private static int VerifyCertChain(IntPtr storeCtxPtr, IntPtr curlPtr) { const int SuccessResult = 1, FailureResult = 0; EasyRequest easy; if (!TryGetEasyRequest(curlPtr, out easy)) { EventSourceTrace("Could not find associated easy request: {0}", curlPtr); return(FailureResult); } var storeCtx = new SafeX509StoreCtxHandle(storeCtxPtr, ownsHandle: false); try { return(VerifyCertChain(storeCtx, easy) ? SuccessResult : FailureResult); } catch (Exception exc) { EventSourceTrace("Unexpected exception: {0}", exc, easy: easy); easy.FailRequest(CreateHttpRequestException(new CurlException((int)CURLcode.CURLE_ABORTED_BY_CALLBACK, exc))); return(FailureResult); } finally { storeCtx.Dispose(); } }
public void Dispose() { _storeCtx?.Dispose(); _untrustedLookup?.Dispose(); _store?.Dispose(); // We don't own this one. _leafHandle = null; }
internal static OpenSslX509ChainProcessor InitiateChain( SafeX509Handle leafHandle, X509Certificate2Collection customTrustStore, X509ChainTrustMode trustMode, DateTime verificationTime, TimeSpan remainingDownloadTime) { CachedSystemStoreProvider.GetNativeCollections( out SafeX509StackHandle systemTrust, out SafeX509StackHandle systemIntermediate); SafeX509StoreHandle store = null; SafeX509StackHandle untrusted = null; SafeX509StoreCtxHandle storeCtx = null; try { untrusted = Interop.Crypto.NewX509Stack(); Interop.Crypto.X509StackAddMultiple(untrusted, s_userIntermediateStore.GetNativeCollection()); Interop.Crypto.X509StackAddMultiple(untrusted, s_userPersonalStore.GetNativeCollection()); store = GetTrustStore(trustMode, customTrustStore, untrusted, systemTrust); Interop.Crypto.X509StackAddMultiple(untrusted, systemIntermediate); Interop.Crypto.X509StoreSetVerifyTime(store, verificationTime); storeCtx = Interop.Crypto.X509StoreCtxCreate(); if (!Interop.Crypto.X509StoreCtxInit(storeCtx, store, leafHandle, untrusted)) { throw Interop.Crypto.CreateOpenSslCryptographicException(); } return(new OpenSslX509ChainProcessor( leafHandle, store, untrusted, storeCtx, verificationTime, remainingDownloadTime)); } catch { store?.Dispose(); untrusted?.Dispose(); storeCtx?.Dispose(); throw; } }
internal static OpenSslX509ChainProcessor InitiateChain( SafeX509Handle leafHandle, DateTime verificationTime, TimeSpan remainingDownloadTime) { SafeX509StackHandle systemTrust = StorePal.GetMachineRoot().GetNativeCollection(); SafeX509StackHandle systemIntermediate = StorePal.GetMachineIntermediate().GetNativeCollection(); SafeX509StoreHandle store = null; SafeX509StackHandle untrusted = null; SafeX509StoreCtxHandle storeCtx = null; try { store = Interop.Crypto.X509ChainNew(systemTrust, s_userRootPath); untrusted = Interop.Crypto.NewX509Stack(); Interop.Crypto.X509StackAddDirectoryStore(untrusted, s_userIntermediatePath); Interop.Crypto.X509StackAddDirectoryStore(untrusted, s_userPersonalPath); Interop.Crypto.X509StackAddMultiple(untrusted, systemIntermediate); Interop.Crypto.X509StoreSetVerifyTime(store, verificationTime); storeCtx = Interop.Crypto.X509StoreCtxCreate(); if (!Interop.Crypto.X509StoreCtxInit(storeCtx, store, leafHandle, untrusted)) { throw Interop.Crypto.CreateOpenSslCryptographicException(); } return(new OpenSslX509ChainProcessor( leafHandle, store, untrusted, storeCtx, verificationTime, remainingDownloadTime)); } catch { store?.Dispose(); untrusted?.Dispose(); storeCtx?.Dispose(); throw; } }