public static void X509CertificateCollectionEnumerator()
{
using (X509Certificate2 c1 = new X509Certificate2())
using (X509Certificate2 c2 = new X509Certificate2())
using (X509Certificate2 c3 = new X509Certificate2())
{
X509CertificateCollection cc = new X509CertificateCollection(new X509Certificate[] { c1, c2, c3 });
X509CertificateCollection.X509CertificateEnumerator e = cc.GetEnumerator();
object ignored;
// Not started
Assert.Throws <InvalidOperationException>(() => ignored = e.Current);
Assert.True(e.MoveNext());
Assert.Same(c1, e.Current);
Assert.True(e.MoveNext());
Assert.Same(c2, e.Current);
Assert.True(e.MoveNext());
Assert.Same(c3, e.Current);
Assert.False(e.MoveNext());
Assert.False(e.MoveNext());
Assert.False(e.MoveNext());
Assert.False(e.MoveNext());
Assert.False(e.MoveNext());
// ended.
Assert.Throws <InvalidOperationException>(() => ignored = e.Current);
}
}
public void UpdateRootCertificates(IFirebaseAppPlatform app)
{
if (!InstallRootCerts.InstallationRequired)
{
return;
}
object sync = InstallRootCerts.Sync;
lock (sync)
{
if (!InstallRootCerts._attemptedWebDownload)
{
InstallRootCerts._attemptedWebDownload = true;
X509CertificateCollection x509CertificateCollection = null;
try
{
x509CertificateCollection = InstallRootCerts.DecodeWebRootCollection(app);
}
catch (Exception ex)
{
Services.Logging.LogMessage(PlatformLogLevel.Error, ex.ToString());
}
if (x509CertificateCollection != null && x509CertificateCollection.Count != 0)
{
X509Store x509Store = new X509Store(InstallRootCerts.TrustedRoot);
x509Store.Open(OpenFlags.ReadWrite);
X509CertificateCollection certificates = x509Store.Certificates;
X509CertificateCollection.X509CertificateEnumerator enumerator = x509CertificateCollection.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
X509Certificate current = enumerator.Current;
if (!certificates.Contains(current))
{
try
{
x509Store.Add((X509Certificate2)current);
}
catch (Exception ex2)
{
Services.Logging.LogMessage(PlatformLogLevel.Error, ex2.ToString());
}
}
}
}
finally
{
IDisposable disposable;
if ((disposable = (enumerator as IDisposable)) != null)
{
disposable.Dispose();
}
}
x509Store.Close();
this.HackRefreshMonoRootStore();
}
}
}
}
private void SetCerList(HttpItem item)
{
if (item.ClentCertificates != null && item.ClentCertificates.Count > 0)
{
X509CertificateCollection.X509CertificateEnumerator enumerator = item.ClentCertificates.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
X509Certificate current = enumerator.Current;
this.request.ClientCertificates.Add(current);
}
}
finally
{
IDisposable disposable = enumerator as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
}
}
private bool VerifySignature(PKCS7.SignedData sd, byte[] calculatedMessageDigest, HashAlgorithm ha)
{
string str = null;
ASN1 asn = null;
string str3;
Dictionary <string, int> dictionary;
for (int i = 0; i < sd.SignerInfo.AuthenticatedAttributes.Count; i++)
{
ASN1 asn2 = (ASN1)sd.SignerInfo.AuthenticatedAttributes[i];
str3 = ASN1Convert.ToOid(asn2[0]);
if (str3 != null)
{
if (__f__switch_map1 == null)
{
dictionary = new Dictionary <string, int>(4)
{
{
"1.2.840.113549.1.9.3",
0
},
{
"1.2.840.113549.1.9.4",
1
},
{
"1.3.6.1.4.1.311.2.1.11",
2
},
{
"1.3.6.1.4.1.311.2.1.12",
3
}
};
__f__switch_map1 = dictionary;
}
if (__f__switch_map1.TryGetValue(str3, out int num2))
{
switch (num2)
{
case 0:
str = ASN1Convert.ToOid(asn2[1][0]);
break;
case 1:
asn = asn2[1][0];
break;
}
}
}
}
if (str != "1.3.6.1.4.1.311.2.1.4")
{
return(false);
}
if (asn == null)
{
return(false);
}
if (!asn.CompareValue(calculatedMessageDigest))
{
return(false);
}
string str4 = CryptoConfig.MapNameToOID(ha.ToString());
ASN1 asn3 = new ASN1(0x31);
IEnumerator enumerator = sd.SignerInfo.AuthenticatedAttributes.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
ASN1 current = (ASN1)enumerator.Current;
asn3.Add(current);
}
}
finally
{
if (enumerator is IDisposable disposable)
{
disposable.Dispose();
}
}
ha.Initialize();
byte[] rgbHash = ha.ComputeHash(asn3.GetBytes());
byte[] signature = sd.SignerInfo.Signature;
string issuerName = sd.SignerInfo.IssuerName;
byte[] serialNumber = sd.SignerInfo.SerialNumber;
X509CertificateCollection.X509CertificateEnumerator enumerator2 = this.coll.GetEnumerator();
try
{
while (enumerator2.MoveNext())
{
X509Certificate current = enumerator2.Current;
if (this.CompareIssuerSerial(issuerName, serialNumber, current) &&
(current.PublicKey.Length > (signature.Length >> 3)))
{
this.signingCertificate = current;
RSACryptoServiceProvider rSA = (RSACryptoServiceProvider)current.RSA;
if (rSA.VerifyHash(rgbHash, str4, signature))
{
this.signerChain.LoadCertificates(this.coll);
this.trustedRoot = this.signerChain.Build(current);
goto Label_0295;
}
}
}
}
finally
{
if (enumerator2 is IDisposable disposable2)
{
disposable2.Dispose();
}
}
Label_0295:
if (sd.SignerInfo.UnauthenticatedAttributes.Count == 0)
{
this.trustedTimestampRoot = true;
}
else
{
for (int j = 0; j < sd.SignerInfo.UnauthenticatedAttributes.Count; j++)
{
ASN1 asn5 = (ASN1)sd.SignerInfo.UnauthenticatedAttributes[j];
str3 = ASN1Convert.ToOid(asn5[0]);
if (str3 != null)
{
if (__f__switch_map2 == null)
{
dictionary = new Dictionary <string, int>(1)
{
{
"1.2.840.113549.1.9.6",
0
}
};
__f__switch_map2 = dictionary;
}
if (__f__switch_map2.TryGetValue(str3, out int num2) && (num2 == 0))
{
PKCS7.SignerInfo cs = new PKCS7.SignerInfo(asn5[1]);
this.trustedTimestampRoot = this.VerifyCounterSignature(cs, signature);
}
}
}
}
return(this.trustedRoot && this.trustedTimestampRoot);
}
private bool VerifyCounterSignature(PKCS7.SignerInfo cs, byte[] signature)
{
if (cs.Version == 1)
{
string str = null;
ASN1 asn = null;
for (int i = 0; i < cs.AuthenticatedAttributes.Count; i++)
{
ASN1 asn2 = (ASN1)cs.AuthenticatedAttributes[i];
string key = ASN1Convert.ToOid(asn2[0]);
if (key != null)
{
if (__f__switch_map3 == null)
{
Dictionary <string, int> dictionary = new Dictionary <string, int>(3)
{
{
"1.2.840.113549.1.9.3",
0
},
{
"1.2.840.113549.1.9.4",
1
},
{
"1.2.840.113549.1.9.5",
2
}
};
__f__switch_map3 = dictionary;
}
if (__f__switch_map3.TryGetValue(key, out int num2))
{
switch (num2)
{
case 0:
str = ASN1Convert.ToOid(asn2[1][0]);
break;
case 1:
asn = asn2[1][0];
break;
case 2:
this.timestamp = ASN1Convert.ToDateTime(asn2[1][0]);
break;
}
}
}
}
if (str != "1.2.840.113549.1.7.1")
{
return(false);
}
if (asn == null)
{
return(false);
}
string hashName = null;
switch (asn.Length)
{
case 0x10:
hashName = "MD5";
break;
case 20:
hashName = "SHA1";
break;
}
HashAlgorithm hash = HashAlgorithm.Create(hashName);
if (asn.CompareValue(hash.ComputeHash(signature)))
{
byte[] buffer = cs.Signature;
ASN1 asn3 = new ASN1(0x31);
IEnumerator enumerator = cs.AuthenticatedAttributes.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
ASN1 current = (ASN1)enumerator.Current;
asn3.Add(current);
}
}
finally
{
if (enumerator is IDisposable disposable)
{
disposable.Dispose();
}
}
byte[] hashValue = hash.ComputeHash(asn3.GetBytes());
string issuerName = cs.IssuerName;
byte[] serialNumber = cs.SerialNumber;
X509CertificateCollection.X509CertificateEnumerator enumerator2 = this.coll.GetEnumerator();
try
{
while (enumerator2.MoveNext())
{
X509Certificate current = enumerator2.Current;
if (this.CompareIssuerSerial(issuerName, serialNumber, current) &&
(current.PublicKey.Length > buffer.Length))
{
RSACryptoServiceProvider rSA = (RSACryptoServiceProvider)current.RSA;
RSAManaged rsa = new RSAManaged();
rsa.ImportParameters(rSA.ExportParameters(false));
if (PKCS1.Verify_v15(rsa, hash, hashValue, buffer, true))
{
this.timestampChain.LoadCertificates(this.coll);
return(this.timestampChain.Build(current));
}
}
}
}
finally
{
if (enumerator2 is IDisposable disposable2)
{
disposable2.Dispose();
}
}
}
}
return(false);
}
public X509CertificateCollection Install(IFirebaseAppPlatform app)
{
if (!InstallRootCerts.InstallationRequired)
{
return(null);
}
object sync = InstallRootCerts.Sync;
X509CertificateCollection result;
lock (sync)
{
X509CertificateCollection x509CertificateCollection;
if (InstallRootCerts._installedRoots.TryGetValue(app, out x509CertificateCollection))
{
result = x509CertificateCollection;
}
else
{
x509CertificateCollection = new X509CertificateCollection();
string text = Path.Combine(Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData), ".mono"), "certs");
bool flag = false;
try
{
flag = (Directory.Exists(text) || Directory.CreateDirectory(text) != null);
}
catch (Exception)
{
}
if (!flag)
{
string writeablePath = Services.AppConfig.GetWriteablePath(app);
if (!string.IsNullOrEmpty(writeablePath))
{
Services.Logging.LogMessage(PlatformLogLevel.Debug, string.Format("Saving root certs in {0} ({1} is not writable)", writeablePath, text));
Environment.SetEnvironmentVariable("XDG_CONFIG_HOME", writeablePath);
text = writeablePath;
this.HackRefreshMonoRootStore();
}
}
X509CertificateCollection value = InstallRootCerts.DecodeDefaultCollection();
X509CertificateCollection x509CertificateCollection2 = InstallRootCerts.DecodeCollection(app);
if (string.Equals(app.Name, FirebaseHandler.AppUtils.GetDefaultInstanceName()))
{
x509CertificateCollection2.AddRange(value);
x509CertificateCollection = x509CertificateCollection2;
}
else
{
x509CertificateCollection.AddRange(value);
}
InstallRootCerts._installedRoots[app] = x509CertificateCollection2;
if (x509CertificateCollection.Count == 0)
{
result = x509CertificateCollection;
}
else
{
InstallRootCerts.InstallDefaultCRLs("Firebase.Platform.cacrl_pem.txt", Path.Combine(text, InstallRootCerts.TrustedRoot));
InstallRootCerts.InstallDefaultCRLs("Firebase.Platform.caintermediatecrl_pem.txt", Path.Combine(text, InstallRootCerts.IntermediateCA));
Services.Logging.LogMessage(PlatformLogLevel.Debug, string.Format("Installing {0} certs", x509CertificateCollection2.Count));
X509Store x509Store = new X509Store(InstallRootCerts.TrustedRoot);
x509Store.Open(OpenFlags.ReadWrite);
X509CertificateCollection certificates = x509Store.Certificates;
X509CertificateCollection.X509CertificateEnumerator enumerator = x509CertificateCollection.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
X509Certificate current = enumerator.Current;
if (!certificates.Contains(current))
{
try
{
x509Store.Add((X509Certificate2)current);
}
catch (Exception ex)
{
Services.Logging.LogMessage(PlatformLogLevel.Error, ex.ToString());
}
}
}
}
finally
{
IDisposable disposable;
if ((disposable = (enumerator as IDisposable)) != null)
{
disposable.Dispose();
}
}
x509Store.Close();
result = x509CertificateCollection;
}
}
}
return(result);
}
