2 // X509Certificate20.cs: Partial class to handle new 2.0-only stuff
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com)
8 // Copyright (C) 2004-2006 Novell, Inc (http://www.novell.com)
10 // Permission is hereby granted, free of charge, to any person obtaining
11 // a copy of this software and associated documentation files (the
12 // "Software"), to deal in the Software without restriction, including
13 // without limitation the rights to use, copy, modify, merge, publish,
14 // distribute, sublicense, and/or sell copies of the Software, and to
15 // permit persons to whom the Software is furnished to do so, subject to
16 // the following conditions:
18 // The above copyright notice and this permission notice shall be
19 // included in all copies or substantial portions of the Software.
21 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
22 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
23 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
24 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
25 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
26 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
27 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
32 using System.Runtime.InteropServices;
33 using System.Security.Permissions;
37 using Mono.Security.X509;
39 using System.Runtime.Serialization;
41 namespace System.Security.Cryptography.X509Certificates {
44 [MonoTODO ("X509ContentType.SerializedCert isn't supported (anywhere in the class)")]
45 public partial class X509Certificate : IDeserializationCallback, ISerializable {
47 private string issuer_name;
48 private string subject_name;
51 public X509Certificate ()
53 // this allows an empty certificate to exists
56 public X509Certificate (byte[] rawData, string password)
58 Import (rawData, password, X509KeyStorageFlags.DefaultKeySet);
61 [MonoTODO ("SecureString support is incomplete")]
62 public X509Certificate (byte[] rawData, SecureString password)
64 Import (rawData, password, X509KeyStorageFlags.DefaultKeySet);
67 public X509Certificate (byte[] rawData, string password, X509KeyStorageFlags keyStorageFlags)
69 Import (rawData, password, keyStorageFlags);
72 [MonoTODO ("SecureString support is incomplete")]
73 public X509Certificate (byte[] rawData, SecureString password, X509KeyStorageFlags keyStorageFlags)
75 Import (rawData, password, keyStorageFlags);
78 public X509Certificate (string fileName)
80 Import (fileName, (string)null, X509KeyStorageFlags.DefaultKeySet);
83 public X509Certificate (string fileName, string password)
85 Import (fileName, password, X509KeyStorageFlags.DefaultKeySet);
88 [MonoTODO ("SecureString support is incomplete")]
89 public X509Certificate (string fileName, SecureString password)
91 Import (fileName, password, X509KeyStorageFlags.DefaultKeySet);
94 public X509Certificate (string fileName, string password, X509KeyStorageFlags keyStorageFlags)
96 Import (fileName, password, keyStorageFlags);
99 [MonoTODO ("SecureString support is incomplete")]
100 public X509Certificate (string fileName, SecureString password, X509KeyStorageFlags keyStorageFlags)
102 Import (fileName, password, keyStorageFlags);
105 public X509Certificate (SerializationInfo info, StreamingContext context)
107 byte[] raw = (byte[]) info.GetValue ("RawData", typeof (byte[]));
108 Import (raw, (string)null, X509KeyStorageFlags.DefaultKeySet);
112 public string Issuer {
115 throw new CryptographicException (Locale.GetText ("Certificate instance is empty."));
117 if (issuer_name == null)
118 issuer_name = X501.ToString (x509.GetIssuerName (), true, ", ", true);
123 public string Subject {
126 throw new CryptographicException (Locale.GetText ("Certificate instance is empty."));
128 if (subject_name == null)
129 subject_name = X501.ToString (x509.GetSubjectName (), true, ", ", true);
135 public IntPtr Handle {
136 get { return IntPtr.Zero; }
141 public override bool Equals (object obj)
143 X509Certificate x = (obj as X509Certificate);
145 return this.Equals (x);
149 [MonoTODO ("X509ContentType.Pfx/Pkcs12 and SerializedCert are not supported")]
151 public virtual byte[] Export (X509ContentType contentType)
153 return Export (contentType, (byte[])null);
156 [MonoTODO ("X509ContentType.Pfx/Pkcs12 and SerializedCert are not supported")]
158 public virtual byte[] Export (X509ContentType contentType, string password)
160 byte[] pwd = (password == null) ? null : Encoding.UTF8.GetBytes (password);
161 return Export (contentType, pwd);
164 [MonoTODO ("X509ContentType.Pfx/Pkcs12 and SerializedCert are not supported. SecureString support is incomplete.")]
165 public virtual byte[] Export (X509ContentType contentType, SecureString password)
167 byte[] pwd = (password == null) ? null : password.GetBuffer ();
168 return Export (contentType, pwd);
171 internal byte[] Export (X509ContentType contentType, byte[] password)
174 throw new CryptographicException (Locale.GetText ("Certificate instance is empty."));
177 switch (contentType) {
178 case X509ContentType.Cert:
180 case X509ContentType.Pfx: // this includes Pkcs12
182 throw new NotSupportedException ();
183 case X509ContentType.SerializedCert:
185 throw new NotSupportedException ();
187 string msg = Locale.GetText ("This certificate format '{0}' cannot be exported.", contentType);
188 throw new CryptographicException (msg);
193 if (password != null)
194 Array.Clear (password, 0, password.Length);
198 void IDeserializationCallback.OnDeserialization (object sender)
203 public virtual void Import (byte[] rawData)
205 Import (rawData, (string)null, X509KeyStorageFlags.DefaultKeySet);
208 [MonoTODO ("missing KeyStorageFlags support")]
210 public virtual void Import (byte[] rawData, string password, X509KeyStorageFlags keyStorageFlags)
213 if (password == null) {
215 x509 = new Mono.Security.X509.X509Certificate (rawData);
217 catch (Exception e) {
219 PKCS12 pfx = new PKCS12 (rawData);
220 if (pfx.Certificates.Count > 0)
221 x509 = pfx.Certificates [0];
226 string msg = Locale.GetText ("Unable to decode certificate.");
227 // inner exception is the original (not second) exception
228 throw new CryptographicException (msg, e);
234 PKCS12 pfx = new PKCS12 (rawData, password);
235 if (pfx.Certificates.Count > 0) {
236 x509 = pfx.Certificates [0];
242 // it's possible to supply a (unrequired/unusued) password
244 x509 = new Mono.Security.X509.X509Certificate (rawData);
249 [MonoTODO ("SecureString support is incomplete")]
250 public virtual void Import (byte[] rawData, SecureString password, X509KeyStorageFlags keyStorageFlags)
252 Import (rawData, (string)null, keyStorageFlags);
256 public virtual void Import (string fileName)
258 byte[] rawData = Load (fileName);
259 Import (rawData, (string)null, X509KeyStorageFlags.DefaultKeySet);
262 [MonoTODO ("missing KeyStorageFlags support")]
264 public virtual void Import (string fileName, string password, X509KeyStorageFlags keyStorageFlags)
266 byte[] rawData = Load (fileName);
267 Import (rawData, password, keyStorageFlags);
270 [MonoTODO ("SecureString support is incomplete, missing KeyStorageFlags support")]
271 public virtual void Import (string fileName, SecureString password, X509KeyStorageFlags keyStorageFlags)
273 byte[] rawData = Load (fileName);
274 Import (rawData, (string)null, keyStorageFlags);
277 void ISerializable.GetObjectData (SerializationInfo info, StreamingContext context)
279 // will throw a NRE if info is null (just like MS implementation)
280 info.AddValue ("RawData", x509.RawData);
284 public virtual void Reset ()
290 cachedCertificateHash = null;