public PkixBuilderParameters( ISet trustAnchors, IX509Selector targetConstraints) : base(trustAnchors) { SetTargetCertConstraints(targetConstraints); }
/// <summary> /// Gets the private key based on the provided selector. /// </summary> /// <remarks> /// Gets the private key based on the provided selector. /// </remarks> /// <returns>The private key on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the private key.</param> protected override AsymmetricKeyParameter GetPrivateKey(IX509Selector selector) { var store = new X509Store(StoreName.My, StoreLocation); store.Open(OpenFlags.ReadOnly); try { foreach (var certificate in store.Certificates) { if (!certificate.HasPrivateKey) { continue; } var cert = DotNetUtilities.FromX509Certificate(certificate); if (selector == null || selector.Match(cert)) { var pair = DotNetUtilities.GetKeyPair(certificate.PrivateKey); return(pair.Private); } } } finally { store.Close(); } return(null); }
/// <summary> /// Finds the private keys matching the specified selector. /// </summary> /// <remarks> /// Searches the database for certificate records matching the selector, returning the /// private keys for each matching record. /// </remarks> /// <returns>The matching certificates.</returns> /// <param name="selector">The match selector or <c>null</c> to return all private keys.</param> public IEnumerable <AsymmetricKeyParameter> FindPrivateKeys(IX509Selector selector) { using (var command = GetSelectCommand(selector, false, true, PrivateKeyFields)) { var reader = command.ExecuteReader(); try { var parser = new X509CertificateParser(); var buffer = new byte[4096]; while (reader.Read()) { var record = LoadCertificateRecord(reader, parser, ref buffer); if (selector == null || selector.Match(record.Certificate)) { yield return(record.PrivateKey); } } } finally { #if NETSTANDARD reader.Dispose(); #else reader.Close(); #endif } } yield break; }
public virtual PkixCertPathValidatorResult Validate(PkixCertPath certPath, PkixParameters pkixParams) { //IL_002d: Unknown result type (might be due to invalid IL or missing references) IX509Selector targetConstraints = pkixParams.GetTargetConstraints(); if (!(targetConstraints is X509AttrCertStoreSelector)) { throw new ArgumentException("TargetConstraints must be an instance of " + typeof(X509AttrCertStoreSelector).get_FullName(), "pkixParams"); } IX509AttributeCertificate attributeCert = ((X509AttrCertStoreSelector)targetConstraints).AttributeCert; PkixCertPath holderCertPath = Rfc3281CertPathUtilities.ProcessAttrCert1(attributeCert, pkixParams); PkixCertPathValidatorResult result = Rfc3281CertPathUtilities.ProcessAttrCert2(certPath, pkixParams); X509Certificate x509Certificate = (X509Certificate)certPath.Certificates.get_Item(0); Rfc3281CertPathUtilities.ProcessAttrCert3(x509Certificate, pkixParams); Rfc3281CertPathUtilities.ProcessAttrCert4(x509Certificate, pkixParams); Rfc3281CertPathUtilities.ProcessAttrCert5(attributeCert, pkixParams); Rfc3281CertPathUtilities.ProcessAttrCert7(attributeCert, certPath, holderCertPath, pkixParams); Rfc3281CertPathUtilities.AdditionalChecks(attributeCert, pkixParams); global::System.DateTime validCertDateFromValidityModel; try { validCertDateFromValidityModel = PkixCertPathValidatorUtilities.GetValidCertDateFromValidityModel(pkixParams, null, -1); } catch (global::System.Exception cause) { throw new PkixCertPathValidatorException("Could not get validity date from attribute certificate.", cause); } Rfc3281CertPathUtilities.CheckCrls(attributeCert, pkixParams, x509Certificate, validCertDateFromValidityModel, certPath.Certificates); return(result); }
/** * Method to support <code>Clone()</code> under J2ME. * <code>super.Clone()</code> does not exist and fields are not copied. * * @param params Parameters to set. If this are * <code>ExtendedPkixParameters</code> they are copied to. */ protected virtual void SetParams( PkixParameters parameters) { Date = parameters.Date; SetCertPathCheckers(parameters.GetCertPathCheckers()); IsAnyPolicyInhibited = parameters.IsAnyPolicyInhibited; IsExplicitPolicyRequired = parameters.IsExplicitPolicyRequired; IsPolicyMappingInhibited = parameters.IsPolicyMappingInhibited; IsRevocationEnabled = parameters.IsRevocationEnabled; SetInitialPolicies(parameters.GetInitialPolicies()); IsPolicyQualifiersRejected = parameters.IsPolicyQualifiersRejected; SetTargetCertConstraints(parameters.GetTargetCertConstraints()); SetTrustAnchors(parameters.GetTrustAnchors()); validityModel = parameters.validityModel; useDeltas = parameters.useDeltas; additionalLocationsEnabled = parameters.additionalLocationsEnabled; selector = parameters.selector == null ? null : (IX509Selector)parameters.selector.Clone(); stores = Platform.CreateArrayList(parameters.stores); additionalStores = Platform.CreateArrayList(parameters.additionalStores); trustedACIssuers = new HashSet(parameters.trustedACIssuers); prohibitedACAttributes = new HashSet(parameters.prohibitedACAttributes); necessaryACAttributes = new HashSet(parameters.necessaryACAttributes); attrCertCheckers = new HashSet(parameters.attrCertCheckers); }
/// <summary> /// Finds the certificate records matching the specified selector. /// </summary> /// <remarks> /// Searches the database for certificate records matching the selector, returning all /// of the matching records populated with the desired fields. /// </remarks> /// <returns>The matching certificate records populated with the desired fields.</returns> /// <param name="selector">The match selector or <c>null</c> to match all certificates.</param> /// <param name="trustedOnly"><c>true</c> if only trusted certificates should be returned.</param> /// <param name="fields">The desired fields.</param> public IEnumerable <X509CertificateRecord> Find(IX509Selector selector, bool trustedOnly, X509CertificateRecordFields fields) { using (var command = GetSelectCommand(selector, trustedOnly, false, fields | X509CertificateRecordFields.Certificate)) { var reader = command.ExecuteReader(); try { var parser = new X509CertificateParser(); var buffer = new byte[4096]; while (reader.Read()) { var record = LoadCertificateRecord(reader, parser, ref buffer); if (selector == null || selector.Match(record.Certificate)) { yield return(record); } } } finally { #if NETSTANDARD reader.Dispose(); #else reader.Close(); #endif } } yield break; }
/// <summary> /// Gets the X.509 certificate based on the selector. /// </summary> /// <remarks> /// Gets the X.509 certificate based on the selector. /// </remarks> /// <returns>The certificate on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the certificate.</param> protected override Org.BouncyCastle.X509.X509Certificate GetCertificate(IX509Selector selector) { foreach (StoreName storeName in Enum.GetValues(typeof(StoreName))) { if (storeName == StoreName.Disallowed) { continue; } var store = new X509Store(storeName, StoreLocation); store.Open(OpenFlags.ReadOnly); try { foreach (var certificate in store.Certificates) { var cert = GetBouncyCastleCertificate(certificate); if (selector == null || selector.Match(cert)) { return(cert); } } } finally { store.Close(); } } return(null); }
public global::System.Collections.ICollection GetMatches(IX509Selector selector) { if (selector == null) { return((global::System.Collections.ICollection)Platform.CreateArrayList(_local)); } global::System.Collections.IList list = Platform.CreateArrayList(); global::System.Collections.IEnumerator enumerator = ((global::System.Collections.IEnumerable)_local).GetEnumerator(); try { while (enumerator.MoveNext()) { object current = enumerator.get_Current(); if (selector.Match(current)) { list.Add(current); } } return((global::System.Collections.ICollection)list); } finally { global::System.IDisposable disposable = enumerator as global::System.IDisposable; if (disposable != null) { disposable.Dispose(); } } }
/// <summary> /// Gets the private key based on the provided selector. /// </summary> /// <remarks> /// Gets the private key based on the provided selector. /// </remarks> /// <returns>The private key on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the private key.</param> protected override AsymmetricKeyParameter GetPrivateKey(IX509Selector selector) { #if false // Note: GetPrivateKey() is only used by the base class implementations of Decrypt() and DecryptTo(). // Since we override those methods, there is no use for this method. var store = new X509Store(StoreName.My, StoreLocation); store.Open(OpenFlags.ReadOnly); try { foreach (var certificate in store.Certificates) { if (!certificate.HasPrivateKey) { continue; } var cert = GetBouncyCastleCertificate(certificate); if (selector == null || selector.Match(cert)) { var pair = CmsSigner.GetBouncyCastleKeyPair(certificate.PrivateKey); return(pair.Private); } } } finally { store.Close(); } #endif return(null); }
/// <summary> /// Gets the X.509 certificate based on the selector. /// </summary> /// <remarks> /// Gets the X.509 certificate based on the selector. /// </remarks> /// <returns>The certificate on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the certificate.</param> protected override Org.BouncyCastle.X509.X509Certificate GetCertificate(IX509Selector selector) { var storeNames = new [] { StoreName.My, StoreName.AddressBook, StoreName.TrustedPeople, StoreName.Root }; foreach (var storeName in storeNames) { var store = new X509Store(storeName, StoreLocation); store.Open(OpenFlags.ReadOnly); try { foreach (var certificate in store.Certificates) { var cert = DotNetUtilities.FromX509Certificate(certificate); if (selector == null || selector.Match(cert)) { return(cert); } } } finally { store.Close(); } } return(null); }
/** * Build and validate a CertPath using the given parameter. * * @param params PKIXBuilderParameters object containing all information to * build the CertPath */ public virtual PkixCertPathBuilderResult Build( PkixBuilderParameters pkixParams) { // search target certificates IX509Selector certSelect = pkixParams.GetTargetCertConstraints(); if (!(certSelect is X509CertStoreSelector)) { throw new PkixCertPathBuilderException( "TargetConstraints must be an instance of " + typeof(X509CertStoreSelector).FullName + " for " + this.GetType() + " class."); } ISet targets = new HashSet(); try { targets.AddAll(PkixCertPathValidatorUtilities.FindCertificates((X509CertStoreSelector)certSelect, pkixParams.GetStores())); // TODO Should this include an entry for pkixParams.GetAdditionalStores() too? } catch (Exception e) { throw new PkixCertPathBuilderException( "Error finding target certificate.", e); } if (targets.IsEmpty) { throw new PkixCertPathBuilderException("No certificate found matching targetContraints."); } PkixCertPathBuilderResult result = null; IList certPathList = new ArrayList(); // check all potential target certificates foreach (X509Certificate cert in targets) { result = Build(cert, pkixParams, certPathList); if (result != null) { break; } } if (result == null && certPathException != null) { throw new PkixCertPathBuilderException(certPathException.Message, certPathException.InnerException); } if (result == null && certPathException == null) { throw new PkixCertPathBuilderException("Unable to find certificate chain."); } return(result); }
/// <summary> /// Gets the X.509 certificate based on the selector. /// </summary> /// <returns>The certificate on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the certificate.</param> protected override X509Certificate GetCertificate (IX509Selector selector) { foreach (var certificate in keychain.GetCertificates ((CssmKeyUse) 0)) { if (selector.Match (certificate)) return certificate; } return null; }
public virtual void SetTargetConstraints(IX509Selector selector) { if (selector != null) { this.selector = (IX509Selector)selector.Clone(); return; } this.selector = null; }
/// <summary> /// Gets the private key based on the provided selector. /// </summary> /// <returns>The private key on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the private key.</param> protected override AsymmetricKeyParameter GetPrivateKey (IX509Selector selector) { foreach (var signer in keychain.GetAllCmsSigners ()) { if (selector.Match (signer.Certificate)) return signer.PrivateKey; } return null; }
public virtual void SetTargetConstraints(IX509Selector selector) { if (selector != null) { this.selector = (IX509Selector)((ICloneable)selector).Clone(); } else { this.selector = null; } }
/// <summary> /// Gets a collection of matching X.509 certificates based on the specified selector. /// </summary> /// <remarks> /// Gets a collection of matching X.509 certificates based on the specified selector. /// </remarks> /// <returns>The matching certificates.</returns> /// <param name="selector">The match criteria.</param> ICollection IX509Store.GetMatches(IX509Selector selector) { var matches = new List <X509Certificate> (); foreach (var certificate in GetMatches(selector)) { matches.Add(certificate); } return(matches); }
public virtual void SetTargetCertConstraints(IX509Selector selector) { if (selector == null) { certSelector = null; } else { certSelector = (IX509Selector)selector.Clone(); } }
/// <summary> /// Gets the X.509 certificate based on the selector. /// </summary> /// <returns>The certificate on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the certificate.</param> protected override X509Certificate GetCertificate(IX509Selector selector) { foreach (var certificate in keychain.GetCertificates((CssmKeyUse)0)) { if (selector.Match(certificate)) { return(certificate); } } return(null); }
/// <summary> /// Gets the private key based on the provided selector. /// </summary> /// <returns>The private key on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the private key.</param> protected override AsymmetricKeyParameter GetPrivateKey(IX509Selector selector) { foreach (var signer in keychain.GetAllCmsSigners()) { if (selector.Match(signer.Certificate)) { return(signer.PrivateKey); } } return(null); }
/// <summary> /// Gets an enumerator of matching X.509 certificates based on the specified selector. /// </summary> /// <remarks> /// Gets an enumerator of matching X.509 certificates based on the specified selector. /// </remarks> /// <returns>The matching certificates.</returns> /// <param name="selector">The match criteria.</param> public IEnumerable <X509Certificate> GetMatches(IX509Selector selector) { foreach (var certificate in certificates) { if (selector == null || selector.Match(certificate)) { yield return(certificate); } } yield break; }
/// <summary> /// Gets the X.509 certificate based on the selector. /// </summary> /// <returns>The certificate on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the certificate.</param> protected override X509Certificate GetCertificate (IX509Selector selector) { if (selector == null && certificates.Count > 0) return certificates[0]; foreach (var certificate in certificates) { if (selector.Match (certificate)) return certificate; } return null; }
/// <summary> /// Gets the X.509 certificate based on the selector. /// </summary> /// <returns>The certificate on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the certificate.</param> protected override X509Certificate GetCertificate(IX509Selector selector) { foreach (var certificate in certificates) { if (selector.Match(certificate)) { return(certificate); } } return(null); }
public virtual PkixCertPathBuilderResult Build(PkixBuilderParameters pkixParams) { IX509Selector targetCertConstraints = pkixParams.GetTargetCertConstraints(); if (!(targetCertConstraints is X509CertStoreSelector)) { throw new PkixCertPathBuilderException(string.Concat(new object[] { "TargetConstraints must be an instance of ", typeof(X509CertStoreSelector).FullName, " for ", base.GetType(), " class." })); } ISet set = new HashSet(); try { set.AddAll(PkixCertPathValidatorUtilities.FindCertificates((X509CertStoreSelector)targetCertConstraints, pkixParams.GetStores())); } catch (Exception exception) { throw new PkixCertPathBuilderException("Error finding target certificate.", exception); } if (set.IsEmpty) { throw new PkixCertPathBuilderException("No certificate found matching targetContraints."); } PkixCertPathBuilderResult pkixCertPathBuilderResult = null; IList tbvPath = Platform.CreateArrayList(); foreach (X509Certificate tbvCert in set) { pkixCertPathBuilderResult = this.Build(tbvCert, pkixParams, tbvPath); if (pkixCertPathBuilderResult != null) { break; } } if (pkixCertPathBuilderResult == null && this.certPathException != null) { throw new PkixCertPathBuilderException(this.certPathException.Message, this.certPathException.InnerException); } if (pkixCertPathBuilderResult == null && this.certPathException == null) { throw new PkixCertPathBuilderException("Unable to find certificate chain."); } return(pkixCertPathBuilderResult); }
/// <summary> /// Gets a collection of matching X.509 certificates based on the specified selector. /// </summary> /// <remarks> /// Gets a collection of matching X.509 certificates based on the specified selector. /// </remarks> /// <returns>The matching certificates.</returns> /// <param name="selector">The match criteria.</param> ICollection IX509Store.GetMatches(IX509Selector selector) { var matches = new List <X509Certificate> (); foreach (var certificate in certs) { if (selector == null || selector.Match(certificate)) { matches.Add(certificate); } } return(matches); }
/// <summary> /// Gets the X.509 certificate based on the selector. /// </summary> /// <returns>The certificate on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the certificate.</param> protected override Org.BouncyCastle.X509.X509Certificate GetCertificate(IX509Selector selector) { foreach (var certificate in CertificateStore.Certificates) { var cert = DotNetUtilities.FromX509Certificate(certificate); if (selector.Match(cert)) { return(cert); } } return(null); }
public IEnumerable <X509CertificateRecord> Find(IX509Selector selector, bool trustedOnly, X509CertificateRecordFields fields) { var certs = this.GetCerts(); foreach (var certificate in certs) { if (selector.Match(certificate)) { var record = new X509CertificateRecord(certificate); return(new SingletonList <X509CertificateRecord>(record)); } } return(new List <X509CertificateRecord>()); }
public ICollection GetMatches(IX509Selector selector) { var list = new Collection <X509Certificate>(); var certs = this.GetCerts(); foreach (var cert in certs) { if (selector.Match(cert)) { list.Add(cert); return(list); } } return(list); }
/// <summary> /// Gets the private key based on the provided selector. /// </summary> /// <returns>The private key on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the private key.</param> protected override AsymmetricKeyParameter GetPrivateKey (IX509Selector selector) { foreach (var certificate in certificates) { AsymmetricKeyParameter key; if (!keys.TryGetValue (certificate, out key)) continue; if (selector != null && !selector.Match (certificate)) continue; return key; } return null; }
public ICollection GetMatches(IX509Selector selector) { if (selector == null) { return(Platform.CreateArrayList(_local)); } IList list = Platform.CreateArrayList(); foreach (object item in _local) { if (selector.Match(item)) { list.Add(item); } } return(list); }
public ICollection GetMatches(IX509Selector selector) { if (selector == null) { return(Platform.CreateArrayList(this._local)); } IList list = Platform.CreateArrayList(); foreach (object current in this._local) { if (selector.Match(current)) { list.Add(current); } } return(list); }
/// <summary> /// Gets the X.509 certificate matching the specified selector. /// </summary> /// <remarks> /// Gets the first certificate that matches the specified selector. /// </remarks> /// <returns>The certificate on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the certificate.</param> protected override X509Certificate GetCertificate(IX509Selector selector) { if (selector == null && certificates.Count > 0) { return(certificates[0]); } foreach (var certificate in certificates) { if (selector.Match(certificate)) { return(certificate); } } return(null); }
void AssertFindBy(IX509Selector selector, X509Certificate expected) { using (var dbase = new SqliteCertificateDatabase("sqlite.db", "no.secret")) { // Verify that we can select the Root Certificate bool found = false; foreach (var record in dbase.Find(selector, false, X509CertificateRecordFields.Certificate)) { if (record.Certificate.Equals(expected)) { found = true; break; } } Assert.IsTrue(found, "Did not find the expected certificate"); } }
/** * Return the matches in the collection for the passed in selector. * * @param selector the selector to match against. * @return a possibly empty collection of matching objects. */ public ICollection GetMatches( IX509Selector selector) { if (selector == null) { return new ArrayList(_local); } IList result = new ArrayList(); foreach (object obj in _local) { if (selector.Match(obj)) result.Add(obj); } return result; }
public ICollection GetMatches(IX509Selector selector) { if (selector == null) { return(win); } IList result = new ArrayList(); for (int i = 0; i < win.Count; i++) { if (selector.Match(bc[i])) { result.Add(win[i]); } } return(result); }
/** * Return the matches in the collection for the passed in selector. * * @param selector the selector to match against. * @return a possibly empty collection of matching objects. */ public ICollection GetMatches(IX509Selector selector) { if (selector == null) { return(Platform.CreateArrayList(_local)); } IList result = Platform.CreateArrayList(); foreach (object obj in _local) { if (selector.Match(obj)) { result.Add(obj); } } return(result); }
/// <summary> /// Gets the X.509 certificate based on the selector. /// </summary> /// <returns>The certificate on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the certificate.</param> protected abstract X509Certificate GetCertificate(IX509Selector selector);
/// <summary> /// Gets the private key for the certificate matching the specified selector. /// </summary> /// <remarks> /// Gets the private key for the first certificate that matches the specified selector. /// </remarks> /// <returns>The private key on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the private key.</param> protected override AsymmetricKeyParameter GetPrivateKey (IX509Selector selector) { return dbase.FindPrivateKeys (selector).FirstOrDefault (); }
/** * Sets the required constraints on the target certificate. The constraints * are specified as an instance of CertSelector. If null, no constraints are * defined.<br /> * <br /> * Note that the CertSelector specified is cloned to protect against * subsequent modifications. * * @param selector * a CertSelector specifying the constraints on the target * certificate (or <code>null</code>) * * @see #getTargetCertConstraints() */ public virtual void SetTargetCertConstraints( IX509Selector selector) { if (selector == null) { certSelector = null; } else { certSelector = (IX509Selector)selector.Clone(); } }
/// <summary> /// Gets the private key based on the provided selector. /// </summary> /// <remarks> /// Gets the private key based on the provided selector. /// </remarks> /// <returns>The private key on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the private key.</param> protected override AsymmetricKeyParameter GetPrivateKey (IX509Selector selector) { var store = new X509Store (StoreName.My, StoreLocation); store.Open (OpenFlags.ReadOnly); try { foreach (var certificate in store.Certificates) { if (!certificate.HasPrivateKey) continue; var cert = DotNetUtilities.FromX509Certificate (certificate); if (selector == null || selector.Match (cert)) { var pair = DotNetUtilities.GetKeyPair (certificate.PrivateKey); return pair.Private; } } } finally { store.Close (); } return null; }
public ICollection GetMatches(IX509Selector selector) { if (selector == null) { return win; } IList result = new ArrayList(); for (int i = 0; i < win.Count; i++) { if (selector.Match(bc[i])) result.Add(win[i]); } return result; }
/// <summary> /// Gets an enumerator of matching X.509 certificates based on the specified selector. /// </summary> /// <remarks> /// Gets an enumerator of matching X.509 certificates based on the specified selector. /// </remarks> /// <returns>The matching certificates.</returns> /// <param name="selector">The match criteria.</param> public IEnumerable<X509Certificate> GetMatches (IX509Selector selector) { foreach (var certificate in certs) { if (selector == null || selector.Match (certificate)) yield return certificate; } yield break; }
/// <summary> /// Gets the private key based on the provided selector. /// </summary> /// <returns>The private key on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the private key.</param> protected override AsymmetricKeyParameter GetPrivateKey(IX509Selector selector) { foreach (var certificate in store.GetMatches (selector)) { var key = store.GetPrivateKey (certificate); if (key == null) continue; return key; } return null; }
/// <summary> /// Gets the database command to select the certificate records for the specified mailbox. /// </summary> /// <remarks> /// Gets the database command to select the certificate records for the specified mailbox. /// </remarks> /// <returns>The database command.</returns> /// <param name="selector">Selector.</param> /// <param name="trustedOnly">If set to <c>true</c> trusted only.</param> /// <param name="requirePrivateKey">true</param> /// <param name="fields">The fields to return.</param> protected override DbCommand GetSelectCommand (IX509Selector selector, bool trustedOnly, bool requirePrivateKey, X509CertificateRecordFields fields) { var query = "SELECT " + string.Join (", ", GetColumnNames (fields)) + " FROM CERTIFICATES"; var match = selector as X509CertStoreSelector; var command = connection.CreateCommand (); var constraints = " WHERE "; if (trustedOnly) { command.AddParameterWithValue ("@TRUSTED", true); constraints += "TRUSTED = @TRUSTED"; } if (match != null) { if (match.BasicConstraints != -1) { if (command.Parameters.Count > 0) constraints += " AND "; command.AddParameterWithValue ("@BASICCONSTRAINTS", match.BasicConstraints); constraints += "BASICCONSTRAINTS = @BASICCONSTRAINTS"; } if (match.Issuer != null) { if (command.Parameters.Count > 0) constraints += " AND "; command.AddParameterWithValue ("@ISSUERNAME", match.Issuer.ToString ()); constraints += "ISSUERNAME = @ISSUERNAME"; } if (match.SerialNumber != null) { if (command.Parameters.Count > 0) constraints += " AND "; command.AddParameterWithValue ("@SERIALNUMBER", match.SerialNumber.ToString ()); constraints += "SERIALNUMBER = @SERIALNUMBER"; } if (match.KeyUsage != null) { var flags = X509CertificateExtensions.GetKeyUsageFlags (match.KeyUsage); if (flags != X509KeyUsageFlags.None) { if (command.Parameters.Count > 0) constraints += " AND "; command.AddParameterWithValue ("@FLAGS", (int) flags); constraints += "(KEYUSAGE & @FLAGS) != 0"; } } } if (requirePrivateKey) { if (command.Parameters.Count > 0) constraints += " AND "; constraints += "PRIVATEKEY IS NOT NULL"; } else if (command.Parameters.Count == 0) { constraints = string.Empty; } command.CommandText = query + constraints; command.CommandType = CommandType.Text; return command; }
/// <summary> /// Gets a collection of matching certificates matching the specified selector. /// </summary> /// <remarks> /// Gets a collection of matching certificates matching the specified selector. /// </remarks> /// <returns>The matching certificates.</returns> /// <param name="selector">The match criteria.</param> ICollection IX509Store.GetMatches (IX509Selector selector) { return new List<X509Certificate> (FindCertificates (selector)); }
/// <summary> /// Finds the certificate records matching the specified selector. /// </summary> /// <remarks> /// Searches the database for certificate records matching the selector, returning all /// of the matching records populated with the desired fields. /// </remarks> /// <returns>The matching certificate records populated with the desired fields.</returns> /// <param name="selector">The match selector or <c>null</c> to match all certificates.</param> /// <param name="trustedOnly"><c>true</c> if only trusted certificates should be returned.</param> /// <param name="fields">The desired fields.</param> public IEnumerable<X509CertificateRecord> Find (IX509Selector selector, bool trustedOnly, X509CertificateRecordFields fields) { using (var command = GetSelectCommand (selector, trustedOnly, false, fields | X509CertificateRecordFields.Certificate)) { var reader = command.ExecuteReader (); try { var parser = new X509CertificateParser (); var buffer = new byte[4096]; while (reader.Read ()) { var record = LoadCertificateRecord (reader, parser, ref buffer); if (selector == null || selector.Match (record.Certificate)) yield return record; } } finally { reader.Close (); } } yield break; }
/// <summary> /// Finds the private keys matching the specified selector. /// </summary> /// <remarks> /// Searches the database for certificate records matching the selector, returning the /// private keys for each matching record. /// </remarks> /// <returns>The matching certificates.</returns> /// <param name="selector">The match selector or <c>null</c> to return all private keys.</param> public IEnumerable<AsymmetricKeyParameter> FindPrivateKeys (IX509Selector selector) { using (var command = GetSelectCommand (selector, false, true, PrivateKeyFields)) { var reader = command.ExecuteReader (); try { var parser = new X509CertificateParser (); var buffer = new byte[4096]; while (reader.Read ()) { var record = LoadCertificateRecord (reader, parser, ref buffer); if (selector == null || selector.Match (record.Certificate)) yield return record.PrivateKey; } } finally { reader.Close (); } } yield break; }
/// <summary> /// Gets the database command to select certificate records matching the specified selector. /// </summary> /// <remarks> /// Gets the database command to select certificate records matching the specified selector. /// </remarks> /// <returns>The database command.</returns> /// <param name="selector">Selector.</param> /// <param name="trustedOnly"><c>true</c> if only trusted certificates should be matched.</param> /// <param name="requirePrivateKey"><c>true</c> if the certificate must have a private key.</param> /// <param name="fields">The fields to return.</param> protected abstract IDbCommand GetSelectCommand (IX509Selector selector, bool trustedOnly, bool requirePrivateKey, X509CertificateRecordFields fields);
/// <summary> /// Gets the private key based on the provided selector. /// </summary> /// <returns>The private key on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the private key.</param> protected abstract AsymmetricKeyParameter GetPrivateKey(IX509Selector selector);
/// <summary> /// Gets a collection of matching X.509 certificates based on the specified selector. /// </summary> /// <remarks> /// Gets a collection of matching X.509 certificates based on the specified selector. /// </remarks> /// <returns>The matching certificates.</returns> /// <param name="selector">The match criteria.</param> ICollection IX509Store.GetMatches (IX509Selector selector) { var matches = new List<X509Certificate> (); foreach (var certificate in certs) { if (selector == null || selector.Match (certificate)) matches.Add (certificate); } return matches; }
/// <summary> /// Gets the X.509 certificate matching the specified selector. /// </summary> /// <remarks> /// Gets the first certificate that matches the specified selector. /// </remarks> /// <returns>The certificate on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the certificate.</param> protected override X509Certificate GetCertificate (IX509Selector selector) { return dbase.FindCertificates (selector).FirstOrDefault (); }
/// <summary> /// Finds the certificates matching the specified selector. /// </summary> /// <remarks> /// Searches the database for certificates matching the selector, returning all /// matching certificates. /// </remarks> /// <returns>The matching certificates.</returns> /// <param name="selector">The match selector or <c>null</c> to return all certificates.</param> public IEnumerable<X509Certificate> FindCertificates (IX509Selector selector) { using (var command = GetSelectCommand (selector, false, false, X509CertificateRecordFields.Certificate)) { var reader = command.ExecuteReader (); try { var parser = new X509CertificateParser (); var buffer = new byte[4096]; while (reader.Read ()) { var record = LoadCertificateRecord (reader, parser, ref buffer); if (selector == null || selector.Match (record.Certificate)) yield return record.Certificate; } } finally { #if COREFX reader.Dispose (); #else reader.Close (); #endif } } yield break; }
/// <summary> /// Gets the X.509 certificate based on the selector. /// </summary> /// <returns>The certificate on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the certificate.</param> protected override X509Certificate GetCertificate(IX509Selector selector) { var certificate = store.GetMatches (selector).FirstOrDefault (); if (certificate != null) return certificate; certificate = addressbook.GetMatches (selector).FirstOrDefault (); if (certificate != null) return certificate; return root.GetMatches (selector).FirstOrDefault (); }
/** * Sets the required constraints on the target certificate or attribute * certificate. The constraints are specified as an instance of * <code>IX509Selector</code>. If <code>null</code>, no constraints are * defined. * <p> * The target certificate in a PKIX path may be a certificate or an * attribute certificate. * </p><p> * Note that the <code>IX509Selector</code> specified is cloned to protect * against subsequent modifications. * </p> * * @param selector a <code>IX509Selector</code> specifying the constraints on * the target certificate or attribute certificate (or * <code>null</code>) * @see #getTargetConstraints * @see X509CertStoreSelector * @see X509AttributeCertStoreSelector */ public virtual void SetTargetConstraints(IX509Selector selector) { if (selector != null) { this.selector = (IX509Selector) selector.Clone(); } else { this.selector = null; } }
/// <summary> /// Gets a collection of matching X.509 certificates based on the specified selector. /// </summary> /// <remarks> /// Gets a collection of matching X.509 certificates based on the specified selector. /// </remarks> /// <returns>The matching certificates.</returns> /// <param name="selector">The match criteria.</param> ICollection IX509Store.GetMatches (IX509Selector selector) { var matches = new List<X509Certificate> (); foreach (var certificate in GetMatches (selector)) matches.Add (certificate); return matches; }
/** * Method to support <code>Clone()</code> under J2ME. * <code>super.Clone()</code> does not exist and fields are not copied. * * @param params Parameters to set. If this are * <code>ExtendedPkixParameters</code> they are copied to. */ protected virtual void SetParams( PkixParameters parameters) { Date = parameters.Date; SetCertPathCheckers(parameters.GetCertPathCheckers()); IsAnyPolicyInhibited = parameters.IsAnyPolicyInhibited; IsExplicitPolicyRequired = parameters.IsExplicitPolicyRequired; IsPolicyMappingInhibited = parameters.IsPolicyMappingInhibited; IsRevocationEnabled = parameters.IsRevocationEnabled; SetInitialPolicies(parameters.GetInitialPolicies()); IsPolicyQualifiersRejected = parameters.IsPolicyQualifiersRejected; SetTargetCertConstraints(parameters.GetTargetCertConstraints()); SetTrustAnchors(parameters.GetTrustAnchors()); validityModel = parameters.validityModel; useDeltas = parameters.useDeltas; additionalLocationsEnabled = parameters.additionalLocationsEnabled; selector = parameters.selector == null ? null : (IX509Selector) parameters.selector.Clone(); stores = Platform.CreateArrayList(parameters.stores); additionalStores = Platform.CreateArrayList(parameters.additionalStores); trustedACIssuers = new HashSet(parameters.trustedACIssuers); prohibitedACAttributes = new HashSet(parameters.prohibitedACAttributes); necessaryACAttributes = new HashSet(parameters.necessaryACAttributes); attrCertCheckers = new HashSet(parameters.attrCertCheckers); }
/// <summary> /// Gets the X.509 certificate based on the selector. /// </summary> /// <returns>The certificate on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the certificate.</param> protected override X509Certificate GetCertificate(IX509Selector selector) { foreach (var certificate in certificates) { if (selector.Match (certificate)) return certificate; } return null; }
/// <summary> /// Gets the X.509 certificate based on the selector. /// </summary> /// <remarks> /// Gets the X.509 certificate based on the selector. /// </remarks> /// <returns>The certificate on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the certificate.</param> protected override Org.BouncyCastle.X509.X509Certificate GetCertificate (IX509Selector selector) { var storeNames = new [] { StoreName.My, StoreName.AddressBook, StoreName.TrustedPeople, StoreName.Root }; foreach (var storeName in storeNames) { var store = new X509Store (storeName, StoreLocation); store.Open (OpenFlags.ReadOnly); try { foreach (var certificate in store.Certificates) { var cert = DotNetUtilities.FromX509Certificate (certificate); if (selector == null || selector.Match (cert)) return cert; } } finally { store.Close (); } } return null; }