private string GetCommonName(X509Certificate2 certificate) { foreach (string element in X509Utils.ParseDistinguishedName(certificate.Subject)) { if (element.StartsWith("CN=", StringComparison.OrdinalIgnoreCase)) { return(element.Substring(3)); } } return("(unknown)"); }
private async Task DeleteExistingFromStore(string storePath) { if (String.IsNullOrEmpty(storePath)) { return; } using (DirectoryCertificateStore store = (DirectoryCertificateStore)CertificateStoreIdentifier.OpenStore(storePath)) { X509Certificate2Collection certificates = await store.Enumerate(); foreach (var certificate in certificates) { if (store.GetPrivateKeyFilePath(certificate.Thumbprint) != null) { continue; } List <string> fields = X509Utils.ParseDistinguishedName(certificate.Subject); if (fields.Contains("CN=UA Local Discovery Server")) { continue; } if (store is DirectoryCertificateStore ds) { string path = Utils.GetAbsoluteFilePath(m_application.CertificatePublicKeyPath, true, false, false); if (path != null) { if (String.Compare(path, ds.GetPublicKeyFilePath(certificate.Thumbprint), StringComparison.OrdinalIgnoreCase) == 0) { continue; } } path = Utils.GetAbsoluteFilePath(m_application.CertificatePrivateKeyPath, true, false, false); if (path != null) { if (String.Compare(path, ds.GetPrivateKeyFilePath(certificate.Thumbprint), StringComparison.OrdinalIgnoreCase) == 0) { continue; } } } await store.Delete(certificate.Thumbprint); } } }
/// <summary> /// Adds the certificate to the Trusted Certificate Store /// </summary> /// <param name="configuration">The application's configuration which specifies the location of the TrustedStore.</param> /// <param name="certificate">The certificate to register.</param> private static async Task AddToTrustedStore(ApplicationConfiguration configuration, X509Certificate2 certificate) { if (certificate == null) { throw new ArgumentNullException(nameof(certificate)); } string storePath = null; if (configuration != null && configuration.SecurityConfiguration != null && configuration.SecurityConfiguration.TrustedPeerCertificates != null) { storePath = configuration.SecurityConfiguration.TrustedPeerCertificates.StorePath; } if (String.IsNullOrEmpty(storePath)) { Utils.Trace(Utils.TraceMasks.Information, "WARNING: Trusted peer store not specified."); return; } try { ICertificateStore store = configuration.SecurityConfiguration.TrustedPeerCertificates.OpenStore(); if (store == null) { Utils.Trace("Could not open trusted peer store. StorePath={0}", storePath); return; } try { // check if it already exists. X509Certificate2Collection existingCertificates = await store.FindByThumbprint(certificate.Thumbprint); if (existingCertificates.Count > 0) { return; } Utils.Trace(Utils.TraceMasks.Information, "Adding certificate to trusted peer store. StorePath={0}", storePath); List <string> subjectName = X509Utils.ParseDistinguishedName(certificate.Subject); // check for old certificate. X509Certificate2Collection certificates = await store.Enumerate(); for (int ii = 0; ii < certificates.Count; ii++) { if (X509Utils.CompareDistinguishedName(certificates[ii], subjectName)) { if (certificates[ii].Thumbprint == certificate.Thumbprint) { return; } await store.Delete(certificates[ii].Thumbprint); break; } } // add new certificate. X509Certificate2 publicKey = new X509Certificate2(certificate.RawData); await store.Add(publicKey); } finally { store.Close(); } } catch (Exception e) { Utils.Trace(e, "Could not add certificate to trusted peer store. StorePath={0}", storePath); } }
/// <summary> /// Displays the dialog. /// </summary> public async Task<bool> ShowDialog(CertificateIdentifier certificate) { m_certificate = certificate; CertificateStoreCTRL.StoreType = null; CertificateStoreCTRL.StorePath = null; CertificateStoreCTRL.ReadOnly = true; ApplicationNameTB.Text = null; ApplicationUriTB.Text = null; OrganizationTB.Text = null; DomainsTB.Text = System.Net.Dns.GetHostName(); SubjectNameTB.Text = null; IssuerNameTB.Text = null; ValidFromTB.Text = null; ValidToTB.Text = null; ThumbprintTB.Text = null; if (certificate != null) { CertificateStoreCTRL.StoreType = certificate.StoreType; CertificateStoreCTRL.StorePath = certificate.StorePath; SubjectNameTB.Text = certificate.SubjectName; ThumbprintTB.Text = certificate.Thumbprint; X509Certificate2 data = await certificate.Find(); if (data != null) { // fill in subject name. StringBuilder buffer = new StringBuilder(); foreach (string element in X509Utils.ParseDistinguishedName(data.Subject)) { if (element.StartsWith("CN=")) { ApplicationNameTB.Text = element.Substring(3); } if (element.StartsWith("O=")) { OrganizationTB.Text = element.Substring(2); } if (buffer.Length > 0) { buffer.Append('/'); } buffer.Append(element); } if (buffer.Length > 0) { SubjectNameTB.Text = buffer.ToString(); } // fill in issuer name. buffer = new StringBuilder(); foreach (string element in X509Utils.ParseDistinguishedName(data.Issuer)) { if (buffer.Length > 0) { buffer.Append('/'); } buffer.Append(element); } if (buffer.Length > 0) { IssuerNameTB.Text = buffer.ToString(); } // fill in application uri. string applicationUri = X509Utils.GetApplicationUriFromCertificate(data); if (!String.IsNullOrEmpty(applicationUri)) { ApplicationUriTB.Text = applicationUri; } // fill in domains. buffer = new StringBuilder(); foreach (string domain in X509Utils.GetDomainsFromCertficate(data)) { if (buffer.Length > 0) { buffer.Append(", "); } buffer.Append(domain); } if (buffer.Length > 0) { DomainsTB.Text = buffer.ToString(); } ValidFromTB.Text = data.NotBefore.ToLocalTime().ToString("yyyy-MM-dd HH:mm:ss"); ValidToTB.Text = data.NotAfter.ToLocalTime().ToString("yyyy-MM-dd HH:mm:ss"); ThumbprintTB.Text = data.Thumbprint; } } if (ShowDialog() != DialogResult.OK) { return false; } return true; }
private async void ExportBTN_Click(object sender, EventArgs e) { try { const string caption = "Export Certificate"; if (m_currentDirectory == null) { m_currentDirectory = Utils.GetAbsoluteDirectoryPath("%LocalApplicationData%", false, false, false); } if (m_currentDirectory == null) { m_currentDirectory = Environment.CurrentDirectory; } X509Certificate2 certificate = await m_certificate.Find(); if (certificate == null) { MessageBox.Show("Cannot export an invalid certificate.", caption, MessageBoxButtons.OK, MessageBoxIcon.Error); return; } string displayName = null; foreach (string element in X509Utils.ParseDistinguishedName(certificate.Subject)) { if (element.StartsWith("CN=")) { displayName = element.Substring(3); break; } } StringBuilder filePath = new StringBuilder(); if (!String.IsNullOrEmpty(displayName)) { filePath.Append(displayName); filePath.Append(" "); } filePath.Append("["); filePath.Append(certificate.Thumbprint); filePath.Append("].der"); SaveFileDialog dialog = new SaveFileDialog(); dialog.CheckFileExists = false; dialog.CheckPathExists = true; dialog.DefaultExt = ".der"; dialog.Filter = "Certificate Files (*.der)|*.der|All Files (*.*)|*.*"; dialog.ValidateNames = true; dialog.Title = "Save Certificate File"; dialog.FileName = filePath.ToString(); dialog.InitialDirectory = m_currentDirectory; if (dialog.ShowDialog() != DialogResult.OK) { return; } FileInfo fileInfo = new FileInfo(dialog.FileName); m_currentDirectory = fileInfo.DirectoryName; // save the file. using (Stream ostrm = fileInfo.Open(FileMode.Create, FileAccess.ReadWrite, FileShare.None)) { byte[] data = certificate.RawData; ostrm.Write(data, 0, data.Length); } } catch (Exception exception) { GuiUtils.HandleException(this.Text, System.Reflection.MethodBase.GetCurrentMethod(), exception); } }
/// <summary> /// Updates an item in the view. /// </summary> protected override void UpdateItem(ListViewItem listItem, object item) { X509Certificate2 certificate = item as X509Certificate2; if (certificate == null) { base.UpdateItem(listItem, item); return; } listItem.SubItems[0].Text = null; listItem.SubItems[1].Text = null; listItem.SubItems[2].Text = null; listItem.SubItems[3].Text = null; listItem.SubItems[4].Text = null; listItem.SubItems[5].Text = null; if (certificate != null) { List <string> fields = X509Utils.ParseDistinguishedName(certificate.Subject); for (int ii = 0; ii < fields.Count; ii++) { if (fields[ii].StartsWith("CN=")) { listItem.SubItems[0].Text = fields[ii].Substring(3); } if (fields[ii].StartsWith("DC=")) { listItem.SubItems[1].Text = fields[ii].Substring(3); } } if (String.IsNullOrEmpty(listItem.SubItems[0].Text)) { listItem.SubItems[0].Text = String.Format("{0}", certificate.Subject); } // determine certificate type. foreach (X509Extension extension in certificate.Extensions) { X509BasicConstraintsExtension basicContraints = extension as X509BasicConstraintsExtension; if (basicContraints != null) { if (basicContraints.CertificateAuthority) { listItem.SubItems[1].Text = "CA"; } else { listItem.SubItems[1].Text = "End-Entity"; } break; } } // check if a private key is available. if (certificate.HasPrivateKey) { listItem.SubItems[2].Text = "Yes"; } else { listItem.SubItems[2].Text = "No"; } // look up domains. IList <string> domains = X509Utils.GetDomainsFromCertficate(certificate); StringBuilder buffer = new StringBuilder(); for (int ii = 0; ii < domains.Count; ii++) { if (buffer.Length > 0) { buffer.Append(";"); } buffer.Append(domains[ii]); } listItem.SubItems[3].Text = buffer.ToString(); listItem.SubItems[4].Text = X509Utils.GetApplicationUriFromCertificate(certificate); listItem.SubItems[5].Text = String.Format("{0:yyyy-MM-dd}", certificate.NotAfter); } listItem.ImageKey = GuiUtils.Icons.Certificate; listItem.Tag = item; }
public List <string> GetDomainNames(X509Certificate2 certificate) { List <string> domainNames = new List <string>(); if (!String.IsNullOrEmpty(Domains)) { var domains = Domains.Split(','); List <string> trimmedDomains = new List <string>(); foreach (var domain in domains) { var d = domain.Trim(); if (d.Length > 0) { trimmedDomains.Add(d); } } if (trimmedDomains.Count > 0) { return(trimmedDomains); } } if (DiscoveryUrl != null) { foreach (var discoveryUrl in DiscoveryUrl) { if (Uri.IsWellFormedUriString(discoveryUrl, UriKind.Absolute)) { string name = new Uri(discoveryUrl).DnsSafeHost; if (name == "localhost") { name = Utils.GetHostName(); } bool found = false; //domainNames.Any(n => String.Compare(n, name, StringComparison.OrdinalIgnoreCase) == 0); foreach (var domainName in domainNames) { if (String.Compare(domainName, name, StringComparison.OrdinalIgnoreCase) == 0) { found = true; break; } } if (!found) { domainNames.Add(name); } } } } if (domainNames != null && domainNames.Count > 0) { return(domainNames); } if (certificate != null) { var names = X509Utils.GetDomainsFromCertficate(certificate); if (names != null && names.Count > 0) { domainNames.AddRange(names); return(domainNames); } var fields = X509Utils.ParseDistinguishedName(certificate.Subject); string name = null; foreach (var field in fields) { if (field.StartsWith("DC=", StringComparison.Ordinal)) { if (name != null) { name += "."; } name += field.Substring(3); } } if (names != null) { domainNames.AddRange(names); return(domainNames); } } domainNames.Add(Utils.GetHostName()); return(domainNames); }