Example #1
0
        private void DecodeExtension()
        {
            uint cbDecoded = 0;
            SafeLocalAllocHandle decoded = null;

            if (Oid.Value == CAPI.szOID_BASIC_CONSTRAINTS)
            {
                bool result = CAPI.DecodeObject(new IntPtr(CAPI.X509_BASIC_CONSTRAINTS),
                                                m_rawData,
                                                out decoded,
                                                out cbDecoded);
                if (result == false)
                {
                    throw new CryptographicException(Marshal.GetLastWin32Error());
                }

                CAPI.CERT_BASIC_CONSTRAINTS_INFO pBasicConstraints = (CAPI.CERT_BASIC_CONSTRAINTS_INFO)Marshal.PtrToStructure(decoded.DangerousGetHandle(),
                                                                                                                              typeof(CAPI.CERT_BASIC_CONSTRAINTS_INFO));

                // take the first byte.
                byte[] isCA = new byte[1];
                Marshal.Copy(pBasicConstraints.SubjectType.pbData, isCA, 0, 1);

                m_isCA = (isCA[0] & CAPI.CERT_CA_SUBJECT_FLAG) != 0 ? true : false;
                m_hasPathLenConstraint = pBasicConstraints.fPathLenConstraint;
                m_pathLenConstraint    = (int)pBasicConstraints.dwPathLenConstraint;
            }
            else
            {
                bool result = CAPI.DecodeObject(new IntPtr(CAPI.X509_BASIC_CONSTRAINTS2),
                                                m_rawData,
                                                out decoded,
                                                out cbDecoded);
                if (result == false)
                {
                    throw new CryptographicException(Marshal.GetLastWin32Error());
                }

                CAPI.CERT_BASIC_CONSTRAINTS2_INFO pBasicConstraints2 = (CAPI.CERT_BASIC_CONSTRAINTS2_INFO)Marshal.PtrToStructure(decoded.DangerousGetHandle(),
                                                                                                                                 typeof(CAPI.CERT_BASIC_CONSTRAINTS2_INFO));

                m_isCA = pBasicConstraints2.fCA == 0 ? false : true;
                m_hasPathLenConstraint = pBasicConstraints2.fPathLenConstraint == 0 ? false : true;
                m_pathLenConstraint    = (int)pBasicConstraints2.dwPathLenConstraint;
            }

            m_decoded = true;
            decoded.Dispose();
        }
Example #2
0
        private static unsafe byte[] EncodeExtension(bool certificateAuthority, bool hasPathLengthConstraint, int pathLengthConstraint)
        {
            CAPI.CERT_BASIC_CONSTRAINTS2_INFO pBasicConstraints2 = new CAPI.CERT_BASIC_CONSTRAINTS2_INFO();
            pBasicConstraints2.fCA = certificateAuthority ? 1 : 0;
            pBasicConstraints2.fPathLenConstraint = hasPathLengthConstraint ? 1 : 0;
            if (hasPathLengthConstraint)
            {
                if (pathLengthConstraint < 0)
                {
                    throw new ArgumentOutOfRangeException("pathLengthConstraint", SR.GetString(SR.Arg_OutOfRange_NeedNonNegNum));
                }
                pBasicConstraints2.dwPathLenConstraint = (uint)pathLengthConstraint;
            }

            byte[] encodedBasicConstraints = null;
            if (!CAPI.EncodeObject(CAPI.szOID_BASIC_CONSTRAINTS2, new IntPtr(&pBasicConstraints2), out encodedBasicConstraints))
            {
                throw new CryptographicException(Marshal.GetLastWin32Error());
            }

            return(encodedBasicConstraints);
        }