private static PersonalCertificate CreateFromX509(X509Certificate2 certificate, CertificateStoreType certStoreType) { var cert = new PersonalCertificate { DisplayName = certificate.FriendlyName, Date = certificate.NotAfter, Issuer = certificate.Issuer, Subject = certificate.Subject, Thumbprint = certificate.Thumbprint, DigestAlgorithm = certificate.SignatureAlgorithm.FriendlyName, StoreType = certStoreType }; return(cert); }
private static PersonalCertificate CreateFromX509(X509Certificate certificate, CertificateStoreType certStoreType) { var parser = new X509CertificateParser(); var read = parser.ReadCertificate(certificate.GetRawCertData()); var cert = new PersonalCertificate { Issuer = certificate.Issuer, Thumbprint = certificate.GetCertHashString(), Subject = certificate.Subject, DigestAlgorithm = (read.SigAlgName.EndsWith("withRSA", StringComparison.OrdinalIgnoreCase) ? read.SigAlgName.Substring(0, read.SigAlgName.Length - "withRSA".Length) : read.SigAlgName).Replace("-", string.Empty), StoreType = certStoreType }; var list = read.SubjectDN.GetValueList(); if (list?.Count > 0) { // ReSharper disable once PossibleNullReferenceException cert.DisplayName = list[^ 1].ToString();
public CertificateViewModel(PersonalCertificate personalCertificate) { this.personalCertificate = personalCertificate; }
public async Task SignPackageWithInstalled( string package, bool updatePublisher, PersonalCertificate certificate, string timestampUrl = null, IncreaseVersionMethod increaseVersion = IncreaseVersionMethod.None, CancellationToken cancellationToken = default, IProgress <ProgressData> progress = null) { if (certificate == null) { throw new ArgumentNullException(nameof(certificate)); } Logger.Info("Signing package {0} using personal certificate {1}.", package, certificate.Subject); StoreLocation loc; switch (certificate.StoreType) { case CertificateStoreType.User: loc = StoreLocation.CurrentUser; break; case CertificateStoreType.Machine: loc = StoreLocation.LocalMachine; break; default: throw new ArgumentOutOfRangeException(); } using var store = new X509Store(StoreName.My, loc); store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly); var x509 = store.Certificates.Find(X509FindType.FindByThumbprint, certificate.Thumbprint, false); if (x509.Count < 1) { throw new ArgumentException("Certificate could not be located in the store."); } var isForCodeSigning = x509[0].Extensions.OfType <X509KeyUsageExtension>().Any(ke => ke.KeyUsages.HasFlag(X509KeyUsageFlags.DigitalSignature)); if (!isForCodeSigning) { throw new ArgumentException("Selected certificate is not for code-signing."); } if (!x509[0].HasPrivateKey) { throw new ArgumentException("Selected certificate does not contain a private key."); } var localCopy = await this.PreparePackageForSigning( package, updatePublisher, increaseVersion, x509[0], cancellationToken).ConfigureAwait(false); try { cancellationToken.ThrowIfCancellationRequested(); string type; if (x509[0].SignatureAlgorithm.FriendlyName?.EndsWith("rsa", StringComparison.OrdinalIgnoreCase) == true) { type = x509[0].SignatureAlgorithm.FriendlyName.Substring(0, x509[0].SignatureAlgorithm.FriendlyName.Length - 3).ToUpperInvariant(); } else { throw new NotSupportedException($"Signature algorithm {x509[0].SignatureAlgorithm.FriendlyName} is not supported."); } Logger.Debug("Signing package {0} with algorithm {1}.", localCopy, x509[0].SignatureAlgorithm.FriendlyName); var sdk = new SignToolWrapper(); progress?.Report(new ProgressData(25, "Signing...")); timestampUrl = await this.GetTimeStampUrl(timestampUrl).ConfigureAwait(false); await sdk.SignPackageWithPersonal(new[] { localCopy }, type, certificate.Thumbprint, certificate.StoreType == CertificateStoreType.Machine, timestampUrl, cancellationToken).ConfigureAwait(false); progress?.Report(new ProgressData(75, "Signing...")); await Task.Delay(500, cancellationToken).ConfigureAwait(false); Logger.Debug("Moving {0} to {1}.", localCopy, package); File.Copy(localCopy, package, true); progress?.Report(new ProgressData(95, "Signing...")); } finally { try { if (File.Exists(localCopy)) { File.Delete(localCopy); } } catch (Exception e) { Logger.Warn(e, "Clean-up of a temporary file {0} failed.", localCopy); } } }
public async Task SignPackageWithInstalled(string package, bool updatePublisher, PersonalCertificate certificate, string timestampUrl = null, IncreaseVersionMethod increaseVersion = IncreaseVersionMethod.None, CancellationToken cancellationToken = default, IProgress <ProgressData> progress = null) { var manager = await this.managerFactory.GetProxyFor(SelfElevationLevel.AsInvoker, cancellationToken).ConfigureAwait(false); cancellationToken.ThrowIfCancellationRequested(); await manager.SignPackageWithInstalled(package, updatePublisher, certificate, timestampUrl, increaseVersion, cancellationToken, progress).ConfigureAwait(false); }