public void Initialize(TrustListDataType trustList) { CertificatesTable.Rows.Clear(); if (trustList != null) { if ((trustList.SpecifiedLists & (uint)TrustListMasks.TrustedCertificates) != 0 && trustList.TrustedCertificates != null) { foreach (var certificateBytes in trustList.TrustedCertificates) { var certificate = new X509Certificate2(certificateBytes); List <X509CRL> crls = new List <X509CRL>(); if ((trustList.SpecifiedLists & (uint)TrustListMasks.TrustedCrls) != 0 && trustList.TrustedCrls != null) { foreach (var crlBytes in trustList.TrustedCrls) { X509CRL crl = new X509CRL(crlBytes); if (Utils.CompareDistinguishedName(crl.Issuer, certificate.Subject)) { crls.Add(crl); } } } AddCertificate(certificate, Status.Trusted, crls); } } if ((trustList.SpecifiedLists & (uint)TrustListMasks.IssuerCertificates) != 0 && trustList.IssuerCertificates != null) { foreach (var certificateBytes in trustList.IssuerCertificates) { var certificate = new X509Certificate2(certificateBytes); List <X509CRL> crls = new List <X509CRL>(); if ((trustList.SpecifiedLists & (uint)TrustListMasks.IssuerCrls) != 0 && trustList.IssuerCrls != null) { foreach (var crlBytes in trustList.IssuerCrls) { X509CRL crl = new X509CRL(crlBytes); if (Utils.CompareDistinguishedName(crl.Issuer, certificate.Subject)) { crls.Add(crl); } } } AddCertificate(certificate, Status.Issuer, crls); } } } m_dataset.AcceptChanges(); NoDataWarningLabel.Visible = CertificatesTable.Rows.Count == 0; }
public TrustListDataType GetTrustLists() { ByteStringCollection trusted = new ByteStringCollection(); ByteStringCollection trustedCrls = new ByteStringCollection(); ByteStringCollection issuers = new ByteStringCollection(); ByteStringCollection issuersCrls = new ByteStringCollection(); foreach (DataGridViewRow row in CertificateListGridView.Rows) { DataRowView source = row.DataBoundItem as DataRowView; Status status = (Status)source.Row[4]; X509Certificate2 certificate = source.Row[7] as X509Certificate2; List <X509CRL> crls = source.Row[9] as List <X509CRL>; if (certificate != null) { if (status == Status.Trusted) { trusted.Add(certificate.RawData); if (crls != null) { foreach (var crl in crls) { trustedCrls.Add(crl.RawData); } } } else if (status == Status.Issuer) { issuers.Add(certificate.RawData); if (crls != null) { foreach (var crl in crls) { issuersCrls.Add(crl.RawData); } } } } } TrustListDataType trustList = new TrustListDataType() { SpecifiedLists = (uint)(TrustListMasks.All), TrustedCertificates = trusted, TrustedCrls = trustedCrls, IssuerCertificates = issuers, IssuerCrls = issuersCrls }; return(trustList); }
public void UpdateTrustList() { ConnectPushClient(true); TrustListDataType fullTrustList = _pushClient.PushClient.ReadTrustList(); TrustListDataType emptyTrustList = _pushClient.PushClient.ReadTrustList(TrustListMasks.None); emptyTrustList.SpecifiedLists = (uint)TrustListMasks.All; bool requireReboot = _pushClient.PushClient.UpdateTrustList(emptyTrustList); TrustListDataType expectEmptyTrustList = _pushClient.PushClient.ReadTrustList(); Assert.IsTrue(Utils.IsEqual(expectEmptyTrustList, emptyTrustList)); requireReboot = _pushClient.PushClient.UpdateTrustList(fullTrustList); TrustListDataType expectFullTrustList = _pushClient.PushClient.ReadTrustList(); Assert.IsTrue(Utils.IsEqual(expectFullTrustList, fullTrustList)); }
private TrustListDataType DecodeTrustListData( ISystemContext context, Stream strm) { TrustListDataType trustList = new TrustListDataType(); ServiceMessageContext messageContext = new ServiceMessageContext() { NamespaceUris = context.NamespaceUris, ServerUris = context.ServerUris, Factory = context.EncodeableFactory }; strm.Position = 0; BinaryDecoder decoder = new BinaryDecoder(strm, messageContext); trustList.Decode(decoder); decoder.Close(); return trustList; }
private Stream EncodeTrustListData( ISystemContext context, TrustListDataType trustList ) { ServiceMessageContext messageContext = new ServiceMessageContext() { NamespaceUris = context.NamespaceUris, ServerUris = context.ServerUris, Factory = context.EncodeableFactory }; MemoryStream strm = new MemoryStream(); BinaryEncoder encoder = new BinaryEncoder(strm, messageContext); encoder.WriteEncodeable(null, trustList, null); strm.Position = 0; return strm; }
public void ReadTrustList() { ConnectPushClient(true); TrustListDataType allTrustList = _pushClient.PushClient.ReadTrustList(); Assert.IsNotNull(allTrustList); Assert.IsNotNull(allTrustList.IssuerCertificates); Assert.IsNotNull(allTrustList.IssuerCrls); Assert.IsNotNull(allTrustList.TrustedCertificates); Assert.IsNotNull(allTrustList.TrustedCrls); TrustListDataType noneTrustList = _pushClient.PushClient.ReadTrustList(TrustListMasks.None); Assert.IsNotNull(noneTrustList); Assert.IsNotNull(noneTrustList.IssuerCertificates); Assert.IsNotNull(noneTrustList.IssuerCrls); Assert.IsNotNull(noneTrustList.TrustedCertificates); Assert.IsNotNull(noneTrustList.TrustedCrls); Assert.IsTrue(noneTrustList.IssuerCertificates.Count == 0); Assert.IsTrue(noneTrustList.IssuerCrls.Count == 0); Assert.IsTrue(noneTrustList.TrustedCertificates.Count == 0); Assert.IsTrue(noneTrustList.TrustedCrls.Count == 0); TrustListDataType issuerTrustList = _pushClient.PushClient.ReadTrustList(TrustListMasks.IssuerCertificates | TrustListMasks.IssuerCrls); Assert.IsNotNull(issuerTrustList); Assert.IsNotNull(issuerTrustList.IssuerCertificates); Assert.IsNotNull(issuerTrustList.IssuerCrls); Assert.IsNotNull(issuerTrustList.TrustedCertificates); Assert.IsNotNull(issuerTrustList.TrustedCrls); Assert.IsTrue(issuerTrustList.IssuerCertificates.Count == allTrustList.IssuerCertificates.Count); Assert.IsTrue(issuerTrustList.IssuerCrls.Count == allTrustList.IssuerCrls.Count); Assert.IsTrue(issuerTrustList.TrustedCertificates.Count == 0); Assert.IsTrue(issuerTrustList.TrustedCrls.Count == 0); TrustListDataType trustedTrustList = _pushClient.PushClient.ReadTrustList(TrustListMasks.TrustedCertificates | TrustListMasks.TrustedCrls); Assert.IsNotNull(trustedTrustList); Assert.IsNotNull(trustedTrustList.IssuerCertificates); Assert.IsNotNull(trustedTrustList.IssuerCrls); Assert.IsNotNull(trustedTrustList.TrustedCertificates); Assert.IsNotNull(trustedTrustList.TrustedCrls); Assert.IsTrue(trustedTrustList.IssuerCertificates.Count == 0); Assert.IsTrue(trustedTrustList.IssuerCrls.Count == 0); Assert.IsTrue(trustedTrustList.TrustedCertificates.Count == allTrustList.TrustedCertificates.Count); Assert.IsTrue(trustedTrustList.TrustedCrls.Count == allTrustList.TrustedCrls.Count); }
public void AddRemoveCert() { using (X509Certificate2 trustedCert = CertificateFactory.CreateCertificate(null, null, null, "uri:x:y:z", "TrustedCert", "CN=Push Server Test", null, 2048, DateTime.UtcNow, 1, 256)) using (X509Certificate2 issuerCert = CertificateFactory.CreateCertificate(null, null, null, "uri:x:y:z", "IssuerCert", "CN=Push Server Test", null, 2048, DateTime.UtcNow, 1, 256)) { ConnectPushClient(true); TrustListDataType beforeTrustList = _pushClient.PushClient.ReadTrustList(); _pushClient.PushClient.AddCertificate(trustedCert, true); _pushClient.PushClient.AddCertificate(issuerCert, false); TrustListDataType afterAddTrustList = _pushClient.PushClient.ReadTrustList(); Assert.Greater(afterAddTrustList.TrustedCertificates.Count, beforeTrustList.TrustedCertificates.Count); Assert.Greater(afterAddTrustList.IssuerCertificates.Count, beforeTrustList.IssuerCertificates.Count); Assert.IsFalse(Utils.IsEqual(beforeTrustList, afterAddTrustList)); _pushClient.PushClient.RemoveCertificate(trustedCert.Thumbprint, true); _pushClient.PushClient.RemoveCertificate(issuerCert.Thumbprint, false); TrustListDataType afterRemoveTrustList = _pushClient.PushClient.ReadTrustList(); Assert.IsTrue(Utils.IsEqual(beforeTrustList, afterRemoveTrustList)); } }
public void AddRemoveCAIssuerCert() { ConnectPushClient(true); TrustListDataType beforeTrustList = m_pushClient.PushClient.ReadTrustList(); m_pushClient.PushClient.AddCertificate(m_caCert, false); TrustListDataType afterAddTrustList = m_pushClient.PushClient.ReadTrustList(); Assert.Greater(afterAddTrustList.IssuerCertificates.Count, beforeTrustList.IssuerCertificates.Count); Assert.AreEqual(afterAddTrustList.IssuerCrls.Count, beforeTrustList.IssuerCrls.Count); Assert.IsFalse(Utils.IsEqual(beforeTrustList, afterAddTrustList)); Assert.That(() => { m_pushClient.PushClient.RemoveCertificate(m_caCert.Thumbprint, true); }, Throws.Exception); TrustListDataType afterRemoveTrustList = m_pushClient.PushClient.ReadTrustList(); Assert.IsFalse(Utils.IsEqual(beforeTrustList, afterRemoveTrustList)); m_pushClient.PushClient.RemoveCertificate(m_caCert.Thumbprint, false); afterRemoveTrustList = m_pushClient.PushClient.ReadTrustList(); Assert.IsTrue(Utils.IsEqual(beforeTrustList, afterRemoveTrustList)); }
public void AddRemoveCATrustedCert() { ConnectPushClient(true); TrustListDataType beforeTrustList = m_pushClient.PushClient.ReadTrustList(); m_pushClient.PushClient.AddCertificate(m_caCert, true); TrustListDataType afterAddTrustList = m_pushClient.PushClient.ReadTrustList(); Assert.Greater(afterAddTrustList.TrustedCertificates.Count, beforeTrustList.TrustedCertificates.Count); Assert.AreEqual(afterAddTrustList.TrustedCrls.Count, beforeTrustList.TrustedCrls.Count); Assert.IsFalse(Utils.IsEqual(beforeTrustList, afterAddTrustList)); var serviceResultException = Assert.Throws <ServiceResultException>(() => { m_pushClient.PushClient.RemoveCertificate(m_caCert.Thumbprint, false); }); Assert.AreEqual(StatusCodes.BadInvalidArgument, serviceResultException.StatusCode, serviceResultException.Message); TrustListDataType afterRemoveTrustList = m_pushClient.PushClient.ReadTrustList(); Assert.IsFalse(Utils.IsEqual(beforeTrustList, afterRemoveTrustList)); m_pushClient.PushClient.RemoveCertificate(m_caCert.Thumbprint, true); afterRemoveTrustList = m_pushClient.PushClient.ReadTrustList(); Assert.IsTrue(Utils.IsEqual(beforeTrustList, afterRemoveTrustList)); }
private ServiceResult Open( ISystemContext context, MethodState method, NodeId objectId, OpenFileMode mode, TrustListMasks masks, ref uint fileHandle) { HasSecureReadAccess(context); if (mode == OpenFileMode.Read) { HasSecureReadAccess(context); } else if (mode == (OpenFileMode.Write | OpenFileMode.EraseExisting)) { HasSecureWriteAccess(context); } else { return(StatusCodes.BadNotWritable); } lock (m_lock) { if (m_sessionId != null) { // to avoid deadlocks, last open always wins m_sessionId = null; m_strm = null; m_node.OpenCount.Value = 0; } m_readMode = mode == OpenFileMode.Read; m_sessionId = context.SessionId; fileHandle = ++m_fileHandle; TrustListDataType trustList = new TrustListDataType() { SpecifiedLists = (uint)masks }; using (ICertificateStore store = CertificateStoreIdentifier.OpenStore(m_trustedStorePath)) { if ((masks & TrustListMasks.TrustedCertificates) != 0) { X509Certificate2Collection certificates = store.Enumerate().Result; foreach (var certificate in certificates) { trustList.TrustedCertificates.Add(certificate.RawData); } } if ((masks & TrustListMasks.TrustedCrls) != 0) { foreach (var crl in store.EnumerateCRLs()) { trustList.TrustedCrls.Add(crl.RawData); } } } using (ICertificateStore store = CertificateStoreIdentifier.OpenStore(m_issuerStorePath)) { if ((masks & TrustListMasks.IssuerCertificates) != 0) { X509Certificate2Collection certificates = store.Enumerate().Result; foreach (var certificate in certificates) { trustList.IssuerCertificates.Add(certificate.RawData); } } if ((masks & TrustListMasks.IssuerCrls) != 0) { foreach (var crl in store.EnumerateCRLs()) { trustList.IssuerCrls.Add(crl.RawData); } } } if (m_readMode) { m_strm = EncodeTrustListData(context, trustList); } else { m_strm = new MemoryStream(DefaultTrustListCapacity); } m_node.OpenCount.Value = 1; } return(ServiceResult.Good); }
private ServiceResult CloseAndUpdate( ISystemContext context, MethodState method, NodeId objectId, uint fileHandle, ref bool restartRequired) { HasSecureWriteAccess(context); ServiceResult result = StatusCodes.Good; lock (m_lock) { if (m_sessionId != context.SessionId) { return(StatusCodes.BadUserAccessDenied); } if (m_fileHandle != fileHandle) { return(StatusCodes.BadInvalidArgument); } try { TrustListDataType trustList = DecodeTrustListData(context, m_strm); TrustListMasks masks = (TrustListMasks)trustList.SpecifiedLists; X509Certificate2Collection issuerCertificates = null; List <X509CRL> issuerCrls = null; X509Certificate2Collection trustedCertificates = null; List <X509CRL> trustedCrls = null; // test integrity of all CRLs if ((masks & TrustListMasks.IssuerCertificates) != 0) { issuerCertificates = new X509Certificate2Collection(); foreach (var cert in trustList.IssuerCertificates) { issuerCertificates.Add(new X509Certificate2(cert)); } } if ((masks & TrustListMasks.IssuerCrls) != 0) { issuerCrls = new List <X509CRL>(); foreach (var crl in trustList.IssuerCrls) { issuerCrls.Add(new X509CRL(crl)); } } if ((masks & TrustListMasks.TrustedCertificates) != 0) { trustedCertificates = new X509Certificate2Collection(); foreach (var cert in trustList.TrustedCertificates) { trustedCertificates.Add(new X509Certificate2(cert)); } } if ((masks & TrustListMasks.TrustedCrls) != 0) { trustedCrls = new List <X509CRL>(); foreach (var crl in trustList.TrustedCrls) { trustedCrls.Add(new X509CRL(crl)); } } // update store // test integrity of all CRLs TrustListMasks updateMasks = TrustListMasks.None; if ((masks & TrustListMasks.IssuerCertificates) != 0) { if (UpdateStoreCertificates(m_issuerStorePath, issuerCertificates)) { updateMasks |= TrustListMasks.IssuerCertificates; } } if ((masks & TrustListMasks.IssuerCrls) != 0) { if (UpdateStoreCrls(m_issuerStorePath, issuerCrls)) { updateMasks |= TrustListMasks.IssuerCrls; } } if ((masks & TrustListMasks.TrustedCertificates) != 0) { if (UpdateStoreCertificates(m_trustedStorePath, trustedCertificates)) { updateMasks |= TrustListMasks.TrustedCertificates; } } if ((masks & TrustListMasks.TrustedCrls) != 0) { if (UpdateStoreCrls(m_trustedStorePath, trustedCrls)) { updateMasks |= TrustListMasks.TrustedCrls; } } if (masks != updateMasks) { result = StatusCodes.BadCertificateInvalid; } } catch { result = StatusCodes.BadCertificateInvalid; } finally { m_sessionId = null; m_strm = null; m_node.LastUpdateTime.Value = DateTime.UtcNow; m_node.OpenCount.Value = 0; } } restartRequired = false; return(result); }
/// <summary> /// Reads the trust list. /// </summary> public TrustListDataType ReadTrustList(NodeId trustListId) { if (!IsConnected) { Connect(); } var outputArguments = Session.Call( trustListId, Opc.Ua.MethodIds.FileType_Open, (byte)OpenFileMode.Read); uint fileHandle = (uint)outputArguments[0]; MemoryStream ostrm = new MemoryStream(); try { while (true) { int length = 4096; outputArguments = Session.Call( trustListId, Opc.Ua.MethodIds.FileType_Read, fileHandle, length); byte[] bytes = (byte[])outputArguments[0]; ostrm.Write(bytes, 0, bytes.Length); if (length != bytes.Length) { break; } } } catch (Exception) { throw; } finally { if (IsConnected) { Session.Call( trustListId, Opc.Ua.MethodIds.FileType_Close, fileHandle); } } ostrm.Position = 0; BinaryDecoder decoder = new BinaryDecoder(ostrm, Session.MessageContext); TrustListDataType trustList = new TrustListDataType(); trustList.Decode(decoder); decoder.Close(); ostrm.Close(); return(trustList); }
private bool AddTrustListToStore(SecurityConfiguration config, TrustListDataType trustList) { TrustListMasks masks = (TrustListMasks)trustList.SpecifiedLists; X509Certificate2Collection issuerCertificates = null; List <X509CRL> issuerCrls = null; X509Certificate2Collection trustedCertificates = null; List <X509CRL> trustedCrls = null; // test integrity of all CRLs if ((masks & TrustListMasks.IssuerCertificates) != 0) { issuerCertificates = new X509Certificate2Collection(); foreach (var cert in trustList.IssuerCertificates) { issuerCertificates.Add(new X509Certificate2(cert)); } } if ((masks & TrustListMasks.IssuerCrls) != 0) { issuerCrls = new List <X509CRL>(); foreach (var crl in trustList.IssuerCrls) { issuerCrls.Add(new X509CRL(crl)); } } if ((masks & TrustListMasks.TrustedCertificates) != 0) { trustedCertificates = new X509Certificate2Collection(); foreach (var cert in trustList.TrustedCertificates) { trustedCertificates.Add(new X509Certificate2(cert)); } } if ((masks & TrustListMasks.TrustedCrls) != 0) { trustedCrls = new List <X509CRL>(); foreach (var crl in trustList.TrustedCrls) { trustedCrls.Add(new X509CRL(crl)); } } // update store // test integrity of all CRLs TrustListMasks updateMasks = TrustListMasks.None; if ((masks & TrustListMasks.IssuerCertificates) != 0) { if (UpdateStoreCertificates(config.TrustedIssuerCertificates.StorePath, issuerCertificates)) { updateMasks |= TrustListMasks.IssuerCertificates; } } if ((masks & TrustListMasks.IssuerCrls) != 0) { if (UpdateStoreCrls(config.TrustedIssuerCertificates.StorePath, issuerCrls)) { updateMasks |= TrustListMasks.IssuerCrls; } } if ((masks & TrustListMasks.TrustedCertificates) != 0) { if (UpdateStoreCertificates(config.TrustedPeerCertificates.StorePath, trustedCertificates)) { updateMasks |= TrustListMasks.TrustedCertificates; } } if ((masks & TrustListMasks.TrustedCrls) != 0) { if (UpdateStoreCrls(config.TrustedPeerCertificates.StorePath, trustedCrls)) { updateMasks |= TrustListMasks.TrustedCrls; } } return(masks == updateMasks); }
/// <summary> /// Updates the trust list. /// </summary> public bool UpdateTrustList(TrustListDataType trustList) { if (!IsConnected) { Connect(); } IUserIdentity oldUser = ElevatePermissions(); try { MemoryStream strm = new MemoryStream(); BinaryEncoder encoder = new BinaryEncoder(strm, m_session.MessageContext); encoder.WriteEncodeable(null, trustList, null); strm.Position = 0; var outputArguments = m_session.Call( ExpandedNodeId.ToNodeId(Opc.Ua.ObjectIds.ServerConfiguration_CertificateGroups_DefaultApplicationGroup_TrustList, m_session.NamespaceUris), ExpandedNodeId.ToNodeId(Opc.Ua.MethodIds.ServerConfiguration_CertificateGroups_DefaultApplicationGroup_TrustList_Open, m_session.NamespaceUris), (byte)(OpenFileMode.Write | OpenFileMode.EraseExisting)); uint fileHandle = (uint)outputArguments[0]; try { bool writing = true; byte[] buffer = new byte[256]; while (writing) { int bytesWritten = strm.Read(buffer, 0, buffer.Length); if (bytesWritten != buffer.Length) { byte[] copy = new byte[bytesWritten]; Array.Copy(buffer, copy, bytesWritten); buffer = copy; writing = false; } m_session.Call( ExpandedNodeId.ToNodeId(Opc.Ua.ObjectIds.ServerConfiguration_CertificateGroups_DefaultApplicationGroup_TrustList, m_session.NamespaceUris), ExpandedNodeId.ToNodeId(Opc.Ua.MethodIds.ServerConfiguration_CertificateGroups_DefaultApplicationGroup_TrustList_Write, m_session.NamespaceUris), fileHandle, buffer); } outputArguments = m_session.Call( ExpandedNodeId.ToNodeId(Opc.Ua.ObjectIds.ServerConfiguration_CertificateGroups_DefaultApplicationGroup_TrustList, m_session.NamespaceUris), ExpandedNodeId.ToNodeId(Opc.Ua.MethodIds.ServerConfiguration_CertificateGroups_DefaultApplicationGroup_TrustList_CloseAndUpdate, m_session.NamespaceUris), fileHandle); return((bool)outputArguments[0]); } catch (Exception) { if (IsConnected) { m_session.Call( ExpandedNodeId.ToNodeId(Opc.Ua.ObjectIds.ServerConfiguration_CertificateGroups_DefaultApplicationGroup_TrustList, m_session.NamespaceUris), ExpandedNodeId.ToNodeId(Opc.Ua.MethodIds.ServerConfiguration_CertificateGroups_DefaultApplicationGroup_TrustList_Close, m_session.NamespaceUris), fileHandle); } throw; } } finally { RevertPermissions(oldUser); } }
/// <summary> /// Reads the trust list. /// </summary> public TrustListDataType ReadTrustList(TrustListMasks masks = TrustListMasks.All) { if (!IsConnected) { Connect(); } IUserIdentity oldUser = ElevatePermissions(); try { var outputArguments = m_session.Call( ExpandedNodeId.ToNodeId(Opc.Ua.ObjectIds.ServerConfiguration_CertificateGroups_DefaultApplicationGroup_TrustList, m_session.NamespaceUris), ExpandedNodeId.ToNodeId(Opc.Ua.MethodIds.ServerConfiguration_CertificateGroups_DefaultApplicationGroup_TrustList_OpenWithMasks, m_session.NamespaceUris), (uint)masks); uint fileHandle = (uint)outputArguments[0]; MemoryStream ostrm = new MemoryStream(); try { while (true) { int length = 256; outputArguments = m_session.Call( ExpandedNodeId.ToNodeId(Opc.Ua.ObjectIds.ServerConfiguration_CertificateGroups_DefaultApplicationGroup_TrustList, m_session.NamespaceUris), ExpandedNodeId.ToNodeId(Opc.Ua.MethodIds.ServerConfiguration_CertificateGroups_DefaultApplicationGroup_TrustList_Read, m_session.NamespaceUris), fileHandle, length); byte[] bytes = (byte[])outputArguments[0]; ostrm.Write(bytes, 0, bytes.Length); if (length != bytes.Length) { break; } } m_session.Call( ExpandedNodeId.ToNodeId(Opc.Ua.ObjectIds.ServerConfiguration_CertificateGroups_DefaultApplicationGroup_TrustList, m_session.NamespaceUris), ExpandedNodeId.ToNodeId(Opc.Ua.MethodIds.ServerConfiguration_CertificateGroups_DefaultApplicationGroup_TrustList_Close, m_session.NamespaceUris), fileHandle); } catch (Exception) { if (IsConnected) { m_session.Call( ExpandedNodeId.ToNodeId(Opc.Ua.ObjectIds.ServerConfiguration_CertificateGroups_DefaultApplicationGroup_TrustList, m_session.NamespaceUris), ExpandedNodeId.ToNodeId(Opc.Ua.MethodIds.ServerConfiguration_CertificateGroups_DefaultApplicationGroup_TrustList_Close, m_session.NamespaceUris), fileHandle); } throw; } ostrm.Position = 0; BinaryDecoder decoder = new BinaryDecoder(ostrm, m_session.MessageContext); TrustListDataType trustList = new TrustListDataType(); trustList.Decode(decoder); decoder.Close(); ostrm.Close(); return(trustList); } finally { RevertPermissions(oldUser); } }