public KeyStoreViewModel(SystemX509.StoreName storeName, SystemX509.StoreLocation storeLocation)
        {
            var storeBuilder = new Pkcs12StoreBuilder();

            _store = storeBuilder.Build();
            Name   = String.Format("System KeyStore: [{0} : {1}]", storeLocation.ToString(), storeName.ToString());
            Load(storeName, storeLocation);
        }
Esempio n. 2
0
        private static bool TryFindCertificatesInStore(string thumbprint,
                                                       System.Security.Cryptography.X509Certificates.StoreLocation location, out X509Certificate2Collection certificates)
        {
            X509Store store = new X509Store(StoreName.My, location);

            store.Open(OpenFlags.ReadOnly);
            certificates = store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, false);
            return(certificates != null && certificates.Count > 0);
        }
        private void refresh(System.Security.Cryptography.X509Certificates.StoreLocation storeLocation, TreeNode parentNode)
        {
            var certificateNodes = certificatesRepository.Get(storeLocation);

            foreach (var cert in certificateNodes)
            {
                var node = parentNode.Nodes.Add(cert.StoreName);
                node.Tag = cert.Certificates;
            }
        }
        /// <summary>
        /// Loads the specified system keystore and puts
        /// the keys store in read-only mode
        /// </summary>
        /// <param name="storeName">one of the enum values </param>
        /// <param name="storelocation">one of the enum values</param>
        public void Load(SystemX509.StoreName storeName, SystemX509.StoreLocation storelocation)
        {
            ReadOnlyKeyStore = true;
            _listItems.Clear();
            var store = new SystemX509.X509Store(storeName, storelocation);

            store.Open(SystemX509.OpenFlags.ReadOnly);
            foreach (SystemX509.X509Certificate2 cert in store.Certificates)
            {
                AddEntry(cert.FriendlyName, DotNetUtilities.FromX509Certificate(cert), null);
            }
        }
        private const int StreamCutOffSize = 10 * 1024; //10KB

        private static bool TryFindCertificatesInStore(string thumbprint,
                                                       System.Security.Cryptography.X509Certificates.StoreLocation location, out X509Certificate2Collection certificates)
        {
            X509Certificate2Collection found = null;

            DiskDataStore.X509StoreWrapper(StoreName.My, location, (store) =>
            {
                store.Open(OpenFlags.ReadOnly);
                found = store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, false);
            });
            certificates = found;
            return(certificates != null && certificates.Count > 0);
        }
Esempio n. 6
0
        public static bool addCertToStore(
            System.Security.Cryptography.X509Certificates.X509Certificate2 cert, System.Security.Cryptography.X509Certificates.StoreName st,
            System.Security.Cryptography.X509Certificates.StoreLocation sl
            )
        {
            bool bRet = false;

            try
            {
                X509Store store = new X509Store(st, sl);
                store.Open(OpenFlags.ReadWrite);
                store.Add(cert);

                store.Close();
            }
            catch
            {
            }

            return(bRet);
        }
Esempio n. 7
0
        internal X509Store(string name, StoreLocation location, OpenFlags flags)
        {
            _name     = name;
            _location = location;

            // Open handle
            uint dwFlags = 0;

            if ((flags & OpenFlags.IncludeArchived) == OpenFlags.IncludeArchived)
            {
                dwFlags |= 0x200;
            }
            if ((flags & OpenFlags.MaxAllowed) == OpenFlags.MaxAllowed)
            {
                dwFlags |= 0x1000;
            }
            if ((flags & OpenFlags.OpenExistingOnly) == OpenFlags.OpenExistingOnly)
            {
                dwFlags |= 0x4000;
            }
            if ((flags & OpenFlags.ReadWrite) == 0)
            {
                dwFlags |= 0x8000;
            }
            if ((_location == StoreLocation.CurrentUser))
            {
                dwFlags |= 0x10000;
            }
            if ((_location == StoreLocation.LocalMachine))
            {
                dwFlags |= 0x20000;
            }

            _handle = CertOpenStore("System", 0x00010001, IntPtr.Zero, dwFlags, _name);
            if (_handle.IsInvalid)
            {
                throw new CryptographicException("CertOpenStore failed");
            }
        }
Esempio n. 8
0
 /// <summary>
 /// Construct a CertificatesAuthority object with a default name and in the store of the current user
 /// </summary>
 /// <param name="name">Name of the certification authority.</param>
 public CertificatesAuthority(string name)
 {
     authorityName_ = name != null ? X509NameFromString(name) : null;
     store_ = MSX509.StoreLocation.CurrentUser;
 }
        public async Task <X509Certificate2> GetCertificateFromStore(string storename, System.Security.Cryptography.X509Certificates.StoreLocation location)
        {
            //to access to store we need to specify store name and location
            X509Store x509Store = new X509Store(storename, location);

            //obtain read only access to get cert
            x509Store.Open(OpenFlags.ReadOnly);

            return(x509Store.Certificates[0]);
        }
Esempio n. 10
0
        /*private void WriteCertificate(string name, byte[] raw)
         * {
         *  using(FileStream stream = new FileStream(GetCertificateFilePath(name), FileMode.Create, FileAccess.Write))
         *      stream.Write(raw, 0, raw.Length);
         * }*/

        private MSX509.X509Certificate2 LoadCertificate(string name, MSX509.StoreName storeName, MSX509.StoreLocation location)
        {
            if (certificates_.ContainsKey(name))
            {
                return(certificates_[name]);
            }

            MSX509.X509Store store = new MSX509.X509Store(storeName, location);
            store.Open(MSX509.OpenFlags.ReadOnly);
            var certificates = store.Certificates.Find(MSX509.X509FindType.FindBySubjectName, name, true);

            store.Close();

            if (certificates.Count <= 0)
            {
                return(null);
            }

            state_.Logger.Information("X509v3 '{0}' loaded from store", name);

            MSX509.X509Certificate2 certificate = certificates[0];
            certificates_[name] = certificate;
            return(certificate);
        }
Esempio n. 11
0
        private void StoreCertificate(string name, byte[] raw, RSA key, MSX509.StoreName storeName, MSX509.StoreLocation location)
        {
            PKCS12 p12 = BuildPkcs12(raw, key);

            MSX509.X509Certificate2 certificate = new MSX509.X509Certificate2(p12.GetBytes(), "advtools", MSX509.X509KeyStorageFlags.PersistKeySet | MSX509.X509KeyStorageFlags.MachineKeySet | MSX509.X509KeyStorageFlags.Exportable);

            MSX509.X509Store store = new MSX509.X509Store(storeName, location);
            store.Open(MSX509.OpenFlags.ReadWrite);
            store.Add(certificate);
            store.Close();

            certificates_[name] = certificate;
        }
Esempio n. 12
0
        /// <summary>
        /// Construct a CertificatesAuthority object
        /// </summary>
        /// <param name="name">Name of the certification authority.</param>
        /// <param name="store">Where to store the certificates</param>
        public CertificatesAuthority(string name, MSX509.StoreLocation store)
        {
            authorityName_ = name != null?X509NameFromString(name) : null;

            store_ = store;
        }
Esempio n. 13
0
        private MSX509.X509Certificate2 LoadCertificate(X509Name name, MSX509.StoreName storeName, MSX509.StoreLocation location)
        {
            if (certificates_.ContainsKey(name))
            {
                return(certificates_[name]);
            }

            string dn = name.ToString();

            MSX509.X509Store store = new MSX509.X509Store(storeName, location);
            store.Open(MSX509.OpenFlags.ReadOnly);
            var certificates = store.Certificates.Find(MSX509.X509FindType.FindBySubjectDistinguishedName, dn, true);

            store.Close();

            if (certificates.Count <= 0)
            {
                return(null);
            }

            MSX509.X509Certificate2 certificate = certificates[0];
            certificates_[name] = certificate;
            return(certificate);
        }
Esempio n. 14
0
 /// <summary>
 /// Construct a CertificatesAuthority object
 /// </summary>
 /// <param name="name">Name of the certification authority.</param>
 /// <param name="store">Where to store the certificates</param>
 public CertificatesAuthority(string name, MSX509.StoreLocation store)
 {
     authorityName_ = name != null ? X509NameFromString(name) : null;
     store_ = store;
 }
Esempio n. 15
0
        internal static bool addCertToStore(System.Security.Cryptography.X509Certificates.X509Certificate2 cert, System.Security.Cryptography.X509Certificates.StoreName st, System.Security.Cryptography.X509Certificates.StoreLocation sl)
        {
            bool bRet = false;

            try
            {
                X509Store store = new X509Store(st, sl);
                store.Open(OpenFlags.ReadWrite);
                var certs = store.Certificates.Find(X509FindType.FindBySubjectDistinguishedName, cert.SubjectName.Name, false);

                //Remove existing Certificates
                foreach (X509Certificate2 cer in certs)
                {
                    store.Remove(cer);
                }

                store.Add(cert);

                store.Close();
            }
            catch
            {
            }

            return(bRet);
        }
Esempio n. 16
0
        //public static void SaveAsPVK(X509Certificate2 cert, string path)
        //{
        //    File.WriteAllBytes(path, cert.Export(X509ContentType.Pkcs12, (string)null));
        //}
        //public static void SaveToPFX(X509Certificate newCert,
        //  AsymmetricCipherKeyPair kp,
        //  string FilePath,
        //  string CertAlias,
        //  string Password)
        //{
        //              //Org.BouncyCastle.X509.X509Certificate newCert,

        //    var newStore = new Pkcs12Store();

        //    var certEntry = new X509CertificateEntry(newCert);

        //    newStore.SetCertificateEntry(
        //        CertAlias,
        //        certEntry
        //        );

        //    newStore.SetKeyEntry(
        //        CertAlias,
        //        new AsymmetricKeyEntry(kp.Private),
        //        new[] { certEntry }
        //        );

        //    using (var certFile = File.Create(FilePath))
        //    {
        //        newStore.Save(
        //            certFile,
        //            Password.ToCharArray(),
        //            new SecureRandom(new CryptoApiRandomGenerator())
        //            );
        //    }
        //}
        #endregion
        //        public static void dfsdfoui9()
        //        {
        //            //X509Certificate2 cert;

        //            //save to file
        //            var cert = new X509Certificate2(bytes, password, X509KeyStorageFlags.UserKeySet | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

        //            var store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
        //store.Open(OpenFlags.ReadWrite);
        //store.Add(cert);
        //store.Close();

        //            //key goes to C:\Users\Paul\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\62207B818FC553C92CC6D2C2F869603C190544FB

        //            //var file = Path.Combine(Path.GetTempPath(), "Octo-" + Guid.NewGuid());
        //            try
        //            {
        //                File.WriteAllBytes(file, bytes);
        //                return new X509Certificate2(file, /* ...options... */);
        //            }
        //            finally
        //            {
        //                File.Delete(file);
        //            }

        //            store.Remove(cert);
        //        }
        ///// <summary>
        /////
        ///// </summary>
        ///// <param name="subjectName">eg. "CN=127.0.01"</param>
        ///// <param name="durationInMins"></param>
        ///// <param name="issuerName">eg. "CN=MYTESTCA"</param>
        //public static X509Certificate2 GenerateAndRegisterSelfSignedCertificate(string subjectName, int durationInMins, string issuerName)
        //{
        //    try
        //    {
        //        AsymmetricKeyParameter myCAprivateKey = null;
        //        //generate a root CA cert and obtain the privateKey
        //        X509Certificate2 MyRootCAcert = GenerateCACertificate(issuerName, durationInMins, ref myCAprivateKey);
        //        //add CA cert to store
        //        AddCertToStore(MyRootCAcert, StoreName.Root, StoreLocation.LocalMachine);

        //        //generate cert based on the CA cert privateKey
        //        X509Certificate2 MyCert = GenerateSelfSignedCertificate(subjectName, durationInMins, issuerName, myCAprivateKey);
        //        //add cert to store
        //        AddCertToStore(MyCert, StoreName.My, StoreLocation.LocalMachine);
        //        return MyCert;
        //    }
        //    catch
        //    {
        //        return null;
        //    }
        //}


        //public static X509Certificate2 GenerateSelfSignedCertificate(string subjectName, int durationInMins, string issuerName, AsymmetricKeyParameter issuerPrivKey)
        //{
        //    const int keyStrength = 2048;

        //    // Generating Random Numbers
        //    CryptoApiRandomGenerator randomGenerator = new CryptoApiRandomGenerator();
        //    SecureRandom random = new SecureRandom(randomGenerator);

        //    // The Certificate Generator
        //    X509V3CertificateGenerator certificateGenerator = new X509V3CertificateGenerator();

        //    // Serial Number
        //    BigInteger serialNumber = BigIntegers.CreateRandomInRange(BigInteger.One, BigInteger.ValueOf(Int64.MaxValue), random);
        //    certificateGenerator.SetSerialNumber(serialNumber);

        //    // Signature Algorithm
        //    const string signatureAlgorithm = "SHA256WithRSA";
        //    certificateGenerator.SetSignatureAlgorithm(signatureAlgorithm);

        //    // Issuer and Subject Name
        //    X509Name subjectDN = new X509Name(subjectName);
        //    X509Name issuerDN = new X509Name(issuerName);
        //    certificateGenerator.SetIssuerDN(issuerDN);
        //    certificateGenerator.SetSubjectDN(subjectDN);

        //    // Valid For
        //    DateTime notBefore = DateTime.UtcNow.Date;
        //    DateTime notAfter = notBefore.AddMinutes(durationInMins);

        //    certificateGenerator.SetNotBefore(notBefore);
        //    certificateGenerator.SetNotAfter(notAfter);

        //    // Subject Public Key
        //    AsymmetricCipherKeyPair subjectKeyPair;
        //    var keyGenerationParameters = new KeyGenerationParameters(random, keyStrength);
        //    var keyPairGenerator = new RsaKeyPairGenerator();
        //    keyPairGenerator.Init(keyGenerationParameters);
        //    subjectKeyPair = keyPairGenerator.GenerateKeyPair();

        //    certificateGenerator.SetPublicKey(subjectKeyPair.Public);

        //    // Generating the Certificate
        //    AsymmetricCipherKeyPair issuerKeyPair = subjectKeyPair;

        //    // selfsign certificate
        //    Org.BouncyCastle.X509.X509Certificate certificate = certificateGenerator.Generate(issuerPrivKey, random);

        //    // correcponding private key
        //    PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(subjectKeyPair.Private);


        //    // merge into X509Certificate2
        //    X509Certificate2 x509 = new System.Security.Cryptography.X509Certificates.X509Certificate2(certificate.GetEncoded());

        //    Asn1Sequence seq = (Asn1Sequence)Asn1Object.FromByteArray(info.PrivateKey.GetDerEncoded());
        //    if (seq.Count != 9)
        //    {
        //        //throw new PemException("malformed sequence in RSA private key");
        //    }

        //    RsaPrivateKeyStructure rsa = new RsaPrivateKeyStructure(seq);
        //    RsaPrivateCrtKeyParameters rsaparams = new RsaPrivateCrtKeyParameters(
        //        rsa.Modulus, rsa.PublicExponent, rsa.PrivateExponent, rsa.Prime1, rsa.Prime2, rsa.Exponent1, rsa.Exponent2, rsa.Coefficient);

        //    x509.PrivateKey = DotNetUtilities.ToRSA(rsaparams);
        //    return x509;

        //}
        //    /// <summary>
        //    /// builds the boss cert
        //    /// </summary>
        //    /// <param name="subjectName"></param>
        //    /// <param name="CaPrivateKey"></param>
        //    /// <returns></returns>
        //    public static X509Certificate2 GenerateCACertificate(string subjectName, int durationInMins, out AsymmetricCipherKeyPair kp)
        //    {
        //        const int keyStrength = 2048;

        //        // Generating Random Numbers
        //        CryptoApiRandomGenerator randomGenerator = new CryptoApiRandomGenerator();
        //        SecureRandom random = new SecureRandom(randomGenerator);

        //        // The Certificate Generator
        //        X509V3CertificateGenerator certificateGenerator = new X509V3CertificateGenerator();


        //        var certName = new X509Name("CN=" + subjectName);
        //        BigInteger serialNumber = BigIntegers.CreateRandomInRange(BigInteger.One, BigInteger.ValueOf(Int64.MaxValue), random);

        //        certificateGenerator.SetSerialNumber(serialNumber);
        //        certificateGenerator.SetSubjectDN(certName);
        //        certificateGenerator.SetIssuerDN(certName);
        //        certificateGenerator.SetNotBefore(DateTime.Now);
        //        certificateGenerator.SetNotAfter(DateTime.Now.AddMinutes(durationInMins));
        //        certificateGenerator.SetSignatureAlgorithm("SHA256WithRSA");

        //        var kpgen = new RsaKeyPairGenerator();
        //        // certificate strength 1024 bits
        //        kpgen.Init(new KeyGenerationParameters(random, keyStrength));
        //        kp = kpgen.GenerateKeyPair();
        //        certificateGenerator.SetPublicKey(kp.Public);

        //        certificateGenerator.AddExtension(
        //X509Extensions.AuthorityKeyIdentifier.Id,
        //false,
        //new AuthorityKeyIdentifier(
        //    SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(kp.Public),
        //    new GeneralNames(new GeneralName(certName)),
        //    serialNumber));

        //        /*
        //         1.3.6.1.5.5.7.3.1 - id_kp_serverAuth
        //         1.3.6.1.5.5.7.3.2 - id_kp_clientAuth
        //         1.3.6.1.5.5.7.3.3 - id_kp_codeSigning
        //         1.3.6.1.5.5.7.3.4 - id_kp_emailProtection
        //         1.3.6.1.5.5.7.3.5 - id-kp-ipsecEndSystem
        //         1.3.6.1.5.5.7.3.6 - id-kp-ipsecTunnel
        //         1.3.6.1.5.5.7.3.7 - id-kp-ipsecUser
        //         1.3.6.1.5.5.7.3.8 - id_kp_timeStamping
        //         1.3.6.1.5.5.7.3.9 - OCSPSigning
        //         */
        //        certificateGenerator.AddExtension(
        //            X509Extensions.ExtendedKeyUsage.Id,
        //            false,
        //            new ExtendedKeyUsage(new[] { KeyPurposeID.IdKPServerAuth }));

        //        var newCert = certificateGenerator.Generate(kp.Private);

        //        return newCert;


        //        //// Generating the Certificate
        //        //AsymmetricCipherKeyPair issuerKeyPair = subjectKeyPair;

        //        //// selfsign certificate
        //        //Org.BouncyCastle.X509.X509Certificate certificate = certificateGenerator.Generate(issuerKeyPair.Private, random);
        //        //X509Certificate2 x509 = new System.Security.Cryptography.X509Certificates.X509Certificate2(certificate.GetEncoded());

        //        //CaPrivateKey = issuerKeyPair.Private;

        //        //return x509;

        //        //return issuerKeyPair.Private;
        //    }

        public static System.Security.Cryptography.X509Certificates.X509Certificate2 GetCert(string certName, System.Security.Cryptography.X509Certificates.StoreName st, System.Security.Cryptography.X509Certificates.StoreLocation sl)
        {
            System.Security.Cryptography.X509Certificates.X509Certificate2 cert = null;

            try
            {
                X509Store store = new X509Store(st, sl);
                store.Open(OpenFlags.ReadOnly);

                X509Certificate2Collection certs =
                    store.Certificates.Find(X509FindType.FindBySubjectName,
                                            certName,
                                            true);

                if (certs.Count > 0)
                {
                    cert = certs[0];
                }
                store.Close();
            }
            catch
            {
            }

            return(cert);
        }
Esempio n. 17
0
        public bool addCertToStore(System.Security.Cryptography.X509Certificates.X509Certificate2 cert, System.Security.Cryptography.X509Certificates.StoreName st, System.Security.Cryptography.X509Certificates.StoreLocation sl)
        {
            X509Store x509store;

            try
            {
                x509store = new X509Store(st, sl);
                x509store.Open(OpenFlags.ReadWrite);
                x509store.Add(cert);
                x509store.Close();
            }
            catch
            {
                return(false);
            }

            return(true);
        }