private async Task <Certificate> GetClientCertificate() { //await InstallCertificate(@"Assets\BigsbyRootCert.pfx", "RootCert"); await InstallCertificate(@"Assets\BigsbyClientCert.pfx", "ClientCert"); var names = new List <string>(); var certList = await CertificateStores.FindAllAsync(); var certs = certList.ToList(); var query = new CertificateQuery { FriendlyName = "ClientCert", }; var queried = (await CertificateStores.FindAllAsync(query)).ToList(); Certificate clientCert = null; // Always choose first enumerated certificate. Works so long as there is only one cert // installed and it's the right one. if ((null != certList) && (certList.Count > 0)) { clientCert = certList.First(); } return(queried.First()); }
async Task <Certificate> GetCertificate(MailboxAddress mailbox, bool sign) { var secure = mailbox as SecureMailboxAddress; var query = new CertificateQuery(); var now = DateTimeOffset.UtcNow; if (secure != null) { query.Thumbprint = HexDecode(secure.Fingerprint); } else { query.FriendlyName = mailbox.Address; } // TODO: filter on key usages foreach (var certificate in await CertificateStores.FindAllAsync(query)) { if (certificate.ValidFrom > now || certificate.ValidTo < now) { continue; } return(certificate); } return(null); }
private IReadOnlyList<Certificate> GetCertificatesFromWinRTStore(X509Certificate2 dotNetCertificate) { var query = new CertificateQuery { Thumbprint = dotNetCertificate.GetCertHash(), IncludeDuplicates = false }; return CertificateStores.FindAllAsync(query).AsTask().GetAwaiter().GetResult(); }
private IReadOnlyList <Certificate> GetCertificatesFromWinRTStore(X509Certificate2 dotNetCertificate) { var query = new CertificateQuery { Thumbprint = dotNetCertificate.GetCertHash(), IncludeDuplicates = false }; return(CertificateStores.FindAllAsync(query).AsTask().GetAwaiter().GetResult()); }
private async void DoGet(bool ignoreCertErrors, string key, string value, string friendlyName) { ResponseHeadersBlock.Text = String.Empty; CertErrorsBlock.Text = String.Empty; ResponseContentBlock.Text = String.Empty; HttpRequestMessage request = null; try { request = new HttpRequestMessage( HttpMethod.Get, new Uri(UriBox2.Text)); HttpBaseProtocolFilter filter = new HttpBaseProtocolFilter(); if (ignoreCertErrors) { filter.IgnorableServerCertificateErrors.Add(ChainValidationResult.Untrusted); filter.IgnorableServerCertificateErrors.Add(ChainValidationResult.InvalidName); filter.IgnorableServerCertificateErrors.Add(ChainValidationResult.RevocationFailure); } if (!String.IsNullOrEmpty(friendlyName)) { CertificateQuery query = new CertificateQuery(); query.FriendlyName = friendlyName; IReadOnlyCollection <Certificate> certs = await CertificateStores.FindAllAsync(query); filter.ClientCertificate = certs.ElementAt(0); } HttpClient client = new HttpClient(filter); if (!String.IsNullOrEmpty(key)) { client.DefaultRequestHeaders.Add(key, value); } HttpResponseMessage response = await client.SendRequestAsync(request); ResponseHeadersBlock.Text = response.ReasonPhrase; ResponseContentBlock.Text = await response.Content.ReadAsStringAsync(); } catch (Exception ex) { ResponseHeadersBlock.Text = ex.ToString(); // Something like: 'Untrusted, InvalidName, RevocationFailure' CertErrorsBlock.Text = String.Join( ", ", request.TransportInformation.ServerCertificateErrors); } }
private static void ValidateClientCertificate(X509Certificate2 certificate) { #if FEATURE_NETNATIVE var query = new CertificateQuery { Thumbprint = certificate.GetCertHash(), IncludeDuplicates = false, StoreName = "MY" }; if (CertificateStores.FindAllAsync(query).AsTask().GetAwaiter().GetResult().Count == 0) { throw ExceptionHelper.PlatformNotSupported("Certificate could not be found in the MY store."); } ; #endif // FEATURE_NETNATIVE }
private async Task <Certificate> FindCertificate(IDictionary <string, string> challengeData) { CertificateQuery query = new CertificateQuery(); IReadOnlyList <Certificate> certificates = null; string errMessage = null; if (challengeData.ContainsKey("CertAuthorities")) { errMessage = "Cert Authorities:" + challengeData["CertAuthorities"]; PlatformPlugin.Logger.Verbose(null, "Looking up certificate matching authorities:" + challengeData["CertAuthorities"]); string[] certAuthorities = challengeData["CertAuthorities"].Split(';'); foreach (var certAuthority in certAuthorities) { //reverse the tokenized string and replace "," with " + " string[] dNames = certAuthority.Split(new[] { "," }, StringSplitOptions.None); string distinguishedIssuerName = dNames[dNames.Length - 1]; for (int i = dNames.Length - 2; i >= 0; i--) { distinguishedIssuerName += " + " + dNames[i].Trim(); } query.IssuerName = distinguishedIssuerName; certificates = await CertificateStores.FindAllAsync(query); if (certificates.Count > 0) { break; } } } else { errMessage = "Cert Thumbprint:" + challengeData["CertThumbprint"]; PlatformPlugin.Logger.Verbose(null, "Looking up certificate matching thumbprint:" + challengeData["CertThumbprint"]); query.Thumbprint = HexStringToByteArray(challengeData["CertThumbprint"]); certificates = await CertificateStores.FindAllAsync(query); } if (certificates == null || certificates.Count == 0) { throw new AdalException(AdalError.DeviceCertificateNotFound, string.Format(AdalErrorMessage.DeviceCertificateNotFoundTemplate, errMessage)); } return(certificates[0]); }
private async Task <Certificate> FindCertificateFromStoreAsync() { // Find the client certificate for authentication. If not found, it means it has not been installed. CertificateQuery query = new CertificateQuery(); query.IssuerName = ClientCertIssuerName; query.FriendlyName = ClientCertFriendlyName; IReadOnlyList <Certificate> certs = await CertificateStores.FindAllAsync(query); if (certs.Count == 0) { return(null); } // This sample installs only one certificate, so if we find one, it must be ours. return(certs[0]); }
/// <summary> /// Returns a certificate with a given name /// </summary> /// <param name="certName">Name of cert we are going to look for</param> /// <returns>null if the cert isn't there, otherwise the cert that was found.</returns> public static async Task <Certificate> FindCert(string certName) { // Work around for the TplEventListener not working correctly. // https://social.msdn.microsoft.com/Forums/windowsapps/en-US/3e505e04-7f30-4313-aa47-275eaef333dd/systemargumentexception-use-of-undefined-keyword-value-1-for-event-taskscheduled-in-async?forum=wpdevelop await Task.Delay(1); // Do the CERT query var query = new CertificateQuery(); query.FriendlyName = certName; var certificates = await CertificateStores.FindAllAsync(query); if (certificates.Count != 1) { return(null); } return(certificates[0]); }
private async void Button_Click(object sender, RoutedEventArgs e) { try { CertificateQuery q = new CertificateQuery(); q.HardwareOnly = true; q.IssuerName = "Citizen CA"; IReadOnlyList <Certificate> certs = await CertificateStores.FindAllAsync(q); FileOpenPicker openPicker = new FileOpenPicker(); openPicker.ViewMode = PickerViewMode.Thumbnail; openPicker.SuggestedStartLocation = PickerLocationId.ComputerFolder; openPicker.FileTypeFilter.Add(".p12"); openPicker.FileTypeFilter.Add(".acc-p12"); StorageFile file = await openPicker.PickSingleFileAsync(); } catch { } }
/// <summary> /// Finds a certificate in the store. /// </summary> /// <param name="hStore">The handle for the store to search.</param> /// <param name="thumbprint">The thumbprint of the certificate to find.</param> /// <returns>The context for the matching certificate.</returns> private static async Task <IBuffer> FindCertificate(string thumbprint) { byte[] byteThumbprint = new byte[thumbprint.Length]; for (int i = 0; i < thumbprint.Length; i++) { byteThumbprint[i] = (byte)thumbprint[i]; } CertificateQuery query = new CertificateQuery(); query.Thumbprint = byteThumbprint; IReadOnlyList <Certificate> list = await CertificateStores.FindAllAsync(query); if (list.Count > 0) { return(list[0].GetCertificateBlob()); } else { return(null); } }
/// <summary> /// Gets the private key for the certificate matching the specified selector. /// </summary> /// <remarks> /// Gets the private key for the first certificate that matches the specified selector. /// </remarks> /// <returns>The private key on success; otherwise <c>null</c>.</returns> /// <param name="selector">The search criteria for the private key.</param> protected virtual async Task <AsymmetricKeyParameter> GetPrivateKeyAsync(IX509Selector selector) { // first we need to find the certificate... var match = selector as X509CertStoreSelector; var query = new CertificateQuery(); if (match == null) { return(null); } if (match.Certificate != null) { query.Thumbprint = HexDecode(match.Certificate.GetFingerprint()); } if (match.Issuer != null) { query.IssuerName = match.Issuer.ToString(); } var certificates = await CertificateStores.FindAllAsync(query); var certificate = certificates.FirstOrDefault(); if (certificate == null) { return(null); } // now get the key // TODO: what hash algo/padding do we want? does it matter? var key = await PersistedKeyProvider.OpenKeyPairFromCertificateAsync(certificate, HashAlgorithmNames.Sha256, CryptographicPadding.RsaPkcs1V15); var buffer = key.Export(CryptographicPrivateKeyBlobType.Pkcs1RsaPrivateKey); return(LoadPrivateKey(buffer)); }
/// <summary cref="ICertificateStore.Add(X509Certificate2)" /> public async Task Add(X509Certificate2 certificate) { if (certificate == null) { throw new ArgumentNullException("certificate"); } // check for existing certificate. byte[] thumbprint = new byte[certificate.Thumbprint.Length]; for (int i = 0; i < certificate.Thumbprint.Length; i++) { thumbprint[i] = (byte)certificate.Thumbprint[i]; } CertificateQuery query = new CertificateQuery(); query.Thumbprint = thumbprint; IReadOnlyList <Certificate> pCertContext = await CertificateStores.FindAllAsync(query); if (pCertContext.Count != 0) { throw ServiceResultException.Create( StatusCodes.BadUnexpectedError, "Certificate is already in the store.\r\nType={0}, Name={1}, Subject={2}", m_storeType, m_symbolicName, certificate.Subject); } lock (m_lock) { // add certificate. CertificateFactory.AddCertificateToWindowsStore( m_storeType == WindowsStoreType.LocalMachine, m_symbolicName, certificate); } }
/// <summary cref="ICertificateStore.Delete(string)" /> public async Task <bool> Delete(string thumbprint) { // open store. CertificateStore hStore = OpenStore(false, false, false); if (hStore == null) { return(false); } // find certificate. byte[] byteThumbprint = new byte[thumbprint.Length]; for (int i = 0; i < thumbprint.Length; i++) { byteThumbprint[i] = (byte)thumbprint[i]; } CertificateQuery query = new CertificateQuery(); query.Thumbprint = byteThumbprint; IReadOnlyList <Certificate> list = await CertificateStores.FindAllAsync(query); // delete certificate. if (list.Count > 0) { lock (m_lock) { hStore.Delete(list[0]); } return(true); } else { return(false); } }
private async void Button_Click(object sender, RoutedEventArgs e) { try { CertificateQuery q = new CertificateQuery(); q.HardwareOnly = true; q.IssuerName = "Citizen CA"; IReadOnlyList<Certificate> certs = await CertificateStores.FindAllAsync(q); FileOpenPicker openPicker = new FileOpenPicker(); openPicker.ViewMode = PickerViewMode.Thumbnail; openPicker.SuggestedStartLocation = PickerLocationId.ComputerFolder; openPicker.FileTypeFilter.Add(".p12"); openPicker.FileTypeFilter.Add(".acc-p12"); StorageFile file = await openPicker.PickSingleFileAsync(); } catch { } }
/// <summary cref="ICertificateStore.Delete(string)" /> public async Task<bool> Delete(string thumbprint) { // open store. CertificateStore hStore = OpenStore(false, false, false); if (hStore == null) { return false; } // find certificate. byte[] byteThumbprint = new byte[thumbprint.Length]; for (int i = 0; i < thumbprint.Length; i++) { byteThumbprint[i] = (byte)thumbprint[i]; } CertificateQuery query = new CertificateQuery(); query.Thumbprint = byteThumbprint; IReadOnlyList<Certificate> list = await CertificateStores.FindAllAsync(query); // delete certificate. if (list.Count > 0) { lock (m_lock) { hStore.Delete(list[0]); } return true; } else { return false; } }
/// <summary> /// Finds a certificate in the store. /// </summary> /// <param name="hStore">The handle for the store to search.</param> /// <param name="thumbprint">The thumbprint of the certificate to find.</param> /// <returns>The context for the matching certificate.</returns> private static async Task<IBuffer> FindCertificate(string thumbprint) { byte[] byteThumbprint = new byte[thumbprint.Length]; for (int i = 0; i < thumbprint.Length; i++) { byteThumbprint[i] = (byte)thumbprint[i]; } CertificateQuery query = new CertificateQuery(); query.Thumbprint = byteThumbprint; IReadOnlyList<Certificate> list = await CertificateStores.FindAllAsync(query); if (list.Count > 0) { return list[0].GetCertificateBlob(); } else { return null; } }
private async void DoGet(bool ignoreCertErrors, string key, string value, string friendlyName) { ResponseHeadersBlock.Text = String.Empty; CertErrorsBlock.Text = String.Empty; ResponseContentBlock.Text = String.Empty; HttpRequestMessage request = null; try { request = new HttpRequestMessage( HttpMethod.Get, new Uri(UriBox2.Text)); HttpBaseProtocolFilter filter = new HttpBaseProtocolFilter(); if (ignoreCertErrors) { filter.IgnorableServerCertificateErrors.Add(ChainValidationResult.Untrusted); filter.IgnorableServerCertificateErrors.Add(ChainValidationResult.InvalidName); filter.IgnorableServerCertificateErrors.Add(ChainValidationResult.RevocationFailure); } if (!String.IsNullOrEmpty(friendlyName)) { CertificateQuery query = new CertificateQuery(); query.FriendlyName = friendlyName; IReadOnlyCollection<Certificate> certs = await CertificateStores.FindAllAsync(query); filter.ClientCertificate = certs.ElementAt(0); } HttpClient client = new HttpClient(filter); if (!String.IsNullOrEmpty(key)) { client.DefaultRequestHeaders.Add(key, value); } HttpResponseMessage response = await client.SendRequestAsync(request); ResponseHeadersBlock.Text = response.ReasonPhrase; ResponseContentBlock.Text = await response.Content.ReadAsStringAsync(); } catch (Exception ex) { ResponseHeadersBlock.Text = ex.ToString(); // Something like: 'Untrusted, InvalidName, RevocationFailure' CertErrorsBlock.Text = String.Join( ", ", request.TransportInformation.ServerCertificateErrors); } }