Imported Upstream version 3.6.0

Former-commit-id: da6be194a6b1221998fc28233f2503bd61dd9d14

mcs/tools/security/certview/CertificateFormatter.cs

@@ -0,0 +1,387 @@
+//
+// CertificateFormatter.cs: Certificate Formatter (not GUI specific)
+//
+// Author:
+//	Sebastien Pouliot  <sebastien@ximian.com>
+//
+// (C) 2003 Motus Technologies Inc. (http://www.motus.com)
+// (C) 2004 Novell (http://www.novell.com)
+//
+
+using System;
+using System.Collections;
+using System.Configuration;
+using System.IO;
+using System.Reflection;
+using System.Security.Cryptography;
+using System.Text;
+
+using Mono.Security.X509;
+using Mono.Security.X509.Extensions;
+
+namespace Mono.Tools.CertView {
+
+	public class CertificateFormatter {
+
+		public class FieldNames {
+			public FieldNames () {}
+
+			public const string Version = "Version";
+			public const string SerialNumber = "Serial number";
+			public const string SignatureAlgorithm = "Signature algorithm";
+			public const string Issuer = "Issuer";
+			public const string ValidFrom = "Valid from";
+			public const string ValidUntil = "Valid until";
+			public const string Subject = "Subject";
+			public const string PublicKey = "Public key";
+		}
+
+		public class PropertyNames {
+			public PropertyNames () {}
+
+			public const string ThumbprintAlgorithm = "Thumbprint algorithm";
+			public const string Thumbprint = "Thumbprint";
+		}
+
+		public class Help {
+			public Help () {}
+
+			public const string IssuedBy = "This is the distinguished name (DN) of the certificate authority (CA) that issued this certificate.";
+			public const string IssuedTo = "This is the distinguished name (DN) of the entity (individual, device or organization) to whom the certificate was issued.";
+			public const string ValidFrom = "This certificate isn't valid before the specified date.";
+			public const string ValidUntil = "This certificate isn't valid after the specified date. This also means that the certificate authority (CA) won't publish the status of the certificate after this date.";
+		}
+
+		private const string untrustedRoot = "This root certificate isn't part of your trusted root store. Please read your documentation carefully before adding a new root certificate in your trusted store.";
+		private const string unknownCriticalExtension = "This certificate contains unknown critical extensions and shouldn't be used by applications that can't process those extensions.";
+		private const string noSignatureCheck = "The signature of the certificate can;t be verified without the issuer certificate.";
+		private const string noValidation = "No CRL, nor an OCSP responder, has been found to validate the status of the certificate.";
+		private const string unsupportedHash = "The {0} algorithm is unsupported by the .NET Framework. The certificate signature cannot be verified.";
+
+		private string thumbprintAlgorithm;
+		private X509Certificate x509;
+		private string status;
+		private string[] subjectAltName;
+
+		private static string defaultThumbprintAlgo;
+		private static Hashtable extensions;
+
+		static CertificateFormatter () 
+		{
+			IDictionary tb = (IDictionary) ConfigurationSettings.GetConfig ("Thumbprint");
+			defaultThumbprintAlgo = ((tb != null) ? (string) tb ["Algorithm"] : "SHA1");
+
+			extensions = new Hashtable ();
+			IDictionary exts = (IDictionary) ConfigurationSettings.GetConfig ("X509.Extensions");
+			if (exts != null) {
+				foreach (DictionaryEntry ext in exts)
+					extensions.Add (ext.Key, ext.Value);
+			}
+		}
+
+		private X509Extension CreateExtensionFromOid (string oid, object[] args) 
+		{
+			try {
+				Type algoClass = null;
+				string algo = (string) extensions [oid];
+				// do we have an entry
+				if (algo == null)
+					return (X509Extension) args [0];
+				algoClass = Type.GetType (algo);
+				// call the constructor for the type
+				return (X509Extension) Activator.CreateInstance (algoClass, args);
+			}
+			catch {
+				// method doesn't throw any exception
+				return (X509Extension) args [0];
+			}
+		}
+
+		public CertificateFormatter (string filename)
+		{
+			byte[] data = null;
+			using (FileStream fs = File.Open (filename, FileMode.Open, FileAccess.Read, FileShare.Read)) {
+        			data = new byte [fs.Length];
+        			fs.Read (data, 0, data.Length);
+        			fs.Close ();
+       			}
+       			
+       			if ((data != null) && (data.Length > 0)) {
+        			X509Certificate x509 = null;
+        			if (data [0] != 0x30) {
+        				// it may be PEM encoded
+        				data = FromPEM (data);
+        			}
+        			
+        			if (data [0] == 0x30) {
+        				x509 = new X509Certificate (data);
+                			if (x509 != null) {
+                				Initialize (x509);
+                			}
+        			}
+			}
+		}
+		
+		private byte[] FromPEM (byte[] data) 
+		{
+			string pem = Encoding.ASCII.GetString (data);
+			int start = pem.IndexOf ("-----BEGIN CERTIFICATE-----");
+			if (start < 0)
+				return null;
+
+			start += 27; // 27 being the -----BEGIN CERTIFICATE----- length
+			int end = pem.IndexOf ("-----END CERTIFICATE-----", start);
+			if (end < start)
+				return null;
+				
+			string base64 = pem.Substring (start, (end - start));
+			return Convert.FromBase64String (base64);
+		}
+
+		public CertificateFormatter (X509Certificate cert)
+		{
+			Initialize (cert);
+		}
+
+		internal void Initialize (X509Certificate cert) 
+		{
+			x509 = cert;
+			thumbprintAlgorithm = defaultThumbprintAlgo;
+			try {
+				// preprocess some informations
+				foreach (X509Extension xe in x509.Extensions) {
+					if ((!extensions.ContainsKey (xe.Oid)) && (xe.Critical))
+						status = unknownCriticalExtension;
+					if (xe.Oid == "2.5.29.17") {
+						SubjectAltNameExtension san = new SubjectAltNameExtension (xe);
+						subjectAltName = san.RFC822;
+					}
+				}
+				
+				if (x509.IsSelfSigned) {
+					status = untrustedRoot;
+				}
+			}
+			catch (Exception e) {
+				status = e.ToString ();
+			}
+		}
+
+		public X509Certificate Certificate {
+			get { return x509; }
+		}
+
+		public string Status {
+			get { return status; }
+		}
+
+		public X509Extension GetExtension (int i) 
+		{
+			X509Extension xe = x509.Extensions [i];
+			object[] extn = new object [1] { xe };
+			return CreateExtensionFromOid (xe.Oid, extn); 
+		}
+
+		public string Extension (int i, bool detailed) 
+		{
+			X509Extension xe = x509.Extensions [i];
+			if (!detailed)
+				return Array2Word (xe.Value.Value);
+			return Extension2String (x509.Extensions[i].Value.Value);
+		}
+
+		private string DN (string dname, bool detailed) 
+		{
+			string[] a = dname.Split (',');
+			StringBuilder sb = new StringBuilder ();
+
+			if (detailed) {
+				foreach (string s in a) {
+					string s2 = s.Trim () + Environment.NewLine;
+					sb.Insert (0, s2.Replace ("=", " = "));
+				}
+			}
+			else {
+				foreach (string s in a) {
+					string s2 = s.Trim ();
+					sb.Insert (0, s2.Substring (s2.IndexOf ("=") + 1) + ", ");
+				}
+				// must remove last ", "
+				sb.Remove (sb.Length - 2, 2);
+			}
+
+			return sb.ToString();
+		}
+
+		public string Issuer (bool detailed) 
+		{
+			return DN (x509.IssuerName, detailed);
+		}
+
+		public string PublicKey (bool detailed) 
+		{
+			if (detailed)
+				return Array2Word (x509.PublicKey);
+
+			if (x509.RSA != null)
+				return "RSA (" + x509.RSA.KeySize + " Bits)";
+			else if (x509.DSA != null)
+				return "DSA (" + x509.DSA.KeySize + " Bits)";
+			return "Unknown key type (unknown key size)";
+		}
+
+		public string SerialNumber (bool detailed) 
+		{
+			byte[] sn = (byte[]) x509.SerialNumber.Clone ();
+			Array.Reverse (sn);
+			return CertificateFormatter.Array2Word (sn);
+		}
+
+		public string Subject (bool detailed) 
+		{
+			return DN (x509.SubjectName, detailed);
+		}
+
+		public string SubjectAltName (bool detailed) 
+		{
+			if ((subjectAltName == null) || (subjectAltName.Length < 1))
+				return String.Empty;
+			if (!detailed)
+				return "mailto:" + subjectAltName [0];
+
+			StringBuilder sb = new StringBuilder ();
+			foreach (string s in subjectAltName) {
+				sb.Append (s);
+				sb.Append (Environment.NewLine);
+			}
+			return sb.ToString ();
+		}
+
+		public string SignatureAlgorithm (bool detailed) 
+		{
+			string result = null;
+
+			switch (x509.SignatureAlgorithm) {
+				case "1.2.840.10040.4.3":
+					result = "sha1DSA";
+					break;
+				case "1.2.840.113549.1.1.2":
+					result = "md2RSA";
+					status = String.Format (unsupportedHash, "MD2");
+					break;
+				case "1.2.840.113549.1.1.3":
+					result = "md4RSA";
+					status = String.Format (unsupportedHash, "MD4");
+					break;
+				case "1.2.840.113549.1.1.4":
+					result = "md5RSA";
+					break;
+				case "1.2.840.113549.1.1.5":
+					result = "sha1RSA";
+					break;
+				case "1.3.14.3.2.29":
+					result = "sha1WithRSASignature";
+					break;
+				default:
+					result = x509.SignatureAlgorithm;
+					if (detailed)
+						return "unknown (" + result + ")";
+					return result;
+			}
+			if (detailed)
+				result += " (" + x509.SignatureAlgorithm + ")";
+			return result;
+		}
+
+		public string ThumbprintAlgorithm {
+			get { return thumbprintAlgorithm.ToLower (); }
+			set { thumbprintAlgorithm = value; }
+		}
+
+		public byte[] Thumbprint {
+			get {
+				HashAlgorithm ha = HashAlgorithm.Create (thumbprintAlgorithm);
+				return ha.ComputeHash (x509.RawData);
+			}
+		}
+
+		public string ValidFrom (bool detailed) 
+		{
+			return x509.ValidFrom.ToString ();
+		}
+
+		public string ValidUntil (bool detailed) 
+		{
+			return x509.ValidUntil.ToString ();
+		}
+
+		public string Version (bool detailed)
+		{
+			return "V" + x509.Version;
+		}
+
+		static public string OneLine (string input) 
+		{
+			// remove tabulation
+			string oneline = input.Replace ("\t", "");
+			// remove new lines after :
+			oneline = oneline.Replace (":" + Environment.NewLine, ":");
+			// remove ending new line (if present)
+			if (oneline.EndsWith (Environment.NewLine))
+				oneline = oneline.Substring (0, oneline.Length - Environment.NewLine.Length);
+			// replace remaining new lines by comma + space
+			return oneline.Replace (Environment.NewLine, ", ");
+		}
+
+		static public string Array2Word (byte[] array) 
+		{
+			StringBuilder sb = new StringBuilder ();
+			int x = 0;
+			while (x < array.Length) {
+				sb.Append (array [x].ToString ("X2"));
+				if (x % 2 == 1)
+					sb.Append (" ");
+				x++;
+			}
+			return sb.ToString ();
+		}
+
+		static private void WriteLine (StringBuilder sb, byte[] extnValue, int n, int pos) 
+		{
+			int p = pos;
+			StringBuilder preview = new StringBuilder ();
+			for (int j=0; j < 8; j++) {
+				if (j < n) {
+					sb.Append (extnValue [p++].ToString ("X2"));
+					sb.Append (" ");
+				}
+				else
+					sb.Append ("   ");
+			}
+			sb.Append ("  ");
+			p = pos;
+			for (int j=0; j < n; j++) {
+				byte b = extnValue [p++];
+				if (b < 0x20)
+					sb.Append (".");
+				else
+					sb.Append (Convert.ToChar (b));
+			}
+			sb.Append (Environment.NewLine);
+		}
+
+		static public string Extension2String (byte[] extnValue) 
+		{
+			StringBuilder sb = new StringBuilder ();
+			int div = (extnValue.Length >> 3);
+			int rem = (extnValue.Length - (div << 3));
+			int x = 0;
+			for (int i=0; i < div; i++) {
+				WriteLine (sb, extnValue, 8, x);
+				x += 8;
+			}
+			WriteLine (sb, extnValue, rem, x);
+			return sb.ToString ();
+		}
+	}
+}

mcs/tools/security/certview/ChangeLog

@@ -0,0 +1,52 @@
+2005-09-05  Sebastien Pouliot  <sebastien@ximian.com>
+
+	* certview.glade: Removed filenames for bitmaps.
+	* gcertview.cs: Fix compilation. Use resources not files for UI stuff.
+	* CertificateFormatter.cs: Fix compilation.
+	* Makefile: Build Gtk# version using resources. Minor fixes.
+	* TODO: All future development will occur in mono-tools.
+
+2004-03-21  Sebastien Pouliot  <sebastien@ximian.com>
+
+	* ChangeLog: commited missing ChangeLog entries.
+
+2004-03-10  Sebastien Pouliot  <sebastien@ximian.com>
+
+	* CertificateFormatter.cs: Support PEM (base64) certificates. Removed
+	temporary comments for MCS bug.
+	* certview.exe.config: Added KeyAttributesExtension extension.
+	* gcertview.cs: Updated to work with latest Gtk#.
+	* gcertview.exe.config: Added KeyAttributesExtension extension.
+	* Makefile: Re-added the /win32icon:mono.ico (now supported by mcs).
+	* TODO: New. Incomplete TODO for X.509 GUI tools
+
+2003-06-15  Sebastien Pouliot  <spouliot@videotron.ca>
+
+	* .cvsignore: Ignore generated files (remove with make clean).
+	* CertificateFormatter.cs: Commented 2 lines as it didn't compile
+	with MCS (but did compile with CSC).
+	* gcertview.cs: Change app.ico (non-existing) to mono.bmp (16x16).
+	* gcertview.exe.config: New. Configuration file for gcertview (same
+	as certview.exe.config except it reference gcertview.exe instead of 
+	certview.exe).
+	* makefile: Updated for linux by Ben Maurer.
+
+2003-06-14  Sebastien Pouliot  <spouliot@videotron.ca>
+
+	* CertificateViewer.cs: New. SFW-based certificate viewer.
+	* CertificateViewer.resx: New. SWF Resource file.
+	* CertificateFormatter.cs: New. Not GUI specific.
+	* certview.exe.config: New. Configuration file for certview.
+	* certview.glade: New. GUI for GTK#.
+	* certview.gladep: New. Project file for GLADE.
+	* gcertview.cs: New. GTK#-based certificate viewer.
+	* makefile: New. makefile for both SWF and GTK# viewers.
+	* mono.bmp: New. 16x16 bitmap for Mono::
+	* mono.ico: New. 32x32 windows icon for Mono::
+	* v1.bmp: New. 16x16 bitmap for X.509 v1 properties/extensions.
+	* v2.bmp: New. 16x16 bitmap for X.509 v2 properties/extensions.
+	* v3.bmp: New. 16x16 bitmap for X.509 v3 properties/extensions.
+	* v3critical.bmp: New. 16x16 bitmap for X.509 v3 critical extensions.
+	* wax-seal.png: New. Bitmap for valid certificate.
+	* wax-seal-broken.png: Bitmap for invalid certificate.
+	* X509ExtensionsHandler.cs: Configuration file parser.

mcs/tools/security/certview/Makefile

@@ -0,0 +1,53 @@
+thisdir = tools/security/certview
+SUBDIRS = 
+include ../../../build/rules.make
+
+RESGEN = resgen
+LOCAL_MCS_FLAGS = /lib:$(topdir)/class/lib /r:Mono.Security.dll /r:System.Xml.dll /win32icon:mono.ico
+
+# SWF isn't quite good enough to build this yet.
+
+all-local: certview.exe
+
+install-local:
+	$(MKINSTALLDIRS) $(DESTDIR)$(prefix)/bin
+	$(INSTALL_BIN) certview.exe $(DESTDIR)$(prefix)/bin
+
+clean-local:
+	rm -f *.exe *.resources
+
+test-local run-test-local:
+
+DISTFILES = \
+	CertificateViewer.cs 		\
+	CertificateFormatter.cs 		\
+	X509ExtensionsHandler.cs	\
+	certview.exe.config		\
+	certview.glade 			\
+	certview.gladep 		\
+	gcertview.cs			\
+	gcertview.exe.config		\
+	mono.ico				\
+	$(resources)
+
+resources = $(wildcard *.bmp)		\
+	$(wildcard *.png)
+
+dist-local: dist-default
+
+sources = CertificateViewer.cs CertificateFormatter.cs X509ExtensionsHandler.cs ../AssemblyInfo.cs ../../../build/common/Consts.cs
+cv_libs = /r:System.Windows.Forms.dll /r:System.Drawing.dll
+gcv_libs = -pkg:gtk-sharp -pkg:glade-sharp
+
+certview.exe: $(sources) Mono.Tools.CertView.CertificateViewer.resources
+	$(CSCOMPILE) $(cv_libs) -resource:Mono.Tools.CertView.CertificateViewer.resources $(sources)
+
+# We can't make this by default since it relies on GTK#
+
+ress= $(foreach res,$(resources), $(addprefix -resource:,$(res)),$(notdir $(res)))
+
+gcertview.exe: gcertview.cs CertificateFormatter.cs X509ExtensionsHandler.cs ../AssemblyInfo.cs ../../../build/common/Consts.cs
+	$(CSCOMPILE) $(gcv_libs) $^ -resource:certview.glade $(ress)
+
+Mono.Tools.CertView.CertificateViewer.resources: CertificateViewer.resx
+	$(RESGEN) $^ $@

mcs/tools/security/certview/X509ExtensionsHandler.cs

@@ -0,0 +1,37 @@
+//
+// ExtensionsHandler.cs: Extensions Configuration Handler (not GUI specific)
+//
+// Author:
+//	Sebastien Pouliot (spouliot@motus.com)
+//
+// (C) 2003 Motus Technologies Inc. (http://www.motus.com)
+//
+
+using System;
+using System.Collections;
+using System.Configuration;
+using System.Xml;
+
+namespace Mono.Tools.CertView {
+
+	public class X509ExtensionsHandler : DictionarySectionHandler {
+
+		public X509ExtensionsHandler () : base () {}
+
+		public override object Create (object parent, object context, XmlNode section) 
+		{
+			XmlNodeList xnl = section.SelectNodes ("/X509.Extensions/Extension");
+			if (xnl == null)
+				return null;
+
+			Hashtable ht = new Hashtable ();
+			foreach (XmlNode xn in xnl) {
+				XmlAttribute xaOid = xn.Attributes ["OID"];
+				XmlAttribute xaClass = xn.Attributes ["Class"];
+				if ((xaOid != null) && (xaClass != null))
+					ht.Add (xaOid.InnerText, xaClass.InnerText);
+			}
+			return ht;
+		}
+	}
+}

mcs/tools/security/certview/certview.exe.config

@@ -0,0 +1,22 @@
+<configuration>
+	<configSections>
+		<section name="Thumbprint" type="System.Configuration.SingleTagSectionHandler" />
+		<section name="X509.Extensions" type="Mono.Tools.CertView.X509ExtensionsHandler, certview, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+	</configSections>
+
+	<Thumbprint Algorithm="SHA1" />
+
+	<X509.Extensions>
+		<Extension OID="2.5.29.2" Class="Mono.Security.X509.Extensions.KeyAttributesExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.14" Class="Mono.Security.X509.Extensions.SubjectKeyIdentifierExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.15" Class="Mono.Security.X509.Extensions.KeyUsageExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.16" Class="Mono.Security.X509.Extensions.PrivateKeyUsagePeriodExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.17" Class="Mono.Security.X509.Extensions.SubjectAltNameExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.19" Class="Mono.Security.X509.Extensions.BasicConstraintsExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.31" Class="Mono.Security.X509.Extensions.CRLDistributionPointsExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.32" Class="Mono.Security.X509.Extensions.CertificatePoliciesExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.35" Class="Mono.Security.X509.Extensions.AuthorityKeyIdentifierExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.37" Class="Mono.Security.X509.Extensions.ExtendedKeyUsageExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.16.840.1.113730.1.1" Class="Mono.Security.X509.Extensions.NetscapeCertTypeExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+	</X509.Extensions>
+</configuration>

mcs/tools/security/certview/certview.gladep

@@ -0,0 +1,7 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-project SYSTEM "http://glade.gnome.org/glade-project-2.0.dtd">
+
+<glade-project>
+  <name>certview</name>
+  <program_name>certview</program_name>
+</glade-project>

mcs/tools/security/certview/gcertview.cs

@@ -0,0 +1,294 @@
+//
+// gcertview.cs: GTK# Certificate Viewer
+//
+// Author:
+//	Sebastien Pouliot  <sebastien@ximian.com>
+//
+// (C) 2003 Motus Technologies Inc. (http://www.motus.com)
+// (C) 2004 Novell (http://www.novell.com)
+//
+
+using System;
+using System.IO;
+using System.Reflection;
+
+using Mono.Security.X509;
+
+using Gdk;
+using Gtk;
+using Glade;
+using GLib;
+using GtkSharp;
+
+[assembly: AssemblyTitle("Mono Certificate Viewer")]
+[assembly: AssemblyDescription("X.509 Certificate Viewer for GTK#")]
+
+namespace Mono.Tools.CertView {
+
+        public class GtkCertificateViewer {
+        
+		static private void Header () 
+		{
+			Assembly a = Assembly.GetExecutingAssembly ();
+			AssemblyName an = a.GetName ();
+
+			object [] att = a.GetCustomAttributes (typeof (AssemblyTitleAttribute), false);
+			string title = ((att.Length > 0) ? ((AssemblyTitleAttribute) att [0]).Title : "Mono Certificate Viewer");
+
+			att = a.GetCustomAttributes (typeof (AssemblyCopyrightAttribute), false);
+			string copyright = ((att.Length > 0) ? ((AssemblyCopyrightAttribute) att [0]).Copyright : "");
+
+			Console.WriteLine ("{0} {1}", title, an.Version.ToString ());
+			Console.WriteLine ("{0}{1}", copyright, Environment.NewLine);
+		}
+
+		public static void Main (string[] args)
+		{
+			string filename = ((args.Length > 0) ? args[0] : null);
+			if ((filename != null) && (File.Exists (filename)))
+				new GtkCertificateViewer (filename);
+			else {
+				Header ();
+				Console.WriteLine ("Usage: mono gcertview.exe certificate.cer");
+			}
+		}
+
+		[Glade.Widget] Button issuerStatementButton;
+		[Glade.Widget] Gtk.Image brokenSealImage;
+		[Glade.Widget] Gtk.Image sealImage;
+		[Glade.Widget] Entry issuedToEntry;
+		[Glade.Widget] Entry issuedByEntry;
+		[Glade.Widget] Label subjectAltNameLabel;
+		[Glade.Widget] TextView certInfoTextview;
+		[Glade.Widget] TextView certStatusTextview;
+		[Glade.Widget] Entry notBeforeEntry;
+		[Glade.Widget] Entry notAfterEntry;
+		[Glade.Widget] TreeView detailsTreeview;
+		[Glade.Widget] TextView detailsTextview;
+		[Glade.Widget] Entry showComboEntry;
+
+		// non widget stuff
+		private static Pixbuf[] version;
+		private static TreeCellDataFunc dataFunc = null;
+		private ListStore allStore;
+		private ListStore v1Store;
+		private ListStore extensionsStore;
+		private ListStore criticalStore;
+		private ListStore propertiesStore;
+		private ListStore emptyStore;
+
+		// non-glade stuff
+		private CertificateFormatter cf;
+
+		public GtkCertificateViewer (string filename) 
+		{
+			Application.Init();
+
+			Glade.XML gxml = new Glade.XML (null, "certview.glade", "CertificateViewer", null);
+			gxml.Autoconnect (this);
+
+			cf = new CertificateFormatter (filename);
+
+			// init UI
+			brokenSealImage.Pixbuf = new Pixbuf (null, "wax-seal-broken.png");
+			sealImage.Pixbuf = new Pixbuf (null, "wax-seal.png");
+
+			Tooltips tt = new Tooltips ();
+			issuedToEntry.Text = cf.Issuer (false);
+			tt.SetTip (issuedToEntry, issuedToEntry.Text, issuedToEntry.Text);
+			issuedByEntry.Text = cf.Subject (false);
+			tt.SetTip (issuedByEntry, issuedByEntry.Text, issuedByEntry.Text);
+
+			subjectAltNameLabel.Text = cf.SubjectAltName (false);
+			subjectAltNameLabel.Visible = (subjectAltNameLabel.Text != null);
+
+			notBeforeEntry.Text = cf.Certificate.ValidFrom.ToString ("yyyy-MM-dd");
+			notAfterEntry.Text = cf.Certificate.ValidUntil.ToString ("yyyy-MM-dd");
+
+			TextBuffer tb = new TextBuffer (null);
+			if (cf.Status != null)
+				tb.SetText (cf.Status);
+			certStatusTextview.Buffer = tb;
+			if (cf.Status != null) {
+				certInfoTextview.Buffer = tb;
+				certInfoTextview.ModifyText (StateType.Normal, new Gdk.Color (0xff, 0x00, 0x00));
+			}
+
+			sealImage.Visible = (cf.Status == null);
+			brokenSealImage.Visible = !sealImage.Visible;
+
+			Type[] storeType = new Type [4] { typeof (string), typeof (string), typeof (string), typeof (int) };
+			allStore = new ListStore (storeType);
+			v1Store = new ListStore (storeType);
+			extensionsStore = new ListStore (storeType);
+			criticalStore = new ListStore (storeType);
+			propertiesStore = new ListStore (storeType);
+			emptyStore = new ListStore (storeType);
+
+			AddToStores (CertificateFormatter.FieldNames.Version, cf.Version (false), cf.Version (true), 1);
+			AddToStores (CertificateFormatter.FieldNames.SerialNumber, cf.SerialNumber (false), cf.SerialNumber (true), 0);
+			AddToStores (CertificateFormatter.FieldNames.SignatureAlgorithm, cf.SignatureAlgorithm (false), cf.SignatureAlgorithm (true), 0);
+			AddToStores (CertificateFormatter.FieldNames.Issuer, cf.Issuer (false), cf.Issuer (true), 0);
+			AddToStores (CertificateFormatter.FieldNames.ValidFrom, cf.ValidFrom (false), cf.ValidFrom (true), 0);
+			AddToStores (CertificateFormatter.FieldNames.ValidUntil, cf.ValidUntil (false), cf.ValidUntil (true), 0);
+			AddToStores (CertificateFormatter.FieldNames.Subject, cf.Subject (false), cf.Subject (true), 0);
+			AddToStores (CertificateFormatter.FieldNames.PublicKey, cf.PublicKey (false), cf.PublicKey (true), 0);
+			for (int i=0; i < cf.Certificate.Extensions.Count; i++) {
+				X509Extension xe = cf.GetExtension (i);
+				string name = xe.Name;
+				int icon = 2;
+				if (xe.Critical)
+					icon = 3;
+				string exts = xe.ToString ();
+				string details;
+				if (xe.Name == xe.Oid) {
+					exts = cf.Extension (i, false);
+					details = cf.Extension (i, true);
+				}
+				else {
+					details = xe.ToString ();
+					exts = CertificateFormatter.OneLine (details);
+				}
+
+				AddToStores (name, exts, details, icon);
+			}
+			AddToStores (CertificateFormatter.PropertyNames.ThumbprintAlgorithm, cf.ThumbprintAlgorithm, cf.ThumbprintAlgorithm, 4);
+			string ftb = CertificateFormatter.Array2Word (cf.Thumbprint);
+			AddToStores (CertificateFormatter.PropertyNames.Thumbprint, ftb, ftb, 4);
+
+			// select appropriate store to show
+			OnShowComboChanged (null, null);
+
+			TreeViewColumn fieldColumn = new TreeViewColumn ();
+			CellRendererPixbuf pr = new CellRendererPixbuf ();
+			CellRenderer fieldRenderer = new CellRendererText ();
+			fieldColumn.PackStart (pr, false);
+			fieldColumn.SetCellDataFunc (pr, CellDataFunc, IntPtr.Zero, null);
+			fieldColumn.Title = "Field";
+			fieldColumn.PackStart (fieldRenderer, false);
+			fieldColumn.AddAttribute (fieldRenderer, "text", 0);
+			detailsTreeview.AppendColumn (fieldColumn);
+
+			TreeViewColumn valueColumn = new TreeViewColumn ();
+			CellRenderer valueRenderer = new CellRendererText ();
+			valueColumn.Title = "Value";
+			valueColumn.PackStart (valueRenderer, true);
+			valueColumn.AddAttribute (valueRenderer, "text", 1);
+			detailsTreeview.AppendColumn (valueColumn);
+
+//			detailsTreeview.ModifyText (StateType.Selected, new Gdk.Color (0x33, 0xff, 0x33));
+
+			Application.Run();
+		}
+
+		static void SetCellData (TreeViewColumn col, CellRenderer cell, TreeModel model, TreeIter iter)
+		{
+			int icon = (int) model.GetValue (iter, 3);
+			CellRendererPixbuf cr = (CellRendererPixbuf) cell;
+			cr.Pixbuf = version [icon];
+		}
+
+		public static Gtk.TreeCellDataFunc CellDataFunc {
+			get {
+				if (dataFunc == null) {
+					dataFunc = new TreeCellDataFunc (SetCellData);
+					version = new Pixbuf [5];
+					version [0] = new Pixbuf (null, "v1.bmp");
+					version [1] = new Pixbuf (null, "v2.bmp");
+					version [2] = new Pixbuf (null, "v3.bmp");
+					version [3] = new Pixbuf (null, "v3critical.bmp");
+					version [4] = new Pixbuf (null, "mono.bmp");
+				}
+
+				return dataFunc;
+			}
+		}
+
+		private void AddToStores (string fieldName, string fieldValue, string detailedValue, int iconValue) 
+		{
+			GLib.Value fv = new GLib.Value (fieldName);
+			GLib.Value vv = new GLib.Value (fieldValue);
+			GLib.Value dv = new GLib.Value (detailedValue);
+			GLib.Value iv = new GLib.Value (iconValue);
+			switch (iconValue) {
+				case 0: // X.509 version 1 fields
+					AddToStore (v1Store, fv, vv, dv, iv);
+					break;
+				case 2: // extensions
+					AddToStore (extensionsStore, fv, vv, dv, iv);
+					break;
+				case 3: // critical extensions
+					AddToStore (extensionsStore, fv, vv, dv, iv);
+					AddToStore (criticalStore, fv, vv, dv, iv);
+					break;
+				case 4: // properties
+					AddToStore (propertiesStore, fv, vv, dv, iv);
+					break;
+			}
+			// and we always add to allStore
+			AddToStore (allStore, fv, vv, dv, iv);
+		}
+
+		private void AddToStore (ListStore store, GLib.Value field, GLib.Value value, GLib.Value details, GLib.Value icon)
+		{
+			TreeIter iter = store.Append ();
+			store.SetValue (iter, 0, field);
+			store.SetValue (iter, 1, value);
+			store.SetValue (iter, 2, details);
+			store.SetValue (iter, 3, icon);
+		}
+
+		private void OnCursorChanged (object o, EventArgs args)
+		{
+			TreeModel model;
+			TreeIter iter = new TreeIter ();
+			TreeSelection ts = detailsTreeview.Selection;
+			ts.GetSelected (out model, out iter);
+
+			TextBuffer tb = new TextBuffer (null);
+			tb.SetText ((string) detailsTreeview.Model.GetValue (iter, 2));
+			detailsTextview.Buffer = tb;
+		}
+
+		private void OnShowComboChanged (object o, EventArgs e) 
+		{
+			// FIXME: yuck - how can I get an index ?
+			switch (showComboEntry.Text) {
+				case "<All>":
+					detailsTreeview.Model = allStore;
+					break;
+				case "Version 1 Fields Only":
+					detailsTreeview.Model = v1Store;
+					break;
+				case "Extensions Only":
+					detailsTreeview.Model = extensionsStore;
+					break;
+				case "Critical Extensions Only":
+					detailsTreeview.Model = criticalStore;
+					break;
+				case "Properties Only":
+					detailsTreeview.Model = propertiesStore;
+					break;
+				default:
+					detailsTreeview.Model = emptyStore;
+					break;
+			}
+		}
+
+		public void OnWindowDeleteEvent (object o, DeleteEventArgs args) 
+		{
+			Application.Quit ();
+			args.RetVal = true;
+		}
+
+		public void OnOkButtonClicked (object o, EventArgs e) 
+		{
+			Application.Quit ();
+		}
+    
+		public void OnIssuerStatementButtonClicked (object o, EventArgs e) 
+		{
+			// TODO
+		}
+	}
+}

mcs/tools/security/certview/gcertview.exe.config

@@ -0,0 +1,22 @@
+<configuration>
+	<configSections>
+		<section name="Thumbprint" type="System.Configuration.SingleTagSectionHandler" />
+		<section name="X509.Extensions" type="Mono.Tools.CertView.X509ExtensionsHandler, gcertview, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+	</configSections>
+
+	<Thumbprint Algorithm="SHA1" />
+
+	<X509.Extensions>
+		<Extension OID="2.5.29.2" Class="Mono.Security.X509.Extensions.KeyAttributesExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.14" Class="Mono.Security.X509.Extensions.SubjectKeyIdentifierExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.15" Class="Mono.Security.X509.Extensions.KeyUsageExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.16" Class="Mono.Security.X509.Extensions.PrivateKeyUsagePeriodExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.17" Class="Mono.Security.X509.Extensions.SubjectAltNameExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.19" Class="Mono.Security.X509.Extensions.BasicConstraintsExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.31" Class="Mono.Security.X509.Extensions.CRLDistributionPointsExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.32" Class="Mono.Security.X509.Extensions.CertificatePoliciesExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.35" Class="Mono.Security.X509.Extensions.AuthorityKeyIdentifierExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.5.29.37" Class="Mono.Security.X509.Extensions.ExtendedKeyUsageExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+		<Extension OID="2.16.840.1.113730.1.1" Class="Mono.Security.X509.Extensions.NetscapeCertTypeExtension, Mono.Security, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null" />
+	</X509.Extensions>
+</configuration>