|
public Verify ( X509VerificationFlags flags, |
||
| flags | X509VerificationFlags | |
| exception | ||
| return | bool? | |
public bool? Verify(X509VerificationFlags flags, out Exception exception)
{
exception = null;
CERT_CHAIN_POLICY_PARA para = new CERT_CHAIN_POLICY_PARA()
{
cbSize = Marshal.SizeOf<CERT_CHAIN_POLICY_PARA>(),
dwFlags = (int)flags,
};
CERT_CHAIN_POLICY_STATUS status = new CERT_CHAIN_POLICY_STATUS()
{
cbSize = Marshal.SizeOf<CERT_CHAIN_POLICY_STATUS>(),
};
if (!Interop.crypt32.CertVerifyCertificateChainPolicy(ChainPolicy.CERT_CHAIN_POLICY_BASE, _chain, ref para, ref status))
{
int errorCode = Marshal.GetLastWin32Error();
exception = errorCode.ToCryptographicException();
return default(bool?);
}
return status.dwError == 0;
}
private static bool VerifyCertificateIgnoringErrors(SafeCertContextHandle pCertContext)
{
ChainPal chainPal = ChainPal.BuildChain(
true,
CertificatePal.FromHandle(pCertContext.DangerousGetHandle()),
null, //extraStore
null, //applicationPolicy
null, //certificatePolicy
X509RevocationMode.NoCheck,
X509RevocationFlag.ExcludeRoot,
DateTime.Now,
new TimeSpan(0, 0, 0));
if (chainPal == null)
{
return(false);
}
using (chainPal)
{
Exception verificationException;
bool? verified = chainPal.Verify(X509VerificationFlags.NoFlag, out verificationException);
if (!(verified.HasValue && verified.Value))
{
return(false);
}
}
return(true);
}