Ejemplo n.º 1
0
        private static bool VerifyCertificateIgnoringErrors(SafeCertContextHandle pCertContext)
        {
            ChainPal chainPal = ChainPal.BuildChain(
                true,
                CertificatePal.FromHandle(pCertContext.DangerousGetHandle()),
                null, //extraStore
                null, //applicationPolicy
                null, //certificatePolicy
                X509RevocationMode.NoCheck,
                X509RevocationFlag.ExcludeRoot,
                DateTime.Now,
                new TimeSpan(0, 0, 0));

            if (chainPal == null)
            {
                return(false);
            }

            using (chainPal)
            {
                Exception verificationException;
                bool?     verified = chainPal.Verify(X509VerificationFlags.NoFlag, out verificationException);
                if (!(verified.HasValue && verified.Value))
                {
                    return(false);
                }
            }

            return(true);
        }
Ejemplo n.º 2
0
        private static bool VerifyCertificateIgnoringErrors(SafeCertContextHandle pCertContext)
        {
            // This needs to be kept in sync with IsCertValid in the
            // Unix/OpenSSL PAL version (and potentially any other PALs that come about)
            ChainPal?chainPal = ChainPal.BuildChain(
                false,
                CertificatePal.FromHandle(pCertContext.DangerousGetHandle()),
                null, //extraStore
                null, //applicationPolicy
                null, //certificatePolicy
                X509RevocationMode.NoCheck,
                X509RevocationFlag.ExcludeRoot,
                null,
                X509ChainTrustMode.System,
                DateTime.Now,
                new TimeSpan(0, 0, 0));

            if (chainPal == null)
            {
                return(false);
            }

            using (chainPal)
            {
                Exception?verificationException;
                bool?     verified = chainPal.Verify(X509VerificationFlags.NoFlag, out verificationException);
                if (!verified.GetValueOrDefault())
                {
                    return(false);
                }
            }

            return(true);
        }
Ejemplo n.º 3
0
        public void Remove(ICertificatePal certPal)
        {
            if (!Directory.Exists(_storePath))
            {
                return;
            }

            OpenSslX509CertificateReader cert = (OpenSslX509CertificateReader)certPal;

            using (X509Certificate2 copy = new X509Certificate2(cert.DuplicateHandles()))
            {
                string?currentFilename;

                do
                {
                    bool hadCandidates;
                    currentFilename = FindExistingFilename(copy, _storePath, out hadCandidates);

                    if (currentFilename != null)
                    {
                        if (_readOnly)
                        {
                            // Windows compatibility, the readonly check isn't done until after a match is found.
                            throw new CryptographicException(SR.Cryptography_X509_StoreReadOnly);
                        }

                        File.Delete(currentFilename);
                        ChainPal.FlushStores();
                    }
                } while (currentFilename != null);
            }
        }
Ejemplo n.º 4
0
        public static IChainPal FromHandle(IntPtr chainContext)
        {
            if (chainContext == IntPtr.Zero)
            {
                throw new ArgumentNullException(nameof(chainContext));
            }

            SafeX509ChainHandle certChainHandle = Interop.Crypt32.CertDuplicateCertificateChain(chainContext);

            if (certChainHandle == null || certChainHandle.IsInvalid)
            {
                throw new CryptographicException(SR.Cryptography_InvalidContextHandle, nameof(chainContext));
            }

            var pal = new ChainPal(certChainHandle);

            return(pal);
        }
Ejemplo n.º 5
0
        public void Add(ICertificatePal certPal)
        {
            if (_readOnly)
            {
                // Windows compatibility: Remove only throws when it needs to do work, add throws always.
                throw new CryptographicException(SR.Cryptography_X509_StoreReadOnly);
            }

            try
            {
                AddCertToStore(certPal);
                ChainPal.FlushStores();
            }
            catch (CryptographicException)
            {
                throw;
            }
            catch (Exception e)
            {
                throw new CryptographicException(SR.Cryptography_X509_StoreAddFailure, e);
            }
        }
Ejemplo n.º 6
0
        public static IChainPal FromHandle(IntPtr chainContext)
        {
            if (chainContext == IntPtr.Zero)
                throw new ArgumentNullException(nameof(chainContext));

            SafeX509ChainHandle certChainHandle = Interop.crypt32.CertDuplicateCertificateChain(chainContext);
            if (certChainHandle == null || certChainHandle.IsInvalid)
                throw new CryptographicException(SR.Cryptography_InvalidContextHandle, nameof(chainContext));

            var pal = new ChainPal(certChainHandle);
            return pal;
        }