/// <summary> /// Determine the default store path for a given trust list type. /// </summary> /// <param name="trustListType">The trust list type.</param> /// <param name="pkiRoot">A PKI root for which the store path is needed.</param> private string DefaultCertificateStorePath(TrustlistType trustListType, string pkiRoot) { var pkiRootType = CertificateStoreIdentifier.DetermineStoreType(pkiRoot); if (pkiRootType.Equals(CertificateStoreType.Directory, StringComparison.OrdinalIgnoreCase)) { string leafPath = ""; // see https://reference.opcfoundation.org/v104/GDS/docs/F.1/ switch (trustListType) { case TrustlistType.Application: leafPath = "own"; break; case TrustlistType.Trusted: leafPath = "trusted"; break; case TrustlistType.Issuer: leafPath = "issuer"; break; case TrustlistType.TrustedHttps: leafPath = "trustedHttps"; break; case TrustlistType.IssuerHttps: leafPath = "issuerHttps"; break; case TrustlistType.TrustedUser: leafPath = "trustedUser"; break; case TrustlistType.IssuerUser: leafPath = "issuerUser"; break; case TrustlistType.Rejected: leafPath = "rejected"; break; } // Caller may have already provided the leaf path, then no need to add. int startIndex = pkiRoot.Length - leafPath.Length; char lastChar = pkiRoot.Last(); if (lastChar == Path.DirectorySeparatorChar || lastChar == Path.AltDirectorySeparatorChar) { startIndex--; } if (startIndex > 0) { if (pkiRoot.Substring(startIndex, leafPath.Length).Equals(leafPath, StringComparison.OrdinalIgnoreCase)) { return(pkiRoot); } } return(Path.Combine(pkiRoot, leafPath)); } else if (pkiRootType.Equals(CertificateStoreType.X509Store, StringComparison.OrdinalIgnoreCase)) { switch (trustListType) { case TrustlistType.Application: #if !NETFRAMEWORK if (!RuntimeInformation.IsOSPlatform(OSPlatform.Windows) && pkiRoot.StartsWith(CertificateStoreIdentifier.CurrentUser, StringComparison.OrdinalIgnoreCase)) { return(pkiRoot + "My"); } #endif return(pkiRoot + "UA_MachineDefault"); case TrustlistType.Trusted: return(pkiRoot + "UA_Trusted"); case TrustlistType.Issuer: return(pkiRoot + "UA_Issuer"); case TrustlistType.TrustedHttps: return(pkiRoot + "UA_Trusted_Https"); case TrustlistType.IssuerHttps: return(pkiRoot + "UA_Issuer_Https"); case TrustlistType.TrustedUser: return(pkiRoot + "UA_Trusted_User"); case TrustlistType.IssuerUser: return(pkiRoot + "UA_Issuer_User"); case TrustlistType.Rejected: return(pkiRoot + "UA_Rejected"); } } throw new NotSupportedException("Unsupported store type."); }
/// <summary> /// Determine the default store path for a given trust list type. /// </summary> /// <param name="trustListType">The trust list type.</param> /// <param name="pkiRoot">A PKI root for which the store path is needed.</param> private string DefaultCertificateStorePath(TrustlistType trustListType, string pkiRoot) { var pkiRootType = CertificateStoreIdentifier.DetermineStoreType(pkiRoot); if (pkiRootType.Equals(CertificateStoreType.Directory, StringComparison.OrdinalIgnoreCase)) { switch (trustListType) { case TrustlistType.Application: return(pkiRoot + "/own"); case TrustlistType.Trusted: return(pkiRoot + "/trusted"); case TrustlistType.Issuer: return(pkiRoot + "/issuer"); case TrustlistType.TrustedHttps: return(pkiRoot + "/trustedHttps"); case TrustlistType.IssuerHttps: return(pkiRoot + "/issuerHttps"); case TrustlistType.TrustedUser: return(pkiRoot + "/trustedUser"); case TrustlistType.IssuerUser: return(pkiRoot + "/issuerUser"); case TrustlistType.Rejected: return(pkiRoot + "/rejected"); } } else if (pkiRootType.Equals(CertificateStoreType.X509Store, StringComparison.OrdinalIgnoreCase)) { switch (trustListType) { case TrustlistType.Application: #if !NETFRAMEWORK if (!RuntimeInformation.IsOSPlatform(OSPlatform.Windows) && pkiRoot.StartsWith(CertificateStoreIdentifier.CurrentUser, StringComparison.OrdinalIgnoreCase)) { return(pkiRoot + "My"); } #endif return(pkiRoot + "UA_MachineDefault"); case TrustlistType.Trusted: return(pkiRoot + "UA_Trusted"); case TrustlistType.Issuer: return(pkiRoot + "UA_Issuer"); case TrustlistType.TrustedHttps: return(pkiRoot + "UA_Trusted_Https"); case TrustlistType.IssuerHttps: return(pkiRoot + "UA_Issuer_Https"); case TrustlistType.TrustedUser: return(pkiRoot + "UA_Trusted_User"); case TrustlistType.IssuerUser: return(pkiRoot + "UA_Issuer_User"); case TrustlistType.Rejected: return(pkiRoot + "UA_Rejected"); } } throw new NotSupportedException("Unsupported store type."); }