private static bool VerifyCertificateIgnoringErrors(SafeCertContextHandle pCertContext)
{
ChainPal chainPal = ChainPal.BuildChain(
true,
CertificatePal.FromHandle(pCertContext.DangerousGetHandle()),
null, //extraStore
null, //applicationPolicy
null, //certificatePolicy
X509RevocationMode.NoCheck,
X509RevocationFlag.ExcludeRoot,
DateTime.Now,
new TimeSpan(0, 0, 0));
if (chainPal == null)
{
return(false);
}
using (chainPal)
{
Exception verificationException;
bool? verified = chainPal.Verify(X509VerificationFlags.NoFlag, out verificationException);
if (!(verified.HasValue && verified.Value))
{
return(false);
}
}
return(true);
}
private static bool VerifyCertificateIgnoringErrors(SafeCertContextHandle pCertContext)
{
// This needs to be kept in sync with IsCertValid in the
// Unix/OpenSSL PAL version (and potentially any other PALs that come about)
ChainPal?chainPal = ChainPal.BuildChain(
false,
CertificatePal.FromHandle(pCertContext.DangerousGetHandle()),
null, //extraStore
null, //applicationPolicy
null, //certificatePolicy
X509RevocationMode.NoCheck,
X509RevocationFlag.ExcludeRoot,
null,
X509ChainTrustMode.System,
DateTime.Now,
new TimeSpan(0, 0, 0));
if (chainPal == null)
{
return(false);
}
using (chainPal)
{
Exception?verificationException;
bool? verified = chainPal.Verify(X509VerificationFlags.NoFlag, out verificationException);
if (!verified.GetValueOrDefault())
{
return(false);
}
}
return(true);
}
public void Remove(ICertificatePal certPal)
{
if (!Directory.Exists(_storePath))
{
return;
}
OpenSslX509CertificateReader cert = (OpenSslX509CertificateReader)certPal;
using (X509Certificate2 copy = new X509Certificate2(cert.DuplicateHandles()))
{
string?currentFilename;
do
{
bool hadCandidates;
currentFilename = FindExistingFilename(copy, _storePath, out hadCandidates);
if (currentFilename != null)
{
if (_readOnly)
{
// Windows compatibility, the readonly check isn't done until after a match is found.
throw new CryptographicException(SR.Cryptography_X509_StoreReadOnly);
}
File.Delete(currentFilename);
ChainPal.FlushStores();
}
} while (currentFilename != null);
}
}
public static IChainPal FromHandle(IntPtr chainContext)
{
if (chainContext == IntPtr.Zero)
{
throw new ArgumentNullException(nameof(chainContext));
}
SafeX509ChainHandle certChainHandle = Interop.Crypt32.CertDuplicateCertificateChain(chainContext);
if (certChainHandle == null || certChainHandle.IsInvalid)
{
throw new CryptographicException(SR.Cryptography_InvalidContextHandle, nameof(chainContext));
}
var pal = new ChainPal(certChainHandle);
return(pal);
}
public void Add(ICertificatePal certPal)
{
if (_readOnly)
{
// Windows compatibility: Remove only throws when it needs to do work, add throws always.
throw new CryptographicException(SR.Cryptography_X509_StoreReadOnly);
}
try
{
AddCertToStore(certPal);
ChainPal.FlushStores();
}
catch (CryptographicException)
{
throw;
}
catch (Exception e)
{
throw new CryptographicException(SR.Cryptography_X509_StoreAddFailure, e);
}
}
public static IChainPal FromHandle(IntPtr chainContext)
{
if (chainContext == IntPtr.Zero)
throw new ArgumentNullException(nameof(chainContext));
SafeX509ChainHandle certChainHandle = Interop.crypt32.CertDuplicateCertificateChain(chainContext);
if (certChainHandle == null || certChainHandle.IsInvalid)
throw new CryptographicException(SR.Cryptography_InvalidContextHandle, nameof(chainContext));
var pal = new ChainPal(certChainHandle);
return pal;
}
