/// <summary> /// Attempts to install the given certificate in the host OS's trusted root store. /// </summary> /// <param name="certificate"> /// The certificate to install. /// </param> /// <param name="overwrite"> /// Whether or not to overwrite. If true, any and all certificates in the host OS store with /// a matching subject name will be deleted before the supplied certificate is installed. /// </param> public static void InstallCertificateInHostOsTrustStore(X509Certificate certificate, bool overwrite = false) { switch (Environment.OSVersion.Platform) { case PlatformID.Win32NT: { var store = new System.Security.Cryptography.X509Certificates.X509Store(System.Security.Cryptography.X509Certificates.StoreName.Root, System.Security.Cryptography.X509Certificates.StoreLocation.LocalMachine); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadWrite); if (overwrite) { UninstallCertificateInHostOsTrustStore(certificate); } store.Add(new System.Security.Cryptography.X509Certificates.X509Certificate2(certificate.GetEncoded())); store.Close(); } break; default: { throw new PlatformNotSupportedException("This operating system is currently unsupported."); } } }
} // End Sub UninstallCertificate /// <summary> /// Make current machine trust the Root Certificate used by this proxy /// </summary> /// <param name="storeName"></param> /// <param name="storeLocation"></param> /// <param name="certificate"></param> public static void InstallCertificate( System.Security.Cryptography.X509Certificates.X509Certificate2 certificate , System.Security.Cryptography.X509Certificates.StoreName storeName , System.Security.Cryptography.X509Certificates.StoreLocation storeLocation ) { if (certificate == null) { throw new System.Exception("Could not install certificate as it is null or empty."); } using (System.Security.Cryptography.X509Certificates.X509Store x509Store = new System.Security.Cryptography.X509Certificates.X509Store(storeName, storeLocation)) { // todo // also it should do not duplicate if certificate already exists try { x509Store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadWrite); x509Store.Add(certificate); } catch (System.Exception e) { throw new System.Exception("Failed to make system trust root certificate " + $" for {storeName}\\{storeLocation} store location. You may need admin rights.", e); } finally { x509Store.Close(); } } // End Using x509Store } // End Sub InstallCertificate
public bool DoesExist() { bool FoundCertificate = false; foreach (var storeValue in Enum.GetValues(typeof(System.Security.Cryptography.X509Certificates.StoreName))) { // Superfish should be in "Root" or "AuthRoot", but check ALL to be safe System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store((System.Security.Cryptography.X509Certificates.StoreName)storeValue); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly); foreach (System.Security.Cryptography.X509Certificates.X509Certificate2 mCert in store.Certificates) { if (IsSuperfishCert(mCert)) { Logging.Logger.Log(Logging.LogSeverity.Information, "Found Superfish certificate - Store: " + storeValue.ToString()); Logging.Logger.Log(Logging.LogSeverity.Information, " Certificate: " + mCert.Issuer); FoundCertificate = true; break; } } } return(FoundCertificate); }
private static System.Security.Cryptography.X509Certificates.X509Certificate2 GetCertificate() { System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store(System.Security.Cryptography.X509Certificates.StoreName.My, System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly | System.Security.Cryptography.X509Certificates.OpenFlags.OpenExistingOnly); System.Security.Cryptography.X509Certificates.X509Certificate2Collection collection = store.Certificates.Find(System.Security.Cryptography.X509Certificates.X509FindType.FindByTimeValid, DateTime.Now, false); collection = collection.Find(System.Security.Cryptography.X509Certificates.X509FindType.FindByIssuerName, "skbkontur.ru", false); System.Security.Cryptography.X509Certificates.X509Certificate2Collection scollection = null; while (true) { scollection = System.Security.Cryptography.X509Certificates.X509Certificate2UI.SelectFromCollection(collection, "Установленные на ПК сертификаты ЗАО ПФ СКБ Контур", "Сделайте выбор сертификата для подписания документов в системе диадок", System.Security.Cryptography.X509Certificates.X509SelectionFlag.MultiSelection); if (scollection.Count == 0) { throw new Exception("Внимание!!!: Сертификат не выбран!"); } if (scollection.Count == 1) { Console.WriteLine("Выбран сертификат: {0}", scollection[0].FriendlyName); break; } if (scollection.Count > 1) { Console.WriteLine("Внимание!!!: Выбрано более одного сертификата!\nСделайте уникальный выбор из доступных сертификатов для аутентификации в системе диадок."); continue; } break; } return(scollection[0]); }
FindCertificates( System.Security.Cryptography.X509Certificates.StoreName storeName , System.Security.Cryptography.X509Certificates.StoreLocation storeLocation , string findValue) { System.Security.Cryptography.X509Certificates.X509Certificate2Collection results = null; using (System.Security.Cryptography.X509Certificates.X509Store x509Store = new System.Security.Cryptography.X509Certificates.X509Store(storeName, storeLocation)) { try { x509Store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.OpenExistingOnly); results = x509Store.Certificates.Find( System.Security.Cryptography.X509Certificates.X509FindType .FindBySubjectDistinguishedName, findValue, false); } finally { x509Store.Close(); } } // End Using x509Store return(results); } // End Function FindCertificates
// CurrentUser.My:/root/.dotnet/corefx/cryptography/x509stores/my // CurrentUser.Root:/root/.dotnet/corefx/cryptography/x509stores/root public static void ListCertificates() { System.Console.WriteLine("\r\nExists Certs Name and Location"); System.Console.WriteLine("------ ----- -------------------------"); foreach (System.Security.Cryptography.X509Certificates.StoreLocation storeLocation in (System.Security.Cryptography.X509Certificates.StoreLocation[]) System.Enum.GetValues(typeof(System.Security.Cryptography.X509Certificates.StoreLocation))) { foreach (System.Security.Cryptography.X509Certificates.StoreName storeName in (System.Security.Cryptography.X509Certificates.StoreName[]) System.Enum.GetValues(typeof(System.Security.Cryptography.X509Certificates.StoreName))) { using (System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store(storeName, storeLocation)) { try { store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.OpenExistingOnly); string path = GetPath(store); System.Console.WriteLine("{0}.{1}:{2}", storeLocation, storeName, path); // Console.WriteLine("Yes {0,4} {1}, {2}", store.Certificates.Count, store.Name, store.Location); } catch (System.Security.Cryptography.CryptographicException) { // Console.WriteLine("No {0}, {1}", store.Name, store.Location); } } // End Using store } // Next storeName System.Console.WriteLine(); } // Next storeLocation } // End Sub ListCertificates
} // End Function LoadRootCertificate /// <summary> /// Remove the Root Certificate trust /// </summary> /// <param name="storeName"></param> /// <param name="storeLocation"></param> /// <param name="certificate"></param> public static void UninstallCertificate( System.Security.Cryptography.X509Certificates.X509Certificate2 certificate , System.Security.Cryptography.X509Certificates.StoreName storeName , System.Security.Cryptography.X509Certificates.StoreLocation storeLocation ) { if (certificate == null) { throw new System.Exception("Could not remove certificate as it is null or empty."); } using (System.Security.Cryptography.X509Certificates.X509Store x509Store = new System.Security.Cryptography.X509Certificates.X509Store(storeName, storeLocation)) { try { x509Store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadWrite); x509Store.Remove(certificate); } catch (System.Exception e) { throw new System.Exception("Failed to remove root certificate trust " + $" for {storeLocation} store location. You may need admin rights.", e); } finally { x509Store.Close(); } } // End Using x509Store } // End Sub UninstallCertificate
public static bool certExists() { // TODO: // StoreLocation.CurrentUser) using (System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store(System.Security.Cryptography.X509Certificates.StoreName.Root, System.Security.Cryptography.X509Certificates.StoreLocation.LocalMachine)) { store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly); System.Security.Cryptography.X509Certificates.X509Certificate2Collection certificates = store.Certificates.Find( System.Security.Cryptography.X509Certificates.X509FindType.FindBySubjectName, "subjectName", false ); if (certificates != null && certificates.Count > 0) { System.Console.WriteLine("Certificate already exists"); return(true); } } return(false); }
public bool DoesExist() { bool FoundCertificate = false; foreach (var storeValue in Enum.GetValues(typeof(System.Security.Cryptography.X509Certificates.StoreName))) { // Superfish should be in "Root" or "AuthRoot", but check ALL to be safe System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store((System.Security.Cryptography.X509Certificates.StoreName) storeValue); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly); foreach (System.Security.Cryptography.X509Certificates.X509Certificate2 mCert in store.Certificates) { if (IsSuperfishCert(mCert)) { Logging.Logger.Log(Logging.LogSeverity.Information, "Found Superfish certificate - Store: " + storeValue.ToString()); Logging.Logger.Log(Logging.LogSeverity.Information, " Certificate: " + mCert.Issuer); FoundCertificate = true; break; } } } return FoundCertificate; }
public static void EnumCertificates( string name , System.Security.Cryptography.X509Certificates.StoreLocation location) { using (System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store(name, location)) { try { store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly); foreach (System.Security.Cryptography.X509Certificates.X509Certificate2 certificate in store.Certificates) { PrintCertificateInfo(certificate); } } catch (System.Exception ex) { System.Console.WriteLine(ex.Message); } finally { store.Close(); } } }
public static string GetPath(System.Security.Cryptography.X509Certificates.X509Store store) { System.Type t = typeof(System.Security.Cryptography.X509Certificates.X509Store); System.Reflection.FieldInfo fi = t.GetField("_storePal" , System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic ); object obj = fi.GetValue(store); // System.Console.WriteLine(obj); // System.Type tt = System.Type.GetType("Internal.Cryptography.Pal.DirectoryBasedStoreProvider, System.Security.Cryptography.X509Certificates"); System.Type tt = obj.GetType(); // System.Console.WriteLine(obj); // private readonly string _storePath; System.Reflection.FieldInfo fi2 = tt.GetField("_storePath" , System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic | System.Reflection.BindingFlags.FlattenHierarchy); if (fi2 != null) { // object obj2 = fi2.GetValue(System.Convert.ChangeType(obj, tt)); object obj2 = fi2.GetValue(obj); string path = System.Convert.ToString(obj2); return(path); } return(null); }
/// <summary> /// Find a certificate in the Personal area of the cert store, by thumbprint /// </summary> /// <param name="theThumbprint"></param> /// <param name="theCertStoreName"</param> /// <returns></returns> private static System.Security.Cryptography.X509Certificates.X509Certificate2 FindCertByThumbprint(string theThumbprint, System.Security.Cryptography.X509Certificates.StoreName theCertStoreName, System.Security.Cryptography.X509Certificates.StoreLocation theCertLocation, bool SearchOnlyValidCerts) { System.Security.Cryptography.X509Certificates.X509Certificate2 theCert = null; System.Security.Cryptography.X509Certificates.X509Certificate2Collection allCerts; System.Security.Cryptography.X509Certificates.X509Store theStore = new System.Security.Cryptography.X509Certificates.X509Store(theCertStoreName, theCertLocation); theStore.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly); allCerts = theStore.Certificates.Find(System.Security.Cryptography.X509Certificates.X509FindType.FindByThumbprint, theThumbprint, SearchOnlyValidCerts); foreach (System.Security.Cryptography.X509Certificates.X509Certificate2 someCert in allCerts) { // take the first one found, it should be the only one matching the thumbprint anyway theCert = someCert; break; } if (null == theCert) { throw new System.Security.Cryptography.CryptographicException("Requested X509 certificate not found in requested store."); } return(theCert); }
private byte[] GetCACertsFromStore() { // get list of known CAs as Issuer certs from cert store // derived from PR idea by @pkiguy https://github.com/webprofusion/certify/pull/340 var store = new System.Security.Cryptography.X509Certificates.X509Store( System.Security.Cryptography.X509Certificates.StoreName.Root, System.Security.Cryptography.X509Certificates.StoreLocation.LocalMachine); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly); var allCACerts = store.Certificates; using (var writer = new StringWriter()) { var pemWriter = new PemWriter(writer); var certParser = new X509CertificateParser(); foreach (var c in allCACerts) { Org.BouncyCastle.X509.X509Certificate parsedCert = certParser.ReadCertificate(c.GetRawCertData()); pemWriter.WriteObject(parsedCert); } writer.Flush(); return(System.Text.ASCIIEncoding.ASCII.GetBytes(writer.ToString())); } }
/// <summary> /// Attempts to remove any and all certificates in the host OS's trusted root cert store that /// has the same subject name as the given certificate. /// </summary> /// <param name="certificate"> /// The certificate who's subject name to use for matching certificates that need to be removed. /// </param> public static void UninstallCertificateInHostOsTrustStore(X509Certificate certificate) { switch (Environment.OSVersion.Platform) { case PlatformID.Win32NT: { var store = new System.Security.Cryptography.X509Certificates.X509Store(System.Security.Cryptography.X509Certificates.StoreName.Root, System.Security.Cryptography.X509Certificates.StoreLocation.LocalMachine); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadWrite); foreach (var storeCert in store.Certificates) { if (storeCert.SubjectName.Format(false) == certificate.SubjectDN.ToString()) { // Cert with same subject exists. Remove. store.Remove(storeCert); } } } break; default: { throw new PlatformNotSupportedException("This operating system is currently unsupported."); } } }
protected static void AddCertToStore(X509Certificate2 cert, StoreName name, StoreLocation location) { X509Store store = new X509Store(name, location); store.Open(OpenFlags.ReadWrite); store.Add(cert); store.Close(); }
private static bool TryFindCertificatesInStore(string thumbprint, System.Security.Cryptography.X509Certificates.StoreLocation location, out System.Security.Cryptography.X509Certificates.X509Certificate2Collection certificates) { System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store(System.Security.Cryptography.X509Certificates.StoreName.My, location); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly); certificates = store.Certificates.Find(System.Security.Cryptography.X509Certificates.X509FindType.FindByThumbprint, thumbprint, false); store.Close(); return(certificates.Count > 0); }
/// <summary> /// Lädt ein Zertifikat in einen Zertifikatsspeicher /// </summary> /// <param name="certificate">Zertifikat</param> /// <param name="zertifikatziel">Bereich in dem Zertifikatsspeicher in dem das Zertifikat abgelegt werden soll</param> /// <param name="zertifikatspeicher">Zertifikatspeicher (Computerkonto, Benutzerkonto, Dienstkonto)</param> private static void LadeX509InZertifikatsspeicher(X509Certificate certificate, string passwort, System.Security.Cryptography.X509Certificates.StoreName zertifikatziel, System.Security.Cryptography.X509Certificates.StoreLocation zertifikatspeicher) { System.Security.Cryptography.X509Certificates.X509Certificate2 tempCert = new System.Security.Cryptography.X509Certificates.X509Certificate2(certificate.GetEncoded(), passwort, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.PersistKeySet); System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store(zertifikatziel, zertifikatspeicher); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadWrite); store.Add(tempCert); store.Close(); }
public static void Run() { // ExStart:1 // The path to the documents directory. string dataDir = RunExamples.GetDataDir_AsposePdf_SecuritySignatures(); File.Copy(dataDir + "blank.pdf", dataDir + "externalSignature1.pdf", true); using (FileStream fs = new FileStream(dataDir + "externalSignature1.pdf", FileMode.Open, FileAccess.ReadWrite)) { using (Document doc = new Document(fs)) { SignatureField field1 = new SignatureField(doc.Pages[1], new Rectangle(100, 400, 10, 10)); // Sign with certificate selection in the windows certificate store System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store(System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly); // Manually chose the certificate in the store System.Security.Cryptography.X509Certificates.X509Certificate2Collection sel = System.Security.Cryptography.X509Certificates.X509Certificate2UI.SelectFromCollection(store.Certificates, null, null, System.Security.Cryptography.X509Certificates.X509SelectionFlag.SingleSelection); Aspose.Pdf.Forms.ExternalSignature externalSignature = new Aspose.Pdf.Forms.ExternalSignature(sel[0]) { Authority = "Me", Reason = "Reason", ContactInfo = "Contact" }; field1.PartialName = "sig1"; doc.Form.Add(field1, 1); field1.Sign(externalSignature); doc.Save(); } } using (PdfFileSignature pdfSign = new PdfFileSignature(new Document(dataDir + "externalSignature1.pdf"))) { IList <string> sigNames = pdfSign.GetSignNames(); for (int index = 0; index <= sigNames.Count - 1; index++) { if (!pdfSign.VerifySigned(sigNames[index]) || !pdfSign.VerifySignature(sigNames[index])) { throw new ApplicationException("Not verified"); } } } // ExEnd:1 }
public IEnumerable <System.Security.Cryptography.X509Certificates.X509Certificate2> Get( System.Security.Cryptography.X509Certificates.StoreName storeName , System.Security.Cryptography.X509Certificates.StoreLocation storeLocation) { List <System.Security.Cryptography.X509Certificates.X509Certificate2> certificates = null; System.Security.Cryptography.X509Certificates.X509Store x509Store = new System.Security.Cryptography.X509Certificates.X509Store(storeName, storeLocation); x509Store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly); certificates = new List <System.Security.Cryptography.X509Certificates.X509Certificate2>(x509Store.Certificates.Count); for (int i = 0; i < x509Store.Certificates.Count - 1; i++) { certificates.Add(x509Store.Certificates[i]); } x509Store.Close(); return(certificates); }
private void AddToStore(System.Security.Cryptography.X509Certificates.X509Certificate2 cert, System.Security.Cryptography.X509Certificates.StoreName storeName, string storeLocation) { System.Security.Cryptography.X509Certificates.StoreLocation location; if (storeLocation == "currentuser") { location = System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser; } else { location = System.Security.Cryptography.X509Certificates.StoreLocation.LocalMachine; } System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store(storeName, location); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadWrite); store.Add(cert); store.Close(); }
//addCertToStore(MyRootCAcert, StoreName.Root, StoreLocation.LocalMachine); //addCertToStore(MyCert, StoreName.My, StoreLocation.LocalMachine); public static bool addCertToStore(System.Security.Cryptography.X509Certificates.X509Certificate2 cert, System.Security.Cryptography.X509Certificates.StoreName st, System.Security.Cryptography.X509Certificates.StoreLocation sl) { bool bRet = false; try { X509Store store = new X509Store(st, sl); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadWrite); store.Add(cert); store.Close(); } catch (Exception e) { Debug.WriteLine(e.Message); } return(bRet); }
public void writeCertificate(Org.BouncyCastle.X509.X509Certificate cert, long enrollmentID) { // converting from bouncycastle X509Certificate to System.Security.Cryptography.X509Certificates.X509Certificate2 System.Security.Cryptography.X509Certificates.X509Certificate2 certificate = new System.Security.Cryptography.X509Certificates.X509Certificate2(); certificate.Import(cert.GetEncoded()); // Finding the corresponding privatekey from windows keystore using the container-name RSACryptoServiceProvider rsaPrivate = retrievePrivateKey(enrollmentID); // linking the retrieved private key to the certificate certificate.PrivateKey = rsaPrivate; // opening up the windows cert store because thats where I want to save it. System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store(System.Security.Cryptography.X509Certificates.StoreName.My, System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.MaxAllowed); store.Add(certificate); store.Close(); }
/// <summary> /// Lädt ein Zertifikat aus dem lokalen Zertifikatsspeicher des Computerkontos. Gesucht wird in em Bereich eigene Zertifikate /// </summary> /// <param name="anzeigenname"></param> /// <returns></returns> public static X509Certificate LadeX509AusMaschinenStore(string antragsteller) { X509Certificate certificate = null; System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store(System.Security.Cryptography.X509Certificates.StoreName.TrustedPeople, System.Security.Cryptography.X509Certificates.StoreLocation.LocalMachine); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly); foreach (System.Security.Cryptography.X509Certificates.X509Certificate2 cert in store.Certificates) { if (cert.Subject.Contains(antragsteller)) { return(DotNetUtilities.FromX509Certificate(cert)); } } return(certificate); }
public bool Remove() { bool FoundSuperfishCert = false; bool ProblemDeletingCertificate = false; foreach (var storeValue in Enum.GetValues(typeof(System.Security.Cryptography.X509Certificates.StoreName))) { // Superfish should be in "Root" or "AuthRoot", but check ALL to be safe System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store((System.Security.Cryptography.X509Certificates.StoreName)storeValue); //StorePermission sp = new StorePermission(PermissionState.Unrestricted); //sp.Flags = StorePermissionFlags.OpenStore; store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.MaxAllowed); foreach (System.Security.Cryptography.X509Certificates.X509Certificate2 mCert in store.Certificates) { if (IsSuperfishCert(mCert)) { FoundSuperfishCert = true; Logging.Logger.Log(Logging.LogSeverity.Information, "Found Superfish certificate - Store: " + storeValue.ToString()); try { Logging.Logger.Log(Logging.LogSeverity.Information, " DELETING Certificate: " + mCert.Issuer); store.Remove(mCert); } catch (Exception ex) { ProblemDeletingCertificate = true; Logging.Logger.Log(ex, " Exception deleting certificate: " + ex.ToString()); //throw; } } } } return(FoundSuperfishCert && (!ProblemDeletingCertificate)); }
public bool Remove() { bool FoundSuperfishCert = false; bool ProblemDeletingCertificate = false; foreach (var storeValue in Enum.GetValues(typeof(System.Security.Cryptography.X509Certificates.StoreName))) { // Superfish should be in "Root" or "AuthRoot", but check ALL to be safe System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store((System.Security.Cryptography.X509Certificates.StoreName)storeValue); //StorePermission sp = new StorePermission(PermissionState.Unrestricted); //sp.Flags = StorePermissionFlags.OpenStore; store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.MaxAllowed); foreach (System.Security.Cryptography.X509Certificates.X509Certificate2 mCert in store.Certificates) { if (IsSuperfishCert(mCert)) { FoundSuperfishCert = true; Logging.Logger.Log(Logging.LogSeverity.Information, "Found Superfish certificate - Store: " + storeValue.ToString()); try { Logging.Logger.Log(Logging.LogSeverity.Information, " DELETING Certificate: " + mCert.Issuer); store.Remove(mCert); } catch (Exception ex) { ProblemDeletingCertificate = true; Logging.Logger.Log(ex, " Exception deleting certificate: " + ex.ToString()); //throw; } } } } return (FoundSuperfishCert && (!ProblemDeletingCertificate)); }
public static bool ExportCertificate( string certificateName, string path, string storeName, System.Security.Cryptography.X509Certificates.StoreLocation location) { bool success = false; using (System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store(storeName, location)) { store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly); try { System.Security.Cryptography.X509Certificates.X509Certificate2Collection certs = store.Certificates.Find( System.Security.Cryptography.X509Certificates.X509FindType.FindBySubjectName, certificateName, true ); if (certs != null && certs.Count > 0) { byte[] data = certs[0].Export( System.Security.Cryptography.X509Certificates.X509ContentType.Cert ); success = WriteFile(data, path); } } catch (System.Exception ex) { System.Console.WriteLine(ex.Message); } finally { store.Close(); } } return(success); }
} // End Sub TrustRootCertificate private static System.Security.Cryptography.X509Certificates.X509Certificate Find( string serialNumber, System.Security.Cryptography.X509Certificates.StoreLocation location) { using (System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store(location)) { store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.OpenExistingOnly); System.Security.Cryptography.X509Certificates.X509Certificate2Collection certs = store.Certificates.Find( System.Security.Cryptography.X509Certificates.X509FindType .FindBySerialNumber, serialNumber, true); //return certs.OfType<X509Certificate>().FirstOrDefault(); foreach (System.Security.Cryptography.X509Certificates.X509Certificate2 thisCertificate in certs) { return(thisCertificate); } } return(null); }
public static void Run() { // ExStart:1 // The path to the documents directory. string dataDir = RunExamples.GetDataDir_AsposePdf_SecuritySignatures(); Document doc = new Document(dataDir + "blank.pdf"); using (Facades.PdfFileSignature pdfSign = new Facades.PdfFileSignature()) { pdfSign.BindPdf(doc); // Sign with certificate selection in the windows certificate store System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store(System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly); // Manually chose the certificate in the store System.Security.Cryptography.X509Certificates.X509Certificate2Collection sel = System.Security.Cryptography.X509Certificates.X509Certificate2UI.SelectFromCollection(store.Certificates, null, null, System.Security.Cryptography.X509Certificates.X509SelectionFlag.SingleSelection); Aspose.Pdf.Forms.ExternalSignature externalSignature = new Aspose.Pdf.Forms.ExternalSignature(sel[0]); pdfSign.SignatureAppearance = dataDir + "demo.png"; pdfSign.Sign(1, "Reason", "Contact", "Location", true, new System.Drawing.Rectangle(100, 100, 200, 200), externalSignature); pdfSign.Save(dataDir + "externalSignature2.pdf"); } using (Facades.PdfFileSignature pdfSign = new Facades.PdfFileSignature(new Document(dataDir + "externalSignature2.pdf"))) { IList <string> sigNames = pdfSign.GetSignNames(); for (int index = 0; index <= sigNames.Count - 1; index++) { if (!pdfSign.VerifySigned(sigNames[index]) || !pdfSign.VerifySignature(sigNames[index])) { throw new ApplicationException("Not verified"); } } } // ExEnd:1 }
private static bool TryFindCertificatesInStore(string thumbprint, System.Security.Cryptography.X509Certificates.StoreLocation location, out System.Security.Cryptography.X509Certificates.X509Certificate2Collection certificates) { System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store(System.Security.Cryptography.X509Certificates.StoreName.My, location); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly); certificates = store.Certificates.Find(System.Security.Cryptography.X509Certificates.X509FindType.FindByThumbprint, thumbprint, false); store.Close(); return certificates.Count > 0; }
public static void Test() { System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12; // System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls13; System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store( System.Security.Cryptography.X509Certificates.StoreName.Root ); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadWrite); // Retrieve the certificate System.Security.Cryptography.X509Certificates.X509Certificate2Collection certs = store.Certificates.Find( System.Security.Cryptography.X509Certificates.X509FindType.FindBySubjectName , "SSL-SERVER" , false ); // There is no result when vaildOnly = true. if (certs.Count == 0) { // return; // cert = new System.Security.Cryptography.X509Certificates.X509Certificate2(); // foreach (System.Security.Cryptography.X509Certificates.X509Certificate2 certificate in store.Certificates) { cert = certificate; break; } string[] altNames = SelfSignedCertificate.SelfSigned.GetAlternativeNames(new string[0]); byte[] pfx = SelfSignedCertificate.SelfSigned.CreateSelfSignedCertificate(altNames, ""); cert = new System.Security.Cryptography.X509Certificates.X509Certificate2(pfx, "", System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.Exportable // | System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.EphemeralKeySet // Error ! ); } else { cert = certs[0]; } store.Close(); // Close the storage area. System.Net.Sockets.TcpListener server = new System.Net.Sockets.TcpListener(System.Net.IPAddress.Any, 900); System.Threading.Thread thread_server = new System.Threading.Thread( new System.Threading.ParameterizedThreadStart(RunServer) ); thread_server.Start(server); // client code using (System.Net.Sockets.TcpClient tc = new System.Net.Sockets.TcpClient()) { string connectTo = "127.0.0.1"; connectTo = "localhost"; connectTo = "example.int"; connectTo = System.Environment.MachineName; tc.Connect(connectTo, 900); System.Net.Security.SslStream stream = new System.Net.Security.SslStream(tc.GetStream(), false , new System.Net.Security.RemoteCertificateValidationCallback(ValidateServerCertificate) ) { ReadTimeout = IOTimeout, WriteTimeout = IOTimeout }; // stream.AuthenticateAsClient(connectTo, null, true); stream.AuthenticateAsClient(connectTo, certs, System.Security.Authentication.SslProtocols.Tls12, true); // stream.AuthenticateAsClient(connectTo, certs, System.Security.Authentication.SslProtocols.Tls13, true); // This is where you read and send data while (true) { string echo = System.Console.ReadLine(); byte[] buff = System.Text.Encoding.UTF8.GetBytes(echo + "<EOF>"); stream.Write(buff, 0, buff.Length); stream.Flush(); //tc.GetStream().Write(buff, 0, buff.Length); //tc.GetStream().Flush(); } // tc.Close(); } }
private void button1_Click(object sender, EventArgs e) { //Load PDF document from disk String input = "../../../../../../Data/PDFTemplate_HF.pdf"; PdfDocument doc = new PdfDocument(); doc.LoadFromFile(input); //Sign with certificate selection in the windows certificate store System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store(System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly); //Manually chose the certificate in the store System.Security.Cryptography.X509Certificates.X509Certificate2Collection sel = System.Security.Cryptography.X509Certificates.X509Certificate2UI.SelectFromCollection(store.Certificates, null, null, System.Security.Cryptography.X509Certificates.X509SelectionFlag.SingleSelection); //Create a certificate using the certificate data from the store PdfCertificate cert = new PdfCertificate(sel[0].RawData); PdfSignature signature = new PdfSignature(doc, doc.Pages[0], cert, "signature0"); signature.Bounds = new RectangleF(new PointF(250, 660), new SizeF(250, 90)); //Load sign image source. signature.SignImageSource = PdfImage.FromFile("../../../../../../Data/E-iceblueLogo.png"); //Set the dispay mode of graphics, if not set any, the default one will be applied signature.GraphicsMode = GraphicMode.SignImageAndSignDetail; signature.NameLabel = "Signer:"; signature.Name = sel[0].GetNameInfo(System.Security.Cryptography.X509Certificates.X509NameType.SimpleName, true); signature.ContactInfoLabel = "ContactInfo:"; signature.ContactInfo = signature.Certificate.GetNameInfo(System.Security.Cryptography.X509Certificates.X509NameType.SimpleName, true); signature.DateLabel = "Date:"; signature.Date = DateTime.Now; signature.LocationInfoLabel = "Location:"; signature.LocationInfo = "Chengdu"; signature.ReasonLabel = "Reason: "; signature.Reason = "The certificate of this document"; signature.DistinguishedNameLabel = "DN: "; signature.DistinguishedName = signature.Certificate.IssuerName.Name; signature.DocumentPermissions = PdfCertificationFlags.AllowFormFill | PdfCertificationFlags.ForbidChanges; signature.Certificated = true; //Set fonts, if not set, default ones will be applied signature.SignDetailsFont = new PdfFont(PdfFontFamily.TimesRoman, 10f); signature.SignNameFont = new PdfFont(PdfFontFamily.Courier, 15); //Set the sign image layout mode signature.SignImageLayout = SignImageLayout.None; //Save the PDF file String output = "SignWithSmartCardUsingPdfFileSignature_out.pdf"; doc.SaveToFile(output); doc.Close(); //Launch the Pdf file PDFDocumentViewer(output); }
private void button1_Click(object sender, EventArgs e) { //Load PDF document from disk PdfDocument doc = new PdfDocument(); doc.LoadFromFile("../../../../../../Data/SignatureField.pdf"); PdfFormWidget widgets = doc.Form as PdfFormWidget; for (int i = 0; i < widgets.FieldsWidget.List.Count; i++) { PdfFieldWidget widget = widgets.FieldsWidget.List[i] as PdfFieldWidget; if (widget is PdfSignatureFieldWidget) { //Get the field name string name = widget.Name; PdfSignatureFieldWidget signWidget = widget as PdfSignatureFieldWidget; //Sign with certificate selection in the windows certificate store System.Security.Cryptography.X509Certificates.X509Store store = new System.Security.Cryptography.X509Certificates.X509Store(System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser); store.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadOnly); //Manually chose the certificate in the store System.Security.Cryptography.X509Certificates.X509Certificate2Collection sel = System.Security.Cryptography.X509Certificates.X509Certificate2UI.SelectFromCollection(store.Certificates, null, null, System.Security.Cryptography.X509Certificates.X509SelectionFlag.SingleSelection); //Create a certificate using the certificate data from the store PdfCertificate cert = new PdfCertificate(sel[0].RawData); //Create a signature using the signature field PdfSignature signature = new PdfSignature(doc, signWidget.Page, cert, name, signWidget); //Load sign image source signature.SignImageSource = PdfImage.FromFile("../../../../../../Data/E-iceblueLogo.png"); //Set the dispay mode of graphics, if not set any, the default one will be applied signature.GraphicsMode = GraphicMode.SignImageAndSignDetail; signature.NameLabel = "Signer:"; signature.Name = sel[0].GetNameInfo(System.Security.Cryptography.X509Certificates.X509NameType.SimpleName, true); signature.ContactInfoLabel = "ContactInfo:"; signature.ContactInfo = signature.Certificate.GetNameInfo(System.Security.Cryptography.X509Certificates.X509NameType.SimpleName, true); signature.DateLabel = "Date:"; signature.Date = DateTime.Now; signature.LocationInfoLabel = "Location:"; signature.LocationInfo = "Chengdu"; signature.ReasonLabel = "Reason: "; signature.Reason = "The certificate of this document"; signature.DistinguishedNameLabel = "DN: "; signature.DistinguishedName = signature.Certificate.IssuerName.Name; signature.DocumentPermissions = PdfCertificationFlags.AllowFormFill | PdfCertificationFlags.ForbidChanges; signature.Certificated = true; //Set fonts, if not set, default ones will be applied signature.SignDetailsFont = new PdfFont(PdfFontFamily.TimesRoman, 10f); signature.SignNameFont = new PdfFont(PdfFontFamily.Courier, 15); //Set the sign image layout mode signature.SignImageLayout = SignImageLayout.None; } } //Save the Pdf document string output = "SignWithSmartCardUsingSignatureField_out.pdf"; doc.SaveToFile(output); //Launch the result file PDFDocumentViewer(output); }