static X509Store GetStoreFromName(string storeName, bool machine) { X509Stores stores = ((machine) ? X509StoreManager.LocalMachine : X509StoreManager.CurrentUser); X509Store store = null; switch (storeName) { case X509Stores.Names.Personal: return(stores.Personal); case X509Stores.Names.OtherPeople: return(stores.OtherPeople); case X509Stores.Names.IntermediateCA: return(stores.IntermediateCA); case "Root": // special case (same as trusted root) case X509Stores.Names.TrustedRoot: return(stores.TrustedRoot); case X509Stores.Names.Untrusted: return(stores.Untrusted); } return(store); }
public static bool LdapSSLHandler(System.Security.Cryptography.X509Certificates.X509Certificate certificate, int[] certificateErrors) { #if !MONO X509Store store = null; X509Stores stores = X509StoreManager.LocalMachine; store = stores.TrustedRoot; X509Certificate x509 = null; byte[] data = certificate.GetRawCertData(); if (data != null) { x509 = new X509Certificate(data); } if (x509 != null) { //coll.Add(x509); if (!store.Certificates.Contains(x509)) { store.Import(x509); } } #endif return(true); }
static int Process() { X509CertificateCollection roots = DecodeCollection(); if (roots == null) { return(1); } else if (roots.Count == 0) { WriteLine("No certificates were found."); return(0); } X509Stores stores = userStore ? X509StoreManager.CurrentUser : X509StoreManager.LocalMachine; X509CertificateCollection trusted = stores.TrustedRoot.Certificates; int additions = 0; WriteLine("I already trust {0}, your new list has {1}", trusted.Count, roots.Count); foreach (X509Certificate root in roots) { if (!trusted.Contains(root)) { try { stores.TrustedRoot.Import(root); WriteLine("Certificate added: {0}", root.SubjectName); additions++; } catch (Exception e) { WriteLine("Warning: Could not import {0}", root.SubjectName); WriteLine(e.ToString()); } } } if (additions > 0) { WriteLine("{0} new root certificates were added to your trust store.", additions); } X509CertificateCollection removed = new X509CertificateCollection(); foreach (X509Certificate trust in trusted) { if (!roots.Contains(trust)) { removed.Add(trust); } } if (removed.Count > 0) { WriteLine("{0} previously trusted certificates were removed.", removed.Count); foreach (X509Certificate old in removed) { stores.TrustedRoot.Remove(old); WriteLine("Certificate removed: {0}", old.SubjectName); } } WriteLine("Import process completed."); return(0); }
static int Main(string [] args) { bool machine = false; for (int i = 0; i < args.Length; i++) { switch (args [i]) { case "-m": case "--m": machine = true; break; case "-v": case "--v": verbose = true; break; case "-f": case "--f": force = true; break; case "-help": case "--help": case "-?": case "--?": Help(); return(0); } } try { X509Stores stores = ((machine) ? X509StoreManager.LocalMachine : X509StoreManager.CurrentUser); // for all store (expect Untrusted) UpdateStore(stores.TrustedRoot); UpdateStore(stores.IntermediateCA); UpdateStore(stores.Personal); UpdateStore(stores.OtherPeople); return(0); } catch (Exception e) { Console.WriteLine("ERROR: Unexpected exception: {0}", e); return(1); } }
public static bool MySSLHandler(Syscert.X509Certificate certificate, int[] certificateErrors) { X509Store store = null; X509Stores stores = X509StoreManager.CurrentUser; String input; store = stores.TrustedRoot; //Import the details of the certificate from the server. X509Certificate x509 = null; X509CertificateCollection coll = new X509CertificateCollection(); byte[] data = certificate.GetRawCertData(); if (data != null) { x509 = new X509Certificate(data); } //List the details of the Server //check for ceritficate in store X509CertificateCollection check = store.Certificates; if (!check.Contains(x509)) { if (bindCount == 1) { Console.WriteLine(" \n\nCERTIFICATE DETAILS: \n"); Console.WriteLine(" {0}X.509 v{1} Certificate", (x509.IsSelfSigned ? "Self-signed " : String.Empty), x509.Version); Console.WriteLine(" Serial Number: {0}", CryptoConvert.ToHex(x509.SerialNumber)); Console.WriteLine(" Issuer Name: {0}", x509.IssuerName); Console.WriteLine(" Subject Name: {0}", x509.SubjectName); Console.WriteLine(" Valid From: {0}", x509.ValidFrom); Console.WriteLine(" Valid Until: {0}", x509.ValidUntil); Console.WriteLine(" Unique Hash: {0}", CryptoConvert.ToHex(x509.Hash)); Console.WriteLine(); } //Get the response from the Client do { Console.WriteLine("\nDo you want to proceed with the connection (y/n)?"); input = Console.ReadLine(); if (input == "y" || input == "Y") { bHowToProceed = true; } if (input == "n" || input == "N") { bHowToProceed = false; } } while (input != "y" && input != "Y" && input != "n" && input != "N"); } else { if (bHowToProceed == true) { //Add the certificate to the store. if (x509 != null) { coll.Add(x509); } store.Import(x509); if (bindCount == 1) { removeFlag = true; } } } if (bHowToProceed == false) { //Remove the certificate added from the store. if (removeFlag == true && bindCount > 1) { foreach (X509Certificate xt509 in store.Certificates) { if (CryptoConvert.ToHex(xt509.Hash) == CryptoConvert.ToHex(x509.Hash)) { store.Remove(x509); } } } Console.WriteLine("SSL Bind Failed."); } return(bHowToProceed); }
static int Process() { X509CertificateCollection roots = DecodeCollection(); if (roots == null) { return(1); } else if (roots.Count == 0) { WriteLine("No certificates were found."); return(0); } if (pkcs7filename != null) { SoftwarePublisherCertificate pkcs7 = new SoftwarePublisherCertificate(); pkcs7.Certificates.AddRange(roots); WriteLine("Saving root certificates into '{0}' file...", pkcs7filename); using (FileStream fs = File.OpenWrite(pkcs7filename)) { byte[] data = pkcs7.GetBytes(); fs.Write(data, 0, data.Length); fs.Close(); } } if (import) { WriteLine("Importing certificates into {0} store...", machine ? "machine" : "user"); X509Stores stores = (machine ? X509StoreManager.LocalMachine : X509StoreManager.CurrentUser); X509CertificateCollection trusted = stores.TrustedRoot.Certificates; int additions = 0; foreach (X509Certificate root in roots) { if (!trusted.Contains(root)) { if (!confirmAddition || AskConfirmation("add", root)) { stores.TrustedRoot.Import(root); if (confirmAddition) { WriteLine("Certificate added.{0}", Environment.NewLine); } additions++; } } } if (additions > 0) { WriteLine("{0} new root certificates were added to your trust store.", additions); } X509CertificateCollection removed = new X509CertificateCollection(); foreach (X509Certificate trust in trusted) { if (!roots.Contains(trust)) { removed.Add(trust); } } if (removed.Count > 0) { if (confirmRemoval) { WriteLine("{0} previously trusted certificates were not part of the update.", removed.Count); } else { WriteLine("{0} previously trusted certificates were removed.", removed.Count); } foreach (X509Certificate old in removed) { if (!confirmRemoval || AskConfirmation("remove", old)) { stores.TrustedRoot.Remove(old); if (confirmRemoval) { WriteLine("Certificate removed.{0}", Environment.NewLine); } } } } WriteLine("Import process completed.{0}", Environment.NewLine); } return(0); }
static int Process() { ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { if (sslPolicyErrors != System.Net.Security.SslPolicyErrors.None) { Console.WriteLine("WARNING: Downloading the trusted certificate list couldn't be done securely (error: {0}), continuing anyway. If you're using mozroots to bootstrap Mono's trust store on a clean system this might be OK, otherwise it could indicate a network intrusion. Please ensure you're using a trusted network or move to cert-sync.", sslPolicyErrors); } // this is very bad, but on a clean system without an existing trust store we don't really have a better option return(true); }; X509CertificateCollection roots = DecodeCollection(); if (roots == null) { return(1); } else if (roots.Count == 0) { WriteLine("No certificates were found."); return(0); } if (pkcs7filename != null) { SoftwarePublisherCertificate pkcs7 = new SoftwarePublisherCertificate(); pkcs7.Certificates.AddRange(roots); WriteLine("Saving root certificates into '{0}' file...", pkcs7filename); using (FileStream fs = File.OpenWrite(pkcs7filename)) { byte[] data = pkcs7.GetBytes(); fs.Write(data, 0, data.Length); fs.Close(); } } if (import) { WriteLine("Importing certificates into {0} store...", machine ? "machine" : "user"); X509Stores stores = (machine ? X509StoreManager.LocalMachine : X509StoreManager.CurrentUser); X509CertificateCollection trusted = stores.TrustedRoot.Certificates; int additions = 0; foreach (X509Certificate root in roots) { if (!trusted.Contains(root)) { if (!confirmAddition || AskConfirmation("add", root)) { stores.TrustedRoot.Import(root); if (confirmAddition) { WriteLine("Certificate added.{0}", Environment.NewLine); } additions++; } } } if (additions > 0) { WriteLine("{0} new root certificates were added to your trust store.", additions); } X509CertificateCollection removed = new X509CertificateCollection(); foreach (X509Certificate trust in trusted) { if (!roots.Contains(trust)) { removed.Add(trust); } } if (removed.Count > 0) { if (confirmRemoval) { WriteLine("{0} previously trusted certificates were not part of the update.", removed.Count); } else { WriteLine("{0} previously trusted certificates were removed.", removed.Count); } foreach (X509Certificate old in removed) { if (!confirmRemoval || AskConfirmation("remove", old)) { stores.TrustedRoot.Remove(old); if (confirmRemoval) { WriteLine("Certificate removed.{0}", Environment.NewLine); } } } } WriteLine("Import process completed.{0}", Environment.NewLine); } return(0); }