public override IPermission Intersect(IPermission target) { StorePermission dp = Cast(target); if (dp == null) { return(null); } if (this.IsUnrestricted() && dp.IsUnrestricted()) { return(new StorePermission(PermissionState.Unrestricted)); } if (this.IsUnrestricted()) { return(dp.Copy()); } if (dp.IsUnrestricted()) { return(this.Copy()); } StorePermissionFlags spf = _flags & dp._flags; if (spf == StorePermissionFlags.NoFlags) { return(null); } return(new StorePermission(spf)); }
public void PermissionState_None_Copy () { // both will return null under 2.0 final // StorePermission sp1 = new StorePermission (PermissionState.None).Copy(); // StorePermission sp2 = new StorePermission (StorePermissionFlags.NoFlags).Copy (); StorePermission sp = new StorePermission (PermissionState.None); StorePermission copy = (StorePermission) sp.Copy (); Assert.IsFalse (Object.ReferenceEquals (sp, copy), "ReferenceEquals"); Assert.AreEqual (sp.Flags, copy.Flags, "Copy Flags"); Assert.AreEqual (sp.IsUnrestricted (), copy.IsUnrestricted (), "IsUnrestricted ()"); }
public void ConstructorLevel_Deny_Unrestricted () { StorePermission p = new StorePermission (StorePermissionFlags.AllFlags); Assert.AreEqual (StorePermissionFlags.AllFlags, p.Flags, "Flags"); Assert.IsTrue (p.IsUnrestricted (), "IsUnrestricted"); Assert.IsNotNull (p.Copy (), "Copy"); SecurityElement se = p.ToXml (); Assert.IsNotNull (se, "ToXml"); p.FromXml (se); Assert.IsNotNull (p.Intersect (p), "Intersect"); Assert.IsTrue (p.IsSubsetOf (p), "IsSubsetOf"); Assert.IsNotNull (p.Union (p), "Union"); }
public void ConstructorState_Deny_Unrestricted () { StorePermission p = new StorePermission (PermissionState.None); Assert.AreEqual (StorePermissionFlags.NoFlags, p.Flags, "Flags"); Assert.IsFalse (p.IsUnrestricted (), "IsUnrestricted"); SecurityElement se = p.ToXml (); Assert.IsNotNull (se, "ToXml"); p.FromXml (se); Assert.IsTrue (p.IsSubsetOf (p), "IsSubsetOf"); // strange behaviour of Copy under MS fx 2.0 (returns null for NoFlags) p.Copy (); p.Intersect (p); p.Union (p); }
public override IPermission CreatePermission() { StorePermission perm = null; if (this.Unrestricted) { perm = new StorePermission(PermissionState.Unrestricted); } else { perm = new StorePermission(_flags); } return(perm); }
public void PermissionState_None () { PermissionState ps = PermissionState.None; StorePermission sp = new StorePermission (ps); Assert.AreEqual (StorePermissionFlags.NoFlags, sp.Flags, "Flags"); Assert.IsFalse (sp.IsUnrestricted (), "IsUnrestricted"); SecurityElement se = sp.ToXml (); // only class and version are present Assert.AreEqual ("NoFlags", se.Attribute ("Flags"), "Xml-Flags"); Assert.IsNull (se.Children, "Xml-Children"); StorePermission copy = (StorePermission) sp.Copy (); Assert.IsNull (copy, "Copy"); }
// helpers private StorePermission Cast(IPermission target) { if (target == null) { return(null); } StorePermission dp = (target as StorePermission); if (dp == null) { PermissionHelper.ThrowInvalidPermission(target, typeof(StorePermission)); } return(dp); }
public override bool IsSubsetOf(IPermission target) { if (target == null) { return(m_flags == StorePermissionFlags.NoFlags); } try { StorePermission operand = (StorePermission)target; StorePermissionFlags sourceFlag = this.m_flags; StorePermissionFlags targetFlag = operand.m_flags; return((sourceFlag & targetFlag) == sourceFlag); } catch (InvalidCastException) { throw new ArgumentException(String.Format(CultureInfo.CurrentCulture, SR.GetString(SR.Argument_WrongType), this.GetType().FullName)); } }
public void PermissionState_Unrestricted () { PermissionState ps = PermissionState.Unrestricted; StorePermission sp = new StorePermission (ps); Assert.AreEqual (StorePermissionFlags.AllFlags, sp.Flags, "Flags"); Assert.IsTrue (sp.IsUnrestricted (), "IsUnrestricted"); SecurityElement se = sp.ToXml (); Assert.IsNotNull (se.Attribute ("Unrestricted"), "Xml-Unrestricted"); Assert.IsNull (se.Attribute ("Level"), "Xml-Flags"); Assert.IsNull (se.Children, "Xml-Children"); StorePermission copy = (StorePermission) sp.Copy (); Assert.IsFalse (Object.ReferenceEquals (sp, copy), "ReferenceEquals"); Assert.AreEqual (sp.Flags, copy.Flags, "Copy Flags"); Assert.AreEqual (sp.IsUnrestricted (), copy.IsUnrestricted (), "IsUnrestricted ()"); }
public override bool IsSubsetOf(IPermission target) { StorePermission dp = Cast(target); if (dp == null) { return(_flags == StorePermissionFlags.NoFlags); } if (dp.IsUnrestricted()) { return(true); } if (this.IsUnrestricted()) { return(false); } return((_flags & ~dp._flags) == 0); }
public override bool IsSubsetOf(IPermission target) { bool flag; if (target == null) { return(this.m_flags == StorePermissionFlags.NoFlags); } try { StorePermission permission = (StorePermission)target; StorePermissionFlags flags = this.m_flags; StorePermissionFlags flags2 = permission.m_flags; flag = (flags & flags2) == flags; } catch (InvalidCastException) { throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, SR.GetString("Argument_WrongType"), new object[] { base.GetType().FullName })); } return(flag); }
public override IPermission Union(IPermission target) { StorePermission dp = Cast(target); if (dp == null) { return(this.Copy()); // will return null for NoFlags } if (this.IsUnrestricted() || dp.IsUnrestricted()) { return(new StorePermission(PermissionState.Unrestricted)); } StorePermissionFlags spf = _flags | dp._flags; if (spf == StorePermissionFlags.NoFlags) { return(null); } return(new StorePermission(spf)); }
// // IPermission implementation // public override IPermission Union(IPermission target) { if (target == null) { return(this.Copy()); } try { StorePermission operand = (StorePermission)target; StorePermissionFlags flag_union = m_flags | operand.m_flags; if (flag_union == StorePermissionFlags.NoFlags) { return(null); } else { return(new StorePermission(flag_union)); } } catch (InvalidCastException) { throw new ArgumentException(String.Format(CultureInfo.CurrentCulture, SR.GetString(SR.Argument_WrongType), this.GetType().FullName)); } }
public override IPermission Intersect(IPermission target) { IPermission permission2; if (target == null) { return null; } try { StorePermission permission = (StorePermission) target; StorePermissionFlags flag = permission.m_flags & this.m_flags; if (flag == StorePermissionFlags.NoFlags) { return null; } permission2 = new StorePermission(flag); } catch (InvalidCastException) { throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, SR.GetString("Argument_WrongType"), new object[] { base.GetType().FullName })); } return permission2; }
/// <summary> /// 安装资源文件中的证书 /// </summary> public static string InstallCertificateFromResource(StoreName sn, byte[] certificatefile) { try { StorePermission sp = new StorePermission(StorePermissionFlags.AllFlags); sp.Demand(); X509Certificate2 certificate = new X509Certificate2(certificatefile); if (TryGetCertificate(sn, certificatefile) == null) { X509Store AuthRoot = new X509Store(sn, StoreLocation.LocalMachine); AuthRoot.Open(OpenFlags.ReadWrite); //AuthRoot.Remove(certificate); AuthRoot.Add(certificate); AuthRoot.Close(); } return string.Empty; } catch(Exception ex) { return ex.Message; } }
public override IPermission Intersect(IPermission target) { IPermission permission2; if (target == null) { return(null); } try { StorePermission permission = (StorePermission)target; StorePermissionFlags flag = permission.m_flags & this.m_flags; if (flag == StorePermissionFlags.NoFlags) { return(null); } permission2 = new StorePermission(flag); } catch (InvalidCastException) { throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, SR.GetString("Argument_WrongType"), new object[] { base.GetType().FullName })); } return(permission2); }
SafeCertStoreHandle CertOpenStore( [In] IntPtr lpszStoreProvider, [In] uint dwMsgAndCertEncodingType, [In] IntPtr hCryptProv, [In] uint dwFlags, [In] string pvPara) { if (lpszStoreProvider != new IntPtr(CERT_STORE_PROV_MEMORY) && lpszStoreProvider != new IntPtr(CERT_STORE_PROV_SYSTEM)) throw new ArgumentException(SR.GetString(SR.Security_InvalidValue), "lpszStoreProvider"); #if !FEATURE_CORESYSTEM if ((dwFlags & CERT_SYSTEM_STORE_LOCAL_MACHINE) == CERT_SYSTEM_STORE_LOCAL_MACHINE || (dwFlags & CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY) == CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY || (dwFlags & CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE) == CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE) { // We do not allow opening remote local machine stores if in semi-trusted environment. if (pvPara != null && pvPara.StartsWith(@"\\", StringComparison.Ordinal)) new PermissionSet(PermissionState.Unrestricted).Demand(); } if ((dwFlags & CERT_STORE_DELETE_FLAG) == CERT_STORE_DELETE_FLAG) { StorePermission sp = new StorePermission(StorePermissionFlags.DeleteStore); sp.Demand(); } else { StorePermission sp = new StorePermission(StorePermissionFlags.OpenStore); sp.Demand(); } if ((dwFlags & CERT_STORE_CREATE_NEW_FLAG) == CERT_STORE_CREATE_NEW_FLAG) { StorePermission sp = new StorePermission(StorePermissionFlags.CreateStore); sp.Demand(); } if ((dwFlags & CERT_STORE_OPEN_EXISTING_FLAG) == 0) { StorePermission sp = new StorePermission(StorePermissionFlags.CreateStore); sp.Demand(); } #endif return CAPIMethods.CertOpenStore(lpszStoreProvider, dwMsgAndCertEncodingType, hCryptProv, dwFlags | CERT_STORE_DEFER_CLOSE_UNTIL_LAST_FREE_FLAG, pvPara); }
bool CertSaveStore( [In] SafeCertStoreHandle hCertStore, [In] uint dwMsgAndCertEncodingType, [In] uint dwSaveAs, [In] uint dwSaveTo, [In,Out] IntPtr pvSaveToPara, [In] uint dwFlags) { if (hCertStore == null) throw new ArgumentNullException("hCertStore"); if (hCertStore.IsInvalid) throw new CryptographicException(SR.GetString(SR.Cryptography_InvalidHandle), "hCertStore"); #if !FEATURE_CORESYSTEM StorePermission sp = new StorePermission(StorePermissionFlags.EnumerateCertificates); sp.Demand(); #endif if (dwSaveTo == CERT_STORE_SAVE_TO_FILENAME_A || dwSaveTo == CERT_STORE_SAVE_TO_FILENAME_W) throw new ArgumentException(SR.GetString(SR.Security_InvalidValue), "pvSaveToPara"); return CAPIMethods.CertSaveStore(hCertStore, dwMsgAndCertEncodingType, dwSaveAs, dwSaveTo, pvSaveToPara, dwFlags); }
bool CertAddCertificateLinkToStore ( [In] SafeCertStoreHandle hCertStore, [In] SafeCertContextHandle pCertContext, [In] uint dwAddDisposition, [In,Out] SafeCertContextHandle ppStoreContext) { if (hCertStore == null) throw new ArgumentNullException("hCertStore"); if (hCertStore.IsInvalid) throw new CryptographicException(SR.GetString(SR.Cryptography_InvalidHandle), "hCertStore"); if (pCertContext == null) throw new ArgumentNullException("pCertContext"); if (pCertContext.IsInvalid) throw new CryptographicException(SR.GetString(SR.Cryptography_InvalidHandle), "pCertContext"); #if !FEATURE_CORESYSTEM StorePermission sp = new StorePermission(StorePermissionFlags.AddToStore); sp.Demand(); #endif return CAPIMethods.CertAddCertificateLinkToStore(hCertStore, pCertContext, dwAddDisposition, ppStoreContext); }
bool CertDeleteCertificateFromStore ( [In] SafeCertContextHandle pCertContext) { if (pCertContext == null) throw new ArgumentNullException("pCertContext"); if (pCertContext.IsInvalid) throw new CryptographicException(SR.GetString(SR.Cryptography_InvalidHandle), "pCertContext"); #if !FEATURE_CORESYSTEM StorePermission sp = new StorePermission(StorePermissionFlags.RemoveFromStore); sp.Demand(); #endif return CAPIMethods.CertDeleteCertificateFromStore(pCertContext); }
public AjaxResponse UploadCertificate(string fileName, string password) { var response = new AjaxResponse(); try { var filePath = Path.Combine(Path.GetTempPath(), fileName); var store2 = new X509Store(StoreName.My, StoreLocation.LocalMachine); var sp = new StorePermission(PermissionState.Unrestricted) {Flags = StorePermissionFlags.AllFlags}; sp.Assert(); store2.Open(OpenFlags.MaxAllowed); var cert = fileName.EndsWith(".pfx") ? new X509Certificate2(filePath, password) {FriendlyName = fileName} : new X509Certificate2(new X509Certificate(filePath)); store2.Add(cert); store2.Close(); if (CoreContext.Configuration.Standalone) UploadStandAloneCertificate(store2, cert); else UploadSaaSCertificate(store2, cert); response.status = "success"; response.message = Resource.UploadHttpsSettingsSuccess; } catch (Exception e) { response.status = "error"; response.message = e.Message; } return response; }
SafeCertContextHandle CertEnumCertificatesInStore ( [In] SafeCertStoreHandle hCertStore, [In] SafeCertContextHandle pPrevCertContext) { if (hCertStore == null) throw new ArgumentNullException("hCertStore"); if (hCertStore.IsInvalid) throw new CryptographicException(SR.GetString(SR.Cryptography_InvalidHandle), "hCertStore"); #if !FEATURE_CORESYSTEM if (pPrevCertContext.IsInvalid) { StorePermission sp = new StorePermission(StorePermissionFlags.EnumerateCertificates); sp.Demand(); } #endif SafeCertContextHandle safeCertContextHandle = CAPIMethods.CertEnumCertificatesInStore(hCertStore, pPrevCertContext); if (safeCertContextHandle == null || safeCertContextHandle.IsInvalid) { int dwErrorCode = Marshal.GetLastWin32Error(); if (dwErrorCode != CRYPT_E_NOT_FOUND) throw new CryptographicException(Marshal.GetLastWin32Error()); } return safeCertContextHandle; }
public void FromXml_WrongTagCase () { StorePermission sp = new StorePermission (PermissionState.None); SecurityElement se = sp.ToXml (); se.Tag = "IPERMISSION"; // instead of IPermission sp.FromXml (se); // note: normally IPermission classes (in corlib) DO care about the // IPermission tag }
public void FromXml_NoVersion () { StorePermission sp = new StorePermission (PermissionState.None); SecurityElement se = sp.ToXml (); SecurityElement w = new SecurityElement (se.Tag); w.AddAttribute ("class", se.Attribute ("class")); sp.FromXml (w); // version is optional (in this case) }
public void FromXml_WrongClass () { StorePermission sp = new StorePermission (PermissionState.None); SecurityElement se = sp.ToXml (); SecurityElement w = new SecurityElement (se.Tag); w.AddAttribute ("class", "Wrong" + se.Attribute ("class")); w.AddAttribute ("version", se.Attribute ("version")); sp.FromXml (w); // doesn't care of the class name at that stage // anyway the class has already be created so... }
public bool Build (X509Certificate2 certificate) { lock (m_syncRoot) { if (certificate == null || certificate.CertContext.IsInvalid) throw new ArgumentException(SR.GetString(SR.Cryptography_InvalidContextHandle), "certificate"); // Chain building opens and enumerates the root store to see if the root of the chain is trusted. StorePermission sp = new StorePermission(StorePermissionFlags.OpenStore | StorePermissionFlags.EnumerateCertificates); sp.Demand(); X509ChainPolicy chainPolicy = this.ChainPolicy; if (chainPolicy.RevocationMode == X509RevocationMode.Online) { if (certificate.Extensions[CAPI.szOID_CRL_DIST_POINTS] != null || certificate.Extensions[CAPI.szOID_AUTHORITY_INFO_ACCESS] != null) { // If there is a CDP or AIA extension, we demand unrestricted network access and store add permission // since CAPI can download certificates into the CA store from the network. PermissionSet ps = new PermissionSet(PermissionState.None); ps.AddPermission(new WebPermission(PermissionState.Unrestricted)); ps.AddPermission(new StorePermission(StorePermissionFlags.AddToStore)); ps.Demand(); } } Reset(); int hr = BuildChain(m_useMachineContext ? new IntPtr(CAPI.HCCE_LOCAL_MACHINE) : new IntPtr(CAPI.HCCE_CURRENT_USER), certificate.CertContext, chainPolicy.ExtraStore, chainPolicy.ApplicationPolicy, chainPolicy.CertificatePolicy, chainPolicy.RevocationMode, chainPolicy.RevocationFlag, chainPolicy.VerificationTime, chainPolicy.UrlRetrievalTimeout, ref m_safeCertChainHandle); if (hr != CAPI.S_OK) return false; // Init. Init(); // Verify the chain using the specified policy. CAPI.CERT_CHAIN_POLICY_PARA PolicyPara = new CAPI.CERT_CHAIN_POLICY_PARA(Marshal.SizeOf(typeof(CAPI.CERT_CHAIN_POLICY_PARA))); CAPI.CERT_CHAIN_POLICY_STATUS PolicyStatus = new CAPI.CERT_CHAIN_POLICY_STATUS(Marshal.SizeOf(typeof(CAPI.CERT_CHAIN_POLICY_STATUS))); PolicyPara.dwFlags = (uint) chainPolicy.VerificationFlags; if (!CAPI.CertVerifyCertificateChainPolicy(new IntPtr(CAPI.CERT_CHAIN_POLICY_BASE), m_safeCertChainHandle, ref PolicyPara, ref PolicyStatus)) // The API failed. throw new CryptographicException(Marshal.GetLastWin32Error()); CAPI.SetLastError(PolicyStatus.dwError); return (PolicyStatus.dwError == 0); } }
public void FromXml_NoClass () { StorePermission sp = new StorePermission (PermissionState.None); SecurityElement se = sp.ToXml (); SecurityElement w = new SecurityElement (se.Tag); w.AddAttribute ("version", se.Attribute ("version")); sp.FromXml (w); // note: normally IPermission classes (in corlib) DO NOT care about // attribute "class" name presence in the XML }
public void FromXml_WrongVersion () { StorePermission sp = new StorePermission (PermissionState.None); SecurityElement se = sp.ToXml (); se.Attributes.Remove ("version"); se.Attributes.Add ("version", "2"); sp.FromXml (se); }
public void Import(string fileName, string password, X509KeyStorageFlags keyStorageFlags) { uint dwFlags = X509Utils.MapKeyStorageFlags(keyStorageFlags); Cryptography.SafeCertStoreHandle safeCertStoreHandle = Cryptography.SafeCertStoreHandle.InvalidHandle; #if !FEATURE_CORESYSTEM // // We need to Assert all StorePermission flags since this is a memory store and we want // semi-trusted code to be able to import certificates to a memory store. // StorePermission sp = new StorePermission(StorePermissionFlags.AllFlags); sp.Assert(); #endif safeCertStoreHandle = LoadStoreFromFile(fileName, password, dwFlags, (keyStorageFlags & X509KeyStorageFlags.PersistKeySet) != 0); X509Certificate2Collection collection = X509Utils.GetCertificates(safeCertStoreHandle); safeCertStoreHandle.Dispose(); X509Certificate2[] x509Certs = new X509Certificate2[collection.Count]; collection.CopyTo(x509Certs, 0); this.AddRange(x509Certs); }
internal static Cryptography.SafeCertStoreHandle ExportToMemoryStore (X509Certificate2Collection collection) { // // We need to Assert all StorePermission flags since this is a memory store and we want // semi-trusted code to be able to export certificates to a memory store. // #if !FEATURE_CORESYSTEM StorePermission sp = new StorePermission(StorePermissionFlags.AllFlags); sp.Assert(); #endif Cryptography.SafeCertStoreHandle safeCertStoreHandle = Cryptography.SafeCertStoreHandle.InvalidHandle; // we always want to use CERT_STORE_ENUM_ARCHIVED_FLAG since we want to preserve the collection in this operation. // By default, Archived certificates will not be included. safeCertStoreHandle = CAPI.CertOpenStore(new IntPtr(CAPI.CERT_STORE_PROV_MEMORY), CAPI.X509_ASN_ENCODING | CAPI.PKCS_7_ASN_ENCODING, IntPtr.Zero, CAPI.CERT_STORE_ENUM_ARCHIVED_FLAG | CAPI.CERT_STORE_CREATE_NEW_FLAG, null); if (safeCertStoreHandle == null || safeCertStoreHandle.IsInvalid) throw new CryptographicException(Marshal.GetLastWin32Error()); // // We use CertAddCertificateLinkToStore to keep a link to the original store, so any property changes get // applied to the original store. This has a limit of 99 links per cert context however. // foreach (X509Certificate2 x509 in collection) { if (!CAPI.CertAddCertificateLinkToStore(safeCertStoreHandle, x509.CertContext, CAPI.CERT_STORE_ADD_ALWAYS, Cryptography.SafeCertContextHandle.InvalidHandle)) throw new CryptographicException(Marshal.GetLastWin32Error()); } return safeCertStoreHandle; }
internal static X509Certificate2Collection BuildBagOfCerts (KeyInfoX509Data keyInfoX509Data, CertUsageType certUsageType) { X509Certificate2Collection collection = new X509Certificate2Collection(); ArrayList decryptionIssuerSerials = (certUsageType == CertUsageType.Decryption ? new ArrayList() : null); if (keyInfoX509Data.Certificates != null) { foreach (X509Certificate2 certificate in keyInfoX509Data.Certificates) { switch (certUsageType) { case CertUsageType.Verification: collection.Add(certificate); break; case CertUsageType.Decryption: decryptionIssuerSerials.Add(new X509IssuerSerial(certificate.IssuerName.Name, certificate.SerialNumber)); break; } } } if (keyInfoX509Data.SubjectNames == null && keyInfoX509Data.IssuerSerials == null && keyInfoX509Data.SubjectKeyIds == null && decryptionIssuerSerials == null) return collection; // Open LocalMachine and CurrentUser "Other People"/"My" stores. // Assert OpenStore since we are not giving back any certificates to the user. StorePermission sp = new StorePermission(StorePermissionFlags.OpenStore); sp.Assert(); X509Store[] stores = new X509Store[2]; string storeName = (certUsageType == CertUsageType.Verification ? "AddressBook" : "My"); stores[0] = new X509Store(storeName, StoreLocation.CurrentUser); stores[1] = new X509Store(storeName, StoreLocation.LocalMachine); for (int index=0; index < stores.Length; index++) { if (stores[index] != null) { X509Certificate2Collection filters = null; // We don't care if we can't open the store. try { stores[index].Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly); filters = stores[index].Certificates; stores[index].Close(); if (keyInfoX509Data.SubjectNames != null) { foreach (string subjectName in keyInfoX509Data.SubjectNames) { filters = filters.Find(X509FindType.FindBySubjectDistinguishedName, subjectName, false); } } if (keyInfoX509Data.IssuerSerials != null) { foreach (X509IssuerSerial issuerSerial in keyInfoX509Data.IssuerSerials) { filters = filters.Find(X509FindType.FindByIssuerDistinguishedName, issuerSerial.IssuerName, false); filters = filters.Find(X509FindType.FindBySerialNumber, issuerSerial.SerialNumber, false); } } if (keyInfoX509Data.SubjectKeyIds != null) { foreach (byte[] ski in keyInfoX509Data.SubjectKeyIds) { string hex = X509Utils.EncodeHexString(ski); filters = filters.Find(X509FindType.FindBySubjectKeyIdentifier, hex, false); } } if (decryptionIssuerSerials != null) { foreach (X509IssuerSerial issuerSerial in decryptionIssuerSerials) { filters = filters.Find(X509FindType.FindByIssuerDistinguishedName, issuerSerial.IssuerName, false); filters = filters.Find(X509FindType.FindBySerialNumber, issuerSerial.SerialNumber, false); } } } catch (CryptographicException) {} if (filters != null) collection.AddRange(filters); } } return collection; }
public void Import(byte[] rawData, string password, X509KeyStorageFlags keyStorageFlags) { uint dwFlags = X509Utils.MapKeyStorageFlags(keyStorageFlags); SafeCertStoreHandle safeCertStoreHandle = SafeCertStoreHandle.InvalidHandle; // // We need to Assert all StorePermission flags since this is a memory store and we want // semi-trusted code to be able to import certificates to a memory store. // StorePermission sp = new StorePermission(StorePermissionFlags.AllFlags); sp.Assert(); safeCertStoreHandle = LoadStoreFromBlob(rawData, password, dwFlags, (keyStorageFlags & X509KeyStorageFlags.PersistKeySet) != 0); X509Certificate2Collection collection = X509Utils.GetCertificates(safeCertStoreHandle); safeCertStoreHandle.Dispose(); X509Certificate2[] x509Certs = new X509Certificate2[collection.Count]; collection.CopyTo(x509Certs, 0); this.AddRange(x509Certs); }
public void PermissionState_Bad () { PermissionState ps = (PermissionState) Int32.MinValue; StorePermission sp = new StorePermission (ps); }
public override IPermission CreatePermission () { StorePermission perm = null; if (this.Unrestricted) perm = new StorePermission (PermissionState.Unrestricted); else perm = new StorePermission (_flags); return perm; }
public void FromXml_Null () { StorePermission sp = new StorePermission (PermissionState.None); sp.FromXml (null); }
public X509Certificate2Collection Find(X509FindType findType, Object findValue, bool validOnly) { #if !FEATURE_CORESYSTEM // // We need to Assert all StorePermission flags since this is a memory store and we want // semi-trusted code to be able to find certificates in a memory store. // StorePermission sp = new StorePermission(StorePermissionFlags.AllFlags); sp.Assert(); #endif Cryptography.SafeCertStoreHandle safeSourceStoreHandle = X509Utils.ExportToMemoryStore(this); Cryptography.SafeCertStoreHandle safeTargetStoreHandle = FindCertInStore(safeSourceStoreHandle, findType, findValue, validOnly); X509Certificate2Collection collection = X509Utils.GetCertificates(safeTargetStoreHandle); safeTargetStoreHandle.Dispose(); safeSourceStoreHandle.Dispose(); return collection; }
IntPtr CertEnumCertificatesInStore ( [In] SafeCertStoreHandle hCertStore, [In] IntPtr pPrevCertContext) { if (hCertStore == null) throw new ArgumentNullException("hCertStore"); if (hCertStore.IsInvalid) throw new CryptographicException(SR.GetString(SR.Cryptography_InvalidHandle), "hCertStore"); if (pPrevCertContext == IntPtr.Zero) { StorePermission sp = new StorePermission(StorePermissionFlags.EnumerateCertificates); sp.Demand(); } IntPtr handle = CAPIMethods.CertEnumCertificatesInStore(hCertStore, pPrevCertContext); if (handle == IntPtr.Zero) { int dwErrorCode = Marshal.GetLastWin32Error(); if (dwErrorCode != CRYPT_E_NOT_FOUND) { CAPIMethods.CertFreeCertificateContext(handle); throw new CryptographicException(dwErrorCode); } } return handle; }
public byte[] Export(X509ContentType contentType, string password) { #if !FEATURE_CORESYSTEM // // We need to Assert all StorePermission flags since this is a memory store and we want // semi-trusted code to be able to export certificates to a memory store. // StorePermission sp = new StorePermission(StorePermissionFlags.AllFlags); sp.Assert(); #endif Cryptography.SafeCertStoreHandle safeCertStoreHandle = X509Utils.ExportToMemoryStore(this); byte[] result = ExportCertificatesToBlob(safeCertStoreHandle, contentType, password); safeCertStoreHandle.Dispose(); return result; }
private static X509Certificate2Collection SelectFromCollectionHelper (X509Certificate2Collection certificates, string title, string message, X509SelectionFlag selectionFlag, IntPtr hwndParent) { if (certificates == null) throw new ArgumentNullException("certificates"); if (selectionFlag < X509SelectionFlag.SingleSelection || selectionFlag > X509SelectionFlag.MultiSelection) throw new ArgumentException(String.Format(CultureInfo.CurrentCulture, SecurityResources.GetResourceString("Arg_EnumIllegalVal"), "selectionFlag")); // // We need to Assert all StorePermission flags since this is a memory store and we want // semi-trusted code to be able to select certificates from a memory store. // StorePermission sp = new StorePermission(StorePermissionFlags.AllFlags); sp.Assert(); using (SafeCertStoreHandle safeSourceStoreHandle = X509Utils.ExportToMemoryStore(certificates)) using (SafeCertStoreHandle safeTargetStoreHandle = SelectFromStore(safeSourceStoreHandle, title, message, selectionFlag, hwndParent)) { return X509Utils.GetCertificates(safeTargetStoreHandle); } }