private static unsafe int VerifyCertificate(X509Certificate2 certificate, X509Certificate2Collection extraStore) { int num; int num2 = System.Security.Cryptography.X509Certificates.X509Utils.VerifyCertificate(System.Security.Cryptography.X509Certificates.X509Utils.GetCertContext(certificate), null, null, X509RevocationMode.Online, X509RevocationFlag.ExcludeRoot, DateTime.Now, new TimeSpan(0, 0, 0), extraStore, new IntPtr(1L), new IntPtr((void *)&num)); if (num2 != 0) { return(num); } X509ExtensionEnumerator enumerator = certificate.Extensions.GetEnumerator(); while (enumerator.MoveNext()) { X509Extension current = enumerator.Current; if (string.Compare(current.Oid.Value, "2.5.29.15", StringComparison.OrdinalIgnoreCase) == 0) { X509KeyUsageExtension extension2 = new X509KeyUsageExtension(); extension2.CopyFrom(current); if (((extension2.KeyUsages & X509KeyUsageFlags.DigitalSignature) == X509KeyUsageFlags.None) && ((extension2.KeyUsages & X509KeyUsageFlags.NonRepudiation) == X509KeyUsageFlags.None)) { return(-2146762480); } } } return(num2); }
private static X509BasicConstraintsExtension GetBasicConstraints(X509Certificate2 certificate) { X509ExtensionEnumerator enumerator = certificate.Extensions.GetEnumerator(); while (enumerator.MoveNext()) { X509Extension current = enumerator.Current; if (current.Oid.FriendlyName == "Basic Constraints") { return(current as X509BasicConstraintsExtension); } } return(null); }
internal static CmsRecipientCollection SelectRecipients(SubjectIdentifierType recipientIdentifierType) { X509Store store = new X509Store("AddressBook"); store.Open(OpenFlags.OpenExistingOnly); X509Certificate2Collection certificates = new X509Certificate2Collection(store.Certificates); X509Certificate2Enumerator enumerator = store.Certificates.GetEnumerator(); while (enumerator.MoveNext()) { X509Certificate2 current = enumerator.Current; if ((current.NotBefore <= DateTime.Now) && (current.NotAfter >= DateTime.Now)) { bool flag = true; X509ExtensionEnumerator enumerator2 = current.Extensions.GetEnumerator(); while (enumerator2.MoveNext()) { X509Extension asnEncodedData = enumerator2.Current; if (string.Compare(asnEncodedData.Oid.Value, "2.5.29.15", StringComparison.OrdinalIgnoreCase) == 0) { X509KeyUsageExtension extension2 = new X509KeyUsageExtension(); extension2.CopyFrom(asnEncodedData); if (((extension2.KeyUsages & X509KeyUsageFlags.KeyEncipherment) == X509KeyUsageFlags.None) && ((extension2.KeyUsages & X509KeyUsageFlags.KeyAgreement) == X509KeyUsageFlags.None)) { flag = false; } break; } } if (flag) { certificates.Add(current); } } } if (certificates.Count < 1) { throw new CryptographicException(-2146889717); } X509Certificate2Collection certificates2 = X509Certificate2UI.SelectFromCollection(certificates, null, null, X509SelectionFlag.MultiSelection); if (certificates2.Count < 1) { throw new CryptographicException(0x4c7); } return(new CmsRecipientCollection(recipientIdentifierType, certificates2)); }
internal static X509Certificate2 SelectSignerCertificate() { X509Store store = new X509Store(); store.Open(OpenFlags.IncludeArchived | OpenFlags.OpenExistingOnly); X509Certificate2Collection certificates = new X509Certificate2Collection(); X509Certificate2Enumerator enumerator = store.Certificates.GetEnumerator(); while (enumerator.MoveNext()) { X509Certificate2 current = enumerator.Current; if ((current.HasPrivateKey && (current.NotBefore <= DateTime.Now)) && (current.NotAfter >= DateTime.Now)) { bool flag = true; X509ExtensionEnumerator enumerator2 = current.Extensions.GetEnumerator(); while (enumerator2.MoveNext()) { X509Extension asnEncodedData = enumerator2.Current; if (string.Compare(asnEncodedData.Oid.Value, "2.5.29.15", StringComparison.OrdinalIgnoreCase) == 0) { X509KeyUsageExtension extension2 = new X509KeyUsageExtension(); extension2.CopyFrom(asnEncodedData); if (((extension2.KeyUsages & X509KeyUsageFlags.DigitalSignature) == X509KeyUsageFlags.None) && ((extension2.KeyUsages & X509KeyUsageFlags.NonRepudiation) == X509KeyUsageFlags.None)) { flag = false; } break; } } if (flag) { certificates.Add(current); } } } if (certificates.Count < 1) { throw new CryptographicException(-2146889714); } certificates = X509Certificate2UI.SelectFromCollection(certificates, null, null, X509SelectionFlag.SingleSelection); if (certificates.Count < 1) { throw new CryptographicException(0x4c7); } return(certificates[0]); }
public bool CheckSignature(X509Certificate2 certificate, bool verifySignatureOnly) { if (!this.CheckSignature(certificate.PublicKey.Key)) { return(false); } if (verifySignatureOnly) { SignedXmlDebugLog.LogVerificationResult(this, certificate, true); return(true); } X509ExtensionEnumerator enumerator = certificate.Extensions.GetEnumerator(); while (enumerator.MoveNext()) { X509Extension current = enumerator.Current; if (string.Compare(current.Oid.Value, "2.5.29.15", StringComparison.OrdinalIgnoreCase) == 0) { X509KeyUsageExtension keyUsages = new X509KeyUsageExtension(); keyUsages.CopyFrom(current); SignedXmlDebugLog.LogVerifyKeyUsage(this, certificate, keyUsages); if (((keyUsages.KeyUsages & X509KeyUsageFlags.DigitalSignature) != X509KeyUsageFlags.None) || ((keyUsages.KeyUsages & X509KeyUsageFlags.NonRepudiation) != X509KeyUsageFlags.None)) { break; } SignedXmlDebugLog.LogVerificationFailure(this, SecurityResources.GetResourceString("Log_VerificationFailed_X509KeyUsage")); return(false); } } X509Chain chain = new X509Chain(); chain.ChainPolicy.ExtraStore.AddRange(this.BuildBagOfCerts()); bool flag2 = chain.Build(certificate); SignedXmlDebugLog.LogVerifyX509Chain(this, chain, certificate); if (!flag2) { SignedXmlDebugLog.LogVerificationFailure(this, SecurityResources.GetResourceString("Log_VerificationFailed_X509Chain")); return(false); } SignedXmlDebugLog.LogVerificationResult(this, certificate, true); return(true); }