如何在c＃中使用Crypt32进行解密时找到正确的证书？

Question

我尝试解密一个ecrypted文件。发件人从测试环境发送了2个文件，其中一个来自pord one。我可以解密prod版本，但我无法解密测试版本。

当尝试解密好的verison时，我的工具使用我的证书进行解密，但是当我尝试解密错误的版本时，它会尝试使用发件人的证书进行解密。 （但我没有发送者的私钥，当然:)）

我对发件人说，你做错了，但他说，产品和测试是一样的，他看到文件上的两个标志，我试图使用错误的证书。

但我不知道如何使用优质证书？

我使用C＃中的Crypt32.dll，这是简化代码：

// Prepare stream for encoded info
m_callbackFile = decodedFile;

// Set callback for streaming
StreamInfo = Win32.CreateStreamInfo( (int) encodedFile.Length, new Win32.StreamOutputCallbackDelegate( StreamOutputCallback ) );

// Open message to encode
m_hMsg = Win32.OpenMessageToDecode( StreamInfo );

     // Open message to decode: call API:
    hMsg = CryptMsgOpenToDecode(
        X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
        bDetached ? CMSG_DETACHED_FLAG : 0,
        0,
        IntPtr.Zero,
        IntPtr.Zero,
        ref StreamInfo
    );

// Process the whole message
Win32.ProcessMessage( m_hMsg, encodedFile );

    // ProcessMessage: read file from piece to piece, and call API:
    bResult = CryptMsgUpdate(
        hMsg.DangerousGetHandle(),
        new IntPtr( pAux ),
        pbData.Length,
        bFinal
    );


// With enveloped messages we have to verify that we got a valid encryption algorithm
Win32.CheckEnvelopeAlg( m_hMsg );

    // CheckEnvelopeAlg: read the crypth algorithm id from message
    bResult = CryptMsgGetParam(
        hMsg,
        dwParamType, // 15 - CMSG_ENVELOPE_ALGORITHM_PARAM
        dwIndex,
        pParam,
        ref cbParam
    );
    // result is:
    AlgId = (CRYPT_ALGORITHM_IDENTIFIER) Marshal.PtrToStructure( pEnvelopeAlg.DangerousGetHandle(), typeof( CRYPT_ALGORITHM_IDENTIFIER ) );
    // "2.16.840.1.101.3.4.1.2"


// Decrypt the message
Win32.Decrypt( m_hMsg );
    // Get recipient cert
    bResult = CryptMsgGetParam(
        hMsg,
        dwParamType, // 19 - CMSG_RECIPIENT_INFO_PARAM
        dwIndex,
        pParam,
        ref cbParam
    );
    // return with SafeNTHeapHandle pCertInfo

    // Open personal cert store
  hStore = CertOpenSystemStore(
      IntPtr.Zero,
      "MY"
    );

  CERT_INFO certInfo = (CERT_INFO) Marshal.PtrToStructure( pCertInfo.DangerousGetHandle(), typeof( CERT_INFO ) );
    // we can read the serial of the cert from this certInfo
    // this serial is our certificate in the prod case, but this serial is the sender's certificate in the uatcase!

我做错了什么？我怎样才能解密这两个文件？ （我试图找到一个工具来监视/分析Windows下的加密文件，但没有找到任何有用的工具:(你能建议吗？:)）

Answer 1

Problem is: more than 1 "recipients" are on the file. i did a loop, where i try to read the current "recipient's" certificate (and its private key), but take the next "recipient" when it failed.

// GetCountOfKeyTransferRecipients
            GetMessageParam( hMsg, Win32.CMSG_RECIPIENT_COUNT_PARAM, out pRecipientsCount );
            Int32 recipientsCount = (Int32) Marshal.ReadInt32( pRecipientsCount.DangerousGetHandle() );

            Logger.Log( "Recipientek száma:" + recipientsCount.ToString(), Logger.Level.ERROR );
            Boolean succes = false;
            Int32 recipientIndex = 0;
            for (recipientIndex = 0; recipientIndex < recipientsCount; recipientIndex++)
            {
                succes = GetCertificateFromStore( hMsg, recipientIndex, out KeyProvInfo ); // try-catch is inside...
                if (succes)
                {
                    break;
                }
            }
            if (!succes)
            {
                throw new Exception( "Get message certificate failed! See previous errors in the log file." );
            }