static int Process (string[] args) { int nargs = args.Length - 1; if (nargs < 1) { error = "At least one input and output files must be specified"; return 1; } string output = args [nargs]; SoftwarePublisherCertificate spc = new SoftwarePublisherCertificate (); for (int i=0; i < args.Length - 1; i++) { switch (Path.GetExtension (args[i]).ToLower ()) { case ".cer": case ".crt": spc.Certificates.Add (new X509Certificate (GetFile (args[i]))); break; case ".crl": spc.Crls.Add (GetFile (args[i])); break; default: error = "Unknown file extension : " + args[i]; return 1; } } using (FileStream fs = File.Open (output, FileMode.Create, FileAccess.Write)) { byte[] data = spc.GetBytes (); fs.Write (data, 0, data.Length); fs.Close (); } return 0; }
public void CompareReadNavy () { WriteBuffer (navy, false, false, false); SoftwarePublisherCertificate spc = SoftwarePublisherCertificate.CreateFromFile (testfile); SoftwarePublisherCertificate newspc = new SoftwarePublisherCertificate (); foreach (MSX.X509Certificate x in spc.Certificates) newspc.Certificates.Add (x); foreach (byte[] crl in spc.Crls) newspc.Crls.Add (crl); byte[] newnavy = newspc.GetBytes (); Assert.AreEqual (navy, newnavy, "navy.compare"); SoftwarePublisherCertificate newerspc = new SoftwarePublisherCertificate (newnavy); Assert.AreEqual (3, newerspc.Certificates.Count, "navy.Certificates"); Assert.AreEqual (2, newerspc.Crls.Count, "navy.Crl"); }
public void CompareCRLOnly () { WriteBuffer (crlonly, false, false, false); SoftwarePublisherCertificate spc = SoftwarePublisherCertificate.CreateFromFile (testfile); SoftwarePublisherCertificate newspc = new SoftwarePublisherCertificate (); newspc.Crls.Add (spc.Crls [0]); byte[] newcrlonly = newspc.GetBytes (); Assert.AreEqual (crlonly, newcrlonly, "crlonly.compare"); SoftwarePublisherCertificate newerspc = new SoftwarePublisherCertificate (newcrlonly); Assert.AreEqual (0, newerspc.Certificates.Count, "crlonly.Certificates"); Assert.AreEqual (1, newerspc.Crls.Count, "crlonly.Crl"); }
public void CompareCertificateOnly () { WriteBuffer (certonly); SoftwarePublisherCertificate spc = SoftwarePublisherCertificate.CreateFromFile (testfile); SoftwarePublisherCertificate newspc = new SoftwarePublisherCertificate (); newspc.Certificates.Add (spc.Certificates [0]); byte[] newcertonly = newspc.GetBytes (); AssertEquals ("certonly.compare", certonly, newcertonly); SoftwarePublisherCertificate newerspc = new SoftwarePublisherCertificate (newcertonly); AssertEquals ("certonly.Certificates", 1, newerspc.Certificates.Count); AssertEquals ("certonly.Crl", 0, newerspc.Crls.Count); }
static int Process () { X509CertificateCollection roots = DecodeCollection (); if (roots == null) { return 1; } else if (roots.Count == 0) { WriteLine ("No certificates were found."); return 0; } if (pkcs7filename != null) { SoftwarePublisherCertificate pkcs7 = new SoftwarePublisherCertificate (); pkcs7.Certificates.AddRange (roots); WriteLine ("Saving root certificates into '{0}' file...", pkcs7filename); using (FileStream fs = File.OpenWrite (pkcs7filename)) { byte[] data = pkcs7.GetBytes (); fs.Write (data, 0, data.Length); fs.Close (); } } if (import) { WriteLine ("Importing certificates into {0} store...", machine ? "machine" : "user"); X509Stores stores = (machine ? X509StoreManager.LocalMachine : X509StoreManager.CurrentUser); X509CertificateCollection trusted = stores.TrustedRoot.Certificates; int additions = 0; foreach (X509Certificate root in roots) { if (!trusted.Contains (root)) { if (!confirmAddition || AskConfirmation ("add", root)) { stores.TrustedRoot.Import (root); if (confirmAddition) WriteLine ("Certificate added.{0}", Environment.NewLine); additions++; } } } if (additions > 0) WriteLine ("{0} new root certificates were added to your trust store.", additions); X509CertificateCollection removed = new X509CertificateCollection (); foreach (X509Certificate trust in trusted) { if (!roots.Contains (trust)) { removed.Add (trust); } } if (removed.Count > 0) { if (confirmRemoval) { WriteLine ("{0} previously trusted certificates were not part of the update.", removed.Count); } else { WriteLine ("{0} previously trusted certificates were removed.", removed.Count); } foreach (X509Certificate old in removed) { if (!confirmRemoval || AskConfirmation ("remove", old)) { stores.TrustedRoot.Remove (old); if (confirmRemoval) WriteLine ("Certificate removed.{0}", Environment.NewLine); } } } WriteLine ("Import process completed.{0}", Environment.NewLine); } return 0; }
static int Process () { ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { if (sslPolicyErrors != System.Net.Security.SslPolicyErrors.None) Console.WriteLine ("WARNING: Downloading the trusted certificate list couldn't be done securely (error: {0}), continuing anyway. If you're using mozroots to bootstrap Mono's trust store on a clean system this might be OK, otherwise it could indicate a network intrusion. Please ensure you're using a trusted network or move to cert-sync.", sslPolicyErrors); // this is very bad, but on a clean system without an existing trust store we don't really have a better option return true; }; X509CertificateCollection roots = DecodeCollection (); if (roots == null) { return 1; } else if (roots.Count == 0) { WriteLine ("No certificates were found."); return 0; } if (pkcs7filename != null) { SoftwarePublisherCertificate pkcs7 = new SoftwarePublisherCertificate (); pkcs7.Certificates.AddRange (roots); WriteLine ("Saving root certificates into '{0}' file...", pkcs7filename); using (FileStream fs = File.OpenWrite (pkcs7filename)) { byte[] data = pkcs7.GetBytes (); fs.Write (data, 0, data.Length); fs.Close (); } } if (import) { WriteLine ("Importing certificates into {0} store...", machine ? "machine" : "user"); X509Stores stores = (machine ? X509StoreManager.LocalMachine : X509StoreManager.CurrentUser); X509CertificateCollection trusted = stores.TrustedRoot.Certificates; int additions = 0; foreach (X509Certificate root in roots) { if (!trusted.Contains (root)) { if (!confirmAddition || AskConfirmation ("add", root)) { stores.TrustedRoot.Import (root); if (confirmAddition) WriteLine ("Certificate added.{0}", Environment.NewLine); additions++; } } } if (additions > 0) WriteLine ("{0} new root certificates were added to your trust store.", additions); X509CertificateCollection removed = new X509CertificateCollection (); foreach (X509Certificate trust in trusted) { if (!roots.Contains (trust)) { removed.Add (trust); } } if (removed.Count > 0) { if (confirmRemoval) { WriteLine ("{0} previously trusted certificates were not part of the update.", removed.Count); } else { WriteLine ("{0} previously trusted certificates were removed.", removed.Count); } foreach (X509Certificate old in removed) { if (!confirmRemoval || AskConfirmation ("remove", old)) { stores.TrustedRoot.Remove (old); if (confirmRemoval) WriteLine ("Certificate removed.{0}", Environment.NewLine); } } } WriteLine ("Import process completed.{0}", Environment.NewLine); } return 0; }