public CK_VENDOR_X509_STORE(CkVendorX509Store store)
{
TrustedCertificates = new IntPtr();
TrustedCertificateCount = 0;
Certificates = new IntPtr();
CertificateCount = 0;
Crls = new IntPtr();
CrlCount = 0;
if (store.TrustedCertificates != null && store.TrustedCertificates.Any())
{
AllocateNativeCertificates(store.TrustedCertificates, ref TrustedCertificates,
ref TrustedCertificateCount);
}
if (store.Certificates != null && store.Certificates.Any())
{
AllocateNativeCertificates(store.Certificates, ref Certificates,
ref CertificateCount);
}
if (store.Crls != null && store.Crls.Any())
{
AllocateNativeCertificates(store.Crls, ref Crls,
ref CrlCount);
}
}
public Pkcs7VerificationResult PKCS7Verify(byte[] cms, Stream inputStream, CkVendorX509Store vendorX509Store,
VendorCrlMode mode, ulong flags)
{
if (this._disposed)
{
throw new ObjectDisposedException(this.GetType().FullName);
}
if (cms == null)
{
throw new ArgumentNullException(nameof(cms));
}
if (vendorX509Store == null)
{
throw new ArgumentNullException(nameof(vendorX509Store));
}
var storeNative = new LowLevelAPI81.CK_VENDOR_X509_STORE(vendorX509Store);
var initialSignerSertificates = IntPtr.Zero;
var signerSertificates = IntPtr.Zero;
NativeULong signerSertificatesCount = 0;
try
{
CKR rv = ((LowLevelAPI81.RutokenPkcs11Library)_pkcs11Library).C_EX_PKCS7VerifyInit(_sessionId, cms, ref storeNative, (NativeULong)(mode), (NativeULong)(flags));
if (rv != CKR.CKR_OK)
{
throw new Pkcs11Exception("C_EX_PKCS7VerifyInit", rv);
}
byte[] part = new byte[inputStream.Length];
while (inputStream.Read(part, 0, part.Length) > 0)
{
rv = ((LowLevelAPI81.RutokenPkcs11Library)_pkcs11Library).C_EX_PKCS7VerifyUpdate(_sessionId, part);
if (rv != CKR.CKR_OK)
{
throw new Pkcs11Exception("C_EX_PKCS7VerifyUpdate", rv);
}
}
rv = ((LowLevelAPI81.RutokenPkcs11Library)_pkcs11Library).C_EX_PKCS7VerifyFinal(_sessionId, out signerSertificates, out signerSertificatesCount);
var result = new Pkcs7VerificationResult();
if (rv == CKR.CKR_OK)
{
result.Certificates = new List <byte[]>();
var structSize = Marshal.SizeOf(typeof(LowLevelAPI81.CK_VENDOR_BUFFER));
initialSignerSertificates = signerSertificates;
for (NativeULong i = 0; i < signerSertificatesCount; i++)
{
var certificatePtr = (LowLevelAPI81.CK_VENDOR_BUFFER)Marshal.PtrToStructure(signerSertificates, typeof(LowLevelAPI81.CK_VENDOR_BUFFER));
signerSertificates += structSize;
var certificateData = new byte[certificatePtr.Size];
Marshal.Copy(certificatePtr.Data, certificateData, 0, (int)certificatePtr.Size);
result.Certificates.Add(certificateData);
}
result.IsValid = true;
}
else if (rv == CKR.CKR_SIGNATURE_INVALID)
{
result.IsValid = false;
}
else
{
throw new Pkcs11Exception("C_EX_PKCS7VerifyFinal", rv);
}
return(result);
}
finally
{
storeNative.Dispose();
if (initialSignerSertificates != IntPtr.Zero)
{
var structSize = Marshal.SizeOf(typeof(LowLevelAPI81.CK_VENDOR_BUFFER));
for (NativeULong i = 0; i < signerSertificatesCount; i++)
{
var certificatePtr = (LowLevelAPI81.CK_VENDOR_BUFFER)Marshal.PtrToStructure(initialSignerSertificates, typeof(LowLevelAPI81.CK_VENDOR_BUFFER));
initialSignerSertificates += structSize;
CKR rv = ((LowLevelAPI81.RutokenPkcs11Library)_pkcs11Library).C_EX_FreeBuffer(certificatePtr.Data);
if (rv != CKR.CKR_OK)
{
throw new Pkcs11Exception("C_EX_FreeBuffer", rv);
}
}
}
}
}
