Esempio n. 1
0
        private static X509Certificate2Collection SelectFromCollectionHelper(X509Certificate2Collection certificates, string title, string message, X509SelectionFlag selectionFlag, IntPtr hwndParent)
        {
            if (certificates == null)
            {
                throw new ArgumentNullException("certificates");
            }
            if (selectionFlag < X509SelectionFlag.SingleSelection || selectionFlag > X509SelectionFlag.MultiSelection)
            {
                throw new ArgumentException(String.Format(CultureInfo.CurrentCulture, SecurityResources.GetResourceString("Arg_EnumIllegalVal"), "selectionFlag"));
            }

            //
            // We need to Assert all StorePermission flags since this is a memory store and we want
            // semi-trusted code to be able to select certificates from a memory store.
            //

            StorePermission sp = new StorePermission(StorePermissionFlags.AllFlags);

            sp.Assert();

            using (SafeCertStoreHandle safeSourceStoreHandle = X509Utils.ExportToMemoryStore(certificates))
                using (SafeCertStoreHandle safeTargetStoreHandle = SelectFromStore(safeSourceStoreHandle, title, message, selectionFlag, hwndParent))
                {
                    return(X509Utils.GetCertificates(safeTargetStoreHandle));
                }
        }
Esempio n. 2
0
        private static X509Certificate2Collection SelectFromCollectionHelper(X509Certificate2Collection certificates, string?title, string?message, X509SelectionFlag selectionFlag, IntPtr hwndParent)
        {
            ArgumentNullException.ThrowIfNull(certificates);

            if (selectionFlag < X509SelectionFlag.SingleSelection || selectionFlag > X509SelectionFlag.MultiSelection)
            {
                throw new ArgumentException(SR.Format(SR.Enum_InvalidValue, nameof(selectionFlag)));
            }

            using (SafeCertStoreHandle safeSourceStoreHandle = X509Utils.ExportToMemoryStore(certificates))
                using (SafeCertStoreHandle safeTargetStoreHandle = SelectFromStore(safeSourceStoreHandle, title, message, selectionFlag, hwndParent))
                {
                    return(X509Utils.GetCertificates(safeTargetStoreHandle));
                }
        }
        //
        // Builds a certificate chain.
        //

        internal static unsafe int BuildChain(IntPtr hChainEngine,
                                              SafeCertContextHandle pCertContext,
                                              X509Certificate2Collection extraStore,
                                              OidCollection applicationPolicy,
                                              OidCollection certificatePolicy,
                                              X509RevocationMode revocationMode,
                                              X509RevocationFlag revocationFlag,
                                              DateTime verificationTime,
                                              TimeSpan timeout,
                                              ref SafeCertChainHandle ppChainContext)
        {
            if (pCertContext == null || pCertContext.IsInvalid)
            {
                throw new ArgumentException(SR.GetString(SR.Cryptography_InvalidContextHandle), "pCertContext");
            }

            SafeCertStoreHandle hCertStore = SafeCertStoreHandle.InvalidHandle;

            if (extraStore != null && extraStore.Count > 0)
            {
                hCertStore = X509Utils.ExportToMemoryStore(extraStore);
            }

            CAPI.CERT_CHAIN_PARA ChainPara = new CAPI.CERT_CHAIN_PARA();

            // Initialize the structure size.
            ChainPara.cbSize = (uint)Marshal.SizeOf(ChainPara);

            SafeLocalAllocHandle applicationPolicyHandle = SafeLocalAllocHandle.InvalidHandle;
            SafeLocalAllocHandle certificatePolicyHandle = SafeLocalAllocHandle.InvalidHandle;

            try {
                // Application policy
                if (applicationPolicy != null && applicationPolicy.Count > 0)
                {
                    ChainPara.RequestedUsage.dwType = CAPI.USAGE_MATCH_TYPE_AND;
                    ChainPara.RequestedUsage.Usage.cUsageIdentifier = (uint)applicationPolicy.Count;
                    applicationPolicyHandle = X509Utils.CopyOidsToUnmanagedMemory(applicationPolicy);
                    ChainPara.RequestedUsage.Usage.rgpszUsageIdentifier = applicationPolicyHandle.DangerousGetHandle();
                }

                // Certificate policy
                if (certificatePolicy != null && certificatePolicy.Count > 0)
                {
                    ChainPara.RequestedIssuancePolicy.dwType = CAPI.USAGE_MATCH_TYPE_AND;
                    ChainPara.RequestedIssuancePolicy.Usage.cUsageIdentifier = (uint)certificatePolicy.Count;
                    certificatePolicyHandle = X509Utils.CopyOidsToUnmanagedMemory(certificatePolicy);
                    ChainPara.RequestedIssuancePolicy.Usage.rgpszUsageIdentifier = certificatePolicyHandle.DangerousGetHandle();
                }

                ChainPara.dwUrlRetrievalTimeout = (uint)Math.Floor(timeout.TotalMilliseconds);

                _FILETIME ft = new _FILETIME();
                *((long *)&ft) = verificationTime.ToFileTime();

                uint flags = X509Utils.MapRevocationFlags(revocationMode, revocationFlag);

                // Build the chain.
                if (!CAPI.CertGetCertificateChain(hChainEngine,
                                                  pCertContext,
                                                  ref ft,
                                                  hCertStore,
                                                  ref ChainPara,
                                                  flags,
                                                  IntPtr.Zero,
                                                  ref ppChainContext))
                {
                    return(Marshal.GetHRForLastWin32Error());
                }
            }
            finally {
                applicationPolicyHandle.Dispose();
                certificatePolicyHandle.Dispose();
            }

            return(CAPI.S_OK);
        }