void buttonSelectEndpointCert_Click(object sender, EventArgs e)
{
try
{
SafeCertificateStore storeHandle = CertificateManager.GetCertificateStorePointer(machineName);
// do not display the Location column on the CryptUIDlgSelectCertificateFromStore
#pragma warning suppress 56523
SafeCertificateContext certContext = SafeNativeMethods.CryptUIDlgSelectCertificateFromStore(
storeHandle,
propPage,
SR.GetString(SR.SSLBindingTitle),
SR.GetString(SR.SSLBindingMessage),
SafeNativeMethods.CRYPTUI_SELECT_LOCATION_COLUMN,
0, IntPtr.Zero);
if (!certContext.IsInvalid)
{
config.X509Certificate = certContext.GetNewX509Certificate();
textBoxEndpointCert.Text = GetDisplayStringForCert(config.X509Certificate);
ComponentChanged();
}
certContext.Close();
storeHandle.Close();
}
catch (WsatAdminException ex)
{
HandleException(ex);
}
}
void buttonSelectAuthorizedCerts_Click(object sender, EventArgs e)
{
try
{
SafeCertificateStore storeHandle = CertificateManager.GetCertificateStorePointer(machineName);
SafeCertificateContext prev = new SafeCertificateContext();
SafeCertificateContext crt = new SafeCertificateContext();
X509Certificate2Collection certificateCollection = new X509Certificate2Collection();
do
{
#pragma warning suppress 56523
crt = SafeNativeMethods.CertFindCertificateInStore(
storeHandle,
SafeNativeMethods.X509_ASN_ENCODING,
0,
SafeNativeMethods.CERT_FIND_ANY,
IntPtr.Zero,
prev);
prev = crt;
if (!crt.IsInvalid)
{
certificateCollection.Add(crt.GetNewX509Certificate());
}
} while (!crt.IsInvalid);
storeHandle.Close();
prev.Close();
crt.Close();
AcceptedCertificatesForm dlg = new AcceptedCertificatesForm(certificateCollection, config.X509GlobalAcl);
DialogResult dialogResult = dlg.ShowDialog(this);
if (dialogResult == DialogResult.OK)
{
this.config.X509GlobalAcl = dlg.AllowedCertificates;
if (this.config.X509GlobalAcl.Length > 0)
{
Utilities.Log("selected allowed client cert [0]: " + this.config.X509GlobalAcl[0]);
}
ComponentChanged();
}
}
catch (WsatAdminException ex)
{
HandleException(ex);
}
}
internal static X509Certificate2 GetCertificateFromThumbprint(string thumbprint, string machineName)
{
if (String.IsNullOrEmpty(thumbprint))
{
return null;
}
X509Certificate2 cert = null;
SafeCertificateStore storeHandle = CertificateManager.GetCertificateStorePointer(machineName);
SafeCertificateContext prev = new SafeCertificateContext();
SafeCertificateContext current = new SafeCertificateContext();
bool foundThumbprint = false;
do
{
// the CertFindCertificateInStore function frees the SafeHandleCertificateContext
// referenced by non-null values of "prev"
#pragma warning suppress 56523
current = SafeNativeMethods.CertFindCertificateInStore(
storeHandle,
SafeNativeMethods.X509_ASN_ENCODING,
0,
SafeNativeMethods.CERT_FIND_ANY,
IntPtr.Zero,
prev);
prev = current;
if (!current.IsInvalid)
{
cert = current.GetNewX509Certificate();
if (Utilities.SafeCompare(cert.Thumbprint, thumbprint))
{
foundThumbprint = true;
}
}
} while (!current.IsInvalid && !foundThumbprint);
storeHandle.Close();
prev.Close();
if (!current.IsInvalid)
{
current.Close();
return cert;
}
else
{
return null;
}
}
void buttonSelectAuthorizedCerts_Click(object sender, EventArgs e)
{
try
{
SafeCertificateStore storeHandle = CertificateManager.GetCertificateStorePointer(machineName);
SafeCertificateContext prev = new SafeCertificateContext();
SafeCertificateContext crt = new SafeCertificateContext();
X509Certificate2Collection certificateCollection = new X509Certificate2Collection();
do
{
#pragma warning suppress 56523
crt = SafeNativeMethods.CertFindCertificateInStore(
storeHandle,
SafeNativeMethods.X509_ASN_ENCODING,
0,
SafeNativeMethods.CERT_FIND_ANY,
IntPtr.Zero,
prev);
prev = crt;
if (!crt.IsInvalid)
{
certificateCollection.Add(crt.GetNewX509Certificate());
}
} while (!crt.IsInvalid);
storeHandle.Close();
prev.Close();
crt.Close();
AcceptedCertificatesForm dlg = new AcceptedCertificatesForm(certificateCollection, config.X509GlobalAcl);
DialogResult dialogResult = dlg.ShowDialog(this);
if (dialogResult == DialogResult.OK)
{
this.config.X509GlobalAcl = dlg.AllowedCertificates;
if (this.config.X509GlobalAcl.Length > 0)
{
Utilities.Log("selected allowed client cert [0]: " + this.config.X509GlobalAcl[0]);
}
ComponentChanged();
}
}
catch (WsatAdminException ex)
{
HandleException(ex);
}
}