﻿<?xml version="1.0" encoding="utf-8"?><Type Name="DoNotShortCircuitCertificateCheckRule" FullName="Gendarme.Rules.Security.DoNotShortCircuitCertificateCheckRule"><TypeSignature Language="C#" Value="public sealed class DoNotShortCircuitCertificateCheckRule : Gendarme.Framework.Rule, Gendarme.Framework.IMethodRule" /><TypeSignature Language="ILAsm" Value=".class public auto ansi sealed beforefieldinit DoNotShortCircuitCertificateCheckRule extends Gendarme.Framework.Rule implements class Gendarme.Framework.IMethodRule, class Gendarme.Framework.IRule" /><AssemblyInfo><AssemblyName>Gendarme.Rules.Security</AssemblyName><AssemblyVersion>3.10.0.0</AssemblyVersion></AssemblyInfo><Base><BaseTypeName>Gendarme.Framework.Rule</BaseTypeName></Base><Interfaces><Interface><InterfaceName>Gendarme.Framework.IMethodRule</InterfaceName></Interface></Interfaces><Attributes><Attribute><AttributeName>Gendarme.Framework.EngineDependency(typeof(Gendarme.Framework.Engines.OpCodeEngine))</AttributeName></Attribute><Attribute><AttributeName>Gendarme.Framework.Problem("The CheckValidationResult method inside this type looks incomplete or is a 'pass-through'.")</AttributeName></Attribute><Attribute><AttributeName>Gendarme.Framework.Solution("Review the certificate policy as it is likely not secure enough to be used in a public network.")</AttributeName></Attribute></Attributes><Docs><summary>
            This rule checks for methods that implements pass-through certificate checks.
            I.e. methods that override the framework decision about a certificate validity
            without checking anything specific about the supplied certificate or error code.
            Protocols like TLS/SSL are only secure if the certificates are used correctly.
            </summary><remarks>This rule is available since Gendarme 2.4</remarks><example>
            Bad example (ICertificatePolicy):
            <code>
            public class AcceptEverythingCertificatePolicy : ICertificatePolicy {
            	public bool CheckValidationResult (ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem)
            	{
            		// this accepts everything making it easy for MITM
            		// (Man-in-the-middle) attacks
            		return true;
            	}
            }
            </code></example><example>
            Good example (ICertificatePolicy):
            <code>
            public class AllowSpecificCertificatePolicy : ICertificatePolicy {
            	public bool CheckValidationResult (ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem)
            	{
            		// this accept only a specific certificate, even if others would be ok
            		return (certificate.GetCertHashString () == "D62F48D013EE7FB58B79074512670D9C5B3A5DA9");
            	}
            }
            </code></example><example>
            Bad example (RemoteCertificateValidationCallback):
            <code>
            public bool CertificateValidationCallback (object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
            {
            	// this accepts everything making it easy for MITM
            	// (Man-in-the-middle) attacks
            	return true;
            }
            SslStream ssl = new SslStream (stream, false, new RemoteCertificateValidationCallback (CertificateValidationCallback), null);
            </code></example><example>
            Good example (RemoteCertificateValidationCallback):
            <code>
            public bool CertificateValidationCallback (object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
            {
            	// this accept only a specific certificate, even if others would be ok
            	return (certificate.GetCertHashString () == "D62F48D013EE7FB58B79074512670D9C5B3A5DA9");
            }
            SslStream ssl = new SslStream (stream, false, new RemoteCertificateValidationCallback (CertificateValidationCallback), null);
            </code></example></Docs><Members><Member MemberName=".ctor"><MemberSignature Language="C#" Value="public DoNotShortCircuitCertificateCheckRule ();" /><MemberSignature Language="ILAsm" Value=".method public hidebysig specialname rtspecialname instance void .ctor() cil managed" /><MemberType>Constructor</MemberType><AssemblyInfo><AssemblyVersion>3.10.0.0</AssemblyVersion></AssemblyInfo><Parameters /><Docs><summary>To be added.</summary><remarks>To be added.</remarks></Docs></Member><Member MemberName="CheckMethod"><MemberSignature Language="C#" Value="public Gendarme.Framework.RuleResult CheckMethod (Mono.Cecil.MethodDefinition method);" /><MemberSignature Language="ILAsm" Value=".method public hidebysig newslot virtual instance valuetype Gendarme.Framework.RuleResult CheckMethod(class Mono.Cecil.MethodDefinition method) cil managed" /><MemberType>Method</MemberType><AssemblyInfo><AssemblyVersion>3.10.0.0</AssemblyVersion></AssemblyInfo><ReturnValue><ReturnType>Gendarme.Framework.RuleResult</ReturnType></ReturnValue><Parameters><Parameter Name="method" Type="Mono.Cecil.MethodDefinition" /></Parameters><Docs><param name="method">To be added.</param><summary>To be added.</summary><returns>To be added.</returns><remarks>To be added.</remarks></Docs></Member><Member MemberName="Initialize"><MemberSignature Language="C#" Value="public override void Initialize (Gendarme.Framework.IRunner runner);" /><MemberSignature Language="ILAsm" Value=".method public hidebysig virtual instance void Initialize(class Gendarme.Framework.IRunner runner) cil managed" /><MemberType>Method</MemberType><AssemblyInfo><AssemblyVersion>3.10.0.0</AssemblyVersion></AssemblyInfo><ReturnValue><ReturnType>System.Void</ReturnType></ReturnValue><Parameters><Parameter Name="runner" Type="Gendarme.Framework.IRunner" /></Parameters><Docs><param name="runner">To be added.</param><summary>To be added.</summary><remarks>To be added.</remarks></Docs></Member></Members></Type>