public int QueryContextRemoteCertificate(SafeDeleteContext securityContext, out SafeFreeCertContext remoteCert)
{
int errorCode;
remoteCert = QueryContextAttributes(securityContext, Interop.Secur32.ContextAttribute.RemoteCertificate, out errorCode) as SafeFreeCertContext;
return(errorCode);
}
internal static X509Certificate2Collection GetRemoteCertificatesFromStoreContext(SafeFreeCertContext certContext)
{
X509Certificate2Collection result = new X509Certificate2Collection();
if (certContext.IsInvalid)
{
return result;
}
Interop.Crypt32.CERT_CONTEXT context = Marshal.PtrToStructure<Interop.Crypt32.CERT_CONTEXT>(certContext.DangerousGetHandle());
if (context.hCertStore != IntPtr.Zero)
{
X509Store store = null;
try
{
store = X509StoreExtensions.CreateFromNativeHandle(context.hCertStore);
result = store.Certificates;
}
finally
{
if (store != null)
{
store.Dispose();
}
}
}
return result;
}
internal static void GetRemoteCertificatesFromStoreContext(SafeFreeCertContext certContext, X509Certificate2Collection collection)
{
if (certContext.IsInvalid)
{
return;
}
GetRemoteCertificatesFromStoreContext(certContext.DangerousGetHandle(), collection);
}
public int QueryContextRemoteCertificate(SafeDeleteContext securityContext, out SafeFreeCertContext remoteCertContext)
{
remoteCertContext = null;
try
{
SafeX509Handle remoteCertificate = Interop.OpenSsl.GetPeerCertificate(securityContext.SslContext);
// Note that cert ownership is transferred to SafeFreeCertContext
remoteCertContext = new SafeFreeCertContext(remoteCertificate);
return(0);
}
catch
{
return(-1);
}
}
//
// Extracts a remote certificate upon request.
//
internal static X509Certificate2 GetRemoteCertificate(SafeDeleteContext securityContext, out X509Certificate2Collection remoteCertificateCollection)
{
remoteCertificateCollection = null;
if (securityContext == null)
{
return(null);
}
if (GlobalLog.IsEnabled)
{
GlobalLog.Enter("CertificateValidationPal.Windows SecureChannel#" + LoggingHash.HashString(securityContext) + "::GetRemoteCertificate()");
}
X509Certificate2 result = null;
SafeFreeCertContext remoteContext = null;
try
{
remoteContext = SSPIWrapper.QueryContextAttributes(GlobalSSPI.SSPISecureChannel, securityContext, Interop.SspiCli.ContextAttribute.RemoteCertificate) as SafeFreeCertContext;
if (remoteContext != null && !remoteContext.IsInvalid)
{
result = new X509Certificate2(remoteContext.DangerousGetHandle());
}
}
finally
{
if (remoteContext != null && !remoteContext.IsInvalid)
{
remoteCertificateCollection = UnmanagedCertificateContext.GetRemoteCertificatesFromStoreContext(remoteContext);
remoteContext.Dispose();
}
}
if (SecurityEventSource.Log.IsEnabled())
{
SecurityEventSource.Log.RemoteCertificate(result == null ? "null" : result.ToString(true));
}
if (GlobalLog.IsEnabled)
{
GlobalLog.Leave("CertificateValidationPal.Windows SecureChannel#" + LoggingHash.HashString(securityContext) + "::GetRemoteCertificate()", (result == null ? "null" : result.Subject));
}
return(result);
}
private static X509Certificate2 GetRemoteCertificate(
SafeDeleteContext securityContext, bool retrieveCollection, out X509Certificate2Collection remoteCertificateCollection)
{
remoteCertificateCollection = null;
if (securityContext == null)
{
return(null);
}
if (NetEventSource.IsEnabled)
{
NetEventSource.Enter(securityContext);
}
X509Certificate2 result = null;
SafeFreeCertContext remoteContext = null;
try
{
remoteContext = SSPIWrapper.QueryContextAttributes_SECPKG_ATTR_REMOTE_CERT_CONTEXT(GlobalSSPI.SSPISecureChannel, securityContext);
if (remoteContext != null && !remoteContext.IsInvalid)
{
result = new X509Certificate2(remoteContext.DangerousGetHandle());
}
}
finally
{
if (remoteContext != null && !remoteContext.IsInvalid)
{
if (retrieveCollection)
{
remoteCertificateCollection = UnmanagedCertificateContext.GetRemoteCertificatesFromStoreContext(remoteContext);
}
remoteContext.Dispose();
}
}
if (NetEventSource.IsEnabled)
{
NetEventSource.Log.RemoteCertificate(result);
NetEventSource.Exit(null, result, securityContext);
}
return(result);
}
internal static X509Certificate2Collection GetRemoteCertificatesFromStoreContext(SafeFreeCertContext certContext)
{
X509Certificate2Collection result = new X509Certificate2Collection();
if (certContext.IsInvalid)
{
return result;
}
Interop.Crypt32.CERT_CONTEXT context =
Marshal.PtrToStructure<Interop.Crypt32.CERT_CONTEXT>(certContext.DangerousGetHandle());
if (context.hCertStore != IntPtr.Zero)
{
Interop.Crypt32.CERT_CONTEXT* last = null;
while (true)
{
Interop.Crypt32.CERT_CONTEXT* next =
Interop.Crypt32.CertEnumCertificatesInStore(context.hCertStore, last);
if (next == null)
{
break;
}
var cert = new X509Certificate2(new IntPtr(next));
if (GlobalLog.IsEnabled)
{
GlobalLog.Print(
"UnmanagedCertificateContext::GetRemoteCertificatesFromStoreContext " +
"adding remote certificate:" + cert.Subject + cert.Thumbprint);
}
result.Add(cert);
last = next;
}
}
return result;
}
//
// Extracts a remote certificate upon request.
//
internal override X509Certificate2 GetRemoteCertificate(SafeDeleteContext securityContext, out X509Certificate2Collection remoteCertificateStore)
{
remoteCertificateStore = null;
if (securityContext == null)
{
return(null);
}
GlobalLog.Enter("SecureChannel#" + Logging.HashString(this) + "::RemoteCertificate{get;}");
X509Certificate2 result = null;
SafeFreeCertContext remoteContext = null;
try
{
int errorCode = SSPIWrapper.QueryContextRemoteCertificate(GlobalSSPI.SSPISecureChannel, securityContext, out remoteContext);
if (remoteContext != null && !remoteContext.IsInvalid)
{
result = new X509Certificate2(remoteContext.DangerousGetHandle());
}
}
finally
{
if (remoteContext != null && !remoteContext.IsInvalid)
{
remoteCertificateStore = UnmanagedCertificateContext.GetRemoteCertificatesFromStoreContext(remoteContext);
remoteContext.Dispose();
}
}
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, SR.Format(SR.net_log_remote_certificate, (result == null ? "null" : result.ToString(true))));
}
GlobalLog.Leave("SecureChannel#" + Logging.HashString(this) + "::RemoteCertificate{get;}", (result == null ? "null" : result.Subject));
return(result);
}
//
// Extracts a remote certificate upon request.
//
internal static X509Certificate2 GetRemoteCertificate(SafeDeleteContext securityContext, out X509Certificate2Collection remoteCertificateStore)
{
remoteCertificateStore = null;
if (securityContext == null)
{
return(null);
}
GlobalLog.Enter("CertificateValidationPal.Windows SecureChannel#" + Logging.HashString(securityContext) + "::GetRemoteCertificate()");
X509Certificate2 result = null;
SafeFreeCertContext remoteContext = null;
try
{
remoteContext = SSPIWrapper.QueryContextAttributes(GlobalSSPI.SSPISecureChannel, securityContext, Interop.Secur32.ContextAttribute.RemoteCertificate) as SafeFreeCertContext;
if (remoteContext != null && !remoteContext.IsInvalid)
{
result = new X509Certificate2(remoteContext.DangerousGetHandle());
}
}
finally
{
if (remoteContext != null && !remoteContext.IsInvalid)
{
remoteCertificateStore = UnmanagedCertificateContext.GetRemoteCertificatesFromStoreContext(remoteContext);
remoteContext.Dispose();
}
}
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, SR.Format(SR.net_log_remote_certificate, (result == null ? "null" : result.ToString(true))));
}
GlobalLog.Leave("CertificateValidationPal.Windows SecureChannel#" + Logging.HashString(securityContext) + "::GetRemoteCertificate()", (result == null ? "null" : result.Subject));
return(result);
}
public unsafe int QueryContextAttributes(SafeDeleteContext phContext, ContextAttribute attribute, byte[] buffer, Type handleType, out SafeHandle refHandle)
{
refHandle = null;
if (handleType != null)
{
if (handleType != typeof(SafeFreeContextBuffer))
{
if (handleType != typeof(SafeFreeCertContext))
{
throw new ArgumentException(SR.GetString("SSPIInvalidHandleType", new object[] { handleType.FullName }), "handleType");
}
refHandle = new SafeFreeCertContext();
}
else
{
refHandle = SafeFreeContextBuffer.CreateEmptyHandle(Library);
}
}
fixed(byte *numRef = buffer)
{
return(SafeFreeContextBuffer.QueryContextAttributes(Library, phContext, attribute, numRef, refHandle));
}
}
public unsafe int QueryContextAttributes(SafeDeleteContext context, Interop.SspiCli.ContextAttribute attribute, Span <byte> buffer, Type?handleType, out SafeHandle?refHandle)
{
refHandle = null;
if (handleType != null)
{
if (handleType == typeof(SafeFreeContextBuffer))
{
refHandle = SafeFreeContextBuffer.CreateEmptyHandle();
}
else if (handleType == typeof(SafeFreeCertContext))
{
refHandle = new SafeFreeCertContext();
}
else
{
throw new ArgumentException(SR.Format(SR.SSPIInvalidHandleType, handleType.FullName), nameof(handleType));
}
}
fixed(byte *bufferPtr = buffer)
{
return(SafeFreeContextBuffer.QueryContextAttributes(context, attribute, bufferPtr, refHandle));
}
}
private unsafe int QueryContextAttributes(SafeDeleteContext phContext, Interop.Secur32.ContextAttribute attribute, byte[] buffer, Type handleType, out SafeHandle refHandle)
{
refHandle = null;
if (handleType != null)
{
if (handleType == typeof(SafeFreeContextBuffer))
{
refHandle = SafeFreeContextBuffer.CreateEmptyHandle();
}
else if (handleType == typeof(SafeFreeCertContext))
{
refHandle = new SafeFreeCertContext();
}
else
{
throw new ArgumentException(SR.Format(SR.SSPIInvalidHandleType, handleType.FullName), "handleType");
}
}
fixed(byte *bufferPtr = buffer)
{
return(SafeFreeContextBuffer.QueryContextAttributes(phContext, attribute, bufferPtr, refHandle));
}
}
internal static X509Certificate2Collection GetRemoteCertificatesFromStoreContext(SafeFreeCertContext certContext)
{
X509Certificate2Collection result = new X509Certificate2Collection();
if (certContext.IsInvalid)
{
return result;
}
Interop.Crypt32.CERT_CONTEXT context =
Marshal.PtrToStructure<Interop.Crypt32.CERT_CONTEXT>(certContext.DangerousGetHandle());
if (context.hCertStore != IntPtr.Zero)
{
Interop.Crypt32.CERT_CONTEXT* last = null;
while (true)
{
Interop.Crypt32.CERT_CONTEXT* next =
Interop.Crypt32.CertEnumCertificatesInStore(context.hCertStore, last);
if (next == null)
{
break;
}
var cert = new X509Certificate2(new IntPtr(next));
if (NetEventSource.IsEnabled) NetEventSource.Info(certContext, $"Adding remote certificate:{cert}");
result.Add(cert);
last = next;
}
}
return result;
}
public unsafe int QueryContextAttributes(SafeDeleteContext context, ContextAttribute attribute, byte[] buffer, Type handleType, out SafeHandle refHandle)
{
refHandle = null;
if (handleType != null)
{
if (handleType == typeof(SafeFreeContextBuffer))
{
refHandle = SafeFreeContextBuffer.CreateEmptyHandle(Library);
}
else if (handleType == typeof(SafeFreeCertContext))
{
refHandle = new SafeFreeCertContext();
}
else
{
throw new ArgumentException(SR.GetString(SR.SSPIInvalidHandleType, handleType.FullName), "handleType");
}
}
fixed(byte *bufferPtr = buffer)
{
return(SafeFreeContextBuffer.QueryContextAttributes(Library, context, attribute, bufferPtr, refHandle));
}
}
public int QueryContextRemoteCertificate(SafeDeleteContext securityContext, out SafeFreeCertContext remoteCertContext)
{
bool gotReference = false;
remoteCertContext = null;
try
{
securityContext.DangerousAddRef(ref gotReference);
IntPtr certPtr = Interop.OpenSsl.GetPeerCertificate(securityContext.DangerousGetHandle());
remoteCertContext = new SafeFreeCertContext(certPtr);
return(0);
}
catch
{
return(-1);
}
finally
{
if (gotReference)
{
securityContext.DangerousRelease();
}
}
}
private static X509Certificate2 GetRemoteCertificate(SafeDeleteContext securityContext, X509Certificate2Collection remoteCertificateStore)
{
bool gotReference = false;
if (securityContext == null)
{
return(null);
}
if (NetEventSource.IsEnabled)
{
NetEventSource.Enter(securityContext);
}
X509Certificate2 result = null;
SafeFreeCertContext remoteContext = null;
try
{
int errorCode = QueryContextRemoteCertificate(securityContext, out remoteContext);
if (remoteContext != null && !remoteContext.IsInvalid)
{
remoteContext.DangerousAddRef(ref gotReference);
result = new X509Certificate2(remoteContext.DangerousGetHandle());
}
if (remoteCertificateStore != null)
{
using (SafeSharedX509StackHandle chainStack =
Interop.OpenSsl.GetPeerCertificateChain(((SafeDeleteSslContext)securityContext).SslContext))
{
if (!chainStack.IsInvalid)
{
int count = Interop.Crypto.GetX509StackFieldCount(chainStack);
for (int i = 0; i < count; i++)
{
IntPtr certPtr = Interop.Crypto.GetX509StackField(chainStack, i);
if (certPtr != IntPtr.Zero)
{
// X509Certificate2(IntPtr) calls X509_dup, so the reference is appropriately tracked.
X509Certificate2 chainCert = new X509Certificate2(certPtr);
remoteCertificateStore.Add(chainCert);
}
}
}
}
}
}
catch
{
result?.Dispose();
throw;
}
finally
{
if (remoteContext != null)
{
if (gotReference)
{
remoteContext.DangerousRelease();
}
remoteContext.Dispose();
}
}
if (NetEventSource.IsEnabled)
{
NetEventSource.Log.RemoteCertificate(result);
NetEventSource.Exit(securityContext, result);
}
return(result);
}
internal static int QueryContextRemoteCertificate(SSPIInterface SecModule, SafeDeleteContext securityContext, out SafeFreeCertContext remoteCertificate)
{
return SecModule.QueryContextRemoteCertificate(securityContext, out remoteCertificate);
}
internal static X509Certificate2Collection GetRemoteCertificatesFromStoreContext(SafeFreeCertContext certContext)
{
X509Certificate2Collection result = new X509Certificate2Collection();
if (certContext.IsInvalid)
{
return(result);
}
Interop.Crypt32.CERT_CONTEXT context =
Marshal.PtrToStructure <Interop.Crypt32.CERT_CONTEXT>(certContext.DangerousGetHandle());
if (context.hCertStore != IntPtr.Zero)
{
Interop.Crypt32.CERT_CONTEXT *last = null;
while (true)
{
Interop.Crypt32.CERT_CONTEXT *next =
Interop.Crypt32.CertEnumCertificatesInStore(context.hCertStore, last);
if (next == null)
{
break;
}
var cert = new X509Certificate2(new IntPtr(next));
if (GlobalLog.IsEnabled)
{
GlobalLog.Print(
"UnmanagedCertificateContext::GetRemoteCertificatesFromStoreContext " +
"adding remote certificate:" + cert.Subject + cert.Thumbprint);
}
result.Add(cert);
last = next;
}
}
return(result);
}
internal static X509Certificate2Collection GetRemoteCertificatesFromStoreContext(SafeFreeCertContext certContext)
{
X509Certificate2Collection result = new X509Certificate2Collection();
if (certContext.IsInvalid)
{
return(result);
}
Interop.Crypt32.CERT_CONTEXT context = Marshal.PtrToStructure <Interop.Crypt32.CERT_CONTEXT>(certContext.DangerousGetHandle());
if (context.hCertStore != IntPtr.Zero)
{
X509Store store = null;
try
{
store = X509StoreExtensions.CreateFromNativeHandle(context.hCertStore);
result = store.Certificates;
}
finally
{
if (store != null)
{
store.Dispose();
}
}
}
return(result);
}
private static int QueryContextRemoteCertificate(SafeDeleteContext securityContext, out SafeFreeCertContext remoteCertContext)
{
remoteCertContext = null;
try
{
SafeX509Handle remoteCertificate = Interop.OpenSsl.GetPeerCertificate(securityContext.SslContext);
// Note that cert ownership is transferred to SafeFreeCertContext
remoteCertContext = new SafeFreeCertContext(remoteCertificate);
return 0;
}
catch
{
return -1;
}
}
internal static X509Certificate2Collection GetRemoteCertificatesFromStoreContext(SafeFreeCertContext certContext)
{
X509Certificate2Collection result = new X509Certificate2Collection();
if (certContext.IsInvalid)
{
return(result);
}
Interop.Crypt32.CERT_CONTEXT context =
Marshal.PtrToStructure <Interop.Crypt32.CERT_CONTEXT>(certContext.DangerousGetHandle());
if (context.hCertStore != IntPtr.Zero)
{
Interop.Crypt32.CERT_CONTEXT *last = null;
while (true)
{
Interop.Crypt32.CERT_CONTEXT *next =
Interop.Crypt32.CertEnumCertificatesInStore(context.hCertStore, last);
if (next == null)
{
break;
}
var cert = new X509Certificate2(new IntPtr(next));
if (NetEventSource.IsEnabled)
{
NetEventSource.Info(certContext, $"Adding remote certificate:{cert}");
}
result.Add(cert);
last = next;
}
}
return(result);
}
//
// Extracts a remote certificate upon request.
//
internal static X509Certificate2 GetRemoteCertificate(SafeDeleteContext securityContext, out X509Certificate2Collection remoteCertificateStore)
{
remoteCertificateStore = null;
bool gotReference = false;
if (securityContext == null)
{
return(null);
}
GlobalLog.Enter("CertificateValidationPal.Unix SecureChannel#" + LoggingHash.HashString(securityContext) + "::GetRemoteCertificate()");
X509Certificate2 result = null;
SafeFreeCertContext remoteContext = null;
try
{
int errorCode = QueryContextRemoteCertificate(securityContext, out remoteContext);
if (remoteContext != null && !remoteContext.IsInvalid)
{
remoteContext.DangerousAddRef(ref gotReference);
result = new X509Certificate2(remoteContext.DangerousGetHandle());
}
remoteCertificateStore = new X509Certificate2Collection();
using (SafeSharedX509StackHandle chainStack =
Interop.OpenSsl.GetPeerCertificateChain(securityContext.SslContext))
{
if (!chainStack.IsInvalid)
{
int count = Interop.Crypto.GetX509StackFieldCount(chainStack);
for (int i = 0; i < count; i++)
{
IntPtr certPtr = Interop.Crypto.GetX509StackField(chainStack, i);
if (certPtr != IntPtr.Zero)
{
// X509Certificate2(IntPtr) calls X509_dup, so the reference is appropriately tracked.
X509Certificate2 chainCert = new X509Certificate2(certPtr);
remoteCertificateStore.Add(chainCert);
}
}
}
}
}
finally
{
if (gotReference)
{
remoteContext.DangerousRelease();
}
if (remoteContext != null)
{
remoteContext.Dispose();
}
}
if (SecurityEventSource.Log.IsEnabled())
{
SecurityEventSource.Log.RemoteCertificate(result == null ? "null" : result.ToString(true));
}
GlobalLog.Leave("CertificateValidationPal.Unix SecureChannel#" + LoggingHash.HashString(securityContext) + "::GetRemoteCertificate()", (result == null ? "null" : result.Subject));
return(result);
}
public unsafe int QueryContextAttributes(SafeDeleteContext context, ContextAttribute attribute, byte[] buffer, Type handleType, out SafeHandle refHandle)
{
refHandle = null;
if (handleType != null)
{
if (handleType != typeof(SafeFreeContextBuffer))
{
if (handleType != typeof(SafeFreeCertContext))
{
throw new ArgumentException(SR.GetString("SSPIInvalidHandleType", new object[] { handleType.FullName }), "handleType");
}
refHandle = new SafeFreeCertContext();
}
else
{
refHandle = SafeFreeContextBuffer.CreateEmptyHandle(Library);
}
}
fixed (byte* numRef = buffer)
{
return SafeFreeContextBuffer.QueryContextAttributes(Library, context, attribute, numRef, refHandle);
}
}
public int QueryContextRemoteCertificate(SafeDeleteContext securityContext, out SafeFreeCertContext remoteCertContext)
{
bool gotReference = false;
remoteCertContext = null;
try
{
securityContext.DangerousAddRef(ref gotReference);
IntPtr certPtr = Interop.OpenSsl.GetPeerCertificate(securityContext.DangerousGetHandle());
remoteCertContext = new SafeFreeCertContext(certPtr);
return 0;
}
catch
{
return -1;
}
finally
{
if (gotReference)
{
securityContext.DangerousRelease();
}
}
}
//
// Extracts a remote certificate upon request.
//
internal override X509Certificate2 GetRemoteCertificate(SafeDeleteContext securityContext, out X509Certificate2Collection remoteCertificateStore)
{
remoteCertificateStore = null;
bool gotReference = false;
if (securityContext == null)
{
return(null);
}
GlobalLog.Enter("SecureChannel#" + Logging.HashString(this) + "::RemoteCertificate{get;}");
X509Certificate2 result = null;
SafeFreeCertContext remoteContext = null;
try
{
int errorCode = SSPIWrapper.QueryContextRemoteCertificate(GlobalSSPI.SSPISecureChannel, securityContext, out remoteContext);
if (remoteContext != null && !remoteContext.IsInvalid)
{
remoteContext.DangerousAddRef(ref gotReference);
result = new X509Certificate2(remoteContext.DangerousGetHandle());
}
remoteCertificateStore = new X509Certificate2Collection();
using (SafeSharedX509StackHandle chainStack =
Interop.OpenSsl.GetPeerCertificateChain(securityContext.SslContext))
{
if (!chainStack.IsInvalid)
{
int count = Interop.Crypto.GetX509StackFieldCount(chainStack);
for (int i = 0; i < count; i++)
{
IntPtr certPtr = Interop.Crypto.GetX509StackField(chainStack, i);
if (certPtr != IntPtr.Zero)
{
// X509Certificate2(IntPtr) calls X509_dup, so the reference is appropriately tracked.
X509Certificate2 chainCert = new X509Certificate2(certPtr);
remoteCertificateStore.Add(chainCert);
}
}
}
}
}
finally
{
if (gotReference)
{
remoteContext.DangerousRelease();
}
if (remoteContext != null)
{
remoteContext.Dispose();
}
}
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, SR.Format(SR.net_log_remote_certificate, (result == null ? "null" : result.ToString(true))));
}
GlobalLog.Leave("SecureChannel#" + Logging.HashString(this) + "::RemoteCertificate{get;}", (result == null ? "null" : result.Subject));
return(result);
}
internal static X509Certificate2Collection GetRemoteCertificatesFromStoreContext(SafeFreeCertContext certContext)
{
if (certContext.IsInvalid)
{
return(new X509Certificate2Collection());
}
return(GetRemoteCertificatesFromStoreContext(certContext.DangerousGetHandle()));
}
public unsafe int QueryContextAttributes(SafeDeleteContext context, Interop.SspiCli.ContextAttribute attribute, byte[] buffer, Type handleType, out SafeHandle refHandle)
{
refHandle = null;
if (handleType != null)
{
if (handleType == typeof(SafeFreeContextBuffer))
{
refHandle = SafeFreeContextBuffer.CreateEmptyHandle();
}
else if (handleType == typeof(SafeFreeCertContext))
{
refHandle = new SafeFreeCertContext();
}
else
{
throw new ArgumentException(SR.Format(SR.SSPIInvalidHandleType, handleType.FullName), "handleType");
}
}
fixed (byte* bufferPtr = buffer)
{
return SafeFreeContextBuffer.QueryContextAttributes(context, attribute, bufferPtr, refHandle);
}
}
internal static int QueryContextRemoteCertificate(SSPIInterface SecModule, SafeDeleteContext securityContext, out SafeFreeCertContext remoteCertificate)
{
return(SecModule.QueryContextRemoteCertificate(securityContext, out remoteCertificate));
}
internal static X509Certificate2Collection GetStore(SafeFreeCertContext certContext)
{
X509Certificate2Collection result = new X509Certificate2Collection();
if (certContext.IsInvalid)
return result;
_CERT_CONTEXT context = (_CERT_CONTEXT)Marshal.PtrToStructure(certContext.DangerousGetHandle(), typeof(_CERT_CONTEXT));
if (context.hCertStore != IntPtr.Zero)
{
X509Store store = null;
try {
store = new X509Store(context.hCertStore);
result = store.Certificates;
}
finally {
if (store != null)
store.Close();
}
}
return result;
}
public int QueryContextRemoteCertificate(SafeDeleteContext securityContext, out SafeFreeCertContext remoteCert)
{
int errorCode;
remoteCert = QueryContextAttributes(securityContext, Interop.Secur32.ContextAttribute.RemoteCertificate, out errorCode) as SafeFreeCertContext;
return errorCode;
}
