private static SafeBCryptKeyHandle ImportPublicKeyInfo(SafeCertContextHandle certContext) { #if NETNATIVE // CryptImportPublicKeyInfoEx2() not in the UWP api list. throw new PlatformNotSupportedException(); #else unsafe { SafeBCryptKeyHandle bCryptKeyHandle; bool mustRelease = false; certContext.DangerousAddRef(ref mustRelease); try { unsafe { bool success = Interop.crypt32.CryptImportPublicKeyInfoEx2(CertEncodingType.X509_ASN_ENCODING, &(certContext.CertContext->pCertInfo->SubjectPublicKeyInfo), 0, null, out bCryptKeyHandle); if (!success) { throw Marshal.GetHRForLastWin32Error().ToCryptographicException(); } return(bCryptKeyHandle); } } finally { if (mustRelease) { certContext.DangerousRelease(); } } } #endif //NETNATIVE }
private static SafeBCryptKeyHandle ImportPublicKeyInfo(SafeCertContextHandle certContext, CryptImportPublicKeyInfoFlags importFlags) { unsafe { SafeBCryptKeyHandle bCryptKeyHandle; bool mustRelease = false; certContext.DangerousAddRef(ref mustRelease); try { unsafe { bool success = Interop.crypt32.CryptImportPublicKeyInfoEx2(Interop.Crypt32.CertEncodingType.X509_ASN_ENCODING, &(certContext.CertContext->pCertInfo->SubjectPublicKeyInfo), importFlags, null, out bCryptKeyHandle); if (!success) { throw Marshal.GetHRForLastWin32Error().ToCryptographicException(); } return(bCryptKeyHandle); } } finally { if (mustRelease) { certContext.DangerousRelease(); } } } }
private static X509Certificate2 CreateSelfSignedCertificate(CngKey key, X500DistinguishedName subjectName) { using (SafeCertContextHandle selfSignedCertHandle = CreateSelfSignedCertificate(key, true, subjectName.RawData, X509CertificateCreationOptions.None, // NONE RsaSha1Oid, DateTime.UtcNow, DateTime.UtcNow.AddYears(1))) { X509Certificate2 certificate = null; bool addedRef = false; RuntimeHelpers.PrepareConstrainedRegions(); try { selfSignedCertHandle.DangerousAddRef(ref addedRef); certificate = new X509Certificate2(selfSignedCertHandle.DangerousGetHandle()); } finally { if (addedRef) { selfSignedCertHandle.DangerousRelease(); } } key.Dispose(); return(certificate); } }
public static X509Certificate2 CreateSelfSignedCertificate(this CngKey key, X509Certificates.X509CertificateCreationParameters creationParameters) { if (creationParameters == null) { throw new ArgumentNullException("creationParameters"); } // If we are not being asked to hand ownership of the key over to the certificate, then we need // ensure that we are running in a trusted context as we have no way to ensure that the caller // will not force the key to be cleaned up and then continue to use the dangling handle left in // the certificate. if (!creationParameters.TakeOwnershipOfKey) { new PermissionSet(PermissionState.Unrestricted).Demand(); } using (SafeCertContextHandle selfSignedCertHandle = X509Native.CreateSelfSignedCertificate(key, creationParameters.TakeOwnershipOfKey, creationParameters.SubjectName.RawData, creationParameters.CertificateCreationOptions, X509Native.MapCertificateSignatureAlgorithm(creationParameters.SignatureAlgorithm), creationParameters.StartTime, creationParameters.EndTime, creationParameters.ExtensionsNoDemand)) { // We need to get the raw handle out of the safe handle because X509Certificate2 only // exposes an IntPtr constructor. To do that we'll temporarially bump the ref count on // the handle. // // X509Certificate2 will duplicate the handle value in the .ctor, so once we've created // the certificate object, we can safely drop the ref count and dispose of our handle. X509Certificate2 certificate = null; bool addedRef = false; RuntimeHelpers.PrepareConstrainedRegions(); try { selfSignedCertHandle.DangerousAddRef(ref addedRef); certificate = new X509Certificate2(selfSignedCertHandle.DangerousGetHandle()); } finally { if (addedRef) { selfSignedCertHandle.DangerousRelease(); } } // If we passed ownership of the key to the certificate, than destroy the key // now so that we don't continue to use it beyond the liftime of the cert. if (creationParameters.TakeOwnershipOfKey) { key.Dispose(); } return(certificate); } }
private static SafeBCryptKeyHandle ImportPublicKeyInfo(SafeCertContextHandle certContext) { #if NETNATIVE // CryptImportPublicKeyInfoEx2() not in the UWP api list. throw new PlatformNotSupportedException(); #else unsafe { SafeBCryptKeyHandle bCryptKeyHandle; bool mustRelease = false; certContext.DangerousAddRef(ref mustRelease); try { unsafe { bool success = Interop.crypt32.CryptImportPublicKeyInfoEx2(CertEncodingType.X509_ASN_ENCODING, &(certContext.CertContext->pCertInfo->SubjectPublicKeyInfo), 0, null, out bCryptKeyHandle); if (!success) throw Marshal.GetHRForLastWin32Error().ToCryptographicException(); return bCryptKeyHandle; } } finally { if (mustRelease) certContext.DangerousRelease(); } } #endif //NETNATIVE }