public KeyStoreViewModel(SystemX509.StoreName storeName, SystemX509.StoreLocation storeLocation) { var storeBuilder = new Pkcs12StoreBuilder(); _store = storeBuilder.Build(); Name = String.Format("System KeyStore: [{0} : {1}]", storeLocation.ToString(), storeName.ToString()); Load(storeName, storeLocation); }
private static bool TryFindCertificatesInStore(string thumbprint, System.Security.Cryptography.X509Certificates.StoreLocation location, out X509Certificate2Collection certificates) { X509Store store = new X509Store(StoreName.My, location); store.Open(OpenFlags.ReadOnly); certificates = store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, false); return(certificates != null && certificates.Count > 0); }
private void refresh(System.Security.Cryptography.X509Certificates.StoreLocation storeLocation, TreeNode parentNode) { var certificateNodes = certificatesRepository.Get(storeLocation); foreach (var cert in certificateNodes) { var node = parentNode.Nodes.Add(cert.StoreName); node.Tag = cert.Certificates; } }
/// <summary> /// Loads the specified system keystore and puts /// the keys store in read-only mode /// </summary> /// <param name="storeName">one of the enum values </param> /// <param name="storelocation">one of the enum values</param> public void Load(SystemX509.StoreName storeName, SystemX509.StoreLocation storelocation) { ReadOnlyKeyStore = true; _listItems.Clear(); var store = new SystemX509.X509Store(storeName, storelocation); store.Open(SystemX509.OpenFlags.ReadOnly); foreach (SystemX509.X509Certificate2 cert in store.Certificates) { AddEntry(cert.FriendlyName, DotNetUtilities.FromX509Certificate(cert), null); } }
private const int StreamCutOffSize = 10 * 1024; //10KB private static bool TryFindCertificatesInStore(string thumbprint, System.Security.Cryptography.X509Certificates.StoreLocation location, out X509Certificate2Collection certificates) { X509Certificate2Collection found = null; DiskDataStore.X509StoreWrapper(StoreName.My, location, (store) => { store.Open(OpenFlags.ReadOnly); found = store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, false); }); certificates = found; return(certificates != null && certificates.Count > 0); }
public static bool addCertToStore( System.Security.Cryptography.X509Certificates.X509Certificate2 cert, System.Security.Cryptography.X509Certificates.StoreName st, System.Security.Cryptography.X509Certificates.StoreLocation sl ) { bool bRet = false; try { X509Store store = new X509Store(st, sl); store.Open(OpenFlags.ReadWrite); store.Add(cert); store.Close(); } catch { } return(bRet); }
internal X509Store(string name, StoreLocation location, OpenFlags flags) { _name = name; _location = location; // Open handle uint dwFlags = 0; if ((flags & OpenFlags.IncludeArchived) == OpenFlags.IncludeArchived) { dwFlags |= 0x200; } if ((flags & OpenFlags.MaxAllowed) == OpenFlags.MaxAllowed) { dwFlags |= 0x1000; } if ((flags & OpenFlags.OpenExistingOnly) == OpenFlags.OpenExistingOnly) { dwFlags |= 0x4000; } if ((flags & OpenFlags.ReadWrite) == 0) { dwFlags |= 0x8000; } if ((_location == StoreLocation.CurrentUser)) { dwFlags |= 0x10000; } if ((_location == StoreLocation.LocalMachine)) { dwFlags |= 0x20000; } _handle = CertOpenStore("System", 0x00010001, IntPtr.Zero, dwFlags, _name); if (_handle.IsInvalid) { throw new CryptographicException("CertOpenStore failed"); } }
/// <summary> /// Construct a CertificatesAuthority object with a default name and in the store of the current user /// </summary> /// <param name="name">Name of the certification authority.</param> public CertificatesAuthority(string name) { authorityName_ = name != null ? X509NameFromString(name) : null; store_ = MSX509.StoreLocation.CurrentUser; }
public async Task <X509Certificate2> GetCertificateFromStore(string storename, System.Security.Cryptography.X509Certificates.StoreLocation location) { //to access to store we need to specify store name and location X509Store x509Store = new X509Store(storename, location); //obtain read only access to get cert x509Store.Open(OpenFlags.ReadOnly); return(x509Store.Certificates[0]); }
/*private void WriteCertificate(string name, byte[] raw) * { * using(FileStream stream = new FileStream(GetCertificateFilePath(name), FileMode.Create, FileAccess.Write)) * stream.Write(raw, 0, raw.Length); * }*/ private MSX509.X509Certificate2 LoadCertificate(string name, MSX509.StoreName storeName, MSX509.StoreLocation location) { if (certificates_.ContainsKey(name)) { return(certificates_[name]); } MSX509.X509Store store = new MSX509.X509Store(storeName, location); store.Open(MSX509.OpenFlags.ReadOnly); var certificates = store.Certificates.Find(MSX509.X509FindType.FindBySubjectName, name, true); store.Close(); if (certificates.Count <= 0) { return(null); } state_.Logger.Information("X509v3 '{0}' loaded from store", name); MSX509.X509Certificate2 certificate = certificates[0]; certificates_[name] = certificate; return(certificate); }
private void StoreCertificate(string name, byte[] raw, RSA key, MSX509.StoreName storeName, MSX509.StoreLocation location) { PKCS12 p12 = BuildPkcs12(raw, key); MSX509.X509Certificate2 certificate = new MSX509.X509Certificate2(p12.GetBytes(), "advtools", MSX509.X509KeyStorageFlags.PersistKeySet | MSX509.X509KeyStorageFlags.MachineKeySet | MSX509.X509KeyStorageFlags.Exportable); MSX509.X509Store store = new MSX509.X509Store(storeName, location); store.Open(MSX509.OpenFlags.ReadWrite); store.Add(certificate); store.Close(); certificates_[name] = certificate; }
/// <summary> /// Construct a CertificatesAuthority object /// </summary> /// <param name="name">Name of the certification authority.</param> /// <param name="store">Where to store the certificates</param> public CertificatesAuthority(string name, MSX509.StoreLocation store) { authorityName_ = name != null?X509NameFromString(name) : null; store_ = store; }
private MSX509.X509Certificate2 LoadCertificate(X509Name name, MSX509.StoreName storeName, MSX509.StoreLocation location) { if (certificates_.ContainsKey(name)) { return(certificates_[name]); } string dn = name.ToString(); MSX509.X509Store store = new MSX509.X509Store(storeName, location); store.Open(MSX509.OpenFlags.ReadOnly); var certificates = store.Certificates.Find(MSX509.X509FindType.FindBySubjectDistinguishedName, dn, true); store.Close(); if (certificates.Count <= 0) { return(null); } MSX509.X509Certificate2 certificate = certificates[0]; certificates_[name] = certificate; return(certificate); }
/// <summary> /// Construct a CertificatesAuthority object /// </summary> /// <param name="name">Name of the certification authority.</param> /// <param name="store">Where to store the certificates</param> public CertificatesAuthority(string name, MSX509.StoreLocation store) { authorityName_ = name != null ? X509NameFromString(name) : null; store_ = store; }
internal static bool addCertToStore(System.Security.Cryptography.X509Certificates.X509Certificate2 cert, System.Security.Cryptography.X509Certificates.StoreName st, System.Security.Cryptography.X509Certificates.StoreLocation sl) { bool bRet = false; try { X509Store store = new X509Store(st, sl); store.Open(OpenFlags.ReadWrite); var certs = store.Certificates.Find(X509FindType.FindBySubjectDistinguishedName, cert.SubjectName.Name, false); //Remove existing Certificates foreach (X509Certificate2 cer in certs) { store.Remove(cer); } store.Add(cert); store.Close(); } catch { } return(bRet); }
//public static void SaveAsPVK(X509Certificate2 cert, string path) //{ // File.WriteAllBytes(path, cert.Export(X509ContentType.Pkcs12, (string)null)); //} //public static void SaveToPFX(X509Certificate newCert, // AsymmetricCipherKeyPair kp, // string FilePath, // string CertAlias, // string Password) //{ // //Org.BouncyCastle.X509.X509Certificate newCert, // var newStore = new Pkcs12Store(); // var certEntry = new X509CertificateEntry(newCert); // newStore.SetCertificateEntry( // CertAlias, // certEntry // ); // newStore.SetKeyEntry( // CertAlias, // new AsymmetricKeyEntry(kp.Private), // new[] { certEntry } // ); // using (var certFile = File.Create(FilePath)) // { // newStore.Save( // certFile, // Password.ToCharArray(), // new SecureRandom(new CryptoApiRandomGenerator()) // ); // } //} #endregion // public static void dfsdfoui9() // { // //X509Certificate2 cert; // //save to file // var cert = new X509Certificate2(bytes, password, X509KeyStorageFlags.UserKeySet | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable); // var store = new X509Store(StoreName.My, StoreLocation.LocalMachine); //store.Open(OpenFlags.ReadWrite); //store.Add(cert); //store.Close(); // //key goes to C:\Users\Paul\AppData\Roaming\Microsoft\SystemCertificates\My\Keys\62207B818FC553C92CC6D2C2F869603C190544FB // //var file = Path.Combine(Path.GetTempPath(), "Octo-" + Guid.NewGuid()); // try // { // File.WriteAllBytes(file, bytes); // return new X509Certificate2(file, /* ...options... */); // } // finally // { // File.Delete(file); // } // store.Remove(cert); // } ///// <summary> ///// ///// </summary> ///// <param name="subjectName">eg. "CN=127.0.01"</param> ///// <param name="durationInMins"></param> ///// <param name="issuerName">eg. "CN=MYTESTCA"</param> //public static X509Certificate2 GenerateAndRegisterSelfSignedCertificate(string subjectName, int durationInMins, string issuerName) //{ // try // { // AsymmetricKeyParameter myCAprivateKey = null; // //generate a root CA cert and obtain the privateKey // X509Certificate2 MyRootCAcert = GenerateCACertificate(issuerName, durationInMins, ref myCAprivateKey); // //add CA cert to store // AddCertToStore(MyRootCAcert, StoreName.Root, StoreLocation.LocalMachine); // //generate cert based on the CA cert privateKey // X509Certificate2 MyCert = GenerateSelfSignedCertificate(subjectName, durationInMins, issuerName, myCAprivateKey); // //add cert to store // AddCertToStore(MyCert, StoreName.My, StoreLocation.LocalMachine); // return MyCert; // } // catch // { // return null; // } //} //public static X509Certificate2 GenerateSelfSignedCertificate(string subjectName, int durationInMins, string issuerName, AsymmetricKeyParameter issuerPrivKey) //{ // const int keyStrength = 2048; // // Generating Random Numbers // CryptoApiRandomGenerator randomGenerator = new CryptoApiRandomGenerator(); // SecureRandom random = new SecureRandom(randomGenerator); // // The Certificate Generator // X509V3CertificateGenerator certificateGenerator = new X509V3CertificateGenerator(); // // Serial Number // BigInteger serialNumber = BigIntegers.CreateRandomInRange(BigInteger.One, BigInteger.ValueOf(Int64.MaxValue), random); // certificateGenerator.SetSerialNumber(serialNumber); // // Signature Algorithm // const string signatureAlgorithm = "SHA256WithRSA"; // certificateGenerator.SetSignatureAlgorithm(signatureAlgorithm); // // Issuer and Subject Name // X509Name subjectDN = new X509Name(subjectName); // X509Name issuerDN = new X509Name(issuerName); // certificateGenerator.SetIssuerDN(issuerDN); // certificateGenerator.SetSubjectDN(subjectDN); // // Valid For // DateTime notBefore = DateTime.UtcNow.Date; // DateTime notAfter = notBefore.AddMinutes(durationInMins); // certificateGenerator.SetNotBefore(notBefore); // certificateGenerator.SetNotAfter(notAfter); // // Subject Public Key // AsymmetricCipherKeyPair subjectKeyPair; // var keyGenerationParameters = new KeyGenerationParameters(random, keyStrength); // var keyPairGenerator = new RsaKeyPairGenerator(); // keyPairGenerator.Init(keyGenerationParameters); // subjectKeyPair = keyPairGenerator.GenerateKeyPair(); // certificateGenerator.SetPublicKey(subjectKeyPair.Public); // // Generating the Certificate // AsymmetricCipherKeyPair issuerKeyPair = subjectKeyPair; // // selfsign certificate // Org.BouncyCastle.X509.X509Certificate certificate = certificateGenerator.Generate(issuerPrivKey, random); // // correcponding private key // PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(subjectKeyPair.Private); // // merge into X509Certificate2 // X509Certificate2 x509 = new System.Security.Cryptography.X509Certificates.X509Certificate2(certificate.GetEncoded()); // Asn1Sequence seq = (Asn1Sequence)Asn1Object.FromByteArray(info.PrivateKey.GetDerEncoded()); // if (seq.Count != 9) // { // //throw new PemException("malformed sequence in RSA private key"); // } // RsaPrivateKeyStructure rsa = new RsaPrivateKeyStructure(seq); // RsaPrivateCrtKeyParameters rsaparams = new RsaPrivateCrtKeyParameters( // rsa.Modulus, rsa.PublicExponent, rsa.PrivateExponent, rsa.Prime1, rsa.Prime2, rsa.Exponent1, rsa.Exponent2, rsa.Coefficient); // x509.PrivateKey = DotNetUtilities.ToRSA(rsaparams); // return x509; //} // /// <summary> // /// builds the boss cert // /// </summary> // /// <param name="subjectName"></param> // /// <param name="CaPrivateKey"></param> // /// <returns></returns> // public static X509Certificate2 GenerateCACertificate(string subjectName, int durationInMins, out AsymmetricCipherKeyPair kp) // { // const int keyStrength = 2048; // // Generating Random Numbers // CryptoApiRandomGenerator randomGenerator = new CryptoApiRandomGenerator(); // SecureRandom random = new SecureRandom(randomGenerator); // // The Certificate Generator // X509V3CertificateGenerator certificateGenerator = new X509V3CertificateGenerator(); // var certName = new X509Name("CN=" + subjectName); // BigInteger serialNumber = BigIntegers.CreateRandomInRange(BigInteger.One, BigInteger.ValueOf(Int64.MaxValue), random); // certificateGenerator.SetSerialNumber(serialNumber); // certificateGenerator.SetSubjectDN(certName); // certificateGenerator.SetIssuerDN(certName); // certificateGenerator.SetNotBefore(DateTime.Now); // certificateGenerator.SetNotAfter(DateTime.Now.AddMinutes(durationInMins)); // certificateGenerator.SetSignatureAlgorithm("SHA256WithRSA"); // var kpgen = new RsaKeyPairGenerator(); // // certificate strength 1024 bits // kpgen.Init(new KeyGenerationParameters(random, keyStrength)); // kp = kpgen.GenerateKeyPair(); // certificateGenerator.SetPublicKey(kp.Public); // certificateGenerator.AddExtension( //X509Extensions.AuthorityKeyIdentifier.Id, //false, //new AuthorityKeyIdentifier( // SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(kp.Public), // new GeneralNames(new GeneralName(certName)), // serialNumber)); // /* // 1.3.6.1.5.5.7.3.1 - id_kp_serverAuth // 1.3.6.1.5.5.7.3.2 - id_kp_clientAuth // 1.3.6.1.5.5.7.3.3 - id_kp_codeSigning // 1.3.6.1.5.5.7.3.4 - id_kp_emailProtection // 1.3.6.1.5.5.7.3.5 - id-kp-ipsecEndSystem // 1.3.6.1.5.5.7.3.6 - id-kp-ipsecTunnel // 1.3.6.1.5.5.7.3.7 - id-kp-ipsecUser // 1.3.6.1.5.5.7.3.8 - id_kp_timeStamping // 1.3.6.1.5.5.7.3.9 - OCSPSigning // */ // certificateGenerator.AddExtension( // X509Extensions.ExtendedKeyUsage.Id, // false, // new ExtendedKeyUsage(new[] { KeyPurposeID.IdKPServerAuth })); // var newCert = certificateGenerator.Generate(kp.Private); // return newCert; // //// Generating the Certificate // //AsymmetricCipherKeyPair issuerKeyPair = subjectKeyPair; // //// selfsign certificate // //Org.BouncyCastle.X509.X509Certificate certificate = certificateGenerator.Generate(issuerKeyPair.Private, random); // //X509Certificate2 x509 = new System.Security.Cryptography.X509Certificates.X509Certificate2(certificate.GetEncoded()); // //CaPrivateKey = issuerKeyPair.Private; // //return x509; // //return issuerKeyPair.Private; // } public static System.Security.Cryptography.X509Certificates.X509Certificate2 GetCert(string certName, System.Security.Cryptography.X509Certificates.StoreName st, System.Security.Cryptography.X509Certificates.StoreLocation sl) { System.Security.Cryptography.X509Certificates.X509Certificate2 cert = null; try { X509Store store = new X509Store(st, sl); store.Open(OpenFlags.ReadOnly); X509Certificate2Collection certs = store.Certificates.Find(X509FindType.FindBySubjectName, certName, true); if (certs.Count > 0) { cert = certs[0]; } store.Close(); } catch { } return(cert); }
public bool addCertToStore(System.Security.Cryptography.X509Certificates.X509Certificate2 cert, System.Security.Cryptography.X509Certificates.StoreName st, System.Security.Cryptography.X509Certificates.StoreLocation sl) { X509Store x509store; try { x509store = new X509Store(st, sl); x509store.Open(OpenFlags.ReadWrite); x509store.Add(cert); x509store.Close(); } catch { return(false); } return(true); }