private static bool VerifyCertificateIgnoringErrors(SafeCertContextHandle pCertContext) { ChainPal chainPal = ChainPal.BuildChain( true, CertificatePal.FromHandle(pCertContext.DangerousGetHandle()), null, //extraStore null, //applicationPolicy null, //certificatePolicy X509RevocationMode.NoCheck, X509RevocationFlag.ExcludeRoot, DateTime.Now, new TimeSpan(0, 0, 0)); if (chainPal == null) { return(false); } using (chainPal) { Exception verificationException; bool? verified = chainPal.Verify(X509VerificationFlags.NoFlag, out verificationException); if (!(verified.HasValue && verified.Value)) { return(false); } } return(true); }
private static bool VerifyCertificateIgnoringErrors(SafeCertContextHandle pCertContext) { // This needs to be kept in sync with IsCertValid in the // Unix/OpenSSL PAL version (and potentially any other PALs that come about) ChainPal?chainPal = ChainPal.BuildChain( false, CertificatePal.FromHandle(pCertContext.DangerousGetHandle()), null, //extraStore null, //applicationPolicy null, //certificatePolicy X509RevocationMode.NoCheck, X509RevocationFlag.ExcludeRoot, null, X509ChainTrustMode.System, DateTime.Now, new TimeSpan(0, 0, 0)); if (chainPal == null) { return(false); } using (chainPal) { Exception?verificationException; bool? verified = chainPal.Verify(X509VerificationFlags.NoFlag, out verificationException); if (!verified.GetValueOrDefault()) { return(false); } } return(true); }
public void Remove(ICertificatePal certPal) { if (!Directory.Exists(_storePath)) { return; } OpenSslX509CertificateReader cert = (OpenSslX509CertificateReader)certPal; using (X509Certificate2 copy = new X509Certificate2(cert.DuplicateHandles())) { string?currentFilename; do { bool hadCandidates; currentFilename = FindExistingFilename(copy, _storePath, out hadCandidates); if (currentFilename != null) { if (_readOnly) { // Windows compatibility, the readonly check isn't done until after a match is found. throw new CryptographicException(SR.Cryptography_X509_StoreReadOnly); } File.Delete(currentFilename); ChainPal.FlushStores(); } } while (currentFilename != null); } }
public static IChainPal FromHandle(IntPtr chainContext) { if (chainContext == IntPtr.Zero) { throw new ArgumentNullException(nameof(chainContext)); } SafeX509ChainHandle certChainHandle = Interop.Crypt32.CertDuplicateCertificateChain(chainContext); if (certChainHandle == null || certChainHandle.IsInvalid) { throw new CryptographicException(SR.Cryptography_InvalidContextHandle, nameof(chainContext)); } var pal = new ChainPal(certChainHandle); return(pal); }
public void Add(ICertificatePal certPal) { if (_readOnly) { // Windows compatibility: Remove only throws when it needs to do work, add throws always. throw new CryptographicException(SR.Cryptography_X509_StoreReadOnly); } try { AddCertToStore(certPal); ChainPal.FlushStores(); } catch (CryptographicException) { throw; } catch (Exception e) { throw new CryptographicException(SR.Cryptography_X509_StoreAddFailure, e); } }
public static IChainPal FromHandle(IntPtr chainContext) { if (chainContext == IntPtr.Zero) throw new ArgumentNullException(nameof(chainContext)); SafeX509ChainHandle certChainHandle = Interop.crypt32.CertDuplicateCertificateChain(chainContext); if (certChainHandle == null || certChainHandle.IsInvalid) throw new CryptographicException(SR.Cryptography_InvalidContextHandle, nameof(chainContext)); var pal = new ChainPal(certChainHandle); return pal; }