public IList <CmsSigner> GetAllCmsSigners()
{
if (disposed)
{
throw new ObjectDisposedException("SecKeychain");
}
var signers = new List <CmsSigner> ();
IntPtr searchRef, itemRef, dataRef;
OSStatus status;
status = SecIdentitySearchCreate(Handle, CssmKeyUse.Sign, out searchRef);
if (status != OSStatus.Ok)
{
return(signers);
}
while (SecIdentitySearchCopyNext(searchRef, out itemRef) == OSStatus.Ok)
{
if (SecItemExport(itemRef, SecExternalFormat.PKCS12, SecItemImportExportFlags.None, IntPtr.Zero, out dataRef) == OSStatus.Ok)
{
var data = new CFData(dataRef, true);
var rawData = data.GetBuffer();
data.Dispose();
try {
using (var memory = new MemoryStream(rawData, false)) {
var pkcs12 = new Pkcs12Store(memory, new char[0]);
foreach (string alias in pkcs12.Aliases)
{
if (!pkcs12.IsKeyEntry(alias))
{
continue;
}
var chain = pkcs12.GetCertificateChain(alias);
var entry = pkcs12.GetKey(alias);
signers.Add(new CmsSigner(chain, entry.Key));
}
}
} catch (Exception ex) {
Debug.WriteLine("Failed to decode keychain pkcs12 data: {0}", ex);
}
}
CFRelease(itemRef);
}
CFRelease(searchRef);
return(signers);
}
/// <summary>
/// Gets a list of all certificates suitable for the given key usage.
/// </summary>
/// <returns>The matching certificates.</returns>
/// <param name="keyUsage">The key usage.</param>
/// <exception cref="System.ObjectDisposedException">
/// The keychain has been disposed.
/// </exception>
public IList <X509Certificate> GetCertificates(CssmKeyUse keyUsage)
{
if (disposed)
{
throw new ObjectDisposedException("SecKeychain");
}
var parser = new X509CertificateParser();
var certs = new List <X509Certificate> ();
IntPtr searchRef, itemRef, certRef;
OSStatus status;
status = SecIdentitySearchCreate(Handle, keyUsage, out searchRef);
if (status != OSStatus.Ok)
{
return(certs);
}
while (SecIdentitySearchCopyNext(searchRef, out itemRef) == OSStatus.Ok)
{
if (SecIdentityCopyCertificate(itemRef, out certRef) == OSStatus.Ok)
{
using (var data = new CFData(SecCertificateCopyData(certRef), true)) {
var rawData = data.GetBuffer();
try {
certs.Add(parser.ReadCertificate(rawData));
} catch (CertificateException ex) {
Debug.WriteLine("Failed to parse X509 certificate from keychain: {0}", ex);
}
}
}
CFRelease(itemRef);
}
CFRelease(searchRef);
return(certs);
}
/// <summary>
/// Gets a list of all certificates suitable for the given key usage.
/// </summary>
/// <returns>The matching certificates.</returns>
/// <param name="keyUsage">The key usage.</param>
/// <exception cref="System.ObjectDisposedException">
/// The keychain has been disposed.
/// </exception>
public IList<X509Certificate> GetCertificates(CssmKeyUse keyUsage)
{
if (disposed)
throw new ObjectDisposedException ("SecKeychain");
var parser = new X509CertificateParser ();
var certs = new List<X509Certificate> ();
IntPtr searchRef, itemRef, certRef;
OSStatus status;
status = SecIdentitySearchCreate (Handle, keyUsage, out searchRef);
if (status != OSStatus.Ok)
return certs;
while (SecIdentitySearchCopyNext (searchRef, out itemRef) == OSStatus.Ok) {
if (SecIdentityCopyCertificate (itemRef, out certRef) == OSStatus.Ok) {
using (var data = new CFData (SecCertificateCopyData (certRef), true)) {
var rawData = data.GetBuffer ();
try {
certs.Add (parser.ReadCertificate (rawData));
} catch (CertificateException ex) {
Debug.WriteLine ("Failed to parse X509 certificate from keychain: {0}", ex);
}
}
}
CFRelease (itemRef);
}
CFRelease (searchRef);
return certs;
}
public IList<CmsSigner> GetAllCmsSigners()
{
if (disposed)
throw new ObjectDisposedException ("SecKeychain");
var signers = new List<CmsSigner> ();
IntPtr searchRef, itemRef, dataRef;
OSStatus status;
status = SecIdentitySearchCreate (Handle, CssmKeyUse.Sign, out searchRef);
if (status != OSStatus.Ok)
return signers;
while (SecIdentitySearchCopyNext (searchRef, out itemRef) == OSStatus.Ok) {
if (SecItemExport (itemRef, SecExternalFormat.PKCS12, SecItemImportExportFlags.None, IntPtr.Zero, out dataRef) == OSStatus.Ok) {
var data = new CFData (dataRef, true);
var rawData = data.GetBuffer ();
data.Dispose ();
try {
using (var memory = new MemoryStream (rawData, false)) {
var pkcs12 = new Pkcs12Store (memory, new char[0]);
foreach (string alias in pkcs12.Aliases) {
if (!pkcs12.IsKeyEntry (alias))
continue;
var chain = pkcs12.GetCertificateChain (alias);
var key = pkcs12.GetKey (alias);
signers.Add (new CmsSigner (chain, key));
}
}
} catch (Exception ex) {
Debug.WriteLine ("Failed to decode keychain pkcs12 data: {0}", ex);
}
}
CFRelease (itemRef);
}
CFRelease (searchRef);
return signers;
}