C# (CSharp) Internal.Cryptography.Pal OpenSslX509ChainProcessor.BuildChain 예제들

예제 #1

파일: ChainPal.cs 프로젝트: traktraktrugui/corefx

        public static IChainPal BuildChain(
            bool useMachineContext,
            ICertificatePal cert,
            X509Certificate2Collection extraStore,
            OidCollection applicationPolicy,
            OidCollection certificatePolicy,
            X509RevocationMode revocationMode,
            X509RevocationFlag revocationFlag,
            DateTime verificationTime,
            TimeSpan timeout)
        {
            // An input value of 0 on the timeout is "take all the time you need".
            if (timeout == TimeSpan.Zero)
            {
                timeout = TimeSpan.MaxValue;
            }

            // Let Unspecified mean Local, so only convert if the source was UTC.
            //
            // Converge on Local instead of UTC because OpenSSL is going to assume we gave it
            // local time.
            if (verificationTime.Kind == DateTimeKind.Utc)
            {
                verificationTime = verificationTime.ToLocalTime();
            }

            TimeSpan                remainingDownloadTime = timeout;
            X509Certificate2        leaf          = new X509Certificate2(cert.Handle);
            List <X509Certificate2> downloaded    = new List <X509Certificate2>();
            List <X509Certificate2> systemTrusted = new List <X509Certificate2>();

            List <X509Certificate2> candidates = OpenSslX509ChainProcessor.FindCandidates(
                leaf,
                extraStore,
                downloaded,
                systemTrusted,
                ref remainingDownloadTime);

            IChainPal chain = OpenSslX509ChainProcessor.BuildChain(
                leaf,
                candidates,
                downloaded,
                systemTrusted,
                applicationPolicy,
                certificatePolicy,
                revocationMode,
                revocationFlag,
                verificationTime,
                ref remainingDownloadTime);

            if (chain.ChainStatus.Length == 0 && downloaded.Count > 0)
            {
                SaveIntermediateCertificates(chain.ChainElements, downloaded);
            }

            return(chain);
        }

예제 #2

        public static IChainPal BuildChain(
            bool useMachineContext,
            ICertificatePal cert,
            X509Certificate2Collection extraStore,
            OidCollection applicationPolicy,
            OidCollection certificatePolicy,
            X509RevocationMode revocationMode,
            X509RevocationFlag revocationFlag,
            DateTime verificationTime,
            TimeSpan timeout)
        {
            CheckRevocationMode(revocationMode);

            // An input value of 0 on the timeout is "take all the time you need".
            if (timeout == TimeSpan.Zero)
            {
                timeout = TimeSpan.MaxValue;
            }

            TimeSpan                remainingDownloadTime = timeout;
            X509Certificate2        leaf       = new X509Certificate2(cert.Handle);
            List <X509Certificate2> downloaded = new List <X509Certificate2>();

            List <X509Certificate2> candidates = OpenSslX509ChainProcessor.FindCandidates(
                leaf,
                extraStore,
                downloaded,
                ref remainingDownloadTime);

            IChainPal chain = OpenSslX509ChainProcessor.BuildChain(
                leaf,
                candidates,
                downloaded,
                applicationPolicy,
                certificatePolicy,
                verificationTime);

            if (chain.ChainStatus.Length == 0 && downloaded.Count > 0)
            {
                SaveIntermediateCertificates(chain.ChainElements, downloaded);
            }

            return(chain);
        }

예제 #3

        public static IChainPal BuildChain(
            bool useMachineContext,
            ICertificatePal cert,
            X509Certificate2Collection extraStore,
            OidCollection applicationPolicy,
            OidCollection certificatePolicy,
            X509RevocationMode revocationMode,
            X509RevocationFlag revocationFlag,
            DateTime verificationTime,
            TimeSpan timeout)
        {
            CheckRevocationMode(revocationMode);

            X509Certificate2 leaf = new X509Certificate2(cert.Handle);

            X509Certificate2Collection candidates = OpenSslX509ChainProcessor.FindCandidates(leaf, extraStore);

            return(OpenSslX509ChainProcessor.BuildChain(
                       leaf,
                       candidates,
                       applicationPolicy,
                       certificatePolicy,
                       verificationTime));
        }

예제 #4

        public static IChainPal BuildChain(
            bool useMachineContext,
            ICertificatePal cert,
            X509Certificate2Collection extraStore,
            OidCollection applicationPolicy,
            OidCollection certificatePolicy,
            X509RevocationMode revocationMode,
            X509RevocationFlag revocationFlag,
            DateTime verificationTime,
            TimeSpan timeout)
        {
            // An input value of 0 on the timeout is "take all the time you need".
            if (timeout == TimeSpan.Zero)
            {
                timeout = TimeSpan.MaxValue;
            }

            // Let Unspecified mean Local, so only convert if the source was UTC.
            //
            // Converge on Local instead of UTC because OpenSSL is going to assume we gave it
            // local time.
            if (verificationTime.Kind == DateTimeKind.Utc)
            {
                verificationTime = verificationTime.ToLocalTime();
            }

            TimeSpan remainingDownloadTime = timeout;

            using (var leaf = new X509Certificate2(cert.Handle))
            {
                var downloaded    = new HashSet <X509Certificate2>();
                var systemTrusted = new HashSet <X509Certificate2>();

                HashSet <X509Certificate2> candidates = OpenSslX509ChainProcessor.FindCandidates(
                    leaf,
                    extraStore,
                    downloaded,
                    systemTrusted,
                    ref remainingDownloadTime);

                IChainPal chain = OpenSslX509ChainProcessor.BuildChain(
                    leaf,
                    candidates,
                    downloaded,
                    systemTrusted,
                    applicationPolicy,
                    certificatePolicy,
                    revocationMode,
                    revocationFlag,
                    verificationTime,
                    ref remainingDownloadTime);

#if DEBUG
                if (chain.ChainElements.Length > 0)
                {
                    X509Certificate2 reportedLeaf = chain.ChainElements[0].Certificate;
                    Debug.Assert(reportedLeaf != null, "reportedLeaf != null");
                    Debug.Assert(reportedLeaf.Equals(leaf), "reportedLeaf.Equals(leaf)");
                    Debug.Assert(!ReferenceEquals(reportedLeaf, leaf), "!ReferenceEquals(reportedLeaf, leaf)");
                }
#endif

                if (chain.ChainStatus.Length == 0 && downloaded.Count > 0)
                {
                    SaveIntermediateCertificates(chain.ChainElements, downloaded);
                }

                // Everything we put into the chain has been cloned, dispose all the originals.
                systemTrusted.DisposeAll();
                downloaded.DisposeAll();

                // Candidate certs which came from extraStore should NOT be disposed, since they came
                // from outside.
                var extraStoreByReference = new HashSet <X509Certificate2>(
                    ReferenceEqualityComparer <X509Certificate2> .Instance);

                foreach (X509Certificate2 extraCert in extraStore)
                {
                    extraStoreByReference.Add(extraCert);
                }

                foreach (X509Certificate2 candidate in candidates)
                {
                    if (!extraStoreByReference.Contains(candidate))
                    {
                        candidate.Dispose();
                    }
                }

                return(chain);
            }
        }