public async Task CertificateCache_JWK_RS256(string certificateLocation) { var certCache = new CertificateCache(); var certificates = await certCache.GetCertificatesAsync(certificateLocation, FromKeyToRsa, false, default); Assert.NotEmpty(certificates); }
public CertificateResolverFacts() { m_resolver = CreateResolver(true, 60, false); // enable caching, ttl=60secs, disable negative caching m_cache = m_resolver.Cache; ClearCache(); }
public void Dispose() { Host.MainWindow.FileOpened -= OnDatabaseOpened; CertificateCache.Dispose(); GC.SuppressFinalize(this); }
public async Task CertificateCache_NonJWK_Error() { var certCache = new CertificateCache(); var exception = await Assert.ThrowsAsync <ArgumentException>(() => certCache.GetCertificatesAsync( "https://www.googleapis.com/service_accounts/v1/metadata/x509/[email protected]", json => RSA.Create(), false, default)); Assert.Contains("Only JWK formatted keys are currently supported", exception.Message); }
public async Task CertificateCache() { var certCache = new CertificateCache(); // We don't care about cert transformation here, that'll be tested when verifying. var certificates = await certCache.GetCertificatesAsync(GoogleAuthConsts.JsonWebKeySetUrl, json => RSA.Create(), false, default); Assert.NotEmpty(certificates); }
public void CachingVerifyDisabledNullCacheSettings() { using (SystemX509Store store = SystemX509Store.OpenExternal()) { m_resolver = new CertificateResolver(store, null); m_cache = m_resolver.Cache; string domain = DomainIncubator; X509Certificate2Collection source = m_resolver.GetCertificatesForDomain(domain); Assert.Null(m_resolver.Cache); Assert.True(source.Count > 0); } }
private X509Certificate2 GetCertificateFromCache(string databasePath) { try { var thumbprint = CertificateCache.GetCachedValue(databasePath); if (thumbprint != null) { return(UserCertificates.SingleOrDefault(c => c.Thumbprint.Equals(thumbprint))); } } catch (Exception ex) { MessageService.ShowWarning($"Selected certificate can't be used!\nReason: {ex.Message}."); } return(null); }
public override byte[] GetKey(KeyProviderQueryContext keyProviderQueryContext) { X509Certificate2 certificate = null; if (!keyProviderQueryContext.CreatingNewKey) { certificate = GetCertificateFromCache(keyProviderQueryContext.DatabasePath); } if (certificate == null) { var title = "Available certificates"; var message = "Select certificate to use it for encryption on your KeePass database."; var x509Certificates = X509Certificate2UI.SelectFromCollection(new X509Certificate2Collection(UserCertificates), title, message, X509SelectionFlag.SingleSelection) .Cast <X509Certificate2>(); certificate = x509Certificates.FirstOrDefault(); } if (certificate == null) { MessageService.ShowInfo("No valid certificate selected!"); } else { try { if (certificate.PrivateKey is RSA rsa) { CertificateCache.StoreCachedValue(keyProviderQueryContext.DatabasePath, certificate.Thumbprint); // Using HashAlgorithmName.SHA1 for backward compatibility return(rsa.SignData(DataToSign, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1)); // DO NOT CHANGE THIS!!!!; } } catch (Exception ex) { MessageService.ShowWarning($"Selected certificate can't be used!\nReason: {ex.Message}."); } } return(null); }
private void OnDatabaseOpened(object sender, FileOpenedEventArgs args) { var path = args.Database.IOConnectionInfo.Path; CertificateCache.SetCachedItemAsValid(path); }