public unsafe bool Contains(X509Certificate certificate)
{
if (certificate == null)
throw new ArgumentNullException ("certificate");
if (disposed)
throw new ObjectDisposedException ("SecKeychain");
// Note: we don't have to use an alias attribute, it's just that it might be faster to use it (fewer certificates we have to compare raw data for)
byte[] alias = Encoding.UTF8.GetBytes (certificate.GetCommonName ());
IntPtr searchRef, itemRef;
bool found = false;
byte[] certData;
OSStatus status;
fixed (byte* aliasPtr = alias) {
SecKeychainAttribute* attrs = stackalloc SecKeychainAttribute [1];
int n = 0;
if (alias != null)
attrs[n++] = new SecKeychainAttribute (SecItemAttr.Alias, (uint) alias.Length, (IntPtr) aliasPtr);
SecKeychainAttributeList attrList = new SecKeychainAttributeList (n, (IntPtr) attrs);
status = SecKeychainSearchCreateFromAttributes (Handle, SecItemClass.Certificate, &attrList, out searchRef);
if (status != OSStatus.Ok)
throw new Exception ("Could not enumerate certificates from the keychain. Error:\n" + GetError (status));
certData = certificate.GetEncoded ();
while (!found && SecKeychainSearchCopyNext (searchRef, out itemRef) == OSStatus.Ok) {
SecItemClass itemClass = 0;
IntPtr data = IntPtr.Zero;
uint length = 0;
status = SecKeychainItemCopyContent (itemRef, ref itemClass, IntPtr.Zero, ref length, ref data);
if (status == OSStatus.Ok) {
if (certData.Length == (int) length) {
byte[] rawData = new byte[(int) length];
Marshal.Copy (data, rawData, 0, (int) length);
found = true;
for (int i = 0; i < rawData.Length; i++) {
if (rawData[i] != certData[i]) {
found = false;
break;
}
}
}
SecKeychainItemFreeContent (IntPtr.Zero, data);
}
CFRelease (itemRef);
}
CFRelease (searchRef);
}
return found;
}
