static int Process (string[] args)
{
int nargs = args.Length - 1;
if (nargs < 1) {
error = "At least one input and output files must be specified";
return 1;
}
string output = args [nargs];
SoftwarePublisherCertificate spc = new SoftwarePublisherCertificate ();
for (int i=0; i < args.Length - 1; i++) {
switch (Path.GetExtension (args[i]).ToLower ()) {
case ".cer":
case ".crt":
spc.Certificates.Add (new X509Certificate (GetFile (args[i])));
break;
case ".crl":
spc.Crls.Add (GetFile (args[i]));
break;
default:
error = "Unknown file extension : " + args[i];
return 1;
}
}
using (FileStream fs = File.Open (output, FileMode.Create, FileAccess.Write)) {
byte[] data = spc.GetBytes ();
fs.Write (data, 0, data.Length);
fs.Close ();
}
return 0;
}
public void CompareReadNavy ()
{
WriteBuffer (navy, false, false, false);
SoftwarePublisherCertificate spc = SoftwarePublisherCertificate.CreateFromFile (testfile);
SoftwarePublisherCertificate newspc = new SoftwarePublisherCertificate ();
foreach (MSX.X509Certificate x in spc.Certificates)
newspc.Certificates.Add (x);
foreach (byte[] crl in spc.Crls)
newspc.Crls.Add (crl);
byte[] newnavy = newspc.GetBytes ();
Assert.AreEqual (navy, newnavy, "navy.compare");
SoftwarePublisherCertificate newerspc = new SoftwarePublisherCertificate (newnavy);
Assert.AreEqual (3, newerspc.Certificates.Count, "navy.Certificates");
Assert.AreEqual (2, newerspc.Crls.Count, "navy.Crl");
}
public void CompareCRLOnly ()
{
WriteBuffer (crlonly, false, false, false);
SoftwarePublisherCertificate spc = SoftwarePublisherCertificate.CreateFromFile (testfile);
SoftwarePublisherCertificate newspc = new SoftwarePublisherCertificate ();
newspc.Crls.Add (spc.Crls [0]);
byte[] newcrlonly = newspc.GetBytes ();
Assert.AreEqual (crlonly, newcrlonly, "crlonly.compare");
SoftwarePublisherCertificate newerspc = new SoftwarePublisherCertificate (newcrlonly);
Assert.AreEqual (0, newerspc.Certificates.Count, "crlonly.Certificates");
Assert.AreEqual (1, newerspc.Crls.Count, "crlonly.Crl");
}
public void CompareCertificateOnly ()
{
WriteBuffer (certonly);
SoftwarePublisherCertificate spc = SoftwarePublisherCertificate.CreateFromFile (testfile);
SoftwarePublisherCertificate newspc = new SoftwarePublisherCertificate ();
newspc.Certificates.Add (spc.Certificates [0]);
byte[] newcertonly = newspc.GetBytes ();
AssertEquals ("certonly.compare", certonly, newcertonly);
SoftwarePublisherCertificate newerspc = new SoftwarePublisherCertificate (newcertonly);
AssertEquals ("certonly.Certificates", 1, newerspc.Certificates.Count);
AssertEquals ("certonly.Crl", 0, newerspc.Crls.Count);
}
static int Process ()
{
X509CertificateCollection roots = DecodeCollection ();
if (roots == null) {
return 1;
} else if (roots.Count == 0) {
WriteLine ("No certificates were found.");
return 0;
}
if (pkcs7filename != null) {
SoftwarePublisherCertificate pkcs7 = new SoftwarePublisherCertificate ();
pkcs7.Certificates.AddRange (roots);
WriteLine ("Saving root certificates into '{0}' file...", pkcs7filename);
using (FileStream fs = File.OpenWrite (pkcs7filename)) {
byte[] data = pkcs7.GetBytes ();
fs.Write (data, 0, data.Length);
fs.Close ();
}
}
if (import) {
WriteLine ("Importing certificates into {0} store...",
machine ? "machine" : "user");
X509Stores stores = (machine ? X509StoreManager.LocalMachine : X509StoreManager.CurrentUser);
X509CertificateCollection trusted = stores.TrustedRoot.Certificates;
int additions = 0;
foreach (X509Certificate root in roots) {
if (!trusted.Contains (root)) {
if (!confirmAddition || AskConfirmation ("add", root)) {
stores.TrustedRoot.Import (root);
if (confirmAddition)
WriteLine ("Certificate added.{0}", Environment.NewLine);
additions++;
}
}
}
if (additions > 0)
WriteLine ("{0} new root certificates were added to your trust store.", additions);
X509CertificateCollection removed = new X509CertificateCollection ();
foreach (X509Certificate trust in trusted) {
if (!roots.Contains (trust)) {
removed.Add (trust);
}
}
if (removed.Count > 0) {
if (confirmRemoval) {
WriteLine ("{0} previously trusted certificates were not part of the update.", removed.Count);
} else {
WriteLine ("{0} previously trusted certificates were removed.", removed.Count);
}
foreach (X509Certificate old in removed) {
if (!confirmRemoval || AskConfirmation ("remove", old)) {
stores.TrustedRoot.Remove (old);
if (confirmRemoval)
WriteLine ("Certificate removed.{0}", Environment.NewLine);
}
}
}
WriteLine ("Import process completed.{0}", Environment.NewLine);
}
return 0;
}
static int Process ()
{
ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => {
if (sslPolicyErrors != System.Net.Security.SslPolicyErrors.None)
Console.WriteLine ("WARNING: Downloading the trusted certificate list couldn't be done securely (error: {0}), continuing anyway. If you're using mozroots to bootstrap Mono's trust store on a clean system this might be OK, otherwise it could indicate a network intrusion. Please ensure you're using a trusted network or move to cert-sync.", sslPolicyErrors);
// this is very bad, but on a clean system without an existing trust store we don't really have a better option
return true;
};
X509CertificateCollection roots = DecodeCollection ();
if (roots == null) {
return 1;
} else if (roots.Count == 0) {
WriteLine ("No certificates were found.");
return 0;
}
if (pkcs7filename != null) {
SoftwarePublisherCertificate pkcs7 = new SoftwarePublisherCertificate ();
pkcs7.Certificates.AddRange (roots);
WriteLine ("Saving root certificates into '{0}' file...", pkcs7filename);
using (FileStream fs = File.OpenWrite (pkcs7filename)) {
byte[] data = pkcs7.GetBytes ();
fs.Write (data, 0, data.Length);
fs.Close ();
}
}
if (import) {
WriteLine ("Importing certificates into {0} store...",
machine ? "machine" : "user");
X509Stores stores = (machine ? X509StoreManager.LocalMachine : X509StoreManager.CurrentUser);
X509CertificateCollection trusted = stores.TrustedRoot.Certificates;
int additions = 0;
foreach (X509Certificate root in roots) {
if (!trusted.Contains (root)) {
if (!confirmAddition || AskConfirmation ("add", root)) {
stores.TrustedRoot.Import (root);
if (confirmAddition)
WriteLine ("Certificate added.{0}", Environment.NewLine);
additions++;
}
}
}
if (additions > 0)
WriteLine ("{0} new root certificates were added to your trust store.", additions);
X509CertificateCollection removed = new X509CertificateCollection ();
foreach (X509Certificate trust in trusted) {
if (!roots.Contains (trust)) {
removed.Add (trust);
}
}
if (removed.Count > 0) {
if (confirmRemoval) {
WriteLine ("{0} previously trusted certificates were not part of the update.", removed.Count);
} else {
WriteLine ("{0} previously trusted certificates were removed.", removed.Count);
}
foreach (X509Certificate old in removed) {
if (!confirmRemoval || AskConfirmation ("remove", old)) {
stores.TrustedRoot.Remove (old);
if (confirmRemoval)
WriteLine ("Certificate removed.{0}", Environment.NewLine);
}
}
}
WriteLine ("Import process completed.{0}", Environment.NewLine);
}
return 0;
}
