コード例 #1
0
ファイル: GrpcUtils.cs プロジェクト: esride-jts/ProSuite
        public static ChannelCredentials CreateChannelCredentials(
            bool useTls,
            [CanBeNull] string clientCertificate = null)
        {
            if (!useTls)
            {
                _msg.DebugFormat("Using insecure channel credentials");

                return(ChannelCredentials.Insecure);
            }

            string rootCertificatesAsPem =
                CertificateUtils.GetUserRootCertificatesInPemFormat();

            if (_msg.IsVerboseDebugEnabled)
            {
                _msg.DebugFormat("Trusted root credentials provided: {0}",
                                 rootCertificatesAsPem);
            }

            KeyCertificatePair sslClientCertificate = null;

            if (!string.IsNullOrEmpty(clientCertificate))
            {
                KeyPair keyPair = CertificateUtils.FindKeyCertificatePairFromStore(
                    clientCertificate, new[]
                {
                    X509FindType.FindBySubjectDistinguishedName,
                    X509FindType.FindByThumbprint,
                    X509FindType.FindBySubjectName
                }, StoreName.My, StoreLocation.CurrentUser);

                if (keyPair != null)
                {
                    _msg.Debug("Using client-side certificate");

                    sslClientCertificate =
                        new KeyCertificatePair(keyPair.PublicKey, keyPair.PrivateKey);
                }
                else
                {
                    throw new ArgumentException(
                              $"Could not usable find client certificate {clientCertificate} in certificate store.");
                }
            }

            var result = new SslCredentials(rootCertificatesAsPem, sslClientCertificate);

            return(result);
        }
コード例 #2
0
        private static KeyPair TryGetServerCertificateKeyPair(
            [NotNull] string certificate,
            [CanBeNull] string privateKeyFilePath)
        {
            KeyPair result;

            if (File.Exists(certificate))
            {
                _msg.DebugFormat("Using existing PEM file certificate: {0}.", certificate);

                Assert.NotNullOrEmpty(privateKeyFilePath, "Private key PEM file was not provided.");

                Assert.True(File.Exists(privateKeyFilePath),
                            $"Private key PEM file {privateKeyFilePath} was not found.");

                result = new KeyPair(File.ReadAllText(certificate),
                                     File.ReadAllText(privateKeyFilePath));

                _msg.InfoFormat("Using certificate from file {0}", certificate);
            }
            else
            {
                _msg.DebugFormat(
                    "No certificate PEM file found using {0}. Getting certificate from store.",
                    certificate);

                if (!string.IsNullOrEmpty(privateKeyFilePath))
                {
                    result = GetMixedKeyPair(certificate, privateKeyFilePath);
                }
                else
                {
                    // Find server certificate including private key from Store (Local Computer, Personal folder)
                    result =
                        CertificateUtils.FindKeyCertificatePairFromStore(
                            certificate,
                            new[]
                    {
                        X509FindType.FindBySubjectDistinguishedName,
                        X509FindType.FindByThumbprint
                    }, StoreName.My, StoreLocation.LocalMachine);
                }

                if (result == null)
                {
                    _msg.InfoFormat(
                        "No certificate could be found by '{0}'. Using insecure credentials (no TLS).",
                        certificate);
                }
                else
                {
                    _msg.InfoFormat("Using certificate from certificate store for TLS.");
                }
            }

            if (result != null && _msg.IsVerboseDebugEnabled)
            {
                _msg.DebugFormat("Certificate chain: {0}", result.PublicKey);
            }

            return(result);
        }