X509Certificate2

Configuration\DashboardOptions.cs (1)

483_serverCertificate = new X509Certificate2(data);

ServiceClient\DashboardClient.cs (1)

186return [new X509Certificate2(filePath, password)];

tests\Shared\Telemetry\TelemetryTestHelpers.cs (1)

343return new X509Certificate2(certificate.Export(X509ContentType.Pfx));

tests\Shared\Telemetry\TelemetryTestHelpers.cs (1)

343return new X509Certificate2(certificate.Export(X509ContentType.Pfx));

tests\Shared\TestCertificateLoader.cs (1)

36return new X509Certificate2(GetCertPath(certName), password);

Dcp\DcpExecutor.cs (1)

2928using var tempCert = new X509Certificate2(pfxCandidate, configuration.Password);

Dcp\DcpHostNotificationTests.cs (1)

514return new X509Certificate2(path, "testPassword");

ExecutionConfigurationGathererTests.cs (1)

496var publicCert = new X509Certificate2(certificates[i].Export(X509ContentType.Cert));

ServiceHelper.cs (1)

64foundCert = new X509Certificate2(cert);

src\aspnetcore\src\Shared\CertificateGeneration\CertificateManager.cs (1)

562certificate = new X509Certificate2(certificatePath, password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.EphemeralKeySet);

src\aspnetcore\src\Shared\CertificateGeneration\MacOSCertificateManager.cs (1)

445var certificate = new X509Certificate2(file);

src\aspnetcore\src\Shared\CertificateGeneration\UnixCertificateManager.cs (1)

175certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\aspnetcore\src\Shared\CertificateGeneration\WindowsCertificateManager.cs (1)

60certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

FrameworkFork\System.ServiceModel\System\IdentityModel\Claims\X509CertificateClaimSet.cs (2)

34_certificate = clone ? new X509Certificate2(certificate.Handle) : certificate; 512_certificate = clone ? new X509Certificate2(certificate.Handle) : certificate;

FrameworkFork\System.ServiceModel\System\IdentityModel\Selectors\X509SecurityTokenProvider.cs (2)

24_certificate = new X509Certificate2(certificate.Handle); 49_certificate = new X509Certificate2(certificates[0].Handle);

FrameworkFork\System.ServiceModel\System\IdentityModel\Tokens\X509SecurityToken.cs (1)

56_certificate = clone ? new X509Certificate2(certificate.Handle) : certificate;

FrameworkFork\System.ServiceModel\System\ServiceModel\Channels\SslStreamSecurityUpgradeProvider.cs (3)

266_serverCertificate = new X509Certificate2(x509Token.Certificate.Handle); 402X509Certificate2 certificate2 = new X509Certificate2(certificate.Handle); 640X509Certificate2 certificate2 = new X509Certificate2(certificate.Handle);

FrameworkFork\System.ServiceModel\System\ServiceModel\Security\SecurityUtils.cs (2)

859certificate = (rawData == null || rawData.Length == 0) ? null : new X509Certificate2(rawData); 915return new X509Certificate2(certs[0].Handle);

FrameworkFork\System.ServiceModel\System\ServiceModel\X509CertificateEndpointIdentity.cs (1)

59X509Certificate2 certificate = new X509Certificate2(Convert.FromBase64String(reader.ReadElementString()));

CertificateManager.cs (1)

152var publicOnly = new X509Certificate2(certificate.RawData);

ServiceUtilHelper.cs (5)

152X509Certificate2 rootCertificate = new X509Certificate2(GetResourceFromServiceAsByteArray(RootCertificateResource)); 160return new X509Certificate2(await GetResourceFromServiceAsByteArrayAsync(MachineCertificateResource)); 367X509Certificate2 clientCertificate = new X509Certificate2(GetResourceFromServiceAsByteArray(ClientCertificateResource), "test", storageFlags); 378X509Certificate2 peerCertificate = new X509Certificate2(GetResourceFromServiceAsByteArray(PeerCertificateResource), "test", X509KeyStorageFlags.DefaultKeySet); 389X509Certificate2 peerCertificate = new X509Certificate2(GetResourceFromServiceAsByteArray(PeerCertificateResource), "test", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.UserKeySet);

src\aspnetcore\src\Shared\CertificateGeneration\CertificateManager.cs (1)

562certificate = new X509Certificate2(certificatePath, password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.EphemeralKeySet);

src\aspnetcore\src\Shared\CertificateGeneration\MacOSCertificateManager.cs (1)

445var certificate = new X509Certificate2(file);

src\aspnetcore\src\Shared\CertificateGeneration\UnixCertificateManager.cs (1)

175certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\aspnetcore\src\Shared\CertificateGeneration\WindowsCertificateManager.cs (1)

60certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

CertificateForwardingOptions.cs (1)

27public Func<string, X509Certificate2> HeaderConverter = (headerValue) => new X509Certificate2(Convert.FromBase64String(headerValue));

ForwardedTlsConnectionFeature.cs (1)

32_certificate = new X509Certificate2(bytes);

Internal\Certificates\CertificateConfigLoader.cs (3)

75return (new X509Certificate2(Path.Combine(HostEnvironment.ContentRootPath, certInfo.Path!), certInfo.Password), fullChain); 90return new X509Certificate2(certificateBytes, "", X509KeyStorageFlags.DefaultKeySet); 267return new X509Certificate2(certificatePath);

Internal\TlsConnectionFeature.cs (1)

185_ => new X509Certificate2(certificate),

ListenOptionsHttpsExtensions.cs (3)

43return listenOptions.UseHttps(new X509Certificate2(Path.Combine(env.ContentRootPath, fileName))); 57return listenOptions.UseHttps(new X509Certificate2(Path.Combine(env.ContentRootPath, fileName), password)); 72return listenOptions.UseHttps(new X509Certificate2(Path.Combine(env.ContentRootPath, fileName), password), configureOptions);

Middleware\HttpsConnectionMiddleware.cs (1)

522return new X509Certificate2(certificate);

src\aspnetcore\src\Shared\CertificateGeneration\CertificateManager.cs (1)

562certificate = new X509Certificate2(certificatePath, password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.EphemeralKeySet);

src\aspnetcore\src\Shared\CertificateGeneration\MacOSCertificateManager.cs (1)

445var certificate = new X509Certificate2(file);

src\aspnetcore\src\Shared\CertificateGeneration\UnixCertificateManager.cs (1)

175certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\aspnetcore\src\Shared\CertificateGeneration\WindowsCertificateManager.cs (1)

60certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

TlsConfigurationLoader.cs (1)

161var certificate = new X509Certificate2(certificatePath, certificateConfig.Password);

Internal\QuicConnectionContext.FeatureCollection.cs (1)

53_ => new X509Certificate2(certificate),

ManifestUtil\SecurityUtil.cs (1)

608using X509Certificate2 cert = new X509Certificate2(certPath, certPassword, X509KeyStorageFlags.PersistKeySet);

src\aspnetcore\src\Shared\CertificateGeneration\CertificateManager.cs (1)

562certificate = new X509Certificate2(certificatePath, password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.EphemeralKeySet);

src\aspnetcore\src\Shared\CertificateGeneration\MacOSCertificateManager.cs (1)

445var certificate = new X509Certificate2(file);

src\aspnetcore\src\Shared\CertificateGeneration\UnixCertificateManager.cs (1)

175certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\aspnetcore\src\Shared\CertificateGeneration\WindowsCertificateManager.cs (1)

60certificate = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);

src\runtime\src\libraries\Common\src\Interop\Windows\SChannel\UnmanagedCertificateContext.IntPtr.cs (1)

38var cert = new X509Certificate2(new IntPtr(next));

System\Net\Http\WinHttpRequestCallback.cs (1)

311var serverCertificate = new X509Certificate2(certHandle);

System\Net\Quic\QuicConnection.SslConnectionOptions.cs (1)

88certificate = new X509Certificate2(certificatePtr);

src\runtime\src\libraries\Common\src\Interop\Unix\System.Security.Cryptography.Native\Interop.OpenSsl.cs (1)

995X509Certificate2 chainCert = new X509Certificate2(certPtr);

System\Net\CertificateValidationPal.Unix.cs (2)

47result = new X509Certificate2(remoteCertificate); 71X509Certificate2 chainCert = new X509Certificate2(certPtr);

System\Net\Security\SslStream.Protocol.cs (1)

264certificateEx = new X509Certificate2(certificate);

System\Net\Security\SslStreamCertificateContext.cs (1)

180return Create(new X509Certificate2(TargetCertificate), intermediates, trust: Trust);

System\Net\Security\SslStreamCertificateContext.Linux.cs (1)

53_privateIntermediateCertificates[i] = new X509Certificate2(intermediates[i]);

System\Security\Cryptography\X509Certificates\ChainPal.Windows.cs (1)

77X509Certificate2 certificate = new X509Certificate2((IntPtr)(pChainElement->pCertContext));

System\Security\Cryptography\X509Certificates\DSACertificateExtensions.cs (1)

59return new X509Certificate2(pal);

System\Security\Cryptography\X509Certificates\ECDsaCertificateExtensions.cs (1)

50return new X509Certificate2(pal);

System\Security\Cryptography\X509Certificates\RSACertificateExtensions.cs (1)

54return new X509Certificate2(pal);

System\Security\Cryptography\X509Certificates\StorePal.Windows.cs (1)

45X509Certificate2 cert = new X509Certificate2(pCertContext.DangerousGetHandle());

System\Security\Cryptography\X509Certificates\X509Certificate2.cs (5)

779return new X509Certificate2(pal); 879return new X509Certificate2(pal); 981return new X509Certificate2(pal); 1080return new X509Certificate2(pal); 1521/// For PEM-encoded certificates in a file, use <see cref="X509Certificate2(string)" />.

System\Security\Cryptography\X509Certificates\X509CertificateLoader.netcore.cs (3)

27return new X509Certificate2(pal); 36return new X509Certificate2(pal); 142return new X509Certificate2(_pal);

System\Security\Cryptography\X509Certificates\X509CertificateLoader.Windows.cs (1)

170coll.Add(new X509Certificate2(pal));

Internal\Cryptography\PkcsHelpers.cs (1)

135X509Certificate2 certCopy = new X509Certificate2(originalCert.Handle);

System\Security\Cryptography\Xml\KeyInfoX509Data.cs (3)

38new X509Certificate2((byte[])null!) : 54X509Certificate2 certificate = new X509Certificate2(cert); 116X509Certificate2 x509 = new X509Certificate2(certificate);

ServiceModel\BasicHttpsBindingTest.cs (1)

75var certificate = new X509Certificate2(certificateBytes);

System\ServiceModel\Channels\SslStreamSecurityUpgradeProvider.cs (2)

191ServerCertificate = new X509Certificate2(x509Token.Certificate); 406X509Certificate2 certificate2 = new X509Certificate2(certificate);

System\IdentityModel\Claims\X509CertificateClaimSet.cs (2)

38_certificate = clone ? new X509Certificate2(certificate) : certificate; 545_certificate = clone ? new X509Certificate2(certificate) : certificate;

System\IdentityModel\SecurityUtils.cs (1)

246certificate = (rawData == null || rawData.Length == 0) ? null : new X509Certificate2(rawData);

System\IdentityModel\Selectors\X509SecurityTokenProvider.cs (1)

30_certificate = new X509Certificate2(certificate);

System\IdentityModel\Tokens\X509RawDataKeyIdentifierClause.cs (1)

44_certificate = new X509Certificate2(GetBuffer());

System\IdentityModel\Tokens\X509SecurityToken.cs (1)

57_certificate = clone ? new X509Certificate2(certificate) : certificate;

System\ServiceModel\Security\ReceiveSecurityHeader.cs (1)

1083token = new X509SecurityToken(new X509Certificate2(((X509RawDataKeyIdentifierClause)keyIdentifierClause).GetX509RawData()), false);

System\ServiceModel\Security\SecurityHeaderTokenResolver.cs (1)

176resolvedToken = new X509SecurityToken(new X509Certificate2(((X509RawDataKeyIdentifierClause)keyIdentifierClause).GetX509RawData()));

System\ServiceModel\Security\SecurityUtils.cs (2)

880return new X509Certificate2(certs[0]); 1021certificate = (rawData == null || rawData.Length == 0) ? null : new X509Certificate2(rawData);

System\ServiceModel\X509CertificateEndpointIdentity.cs (1)

65X509Certificate2 certificate = new X509Certificate2(Convert.FromBase64String(reader.ReadElementString()));

System\Security\Cryptography\X509Certificates\X509Utils.cs (1)

67X509Certificate2 certificate = new X509Certificate2(pEnumContext);

Backchannel\ExtensionBackchannel.cs (1)

722private X509Certificate2 GetCertificate()

Certificates\CertificateGeneration\CertificateManager.cs (49)

Certificates\CertificateGeneration\MacOSCertificateManager.cs (28)

Certificates\CertificateGeneration\UnixCertificateManager.cs (15)

56public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 116using var candidate = X509CertificateLoader.LoadCertificateFromFile(certPath); 171protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 188internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 195internal override void CorrectCertificateState(X509Certificate2 candidate) 201internal override bool IsExportable(X509Certificate2 c) => true; 203protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 219using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 250using var existingCert = X509CertificateLoader.LoadCertificateFromFile(certPath); 443protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 450if (TryFindCertificateInStore(store, certificate, out var matching)) 535protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 632private static string GetCertificateNickname(X509Certificate2 certificate) 666private static bool TrustCertificateInWindowsStore(X509Certificate2 certificate)

Certificates\CertificateGeneration\WindowsCertificateManager.cs (11)

31internal override bool IsExportable(X509Certificate2 c) 45internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 50internal override void CorrectCertificateState(X509Certificate2 candidate) 55protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 75protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 90using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 102protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 109if (TryFindCertificateInStore(store, certificate, out var matching)) 121public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 128protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation)

Certificates\NativeCertificateToolRunner.cs (3)

89internal EnsureCertificateResult TrustHttpCertificateOnLinux(IEnumerable<X509Certificate2> availableCertificates, DateTimeOffset now) 91X509Certificate2? certificate = null; 176private static string[]? GetSanExtension(X509Certificate2 cert)

src\Shared\X509Certificate2Extensions.cs (8)

23/// <param name="certificate">The <see cref="X509Certificate2"/> to check.</param> 25public static bool IsAspNetCoreDevelopmentCertificate(this X509Certificate2 certificate) 44public static byte GetCertificateVersion(this X509Certificate2 certificate) 69public static bool SupportsContainerTrust(this X509Certificate2 certificate) 101foreach (var certificate in store.Certificates.Where(c => !c.MatchesHostname("localhost") || c.HasSubjectKeyIdentifier())) 113public static bool HasSubjectKeyIdentifier(this X509Certificate2 certificate) 126public static IOrderedEnumerable<X509Certificate2> OrderByVersion(this IEnumerable<X509Certificate2> certificates)

Certificates\NativeCertificateToolRunnerTests.cs (11)

30using var certificate = certificateManager.CreateAspNetCoreHttpsDevelopmentCertificate( 47using var olderCertificate = olderVersionManager.CreateAspNetCoreHttpsDevelopmentCertificate( 65protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 71protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 77public override TrustLevel GetTrustLevel(X509Certificate2 certificate) => TrustLevel.None; 79internal override bool IsExportable(X509Certificate2 c) => true; 81protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 85protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) => []; 91internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) => new(true, null); 93internal override void CorrectCertificateState(X509Certificate2 candidate)

Configuration\DashboardOptions.cs (2)

457private X509Certificate2? _serverCertificate; 464public X509Certificate2? GetServerCertificate() => _serverCertificate;

Model\Assistant\ChatClientFactory.cs (1)

221if (!DebugSessionHelpers.HasDebugSession(Options.DebugSession, out var serverCert, out var debugSessionUri, out var token))

Model\DebugSessionHelpers.cs (2)

13public static HttpClient CreateHttpClient(Uri? debugSessionUri, string? token, X509Certificate2? cert, Func<HttpClientHandler, HttpMessageHandler>? createHandler) 59out X509Certificate2? serverCert,

Telemetry\DashboardTelemetrySender.cs (1)

117if (DebugSessionHelpers.HasDebugSession(_options.Value.DebugSession, out var certificate, out var debugSessionUri, out var token))

tests\Shared\Telemetry\TelemetryTestHelpers.cs (2)

330public static X509Certificate2 GenerateDummyCertificate() 339var certificate = request.CreateSelfSigned(

Integration\IntegrationTestHelpers.cs (6)

24private static readonly X509Certificate2 s_testCertificate = TestCertificateLoader.GetTestCertificate(); 116Action<X509Certificate2?>? validationCallback = null, 125validationCallback?.Invoke((X509Certificate2)cert!); 141Action<X509Certificate2?>? validationCallback = null, 157Action<X509Certificate2?>? validationCallback = null, 186validationCallback?.Invoke((X509Certificate2)cert!);

Integration\OtlpGrpcServiceTests.cs (5)

239X509Certificate2? clientCallbackCert = null; 313var clientCertificate = TestCertificateLoader.GetTestCertificate("eku.client.pfx"); 332var clientCertificate = TestCertificateLoader.GetTestCertificate("eku.client.pfx"); 333X509Certificate2? clientCallbackCert = null; 372X509Certificate2? clientCallbackCert = null;

Integration\OtlpHttpServiceTests.cs (1)

191X509Certificate2? clientCallbackCert = null;

Integration\StartupTests.cs (3)

277var testCert = TelemetryTestHelpers.GenerateDummyCertificate(); 296var cert = app.DashboardOptionsMonitor.CurrentValue.DebugSession.GetServerCertificate(); 1110var testCert = TelemetryTestHelpers.GenerateDummyCertificate();

tests\Shared\Telemetry\TelemetryTestHelpers.cs (2)

330public static X509Certificate2 GenerateDummyCertificate() 339var certificate = request.CreateSelfSigned(

tests\Shared\TestCertificateLoader.cs (2)

20public static X509Certificate2 GetTestCertificate(string certName = "testCert.pfx") 25public static X509Certificate2 GetTestCertificate(string certName, string password)

ApplicationModel\CertificateAuthorityCollectionResourceExtensions.cs (5)

ApplicationModel\CertificateTrustExecutionConfigurationGatherer.cs (1)

68foreach (var cert in developerCertificateService.Certificates)

ApplicationModel\ExecutionConfigurationBuilderExtensions.cs (1)

53public static IExecutionConfigurationBuilder WithHttpsCertificateConfig(this IExecutionConfigurationBuilder builder, Func<X509Certificate2, HttpsCertificateExecutionConfigurationContext> configContextFactory)

ApplicationModel\HttpsCertificateAnnotation.cs (3)

16private X509Certificate2? _certificate; 20/// Sets an <see cref="X509Certificate2"/> instance associated with this annotation. 23public X509Certificate2? Certificate

ApplicationModel\HttpsCertificateExecutionConfigurationGatherer.cs (4)

18private readonly Func<X509Certificate2, HttpsCertificateExecutionConfigurationContext> _configContextFactory; 24public HttpsCertificateExecutionConfigurationGatherer(Func<X509Certificate2, HttpsCertificateExecutionConfigurationContext> configContextFactory) 38X509Certificate2? certificate = effectiveAnnotation.Certificate; 101public required X509Certificate2 Certificate { get; init; }

Dcp\DcpExecutor.cs (2)

2824var certificate = configuration.Certificate; 2928using var tempCert = new X509Certificate2(pfxCandidate, configuration.Password);

DeveloperCertificateService.cs (10)

17private readonly Lazy<ImmutableList<X509Certificate2>> _certificates; 28_certificates = new Lazy<ImmutableList<X509Certificate2>>(() => 74var trustedCerts = new List<X509Certificate2>(); 75foreach (var cert in bestCerts) 103foreach (var rc in rootCerts) 117foreach (var unusedCert in validCerts.Except(trustedCerts)) 124return ImmutableList<X509Certificate2>.Empty; 132return ImmutableList<X509Certificate2>.Empty; 157public ImmutableList<X509Certificate2> Certificates => _certificates.Value; 185private static IEnumerable<X509Certificate2> FindDevCertificates(X509Store store, DateTimeOffset now)

IDeveloperCertificateService.cs (1)

19ImmutableList<X509Certificate2> Certificates { get; }

ResourceBuilderExtensions.cs (2)

2740/// <param name="certificate">An <see cref="X509Certificate2"/> key pair to use for HTTPS/TLS endpoints on the resource.</param> 2756public static IResourceBuilder<TResource> WithHttpsCertificate<TResource>(this IResourceBuilder<TResource> builder, X509Certificate2 certificate, IResourceBuilder<ParameterResource>? password = null)

src\Shared\X509Certificate2Extensions.cs (8)

23/// <param name="certificate">The <see cref="X509Certificate2"/> to check.</param> 25public static bool IsAspNetCoreDevelopmentCertificate(this X509Certificate2 certificate) 44public static byte GetCertificateVersion(this X509Certificate2 certificate) 69public static bool SupportsContainerTrust(this X509Certificate2 certificate) 101foreach (var certificate in store.Certificates.Where(c => !c.MatchesHostname("localhost") || c.HasSubjectKeyIdentifier())) 113public static bool HasSubjectKeyIdentifier(this X509Certificate2 certificate) 126public static IOrderedEnumerable<X509Certificate2> OrderByVersion(this IEnumerable<X509Certificate2> certificates)

AzureCosmosDBExtensionsTests.cs (4)

716new List<X509Certificate2>(), 747new List<X509Certificate2>(), 779new List<X509Certificate2>(), 808new List<X509Certificate2>(),

AddRedisTests.cs (6)

775using var cert = CreateTestCertificate(); 791using var cert = CreateTestCertificate(); 804using var cert = CreateTestCertificate(); 841using var cert = CreateTestCertificate(); 901private static X509Certificate2 CreateTestCertificate() 914var certificate = request.CreateSelfSigned(DateTimeOffset.UtcNow.AddDays(-1), DateTimeOffset.UtcNow.AddDays(1));

Dcp\DcpExecutorTests.cs (1)

2566var developerCertificateService = new TestDeveloperCertificateService(new List<X509Certificate2>(), false, false, false);

Dcp\DcpHostNotificationTests.cs (8)

124using var certificate = CreateUntrustedCertificate(); 501private static X509Certificate2 CreateUntrustedCertificate() 525using var certificate = CreateUntrustedCertificate(); 577using var certificate = CreateUntrustedCertificate(); 629using var certificate = CreateUntrustedCertificate(); 682using var certificate = CreateUntrustedCertificate(); 745using var certificate = CreateUntrustedCertificate(); 805using var certificate = CreateUntrustedCertificate();

DistributedApplicationTests.cs (3)

780using var cert = request.CreateSelfSigned(DateTimeOffset.UtcNow.AddDays(-1), DateTimeOffset.UtcNow.AddDays(1)); 911foreach (var cert in dc.Certificates) 916Assert.True(X509Certificate2.CreateFromPem(foundCert.Contents).IsAspNetCoreDevelopmentCertificate());

ExecutionConfigurationGathererTests.cs (23)

Utils\TestDeveloperCertificateService.cs (2)

10public sealed class TestDeveloperCertificateService(List<X509Certificate2> certificates, bool supportsContainerTrust, bool trustCertificate, bool tlsTerminate, bool latestCertificateIsUntrusted = false) : IDeveloperCertificateService 14public ImmutableList<X509Certificate2> Certificates { get; } = certificates.ToImmutableList();

AddYarpTests.cs (6)

45new List<X509Certificate2>(), 94new List<X509Certificate2>(), 117new List<X509Certificate2>(), 139new List<X509Certificate2>(), 406new List<X509Certificate2>(), 434new List<X509Certificate2>(),

src\Shared\X509Certificate2Extensions.cs (8)

23/// <param name="certificate">The <see cref="X509Certificate2"/> to check.</param> 25public static bool IsAspNetCoreDevelopmentCertificate(this X509Certificate2 certificate) 44public static byte GetCertificateVersion(this X509Certificate2 certificate) 69public static bool SupportsContainerTrust(this X509Certificate2 certificate) 101foreach (var certificate in store.Certificates.Where(c => !c.MatchesHostname("localhost") || c.HasSubjectKeyIdentifier())) 113public static bool HasSubjectKeyIdentifier(this X509Certificate2 certificate) 126public static IOrderedEnumerable<X509Certificate2> OrderByVersion(this IEnumerable<X509Certificate2> certificates)

src\Shared\X509Certificate2Extensions.cs (8)

23/// <param name="certificate">The <see cref="X509Certificate2"/> to check.</param> 25public static bool IsAspNetCoreDevelopmentCertificate(this X509Certificate2 certificate) 44public static byte GetCertificateVersion(this X509Certificate2 certificate) 69public static bool SupportsContainerTrust(this X509Certificate2 certificate) 101foreach (var certificate in store.Certificates.Where(c => !c.MatchesHostname("localhost") || c.HasSubjectKeyIdentifier())) 113public static bool HasSubjectKeyIdentifier(this X509Certificate2 certificate) 126public static IOrderedEnumerable<X509Certificate2> OrderByVersion(this IEnumerable<X509Certificate2> certificates)

ServiceHelper.cs (4)

46public static X509Certificate2 GetServiceCertificate() 49X509Certificate2 foundCert = null; 57foreach (var cert in certificates) 75foreach (var cert in certificates)

UDSBindingTests.cs (1)

113var cert = ServiceHelper.GetServiceCertificate();

ExpectedExceptionTests.4.0.0.cs (1)

399public override void Validate(X509Certificate2 certificate)

GeneratorTests.cs (1)

455MetadataReference.CreateFromFile(typeof(X509Certificate2).Assembly.Location)

NugetPackageDownloader\FirstPartyNuGetPackageSigningVerifier.cs (1)

109X509Certificate2 firstCert = certificateChain.First();

Program.cs (6)

308var validCertificates = new List<X509Certificate2>(); 316foreach (var certificate in certificates) 357private static void ReportCertificates(IReporter reporter, IReadOnlyList<X509Certificate2> certificates, string certificateState) 384foreach (var certificate in certificates) 509public static CertificateReport FromX509Certificate2(X509Certificate2 cert) 536static List<string> GetSanExtension(X509Certificate2 cert)

src\aspnetcore\src\Shared\CertificateGeneration\CertificateManager.cs (49)

src\aspnetcore\src\Shared\CertificateGeneration\MacOSCertificateManager.cs (28)

15/// Normally, we avoid the use of <see cref="X509Certificate2.Thumbprint"/> because it's a SHA-1 hash and, therefore, 85protected override TrustLevel TrustCertificateCore(X509Certificate2 publicCertificate) 129internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 136internal override void CorrectCertificateState(X509Certificate2 candidate) 151public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 177protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 198private static void RemoveAdminTrustRule(X509Certificate2 certificate) 237private static void RemoveCertificateFromKeychain(string keychain, X509Certificate2 certificate) 274private static bool IsCertOnKeychain(string keychain, X509Certificate2 certificate) 305internal override bool IsExportable(X509Certificate2 c) => true; 307protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 336private static void SaveCertificateToUserKeychain(X509Certificate2 certificate) 373private static string GetCertificateFilePath(X509Certificate2 certificate) => 376protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 381protected override void PopulateCertificatesFromStore(X509Store store, List<X509Certificate2> certificates, bool requireExportable) 387var certsFromStore = new List<X509Certificate2>(); 418private sealed class ThumbprintComparer : IEqualityComparer<X509Certificate2> 420public static readonly IEqualityComparer<X509Certificate2> Instance = new ThumbprintComparer(); 423bool IEqualityComparer<X509Certificate2>.Equals(X509Certificate2 x, X509Certificate2 y) => 427int IEqualityComparer<X509Certificate2>.GetHashCode([DisallowNull] X509Certificate2 obj) => 431private static ICollection<X509Certificate2> GetCertsFromDisk() 433var certsFromDisk = new List<X509Certificate2>(); 445var certificate = new X509Certificate2(file); 459protected override void RemoveCertificateFromUserStoreCore(X509Certificate2 certificate)

src\aspnetcore\src\Shared\CertificateGeneration\UnixCertificateManager.cs (15)

56public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 116using var candidate = X509CertificateLoader.LoadCertificateFromFile(certPath); 171protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 188internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 195internal override void CorrectCertificateState(X509Certificate2 candidate) 201internal override bool IsExportable(X509Certificate2 c) => true; 203protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 219using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 250using var existingCert = X509CertificateLoader.LoadCertificateFromFile(certPath); 443protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 450if (TryFindCertificateInStore(store, certificate, out var matching)) 535protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 632private static string GetCertificateNickname(X509Certificate2 certificate) 666private static bool TrustCertificateInWindowsStore(X509Certificate2 certificate)

src\aspnetcore\src\Shared\CertificateGeneration\WindowsCertificateManager.cs (11)

30internal override bool IsExportable(X509Certificate2 c) 44internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 49internal override void CorrectCertificateState(X509Certificate2 candidate) 54protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 74protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 89using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 101protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 108if (TryFindCertificateInStore(store, certificate, out var matching)) 120public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 127protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation)

CmdCredentialsProvider.cs (6)

81foreach (X509Certificate2 certificate in certificateStore.Certificates) 131X509Certificate2 cert = null; 141private X509Certificate2 SelectCertificateFromCollection(X509Certificate2Collection selectedCerts, Uri serviceUri) 149var candidateCerts = new List<X509Certificate2>(); 151foreach (var cert in selectedCerts) 171var selectedCert = candidateCerts[idx - 1];

FrameworkFork\System.ServiceModel\System\IdentityModel\Claims\X509CertificateClaimSet.cs (8)

16private X509Certificate2 _certificate; 25public X509CertificateClaimSet(X509Certificate2 certificate) 30internal X509CertificateClaimSet(X509Certificate2 certificate, bool clone) 122public X509Certificate2 X509Certificate 299private static string[] GetDnsFromExtensions(X509Certificate2 cert) 493private X509Certificate2 _certificate; 498public X509Identity(X509Certificate2 certificate) 509internal X509Identity(X509Certificate2 certificate, bool clone, bool disposable)

FrameworkFork\System.ServiceModel\System\IdentityModel\SecurityUtils.cs (3)

286internal static string GetCertificateId(X509Certificate2 certificate) 293internal static void AppendCertificateIdentityName(StringBuilder str, X509Certificate2 certificate) 385internal static void ResetCertificate(X509Certificate2 certificate)

FrameworkFork\System.ServiceModel\System\IdentityModel\Selectors\X509CertificateValidator.cs (3)

45public abstract void Validate(X509Certificate2 certificate); 49public override void Validate(X509Certificate2 certificate) 76public override void Validate(X509Certificate2 certificate)

FrameworkFork\System.ServiceModel\System\IdentityModel\Selectors\X509SecurityTokenProvider.cs (3)

15private X509Certificate2 _certificate; 17public X509SecurityTokenProvider(X509Certificate2 certificate) 58public X509Certificate2 Certificate

FrameworkFork\System.ServiceModel\System\IdentityModel\Tokens\X509SecurityToken.cs (8)

15private X509Certificate2 _certificate; 22public X509SecurityToken(X509Certificate2 certificate) 27public X509SecurityToken(X509Certificate2 certificate, string id) 32internal X509SecurityToken(X509Certificate2 certificate, bool clone) 37internal X509SecurityToken(X509Certificate2 certificate, bool clone, bool disposable) 42internal X509SecurityToken(X509Certificate2 certificate, string id, bool clone) 47internal X509SecurityToken(X509Certificate2 certificate, string id, bool clone, bool disposable) 104public X509Certificate2 Certificate

FrameworkFork\System.ServiceModel\System\IdentityModel\Tokens\X509WindowsSecurityToken.cs (5)

17public X509WindowsSecurityToken(X509Certificate2 certificate, WindowsIdentity windowsIdentity) 22public X509WindowsSecurityToken(X509Certificate2 certificate, WindowsIdentity windowsIdentity, string id) 27public X509WindowsSecurityToken(X509Certificate2 certificate, WindowsIdentity windowsIdentity, string authenticationType, string id) 32internal X509WindowsSecurityToken(X509Certificate2 certificate, WindowsIdentity windowsIdentity, string authenticationType, bool clone) 37internal X509WindowsSecurityToken(X509Certificate2 certificate, WindowsIdentity windowsIdentity, string authenticationType, string id, bool clone)

FrameworkFork\System.ServiceModel\System\ServiceModel\Channels\ClientWebSocketTransportDuplexSessionChannel.cs (2)

81X509Certificate2 clientCertificate = null; 190private async Task<WebSocket> CreateWebSocketWithFactoryAsync(X509Certificate2 certificate, TimeoutHelper timeoutHelper)

FrameworkFork\System.ServiceModel\System\ServiceModel\Channels\HttpsChannelFactory.cs (2)

23private Func<HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, bool> _remoteCertificateValidationCallback; 186private bool RemoteCertificateValidationCallback(HttpRequestMessage sender, X509Certificate2 certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)

FrameworkFork\System.ServiceModel\System\ServiceModel\Channels\ServiceModelHttpMessageHandler.CoreClr.cs (1)

72public Func<HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, bool>

FrameworkFork\System.ServiceModel\System\ServiceModel\Channels\SslStreamSecurityUpgradeProvider.cs (5)

31private X509Certificate2 _serverCertificate; 108public X509Certificate2 ServerCertificate 312private X509Certificate2 _clientCertificate = null; 402X509Certificate2 certificate2 = new X509Certificate2(certificate.Handle); 640X509Certificate2 certificate2 = new X509Certificate2(certificate.Handle);

FrameworkFork\System.ServiceModel\System\ServiceModel\Channels\TransportSecurityHelpers.cs (5)

373private static Func<HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, bool> ChainValidator(Func<HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, bool> previousValidator) 380Func<HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, bool> chained = 393private static bool OnValidateServerCertificate(HttpRequestMessage request, X509Certificate2 certificate, X509Chain chain, 427private static void ValidateServerCertificate(X509Certificate2 certificate, string thumbprint)

FrameworkFork\System.ServiceModel\System\ServiceModel\Security\SecurityUtils.cs (7)

597internal static void AppendCertificateIdentityName(StringBuilder str, X509Certificate2 certificate) 857internal static bool TryCreateX509CertificateFromRawData(byte[] rawData, out X509Certificate2 certificate) 882internal static X509Certificate2 GetCertificateFromStore(StoreName storeName, StoreLocation storeLocation, 885X509Certificate2 certificate = GetCertificateFromStoreCore(storeName, storeLocation, findType, findValue, target, true); 893X509FindType findType, object findValue, EndpointAddress target, out X509Certificate2 certificate) 899private static X509Certificate2 GetCertificateFromStoreCore(StoreName storeName, StoreLocation storeLocation, 1006internal static void ResetCertificate(X509Certificate2 certificate)

FrameworkFork\System.ServiceModel\System\ServiceModel\Security\WSSecurityJan2004.cs (1)

485X509Certificate2 certificate;

FrameworkFork\System.ServiceModel\System\ServiceModel\Security\X509CertificateInitiatorClientCredential.cs (2)

15private X509Certificate2 _certificate; 29public X509Certificate2 Certificate

FrameworkFork\System.ServiceModel\System\ServiceModel\Security\X509CertificateRecipientClientCredential.cs (7)

19private X509Certificate2 _defaultCertificate; 20private Dictionary<Uri, X509Certificate2> _scopedCertificates; 26_scopedCertificates = new Dictionary<Uri, X509Certificate2>(); 38_scopedCertificates = new Dictionary<Uri, X509Certificate2>(); 46public X509Certificate2 DefaultCertificate 59public Dictionary<Uri, X509Certificate2> ScopedCertificates 127X509Certificate2 certificate = SecurityUtils.GetCertificateFromStore(storeName, storeLocation, findType, findValue, null);

FrameworkFork\System.ServiceModel\System\ServiceModel\X509CertificateEndpointIdentity.cs (3)

19public X509CertificateEndpointIdentity(X509Certificate2 certificate) 29public X509CertificateEndpointIdentity(X509Certificate2 primaryCertificate, X509Certificate2Collection supportingCertificates) 59X509Certificate2 certificate = new X509Certificate2(Convert.FromBase64String(reader.ReadElementString()));

CertificateManager.cs (24)

88public static X509Certificate2 AddToStoreIfNeeded(StoreName storeName, 90X509Certificate2 certificate) 92X509Certificate2 resultCert = null; 134public static X509Certificate2 AddToOSXKeyChainIfNeeded(SafeKeychainHandle keychain, 135X509Certificate2 certificate) 137X509Certificate2 resultCert = null; 152var publicOnly = new X509Certificate2(certificate.RawData); 170private static X509Certificate2 CertificateFromThumbprint(X509Store store, string thumbprint, bool validOnly) 176private static X509Certificate2 CertificateFromThumbprint(StoreName storeName, 181X509Certificate2 resultCert = null; 191private static X509Certificate2 KeychainCertificateFromThumbprint(string thumbprint, bool validOnly) 193X509Certificate2 resultCert = null; 206public static X509Certificate2 RootCertificateFromThumprint(string thumbprint, bool validOnly) 212public static X509Certificate2 ClientCertificateFromThumprint(string thumbprint, bool validOnly) 218public static X509Certificate2 PeerCertificateFromThumprint(string thumbprint, bool validOnly) 224public static X509Certificate2 OSXLocalKeychainCertificateFromThumprint(string thumbprint, bool validOnly) 232public static X509Certificate2 InstallCertificateToRootStore(X509Certificate2 certificate) 242public static X509Certificate2 InstallCertificateToMyStore(X509Certificate2 certificate) 255public static X509Certificate2 InstallCertificateToTrustedPeopleStore(X509Certificate2 certificate) 270public static X509Certificate2 InstallCertificateToOSXKeychainStore(X509Certificate2 certificate)

ServiceUtilHelper.cs (19)

DataProtectionBuilderExtensions.cs (3)

215public static IDataProtectionBuilder ProtectKeysWithCertificate(this IDataProtectionBuilder builder, X509Certificate2 certificate) 274public static IDataProtectionBuilder UnprotectKeysWithAnyCertificate(this IDataProtectionBuilder builder, params X509Certificate2[] certificates) 282foreach (var certificate in certificates)

XmlEncryption\CertificateResolver.cs (4)

18/// Locates an <see cref="X509Certificate2"/> given its thumbprint. 21/// <returns>The resolved <see cref="X509Certificate2"/>, or null if the certificate cannot be found.</returns> 22public virtual X509Certificate2? ResolveCertificate(string thumbprint) 35private static X509Certificate2? GetCertificateFromStore(StoreLocation location, string thumbprint)

XmlEncryption\CertificateXmlEncryptor.cs (7)

21private readonly Func<X509Certificate2> _certFactory; 40/// Creates a <see cref="CertificateXmlEncryptor"/> given an <see cref="X509Certificate2"/> instance 43public CertificateXmlEncryptor(X509Certificate2 certificate, ILoggerFactory loggerFactory) 101private Func<X509Certificate2> CreateCertFactory(string thumbprint, ICertificateResolver resolver) 107var cert = resolver.ResolveCertificate(thumbprint); 125var cert = _certFactory() 126?? CryptoUtil.Fail<X509Certificate2>("Cert factory returned null.");

XmlEncryption\EncryptedXmlDecryptor.cs (3)

87/// Can decrypt the XML key data from an <see cref="X509Certificate2"/> that is not in stored in <see cref="X509Store"/>. 139if (!(certEnum.Current is X509Certificate2 certInfo)) 149foreach (var keyDecryptionCert in keyDecryptionCerts)

XmlEncryption\ICertificateResolver.cs (4)

9/// Provides services for locating <see cref="X509Certificate2"/> instances. 14/// Locates an <see cref="X509Certificate2"/> given its thumbprint. 17/// <returns>The resolved <see cref="X509Certificate2"/>, or null if the certificate cannot be found.</returns> 18X509Certificate2? ResolveCertificate(string thumbprint);

XmlEncryption\XmlKeyDecryptionOptions.cs (7)

16private readonly Dictionary<string, List<X509Certificate2>> _certs = new Dictionary<string, List<X509Certificate2>>(StringComparer.Ordinal); 20public bool TryGetKeyDecryptionCertificates(X509Certificate2 certInfo, [NotNullWhen(true)] out IReadOnlyList<X509Certificate2>? keyDecryptionCerts) 28public void AddKeyDecryptionCertificate(X509Certificate2 certificate) 33certificates = _certs[key] = new List<X509Certificate2>(); 38private static string GetKey(X509Certificate2 cert) => cert.Thumbprint;

DataProtectionProvider.cs (10)

67/// the platform and operating system and uses the given <see cref="X509Certificate2"/> to encrypt the keys. 71/// <param name="certificate">The <see cref="X509Certificate2"/> to be used for encryption.</param> 72public static IDataProtectionProvider Create(string applicationName, X509Certificate2 certificate) 85/// and a <see cref="X509Certificate2"/> used to encrypt the keys. 89/// <param name="certificate">The <see cref="X509Certificate2"/> to be used for encryption.</param> 92X509Certificate2 certificate) 102/// optional configuration callback and a <see cref="X509Certificate2"/> used to encrypt the keys. 108/// <param name="certificate">The <see cref="X509Certificate2"/> to be used for encryption.</param> 112X509Certificate2 certificate) 124X509Certificate2? certificate)

src\aspnetcore\src\Shared\CertificateGeneration\CertificateManager.cs (49)

src\aspnetcore\src\Shared\CertificateGeneration\MacOSCertificateManager.cs (28)

15/// Normally, we avoid the use of <see cref="X509Certificate2.Thumbprint"/> because it's a SHA-1 hash and, therefore, 85protected override TrustLevel TrustCertificateCore(X509Certificate2 publicCertificate) 129internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 136internal override void CorrectCertificateState(X509Certificate2 candidate) 151public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 177protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 198private static void RemoveAdminTrustRule(X509Certificate2 certificate) 237private static void RemoveCertificateFromKeychain(string keychain, X509Certificate2 certificate) 274private static bool IsCertOnKeychain(string keychain, X509Certificate2 certificate) 305internal override bool IsExportable(X509Certificate2 c) => true; 307protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 336private static void SaveCertificateToUserKeychain(X509Certificate2 certificate) 373private static string GetCertificateFilePath(X509Certificate2 certificate) => 376protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 381protected override void PopulateCertificatesFromStore(X509Store store, List<X509Certificate2> certificates, bool requireExportable) 387var certsFromStore = new List<X509Certificate2>(); 418private sealed class ThumbprintComparer : IEqualityComparer<X509Certificate2> 420public static readonly IEqualityComparer<X509Certificate2> Instance = new ThumbprintComparer(); 423bool IEqualityComparer<X509Certificate2>.Equals(X509Certificate2 x, X509Certificate2 y) => 427int IEqualityComparer<X509Certificate2>.GetHashCode([DisallowNull] X509Certificate2 obj) => 431private static ICollection<X509Certificate2> GetCertsFromDisk() 433var certsFromDisk = new List<X509Certificate2>(); 445var certificate = new X509Certificate2(file); 459protected override void RemoveCertificateFromUserStoreCore(X509Certificate2 certificate)

src\aspnetcore\src\Shared\CertificateGeneration\UnixCertificateManager.cs (15)

56public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 116using var candidate = X509CertificateLoader.LoadCertificateFromFile(certPath); 171protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 188internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 195internal override void CorrectCertificateState(X509Certificate2 candidate) 201internal override bool IsExportable(X509Certificate2 c) => true; 203protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 219using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 250using var existingCert = X509CertificateLoader.LoadCertificateFromFile(certPath); 443protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 450if (TryFindCertificateInStore(store, certificate, out var matching)) 535protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 632private static string GetCertificateNickname(X509Certificate2 certificate) 666private static bool TrustCertificateInWindowsStore(X509Certificate2 certificate)

src\aspnetcore\src\Shared\CertificateGeneration\WindowsCertificateManager.cs (11)

30internal override bool IsExportable(X509Certificate2 c) 44internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 49internal override void CorrectCertificateState(X509Certificate2 candidate) 54protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 74protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 89using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 101protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 108if (TryFindCertificateInStore(store, certificate, out var matching)) 120public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 127protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation)

Features\TlsConnectionFeature.cs (2)

14public X509Certificate2? ClientCertificate { get; set; } 17public Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken)

Internal\DefaultConnectionInfo.cs (2)

80public override X509Certificate2? ClientCertificate 86public override Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken = default)

ConnectionInfo.cs (4)

48public abstract X509Certificate2? ClientCertificate { get; set; } 53/// <returns>Asynchronously returns an <see cref="X509Certificate2" />. Can be null.</returns> 54public abstract Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken = new CancellationToken()); 85public X509Certificate2? ClientCertificate => _info.ClientCertificate;

ITlsConnectionFeature.cs (2)

16X509Certificate2? ClientCertificate { get; set; } 21Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken);

CertificateForwardingFeature.cs (7)

16private Task<X509Certificate2?>? _certificateTask; 25public X509Certificate2? ClientCertificate 28set => _certificateTask = value is not null ? Task.FromResult<X509Certificate2?>(value) : null; 31public Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken) 37var certificate = _options.HeaderConverter(_header.ToString()); 38_certificateTask = Task.FromResult<X509Certificate2?>(certificate); 44return Task.FromResult<X509Certificate2?>(null);

CertificateForwardingOptions.cs (2)

22/// The function used to convert the header to an instance of <see cref="X509Certificate2"/>. 27public Func<string, X509Certificate2> HeaderConverter = (headerValue) => new X509Certificate2(Convert.FromBase64String(headerValue));

ForwardedTlsConnectionFeature.cs (3)

14private X509Certificate2? _certificate; 23public X509Certificate2? ClientCertificate 48public Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken)

CertificateLoader.cs (9)

31public static X509Certificate2 LoadFromStoreCert(string subject, string storeName, StoreLocation storeLocation, bool allowInvalid) 36X509Certificate2? foundCertificate = null; 42foreach (var certificate in storeCertificates.Find(X509FindType.FindBySubjectName, subject, !allowInvalid) 43.OfType<X509Certificate2>() 72internal static bool IsCertificateAllowedForServerAuth(X509Certificate2 certificate) 106internal static bool DoesCertificateHaveAnAccessiblePrivateKey(X509Certificate2 certificate) 109internal static bool DoesCertificateHaveASubjectAlternativeName(X509Certificate2 certificate) 112private static void DisposeCertificates(X509Certificate2Collection? certificates, X509Certificate2? except) 116foreach (var certificate in certificates)

HttpsConnectionAdapterOptions.cs (3)

39public X509Certificate2? ServerCertificate { get; set; } 57public Func<ConnectionContext?, string?, X509Certificate2?>? ServerCertificateSelector { get; set; } 73public Func<X509Certificate2, X509Chain?, SslPolicyErrors, bool>? ClientCertificateValidation { get; set; }

IHttpsConfigurationService.cs (3)

92public readonly X509Certificate2 Certificate; 96public CertificateAndConfig(X509Certificate2 certificate, CertificateConfig certificateConfig) 104public CertificateAndConfig(X509Certificate2 certificate, CertificateConfig certificateConfig, X509Certificate2Collection certificateChain)

Internal\Certificates\CertificateConfigLoader.cs (9)

27public (X509Certificate2?, X509Certificate2Collection?) LoadCertificate(CertificateConfig? certInfo, string endpointName) 47var certificate = GetCertificate(certificatePath); 85private static X509Certificate2 PersistKey(X509Certificate2 fullCertificate) 93private static X509Certificate2 LoadCertificateKey(X509Certificate2 certificate, string keyPath, string? password) 263private static X509Certificate2? GetCertificate(string certificatePath) 265if (X509Certificate2.GetCertContentType(certificatePath) == X509ContentType.Cert) 324private static X509Certificate2 LoadFromStoreCert(CertificateConfig certInfo)

Internal\Certificates\ICertificateConfigLoader.cs (1)

12(X509Certificate2?, X509Certificate2Collection?) LoadCertificate(CertificateConfig? certInfo, string endpointName);

Internal\LoggerExtensions.cs (1)

18public static void LocatedDevelopmentCertificate(this ILogger<KestrelServer> logger, X509Certificate2 certificate) => LocatedDevelopmentCertificate(logger, certificate.Subject, certificate.Thumbprint);

Internal\SniOptionsSelector.cs (4)

25private readonly Func<ConnectionContext, string?, X509Certificate2?>? _fallbackServerCertificateSelector; 75sslOptions.ServerCertificateContext = SslStreamCertificateContext.Create((X509Certificate2)sslOptions.ServerCertificate, additionalCertificates: fullChain); 78if (!certifcateConfigLoader.IsTestMock && sslOptions.ServerCertificate is X509Certificate2 cert2) 159var fallbackCertificate = _fallbackServerCertificateSelector(connection, serverName);

Internal\TlsConnectionFeature.cs (7)

21private X509Certificate2? _clientCert; 22private Task<X509Certificate2?>? _clientCertTask; 88public X509Certificate2? ClientCertificate 133public Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken) 152private async Task<X509Certificate2?> GetClientCertificateAsyncCore(CancellationToken cancellationToken) 179private static X509Certificate2? ConvertToX509Certificate2(X509Certificate? certificate) 184X509Certificate2 cert2 => cert2,

KestrelConfigurationLoader.cs (1)

78internal X509Certificate2? DefaultCertificate { get; set; }

KestrelServerOptions.cs (6)

207internal X509Certificate2? DevelopmentCertificate { get; private set; } 212internal X509Certificate2? TestOverrideDefaultCertificate { get; set; } 297if (TestOverrideDefaultCertificate is X509Certificate2 certificateFromTest) 303if (ConfigurationLoader?.DefaultCertificate is X509Certificate2 certificateFromLoader) 378private static X509Certificate2? GetDevelopmentCertificateFromStore(ILogger<KestrelServer> logger) 384var cert = certs.Count > 0 ? certs[0] : null;

ListenOptionsHttpsExtensions.cs (2)

130public static ListenOptions UseHttps(this ListenOptions listenOptions, X509Certificate2 serverCertificate) 147public static ListenOptions UseHttps(this ListenOptions listenOptions, X509Certificate2 serverCertificate,

Middleware\HttpsConnectionMiddleware.cs (14)

41private readonly X509Certificate2? _serverCertificate; 42private readonly Func<ConnectionContext, string?, X509Certificate2?>? _serverCertificateSelector; 101var certificate = _serverCertificate; 281private X509Certificate2 LocateCertificateWithPrivateKey(X509Certificate2 certificate) 357var cert = _serverCertificateSelector(context, name); 407Func<X509Certificate2, X509Chain?, SslPolicyErrors, bool>? clientCertificateValidation, 425var certificate2 = ConvertToX509Certificate2(certificate); 498internal static void EnsureCertificateIsAllowedForServerAuth(X509Certificate2 certificate, ILogger<HttpsConnectionMiddleware> logger) 510private static X509Certificate2? ConvertToX509Certificate2(X509Certificate? certificate) 517if (certificate is X509Certificate2 cert2) 586var cert = httpsOptions.ServerCertificateSelector(null, host); 629public static void LocatingCertWithPrivateKey(this ILogger<HttpsConnectionMiddleware> logger, X509Certificate2 certificate) => LocatingCertWithPrivateKey(logger, certificate.Thumbprint); 634public static void FoundCertWithPrivateKey(this ILogger<HttpsConnectionMiddleware> logger, X509Certificate2 certificate, StoreLocation storeLocation)

src\aspnetcore\src\Shared\CertificateGeneration\CertificateManager.cs (49)

src\aspnetcore\src\Shared\CertificateGeneration\MacOSCertificateManager.cs (28)

15/// Normally, we avoid the use of <see cref="X509Certificate2.Thumbprint"/> because it's a SHA-1 hash and, therefore, 85protected override TrustLevel TrustCertificateCore(X509Certificate2 publicCertificate) 129internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 136internal override void CorrectCertificateState(X509Certificate2 candidate) 151public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 177protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 198private static void RemoveAdminTrustRule(X509Certificate2 certificate) 237private static void RemoveCertificateFromKeychain(string keychain, X509Certificate2 certificate) 274private static bool IsCertOnKeychain(string keychain, X509Certificate2 certificate) 305internal override bool IsExportable(X509Certificate2 c) => true; 307protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 336private static void SaveCertificateToUserKeychain(X509Certificate2 certificate) 373private static string GetCertificateFilePath(X509Certificate2 certificate) => 376protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 381protected override void PopulateCertificatesFromStore(X509Store store, List<X509Certificate2> certificates, bool requireExportable) 387var certsFromStore = new List<X509Certificate2>(); 418private sealed class ThumbprintComparer : IEqualityComparer<X509Certificate2> 420public static readonly IEqualityComparer<X509Certificate2> Instance = new ThumbprintComparer(); 423bool IEqualityComparer<X509Certificate2>.Equals(X509Certificate2 x, X509Certificate2 y) => 427int IEqualityComparer<X509Certificate2>.GetHashCode([DisallowNull] X509Certificate2 obj) => 431private static ICollection<X509Certificate2> GetCertsFromDisk() 433var certsFromDisk = new List<X509Certificate2>(); 445var certificate = new X509Certificate2(file); 459protected override void RemoveCertificateFromUserStoreCore(X509Certificate2 certificate)

src\aspnetcore\src\Shared\CertificateGeneration\UnixCertificateManager.cs (15)

56public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 116using var candidate = X509CertificateLoader.LoadCertificateFromFile(certPath); 171protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 188internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 195internal override void CorrectCertificateState(X509Certificate2 candidate) 201internal override bool IsExportable(X509Certificate2 c) => true; 203protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 219using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 250using var existingCert = X509CertificateLoader.LoadCertificateFromFile(certPath); 443protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 450if (TryFindCertificateInStore(store, certificate, out var matching)) 535protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 632private static string GetCertificateNickname(X509Certificate2 certificate) 666private static bool TrustCertificateInWindowsStore(X509Certificate2 certificate)

src\aspnetcore\src\Shared\CertificateGeneration\WindowsCertificateManager.cs (11)

30internal override bool IsExportable(X509Certificate2 c) 44internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 49internal override void CorrectCertificateState(X509Certificate2 candidate) 54protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 74protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 89using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 101protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 108if (TryFindCertificateInStore(store, certificate, out var matching)) 120public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 127protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation)

TlsConfigurationLoader.cs (2)

161var certificate = new X509Certificate2(certificatePath, certificateConfig.Password); 181private static bool IsDevelopmentCertificate(X509Certificate2 certificate)

Internal\QuicConnectionContext.FeatureCollection.cs (6)

12private X509Certificate2? _clientCert; 13private Task<X509Certificate2?>? _clientCertTask; 26public X509Certificate2? ClientCertificate 36public Task<X509Certificate2?> GetClientCertificateAsync(CancellationToken cancellationToken) 47private static X509Certificate2? ConvertToX509Certificate2(X509Certificate? certificate) 52X509Certificate2 cert2 => cert2,

FakeCertificateHttpClientHandler.cs (1)

12public FakeCertificateHttpClientHandler(X509Certificate2 certificate)

FakeCertificateOptions.cs (1)

10public X509Certificate2? Certificate { get; set; }

FakeSslCertificateFactory.cs (3)

19/// Creates a self-signed <see cref="X509Certificate2"/> instance for testing. 21/// <returns>An <see cref="X509Certificate2"/> instance for testing.</returns> 22public static X509Certificate2 CreateSslCertificate()

ServiceFakesHostExtensions.cs (1)

45var certificate = host.Services.GetService<IOptions<FakeCertificateOptions>>()?.Value.Certificate;

ServiceFakesWebHostExtensions.cs (1)

46public static IWebHostBuilder ListenHttpsOnAnyPort(this IWebHostBuilder builder, X509Certificate2? sslCertificate = null)

FakeCertificateFactoryTests.cs (1)

17using var certificate = FakeSslCertificateFactory.CreateSslCertificate();

FakeCertificateHttpClientHandlerTests.cs (2)

16private readonly X509Certificate2 _certificate = FakeSslCertificateFactory.CreateSslCertificate(); 17private readonly X509Certificate2 _anotherCertificate = FakeSslCertificateFactory.CreateSslCertificate();

FakesExtensionsTests.cs (2)

56var certificate = host.Services.GetRequiredService<IOptions<FakeCertificateOptions>>().Value.Certificate; 71var certificate = FakeSslCertificateFactory.CreateSslCertificate();

System\Security\Cryptography\X509Certificates\X509CertificateKeyAccessors.cs (21)

ManifestUtil\mansign2.cs (4)

400private static void InsertPublisherIdentity(XmlDocument manifestDom, X509Certificate2 signerCert) 1050private X509Certificate2 _certificate; 1064internal CmiManifestSigner2(AsymmetricAlgorithm strongNameKey, X509Certificate2 certificate, bool useSha256) 1102internal X509Certificate2 Certificate

ManifestUtil\SecurityUtil.cs (9)

src\sdk\src\Dotnet.Watch\AspireService\AspireServerService.cs (1)

52private readonly X509Certificate2 _certificate;

src\sdk\src\Dotnet.Watch\AspireService\Helpers\CertGenerator.cs (2)

14public static X509Certificate2 GenerateCert() 29var cert = req.CreateSelfSigned(

netstandard.cs (1)

1955[assembly: System.Runtime.CompilerServices.TypeForwardedTo(typeof(System.Security.Cryptography.X509Certificates.X509Certificate2))]

SignCommand\CertificateProvider.cs (6)

60var cert = await LoadCertificateFromFileAsync(options); 125Task<X509Certificate2> LoadCertificateFromFileAsync(CertificateSourceOptions options) 127X509Certificate2 cert; 200foreach (var cert in store.Certificates) 251foreach (var certificate in certificates) 262private static bool IsValid(X509Certificate2 certificate, X509Certificate2Collection extraStore, bool allowUntrustedRoot = false)

SignCommand\SignCommandRunner.cs (2)

37X509Certificate2 cert = null; 181private static async Task<X509Certificate2> GetCertificateAsync(SignArgs signArgs)

Signing\Authoring\AuthorSignPackageRequest.cs (2)

27X509Certificate2 certificate, 49X509Certificate2 certificate,

Signing\Authoring\RepositorySignPackageRequest.cs (1)

50X509Certificate2 certificate,

Signing\Authoring\SignPackageRequest.cs (2)

31public X509Certificate2 Certificate { get; } 57X509Certificate2 certificate,

Signing\ChainBuilding\DefaultX509ChainBuildPolicy.cs (1)

15public bool Build(IX509Chain chain, X509Certificate2 certificate)

Signing\ChainBuilding\IX509ChainBuildPolicy.cs (2)

9/// Represents a wrapper around <see cref="X509Chain.Build(X509Certificate2)" /> to enable 14bool Build(IX509Chain chain, X509Certificate2 certificate);

Signing\ChainBuilding\RetriableX509ChainBuildPolicy.cs (1)

39public bool Build(IX509Chain chain, X509Certificate2 certificate)

Signing\Cms\ICms.cs (1)

18void AddCertificates(IEnumerable<X509Certificate2> certificates);

Signing\Cms\ManagedCmsWrapper.cs (2)

48public void AddCertificates(IEnumerable<X509Certificate2> certificates) 50foreach (var cert in certificates)

Signing\Cms\NativeCms.cs (3)

237internal void AddCertificates(IEnumerable<X509Certificate2> certificates) 239foreach (var cert in certificates) 279AddCertificates(cmsSigner.Certificates.OfType<X509Certificate2>());

Signing\Cms\NativeUtility.cs (1)

37var cert = cmsSigner.Certificates[i];

Signing\Signatures\EssCertIdV2.cs (1)

43public static EssCertIdV2 Create(X509Certificate2 certificate, Common.HashAlgorithmName hashAlgorithmName)

Signing\Signatures\IssuerSerial.cs (1)

40public static IssuerSerial Create(X509Certificate2 certificate)

Signing\Signatures\Signature.cs (2)

147var certificate = SignerInfo.Certificate; 358var certificate = SignerInfo.Certificate;

Signing\Signatures\SigningCertificateV2.cs (1)

34public static SigningCertificateV2 Create(X509Certificate2 certificate, HashAlgorithmName hashAlgorithmName)

Signing\Timestamp\Rfc3161TimestampProvider.cs (1)

124IReadOnlyList<X509Certificate2> chain)

Signing\Timestamp\Rfc3161TimestampTokenFactory.cs (1)

13X509Certificate2 signerCertificate,

Signing\Timestamp\Rfc3161TimestampTokenNetstandard21Wrapper.cs (1)

19X509Certificate2 signerCertificate,

Signing\Timestamp\Rfc3161TimestampVerificationUtility.cs (1)

18X509Certificate2 signerCertificate,

Signing\Timestamp\Timestamp.cs (1)

117var timestamperCertificate = SignerInfo.Certificate;

Signing\TrustStore\CertificateBundleX509ChainFactory.cs (1)

117private static string GetPemEncodedCertificate(X509Certificate2 certificate)

Signing\TrustStore\IX509Chain.cs (1)

25bool Build(X509Certificate2 certificate);

Signing\TrustStore\X509ChainWrapper.cs (1)

37public bool Build(X509Certificate2 certificate)

Signing\Utility\AttributeUtility.cs (1)

249X509Certificate2 certificate,

Signing\Utility\CertificateChainUtility.cs (5)

32X509Certificate2 certificate, 59X509Certificate2 certificate, 170X509Certificate2 certificate, 217internal static bool BuildCertificateChain(IX509Chain chain, X509Certificate2 certificate, out X509ChainStatus[] status) 232internal static bool BuildWithPolicy(IX509Chain chain, X509Certificate2 certificate)

Signing\Utility\CertificateUtility.cs (17)

Signing\Utility\IX509CertificateChain.cs (1)

13public interface IX509CertificateChain : IReadOnlyList<X509Certificate2>, IDisposable

Signing\Utility\SignatureUtility.cs (5)

570X509Certificate2 certificate, 603private static bool IsMatch(X509Certificate2 certificate, EssCertId essCertId) 621private static bool AreGeneralNamesEqual(IssuerSerial issuerSerial, X509Certificate2 certificate) 634private static bool AreSerialNumbersEqual(IssuerSerial issuerSerial, X509Certificate2 certificate) 645X509Certificate2 certificate,

Signing\Utility\SigningUtility.cs (3)

58IReadOnlyList<X509Certificate2> chainList) 88IReadOnlyList<X509Certificate2> chainList) 142foreach (var certificate in chain)

Signing\Utility\VerificationUtility.cs (1)

57internal static SignatureVerificationStatusFlags ValidateSigningCertificate(X509Certificate2 certificate, bool treatIssuesAsErrors, string signatureFriendlyName, List<SignatureLog> issues)

Signing\Utility\X509CertificateChain.cs (2)

10public sealed class X509CertificateChain : List<X509Certificate2>, IX509CertificateChain 18foreach (var item in this)

MS\Internal\Documents\DigitalSignature.cs (2)

160internal X509Certificate2 Certificate 234private X509Certificate2 _x509Certificate2;

MS\Internal\Documents\DigitalSignatureProvider.cs (12)

311IList<X509Certificate2> IDigitalSignatureProvider.GetAllCertificates() 313List<X509Certificate2> certificateList = new List<X509Certificate2>(); 317X509Certificate2 certificate = signature.Certificate; 331IDictionary<X509Certificate2, CertificatePriorityStatus> IDigitalSignatureProvider.GetCertificateStatus( 332IList<X509Certificate2> certificates) 334Dictionary<X509Certificate2, CertificatePriorityStatus> certificateStatusTable = 335new Dictionary<X509Certificate2, CertificatePriorityStatus>(); 337foreach (X509Certificate2 certificate in certificates) 496X509Certificate2 x509Certificate2 = 497xpsDigitalSignature.SignerCertificate as X509Certificate2; 596private static CertificatePriorityStatus GetCertificateStatus(X509Certificate2 certificate)

MS\Internal\Documents\DocumentSignatureManager.cs (9)

213new Dictionary<X509Certificate2, CertificatePriorityStatus>(); 226IList<X509Certificate2> certificateList = 449X509Certificate2 x509Certificate2; 729X509Certificate2 certificate = null; 900private static X509Certificate2 ShowCertificatePickerDialog(IntPtr parentWindow) 902X509Certificate2 x509cert = null; 994private void StartCertificateStatusCheck(IList<X509Certificate2> certificateList) 1347private IDictionary<X509Certificate2, CertificatePriorityStatus> _certificateStatusTable; 1373internal IList<X509Certificate2> CertificateList;

MS\Internal\Documents\IDigitalSignatureProvider.cs (3)

36IList<X509Certificate2> GetAllCertificates(); 44IDictionary<X509Certificate2, CertificatePriorityStatus> GetCertificateStatus(IList<X509Certificate2> certificates);

MS\Internal\Documents\SigningDialog.cs (3)

31internal SigningDialog(X509Certificate2 x509Certificate2, DigitalSignature digitalSignatureRequest, DocumentSignatureManager docSigManager) 312internal X509Certificate2 Certificate 331private X509Certificate2 _x509Certificate2;

shared\CertificateGeneration\DevelopmentCertificate.cs (1)

39var certificate = manager.CreateAspNetCoreHttpsDevelopmentCertificate(now, now.AddYears(1));

src\aspnetcore\src\Shared\CertificateGeneration\CertificateManager.cs (49)

src\aspnetcore\src\Shared\CertificateGeneration\MacOSCertificateManager.cs (28)

15/// Normally, we avoid the use of <see cref="X509Certificate2.Thumbprint"/> because it's a SHA-1 hash and, therefore, 85protected override TrustLevel TrustCertificateCore(X509Certificate2 publicCertificate) 129internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 136internal override void CorrectCertificateState(X509Certificate2 candidate) 151public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 177protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 198private static void RemoveAdminTrustRule(X509Certificate2 certificate) 237private static void RemoveCertificateFromKeychain(string keychain, X509Certificate2 certificate) 274private static bool IsCertOnKeychain(string keychain, X509Certificate2 certificate) 305internal override bool IsExportable(X509Certificate2 c) => true; 307protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 336private static void SaveCertificateToUserKeychain(X509Certificate2 certificate) 373private static string GetCertificateFilePath(X509Certificate2 certificate) => 376protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 381protected override void PopulateCertificatesFromStore(X509Store store, List<X509Certificate2> certificates, bool requireExportable) 387var certsFromStore = new List<X509Certificate2>(); 418private sealed class ThumbprintComparer : IEqualityComparer<X509Certificate2> 420public static readonly IEqualityComparer<X509Certificate2> Instance = new ThumbprintComparer(); 423bool IEqualityComparer<X509Certificate2>.Equals(X509Certificate2 x, X509Certificate2 y) => 427int IEqualityComparer<X509Certificate2>.GetHashCode([DisallowNull] X509Certificate2 obj) => 431private static ICollection<X509Certificate2> GetCertsFromDisk() 433var certsFromDisk = new List<X509Certificate2>(); 445var certificate = new X509Certificate2(file); 459protected override void RemoveCertificateFromUserStoreCore(X509Certificate2 certificate)

src\aspnetcore\src\Shared\CertificateGeneration\UnixCertificateManager.cs (15)

56public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 116using var candidate = X509CertificateLoader.LoadCertificateFromFile(certPath); 171protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 188internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 195internal override void CorrectCertificateState(X509Certificate2 candidate) 201internal override bool IsExportable(X509Certificate2 c) => true; 203protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 219using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 250using var existingCert = X509CertificateLoader.LoadCertificateFromFile(certPath); 443protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 450if (TryFindCertificateInStore(store, certificate, out var matching)) 535protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation) 632private static string GetCertificateNickname(X509Certificate2 certificate) 666private static bool TrustCertificateInWindowsStore(X509Certificate2 certificate)

src\aspnetcore\src\Shared\CertificateGeneration\WindowsCertificateManager.cs (11)

30internal override bool IsExportable(X509Certificate2 c) 44internal override CheckCertificateStateResult CheckCertificateState(X509Certificate2 candidate) 49internal override void CorrectCertificateState(X509Certificate2 candidate) 54protected override X509Certificate2 SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation) 74protected override TrustLevel TrustCertificateCore(X509Certificate2 certificate) 89using var publicCertificate = X509CertificateLoader.LoadCertificate(certificate.Export(X509ContentType.Cert)); 101protected override void RemoveCertificateFromTrustedRoots(X509Certificate2 certificate) 108if (TryFindCertificateInStore(store, certificate, out var matching)) 120public override TrustLevel GetTrustLevel(X509Certificate2 certificate) 127protected override IList<X509Certificate2> GetCertificatesToRemove(StoreName storeName, StoreLocation storeLocation)

ScenarioTestTypes.cs (1)

1270public override void Validate(X509Certificate2 certificate)

Https\HttpsTests.4.1.0.cs (1)

278X509Certificate2 serviceCertificate = null;

Tcp\ClientCredentialTypeTests.OSX.cs (6)

93public override void Validate(X509Certificate2 certificate) 103static bool StoreContainsCertificate(X509Store store, X509Certificate2 certificate) 117internal bool TryValidate(X509Certificate2 certificate, out Exception exception) 179internal static void ResetCertificate(X509Certificate2 certificate) 184internal static string GetCertificateId(X509Certificate2 certificate) 191internal static void AppendCertificateIdentityName(StringBuilder str, X509Certificate2 certificate)

src\runtime\src\libraries\shims\System\ref\System.cs (1)

864[assembly: System.Runtime.CompilerServices.TypeForwardedTo(typeof(System.Security.Cryptography.X509Certificates.X509Certificate2))]

System\DirectoryServices\AccountManagement\AD\ADStoreCtx_Query.cs (2)

559System.Security.Cryptography.X509Certificates.X509Certificate2 certificate = 560(System.Security.Cryptography.X509Certificates.X509Certificate2)filter.Value;

System\DirectoryServices\AccountManagement\AuthenticablePrincipal.cs (3)

554X509Certificate2 cert = X509CertificateLoader.LoadCertificate(rawCert); 574foreach (X509Certificate2 certificate in _certificates) 600foreach (X509Certificate2 certificate in _certificates)

System\DirectoryServices\AccountManagement\StoreCtx.cs (2)

390foreach (X509Certificate2 cert in certCollection) 393((FilterBase)filter).Value = (X509Certificate2)cert;

src\runtime\src\libraries\Common\src\System\Net\Security\CertificateHelper.cs (4)

16internal static X509Certificate2? GetEligibleClientCertificate(X509CertificateCollection? candidateCerts) 29internal static X509Certificate2? GetEligibleClientCertificate(X509Certificate2Collection? candidateCerts) 36foreach (X509Certificate2 cert in candidateCerts) 64private static bool IsValidClientCertificate(X509Certificate2 cert)

src\runtime\src\libraries\Common\src\System\Net\Security\CertificateHelper.Unix.cs (1)

10internal static X509Certificate2? GetEligibleClientCertificate()

System\Net\Http\HttpClientHandler.cs (2)

309public Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool>? ServerCertificateCustomValidationCallback 376public static Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool> DangerousAcceptAnyServerCertificateValidator =>

System\Net\Http\SocketsHttpHandler\ConnectHelper.cs (5)

25public readonly Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool> FromHttpClientHandler; 28public CertificateCallbackMapper(Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool> fromHttpClientHandler) 32FromHttpClientHandler((HttpRequestMessage)sender, certificate as X509Certificate2, chain, sslPolicyErrors); 44Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool> localFromHttpClientHandler = mapper.FromHttpClientHandler; 49bool result = localFromHttpClientHandler(localRequest, certificate as X509Certificate2, chain, sslPolicyErrors);

src\runtime\src\libraries\Common\src\Interop\Windows\SChannel\UnmanagedCertificateContext.IntPtr.cs (1)

38var cert = new X509Certificate2(new IntPtr(next));

src\runtime\src\libraries\Common\src\System\Net\Security\CertificateHelper.cs (4)

16internal static X509Certificate2? GetEligibleClientCertificate(X509CertificateCollection? candidateCerts) 29internal static X509Certificate2? GetEligibleClientCertificate(X509Certificate2Collection? candidateCerts) 36foreach (X509Certificate2 cert in candidateCerts) 64private static bool IsValidClientCertificate(X509Certificate2 cert)

src\runtime\src\libraries\Common\src\System\Net\Security\CertificateHelper.Windows.cs (1)

10internal static X509Certificate2? GetEligibleClientCertificate()

src\runtime\src\libraries\Common\src\System\Net\Security\CertificateValidation.Windows.cs (2)

17internal static SslPolicyErrors BuildChainAndVerifyProperties(X509Chain chain, X509Certificate2 remoteCertificate, bool checkCertName, bool isServer, string? hostName, Span<byte> certificateBuffer) 21internal static SslPolicyErrors BuildChainAndVerifyProperties(X509Chain chain, X509Certificate2 remoteCertificate, bool checkCertName, bool isServer, string? hostName)

System\Net\Http\WinHttpHandler.cs (3)

69X509Certificate2, 241X509Certificate2, 1413X509Certificate2? clientCertificate;

System\Net\Http\WinHttpRequestCallback.cs (1)

311var serverCertificate = new X509Certificate2(certHandle);

System\Net\Http\WinHttpRequestState.cs (1)

128public Func<HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, bool>? ServerCertificateValidationCallback { get; set; }

System\Net\HttpListenerRequest.cs (3)

230public X509Certificate2? GetClientCertificate() 254public Task<X509Certificate2?> GetClientCertificateAsync() 263internal X509Certificate2? ClientCertificate { get; set; }

System\Net\Managed\HttpConnection.cs (3)

68private X509Certificate2? _clientCert; 99_clientCert = c as X509Certificate2 ?? X509CertificateLoader.LoadCertificate(c.GetRawCertData()); 122internal X509Certificate2? ClientCertificate

System\Net\Managed\HttpListenerRequest.Managed.cs (3)

288private X509Certificate2? GetClientCertificateCore() => ClientCertificate = _context.Connection.ClientCertificate; 356public X509Certificate2? EndGetClientCertificate(IAsyncResult asyncResult) 371return (X509Certificate2?)clientCertAsyncResult.Result;

src\runtime\src\libraries\Common\src\System\Net\Security\CertificateValidation.Unix.cs (2)

16internal static SslPolicyErrors BuildChainAndVerifyProperties(X509Chain chain, X509Certificate2 remoteCertificate, bool checkCertName, bool isServer, string? hostName, Span<byte> certificateBuffer) 20internal static SslPolicyErrors BuildChainAndVerifyProperties(X509Chain chain, X509Certificate2 remoteCertificate, bool checkCertName, bool _ /*isServer*/, string? hostName)

System\Net\Quic\Internal\MsQuicConfiguration.Cache.cs (3)

37public CacheKey(QUIC_SETTINGS settings, QUIC_CREDENTIAL_FLAGS flags, X509Certificate? certificate, ReadOnlyCollection<X509Certificate2>? intermediates, List<SslApplicationProtocol> alpnProtocols, QUIC_ALLOWED_CIPHER_SUITE_FLAGS allowedCipherSuites) 53foreach (X509Certificate2 intermediate in intermediates) 117private static MsQuicConfigurationSafeHandle GetCachedCredentialOrCreate(QUIC_SETTINGS settings, QUIC_CREDENTIAL_FLAGS flags, X509Certificate? certificate, ReadOnlyCollection<X509Certificate2>? intermediates, List<SslApplicationProtocol> alpnProtocols, QUIC_ALLOWED_CIPHER_SUITE_FLAGS allowedCipherSuites)

System\Net\Quic\Internal\MsQuicConfiguration.cs (7)

17=> certificate is X509Certificate2 certificate2 && certificate2.Handle != IntPtr.Zero && certificate2.HasPrivateKey; 34ReadOnlyCollection<X509Certificate2>? intermediates = null; 99ReadOnlyCollection<X509Certificate2>? intermediates = default; 124private static MsQuicConfigurationSafeHandle Create(QuicConnectionOptions options, QUIC_CREDENTIAL_FLAGS flags, X509Certificate? certificate, ReadOnlyCollection<X509Certificate2>? intermediates, List<SslApplicationProtocol>? alpnProtocols, CipherSuitesPolicy? cipherSuitesPolicy, EncryptionPolicy encryptionPolicy) 204private static unsafe MsQuicConfigurationSafeHandle CreateInternal(QUIC_SETTINGS settings, QUIC_CREDENTIAL_FLAGS flags, X509Certificate? certificate, ReadOnlyCollection<X509Certificate2>? intermediates, List<SslApplicationProtocol> alpnProtocols, QUIC_ALLOWED_CIPHER_SUITE_FLAGS allowedCipherSuites) 206if (!MsQuicApi.UsesSChannelBackend && certificate is X509Certificate2 cert && intermediates is null) 260foreach (X509Certificate2 intermediate in intermediates)

System\Net\Quic\QuicConnection.cs (1)

213private X509Certificate2? _remoteCertificate;

System\Net\Quic\QuicConnection.SslConnectionOptions.cs (3)

76X509Certificate2? certificate = null; 176private QUIC_TLS_ALERT_CODES ValidateCertificate(X509Certificate2? certificate, Span<byte> certData, Span<byte> chainData) 208Debug.Assert(X509Certificate2.GetCertContentType(chainData) is X509ContentType.Pkcs7);

src\runtime\src\libraries\Common\src\Interop\Unix\System.Security.Cryptography.Native\Interop.OpenSsl.cs (5)

65foreach (X509Certificate2 intermediate in certContext.IntermediateCertificates) 886(X509Certificate2 certificate, X509Chain chain) = GetPeerCertChainFromStoreCtx(sslHandle, storeCtx, options); 971static (X509Certificate2 certificate, X509Chain chain) GetPeerCertChainFromStoreCtx(SafeSslHandle sslHandle, IntPtr storeCtx, SslAuthenticationOptions options) 973X509Certificate2? certificate = null; 995X509Certificate2 chainCert = new X509Certificate2(certPtr);

src\runtime\src\libraries\Common\src\Interop\Unix\System.Security.Cryptography.Native\Interop.Ssl.cs (1)

330internal static bool AddExtraChainCertificates(SafeSslHandle ssl, ReadOnlyCollection<X509Certificate2> chain)

src\runtime\src\libraries\Common\src\Interop\Unix\System.Security.Cryptography.Native\Interop.SslCtx.cs (1)

48internal static bool AddExtraChainCertificates(SafeSslContextHandle ctx, ReadOnlyCollection<X509Certificate2> chain)

src\runtime\src\libraries\Common\src\System\Net\Security\CertificateValidation.Unix.cs (2)

16internal static SslPolicyErrors BuildChainAndVerifyProperties(X509Chain chain, X509Certificate2 remoteCertificate, bool checkCertName, bool isServer, string? hostName, Span<byte> certificateBuffer) 20internal static SslPolicyErrors BuildChainAndVerifyProperties(X509Chain chain, X509Certificate2 remoteCertificate, bool checkCertName, bool _ /*isServer*/, string? hostName)

System\Net\CertificateValidationPal.cs (2)

21internal static X509Certificate2? GetRemoteCertificate(SafeDeleteContext? securityContext) => 24internal static X509Certificate2? GetRemoteCertificate(SafeDeleteContext? securityContext, ref X509Chain? chain, X509ChainPolicy? chainPolicy) =>

System\Net\CertificateValidationPal.Unix.cs (4)

16X509Certificate2 remoteCertificate, 27private static X509Certificate2? GetRemoteCertificate( 38X509Certificate2? result = null; 71X509Certificate2 chainCert = new X509Certificate2(certPtr);

System\Net\Security\Pal.Managed\EndpointChannelBindingToken.cs (2)

14using (X509Certificate2? cert = CertificateValidationPal.GetRemoteCertificate(securityContext)) 28private static byte[] GetHashForChannelBinding(X509Certificate2 cert)

System\Net\Security\SslAuthenticationOptions.cs (3)

144X509Certificate2? certificateWithKey = sslServerAuthenticationOptions.ServerCertificate as X509Certificate2; 190internal void SetCertificateContextFromCert(X509Certificate2 certificate, bool? noOcspFetch = null)

System\Net\Security\SslStream.Protocol.cs (21)

System\Net\Security\SslStreamCertificateContext.cs (13)

17public X509Certificate2 TargetCertificate { get; } 22public ReadOnlyCollection<X509Certificate2> IntermediateCertificates { get; } 25public static SslStreamCertificateContext Create(X509Certificate2 target, X509Certificate2Collection? additionalCertificates, bool offline) 30public static SslStreamCertificateContext Create(X509Certificate2 target, X509Certificate2Collection? additionalCertificates, bool offline = false, SslCertificateTrust? trust = null) 36X509Certificate2 target, 47X509Certificate2[] intermediates = Array.Empty<X509Certificate2>(); 48X509Certificate2? root = null; 127intermediates = new X509Certificate2[count]; 150SslStreamCertificateContext ctx = new SslStreamCertificateContext(target, new ReadOnlyCollection<X509Certificate2>(intermediates), trust); 167partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool transferredOwnership); 175foreach (X509Certificate2 cert in IntermediateCertificates) 187foreach (X509Certificate2 cert in IntermediateCertificates)

System\Net\Security\SslStreamCertificateContext.Linux.cs (10)

39private X509Certificate2[] _privateIntermediateCertificates; 40private X509Certificate2? _rootCertificate; 44private SslStreamCertificateContext(X509Certificate2 target, ReadOnlyCollection<X509Certificate2> intermediates, SslCertificateTrust? trust) 49_privateIntermediateCertificates = new X509Certificate2[intermediates.Count]; 58_privateIntermediateCertificates = Array.Empty<X509Certificate2>(); 115internal static SslStreamCertificateContext Create(X509Certificate2 target) => 125partial void AddRootCertificate(X509Certificate2? rootCertificate, ref bool transferredOwnership) 272X509Certificate2? caCert = _privateIntermediateCertificates.Length > 0 ? _privateIntermediateCertificates[0] : _rootCertificate; 428foreach (X509Certificate2 cert in _privateIntermediateCertificates)

src\runtime\src\libraries\Common\src\System\Security\Cryptography\Pkcs\Pkcs12CertBag.cs (2)

57internal Pkcs12CertBag(X509Certificate2 cert) 80public X509Certificate2 GetCertificate()

src\runtime\src\libraries\Common\src\System\Security\Cryptography\Pkcs\Pkcs12SafeContents.cs (1)

86public Pkcs12CertBag AddCertificate(X509Certificate2 certificate)

src\runtime\src\libraries\Common\src\System\Security\Cryptography\X509Certificates\Pkcs12LoaderLimits.cs (1)

298/// <seealso cref="X509Certificate2.FriendlyName"/>

src\runtime\src\libraries\Common\src\System\Security\Cryptography\X509Certificates\X509CertificateLoader.cs (17)

src\runtime\src\libraries\Common\src\System\Security\Cryptography\X509Certificates\X509CertificateLoader.Pkcs12.cs (1)

883internal partial X509Certificate2 ToCertificate();

System\Security\Cryptography\X509Certificates\CertificateExtensionsCommon.cs (4)

11this X509Certificate2 certificate, 12Predicate<X509Certificate2>? matchesConstraints = null) 47this X509Certificate2 certificate, 48Predicate<X509Certificate2>? matchesConstraints = null)

System\Security\Cryptography\X509Certificates\CertificateRequest.cs (23)

System\Security\Cryptography\X509Certificates\CertificateRequest.Load.cs (1)

260X509Certificate2.CreateCustomExtensionIfAny(extAsn.ExtnId);

System\Security\Cryptography\X509Certificates\CertificateRevocationListBuilder.Build.cs (2)

110X509Certificate2 issuerCertificate, 127X509Certificate2 issuerCertificate,

System\Security\Cryptography\X509Certificates\CertificateRevocationListBuilder.cs (1)

64X509Certificate2 certificate,

System\Security\Cryptography\X509Certificates\ChainPal.Windows.cs (1)

77X509Certificate2 certificate = new X509Certificate2((IntPtr)(pChainElement->pCertContext));

System\Security\Cryptography\X509Certificates\DSACertificateExtensions.cs (5)

11/// public and private keys of a <see cref="X509Certificate2" />. 20public static DSA? GetDSAPublicKey(this X509Certificate2 certificate) 28public static DSA? GetDSAPrivateKey(this X509Certificate2 certificate) 33public static X509Certificate2 CopyWithPrivateKey(this X509Certificate2 certificate, DSA privateKey)

System\Security\Cryptography\X509Certificates\ECDsaCertificateExtensions.cs (6)

10/// public and private keys of a <see cref="X509Certificate2" />. 17public static ECDsa? GetECDsaPublicKey(this X509Certificate2 certificate) 25public static ECDsa? GetECDsaPrivateKey(this X509Certificate2 certificate) 30public static X509Certificate2 CopyWithPrivateKey(this X509Certificate2 certificate, ECDsa privateKey) 53private static bool HasECDsaKeyUsage(X509Certificate2 certificate)

System\Security\Cryptography\X509Certificates\RSACertificateExtensions.cs (5)

10/// public and private keys of a <see cref="X509Certificate2" />. 17public static RSA? GetRSAPublicKey(this X509Certificate2 certificate) 25public static RSA? GetRSAPrivateKey(this X509Certificate2 certificate) 30public static X509Certificate2 CopyWithPrivateKey(this X509Certificate2 certificate, RSA privateKey)

System\Security\Cryptography\X509Certificates\StorePal.cs (1)

49foreach (X509Certificate2 cert in coll)

System\Security\Cryptography\X509Certificates\StorePal.Windows.cs (1)

45X509Certificate2 cert = new X509Certificate2(pCertContext.DangerousGetHandle());

System\Security\Cryptography\X509Certificates\X509AuthorityKeyIdentifierExtension.cs (3)

105/// Gets the <see cref="X509Certificate2.IssuerName"/> value from this certificate's 109/// The <see cref="X509Certificate2.IssuerName"/> value from this certificate's 461X509Certificate2 certificate,

System\Security\Cryptography\X509Certificates\X509Certificate2.cs (32)

89/// Initializes a new instance of the <see cref="X509Certificate2"/> class from certificate data. 103/// Initializes a new instance of the <see cref="X509Certificate2"/> class from certificate data, 758public X509Certificate2 CopyWithPrivateKey(ECDiffieHellman privateKey) 846public X509Certificate2 CopyWithPrivateKey(MLKem privateKey) 948public X509Certificate2 CopyWithPrivateKey(MLDsa privateKey) 1044public unsafe X509Certificate2 CopyWithPrivateKey(SlhDsa privateKey) 1154public X509Certificate2 CopyWithPrivateKey(CompositeMLDsa privateKey) 1241public static X509Certificate2 CreateFromPemFile(string certPemFilePath, string? keyPemFilePath = default) 1307public static X509Certificate2 CreateFromEncryptedPemFile(string certPemFilePath, ReadOnlySpan<char> password, string? keyPemFilePath = default) 1357public static X509Certificate2 CreateFromPem(ReadOnlySpan<char> certPem, ReadOnlySpan<char> keyPem) 1359using (X509Certificate2 certificate = CreateFromPem(certPem)) 1443public static X509Certificate2 CreateFromEncryptedPem(ReadOnlySpan<char> certPem, ReadOnlySpan<char> keyPem, ReadOnlySpan<char> password) 1445using (X509Certificate2 certificate = CreateFromPem(certPem)) 1487private static bool IsECDsa(X509Certificate2 certificate) 1495private static bool IsECDiffieHellman(X509Certificate2 certificate) 1525public static X509Certificate2 CreateFromPem(ReadOnlySpan<char> certPem) 1556X509Certificate2 ret = X509CertificateLoader.LoadCertificate(certData.Span); 1890private static X509Certificate2 ExtractKeyFromPem<TAlg>( 1894Func<TAlg, X509Certificate2> import) where TAlg : IDisposable 1912private static X509Certificate2 ExtractKeyFromPem<TAlg>( 1915Func<TAlg, X509Certificate2> import) where TAlg : IDisposable 1930private static X509Certificate2 ExtractKeyFromEncryptedPem<TAlg>( 1934Func<TAlg, X509Certificate2> import) where TAlg : IDisposable 1976private static bool HasECDiffieHellmanKeyUsage(X509Certificate2 certificate) 1994private static X509Certificate2 ExtractKeyFromEncryptedECPem( 1995X509Certificate2 certificate, 2033X509Certificate2? loaded = ExtractKeyFromECPrivateKeyInfo(certificate, decryptedPkcs8.Value); 2061private static X509Certificate2 ExtractKeyFromECPem(X509Certificate2 certificate, ReadOnlySpan<char> keyPem) 2116X509Certificate2? loaded = ExtractKeyFromECPrivateKeyInfo(certificate, base64Buffer.AsMemory(0, base64Written)); 2139private static X509Certificate2? ExtractKeyFromECPrivateKeyInfo( 2140X509Certificate2 certificate,

System\Security\Cryptography\X509Certificates\X509Certificate2Collection.cs (14)

15public class X509Certificate2Collection : X509CertificateCollection, IEnumerable<X509Certificate2> 21public X509Certificate2Collection(X509Certificate2 certificate) 26public X509Certificate2Collection(X509Certificate2[] certificates) 36public new X509Certificate2 this[int index] 40return (X509Certificate2)(base[index]); 48public int Add(X509Certificate2 certificate) 55public void AddRange(X509Certificate2[] certificates) 99public bool Contains(X509Certificate2 certificate) 202IEnumerator<X509Certificate2> IEnumerable<X509Certificate2>.GetEnumerator() => GetEnumerator(); 328public void Insert(int index, X509Certificate2 certificate) 335public void Remove(X509Certificate2 certificate) 342public void RemoveRange(X509Certificate2[] certificates) 787foreach (X509Certificate2 cert in this)

System\Security\Cryptography\X509Certificates\X509Certificate2Enumerator.cs (3)

10public sealed class X509Certificate2Enumerator : IEnumerator, IEnumerator<X509Certificate2> 21public X509Certificate2 Current 23get { return (X509Certificate2)_enumerator.Current!; }

System\Security\Cryptography\X509Certificates\X509CertificateLoader.netcore.cs (4)

11public static partial X509Certificate2 LoadCertificate(byte[] data) 18public static partial X509Certificate2 LoadCertificate(ReadOnlySpan<byte> data) 30public static partial X509Certificate2 LoadCertificateFromFile(string path) 138internal partial X509Certificate2 ToCertificate()

System\Security\Cryptography\X509Certificates\X509Chain.cs (3)

89public bool Build(X509Certificate2 certificate) 94internal bool Build(X509Certificate2 certificate, bool throwOnException) 108foreach (X509Certificate2 customCertificate in _chainPolicy.CustomTrustStore)

System\Security\Cryptography\X509Certificates\X509ChainElement.cs (2)

16internal X509ChainElement(X509Certificate2 certificate, X509ChainStatus[] chainElementStatus, string information) 23public X509Certificate2 Certificate { get; }

System\Security\Cryptography\X509Certificates\X509Store.cs (4)

126public void Add(X509Certificate2 certificate) 146foreach (X509Certificate2 certificate in certificates) 164public void Remove(X509Certificate2 certificate) 184foreach (X509Certificate2 certificate in certificates)

Internal\Cryptography\DecryptorPal.cs (1)

35X509Certificate2? cert,

Internal\Cryptography\Pal\AnyOS\ManagedPal.cs (4)

33public override byte[] GetSubjectKeyIdentifier(X509Certificate2 certificate) 67public override T? GetPrivateKeyForSigning<T>(X509Certificate2 certificate, bool silent) where T : class 72public override T? GetPrivateKeyForDecryption<T>(X509Certificate2 certificate, bool silent) where T : class 77private static T? GetPrivateKey<T>(X509Certificate2 certificate) where T : class, IDisposable

Internal\Cryptography\Pal\AnyOS\ManagedPal.Decrypt.cs (1)

34X509Certificate2? cert,

Internal\Cryptography\Pal\AnyOS\ManagedPal.KeyTrans.cs (2)

36internal byte[]? DecryptCek(X509Certificate2? cert, RSA? privateKey, out Exception? exception) 65X509Certificate2? cert,

Internal\Cryptography\Pal\Windows\DecryptorPalWindows.Decrypt.cs (3)

21X509Certificate2? cert, 122private static CryptographicException? TryGetKeySpecForCertificate(X509Certificate2 cert, out CryptKeySpec keySpec) 225X509Certificate2? originatorCert = candidateCerts.TryFindMatchingCertificate(originatorId);

Internal\Cryptography\Pal\Windows\HelpersWindows.cs (2)

134X509Certificate2 cert = X509CertificateLoader.LoadCertificate(encodedCertificate); 149public static SafeCertContextHandle CreateCertContextHandle(this X509Certificate2 cert)

Internal\Cryptography\Pal\Windows\PkcsPalWindows.cs (5)

83public sealed override byte[] GetSubjectKeyIdentifier(X509Certificate2 certificate) 92public override T? GetPrivateKeyForSigning<T>(X509Certificate2 certificate, bool silent) where T : class 97public override T? GetPrivateKeyForDecryption<T>(X509Certificate2 certificate, bool silent) where T : class 102private static T? GetPrivateKey<T>(X509Certificate2 certificate, bool silent, bool preferNCrypt) where T : class, IDisposable 191X509Certificate2 cert,

Internal\Cryptography\PkcsHelpers.cs (5)

134X509Certificate2 originalCert = recipient.Certificate; 135X509Certificate2 certCopy = new X509Certificate2(originalCert.Handle); 170public static X509Certificate2? TryFindMatchingCertificate(this X509Certificate2Collection certs, SubjectIdentifier recipientIdentifier) 185foreach (X509Certificate2 candidate in certs) 198foreach (X509Certificate2 cert in certs)

Internal\Cryptography\PkcsPal.cs (3)

74public abstract byte[] GetSubjectKeyIdentifier(X509Certificate2 certificate); 79public abstract T? GetPrivateKeyForSigning<T>(X509Certificate2 certificate, bool silent) where T : class, IDisposable; 84public abstract T? GetPrivateKeyForDecryption<T>(X509Certificate2 certificate, bool silent) where T : class, IDisposable;

src\runtime\src\libraries\Common\src\System\Security\Cryptography\Pkcs\Pkcs12CertBag.cs (2)

57internal Pkcs12CertBag(X509Certificate2 cert) 80public X509Certificate2 GetCertificate()

src\runtime\src\libraries\Common\src\System\Security\Cryptography\Pkcs\Pkcs12SafeContents.cs (1)

86public Pkcs12CertBag AddCertificate(X509Certificate2 certificate)

System\Security\Cryptography\Pkcs\CmsRecipient.cs (6)

12public CmsRecipient(X509Certificate2 certificate) 22CmsRecipient(X509Certificate2 certificate, RSAEncryptionPadding rsaEncryptionPadding) 36CmsRecipient(SubjectIdentifierType recipientIdentifierType, X509Certificate2 certificate, RSAEncryptionPadding rsaEncryptionPadding) 45public CmsRecipient(SubjectIdentifierType recipientIdentifierType, X509Certificate2 certificate) 73public X509Certificate2 Certificate { get; } 75private static void ValidateRSACertificate(X509Certificate2 certificate)

System\Security\Cryptography\Pkcs\CmsSignature.cs (5)

48X509Certificate2 certificate); 57X509Certificate2 certificate, 126X509Certificate2 certificate, 150X509Certificate2 certificate, 152Func<X509Certificate2, T?> getCertPublicKey,

System\Security\Cryptography\Pkcs\CmsSignature.DSA.cs (2)

52X509Certificate2 certificate) 111X509Certificate2 certificate,

System\Security\Cryptography\Pkcs\CmsSignature.ECDsa.cs (2)

54X509Certificate2 certificate) 116X509Certificate2 certificate,

System\Security\Cryptography\Pkcs\CmsSignature.MLDsa.cs (2)

43X509Certificate2 certificate) 78X509Certificate2 certificate,

System\Security\Cryptography\Pkcs\CmsSignature.RSA.cs (4)

55X509Certificate2 certificate) 108X509Certificate2 certificate, 216X509Certificate2 certificate, 339X509Certificate2 certificate,

System\Security\Cryptography\Pkcs\CmsSignature.SlhDsa.cs (2)

54X509Certificate2 certificate) 92X509Certificate2 certificate,

System\Security\Cryptography\Pkcs\CmsSigner.cs (10)

System\Security\Cryptography\Pkcs\EnvelopedCms.cs (1)

241X509Certificate2? cert = certs.TryFindMatchingCertificate(recipientInfo.RecipientIdentifier);

System\Security\Cryptography\Pkcs\Rfc3161TimestampToken.cs (13)

System\Security\Cryptography\Pkcs\SignedCms.cs (5)

551var certs = new HashSet<X509Certificate2>(Certificates.OfType<X509Certificate2>()); 555X509Certificate2 candidate = newCerts[i]; 658void AddCertificate(X509Certificate2 certificate) 697void RemoveCertificate(X509Certificate2 certificate)

System\Security\Cryptography\Pkcs\SignerInfo.cs (10)

33private X509Certificate2? _signerCertificate; 74public X509Certificate2? Certificate => 456X509Certificate2? certificate = Certificate; 502private X509Certificate2? FindSignerCertificate() 507private static X509Certificate2? FindSignerCertificate( 517X509Certificate2? match = null; 526foreach (X509Certificate2 cert in filtered) 552foreach (X509Certificate2 cert in filtered) 839X509Certificate2 certificate, 913X509Certificate2 certificate,

System\Security\Cryptography\Pkcs\SubjectIdentifier.cs (1)

106bool MatchesCertificate(X509Certificate2 certificate)

System.Security.Cryptography.X509Certificates.cs (1)

18[assembly: System.Runtime.CompilerServices.TypeForwardedTo(typeof(System.Security.Cryptography.X509Certificates.X509Certificate2))]

System\Security\Cryptography\Xml\EncryptedXml.cs (2)

458foreach (X509Certificate2 certificate in collection) 553public EncryptedData Encrypt(XmlElement inputElement, X509Certificate2 certificate)

System\Security\Cryptography\Xml\KeyInfoX509Data.cs (3)

37X509Certificate2 certificate = rgbCert is null ? 54X509Certificate2 certificate = new X509Certificate2(cert); 116X509Certificate2 x509 = new X509Certificate2(certificate);

System\Security\Cryptography\Xml\SignedXml.cs (3)

327public bool CheckSignature(X509Certificate2 certificate, bool verifySignatureOnly) 532X509Certificate2? certificate = (X509Certificate2?)_x509Enum.Current;

System\Security\Cryptography\Xml\SignedXmlDebugLog.cs (2)

216X509Certificate2? certificate2 = key as X509Certificate2;

System\Security\Cryptography\Xml\Utils.cs (3)

633foreach (X509Certificate2 certificate in keyInfoX509Data.Certificates) 745X509Certificate2 certificate = elements[0].Certificate; 751internal static AsymmetricAlgorithm? GetAnyPublicKey(X509Certificate2 certificate)

System\ServiceModel\Channels\HttpsChannelFactory.cs (4)

23private Func<HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, bool> _remoteCertificateValidationCallback; 212private bool RemoteCertificateValidationCallback(HttpRequestMessage sender, X509Certificate2 certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) 242if (certificate is not X509Certificate2 certificate2) 294private static void ValidateClientCertificate(X509Certificate2 certificate)

System\ServiceModel\Channels\HttpTransportSecurityHelpers.cs (7)

68bool identityValidator(HttpRequestMessage requestMessage, X509Certificate2 cert, X509Chain chain, SslPolicyErrors policyErrors) 87public static void SetServerCertificateValidationCallback(HttpClientHandler handler, Func<HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, bool> validator) 93private static Func<HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, bool> ChainValidator( 94Func<HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, bool> previousValidator, 95Func<HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, bool> validator) 102bool chained(HttpRequestMessage request, X509Certificate2 certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) 116private static void ValidateServerCertificate(X509Certificate2 certificate, byte[] rawData, string thumbprint)

ServiceModel\BasicHttpsBindingTest.cs (1)

75var certificate = new X509Certificate2(certificateBytes);

System\ServiceModel\Channels\SslStreamSecurityUpgradeProvider.cs (2)

74public X509Certificate2 ServerCertificate { get; private set; } 406X509Certificate2 certificate2 = new X509Certificate2(certificate);

System\IdentityModel\Claims\X509CertificateClaimSet.cs (8)

17private X509Certificate2 _certificate; 26public X509CertificateClaimSet(X509Certificate2 certificate) 31internal X509CertificateClaimSet(X509Certificate2 certificate, bool clone) 136public X509Certificate2 X509Certificate 319private static string[] GetDnsFromExtensions(X509Certificate2 cert) 526private X509Certificate2 _certificate; 531public X509Identity(X509Certificate2 certificate) 542internal X509Identity(X509Certificate2 certificate, bool clone, bool disposable)

System\IdentityModel\SecurityUtils.cs (4)

211internal static string GetCertificateId(X509Certificate2 certificate) 218internal static void AppendCertificateIdentityName(StringBuilder str, X509Certificate2 certificate) 243internal static bool TryCreateX509CertificateFromRawData(byte[] rawData, out X509Certificate2 certificate) 308internal static void ResetCertificate(X509Certificate2 certificate)

System\IdentityModel\Selectors\X509CertificateValidator.cs (7)

93public abstract void Validate(X509Certificate2 certificate); 97public override void Validate(X509Certificate2 certificate) 108public override void Validate(X509Certificate2 certificate) 122private static bool StoreContainsCertificate(StoreName storeName, X509Certificate2 certificate) 139internal bool TryValidate(X509Certificate2 certificate, out Exception exception) 199public override void Validate(X509Certificate2 certificate) 257public override void Validate(X509Certificate2 certificate)

System\IdentityModel\Selectors\X509SecurityTokenProvider.cs (3)

15private X509Certificate2 _certificate; 18public X509SecurityTokenProvider(X509Certificate2 certificate) : this(certificate, true) { } 20internal X509SecurityTokenProvider(X509Certificate2 certificate, bool clone)

System\IdentityModel\Tokens\X509AsymmetricSecurityKey.cs (2)

15private X509Certificate2 _certificate; 21public X509AsymmetricSecurityKey(X509Certificate2 certificate)

System\IdentityModel\Tokens\X509IssuerSerialKeyIdentifierClause.cs (2)

33public X509IssuerSerialKeyIdentifierClause(X509Certificate2 certificate) 58public bool Matches(X509Certificate2 certificate)

System\IdentityModel\Tokens\X509RawDataKeyIdentifierClause.cs (3)

13private X509Certificate2 _certificate; 16public X509RawDataKeyIdentifierClause(X509Certificate2 certificate) 67public bool Matches(X509Certificate2 certificate)

System\IdentityModel\Tokens\X509SecurityToken.cs (8)

16private X509Certificate2 _certificate; 23public X509SecurityToken(X509Certificate2 certificate) 28public X509SecurityToken(X509Certificate2 certificate, string id) 33internal X509SecurityToken(X509Certificate2 certificate, bool clone) 38internal X509SecurityToken(X509Certificate2 certificate, bool clone, bool disposable) 43internal X509SecurityToken(X509Certificate2 certificate, string id, bool clone) 48internal X509SecurityToken(X509Certificate2 certificate, string id, bool clone, bool disposable) 111public X509Certificate2 Certificate

System\IdentityModel\Tokens\X509SubjectKeyIdentifierClause.cs (4)

26private static byte[] GetSkiRawData(X509Certificate2 certificate) 50public bool Matches(X509Certificate2 certificate) 63public static bool TryCreateFrom(X509Certificate2 certificate, out X509SubjectKeyIdentifierClause keyIdentifierClause) 75public static bool CanCreateFrom(X509Certificate2 certificate)

System\IdentityModel\Tokens\X509ThumbprintKeyIdentifierClause.cs (3)

13public X509ThumbprintKeyIdentifierClause(X509Certificate2 certificate) 28private static byte[] GetHash(X509Certificate2 certificate) 43public bool Matches(X509Certificate2 certificate)

System\IdentityModel\Tokens\XmlDsigSep2000.cs (1)

137X509Certificate2 certificate = null;

System\ServiceModel\RsaEndpointIdentity.cs (1)

21public RsaEndpointIdentity(X509Certificate2 certificate)

System\ServiceModel\Security\SecurityUtils.cs (6)

845internal static X509Certificate2 GetCertificateFromStore(StoreName storeName, StoreLocation storeLocation, 848X509Certificate2 certificate = GetCertificateFromStoreCore(storeName, storeLocation, findType, findValue, target, true); 858X509FindType findType, object findValue, EndpointAddress target, out X509Certificate2 certificate) 864private static X509Certificate2 GetCertificateFromStoreCore(StoreName storeName, StoreLocation storeLocation, 1018public static bool TryCreateX509CertificateFromRawData(byte[] rawData, out X509Certificate2 certificate) 1039internal static void ResetCertificate(X509Certificate2 certificate)

System\ServiceModel\Security\WSSecurityJan2004.cs (1)

389X509Certificate2 certificate;

System\ServiceModel\Security\X509CertificateInitiatorClientCredential.cs (2)

16private X509Certificate2 _certificate; 41public X509Certificate2 Certificate

System\ServiceModel\Security\X509CertificateRecipientClientCredential.cs (6)

19private X509Certificate2 _defaultCertificate; 25ScopedCertificates = new Dictionary<Uri, X509Certificate2>(); 37ScopedCertificates = new Dictionary<Uri, X509Certificate2>(); 45public X509Certificate2 DefaultCertificate 58public Dictionary<Uri, X509Certificate2> ScopedCertificates { get; } 114X509Certificate2 certificate = SecurityUtils.GetCertificateFromStore(storeName, storeLocation, findType, findValue, null);

System\ServiceModel\X509CertificateEndpointIdentity.cs (3)

14public X509CertificateEndpointIdentity(X509Certificate2 certificate) 26public X509CertificateEndpointIdentity(X509Certificate2 primaryCertificate, X509Certificate2Collection supportingCertificates) 65X509Certificate2 certificate = new X509Certificate2(Convert.FromBase64String(reader.ReadElementString()));

ServiceModel\X509CertificateEndpointIdentityTest.cs (5)

21X509Certificate2 certificate = CreateTestCertificate(); 47X509Certificate2 deserializedCert = Assert.Single(deserializedIdentity.Certificates); 57X509Certificate2 primaryCert = CreateTestCertificate(); 58X509Certificate2 supportingCert = CreateTestCertificate(); 91private static X509Certificate2 CreateTestCertificate()

System\Security\Cryptography\X509Certificates\X509Certificate2UI.cs (3)

21public static void DisplayCertificate(X509Certificate2 certificate) 28public static void DisplayCertificate(X509Certificate2 certificate, IntPtr hwndParent) 45private static unsafe void DisplayX509Certificate(X509Certificate2 certificate, IntPtr hwndParent)

System\Security\Cryptography\X509Certificates\X509Utils.cs (3)

14internal static SafeCertContextHandle DuplicateCertificateContext(X509Certificate2 certificate) 43foreach (X509Certificate2 x509 in collection) 67X509Certificate2 certificate = new X509Certificate2(pEnumContext);