/// <summary>
/// Find a certificate based on the provided thumbprint
/// </summary>
/// <param name="purpose">A use for which the certificate is needed (for human consumption).</param>
/// <param name="thumbprint">Thumbprint of the certificate we need.</param>
/// <returns>Certificate, if found; null otherwise.</returns>
public Errorable <X509Certificate2> FindByThumbprint(string purpose, CertificateThumbprint thumbprint)
{
var query =
from name in _storeNames
from location in _storeLocations
select FindByThumbprint(thumbprint, name, location);
var candidates = query.Where(cert => cert != null).ToList();
var certWithPrivateKey = candidates.Find(cert => cert.HasPrivateKey);
if (certWithPrivateKey != null)
{
// We might have multiple copies of the same certificate available in different stores.
// If so, prefer any copies that have their private key over those that do not
// Certificates with private keys can be used to both encrypt/decrypt and to
// sign/verify - copies without can only be used to encrypt and verify.
return(Errorable.Success(certWithPrivateKey));
}
var certificate = candidates.FirstOrDefault();
if (certificate != null)
{
return(Errorable.Success(certificate));
}
return(Errorable.Failure <X509Certificate2>($"Did not find {purpose} certificate {thumbprint}"));
}
/// <summary>
/// Find a certificate based on the provided thumbprint by looking in the specified location
/// </summary>
/// <param name="thumbprint">Thumbprint of the certificate we need.</param>
/// <param name="storeName">Name of the store to search within.</param>
/// <param name="storeLocation">Location within the store to check.</param>
/// <returns>Certificate, if found; null otherwise.</returns>
private static X509Certificate2 FindByThumbprint(CertificateThumbprint thumbprint, StoreName storeName, StoreLocation storeLocation)
{
try
{
using (var store = new X509Store(storeName, storeLocation))
{
store.Open(OpenFlags.ReadOnly);
var found = store.Certificates.Find(thumbprint);
return(found.SingleOrDefault());
}
}
catch (PlatformNotSupportedException)
{
// Some store locations not supported on Linux, just return null
return(null);
}
}
/// <summary>
/// Find any certificates matching the given thumbprint
/// </summary>
/// <param name="collection">Collection to search.</param>
/// <param name="thumbprint">Thumbprint to find.</param>
public static IList <X509Certificate2> Find(this X509Certificate2Collection collection, CertificateThumbprint thumbprint)
{
return(collection.Find(X509FindType.FindByThumbprint, thumbprint.ToString(), false)
.Cast <X509Certificate2>()
.ToList());
}