Ejemplos de IOcesCertificate en C# (CSharp)

Ejemplo n.º 1

        static bool CheckCertificate(IOcesCertificate certificate)
        {
            var    environment = RootCertificates.GetEnvironment(certificate.IssuingCa);
            string serverUrl   = certificate.OcspUrl;

            var      reqAndId = RequestGenerator.CreateOcspRequest(certificate);
            OcspResp resp     = Requester.Send(reqAndId.Request, serverUrl);

            return(ResponseParser.CertificateIsValid(reqAndId.Id, resp, certificate));
        }

Ejemplo n.º 2

Archivo: OcspClient.cs Proyecto: kiniry-supervision/OpenNemID

        static bool CheckCertificate(IOcesCertificate certificate)
        {
            var environment = RootCertificates.GetEnvironment(certificate.IssuingCa);
            string serverUrl = certificate.OcspUrl;

            var reqAndId = RequestGenerator.CreateOcspRequest(certificate);
            OcspResp resp = Requester.Send(reqAndId.Request, serverUrl);

            return ResponseParser.CertificateIsValid(reqAndId.Id, resp, certificate);
        }

Ejemplo n.º 3

Archivo: OcspCertificateRevocationChecker.cs Proyecto: svast/OOAPI

 static bool IsCertificateRevoked(IOcesCertificate certificate)
 {
     if (Environments.TrustedEnvironments.Contains(OcesEnvironment.OcesIDanidEnvDevelopment))
     {
         /* OCSP checking is not supported in this environment - since this is a test environment, we assume
          * the certificate is *not* revoked */
         Logger.Info("OCSP checking is not supported in this environment. Assuming certificate is not revoked");
         return(false);
     }
     return(!OcspClient.IsValid(certificate));
 }

Ejemplo n.º 4

Archivo: OcspCertificateRevocationChecker.cs Proyecto: kiniry-supervision/OpenNemID

 static bool IsCertificateRevoked(IOcesCertificate certificate)
 {
     if (Environments.TrustedEnvironments.Contains(OcesEnvironment.OcesIDanidEnvDevelopment))
     {
         /* OCSP checking is not supported in this environment - since this is a test environment, we assume
            the certificate is *not* revoked */
         Logger.Info("OCSP checking is not supported in this environment. Assuming certificate is not revoked");
         return false;
     }
     return !OcspClient.IsValid(certificate);
 }

Ejemplo n.º 5

Archivo: OcspClient.cs Proyecto: kiniry-supervision/OpenNemID

        public static bool IsValid(IOcesCertificate certificate)
        {
            OcspCall ocspCall = CheckCertificate;
            var result = ocspCall.BeginInvoke(certificate, null, null);

            bool timelyReply = result.AsyncWaitHandle.WaitOne(TimeoutMilliseconds, false);
            if (timelyReply)
            {
                return ocspCall.EndInvoke(result);
            }

            throw new TimeoutException("OCSP responder timed out");
        }

Ejemplo n.º 6

Archivo: Crl.cs Proyecto: svast/OOAPI

        /// <summary>
        /// Returns <code>true</code> if the given certificate is revoked and false otherwise
        /// </summary>
        /// <param name="certificate">certificate certificate to check for revocation</param>
        /// <returns><code>true</code> if the given certificate is revoked and false otherwise
        /// including if this CRL has expired.</returns>
        /// <throws>InvalidOperationException if this CRL is not valid or is not signed by the certificate's issuing CA.</throws>
        public bool IsRevoked(IOcesCertificate certificate)
        {
            try {
                VerifyCrl(certificate.IssuingCa.Certificate);
            }
            catch (SignatureException e)
            {
                throw new InvalidSignatureException("CRL Issued by" + _crl.IssuerDN
                                                    + " does not have valid signature by certificate's issuer certificate "
                                                    + certificate.IssuingCa.Certificate.SubjectName.Name, e);
            }

            return(IsRevoked(certificate.ExportCertificate()));
        }

Ejemplo n.º 7

        public static bool IsValid(IOcesCertificate certificate)
        {
            OcspCall ocspCall = CheckCertificate;
            var      result   = ocspCall.BeginInvoke(certificate, null, null);

            bool timelyReply = result.AsyncWaitHandle.WaitOne(TimeoutMilliseconds, false);

            if (timelyReply)
            {
                return(ocspCall.EndInvoke(result));
            }

            throw new TimeoutException("OCSP responder timed out");
        }

Ejemplo n.º 8

Archivo: PartitionedCrlRevocationChecker.cs Proyecto: hgaard/OOAPI

        /// <summary>
        /// The partitioned CRL to check for revocation is retrieved using LDAP.
        /// </summary>
        public bool IsRevoked(IOcesCertificate certificate)
        {
            string ldapPath = certificate.PartitionedCrlDistributionPoint;
            OcesEnvironment environment = RootCertificates.GetEnvironment(certificate.IssuingCa);

            Crl crl = _crlDownloader.Download(environment, ldapPath);

            if (!crl.IsPartial())
            {
                throw new InvalidCrlException("Crl was downloaded successfully, but is not a partial CRL:" + ldapPath);
            }
            if (!crl.IsCorrectPartialCrl(ldapPath))
            {
                throw new InvalidCrlException("Crl was downloaded successfully, but is not the correct partitioned crl:" + ldapPath);
            }

            return crl.IsRevoked(certificate) || IsRevoked(certificate.IssuingCa);
        }

Ejemplo n.º 9

Archivo: PartitionedCrlRevocationChecker.cs Proyecto: vhil/OpenNemID

        /// <summary>
        /// The partitioned CRL to check for revocation is retrieved using LDAP.
        /// </summary>
        public bool IsRevoked(IOcesCertificate certificate)
        {
            string          ldapPath    = certificate.PartitionedCrlDistributionPoint;
            OcesEnvironment environment = RootCertificates.GetEnvironment(certificate.IssuingCa);

            Crl crl = _crlDownloader.Download(environment, ldapPath);

            if (!crl.IsPartial())
            {
                throw new InvalidCrlException("Crl was downloaded successfully, but is not a partial CRL:" + ldapPath);
            }
            if (!crl.IsCorrectPartialCrl(ldapPath))
            {
                throw new InvalidCrlException("Crl was downloaded successfully, but is not the correct partitioned crl:" + ldapPath);
            }


            return(crl.IsRevoked(certificate) || IsRevoked(certificate.IssuingCa));
        }

Ejemplo n.º 10

Archivo: OcspCertificateRevocationChecker.cs Proyecto: svast/OOAPI

 public bool IsRevoked(IOcesCertificate certificate)
 {
     return(IsIssuingCaRevoked(certificate) || IsCertificateRevoked(certificate));
 }

Ejemplo n.º 11

Archivo: FullCrlRevocationChecker.cs Proyecto: svast/OOAPI

        /// <summary>
        /// Downloads the full CRL for the given certificate.
        /// </summary>
        /// <param name="certificate">certificate to download full CRL for</param>
        /// <returns>full CRL for given certificate</returns>
        public Crl DownloadCrl(IOcesCertificate certificate)
        {
            string crlDistributionPoint = certificate.CrlDistributionPoint;

            return(DownloadCrl(crlDistributionPoint));
        }

Ejemplo n.º 12

Archivo: FullCrlRevocationChecker.cs Proyecto: svast/OOAPI

        public bool IsRevoked(IOcesCertificate certificate)
        {
            Crl crl = DownloadCrl(certificate);

            return(crl.IsRevoked(certificate) || IsRevoked(certificate.IssuingCa));
        }

Ejemplo n.º 13

Archivo: RequestGenerator.cs Proyecto: svast/OOAPI

 public static OcspReqAndId CreateOcspRequest(IOcesCertificate certificate)
 {
     return(CreateOcspRequest(certificate.IssuingCa.Certificate, SerialNumberConverter.FromCertificate(certificate)));
 }

Ejemplo n.º 14

Archivo: RequestGenerator.cs Proyecto: kiniry-supervision/OpenNemID

 public static OcspReqAndId CreateOcspRequest(IOcesCertificate certificate)
 {
     return CreateOcspRequest(certificate.IssuingCa.Certificate, SerialNumberConverter.FromCertificate(certificate));
 }

Ejemplo n.º 15

Archivo: FullCrlRevocationChecker.cs Proyecto: kiniry-supervision/OpenNemID

 public bool IsRevoked(IOcesCertificate certificate)
 {
     Crl crl = DownloadCrl(certificate);
     return crl.IsRevoked(certificate) || IsRevoked(certificate.IssuingCa);
 }

Ejemplo n.º 16

Archivo: OcspCertificateRevocationChecker.cs Proyecto: svast/OOAPI

 static bool IsIssuingCaRevoked(IOcesCertificate certificate)
 {
     return(FullCrlRevocationChecker.Instance.IsRevoked(certificate.IssuingCa));
 }

Ejemplo n.º 17

Archivo: ResponseParser.cs Proyecto: vhil/OpenNemID

 public static bool CertificateIsValid(CertID id, OcspResp ocspResp, IOcesCertificate certificate)
 {
     return(CertificateIsValid(id, ocspResp, SerialNumberConverter.FromCertificate(certificate), certificate.IssuingCa));
 }

Ejemplo n.º 18

Archivo: OcspCertificateRevocationChecker.cs Proyecto: kiniry-supervision/OpenNemID

 static bool IsIssuingCaRevoked(IOcesCertificate certificate)
 {
     return FullCrlRevocationChecker.Instance.IsRevoked(certificate.IssuingCa);
 }

Ejemplo n.º 19

Archivo: FullCrlRevocationChecker.cs Proyecto: kiniry-supervision/OpenNemID

 /// <summary>
 /// Downloads the full CRL for the given certificate.
 /// </summary>
 /// <param name="certificate">certificate to download full CRL for</param>
 /// <returns>full CRL for given certificate</returns>
 public Crl DownloadCrl(IOcesCertificate certificate)
 {
     string crlDistributionPoint = certificate.CrlDistributionPoint;
     return DownloadCrl(crlDistributionPoint);
 }

Ejemplo n.º 20

Archivo: ResponseParser.cs Proyecto: kiniry-supervision/OpenNemID

 public static bool CertificateIsValid(CertID id, OcspResp ocspResp, IOcesCertificate certificate)
 {
     return CertificateIsValid(id, ocspResp, SerialNumberConverter.FromCertificate(certificate), certificate.IssuingCa);
 }

Ejemplo n.º 21

Archivo: SerialNumberConverter.cs Proyecto: hgaard/OOAPI

 public static string FromCertificate(IOcesCertificate certificate)
 {
     return Convert.ToUInt32(certificate.SerialNumber, 16).ToString();
 }

Ejemplo n.º 22

Archivo: SerialNumberConverter.cs Proyecto: svast/OOAPI

 public static string FromCertificate(IOcesCertificate certificate)
 {
     return(Convert.ToUInt32(certificate.SerialNumber, 16).ToString());
 }

Ejemplo n.º 23

Archivo: Crl.cs Proyecto: hgaard/OOAPI

        /// <summary>
        /// Returns <code>true</code> if the given certificate is revoked and false otherwise 
        /// </summary>
        /// <param name="certificate">certificate certificate to check for revocation</param>
        /// <returns><code>true</code> if the given certificate is revoked and false otherwise 
        /// including if this CRL has expired.</returns>
        /// <throws>InvalidOperationException if this CRL is not valid or is not signed by the certificate's issuing CA.</throws>
        public bool IsRevoked(IOcesCertificate certificate)
        {
            try {
                VerifyCrl(certificate.IssuingCa.Certificate);
            }
            catch (SignatureException e)
            {
                throw new InvalidSignatureException("CRL Issued by" + _crl.IssuerDN
                                                    + " does not have valid signature by certificate's issuer certificate "
                                                    + certificate.IssuingCa.Certificate.SubjectName.Name, e);
            }

            return IsRevoked(certificate.ExportCertificate());
        }

Ejemplo n.º 24

Archivo: OcspCertificateRevocationChecker.cs Proyecto: kiniry-supervision/OpenNemID

 public bool IsRevoked(IOcesCertificate certificate)
 {
     return IsIssuingCaRevoked(certificate) || IsCertificateRevoked(certificate);
 }