public bool Check(string hostname, byte[] certificate) { if (!Pins.ContainsKey(hostname)) { Debug.WriteLine($"No certificate pin found for {hostname}"); return(false); } // Get pins string[] pins = Pins[hostname]; // Compute spki fingerprint var spkiFingerprint = SpkiFingerprint.Compute(certificate); // Check pin var match = Array.IndexOf(pins, spkiFingerprint) > -1; if (match) { Debug.WriteLine($"Certificate pin is ok for {hostname}"); } else { Debug.WriteLine($"Certificate pinning failure! Peer certificate chain: {spkiFingerprint}, Pinned certificates for {hostname}: {string.Join("|", pins)}"); } return(match); }
public bool Check(string hostname, List <X509Certificate2> peerCertificates) { if (!HasPins(hostname)) { Debug.WriteLine($"No certificate pin found for {hostname}"); return(false); } hostname = Pins.FirstOrDefault(p => Utility.MatchHostnameToPattern(hostname, p.Key)).Key; // Get pins string[] pins = Pins[hostname]; // Skip pinning with empty array if (pins == null || pins.Length == 0) { return(true); } foreach (var certificate in peerCertificates) { // Compute spki fingerprint var spkiFingerprint = SpkiFingerprint.Compute(certificate.RawData); // Check pin if (Array.IndexOf(pins, spkiFingerprint) > -1) { Debug.WriteLine($"Certificate pin {spkiFingerprint} is ok for {hostname}"); return(true); } } Debug.WriteLine($"Certificate pinning failure! Peer certificate chain for {hostname}: {string.Join("|", pins)}"); return(false); }
public bool Check(string hostname, byte[] certificate) { if (!HasPins(hostname)) { Debug.WriteLine($"No certificate pin found for {hostname}"); return(false); } hostname = Pins.FirstOrDefault(p => Utility.MatchHostnameToPattern(hostname, p.Key)).Key; // Get pins string[] pins = Pins[hostname]; // Skip pinning with empty array if (pins == null || pins.Length == 0) { return(true); } // Compute spki fingerprint var spkiFingerprint = SpkiFingerprint.Compute(certificate); // Check pin var match = Array.IndexOf(pins, spkiFingerprint) > -1; if (match) { Debug.WriteLine($"Certificate pin is ok for {hostname}"); } else { Debug.WriteLine($"Certificate pinning failure! Peer certificate chain: {spkiFingerprint}, Pinned certificates for {hostname}: {string.Join("|", pins)}"); } return(match); }