private void DeleteMI_Click(object sender, EventArgs e)
{
try
{
if (ItemsLV.SelectedItems.Count < 1)
{
return;
}
DialogResult result = MessageBox.Show(
"Are you sure you wish to delete the certificates from the store?",
"Delete Certificate",
MessageBoxButtons.YesNo,
MessageBoxIcon.Exclamation);
if (result != DialogResult.Yes)
{
return;
}
// remove the certificates.
List<ListViewItem> itemsToDelete = new List<ListViewItem>();
bool yesToAll = false;
using (ICertificateStore store = m_storeId.OpenStore())
{
for (int ii = 0; ii < ItemsLV.SelectedItems.Count; ii++)
{
X509Certificate2 certificate = ItemsLV.SelectedItems[ii].Tag as X509Certificate2;
// check for private key.
X509Certificate2 certificate2 = store.FindByThumbprint(certificate.Thumbprint);
if (!yesToAll && certificate2.HasPrivateKey)
{
StringBuilder buffer = new StringBuilder();
buffer.Append("Certificate '");
buffer.Append(certificate2.Subject);
buffer.Append("'");
buffer.Append("Deleting it may cause applications to stop working.");
buffer.Append("\r\n");
buffer.Append("\r\n");
buffer.Append("Are you sure you wish to continue?.");
DialogResult yesno = new YesNoDlg().ShowDialog(buffer.ToString(), "Delete Private Key", true);
if (yesno == DialogResult.No)
{
continue;
}
yesToAll = yesno == DialogResult.Retry;
}
if (certificate != null)
{
store.Delete(certificate.Thumbprint);
itemsToDelete.Add(ItemsLV.SelectedItems[ii]);
}
}
}
// remove the items.
foreach (ListViewItem itemToDelete in itemsToDelete)
{
itemToDelete.Remove();
}
}
catch (Exception exception)
{
GuiUtils.HandleException(this.Text, MethodBase.GetCurrentMethod(), exception);
Initialize(m_storeId, m_thumbprints);
}
}
private async void DeleteMI_Click(object sender, EventArgs e)
{
try
{
if (ItemsLV.SelectedItems.Count < 1)
{
return;
}
DialogResult result = MessageBox.Show(
"Are you sure you wish to delete the certificates from the store?",
"Delete Certificate",
MessageBoxButtons.YesNo,
MessageBoxIcon.Exclamation);
if (result != DialogResult.Yes)
{
return;
}
// remove the certificates.
List <ListViewItem> itemsToDelete = new List <ListViewItem>();
bool yesToAll = false;
using (ICertificateStore store = m_storeId.OpenStore())
{
for (int ii = 0; ii < ItemsLV.SelectedItems.Count; ii++)
{
X509Certificate2 certificate = ItemsLV.SelectedItems[ii].Tag as X509Certificate2;
// check for private key.
X509Certificate2Collection certificate2 = await store.FindByThumbprint(certificate.Thumbprint);
if (!yesToAll && (certificate2.Count > 0) && certificate2[0].HasPrivateKey)
{
StringBuilder buffer = new StringBuilder();
buffer.Append("Certificate '");
buffer.Append(certificate2[0].Subject);
buffer.Append("'");
buffer.Append("Deleting it may cause applications to stop working.");
buffer.Append("\r\n");
buffer.Append("\r\n");
buffer.Append("Are you sure you wish to continue?.");
DialogResult yesno = new YesNoDlg().ShowDialog(buffer.ToString(), "Delete Private Key", true);
if (yesno == DialogResult.No)
{
continue;
}
yesToAll = yesno == DialogResult.Retry;
}
if (certificate != null)
{
await store.Delete(certificate.Thumbprint);
itemsToDelete.Add(ItemsLV.SelectedItems[ii]);
}
}
}
// remove the items.
foreach (ListViewItem itemToDelete in itemsToDelete)
{
itemToDelete.Remove();
}
}
catch (Exception exception)
{
GuiUtils.HandleException(this.Text, MethodBase.GetCurrentMethod(), exception);
await Initialize(m_storeId, m_thumbprints);
}
}
/// <summary>
/// Handles a certificate validation error.
/// </summary>
private bool HandleValidationError(X509Certificate2 certificate, ServiceResultException e)
{
StringBuilder buffer = new StringBuilder();
switch (e.StatusCode)
{
case StatusCodes.BadCertificateIssuerRevocationUnknown:
{
buffer.AppendFormat("Could not determine whether the issuing certificate was revoked.");
buffer.Append("\r\n");
buffer.Append("Would you still like to accept the certificate?\r\n");
break;
}
case StatusCodes.BadCertificateIssuerTimeInvalid:
{
buffer.AppendFormat("The issuing certificate has expired or is not yet valid.");
buffer.Append("\r\n");
buffer.Append("Would you still like to accept the certificate?\r\n");
break;
}
case StatusCodes.BadCertificateRevocationUnknown:
{
buffer.AppendFormat("Could not determine whether the certificate was revoked by the Certificate Authority.");
buffer.Append("\r\n");
buffer.Append("Would you still like to accept the certificate?\r\n");
break;
}
case StatusCodes.BadCertificateTimeInvalid:
{
buffer.AppendFormat("The certificate has expired or is not yet valid.");
buffer.Append("\r\n");
buffer.Append("Would you still like to accept the certificate?\r\n");
buffer.Append("\r\n");
buffer.Append("Certificate = ");
buffer.Append(certificate.Subject);
buffer.Append("\r\n");
buffer.Append("Valid From = ");
buffer.Append(certificate.NotBefore.ToLocalTime());
buffer.Append("\r\n");
buffer.Append("Valid To = ");
buffer.Append(certificate.NotBefore.ToLocalTime());
break;
}
case StatusCodes.BadCertificateUntrusted:
{
if (Utils.CompareDistinguishedName(certificate.Issuer, certificate.Subject))
{
return true;
}
buffer.Append("This certificates was issued by an unknown Certificate Authority.");
buffer.Append("This means it could have been altered and there is no way to detect changes.");
buffer.Append("You should only accept it if you are absolutely certain the certificate has come via a secure channel from a legimate source.");
buffer.Append("\r\n");
buffer.Append("\r\n");
buffer.Append("Would you still like to accept the certificate?\r\n");
buffer.Append("\r\n");
buffer.Append("Certificate = ");
buffer.Append(certificate.Subject);
buffer.Append("\r\n");
buffer.Append("Certificate Authority = ");
buffer.Append(certificate.Issuer);
break;
}
default:
{
buffer.Append("An error that cannot be ignored occurred during validation.\r\n");
buffer.Append("\r\n");
buffer.Append("Certificate = ");
buffer.Append(certificate.Subject);
buffer.Append("\r\n");
buffer.Append("ErrorCode = ");
buffer.Append(StatusCodes.GetBrowseName(e.StatusCode));
buffer.Append("\r\n");
buffer.Append("Message = ");
buffer.Append(e.Message);
new YesNoDlg().ShowDialog(buffer.ToString(), "Certificate Validation Error");
return false;
}
}
DialogResult result = new YesNoDlg().ShowDialog(buffer.ToString(), "Certificate Validation Error");
if (result != DialogResult.Yes)
{
return false;
}
return true;
}
/// <summary>
/// Validates a certificate and adds it to the trust list.
/// </summary>
private void ValidateAndImport(CertificateStoreIdentifier store, X509Certificate2 certificate)
{
if (store == null || certificate == null)
{
return;
}
// validate the certificate using the trust lists for the certificate tool.
try
{
CertificateValidator validator = new CertificateValidator();
validator.Update(m_configuration);
validator.Validate(certificate);
}
catch (ServiceResultException exception)
{
if (!HandleValidationError(certificate, exception))
{
return;
}
}
// confirm import.
StringBuilder buffer = new StringBuilder();
buffer.Append("You are adding this certificate to a trust list that may be shared with other applications.");
buffer.Append("\r\n");
buffer.Append("\r\n");
buffer.Append("Would you still like to accept the certificate?\r\n");
buffer.Append("\r\n");
buffer.Append("Target Trust List = ");
buffer.Append(store.ToString());
buffer.Append("\r\n");
buffer.Append("Certificate to Add = ");
buffer.Append(certificate.Subject);
DialogResult result = new YesNoDlg().ShowDialog(buffer.ToString(), "Import Certificate to Trust List");
if (result != DialogResult.Yes)
{
return;
}
// update store.
ICertificateStore physicalStore = store.OpenStore();
if (physicalStore.FindByThumbprint(certificate.Thumbprint) == null)
{
physicalStore.Add(new X509Certificate2(certificate.RawData));
}
}
private void MergeTrustListBTN_Click(object sender, EventArgs e)
{
try
{
// get application.
ManagedApplication application = ApplicationToManageCTRL.GetSelectedApplication();;
if (application == null)
{
return;
}
// load the configuration.
application.Reload();
CertificateStoreIdentifier store = GetDefaultStore(application, false);
// chose trust list to import.
CertificateStoreDlg dialog = new CertificateStoreDlg();
dialog.Text = "Select Certificate Trust List to use as Source";
CertificateStoreIdentifier id = dialog.ShowDialog(store);
if (id == null)
{
return;
}
if (String.Compare(application.TrustList.StorePath, id.StorePath, StringComparison.OrdinalIgnoreCase) == 0)
{
MessageBox.Show("Selected Certificate Store is already the same as the Application Trust List", "Merge Trust List", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
// check for private keys.
StringBuilder buffer = new StringBuilder();
buffer.Append("This operation will add all of the certificates in the selected trust list to ");
buffer.Append("the application trust list.");
buffer.Append("\r\n");
buffer.Append("\r\n");
buffer.Append("Do you wish to proceed?\r\n");
buffer.Append("\r\n");
buffer.Append("Current Application Trust List = ");
buffer.Append(application.TrustList.ToString());
buffer.Append("\r\n");
buffer.Append("Selected Trust List = ");
buffer.Append(id.ToString());
DialogResult result = new YesNoDlg().ShowDialog(buffer.ToString(), "Merge Trust List");
if (result != DialogResult.Yes)
{
return;
}
// delete existing certificates.
ICertificateStore targetStore = application.TrustList.OpenStore();
// add the certificates.
ICertificateStore sourceStore = id.OpenStore();
foreach (X509Certificate2 certificate in sourceStore.Enumerate())
{
if (targetStore.FindByThumbprint(certificate.Thumbprint) == null)
{
targetStore.Add(new X509Certificate2(certificate.RawData));
}
}
EditTrustListBTN_Click(sender, e);
}
catch (Exception exception)
{
GuiUtils.HandleException(this.Text, MethodBase.GetCurrentMethod(), exception);
}
}
private void ReplaceTrustListBTN_Click(object sender, EventArgs e)
{
try
{
// get application.
ManagedApplication application = ApplicationToManageCTRL.GetSelectedApplication();;
if (application == null)
{
return;
}
// load the configuration.
application.Reload();
CertificateStoreIdentifier store = GetDefaultStore(application, false);
// chose trust list to import.
CertificateStoreDlg dialog = new CertificateStoreDlg();
dialog.Text = "Select Certificate Trust List to use as Source";
CertificateStoreIdentifier id = dialog.ShowDialog(store);
if (id == null)
{
return;
}
if (String.Compare(application.TrustList.StorePath, id.StorePath, StringComparison.OrdinalIgnoreCase) == 0)
{
MessageBox.Show("Selected Certificate Store is already the same as the Application Trust List", "Replace Trust List", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
// check for private keys.
ICertificateStore targetStore = application.TrustList.OpenStore();
X509Certificate2Collection certificates = targetStore.Enumerate();
bool hasPrivateKeys = true;
StringBuilder buffer = null;
DialogResult result = DialogResult.None;
while (hasPrivateKeys)
{
hasPrivateKeys = false;
foreach (X509Certificate2 certificate in certificates)
{
if (certificate.HasPrivateKey)
{
hasPrivateKeys = true;
buffer = new StringBuilder();
buffer.Append("The application's current trust list contains certificates with private keys.\r\n");
buffer.Append("Automatically deleting these certificates could break other applications. ");
buffer.Append("\r\n");
buffer.Append("\r\n");
buffer.Append("Would you like to remove these certificates manually?\r\n");
buffer.Append("\r\n");
buffer.Append("Current Application Trust List = ");
buffer.Append(application.TrustList.ToString());
buffer.Append("\r\n");
buffer.Append("Certificate with Private Key = ");
buffer.Append(certificate.Subject);
result = new YesNoDlg().ShowDialog(buffer.ToString(), "Warning Private Keys Found");
if (result != DialogResult.Yes)
{
return;
}
new CertificateListDlg().ShowDialog(application.TrustList, false);
certificates = targetStore.Enumerate();
break;
}
}
}
buffer = new StringBuilder();
buffer.Append("This operation will delete all of the certificates in the current application trust list and ");
buffer.Append("replace them with the certificates in the selected trust list.");
buffer.Append("\r\n");
buffer.Append("\r\n");
buffer.Append("Do you wish to proceed?\r\n");
buffer.Append("\r\n");
buffer.Append("Current Application Trust List = ");
buffer.Append(application.TrustList.ToString());
buffer.Append("\r\n");
buffer.Append("Selected Trust List = ");
buffer.Append(id.ToString());
result = new YesNoDlg().ShowDialog(buffer.ToString(), "Replace Trust List");
if (result != DialogResult.Yes)
{
return;
}
// delete existing certificates.
certificates = targetStore.Enumerate();
foreach (X509Certificate2 certificate in certificates)
{
if (!certificate.HasPrivateKey)
{
targetStore.Delete(certificate.Thumbprint);
}
}
// copy the certificates.
ICertificateStore sourceStore = id.OpenStore();
foreach (X509Certificate2 certificate in sourceStore.Enumerate())
{
targetStore.Add(new X509Certificate2(certificate.RawData));
}
EditTrustListBTN_Click(sender, e);
}
catch (Exception exception)
{
GuiUtils.HandleException(this.Text, MethodBase.GetCurrentMethod(), exception);
}
}