private X509CertificateClaimSet(X509ChainElementCollection elements, int index)
{
this.expirationTime = System.IdentityModel.SecurityUtils.MinUtcDateTime;
this.elements = elements;
this.index = index;
this.certificate = elements[index].Certificate;
}
public X509Chain(bool useMachineContext)
{
m_status = 0;
m_chainPolicy = null;
m_chainStatus = null;
m_chainElementCollection = new X509ChainElementCollection();
m_safeCertChainHandle = SafeCertChainHandle.InvalidHandle;
m_useMachineContext = useMachineContext;
}
public X509Chain(bool useMachineContext)
{
this.m_syncRoot = new object();
this.m_status = 0;
this.m_chainPolicy = null;
this.m_chainStatus = null;
this.m_chainElementCollection = new X509ChainElementCollection();
this.m_safeCertChainHandle = SafeCertChainHandle.InvalidHandle;
this.m_useMachineContext = useMachineContext;
}
public X509Chain(bool useMachineContext)
{
this.m_syncRoot = new object();
this.m_status = 0;
this.m_chainPolicy = null;
this.m_chainStatus = null;
this.m_chainElementCollection = new X509ChainElementCollection();
this.m_safeCertChainHandle = SafeCertChainHandle.InvalidHandle;
this.m_useMachineContext = useMachineContext;
}
public void Reset()
{
m_status = 0;
m_chainStatus = null;
m_chainElementCollection = new X509ChainElementCollection();
if (!m_safeCertChainHandle.IsInvalid)
{
m_safeCertChainHandle.Dispose();
m_safeCertChainHandle = SafeCertChainHandle.InvalidHandle;
}
}
internal static bool IsSelfSigned(X509Chain chain)
{
X509ChainElementCollection chainElements = chain.ChainElements;
if (chainElements.Count != 1)
{
return(false);
}
X509Certificate2 certificate = chainElements[0].Certificate;
return(string.Compare(certificate.SubjectName.Name, certificate.IssuerName.Name, StringComparison.OrdinalIgnoreCase) == 0);
}
private void Reset()
{
_lazyChainStatus = null;
_chainElements = new X509ChainElementCollection();
IChainPal pal = _pal;
_pal = null;
if (pal != null)
{
pal.Dispose();
}
}
private unsafe void Init()
{
using (SafeCertChainHandle handle = CAPISafe.CertDuplicateCertificateChain(this.m_safeCertChainHandle))
{
CAPIBase.CERT_CHAIN_CONTEXT structure = new CAPIBase.CERT_CHAIN_CONTEXT(Marshal.SizeOf(typeof(CAPIBase.CERT_CHAIN_CONTEXT)));
uint size = (uint)Marshal.ReadInt32(handle.DangerousGetHandle());
if (size > Marshal.SizeOf(structure))
{
size = (uint)Marshal.SizeOf(structure);
}
System.Security.Cryptography.X509Certificates.X509Utils.memcpy(this.m_safeCertChainHandle.DangerousGetHandle(), new IntPtr((void *)&structure), size);
this.m_status = structure.dwErrorStatus;
this.m_chainElementCollection = new X509ChainElementCollection(Marshal.ReadIntPtr(structure.rgpChain));
}
}
public void Reset()
{
// _chainPolicy is not reset for .NET Framework compat
_lazyChainStatus = null;
_chainElements = null;
_useMachineContext = false;
IChainPal pal = _pal;
_pal = null;
if (pal != null)
{
pal.Dispose();
}
}
internal bool Build(X509Certificate2 certificate, bool throwOnException)
{
lock (_syncRoot)
{
if (certificate == null || certificate.Pal == null)
{
throw new ArgumentException(SR.Cryptography_InvalidContextHandle, nameof(certificate));
}
Reset();
X509ChainPolicy chainPolicy = ChainPolicy;
_pal = ChainPal.BuildChain(
_useMachineContext,
certificate.Pal,
chainPolicy.ExtraStore,
chainPolicy.ApplicationPolicy,
chainPolicy.CertificatePolicy,
chainPolicy.RevocationMode,
chainPolicy.RevocationFlag,
chainPolicy.VerificationTime,
chainPolicy.UrlRetrievalTimeout
);
if (_pal == null)
{
return(false);
}
_chainElements = new X509ChainElementCollection(_pal.ChainElements);
Exception verificationException;
bool? verified = _pal.Verify(chainPolicy.VerificationFlags, out verificationException);
if (!verified.HasValue)
{
if (throwOnException)
{
throw verificationException;
}
else
{
verified = false;
}
}
return(verified.Value);
}
}
private unsafe void Init()
{
using (SafeCertChainHandle safeCertChainHandle = CAPI.CertDuplicateCertificateChain(m_safeCertChainHandle)) {
CAPI.CERT_CHAIN_CONTEXT pChain = new CAPI.CERT_CHAIN_CONTEXT(Marshal.SizeOf(typeof(CAPI.CERT_CHAIN_CONTEXT)));
uint cbSize = (uint)Marshal.ReadInt32(safeCertChainHandle.DangerousGetHandle());
if (cbSize > Marshal.SizeOf(pChain))
{
cbSize = (uint)Marshal.SizeOf(pChain);
}
X509Utils.memcpy(m_safeCertChainHandle.DangerousGetHandle(), new IntPtr(&pChain), cbSize);
m_status = pChain.dwErrorStatus;
Debug.Assert(pChain.cChain > 0);
m_chainElementCollection = new X509ChainElementCollection(Marshal.ReadIntPtr(pChain.rgpChain));
}
}
private X509CertificateClaimSet(X509ChainElementCollection elements, int index)
{
_elements = elements;
_index = index;
_certificate = elements[index].Certificate;
}
public void Reset()
{
// _chainPolicy is not reset for desktop compat
_lazyChainStatus = null;
_chainElements = null;
_useMachineContext = false;
IChainPal pal = _pal;
_pal = null;
if (pal != null)
pal.Dispose();
}
public X509Chain(IntPtr chainContext)
{
_pal = ChainPal.FromHandle(chainContext);
Debug.Assert(_pal != null);
_chainElements = new X509ChainElementCollection(_pal.ChainElements);
}
/// <summary>
/// Initializes a new instance of the <see cref="X509ChainElementCollectionWrap"/> class.
/// </summary>
/// <param name="collection">
/// The collection.
/// </param>
public void Initialize(X509ChainElementCollection collection)
{
this.elements = new IX509ChainElement[collection.Count];
var elementFactory = new X509ChainElementFactory(this.file, this.path);
for (var i = 0; i < this.elements.Length; i++)
{
this.elements[i] = elementFactory.Create(collection[i]);
}
}
X509CertificateClaimSet(X509ChainElementCollection elements, int index)
{
this.elements = elements;
this.index = index;
this.certificate = elements[index].Certificate;
}
internal X509ChainImplBtls ()
{
chain = new MonoBtlsX509Chain ();
elements = new X509ChainElementCollection ();
policy = new X509ChainPolicy ();
}
/// <summary>
/// Initializes a new instance of the <see cref="X509ChainElementCollectionWrap"/> class.
/// </summary>
/// <param name="collection">
/// The collection of X509ChainElement objects.
/// </param>
internal X509ChainElementCollectionWrap(X509ChainElementCollection collection)
{
this.Initialize(collection);
}
private void Reset()
{
_lazyChainStatus = null;
_chainElements = new X509ChainElementCollection();
IChainPal pal = _pal;
_pal = null;
if (pal != null)
pal.Dispose();
return;
}
public X509Chain(IntPtr chainContext)
{
_pal = ChainPal.FromHandle(chainContext);
Debug.Assert(_pal != null);
_chainElements = new X509ChainElementCollection(_pal.ChainElements);
}
internal bool Build(X509Certificate2 certificate, bool throwOnException)
{
lock (_syncRoot)
{
if (certificate == null || certificate.Pal == null)
{
throw new ArgumentException(SR.Cryptography_InvalidContextHandle, nameof(certificate));
}
if (_chainPolicy != null && _chainPolicy.CustomTrustStore != null)
{
if (_chainPolicy.TrustMode == X509ChainTrustMode.System && _chainPolicy.CustomTrustStore.Count > 0)
{
throw new CryptographicException(SR.Cryptography_CustomTrustCertsInSystemMode, nameof(_chainPolicy.TrustMode));
}
foreach (X509Certificate2 customCertificate in _chainPolicy.CustomTrustStore)
{
if (customCertificate == null || customCertificate.Handle == IntPtr.Zero)
{
throw new CryptographicException(SR.Cryptography_InvalidTrustCertificate, nameof(_chainPolicy.CustomTrustStore));
}
}
}
Reset();
X509ChainPolicy chainPolicy = ChainPolicy;
_pal = ChainPal.BuildChain(
_useMachineContext,
certificate.Pal,
chainPolicy._extraStore,
chainPolicy._applicationPolicy,
chainPolicy._certificatePolicy,
chainPolicy.RevocationMode,
chainPolicy.RevocationFlag,
chainPolicy.CustomTrustStore,
chainPolicy.TrustMode,
chainPolicy.VerificationTime,
chainPolicy.UrlRetrievalTimeout
);
if (_pal == null)
{
return(false);
}
_chainElements = new X509ChainElementCollection(_pal.ChainElements);
Exception verificationException;
bool? verified = _pal.Verify(chainPolicy.VerificationFlags, out verificationException);
if (!verified.HasValue)
{
if (throwOnException)
{
throw verificationException;
}
else
{
verified = false;
}
}
return(verified.Value);
}
}
public bool Build(X509Certificate2 certificate)
{
lock (_syncRoot)
{
if (certificate == null)
throw new ArgumentException(SR.Cryptography_InvalidContextHandle, "certificate");
Reset();
X509ChainPolicy chainPolicy = ChainPolicy;
_pal = ChainPal.BuildChain(
false,
certificate.Pal,
chainPolicy.ExtraStore,
chainPolicy.ApplicationPolicy,
chainPolicy.CertificatePolicy,
chainPolicy.RevocationMode,
chainPolicy.RevocationFlag,
chainPolicy.VerificationTime,
chainPolicy.UrlRetrievalTimeout
);
if (_pal == null)
return false;
_chainElements = new X509ChainElementCollection(_pal.ChainElements);
Exception verificationException;
bool? verified = _pal.Verify(chainPolicy.VerificationFlags, out verificationException);
if (!verified.HasValue)
throw verificationException;
return verified.Value;
}
}
/// <summary>Initializes a new instance of the <see cref="T:System.Security.Cryptography.X509Certificates.X509Chain" /> class specifying a value that indicates whether the machine context should be used.</summary>
/// <param name="useMachineContext">true to use the machine context; false to use the current user context. </param>
public X509Chain(bool useMachineContext)
{
this.location = ((!useMachineContext) ? StoreLocation.CurrentUser : StoreLocation.LocalMachine);
this.elements = new X509ChainElementCollection();
this.policy = new X509ChainPolicy();
}
public X509Chain(bool useMachineContext)
{
location = useMachineContext ? StoreLocation.LocalMachine : StoreLocation.CurrentUser;
elements = new X509ChainElementCollection();
policy = new X509ChainPolicy();
}
private unsafe void Init()
{
using (SafeCertChainHandle handle = CAPISafe.CertDuplicateCertificateChain(this.m_safeCertChainHandle))
{
CAPIBase.CERT_CHAIN_CONTEXT structure = new CAPIBase.CERT_CHAIN_CONTEXT(Marshal.SizeOf(typeof(CAPIBase.CERT_CHAIN_CONTEXT)));
uint size = (uint) Marshal.ReadInt32(handle.DangerousGetHandle());
if (size > Marshal.SizeOf(structure))
{
size = (uint) Marshal.SizeOf(structure);
}
System.Security.Cryptography.X509Certificates.X509Utils.memcpy(this.m_safeCertChainHandle.DangerousGetHandle(), new IntPtr((void*) &structure), size);
this.m_status = structure.dwErrorStatus;
this.m_chainElementCollection = new X509ChainElementCollection(Marshal.ReadIntPtr(structure.rgpChain));
}
}
public override void Reset ()
{
if (certificates != null) {
foreach (var certificate in certificates)
certificate.Dispose ();
certificates = null;
}
if (elements != null) {
elements.Clear ();
elements = null;
}
}
public void Reset()
{
this.m_status = 0;
this.m_chainStatus = null;
this.m_chainElementCollection = new X509ChainElementCollection();
if (!this.m_safeCertChainHandle.IsInvalid)
{
this.m_safeCertChainHandle.Dispose();
this.m_safeCertChainHandle = SafeCertChainHandle.InvalidHandle;
}
}
internal X509ChainElementEnumerator(X509ChainElementCollection chainElements)
{
_chainElements = chainElements;
_current = -1;
}
internal X509ChainElementEnumerator(X509ChainElementCollection chainElements)
{
_chainElements = chainElements;
_current = -1;
}
private unsafe void Init () {
using (SafeCertChainHandle safeCertChainHandle = CAPI.CertDuplicateCertificateChain(m_safeCertChainHandle)) {
CAPI.CERT_CHAIN_CONTEXT pChain = new CAPI.CERT_CHAIN_CONTEXT(Marshal.SizeOf(typeof(CAPI.CERT_CHAIN_CONTEXT)));
uint cbSize = (uint) Marshal.ReadInt32(safeCertChainHandle.DangerousGetHandle());
if (cbSize > Marshal.SizeOf(pChain))
cbSize = (uint) Marshal.SizeOf(pChain);
X509Utils.memcpy(m_safeCertChainHandle.DangerousGetHandle(), new IntPtr(&pChain), cbSize);
m_status = pChain.dwErrorStatus;
Debug.Assert(pChain.cChain > 0);
m_chainElementCollection = new X509ChainElementCollection(Marshal.ReadIntPtr(pChain.rgpChain));
}
}
public X509Chain (bool useMachineContext) {
m_status = 0;
m_chainPolicy = null;
m_chainStatus = null;
m_chainElementCollection = new X509ChainElementCollection();
m_safeCertChainHandle = SafeCertChainHandle.InvalidHandle;
m_useMachineContext = useMachineContext;
}
public X509Chain (bool useMachineContext)
{
location = useMachineContext ? StoreLocation.LocalMachine : StoreLocation.CurrentUser;
elements = new X509ChainElementCollection ();
policy = new X509ChainPolicy ();
}
/// <summary>
/// Wraps the X509ChainElementCollection creation method.
/// </summary>
/// <param name="collection">
/// The collection of X509ChainElement objects.
/// </param>
/// <returns>
/// The <see cref="IX509ChainElementCollection"/>.
/// </returns>
public IX509ChainElementCollection Create(X509ChainElementCollection collection)
{
return new X509ChainElementCollectionWrap(collection);
}