コード例 #1
0
 // 在生成的代理类中添加RemoteCertificateValidate函数
 private static bool RemoteCertificateValidate(object sender, X509Certificate cert,X509Chain chain, SslPolicyErrors error)
 {
     //System.Console.WriteLine("Warning, trust any certificate");
     //MessageBox.Show("Warning, trust any certificate");
     //为了通过证书验证,总是返回true
     return true;
 }
コード例 #2
0
        public static bool ServerCertificateValidationCallback(
                    Object obj,
                    X509Certificate certificate,
                    X509Chain chain,
                    SslPolicyErrors errors)
        {
            bool result = false;

            HttpWebRequest request = obj as HttpWebRequest;
            if (request != null)
            {
                // Check for allowed UserAgent
                lock (CertificateValidationHelper.uaLock)
                {
                    if (CertificateValidationHelper.allowedUserAgents.Contains(request.UserAgent))
                    {
                        result = true;
                    }
                }

                // Check for allowed Url
                lock (CertificateValidationHelper.urlLock)
                {
                    if (CertificateValidationHelper.allowedUrls.Contains(request.RequestUri))
                    {
                        result = true;
                    }
                }
            }

            return result;
        }
コード例 #3
0
        /// <summary>
        /// Verifies the remote Secure Sockets Layer (SSL) certificate used for authentication.
        /// </summary>
        /// <param name="sender">An object that contains state information for this validation.</param>
        /// <param name="certificate">The certificate used to authenticate the remote party.</param>
        /// <param name="chain">The chain of certificate authorities associated with the remote certificate.</param>
        /// <param name="sslPolicyErrors">One or more errors associated with the remote certificate.</param>
        /// <returns>A Boolean value that determines whether the specified certificate is accepted for authentication.</returns>
        public bool Validate(object sender, X509Certificate certificate, [NotNull] X509Chain chain, SslPolicyErrors sslPolicyErrors)
        {
            if (sslPolicyErrors != SslPolicyErrors.None)
            {
                return false;
            }

            if (chain.ChainElements.Count < 2)
            {
                // Self signed.
                return false;
            }

            foreach (var chainElement in chain.ChainElements)
            {
                string subjectKeyIdentifier = GetSubjectKeyIdentifier(chainElement.Certificate);
                if (string.IsNullOrWhiteSpace(subjectKeyIdentifier))
                {
                    continue;
                }

                if (_validSubjectKeyIdentifiers.Contains(subjectKeyIdentifier))
                {
                    return true;
                }
            }

            return false;
        }
コード例 #4
0
 /// <summary>
 /// Initializes a new instance of the <see cref="CheckCertificateEventArgs"/> class.
 /// </summary>
 /// <param name="certificate">The certificate.</param>
 /// <param name="chain">The chain.</param>
 /// <param name="sslpolicyerrors">The sslpolicyerrors.</param>
 public CheckCertificateEventArgs(X509Certificate certificate, X509Chain chain, SslPolicyErrors sslpolicyerrors)
 {
     Certificate = certificate;
     Chain = chain;
     Sslpolicyerrors = sslpolicyerrors;
     IsValid = true;
 }
コード例 #5
0
ファイル: AppUtils.cs プロジェクト: GUIpsp/MultiMC
		private static bool CertCheck(object sender, 
		                              X509Certificate cert, 
		                              X509Chain chain, 
		                              SslPolicyErrors error)
		{
#if !BYPASS_SSL_CHECK
			if (cert == null)
			{
				Console.WriteLine("Warning: Certificate is null!");
				return false;
			}
			
			FileStream stream = Assembly.GetCallingAssembly().GetFile("PublicKey");
			byte[] bytes = new byte[stream.Length];
			stream.Read(bytes, 0, bytes.Length);
			
			if (bytes.Length < cert.GetPublicKey().Length)
				return false;
			
			for (int i = 0; i < bytes.Length; i++)
			{
				if (bytes[i] != cert.GetPublicKey()[i])
				{
					return false;
				}
			}
#endif
			return true;
		}
コード例 #6
0
        private static bool ShouldByPassValidationError(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
        {
            var request = sender as HttpWebRequest;

            if (request == null)
            {
                return true;
            }

            var req = sender as HttpWebRequest;
            var cert2 = certificate as X509Certificate2;
            if (cert2 != null && req != null && cert2.SignatureAlgorithm.FriendlyName == "md5RSA")
            {
                Logger.Error("https://{0} uses the obsolete md5 hash in it's https certificate, if that is your certificate, please (re)create certificate with better algorithm as soon as possible.", req.RequestUri.Authority);
            }

            if (sslPolicyErrors == SslPolicyErrors.None)
            {
                return true;
            }

            Logger.Debug("Certificate validation for {0} failed. {1}", request.Address, sslPolicyErrors);

            return true;
        }
コード例 #7
0
        /// <summary>
        /// Validates at least one SPKI hash is known.
        /// </summary>
        /// <param name="sender">An object that contains state information for this validation.</param>
        /// <param name="certificate">The certificate used to authenticate the remote party.</param>
        /// <param name="chain">The chain of certificate authorities associated with the remote certificate.</param>
        /// <param name="sslPolicyErrors">One or more errors associated with the remote certificate.</param>
        /// <returns>A Boolean value that determines whether the specified certificate is accepted for authentication.</returns>
        public bool Validate(object sender, X509Certificate certificate, [NotNull] X509Chain chain, SslPolicyErrors sslPolicyErrors)
        {
            if (sslPolicyErrors != SslPolicyErrors.None)
            {
                return false;
            }

            if (chain.ChainElements.Count < 2)
            {
                return false;
            }

            using (HashAlgorithm algorithm = CreateHashAlgorithm())
            {
                foreach (var chainElement in chain.ChainElements)
                {
                    X509Certificate2 chainedCertificate = chainElement.Certificate;
                    string base64Spki = Convert.ToBase64String(algorithm.ComputeHash(ExtractSpkiBlob(chainedCertificate)));
                    if (_validBase64EncodedSubjectPublicKeyInfoHashes.Contains(base64Spki))
                    {
                        return true;
                    }
                }
            }

            return false;
        }
コード例 #8
0
 internal bool CheckErrors(string hostName, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
 {
     if (sslPolicyErrors == SslPolicyErrors.None)
     {
         return this.Accept(certificate, 0);
     }
     if ((sslPolicyErrors & SslPolicyErrors.RemoteCertificateNotAvailable) != SslPolicyErrors.None)
     {
         return this.Accept(certificate, -2146762491);
     }
     if (((sslPolicyErrors & SslPolicyErrors.RemoteCertificateChainErrors) != SslPolicyErrors.None) || ((sslPolicyErrors & SslPolicyErrors.RemoteCertificateNameMismatch) != SslPolicyErrors.None))
     {
         bool fatalError = false;
         uint[] numArray = this.GetChainErrors(hostName, chain, ref fatalError);
         if (fatalError)
         {
             this.Accept(certificate, -2146893052);
             return false;
         }
         if (numArray.Length == 0)
         {
             return this.Accept(certificate, 0);
         }
         foreach (uint num in numArray)
         {
             if (!this.Accept(certificate, (int) num))
             {
                 return false;
             }
         }
     }
     return true;
 }
コード例 #9
0
 internal RemoteCertificateValidationFailedEventArgs(X509Certificate certificate, X509Chain chain, SslPolicyErrors error)
 {
     Chain = chain;
     Certificate = certificate;
     PolicyError = error;
     IsCancelled = true;
 }
コード例 #10
0
        /// <summary>
        /// Configures the rabbit mq client connection for Sll properties.
        /// </summary>
        /// <param name="builder">Builder with appropriate properties set.</param>
        /// <returns>A connection factory builder</returns>
        /// <remarks>
        /// SSL configuration in Rabbit MQ is a complex topic.  In order to ensure that rabbit can work without client presenting a client certificate
        /// and working just like an SSL enabled web-site which does not require certificate you need to have the following settings in your rabbitmq.config
        /// file.
        ///      {ssl_options, [{cacertfile,"/path_to/cacert.pem"},
        ///            {certfile,"/path_to/server/cert.pem"},
        ///            {keyfile,"/path_to/server/key.pem"},
        ///            {verify,verify_none},
        ///            {fail_if_no_peer_cert,false}]}
        /// The last 2 lines are the important ones.
        /// </remarks>
        public ConnectionFactoryBuilder Configure(ConnectionFactoryBuilder builder)
        {
            builder.Add(connectionFactory =>
                {
                    connectionFactory.Ssl.Enabled = true;
                    if (!_clientCertificateRequired)
                    {
                        // These properties need to be set as empty for the Rabbit MQ client. Null's cause an exception in the client library.
                        connectionFactory.Ssl.CertPath = string.Empty;
                        connectionFactory.Ssl.CertPassphrase = string.Empty;
                        connectionFactory.Ssl.ServerName = string.Empty;
                        // Because no client certificate is present we must allow the remote certificate name mismatch for the connection to succeed.
                        _acceptablePolicyErrors = _acceptablePolicyErrors
                                                  | SslPolicyErrors.RemoteCertificateNameMismatch;
                    }
                    else
                    {
                        connectionFactory.Ssl.CertPath = _certificatePath;
                        connectionFactory.Ssl.CertPassphrase = _passphrase;
                        connectionFactory.Ssl.ServerName = _serverName;
                    }
                    connectionFactory.Ssl.AcceptablePolicyErrors = _acceptablePolicyErrors;
                    connectionFactory.Ssl.Version = SslProtocols.Tls;

                    return connectionFactory;
                });

            return builder;
        }
コード例 #11
0
		public virtual X509Chain ComputeX509Chain (XX509CertificateCollection certs, ref SslPolicyErrors errors, ref int status11)
		{
#if MOBILE
			return null;
#else
			if (is_macosx)
				return null;

			var chain = new X509Chain ();
			chain.ChainPolicy = new X509ChainPolicy ();

			chain.ChainPolicy.RevocationMode = revocation_mode;

			for (int i = 1; i < certs.Count; i++) {
				chain.ChainPolicy.ExtraStore.Add (certs [i]);
			}

			var leaf = (X509Certificate2)certs [0];

			try {
				if (!chain.Build (leaf))
					errors |= GetErrorsFromChain (chain);
			} catch (Exception e) {
				Console.Error.WriteLine ("ERROR building certificate chain: {0}", e);
				Console.Error.WriteLine ("Please, report this problem to the Mono team");
				errors |= SslPolicyErrors.RemoteCertificateChainErrors;
			}

			status11 = GetStatusFromChain (chain);

			return chain;
#endif
		}
 private static bool OnValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
 {
     HttpWebRequest key = sender as HttpWebRequest;
     if (key != null)
     {
         string str;
         lock (serverCertMap)
         {
             serverCertMap.TryGetValue(key, out str);
         }
         if (str != null)
         {
             try
             {
                 ValidateServerCertificate(certificate, str);
             }
             catch (SecurityNegotiationException exception)
             {
                 if (DiagnosticUtility.ShouldTraceInformation)
                 {
                     DiagnosticUtility.ExceptionUtility.TraceHandledException(exception, TraceEventType.Information);
                 }
                 return false;
             }
         }
     }
     if (chainedServerCertValidationCallback == null)
     {
         return (sslPolicyErrors == SslPolicyErrors.None);
     }
     return chainedServerCertValidationCallback(sender, certificate, chain, sslPolicyErrors);
 }
コード例 #13
0
ファイル: YMSGConnection.Utils.cs プロジェクト: klog/ycs
 bool ValidateServerCertificate(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors errors)
 {
     if (errors == 0)
         return true;
     this.OnNotify(new YMSGNotification(Resources._1002, null) { NotificationType = YMSGNotificationTypes.Information });
     return false;
 }
コード例 #14
0
 public static bool RemoteCertificateValidationCallback(object sender,
                                         X509Certificate certificate,
                                         X509Chain chain,
                                         SslPolicyErrors sslPolicyErrors)
 {
     return true;
 }
コード例 #15
0
		static bool BuildX509Chain (XX509CertificateCollection certs, X509Chain chain, ref SslPolicyErrors errors, ref int status11)
		{
#if MOBILE
			return false;
#else
			if (is_macosx)
				return false;

			var leaf = (X509Certificate2)certs [0];

			bool ok;
			try {
				ok = chain.Build (leaf);
				if (!ok)
					errors |= GetErrorsFromChain (chain);
			} catch (Exception e) {
				Console.Error.WriteLine ("ERROR building certificate chain: {0}", e);
				Console.Error.WriteLine ("Please, report this problem to the Mono team");
				errors |= SslPolicyErrors.RemoteCertificateChainErrors;
				ok = false;
			}

			try {
				status11 = GetStatusFromChain (chain);
			} catch {
				status11 = -2146762485; // TRUST_E_FAIL - generic
			}

			return ok;
#endif
		}
コード例 #16
0
ファイル: Downloader.cs プロジェクト: cmr/VisualRust
        private static bool ValidateCertificate(Object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
        {
            if (sslPolicyErrors != SslPolicyErrors.None)
            {
                return false;
            }

            var cert2 = new X509Certificate2(certificate);
            var time = System.DateTime.Now;

            if (time > cert2.NotAfter || time < cert2.NotBefore)
            {
                // expiry
                return false;
            }

            var der_encoded = certificate.Export(X509ContentType.Cert);
            var hash = SHA256.Create().ComputeHash(der_encoded);
            var received_fingerprint = BitConverter.ToString(hash).Replace('-', ':');

            foreach (String fingerprint in Sha256Fingerprints)
            {
                if (fingerprint == received_fingerprint) { return true; }
            }

            return false;
        }
コード例 #17
0
		private bool ValidateRemoteCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
		{
			IsAuthenticatedByDane = false;

			switch (_tlsaRecords.ValidationResult)
			{
				case DnsSecValidationResult.Signed:
					if (_tlsaRecords.Records.Count == 0)
						return !_enforceTlsaValidation && (sslPolicyErrors == SslPolicyErrors.None);

					foreach (var tlsaRecord in _tlsaRecords.Records)
					{
						if (ValidateCertificateByTlsa(tlsaRecord, certificate, chain, sslPolicyErrors))
						{
							IsAuthenticatedByDane = true;
							return true;
						}
					}

					return false;

				case DnsSecValidationResult.Bogus:
					return false;

				default:
					return !_enforceTlsaValidation && (sslPolicyErrors == SslPolicyErrors.None);
			}
		}
コード例 #18
0
		/// <summary>
		/// Certificate validation callback to accepts any SSL certificate.
		/// </summary>
		public static bool AnyCertificateValidationCallback(Object sender,
      		X509Certificate certificate,
      		X509Chain chain,
      		SslPolicyErrors sslPolicyErrors) {
			Console.WriteLine("Any Certificate Validation Callback");
        	return true;
		}
コード例 #19
0
        public bool OnValidationCallback(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors errors)
        {
            if (errors.ToString() != "None")
            {
                MessageBox.Show("Please click yes on the next dialog box.\nThis will allow us to install the Net7 certificate.", "Certificate Install",
                    MessageBoxButtons.OK, MessageBoxIcon.Exclamation);

                try
                {
                    X509Store Certificate = new X509Store(StoreName.Root);

                    X509Certificate2 cert2 = new X509Certificate2(cert);

                    Certificate.Open(OpenFlags.ReadWrite);

                    // Add Certificate
                    Certificate.Add(cert2);
                    Certificate.Close();
                }
                catch (Exception e)
                {
                    MessageBox.Show("Error installing certificate: " + e.ToString());
                }
            }
            else
            {
                MessageBox.Show("Certificate is installed!");
            }

            // Remove this message
            ServicePointManager.ServerCertificateValidationCallback = null;

            return true;
        }
コード例 #20
0
ファイル: Program.cs プロジェクト: Tsarpf/Mobile-MMO
        // The following method is invoked by the RemoteCertificateValidationDelegate.
        public static bool ValidateServerCertificate(
			  object sender,
			  X509Certificate certificate,
			  X509Chain chain,
			  SslPolicyErrors sslPolicyErrors)
        {
            if(sslPolicyErrors == SslPolicyErrors.None)
            {
                return true;
            }

            byte[] receivedCertificateHash = certificate.GetCertHash();
            //If length differs, obviously different hash.
            if(receivedCertificateHash.Length != hardCodedServerCertificateHash.Length)
            {
                return false;
            }

            //Check that each byte is the same
            for (int i = 0; i < hardCodedServerCertificateHash.Length; i++)
            {
                if(receivedCertificateHash[i] != hardCodedServerCertificateHash[i])
                {
                    return false;
                }
            }

            //Equality of the certificates confirmed.
            return true;
        }
コード例 #21
0
 static bool OnValidateCertificate (
     object sender, X509Certificate certificate,
     X509Chain chain,
     SslPolicyErrors sslPolicyErrors)
 {
     return true;
 }
コード例 #22
0
 public RabbitMqSslConfigurator(RabbitMqHostSettings settings)
 {
     CertificatePath = settings.ClientCertificatePath;
     CertificatePassphrase = settings.ClientCertificatePassphrase;
     ServerName = settings.SslServerName;
     _acceptablePolicyErrors = settings.AcceptablePolicyErrors | SslPolicyErrors.RemoteCertificateChainErrors;
 }
コード例 #23
0
ファイル: Security.cs プロジェクト: jamesbtate/echosync
        public static bool ManuallyVerifyCA(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
        {
            Console.WriteLine("ManuallyVerifyCA");
            bool isValid = false;
            if (sslPolicyErrors == SslPolicyErrors.None) return true;
            if (sslPolicyErrors == SslPolicyErrors.RemoteCertificateNameMismatch) return true;
            if (sslPolicyErrors == SslPolicyErrors.RemoteCertificateChainErrors || (int)sslPolicyErrors == (int)SslPolicyErrors.RemoteCertificateNameMismatch + (int)SslPolicyErrors.RemoteCertificateChainErrors)
            {
                try
                {
                    X509Chain chain0 = new X509Chain();
                    chain0.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
                    // add all your extra certificate chain
                    chain0.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
                    Console.WriteLine("tits buckets");
                    chain0.ChainPolicy.ExtraStore.Add(new X509Certificate2("..\\..\\..\\ca.p7b"));
                    Console.WriteLine("piss buckets");
                    isValid = chain0.Build((X509Certificate2)certificate);
                    if (isValid) return true;
                }
                catch (Exception e)
                {
                    Console.WriteLine("sslPolicyErrors: {0}", e.Message);
                    return false;
                }
            }

            Console.WriteLine("Certificate error: {0}", sslPolicyErrors);
            return false;
        }
コード例 #24
0
		public bool ValidateServerCertficate (object sender, X509Certificate receivedCertificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
		{
			if (originalServerCertificate == null) {
				return false;
			} else {

				if (receivedCertificate.Subject.IndexOf(".xamarin.com", 0, StringComparison.CurrentCultureIgnoreCase) == -1) { //not a call to an Xamarin server so verify certificate

					if (originalServerCertificate.Equals (receivedCertificate)) {
						return true;
					} else {
						//incorrect certificate found so notify user
						CertificateHelper.BytesOfServerCertificate = receivedCertificate.Export (X509ContentType.Cert);

						EventHandler handler = CertificateMismatchFound;
						if (handler != null) {
							handler (this, null);
						}
						return false;
					}
				} else {
					//Call to Xamarin (used for Xamarin.Insights) so accept
					return true;
				}
			}
		}
コード例 #25
0
		public bool ValidateServerCertficate (object sender, X509Certificate receivedCertificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
		{
			bool validRequest = true;

//			var enumerator = chain.ChainPolicy.ExtraStore.GetEnumerator();
//
//			while (enumerator.MoveNext ()) {
//				var pem = ExportToPEM (loop.Current);
//			}
//
			if (receivedCertificate.Subject.IndexOf (".xamarin.com", 0, StringComparison.CurrentCultureIgnoreCase) == -1) { //not a request to an Xamarin server so verify certificate
				//This is not an https request for Xamarin Insights

				if (originalRootCertificate == null) {
					validRequest = false;
				} else {
					//check if certificate chain contains original root certificate
					validRequest = chain.ChainPolicy.ExtraStore.Contains (originalRootCertificate);
				}
			}

			if (!validRequest) {
				EventHandler handler = CertificateMismatchFound;
				if (handler != null) {
					handler (this, null);
				}
			}

			return validRequest;
		}
コード例 #26
0
        private bool ValidateServerCertficate(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors sslPolicyErrors)
        {
            if (sslPolicyErrors == SslPolicyErrors.None)
                return true;

            if (m_acceptAll)
                return true;

            string certHash = null;

            try
            {
                certHash = Utility.ByteArrayAsHexString(cert.GetCertHash());
                if (certHash != null && m_validHashes != null)
                    foreach(var hash in m_validHashes)
                    {
                        if (!string.IsNullOrEmpty(hash) && certHash.Equals(hash, StringComparison.InvariantCultureIgnoreCase))
                        return true;
                    }
            }
            catch (Exception ex)
            {
                throw new Exception(Strings.SslCertificateValidator.VerifyCertificateHashError(ex, sslPolicyErrors), ex);
            }

            m_uncastException = new InvalidCertificateException(certHash, sslPolicyErrors);
            return false;
        }
コード例 #27
0
        private static bool CertificateValidationCallBack(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
        {
            if (sslPolicyErrors == SslPolicyErrors.None)
            {
                return true;
            }

            if ((sslPolicyErrors & SslPolicyErrors.RemoteCertificateChainErrors) != 0)
            {
                if (chain != null && chain.ChainStatus != null)
                {
                    foreach (var status in chain.ChainStatus)
                    {
                        if ((certificate.Subject == certificate.Issuer) &&
                           (status.Status == X509ChainStatusFlags.UntrustedRoot))
                        {
                            continue;
                        }
                        else
                        {
                            if (status.Status != X509ChainStatusFlags.NoError)
                            {
                                return false;
                            }
                        }
                    }
                }

                return true;
            }
            else
            {
                return false;
            }
        }
コード例 #28
0
        internal bool Invoke(string hostName,
                             ServicePoint servicePoint,
                             X509Certificate certificate,
                             WebRequest request,
                             X509Chain chain,
                             SslPolicyErrors sslPolicyErrors)
        {
            PolicyWrapper policyWrapper = new PolicyWrapper(m_CertificatePolicy,
                                                            servicePoint,
                                                            (WebRequest) request);

            if (m_Context == null)
            {
                return policyWrapper.CheckErrors(hostName,
                                                 certificate,
                                                 chain,
                                                 sslPolicyErrors);
            }
            else
            {
                ExecutionContext execContext = m_Context.CreateCopy();
                CallbackContext callbackContext = new CallbackContext(policyWrapper,
                                                                      hostName,
                                                                      certificate,
                                                                      chain,
                                                                      sslPolicyErrors);
                ExecutionContext.Run(execContext, Callback, callbackContext);
                return callbackContext.result;
            }
        }
コード例 #29
0
        /// <summary>
        /// Validates that the certificate thumbprints in the signing chain match at least one whitelisted thumbprint.
        /// </summary>
        /// <param name="sender">An object that contains state information for this validation.</param>
        /// <param name="certificate">The certificate used to authenticate the remote party.</param>
        /// <param name="chain">The chain of certificate authorities associated with the remote certificate.</param>
        /// <param name="sslPolicyErrors">One or more errors associated with the remote certificate.</param>
        /// <returns>A Boolean value that determines whether the specified certificate is accepted for authentication.</returns>
        public bool Validate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
        {
            if (sslPolicyErrors != SslPolicyErrors.None)
            {
                return false;
            }

            if (chain == null)
            {
                throw new ArgumentNullException("chain");
            }

            if (chain.ChainElements.Count < 2)
            {
                // Self signed.
                return false;
            }

            foreach (var chainElement in chain.ChainElements)
            {
                string thumbprintToCheck = chainElement.Certificate.Thumbprint;

                if (thumbprintToCheck == null)
                {
                    continue;
                }

                if (_validCertificateThumbprints.Contains(thumbprintToCheck))
                {
                    return true;
                }
            }

            return false;
        }
コード例 #30
0
ファイル: AndroidPlatform.cs プロジェクト: fplucas/mono
		internal static bool TrustEvaluateSsl (X509Certificate2Collection collection, object sender, X509Certificate2 certificate, X509Chain chain, SslPolicyErrors errors)
		{
			var certsRawData = new List <byte[]> (collection.Count);
			foreach (var cert in collection)
				certsRawData.Add (cert.RawData);
			return trustEvaluateSsl (certsRawData);
		}