Ejemplo n.º 1
0
        public static SafeCertContextHandle GetCertificateContext(
            this X509Certificate certificate)
        {
            GC.KeepAlive(certificate);
            var certContext = X509Native.DuplicateCertContext(certificate.Handle);

            return(certContext);
        }
Ejemplo n.º 2
0
        public static CngKey GetCngPrivateKey(
            this X509Certificate2 certificate)
        {
            if (certificate == null)
            {
                throw new ArgumentNullException(nameof(certificate));
            }

            if (!certificate.HasPrivateKey ||
                !certificate.HasCngKey())
            {
                return(null);
            }

            try
            {
                using (
                    var
                    certContext = certificate.GetCertificateContext())
                {
                    using (
                        var privateKeyHandle =
                            X509Native.AcquireCngPrivateKey(certContext))
                    {
                        // We need to assert for full trust when opening the CNG key because
                        // CngKey.Open(SafeNCryptKeyHandle) does a full demand for full trust,
                        // and we want to allow access to a certificate's private key by
                        // anyone who has access to the certificate itself.
                        new PermissionSet(PermissionState.Unrestricted).Assert();
                        return(CngKey.Open(privateKeyHandle, CngKeyHandleOpenOptions.None));
                    }
                }
            }
            catch (CryptographicException ex)
            {
                throw new CryptographicException(
                          "The private key for the certificate with serial number '" +
                          certificate.SerialNumber +
                          "' could not be found because it does not exist or" +
                          " cannot be accessed due to missing permissions.",
                          ex);
            }
        }
Ejemplo n.º 3
0
        public static bool HasCngKey(
            this X509Certificate certificate)
        {
            using (var certContext = certificate.GetCertificateContext())
            {
                if (!X509Native.HasCertificateProperty(
                        certContext,
                        NativeMethods.Crypt32.CertificateProperty.KeyProviderInfo))
                {
                    return(false);
                }

                var keyProvInfo =
                    X509Native.GetCertificateProperty <X509Native.CryptKeyProvInfo>(
                        certContext,
                        NativeMethods.Crypt32.CertificateProperty.KeyProviderInfo
                        );

                return(keyProvInfo.dwProvType == 0);
            }
        }