/// <summary> /// Get a property of a certificate formatted as a structure /// </summary> public static T GetCertificateProperty <T>(this SafeCertContextHandle certificateContext, WindowsX509Native.CertificateProperty property) where T : struct { return(CertificatePal.GetCertificateProperty <T>(certificateContext.DangerousGetHandle(), property)); }
/// <summary> /// Unlike X509Store.Remove() this function also cleans up private-keys /// </summary> public static void RemoveCertificateFromStore(string thumbprint, StoreLocation storeLocation, string storeName) { var store = new X509Store(storeName, storeLocation); store.Open(OpenFlags.ReadWrite); var found = store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, false); if (found.Count == 0) { return; } var certificate = found[0]; var certificateHandle = new SafeCertContextHandle(found[0].Handle, false); // If the certificate has a private-key, remove it if (certificateHandle.HasPrivateKey()) { var keyProvInfo = certificateHandle.GetCertificateProperty <KeyProviderInfo>(CertificateProperty.KeyProviderInfo); // If it is a CNG key if (keyProvInfo.dwProvType == 0) { try { var key = CertificatePal.GetCngPrivateKey(certificateHandle); CertificatePal.DeleteCngKey(key); } catch (Exception ex) { throw new Exception("Exception while deleting CNG private key", ex); } } else // CAPI key { try { IntPtr providerHandle; var acquireContextFlags = CryptAcquireContextFlags.Delete | CryptAcquireContextFlags.Silent; if (storeLocation == StoreLocation.LocalMachine) { acquireContextFlags = acquireContextFlags | CryptAcquireContextFlags.MachineKeySet; } var success = Native.CryptAcquireContext(out providerHandle, keyProvInfo.pwszContainerName, keyProvInfo.pwszProvName, keyProvInfo.dwProvType, acquireContextFlags); if (!success) { throw new CryptographicException(Marshal.GetLastWin32Error()); } } catch (Exception ex) { // Swallow keyset does not exist if (!(ex is CryptographicException && ex.Message.Contains("Keyset does not exist"))) { throw new Exception("Exception while deleting CAPI private key", ex); } } } } store.Remove(certificate); store.Close(); }
public static bool HasProperty(this SafeCertContextHandle certificateContext, WindowsX509Native.CertificateProperty property) { return(CertificatePal.HasProperty(certificateContext.DangerousGetHandle(), property)); }