// The signing certificate, computed based on signing store settings. public X509Certificate2 GetSigningCertificate() { Utility.IfNullThrowNullArgumentException(this.StoreIdentifyingValue, "signingStoreIdentifyingValue"); X509Certificate2 certificate = CertificateHelper.GetCertificate( this.StoreName, this.StoreLocation, this.StoreFindType, this.StoreIdentifyingValue); // GetCertificate will throw an exception if no certificate is found. // Here, we are sure that the certificate is not null. return(certificate); }
void Process(ReceivedCertificatesStoreSettings receivedCertificatesStoreSettings) { // The attributes should contain the following: Scheme, KeyId, Refs, Sig, [PrefixList] string schemeUri; string keyId; string refs; string sig; string inclusivePrefixList; this.GetCompactSignatureAttributes(out schemeUri, out keyId, out refs, out sig, out inclusivePrefixList); this.CheckCompactSignatureAttributes(schemeUri, keyId, sig, refs, inclusivePrefixList); // Look for a certificate that matches the KeyId in the compact signature header X509Certificate2 certificate = CertificateHelper.GetCertificateByThumbprint( receivedCertificatesStoreSettings.StoreName, receivedCertificatesStoreSettings.StoreLocation, Utility.ToHexString(keyId)); // Construct a ds:SignedInfo, then compute and verify signature this.VerifySignature(refs, sig, inclusivePrefixList, certificate); }
public static X509Certificate2 GetCertificate( StoreName storeName, StoreLocation storeLocation, X509FindType findType, string findValue) { X509Certificate2 certificate = null; if (certificatesCache.TryGet(storeName, storeLocation, findType, findValue, out certificate)) { return(certificate); } X509Store store = null; X509Certificate2Collection certificates = null; try { store = new X509Store(storeName, storeLocation); store.Open(OpenFlags.ReadOnly); certificates = store.Certificates; if (findType == X509FindType.FindBySubjectName) { certificate = CertificateHelper.FindBySubjectName(certificates, findValue); } else if (findType == X509FindType.FindByThumbprint) { certificate = CertificateHelper.FindByThumbprint(certificates, findValue); } else if (findType == X509FindType.FindBySubjectDistinguishedName) { certificate = CertificateHelper.FindBySubjectDistinguishedName(certificates, findValue); } else { throw new CompactSignatureSecurityException( string.Format( CultureInfo.CurrentCulture, "The value {0} of X509FindType is not supported. Please use FindBySubjectName or FindByThumbprint instead.", findType)); } } finally { if (certificates != null) { for (int i = 0; i < certificates.Count; ++i) { certificates[i].Reset(); } } if (store != null) { store.Close(); } } if (certificate != null) { certificatesCache.Add(storeName, storeLocation, findType, findValue, certificate); return(certificate); } throw new CompactSignatureSecurityException( string.Format( CultureInfo.CurrentCulture, "No matching certificates were found for KeyId={0} and X509FindType={1}", findValue, findType)); }