private static SafeChainEngineHandle GetChainEngine( X509ChainTrustMode trustMode, X509Certificate2Collection?customTrustStore, bool useMachineContext) { SafeChainEngineHandle chainEngineHandle; if (trustMode == X509ChainTrustMode.CustomRootTrust) { // Need to get a valid SafeCertStoreHandle otherwise the default stores will be trusted using (SafeCertStoreHandle customTrustStoreHandle = ConvertStoreToSafeHandle(customTrustStore, true)) { CERT_CHAIN_ENGINE_CONFIG customChainEngine = default; customChainEngine.cbSize = Marshal.SizeOf <CERT_CHAIN_ENGINE_CONFIG>(); customChainEngine.hExclusiveRoot = customTrustStoreHandle.DangerousGetHandle(); chainEngineHandle = Interop.crypt32.CertCreateCertificateChainEngine(ref customChainEngine); } } else { chainEngineHandle = useMachineContext ? SafeChainEngineHandle.MachineChainEngine : SafeChainEngineHandle.UserChainEngine; } return(chainEngineHandle); }
internal static SafeChainEngineHandle CertCreateCertificateChainEngine(ref CERT_CHAIN_ENGINE_CONFIG config) { if (!CertCreateCertificateChainEngine(ref config, out SafeChainEngineHandle chainEngineHandle)) { int errorCode = Marshal.GetLastWin32Error(); throw errorCode.ToCryptographicException(); } return(chainEngineHandle); }
internal static partial bool CertCreateCertificateChainEngine(ref CERT_CHAIN_ENGINE_CONFIG pConfig, out SafeChainEngineHandle hChainEngineHandle);
private static extern bool CertCreateCertificateChainEngine(ref CERT_CHAIN_ENGINE_CONFIG pConfig, out SafeChainEngineHandle hChainEngineHandle);