|
public VerifySignature ( |
||
| issuer | ||
| throwOnError | bool | |
| return | bool | |
public bool VerifySignature(X509Certificate2 issuer, bool throwOnError)
{
Win32.CERT_CONTEXT context = (Win32.CERT_CONTEXT)Marshal.PtrToStructure(issuer.Handle, typeof(Win32.CERT_CONTEXT));
Win32.CERT_INFO info = (Win32.CERT_INFO)Marshal.PtrToStructure(context.pCertInfo, typeof(Win32.CERT_INFO));
int bResult = Win32.CryptVerifyCertificateSignature(
IntPtr.Zero,
Win32.X509_ASN_ENCODING,
m_pBuffer,
m_bufferSize,
ref info.SubjectPublicKeyInfo);
if (bResult == 0)
{
if (throwOnError)
{
throw Win32.GetLastError(StatusCodes.BadCertificateInvalid, "Could not get verify signature on CRL.");
}
return false;
}
m_issuer = issuer;
return true;
}
/// <summary>
/// Adds a CRL to the store.
/// </summary>
public void AddCRL(X509CRL crl)
{
if (crl == null)
{
throw new ArgumentNullException("crl");
}
X509Certificate2 issuer = null;
X509Certificate2Collection certificates = null;
certificates = Enumerate().Result;
foreach (X509Certificate2 certificate in certificates)
{
if (Utils.CompareDistinguishedName(certificate.Subject, crl.Issuer))
{
if (crl.VerifySignature(certificate, false))
{
issuer = certificate;
break;
}
}
}
if (issuer == null)
{
throw new ServiceResultException(StatusCodes.BadCertificateInvalid, "Could not find issuer of the CRL.");
}
StringBuilder builder = new StringBuilder();
builder.Append(m_directory.FullName);
builder.Append(Path.DirectorySeparatorChar + "crl" + Path.DirectorySeparatorChar);
builder.Append(GetFileName(issuer));
builder.Append(".crl");
FileInfo fileInfo = new FileInfo(builder.ToString());
if (!fileInfo.Directory.Exists)
{
fileInfo.Directory.Create();
}
File.WriteAllBytes(fileInfo.FullName, crl.RawData);
}
