// 1 つの SSL 接続試行を処理する非同期関数
async Task PerformOneAsync(SslCertCollectorItem e, CancellationToken cancel = default)
{
using (ConnSock sock = await TcpIp.ConnectAsync(new TcpConnectParam(IPAddress.Parse(e.IpAddress), e.Port, connectTimeout: 5000), cancel))
{
using (SslSock ssl = await sock.SslStartClientAsync(new PalSslClientAuthenticationOptions(e.SniHostName, true)))
{
ILayerInfoSsl sslInfo = ssl.Info.Ssl;
PalX509Certificate cert = sslInfo.RemoteCertificate !;
Certificate cert2 = cert.PkiCertificate;
e.CertIssuer = cert2.CertData.IssuerDN.ToString()._MakeAsciiOneLinePrintableStr();
e.CertSubject = cert2.CertData.SubjectDN.ToString()._MakeAsciiOneLinePrintableStr();
e.CertFqdnList = cert2.HostNameList.Select(x => x.HostName)._Combine(",")._MakeAsciiOneLinePrintableStr();
e.CertHashSha1 = cert2.DigestSHA1Str;
e.CertNotAfter = cert2.CertData.NotAfter;
e.CertNotBefore = cert2.CertData.NotBefore;
// 無視リストに含まれないものだけを出力
if (Consts.Strings.AutoEnrollCertificateSubjectInStrList.Where(x => e.CertIssuer._InStr(x, true)).Any() == false)
{
this.ResultList.Add(e);
}
$"OK: {e.SniHostName}:{e.Port} => {e._ObjectToJson(compact: true)}"._Print();
}
}
}
public Certificate(PalX509Certificate cert)
{
ReadOnlyMemory <byte> data = cert.ExportCertificate();
Asn1InputStream decoder = new Asn1InputStream(data.ToArray());
Asn1Object obj = decoder.ReadObject();
Asn1Sequence seq = Asn1Sequence.GetInstance(obj);
X509CertificateStructure st = X509CertificateStructure.GetInstance(seq);
this.CertData = new X509Certificate(st);
InitFields();
}
PalX509Certificate GetX509CertificateInternal()
{
PalX509Certificate x509 = new PalX509Certificate(this.ExportPkcs12().Span);
return(x509);
}
public CertificateStore(PalX509Certificate certificate)
: this(certificate.ExportCertificateAndKeyAsP12().Span)
{
}