VCSJones.FiddlerCert.CertificatePolicyDecoder.GetPolicies C# (CSharp) Method

CertificatePolicyDecoder Class Documentation Usage Examples Of VCSJones.FiddlerCert.CertificatePolicyDecoder::GetPolicies Show file Open project: vcsjones/FiddlerCert

GetPolicies() public method

public GetPolicies ( X509Certificate2 certificate ) : IList
certificate	System.Security.Cryptography.X509Certificates.X509Certificate2
return	IList

        public IList<CertificatePolicy> GetPolicies(X509Certificate2 certificate)
        {
            var extension = certificate.Extensions[KnownOids.X509Extensions.CertificatePolicies];
            if (extension == null)
            {
                return new List<CertificatePolicy>();
            }
            var handle = default(GCHandle);
            try
            {
                handle = GCHandle.Alloc(extension.RawData, GCHandleType.Pinned);
                LocalBufferSafeHandle buffer;
                var size = 0u;
                const EncodingType encodingType = EncodingType.PKCS_7_ASN_ENCODING | EncodingType.X509_ASN_ENCODING;
                if (!Crypto32.CryptDecodeObjectEx(encodingType, X509_CERT_POLICIES, handle.AddrOfPinnedObject(), (uint)extension.RawData.Length, CryptDecodeFlags.CRYPT_DECODE_ALLOC_FLAG, IntPtr.Zero, out buffer, ref size))
                {
                    //Can't decode it, gracefully retun an empty collection.
                    return new List<CertificatePolicy>();
                }
                using (buffer)
                {
                    var list = new List<CertificatePolicy>();
                    var policies = (CERT_POLICIES_INFO)Marshal.PtrToStructure(buffer.DangerousGetHandle(), typeof(CERT_POLICIES_INFO));
                    var certPolicySize = Marshal.SizeOf(typeof(CERT_POLICY_INFO));
                    for (var i = 0; i < policies.cPolicyInfo; i++)
                    {
                        var addr = new IntPtr(unchecked(((long)policies.rgPolicyInfo + (i * certPolicySize))));
                        var policy = (CERT_POLICY_INFO)Marshal.PtrToStructure(addr, typeof(CERT_POLICY_INFO));
                        var identifier = policy.pszPolicyIdentifier;
                        list.Add(new CertificatePolicy { PolicyOid = new Oid(policy.pszPolicyIdentifier) });
                    }
                    return list;
                }
            }
            finally
            {
                if (handle.IsAllocated)
                {
                    handle.Free();
                }
            }
        }
    }

Usage Example

Example #1

Show file

File: ExtendedValidationCertificateAuthority.cs Project: liugev916/FiddlerCert

        public static bool IsCertificateExtendedValidation(X509Certificate2 certificate, X509Chain chain)
        {
            var decoder         = new CertificatePolicyDecoder();
            var rootCertificate = chain.ChainElements[chain.ChainElements.Count - 1].Certificate;
            var policies        = decoder.GetPolicies(certificate);

            if (policies.Count == 0)
            {
                return(false);
            }
            var rootThumbprint = rootCertificate.GetCertHash();

            if (rootThumbprint.Length != 20)
            {
                return(false);
            }
            var findRoot = Array.Find(EVRootCAMetadata, p => p.Sha1Fingerprint.MemoryCompare(rootThumbprint));

            if (findRoot == null)
            {
                return(false);
            }
            var oids = Array.FindAll(findRoot.PolicyOids, p => !string.IsNullOrWhiteSpace(p));

            return(oids.Intersect(policies.Select(p => p.PolicyOid.Value)).Any());
        }

All Usage Examples Of VCSJones.FiddlerCert.CertificatePolicyDecoder::GetPolicies

CertificatePolicyDecoder

GetPolicies