public void UpdateRootCertificates(IFirebaseAppPlatform app) { if (!InstallRootCerts.InstallationRequired) { return; } object sync = InstallRootCerts.Sync; lock (sync) { if (!InstallRootCerts._attemptedWebDownload) { InstallRootCerts._attemptedWebDownload = true; X509CertificateCollection x509CertificateCollection = null; try { x509CertificateCollection = InstallRootCerts.DecodeWebRootCollection(app); } catch (Exception ex) { Services.Logging.LogMessage(PlatformLogLevel.Error, ex.ToString()); } if (x509CertificateCollection != null && x509CertificateCollection.Count != 0) { X509Store x509Store = new X509Store(InstallRootCerts.TrustedRoot); x509Store.Open(OpenFlags.ReadWrite); X509CertificateCollection certificates = x509Store.Certificates; X509CertificateCollection.X509CertificateEnumerator enumerator = x509CertificateCollection.GetEnumerator(); try { while (enumerator.MoveNext()) { X509Certificate current = enumerator.Current; if (!certificates.Contains(current)) { try { x509Store.Add((X509Certificate2)current); } catch (Exception ex2) { Services.Logging.LogMessage(PlatformLogLevel.Error, ex2.ToString()); } } } } finally { IDisposable disposable; if ((disposable = (enumerator as IDisposable)) != null) { disposable.Dispose(); } } x509Store.Close(); this.HackRefreshMonoRootStore(); } } } }
public void Contains() { X509CertificateCollection c = new X509CertificateCollection(); Assert.IsTrue(!c.Contains(x509a), "Empty-A"); Assert.IsTrue(!c.Contains(null), "Empty-Null"); c.Add(x509a); Assert.IsTrue(c.Contains(x509a), "A-A"); Assert.IsTrue(!c.Contains(x509b), "A-B"); // works by value not by object reference X509Certificate x = new X509Certificate(cert_a); Assert.IsTrue(c.Contains(x), "A-x"); }
static int Process() { X509CertificateCollection roots = DecodeCollection(); if (roots == null) { return(1); } else if (roots.Count == 0) { WriteLine("No certificates were found."); return(0); } X509Stores stores = userStore ? X509StoreManager.CurrentUser : X509StoreManager.LocalMachine; X509CertificateCollection trusted = stores.TrustedRoot.Certificates; int additions = 0; WriteLine("I already trust {0}, your new list has {1}", trusted.Count, roots.Count); foreach (X509Certificate root in roots) { if (!trusted.Contains(root)) { try { stores.TrustedRoot.Import(root); WriteLine("Certificate added: {0}", root.SubjectName); additions++; } catch (Exception e) { WriteLine("Warning: Could not import {0}", root.SubjectName); WriteLine(e.ToString()); } } } if (additions > 0) { WriteLine("{0} new root certificates were added to your trust store.", additions); } X509CertificateCollection removed = new X509CertificateCollection(); foreach (X509Certificate trust in trusted) { if (!roots.Contains(trust)) { removed.Add(trust); } } if (removed.Count > 0) { WriteLine("{0} previously trusted certificates were removed.", removed.Count); foreach (X509Certificate old in removed) { stores.TrustedRoot.Remove(old); WriteLine("Certificate removed: {0}", old.SubjectName); } } WriteLine("Import process completed."); return(0); }
public static bool IsInstalled(StoreName storeName, StoreLocation storeLocation, X509Certificate2 certificate) { X509Store localMachineMyStore = new X509Store(storeName, storeLocation); localMachineMyStore.Open(OpenFlags.ReadOnly); X509CertificateCollection collection = localMachineMyStore.Certificates; localMachineMyStore.Close(); return(collection.Contains(certificate)); }
private static bool ServerCertificateValidate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine); store.Open(OpenFlags.ReadOnly); X509CertificateCollection collection = store.Certificates; bool result = collection.Contains(certificate); store.Close(); return(result); }
ImportResult ImportToStore(CertStoreId storeId, X509CertificateCollection roots, X509Store store) { var addedResult = new List <X509Certificate>(); var removedResult = new List <X509Certificate>(); var trusted = store.Certificates; Log("I already trust {0}, your new list has {1}", trusted.Count, roots.Count); foreach (var root in roots) { if (!trusted.Contains(root)) { try { store.Import(root); Log("Certificate added: {0}", root.SubjectName); addedResult.Add(root); } catch (Exception e) { Log("Warning: Could not import {0}", root.SubjectName); Log(e.ToString()); } } } if (addedResult.Count > 0) { Log("{0} new root certificates were added to your trust store.", addedResult.Count); } var removed = new X509CertificateCollection(); foreach (var trust in trusted) { if (!roots.Contains(trust)) { removed.Add(trust); removedResult.Add(trust); } } if (removed.Count > 0) { Log("{0} previously trusted certificates were removed.", removed.Count); foreach (var old in removed) { store.Remove(old); Log("Certificate removed: {0}", old.SubjectName); } } Log("Import process completed."); return(new ImportResult(storeId, addedResult, removedResult)); }
static void ImportToStore(X509CertificateCollection roots, X509Store store) { X509CertificateCollection trusted = store.Certificates; int additions = 0; WriteLine("I already trust {0}, your new list has {1}", trusted.Count, roots.Count); foreach (X509Certificate root in roots) { if (!trusted.Contains(root)) { try { store.Import(root); WriteLine("Certificate added: {0}", root.SubjectName); additions++; } catch (Exception e) { WriteLine("Warning: Could not import {0}", root.SubjectName); WriteLine(e.ToString()); } } } if (additions > 0) { WriteLine("{0} new root certificates were added to your trust store.", additions); } X509CertificateCollection removed = new X509CertificateCollection(); foreach (X509Certificate trust in trusted) { if (!roots.Contains(trust)) { removed.Add(trust); } } if (removed.Count > 0) { WriteLine("{0} previously trusted certificates were removed.", removed.Count); foreach (X509Certificate old in removed) { store.Remove(old); WriteLine("Certificate removed: {0}", old.SubjectName); } } WriteLine("Import process completed."); }
public static void X509CertificateCollectionContains() { using (X509Certificate c1 = new X509Certificate()) using (X509Certificate c2 = new X509Certificate()) using (X509Certificate c3 = new X509Certificate()) { X509CertificateCollection collection = new X509CertificateCollection(new X509Certificate[] { c1, c2, c3 }); Assert.True(collection.Contains(c1)); Assert.True(collection.Contains(c2)); Assert.True(collection.Contains(c3)); Assert.False(collection.Contains(null)); IList ilist = (IList)collection; Assert.True(ilist.Contains(c1)); Assert.True(ilist.Contains(c2)); Assert.True(ilist.Contains(c3)); Assert.False(ilist.Contains(null)); Assert.False(ilist.Contains("Bogus")); } }
public static bool MySSLHandler(Syscert.X509Certificate certificate, int[] certificateErrors) { X509Store store = null; X509Stores stores = X509StoreManager.CurrentUser; String input; store = stores.TrustedRoot; //Import the details of the certificate from the server. X509Certificate x509 = null; X509CertificateCollection coll = new X509CertificateCollection(); byte[] data = certificate.GetRawCertData(); if (data != null) { x509 = new X509Certificate(data); } //List the details of the Server //check for ceritficate in store X509CertificateCollection check = store.Certificates; if (!check.Contains(x509)) { if (bindCount == 1) { Console.WriteLine(" \n\nCERTIFICATE DETAILS: \n"); Console.WriteLine(" {0}X.509 v{1} Certificate", (x509.IsSelfSigned ? "Self-signed " : String.Empty), x509.Version); Console.WriteLine(" Serial Number: {0}", CryptoConvert.ToHex(x509.SerialNumber)); Console.WriteLine(" Issuer Name: {0}", x509.IssuerName); Console.WriteLine(" Subject Name: {0}", x509.SubjectName); Console.WriteLine(" Valid From: {0}", x509.ValidFrom); Console.WriteLine(" Valid Until: {0}", x509.ValidUntil); Console.WriteLine(" Unique Hash: {0}", CryptoConvert.ToHex(x509.Hash)); Console.WriteLine(); } //Get the response from the Client do { Console.WriteLine("\nDo you want to proceed with the connection (y/n)?"); input = Console.ReadLine(); if (input == "y" || input == "Y") { bHowToProceed = true; } if (input == "n" || input == "N") { bHowToProceed = false; } } while (input != "y" && input != "Y" && input != "n" && input != "N"); } else { if (bHowToProceed == true) { //Add the certificate to the store. if (x509 != null) { coll.Add(x509); } store.Import(x509); if (bindCount == 1) { removeFlag = true; } } } if (bHowToProceed == false) { //Remove the certificate added from the store. if (removeFlag == true && bindCount > 1) { foreach (X509Certificate xt509 in store.Certificates) { if (CryptoConvert.ToHex(xt509.Hash) == CryptoConvert.ToHex(x509.Hash)) { store.Remove(x509); } } } Console.WriteLine("SSL Bind Failed."); } return(bHowToProceed); }
public X509CertificateCollection Install(IFirebaseAppPlatform app) { if (!InstallRootCerts.InstallationRequired) { return(null); } object sync = InstallRootCerts.Sync; X509CertificateCollection result; lock (sync) { X509CertificateCollection x509CertificateCollection; if (InstallRootCerts._installedRoots.TryGetValue(app, out x509CertificateCollection)) { result = x509CertificateCollection; } else { x509CertificateCollection = new X509CertificateCollection(); string text = Path.Combine(Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData), ".mono"), "certs"); bool flag = false; try { flag = (Directory.Exists(text) || Directory.CreateDirectory(text) != null); } catch (Exception) { } if (!flag) { string writeablePath = Services.AppConfig.GetWriteablePath(app); if (!string.IsNullOrEmpty(writeablePath)) { Services.Logging.LogMessage(PlatformLogLevel.Debug, string.Format("Saving root certs in {0} ({1} is not writable)", writeablePath, text)); Environment.SetEnvironmentVariable("XDG_CONFIG_HOME", writeablePath); text = writeablePath; this.HackRefreshMonoRootStore(); } } X509CertificateCollection value = InstallRootCerts.DecodeDefaultCollection(); X509CertificateCollection x509CertificateCollection2 = InstallRootCerts.DecodeCollection(app); if (string.Equals(app.Name, FirebaseHandler.AppUtils.GetDefaultInstanceName())) { x509CertificateCollection2.AddRange(value); x509CertificateCollection = x509CertificateCollection2; } else { x509CertificateCollection.AddRange(value); } InstallRootCerts._installedRoots[app] = x509CertificateCollection2; if (x509CertificateCollection.Count == 0) { result = x509CertificateCollection; } else { InstallRootCerts.InstallDefaultCRLs("Firebase.Platform.cacrl_pem.txt", Path.Combine(text, InstallRootCerts.TrustedRoot)); InstallRootCerts.InstallDefaultCRLs("Firebase.Platform.caintermediatecrl_pem.txt", Path.Combine(text, InstallRootCerts.IntermediateCA)); Services.Logging.LogMessage(PlatformLogLevel.Debug, string.Format("Installing {0} certs", x509CertificateCollection2.Count)); X509Store x509Store = new X509Store(InstallRootCerts.TrustedRoot); x509Store.Open(OpenFlags.ReadWrite); X509CertificateCollection certificates = x509Store.Certificates; X509CertificateCollection.X509CertificateEnumerator enumerator = x509CertificateCollection.GetEnumerator(); try { while (enumerator.MoveNext()) { X509Certificate current = enumerator.Current; if (!certificates.Contains(current)) { try { x509Store.Add((X509Certificate2)current); } catch (Exception ex) { Services.Logging.LogMessage(PlatformLogLevel.Error, ex.ToString()); } } } } finally { IDisposable disposable; if ((disposable = (enumerator as IDisposable)) != null) { disposable.Dispose(); } } x509Store.Close(); result = x509CertificateCollection; } } } return(result); }
static int Process() { X509CertificateCollection roots = DecodeCollection(); if (roots == null) { return(1); } else if (roots.Count == 0) { WriteLine("No certificates were found."); return(0); } if (pkcs7filename != null) { SoftwarePublisherCertificate pkcs7 = new SoftwarePublisherCertificate(); pkcs7.Certificates.AddRange(roots); WriteLine("Saving root certificates into '{0}' file...", pkcs7filename); using (FileStream fs = File.OpenWrite(pkcs7filename)) { byte[] data = pkcs7.GetBytes(); fs.Write(data, 0, data.Length); fs.Close(); } } if (import) { WriteLine("Importing certificates into {0} store...", machine ? "machine" : "user"); X509Stores stores = (machine ? X509StoreManager.LocalMachine : X509StoreManager.CurrentUser); X509CertificateCollection trusted = stores.TrustedRoot.Certificates; int additions = 0; foreach (X509Certificate root in roots) { if (!trusted.Contains(root)) { if (!confirmAddition || AskConfirmation("add", root)) { stores.TrustedRoot.Import(root); if (confirmAddition) { WriteLine("Certificate added.{0}", Environment.NewLine); } additions++; } } } if (additions > 0) { WriteLine("{0} new root certificates were added to your trust store.", additions); } X509CertificateCollection removed = new X509CertificateCollection(); foreach (X509Certificate trust in trusted) { if (!roots.Contains(trust)) { removed.Add(trust); } } if (removed.Count > 0) { if (confirmRemoval) { WriteLine("{0} previously trusted certificates were not part of the update.", removed.Count); } else { WriteLine("{0} previously trusted certificates were removed.", removed.Count); } foreach (X509Certificate old in removed) { if (!confirmRemoval || AskConfirmation("remove", old)) { stores.TrustedRoot.Remove(old); if (confirmRemoval) { WriteLine("Certificate removed.{0}", Environment.NewLine); } } } } WriteLine("Import process completed.{0}", Environment.NewLine); } return(0); }
static int Process() { ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { if (sslPolicyErrors != System.Net.Security.SslPolicyErrors.None) { Console.WriteLine("WARNING: Downloading the trusted certificate list couldn't be done securely (error: {0}), continuing anyway. If you're using mozroots to bootstrap Mono's trust store on a clean system this might be OK, otherwise it could indicate a network intrusion. Please ensure you're using a trusted network or move to cert-sync.", sslPolicyErrors); } // this is very bad, but on a clean system without an existing trust store we don't really have a better option return(true); }; X509CertificateCollection roots = DecodeCollection(); if (roots == null) { return(1); } else if (roots.Count == 0) { WriteLine("No certificates were found."); return(0); } if (pkcs7filename != null) { SoftwarePublisherCertificate pkcs7 = new SoftwarePublisherCertificate(); pkcs7.Certificates.AddRange(roots); WriteLine("Saving root certificates into '{0}' file...", pkcs7filename); using (FileStream fs = File.OpenWrite(pkcs7filename)) { byte[] data = pkcs7.GetBytes(); fs.Write(data, 0, data.Length); fs.Close(); } } if (import) { WriteLine("Importing certificates into {0} store...", machine ? "machine" : "user"); X509Stores stores = (machine ? X509StoreManager.LocalMachine : X509StoreManager.CurrentUser); X509CertificateCollection trusted = stores.TrustedRoot.Certificates; int additions = 0; foreach (X509Certificate root in roots) { if (!trusted.Contains(root)) { if (!confirmAddition || AskConfirmation("add", root)) { stores.TrustedRoot.Import(root); if (confirmAddition) { WriteLine("Certificate added.{0}", Environment.NewLine); } additions++; } } } if (additions > 0) { WriteLine("{0} new root certificates were added to your trust store.", additions); } X509CertificateCollection removed = new X509CertificateCollection(); foreach (X509Certificate trust in trusted) { if (!roots.Contains(trust)) { removed.Add(trust); } } if (removed.Count > 0) { if (confirmRemoval) { WriteLine("{0} previously trusted certificates were not part of the update.", removed.Count); } else { WriteLine("{0} previously trusted certificates were removed.", removed.Count); } foreach (X509Certificate old in removed) { if (!confirmRemoval || AskConfirmation("remove", old)) { stores.TrustedRoot.Remove(old); if (confirmRemoval) { WriteLine("Certificate removed.{0}", Environment.NewLine); } } } } WriteLine("Import process completed.{0}", Environment.NewLine); } return(0); }