C# (CSharp) Internal.Cryptography.Pal OpenSslX509Encoder Beispiele

Beispiel #1

Datei: OpenSslCertificateFinder.cs Projekt: talha020/corefx

        public void FindByIssuerName(string issuerName)
        {
            const OpenSslX509Encoder.OpenSslX09NameFormatFlags formatFlags =
                OpenSslX509Encoder.OpenSslX09NameFormatFlags.XN_FLAG_FN_NONE |
                OpenSslX509Encoder.OpenSslX09NameFormatFlags.XN_FLAG_SEP_CPLUS_SPC;

            FindCore(
                cert =>
            {
                string formedIssuer = OpenSslX509Encoder.X500DistinguishedNameDecode(cert.IssuerName.RawData, formatFlags);

                return(formedIssuer.IndexOf(issuerName, StringComparison.OrdinalIgnoreCase) >= 0);
            });
        }

Beispiel #2

Datei: OpenSslCertificateFinder.cs Projekt: talha020/corefx

        public void FindBySubjectKeyIdentifier(byte[] keyIdentifier)
        {
            FindCore(
                cert =>
            {
                X509Extension ext = FindExtension(cert, Oids.SubjectKeyIdentifier);

                if (ext == null)
                {
                    return(false);
                }

                // The extension exposes the value as a hexadecimal string, or we can decode here.
                // Enough parsing has gone on, let's decode.
                byte[] certKeyId = OpenSslX509Encoder.DecodeX509SubjectKeyIdentifierExtension(ext.RawData);

                return(keyIdentifier.ContentsEqual(certKeyId));
            });
        }

Beispiel #3

Datei: OpenSslCertificateFinder.cs Projekt: zlphoenix/corefx

        public void FindBySubjectKeyIdentifier(byte[] keyIdentifier)
        {
            FindCore(
                cert =>
            {
                X509Extension ext = FindExtension(cert, Oids.SubjectKeyIdentifier);
                byte[] certKeyId;

                if (ext != null)
                {
                    // The extension exposes the value as a hexadecimal string, or we can decode here.
                    // Enough parsing has gone on, let's decode.
                    certKeyId = OpenSslX509Encoder.DecodeX509SubjectKeyIdentifierExtension(ext.RawData);
                }
                else
                {
                    // The Desktop/Windows version of this method use CertGetCertificateContextProperty
                    // with a property ID of CERT_KEY_IDENTIFIER_PROP_ID.
                    //
                    // MSDN says that when there's no extension, this method takes the SHA-1 of the
                    // SubjectPublicKeyInfo block, and returns that.
                    //
                    // https://msdn.microsoft.com/en-us/library/windows/desktop/aa376079%28v=vs.85%29.aspx

                    OpenSslX509CertificateReader certPal = (OpenSslX509CertificateReader)cert.Pal;

                    using (HashAlgorithm hash = SHA1.Create())
                    {
                        byte[] publicKeyInfoBytes = Interop.Crypto.OpenSslEncode(
                            Interop.Crypto.GetX509SubjectPublicKeyInfoDerSize,
                            Interop.Crypto.EncodeX509SubjectPublicKeyInfo,
                            certPal.SafeHandle);

                        certKeyId = hash.ComputeHash(publicKeyInfoBytes);
                    }
                }

                return(keyIdentifier.ContentsEqual(certKeyId));
            });
        }