/// <summary> /// Perform OCSP, which checks whether the certificate is revoked or not. /// </summary> /// <since_tizen> 3 </since_tizen> /// <param name="certificateChain"> /// Valid certificate chain to perform the OCSP check. /// </param> /// <returns>A status result of the OCSP check.</returns> /// <exception cref="ArgumentNullException"> /// The certificateChain argument is null. /// </exception> /// <exception cref="ArgumentException"> /// The certificateChain is not valid chain or certificate. /// </exception> /// <exception cref="InvalidOperationException"> /// Some of the certificates in chain are expired or not valid yet. /// </exception> static public OcspStatus CheckOcsp(IEnumerable <Certificate> certificateChain) { if (certificateChain == null) { throw new ArgumentNullException("Certificate chain is null"); } IntPtr ptr = IntPtr.Zero; try { int ocspStatus = (int)OcspStatus.Good; var certChain = new SafeCertificateListHandle(certificateChain); ptr = certChain.GetHandle(); Interop.CheckNThrowException( Interop.CkmcManager.OcspCheck(ptr, ref ocspStatus), "Failed to get certificate chain with trusted certificates"); return((OcspStatus)ocspStatus); } finally { if (ptr != IntPtr.Zero) { Interop.CkmcTypes.CertListAllFree(ptr); } } }
internal Pkcs12(IntPtr ptr) { var ckmcPkcs12 = Marshal.PtrToStructure <Interop.CkmcPkcs12>(ptr); this.PrivateKey = new Key(ckmcPkcs12.privateKey); if (ckmcPkcs12.certificate != IntPtr.Zero) { this.Certificate = new Certificate(ckmcPkcs12.certificate); } if (ckmcPkcs12.caChain != IntPtr.Zero) { this._certChainHandle = new SafeCertificateListHandle(ckmcPkcs12.caChain); } }
/// <summary> /// Verifies a certificate chain and returns that chain using user entered /// trusted and untrusted CA certificates. /// </summary> /// <since_tizen> 3 </since_tizen> /// <param name="certificate">The certificate to be verified.</param> /// <param name="untrustedCertificates"> /// The untrusted CA certificates to be used in verifying a certificate chain. /// </param> /// <param name="trustedCertificates"> /// The trusted CA certificates to be used in verifying a certificate chain. /// </param> /// <param name="useTrustedSystemCertificates"> /// The flag indicating the use of the trusted root certificates in the /// system's certificate storage. /// </param> /// <returns>A newly created certificate chain.</returns> /// <exception cref="ArgumentNullException"> /// The certificate argument is null. /// </exception> /// <exception cref="ArgumentException"> /// Some of the certificates in arguments are invalid. /// </exception> /// <exception cref="InvalidOperationException"> /// Some of the certificates in arguments are expired or not valid yet. /// Certificate cannot build chain. /// The root certificate is not in the trusted system certificate store. /// </exception> /// <remarks> /// The trusted root certificate of the chain in the system's certificate storage /// is added to the certificate chain. /// </remarks> static public IEnumerable <Certificate> GetCertificateChain( Certificate certificate, IEnumerable <Certificate> untrustedCertificates, IEnumerable <Certificate> trustedCertificates, bool useTrustedSystemCertificates) { if (certificate == null) { throw new ArgumentNullException("Certificate is null"); } IntPtr certPtr = IntPtr.Zero; IntPtr untrustedPtr = IntPtr.Zero; IntPtr trustedPtr = IntPtr.Zero; IntPtr ptrCertChain = IntPtr.Zero; try { var untrusted = new SafeCertificateListHandle(untrustedCertificates); var trusted = new SafeCertificateListHandle(trustedCertificates); certPtr = certificate.GetHandle(); untrustedPtr = untrusted.GetHandle(); trustedPtr = trusted.GetHandle(); Interop.CheckNThrowException( Interop.CkmcManager.GetCertChainWithTrustedCerts( certPtr, untrustedPtr, trustedPtr, useTrustedSystemCertificates, out ptrCertChain), "Failed to get certificate chain with trusted certificates"); return(new SafeCertificateListHandle(ptrCertChain).Certificates); } finally { if (certPtr != IntPtr.Zero) { Interop.CkmcTypes.CertFree(certPtr); } if (untrustedPtr != IntPtr.Zero) { Interop.CkmcTypes.CertListAllFree(untrustedPtr); } if (trustedPtr != IntPtr.Zero) { Interop.CkmcTypes.CertListAllFree(trustedPtr); } } }