huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

[Https] Export the certificate in PEM format too (#23803) 

* Changed `--key-format` to `--format`.
* Changed the format of the certificate to PEM when `--format pem` is indicated.
This commit is contained in:
Javier Calvarro Nelson 2020-07-09 19:04:12 +02:00 committed by GitHub
parent eac4925653
commit 0c5c1771ef
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 12 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Shared/CertificateGeneration/CertificateManager.cs
View File

@ -440,7 +440,7 @@ namespace Microsoft.AspNetCore.Certificates.Generation
Array.Clear(keyBytes, 0, keyBytes.Length); Array.Clear(keyBytes, 0, keyBytes.Length);
Array.Clear(pem, 0, pem.Length); Array.Clear(pem, 0, pem.Length);
bytes = certificate.Export(X509ContentType.Cert); bytes = Encoding.ASCII.GetBytes(PemEncoding.Write("CERTIFICATE", certificate.Export(X509ContentType.Cert)));
break; break;
default: default:
throw new InvalidOperationException("Unknown format."); throw new InvalidOperationException("Unknown format.");

14
src/Tools/FirstRunCertGenerator/test/CertificateManagerTests.cs
View File

@ -162,7 +162,7 @@ namespace Microsoft.AspNetCore.Certificates.Generation.Tests
{ {
// Arrange // Arrange
var message = "plaintext"; var message = "plaintext";
const string CertificateName = nameof(EnsureCreateHttpsCertificate_DoesNotCreateACertificate_WhenThereIsAnExistingHttpsCertificates) + ".pfx"; const string CertificateName = nameof(EnsureCreateHttpsCertificate_DoesNotCreateACertificate_WhenThereIsAnExistingHttpsCertificates) + ".pem";
var certificatePassword = Guid.NewGuid().ToString(); var certificatePassword = Guid.NewGuid().ToString();
_fixture.CleanupCertificates(); _fixture.CleanupCertificates();
@ -183,10 +183,7 @@ namespace Microsoft.AspNetCore.Certificates.Generation.Tests
Assert.Equal(EnsureCertificateResult.ValidCertificatePresent, result); Assert.Equal(EnsureCertificateResult.ValidCertificatePresent, result);
Assert.True(File.Exists(CertificateName)); Assert.True(File.Exists(CertificateName));
var key = RSA.Create(); var exportedCertificate = X509Certificate2.CreateFromEncryptedPemFile(CertificateName, certificatePassword, Path.ChangeExtension(CertificateName, "key"));
key.ImportFromEncryptedPem(File.ReadAllText(Path.ChangeExtension(CertificateName, "key")), certificatePassword);
var exportedCertificate = new X509Certificate2(File.ReadAllBytes(CertificateName));
exportedCertificate = exportedCertificate.CopyWithPrivateKey(key);
Assert.NotNull(exportedCertificate); Assert.NotNull(exportedCertificate);
Assert.True(exportedCertificate.HasPrivateKey); Assert.True(exportedCertificate.HasPrivateKey);
@ -260,7 +257,7 @@ namespace Microsoft.AspNetCore.Certificates.Generation.Tests
{ {
// Arrange // Arrange
var message = "plaintext"; var message = "plaintext";
const string CertificateName = nameof(EnsureCreateHttpsCertificate_DoesNotCreateACertificate_WhenThereIsAnExistingHttpsCertificates) + ".pfx"; const string CertificateName = nameof(EnsureCreateHttpsCertificate_DoesNotCreateACertificate_WhenThereIsAnExistingHttpsCertificates) + ".pem";
_fixture.CleanupCertificates(); _fixture.CleanupCertificates();
var now = DateTimeOffset.UtcNow; var now = DateTimeOffset.UtcNow;
@ -277,10 +274,7 @@ namespace Microsoft.AspNetCore.Certificates.Generation.Tests
Assert.Equal(EnsureCertificateResult.ValidCertificatePresent, result); Assert.Equal(EnsureCertificateResult.ValidCertificatePresent, result);
Assert.True(File.Exists(CertificateName)); Assert.True(File.Exists(CertificateName));
var key = RSA.Create(); var exportedCertificate = X509Certificate2.CreateFromPemFile(CertificateName, Path.ChangeExtension(CertificateName, "key"));
key.ImportFromPem(File.ReadAllText(Path.ChangeExtension(CertificateName, "key")));
var exportedCertificate = new X509Certificate2(File.ReadAllBytes(CertificateName));
exportedCertificate = exportedCertificate.CopyWithPrivateKey(key);
Assert.NotNull(exportedCertificate); Assert.NotNull(exportedCertificate);
Assert.True(exportedCertificate.HasPrivateKey); Assert.True(exportedCertificate.HasPrivateKey);

14
src/Tools/dotnet-dev-certs/src/Program.cs
View File

@ -92,9 +92,9 @@ namespace Microsoft.AspNetCore.DeveloperCertificates.Tools
"Imports the provided HTTPS development certificate into the machine. All other HTTPS developer certificates will be cleared out", "Imports the provided HTTPS development certificate into the machine. All other HTTPS developer certificates will be cleared out",
CommandOptionType.SingleValue); CommandOptionType.SingleValue);
var keyFormat = c.Option( var format = c.Option(
"--key-format", "--format",
"Export the certificate key in the given format. Valid values are Pfx and Pem. Pfx is the default.", "Export the certificate in the given format. Valid values are Pfx and Pem. Pfx is the default.",
CommandOptionType.SingleValue); CommandOptionType.SingleValue);
CommandOption trust = null; CommandOption trust = null;
@ -121,7 +121,7 @@ namespace Microsoft.AspNetCore.DeveloperCertificates.Tools
if (clean.HasValue()) if (clean.HasValue())
{ {
if (exportPath.HasValue() || trust?.HasValue() == true || keyFormat.HasValue() || noPassword.HasValue() || check.HasValue() || if (exportPath.HasValue() || trust?.HasValue() == true || format.HasValue() || noPassword.HasValue() || check.HasValue() ||
(!import.HasValue() && password.HasValue()) || (!import.HasValue() && password.HasValue()) ||
(import.HasValue() && !password.HasValue())) (import.HasValue() && !password.HasValue()))
{ {
@ -132,7 +132,7 @@ namespace Microsoft.AspNetCore.DeveloperCertificates.Tools
if (check.HasValue()) if (check.HasValue())
{ {
if (exportPath.HasValue() || password.HasValue() || noPassword.HasValue() || clean.HasValue() || keyFormat.HasValue() || import.HasValue()) if (exportPath.HasValue() || password.HasValue() || noPassword.HasValue() || clean.HasValue() || format.HasValue() || import.HasValue())
{ {
reporter.Error(InvalidUsageErrorMessage); reporter.Error(InvalidUsageErrorMessage);
return CriticalError; return CriticalError;
@ -147,7 +147,7 @@ namespace Microsoft.AspNetCore.DeveloperCertificates.Tools
return CriticalError; return CriticalError;
} }
if (noPassword.HasValue() && !(keyFormat.HasValue() && string.Equals(keyFormat.Value(), "PEM", StringComparison.OrdinalIgnoreCase))) if (noPassword.HasValue() && !(format.HasValue() && string.Equals(format.Value(), "PEM", StringComparison.OrdinalIgnoreCase)))
{ {
reporter.Error(InvalidUsageErrorMessage); reporter.Error(InvalidUsageErrorMessage);
return CriticalError; return CriticalError;
@ -176,7 +176,7 @@ namespace Microsoft.AspNetCore.DeveloperCertificates.Tools
return ImportCertificate(import, password, reporter); return ImportCertificate(import, password, reporter);
} }
return EnsureHttpsCertificate(exportPath, password, noPassword, trust, keyFormat, reporter); return EnsureHttpsCertificate(exportPath, password, noPassword, trust, format, reporter);
}); });
}); });