Imported Upstream version 4.8.0.309

Former-commit-id: 5f9c6ae75f295e057a7d2971f3a6df4656fa8850

mcs/class/Mono.Security/Mono.Security.X509/X509Store.cs

@@ -38,6 +38,8 @@ using System.Security.Cryptography;
 using Mono.Security.Cryptography;
 using Mono.Security.X509.Extensions;
 
+using SSCX = System.Security.Cryptography.X509Certificates;
+
 namespace Mono.Security.X509 {
 
 #if INSIDE_CORLIB
@@ -51,12 +53,14 @@ namespace Mono.Security.X509 {
 		private X509CertificateCollection _certificates;
 		private ArrayList _crls;
 		private bool _crl;
+		private bool _newFormat;
 		private string _name;
 
-		internal X509Store (string path, bool crl) 
+		internal X509Store (string path, bool crl, bool newFormat)
 		{
 			_storePath = path;
 			_crl = crl;
+			_newFormat = newFormat;
 		}
 
 		// properties
@@ -126,6 +130,11 @@ namespace Mono.Security.X509 {
 		{
 			CheckStore (_storePath, true);
 
+			if (_newFormat) {
+				ImportNewFormat (certificate);
+				return;
+			}
+
 			string filename = Path.Combine (_storePath, GetUniqueName (certificate));
 			if (!File.Exists (filename)) {
 				filename = Path.Combine (_storePath, GetUniqueNameWithSerial (certificate));
@@ -148,7 +157,7 @@ namespace Mono.Security.X509 {
 					ClearCertificates ();	// We have modified the store on disk.  So forget the old state.
 				}
 			}
-#if !NET_2_1
+#if !MOBILE
 			// Try to save privateKey if available..
 			CspParameters cspParams = new CspParameters ();
 			cspParams.KeyContainerName = CryptoConvert.ToHex (certificate.Hash);
@@ -165,6 +174,9 @@ namespace Mono.Security.X509 {
 		{
 			CheckStore (_storePath, true);
 
+			if (_newFormat)
+				throw new NotSupportedException ();
+
 			string filename = Path.Combine (_storePath, GetUniqueName (crl));
 			if (!File.Exists (filename)) {
 				using (FileStream fs = File.Create (filename)) {
@@ -177,6 +189,11 @@ namespace Mono.Security.X509 {
 
 		public void Remove (X509Certificate certificate) 
 		{
+			if (_newFormat) {
+				RemoveNewFormat (certificate);
+				return;
+			}
+
 			string filename = Path.Combine (_storePath, GetUniqueNameWithSerial (certificate));
 			if (File.Exists (filename)) {
 				File.Delete (filename);
@@ -192,6 +209,9 @@ namespace Mono.Security.X509 {
 
 		public void Remove (X509Crl crl) 
 		{
+			if (_newFormat)
+				throw new NotSupportedException ();
+
 			string filename = Path.Combine (_storePath, GetUniqueName (crl));
 			if (File.Exists (filename)) {
 				File.Delete (filename);
@@ -199,6 +219,41 @@ namespace Mono.Security.X509 {
 			}
 		}
 
+		// new format
+
+		void ImportNewFormat (X509Certificate certificate)
+		{
+#if INSIDE_CORLIB
+			throw new NotSupportedException ();
+#else
+			using (var sscxCert = new SSCX.X509Certificate (certificate.RawData)) {
+				var hash = SSCX.X509Helper2.GetSubjectNameHash (sscxCert);
+				var filename = Path.Combine (_storePath, string.Format ("{0:x8}.0", hash));
+				if (!File.Exists (filename)) {
+					using (FileStream fs = File.Create (filename))
+						SSCX.X509Helper2.ExportAsPEM (sscxCert, fs, true);
+					ClearCertificates ();
+				}
+			}
+#endif
+		}
+
+		void RemoveNewFormat (X509Certificate certificate)
+		{
+#if INSIDE_CORLIB
+			throw new NotSupportedException ();
+#else
+			using (var sscxCert = new SSCX.X509Certificate (certificate.RawData)) {
+				var hash = SSCX.X509Helper2.GetSubjectNameHash (sscxCert);
+				var filename = Path.Combine (_storePath, string.Format ("{0:x8}.0", hash));
+				if (File.Exists (filename)) {
+					File.Delete (filename);
+					ClearCertificates ();
+				}
+			}
+#endif
+		}
+
 		// private stuff
 
 		private string GetUniqueNameWithSerial (X509Certificate certificate)
@@ -279,7 +334,7 @@ namespace Mono.Security.X509 {
 		{
 			byte[] data = Load (filename);
 			X509Certificate cert = new X509Certificate (data);
-#if !NET_2_1
+#if !MOBILE
 			// If privateKey it's available, load it too..
 			CspParameters cspParams = new CspParameters ();
 			cspParams.KeyContainerName = CryptoConvert.ToHex (cert.Hash);
@@ -371,7 +426,7 @@ namespace Mono.Security.X509 {
 			}
 			return list;
 		}
-#if !NET_2_1
+#if !MOBILE
 		private void ImportPrivateKey (X509Certificate certificate, CspParameters cspParams)
 		{
 			RSACryptoServiceProvider rsaCsp = certificate.RSA as RSACryptoServiceProvider;

mcs/class/Mono.Security/Mono.Security.X509/X509StoreManager.cs

@@ -45,8 +45,12 @@ namespace Mono.Security.X509 {
 
 		static private string _userPath;
 		static private string _localMachinePath;
+		static private string _newUserPath;
+		static private string _newLocalMachinePath;
 		static private X509Stores _userStore;
 		static private X509Stores _machineStore;
+		static private X509Stores _newUserStore;
+		static private X509Stores _newMachineStore;
 
 		private X509StoreManager ()
 		{
@@ -55,10 +59,10 @@ namespace Mono.Security.X509 {
 		internal static string CurrentUserPath {
 			get {
 				if (_userPath == null) {
-					_userPath = Path.Combine(
-							Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData),
+					_userPath = Path.Combine (
+							Environment.GetFolderPath (Environment.SpecialFolder.ApplicationData),
 							".mono");
-					_userPath = Path.Combine(_userPath, "certs");
+					_userPath = Path.Combine (_userPath, "certs");
 				}
 				return _userPath;
 			}
@@ -76,10 +80,34 @@ namespace Mono.Security.X509 {
 			}
 		}
 
+		internal static string NewCurrentUserPath {
+			get {
+				if (_newUserPath == null) {
+					_newUserPath = Path.Combine (
+							Environment.GetFolderPath (Environment.SpecialFolder.ApplicationData),
+							".mono");
+					_newUserPath = Path.Combine (_newUserPath, "new-certs");
+				}
+				return _newUserPath;
+			}
+		}
+
+		internal static string NewLocalMachinePath {
+			get {
+				if (_newLocalMachinePath == null) {
+					_newLocalMachinePath = Path.Combine (
+						Environment.GetFolderPath (Environment.SpecialFolder.CommonApplicationData),
+						".mono");
+					_newLocalMachinePath = Path.Combine (_newLocalMachinePath, "new-certs");
+				}
+				return _newLocalMachinePath;
+			}
+		}
+
 		static public X509Stores CurrentUser {
 			get { 
 				if (_userStore == null)
-					_userStore = new X509Stores(CurrentUserPath);
+					_userStore = new X509Stores (CurrentUserPath, false);
 				
 				return _userStore;
 			}
@@ -88,12 +116,30 @@ namespace Mono.Security.X509 {
 		static public X509Stores LocalMachine {
 			get {
 				if (_machineStore == null) 
-					_machineStore = new X509Stores (LocalMachinePath);
+					_machineStore = new X509Stores (LocalMachinePath, false);
 
 				return _machineStore;
 			}
 		}
 
+		static public X509Stores NewCurrentUser {
+			get {
+				if (_newUserStore == null)
+					_newUserStore = new X509Stores (NewCurrentUserPath, true);
+
+				return _newUserStore;
+			}
+		}
+
+		static public X509Stores NewLocalMachine {
+			get {
+				if (_newMachineStore == null)
+					_newMachineStore = new X509Stores (NewLocalMachinePath, true);
+
+				return _newMachineStore;
+			}
+		}
+
 		// Merged stores collections
 		// we need to look at both the user and the machine (entreprise)
 		// certificates/CRLs when building/validating a chain

mcs/class/Mono.Security/Mono.Security.X509/X509Stores.cs

@@ -44,15 +44,17 @@ namespace Mono.Security.X509 {
 	class X509Stores {
 
 		private string _storePath;
+		private bool _newFormat;
 		private X509Store _personal;
 		private X509Store _other;
 		private X509Store _intermediate;
 		private X509Store _trusted;
 		private X509Store _untrusted;
 
-		internal X509Stores (string path) 
+		internal X509Stores (string path, bool newFormat)
 		{
 			_storePath = path;
+			_newFormat = newFormat;
 		}
 
 		// properties
@@ -61,7 +63,7 @@ namespace Mono.Security.X509 {
 			get { 
 				if (_personal == null) {
 					string path = Path.Combine (_storePath, Names.Personal);
-					_personal = new X509Store (path, false);
+					_personal = new X509Store (path, false, false);
 				}
 				return _personal; 
 			}
@@ -71,7 +73,7 @@ namespace Mono.Security.X509 {
 			get { 
 				if (_other == null) {
 					string path = Path.Combine (_storePath, Names.OtherPeople);
-					_other = new X509Store (path, false);
+					_other = new X509Store (path, false, false);
 				}
 				return _other; 
 			}
@@ -81,7 +83,7 @@ namespace Mono.Security.X509 {
 			get { 
 				if (_intermediate == null) {
 					string path = Path.Combine (_storePath, Names.IntermediateCA);
-					_intermediate = new X509Store (path, true);
+					_intermediate = new X509Store (path, true, _newFormat);
 				}
 				return _intermediate; 
 			}
@@ -91,7 +93,7 @@ namespace Mono.Security.X509 {
 			get { 
 				if (_trusted == null) {
 					string path = Path.Combine (_storePath, Names.TrustedRoot);
-					_trusted = new X509Store (path, true);
+					_trusted = new X509Store (path, true, _newFormat);
 				}
 				return _trusted; 
 			}
@@ -101,7 +103,7 @@ namespace Mono.Security.X509 {
 			get { 
 				if (_untrusted == null) {
 					string path = Path.Combine (_storePath, Names.Untrusted);
-					_untrusted = new X509Store (path, false);
+					_untrusted = new X509Store (path, false, _newFormat);
 				}
 				return _untrusted; 
 			}
@@ -138,7 +140,7 @@ namespace Mono.Security.X509 {
 			if (!create && !Directory.Exists (path))
 				return null;
 
-			return new X509Store (path, true);
+			return new X509Store (path, true, false);
 		}
 
 		// names
@@ -151,7 +153,7 @@ namespace Mono.Security.X509 {
 			public const string IntermediateCA = "CA";
 			public const string TrustedRoot = "Trust";
 			public const string Untrusted = "Disallowed";
-			
+
 			public Names () {}
 		}
 	}