internal static X509Certificate2 CopyWithPersistedCngKeyFixed(this X509Certificate2 publicCert, CngKey cngKey)
{
if (string.IsNullOrEmpty(cngKey.KeyName))
{
return(null);
}
X509Certificate2 x509Certificate = new X509Certificate2(publicCert.RawData);
CngProvider provider = cngKey.Provider;
string keyName = cngKey.KeyName;
bool isMachineKey = IsMachineKey(cngKey);
int dwKeySpec = CertificateExtensionsCommon.GuessKeySpec(provider, keyName, isMachineKey, cngKey.AlgorithmGroup);
X509Native.CRYPT_KEY_PROV_INFO crypt_KEY_PROV_INFO = default(X509Native.CRYPT_KEY_PROV_INFO);
crypt_KEY_PROV_INFO.pwszContainerName = cngKey.KeyName;
crypt_KEY_PROV_INFO.pwszProvName = cngKey.Provider.Provider;
crypt_KEY_PROV_INFO.dwFlags = (int)(isMachineKey ? CngKeyOpenOptions.MachineKey : CngKeyOpenOptions.None);
crypt_KEY_PROV_INFO.dwKeySpec = dwKeySpec;
using (SafeCertContextHandle certificateContext = X509Native.GetCertificateContext(x509Certificate))
{
if (!X509Native.SetCertificateKeyProvInfo(certificateContext, ref crypt_KEY_PROV_INFO))
{
int lastWin32Error = Marshal.GetLastWin32Error();
x509Certificate.Dispose();
throw new CryptographicException(lastWin32Error);
}
}
return(x509Certificate);
}
internal static SafeCertContextHandle GetCertificateContext(X509Certificate certificate)
{
SafeCertContextHandle result = X509Native.DuplicateCertContext(certificate.Handle);
GC.KeepAlive(certificate);
return(result);
}
