2 // cert-sync.cs: Import the root certificates from Linux SSL store into Mono
5 // Sebastien Pouliot <sebastien@ximian.com>
6 // Jo Shields <jo.shields@xamarin.com>
8 // Copyright (C) 2005 Novell, Inc (http://www.novell.com)
9 // Copyright (C) 2014 Xamarin, Inc (http://www.xamarin.com)
11 // Permission is hereby granted, free of charge, to any person obtaining
12 // a copy of this software and associated documentation files (the
13 // "Software"), to deal in the Software without restriction, including
14 // without limitation the rights to use, copy, modify, merge, publish,
15 // distribute, sublicense, and/or sell copies of the Software, and to
16 // permit persons to whom the Software is furnished to do so, subject to
17 // the following conditions:
19 // The above copyright notice and this permission notice shall be
20 // included in all copies or substantial portions of the Software.
22 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
23 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
24 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
25 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
26 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
27 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
32 using System.Collections;
35 using System.Reflection;
36 using System.Security.Cryptography;
39 using Mono.Security.X509;
41 [assembly: AssemblyTitle ("Linux Cert Store Sync")]
42 [assembly: AssemblyDescription ("Synchronize local certs with certs from local Linux trust store.")]
50 static string inputFile;
53 static X509Certificate DecodeCertificate (string s)
55 byte[] rawdata = Convert.FromBase64String (s);
56 return new X509Certificate (rawdata);
59 static Stream GetFile ()
62 if (inputFile != null) {
63 return File.OpenRead (inputFile);
72 static X509CertificateCollection DecodeCollection ()
74 X509CertificateCollection roots = new X509CertificateCollection ();
75 StringBuilder sb = new StringBuilder ();
76 bool processing = false;
78 using (Stream s = GetFile ()) {
80 WriteLine ("Couldn't retrieve the file using the supplied information.");
84 StreamReader sr = new StreamReader (s);
86 string line = sr.ReadLine ();
91 if (line.StartsWith ("-----END CERTIFICATE-----")) {
93 X509Certificate root = DecodeCertificate (sb.ToString ());
96 sb = new StringBuilder ();
101 processing = line.StartsWith ("-----BEGIN CERTIFICATE-----");
108 static int Process ()
110 X509CertificateCollection roots = DecodeCollection ();
113 } else if (roots.Count == 0) {
114 WriteLine ("No certificates were found.");
118 X509Stores stores = (X509StoreManager.LocalMachine);
119 X509CertificateCollection trusted = stores.TrustedRoot.Certificates;
121 WriteLine ("I already trust {0}, your new list has {1}", trusted.Count, roots.Count);
122 foreach (X509Certificate root in roots) {
123 if (!trusted.Contains (root)) {
125 stores.TrustedRoot.Import (root);
126 WriteLine ("Certificate added: {0}", root.SubjectName);
128 WriteLine ("Warning: Could not import {0}");
134 WriteLine ("{0} new root certificates were added to your trust store.", additions);
136 X509CertificateCollection removed = new X509CertificateCollection ();
137 foreach (X509Certificate trust in trusted) {
138 if (!roots.Contains (trust)) {
142 if (removed.Count > 0) {
143 WriteLine ("{0} previously trusted certificates were removed.", removed.Count);
145 foreach (X509Certificate old in removed) {
146 stores.TrustedRoot.Remove (old);
147 WriteLine ("Certificate removed: {0}", old.SubjectName);
150 WriteLine ("Import process completed.");
154 static string Thumbprint (string algorithm, X509Certificate certificate)
156 HashAlgorithm hash = HashAlgorithm.Create (algorithm);
157 byte[] digest = hash.ComputeHash (certificate.RawData);
158 return BitConverter.ToString (digest);
161 static bool ParseOptions (string[] args)
166 for (int i = 0; i < args.Length - 1; i++) {
172 WriteLine ("Unknown option '{0}'.");
176 inputFile = args [args.Length - 1];
177 if (!File.Exists (inputFile)) {
178 WriteLine ("Unknown option or file not found '{0}'.");
184 static void Header ()
186 Console.WriteLine (new AssemblyInfo ().ToString ());
191 Console.WriteLine ("Usage: cert-sync [--quiet] system-ca-bundle.crt");
192 Console.WriteLine ("Where system-ca-bundle.crt is in PEM format");
195 static void WriteLine (string str)
198 Console.WriteLine (str);
201 static void WriteLine (string format, params object[] args)
204 Console.WriteLine (format, args);
207 static int Main (string[] args)
210 if (!ParseOptions (args)) {
219 } catch (Exception e) {
220 // ignore quiet on exception
221 Console.WriteLine ("Error: {0}", e);