search

CryptoPro / corefx

This repo contains the .NET Core foundational libraries, called CoreFX. It includes classes for collections, file systems, console, XML, async and many others. We welcome contributions.
https://github.com/dotnet/core
MIT License
27 stars 7 forks source link

Unable to find an entry point named 'CertAddCertificateLinkToStore' in shared library 'libcapi20' #22

Closed AlexeyAKat closed 4 years ago

AlexeyAKat commented 4 years ago

The following test code works on Windows and throws an exception on linux:

var contentInfo = new ContentInfo(new Oid("1.2.840.113549.1.7.1"), data);
var signedCms = new SignedCms(contentInfo, true);

// signerCert - X509Certificate2 object of Gost certificate
var cmsSigner = new CmsSigner(signerCert) { IncludeOption = X509IncludeOption.EndCertOnly };

cmsSigner.SignedAttributes.Add(new Pkcs9SigningTime());
signedCms.ComputeSignature(cmsSigner);

var signerInfo = signedCms.SignerInfos[0];

// throws an exception
signerInfo.CheckSignature(true);
// also throws this exception
var cert = signerInfo.Certificate;
Exception stack trace:
"System.EntryPointNotFoundException" in System.Security.Cryptography.X509Certificates.dll: 'Unable to find an entry point named 'CertAddCertificateLinkToStore' in shared library 'libcapi20'.
   at Interop.crypt32.CertAddCertificateLinkToStore(SafeCertStoreHandle hCertStore, SafeCertContextHandle pCertContext, CertStoreAddDisposition dwAddDisposition, IntPtr ppStoreContext)
   at Internal.Cryptography.Pal.StorePal.LinkFromCertificateCollection(X509Certificate2Collection certificates)
   at Internal.Cryptography.Pal.FindPal..ctor(X509Certificate2Collection findFrom, X509Certificate2Collection copyTo, Boolean validOnly)
   at Internal.Cryptography.Pal.FindPal.OpenPal(X509Certificate2Collection findFrom, X509Certificate2Collection copyTo, Boolean validOnly)
   at Internal.Cryptography.Pal.FindPal.FindFromCollection(X509Certificate2Collection coll, X509FindType findType, Object findValue, Boolean validOnly)
   at System.Security.Cryptography.X509Certificates.X509Certificate2Collection.Find(X509FindType findType, Object findValue, Boolean validOnly)
   at System.Security.Cryptography.Pkcs.SignerInfo.FindSignerCertificate(SubjectIdentifier signerIdentifier, X509Certificate2Collection extraStore)
   at System.Security.Cryptography.Pkcs.SignerInfo.FindSignerCertificate()
   at System.Security.Cryptography.Pkcs.SignerInfo.get_Certificate()
   at System.Security.Cryptography.Pkcs.SignerInfo.CheckSignature(X509Certificate2Collection extraStore, Boolean verifySignatureOnly)
   at System.Security.Cryptography.Pkcs.SignerInfo.CheckSignature(Boolean verifySignatureOnly)

OS: Ubuntu 18.04.4 LTS, .net core 3.1 (SDK 3.1.202, runtime 3.1.4), Crypto-Pro CSP 5.0.11455 KC1, instruction Linux.md was used, corefx ver.3.1.1.241 (4.7.0-dev.20175.1) from link .

tolyanich commented 4 years ago

This function was added in later version of Crypto-Pro CSP than you use(in 5.0.11635 Gollem). You can download latest version from this page

AlexeyAKat commented 4 years ago

Thanks, it worked! Installed version of Crypto-Pro CSP: 5.0.11732 .