To format any document (.cs,XML,aspx,HTML etc) in visual studio 2008
use the following key combinations:
To format whole document : ctrl +k ,(followed by) ctrl + d
To format the selection : ctrl +k, (followed by) ctrl +f
Thanks and Regards
Meetu Choudhary
Friday, June 5, 2009
Wednesday, June 3, 2009
Accessing the properties of a digital signature
Accessing the properties of a digital signature
Now once we have selected the certificate. We need to access the properties of the certificate. Here is a small piece of code to access all the properties which may be helpful to us for any context.
before accessing these properties we have to set the certificate object. for that you can get the code from any of the two previous articles.
1. Article link , Mirror link
2. Article link , Mirror link
Now once we have the certificate (X509Certificate2 x509_2;)
we can o with the following code
[code]
///
/// Set All the Properties of the Certificate
///
public Boolean SetProperties()
{
if (x509_2 != null)
{
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509_2.PublicKey.Key;
_PublicKey_Key =_PublicKeyXML = rsa.ToXmlString(false);
//_PrivateKeyXML = rsa.ToXmlString(true );
_PrivateKeyXML=_Private_Key = x509_2.PrivateKey.ToXmlString(false);
_PKeyExchangeAlgorithm = x509_2.PrivateKey.KeyExchangeAlgorithm;
_PublicKey = x509_2.GetPublicKeyString();
//_PublicKey_Key = Convert.ToString(x509_2.PublicKey.Key);
_SerialNumber = x509_2.GetPublicKeyString();
_Thumbprint = x509_2.Thumbprint;
_RawCertDataString = x509_2.GetRawCertDataString();
_FriendlyName = x509_2.FriendlyName;
_HashString = x509_2.GetCertHashString();
_EffectiveDate = x509_2.GetEffectiveDateString();
_ExpirationDate = x509_2.GetExpirationDateString();
_Format = x509_2.GetFormat();
_IssuerName = x509_2.GetIssuerName();
_KeyAlgorithm = x509_2.GetKeyAlgorithm();
_KeyAlgorithmParameters = x509_2.GetKeyAlgorithmParametersString();
_CertName = x509_2.GetName();
_CertSubject = x509_2.Subject;
_CertVersion = x509_2.Version;
_SignatureAlgorithm_Value = x509_2.SignatureAlgorithm.Value;
_SignatureAlgorithm_ToString = x509_2.SignatureAlgorithm.ToString();
_SignatureAlgorithm_FriendlyName = x509_2.SignatureAlgorithm.FriendlyName;
return true;
}
else { return false; }
}
[/code]
Thanks and Regards
Meetu Choudhary
Open Certificate Stores Including Certificates in Token
Open Certificate Stores Including Certificates in Token
In My Previous article Mirror Link I have shown how to open a certificate store (Machine certificate store which is displayed in the Internet Explorer.) but the drawback of that code was it can't open the certificates stored in the token. so here is another method which will overcome the drawback stated above. It will open the certificates of the machine store as well as of the tokens.
[code]
///
/// Opens the Certificate Store of IE including the Certificates in Token
///
/// The variable passed to store the reason if function returns false
///
public Boolean OpenStoreToken(ref string popupScript)
{
x509_2 = null;
//Create and Initilaize a variable of x509Store providing the store name and the store location
X509Store st = new X509Store(StoreName.My, StoreLocation.CurrentUser);
//Create X509Certificate2Collection
X509Certificate2Collection col = new X509Certificate2Collection();
//Create X509Certificate2Collection
X509Certificate2Collection sel = new X509Certificate2Collection();
//Create X509Certificate2Enumerator
X509Certificate2Enumerator en;// =new X509Certificate2Enumerator();
//Open the Store for readonly purpose
st.Open(OpenFlags.ReadOnly);
//set the col i.e. X509Certificate2Collection to the collection of the certificates stored in the IE and the Token
col = st.Certificates;
//set the sel i.e. X509Certificate2Collection which actuly displays a dialog box for selecting an X.509 certificate from a certificate collection.
sel = X509Certificate2UI.SelectFromCollection(col, "Certificates", "Select one to sign", X509SelectionFlag.SingleSelection);
if (sel.Count > 0)
{
en = sel.GetEnumerator();
en.MoveNext();
x509_2 = en.Current;
}
st.Close();
if (x509_2 == null)
{
popupScript = "You didn't select a certificate!!!";
return false;
}
else
{
return true;
}
}
[/code]
Thanks and Regards
Meetu Choudhary
Thursday, May 28, 2009
Open Certificate Stores
Open Certificate Stores
I am working on Digital Signatures with ASP.Net. Once in a life time for a programmer we get a chance to work for security or with security and even myself is not an exception . I have to work with digital signatures to achieve security and I searched a lot in internet to achieve what i need and I am still in the process to learn more but in this journey I have found many things but most of them were related to java and applets as I was form .net domain I had to work on it. So here I am Starting the discussion with the first obstacle I met, it is to open a certificate store as of Internet Explorer... I am calling it first as I need not to generate the digital signature as I have them which were already issued by the authorized CA. still if you want to have a look then you can go through the link where i have explained how to create a certificate.. or the mirror link...
Proceeding further... I have encountered two ways to open a certificate store discussing them here..
Method One:
Certfun is a class which i found on the Internet which i don't remember where exactly but i have modified that class as i found that code in vb and i need that in C# so i will paste the code at the end
Limitation:-- This will not open the certificate in the token.
[code]
///
/// Opens the Certificate Store of IE Excluding the Certificates in Token
///
/// The variable passed to store the reason if function returns false
///
public Boolean OpenStoreIE(ref string popupScript)
{
x509_2 = null;
//declare a pointer and initilize it with Zero This pointer will hold the value returened by opening the Store
IntPtr hCertStore = IntPtr.Zero;
//declare a pointer and initilize it with Zero This pointer will hold the value returened by selecting the certificate from the store
IntPtr pCertContext = IntPtr.Zero;
//Declare a string and Intilaize it with the store name to open by default it is 'My' Stroe from where we store or install the certificates
string kk = "MY";
//Declaring a StringBuilder Object to hold the NameString of the certificate
StringBuilder NS = new StringBuilder(128);
//To hold the size
int provinfosize = 0;
//Opens the Store and returns a pointer handler of the Store.
hCertStore = CertFun.CertOpenSystemStore(IntPtr.Zero, kk);
//Will returns the pointer handler of the selected certificate
pCertContext = CertFun.CryptUIDlgSelectCertificateFromStore(hCertStore, IntPtr.Zero, "Personal Store", "Please select a PKC12 (.pfx) Certificate and press ok", cf.CRYPTUI_SELECT_LOCATION_COLUMN, 0, IntPtr.Zero);
//Testing if the pointer handler is equal to zero then informing the user that no certificate is selected and exiting the function
if (pCertContext.Equals(IntPtr.Zero))
{
popupScript = "You didn't select a certificate!!!";
//ScriptManager.RegisterClientScriptBlock(Page, this.GetType(), "nocert", popupScript, false);
return false;
}
//check certificate is PKCS12
if (!CertFun.CertGetCertificateContextProperty(pCertContext, cf.CERT_KEY_PROV_INFO_PROP_ID, IntPtr.Zero, ref provinfosize))
{
//Check the pointer handler if it is not eqal to zero then
if (!(pCertContext.Equals(IntPtr.Zero)))
{
//free the pointer handler as the certificate is not PKCS12
CertFun.CertFreeCertificateContext(pCertContext);
}
//Display a message and exit from the function
popupScript = "Selected certificate is not PKCS12. Please select a PKCS12 certificate!!!";
//ScriptManager.RegisterClientScriptBlock(Page, this.GetType(), "invalidcert", popupScript, false);
return false;
}
else
{
// yes pkcs12
//need not to do anything here
}
//Get Name String for the Certificate into your stringbuilder created above
if ((CertFun.CertGetNameString(pCertContext, cf.CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, IntPtr.Zero, NS, 128)))
{
}
else
{
// Can Display the message here that certificate name failed
//in my case no requirement to display this message
}
//Now store the user selected certificate into the global static variable for later use
x509_2 = new X509Certificate2(pCertContext);
return true;
}
[/code]
CertFun
[code]
using
System;
using
System.Runtime.InteropServices;
using
System.Security.Cryptography;
using
System.Text;
namespace
Secure_Login
{
///
/// Summary description for CertFun
/// class which will handle and implemet the delegates
///
public class CertFun
{
[StructLayout(LayoutKind.Sequential)]
public struct CRYPTUI_CERT_MGR_STRUCT
{
public int dwSize;
public IntPtr hwndParent;
public int dwFlags;
public string pwszTitle;
public IntPtr pszInitUsageOID;
}
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_KEY_PROV_INFO
{
[MarshalAs(UnmanagedType.LPWStr)]
public string ContainerName;
[MarshalAs(UnmanagedType.LPWStr)]
public string ProvName;
public int ProvType;
public int Flags;
public int ProvParam;
public IntPtr rgProvParam;
public int KeySpec;
}
[DllImport("cryptui.dll", SetLastError = true)]
public static extern IntPtr CryptUIDlgSelectCertificateFromStore(IntPtr hCertStore, IntPtr hwnd, [MarshalAs(UnmanagedType.LPWStr)]
string
pwszTitle, [MarshalAs(UnmanagedType.LPWStr)]
string
pwszDisplayString, int dwDontUseColumn, int dwFlags, IntPtr pvReserved);
[DllImport("crypt32.dll", SetLastError = true)]
public static extern IntPtr CertEnumCertificatesInStore(IntPtr hCertStore, IntPtr pPrevCertContext);
[DllImport("crypt32.dll", SetLastError = true)]
public static extern bool CertGetNameString(IntPtr pCertContext, int dwType, int dwFlags, IntPtr pvTypePara, StringBuilder pszNameString, Int32 cchNameString);
[DllImport("crypt32.dll", SetLastError = true)]
public static extern bool CertGetCertificateContextProperty(IntPtr pCertContext, int dwPropId, IntPtr pvData, ref int pcbData);
[DllImport("crypt32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public static extern IntPtr CertOpenSystemStore(IntPtr hCryptProv, string storename);
[DllImport("crypt32.dll", SetLastError = true)]
public static extern bool CertFreeCertificateContext(IntPtr hCertStore);
[DllImport("crypt32.dll", SetLastError = true)]
public static extern bool CertCloseStore(IntPtr hCertStore, int dwFlags);
[DllImport("cryptui.dll", SetLastError = true)]
public static extern bool CryptUIDlgCertMgr(ref CRYPTUI_CERT_MGR_STRUCT pCryptUICertMgr);
[DllImport("crypt32.dll")]
public static extern bool CryptDecodeObject(int CertEncodingType, int lpszStructType, byte[] pbEncoded, int cbEncoded, int flags, [In(), Out()]
byte
[] pvStructInfo, ref int cbStructInfo);
[DllImport("crypt32.dll", SetLastError = true)]
public static extern IntPtr CertFindCertificateInStore(IntPtr hCertStore, int dwCertEncodingType, int dwFindFlags, int dwFindType, [In(), MarshalAs(UnmanagedType.LPWStr)]
string
pszFindString, IntPtr pPrevCertContext);
[StructLayout(LayoutKind.Sequential)]
public struct PUBKEYBLOBHEADERS
{
////BLOBHEADER
public byte bType;
// //BLOBHEADER
public byte bVersion;
////BLOBHEADER
public short reserved;
////BLOBHEADER
public Int32 aiKeyAlg;
// //RSAPUBKEY
public int magic;
//; '//RSAPUBKEY
public int bitlen;
//; //RSAPUBKEY
public int pubexp;
}
public int CERT_NAME_SIMPLE_DISPLAY_TYPE = 0x4;
public int CRYPTUI_SELECT_LOCATION_COLUMN = 0x10;
public int CERT_KEY_PROV_INFO_PROP_ID = 0x2;
static public int X509_ASN_ENCODING = 0x1;
static public int PKCS_7_ASN_ENCODING = 0x10000;
public int RSA_CSP_PUBLICKEYBLOB = 19;
static public int ENCODING_TYPE = PKCS_7_ASN_ENCODING | X509_ASN_ENCODING;
public int CERT_FIND_SUBJECT_STR = 0x80007;
public byte[] pubblob;
public string PKC12CertSelectedName = "";
public byte[] EncKey;
public byte[] EncIv;
public byte[] EncData;
//creates new instance of Rinjndael
public RijndaelManaged Rin = new RijndaelManaged();
public byte[] SignedData;
public string CertForEnc = "";
public string CertForSig = "";
}
}
[/code]
I will Cover the next method in my next resource which will overcome the limitation of the method one
Thanks and Regards
Meetu Choudhary
Subscribe to:
Posts (Atom)
Subscribe via email
MSDotnetMentor
MSDotnetMentor
My Website
http://msdotnetmentor.com