public bool ClearCertificateCache(bool bClearRoot) { _rwl.AcquireWriterLock(LOCK_TIMEOUT); _certificateCache.Clear(); if (bClearRoot) { _root = null; var store = new X509Store(StoreName.Root, StoreLocation.CurrentUser); try { store.Open(OpenFlags.OpenExistingOnly | OpenFlags.ReadWrite); var roots = store.Certificates.Find(X509FindType.FindBySubjectName, FIDDLER_ROOT_COMMON_NAME, true); store.RemoveRange(roots); } catch { return false; } finally { store.Close(); } } _rwl.ReleaseWriterLock(); return true; }
private static void Main(string[] args) { Task.Run(async () => { Console.WriteLine("Enter PIN: "); string pin = Console.ReadLine(); WebRequestHandler handler = new WebRequestHandler(); handler.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(ValidateServerCertificate); using (HttpClient client = new HttpClient(handler, true)) { client.BaseAddress = new Uri(string.Format(@"https://{0}:{1}", MachineName, RemotePort)); X509Store store = null; try { var response = await client.GetAsync("certs/" + pin); response.EnsureSuccessStatusCode(); byte[] rawCert = await response.Content.ReadAsByteArrayAsync(); X509Certificate2Collection certs = new X509Certificate2Collection(); certs.Import(rawCert, "", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.UserKeySet); store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.ReadWrite); X509Certificate2Collection oldCerts = new X509Certificate2Collection(); foreach (var cert in certs) { oldCerts.AddRange(store.Certificates.Find(X509FindType.FindBySubjectDistinguishedName, cert.Subject, false)); } store.RemoveRange(certs); store.AddRange(certs); store.Close(); Console.WriteLine("Success"); } catch (HttpRequestException e) { Console.WriteLine("Error communicating with vcremote. Make sure that vcremote is running in secure mode and that a new client cert has been generated."); } finally { if (store != null) { store.Close(); } } } }).Wait(); }
protected virtual bool DestroyCertificate(X509Store store, string certificateName) { lock (store) { X509Certificate2Collection certificates = null; try { store.Open(OpenFlags.ReadWrite); string certificateSubject = string.Format("CN={0}, O={1}", certificateName, Issuer); certificates = FindCertificates(store, certificateSubject); if (certificates != null) { store.RemoveRange(certificates); certificates = FindCertificates(store, certificateSubject); } return certificates == null; } catch (CryptographicException) { /* Certificate removal failed. */ return false; } finally { store.Close(); if (certificates == null && _certificateCache.ContainsKey(certificateName)) { _certificateCache.Remove(certificateName); } } } }
/* * removes all certificates matching subjectName from database */ internal static void RemoveCertificates(string subjectName) { foreach (sys.StoreLocation idxStore in new sys.StoreLocation[] { sys.StoreLocation.CurrentUser }) { sys.X509Store store = new sys.X509Store(idxStore); store.Open(sys.OpenFlags.ReadOnly); try { sys.X509Certificate2Collection coll = store.Certificates.Find(sys.X509FindType.FindBySubjectName, subjectName, false); if (coll.Count > 0) store.RemoveRange(coll); } finally { store.Close(); } } }
private void RemoveEntityCertificatesCore(X509Certificate2Collection certs, StoreName storeName, StoreLocation storeLocation) { X509Store x509Store = null; x509Store = new X509Store(storeName, storeLocation); x509Store.Open(OpenFlags.ReadWrite | OpenFlags.MaxAllowed); x509Store.RemoveRange(certs); x509Store.Close(); }
public bool ClearCertificateCache(bool bClearRoot) { _certificateCache.Clear(); if (bClearRoot) { _root = null; var store = new X509Store(StoreName.Root, StoreLocation.CurrentUser); try { store.Open(OpenFlags.OpenExistingOnly | OpenFlags.ReadWrite); var roots = store.Certificates.Find(X509FindType.FindBySubjectDistinguishedName, FIDDLER_ROOT_DN, true); store.RemoveRange(roots); } catch { return false; } finally { store.Close(); } } return true; }
public bool ClearCertificateCache(bool bRemoveRoot) { bool flag = true; try { X509Certificate2Collection certificates; this.GetWriterLock(); this.certServerCache.Clear(); this.certRoot = null; string sFullSubject = string.Format("CN={0}{1}", CONFIG.sMakeCertRootCN, CONFIG.sMakeCertSubjectO); if (bRemoveRoot) { certificates = FindCertsBySubject(StoreName.Root, StoreLocation.CurrentUser, sFullSubject); if (certificates.Count > 0) { X509Store store = new X509Store(StoreName.Root, StoreLocation.CurrentUser); store.Open(OpenFlags.OpenExistingOnly | OpenFlags.ReadWrite); try { store.RemoveRange(certificates); } catch { flag = false; } store.Close(); } } certificates = FindCertsByIssuer(StoreName.My, sFullSubject); if (certificates.Count <= 0) { return flag; } if (!bRemoveRoot) { X509Certificate2 rootCertificate = this.GetRootCertificate(); if (rootCertificate != null) { certificates.Remove(rootCertificate); if (certificates.Count < 1) { return true; } } } X509Store store2 = new X509Store(StoreName.My, StoreLocation.CurrentUser); store2.Open(OpenFlags.OpenExistingOnly | OpenFlags.ReadWrite); try { store2.RemoveRange(certificates); } catch { flag = false; } store2.Close(); } finally { this.FreeWriterLock(); } return flag; }
private static void UninstallAllCertificatesByIssuer(StoreName storeName, StoreLocation storeLocation, Dictionary<string, CertificateCacheEntry> cache, string issuerDistinguishedName) { lock (s_certificateLock) { X509Store store = null; try { // We assume Bridge is running elevated store = new X509Store(storeName, storeLocation); store.Open(OpenFlags.ReadWrite); var collection = store.Certificates.Find(X509FindType.FindByIssuerDistinguishedName, issuerDistinguishedName, false); Trace.WriteLine(string.Format("[CertificateManager] Forcibly removing {0} certificates from store where:", collection.Count)); Trace.WriteLine(string.Format(" {0} = {1}", "StoreName", storeName)); Trace.WriteLine(string.Format(" {0} = {1}", "StoreLocation", storeLocation)); Trace.WriteLine(string.Format(" {0} = {1}", "IssuedBy", issuerDistinguishedName)); foreach (var cert in collection) { Trace.WriteLine(string.Format(" {0} = {1}", "CN", cert.SubjectName.Name)); Trace.WriteLine(string.Format(" {0} = {1}", "Thumbpint", cert.Thumbprint)); } store.RemoveRange(collection); } finally { cache.Clear(); if (store != null) { store.Close(); } } } }
public void RemoveRange_Empty_Certificate () { X509Store xs = new X509Store ("ReadWriteStore"); xs.Open (OpenFlags.ReadWrite); // note: impossible to add cert_empty, so we add something else // to be sure we'll follow the complete code path (loop) of removal xs.AddRange (coll); xs.RemoveRange (new X509Certificate2Collection (cert_empty)); }
public void RemoveRange_OpenReadOnly_Existing () { X509Store xs = new X509Store ("ReadWriteStore"); xs.Open (OpenFlags.ReadWrite); xs.AddRange (coll); xs.Close (); xs.Open (OpenFlags.ReadOnly); xs.RemoveRange (coll); }
public void RemoveRange_OpenReadOnly_Unexisting () { X509Store xs = new X509Store ("ReadOnlyStore"); xs.Open (OpenFlags.ReadOnly); // note: cert1 wasn't present, RemoveRange "succeed" xs.RemoveRange (coll); }
public void RemoveRange_Empty () { X509Store xs = new X509Store (); xs.RemoveRange (coll_empty); }
public override IResult Execute(IResult previousResults) { X509Store store = null; try { var certificate = GetCertificateFromWrapper(); if (certificate == null) { Log.Warn("Certificate does not exist in settings store; cannot remove similiar certificates"); return new NextResult(); } var authorityKey = CertificateUtilities.GetAuthorityKeyFromCertificate(certificate); if (string.IsNullOrWhiteSpace(authorityKey)) { Log.WarnFormat("Cannot retrieve authority key from certificate; cannot remove similiar certificates"); return new NextResult(); } var subjectKey = CertificateUtilities.GetSubjectKeyFromCertificate(certificate); if (string.IsNullOrWhiteSpace(subjectKey)) { Log.WarnFormat("Cannot retrieve subject key from certificate; cannot remove similiar certificates"); return new NextResult(); } store = new X509Store(StoreName, StoreLocation.CurrentUser); store.Open(OpenFlags.ReadWrite); var instances = new X509Certificate2Collection(); foreach (var instance in store.Certificates) { // shouldn't remove new cert if (instance.Equals(certificate)) continue; if (!authorityKey.Equals( CertificateUtilities.GetAuthorityKeyFromCertificate(instance), StringComparison.InvariantCultureIgnoreCase)) continue; if (!subjectKey.Equals( CertificateUtilities.GetSubjectKeyFromCertificate(instance), StringComparison.InvariantCultureIgnoreCase)) Log.InfoFormat("Similar certificate found: serial number {0}; subject name {1}", instance.SerialNumber, instance.SubjectName.Name); instances.Add(instance); } if (instances.Count == 0) return new NextResult(); Log.InfoFormat("Removing {0} similar certificates", instances.Count); store.RemoveRange(instances); var notRemoved = new X509Certificate2Collection(); foreach (var instance in instances.Cast<X509Certificate2>().Where(instance => store.Certificates.Contains(instance))) { notRemoved.Add(instance); } if (notRemoved.Count == 0) Log.InfoFormat("{0} similiar certificates removed", instances.Count); else { foreach (var instance in notRemoved) Log.WarnFormat("Certificate with serial number {0} not removed", instance.SerialNumber); } return new NextResult(); } catch (Exception e) { return new ExceptionOccurred(e); } finally { if (store != null) store.Close(); } }