parse.aspx
Page updated: 2022-03-31
Download parse.aspx
The result of the code below can be seen live here: Try!
<%@ Page Language="C#" ContentType="text/html" ResponseEncoding="utf-8" %> <%@ Import Namespace="System.Security.Cryptography.X509Certificates" %> <%@ Import Namespace="System.Security.Cryptography" %> <%@ Import Namespace="System" %> <!DOCTYPE HTML> <script runat="server"> //protected void Page_Load(object sender, EventArgs e) //{ } void LoadCertInfo() { string para = "<div style='margin: 10px 0 0 0; font-weight: bold'>{0}</div>"; string subpara = "<div style='margin-left: 15px; font-size: 90%'>{0}</div>"; if (Page.Request.ClientCertificate.IsPresent) { Response.Write("<br /><div style='width: 600px; margin: 20px auto'>"); Response.Write("<h3 style='width: 500px; margin: 20px auto'>Parsing of the certificate used for login with mutual TLS</h3>"); //Response.Write("<div style='text-align: center;'>"); Response.Write("<hr />"); try { X509Certificate2 x509Cert2 = new X509Certificate2(Page.Request.ClientCertificate.Certificate); // ----------------------------------------------------------------------------------------------------- Response.Write(string.Format(para, "Issued By:")); Response.Write(string.Format(subpara, x509Cert2.Issuer)); // ----------------------------------------------------------------------------------------------------- Response.Write(string.Format(para, "Issued To:")); Response.Write(string.Format(subpara, x509Cert2.Subject)); // ----------------------------------------------------------------------------------------------------- #region Subject Alternative Name Section X509Extension sanExtension = (X509Extension)x509Cert2.Extensions["Subject Alternative Name"]; if (sanExtension != null) { Response.Write(string.Format(para, "Subject Alternative Name:")); Response.Write(string.Format(subpara, sanExtension.Format(true))); } else { Response.Write(string.Format(para, "No Subject Alternative Name Data")); } #endregion // Subject Alternative Name Section // ----------------------------------------------------------------------------------------------------- Response.Write(string.Format(para, "Validity:")); Response.Write(string.Format(subpara, "From: " + x509Cert2.GetEffectiveDateString())); Response.Write(string.Format(subpara, "To: " + x509Cert2.GetExpirationDateString())); // ----------------------------------------------------------------------------------------------------- Response.Write(string.Format(para, "SerialNumber:")); Response.Write(string.Format(subpara, x509Cert2.SerialNumber)); // ----------------------------------------------------------------------------------------------------- Response.Write(string.Format(para, "Thumbprint:")); Response.Write(string.Format(subpara, x509Cert2.Thumbprint)); // ----------------------------------------------------------------------------------------------------- Response.Write(string.Format(para, "Certificate hash algoritm:")); Response.Write(string.Format(subpara, x509Cert2.SignatureAlgorithm.Value)); // ----------------------------------------------------------------------------------------------------- #region SKI Section X509Extension X509SubjectKeyIdentifierExtension = (X509Extension)x509Cert2.Extensions["Subject Key Identifier"]; if (X509SubjectKeyIdentifierExtension != null) { Response.Write(string.Format(para, "Subject Key Identifier:")); Response.Write(string.Format(subpara, X509SubjectKeyIdentifierExtension.Format(true))); } else { Response.Write(string.Format(para, "No Subject Key Identifier found")); } #endregion // SKI Section // ----------------------------------------------------------------------------------------------------- #region Key Usage Section X509Extension keyUsageExtension = (X509Extension)x509Cert2.Extensions["Key Usage"]; if (keyUsageExtension != null) { Response.Write(string.Format(para, "Key Usage:")); Response.Write(string.Format(subpara, keyUsageExtension.Format(true))); } else { Response.Write(string.Format(para, "No Key Usage found")); } #endregion // Key Usage Section // ----------------------------------------------------------------------------------------------------- #region EKU Section - Retrieve EKU info and write out each OID X509EnhancedKeyUsageExtension ekuExtension = (X509EnhancedKeyUsageExtension)x509Cert2.Extensions["Enhanced Key Usage"]; if (ekuExtension != null) { Response.Write(string.Format(para, "Enhanced Key Usage (" + ekuExtension.EnhancedKeyUsages.Count.ToString() + " found)")); OidCollection ekuOids = ekuExtension.EnhancedKeyUsages; foreach (Oid ekuOid in ekuOids) Response.Write(string.Format(subpara, ekuOid.FriendlyName + " (OID: " + ekuOid.Value + ")")); } else { Response.Write(string.Format(para, "No EKU Section Data")); } #endregion // EKU Section // ----------------------------------------------------------------------------------------------------- #region Certificate Policies Section X509Extension policyExtension = (X509Extension)x509Cert2.Extensions["Certificate Policies"]; if (policyExtension != null) { Response.Write(string.Format(para, "Certificate Policies:")); Response.Write(string.Format(subpara, policyExtension.Format(true))); } else { Response.Write(string.Format(para, "No Certificate Policies Data")); } #endregion //Certificate Policies Section // ----------------------------------------------------------------------------------------------------- #region AKI Section X509Extension X509AuthorityKeyIdentifierExtension = (X509Extension)x509Cert2.Extensions["Authority Key Identifier"]; if (X509AuthorityKeyIdentifierExtension != null) { Response.Write(string.Format(para, "Authority Key Identifier:")); Response.Write(string.Format(subpara, X509AuthorityKeyIdentifierExtension.Format(true))); } else { Response.Write(string.Format(para, "No Authority Key Identifier found")); } #endregion // AKI Section // ----------------------------------------------------------------------------------------------------- #region CDP Section X509Extension X509CRLDistributionPointsExtension = (X509Extension)x509Cert2.Extensions["CRL Distribution Points"]; if (X509CRLDistributionPointsExtension != null) { Response.Write(string.Format(para, "CRL Distribution Points:")); Response.Write(string.Format(subpara, X509CRLDistributionPointsExtension.Format(true))); } else { Response.Write(string.Format(para, "No CRL Distribution Points found")); } #endregion // CDP Section // ----------------------------------------------------------------------------------------------------- #region CDP Section X509Extension X509AuthorityInformationAccessExtension = (X509Extension)x509Cert2.Extensions["Authority Information Access"]; if (X509AuthorityInformationAccessExtension != null) { Response.Write(string.Format(para, "Authority Information Access:")); Response.Write(string.Format(subpara, X509AuthorityInformationAccessExtension.Format(true))); } else { Response.Write(string.Format(para, "No Authority Information Access extension found")); } #endregion // CDP Section // ----------------------------------------------------------------------------------------------------- } catch (Exception ex) { Response.Write(string.Format(para, "An error occured:")); Response.Write(string.Format(subpara, ex.Message)); Response.Write(string.Format(subpara, ex.StackTrace)); } finally { Response.Write("</div>"); } } } protected void Page_Load(object sender, EventArgs e) { } </script> <html> <head> <title>Port 8080</title> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no" /> <style type="text/css"> .auto-style1 { text-align: center; } </style> </head> <body> <% LoadCertInfo(); %> </body> </html>