private CryptDecodeObjectEx ( int dwCertEncodingType, |
||
dwCertEncodingType | int | |
lpszStructType | ||
pbEncoded | ||
cbEncoded | int | |
dwFlags | int | |
pDecodePara | ||
pvStructInfo | ||
pcbStructInfo | int | |
리턴 | int |
/// <summary> /// Decodes a CERT_INFO. /// </summary> public static CRL_INFO Decode_CERT_INFO(IntPtr pEncoded, int iEncodedSize) { IntPtr pData2 = IntPtr.Zero; int dwDataSize2 = 0; try { // calculate amount of memory required. int bResult = Win32.CryptDecodeObjectEx( Win32.X509_ASN_ENCODING | Win32.PKCS_7_ASN_ENCODING, (IntPtr)Win32.X509_CERT_CRL_TO_BE_SIGNED, pEncoded, iEncodedSize, Win32.CRYPT_DECODE_NOCOPY_FLAG, IntPtr.Zero, pData2, ref dwDataSize2); if (bResult == 0) { throw GetLastError(StatusCodes.BadDecodingError, "Could not get size for CRL_INFO."); } // allocate memory. pData2 = Marshal.AllocHGlobal(dwDataSize2); // decode blob. bResult = Win32.CryptDecodeObjectEx( Win32.X509_ASN_ENCODING | Win32.PKCS_7_ASN_ENCODING, (IntPtr)Win32.X509_CERT_CRL_TO_BE_SIGNED, pEncoded, iEncodedSize, Win32.CRYPT_DECODE_NOCOPY_FLAG, IntPtr.Zero, pData2, ref dwDataSize2); if (bResult == 0) { throw GetLastError(StatusCodes.BadDecodingError, "Could not decode CRL_INFO."); } return((Win32.CRL_INFO)Marshal.PtrToStructure(pData2, typeof(Win32.CRL_INFO))); } finally { if (pData2 != IntPtr.Zero) { Marshal.FreeHGlobal(pData2); } } }
/// <summary> /// Returns true the certificate is in the CRL. /// </summary> public bool IsRevoked(X509Certificate2 certificate) { IntPtr pData1 = IntPtr.Zero; IntPtr pData2 = IntPtr.Zero; int dwDataSize1 = 0; try { // check that the issuer matches. if (m_issuer == null || !Utils.CompareDistinguishedName(certificate.Issuer, m_issuer.Subject)) { throw new ServiceResultException(StatusCodes.BadCertificateInvalid, "Certificate was not created by the CRL issuer."); } // get the cert info for the target certificate. Win32.CERT_CONTEXT context = (Win32.CERT_CONTEXT)Marshal.PtrToStructure(certificate.Handle, typeof(Win32.CERT_CONTEXT)); // calculate amount of memory required. int bResult = Win32.CryptDecodeObjectEx( Win32.X509_ASN_ENCODING | Win32.PKCS_7_ASN_ENCODING, (IntPtr)Win32.X509_CERT_CRL_TO_BE_SIGNED, m_signedCrl.ToBeSigned.pbData, m_signedCrl.ToBeSigned.cbData, Win32.CRYPT_DECODE_NOCOPY_FLAG, IntPtr.Zero, pData1, ref dwDataSize1); if (bResult == 0) { throw Win32.GetLastError(StatusCodes.BadDecodingError, "Could not get size for CRL_INFO."); } // allocate memory. pData1 = Marshal.AllocHGlobal(dwDataSize1); // decode blob. bResult = Win32.CryptDecodeObjectEx( Win32.X509_ASN_ENCODING | Win32.PKCS_7_ASN_ENCODING, (IntPtr)Win32.X509_CERT_CRL_TO_BE_SIGNED, m_signedCrl.ToBeSigned.pbData, m_signedCrl.ToBeSigned.cbData, Win32.CRYPT_DECODE_NOCOPY_FLAG, IntPtr.Zero, pData1, ref dwDataSize1); if (bResult == 0) { throw Win32.GetLastError(StatusCodes.BadDecodingError, "Could not decode CRL_INFO."); } IntPtr[] pCRLs = new IntPtr[] { pData1 }; pData2 = Marshal.AllocHGlobal(IntPtr.Size * pCRLs.Length); Marshal.Copy(pCRLs, 0, pData2, pCRLs.Length); // check for revocation. bResult = Win32.CertVerifyCRLRevocation( Win32.X509_ASN_ENCODING | Win32.PKCS_7_ASN_ENCODING, context.pCertInfo, pCRLs.Length, pData2); if (bResult == 0) { return(true); } // not revoked. return(false); } finally { if (pData1 != IntPtr.Zero) { Marshal.FreeHGlobal(pData1); pData1 = IntPtr.Zero; } if (pData2 != IntPtr.Zero) { Marshal.FreeHGlobal(pData2); pData2 = IntPtr.Zero; } } }