = new Win32.AXL_SIGNER_INFO(); signerInfo.cbSize = (uint)Marshal.SizeOf<Win32.AXL_SIGNER_INFO>(); Win32.AXL_TIMESTAMPER_INFO timestamperInfo = new Win32.AXL_TIMESTAMPER_INFO(); timestamperInfo.cbSize = (uint)Marshal.SizeOf<Win32.AXL_TIMESTAMPER_INFO>(); Win32.CRYPT_DATA_BLOB licenseBlob = new Win32.CRYPT_DATA_BLOB(); IntPtr pvLicense = new IntPtr(pbLicense); licenseBlob.cbData = (uint)licenseXml.Length; licenseBlob.pbData = pvLicense; int hr = Win32.CertVerifyAuthenticodeLicense(ref licenseBlob, (uint)verifyFlags, ref signerInfo, ref timestamperInfo); if (Win32.TRUST_E_NOSIGNATURE != (int)signerInfo.dwError) { _authenticodeSignerInfo = new CmiAuthenticodeSignerInfo(signerInfo, timestamperInfo); } Win32.CertFreeAuthenticodeSignerInfo(ref signerInfo); Win32.CertFreeAuthenticodeTimestamperInfo(ref timestamperInfo); if (hr != Win32.S_OK) { throw new CryptographicException(hr); } } } if (!oldFormat) // Make sure we have the intended Authenticode signer. VerifyPublisherIdentity(nsm); }
internal static extern int CertFreeAuthenticodeSignerInfo([In] ref Win32.AXL_SIGNER_INFO pSignerInfo);
internal static extern int CertVerifyAuthenticodeLicense([In] ref Win32.CRYPT_DATA_BLOB pLicenseBlob, [In] uint dwFlags, [In, Out] ref Win32.AXL_SIGNER_INFO pSignerInfo, [In, Out] ref Win32.AXL_TIMESTAMPER_INFO pTimestamperInfo);