private static SpkiHashesModel CalculateHashes(X509Certificate2 certificate, bool reportOnly, PublicPinnedKeys pinnedKeys) { var sha256 = CertificateHashBuilder.BuildHashForPublicKey <SHA256CryptoServiceProvider>(certificate); var model = new SpkiHashesModel { Hashes = new ObservableCollection <SpkiHashModel> { new SpkiHashModel { ReportOnly = reportOnly, Algorithm = PinAlgorithm.SHA256, HashBase64 = sha256, IsPinned = pinnedKeys?.PinnedKeys?.Any(pk => pk.FingerprintBase64 == sha256) ?? false }, } }; return(model); }
private CertificateModel AssignCertificate(X509ChainElement chainElement, bool reportOnly, PublicPinnedKeys pinnedKey, X509Chain chain, int index) { var certificate = chainElement.Certificate; var algorithmBits = BitStrengthCalculator.CalculateStrength(certificate); var dn = DistinguishedNameParser.Parse(certificate.Subject); return(new CertificateModel { CommonName = dn.ContainsKey("cn") ? dn["cn"].FirstOrDefault() ?? certificate.Thumbprint : certificate.Thumbprint, Thumbprint = certificate.Thumbprint, DistinguishedName = dn, SubjectAlternativeName = certificate.Extensions[KnownOids.X509Extensions.SubjectAltNameExtension]?.Format(false) ?? "None", PublicKey = new PublicKeyModel { Algorithm = algorithmBits.AlgorithmName, KeySizeBits = algorithmBits.BitSize, PublicKey = certificate.PublicKey.EncodedKeyValue.RawData }, BeginDate = certificate.NotBefore, EndDate = certificate.NotAfter, SerialNumber = certificate.SerialNumber ?? "None", SignatureAlgorithm = new SignatureAlgorithmModel { SignatureAlgorithm = certificate.SignatureAlgorithm, IsTrustedRoot = _rootStore.Certificates.Contains(certificate) || _userStore.Certificates.Contains(certificate) }, CertificateType = index == 0 ? GetCertificateType(certificate, chain) : CertificateType.None, Errors = new AsyncProperty <CertificateErrors>(Task.Factory.StartNew(() => CertificateErrorsCalculator.GetCertificateErrors(chainElement))), SpkiHashes = new AsyncProperty <SpkiHashesModel>(Task.Factory.StartNew(() => CalculateHashes(chainElement.Certificate, reportOnly, pinnedKey))), InstallCommand = new RelayCommand(parameter => CertificateUI.ShowImportCertificate(chainElement.Certificate, FiddlerApplication.UI)), ViewCommand = new RelayCommand(parameter => CertificateUI.ShowCertificate(chainElement.Certificate, FiddlerApplication.UI)) }); }
private static SpkiHashesModel CalculateHashes(X509Certificate2 certificate, bool reportOnly, PublicPinnedKeys pinnedKeys) { var sha256 = CertificateHashBuilder.BuildHashForPublicKeyBinary<SHA256CryptoServiceProvider>(certificate); var model = new SpkiHashesModel { Hashes = new ObservableCollection<SpkiHashModel> { new SpkiHashModel { ReportOnly = reportOnly, Algorithm = PinAlgorithm.SHA256, Hash = sha256, IsPinned = pinnedKeys?.PinnedKeys?.Any(pk => pk.Fingerprint.SequenceEqual(sha256)) ?? false }, } }; return model; }
private CertificateModel AssignCertificate(X509ChainElement chainElement, bool reportOnly, PublicPinnedKeys pinnedKey, X509Chain chain, int index) { var certificate = chainElement.Certificate; var algorithmBits = BitStrengthCalculator.CalculateStrength(certificate); var dn = DistinguishedNameParser.Parse(certificate.Subject); return new CertificateModel { CommonName = dn.ContainsKey("cn") ? dn["cn"].FirstOrDefault() ?? certificate.Thumbprint : certificate.Thumbprint, Thumbprint = certificate.Thumbprint, DistinguishedName = dn, SubjectAlternativeName = certificate.Extensions[KnownOids.X509Extensions.SubjectAltNameExtension]?.Format(false) ?? "None", PublicKey = new PublicKeyModel { Algorithm = algorithmBits.AlgorithmName, KeySizeBits = algorithmBits.BitSize, PublicKey = certificate.PublicKey.EncodedKeyValue.RawData }, BeginDate = certificate.NotBefore, EndDate = certificate.NotAfter, SerialNumber = certificate.SerialNumber ?? "None", SignatureAlgorithm = new SignatureAlgorithmModel { SignatureAlgorithm = certificate.SignatureAlgorithm, IsTrustedRoot = _rootStore.Certificates.Contains(certificate) || _userStore.Certificates.Contains(certificate) }, CertificateType = index == 0 ? GetCertificateType(certificate, chain) : CertificateType.None, CertificateCtModel = new AsyncProperty<CertificateCtModel>(Task.Factory.StartNew(() => GetCtModel(certificate))), Errors = new AsyncProperty<CertificateErrors>(Task.Factory.StartNew(() => CertificateErrorsCalculator.GetCertificateErrors(chainElement))), SpkiHashes = new AsyncProperty<SpkiHashesModel>(Task.Factory.StartNew(() => CalculateHashes(chainElement.Certificate, reportOnly, pinnedKey))), InstallCommand = new RelayCommand(parameter => CertificateUI.ShowImportCertificate(chainElement.Certificate, FiddlerApplication.UI)), ViewCommand = new RelayCommand(parameter => CertificateUI.ShowCertificate(chainElement.Certificate, FiddlerApplication.UI)), BrowseCommand = new RelayCommand(parameter => { var uri = parameter as Uri; if (uri?.Scheme == Uri.UriSchemeHttps) { Process.Start(uri.AbsoluteUri); } }) }; }
private CertificateModel AssignCertificate(X509ChainElement chainElement, bool reportOnly, PublicPinnedKeys pinnedKey) { var certificate = chainElement.Certificate; var algorithmBits = BitStrengthCalculator.CalculateStrength(certificate); var dn = DistinguishedNameParser.Parse(certificate.Subject); return new CertificateModel { CommonName = dn.ContainsKey("cn") ? dn["cn"].FirstOrDefault() ?? certificate.Thumbprint : certificate.Thumbprint, Thumbprint = certificate.Thumbprint, SubjectAlternativeName = certificate.Extensions[KnownOids.X509Extensions.SubjectAltNameExtension]?.Format(false) ?? "None", PublicKey = new PublicKeyModel { Algorithm = algorithmBits.AlgorithmName, KeySizeBits = algorithmBits.BitSize, PublicKey = certificate.PublicKey.EncodedKeyValue.RawData }, BeginDate = certificate.NotBefore, EndDate = certificate.NotAfter, SignatureAlgorithm = new SignatureAlgorithmModel { SignatureAlgorithm = certificate.SignatureAlgorithm, IsTrustedRoot = _rootStore.Certificates.Contains(certificate) || _userStore.Certificates.Contains(certificate) }, Errors = new AsyncProperty<CertificateErrors>(Task.Factory.StartNew(() => CertificateErrorsCalculator.GetCertificateErrors(chainElement))), SpkiHashes = new AsyncProperty<SpkiHashesModel>(Task.Factory.StartNew(() => CalculateHashes(chainElement.Certificate, reportOnly, pinnedKey))), InstallCommand = new RelayCommand(parameter => CertificateUI.ShowImportCertificate(chainElement.Certificate)), ViewCommand = new RelayCommand(parameter => CertificateUI.ShowCertificate(chainElement.Certificate)) }; }