本文整理汇总了C#中System.Security.Cryptography.X509Certificates.X509Certificate2.Dispose方法的典型用法代码示例。如果您正苦于以下问题:C# X509Certificate2.Dispose方法的具体用法?C# X509Certificate2.Dispose怎么用?C# X509Certificate2.Dispose使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类System.Security.Cryptography.X509Certificates.X509Certificate2的用法示例。
在下文中一共展示了X509Certificate2.Dispose方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: SendCertificateVerify
//.........这里部分代码省略.........
// Convert to DER
var r = new byte[21];
var s = new byte[21];
Array.Reverse(signature, 0, 20);
Array.Reverse(signature, 20, 20);
Buffer.BlockCopy(signature, 0, r, 0, 20);
Buffer.BlockCopy(signature, 20, s, 0, 20);
r = new BigInteger(r).ToByteArray();
s = new BigInteger(s).ToByteArray();
Array.Reverse(r);
Array.Reverse(s);
signature = new byte[r.Length + s.Length + 6];
signature[0] = 0x30; // SEQUENCE
signature[1] = (byte)(signature.Length - 2);
signature[2] = 0x02; // INTEGER
signature[3] = (byte)r.Length;
Buffer.BlockCopy(r, 0, signature, 4, r.Length);
signature[4 + r.Length] = 0x02; // INTEGER
signature[4 + r.Length + 1] = (byte)s.Length;
Buffer.BlockCopy(s, 0, signature, 4 + r.Length + 2, s.Length);
if (_pendingConnState.TlsVersion == TlsVersion.TLSv1_2)
{
_buf[offset++] = (byte)TLSHashAlgorithm.SHA1;
_buf[offset++] = (byte)SignatureAlgorithm.DSA;
}
}
else
#endif
if (keyRsa != null)
{
if (_pendingConnState.TlsVersion == TlsVersion.TLSv1_2 && !_handshakeData.SupportedSignatureAlgorithms.Contains(Tuple.Create(TLSHashAlgorithm.SHA1, SignatureAlgorithm.RSA)))
{
SendAlertFatal(AlertDescription.HandshakeFailure, "Server does not support client certificate sha1-rsa signatures");
}
hash = _handshakeData.CertificateVerifyHash_SHA1.Final();
byte[] md5Hash = null;
if (_handshakeData.CertificateVerifyHash_MD5 != null)
{
md5Hash = _handshakeData.CertificateVerifyHash_MD5.Final();
}
// NOTE: It seems problematic to support other hash algorithms than SHA1 since the PrivateKey included in the certificate
// often uses an old Crypto Service Provider (Microsoft Base Cryptographic Provider v1.0) instead of Microsoft Enhanced RSA and AES Cryptographic Provider.
// The following out-commented code might work to change CSP.
//var csp = new RSACryptoServiceProvider().CspKeyContainerInfo;
//keyRsa = new RSACryptoServiceProvider(new CspParameters(csp.ProviderType, csp.ProviderName, keyRsa.CspKeyContainerInfo.KeyContainerName));
// TLS 1.0 and 1.1, export private key and calculate md5-sha1 hash and sign manually
if (_pendingConnState.TlsVersion != TlsVersion.TLSv1_2)
{
var fullHash = new byte[36];
Buffer.BlockCopy(md5Hash, 0, fullHash, 0, 16);
Buffer.BlockCopy(hash, 0, fullHash, 16, 20);
signature = RsaPKCS1.SignRsaPKCS1(keyRsa, fullHash);
// BigIntegers have no Dispose/Clear methods, but they contain sensitive data, so force a garbage collection to remove the data.
GC.Collect(GC.MaxGeneration, GCCollectionMode.Forced, false);
}
else
{
#if NET45 || NET451
signature = keyRsa.SignHash(hash, Utils.HashNameToOID["SHA1"]);
#else
signature = keyRsa.SignHash(hash, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
#endif
if (_pendingConnState.TlsVersion == TlsVersion.TLSv1_2)
{
_buf[offset++] = (byte)TLSHashAlgorithm.SHA1;
_buf[offset++] = (byte)SignatureAlgorithm.RSA;
}
}
}
else
{
SendAlertFatal(AlertDescription.HandshakeFailure);
}
_handshakeData.CertificateVerifyHash_SHA1.Dispose();
_handshakeData.CertificateVerifyHash_SHA1 = null;
if (_handshakeData.CertificateVerifyHash_MD5 != null)
{
_handshakeData.CertificateVerifyHash_MD5.Dispose();
_handshakeData.CertificateVerifyHash_MD5 = null;
}
#if NET45 || NET451
key.Dispose();
#endif
offset += Utils.WriteUInt16(_buf, offset, (ushort)signature.Length);
Buffer.BlockCopy(signature, 0, _buf, offset, signature.Length);
offset += signature.Length;
return HandshakeType.CertificateVerify;
}示例2: OnRequestSendingRequest
private static void OnRequestSendingRequest(WinHttpRequestState state)
{
Debug.Assert(state != null, "OnRequestSendingRequest: state is null");
Debug.Assert(state.RequestHandle != null, "OnRequestSendingRequest: state.RequestHandle is null");
if (state.RequestMessage.RequestUri.Scheme != UriScheme.Https)
{
// Not SSL/TLS.
return;
}
// Grab the channel binding token (CBT) information from the request handle and put it into
// the TransportContext object.
state.TransportContext.SetChannelBinding(state.RequestHandle);
if (state.ServerCertificateValidationCallback != null)
{
IntPtr certHandle = IntPtr.Zero;
uint certHandleSize = (uint)IntPtr.Size;
if (!Interop.WinHttp.WinHttpQueryOption(
state.RequestHandle,
Interop.WinHttp.WINHTTP_OPTION_SERVER_CERT_CONTEXT,
ref certHandle,
ref certHandleSize))
{
int lastError = Marshal.GetLastWin32Error();
WinHttpTraceHelper.Trace(
"OnRequestSendingRequest: Error getting WINHTTP_OPTION_SERVER_CERT_CONTEXT, {0}",
lastError);
if (lastError == Interop.WinHttp.ERROR_WINHTTP_INCORRECT_HANDLE_STATE)
{
// Not yet an SSL/TLS connection. This occurs while connecting thru a proxy where the
// CONNECT verb hasn't yet been processed due to the proxy requiring authentication.
// We need to ignore this notification. Another notification will be sent once the final
// connection thru the proxy is completed.
return;
}
throw WinHttpException.CreateExceptionUsingError(lastError);
}
// Create a managed wrapper around the certificate handle. Since this results in duplicating
// the handle, we will close the original handle after creating the wrapper.
var serverCertificate = new X509Certificate2(certHandle);
Interop.Crypt32.CertFreeCertificateContext(certHandle);
X509Chain chain = null;
SslPolicyErrors sslPolicyErrors;
try
{
WinHttpCertificateHelper.BuildChain(
serverCertificate,
state.RequestMessage.RequestUri.Host,
state.CheckCertificateRevocationList,
out chain,
out sslPolicyErrors);
bool result = state.ServerCertificateValidationCallback(
state.RequestMessage,
serverCertificate,
chain,
sslPolicyErrors);
if (!result)
{
throw WinHttpException.CreateExceptionUsingError(
(int)Interop.WinHttp.ERROR_WINHTTP_SECURE_FAILURE);
}
}
finally
{
if (chain != null)
{
chain.Dispose();
}
serverCertificate.Dispose();
}
}
}示例3: CloneTo
public void CloneTo(X509Certificate2Collection collection)
{
Debug.Assert(collection != null);
if (!Directory.Exists(_storePath))
{
return;
}
var loadedCerts = new HashSet<X509Certificate2>();
foreach (string filePath in Directory.EnumerateFiles(_storePath, PfxWildcard))
{
try
{
var cert = new X509Certificate2(filePath);
// If we haven't already loaded a cert .Equal to this one, copy it to the collection.
if (loadedCerts.Add(cert))
{
collection.Add(cert);
}
else
{
cert.Dispose();
}
}
catch (CryptographicException)
{
// The file wasn't a certificate, move on to the next one.
}
}
}示例4: OnRequestSendingRequest
private static void OnRequestSendingRequest(WinHttpRequestState state)
{
Debug.Assert(state != null, "OnRequestSendingRequest: state is null");
Debug.Assert(state.RequestHandle != null, "OnRequestSendingRequest: state.RequestHandle is null");
if (state.RequestMessage.RequestUri.Scheme != UriScheme.Https)
{
// Not SSL/TLS.
return;
}
// Grab the channel binding token (CBT) information from the request handle and put it into
// the TransportContext object.
state.TransportContext.SetChannelBinding(state.RequestHandle);
if (state.ServerCertificateValidationCallback != null)
{
IntPtr certHandle = IntPtr.Zero;
uint certHandleSize = (uint)IntPtr.Size;
if (!Interop.WinHttp.WinHttpQueryOption(
state.RequestHandle,
Interop.WinHttp.WINHTTP_OPTION_SERVER_CERT_CONTEXT,
ref certHandle,
ref certHandleSize))
{
int lastError = Marshal.GetLastWin32Error();
throw WinHttpException.CreateExceptionUsingError(lastError);
}
// Create a managed wrapper around the certificate handle. Since this results in duplicating
// the handle, we will close the original handle after creating the wrapper.
var serverCertificate = new X509Certificate2(certHandle);
Interop.Crypt32.CertFreeCertificateContext(certHandle);
X509Chain chain = null;
SslPolicyErrors sslPolicyErrors;
try
{
WinHttpCertificateHelper.BuildChain(
serverCertificate,
state.RequestMessage.RequestUri.Host,
state.CheckCertificateRevocationList,
out chain,
out sslPolicyErrors);
bool result = state.ServerCertificateValidationCallback(
state.RequestMessage,
serverCertificate,
chain,
sslPolicyErrors);
if (!result)
{
throw WinHttpException.CreateExceptionUsingError(
(int)Interop.WinHttp.ERROR_WINHTTP_SECURE_FAILURE);
}
}
finally
{
if (chain != null)
{
chain.Dispose();
}
serverCertificate.Dispose();
}
}
}