void buttonSelectEndpointCert_Click(object sender, EventArgs e) { try { SafeCertificateStore storeHandle = CertificateManager.GetCertificateStorePointer(machineName); // do not display the Location column on the CryptUIDlgSelectCertificateFromStore #pragma warning suppress 56523 SafeCertificateContext certContext = SafeNativeMethods.CryptUIDlgSelectCertificateFromStore( storeHandle, propPage, SR.GetString(SR.SSLBindingTitle), SR.GetString(SR.SSLBindingMessage), SafeNativeMethods.CRYPTUI_SELECT_LOCATION_COLUMN, 0, IntPtr.Zero); if (!certContext.IsInvalid) { config.X509Certificate = certContext.GetNewX509Certificate(); textBoxEndpointCert.Text = GetDisplayStringForCert(config.X509Certificate); ComponentChanged(); } certContext.Close(); storeHandle.Close(); } catch (WsatAdminException ex) { HandleException(ex); } }
internal static extern SafeCertificateContext CertFindCertificateInStore( [In] SafeCertificateStore hCertStore, [In] int dwCertEncodingType, [In] int dwFindFlags, [In] int dwFindType, [In] IntPtr pvFindPara, [In] SafeCertificateContext pPrevCertContext);
void buttonSelectAuthorizedCerts_Click(object sender, EventArgs e) { try { SafeCertificateStore storeHandle = CertificateManager.GetCertificateStorePointer(machineName); SafeCertificateContext prev = new SafeCertificateContext(); SafeCertificateContext crt = new SafeCertificateContext(); X509Certificate2Collection certificateCollection = new X509Certificate2Collection(); do { #pragma warning suppress 56523 crt = SafeNativeMethods.CertFindCertificateInStore( storeHandle, SafeNativeMethods.X509_ASN_ENCODING, 0, SafeNativeMethods.CERT_FIND_ANY, IntPtr.Zero, prev); prev = crt; if (!crt.IsInvalid) { certificateCollection.Add(crt.GetNewX509Certificate()); } } while (!crt.IsInvalid); storeHandle.Close(); prev.Close(); crt.Close(); AcceptedCertificatesForm dlg = new AcceptedCertificatesForm(certificateCollection, config.X509GlobalAcl); DialogResult dialogResult = dlg.ShowDialog(this); if (dialogResult == DialogResult.OK) { this.config.X509GlobalAcl = dlg.AllowedCertificates; if (this.config.X509GlobalAcl.Length > 0) { Utilities.Log("selected allowed client cert [0]: " + this.config.X509GlobalAcl[0]); } ComponentChanged(); } } catch (WsatAdminException ex) { HandleException(ex); } }
internal static X509Certificate2 GetCertificateFromThumbprint(string thumbprint, string machineName) { if (String.IsNullOrEmpty(thumbprint)) { return null; } X509Certificate2 cert = null; SafeCertificateStore storeHandle = CertificateManager.GetCertificateStorePointer(machineName); SafeCertificateContext prev = new SafeCertificateContext(); SafeCertificateContext current = new SafeCertificateContext(); bool foundThumbprint = false; do { // the CertFindCertificateInStore function frees the SafeHandleCertificateContext // referenced by non-null values of "prev" #pragma warning suppress 56523 current = SafeNativeMethods.CertFindCertificateInStore( storeHandle, SafeNativeMethods.X509_ASN_ENCODING, 0, SafeNativeMethods.CERT_FIND_ANY, IntPtr.Zero, prev); prev = current; if (!current.IsInvalid) { cert = current.GetNewX509Certificate(); if (Utilities.SafeCompare(cert.Thumbprint, thumbprint)) { foundThumbprint = true; } } } while (!current.IsInvalid && !foundThumbprint); storeHandle.Close(); prev.Close(); if (!current.IsInvalid) { current.Close(); return cert; } else { return null; } }
void buttonSelectAuthorizedCerts_Click(object sender, EventArgs e) { try { SafeCertificateStore storeHandle = CertificateManager.GetCertificateStorePointer(machineName); SafeCertificateContext prev = new SafeCertificateContext(); SafeCertificateContext crt = new SafeCertificateContext(); X509Certificate2Collection certificateCollection = new X509Certificate2Collection(); do { #pragma warning suppress 56523 crt = SafeNativeMethods.CertFindCertificateInStore( storeHandle, SafeNativeMethods.X509_ASN_ENCODING, 0, SafeNativeMethods.CERT_FIND_ANY, IntPtr.Zero, prev); prev = crt; if (!crt.IsInvalid) { certificateCollection.Add(crt.GetNewX509Certificate()); } } while (!crt.IsInvalid); storeHandle.Close(); prev.Close(); crt.Close(); AcceptedCertificatesForm dlg = new AcceptedCertificatesForm(certificateCollection, config.X509GlobalAcl); DialogResult dialogResult = dlg.ShowDialog(this); if (dialogResult == DialogResult.OK) { this.config.X509GlobalAcl = dlg.AllowedCertificates; if (this.config.X509GlobalAcl.Length > 0) { Utilities.Log("selected allowed client cert [0]: " + this.config.X509GlobalAcl[0]); } ComponentChanged(); } } catch (WsatAdminException ex) { HandleException(ex); } }