public CK_VENDOR_X509_STORE(CkVendorX509Store store) { TrustedCertificates = new IntPtr(); TrustedCertificateCount = 0; Certificates = new IntPtr(); CertificateCount = 0; Crls = new IntPtr(); CrlCount = 0; if (store.TrustedCertificates != null && store.TrustedCertificates.Any()) { AllocateNativeCertificates(store.TrustedCertificates, ref TrustedCertificates, ref TrustedCertificateCount); } if (store.Certificates != null && store.Certificates.Any()) { AllocateNativeCertificates(store.Certificates, ref Certificates, ref CertificateCount); } if (store.Crls != null && store.Crls.Any()) { AllocateNativeCertificates(store.Crls, ref Crls, ref CrlCount); } }
public Pkcs7VerificationResult PKCS7Verify(byte[] cms, Stream inputStream, CkVendorX509Store vendorX509Store, VendorCrlMode mode, ulong flags) { if (this._disposed) { throw new ObjectDisposedException(this.GetType().FullName); } if (cms == null) { throw new ArgumentNullException(nameof(cms)); } if (vendorX509Store == null) { throw new ArgumentNullException(nameof(vendorX509Store)); } var storeNative = new LowLevelAPI81.CK_VENDOR_X509_STORE(vendorX509Store); var initialSignerSertificates = IntPtr.Zero; var signerSertificates = IntPtr.Zero; NativeULong signerSertificatesCount = 0; try { CKR rv = ((LowLevelAPI81.RutokenPkcs11Library)_pkcs11Library).C_EX_PKCS7VerifyInit(_sessionId, cms, ref storeNative, (NativeULong)(mode), (NativeULong)(flags)); if (rv != CKR.CKR_OK) { throw new Pkcs11Exception("C_EX_PKCS7VerifyInit", rv); } byte[] part = new byte[inputStream.Length]; while (inputStream.Read(part, 0, part.Length) > 0) { rv = ((LowLevelAPI81.RutokenPkcs11Library)_pkcs11Library).C_EX_PKCS7VerifyUpdate(_sessionId, part); if (rv != CKR.CKR_OK) { throw new Pkcs11Exception("C_EX_PKCS7VerifyUpdate", rv); } } rv = ((LowLevelAPI81.RutokenPkcs11Library)_pkcs11Library).C_EX_PKCS7VerifyFinal(_sessionId, out signerSertificates, out signerSertificatesCount); var result = new Pkcs7VerificationResult(); if (rv == CKR.CKR_OK) { result.Certificates = new List <byte[]>(); var structSize = Marshal.SizeOf(typeof(LowLevelAPI81.CK_VENDOR_BUFFER)); initialSignerSertificates = signerSertificates; for (NativeULong i = 0; i < signerSertificatesCount; i++) { var certificatePtr = (LowLevelAPI81.CK_VENDOR_BUFFER)Marshal.PtrToStructure(signerSertificates, typeof(LowLevelAPI81.CK_VENDOR_BUFFER)); signerSertificates += structSize; var certificateData = new byte[certificatePtr.Size]; Marshal.Copy(certificatePtr.Data, certificateData, 0, (int)certificatePtr.Size); result.Certificates.Add(certificateData); } result.IsValid = true; } else if (rv == CKR.CKR_SIGNATURE_INVALID) { result.IsValid = false; } else { throw new Pkcs11Exception("C_EX_PKCS7VerifyFinal", rv); } return(result); } finally { storeNative.Dispose(); if (initialSignerSertificates != IntPtr.Zero) { var structSize = Marshal.SizeOf(typeof(LowLevelAPI81.CK_VENDOR_BUFFER)); for (NativeULong i = 0; i < signerSertificatesCount; i++) { var certificatePtr = (LowLevelAPI81.CK_VENDOR_BUFFER)Marshal.PtrToStructure(initialSignerSertificates, typeof(LowLevelAPI81.CK_VENDOR_BUFFER)); initialSignerSertificates += structSize; CKR rv = ((LowLevelAPI81.RutokenPkcs11Library)_pkcs11Library).C_EX_FreeBuffer(certificatePtr.Data); if (rv != CKR.CKR_OK) { throw new Pkcs11Exception("C_EX_FreeBuffer", rv); } } } } }