本文整理汇总了C#中ICertificatePal类的典型用法代码示例。如果您正苦于以下问题:C# ICertificatePal类的具体用法?C# ICertificatePal怎么用?C# ICertificatePal使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
ICertificatePal类属于命名空间,在下文中一共展示了ICertificatePal类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: DecodePublicKey
public AsymmetricAlgorithm DecodePublicKey(Oid oid, byte[] encodedKeyValue, byte[] encodedParameters, ICertificatePal certificatePal)
{
if (oid.Value == Oids.Ecc)
{
return DecodeECDsaPublicKey((CertificatePal)certificatePal);
}
int algId = OidInfo.FindOidInfo(CryptOidInfoKeyType.CRYPT_OID_INFO_OID_KEY, oid.Value, OidGroup.PublicKeyAlgorithm, fallBackToAllGroups: true).AlgId;
switch (algId)
{
case AlgId.CALG_RSA_KEYX:
case AlgId.CALG_RSA_SIGN:
{
byte[] keyBlob = DecodeKeyBlob(CryptDecodeObjectStructType.CNG_RSA_PUBLIC_KEY_BLOB, encodedKeyValue);
CngKey cngKey = CngKey.Import(keyBlob, CngKeyBlobFormat.GenericPublicBlob);
return new RSACng(cngKey);
}
#if !NETNATIVE
case AlgId.CALG_DSS_SIGN:
{
byte[] keyBlob = ConstructDSSPublicKeyCspBlob(encodedKeyValue, encodedParameters);
DSACryptoServiceProvider dsa = new DSACryptoServiceProvider();
dsa.ImportCspBlob(keyBlob);
return dsa;
}
#endif
default:
throw new NotSupportedException(SR.NotSupported_KeyAlgorithm);
}
}示例2: BuildChain
public static IChainPal BuildChain(
bool useMachineContext,
ICertificatePal cert,
X509Certificate2Collection extraStore,
OidCollection applicationPolicy,
OidCollection certificatePolicy,
X509RevocationMode revocationMode,
X509RevocationFlag revocationFlag,
DateTime verificationTime,
TimeSpan timeout)
{
// An input value of 0 on the timeout is "take all the time you need".
if (timeout == TimeSpan.Zero)
{
timeout = TimeSpan.MaxValue;
}
// Let Unspecified mean Local, so only convert if the source was UTC.
//
// Converge on Local instead of UTC because OpenSSL is going to assume we gave it
// local time.
if (verificationTime.Kind == DateTimeKind.Utc)
{
verificationTime = verificationTime.ToLocalTime();
}
TimeSpan remainingDownloadTime = timeout;
var leaf = new X509Certificate2(cert.Handle);
var downloaded = new HashSet<X509Certificate2>();
var systemTrusted = new HashSet<X509Certificate2>();
HashSet<X509Certificate2> candidates = OpenSslX509ChainProcessor.FindCandidates(
leaf,
extraStore,
downloaded,
systemTrusted,
ref remainingDownloadTime);
IChainPal chain = OpenSslX509ChainProcessor.BuildChain(
leaf,
candidates,
downloaded,
systemTrusted,
applicationPolicy,
certificatePolicy,
revocationMode,
revocationFlag,
verificationTime,
ref remainingDownloadTime);
if (chain.ChainStatus.Length == 0 && downloaded.Count > 0)
{
SaveIntermediateCertificates(chain.ChainElements, downloaded);
}
return chain;
}示例3: BuildChain
/// <summary>
/// Does not throw on error. Returns null ChainPal instead.
/// </summary>
public static ChainPal BuildChain(
bool useMachineContext,
ICertificatePal cert,
X509Certificate2Collection extraStore,
OidCollection applicationPolicy,
OidCollection certificatePolicy,
X509RevocationMode revocationMode,
X509RevocationFlag revocationFlag,
DateTime verificationTime,
TimeSpan timeout)
{
CertificatePal certificatePal = (CertificatePal)cert;
unsafe
{
using (SafeCertStoreHandle extraStoreHandle = ConvertExtraStoreToSafeHandle(extraStore))
{
CERT_CHAIN_PARA chainPara = new CERT_CHAIN_PARA();
chainPara.cbSize = Marshal.SizeOf<CERT_CHAIN_PARA>();
int applicationPolicyCount;
using (SafeHandle applicationPolicyOids = applicationPolicy.ToLpstrArray(out applicationPolicyCount))
{
if (!applicationPolicyOids.IsInvalid)
{
chainPara.RequestedUsage.dwType = CertUsageMatchType.USAGE_MATCH_TYPE_AND;
chainPara.RequestedUsage.Usage.cUsageIdentifier = applicationPolicyCount;
chainPara.RequestedUsage.Usage.rgpszUsageIdentifier = applicationPolicyOids.DangerousGetHandle();
}
int certificatePolicyCount;
using (SafeHandle certificatePolicyOids = certificatePolicy.ToLpstrArray(out certificatePolicyCount))
{
if (!certificatePolicyOids.IsInvalid)
{
chainPara.RequestedIssuancePolicy.dwType = CertUsageMatchType.USAGE_MATCH_TYPE_AND;
chainPara.RequestedIssuancePolicy.Usage.cUsageIdentifier = certificatePolicyCount;
chainPara.RequestedIssuancePolicy.Usage.rgpszUsageIdentifier = certificatePolicyOids.DangerousGetHandle();
}
chainPara.dwUrlRetrievalTimeout = (int)Math.Floor(timeout.TotalMilliseconds);
FILETIME ft = FILETIME.FromDateTime(verificationTime);
CertChainFlags flags = MapRevocationFlags(revocationMode, revocationFlag);
ChainEngine chainEngine = useMachineContext ? ChainEngine.HCCE_LOCAL_MACHINE : ChainEngine.HCCE_CURRENT_USER;
SafeX509ChainHandle chain;
if (!Interop.crypt32.CertGetCertificateChain(chainEngine, certificatePal.CertContext, &ft, extraStoreHandle, ref chainPara, flags, IntPtr.Zero, out chain))
return null;
return new ChainPal(chain);
}
}
}
}
}示例4: DecodePublicKey
public AsymmetricAlgorithm DecodePublicKey(Oid oid, byte[] encodedKeyValue, byte[] encodedParameters, ICertificatePal certificatePal)
{
switch (oid.Value)
{
case Oids.RsaRsa:
return BuildRsaPublicKey(encodedKeyValue);
}
// NotSupportedException is what desktop and CoreFx-Windows throw in this situation.
throw new NotSupportedException(SR.NotSupported_KeyAlgorithm);
}示例5: BuildChain
public static IChainPal BuildChain(
bool useMachineContext,
ICertificatePal cert,
X509Certificate2Collection extraStore,
OidCollection applicationPolicy,
OidCollection certificatePolicy,
X509RevocationMode revocationMode,
X509RevocationFlag revocationFlag,
DateTime verificationTime,
TimeSpan timeout)
{
return new OpenSslX509ChainProcessor();
}示例6: TryReadX509Der
internal static bool TryReadX509Der(byte[] rawData, out ICertificatePal certPal)
{
SafeX509Handle certHandle = Interop.Crypto.DecodeX509(rawData, rawData.Length);
if (certHandle.IsInvalid)
{
certHandle.Dispose();
certPal = null;
return false;
}
certPal = new OpenSslX509CertificateReader(certHandle);
return true;
}示例7: FromCertificate
public static IExportPal FromCertificate(ICertificatePal cert)
{
CertificatePal certificatePal = (CertificatePal)cert;
SafeCertStoreHandle certStore = Interop.crypt32.CertOpenStore(
CertStoreProvider.CERT_STORE_PROV_MEMORY,
CertEncodingType.All,
IntPtr.Zero,
CertStoreFlags.CERT_STORE_ENUM_ARCHIVED_FLAG | CertStoreFlags.CERT_STORE_CREATE_NEW_FLAG | CertStoreFlags.CERT_STORE_DEFER_CLOSE_UNTIL_LAST_FREE_FLAG,
null);
if (certStore.IsInvalid)
throw Marshal.GetHRForLastWin32Error().ToCryptographicException();;
if (!Interop.crypt32.CertAddCertificateLinkToStore(certStore, certificatePal.CertContext, CertStoreAddDisposition.CERT_STORE_ADD_ALWAYS, IntPtr.Zero))
throw Marshal.GetHRForLastWin32Error().ToCryptographicException();;
return new StorePal(certStore);
}示例8: DecodePublicKey
public AsymmetricAlgorithm DecodePublicKey(Oid oid, byte[] encodedKeyValue, byte[] encodedParameters, ICertificatePal certificatePal)
{
if (oid.Value == Oids.Ecc && certificatePal != null)
{
return ((OpenSslX509CertificateReader)certificatePal).GetECDsaPublicKey();
}
switch (oid.Value)
{
case Oids.RsaRsa:
return BuildRsaPublicKey(encodedKeyValue);
}
// NotSupportedException is what desktop and CoreFx-Windows throw in this situation.
throw new NotSupportedException(SR.NotSupported_KeyAlgorithm);
}示例9: Remove
public void Remove(ICertificatePal certificate)
{
unsafe
{
SafeCertContextHandle existingCertContext = ((CertificatePal)certificate).CertContext;
SafeCertContextHandle enumCertContext = null;
CERT_CONTEXT* pCertContext = existingCertContext.CertContext;
if (!Interop.crypt32.CertFindCertificateInStore(_certStore, CertFindType.CERT_FIND_EXISTING, pCertContext, ref enumCertContext))
return; // The certificate is not present in the store, simply return.
CERT_CONTEXT* pCertContextToDelete = enumCertContext.Disconnect(); // CertDeleteCertificateFromContext always frees the context (even on error)
if (!Interop.crypt32.CertDeleteCertificateFromStore(pCertContextToDelete))
throw Marshal.GetLastWin32Error().ToCryptographicException();
GC.KeepAlive(existingCertContext);
}
}示例10: TryReadPkcs7Der
private static bool TryReadPkcs7Der(
byte[] rawData,
bool single,
out ICertificatePal certPal,
out List<ICertificatePal> certPals)
{
using (SafePkcs7Handle pkcs7 = Interop.Crypto.DecodePkcs7(rawData, rawData.Length))
{
if (pkcs7.IsInvalid)
{
certPal = null;
certPals = null;
return false;
}
return TryReadPkcs7(pkcs7, single, out certPal, out certPals);
}
}示例11: BuildChain
public static IChainPal BuildChain(
bool useMachineContext,
ICertificatePal cert,
X509Certificate2Collection extraStore,
OidCollection applicationPolicy,
OidCollection certificatePolicy,
X509RevocationMode revocationMode,
X509RevocationFlag revocationFlag,
DateTime verificationTime,
TimeSpan timeout)
{
CheckRevocationMode(revocationMode);
// An input value of 0 on the timeout is "take all the time you need".
if (timeout == TimeSpan.Zero)
{
timeout = TimeSpan.MaxValue;
}
TimeSpan remainingDownloadTime = timeout;
X509Certificate2 leaf = new X509Certificate2(cert.Handle);
List<X509Certificate2> downloaded = new List<X509Certificate2>();
List<X509Certificate2> candidates = OpenSslX509ChainProcessor.FindCandidates(
leaf,
extraStore,
downloaded,
ref remainingDownloadTime);
IChainPal chain = OpenSslX509ChainProcessor.BuildChain(
leaf,
candidates,
downloaded,
applicationPolicy,
certificatePolicy,
verificationTime);
if (chain.ChainStatus.Length == 0 && downloaded.Count > 0)
{
SaveIntermediateCertificates(chain.ChainElements, downloaded);
}
return chain;
}示例12: TryReadPkcs7Der
private static bool TryReadPkcs7Der(
SafeBioHandle bio,
bool single,
out ICertificatePal certPal,
out List<ICertificatePal> certPals)
{
SafePkcs7Handle pkcs7 = Interop.libcrypto.d2i_PKCS7_bio(bio, IntPtr.Zero);
if (pkcs7.IsInvalid)
{
certPal = null;
certPals = null;
return false;
}
using (pkcs7)
{
return TryReadPkcs7(pkcs7, single, out certPal, out certPals);
}
}示例13: TryReadPkcs7Der
private static unsafe bool TryReadPkcs7Der(
byte[] rawData,
bool single,
out ICertificatePal certPal,
out List<ICertificatePal> certPals)
{
SafePkcs7Handle pkcs7 = Interop.libcrypto.OpenSslD2I(
(ptr, b, i) => Interop.libcrypto.d2i_PKCS7(ptr, b, i),
rawData,
checkHandle: false);
if (pkcs7.IsInvalid)
{
certPal = null;
certPals = null;
return false;
}
using (pkcs7)
{
return TryReadPkcs7(pkcs7, single, out certPal, out certPals);
}
}示例14: TryReadPkcs7Pem
private static bool TryReadPkcs7Pem(
byte[] rawData,
bool single,
out ICertificatePal certPal,
out List<ICertificatePal> certPals)
{
using (SafeBioHandle bio = Interop.Crypto.CreateMemoryBio())
{
Interop.Crypto.CheckValidOpenSslHandle(bio);
Interop.Crypto.BioWrite(bio, rawData, rawData.Length);
return TryReadPkcs7Pem(bio, single, out certPal, out certPals);
}
}示例15: FromCertificate
public static IStorePal FromCertificate(ICertificatePal cert)
{
ICertificatePal duplicatedHandles = ((OpenSslX509CertificateReader)cert).DuplicateHandles();
return new CollectionBackedStoreProvider(new X509Certificate2(duplicatedHandles));
}