C# (CSharp) IOcesCertificate Exemples

Exemple #1

        static bool CheckCertificate(IOcesCertificate certificate)
        {
            var    environment = RootCertificates.GetEnvironment(certificate.IssuingCa);
            string serverUrl   = certificate.OcspUrl;

            var      reqAndId = RequestGenerator.CreateOcspRequest(certificate);
            OcspResp resp     = Requester.Send(reqAndId.Request, serverUrl);

            return(ResponseParser.CertificateIsValid(reqAndId.Id, resp, certificate));
        }

Exemple #2

Fichier : OcspClient.cs Projet : kiniry-supervision/OpenNemID

        static bool CheckCertificate(IOcesCertificate certificate)
        {
            var environment = RootCertificates.GetEnvironment(certificate.IssuingCa);
            string serverUrl = certificate.OcspUrl;

            var reqAndId = RequestGenerator.CreateOcspRequest(certificate);
            OcspResp resp = Requester.Send(reqAndId.Request, serverUrl);

            return ResponseParser.CertificateIsValid(reqAndId.Id, resp, certificate);
        }

Exemple #3

Fichier : OcspCertificateRevocationChecker.cs Projet : svast/OOAPI

 static bool IsCertificateRevoked(IOcesCertificate certificate)
 {
     if (Environments.TrustedEnvironments.Contains(OcesEnvironment.OcesIDanidEnvDevelopment))
     {
         /* OCSP checking is not supported in this environment - since this is a test environment, we assume
          * the certificate is *not* revoked */
         Logger.Info("OCSP checking is not supported in this environment. Assuming certificate is not revoked");
         return(false);
     }
     return(!OcspClient.IsValid(certificate));
 }

Exemple #4

Fichier : OcspCertificateRevocationChecker.cs Projet : kiniry-supervision/OpenNemID

 static bool IsCertificateRevoked(IOcesCertificate certificate)
 {
     if (Environments.TrustedEnvironments.Contains(OcesEnvironment.OcesIDanidEnvDevelopment))
     {
         /* OCSP checking is not supported in this environment - since this is a test environment, we assume
            the certificate is *not* revoked */
         Logger.Info("OCSP checking is not supported in this environment. Assuming certificate is not revoked");
         return false;
     }
     return !OcspClient.IsValid(certificate);
 }

Exemple #5

Fichier : OcspClient.cs Projet : kiniry-supervision/OpenNemID

        public static bool IsValid(IOcesCertificate certificate)
        {
            OcspCall ocspCall = CheckCertificate;
            var result = ocspCall.BeginInvoke(certificate, null, null);

            bool timelyReply = result.AsyncWaitHandle.WaitOne(TimeoutMilliseconds, false);
            if (timelyReply)
            {
                return ocspCall.EndInvoke(result);
            }

            throw new TimeoutException("OCSP responder timed out");
        }

Exemple #6

Fichier : Crl.cs Projet : svast/OOAPI

        /// <summary>
        /// Returns <code>true</code> if the given certificate is revoked and false otherwise
        /// </summary>
        /// <param name="certificate">certificate certificate to check for revocation</param>
        /// <returns><code>true</code> if the given certificate is revoked and false otherwise
        /// including if this CRL has expired.</returns>
        /// <throws>InvalidOperationException if this CRL is not valid or is not signed by the certificate's issuing CA.</throws>
        public bool IsRevoked(IOcesCertificate certificate)
        {
            try {
                VerifyCrl(certificate.IssuingCa.Certificate);
            }
            catch (SignatureException e)
            {
                throw new InvalidSignatureException("CRL Issued by" + _crl.IssuerDN
                                                    + " does not have valid signature by certificate's issuer certificate "
                                                    + certificate.IssuingCa.Certificate.SubjectName.Name, e);
            }

            return(IsRevoked(certificate.ExportCertificate()));
        }

Exemple #7

        public static bool IsValid(IOcesCertificate certificate)
        {
            OcspCall ocspCall = CheckCertificate;
            var      result   = ocspCall.BeginInvoke(certificate, null, null);

            bool timelyReply = result.AsyncWaitHandle.WaitOne(TimeoutMilliseconds, false);

            if (timelyReply)
            {
                return(ocspCall.EndInvoke(result));
            }

            throw new TimeoutException("OCSP responder timed out");
        }

Exemple #8

Fichier : PartitionedCrlRevocationChecker.cs Projet : hgaard/OOAPI

        /// <summary>
        /// The partitioned CRL to check for revocation is retrieved using LDAP.
        /// </summary>
        public bool IsRevoked(IOcesCertificate certificate)
        {
            string ldapPath = certificate.PartitionedCrlDistributionPoint;
            OcesEnvironment environment = RootCertificates.GetEnvironment(certificate.IssuingCa);

            Crl crl = _crlDownloader.Download(environment, ldapPath);

            if (!crl.IsPartial())
            {
                throw new InvalidCrlException("Crl was downloaded successfully, but is not a partial CRL:" + ldapPath);
            }
            if (!crl.IsCorrectPartialCrl(ldapPath))
            {
                throw new InvalidCrlException("Crl was downloaded successfully, but is not the correct partitioned crl:" + ldapPath);
            }

            return crl.IsRevoked(certificate) || IsRevoked(certificate.IssuingCa);
        }

Exemple #9

Fichier : PartitionedCrlRevocationChecker.cs Projet : vhil/OpenNemID

        /// <summary>
        /// The partitioned CRL to check for revocation is retrieved using LDAP.
        /// </summary>
        public bool IsRevoked(IOcesCertificate certificate)
        {
            string          ldapPath    = certificate.PartitionedCrlDistributionPoint;
            OcesEnvironment environment = RootCertificates.GetEnvironment(certificate.IssuingCa);

            Crl crl = _crlDownloader.Download(environment, ldapPath);

            if (!crl.IsPartial())
            {
                throw new InvalidCrlException("Crl was downloaded successfully, but is not a partial CRL:" + ldapPath);
            }
            if (!crl.IsCorrectPartialCrl(ldapPath))
            {
                throw new InvalidCrlException("Crl was downloaded successfully, but is not the correct partitioned crl:" + ldapPath);
            }


            return(crl.IsRevoked(certificate) || IsRevoked(certificate.IssuingCa));
        }

Exemple #10

Fichier : OcspCertificateRevocationChecker.cs Projet : svast/OOAPI

 public bool IsRevoked(IOcesCertificate certificate)
 {
     return(IsIssuingCaRevoked(certificate) || IsCertificateRevoked(certificate));
 }

Exemple #11

Fichier : FullCrlRevocationChecker.cs Projet : svast/OOAPI

        /// <summary>
        /// Downloads the full CRL for the given certificate.
        /// </summary>
        /// <param name="certificate">certificate to download full CRL for</param>
        /// <returns>full CRL for given certificate</returns>
        public Crl DownloadCrl(IOcesCertificate certificate)
        {
            string crlDistributionPoint = certificate.CrlDistributionPoint;

            return(DownloadCrl(crlDistributionPoint));
        }

Exemple #12

Fichier : FullCrlRevocationChecker.cs Projet : svast/OOAPI

        public bool IsRevoked(IOcesCertificate certificate)
        {
            Crl crl = DownloadCrl(certificate);

            return(crl.IsRevoked(certificate) || IsRevoked(certificate.IssuingCa));
        }

Exemple #13

Fichier : RequestGenerator.cs Projet : svast/OOAPI

 public static OcspReqAndId CreateOcspRequest(IOcesCertificate certificate)
 {
     return(CreateOcspRequest(certificate.IssuingCa.Certificate, SerialNumberConverter.FromCertificate(certificate)));
 }

Exemple #14

Fichier : RequestGenerator.cs Projet : kiniry-supervision/OpenNemID

 public static OcspReqAndId CreateOcspRequest(IOcesCertificate certificate)
 {
     return CreateOcspRequest(certificate.IssuingCa.Certificate, SerialNumberConverter.FromCertificate(certificate));
 }

Exemple #15

Fichier : FullCrlRevocationChecker.cs Projet : kiniry-supervision/OpenNemID

 public bool IsRevoked(IOcesCertificate certificate)
 {
     Crl crl = DownloadCrl(certificate);
     return crl.IsRevoked(certificate) || IsRevoked(certificate.IssuingCa);
 }

Exemple #16

Fichier : OcspCertificateRevocationChecker.cs Projet : svast/OOAPI

 static bool IsIssuingCaRevoked(IOcesCertificate certificate)
 {
     return(FullCrlRevocationChecker.Instance.IsRevoked(certificate.IssuingCa));
 }

Exemple #17

Fichier : ResponseParser.cs Projet : vhil/OpenNemID

 public static bool CertificateIsValid(CertID id, OcspResp ocspResp, IOcesCertificate certificate)
 {
     return(CertificateIsValid(id, ocspResp, SerialNumberConverter.FromCertificate(certificate), certificate.IssuingCa));
 }

Exemple #18

Fichier : OcspCertificateRevocationChecker.cs Projet : kiniry-supervision/OpenNemID

 static bool IsIssuingCaRevoked(IOcesCertificate certificate)
 {
     return FullCrlRevocationChecker.Instance.IsRevoked(certificate.IssuingCa);
 }

Exemple #19

Fichier : FullCrlRevocationChecker.cs Projet : kiniry-supervision/OpenNemID

 /// <summary>
 /// Downloads the full CRL for the given certificate.
 /// </summary>
 /// <param name="certificate">certificate to download full CRL for</param>
 /// <returns>full CRL for given certificate</returns>
 public Crl DownloadCrl(IOcesCertificate certificate)
 {
     string crlDistributionPoint = certificate.CrlDistributionPoint;
     return DownloadCrl(crlDistributionPoint);
 }

Exemple #20

Fichier : ResponseParser.cs Projet : kiniry-supervision/OpenNemID

 public static bool CertificateIsValid(CertID id, OcspResp ocspResp, IOcesCertificate certificate)
 {
     return CertificateIsValid(id, ocspResp, SerialNumberConverter.FromCertificate(certificate), certificate.IssuingCa);
 }

Exemple #21

Fichier : SerialNumberConverter.cs Projet : hgaard/OOAPI

 public static string FromCertificate(IOcesCertificate certificate)
 {
     return Convert.ToUInt32(certificate.SerialNumber, 16).ToString();
 }

Exemple #22

Fichier : SerialNumberConverter.cs Projet : svast/OOAPI

 public static string FromCertificate(IOcesCertificate certificate)
 {
     return(Convert.ToUInt32(certificate.SerialNumber, 16).ToString());
 }

Exemple #23

Fichier : Crl.cs Projet : hgaard/OOAPI

        /// <summary>
        /// Returns <code>true</code> if the given certificate is revoked and false otherwise 
        /// </summary>
        /// <param name="certificate">certificate certificate to check for revocation</param>
        /// <returns><code>true</code> if the given certificate is revoked and false otherwise 
        /// including if this CRL has expired.</returns>
        /// <throws>InvalidOperationException if this CRL is not valid or is not signed by the certificate's issuing CA.</throws>
        public bool IsRevoked(IOcesCertificate certificate)
        {
            try {
                VerifyCrl(certificate.IssuingCa.Certificate);
            }
            catch (SignatureException e)
            {
                throw new InvalidSignatureException("CRL Issued by" + _crl.IssuerDN
                                                    + " does not have valid signature by certificate's issuer certificate "
                                                    + certificate.IssuingCa.Certificate.SubjectName.Name, e);
            }

            return IsRevoked(certificate.ExportCertificate());
        }

Exemple #24

Fichier : OcspCertificateRevocationChecker.cs Projet : kiniry-supervision/OpenNemID

 public bool IsRevoked(IOcesCertificate certificate)
 {
     return IsIssuingCaRevoked(certificate) || IsCertificateRevoked(certificate);
 }