SslStreamCertificateContext()

System.Net.Security.SslStreamCertificateContext.SslStreamCertificateContext ( X509Certificate2 target, X509Certificate2[] intermediates, SslCertificateTrust trust )

inlineprivate

Definition at line 69 of file SslStreamCertificateContext.cs.

    {
        if (intermediates.Length != 0)
        {
            using X509Chain x509Chain = new X509Chain();
            x509Chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllFlags;
            x509Chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
            x509Chain.ChainPolicy.DisableCertificateDownloads = true;
            bool flag = x509Chain.Build(target);
            int num = 0;
            X509ChainStatus[] chainStatus = x509Chain.ChainStatus;
            for (int i = 0; i < chainStatus.Length; i++)
            {
                X509ChainStatus x509ChainStatus = chainStatus[i];
                if (x509ChainStatus.Status.HasFlag(X509ChainStatusFlags.PartialChain) || x509ChainStatus.Status.HasFlag(X509ChainStatusFlags.NotSignatureValid))
                {
                    flag = false;
                    break;
                }
                num++;
            }
            if (!flag)
            {
                X509Store x509Store = new X509Store(StoreName.CertificateAuthority, StoreLocation.LocalMachine);
                try
                {
                    x509Store.Open(OpenFlags.ReadWrite);
                }
                catch
                {
                    x509Store.Dispose();
                    x509Store = new X509Store(StoreName.CertificateAuthority, StoreLocation.CurrentUser);
                    try
                    {
                        x509Store.Open(OpenFlags.ReadWrite);
                    }
                    catch
                    {
                        x509Store.Dispose();
                        x509Store = null;
                        if (System.Net.NetEventSource.Log.IsEnabled())
                        {
                            System.Net.NetEventSource.Error(this, $"Failed to open certificate store for intermediates.", ".ctor");
                        }
                    }
                }
                if (x509Store != null)
                {
                    using (x509Store)
                    {
                        for (int j = num; j < intermediates.Length - 1; j++)
                        {
                            x509Store.Add(intermediates[j]);
                        }
                        flag = x509Chain.Build(target);
                        X509ChainStatus[] chainStatus2 = x509Chain.ChainStatus;
                        for (int k = 0; k < chainStatus2.Length; k++)
                        {
                            X509ChainStatus x509ChainStatus2 = chainStatus2[k];
                            if (x509ChainStatus2.Status.HasFlag(X509ChainStatusFlags.PartialChain) || x509ChainStatus2.Status.HasFlag(X509ChainStatusFlags.NotSignatureValid))
                            {
                                flag = false;
                                break;
                            }
                        }
                        if (!flag)
                        {
                            x509Store.Add(intermediates[^1]);
                        }
                    }
                }
            }
        }
        Certificate = target;
        IntermediateCertificates = intermediates;
        Trust = trust;
    }

References System.Security.Cryptography.X509Certificates.X509Store.Add(), System.Net.Security.SslStreamCertificateContext.Certificate, System.Security.Cryptography.X509Certificates.X509Store.Dispose(), System.Net.NetEventSource.Error(), System.Net.Security.SslStreamCertificateContext.IntermediateCertificates, System.Net.NetEventSource.Log, System.Security.Cryptography.X509Certificates.X509Store.Open(), System.Security.Cryptography.X509Certificates.X509ChainStatus.Status, and System.Net.Security.SslStreamCertificateContext.Trust.

Referenced by System.Net.Security.SslStreamCertificateContext.Create(), and System.Net.Security.SslStreamCertificateContext.Create().