Example #1
0
 public SSLCert(System.Security.Cryptography.X509Certificates.X509Certificate x509Certificate, string domainName)
 {
     DomainToCheck = domainName;
     Issuer        = x509Certificate.Issuer;
     Subject       = x509Certificate.Subject;
     Expires       = x509Certificate.GetExpirationDateString();
 }
Example #2
0
        internal static bool CheckSslCertificate(object sender, System.Security.Cryptography.X509Certificates.X509Certificate certificate,
                                                 System.Security.Cryptography.X509Certificates.X509Chain chain,
                                                 System.Net.Security.SslPolicyErrors sslPolicyErrors)
        {
            var startTime = DateTime.Parse(certificate.GetEffectiveDateString());
            var endTime   = DateTime.Parse(certificate.GetExpirationDateString());

            if (startTime <= DateTime.Now && endTime >= DateTime.Now && certificate.Issuer.Contains("Philips Hue"))
            {
                return(true);
            }

            else
            {
                return(false);
            }
        }
Example #3
0
        // Debug SMTP Tls Certificate
        private bool RemoteServerCertificateValidationCallback(object sender, System.Security.Cryptography.X509Certificates.X509Certificate certificate, System.Security.Cryptography.X509Certificates.X509Chain chain, System.Net.Security.SslPolicyErrors sslPolicyErrors)
        {
            // Test - Zertifikat ausgeben
            if (_param.AppCfg_DebugTLS == "True" || _param.AppCfg_DebugTLS == "true")
            {
                MessageBox.Show("SMTP-Zertifikat: " + Environment.NewLine +
                                "SN: " + certificate.GetSerialNumberString() + Environment.NewLine +
                                "Hash: " + certificate.GetCertHashString() + Environment.NewLine +
                                "From: " + certificate.GetEffectiveDateString() + Environment.NewLine +
                                "To: " + certificate.GetExpirationDateString() + Environment.NewLine +
                                "Issuer: " + certificate.Issuer + Environment.NewLine +
                                "Subject: " + certificate.Subject
                                );
            }

            return(true);
        }
Example #4
0
        private bool Validator(object sender, System.Security.Cryptography.X509Certificates.X509Certificate cert, System.Security.Cryptography.X509Certificates.X509Chain chain, System.Net.Security.SslPolicyErrors ssl_policy_errors)
        {
            byte[] server_certificate = cert.GetRawCertData();

            bool match = (server_certificate.Length == certificate.Length) &&
                         DateTime.Parse(cert.GetEffectiveDateString()) <= DateTime.Now &&
                         DateTime.Parse(cert.GetExpirationDateString()) >= DateTime.Now;

            int size = server_certificate.Length;

            int i = 0;

            while (match && i < size)
            {
                match = server_certificate[i] == certificate[i];

                ++i;
            }

            return(match);
        }
Example #5
0
        private void ExtractData(Packets.TcpPacket tcpPacket, FiveTuple fiveTuple, bool transferIsClientToServer, Packets.TlsRecordPacket.HandshakePacket handshake)
        {
            NetworkHost sourceHost, destinationHost;

            if (transferIsClientToServer)
            {
                sourceHost      = fiveTuple.ClientHost;
                destinationHost = fiveTuple.ServerHost;
            }
            else
            {
                sourceHost      = fiveTuple.ServerHost;
                destinationHost = fiveTuple.ClientHost;
            }

            //foreach (Packets.AbstractPacket p in tlsRecordPacket.GetSubPackets(false)) {
            //    if(p.GetType()==typeof(Packets.TlsRecordPacket.HandshakePacket)) {
            //        Packets.TlsRecordPacket.HandshakePacket handshake=(Packets.TlsRecordPacket.HandshakePacket)p;
            foreach (var version in handshake.GetSupportedSslVersions())
            {
                //destinationHost.AddHostName(handshake.ServerHostName);
                System.Collections.Specialized.NameValueCollection param = new System.Collections.Specialized.NameValueCollection {
                    { "TLS Handshake " + Enum.GetName(typeof(Packets.TlsRecordPacket.HandshakePacket.MessageTypes), handshake.MessageType) + " Supported Version", version.Item1.ToString() + "." + version.Item2.ToString() + " (0x" + version.Item1.ToString("x2") + version.Item2.ToString("x2") + ")" }
                };
                base.MainPacketHandler.OnParametersDetected(new Events.ParametersEventArgs(handshake.ParentFrame.FrameNumber, fiveTuple, transferIsClientToServer, param, handshake.ParentFrame.Timestamp, "TLS Handshake"));
            }
            if (!String.IsNullOrEmpty(handshake.GetAlpnNextProtocolString()))
            {
                //destinationHost.AddHostName(handshake.ServerHostName);
                System.Collections.Specialized.NameValueCollection param = new System.Collections.Specialized.NameValueCollection {
                    { "TLS ALPN", handshake.GetAlpnNextProtocolString() }
                };
                base.MainPacketHandler.OnParametersDetected(new Events.ParametersEventArgs(handshake.ParentFrame.FrameNumber, fiveTuple, transferIsClientToServer, param, handshake.ParentFrame.Timestamp, "TLS Handshake"));
            }
            if (handshake.MessageType == Packets.TlsRecordPacket.HandshakePacket.MessageTypes.ClientHello)
            {
                if (handshake.ServerHostName != null)
                {
                    destinationHost.AddHostName(handshake.ServerHostName);
                    System.Collections.Specialized.NameValueCollection param = new System.Collections.Specialized.NameValueCollection();
                    param.Add("TLS Server Name (SNI)", handshake.ServerHostName);
                    base.MainPacketHandler.OnParametersDetected(new Events.ParametersEventArgs(handshake.ParentFrame.FrameNumber, fiveTuple, transferIsClientToServer, param, handshake.ParentFrame.Timestamp, "TLS Client Hello"));
                }
            }
            else if (handshake.MessageType == Packets.TlsRecordPacket.HandshakePacket.MessageTypes.Certificate)
            {
                for (int i = 0; i < handshake.CertificateList.Count; i++)
                {
                    byte[] certificate = handshake.CertificateList[i];
                    string x509CertSubject;
                    System.Security.Cryptography.X509Certificates.X509Certificate x509Cert = null;
                    try {
                        x509Cert        = new System.Security.Cryptography.X509Certificates.X509Certificate(certificate);
                        x509CertSubject = x509Cert.Subject;
                    }
                    catch {
                        x509CertSubject = "Unknown_x509_Certificate_Subject";
                        x509Cert        = null;
                    }
                    if (x509CertSubject.Contains("CN="))
                    {
                        x509CertSubject = x509CertSubject.Substring(x509CertSubject.IndexOf("CN=") + 3);
                    }
                    else if (x509CertSubject.Contains("="))
                    {
                        x509CertSubject = x509CertSubject.Substring(x509CertSubject.IndexOf('=') + 1);
                    }
                    if (x509CertSubject.Length > 28)
                    {
                        x509CertSubject = x509CertSubject.Substring(0, 28);
                    }
                    if (x509CertSubject.Contains(","))
                    {
                        x509CertSubject = x509CertSubject.Substring(0, x509CertSubject.IndexOf(','));
                    }

                    x509CertSubject.Trim(new char[] { '.', ' ' });

                    /*
                     * while (x509CertSubject.EndsWith(".") || x509CertSubject.EndsWith(" "))
                     *  x509CertSubject=x509CertSubject.Substring(0, x509CertSubject.Length-1);
                     */
                    string filename     = x509CertSubject + ".cer";
                    string fileLocation = "/";
                    string details;
                    if (x509Cert != null)
                    {
                        details = "TLS Certificate: " + x509Cert.Subject;
                    }
                    else
                    {
                        details = "TLS Certificate: Unknown x509 Certificate";
                    }


                    FileTransfer.FileStreamAssembler assembler = new FileTransfer.FileStreamAssembler(base.MainPacketHandler.FileStreamAssemblerList, fiveTuple, transferIsClientToServer, FileTransfer.FileStreamTypes.TlsCertificate, filename, fileLocation, certificate.Length, certificate.Length, details, null, tcpPacket.ParentFrame.FrameNumber, tcpPacket.ParentFrame.Timestamp, FileTransfer.FileStreamAssembler.FileAssmeblyRootLocation.source);
                    base.MainPacketHandler.FileStreamAssemblerList.Add(assembler);
                    if (i == 0 && x509CertSubject.Contains(".") && !x509CertSubject.Contains("*") && !x509CertSubject.Contains(" "))
                    {
                        sourceHost.AddHostName(x509CertSubject);
                    }
                    System.Collections.Specialized.NameValueCollection parameters = new System.Collections.Specialized.NameValueCollection();
                    //parameters.Add("Certificate Subject", x509Cert.Subject);
                    const string CERTIFICATE_SUBJECT = "Certificate Subject";
                    this.addParameters(parameters, x509Cert.Subject, CERTIFICATE_SUBJECT);
                    if (i == 0)
                    {
                        //check for CN parameter
                        if (parameters[CERTIFICATE_SUBJECT + " CN"] != null)
                        {
                            foreach (string cn in parameters.GetValues(CERTIFICATE_SUBJECT + " CN"))
                            {
                                sourceHost.AddNumberedExtraDetail("X.509 Certificate Subject CN", cn);
                                if (cn.Contains(".") && !cn.Contains(" "))
                                {
                                    if (cn.Contains("*"))
                                    {
                                        if (cn.StartsWith("*."))
                                        {
                                            sourceHost.AddDomainName(cn.Substring(2));
                                        }
                                    }
                                    else
                                    {
                                        sourceHost.AddHostName(cn);
                                    }
                                }
                            }
                        }
                    }

                    this.addParameters(parameters, x509Cert.Issuer, "Certificate Issuer");



                    //parameters.Add("Certificate Issuer", x509Cert.Issuer);
                    parameters.Add("Certificate Hash", x509Cert.GetCertHashString());
                    parameters.Add("Certificate valid from", x509Cert.GetEffectiveDateString());
                    parameters.Add("Certificate valid to", x509Cert.GetExpirationDateString());
                    parameters.Add("Certificate Serial", x509Cert.GetSerialNumberString());
                    try {
                        System.Security.Cryptography.X509Certificates.X509Certificate2 cert2 = new System.Security.Cryptography.X509Certificates.X509Certificate2(certificate);
                        foreach (var ext in cert2.Extensions)
                        {
                            string fn  = ext.Oid.FriendlyName;
                            string oid = ext.Oid.Value;
                            string val = ext.Format(true);
                            System.IO.StringReader sr = new System.IO.StringReader(val);
                            string line = sr.ReadLine();
                            while (line != null)
                            {
                                parameters.Add(oid + " " + fn, line);
                                if (i == 0 && oid == "2.5.29.17")
                                {
                                    sourceHost.AddNumberedExtraDetail("X.509 Certificate " + fn, line);
                                }
                                line = sr.ReadLine();
                            }
                        }

                        if (cert2.Verify())
                        {
                            parameters.Add("Certificate valid", "TRUE");
                        }
                        else
                        {
                            parameters.Add("Certificate valid", "FALSE");
                        }
                    }
                    catch (Exception) { }


                    base.MainPacketHandler.OnParametersDetected(new Events.ParametersEventArgs(tcpPacket.ParentFrame.FrameNumber, fiveTuple, transferIsClientToServer, parameters, tcpPacket.ParentFrame.Timestamp, "X.509 Certificate"));

                    if (assembler.TryActivate())
                    {
                        assembler.AddData(certificate, tcpPacket.SequenceNumber);//this one should trigger FinnishAssembling()
                    }
                }
            }
            //}
            //return true;
        }
        public bool PsCertificateValidationCallBack(
            object sender,
            System.Security.Cryptography.X509Certificates.X509Certificate certificate,
            System.Security.Cryptography.X509Certificates.X509Chain chain,
            System.Net.Security.SslPolicyErrors sslPolicyErrors)
        {
            string sCerts = string.Empty;


            // If the certificate is a valid, signed certificate, return true.
            if (sslPolicyErrors == System.Net.Security.SslPolicyErrors.None)
            {
                sCerts        += "[Valid Cert - No Errors]----------------------------\r\n\r\n";
                sCerts        += "Issuer:               " + certificate.Issuer + "\r\n";
                sCerts        += "Subject:              " + certificate.Subject + "\r\n";
                sCerts        += "EffectiveDateString:  " + certificate.GetEffectiveDateString() + "\r\n";
                sCerts        += "ExpirationDate:       " + certificate.GetExpirationDateString() + "\r\n";
                sCerts        += "Format:               " + certificate.GetFormat() + "\r\n";
                sCerts        += "SerialNumber:         " + certificate.GetSerialNumberString() + "\r\n";
                sCerts        += "RawCertData:          " + certificate.GetRawCertDataString() + "\r\n";
                sCerts        += "PublicKey:            " + certificate.GetPublicKeyString() + "\r\n";
                sCerts        += "\r\n---------------------------------\r\n\r\n";
                _Certificates += sCerts;
                return(true);
            }

            // If thre are errors in the certificate chain, look at each error to determine the cause.
            if ((sslPolicyErrors & System.Net.Security.SslPolicyErrors.RemoteCertificateChainErrors) != 0)
            {
                sCerts += "[Remote Certificate Chain Errors Found]----------------------------\r\n\r\n";
                if (chain != null && chain.ChainStatus != null)
                {
                    foreach (System.Security.Cryptography.X509Certificates.X509ChainStatus status in chain.ChainStatus)
                    {
                        if ((certificate.Subject == certificate.Issuer) &&
                            (status.Status == System.Security.Cryptography.X509Certificates.X509ChainStatusFlags.UntrustedRoot))
                        {
                            sCerts += "    [Self-signed certificates with an untrusted root - Considering as valid]----------------------------\r\n\r\n";
                            sCerts += "    Status Information:   " + status.StatusInformation + "\r\n\r\n";

                            sCerts        += "    Issuer:               " + certificate.Issuer + "\r\n";
                            sCerts        += "    Subject:              " + certificate.Subject + "\r\n";
                            sCerts        += "    EffectiveDateString:  " + certificate.GetEffectiveDateString() + "\r\n";
                            sCerts        += "    ExpirationDate:       " + certificate.GetExpirationDateString() + "\r\n";
                            sCerts        += "    Format:               " + certificate.GetFormat() + "\r\n";
                            sCerts        += "    SerialNumber:         " + certificate.GetSerialNumberString() + "\r\n";
                            sCerts        += "    RawCertData:          " + certificate.GetRawCertDataString() + "\r\n";
                            sCerts        += "    PublicKey:            " + certificate.GetPublicKeyString() + "\r\n";
                            sCerts        += "\r\n    ---------------------------------\r\n\r\n";
                            _Certificates += sCerts;
                            // Self-signed certificates with an untrusted root are valid.
                            continue;
                        }
                        else
                        {
                            if (status.Status != System.Security.Cryptography.X509Certificates.X509ChainStatusFlags.NoError)
                            {
                                sCerts += "    [Certificate Errors - Considering as invlid]----------------------------\r\n";

                                sCerts += "    Status Information:   " + status.StatusInformation + "\r\n\r\n";

                                sCerts        += "    Issuer:               " + certificate.Issuer + "\r\n";
                                sCerts        += "    Subject:              " + certificate.Subject + "\r\n";
                                sCerts        += "    EffectiveDateString:  " + certificate.GetEffectiveDateString() + "\r\n";
                                sCerts        += "    ExpirationDate:       " + certificate.GetExpirationDateString() + "\r\n";
                                sCerts        += "    Format:               " + certificate.GetFormat() + "\r\n";
                                sCerts        += "    SerialNumber:         " + certificate.GetSerialNumberString() + "\r\n";
                                sCerts        += "    RawCertData:          " + certificate.GetRawCertDataString() + "\r\n";
                                sCerts        += "    PublicKey:            " + certificate.GetPublicKeyString() + "\r\n";
                                sCerts        += "\r\n    ---------------------------------\r\n\r\n";
                                _Certificates += sCerts;
                                // If there are any other errors in the certificate chain, the certificate is invalid,
                                // so the method returns false.
                                return(false);
                            }
                        }
                    }
                }

                // When processing reaches this line, the only errors in the certificate chain are
                // untrusted root errors for self-signed certifcates. These certificates are valid
                // for default Exchange server installations, so return true.
                return(true);
            }
            else
            {
                // In all other cases, return false.
                return(false);
            }
        }