Class CertificateCollector
Collects metadata from the local certificate stores.
Implements
Inherited Members
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.ToString()
Namespace: AttackSurfaceAnalyzer.Collectors
Assembly: AsaLib.dll
Syntax
public class CertificateCollector : BaseCollector, IPlatformRunnableConstructors
| Improve this Doc View SourceCertificateCollector(CollectCommandOptions, Action<CollectObject>)
Declaration
public CertificateCollector(CollectCommandOptions opts = null, Action<CollectObject> changeHandler = null)Parameters
| Type | Name | Description |
|---|---|---|
| CollectCommandOptions | opts | |
| System.Action<CollectObject> | changeHandler |
Methods
| Improve this Doc View SourceCanRunOnPlatform()
Declaration
public override bool CanRunOnPlatform()Returns
| Type | Description |
|---|---|
| System.Boolean |
Overrides
| Improve this Doc View SourceExecuteInternal()
Execute the certificate collector.
Declaration
public override void ExecuteInternal()Overrides
| Improve this Doc View SourceExecuteLinux()
On linux we check the central trusted root store (a folder), which has symlinks to actual cert locations scattered across the db We list all the certificates and then create a new X509Certificate2 object for each by filename.
Declaration
public void ExecuteLinux()ExecuteMacOs()
On macos we use the keychain and export the certificates as .pem. However, on macos Certificate2 doesn't support loading from a pem. So first we need pkcs12s instead, we convert using openssl, which requires we set a password we import the pkcs12 with all our certs, delete the temp files and then iterate over it the certs
Declaration
public void ExecuteMacOs()ExecuteWindows()
On Windows we can use the .NET API to iterate through all the stores.
Declaration
public void ExecuteWindows()