Esempio n. 1
0
        private void TestOCSP()
        {
            OcspLookup ocspLookup = new OcspLookup();

            X509Store certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser);

            certStore.Open(OpenFlags.ReadOnly);

            string serial = "4c 05 5a 37";

            X509Certificate2Collection collection = certStore.Certificates.Find(X509FindType.FindBySerialNumber, serial, true);
            X509Certificate2           cert       = null;

            if (collection.Count > 0)
            {
                cert = collection[0];
            }
            else
            {
                // the certificate not found
                throw new NotImplementedException("The certificate was not found.");
            }

            X509Chain x509Chain = new X509Chain();

            x509Chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
            x509Chain.Build(cert);

            // Iterate though the chain, to validate if it contain a valid root vertificate
            X509ChainElementCollection             x509ChainElementCollection = x509Chain.ChainElements;
            X509ChainElementEnumerator             enumerator = x509ChainElementCollection.GetEnumerator();
            X509ChainElement                       x509ChainElement;
            X509Certificate2                       x509Certificate2 = null;
            IDictionary <string, X509Certificate2> map  = new Dictionary <string, X509Certificate2>();
            IList <X509Certificate2>               list = new List <X509Certificate2>();

            // At this point, the certificate is not valid, until a
            // it is proved that it has a valid root certificate
            while (enumerator.MoveNext())
            {
                x509ChainElement = enumerator.Current;
                x509Certificate2 = x509ChainElement.Certificate;
                list.Add(x509Certificate2);
            }



            ocspLookup.RevocationResponseOnline(list[0], list[1], "http://ocsp.systemtest8.trust2408.com/responder");
        }
Esempio n. 2
0
        private OcspLookup CreateOcesLookup()
        {
            OcspConfig ocspConfig = new OcspConfig();

            ocspConfig.DefaultTimeoutMsec = 20000;

            X509Certificate2 oces2RootCertificate = new X509Certificate2(LookupTest.oces2RootCertificate);

            IList <X509Certificate2> list = new List <X509Certificate2>();

            list.Add(oces2RootCertificate);

            OcspLookup ocspLookup = new OcspLookup(ocspConfig, list);

            return(ocspLookup);
        }
Esempio n. 3
0
        public void LookupTestRevokedFoces2()
        {
            try
            {
                X509Certificate2 certificate = new X509Certificate2(LookupTest.foces2RevokedCertificate, "Test1234");
                Assert.IsNotNull(certificate, "Test certificate was null.");

                OcspLookup         ocspLookup = this.CreateOcesLookup();
                RevocationResponse response   = ocspLookup.CheckCertificate(certificate);
                Assert.IsFalse(response.IsValid, "Certificate is not valid.");
                Assert.IsNull(response.Exception, "The lookup return an exception.");
                Assert.AreEqual(RevocationCheckStatus.CertificateRevoked, response.RevocationCheckStatus, "Not all check was performed.");
            }
            catch (Exception exception)
            {
                Assert.Fail(exception.ToString());
            }
        }