Exemplo n.º 1
0
        // The signing certificate, computed based on signing store settings.
        public X509Certificate2 GetSigningCertificate()
        {
            Utility.IfNullThrowNullArgumentException(this.StoreIdentifyingValue, "signingStoreIdentifyingValue");

            X509Certificate2 certificate = CertificateHelper.GetCertificate(
                this.StoreName,
                this.StoreLocation,
                this.StoreFindType,
                this.StoreIdentifyingValue);

            // GetCertificate will throw an exception if no certificate is found.
            // Here, we are sure that the certificate is not null.
            return(certificate);
        }
Exemplo n.º 2
0
        void Process(ReceivedCertificatesStoreSettings receivedCertificatesStoreSettings)
        {
            // The attributes should contain the following: Scheme, KeyId, Refs, Sig, [PrefixList]
            string schemeUri;
            string keyId;
            string refs;
            string sig;
            string inclusivePrefixList;

            this.GetCompactSignatureAttributes(out schemeUri, out keyId, out refs, out sig, out inclusivePrefixList);
            this.CheckCompactSignatureAttributes(schemeUri, keyId, sig, refs, inclusivePrefixList);

            // Look for a certificate that matches the KeyId in the compact signature header
            X509Certificate2 certificate = CertificateHelper.GetCertificateByThumbprint(
                receivedCertificatesStoreSettings.StoreName,
                receivedCertificatesStoreSettings.StoreLocation,
                Utility.ToHexString(keyId));

            // Construct a ds:SignedInfo, then compute and verify signature
            this.VerifySignature(refs, sig, inclusivePrefixList, certificate);
        }
Exemplo n.º 3
0
        public static X509Certificate2 GetCertificate(
            StoreName storeName,
            StoreLocation storeLocation,
            X509FindType findType,
            string findValue)
        {
            X509Certificate2 certificate = null;

            if (certificatesCache.TryGet(storeName, storeLocation, findType, findValue, out certificate))
            {
                return(certificate);
            }

            X509Store store = null;
            X509Certificate2Collection certificates = null;

            try
            {
                store = new X509Store(storeName, storeLocation);
                store.Open(OpenFlags.ReadOnly);

                certificates = store.Certificates;
                if (findType == X509FindType.FindBySubjectName)
                {
                    certificate = CertificateHelper.FindBySubjectName(certificates, findValue);
                }
                else if (findType == X509FindType.FindByThumbprint)
                {
                    certificate = CertificateHelper.FindByThumbprint(certificates, findValue);
                }
                else if (findType == X509FindType.FindBySubjectDistinguishedName)
                {
                    certificate = CertificateHelper.FindBySubjectDistinguishedName(certificates, findValue);
                }
                else
                {
                    throw new CompactSignatureSecurityException(
                              string.Format(
                                  CultureInfo.CurrentCulture,
                                  "The value {0} of X509FindType is not supported. Please use FindBySubjectName or FindByThumbprint instead.",
                                  findType));
                }
            }
            finally
            {
                if (certificates != null)
                {
                    for (int i = 0; i < certificates.Count; ++i)
                    {
                        certificates[i].Reset();
                    }
                }
                if (store != null)
                {
                    store.Close();
                }
            }

            if (certificate != null)
            {
                certificatesCache.Add(storeName, storeLocation, findType, findValue, certificate);
                return(certificate);
            }

            throw new CompactSignatureSecurityException(
                      string.Format(
                          CultureInfo.CurrentCulture,
                          "No matching certificates were found for KeyId={0} and X509FindType={1}",
                          findValue,
                          findType));
        }