public static RSACryptoServiceProvider GetRSACryptoServiceProviderFromPublicKey(X509Certificate2 x509Certificate2) { if (x509Certificate2 == null) { throw new ArgumentException("x509Certificate2"); } if (x509Certificate2.PublicKey == null) { throw new ArgumentException("x509Certificate2.PublicKey.Key must be populated."); } try { var rsa = x509Certificate2.PublicKey.Key as RSACryptoServiceProvider; if (rsa != null) { return rsa; } } catch (Exception ex) { var outerEx = new CryptographicException(string.Format("X509Certificate2 with thumbprint '{0}' indicates that HasPrivateKey is TRUE, but the service or account may not have access to the private key or the private key may be missing or corrupted.", x509Certificate2.Thumbprint.ToLower()), ex); throw outerEx; } throw new CryptographicException(string.Format("X509Certificate2 with thumbprint '{0}' does not have a valid RSA public key.", x509Certificate2.Thumbprint.ToLower())); }
public void Should_Include_Operation_In_Message() { // Arrange var cryptographicException = new CryptographicException("Message"); // Act var certificateException = new CertificateException("Opperation", StoreName.TrustedPeople, StoreLocation.CurrentUser, cryptographicException); // Assert certificateException.Message.ShouldContain("Message"); }
public void Should_Set_InnerException() { // Arrange var cryptographicException = new CryptographicException("Message"); // Act var certificateException = new CertificateException("Opperation", StoreName.TrustedPeople, StoreLocation.CurrentUser, cryptographicException); // Assert certificateException.InnerException.ShouldNotBeNull(); certificateException.InnerException.ShouldEqual(cryptographicException); }
public void Should_Have_A_Descriptive_Message() { // Arrange var cryptographicException = new CryptographicException("Message"); var messageRegex = new Regex("A cryptographic error was encountered completing the (.+) operation on the (.+) store in the (.+) location: (.+)", RegexOptions.Compiled); // Act var certificateException = new CertificateException("Opperation", StoreName.TrustedPeople, StoreLocation.CurrentUser, cryptographicException); // Assert messageRegex.IsMatch(certificateException.Message).ShouldBeTrue(); }
public Tuple<byte[], string> SignHash(byte[] hashedBytes, string algorithm) { if (hashedBytes == null) { throw new ArgumentNullException(nameof(hashedBytes)); } if (algorithm == null) { throw new ArgumentNullException(nameof(algorithm)); } algorithm = BasicHasherAlgorithms.VerifyAndMapToAlogrithm(algorithm); #if DEBUG var hashHex = hashedBytes.ToHexString(); Console.WriteLine("Signing\t" + hashHex + "\t" + algorithm); #endif byte[] signedHash = null; try { signedHash = _privateKey.SignHash(hashedBytes, CryptoConfig.MapNameToOID(algorithm)); } catch (CryptographicException ex) { if (ex.Message == "Bad Hash.") { var cryptoEx = new CryptographicException("Bad Hash; Use BasicHasher.GetMd5HashBytes() to generate a proper hash before calling this method."); } else { throw; } } string res2; if (_encoding == EncodingOption.Base64String) { res2 = Convert.ToBase64String(signedHash); } else if (_encoding == EncodingOption.HexString) { res2 = signedHash.ToHexString(); } else { throw new NotImplementedException(_encoding.ToString()); } #if DEBUG Console.WriteLine("Signed\t" + hashHex + "\t" + algorithm + "\tresult\t" + res2); #endif return new Tuple<byte[], string>(signedHash, res2); }
/// <summary> /// Does not throw on api error. Returns default(bool?) and sets "exception" instead. /// </summary> public bool? Verify(X509VerificationFlags flags, out Exception exception) { exception = null; CERT_CHAIN_POLICY_PARA para = new CERT_CHAIN_POLICY_PARA() { cbSize = Marshal.SizeOf<CERT_CHAIN_POLICY_PARA>(), dwFlags = (int)flags, }; CERT_CHAIN_POLICY_STATUS status = new CERT_CHAIN_POLICY_STATUS() { cbSize = Marshal.SizeOf<CERT_CHAIN_POLICY_STATUS>(), }; if (!Interop.crypt32.CertVerifyCertificateChainPolicy(ChainPolicy.CERT_CHAIN_POLICY_BASE, _chain, ref para, ref status)) { int errorCode = Marshal.GetLastWin32Error(); exception = new CryptographicException(errorCode); return default(bool?); } return status.dwError == 0; }
public static CryptographicException/*!*/ Create(RubyClass/*!*/ self, [DefaultProtocol, DefaultParameterValue(null)]MutableString message) { CryptographicException result = new CryptographicException(RubyExceptions.MakeMessage(ref message, "Not enought data.")); RubyExceptionData.InitializeException(result, message); return result; }
/// <summary> /// Initialize the provider /// </summary> void IValidator.Init( XmlNode config ) { // get the xml node that holds the key (might be empty) XmlNode keyNode = config.SelectSingleNode( "key" ); // look for key in xml _key = ExtractKeyFromNode( keyNode ); // we've tried to find key in "key" nodes, we should have a good key now; check to be sure if ( null == _key ) { string error = ApplicationUpdateManager.TraceWrite( "[KeyValidator.Init]", "RES_CouldNotFindCryptographicKey" ); CryptographicException ce = new CryptographicException( error ); ExceptionManager.Publish( ce ); throw ce; } }
internal virtual void PrepareSession() { if (this.WebSession == null) { this.WebSession = new WebRequestSession(); } if (this.SessionVariable != null) { base.SessionState.PSVariable.Set(this.SessionVariable, this.WebSession); } if (this.Credential != null) { NetworkCredential networkCredential = this.Credential.GetNetworkCredential(); this.WebSession.Credentials = networkCredential; this.WebSession.UseDefaultCredentials = false; } else if (this.UseDefaultCredentials != 0) { this.WebSession.UseDefaultCredentials = true; } if (this.CertificateThumbprint != null) { X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.OpenExistingOnly); X509Certificate2Collection certificates2 = store.Certificates.Find(X509FindType.FindByThumbprint, this.CertificateThumbprint, false); if (certificates2.Count == 0) { CryptographicException exception = new CryptographicException(WebCmdletStrings.ThumbprintNotFound); throw exception; } X509Certificate2Enumerator enumerator = certificates2.GetEnumerator(); while (enumerator.MoveNext()) { X509Certificate current = enumerator.Current; this.WebSession.AddCertificate(current); } } if (this.Certificate != null) { this.WebSession.AddCertificate(this.Certificate); } if (this.UserAgent != null) { this.WebSession.UserAgent = this.UserAgent; } if (null != this.Proxy) { WebProxy proxy = new WebProxy(this.Proxy) { BypassProxyOnLocal = false }; if (this.ProxyCredential != null) { proxy.Credentials = this.ProxyCredential.GetNetworkCredential(); proxy.UseDefaultCredentials = false; } else if (this.ProxyUseDefaultCredentials != 0) { proxy.UseDefaultCredentials = true; } this.WebSession.Proxy = proxy; } if (-1 < this.MaximumRedirection) { this.WebSession.MaximumRedirection = this.MaximumRedirection; } if (this.Headers != null) { foreach (string str in this.Headers.Keys) { this.WebSession.Headers[str] = (string) this.Headers[str]; } } }
public CertificateException(string operation, StoreName storeName, StoreLocation storeLocation, CryptographicException innerException) : base(string.Format(CryptographicMessageFormat, storeName, storeLocation, innerException.Message, operation), innerException) { }
private static void HandleCryptoException(CryptographicException e) { string template = GetTemplate("ERROR"); /* * The string returned in this sample is mostly to demonstrate * how to retrieve the exception properties. Your application * should display user-friendly messages. */ string content = String.Format( "\nA Cryptographic error occurred. Check to make sure that you have a certificate (.p12) file at the location supplied in the configuration file. Error Message:'{0}'\n\nStack Trace:" + "'{1}'.", e.Message, e.StackTrace); Console.WriteLine(template, content); }
internal virtual void PrepareSession() { // make sure we have a valid WebRequestSession object to work with if (null == WebSession) { WebSession = new WebRequestSession(); } if (null != SessionVariable) { // save the session back to the PS environment if requested PSVariableIntrinsics vi = SessionState.PSVariable; vi.Set(SessionVariable, WebSession); } // // handle credentials // if (null != Credential) { // get the relevant NetworkCredential NetworkCredential netCred = Credential.GetNetworkCredential(); WebSession.Credentials = netCred; // supplying a credential overrides the UseDefaultCredentials setting WebSession.UseDefaultCredentials = false; } else if (UseDefaultCredentials) { WebSession.UseDefaultCredentials = true; } if (null != CertificateThumbprint) { X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly); X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates; X509Certificate2Collection tbCollection = (X509Certificate2Collection)collection.Find(X509FindType.FindByThumbprint, CertificateThumbprint, false); if (tbCollection.Count == 0) { CryptographicException ex = new CryptographicException(WebCmdletStrings.ThumbprintNotFound); throw ex; } foreach (X509Certificate2 tbCert in tbCollection) { X509Certificate certificate = (X509Certificate)tbCert; WebSession.AddCertificate(certificate); } } if (null != Certificate) { WebSession.AddCertificate(Certificate); } // // handle the user agent // if (null != UserAgent) { // store the UserAgent string WebSession.UserAgent = UserAgent; } if (null != Proxy) { WebProxy webProxy = new WebProxy(Proxy); webProxy.BypassProxyOnLocal = false; if (null != ProxyCredential) { webProxy.Credentials = ProxyCredential.GetNetworkCredential(); } else if (ProxyUseDefaultCredentials) { // If both ProxyCredential and ProxyUseDefaultCredentials are passed, // UseDefaultCredentials will overwrite the supplied credentials. webProxy.UseDefaultCredentials = true; } WebSession.Proxy = webProxy; } if (-1 < MaximumRedirection) { WebSession.MaximumRedirection = MaximumRedirection; } // store the other supplied headers if (null != Headers) { foreach (string key in Headers.Keys) { // add the header value (or overwrite it if already present) WebSession.Headers[key] = Headers[key].ToString(); } } }
public string SignMd5Hash(byte[] hashedBytes) { byte[] signedHash = null; try { signedHash = _privateKey.SignHash(hashedBytes, CryptoConfig.MapNameToOID("MD5")); } catch(CryptographicException ex) { if(ex.Message == "Bad Hash.") { var cryptoEx = new CryptographicException("Bad Hash; Use BasicHasher.GetMd5HashBytes() to generate a proper hash before calling this method."); } else { throw; } } if (_encoding == EncodingOption.Base64String) { return Convert.ToBase64String(signedHash); } else if (_encoding == EncodingOption.HexString) { return signedHash.ToHexString(); } else { throw new NotImplementedException(_encoding.ToString()); } //return signedHash.ToHexString(); }