public void Execute(object parameter) { var pfx = CertificateManager.GeneratePfx(CertificateName, CertificatePassword); var certificate = CertificateManager.GetCertificateForBytes(pfx.GetBytes(), CertificatePassword); File.WriteAllBytes(Path.Combine(AppHelper.CachePath, "AzureAutomation.pfx"), pfx.GetBytes()); File.WriteAllBytes(Path.Combine(AppHelper.CachePath, "AzureAutomation.cer"), certificate); var collection = new X509Certificate2Collection(); collection.Import(Path.Combine(AppHelper.CachePath, "AzureAutomation.pfx"), CertificatePassword, X509KeyStorageFlags.PersistKeySet); var store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.ReadWrite); // Store the certificate foreach (var cert in collection) store.Add(cert); store.Close(); // Delete the certificate that contains the private key - this is already imported into the cert store File.Delete(Path.Combine(AppHelper.CachePath, "AzureAutomation.pfx")); MessageBox.Show("The certificate has been generated. Please refresh the certificates list.", "Certificate", MessageBoxButton.OK); // Open the folder containing the certificate Process.Start("explorer.exe", AppHelper.CachePath); }
public void testSignSimpleECDsa() { string testFileName = @"..\..\..\resources\circles.pdf"; string storePath = @"..\..\..\..\simple\keystore\test1234.p12"; string storePass = "******"; string storeAlias = "ECDSAkey"; SystemCertificates.X509Certificate2Collection pkcs12 = new SystemCertificates.X509Certificate2Collection(); pkcs12.Import(storePath, storePass, SystemCertificates.X509KeyStorageFlags.DefaultKeySet); SystemCertificates.X509Certificate2 certificate = null; foreach (SystemCertificates.X509Certificate2 aCertificate in pkcs12) { if (storeAlias.Equals(aCertificate.FriendlyName, StringComparison.InvariantCultureIgnoreCase)) { certificate = aCertificate; break; } } Assert.NotNull(certificate, "Key with alias {0} not found.", storeAlias); X509Certificate bcCertificate = new X509Certificate(X509CertificateStructure.GetInstance(certificate.RawData)); X509Certificate[] chain = { bcCertificate }; X509Certificate2Signature signature = new X509Certificate2Signature(certificate, "SHA512"); using (PdfReader pdfReader = new PdfReader(testFileName)) using (FileStream result = File.Create("circles-ECDSA-signed-simple.pdf")) { PdfSigner pdfSigner = new PdfSigner(pdfReader, result, new StampingProperties().UseAppendMode()); ITSAClient tsaClient = null; pdfSigner.SignDetached(signature, chain, null, null, tsaClient, 0, PdfSigner.CryptoStandard.CMS); } }
static void Main(string[] args) { if (args.Length == 0) { Console.WriteLine("ERROR! Missing parameter"); Console.WriteLine("syntax: certlimit.exe <cert-file.pfx> <password>"); Environment.Exit(1); } int day_threshold = 30; string password = args[1]; // System.Environment.GetEnvironmentVariable("signtoolpassword"); string certfile = args[0]; X509Certificate2Collection coll = new X509Certificate2Collection(); coll.Import(certfile, password, X509KeyStorageFlags.PersistKeySet); foreach (X509Certificate2 cert in coll) { Console.WriteLine("Subject: {0}", cert.Subject); Console.WriteLine("Issuer: {0}", cert.Issuer); if (cert.Subject.ToString().Contains("Rackspace")) { Console.WriteLine("Effective: {0}", cert.GetEffectiveDateString()); Console.WriteLine("Expiration: {0}", cert.GetExpirationDateString()); Console.WriteLine("Serial #: {0}", cert.SerialNumber.ToLower()); int days_to_expiration = (int)((Convert.ToDateTime(cert.GetExpirationDateString()) - DateTime.Now).TotalDays); Console.WriteLine("Days to expiration: {0}", days_to_expiration); if (days_to_expiration < day_threshold) { Console.WriteLine("ERROR! Code signing cert expires in fewer than {0} days", day_threshold); Environment.Exit(1); } } } }
public void testSignSimpleContainerECDsa() { string testFileName = @"..\..\..\resources\circles.pdf"; string storePath = @"..\..\..\..\simple\keystore\test1234.p12"; string storePass = "******"; string storeAlias = "ECDSAkey"; SystemCertificates.X509Certificate2Collection pkcs12 = new SystemCertificates.X509Certificate2Collection(); pkcs12.Import(storePath, storePass, SystemCertificates.X509KeyStorageFlags.DefaultKeySet); SystemCertificates.X509Certificate2 certificate = null; foreach (SystemCertificates.X509Certificate2 aCertificate in pkcs12) { if (storeAlias.Equals(aCertificate.FriendlyName, StringComparison.InvariantCultureIgnoreCase)) { certificate = aCertificate; break; } } Assert.NotNull(certificate, "Key with alias {0} not found.", storeAlias); X509Certificate2SignatureContainer signature = new X509Certificate2SignatureContainer(certificate, signer => { signer.DigestAlgorithm = Oid.FromFriendlyName("SHA512", OidGroup.HashAlgorithm); }); using (PdfReader pdfReader = new PdfReader(testFileName)) using (FileStream result = File.Create("circles-ECDSA-signed-simple-container.pdf")) { PdfSigner pdfSigner = new PdfSigner(pdfReader, result, new StampingProperties().UseAppendMode()); pdfSigner.SignExternalContainer(signature, 8192); } }
static int Main(string[] args) { try { string title = string.Empty; // Parse the command line. ParseCommandLine(args); X509Certificate2Collection certificates = new X509Certificate2Collection(); switch (command) { case Command.Sign: // For view, source can come from either store or cert file. if (null == pfxFile) { // Open the source (store and/or pfx file). Console.WriteLine( storeLocation ) ; X509Store store = new X509Store("MY", storeLocation); store.Open(OpenFlags.OpenExistingOnly | OpenFlags.ReadOnly); certificates = store.Certificates; title = "Viewing " + storeLocation.ToString() + " " + "MY" + " store"; } else { certificates.Import(pfxFile, password, X509KeyStorageFlags.DefaultKeySet); title = "Viewing " + pfxFile; } break; case Command.Verify: break; default: break; } // Carry out the command. switch (command) { case Command.Sign: // Perform filter(s) requested. X509Certificate2 certificate = FilterCertificates(certificates); DoSignCommand(title, certificate); break; case Command.Verify: DoVerifyCommand(title); break; } } catch (UsageException) { DisplayUsage(); } catch (InternalException e) { Console.WriteLine(e.Message); } catch( Exception e ) { Console.WriteLine(e); } return Result ? 100 : 101 ; }
private static X509Certificate2Collection GetCertificateCollection(string certificateFileName) { var certCollection = new X509Certificate2Collection(); certCollection.Import( Path.Combine(TestDataFolder, certificateFileName), CertificatePassword, X509KeyStorageFlags.DefaultKeySet); return certCollection; }
private static void Main(string[] args) { Task.Run(async () => { Console.WriteLine("Enter PIN: "); string pin = Console.ReadLine(); WebRequestHandler handler = new WebRequestHandler(); handler.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(ValidateServerCertificate); using (HttpClient client = new HttpClient(handler, true)) { client.BaseAddress = new Uri(string.Format(@"https://{0}:{1}", MachineName, RemotePort)); X509Store store = null; try { var response = await client.GetAsync("certs/" + pin); response.EnsureSuccessStatusCode(); byte[] rawCert = await response.Content.ReadAsByteArrayAsync(); X509Certificate2Collection certs = new X509Certificate2Collection(); certs.Import(rawCert, "", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.UserKeySet); store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.ReadWrite); X509Certificate2Collection oldCerts = new X509Certificate2Collection(); foreach (var cert in certs) { oldCerts.AddRange(store.Certificates.Find(X509FindType.FindBySubjectDistinguishedName, cert.Subject, false)); } store.RemoveRange(certs); store.AddRange(certs); store.Close(); Console.WriteLine("Success"); } catch (HttpRequestException e) { Console.WriteLine("Error communicating with vcremote. Make sure that vcremote is running in secure mode and that a new client cert has been generated."); } finally { if (store != null) { store.Close(); } } } }).Wait(); }
public static X509Certificate2 GetServerCertificate() { X509Certificate2 certificate = null; var certCollection = new X509Certificate2Collection(); certCollection.Import(Path.Combine("TestData", "DummyTcpServer.pfx")); foreach (X509Certificate2 c in certCollection) { if (c.HasPrivateKey) { certificate = c; break; } } Assert.NotNull(certificate); return certificate; }
/// <summary> /// Imports certificates and keys from a pkcs12-encoded stream. /// </summary> /// <param name="stream">The raw certificate and key data.</param> /// <param name="password">The password to unlock the stream.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="stream"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="password"/> is <c>null</c>.</para> /// </exception> /// <exception cref="System.NotSupportedException"> /// Importing keys is not supported by this cryptography context. /// </exception> public override void Import(Stream stream, string password) { if (stream == null) throw new ArgumentNullException ("stream"); if (password == null) throw new ArgumentNullException ("password"); byte[] rawData; if (stream is MemoryBlockStream) { rawData = ((MemoryBlockStream) stream).ToArray (); } else if (stream is MemoryStream) { rawData = ((MemoryStream) stream).ToArray (); } else { using (var memory = new MemoryStream ()) { stream.CopyTo (memory, 4096); rawData = memory.ToArray (); } } var store = new X509Store (StoreName.My, StoreLocation); var certs = new X509Certificate2Collection (); store.Open (OpenFlags.ReadWrite); certs.Import (rawData, password, X509KeyStorageFlags.UserKeySet); store.AddRange (certs); store.Close (); }
private static X509Certificate2 LoadPfxUsingCollectionImport(this CertLoader certLoader) { byte[] pfxData = certLoader.PfxData; string password = certLoader.Password; X509Certificate2Collection collection = new X509Certificate2Collection(); collection.Import(pfxData, password, X509KeyStorageFlags.DefaultKeySet); Assert.Equal(1, collection.Count); return collection[0]; }
/// <summary> /// Gets the identity. /// </summary> /// <param name="element">The element.</param> /// <returns>EndpointIdentity.</returns> /// <exception cref="System.InvalidOperationException">UnableToLoadCertificateIdentity</exception> private static EndpointIdentity GetIdentity(IdentityElement element) { var properties = element.ElementInformation.Properties; var userPrincipalName = properties["userPrincipalName"]; if (userPrincipalName != null && userPrincipalName.ValueOrigin != PropertyValueOrigin.Default) { return EndpointIdentity.CreateUpnIdentity(element.UserPrincipalName.Value); } var servicePrincipalName = properties["servicePrincipalName"]; if (servicePrincipalName != null && servicePrincipalName.ValueOrigin != PropertyValueOrigin.Default) { return EndpointIdentity.CreateSpnIdentity(element.ServicePrincipalName.Value); } var dns = properties["dns"]; if (dns != null && dns.ValueOrigin != PropertyValueOrigin.Default) { return EndpointIdentity.CreateDnsIdentity(element.Dns.Value); } var rsa = properties["rsa"]; if (rsa != null && rsa.ValueOrigin != PropertyValueOrigin.Default) { return EndpointIdentity.CreateRsaIdentity(element.Rsa.Value); } var certificate = properties["certificate"]; if (certificate != null && certificate.ValueOrigin != PropertyValueOrigin.Default) { var supportingCertificates = new X509Certificate2Collection(); supportingCertificates.Import(Convert.FromBase64String(element.Certificate.EncodedValue)); if (supportingCertificates.Count == 0) { throw new InvalidOperationException("UnableToLoadCertificateIdentity"); } var primaryCertificate = supportingCertificates[0]; supportingCertificates.RemoveAt(0); return EndpointIdentity.CreateX509CertificateIdentity(primaryCertificate, supportingCertificates); } return null; }
/// <summary> /// Adds certificates to this store from a folder. /// </summary> /// <param name="folderPath">The path to a folder containing certificate files</param> /// <param name="flags">The <see cref="X509KeyStorageFlags"/> for the keyfile</param> public void ImportFolder(string folderPath, X509KeyStorageFlags flags) { string[] files = System.IO.Directory.GetFiles(folderPath); if (files.IsNullOrEmpty()) { return; } X509Certificate2Collection certs = new X509Certificate2Collection(); foreach(string filePath in files) { certs.Clear(); certs.Import(filePath, null, flags); this.Add(certs); } }
private X509Certificate2 LoadFromFile(string path) { X509Certificate2Collection store = new X509Certificate2Collection(); store.Import(path); return store[0]; }
/// <summary> /// Used to extract a pfk from a file /// </summary> public X509Certificate2 ExtractPfxObject(string password) { var collection = new X509Certificate2Collection(); collection.Import(_publishSettingsFile, password, X509KeyStorageFlags.PersistKeySet); return collection[0]; }
/// <summary> /// Adds certificates to this store from a keyfile. /// </summary> /// <param name="filePath">The path to the keyfile</param> /// <param name="password">The keyfile password</param> /// <param name="flags">The <see cref="X509KeyStorageFlags"/> for the keyfile</param> public void ImportKeyFile(string filePath, string password, X509KeyStorageFlags flags) { X509Certificate2Collection certs = new X509Certificate2Collection(); certs.Import(filePath, password, flags); this.Add(certs); }
public void AzureCertificateTest() { StartTest(MethodBase.GetCurrentMethod().Name, testStartTime); vmPowershellCmdlets.NewAzureQuickVM(OS.Windows, vmName, serviceName, imageName, username, password, locationName); Console.WriteLine("Service Name: {0} is created. VM: {1} is created.", serviceName, vmName); // Certificate files to test string cerFileName = Convert.ToString(TestContext.DataRow["cerFileName"]); string pfxFileName = Convert.ToString(TestContext.DataRow["pfxFileName"]); string psswrd = Convert.ToString(TestContext.DataRow["password"]); string thumbprintAlgorithm = Convert.ToString(TestContext.DataRow["algorithm"]); // Create a certificate X509Certificate2 certCreated = Utilities.CreateCertificate(psswrd); byte[] certData = certCreated.Export(X509ContentType.Pfx, psswrd); File.WriteAllBytes(pfxFileName, certData); byte[] certData2 = certCreated.Export(X509ContentType.Cert); File.WriteAllBytes(cerFileName, certData2); // Install the .cer file to local machine. StoreLocation certStoreLocation = StoreLocation.CurrentUser; StoreName certStoreName = StoreName.My; X509Certificate2 installedCert = Utilities.InstallCert(cerFileName, certStoreLocation, certStoreName); // Certificate1: get it from the installed certificate. PSObject cert1 = vmPowershellCmdlets.RunPSScript( String.Format("Get-Item cert:\\{0}\\{1}\\{2}", certStoreLocation.ToString(), certStoreName.ToString(), installedCert.Thumbprint))[0]; string cert1data = Convert.ToBase64String(((X509Certificate2)cert1.BaseObject).RawData); // Certificate2: get it from .pfx file. X509Certificate2Collection cert2 = new X509Certificate2Collection(); cert2.Import(pfxFileName, psswrd, X509KeyStorageFlags.PersistKeySet); string cert2data = Convert.ToBase64String(cert2[0].RawData); // Certificate3: get it from .cer file. X509Certificate2Collection cert3 = new X509Certificate2Collection(); cert3.Import(cerFileName); string cert3data = Convert.ToBase64String(cert3[0].RawData); try { // Add a cert item vmPowershellCmdlets.AddAzureCertificate(serviceName, cert1); CertificateContext getCert1 = vmPowershellCmdlets.GetAzureCertificate(serviceName).FirstOrDefault(a => a.Thumbprint.Equals(installedCert.Thumbprint)); Console.WriteLine("Cert is added: {0}", getCert1.Thumbprint); Assert.AreEqual(getCert1.Data, cert1data, "Cert is different!!"); Thread.Sleep(TimeSpan.FromMinutes(2)); vmPowershellCmdlets.RemoveAzureCertificate(serviceName, getCert1.Thumbprint, thumbprintAlgorithm); pass = Utilities.CheckRemove(vmPowershellCmdlets.GetAzureCertificate, serviceName, getCert1.Thumbprint, thumbprintAlgorithm); // Add .pfx file vmPowershellCmdlets.AddAzureCertificate(serviceName, pfxFileName, psswrd); CertificateContext getCert2 = vmPowershellCmdlets.GetAzureCertificate(serviceName, cert2[0].Thumbprint, thumbprintAlgorithm)[0]; Console.WriteLine("Cert is added: {0}", cert2[0].Thumbprint); Assert.AreEqual(getCert2.Data, cert2data, "Cert is different!!"); Thread.Sleep(TimeSpan.FromMinutes(2)); vmPowershellCmdlets.RemoveAzureCertificate(serviceName, cert2[0].Thumbprint, thumbprintAlgorithm); pass &= Utilities.CheckRemove(vmPowershellCmdlets.GetAzureCertificate, serviceName, cert2[0].Thumbprint, thumbprintAlgorithm); // Add .cer file vmPowershellCmdlets.AddAzureCertificate(serviceName, cerFileName); CertificateContext getCert3 = vmPowershellCmdlets.GetAzureCertificate(serviceName, cert3[0].Thumbprint, thumbprintAlgorithm)[0]; Console.WriteLine("Cert is added: {0}", cert3[0].Thumbprint); Assert.AreEqual(getCert3.Data, cert3data, "Cert is different!!"); Thread.Sleep(TimeSpan.FromMinutes(2)); vmPowershellCmdlets.RemoveAzureCertificate(serviceName, cert3[0].Thumbprint, thumbprintAlgorithm); pass &= Utilities.CheckRemove(vmPowershellCmdlets.GetAzureCertificate, serviceName, cert3[0].Thumbprint, thumbprintAlgorithm); var certs = vmPowershellCmdlets.GetAzureCertificate(serviceName); Console.WriteLine("number of certs: {0}", certs.Count); Utilities.PrintContext(certs); } catch (Exception e) { pass = false; Assert.Fail(e.ToString()); } }
internal X509Certificate2Collection InitializeCertificateCollection() { FileInfo certFile = new FileInfo(this.GetUnresolvedProviderPathFromPSPath(this.FilePath)); if (!certFile.Exists) { throw new FileNotFoundException(string.Format(KeyVaultProperties.Resources.CertificateFileNotFound, this.FilePath)); } X509Certificate2Collection certificateCollection = new X509Certificate2Collection(); if (null == this.Password) { certificateCollection.Import(certFile.FullName); } else { certificateCollection.Import(certFile.FullName, this.Password.ConvertToString(), X509KeyStorageFlags.Exportable); } return certificateCollection; }
private static X509Certificate2Collection PEM(string pem) { // TODO: Test const string beginCert = "-----BEGIN CERTIFICATE-----"; const string endCert = "-----END CERTIFICATE-----"; var certificates = new X509Certificate2Collection(); int end; for (int start = pem.IndexOf(beginCert); start >= 0; start = pem.IndexOf(beginCert, end)) { start += beginCert.Length; end = pem.IndexOf(endCert, start); if (end == -1) throw new Exception(string.Format("'{0}' not found after index {1}", endCert, start)); byte[] rawData = Convert.FromBase64String(pem.Substring(start, end - start)); certificates.Import(rawData); } if (certificates.Count == 0) { throw new Exception("no certificates found"); } return certificates; }
public X509Certificate2 FindCert(out X509Certificate2Collection includedCerts) { includedCerts = null; X509Store store = null; try { // Get the pool of certificates to search X509Certificate2Collection pool; if (!string.IsNullOrEmpty(CertificateFile)) { // If there is a file, load that pool = new X509Certificate2Collection(); pool.Import(CertificateFile, Password, X509KeyStorageFlags.DefaultKeySet); includedCerts = pool; } else { // Otherwise, open the specified store store = new X509Store(StoreName ?? "My", MachineStore ? StoreLocation.LocalMachine : StoreLocation.CurrentUser); store.Open(OpenFlags.ReadOnly); // Code Signing EKU = 1.3.6.1.5.5.7.3.3 pool = store.Certificates .Find(X509FindType.FindByTimeValid, DateTime.Now, validOnly: false) .Find(X509FindType.FindByApplicationPolicy, "1.3.6.1.5.5.7.3.3", validOnly: false); } // Search! var query = pool; if (!string.IsNullOrEmpty(IssuerName)) { query = query.Find(X509FindType.FindByIssuerName, IssuerName, validOnly: false); } if (!string.IsNullOrEmpty(SubjectName)) { query = query.Find(X509FindType.FindBySubjectName, SubjectName, validOnly: false); } // Can't do RootName with the certificate collection if (!string.IsNullOrEmpty(Thumbprint)) { query = query.Find(X509FindType.FindByThumbprint, Thumbprint, validOnly: false); } if (AutoSelect) { // Find the one with the longest validity and use it as the signing cert var now = DateTime.Now; return query .Cast<X509Certificate2>() .OrderByDescending(c => c.HasEKU(Constants.CodeSigningOid)) .OrderByDescending(c => c.NotAfter - now) .FirstOrDefault(); } else { if (query.Count > 1) { AnsiConsole.Error.WriteLine(@"Multiple certificates were found that meet all the given criteria. Use the -a option to choose the best certificate automatically or use the -sha1 option with the hash of the desired certificate."); AnsiConsole.Error.WriteLine("The following certificates meet all given criteria:"); foreach (var cert in query) { AnsiConsole.Error.WriteLine(" Issued to: " + cert.SubjectName.CommonName()); AnsiConsole.Error.WriteLine(" Issued by: " + cert.IssuerName.CommonName()); AnsiConsole.Error.WriteLine(" Expires: " + cert.NotAfter.ToString("ddd MMM dd HH:mm:ss yyyy")); AnsiConsole.Error.WriteLine(" SHA1 hash: " + cert.Thumbprint); AnsiConsole.Error.WriteLine(""); } return null; } else if (query.Count == 0) { return null; } return query[0]; } } finally { if (store != null) { store.Close(); } } }
public void AzureCertificateTest() { StartTest(MethodBase.GetCurrentMethod().Name, testStartTime); // Certificate files to test string cerFileName = Convert.ToString(TestContext.DataRow["cerFileName"]); string pfxFileName = Convert.ToString(TestContext.DataRow["pfxFileName"]); string password = Convert.ToString(TestContext.DataRow["password"]); string thumbprintAlgorithm = Convert.ToString(TestContext.DataRow["algorithm"]); // Create a certificate X509Certificate2 certCreated = Utilities.CreateCertificate(password); byte[] certData = certCreated.Export(X509ContentType.Pfx, password); File.WriteAllBytes(pfxFileName, certData); byte[] certData2 = certCreated.Export(X509ContentType.Cert); File.WriteAllBytes(cerFileName, certData2); // Install the .cer file to local machine. StoreLocation certStoreLocation = StoreLocation.CurrentUser; StoreName certStoreName = StoreName.My; X509Certificate2 installedCert = Utilities.InstallCert(cerFileName, certStoreLocation, certStoreName); // Certificate1: get it from the installed certificate. PSObject cert1 = vmPowershellCmdlets.RunPSScript( String.Format("Get-Item cert:\\{0}\\{1}\\{2}", certStoreLocation.ToString(), certStoreName.ToString(), installedCert.Thumbprint))[0]; string cert1data = Convert.ToBase64String(((X509Certificate2)cert1.BaseObject).RawData); // Certificate2: get it from .pfx file. X509Certificate2Collection cert2 = new X509Certificate2Collection(); cert2.Import(pfxFileName, password, X509KeyStorageFlags.PersistKeySet); string cert2data = Convert.ToBase64String(cert2[0].RawData); // Certificate3: get it from .cer file. X509Certificate2Collection cert3 = new X509Certificate2Collection(); cert3.Import(cerFileName); string cert3data = Convert.ToBase64String(cert3[0].RawData); try { RemoveAllExistingCerts(defaultService); // Add a cert item vmPowershellCmdlets.AddAzureCertificate(defaultService, cert1); CertificateContext getCert1 = vmPowershellCmdlets.GetAzureCertificate(defaultService)[0]; Console.WriteLine("Cert is added: {0}", getCert1.Thumbprint); Assert.AreEqual(getCert1.Data, cert1data, "Cert is different!!"); vmPowershellCmdlets.RemoveAzureCertificate(defaultService, getCert1.Thumbprint, thumbprintAlgorithm); pass = Utilities.CheckRemove(vmPowershellCmdlets.GetAzureCertificate, defaultService, getCert1.Thumbprint, thumbprintAlgorithm); // Add .pfx file vmPowershellCmdlets.AddAzureCertificate(defaultService, pfxFileName, password); CertificateContext getCert2 = vmPowershellCmdlets.GetAzureCertificate(defaultService, cert2[0].Thumbprint, thumbprintAlgorithm)[0]; Console.WriteLine("Cert is added: {0}", cert2[0].Thumbprint); Assert.AreEqual(getCert2.Data, cert2data, "Cert is different!!"); vmPowershellCmdlets.RemoveAzureCertificate(defaultService, cert2[0].Thumbprint, thumbprintAlgorithm); pass &= Utilities.CheckRemove(vmPowershellCmdlets.GetAzureCertificate, defaultService, cert2[0].Thumbprint, thumbprintAlgorithm); // Add .cer file vmPowershellCmdlets.AddAzureCertificate(defaultService, cerFileName); CertificateContext getCert3 = vmPowershellCmdlets.GetAzureCertificate(defaultService, cert3[0].Thumbprint, thumbprintAlgorithm)[0]; Console.WriteLine("Cert is added: {0}", cert3[0].Thumbprint); Assert.AreEqual(getCert3.Data, cert3data, "Cert is different!!"); vmPowershellCmdlets.RemoveAzureCertificate(defaultService, cert3[0].Thumbprint, thumbprintAlgorithm); pass &= Utilities.CheckRemove(vmPowershellCmdlets.GetAzureCertificate, defaultService, cert3[0].Thumbprint, thumbprintAlgorithm); } catch (Exception e) { pass = false; Assert.Fail(e.ToString()); } finally { Utilities.UninstallCert(installedCert, certStoreLocation, certStoreName); RemoveAllExistingCerts(defaultService); } }
/// <summary> /// Sends a CyberSource transaction request. /// </summary> /// <param name="request">XmlDocument object containing the request.</param> /// <param name="config">Configuration object to use.</param> /// <returns>XmlDocument object containing the reply.</returns> public static XmlDocument RunTransaction( Configuration config, XmlDocument request) { Logger logger = null; string nspace = null; try { nspace = GetRequestNamespace(request); DetermineEffectiveMerchantID(ref config, request, nspace); SetVersionInformation(request, nspace); logger = PrepareLog(config); if (string.IsNullOrEmpty(nspace)) { throw new ApplicationException( REQUEST_MESSAGE + " is missing in the XML document."); } SetConnectionLimit(config); if (logger != null) { logger.LogRequest(request, config.Demo); } // obtain a copy of the request document enclosed in a SOAP envelope XmlDocument doc = SoapWrap(request, nspace); //Get the X509 cert and sign the SOAP Body string keyFilePath = Path.Combine(config.KeysDirectory, config.EffectiveKeyFilename); X509Certificate2 cert = null; X509Certificate2Collection collection = new X509Certificate2Collection(); collection.Import(keyFilePath, config.EffectivePassword, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet); foreach (X509Certificate2 cert1 in collection) { if (cert1.Subject.Contains(config.MerchantID)) { cert = cert1; break; } } SignDocument(cert, doc); // convert the document into an array of bytes using the // encoding specified in the XML declaration line. Encoding enc = GetEncoding(doc); byte[] requestBytes = enc.GetBytes(doc.OuterXml); // create an HttpWebRequest object and set its properties HttpWebRequest httpRequest = (HttpWebRequest)WebRequest.Create( config.EffectiveServerURL); httpRequest.Method = "POST"; httpRequest.ContentLength = requestBytes.Length; httpRequest.UserAgent = ".NET XML"; // set the timeout httpRequest.Timeout = config.Timeout * 1000; if (mProxy != null) { // assign our pre-created WebProxy object to the // HttpWebRequest object's Proxy property. httpRequest.Proxy = mProxy; } // obtain the request stream and write the byte array to it. Stream stream = httpRequest.GetRequestStream(); stream.Write(requestBytes, 0, requestBytes.Length); stream.Close(); // send request and get response. WebResponse webResponse = httpRequest.GetResponse(); // read returned XML document. XmlDocument reply = ReadXml(webResponse); XmlDocument unwrapped = SoapUnwrap(reply, nspace); if (logger != null) { logger.LogReply(unwrapped, config.Demo); } // return the XML document without the SOAP envelope. return (unwrapped); } catch (WebException we) { // if we got HTTP status 500 (Internal Server Error), it could // mean, the server threw a fault, in which case, we load the // xml document from the HTTP body and throw a FaultException. // The status would be ProtocolError if we did get HTTP 500 // and Response should not be null but we check for null just // in case. if (we.Status == WebExceptionStatus.ProtocolError && we.Response != null) { HttpWebResponse response = (HttpWebResponse)we.Response; // InternalServerError corresponds to HTTP 500. And we // proceed only if there's anything in the response body. // That is, the contentLength is greater than zero. if (response.StatusCode == HttpStatusCode.InternalServerError && response.ContentLength > 0) { try { // read the fault document and throw a // FaultException. FaultException fe = new FaultException( ReadXml(response), nspace); if (logger != null) { logger.LogFault(fe.LogString); } throw; } catch (XmlException) { if (logger != null) { logger.LogException(we); } // the response body is not a valid xml document. // It is therefore not a fault. Rethrow the // WebException object. throw; } } } if (logger != null) { logger.LogException(we); } // the server did not throw a fault. Rethrow the WebException // object. throw; } catch (Exception e) { if (logger != null) { logger.LogException(e); } throw; } }
/// <summary> /// Sends a CyberSource transaction request. /// </summary> /// <param name="config">Configuration object to use.</param> /// <param name="request">Hashtable containing the request fields and their values.</param> /// <returns>Hashtable containing the reply fields and their values.</returns> public static Hashtable RunTransaction( Configuration config, Hashtable request) { Logger logger=null; NVPTransactionProcessorClient proc=null; try { DetermineEffectiveMerchantID(ref config, request); SetVersionInformation(request); logger = PrepareLog(config); SetConnectionLimit(config); //Setup custom binding with HTTPS + Body Signing CustomBinding currentBinding = getWCFCustomBinding(); //Setup endpoint Address with dns identity AddressHeaderCollection headers = new AddressHeaderCollection(); EndpointAddress endpointAddress = new EndpointAddress(new Uri(config.EffectiveServerURL), EndpointIdentity.CreateDnsIdentity(config.EffectivePassword), headers); //Get instance of service using (proc = new NVPTransactionProcessorClient(currentBinding, endpointAddress)) { //Set protection level to sign only proc.Endpoint.Contract.ProtectionLevel = System.Net.Security.ProtectionLevel.Sign; // set the timeout TimeSpan timeOut = new TimeSpan(0, 0, 0, config.Timeout, 0); currentBinding.SendTimeout = timeOut; string keyFilePath = Path.Combine(config.KeysDirectory, config.EffectiveKeyFilename); proc.ClientCredentials.ClientCertificate.Certificate = new X509Certificate2(keyFilePath, config.EffectivePassword, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet); proc.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None; // Changes for SHA2 certificates support X509Certificate2Collection collection = new X509Certificate2Collection(); collection.Import(keyFilePath, config.EffectivePassword, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet); foreach (X509Certificate2 cert1 in collection) { if (cert1.Subject.Contains(config.MerchantID)) { proc.ClientCredentials.ClientCertificate.Certificate = cert1; proc.ClientCredentials.ServiceCertificate.DefaultCertificate = cert1; break; } } if (logger != null) { logger.LogRequest(request, config.Demo); } // send request now, converting the hashtable request into // a string, and the string reply back into a hashtable. string resp = proc.runTransaction(Hash2String(request)); Hashtable reply = String2Hash(resp); if (logger != null) { logger.LogReply(reply, config.Demo); } return (reply); } } catch (Exception e) { if (logger != null) { logger.LogException(e); } if (proc != null) { proc.Abort(); } throw; } finally { if (proc != null) { proc.Close(); } } }
/// <summary>Gets the strong name key pair from PFX.</summary> /// <param name="pfxFile">The PFX file.</param> /// <param name="password">The password.</param> /// <returns>Key pair.</returns> /// <exception cref="System.ArgumentException">pfxFile</exception> public static StrongNameKeyPair GetStrongNameKeyPairFromPfx(string pfxFile, string password) { // http://stackoverflow.com/questions/7556846/how-to-use-strongnamekeypair-with-a-password-protected-keyfile-pfx var certs = new X509Certificate2Collection(); certs.Import(pfxFile, password, X509KeyStorageFlags.Exportable); if (certs.Count == 0) throw new ArgumentException(null, "pfxFile"); var provider = certs[0].PrivateKey as RSACryptoServiceProvider; if (provider == null) // not a good pfx file throw new ArgumentException(null, "pfxFile"); return new StrongNameKeyPair(provider.ExportCspBlob(false)); }
private bool TryPassword(string password) { try { var collection = new X509Certificate2Collection(); collection.Import(certificatePath.Text, password, X509KeyStorageFlags.PersistKeySet); return true; } catch (Exception) { return false; } }
/// <summary> /// Imports certificates and keys from a pkcs12-encoded stream. /// </summary> /// <remarks> /// Imports certificates and keys from a pkcs12-encoded stream. /// </remarks> /// <param name="stream">The raw certificate and key data.</param> /// <param name="password">The password to unlock the stream.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="stream"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="password"/> is <c>null</c>.</para> /// </exception> /// <exception cref="System.NotSupportedException"> /// Importing keys is not supported by this cryptography context. /// </exception> public override void Import (Stream stream, string password) { if (stream == null) throw new ArgumentNullException ("stream"); if (password == null) throw new ArgumentNullException ("password"); var rawData = ReadAllBytes (stream); var store = new X509Store (StoreName.My, StoreLocation); var certs = new X509Certificate2Collection (); store.Open (OpenFlags.ReadWrite); certs.Import (rawData, password, X509KeyStorageFlags.UserKeySet); store.AddRange (certs); store.Close (); }
internal X509Certificate2Collection LoadCertificateFromFile() { FileInfo certFile = new FileInfo(this.GetUnresolvedProviderPathFromPSPath(this.FilePath)); if (!certFile.Exists) { throw new FileNotFoundException(string.Format(KeyVaultProperties.Resources.CertificateFileNotFound, this.FilePath)); } var certificates = new X509Certificate2Collection(); certificates.Import(certFile.FullName); return certificates; }