public X509Store(IntPtr storeHandle)
{
if (storeHandle == IntPtr.Zero)
{
throw new ArgumentNullException("storeHandle");
}
m_safeCertStoreHandle = CAPI.CertDuplicateStore(storeHandle);
if (m_safeCertStoreHandle == null || m_safeCertStoreHandle.IsInvalid)
{
throw new CryptographicException(SR.GetString(SR.Cryptography_InvalidStoreHandle), "storeHandle");
}
}
private static void RemoveCertificateFromStore(Cryptography.SafeCertStoreHandle safeCertStoreHandle, Cryptography.SafeCertContextHandle safeCertContext)
{
if (safeCertContext == null || safeCertContext.IsInvalid)
{
return;
}
if (safeCertStoreHandle == null || safeCertStoreHandle.IsInvalid || safeCertStoreHandle.IsClosed)
{
throw new CryptographicException(SR.GetString(SR.Cryptography_X509_StoreNotOpen));
}
// Find the certificate in the store.
Cryptography.SafeCertContextHandle safeCertContext2 = CAPI.CertFindCertificateInStore(safeCertStoreHandle,
CAPI.X509_ASN_ENCODING | CAPI.PKCS_7_ASN_ENCODING,
0,
CAPI.CERT_FIND_EXISTING,
safeCertContext.DangerousGetHandle(),
Cryptography.SafeCertContextHandle.InvalidHandle);
// The certificate is not present in the store, simply return.
if (safeCertContext2 == null || safeCertContext2.IsInvalid)
{
return;
}
// CertDeleteCertificateFromStore always releases the context regardless of success
// or failure so we don't need to manually release it
GC.SuppressFinalize(safeCertContext2);
// Remove from the store.
if (!CAPI.CertDeleteCertificateFromStore(safeCertContext2))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
}
public void Open(OpenFlags flags)
{
if (m_location != StoreLocation.CurrentUser && m_location != StoreLocation.LocalMachine)
{
throw new ArgumentException(String.Format(CultureInfo.CurrentCulture, SR.GetString(SR.Arg_EnumIllegalVal), "m_location"));
}
uint storeFlags = X509Utils.MapX509StoreFlags(m_location, flags);
if (!m_safeCertStoreHandle.IsInvalid)
{
// Free the current store handle
m_safeCertStoreHandle.Dispose();
}
m_safeCertStoreHandle = CAPI.CertOpenStore(new IntPtr(CAPI.CERT_STORE_PROV_SYSTEM),
CAPI.X509_ASN_ENCODING | CAPI.PKCS_7_ASN_ENCODING,
IntPtr.Zero,
storeFlags,
m_storeName);
if (m_safeCertStoreHandle == null || m_safeCertStoreHandle.IsInvalid)
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
//
// We want the store to auto-resync when requesting a snapshot so that
// updates to the store will be taken into account.
//
CAPI.CertControlStore(m_safeCertStoreHandle,
0,
CAPI.CERT_STORE_CTRL_AUTO_RESYNC,
IntPtr.Zero);
}
public void Open(OpenFlags flags) {
if (m_location != StoreLocation.CurrentUser && m_location != StoreLocation.LocalMachine)
throw new ArgumentException(String.Format(CultureInfo.CurrentCulture, SR.GetString(SR.Arg_EnumIllegalVal), "m_location"));
uint storeFlags = X509Utils.MapX509StoreFlags(m_location, flags);
if (!m_safeCertStoreHandle.IsInvalid)
// Free the current store handle
m_safeCertStoreHandle.Dispose();
m_safeCertStoreHandle = CAPI.CertOpenStore(new IntPtr(CAPI.CERT_STORE_PROV_SYSTEM),
CAPI.X509_ASN_ENCODING | CAPI.PKCS_7_ASN_ENCODING,
IntPtr.Zero,
storeFlags,
m_storeName);
if (m_safeCertStoreHandle == null || m_safeCertStoreHandle.IsInvalid)
throw new CryptographicException(Marshal.GetLastWin32Error());
//
// We want the store to auto-resync when requesting a snapshot so that
// updates to the store will be taken into account.
//
CAPI.CertControlStore(m_safeCertStoreHandle,
0,
CAPI.CERT_STORE_CTRL_AUTO_RESYNC,
IntPtr.Zero);
}
public X509Store (IntPtr storeHandle) {
if (storeHandle == IntPtr.Zero)
throw new ArgumentNullException("storeHandle");
m_safeCertStoreHandle = CAPI.CertDuplicateStore(storeHandle);
if (m_safeCertStoreHandle == null || m_safeCertStoreHandle.IsInvalid)
throw new CryptographicException(SR.GetString(SR.Cryptography_InvalidStoreHandle), "storeHandle");
}
internal static unsafe int BuildChain(IntPtr hChainEngine,
Cryptography.SafeCertContextHandle pCertContext,
X509Certificate2Collection extraStore,
OidCollection applicationPolicy,
OidCollection certificatePolicy,
X509RevocationMode revocationMode,
X509RevocationFlag revocationFlag,
DateTime verificationTime,
TimeSpan timeout,
ref SafeX509ChainHandle ppChainContext)
{
if (pCertContext == null || pCertContext.IsInvalid)
{
throw new ArgumentException(SR.GetString(SR.Cryptography_InvalidContextHandle), "pCertContext");
}
Cryptography.SafeCertStoreHandle hCertStore = Cryptography.SafeCertStoreHandle.InvalidHandle;
if (extraStore != null && extraStore.Count > 0)
{
hCertStore = X509Utils.ExportToMemoryStore(extraStore);
}
CAPI.CERT_CHAIN_PARA ChainPara = new CAPI.CERT_CHAIN_PARA();
// Initialize the structure size.
ChainPara.cbSize = (uint)Marshal.SizeOf(ChainPara);
Cryptography.SafeLocalAllocHandle applicationPolicyHandle = Cryptography.SafeLocalAllocHandle.InvalidHandle;
Cryptography.SafeLocalAllocHandle certificatePolicyHandle = Cryptography.SafeLocalAllocHandle.InvalidHandle;
try {
// Application policy
if (applicationPolicy != null && applicationPolicy.Count > 0)
{
ChainPara.RequestedUsage.dwType = CAPI.USAGE_MATCH_TYPE_AND;
ChainPara.RequestedUsage.Usage.cUsageIdentifier = (uint)applicationPolicy.Count;
applicationPolicyHandle = X509Utils.CopyOidsToUnmanagedMemory(applicationPolicy);
ChainPara.RequestedUsage.Usage.rgpszUsageIdentifier = applicationPolicyHandle.DangerousGetHandle();
}
// Certificate policy
if (certificatePolicy != null && certificatePolicy.Count > 0)
{
ChainPara.RequestedIssuancePolicy.dwType = CAPI.USAGE_MATCH_TYPE_AND;
ChainPara.RequestedIssuancePolicy.Usage.cUsageIdentifier = (uint)certificatePolicy.Count;
certificatePolicyHandle = X509Utils.CopyOidsToUnmanagedMemory(certificatePolicy);
ChainPara.RequestedIssuancePolicy.Usage.rgpszUsageIdentifier = certificatePolicyHandle.DangerousGetHandle();
}
ChainPara.dwUrlRetrievalTimeout = (uint)Math.Floor(timeout.TotalMilliseconds);
_FILETIME ft = new _FILETIME();
*((long *)&ft) = verificationTime.ToFileTime();
uint flags = X509Utils.MapRevocationFlags(revocationMode, revocationFlag);
// Build the chain.
if (!CAPI.CertGetCertificateChain(hChainEngine,
pCertContext,
ref ft,
hCertStore,
ref ChainPara,
flags,
IntPtr.Zero,
ref ppChainContext))
{
return(Marshal.GetHRForLastWin32Error());
}
}
finally {
applicationPolicyHandle.Dispose();
certificatePolicyHandle.Dispose();
}
return(CAPI.S_OK);
}
