[Fixes #1301] Remove Microsoft.AspNetCore.Certificates.Configuration.Sources
This commit is contained in:
Javier Calvarro Nelson
GitHub
Родитель
87db08e030
Коммит
a7a96a5c35
15
Hosting.sln
15
Hosting.sln
|
|
@ -36,8 +36,6 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.Extensions.Hostin
|
|||
EndProject
|
||||
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.AspNetCore.Hosting.WindowsServices", "src\Microsoft.AspNetCore.Hosting.WindowsServices\Microsoft.AspNetCore.Hosting.WindowsServices.csproj", "{9C93A93B-270A-4785-8F41-46C38DC33825}"
|
||||
EndProject
|
||||
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.AspNetCore.Certificates.Configuration.Tests", "test\Microsoft.AspNetCore.Certificates.Configuration.Tests\Microsoft.AspNetCore.Certificates.Configuration.Tests.csproj", "{AB0B7394-278D-4838-A59C-276ED88D00CC}"
|
||||
EndProject
|
||||
Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "TestAssets", "TestAssets", "{FA7D2012-C1B4-4AF7-9ADD-381B2004EA16}"
|
||||
ProjectSection(SolutionItems) = preProject
|
||||
test\TestAssets\Directory.Build.props = test\TestAssets\Directory.Build.props
|
||||
|
|
@ -201,18 +199,6 @@ Global
|
|||
{9C93A93B-270A-4785-8F41-46C38DC33825}.Release|Mixed Platforms.Build.0 = Release|Any CPU
|
||||
{9C93A93B-270A-4785-8F41-46C38DC33825}.Release|x86.ActiveCfg = Release|Any CPU
|
||||
{9C93A93B-270A-4785-8F41-46C38DC33825}.Release|x86.Build.0 = Release|Any CPU
|
||||
{AB0B7394-278D-4838-A59C-276ED88D00CC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
|
||||
{AB0B7394-278D-4838-A59C-276ED88D00CC}.Debug|Any CPU.Build.0 = Debug|Any CPU
|
||||
{AB0B7394-278D-4838-A59C-276ED88D00CC}.Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU
|
||||
{AB0B7394-278D-4838-A59C-276ED88D00CC}.Debug|Mixed Platforms.Build.0 = Debug|Any CPU
|
||||
{AB0B7394-278D-4838-A59C-276ED88D00CC}.Debug|x86.ActiveCfg = Debug|Any CPU
|
||||
{AB0B7394-278D-4838-A59C-276ED88D00CC}.Debug|x86.Build.0 = Debug|Any CPU
|
||||
{AB0B7394-278D-4838-A59C-276ED88D00CC}.Release|Any CPU.ActiveCfg = Release|Any CPU
|
||||
{AB0B7394-278D-4838-A59C-276ED88D00CC}.Release|Any CPU.Build.0 = Release|Any CPU
|
||||
{AB0B7394-278D-4838-A59C-276ED88D00CC}.Release|Mixed Platforms.ActiveCfg = Release|Any CPU
|
||||
{AB0B7394-278D-4838-A59C-276ED88D00CC}.Release|Mixed Platforms.Build.0 = Release|Any CPU
|
||||
{AB0B7394-278D-4838-A59C-276ED88D00CC}.Release|x86.ActiveCfg = Release|Any CPU
|
||||
{AB0B7394-278D-4838-A59C-276ED88D00CC}.Release|x86.Build.0 = Release|Any CPU
|
||||
{EDFF02F0-A8A4-4EB1-A179-94D7500FB266}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
|
||||
{EDFF02F0-A8A4-4EB1-A179-94D7500FB266}.Debug|Any CPU.Build.0 = Debug|Any CPU
|
||||
{EDFF02F0-A8A4-4EB1-A179-94D7500FB266}.Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU
|
||||
|
|
@ -337,7 +323,6 @@ Global
|
|||
{FC578F4E-171C-4F82-B301-3ABF6318D082} = {FEB39027-9158-4DE2-997F-7ADAEF8188D0}
|
||||
{96BC7EEA-64D9-4DA5-8E87-1C18CBFE7D12} = {E0497F39-AFFB-4819-A116-E39E361915AB}
|
||||
{9C93A93B-270A-4785-8F41-46C38DC33825} = {E0497F39-AFFB-4819-A116-E39E361915AB}
|
||||
{AB0B7394-278D-4838-A59C-276ED88D00CC} = {FEB39027-9158-4DE2-997F-7ADAEF8188D0}
|
||||
{FA7D2012-C1B4-4AF7-9ADD-381B2004EA16} = {FEB39027-9158-4DE2-997F-7ADAEF8188D0}
|
||||
{EDFF02F0-A8A4-4EB1-A179-94D7500FB266} = {FA7D2012-C1B4-4AF7-9ADD-381B2004EA16}
|
||||
{58194285-5891-464A-A96B-0FE043029E8A} = {FEB39027-9158-4DE2-997F-7ADAEF8188D0}
|
||||
|
|
|
|||
|
|
@ -4,7 +4,6 @@
|
|||
// Don't run any rules for packages that don't ship.
|
||||
],
|
||||
"packages": {
|
||||
"Microsoft.AspNetCore.Certificates.Configuration.Sources": {},
|
||||
"Microsoft.AspNetCore.Hosting.WebHostBuilderFactory.Sources": {},
|
||||
"Microsoft.AspNetCore.Server.IntegrationTesting": {}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,15 +0,0 @@
|
|||
// Copyright (c) .NET Foundation. All rights reserved.
|
||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
|
||||
namespace Microsoft.AspNetCore.Certificates.Configuration
|
||||
{
|
||||
internal class CertificateFileLoader : ICertificateFileLoader
|
||||
{
|
||||
public X509Certificate2 Load(string path, string password, X509KeyStorageFlags flags)
|
||||
{
|
||||
return new X509Certificate2(path, password, flags);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -1,249 +0,0 @@
|
|||
// Copyright (c) .NET Foundation. All rights reserved.
|
||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
using Microsoft.Extensions.Configuration;
|
||||
using Microsoft.Extensions.Logging;
|
||||
|
||||
namespace Microsoft.AspNetCore.Certificates.Configuration
|
||||
{
|
||||
/// <summary>
|
||||
/// A helper class to load certificates from files and certificate stores based on <seealso cref="IConfiguration"/> data.
|
||||
/// </summary>
|
||||
internal class CertificateLoader
|
||||
{
|
||||
private readonly IConfiguration _certificatesConfiguration;
|
||||
private readonly string _environmentName;
|
||||
private readonly ICertificateFileLoader _certificateFileLoader;
|
||||
private readonly ICertificateStoreLoader _certificateStoreLoader;
|
||||
private readonly ILogger _logger;
|
||||
|
||||
/// <summary>
|
||||
/// Creates a new instance of <see cref="CertificateLoader"/> that can load certificate references from configuration.
|
||||
/// </summary>
|
||||
/// <param name="certificatesConfiguration">An <see cref="IConfiguration"/> with information about certificates.</param>
|
||||
internal CertificateLoader(IConfiguration certificatesConfiguration)
|
||||
: this(certificatesConfiguration, null, null)
|
||||
{
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Creates a new instance of <see cref="CertificateLoader"/> that can load certificate references from configuration.
|
||||
/// </summary>
|
||||
/// <param name="certificatesConfiguration">An <see cref="IConfiguration"/> with information about certificates.</param>
|
||||
/// <param name="loggerFactory">An <see cref="ILoggerFactory"/> instance.</param>
|
||||
internal CertificateLoader(IConfiguration certificatesConfiguration, ILoggerFactory loggerFactory)
|
||||
: this(certificatesConfiguration, loggerFactory, null)
|
||||
{
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Creates a new instance of <see cref="CertificateLoader"/> that can load certificate references from configuration.
|
||||
/// </summary>
|
||||
/// <param name="certificatesConfiguration">An <see cref="IConfiguration"/> with information about certificates.</param>
|
||||
/// <param name="loggerFactory">An <see cref="ILoggerFactory"/> instance.</param>
|
||||
/// <param name="environmentName">The name of the environment the application is running in.</param>
|
||||
internal CertificateLoader(IConfiguration certificatesConfiguration, ILoggerFactory loggerFactory, string environmentName)
|
||||
: this(certificatesConfiguration, loggerFactory, environmentName, new CertificateFileLoader(), new CertificateStoreLoader())
|
||||
{
|
||||
}
|
||||
|
||||
internal CertificateLoader(
|
||||
IConfiguration certificatesConfiguration,
|
||||
ILoggerFactory loggerFactory,
|
||||
string environmentName,
|
||||
ICertificateFileLoader certificateFileLoader,
|
||||
ICertificateStoreLoader certificateStoreLoader)
|
||||
{
|
||||
_environmentName = environmentName;
|
||||
_certificatesConfiguration = certificatesConfiguration;
|
||||
_certificateFileLoader = certificateFileLoader;
|
||||
_certificateStoreLoader = certificateStoreLoader;
|
||||
_logger = loggerFactory?.CreateLogger("Microsoft.AspNetCore.CertificateLoader");
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Loads one or more certificates based on the information found in a configuration section.
|
||||
/// </summary>
|
||||
/// <param name="certificateConfiguration">A configuration section containing either a string value referencing certificates
|
||||
/// by name, or one or more inline certificate specifications.
|
||||
/// </param>
|
||||
/// <returns>One or more loaded certificates.</returns>
|
||||
internal IEnumerable<X509Certificate2> Load(IConfigurationSection certificateConfiguration)
|
||||
{
|
||||
var certificateNames = certificateConfiguration.Value;
|
||||
var certificates = new List<X509Certificate2>();
|
||||
|
||||
if (certificateNames != null)
|
||||
{
|
||||
foreach (var certificateName in certificateNames.Split(';'))
|
||||
{
|
||||
var certificate = LoadSingle(certificateName);
|
||||
if (certificate != null)
|
||||
{
|
||||
certificates.Add(certificate);
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if (certificateConfiguration["Source"] != null)
|
||||
{
|
||||
var certificate = LoadSingle(certificateConfiguration);
|
||||
if (certificate != null)
|
||||
{
|
||||
certificates.Add(certificate);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
certificates.AddRange(LoadMultiple(certificateConfiguration));
|
||||
}
|
||||
}
|
||||
|
||||
return certificates;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Loads a certificate by name.
|
||||
/// </summary>
|
||||
/// <param name="certificateName">The certificate name.</param>
|
||||
/// <returns>The loaded certificate</returns>
|
||||
/// <remarks>This method only works if the <see cref="CertificateLoader"/> instance was constructed with
|
||||
/// a reference to an <see cref="IConfiguration"/> instance containing named certificates.
|
||||
/// </remarks>
|
||||
private X509Certificate2 LoadSingle(string certificateName)
|
||||
{
|
||||
var certificateConfiguration = _certificatesConfiguration?.GetSection(certificateName);
|
||||
|
||||
if (!certificateConfiguration.Exists())
|
||||
{
|
||||
var environmentName = _environmentName != null ? $" ({_environmentName})" : "";
|
||||
throw new KeyNotFoundException($"No certificate named '{certificateName}' found in configuration for the current environment{environmentName}.");
|
||||
}
|
||||
|
||||
return LoadSingle(certificateConfiguration);
|
||||
}
|
||||
|
||||
private X509Certificate2 LoadSingle(IConfigurationSection certificateConfiguration)
|
||||
{
|
||||
var sourceKind = certificateConfiguration["Source"];
|
||||
|
||||
CertificateSource certificateSource;
|
||||
switch (sourceKind.ToLowerInvariant())
|
||||
{
|
||||
case "file":
|
||||
certificateSource = new CertificateFileSource(_certificateFileLoader);
|
||||
break;
|
||||
case "store":
|
||||
certificateSource = new CertificateStoreSource(_certificateStoreLoader, _logger);
|
||||
break;
|
||||
default:
|
||||
throw new InvalidOperationException($"Invalid certificate source kind '{sourceKind}'.");
|
||||
}
|
||||
|
||||
certificateConfiguration.Bind(certificateSource);
|
||||
|
||||
return certificateSource.Load();
|
||||
}
|
||||
|
||||
private IEnumerable<X509Certificate2> LoadMultiple(IConfigurationSection certificatesConfiguration)
|
||||
=> certificatesConfiguration.GetChildren()
|
||||
.Select(LoadSingle)
|
||||
.Where(c => c != null);
|
||||
|
||||
private abstract class CertificateSource
|
||||
{
|
||||
public string Source { get; set; }
|
||||
|
||||
public abstract X509Certificate2 Load();
|
||||
}
|
||||
|
||||
private class CertificateFileSource : CertificateSource
|
||||
{
|
||||
private ICertificateFileLoader _certificateFileLoader;
|
||||
|
||||
public CertificateFileSource(ICertificateFileLoader certificateFileLoader)
|
||||
{
|
||||
_certificateFileLoader = certificateFileLoader;
|
||||
}
|
||||
|
||||
public string Path { get; set; }
|
||||
|
||||
public string Password { get; set; }
|
||||
|
||||
public override X509Certificate2 Load()
|
||||
{
|
||||
var certificate = TryLoad(X509KeyStorageFlags.DefaultKeySet, out var error)
|
||||
?? TryLoad(X509KeyStorageFlags.UserKeySet, out error)
|
||||
#if NETCOREAPP2_0 || NETCOREAPP2_1
|
||||
?? TryLoad(X509KeyStorageFlags.EphemeralKeySet, out error)
|
||||
#elif NETSTANDARD2_0
|
||||
#elif NET461
|
||||
#else
|
||||
#error target frameworks need to be updated
|
||||
#endif
|
||||
;
|
||||
|
||||
if (error != null)
|
||||
{
|
||||
throw new InvalidOperationException($"Unable to load certificate from file '{Path}'. Error details: '{error.Message}'.", error);
|
||||
}
|
||||
|
||||
return certificate;
|
||||
}
|
||||
|
||||
private X509Certificate2 TryLoad(X509KeyStorageFlags flags, out Exception exception)
|
||||
{
|
||||
try
|
||||
{
|
||||
var loadedCertificate = _certificateFileLoader.Load(Path, Password, flags);
|
||||
exception = null;
|
||||
return loadedCertificate;
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
exception = e;
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private class CertificateStoreSource : CertificateSource
|
||||
{
|
||||
private readonly ICertificateStoreLoader _certificateStoreLoader;
|
||||
private readonly ILogger _logger;
|
||||
|
||||
public CertificateStoreSource(ICertificateStoreLoader certificateStoreLoader, ILogger logger)
|
||||
{
|
||||
_certificateStoreLoader = certificateStoreLoader;
|
||||
_logger = logger;
|
||||
}
|
||||
|
||||
public string Subject { get; set; }
|
||||
public string StoreName { get; set; }
|
||||
public string StoreLocation { get; set; }
|
||||
public bool AllowInvalid { get; set; }
|
||||
|
||||
public override X509Certificate2 Load()
|
||||
{
|
||||
if (!Enum.TryParse(StoreLocation, ignoreCase: true, result: out StoreLocation storeLocation))
|
||||
{
|
||||
throw new InvalidOperationException($"The certificate store location '{StoreLocation}' is invalid.");
|
||||
}
|
||||
|
||||
var certificate = _certificateStoreLoader.Load(Subject, StoreName, storeLocation, !AllowInvalid);
|
||||
|
||||
if (certificate == null)
|
||||
{
|
||||
_logger?.LogWarning($"Unable to find a matching certificate for subject '{Subject}' in store '{StoreName}' in '{StoreLocation}'.");
|
||||
}
|
||||
|
||||
return certificate;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -1,67 +0,0 @@
|
|||
// Copyright (c) .NET Foundation. All rights reserved.
|
||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||
|
||||
using System.Linq;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
|
||||
namespace Microsoft.AspNetCore.Certificates.Configuration
|
||||
{
|
||||
/// <summary>
|
||||
/// Loads certificates from certificate stores.
|
||||
/// </summary>
|
||||
internal class CertificateStoreLoader : ICertificateStoreLoader
|
||||
{
|
||||
/// <summary>
|
||||
/// Load a ceritificate from the given store location.
|
||||
/// </summary>
|
||||
/// <param name="subject">The certificate subject name to match.</param>
|
||||
/// <param name="storeName">The store to open.</param>
|
||||
/// <param name="storeLocation">The store location to open.</param>
|
||||
/// <param name="validOnly">Only load currently valid certs.</param>
|
||||
/// <returns>The closest matching vertificate.</returns>
|
||||
public X509Certificate2 Load(string subject, string storeName, StoreLocation storeLocation, bool validOnly)
|
||||
{
|
||||
using (var store = new X509Store(storeName, storeLocation))
|
||||
{
|
||||
X509Certificate2Collection storeCertificates = null;
|
||||
X509Certificate2Collection foundCertificates = null;
|
||||
X509Certificate2 foundCertificate = null;
|
||||
|
||||
try
|
||||
{
|
||||
store.Open(OpenFlags.ReadOnly);
|
||||
storeCertificates = store.Certificates;
|
||||
foundCertificates = storeCertificates.Find(X509FindType.FindBySubjectDistinguishedName, subject, validOnly);
|
||||
foundCertificate = foundCertificates
|
||||
.OfType<X509Certificate2>()
|
||||
.OrderByDescending(certificate => certificate.NotAfter)
|
||||
.FirstOrDefault();
|
||||
|
||||
return foundCertificate;
|
||||
}
|
||||
finally
|
||||
{
|
||||
if (foundCertificate != null)
|
||||
{
|
||||
storeCertificates.Remove(foundCertificate);
|
||||
foundCertificates.Remove(foundCertificate);
|
||||
}
|
||||
|
||||
DisposeCertificates(storeCertificates);
|
||||
DisposeCertificates(foundCertificates);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private void DisposeCertificates(X509Certificate2Collection certificates)
|
||||
{
|
||||
if (certificates != null)
|
||||
{
|
||||
foreach (var certificate in certificates)
|
||||
{
|
||||
certificate.Dispose();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -1,12 +0,0 @@
|
|||
// Copyright (c) .NET Foundation. All rights reserved.
|
||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
|
||||
namespace Microsoft.AspNetCore.Certificates.Configuration
|
||||
{
|
||||
internal interface ICertificateFileLoader
|
||||
{
|
||||
X509Certificate2 Load(string path, string password, X509KeyStorageFlags flags);
|
||||
}
|
||||
}
|
||||
|
|
@ -1,12 +0,0 @@
|
|||
// Copyright (c) .NET Foundation. All rights reserved.
|
||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
|
||||
namespace Microsoft.AspNetCore.Certificates.Configuration
|
||||
{
|
||||
internal interface ICertificateStoreLoader
|
||||
{
|
||||
X509Certificate2 Load(string subject, string storeName, StoreLocation storeLocation, bool validOnly);
|
||||
}
|
||||
}
|
||||
Разница между файлами не показана из-за своего большого размера
Загрузить разницу
|
|
@ -1,27 +0,0 @@
|
|||
<Project Sdk="Microsoft.NET.Sdk">
|
||||
|
||||
<PropertyGroup>
|
||||
<TargetFrameworks>$(StandardTestTfms)</TargetFrameworks>
|
||||
|
||||
<!--
|
||||
Workaround for "Use executable flags in Microsoft.NET.Test.Sdk" (https://github.com/Microsoft/vstest/issues/792).
|
||||
Remove when fixed.
|
||||
-->
|
||||
<HasRuntimeOutput>true</HasRuntimeOutput>
|
||||
<RuntimeIdentifier Condition="'$(TargetFramework)' == 'net461'">win7-x64</RuntimeIdentifier>
|
||||
</PropertyGroup>
|
||||
|
||||
<ItemGroup>
|
||||
<Content Include="testCert.pfx" CopyToOutputDirectory="PreserveNewest" />
|
||||
</ItemGroup>
|
||||
|
||||
<ItemGroup>
|
||||
<Compile Include="..\..\shared\Microsoft.AspNetCore.Certificates.Configuration.Sources\**\*.cs" />
|
||||
</ItemGroup>
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="$(MicrosoftExtensionsConfigurationBinderPackageVersion)" />
|
||||
<PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="$(MicrosoftExtensionsLoggingAbstractionsPackageVersion)" />
|
||||
</ItemGroup>
|
||||
|
||||
</Project>
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
// Copyright (c) .NET Foundation. All rights reserved.
|
||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||
|
||||
using System.Runtime.CompilerServices;
|
||||
|
||||
[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")]
|
||||
Двоичный файл не отображается.
Загрузка…
Ссылка в новой задаче