-
Notifications
You must be signed in to change notification settings - Fork 4.6k
/
Cert.cs
122 lines (108 loc) · 5.15 KB
/
Cert.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
namespace System.Security.Cryptography.X509Certificates.Tests
{
//
// Helper class centralizes all loading of PFX's. Loading PFX's is a problem because of the key on disk that it creates and gets left behind
// if the certificate isn't properly disposed. Properly disposing PFX's imported into a X509Certificate2Collection is a pain because X509Certificate2Collection
// doesn't implement IDisposable. To make this easier, we wrap these in an ImportedCollection class that does implement IDisposable.
//
internal static class Cert
{
// netstandard: DefaultKeySet
// netcoreapp-OSX: DefaultKeySet
// netcoreapp-other: EphemeralKeySet
internal static readonly X509KeyStorageFlags EphemeralIfPossible =
#if !NO_EPHEMERALKEYSET_AVAILABLE
!OperatingSystem.IsMacOS() ? X509KeyStorageFlags.EphemeralKeySet :
#endif
X509KeyStorageFlags.DefaultKeySet;
//
// The Import() methods have an overload for each X509Certificate2Collection.Import() overload.
//
// Do not refactor this into a call to Import(byte[], string, X509KeyStorageFlags). The test meant to exercise
// the api that takes only one argument.
public static ImportedCollection Import(byte[] rawData)
{
X509Certificate2Collection collection = new X509Certificate2Collection();
collection.Import(rawData);
return new ImportedCollection(collection);
}
public static ImportedCollection Import(ReadOnlySpan<byte> rawData)
{
X509Certificate2Collection collection = new X509Certificate2Collection();
collection.Import(rawData);
return new ImportedCollection(collection);
}
public static ImportedCollection Import(byte[] rawData, string password, X509KeyStorageFlags keyStorageFlags)
{
X509Certificate2Collection collection = new X509Certificate2Collection();
collection.Import(rawData, password, keyStorageFlags);
return new ImportedCollection(collection);
}
public static ImportedCollection Import(ReadOnlySpan<byte> rawData, ReadOnlySpan<char> password, X509KeyStorageFlags keyStorageFlags)
{
X509Certificate2Collection collection = new X509Certificate2Collection();
collection.Import(rawData, password, keyStorageFlags);
return new ImportedCollection(collection);
}
// Do not refactor this into a call to Import(string, string, X509KeyStorageFlags). The test meant to exercise
// the api that takes only one argument.
public static ImportedCollection Import(string fileName)
{
X509Certificate2Collection collection = new X509Certificate2Collection();
collection.Import(fileName);
return new ImportedCollection(collection);
}
public static ImportedCollection Import(string fileName, string password, X509KeyStorageFlags keyStorageFlags)
{
X509Certificate2Collection collection = new X509Certificate2Collection();
collection.Import(fileName, password, keyStorageFlags);
return new ImportedCollection(collection);
}
public static ImportedCollection Import(string fileName, ReadOnlySpan<char> password, X509KeyStorageFlags keyStorageFlags)
{
X509Certificate2Collection collection = new X509Certificate2Collection();
collection.Import(fileName, password, keyStorageFlags);
return new ImportedCollection(collection);
}
public static ImportedCollection ImportFromPem(ReadOnlySpan<char> certPem)
{
X509Certificate2Collection collection = new X509Certificate2Collection();
collection.ImportFromPem(certPem);
return new ImportedCollection(collection);
}
public static ImportedCollection ImportFromPemFile(string certPemFilePath)
{
X509Certificate2Collection collection = new X509Certificate2Collection();
collection.ImportFromPemFile(certPemFilePath);
return new ImportedCollection(collection);
}
}
//
// Wraps an X509Certificate2Collection in an IDisposable for easier cleanup.
//
internal sealed class ImportedCollection : IDisposable
{
public ImportedCollection(X509Certificate2Collection collection)
{
// Make an independent copy of the certs to dispose (in case the test mutates the collection after we return.)
_certs = new X509Certificate2[collection.Count];
collection.CopyTo(_certs, 0);
Collection = collection;
}
public X509Certificate2Collection Collection { get; }
public void Dispose()
{
if (_certs != null)
{
foreach (X509Certificate2 cert in _certs)
{
cert.Dispose();
}
_certs = null;
}
}
private X509Certificate2[] _certs;
}
}