Created
September 7, 2022 17:15
-
-
Save RufusJWB/ed37330e5d023ac7f3bed3c240d34578 to your computer and use it in GitHub Desktop.
Upload all certificates signed by one RootCA from certificate store to a CT Log
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System.Security.Cryptography.X509Certificates; | |
| using System.Text; | |
| using System.Text.Json; | |
| namespace DodoLogUploader | |
| { | |
| public class CTUploadObject | |
| { | |
| public string[] chain { get; set; } | |
| } | |
| static class HttpResponseMessageExtensions | |
| { | |
| internal static void WriteRequestToConsole(this HttpResponseMessage response) | |
| { | |
| if (response is null) | |
| { | |
| return; | |
| } | |
| var request = response.RequestMessage; | |
| Console.Write($"{request?.Method} "); | |
| Console.Write($"{request?.RequestUri} "); | |
| Console.WriteLine($"HTTP/{request?.Version}"); | |
| } | |
| } | |
| internal class Program | |
| { | |
| private const string ctLog = "https://dodo.ct.comodo.com/"; | |
| private const string rootCAIssuerName = "Siemens Root CA V3.0 2016"; | |
| static void Main(string[] args) | |
| { | |
| X509Store rootStore = new X509Store(StoreName.Root, StoreLocation.LocalMachine); | |
| rootStore.Open(OpenFlags.ReadOnly); | |
| X509Certificate2Collection rootCertColl = rootStore.Certificates.Find(X509FindType.FindByIssuerName, rootCAIssuerName, true); | |
| X509Certificate2 rootCert = rootCertColl.Single(); | |
| rootStore.Close(); | |
| var rootB64String = Convert.ToBase64String(rootCert.Export(X509ContentType.Cert), Base64FormattingOptions.None); | |
| X509Store issuingStore = new X509Store(StoreName.CertificateAuthority, StoreLocation.LocalMachine); | |
| issuingStore.Open(OpenFlags.ReadOnly); | |
| X509Certificate2Collection CertColl = issuingStore.Certificates.Find(X509FindType.FindByIssuerDistinguishedName, rootCert.Issuer, true); | |
| foreach (X509Certificate2 Cert in CertColl) | |
| { | |
| Console.WriteLine("Cert: " + Cert.SubjectName.Name); | |
| var b64String = Convert.ToBase64String(Cert.Export(X509ContentType.Cert), Base64FormattingOptions.None); | |
| var ctUploadObject = new CTUploadObject(); | |
| ctUploadObject.chain = new string[2]; | |
| ctUploadObject.chain[0] = b64String; | |
| ctUploadObject.chain[1] = rootB64String; | |
| var options = new JsonSerializerOptions { WriteIndented = true }; | |
| string jsonString = JsonSerializer.Serialize(ctUploadObject, options); | |
| using HttpClient client = new() | |
| { | |
| BaseAddress = new Uri(ctLog) | |
| }; | |
| using StringContent jsonContent = new( | |
| jsonString, | |
| Encoding.UTF8, | |
| "application/json"); | |
| using HttpResponseMessage response = client.PostAsync("ct/v1/add-chain", jsonContent).Result; | |
| response.EnsureSuccessStatusCode().WriteRequestToConsole(); | |
| var jsonResponse = response.Content.ReadAsStringAsync().Result; | |
| Console.WriteLine($"{jsonResponse}\n"); | |
| } | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment