Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Enhanced X509Store & certmgr to allow importing a private keys along with certificates to stores. #16

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
pruiz wants to merge 16 commits into from
Closed

Enhanced X509Store & certmgr to allow importing a private keys along with certificates to stores. #16

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
eb64449
[API] Implemented System.Transactions (tx preparation) timeout handling
pruiz Oct 3, 2010
3269cc5
[FIX] Fixes https://bugzilla.novell.com/show_bug.cgi?id=643368 (Trans…
pruiz Oct 3, 2010
e17c364
Merge remote branch 'upstream/master'
pruiz Oct 3, 2010
f38857b
Fixed conding style and added license/copyright header to new files
pruiz Oct 3, 2010
4b5bc91
merged upstream changes
pruiz Oct 4, 2010
2e8e467
Revert "merged upstream changes"
pruiz Oct 4, 2010
ab96f6f
merged upstream changes
pruiz Oct 5, 2010
15eca56
Merge remote branch 'upstream/master'
pruiz Oct 19, 2010
2abfbdf
Merge remote branch 'upstream/master'
pruiz Oct 24, 2010
a2aed3f
Implemented DataTypeAttribute:IsValid (as per MSDN). This allows runn…
pruiz Oct 24, 2010
148ae9a
Modified MSX.X509Store to allow importing privateKeys along certifica…
pruiz Oct 20, 2010
9d32095
Fixed X509Store to use certificate's hash as CspParameters.KeyContain…
pruiz Oct 21, 2010
cf102f8
RSACryptoServiceProvider will not take into account CspParameterFlags…
pruiz Oct 21, 2010
f1a24aa
Fixed a few more style issues.
pruiz Oct 23, 2010
8513d25
Updated certmgr man page ti reflect -importKey addition.
pruiz Oct 23, 2010
38412ad
Fixed an NRE bug introduced by me on a previous change.
pruiz Oct 23, 2010
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 18 additions & 1 deletion man/certmgr.1
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
.\"
.\" certmgr manual page.
.\" Copyright 2004-2005 Novell
.\" Copyright 2010 Pablo Ruiz
.\" Author:
.\" Sebastien Pouliot <[email protected]>
.\" Pablo Ruiz Garcia <[email protected]>
.\"
.TH Mono "certmgr"
.SH NAME
Expand All @@ -24,7 +26,9 @@ server certificates.
List the certificates, CTL or CTL in the specified store.
.TP
.I "-add"
Add a certificate, CRL or CTL to specified store.
Add a certificate, CRL or CTL to specified store. If filename it's a pkcs12
or pfx file, and it contains a private key, it will be imported to local key
pair container.
.TP
.I "-del"
Remove a certificate, CRL or CTL from specified store. You must specify the
Expand All @@ -44,6 +48,11 @@ This action assume an certificate (-c) object type and will import the
certificates in appropriate stores (i.e. server certificate in the
OtherPeople store, the root certificate in the Trust store, any other
intermediate certificates in the IntermediateCA store).
.TP
.I "-importKey"
Allows importing a private key from a pkcs12 file into a local key pair
store. (Usefull when you already have the key's corresponding certificate
installed at the specific store.)

.SH OBJECT TYPES
.TP
Expand All @@ -66,6 +75,9 @@ Use the machine's certificate stores (instead of the default user's stores).
.I "-v"
More details displayed on the console.
.TP
.I "-p password"
Use the specify password when accessing a pkcs12 file.
.TP
.I "-help", "-h", "-?", "/?"
Display help about this tool.

Expand All @@ -88,6 +100,9 @@ The filenames either starts with
(subject key identifier).
.TP
The rest of the filename is the base64-encoded value (tbp or ski).
.TP
Private key data is stored under
.I ~/.config/.mono/keypairs/

.SH EXAMPLES
.TP
Expand Down Expand Up @@ -140,6 +155,8 @@ element of your machine.config file.

.SH AUTHOR
Written by Sebastien Pouliot

Minor additions by Pablo Ruiz García
.SH COPYRIGHT
Copyright (C) 2004-2005 Novell.
.SH MAILING LISTS
Expand Down
77 changes: 71 additions & 6 deletions mcs/class/Mono.Security/Mono.Security.X509/X509Store.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,10 @@
//
// Author:
// Sebastien Pouliot <[email protected]>
// Pablo Ruiz <[email protected]>
//
// Copyright (C) 2004 Novell, Inc (http://www.novell.com)
// (C) 2010 Pablo Ruiz.
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
Expand All @@ -30,8 +32,10 @@
using System.Collections;
using System.Globalization;
using System.IO;
using System.Text;

using System.Text;
using System.Security.Cryptography;

using Mono.Security.Cryptography;
using Mono.Security.X509.Extensions;

namespace Mono.Security.X509 {
Expand All @@ -41,8 +45,8 @@ namespace Mono.Security.X509 {
#else
public
#endif
class X509Store {

class X509Store {
private string _storePath;
private X509CertificateCollection _certificates;
private ArrayList _crls;
Expand Down Expand Up @@ -114,6 +118,16 @@ public void Import (X509Certificate certificate)
fs.Close ();
}
}

// Try to save privateKey if available..
CspParameters cspParams = new CspParameters ();
cspParams.KeyContainerName = CryptoConvert.ToHex (certificate.Hash);

// Right now this seems to be the best way to know if we should use LM store.. ;)
if (_storePath.StartsWith (X509StoreManager.LocalMachinePath))
cspParams.Flags = CspProviderFlags.UseMachineKeyStore;

ImportPrivateKey (certificate, cspParams);
}

public void Import (X509Crl crl)
Expand All @@ -127,7 +141,7 @@ public void Import (X509Crl crl)
fs.Write (data, 0, data.Length);
}
}
}
}

public void Remove (X509Certificate certificate)
{
Expand Down Expand Up @@ -188,14 +202,15 @@ private byte[] GetUniqueName (X509ExtensionCollection extensions)
private string GetUniqueName (string method, byte[] name, string fileExtension)
{
StringBuilder sb = new StringBuilder (method);

sb.Append ("-");
foreach (byte b in name) {
sb.Append (b.ToString ("X2", CultureInfo.InvariantCulture));
}
sb.Append (fileExtension);

return sb.ToString ();
}
}

private byte[] Load (string filename)
{
Expand All @@ -212,6 +227,21 @@ private X509Certificate LoadCertificate (string filename)
{
byte[] data = Load (filename);
X509Certificate cert = new X509Certificate (data);

// If privateKey it's available, load it too..
CspParameters cspParams = new CspParameters ();
cspParams.KeyContainerName = CryptoConvert.ToHex (cert.Hash);
cspParams.Flags = CspProviderFlags.UseMachineKeyStore;
KeyPairPersistence kpp = new KeyPairPersistence (cspParams);

if (!kpp.Load ())
return cert;

if (cert.RSA != null)
cert.RSA = new RSACryptoServiceProvider (cspParams);
else if (cert.DSA != null)
cert.DSA = new DSACryptoServiceProvider (cspParams);

return cert;
}

Expand Down Expand Up @@ -282,6 +312,41 @@ private ArrayList BuildCrlsCollection (string storeName)
}
}
return list;
}

private void ImportPrivateKey(X509Certificate certificate, CspParameters cspParams)
{
RSACryptoServiceProvider rsaCsp = certificate.RSA as RSACryptoServiceProvider;
if (rsaCsp != null) {
if (rsaCsp.PublicOnly)
return;

RSACryptoServiceProvider csp = new RSACryptoServiceProvider(cspParams);
csp.ImportParameters(rsaCsp.ExportParameters(true));
csp.PersistKeyInCsp = true;
return;
}

RSAManaged rsaMng = certificate.RSA as RSAManaged;
if (rsaMng != null) {
if (rsaMng.PublicOnly)
return;

RSACryptoServiceProvider csp = new RSACryptoServiceProvider(cspParams);
csp.ImportParameters(rsaMng.ExportParameters(true));
csp.PersistKeyInCsp = true;
return;
}

DSACryptoServiceProvider dsaCsp = certificate.DSA as DSACryptoServiceProvider;
if (dsaCsp != null) {
if (dsaCsp.PublicOnly)
return;

DSACryptoServiceProvider csp = new DSACryptoServiceProvider(cspParams);
csp.ImportParameters(dsaCsp.ExportParameters(true));
csp.PersistKeyInCsp = true;
}
}
}
}
50 changes: 33 additions & 17 deletions mcs/class/Mono.Security/Mono.Security.X509/X509StoreManager.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,39 +41,55 @@ namespace Mono.Security.X509 {
#else
public
#endif
sealed class X509StoreManager {

sealed class X509StoreManager {

static private string _userPath;
static private string _localMachinePath;
static private X509Stores _userStore;
static private X509Stores _machineStore;

private X509StoreManager ()
{
}

static public X509Stores CurrentUser {
get {
if (_userStore == null) {
string _userPath = Path.Combine (
Environment.GetFolderPath (Environment.SpecialFolder.ApplicationData),
internal static string CurrentUserPath {
get {
if (_userPath == null) {
_userPath = Path.Combine(
Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData),
".mono");
_userPath = Path.Combine(_userPath, "certs");
}
return _userPath;
}
}

internal static string LocalMachinePath {
get {
if (_localMachinePath == null) {
_localMachinePath = Path.Combine (
Environment.GetFolderPath (Environment.SpecialFolder.CommonApplicationData),
".mono");
_userPath = Path.Combine (_userPath, "certs");
_localMachinePath = Path.Combine (_localMachinePath, "certs");
}
return _localMachinePath;
}
}

_userStore = new X509Stores (_userPath);
}
static public X509Stores CurrentUser {
get {
if (_userStore == null)
_userStore = new X509Stores(CurrentUserPath);

return _userStore;
}
}

static public X509Stores LocalMachine {
get {
if (_machineStore == null) {
string _machinePath = Path.Combine (
Environment.GetFolderPath (Environment.SpecialFolder.CommonApplicationData),
".mono");
_machinePath = Path.Combine (_machinePath, "certs");
if (_machineStore == null)
_machineStore = new X509Stores (LocalMachinePath);

_machineStore = new X509Stores (_machinePath);
}
return _machineStore;
}
}
Expand Down
5 changes: 3 additions & 2 deletions ...ComponentModel.DataAnnotations/System.ComponentModel.DataAnnotations/DataTypeAttribute.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,10 +74,11 @@ public virtual string GetDataTypeName ()
return dt.ToString ();
}

[MonoTODO]
public override bool IsValid (object value)
{
throw new NotImplementedException ();
// Returns alwasy true
// See: http://msdn.microsoft.com/en-us/library/cc679235.aspx
return true;
}
}
}
Loading