Esempi in C# (CSharp) per Mono.Security.X509 X509Certificate

Esempio n. 1

File: ServerContext.cs Progetto: jjenki11/blaze-chem-rendering

		public ServerContext(
			SslServerStream			stream,
			SecurityProtocolType	securityProtocolType,
			X509Certificate			serverCertificate,
			bool					clientCertificateRequired)
			: base(securityProtocolType)
		{
			this.sslStream					= stream;
			this.clientCertificateRequired	= clientCertificateRequired;

			// Convert the System.Security cert to a Mono Cert
			MonoX509.X509Certificate cert = new MonoX509.X509Certificate(serverCertificate.GetRawCertData());

			// Add server certificate to the certificate collection
			this.ServerSettings.Certificates = new MonoX509.X509CertificateCollection();
			this.ServerSettings.Certificates.Add(cert);

			this.ServerSettings.UpdateCertificateRSA();

			// Add requested certificate types
			this.ServerSettings.CertificateTypes = new ClientCertificateType[1];
			this.ServerSettings.CertificateTypes[0] = ClientCertificateType.RSA;

			// Add certificate authorities
			this.ServerSettings.DistinguisedNames = new string[0];
		}

Esempio n. 2

        public ServerContext(
            SslServerStream stream,
            SecurityProtocolType securityProtocolType,
            X509Certificate serverCertificate,
            bool clientCertificateRequired)
            : base(securityProtocolType)
        {
            this.sslStream = stream;
            this.clientCertificateRequired = clientCertificateRequired;

            // Convert the System.Security cert to a Mono Cert
            MonoX509.X509Certificate cert = new MonoX509.X509Certificate(serverCertificate.GetRawCertData());

            // Add server certificate to the certificate collection
            this.ServerSettings.Certificates = new MonoX509.X509CertificateCollection();
            this.ServerSettings.Certificates.Add(cert);

            this.ServerSettings.UpdateCertificateRSA();

            // Add requested certificate types
            this.ServerSettings.CertificateTypes    = new ClientCertificateType[1];
            this.ServerSettings.CertificateTypes[0] = ClientCertificateType.RSA;

            // Add certificate authorities
            MonoX509.X509CertificateCollection trusted = MonoX509.X509StoreManager.TrustedRootCertificates;
            string[] list = new string [trusted.Count];
            int      i    = 0;

            foreach (MonoX509.X509Certificate root in trusted)
            {
                list [i++] = root.IssuerName;
            }
            this.ServerSettings.DistinguisedNames = list;
        }

Esempio n. 3

File: NewTlsProvider.cs Progetto: VimalKumarS/mono-tls

        public override MSI.IMonoTlsContext CreateTlsContext(
            string hostname, bool serverMode, MSI.TlsProtocols protocolFlags,
            SSCX.X509Certificate serverCertificate, PSSCX.X509CertificateCollection clientCertificates,
            bool remoteCertRequired, MSI.MonoEncryptionPolicy encryptionPolicy,
            MSI.MonoTlsSettings settings)
        {
            TlsConfiguration config;

            if (serverMode)
            {
                var cert     = (PSSCX.X509Certificate2)serverCertificate;
                var monoCert = new MX.X509Certificate(cert.RawData);
                config = new TlsConfiguration((TlsProtocols)protocolFlags, (MSI.MonoTlsSettings)settings, monoCert, cert.PrivateKey);
                if (remoteCertRequired)
                {
                    config.AskForClientCertificate = true;
                }
            }
            else
            {
                config = new TlsConfiguration((TlsProtocols)protocolFlags, (MSI.MonoTlsSettings)settings, hostname);
            }

            return(new TlsContextWrapper(config, serverMode));
        }

Esempio n. 4

File: ServicePointManager.cs Progetto: zlxy/Genesis-3D

 // RFC2818 - HTTP Over TLS, Section 3.1
 // http://www.ietf.org/rfc/rfc2818.txt
 //
 // 1.	if present MUST use subjectAltName dNSName as identity
 // 1.1.		if multiples entries a match of any one is acceptable
 // 1.2.		wildcard * is acceptable
 // 2.	URI may be an IP address -> subjectAltName.iPAddress
 // 2.1.		exact match is required
 // 3.	Use of the most specific Common Name (CN=) in the Subject
 // 3.1		Existing practice but DEPRECATED
 static bool CheckServerIdentity(Mono.Security.X509.X509Certificate cert, string targetHost)
 {
     try {
         Mono.Security.X509.X509Extension ext = cert.Extensions ["2.5.29.17"];
         // 1. subjectAltName
         if (ext != null)
         {
             SubjectAltNameExtension subjectAltName = new SubjectAltNameExtension(ext);
             // 1.1 - multiple dNSName
             foreach (string dns in subjectAltName.DNSNames)
             {
                 // 1.2 TODO - wildcard support
                 if (Match(targetHost, dns))
                 {
                     return(true);
                 }
             }
             // 2. ipAddress
             foreach (string ip in subjectAltName.IPAddresses)
             {
                 // 2.1. Exact match required
                 if (ip == targetHost)
                 {
                     return(true);
                 }
             }
         }
         // 3. Common Name (CN=)
         return(CheckDomainName(cert.SubjectName, targetHost));
     } catch (Exception e) {
         Console.Error.WriteLine("ERROR processing certificate: {0}", e);
         Console.Error.WriteLine("Please, report this problem to the Mono team");
         return(false);
     }
 }

Esempio n. 5

        public static bool TryInstallCert(Syscert.X509Certificate certificate, ILog log = null)
        {
            try
            {
                var monoX509 = new Monocert.X509Certificate(certificate.GetRawCertData());

                var store = WorkContext.IsMono
                    ? Monocert.X509StoreManager.CurrentUser.TrustedRoot
                    : Monocert.X509StoreManager.LocalMachine.TrustedRoot;

                // Add the certificate to the store.
                store.Import(monoX509);
                store.Certificates.Add(monoX509);

                return(true);
            }
            catch (Exception ex)
            {
                if (log != null)
                {
                    log.ErrorFormat("TryInstallCert() failed. Error: {0}", ex);
                }
            }

            return(false);
        }

Esempio n. 6

File: ServicePointManager.cs Progetto: msruzy/digimon-linkz-client

            private static bool CheckServerIdentity(Mono.Security.X509.X509Certificate cert, string targetHost)
            {
                bool result;

                try
                {
                    Mono.Security.X509.X509Extension x509Extension = cert.Extensions["2.5.29.17"];
                    if (x509Extension != null)
                    {
                        SubjectAltNameExtension subjectAltNameExtension = new SubjectAltNameExtension(x509Extension);
                        foreach (string pattern in subjectAltNameExtension.DNSNames)
                        {
                            if (ServicePointManager.ChainValidationHelper.Match(targetHost, pattern))
                            {
                                return(true);
                            }
                        }
                        foreach (string a in subjectAltNameExtension.IPAddresses)
                        {
                            if (a == targetHost)
                            {
                                return(true);
                            }
                        }
                    }
                    result = ServicePointManager.ChainValidationHelper.CheckDomainName(cert.SubjectName, targetHost);
                }
                catch (Exception arg)
                {
                    Console.Error.WriteLine("ERROR processing certificate: {0}", arg);
                    Console.Error.WriteLine("Please, report this problem to the Mono team");
                    result = false;
                }
                return(result);
            }

Esempio n. 7

File: ServerContext.cs Progetto: calumjiao/Mono-Class-Libraries

		public ServerContext(
			SslServerStream			stream,
			SecurityProtocolType	securityProtocolType,
			X509Certificate			serverCertificate,
			bool					clientCertificateRequired)
			: base(securityProtocolType)
		{
			this.sslStream					= stream;
			this.clientCertificateRequired	= clientCertificateRequired;

			// Convert the System.Security cert to a Mono Cert
			MonoX509.X509Certificate cert = new MonoX509.X509Certificate(serverCertificate.GetRawCertData());

			// Add server certificate to the certificate collection
			this.ServerSettings.Certificates = new MonoX509.X509CertificateCollection();
			this.ServerSettings.Certificates.Add(cert);

			this.ServerSettings.UpdateCertificateRSA();

			// Add requested certificate types
			this.ServerSettings.CertificateTypes = new ClientCertificateType[1];
			this.ServerSettings.CertificateTypes[0] = ClientCertificateType.RSA;

			// Add certificate authorities
			MonoX509.X509CertificateCollection trusted = MonoX509.X509StoreManager.TrustedRootCertificates;
			string[] list = new string [trusted.Count];
			int i = 0;
			foreach (MonoX509.X509Certificate root in trusted)
			{
				list [i++] = root.IssuerName;
			}
			this.ServerSettings.DistinguisedNames = list;
		}

Esempio n. 8

File: X509ExtensionCollection.cs Progetto: raj581/Marvin

        internal X509ExtensionCollection(MX.X509Certificate cert)
        {
            _list = new ArrayList(cert.Extensions.Count);
            if (cert.Extensions.Count == 0)
            {
                return;
            }

            object[] parameters = new object [2];
            foreach (MX.X509Extension ext in cert.Extensions)
            {
                bool   critical = ext.Critical;
                string oid      = ext.Oid;
                byte[] raw_data = null;
                // extension data is embedded in an octet stream (4)
                ASN1 value = ext.Value;
                if ((value.Tag == 0x04) && (value.Count > 0))
                {
                    raw_data = value [0].GetBytes();
                }

                parameters [0] = new AsnEncodedData(oid, raw_data);
                parameters [1] = critical;
                X509Extension newt = (X509Extension)CryptoConfig.CreateFromName(oid, parameters);
                if (newt == null)
                {
                    // not registred in CryptoConfig, using default
                    newt = new X509Extension(oid, raw_data, critical);
                }
                _list.Add(newt);
            }
        }

Esempio n. 9

File: SubjectAltNameExtensionTest.cs Progetto: calumjiao/Mono-Class-Libraries

		public void SubjectAltNameGenerator ()
		{
			RSACryptoServiceProvider rsa = new RSACryptoServiceProvider ();
			X509CertificateBuilder x509 = new X509CertificateBuilder ();
			x509.IssuerName = "C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server";
			x509.NotAfter = DateTime.MaxValue;
			x509.NotBefore = DateTime.MinValue;
			x509.SubjectName = "C=US, ST=Maryland, L=Pasadena, O=Brent Baccala, OU=FreeSoft, CN=www.freesoft.org";
			x509.SerialNumber = new byte[] {12, 34, 56, 78, 90};
			x509.Version = 3;
			x509.SubjectPublicKey = rsa;

			string[] dns = new string[2];
			dns[0] = "one";
			dns[1] = "two";
			string[] uris = new string[3];
			uris[0] = "one:two://three";
			uris[1] = "Here:I:AM://12345";
			uris[2] = "last:one";
			SubjectAltNameExtension sane = new SubjectAltNameExtension (null, dns, null, uris);
			x509.Extensions.Add (sane);
			byte[] data = x509.Sign (rsa);

			X509Certificate x509_loaded = new X509Certificate (data);
			SubjectAltNameExtension	sane_test = new SubjectAltNameExtension (x509_loaded.Extensions[0]);
			Assert.AreEqual (sane_test.RFC822.Length, 0, "RFC822 count");
			Assert.AreEqual (sane_test.DNSNames.Length, 2, "DNSName count");
			Assert.AreEqual (sane_test.IPAddresses.Length, 0, "IPAddresses count");
			Assert.AreEqual (sane_test.UniformResourceIdentifiers.Length, 3, "URI Count");
			Assert.AreEqual (sane_test.DNSNames[1], "two", "DNSName test");
			Assert.AreEqual (sane_test.UniformResourceIdentifiers[2], "last:one", "URI Test");
		}

Esempio n. 10

        public ServerContext(
            SslServerStream stream,
            SecurityProtocolType securityProtocolType,
            System.Security.Cryptography.X509Certificates.X509Certificate serverCertificate,
            bool clientCertificateRequired,
            bool requestClientCertificate)
            : base(securityProtocolType)
        {
            this.sslStream = stream;
            this.clientCertificateRequired  = clientCertificateRequired;
            this.request_client_certificate = requestClientCertificate;
            Mono.Security.X509.X509Certificate x509Certificate1 = new Mono.Security.X509.X509Certificate(serverCertificate.GetRawCertData());
            this.ServerSettings.Certificates = new Mono.Security.X509.X509CertificateCollection();
            this.ServerSettings.Certificates.Add(x509Certificate1);
            this.ServerSettings.UpdateCertificateRSA();
            this.ServerSettings.CertificateTypes    = new ClientCertificateType[1];
            this.ServerSettings.CertificateTypes[0] = ClientCertificateType.RSA;
            Mono.Security.X509.X509CertificateCollection rootCertificates = X509StoreManager.TrustedRootCertificates;
            string[] strArray = new string[rootCertificates.Count];
            int      num      = 0;

            foreach (Mono.Security.X509.X509Certificate x509Certificate2 in rootCertificates)
            {
                strArray[num++] = x509Certificate2.IssuerName;
            }
            this.ServerSettings.DistinguisedNames = strArray;
        }

Esempio n. 11

        private bool checkCertificateUsage(Mono.Security.X509.X509Certificate cert)
        {
            ClientContext clientContext = (ClientContext)base.Context;

            if (cert.Version < 3)
            {
                return(true);
            }
            KeyUsages usage = KeyUsages.none;

            switch (clientContext.Negotiating.Cipher.ExchangeAlgorithmType)
            {
            case ExchangeAlgorithmType.DiffieHellman:
                usage = KeyUsages.keyAgreement;
                break;

            case ExchangeAlgorithmType.Fortezza:
                return(false);

            case ExchangeAlgorithmType.RsaKeyX:
                usage = KeyUsages.keyEncipherment;
                break;

            case ExchangeAlgorithmType.RsaSign:
                usage = KeyUsages.digitalSignature;
                break;
            }
            KeyUsageExtension         keyUsageExtension         = null;
            ExtendedKeyUsageExtension extendedKeyUsageExtension = null;

            Mono.Security.X509.X509Extension x509Extension = cert.Extensions["2.5.29.15"];
            if (x509Extension != null)
            {
                keyUsageExtension = new KeyUsageExtension(x509Extension);
            }
            x509Extension = cert.Extensions["2.5.29.37"];
            if (x509Extension != null)
            {
                extendedKeyUsageExtension = new ExtendedKeyUsageExtension(x509Extension);
            }
            if (keyUsageExtension != null && extendedKeyUsageExtension != null)
            {
                return(keyUsageExtension.Support(usage) && (extendedKeyUsageExtension.KeyPurpose.Contains("1.3.6.1.5.5.7.3.1") || extendedKeyUsageExtension.KeyPurpose.Contains("2.16.840.1.113730.4.1")));
            }
            if (keyUsageExtension != null)
            {
                return(keyUsageExtension.Support(usage));
            }
            if (extendedKeyUsageExtension != null)
            {
                return(extendedKeyUsageExtension.KeyPurpose.Contains("1.3.6.1.5.5.7.3.1") || extendedKeyUsageExtension.KeyPurpose.Contains("2.16.840.1.113730.4.1"));
            }
            x509Extension = cert.Extensions["2.16.840.1.113730.1.1"];
            if (x509Extension != null)
            {
                NetscapeCertTypeExtension netscapeCertTypeExtension = new NetscapeCertTypeExtension(x509Extension);
                return(netscapeCertTypeExtension.Support(NetscapeCertTypeExtension.CertTypes.SslServer));
            }
            return(true);
        }

Esempio n. 12

        private byte[] GetKeyIdentifier(Mono.Security.X509.X509Certificate x509)
        {
            // if present in certificate return value of the SubjectKeyIdentifier
            Mono.Security.X509.X509Extension extn = x509.Extensions ["2.5.29.14"];
            if (extn != null)
            {
                ASN1 bs = new ASN1(extn.Value.Value);
                return(bs.Value);
            }
            // strangely DEPRECATED keyAttributes isn't used here (like KeyUsage)

            // if not then we must calculate the SubjectKeyIdentifier ourselve
            // Note: MS does that hash on the complete subjectPublicKeyInfo (unlike PKIX)
            // http://groups.google.ca/groups?selm=e7RqM%24plCHA.1488%40tkmsftngp02&oe=UTF-8&output=gplain
            ASN1 subjectPublicKeyInfo = new ASN1(0x30);
            ASN1 algo = subjectPublicKeyInfo.Add(new ASN1(0x30));

            algo.Add(new ASN1(CryptoConfig.EncodeOID(x509.KeyAlgorithm)));
            // FIXME: does it work for DSA certs (without an 2.5.29.14 extension ?)
            algo.Add(new ASN1(x509.KeyAlgorithmParameters));
            byte[] pubkey  = x509.PublicKey;
            byte[] bsvalue = new byte [pubkey.Length + 1];             // add unused bits (0) before the public key
            Array.Copy(pubkey, 0, bsvalue, 1, pubkey.Length);
            subjectPublicKeyInfo.Add(new ASN1(0x03, bsvalue));
            SHA1 sha = SHA1.Create();

            return(sha.ComputeHash(subjectPublicKeyInfo.GetBytes()));
        }

Esempio n. 13

File: X509CertificateCollection.cs Progetto: calumjiao/Mono-Class-Libraries

		// Methods

		public int Add (X509Certificate value)
		{
			if (value == null)
				throw new ArgumentNullException ("value");
			
			return InnerList.Add (value);
		}

Esempio n. 14

        private bool checkServerIdentity(Mono.Security.X509.X509Certificate cert)
        {
            ClientContext clientContext = (ClientContext)base.Context;
            string        targetHost    = clientContext.ClientSettings.TargetHost;

            Mono.Security.X509.X509Extension x509Extension = cert.Extensions["2.5.29.17"];
            if (x509Extension != null)
            {
                SubjectAltNameExtension subjectAltNameExtension = new SubjectAltNameExtension(x509Extension);
                foreach (string pattern in subjectAltNameExtension.DNSNames)
                {
                    if (TlsServerCertificate.Match(targetHost, pattern))
                    {
                        return(true);
                    }
                }
                foreach (string a in subjectAltNameExtension.IPAddresses)
                {
                    if (a == targetHost)
                    {
                        return(true);
                    }
                }
            }
            return(this.checkDomainName(cert.SubjectName));
        }

Esempio n. 15

File: TlsProviderFactory.cs Progetto: REALTOBIZ/mono

		internal static ITlsConfiguration CreateTlsConfiguration (
			string hostname, bool serverMode, MSI.TlsProtocols protocolFlags,
			SSCX.X509Certificate serverCertificate, bool remoteCertRequired,
			MSI.MonoTlsSettings settings)
		{
			object[] args;
			ITlsConfiguration config;
			if (serverMode) {
				var cert = (PSSCX.X509Certificate2)serverCertificate;
				var monoCert = new MX.X509Certificate (cert.RawData);
				args = new object[] {
					(MSI.TlsProtocols)protocolFlags,
					(MSI.MonoTlsSettings)settings,
					monoCert,
					cert.PrivateKey
				};
			} else {
				args = new object[] {
					(MSI.TlsProtocols)protocolFlags,
					(MSI.MonoTlsSettings)settings,
					hostname
				};
			}

			config = (ITlsConfiguration)CreateInstance (tlsConfigTypeName, args);

			if (serverMode && remoteCertRequired)
				config.AskForClientCertificate = true;

			return config;
		}

Esempio n. 16

        public static X509CertificateImpl Import(byte[] rawData, string password, X509KeyStorageFlags keyStorageFlags)
        {
            MX.X509Certificate x509;
            if (password == null)
            {
                try {
                    x509 = new MX.X509Certificate(rawData);
                } catch (Exception e) {
                    try {
                        x509 = ImportPkcs12(rawData, null);
                    } catch {
                        string msg = Locale.GetText("Unable to decode certificate.");
                        // inner exception is the original (not second) exception
                        throw new CryptographicException(msg, e);
                    }
                }
            }
            else
            {
                // try PKCS#12
                try {
                    x509 = ImportPkcs12(rawData, password);
                }
                catch {
                    // it's possible to supply a (unrequired/unusued) password
                    // fix bug #79028
                    x509 = new MX.X509Certificate(rawData);
                }
            }

            return(new X509CertificateImplMono(x509));
        }

Esempio n. 17

 public override void Import(byte[] rawData, string password, X509KeyStorageFlags keyStorageFlags)
 {
     base.Import(rawData, password, keyStorageFlags);
     if (password == null)
     {
         try {
             _cert = new Mono.Security.X509.X509Certificate(rawData);
         }
         catch (Exception e) {
             try {
                 ImportPkcs12(rawData, null);
             }
             catch {
                 string msg = Locale.GetText("Unable to decode certificate.");
                 // inner exception is the original (not second) exception
                 throw new CryptographicException(msg, e);
             }
         }
     }
     else
     {
         // try PKCS#12
         try {
             ImportPkcs12(rawData, password);
         }
         catch {
             // it's possible to supply a (unrequired/unusued) password
             // fix bug #79028
             _cert = new Mono.Security.X509.X509Certificate(rawData);
         }
     }
 }

Esempio n. 18

File: X509Helper.cs Progetto: jonathanpeppers/XamarinComponents

        public static X509CertificateImpl InitFromCertificate(X509CertificateImpl impl)
        {
            if (impl == null)
            {
                return(null);
            }

            var copy = impl.Clone();

            if (copy != null)
            {
                return(copy);
            }

            var data = impl.GetRawCertData();

            if (data == null)
            {
                return(null);
            }

            var x509 = new MX.X509Certificate(data);

            return(new X509CertificateImplMono(x509));
        }

Esempio n. 19

File: X509CertificateCollection.cs Progetto: calumjiao/Mono-Class-Libraries

		public void AddRange (X509Certificate [] value) 
		{
			if (value == null)
				throw new ArgumentNullException ("value");

			for (int i = 0; i < value.Length; i++) 
				InnerList.Add (value [i]);
		}

Esempio n. 20

File: BroadcastRevocationHandler.cs Progetto: pstjuste/brunet

 /// <summary>True upon a non-revoked certificate, an exception otherwise.</summary>
 public bool Verify(X509Certificate x509, Brunet.Messaging.ISender sender)
 {
   Certificate cert = new Certificate(x509.RawData);
   if(!_revoked_users.Contains(cert.Subject.Name)) {
     return true;
   }
   throw new Exception("User has been revoked!");
 }

Esempio n. 21

        internal PublicKey(MSX.X509Certificate certificate)
        {
            // note: _key MUSTonly contains the public part of the key
            bool export_required = true;

            if (certificate.KeyAlgorithm == rsaOid)
            {
#if !MOONLIGHT
                // shortcut export/import in the case the private key isn't available
                RSACryptoServiceProvider rcsp = (certificate.RSA as RSACryptoServiceProvider);
                if ((rcsp != null) && rcsp.PublicOnly)
                {
                    _key            = certificate.RSA;
                    export_required = false;
                }
                else
#endif
                {
                    RSAManaged rsam = (certificate.RSA as RSAManaged);
                    if ((rsam != null) && rsam.PublicOnly)
                    {
                        _key            = certificate.RSA;
                        export_required = false;
                    }
                }

                if (export_required)
                {
                    RSAParameters rsap = certificate.RSA.ExportParameters(false);
                    _key = RSA.Create();
                    (_key as RSA).ImportParameters(rsap);
                }
            }
            else
            {
#if !MOONLIGHT
                // shortcut export/import in the case the private key isn't available
                DSACryptoServiceProvider dcsp = (certificate.DSA as DSACryptoServiceProvider);
                if ((dcsp != null) && dcsp.PublicOnly)
                {
                    _key            = certificate.DSA;
                    export_required = false;
                }
                // note: DSAManaged isn't available in Mono.Security due to a bug in Fx 1.x

                if (export_required)
                {
                    DSAParameters rsap = certificate.DSA.ExportParameters(false);
                    _key = DSA.Create();
                    (_key as DSA).ImportParameters(rsap);
                }
#endif
            }

            _oid      = new Oid(certificate.KeyAlgorithm);
            _keyValue = new AsnEncodedData(_oid, certificate.PublicKey);
            _params   = new AsnEncodedData(_oid, certificate.KeyAlgorithmParameters);
        }

Esempio n. 22

        public ServerContext(
            SslServerStream stream,
            SecurityProtocolType securityProtocolType,
            X509Certificate serverCertificate,
            bool clientCertificateRequired,
            bool requestClientCertificate)
            : base(securityProtocolType)
        {
            this.sslStream = stream;
            this.clientCertificateRequired  = clientCertificateRequired;
            this.request_client_certificate = requestClientCertificate;

            // Convert the System.Security cert to a Mono Cert
            MonoX509.X509Certificate cert = new MonoX509.X509Certificate(serverCertificate.GetRawCertData());

            // Add server certificate to the certificate collection
            this.ServerSettings.Certificates = new MonoX509.X509CertificateCollection();
            this.ServerSettings.Certificates.Add(cert);

            this.ServerSettings.UpdateCertificateRSA();

            if (CertificateValidationHelper.SupportsX509Chain)
            {
                // Build the chain for the certificate and if the chain is correct, add all certificates
                // (except the root certificate [FIRST ONE] ... the client is supposed to know that one,
                // otherwise the whole concept of a trusted chain doesn't work out ...
                MonoX509.X509Chain chain = new MonoX509.X509Chain(MonoX509.X509StoreManager.IntermediateCACertificates);

                if (chain.Build(cert))
                {
                    for (int j = chain.Chain.Count - 1; j > 0; j--)
                    {
                        ServerSettings.Certificates.Add(chain.Chain [j]);
                    }
                }
            }

            // Add requested certificate types
            ServerSettings.CertificateTypes = new ClientCertificateType [ServerSettings.Certificates.Count];
            for (int j = 0; j < this.ServerSettings.CertificateTypes.Length; j++)
            {
                ServerSettings.CertificateTypes [j] = ClientCertificateType.RSA;
            }

            if (CertificateValidationHelper.SupportsX509Chain)
            {
                // Add certificate authorities
                MonoX509.X509CertificateCollection trusted = MonoX509.X509StoreManager.TrustedRootCertificates;
                string[] list = new string [trusted.Count];
                int      i    = 0;
                foreach (MonoX509.X509Certificate root in trusted)
                {
                    list [i++] = root.IssuerName;
                }
                this.ServerSettings.DistinguisedNames = list;
            }
        }

Esempio n. 23

File: X509ExtensionCollection.cs Progetto: parvez2014/MutationInjectionFramework

        internal X509ExtensionCollection(MX.X509Certificate cert)
        {
            _list = new ArrayList(cert.Extensions.Count);
            if (cert.Extensions.Count == 0)
            {
                return;
            }

#if !MOONLIGHT
            object[] parameters = new object [2];
#endif
            foreach (MX.X509Extension ext in cert.Extensions)
            {
                bool   critical = ext.Critical;
                string oid      = ext.Oid;
                byte[] raw_data = null;
                // extension data is embedded in an octet stream (4)
                ASN1 value = ext.Value;
                if ((value.Tag == 0x04) && (value.Count > 0))
                {
                    raw_data = value [0].GetBytes();
                }

                X509Extension newt = null;
#if MOONLIGHT
                // non-extensible
                switch (oid)
                {
                case "2.5.29.14":
                    newt = new X509SubjectKeyIdentifierExtension(new AsnEncodedData(oid, raw_data), critical);
                    break;

                case "2.5.29.15":
                    newt = new X509KeyUsageExtension(new AsnEncodedData(oid, raw_data), critical);
                    break;

                case "2.5.29.19":
                    newt = new X509BasicConstraintsExtension(new AsnEncodedData(oid, raw_data), critical);
                    break;

                case "2.5.29.37":
                    newt = new X509EnhancedKeyUsageExtension(new AsnEncodedData(oid, raw_data), critical);
                    break;
                }
#else
                parameters [0] = new AsnEncodedData(oid, raw_data);
                parameters [1] = critical;
                newt           = (X509Extension)CryptoConfig.CreateFromName(oid, parameters);
#endif
                if (newt == null)
                {
                    // not registred in CryptoConfig, using default
                    newt = new X509Extension(oid, raw_data, critical);
                }
                _list.Add(newt);
            }
        }

Esempio n. 24

File: SymphonyVerification.cs Progetto: hseom/brunet

 public bool Verify(X509Certificate certificate, ISender sender)
 {
   AHSender ahsender = sender as AHSender;
   if(ahsender == null) {
     return true;
   }
   
   return CertificateHandler.Verify(certificate, ahsender.Destination.ToString());
 }

Esempio n. 25

 private bool IsSignedWith(X509Certificate2 signed, AsymmetricAlgorithm pubkey)
 {
     if (pubkey == null)
     {
         return(false);
     }
     Mono.Security.X509.X509Certificate monoCertificate = signed.MonoCertificate;
     return(monoCertificate.VerifySignature(pubkey));
 }

Esempio n. 26

File: X509Helper.cs Progetto: Profit0004/mono

		public static X509CertificateImpl InitFromHandle (IntPtr handle)
		{
			// both Marshal.PtrToStructure and Marshal.Copy use LinkDemand (so they will always success from here)
			CertificateContext cc = (CertificateContext) Marshal.PtrToStructure (handle, typeof (CertificateContext));
			byte[] data = new byte [cc.cbCertEncoded];
			Marshal.Copy (cc.pbCertEncoded, data, 0, (int)cc.cbCertEncoded);
			var x509 = new MX.X509Certificate (data);
			return new X509CertificateImplMono (x509);
		}

Esempio n. 27

        override public bool AddCACertificate(mx509.X509Certificate cert)
        {
            if (!base.AddCACertificate(cert))
            {
                return(false);
            }

            Store.AddTrusted(MonoX509ToOpenSsl(cert));
            return(true);
        }

Esempio n. 28

        public static ox509.X509Certificate MonoX509ToOpenSsl(mx509.X509Certificate cert)
        {
            BIO bio = BIO.MemoryBuffer(true);

            bio.Write(cert.RawData);
            var ocert = ox509.X509Certificate.FromDER(bio);

            bio.Dispose();
            return(ocert);
        }

Esempio n. 29

        public TlsConfiguration(TlsProtocols protocols, TlsSettings settings, MX.X509Certificate certificate, AsymmetricAlgorithm privateKey)
        {
            supportedProtocols = protocols;
            requestedProtocol  = CheckProtocol(ref supportedProtocols, true);
            UserSettings       = settings ?? new TlsSettings();
            Certificate        = certificate;
            PrivateKey         = privateKey;

            RenegotiationFlags = DefaultRenegotiationFlags;
        }

Esempio n. 30

File: X509Chain.cs Progetto: parvez2014/MutationInjectionFramework

 private bool IsSignedWith(X509Certificate2 signed, AsymmetricAlgorithm pubkey)
 {
     if (pubkey == null)
     {
         return(false);
     }
     // Sadly X509Certificate2 doesn't expose the signature nor the tbs (to be signed) structure
     MX.X509Certificate mx = signed.MonoCertificate;
     return(mx.VerifySignature(pubkey));
 }

Esempio n. 31

        override public bool AddSignedCertificate(mx509.X509Certificate cert)
        {
            if (!base.AddSignedCertificate(cert))
            {
                return(false);
            }

            _local_certificate = MonoX509ToOpenSsl(cert);
            return(true);
        }

Esempio n. 32

File: X509Certificate2.cs Progetto: eeevans/mono4galileo

        private MX.X509Certificate ImportPkcs12(byte[] rawData, string password)
        {
            MX.PKCS12 pfx = null;
            if (string.IsNullOrEmpty(password))
            {
                try {
                    // Support both unencrypted PKCS#12..
                    pfx = new MX.PKCS12(rawData, (string)null);
                } catch {
                    // ..and PKCS#12 encrypted with an empty password
                    pfx = new MX.PKCS12(rawData, string.Empty);
                }
            }
            else
            {
                pfx = new MX.PKCS12(rawData, password);
            }

            if (pfx.Certificates.Count == 0)
            {
                // no certificate was found
                return(null);
            }
            else if (pfx.Keys.Count == 0)
            {
                // no key were found - pick the first certificate
                return(pfx.Certificates [0]);
            }
            else
            {
                // find the certificate that match the first key
                MX.X509Certificate cert = null;
                var    keypair          = (pfx.Keys [0] as AsymmetricAlgorithm);
                string pubkey           = keypair.ToXmlString(false);
                foreach (var c in pfx.Certificates)
                {
                    if (((c.RSA != null) && (pubkey == c.RSA.ToXmlString(false))) ||
                        ((c.DSA != null) && (pubkey == c.DSA.ToXmlString(false))))
                    {
                        cert = c;
                        break;
                    }
                }
                if (cert == null)
                {
                    cert = pfx.Certificates [0];                     // no match, pick first certificate without keys
                }
                else
                {
                    cert.RSA = (keypair as RSA);
                    cert.DSA = (keypair as DSA);
                }
                return(cert);
            }
        }

Esempio n. 33

 public void SetCertificate(MX.X509Certificate certificate, AsymmetricAlgorithm privateKey)
 {
     Certificate = certificate;
                 #if !BOOTSTRAP_BASIC
     if (PrivateKey != null && PrivateKey != privateKey)
     {
         PrivateKey.Dispose();
     }
                 #endif
     PrivateKey = privateKey;
 }

Esempio n. 34

        void MustFallback()
        {
            ThrowIfContextInvalid();
            if (fallback != null)
            {
                return;
            }
            var mxCert = new MX.X509Certificate(GetRawCertData());

            fallback = new X509CertificateImplMono(mxCert);
        }

Esempio n. 35

File: TlsClientSettings.cs Progetto: Hengle/JellyTerain

 public void UpdateCertificateRSA()
 {
     if (clientCertificate == null)
     {
         certificateRSA = null;
         return;
     }
     Mono.Security.X509.X509Certificate x509Certificate = new Mono.Security.X509.X509Certificate(clientCertificate.GetRawCertData());
     certificateRSA = new RSAManaged(x509Certificate.RSA.KeySize);
     certificateRSA.ImportParameters(x509Certificate.RSA.ExportParameters(includePrivateParameters: false));
 }

Esempio n. 36

File: CertificateMaker.cs Progetto: twchoi/tmp-brunet-deetoo

 public Certificate(X509Certificate Cert)
 {
   _x509 = Cert;
   _issuer = new DistinguishedName(Cert.IssuerName);
   _subject = new DistinguishedName(Cert.SubjectName);
   _signature = Cert.Signature;
   _serial_number = Cert.SerialNumber;
   _public_key = (RSACryptoServiceProvider) Cert.RSA;
   SubjectAltNameExtension sane = new SubjectAltNameExtension(Cert.Extensions[0]);
   _node_address = sane.UniformResourceIdentifiers[0];
 }

Esempio n. 37

        public static X509CertificateImpl InitFromHandleCore(IntPtr handle)
        {
            // both Marshal.PtrToStructure and Marshal.Copy use LinkDemand (so they will always success from here)
            CertificateContext cc = (CertificateContext)Marshal.PtrToStructure(handle, typeof(CertificateContext));

            byte[] data = new byte [cc.cbCertEncoded];
            Marshal.Copy(cc.pbCertEncoded, data, 0, (int)cc.cbCertEncoded);
            var x509 = new MX.X509Certificate(data);

            return(new X509CertificateImplMono(x509));
        }

Esempio n. 38

File: xmldsig.cs Progetto: nlhepler/mono

	static Mono.Security.X509.X509Certificate LoadCertificate (string filename) 
	{
		Mono.Security.X509.X509Certificate mx = null;
		if (File.Exists (filename)) {
			using (FileStream fs = File.OpenRead (filename)) {
				byte[] data = new byte [fs.Length];
				fs.Read (data, 0, data.Length);
				mx = new Mono.Security.X509.X509Certificate (data);
			}
		}
		return mx;
	}

Esempio n. 39

        // constructors

        // special constructor for Publisher (and related classes).
        // Dates strings are null
        internal X509Certificate(byte[] data, bool dates)
        {
            if (data != null)
            {
#if NET_2_0
                Import(data, (string)null, X509KeyStorageFlags.DefaultKeySet);
#else
                x509 = new Mono.Security.X509.X509Certificate(data);
#endif
                hideDates = !dates;
            }
        }

Esempio n. 40

File: X509Certificate.cs Progetto: zgramana/mono

 private void InitFromHandle(IntPtr handle)
 {
     if (handle != IntPtr.Zero)
     {
         // both Marshal.PtrToStructure and Marshal.Copy use LinkDemand (so they will always success from here)
         CertificateContext cc   = (CertificateContext)Marshal.PtrToStructure(handle, typeof(CertificateContext));
         byte[]             data = new byte [cc.cbCertEncoded];
         Marshal.Copy(cc.pbCertEncoded, data, 0, (int)cc.cbCertEncoded);
         x509 = new Mono.Security.X509.X509Certificate(data);
     }
     // for 1.x IntPtr.Zero results in an "empty" certificate instance
 }

Esempio n. 41

 public override void Reset()
 {
     _cert               = null;
     _archived           = false;
     _extensions         = null;
     _name               = String.Empty;
     _serial             = null;
     _publicKey          = null;
     issuer_name         = null;
     subject_name        = null;
     signature_algorithm = null;
     base.Reset();
 }

Esempio n. 42

File: Trusted.cs Progetto: 3di/3di-viewer-rei-libs

        public static byte[] CreateClientCert(string subjectName, byte[] rootKey, byte[] rootCert)
        {
            if (!subjectName.StartsWith("CN="))
                subjectName = "CN=" + subjectName;

            // Copy the root key since the PrivateKey constructor will blow away the data
            byte[] rootKeyCopy = new byte[rootKey.Length];
            Buffer.BlockCopy(rootKey, 0, rootKeyCopy, 0, rootKey.Length);

            // Load the server's private key and certificate
            PrivateKey pvk = new PrivateKey(rootKeyCopy, null);
            RSA issuerKey = pvk.RSA;
            X509Certificate issuerCert = new X509Certificate(rootCert);

            // Serial number MUST be positive
            byte[] sn = Guid.NewGuid().ToByteArray();
            if ((sn[0] & 0x80) == 0x80)
                sn[0] -= 0x80;

            ExtendedKeyUsageExtension eku = new ExtendedKeyUsageExtension();
            eku.KeyPurpose.Add("1.3.6.1.5.5.7.3.2"); // Indicates the cert is intended for client auth

            // Generate a client certificate signed by the server root CA
            X509CertificateBuilder cb = new X509CertificateBuilder(3);
            cb.SerialNumber = sn;
            cb.IssuerName = issuerCert.IssuerName;
            cb.NotBefore = DateTime.Now;
            cb.NotAfter = new DateTime(643445675990000000); // 12/31/2039 23:59:59Z
            cb.SubjectName = subjectName;
            cb.SubjectPublicKey = issuerKey;
            cb.Hash = "SHA1";
            cb.Extensions.Add(eku);
            byte[] clientCert = cb.Sign(issuerKey);

            // Generate a PKCS#12 file for the client containing the private key and certificate
            PKCS12 p12 = new PKCS12();
            p12.Password = null;

            ArrayList list = new ArrayList(4);
            // We use a fixed array to avoid endianess issues
            // (in case some tools requires the ID to be 1).
            list.Add(new byte[] { 1, 0, 0, 0 });
            Hashtable attributes = new Hashtable(1);
            attributes.Add(PKCS9.localKeyId, list);

            p12.AddCertificate(new X509Certificate(clientCert), attributes);
            p12.AddCertificate(issuerCert);
            p12.AddPkcs8ShroudedKeyBag(issuerKey, attributes);

            return p12.GetBytes();
        }

Esempio n. 43

File: ServerContext.cs Progetto: Profit0004/mono

		public ServerContext(
			SslServerStream			stream,
			SecurityProtocolType	securityProtocolType,
			X509Certificate			serverCertificate,
			bool					clientCertificateRequired,
			bool					requestClientCertificate)
			: base(securityProtocolType)
		{
			this.sslStream					= stream;
			this.clientCertificateRequired	= clientCertificateRequired;
			this.request_client_certificate	= requestClientCertificate;

			// Convert the System.Security cert to a Mono Cert
			MonoX509.X509Certificate cert = new MonoX509.X509Certificate(serverCertificate.GetRawCertData());

			// Add server certificate to the certificate collection
			this.ServerSettings.Certificates = new MonoX509.X509CertificateCollection();
			this.ServerSettings.Certificates.Add(cert);

			this.ServerSettings.UpdateCertificateRSA();

			if (CertificateValidationHelper.SupportsX509Chain) {
				// Build the chain for the certificate and if the chain is correct, add all certificates 
				// (except the root certificate [FIRST ONE] ... the client is supposed to know that one,
				// otherwise the whole concept of a trusted chain doesn't work out ... 
				MonoX509.X509Chain chain = new MonoX509.X509Chain (MonoX509.X509StoreManager.IntermediateCACertificates);

				if (chain.Build (cert)) {
					for (int j = chain.Chain.Count - 1; j > 0; j--)
						ServerSettings.Certificates.Add (chain.Chain [j]);
				}
			}

			// Add requested certificate types
			ServerSettings.CertificateTypes = new ClientCertificateType [ServerSettings.Certificates.Count];
			for (int j = 0; j < this.ServerSettings.CertificateTypes.Length; j++)
				ServerSettings.CertificateTypes [j] = ClientCertificateType.RSA;

			if (CertificateValidationHelper.SupportsX509Chain) {
				// Add certificate authorities
				MonoX509.X509CertificateCollection trusted = MonoX509.X509StoreManager.TrustedRootCertificates;
				string[] list = new string [trusted.Count];
				int i = 0;
				foreach (MonoX509.X509Certificate root in trusted) {
					list [i++] = root.IssuerName;
				}
				this.ServerSettings.DistinguisedNames = list;
			}
		}

Esempio n. 44

File: X509CrlTest.cs Progetto: calumjiao/Mono-Class-Libraries

		public void basicConstraintsCriticalcAFalseCACRL ()
		{
			X509Crl crl = new X509Crl (basicConstraintsCriticalcAFalseCACRL_crl);
			Assert.AreEqual (0, crl.Entries.Count, "Entries.Count");
			Assert.AreEqual (2, crl.Extensions.Count, "Extensions.Count");
			Assert.IsTrue (crl.IsCurrent, "IsCurrent"); // true till 2011
			Assert.AreEqual ("C=US, O=Test Certificates, CN=basicConstraints Critical cA False CA", crl.IssuerName, "IssuerName");
			Assert.AreEqual (634388218400000000, crl.NextUpdate.ToUniversalTime ().Ticks, "NextUpdate");
			Assert.AreEqual ("32-BC-12-1F-84-D0-B6-3E-72-A0-FB-D9-75-99-CA-E5-2A-05-09-E6-C8-27-74-47-1C-DC-0C-D4-9F-BC-9F-B2-62-25-B4-6D-5B-E5-0B-E8-2A-8E-07-EB-3E-6B-C5-1E-9A-D2-14-FD-89-5B-C3-10-BF-19-77-67-0A-33-45-1B-BC-6C-ED-AF-84-30-59-FB-7C-71-95-63-60-31-9B-9B-0A-EA-77-F1-70-F1-B9-2E-D1-A9-04-42-66-94-B9-54-48-DB-44-56-56-1A-57-5A-01-0E-7C-4D-D7-C0-1F-5C-6F-13-F5-A3-57-88-6A-9A-71-CD-D5-AE-C3-00-B1-28", BitConverter.ToString (crl.Signature), "Signature");
			Assert.AreEqual ("1.2.840.113549.1.1.5", crl.SignatureAlgorithm, "SignatureAlgorithm");
			Assert.AreEqual (631232890400000000, crl.ThisUpdate.ToUniversalTime ().Ticks, "ThisUpdate");
			Assert.AreEqual (2, crl.Version, "Version");

			X509Certificate cert = new X509Certificate (basicConstraintsCriticalcAFalseCACert_crt);
			// certificate has CA set to false
			Assert.IsFalse (crl.VerifySignature (cert), "VerifySignature(cert)");
			Assert.IsTrue (crl.VerifySignature (cert.RSA), "VerifySignature(RSA)");
		}

Esempio n. 45

File: X509Helper.Apple.cs Progetto: ItsVeryWindy/mono

		static X509CertificateImpl Import (byte[] rawData)
		{
			var handle = CFHelpers.CreateCertificateFromData (rawData);
			if (handle != IntPtr.Zero)
				return new X509CertificateImplApple (handle, true);

			MX.X509Certificate x509;
			try {
				x509 = new MX.X509Certificate (rawData);
			} catch (Exception e) {
				try {
					x509 = ImportPkcs12 (rawData, null);
				} catch {
					string msg = Locale.GetText ("Unable to decode certificate.");
					// inner exception is the original (not second) exception
					throw new CryptographicException (msg, e);
				}
			}

			return new X509CertificateImplMono (x509);
		}

Esempio n. 46

File: SymphonyVerification.cs Progetto: pstjuste/brunet

    public bool Verify(X509Certificate certificate, ISender sender)
    {
      Address addr = null;
      AHSender ahsender = sender as AHSender;
      if(ahsender != null) {
        addr = ahsender.Destination;
      } else {
        Edge edge = sender as Edge;
        if(edge != null) {
          Connection con = _ct.GetConnection(edge);
          if(con != null) {
            addr = con.Address;
          }
        }
      }

      if(addr == null) {
        return true;
      }
      return CertificateHandler.Verify(certificate, addr.ToString());
    }

Esempio n. 47

File: X509Certificate2.cs Progetto: nlhepler/mono

		public override void Import (byte[] rawData, string password, X509KeyStorageFlags keyStorageFlags)
		{
			MX.X509Certificate cert = null;
			if (password == null) {
				try {
					cert = new MX.X509Certificate (rawData);
				}
				catch (Exception e) {
					try {
						cert = ImportPkcs12 (rawData, null);
					}
					catch {
						string msg = Locale.GetText ("Unable to decode certificate.");
						// inner exception is the original (not second) exception
						throw new CryptographicException (msg, e);
					}
				}
			} else {
				// try PKCS#12
				try {
					cert = ImportPkcs12 (rawData, password);
				}
				catch {
					// it's possible to supply a (unrequired/unusued) password
					// fix bug #79028
					cert = new MX.X509Certificate (rawData);
				}
			}
			// we do not have to fully re-decode the certificate since X509Certificate does not deal with keys
			if (cert != null) {
				base.Import (cert.RawData, (string) null, keyStorageFlags);
				_cert = cert; // becuase base call will call Reset!
			}
		}

Esempio n. 48

File: X509Certificate2.cs Progetto: carrie901/mono

		public override void Import (byte[] rawData, string password, X509KeyStorageFlags keyStorageFlags)
		{
			base.Import (rawData, password, keyStorageFlags);
			if (password == null) {
				try {
					_cert = new Mono.Security.X509.X509Certificate (rawData);
				}
				catch (Exception e) {
					try {
						ImportPkcs12 (rawData, null);
					}
					catch {
						string msg = Locale.GetText ("Unable to decode certificate.");
						// inner exception is the original (not second) exception
						throw new CryptographicException (msg, e);
					}
				}
			} else {
				// try PKCS#12
				try {
					ImportPkcs12 (rawData, password);
				}
				catch {
					// it's possible to supply a (unrequired/unusued) password
					// fix bug #79028
					_cert = new Mono.Security.X509.X509Certificate (rawData);
				}
			}
		}

Esempio n. 49

File: CertificateMaker.cs Progetto: twchoi/tmp-brunet-deetoo

 public CertificateMaker(X509Certificate x509)
 {
   _subject = new DistinguishedName(x509.SubjectName);
   _public_key = (RSACryptoServiceProvider) x509.RSA;
   SubjectAltNameExtension sane = new SubjectAltNameExtension(x509.Extensions[0]);
   _node_address = sane.UniformResourceIdentifiers[0];
 }

Esempio n. 50

File: CertificateHandler.cs Progetto: twchoi/tmp-brunet-deetoo

 /// <summary>Adds a local signed public certificate to this CH.</summary>
 public bool AddSignedCertificate(X509Certificate cert) {
   MemBlock sn = MemBlock.Reference(cert.SerialNumber);
   lock(_sync) {
     _lc[sn] = cert;
     _lc_issuers.Add(sn);
   }
   return true;
 }

Esempio n. 51

File: CertificateHandler.cs Progetto: twchoi/tmp-brunet-deetoo

 /// <summary>Adds CA certificate to this CH.</summary>
 public bool AddCACertificate(X509Certificate cert) {
   MemBlock sn = MemBlock.Reference(cert.SerialNumber);
   lock(_sync) {
     _cas[sn] = cert;
     _supported_cas.Add(sn);
   }
   return true;
 }

Esempio n. 52

File: CertificateHandler.cs Progetto: twchoi/tmp-brunet-deetoo

    /// <summary>True if this certificate is signed by a CA whose cetificate
    /// we have, false otherwise.</summary>
    public bool Verify(X509Certificate x509) {
      MemBlock sn = MemBlock.Reference(x509.SerialNumber);
      lock(_sync) {
        if(!_cas.ContainsKey(sn)) {
          throw new Exception("Unsupported CA!");
        }
        if(!x509.VerifySignature(_cas[sn].RSA)) {
          throw new Exception("Unable to verify certificate, bad signature!");
        }
      }

      foreach(ICertificateVerification icv in _certificate_verifiers) {
        if(!icv.Verify(x509)) {
          throw new Exception("Certificate not valid, reason unsure");
        }
      }

      return true;
    }

Esempio n. 53

File: CertificateHandler.cs Progetto: twchoi/tmp-brunet-deetoo

    /// <summary>First makes sure we have a CA that supports this certificate,
    /// then looks through an x509 certificates SubjectAltName Extension's
    /// URI list to determine if the given URI (RemoteID) exists in the
    /// certificate.</summary>
    /// <param name="x509">The certificate to check</param>
    /// <param name="RemoteID">The URI to look for</param>
    /// <returns>True if the URI exists, false otherwise</returns>
    public virtual bool Verify(X509Certificate x509, string RemoteID) {
      if(!Verify(x509)) {
        throw new Exception("Invalid certificate!");
      }

      bool valid_address = false;
      foreach(X509Extension ex in x509.Extensions) {
        // SubjectAltName
        if(ex.Oid != "2.5.29.17") {
          continue;
        }
        SubjectAltNameExtension sane = new SubjectAltNameExtension(ex);
        foreach(string uri in sane.UniformResourceIdentifiers) {
          if(uri == RemoteID) {
            valid_address = true;
            break;
          }
        }
        if(valid_address) {
          break;
        }
      }
      if(!valid_address) {
        throw new Exception("Missing a valid SubjectAltName!");
      }

      return true;
    }

Esempio n. 54

File: X509Helper.cs Progetto: Profit0004/mono

		public static X509CertificateImpl Import (byte[] rawData, string password, X509KeyStorageFlags keyStorageFlags)
		{
			MX.X509Certificate x509;
			if (password == null) {
				try {
					x509 = new MX.X509Certificate (rawData);
				} catch (Exception e) {
					try {
						x509 = ImportPkcs12 (rawData, null);
					} catch {
						string msg = Locale.GetText ("Unable to decode certificate.");
						// inner exception is the original (not second) exception
						throw new CryptographicException (msg, e);
					}
				}
			} else {
				// try PKCS#12
				try {
					x509 = ImportPkcs12 (rawData, password);
				}
				catch {
					// it's possible to supply a (unrequired/unusued) password
					// fix bug #79028
					x509 = new MX.X509Certificate (rawData);
				}
			}

			return new X509CertificateImplMono (x509);
		}

Esempio n. 55

File: X509Certificate2.cs Progetto: nlhepler/mono

		// constructors

		public X509Certificate2 ()
		{
			_cert = null;
		}

Esempio n. 56

File: X509Helper.cs Progetto: Profit0004/mono

		public static X509CertificateImpl InitFromCertificate (X509CertificateImpl impl)
		{
			ThrowIfContextInvalid (impl);
			var copy = impl.Clone ();
			if (copy != null)
				return copy;

			var data = impl.GetRawCertData ();
			if (data == null)
				return null;

			var x509 = new MX.X509Certificate (data);
			return new X509CertificateImplMono (x509);
		}

Esempio n. 57

File: X509Certificate2.cs Progetto: nlhepler/mono

		public X509Certificate2 (X509Certificate certificate) 
			: base (certificate)
		{
			_cert = new MX.X509Certificate (base.GetRawCertData ());
		}

Esempio n. 58

File: X509Certificate2.cs Progetto: nlhepler/mono

		public X509Certificate2 (IntPtr handle) : base (handle) 
		{
			_cert = new MX.X509Certificate (base.GetRawCertData ());
		}

Esempio n. 59

File: cert-sync.cs Progetto: ItsVeryWindy/mono

		static string Thumbprint (string algorithm, X509Certificate certificate)
		{
			HashAlgorithm hash = HashAlgorithm.Create (algorithm);
			byte[] digest = hash.ComputeHash (certificate.RawData);
			return BitConverter.ToString (digest);
		}

Esempio n. 60

File: X509Certificate2.cs Progetto: nlhepler/mono

		public override void Reset () 
		{
			_cert = null;
			_archived = false;
			_extensions = null;
			_name = String.Empty;
			_serial = null;
			_publicKey = null;
			issuer_name = null;
			subject_name = null;
			signature_algorithm = null;
			base.Reset ();
		}