public static bool CertVerifyCertificateChainPolicy( IntPtr pszPolicyOID, SafeX509ChainHandle pChainContext, ref CERT_CHAIN_POLICY_PARA pPolicyPara, ref CERT_CHAIN_POLICY_STATUS pPolicyStatus) { return(true); }
public static bool CertVerifyCertificateChainPolicy( IntPtr pszPolicyOID, SafeX509ChainHandle pChainContext, ref CERT_CHAIN_POLICY_PARA pPolicyPara, ref CERT_CHAIN_POLICY_STATUS pPolicyStatus) { return true; }
/// <summary> /// Does not throw on api error. Returns default(bool?) and sets "exception" instead. /// </summary> public bool?Verify(X509VerificationFlags flags, out Exception?exception) { exception = null; unsafe { CERT_CHAIN_POLICY_PARA para = default; para.cbSize = sizeof(CERT_CHAIN_POLICY_PARA); para.dwFlags = (int)flags; CERT_CHAIN_POLICY_STATUS status = default; status.cbSize = sizeof(CERT_CHAIN_POLICY_STATUS); if (!Interop.crypt32.CertVerifyCertificateChainPolicy(ChainPolicy.CERT_CHAIN_POLICY_BASE, _chain, ref para, ref status)) { int errorCode = Marshal.GetLastWin32Error(); exception = errorCode.ToCryptographicException(); return(default(bool?)); } return(status.dwError == 0); } }
/// <summary> /// Does not throw on api error. Returns default(bool?) and sets "exception" instead. /// </summary> public bool?Verify(X509VerificationFlags flags, out Exception exception) { exception = null; CERT_CHAIN_POLICY_PARA para = new CERT_CHAIN_POLICY_PARA() { cbSize = Marshal.SizeOf <CERT_CHAIN_POLICY_PARA>(), dwFlags = (int)flags, }; CERT_CHAIN_POLICY_STATUS status = new CERT_CHAIN_POLICY_STATUS() { cbSize = Marshal.SizeOf <CERT_CHAIN_POLICY_STATUS>(), }; if (!Interop.crypt32.CertVerifyCertificateChainPolicy(ChainPolicy.CERT_CHAIN_POLICY_BASE, _chain, ref para, ref status)) { int errorCode = Marshal.GetLastWin32Error(); exception = errorCode.ToCryptographicException(); return(default(bool?)); } return(status.dwError == 0); }
internal static partial bool CertVerifyCertificateChainPolicy( IntPtr pszPolicyOID, SafeX509ChainHandle pChainContext, ref CERT_CHAIN_POLICY_PARA pPolicyPara, ref CERT_CHAIN_POLICY_STATUS pPolicyStatus);
private static extern bool CertVerifyCertificateChainPolicy(IntPtr pszPolicyOID, SafeX509ChainHandle pChainContext, [In] ref CERT_CHAIN_POLICY_PARA pPolicyPara, [In, Out] ref CERT_CHAIN_POLICY_STATUS pPolicyStatus);
internal extern static bool CertVerifyCertificateChainPolicy( [In] IntPtr pszPolicyOID, [In] SafeCertChainHandle pChainContext, [In] ref CERT_CHAIN_POLICY_PARA pPolicyPara, [In, Out] ref CERT_CHAIN_POLICY_STATUS pPolicyStatus);
/***************************************************************************** * wmain *****************************************************************************/ static int Main(string[] args) { int i; string pwszStoreName = "MY"; // by default, MY CERT_CHAIN_PARA ChainPara = default; CERT_CHAIN_POLICY_PARA ChainPolicy = default; CERT_CHAIN_POLICY_STATUS PolicyStatus = default; var dwFlags = CertChainFlags.CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT; HRESULT hr = HRESULT.S_OK; ChainPara.cbSize = (uint)Marshal.SizeOf(ChainPara); ChainPolicy.cbSize = (uint)Marshal.SizeOf(ChainPolicy); PolicyStatus.cbSize = (uint)Marshal.SizeOf(PolicyStatus); // // options // for (i = 0; i < args.Length; i++) { if (args[i] == "/?" || args[i] == "-?") { Usage("BuildChain.exe"); goto CleanUp; } if (args[i][0] != '-') { break; } if (args[i] == "-s") { if (i + 1 >= args.Length) { hr = HRESULT.E_INVALIDARG; goto CleanUp; } pwszStoreName = args[++i]; } else if (args[i] == "-f") { if (i + 1 >= args.Length) { hr = HRESULT.E_INVALIDARG; goto CleanUp; } dwFlags = (CertChainFlags)(uint.TryParse(args[++i], out var r) ? r : 0); } } if (i >= args.Length) { hr = HRESULT.E_INVALIDARG; goto CleanUp; } var pwszCName = args[i]; //------------------------------------------------------------------- // Find the test certificate to be validated and obtain a pointer to it hr = HrFindCertificateBySubjectName(pwszStoreName, pwszCName, out var pcTestCertContext); if (hr.Failed) { goto CleanUp; } //------------------------------------------------------------------- // Build a chain using CertGetCertificateChain if (!CertGetCertificateChain(default, // use the default chain engine