2
// FSpotTabbloExport.ApplicationCentricCertificatePolicy
5
// Wojciech Dzierzanowski (wojciech.dzierzanowski@gmail.com)
7
// (C) Copyright 2008 Wojciech Dzierzanowski
10
// Permission is hereby granted, free of charge, to any person obtaining
11
// a copy of this software and associated documentation files (the
12
// "Software"), to deal in the Software without restriction, including
13
// without limitation the rights to use, copy, modify, merge, publish,
14
// distribute, sublicense, and/or sell copies of the Software, and to
15
// permit persons to whom the Software is furnished to do so, subject to
16
// the following conditions:
18
// The above copyright notice and this permission notice shall be
19
// included in all copies or substantial portions of the Software.
21
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
22
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
23
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
24
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
25
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
26
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
27
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
31
using System.Collections.Generic;
32
using System.Diagnostics;
34
using System.IO.IsolatedStorage;
36
using System.Runtime.Serialization;
37
using System.Runtime.Serialization.Formatters.Binary;
38
using System.Security.Cryptography.X509Certificates;
42
namespace FSpotTabbloExport {
44
class ApplicationCentricCertificatePolicy : ICertificatePolicy {
46
protected enum Decision {
52
private Dictionary<string, int> cert_hashes;
54
private static readonly IsolatedStorageFile isolated_store =
55
IsolatedStorageFile.GetUserStoreForAssembly ();
57
private const string StoreName = "cert_hashes";
60
public bool CheckValidationResult (ServicePoint service_point,
61
X509Certificate certificate,
65
Log.DebugFormat ("Checking validation result for {0}: problem={1}", request.RequestUri, problem);
71
// Only try to deal with the problem if it is a trust
73
if (-2146762486 != problem) {
79
string hash = certificate.GetCertHashString ();
80
Log.DebugFormat ("Certificate hash: " + hash);
82
int stored_problem = 0;
83
if (cert_hashes.TryGetValue (hash, out stored_problem)
84
&& problem == stored_problem) {
85
Log.DebugFormat ("We already trust this site");
89
Decision decision = GetDecision (certificate, request);
90
Log.DebugFormat ("Decision: " + decision);
93
case Decision.DontTrust:
95
case Decision.TrustOnce:
97
case Decision.TrustAlways:
98
SaveCertificate (hash, problem);
101
Debug.Assert (false, "Unknown decision");
107
protected virtual Decision GetDecision (
108
X509Certificate certificate,
111
Decision decision = Decision.DontTrust;
112
Log.DebugFormat ("Making the default decision: " + decision);
117
private void LoadCertificates ()
119
using (IsolatedStorageFileStream isol_stream =
120
new IsolatedStorageFileStream (
122
FileMode.OpenOrCreate,
126
BinaryFormatter formatter =
127
new BinaryFormatter ();
128
cert_hashes = (Dictionary<string, int>)
129
formatter.Deserialize (
131
} catch (SerializationException e) {
137
if (null == cert_hashes) {
138
cert_hashes = new Dictionary<string,int> ();
143
private void SaveCertificate (string hash, int problem)
145
cert_hashes.Add (hash, problem);
147
using (IsolatedStorageFileStream isolated_stream =
148
new IsolatedStorageFileStream (
150
FileMode.OpenOrCreate,
154
BinaryFormatter formatter =
155
new BinaryFormatter ();
156
formatter.Serialize (isolated_stream,
158
} catch (SerializationException e) {