public void CanGetPrivateKeyFromCertificate()
{
var found = CertificateUtils.FindValidCertificates(
StoreName.Root, StoreLocation.CurrentUser,
"CN=Microsoft Root Certificate Authority, DC=microsoft, DC=com")
.ToList();
Assert.IsTrue(found.Count > 0);
var certificate = found[0];
// No private key:
Assert.IsFalse(
CertificateUtils.TryExportPrivateKey(certificate, out string _, out string _));
foreach (X509Certificate2 certWithPrivateKey in CertificateUtils.GetCertificates(
StoreName.My, StoreLocation.LocalMachine, c => c.HasPrivateKey))
{
// No access (must run as admin):
bool canExport =
CertificateUtils.TryExportPrivateKey(certWithPrivateKey, out string _,
out string _);
string msg = canExport ? "Successfully exported " : "Export failed for ";
Console.WriteLine("{0} {1}", msg, certWithPrivateKey);
}
}
/// <summary>
/// Gets the public certificate from the certificate store and the private key from the
/// specified file.
/// </summary>
/// <param name="certificate"></param>
/// <param name="privateKeyFilePath"></param>
/// <returns></returns>
private static KeyPair GetMixedKeyPair(string certificate, string privateKeyFilePath)
{
Assert.True(File.Exists(privateKeyFilePath),
$"The specified private key PEM file {privateKeyFilePath} was not found. " +
"In order to use the private key from the certificate, the private key file must not be specified.");
KeyPair result = null;
// The private key has been provided already, no need to try to extract it from the store:
X509Certificate2 x509Certificate2 =
CertificateUtils.FindValidCertificates(
StoreName.My, StoreLocation.LocalMachine,
certificate, new[]
{
X509FindType
.FindBySubjectDistinguishedName,
X509FindType.FindByThumbprint
})
.FirstOrDefault();
if (x509Certificate2 != null)
{
string publicKey = CertificateUtils.ExportToPem(x509Certificate2, true);
string privateKey = File.ReadAllText(privateKeyFilePath);
result = new KeyPair(privateKey, publicKey);
}
else
{
_msg.InfoFormat("Certificate not found in certificate store.");
}
return(result);
}
public void CanFindCertificateByCommonName()
{
var found = CertificateUtils.FindValidCertificates(
StoreName.Root, StoreLocation.CurrentUser,
"CN=Microsoft Root Certificate Authority, DC=microsoft, DC=com")
.ToList();
Assert.IsTrue(found.Count > 0);
}
public void CanFindCertificateByThumbprint()
{
var certificate = CertificateUtils.GetCertificates(StoreName.My).First();
Assert.NotNull(certificate.Thumbprint);
string certificateThumbprint = certificate.Thumbprint;
var found =
CertificateUtils.FindValidCertificates(
StoreName.My, StoreLocation.CurrentUser, certificateThumbprint,
X509FindType.FindByThumbprint).ToList();
Assert.AreEqual(1, found.Count);
Assert.AreEqual(certificate, found.First());
}