private X509SecurityToken getToken(string which) { X509SecurityToken token = null; X509CertificateStore store = null; string serverKeyIdentifier = "bBwPfItvKp3b6TNDq+14qs58VJQ="; //"po3h4Y4J8ITs/pW3acuRjpT8V1o="; string clientKeyIdentifier = "gBfo0147lM6cKnTbbMSuMVvmFY4="; //"Gu4aD7+bYTVtmSveoPIWTRtzD3M="; //string serverKeyIdentifier = "po3h4Y4J8ITs/pW3acuRjpT8V1o="; //string clientKeyIdentifier = "Gu4aD7+bYTVtmSveoPIWTRtzD3M="; store = X509CertificateStore.LocalMachineStore(X509CertificateStore.MyStore); store.OpenRead(); X509CertificateCollection coll; if (which == "server") { coll = store.FindCertificateByKeyIdentifier(Convert.FromBase64String(serverKeyIdentifier)); } else { coll = store.FindCertificateByKeyIdentifier(Convert.FromBase64String(clientKeyIdentifier)); } if (coll.Count > 0) { X509Certificate cert = (X509Certificate)coll[0]; RSA rsa = cert.Key; token = new X509SecurityToken(cert); } return(token); }
private static X509SecurityToken RetrieveTokenFromStore (X509CertificateStore store, string keyIdentifier) { if (store == null) throw new ArgumentNullException ("store"); X509SecurityToken token = null; try { if (store.OpenRead ()) { // Place the key ID of the certificate in a byte array // This KeyID represents the Wse2Quickstart certificate included with the WSE 2.0 Quickstarts // ClientBase64KeyId is defined in the ClientBase.AppBase class X509CertificateCollection certs = store.FindCertificateByKeyIdentifier (Convert.FromBase64String (keyIdentifier)); if (certs.Count > 0) { // Get the first certificate in the collection token = new X509SecurityToken (((X509Certificate) certs[0])); } } } finally { if (store != null) store.Close (); } return token; }
/// <summary> /// Retrieve the X509 certificate for a given subject name and location /// </summary> /// <param name="location">either CurrentUser store or LocalMachine store</param> /// <param name="subject">subject name</param> /// <returns>X509Certificate object</returns> public static X509Certificate SearchCertificateBySubjectName(string location, string subject) { X509CertificateStore x509Store = null; if (location == "CurrentUser") { x509Store = X509CertificateStore.CurrentUserStore(X509CertificateStore.MyStore); } else { x509Store = X509CertificateStore.LocalMachineStore(X509CertificateStore.MyStore); } bool open = x509Store.OpenRead(); X509Certificate certificate = null; foreach (X509Certificate cert in x509Store.Certificates) { if (subject.ToUpper() == cert.GetName().ToUpper()) { certificate = cert; break; } } return(certificate); }
private static X509SecurityToken RetrieveTokenFromStore(X509CertificateStore store, string keyIdentifier) { if (store == null) { throw new ArgumentNullException("store"); } X509SecurityToken token = null; try { if (store.OpenRead()) { // Place the key ID of the certificate in a byte array // This KeyID represents the Wse2Quickstart certificate included with the WSE 2.0 Quickstarts // ClientBase64KeyId is defined in the ClientBase.AppBase class X509CertificateCollection certs = store.FindCertificateByKeyIdentifier(Convert.FromBase64String(keyIdentifier)); if (certs.Count > 0) { // Get the first certificate in the collection token = new X509SecurityToken(((X509Certificate)certs[0])); } } } finally { if (store != null) { store.Close(); } } return(token); }
/** * sets proxy for all webrequests * opens current user's SSL certificates store */ public static void LoadHttpConfig() { Trace.WriteLine("Loading proxy settings"); try { _defaultProxy = LoadDefaultProxy(); } catch (Exception ex) { Trace.WriteLine("Error loading default proxy settings: " + ex); } GlobalProxySelection.Select = DefaultProxy; X509CertificateStore store = X509CertificateStore.CurrentUserStore(X509CertificateStore.MyStore); if (store.OpenRead()) { _certificates = store.Certificates; Trace.WriteLine("Number of current user's certificates: " + _certificates.Count, "HttpReader"); } Trace.WriteLine("Default connection limit: " + ServicePointManager.DefaultConnectionLimit); Trace.WriteLine("Max service point idle time: " + ServicePointManager.MaxServicePointIdleTime); Trace.WriteLine("Max service points: " + ServicePointManager.MaxServicePoints); }
public bool IsContactCertificateInStore(string strContactID) { bool bRetVal = false; X509CertificateStore certStore = X509CertificateStore.LocalMachineStore(X509CertificateStore.MyStore); if (certStore == null) { throw new Exception("Error opening Local Machine Store"); } if (certStore.OpenRead()) { X509CertificateCollection certColl = certStore.FindCertificateBySubjectName(strContactID); if (certColl.Count == 0) { bRetVal = false; } else { bRetVal = true; } } // Close the certificate store certStore.Close(); return(bRetVal); }
public static void EncryptContractNote(STPProvider.PostTradeServiceWse postTradeSvc) { //Open the current user certificate store and look for Personal category X509CertificateStore localStore = X509CertificateStore.CurrentUserStore(X509CertificateStore.MyStore); localStore.OpenRead(); //Find STP-Provider A Certificate X509CertificateCollection certCollection = localStore.FindCertificateBySubjectString("STP-Provider A"); X509Certificate provCert = certCollection[0]; //Create a new security token that is of X509 type //Token represent claim (authentication information) X509SecurityToken token = new X509SecurityToken(provCert); postTradeSvc.RequestSoapContext.Security.Tokens.Add(token); //Instruct WSE inbound filter to encrypt the message before it is transmitted over wire postTradeSvc.RequestSoapContext.Security.Elements.Add(new EncryptedData(token)); }
public void EncryptAckResponse() { //Open the current user certificate store and look for Personal category X509CertificateStore localStore = X509CertificateStore.CurrentUserStore(X509CertificateStore.MyStore); localStore.OpenRead(); //Find Vendor A Certificate X509CertificateCollection certCollection = localStore.FindCertificateBySubjectString("Vendor B"); X509Certificate provCert = certCollection[0]; //Create a new security token that is of X509 type //Token represent claim (authentication information) X509SecurityToken token = new X509SecurityToken(provCert); ResponseSoapContext.Current.Security.Tokens.Add(token); //Instruct WSE inbound filter to encrypt the message before it is transmitted over wire ResponseSoapContext.Current.Security.Elements.Add(new EncryptedData(token)); }
/// <summary> /// Returns the X.509 SecurityToken that will be used to encrypt the /// messages. /// </summary> /// <returns>Returns </returns> public X509SecurityToken GetEncryptionToken() { X509SecurityToken token = null; // // The certificate for the target receiver should have been imported // into the "My" certificate store. This store is listed as "Personal" // in the Certificate Manager // X509CertificateStore store = X509CertificateStore.CurrentUserStore(X509CertificateStore.MyStore); bool open = store.OpenRead(); try { // // Open a dialog to allow user to select the certificate to use // StoreDialog dialog = new StoreDialog(store); X509Certificate cert = dialog.SelectCertificate(IntPtr.Zero, "Select Certificate", "Choose a Certificate below for encrypting."); if (cert == null) { throw new ApplicationException("You chose not to select an X509 certificate for encrypting your messages."); } else if (!cert.SupportsDataEncryption) { throw new ApplicationException("The certificate must support key encipherment."); } else { token = new X509SecurityToken(cert); } } finally { if (store != null) { store.Close(); } } return(token); }
public static bool VerifySignFM(byte[] data, byte[] signedData) { //Open STP certificate store X509CertificateStore store = X509CertificateStore.CurrentUserStore("STPCertificateStore"); store.OpenRead(); //retrieve broker certificate X509Certificate brokerCertificate = store.Certificates[0]; Console.WriteLine("Certificate Subject :" + brokerCertificate.FriendlyDisplayName); Console.WriteLine("Valid From :" + brokerCertificate.GetEffectiveDateString()); Console.WriteLine("Valid To :" + brokerCertificate.GetExpirationDateString()); Console.WriteLine("Serial No:" + brokerCertificate.GetSerialNumberString()); //initialize RSA to use public key stored in broker certificate RSAParameters publicParam = brokerCertificate.Key.ExportParameters(false); RSACryptoServiceProvider rsCrypto = new RSACryptoServiceProvider(); rsCrypto.ImportParameters(publicParam); //verify digital signature return(rsCrypto.VerifyData(data, new SHA1Managed(), signedData)); }
/// <summary> /// Gets the security token for signing messages. /// </summary> /// <returns>Returns </returns> public X509SecurityToken GetSecurityToken() { X509SecurityToken securityToken; // // open the current user's certificate store // X509CertificateStore store = X509CertificateStore.CurrentUserStore(X509CertificateStore.MyStore); bool open = store.OpenRead(); try { // // Open a dialog to allow user to select the certificate to use // StoreDialog dialog = new StoreDialog(store); X509Certificate cert = dialog.SelectCertificate(IntPtr.Zero, "Select Certificate", "Choose a Certificate below for signing."); if (cert == null) { throw new ApplicationException("You chose not to select an X509 certificate for signing your messages."); } else if (!cert.SupportsDigitalSignature) { throw new ApplicationException("The certificate must support digital signatures and have a private key available."); } else { securityToken = new X509SecurityToken(cert); } } finally { if (store != null) { store.Close(); } } return(securityToken); }
public X509Certificate GetContactCertificate(string strContactID) { X509CertificateStore certStore = X509CertificateStore.LocalMachineStore(X509CertificateStore.MyStore); if (certStore == null) { throw new Exception("Error opening Local Machine Store"); } X509Certificate cert = null; if (certStore.OpenRead()) { X509CertificateCollection certColl = certStore.FindCertificateBySubjectName(strContactID); if (certColl.Count == 1) { cert = certColl[0]; } } // Close the certificate store certStore.Close(); return(cert); }
private static Microsoft.Web.Services2.Security.X509.X509Certificate X509CertificateByThumbprint(string Thumbprint) { X509Certificate x509 = null; if (string.IsNullOrEmpty(Thumbprint)) { throw new ArgumentNullException("Thumbprint is null or empty", new Exception("Thumbprint is mandatory")); } Thumbprint = Thumbprint.Replace("\u200e", string.Empty).Replace("\u200f", string.Empty).Replace(" ", string.Empty).Replace(":", string.Empty); X509CertificateStore store = new X509CertificateStore(X509CertificateStore.StoreProvider.System, X509CertificateStore.StoreLocation.LocalMachine, X509CertificateStore.RootStore); store.OpenRead(); foreach (X509Certificate cert in store.Certificates) { if (cert.GetCertHashString().Trim().ToUpper() == Thumbprint.Trim().ToUpper()) { x509 = cert; break; } } store.Close(); if (x509 == null) { store = new X509CertificateStore(X509CertificateStore.StoreProvider.System, X509CertificateStore.StoreLocation.LocalMachine, X509CertificateStore.MyStore); store.OpenRead(); foreach (X509Certificate cert in store.Certificates) { if (cert.GetCertHashString().Trim().ToUpper() == Thumbprint.Trim().ToUpper()) { x509 = cert; break; } } store.Close(); } if (x509 == null) { store = new X509CertificateStore(X509CertificateStore.StoreProvider.System, X509CertificateStore.StoreLocation.CurrentUser, X509CertificateStore.RootStore); store.OpenRead(); foreach (X509Certificate cert in store.Certificates) { if (cert.GetCertHashString().Trim().ToUpper() == Thumbprint.Trim().ToUpper()) { x509 = cert; break; } } store.Close(); } if (x509 == null) { store = new X509CertificateStore(X509CertificateStore.StoreProvider.System, X509CertificateStore.StoreLocation.CurrentUser, X509CertificateStore.MyStore); store.OpenRead(); foreach (X509Certificate cert in store.Certificates) { if (cert.GetCertHashString().Trim().ToUpper() == Thumbprint.Trim().ToUpper()) { x509 = cert; break; } } store.Close(); } if (x509 == null) { if (!string.IsNullOrEmpty(Thumbprint)) { throw new CryptographicException("A x509 certificate for " + Thumbprint + " was not found"); } else { throw new CryptographicException("A x509 certificate was not found"); } } return(x509); }