void m_extracturls(X509Certificate2 cert) { List <String> urls = new List <String>(); foreach (UInt32 extid in new [] { 1, 13 }) { UInt32 pcbUrlArray = 0; UInt32 pcbUrlInfo = 0; if (Cryptnet.CryptGetObjectUrl(extid, cert.Handle, 2, null, ref pcbUrlArray, IntPtr.Zero, ref pcbUrlInfo, 0)) { Byte[] pUrlArray = new Byte[pcbUrlArray]; IntPtr pUrlInfo = Marshal.AllocHGlobal((Int32)pcbUrlInfo); Cryptnet.CryptGetObjectUrl(extid, cert.Handle, 2, pUrlArray, ref pcbUrlArray, pUrlInfo, ref pcbUrlInfo, 0); String URL = CryptographyUtils.EncodeDerString(pUrlArray); String[] delimeter = new String[1]; delimeter[0] = "\0"; String[] splitArray = URL.Split(delimeter, StringSplitOptions.RemoveEmptyEntries); switch (extid) { case 1: urls.AddRange(splitArray.Skip(3).Take(splitArray.Length - 1)); break; //urls.AddRange(GenericArray.GetSubArray(splitArray, 3, splitArray.Length - 1)); break; case 13: urls.AddRange(splitArray.Skip(3).Take(splitArray.Length - 1)); break; //urls.AddRange(GenericArray.GetSubArray(splitArray, 3, splitArray.Length - 1)); break; } Marshal.FreeHGlobal(pUrlInfo); } } AuthorityInformationAccess = urls.ToArray(); }
/// <summary> /// Updates KRA configuration by writing KRA certificates to Certification Authority. The method writes all certificates contained in /// <see cref="Certificate"/> property. /// </summary> /// <param name="restart"> /// Indiciates whether to restart certificate services to immediately apply changes. Updated settings has no effect until /// CA service is restarted. /// </param> /// <exception cref="UnauthorizedAccessException"> /// The caller do not have sufficient permissions to make changes in the CA configuration. /// </exception> /// <exception cref="ServerUnavailableException"> /// The target CA server could not be contacted via RPC/DCOM transport. /// </exception> /// <remarks> /// <para>This method do not check whether the certificates in <see cref="Certificate"/> property are valid. /// The caller is responsible to check if the certificates are time-valid, trusted and not revoked.</para> /// </remarks> /// <returns> /// <strong>True</strong> if configuration was changed. If an object was not modified since it was instantiated, configuration is not updated /// and the method returns <strong>False</strong>. /// </returns> /// <remarks>The caller must have <strong>Administrator</strong> permissions on the target CA server.</remarks> public Boolean SetInfo(Boolean restart) { if (IsModified) { if (!CertificateAuthority.Ping(ComputerName)) { ServerUnavailableException e = new ServerUnavailableException(DisplayName); e.Data.Add(nameof(e.Source), OfflineSource.DCOM); throw e; } CCertAdmin CertAdmin = new CCertAdmin(); try { if (_certs.Count > 0) { Int32 kracount = (Int32)CertAdmin.GetCAProperty(ConfigString, CertAdmConst.CrPropKracertcount, 0, CertAdmConst.ProptypeLong, 0); if (kracount > 0) { CertAdmin.SetCAProperty(ConfigString, CertAdmConst.CrPropKracertcount, 0, CertAdmConst.ProptypeLong, 0); } for (Int32 index = 0; index < _certs.Count; index++) { String der = CryptographyUtils.EncodeDerString(_certs[index].RawData); CertAdmin.SetCAProperty(ConfigString, CertAdmConst.CrPropKracert, index, CertAdmConst.ProptypeBinary, der); } CertAdmin.SetCAProperty(ConfigString, CertAdmConst.CrPropKracertusedcount, 0, CertAdmConst.ProptypeLong, _certs.Count); } else { CertAdmin.SetCAProperty(ConfigString, CertAdmConst.CrPropKracertcount, 0, CertAdmConst.ProptypeLong, 0); CertAdmin.SetCAProperty(ConfigString, CertAdmConst.CrPropKracertusedcount, 0, CertAdmConst.ProptypeLong, 0); } } catch (Exception e) { throw Error.ComExceptionHandler(e); } finally { CryptographyUtils.ReleaseCom(CertAdmin); } IsModified = false; if (restart) { CertificateAuthority.Restart(ComputerName); } return(true); } return(false); }
/// <inheritdoc /> public Int32 ImportCertificate(X509Certificate2 certificate) { if (certificate == null) { throw new ArgumentNullException(nameof(certificate)); } ICertAdmin2 certAdmin = new CCertAdminClass(); try { return(certAdmin.ImportCertificate( _configString, CryptographyUtils.EncodeDerString(certificate.RawData), (Int32)ImportForeignOption.AllowForeign)); } finally { CryptographyUtils.ReleaseCom(certAdmin); } }