private void DeleteMI_Click(object sender, EventArgs e) { try { if (ItemsLV.SelectedItems.Count < 1) { return; } DialogResult result = MessageBox.Show( "Are you sure you wish to delete the certificates from the store?", "Delete Certificate", MessageBoxButtons.YesNo, MessageBoxIcon.Exclamation); if (result != DialogResult.Yes) { return; } // remove the certificates. List<ListViewItem> itemsToDelete = new List<ListViewItem>(); bool yesToAll = false; using (ICertificateStore store = m_storeId.OpenStore()) { for (int ii = 0; ii < ItemsLV.SelectedItems.Count; ii++) { X509Certificate2 certificate = ItemsLV.SelectedItems[ii].Tag as X509Certificate2; // check for private key. X509Certificate2 certificate2 = store.FindByThumbprint(certificate.Thumbprint); if (!yesToAll && certificate2.HasPrivateKey) { StringBuilder buffer = new StringBuilder(); buffer.Append("Certificate '"); buffer.Append(certificate2.Subject); buffer.Append("'"); buffer.Append("Deleting it may cause applications to stop working."); buffer.Append("\r\n"); buffer.Append("\r\n"); buffer.Append("Are you sure you wish to continue?."); DialogResult yesno = new YesNoDlg().ShowDialog(buffer.ToString(), "Delete Private Key", true); if (yesno == DialogResult.No) { continue; } yesToAll = yesno == DialogResult.Retry; } if (certificate != null) { store.Delete(certificate.Thumbprint); itemsToDelete.Add(ItemsLV.SelectedItems[ii]); } } } // remove the items. foreach (ListViewItem itemToDelete in itemsToDelete) { itemToDelete.Remove(); } } catch (Exception exception) { GuiUtils.HandleException(this.Text, MethodBase.GetCurrentMethod(), exception); Initialize(m_storeId, m_thumbprints); } }
private async void DeleteMI_Click(object sender, EventArgs e) { try { if (ItemsLV.SelectedItems.Count < 1) { return; } DialogResult result = MessageBox.Show( "Are you sure you wish to delete the certificates from the store?", "Delete Certificate", MessageBoxButtons.YesNo, MessageBoxIcon.Exclamation); if (result != DialogResult.Yes) { return; } // remove the certificates. List <ListViewItem> itemsToDelete = new List <ListViewItem>(); bool yesToAll = false; using (ICertificateStore store = m_storeId.OpenStore()) { for (int ii = 0; ii < ItemsLV.SelectedItems.Count; ii++) { X509Certificate2 certificate = ItemsLV.SelectedItems[ii].Tag as X509Certificate2; // check for private key. X509Certificate2Collection certificate2 = await store.FindByThumbprint(certificate.Thumbprint); if (!yesToAll && (certificate2.Count > 0) && certificate2[0].HasPrivateKey) { StringBuilder buffer = new StringBuilder(); buffer.Append("Certificate '"); buffer.Append(certificate2[0].Subject); buffer.Append("'"); buffer.Append("Deleting it may cause applications to stop working."); buffer.Append("\r\n"); buffer.Append("\r\n"); buffer.Append("Are you sure you wish to continue?."); DialogResult yesno = new YesNoDlg().ShowDialog(buffer.ToString(), "Delete Private Key", true); if (yesno == DialogResult.No) { continue; } yesToAll = yesno == DialogResult.Retry; } if (certificate != null) { await store.Delete(certificate.Thumbprint); itemsToDelete.Add(ItemsLV.SelectedItems[ii]); } } } // remove the items. foreach (ListViewItem itemToDelete in itemsToDelete) { itemToDelete.Remove(); } } catch (Exception exception) { GuiUtils.HandleException(this.Text, MethodBase.GetCurrentMethod(), exception); await Initialize(m_storeId, m_thumbprints); } }
/// <summary> /// Handles a certificate validation error. /// </summary> private bool HandleValidationError(X509Certificate2 certificate, ServiceResultException e) { StringBuilder buffer = new StringBuilder(); switch (e.StatusCode) { case StatusCodes.BadCertificateIssuerRevocationUnknown: { buffer.AppendFormat("Could not determine whether the issuing certificate was revoked."); buffer.Append("\r\n"); buffer.Append("Would you still like to accept the certificate?\r\n"); break; } case StatusCodes.BadCertificateIssuerTimeInvalid: { buffer.AppendFormat("The issuing certificate has expired or is not yet valid."); buffer.Append("\r\n"); buffer.Append("Would you still like to accept the certificate?\r\n"); break; } case StatusCodes.BadCertificateRevocationUnknown: { buffer.AppendFormat("Could not determine whether the certificate was revoked by the Certificate Authority."); buffer.Append("\r\n"); buffer.Append("Would you still like to accept the certificate?\r\n"); break; } case StatusCodes.BadCertificateTimeInvalid: { buffer.AppendFormat("The certificate has expired or is not yet valid."); buffer.Append("\r\n"); buffer.Append("Would you still like to accept the certificate?\r\n"); buffer.Append("\r\n"); buffer.Append("Certificate = "); buffer.Append(certificate.Subject); buffer.Append("\r\n"); buffer.Append("Valid From = "); buffer.Append(certificate.NotBefore.ToLocalTime()); buffer.Append("\r\n"); buffer.Append("Valid To = "); buffer.Append(certificate.NotBefore.ToLocalTime()); break; } case StatusCodes.BadCertificateUntrusted: { if (Utils.CompareDistinguishedName(certificate.Issuer, certificate.Subject)) { return true; } buffer.Append("This certificates was issued by an unknown Certificate Authority."); buffer.Append("This means it could have been altered and there is no way to detect changes."); buffer.Append("You should only accept it if you are absolutely certain the certificate has come via a secure channel from a legimate source."); buffer.Append("\r\n"); buffer.Append("\r\n"); buffer.Append("Would you still like to accept the certificate?\r\n"); buffer.Append("\r\n"); buffer.Append("Certificate = "); buffer.Append(certificate.Subject); buffer.Append("\r\n"); buffer.Append("Certificate Authority = "); buffer.Append(certificate.Issuer); break; } default: { buffer.Append("An error that cannot be ignored occurred during validation.\r\n"); buffer.Append("\r\n"); buffer.Append("Certificate = "); buffer.Append(certificate.Subject); buffer.Append("\r\n"); buffer.Append("ErrorCode = "); buffer.Append(StatusCodes.GetBrowseName(e.StatusCode)); buffer.Append("\r\n"); buffer.Append("Message = "); buffer.Append(e.Message); new YesNoDlg().ShowDialog(buffer.ToString(), "Certificate Validation Error"); return false; } } DialogResult result = new YesNoDlg().ShowDialog(buffer.ToString(), "Certificate Validation Error"); if (result != DialogResult.Yes) { return false; } return true; }
/// <summary> /// Validates a certificate and adds it to the trust list. /// </summary> private void ValidateAndImport(CertificateStoreIdentifier store, X509Certificate2 certificate) { if (store == null || certificate == null) { return; } // validate the certificate using the trust lists for the certificate tool. try { CertificateValidator validator = new CertificateValidator(); validator.Update(m_configuration); validator.Validate(certificate); } catch (ServiceResultException exception) { if (!HandleValidationError(certificate, exception)) { return; } } // confirm import. StringBuilder buffer = new StringBuilder(); buffer.Append("You are adding this certificate to a trust list that may be shared with other applications."); buffer.Append("\r\n"); buffer.Append("\r\n"); buffer.Append("Would you still like to accept the certificate?\r\n"); buffer.Append("\r\n"); buffer.Append("Target Trust List = "); buffer.Append(store.ToString()); buffer.Append("\r\n"); buffer.Append("Certificate to Add = "); buffer.Append(certificate.Subject); DialogResult result = new YesNoDlg().ShowDialog(buffer.ToString(), "Import Certificate to Trust List"); if (result != DialogResult.Yes) { return; } // update store. ICertificateStore physicalStore = store.OpenStore(); if (physicalStore.FindByThumbprint(certificate.Thumbprint) == null) { physicalStore.Add(new X509Certificate2(certificate.RawData)); } }
private void MergeTrustListBTN_Click(object sender, EventArgs e) { try { // get application. ManagedApplication application = ApplicationToManageCTRL.GetSelectedApplication();; if (application == null) { return; } // load the configuration. application.Reload(); CertificateStoreIdentifier store = GetDefaultStore(application, false); // chose trust list to import. CertificateStoreDlg dialog = new CertificateStoreDlg(); dialog.Text = "Select Certificate Trust List to use as Source"; CertificateStoreIdentifier id = dialog.ShowDialog(store); if (id == null) { return; } if (String.Compare(application.TrustList.StorePath, id.StorePath, StringComparison.OrdinalIgnoreCase) == 0) { MessageBox.Show("Selected Certificate Store is already the same as the Application Trust List", "Merge Trust List", MessageBoxButtons.OK, MessageBoxIcon.Error); return; } // check for private keys. StringBuilder buffer = new StringBuilder(); buffer.Append("This operation will add all of the certificates in the selected trust list to "); buffer.Append("the application trust list."); buffer.Append("\r\n"); buffer.Append("\r\n"); buffer.Append("Do you wish to proceed?\r\n"); buffer.Append("\r\n"); buffer.Append("Current Application Trust List = "); buffer.Append(application.TrustList.ToString()); buffer.Append("\r\n"); buffer.Append("Selected Trust List = "); buffer.Append(id.ToString()); DialogResult result = new YesNoDlg().ShowDialog(buffer.ToString(), "Merge Trust List"); if (result != DialogResult.Yes) { return; } // delete existing certificates. ICertificateStore targetStore = application.TrustList.OpenStore(); // add the certificates. ICertificateStore sourceStore = id.OpenStore(); foreach (X509Certificate2 certificate in sourceStore.Enumerate()) { if (targetStore.FindByThumbprint(certificate.Thumbprint) == null) { targetStore.Add(new X509Certificate2(certificate.RawData)); } } EditTrustListBTN_Click(sender, e); } catch (Exception exception) { GuiUtils.HandleException(this.Text, MethodBase.GetCurrentMethod(), exception); } }
private void ReplaceTrustListBTN_Click(object sender, EventArgs e) { try { // get application. ManagedApplication application = ApplicationToManageCTRL.GetSelectedApplication();; if (application == null) { return; } // load the configuration. application.Reload(); CertificateStoreIdentifier store = GetDefaultStore(application, false); // chose trust list to import. CertificateStoreDlg dialog = new CertificateStoreDlg(); dialog.Text = "Select Certificate Trust List to use as Source"; CertificateStoreIdentifier id = dialog.ShowDialog(store); if (id == null) { return; } if (String.Compare(application.TrustList.StorePath, id.StorePath, StringComparison.OrdinalIgnoreCase) == 0) { MessageBox.Show("Selected Certificate Store is already the same as the Application Trust List", "Replace Trust List", MessageBoxButtons.OK, MessageBoxIcon.Error); return; } // check for private keys. ICertificateStore targetStore = application.TrustList.OpenStore(); X509Certificate2Collection certificates = targetStore.Enumerate(); bool hasPrivateKeys = true; StringBuilder buffer = null; DialogResult result = DialogResult.None; while (hasPrivateKeys) { hasPrivateKeys = false; foreach (X509Certificate2 certificate in certificates) { if (certificate.HasPrivateKey) { hasPrivateKeys = true; buffer = new StringBuilder(); buffer.Append("The application's current trust list contains certificates with private keys.\r\n"); buffer.Append("Automatically deleting these certificates could break other applications. "); buffer.Append("\r\n"); buffer.Append("\r\n"); buffer.Append("Would you like to remove these certificates manually?\r\n"); buffer.Append("\r\n"); buffer.Append("Current Application Trust List = "); buffer.Append(application.TrustList.ToString()); buffer.Append("\r\n"); buffer.Append("Certificate with Private Key = "); buffer.Append(certificate.Subject); result = new YesNoDlg().ShowDialog(buffer.ToString(), "Warning Private Keys Found"); if (result != DialogResult.Yes) { return; } new CertificateListDlg().ShowDialog(application.TrustList, false); certificates = targetStore.Enumerate(); break; } } } buffer = new StringBuilder(); buffer.Append("This operation will delete all of the certificates in the current application trust list and "); buffer.Append("replace them with the certificates in the selected trust list."); buffer.Append("\r\n"); buffer.Append("\r\n"); buffer.Append("Do you wish to proceed?\r\n"); buffer.Append("\r\n"); buffer.Append("Current Application Trust List = "); buffer.Append(application.TrustList.ToString()); buffer.Append("\r\n"); buffer.Append("Selected Trust List = "); buffer.Append(id.ToString()); result = new YesNoDlg().ShowDialog(buffer.ToString(), "Replace Trust List"); if (result != DialogResult.Yes) { return; } // delete existing certificates. certificates = targetStore.Enumerate(); foreach (X509Certificate2 certificate in certificates) { if (!certificate.HasPrivateKey) { targetStore.Delete(certificate.Thumbprint); } } // copy the certificates. ICertificateStore sourceStore = id.OpenStore(); foreach (X509Certificate2 certificate in sourceStore.Enumerate()) { targetStore.Add(new X509Certificate2(certificate.RawData)); } EditTrustListBTN_Click(sender, e); } catch (Exception exception) { GuiUtils.HandleException(this.Text, MethodBase.GetCurrentMethod(), exception); } }