From c2c9363db55a8941d2f41faaa7e1fb3fd6afbad3 Mon Sep 17 00:00:00 2001
From: Kevin Jones <kevin@vcsjones.com>
Date: Fri, 22 Dec 2017 17:04:49 -0500
Subject: [PATCH] Fix issue where delegate would be GCed.

The problem here was we were creating a method group which implicitly
creates a delegate instance. This delegate instance didn't live long
enough, so set it's lifetime to the duration of the owning object.
---
 AzureSignTool/AuthenticodeKeyVaultSigner.cs | 7 ++++---
 AzureSignTool/Interop/mssign32.cs           | 2 +-
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/AzureSignTool/AuthenticodeKeyVaultSigner.cs b/AzureSignTool/AuthenticodeKeyVaultSigner.cs
index dafcce3..232c466 100644
--- a/AzureSignTool/AuthenticodeKeyVaultSigner.cs
+++ b/AzureSignTool/AuthenticodeKeyVaultSigner.cs
@@ -12,6 +12,7 @@ public class AuthenticodeKeyVaultSigner : IDisposable
         private readonly MemoryCertificateStore _certificateStore;
         private readonly X509Chain _chain;
         private readonly ILogger _logger;
+        private readonly SignCallback _signCallback;
 
         public AuthenticodeKeyVaultSigner(AzureKeyVaultMaterializedConfiguration configuration, TimeStampConfiguration timeStampConfiguration, X509Certificate2Collection additionalCertificates,
             ILogger logger)
@@ -34,6 +35,7 @@ public AuthenticodeKeyVaultSigner(AzureKeyVaultMaterializedConfiguration configu
             {
                 _certificateStore.Add(_chain.ChainElements[i].Certificate);
             }
+            _signCallback = SignCallback;
         }
 
         public int SignFile(string path, string description, string descriptionUrl, bool? pageHashing)
@@ -74,10 +76,9 @@ public int SignFile(string path, string description, string descriptionUrl, bool
                         timestampUrl = null;
                         break;
                 }
-
                 _logger.Log("Getting SIP Data", LogLevel.Verbose);
                 using (var data = SipExtensionFactory.GetSipData(path, flags, contextReceiver, timeStampFlags, storeInfo, timestampUrl,
-                    timestampAlgorithmOid, SignCallback, _configuration.FileDigestAlgorithm, fileInfo, attributes))
+                    timestampAlgorithmOid, _signCallback, _configuration.FileDigestAlgorithm, fileInfo, attributes))
                 {
                     _logger.Log("Calling SignerSignEx3", LogLevel.Verbose);
                     return mssign32.SignerSignEx3
@@ -113,7 +114,7 @@ private int SignCallback(
             uint algId,
             byte[] pDigestToSign,
             uint dwDigestToSign,
-            out CRYPTOAPI_BLOB blob
+            ref CRYPTOAPI_BLOB blob
         )
         {
             _logger.Log("SignCallback", LogLevel.Verbose);
diff --git a/AzureSignTool/Interop/mssign32.cs b/AzureSignTool/Interop/mssign32.cs
index b05ac3e..a9224e1 100644
--- a/AzureSignTool/Interop/mssign32.cs
+++ b/AzureSignTool/Interop/mssign32.cs
@@ -248,6 +248,6 @@ internal delegate int SignCallback(
         [param: In, MarshalAs(UnmanagedType.U4)] uint algId,
         [param: In, MarshalAs(UnmanagedType.LPArray, ArraySubType = UnmanagedType.U1, SizeParamIndex = 4)] byte[] pDigestToSign,
         [param: In, MarshalAs(UnmanagedType.U4)] uint dwDigestToSign,
-        [param: Out] out CRYPTOAPI_BLOB blob
+        [param: In, Out] ref CRYPTOAPI_BLOB blob
         );
 }