private static OcesEnvironment GetEnvironmentForRoot(Ca ca)
{
if (!ca.IsRoot)
{
return(GetEnvironmentForRoot(ca.IssuingCa));
}
return(RootCertificates.GetEnvironment(ca));
}
public bool IsRevoked(Ca ca)
{
if (ca.IsRoot)
{
return(false);
}
OcesEnvironment environment = RootCertificates.GetEnvironment(ca.IssuingCa);
return(DownloadCrl(ca, environment).IsRevoked(ca) || IsRevoked(ca.IssuingCa));
}
static bool CheckCertificate(IOcesCertificate certificate)
{
var environment = RootCertificates.GetEnvironment(certificate.IssuingCa);
string serverUrl = certificate.OcspUrl;
var reqAndId = RequestGenerator.CreateOcspRequest(certificate);
OcspResp resp = Requester.Send(reqAndId.Request, serverUrl);
return(ResponseParser.CertificateIsValid(reqAndId.Id, resp, certificate));
}
/// <summary>
/// The partitioned CRL to check for revocation is retrieved using LDAP.
/// </summary>
public bool IsRevoked(IOcesCertificate certificate)
{
string ldapPath = certificate.PartitionedCrlDistributionPoint;
OcesEnvironment environment = RootCertificates.GetEnvironment(certificate.IssuingCa);
Crl crl = _crlDownloader.Download(environment, ldapPath);
if (!crl.IsPartial())
{
throw new InvalidCrlException("Crl was downloaded successfully, but is not a partial CRL:" + ldapPath);
}
if (!crl.IsCorrectPartialCrl(ldapPath))
{
throw new InvalidCrlException("Crl was downloaded successfully, but is not the correct partitioned crl:" + ldapPath);
}
return(crl.IsRevoked(certificate) || IsRevoked(certificate.IssuingCa));
}
