private static void ImportAlias()
{
try
{
string aliasName = Parameter.AliasToImport.IsDefined ? SelectedMode.GetString(Parameter.AliasToImport.ID) : string.Empty;
string inFile = SelectedMode.GetString(Parameter.InImportAlias.ID);
bool overwriteExisting = SelectedMode.GetBool(Parameter.OverWriteExistingAlias.ID);
X509Context Context = SelectedMode.GetContext(Parameter.Context.ID);
X509Alias AliasToImport = X509Alias.Import(inFile, Context, aliasName);
if (!overwriteExisting && X509Alias.AliasExists(AliasToImport))
{
throw new X509AliasAlreadyExistsException(AliasToImport);
}
AliasToImport.Commit();
ConsoleMessage($"{nameof(X509Alias)} {AliasToImport.Name.InQuotes()} has been successfully imported into the {Context.Name} {nameof(X509Context)} from the file {inFile.InQuotes()}");
if (!X509CryptoAgent.CertificateExists(AliasToImport))
{
ConsoleWarning($"An encryption certificate with thumbprint {AliasToImport.Thumbprint.InQuotes()} could not be found in the {Context.Name} {nameof(X509Context)}. Ensure this certificate is installed on the system before using this alias.");
}
}
catch (Exception ex)
{
if (ex is X509AliasAlreadyExistsException)
{
throw;
}
else
{
throw new X509CryptoException(@"Unable to import the specified alias", ex);
}
}
}
private static void UpdateAlias()
{
try
{
string aliasName = SelectedMode.GetString(Parameter.AliasToUpdate.ID);
string newThumbprint = SelectedMode.GetString(Parameter.Thumbprint.ID);
X509Context OldContext = SelectedMode.GetContext(Parameter.OldContext.ID);
X509Context NewContext = SelectedMode.GetContext(Parameter.NewContext.ID, OldContext);
if (!X509CryptoAgent.CertificateExists(newThumbprint, NewContext))
{
throw new X509CryptoCertificateNotFoundException(newThumbprint, NewContext);
}
X509Alias Alias = new X509Alias(aliasName, OldContext);
Alias.ReEncrypt(newThumbprint, NewContext);
Alias.Commit();
ConsoleMessage($"{nameof(X509Alias)} {aliasName} successfully updated. Now using encryption certificate with thumbprint {newThumbprint} from the {NewContext.Name} {nameof(X509Context)}");
}
catch (Exception ex)
{
if (ex is X509CryptoCertificateNotFoundException)
{
throw;
}
else
{
throw new X509CryptoException(@"Unable to update the specified alias", ex);
}
}
}
private void DoWork()
{
if (aliasSet)
{
if (contextSet || thumbprintSet)
{
throw new ParameterBindingException($"Either the {nameof(Alias).InQuotes()} parameter or the {nameof(Location).InQuotes()} and {nameof(Thumbprint).InQuotes()} parameters must be set.");
}
}
else
{
if (!(contextSet && thumbprintSet))
{
throw new ParameterBindingException($"Either the {nameof(Alias).InQuotes()} parameter or the {nameof(Location).InQuotes()} and {nameof(Thumbprint).InQuotes()} parameters must be set.");
}
}
if (!aliasSet)
{
Alias = new X509Alias(string.Empty, Thumbprint, Context, false);
}
if (!System.IO.Path.GetExtension(Path).Matches(FileExtensions.Pfx))
{
path = $"{path}{FileExtensions.Pfx}";
}
if (File.Exists(Path))
{
if (Overwrite || Util.WarnConfirm($"The specified file {Path.InQuotes()} already exists. Do you wish to overwrite it?", Constants.Affirm))
{
X509Utils.DeleteFile(Path, confirmDelete: true);
}
else
{
throw new X509CryptoException($"The specified file {Path.InQuotes()} already exists.");
}
}
var Password = Util.GetPassword(@"Enter a strong password (needed to unlock the .pfx file)", Constants.MinimumPasswordLength, true);
X509CryptoAgent.ExportPFX(Alias.Thumbprint, Alias.Context, Path, Password.Plaintext());
Util.ConsoleMessage($"Encryption certificate with thumbprint {Alias.Thumbprint} from the {Alias.Context.Name} {nameof(X509Context)} has been exported to the file {Path.InQuotes()}");
Result = new FileInfo(Path);
}
private void DoWork()
{
var Context = X509Context.Select(Location, true);
var AliasToImport = X509Alias.Import(Path, Context, Name);
if (!Overwrite && X509Alias.AliasExists(AliasToImport))
{
throw new X509AliasAlreadyExistsException(AliasToImport);
}
AliasToImport.Commit();
Util.ConsoleMessage($"{nameof(X509Alias)} {AliasToImport.Name.InQuotes()} has been successfully imported into the {Context.Name} {nameof(X509Context)} from the file {Path.InQuotes()}");
if (!X509CryptoAgent.CertificateExists(AliasToImport))
{
Util.ConsoleWarning($"An encryption certificate with thumbprint {AliasToImport.Thumbprint.InQuotes()} could not be found in the {Context.Name} {nameof(X509Context)}. Ensure this certificate is installed on the system before using this alias.");
}
Result = AliasToImport;
}
private void DoWork()
{
X509Context OldContext,
NewContext;
OldContext = Alias.Context;
if (contextSet)
{
NewContext = X509Context.Select(Location, false);
}
else
{
NewContext = Alias.Context;
}
if (!X509CryptoAgent.CertificateExists(Thumbprint, NewContext))
{
throw new X509CryptoCertificateNotFoundException(Thumbprint, NewContext);
}
Alias.ReEncrypt(Thumbprint, NewContext);
Alias.Commit();
Console.WriteLine($"{nameof(X509Alias)} {Alias.Name} successfully updated. Now using encryption certificate with thumbprint {Thumbprint} from the {NewContext.Name} {nameof(X509Context)}");
}
private static void List()
{
string output = string.Empty;
string outfile = string.Empty;
string listType = string.Empty;
X509Context Context = null;
try
{
listType = SelectedMode.GetString(Parameter.ListType.ID);
Context = SelectedMode.GetContext(Parameter.Context.ID);
switch (listType)
{
case ListType.Certs:
output = X509CryptoAgent.ListCerts(SelectedMode.GetContext(Parameter.Context.ID));
break;
case ListType.Aliases:
output = X509CryptoAgent.ListAliases(SelectedMode.GetContext(Parameter.Context.ID));
break;
default:
throw new X509CryptoException($"{listType}: Unsupported list type.");
}
WriteOutput(output, Parameter.OutList.ID);
}
catch (X509CryptoException ex)
{
throw ex;
}
catch (Exception ex)
{
throw new X509CryptoException(@"An exception occurred attempting to generate the list", ex);
}
}
private static void ExportCert()
{
string outfile = string.Empty;
string thumbprint = string.Empty;
string aliasName = string.Empty;
SecureString Password = null;
X509Context Context = null;
X509Alias Alias = null;
try
{
if (!(SelectedMode.IsParameterDefined(Parameter.AliasExportCert.ID) ^ SelectedMode.IsParameterDefined(Parameter.ThumbprintToExport.ID)))
{
throw new ArgumentException($"Either {Parameter.AliasExportCert.Name} or {Parameter.ThumbprintToExport.Name} must be defined, but not both");
}
outfile = SelectedMode.GetString(Parameter.OutExportCert.ID);
try
{
Path.GetFullPath(outfile);
}
catch
{
throw new IOException($"Not a valid NTFS path: {outfile}");
}
if (!Path.GetExtension(outfile).Matches(FileExtensions.Pfx))
{
outfile = $"{outfile}{FileExtensions.Pfx}";
}
if (File.Exists(outfile))
{
if (Util.WarnConfirm($"The specified file {outfile} already exists. Do you wish to overwrite it?", Constants.Affirm))
{
X509Utils.DeleteFile(outfile, confirmDelete: true);
}
else
{
return;
}
}
Context = SelectedMode.GetContext(Parameter.Context.ID);
if (SelectedMode.IsParameterDefined(Parameter.AliasExportCert.ID))
{
aliasName = SelectedMode.GetString(Parameter.AliasExportCert.ID);
Alias = new X509Alias(aliasName, Context);
thumbprint = Alias.Thumbprint;
}
else
{
thumbprint = SelectedMode.GetString(Parameter.ThumbprintToExport.ID);
}
Password = Util.GetPassword(@"Enter a strong password: "******"Encryption certificate with thumbprint {thumbprint} from the {Context.Name} {nameof(X509Context)} has been exported to the file {outfile.InQuotes()}");
}
catch (Exception ex)
{
throw new X509CryptoException(@"Unable to export the specified certificate and key pair", ex);
}
}
