protected virtual bool DestroySignedCertificates( X509Certificate2Collection myCertificates, X509Certificate2Collection rootCertificates) { try { var certificateNames = new List<string>(); if (MyStore != null) { MyStore.RemoveRange(myCertificates); IEnumerable<string> myCertNames = myCertificates.Cast<X509Certificate2>() .Select(c => c.GetNameInfo(X509NameType.SimpleName, false)); certificateNames.AddRange(myCertNames); } if (RootStore != null) { RootStore.RemoveRange(rootCertificates); IEnumerable<string> rootCertNames = rootCertificates.Cast<X509Certificate2>() .Select(c => c.GetNameInfo(X509NameType.SimpleName, false)); certificateNames.AddRange(rootCertNames); } foreach (string certificateName in certificateNames) { if (_certificateCache.ContainsKey(certificateName)) _certificateCache.Remove(certificateName); } return true; } catch (CryptographicException) { return false; } }
public override IResult Execute(IResult previousResults) { X509Store store = null; try { var certificate = GetCertificateFromWrapper(); if (certificate == null) { Log.Warn("Certificate does not exist in settings store; cannot remove similiar certificates"); return new NextResult(); } var authorityKey = CertificateUtilities.GetAuthorityKeyFromCertificate(certificate); if (string.IsNullOrWhiteSpace(authorityKey)) { Log.WarnFormat("Cannot retrieve authority key from certificate; cannot remove similiar certificates"); return new NextResult(); } var subjectKey = CertificateUtilities.GetSubjectKeyFromCertificate(certificate); if (string.IsNullOrWhiteSpace(subjectKey)) { Log.WarnFormat("Cannot retrieve subject key from certificate; cannot remove similiar certificates"); return new NextResult(); } store = new X509Store(StoreName, StoreLocation.CurrentUser); store.Open(OpenFlags.ReadWrite); var instances = new X509Certificate2Collection(); foreach (var instance in store.Certificates) { // shouldn't remove new cert if (instance.Equals(certificate)) continue; if (!authorityKey.Equals( CertificateUtilities.GetAuthorityKeyFromCertificate(instance), StringComparison.InvariantCultureIgnoreCase)) continue; if (!subjectKey.Equals( CertificateUtilities.GetSubjectKeyFromCertificate(instance), StringComparison.InvariantCultureIgnoreCase)) Log.InfoFormat("Similar certificate found: serial number {0}; subject name {1}", instance.SerialNumber, instance.SubjectName.Name); instances.Add(instance); } if (instances.Count == 0) return new NextResult(); Log.InfoFormat("Removing {0} similar certificates", instances.Count); store.RemoveRange(instances); var notRemoved = new X509Certificate2Collection(); foreach (var instance in instances.Cast<X509Certificate2>().Where(instance => store.Certificates.Contains(instance))) { notRemoved.Add(instance); } if (notRemoved.Count == 0) Log.InfoFormat("{0} similiar certificates removed", instances.Count); else { foreach (var instance in notRemoved) Log.WarnFormat("Certificate with serial number {0} not removed", instance.SerialNumber); } return new NextResult(); } catch (Exception e) { return new ExceptionOccurred(e); } finally { if (store != null) store.Close(); } }