Esempio n. 1
0
        internal bool Build(X509Certificate2 certificate, bool throwOnException)
        {
            lock (_syncRoot)
            {
                if (certificate == null || certificate.Pal == null)
                {
                    throw new ArgumentException(SR.Cryptography_InvalidContextHandle, nameof(certificate));
                }

                Reset();

                X509ChainPolicy chainPolicy = ChainPolicy;
                _pal = ChainPal.BuildChain(
                    _useMachineContext,
                    certificate.Pal,
                    chainPolicy.ExtraStore,
                    chainPolicy.ApplicationPolicy,
                    chainPolicy.CertificatePolicy,
                    chainPolicy.RevocationMode,
                    chainPolicy.RevocationFlag,
                    chainPolicy.VerificationTime,
                    chainPolicy.UrlRetrievalTimeout
                    );
                if (_pal == null)
                {
                    return(false);
                }

                _chainElements = new X509ChainElementCollection(_pal.ChainElements);

                Exception verificationException;
                bool?     verified = _pal.Verify(chainPolicy.VerificationFlags, out verificationException);
                if (!verified.HasValue)
                {
                    if (throwOnException)
                    {
                        throw verificationException;
                    }
                    else
                    {
                        verified = false;
                    }
                }

                return(verified.Value);
            }
        }
Esempio n. 2
0
        internal bool Build(X509Certificate2 certificate, bool throwOnException)
        {
            lock (_syncRoot)
            {
                if (certificate == null || certificate.Pal == null)
                {
                    throw new ArgumentException(SR.Cryptography_InvalidContextHandle, nameof(certificate));
                }

                if (_chainPolicy != null && _chainPolicy.CustomTrustStore != null)
                {
                    if (_chainPolicy.TrustMode == X509ChainTrustMode.System && _chainPolicy.CustomTrustStore.Count > 0)
                    {
                        throw new CryptographicException(SR.Cryptography_CustomTrustCertsInSystemMode, nameof(_chainPolicy.TrustMode));
                    }

                    foreach (X509Certificate2 customCertificate in _chainPolicy.CustomTrustStore)
                    {
                        if (customCertificate == null || customCertificate.Handle == IntPtr.Zero)
                        {
                            throw new CryptographicException(SR.Cryptography_InvalidTrustCertificate, nameof(_chainPolicy.CustomTrustStore));
                        }
                    }
                }

                Reset();

                X509ChainPolicy chainPolicy = ChainPolicy;
                _pal = ChainPal.BuildChain(
                    _useMachineContext,
                    certificate.Pal,
                    chainPolicy._extraStore,
                    chainPolicy._applicationPolicy,
                    chainPolicy._certificatePolicy,
                    chainPolicy.RevocationMode,
                    chainPolicy.RevocationFlag,
                    chainPolicy.CustomTrustStore,
                    chainPolicy.TrustMode,
                    chainPolicy.VerificationTime,
                    chainPolicy.UrlRetrievalTimeout
                    );
                if (_pal == null)
                {
                    return(false);
                }

                _chainElements = new X509ChainElementCollection(_pal.ChainElements);

                Exception verificationException;
                bool?     verified = _pal.Verify(chainPolicy.VerificationFlags, out verificationException);
                if (!verified.HasValue)
                {
                    if (throwOnException)
                    {
                        throw verificationException;
                    }
                    else
                    {
                        verified = false;
                    }
                }

                return(verified.Value);
            }
        }