/// <summary> /// Imports certificates and keys from a pkcs12-encoded stream. /// </summary> /// <remarks> /// Imports certificates and keys from a pkcs12-encoded stream. /// </remarks> /// <param name="stream">The raw certificate and key data.</param> /// <param name="password">The password to unlock the stream.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="stream"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="password"/> is <c>null</c>.</para> /// </exception> public override void Import(Stream stream, string password) { if (stream == null) { throw new ArgumentNullException("stream"); } if (password == null) { throw new ArgumentNullException("password"); } var pkcs12 = new Pkcs12Store(stream, password.ToCharArray()); foreach (string alias in pkcs12.Aliases) { if (pkcs12.IsKeyEntry(alias)) { var chain = pkcs12.GetCertificateChain(alias); var entry = pkcs12.GetKey(alias); for (int i = 0; i < chain.Length; i++) { certificates.Add(chain[i].Certificate); } keys.Add(chain[0].Certificate, entry.Key); } else if (pkcs12.IsCertificateEntry(alias)) { var entry = pkcs12.GetCertificate(alias); certificates.Add(entry.Certificate); } } }
public static List <X509Certificate> InitStore(String p12FileName, char[] ksPass) { List <X509Certificate> certStore = new List <X509Certificate>(); string alias = null; Pkcs12Store pk12 = new Pkcs12Store(new FileStream(p12FileName, FileMode.Open, FileAccess.Read), ksPass); foreach (var a in pk12.Aliases) { alias = ((string)a); if (pk12.IsCertificateEntry(alias)) { certStore.Add(pk12.GetCertificate(alias).Certificate); } } return(certStore); }
/// <summary> /// Imports certificates and keys from a pkcs12-encoded stream. /// </summary> /// <remarks> /// Imports certificates and keys from a pkcs12-encoded stream. /// </remarks> /// <param name="stream">The raw certificate and key data in pkcs12 format.</param> /// <param name="password">The password to unlock the stream.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="stream"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="password"/> is <c>null</c>.</para> /// </exception> public override void Import(Stream stream, string password) { if (stream == null) { throw new ArgumentNullException(nameof(stream)); } if (password == null) { throw new ArgumentNullException(nameof(password)); } var pkcs12 = new Pkcs12Store(stream, password.ToCharArray()); foreach (string alias in pkcs12.Aliases) { if (pkcs12.IsKeyEntry(alias)) { var chain = pkcs12.GetCertificateChain(alias); var entry = pkcs12.GetKey(alias); for (int i = 0; i < chain.Length; i++) { Import(chain[i].Certificate); } var fingerprint = chain[0].Certificate.GetFingerprint(); if (!keys.ContainsKey(fingerprint)) { keys.Add(fingerprint, entry.Key); } } else if (pkcs12.IsCertificateEntry(alias)) { var entry = pkcs12.GetCertificate(alias); Import(entry.Certificate); } } }
private void RefreshStore() { _listItems.Clear(); foreach (String alias in _store.Aliases) { KeyStoreEntryType entryType; if (_store.IsCertificateEntry(alias)) { entryType = KeyStoreEntryType.TrustCertEntry; } else if (_store.IsKeyEntry(alias) && _store.GetCertificateChain(alias) != null && _store.GetCertificateChain(alias).Length != 0) { entryType = KeyStoreEntryType.KeyPairEntry; } else { entryType = KeyStoreEntryType.KeyEntry; } X509Certificate cert = _store.GetCertificate(alias).Certificate; _listItems.Add(new ListItemEntry(entryType, alias, cert, Repository.Instance.IsRevokedCertificate(cert.SerialNumber.ToString()))); } }
private static X509Certificate2 ConvertToCertificate2(Pkcs12Store store) { foreach (string alias in store.Aliases) { if (store.IsCertificateEntry(alias)) { var entry = store.GetCertificate(alias); } if (store.IsKeyEntry(alias)) { var entry = store.GetKey(alias); } } var senderCertStream = new MemoryStream(); store.Save(senderCertStream, new char[0], new SecureRandom()); var coll = new X509Certificate2Collection(); coll.Import(senderCertStream.ToArray()); return(coll.Cast <X509Certificate2>().First(x => x.HasPrivateKey)); }
/// <summary> /// Imports certificates and keys from a pkcs12-encoded stream. /// </summary> /// <remarks> /// Imports all of the certificates and keys from the pkcs12-encoded stream. /// </remarks> /// <param name="stream">The raw certificate and key data.</param> /// <param name="password">The password to unlock the data.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="stream"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="password"/> is <c>null</c>.</para> /// </exception> /// <exception cref="Org.BouncyCastle.Cms.CmsException"> /// An error occurred in the cryptographic message syntax subsystem. /// </exception> public override void Import(Stream stream, string password) { if (stream == null) { throw new ArgumentNullException(nameof(stream)); } if (password == null) { throw new ArgumentNullException(nameof(password)); } var pkcs12 = new Pkcs12Store(stream, password.ToCharArray()); var enabledAlgorithms = EnabledEncryptionAlgorithms; X509CertificateRecord record; foreach (string alias in pkcs12.Aliases) { if (pkcs12.IsKeyEntry(alias)) { var chain = pkcs12.GetCertificateChain(alias); var entry = pkcs12.GetKey(alias); int startIndex = 0; if (entry.Key.IsPrivate) { if ((record = dbase.Find(chain[0].Certificate, ImportPkcs12Fields)) == null) { record = new X509CertificateRecord(chain[0].Certificate, entry.Key); record.AlgorithmsUpdated = DateTime.UtcNow; record.Algorithms = enabledAlgorithms; record.IsTrusted = true; dbase.Add(record); } else { record.AlgorithmsUpdated = DateTime.UtcNow; record.Algorithms = enabledAlgorithms; if (record.PrivateKey == null) { record.PrivateKey = entry.Key; } record.IsTrusted = true; dbase.Update(record, ImportPkcs12Fields); } startIndex = 1; } for (int i = startIndex; i < chain.Length; i++) { Import(chain[i].Certificate, true); } } else if (pkcs12.IsCertificateEntry(alias)) { var entry = pkcs12.GetCertificate(alias); Import(entry.Certificate, true); } } }
public virtual ImportedKeySet Pkcs12Keys(KeyPurpose purpose, Stream input, Func <string> passwordPrompt = null, bool official = false, KeyType hint = null) { using (var password = CachedPrompt.Password(passwordPrompt)) { var keyStore = new Pkcs12Store(input, password.Prompt().ToCharArray()); var keys = new List <Key>(); foreach (string n in keyStore.Aliases) { if (keyStore.IsKeyEntry(n)) { AsymmetricKeyEntry key = keyStore.GetKey(n); if (key.Key.IsPrivate) { switch (key.Key) { case RsaPrivateCrtKeyParameters rsa: keys.Add(KeyFromBouncyCastle(rsa, purpose, official, hint)); break; case DsaPrivateKeyParameters dsa: if (purpose == KeyPurpose.SignAndVerify) { keys.Add(KeyFromBouncyCastle(dsa)); } break; } } } } if (!keys.Any()) { foreach (string n in keyStore.Aliases) { if (keyStore.IsCertificateEntry(n)) { var entry = keyStore.GetCertificate(n); var pubKey = entry.Certificate.GetPublicKey(); switch (pubKey) { case RsaKeyParameters rsa: keys.Add(KeyFromBouncyCastle(rsa, purpose, official, hint)); break; case DsaPublicKeyParameters dsa: if (purpose == KeyPurpose.SignAndVerify) { keys.Add(KeyFromBouncyCastle(dsa)); } break; } } } } if (keys.Any()) { return(new ImportedKeySet(keys, purpose, "imported keys")); } throw new InvalidKeySetException("couldn't find any keys in file"); } }