/// <summary>
/// Set certificates for the trusted Root Certificate Authorities (Android implementation)
/// </summary>
/// <param name="certificates">Certificates for the CAs to trust</param>
public virtual void SetTrustedRoots(params byte[][] certificates)
{
if (certificates == null)
{
_trustMgrFactory = null;
_x509TrustManager = null;
return;
}
var keyStore = KeyStore.GetInstance(KeyStore.DefaultType);
keyStore.Load(null);
var certFactory = CertificateFactory.GetInstance("X.509");
foreach (var certificate in certificates)
{
var cert = (X509Certificate)certFactory.GenerateCertificate(new System.IO.MemoryStream(certificate));
keyStore.SetCertificateEntry(cert.SubjectDN.Name, cert);
}
_trustMgrFactory = TrustManagerFactory.GetInstance(TrustManagerFactory.DefaultAlgorithm);
_trustMgrFactory.Init(keyStore);
foreach (var trustManager in TrustManagers)
{
_x509TrustManager = trustManager.JavaCast <IX509TrustManager>();
if (_x509TrustManager != null)
{
break;
}
}
}
static void SetupTrustManager()
{
if (sslTrustManager != null)
{
return;
}
lock (lock_) {
TrustManagerFactory factory = TrustManagerFactory.GetInstance(TrustManagerFactory.DefaultAlgorithm);
factory.Init((KeyStore)null);
foreach (ITrustManager tm in factory.GetTrustManagers())
{
try {
sslTrustManager = tm.JavaCast <IX509TrustManager>();
}
catch {
// ignore
}
if (sslTrustManager != null)
{
break;
}
}
}
}
public CertificateChainCleaner(IX509TrustManager trustManager)
{
var keyEquality = new X500PrincipalEquality();
_subjectCaCerts = trustManager.GetAcceptedIssuers()
.GroupBy(i => i.IssuerX500Principal, keyEquality)
.ToDictionary(g => g.Key, g => g.Select(i => i).ToList(), keyEquality);
}
public CompleteX509TrustManager(IX509TrustManager localTrustManager)
{
this.localTrustManager = localTrustManager;
var defaultTrustManagerFactory = TrustManagerFactory.GetInstance(TrustManagerFactory.DefaultAlgorithm);
defaultTrustManagerFactory.Init((KeyStore)null);
defaultTrustManager = defaultTrustManagerFactory.GetTrustManagers()[0].JavaCast <IX509TrustManager>();
}
public CustomX509TrustManager()
{
var algorithm = TrustManagerFactory.DefaultAlgorithm;
var defaultTrustManagerFactory = TrustManagerFactory.GetInstance(algorithm);
defaultTrustManagerFactory.Init((KeyStore)null);
var trustManagers = defaultTrustManagerFactory.GetTrustManagers();
defaultTrustManager = trustManagers[0].JavaCast <IX509TrustManager>();
}
public static IX509TrustManager GetSystemDefaultTrustManager()
{
IX509TrustManager x509TrustManager = null;
try
{
var trustManagerFactory = TrustManagerFactory.GetInstance(TrustManagerFactory.DefaultAlgorithm);
trustManagerFactory.Init((KeyStore)null);
foreach (var trustManager in trustManagerFactory.GetTrustManagers())
{
var manager = trustManager.JavaCast <IX509TrustManager>();
if (manager != null)
{
x509TrustManager = manager;
break;
}
}
}
catch (Exception ex) when(ex is NoSuchAlgorithmException || ex is KeyStoreException)
{
// move along...
}
return(x509TrustManager);
}
static void SetupTrustManager()
{
if (sslTrustManager != null)
return;
lock (lock_) {
TrustManagerFactory factory = TrustManagerFactory.GetInstance (TrustManagerFactory.DefaultAlgorithm);
factory.Init ((KeyStore) null);
foreach (ITrustManager tm in factory.GetTrustManagers ()) {
try {
sslTrustManager = tm.JavaCast<IX509TrustManager>();
}
catch {
// ignore
}
if (sslTrustManager != null)
break;
}
}
}
public static X509Certificate[] getAcceptedIssuers(this IX509TrustManager manager)
{
return(manager.GetAcceptedIssuers());
}
public static void checkServerTrusted(this IX509TrustManager manager, X509Certificate[] chain, string authType)
{
manager.CheckServerTrusted(chain, authType);
}