/// <summary>The default constructor for CertificateVerification.</summary>
/// <remarks>The default constructor for CertificateVerification.</remarks>
/// <param name="cert"></param>
/// <param name="ctx"></param>
public CertificateVerification(CertificateAndContext cert, ValidationContext ctx)
{
certificate = cert;
if (cert != null)
{
try
{
cert.GetCertificate().CheckValidity(ctx.GetValidationDate());
validityPeriodVerification = new Result(Result.ResultStatus.VALID, null);
}
catch (CertificateExpiredException)
{
validityPeriodVerification = new Result(Result.ResultStatus.INVALID, "certificate.expired"
);
}
catch (CertificateNotYetValidException)
{
validityPeriodVerification = new Result(Result.ResultStatus.INVALID, "certificate.not.yet.valid"
);
}
CertificateStatus status = ctx.GetCertificateStatusFromContext(cert);
if (status != null)
{
certificateStatus = new RevocationVerificationResult(status);
}
}
}
public virtual bool Check(CertificateAndContext cert)
{
//TODO jbonilla - Validar
//byte[] qcStatement = cert.GetCertificate().GetExtensionValue(X509Extensions.QCStatements);
Asn1OctetString qcStatement = cert.GetCertificate().GetExtensionValue(X509Extensions.QCStatements);
if (qcStatement != null)
{
try
{
//Asn1InputStream input = new Asn1InputStream(qcStatement);
//DerOctetString s = (DerOctetString)input.ReadObject();
DerOctetString s = (DerOctetString)qcStatement;
byte[] content = s.GetOctets();
Asn1InputStream input = new Asn1InputStream(content);
DerSequence seq = (DerSequence)input.ReadObject();
for (int i = 0; i < seq.Count; i++)
{
QCStatement statement = QCStatement.GetInstance(seq[i]);
if (statement.StatementId.Id.Equals(qcStatementId))
{
return true;
}
}
return false;
}
catch (IOException e)
{
throw new RuntimeException(e);
}
}
return false;
}
public virtual bool Check(CertificateAndContext cert)
{
//TODO jbonilla - validar.
//byte[] certificatePolicies = cert.GetCertificate().GetExtensionValue(X509Extensions.CertificatePolicies);
Asn1OctetString certificatePolicies = cert.GetCertificate().GetExtensionValue(X509Extensions.CertificatePolicies);
if (certificatePolicies != null)
{
try
{
//Asn1InputStream input = new Asn1InputStream(certificatePolicies);
//DerOctetString s = (DerOctetString)input.ReadObject();
DerOctetString s = (DerOctetString)certificatePolicies;
byte[] content = s.GetOctets();
Asn1InputStream input = new Asn1InputStream(content);
DerSequence seq = (DerSequence)input.ReadObject();
for (int i = 0; i < seq.Count; i++)
{
PolicyInformation policyInfo = PolicyInformation.GetInstance(seq[i]);
if (policyInfo.PolicyIdentifier.Id.Equals(policyOid))
{
return true;
}
}
}
catch (IOException e)
{
throw new RuntimeException(e);
}
}
return false;
}
public IList<CertificateAndContext> GetCertificateBySubjectName(X509Name subjectName
)
{
IList<CertificateAndContext> list = new AList<CertificateAndContext>();
foreach (X509Certificate cert in GetCertificates())
{
if (subjectName.Equals(cert.SubjectDN))
{
CertificateAndContext cc = new CertificateAndContext(cert);
cc.SetCertificateSource(sourceType);
list.AddItem(cc);
}
}
return list;
}
public IList <CertificateAndContext> GetCertificateBySubjectName(X509Name subjectName
)
{
IList <CertificateAndContext> list = new AList <CertificateAndContext>();
foreach (X509Certificate cert in GetCertificates())
{
if (subjectName.Equals(cert.SubjectDN))
{
CertificateAndContext cc = new CertificateAndContext(cert);
cc.SetCertificateSource(sourceType);
list.AddItem(cc);
}
}
return(list);
}
public virtual bool Check(CertificateAndContext cert)
{
switch (composition)
{
case CompositeCriteriaList.Composition.all:
{
foreach (Condition c in conditions)
{
if (!c.Check(cert))
{
return false;
}
}
return true;
}
case CompositeCriteriaList.Composition.atLeastOne:
{
foreach (Condition c_1 in conditions)
{
if (c_1.Check(cert))
{
return true;
}
}
return false;
}
case CompositeCriteriaList.Composition.none:
{
foreach (Condition c_2 in conditions)
{
if (c_2.Check(cert))
{
return false;
}
}
return true;
}
}
throw new InvalidOperationException("Unsupported Composition " + composition);
}
/// <summary>Retrieve all the qualifiers for which the corresponding condition evaluate to true.
/// </summary>
/// <remarks>Retrieve all the qualifiers for which the corresponding condition evaluate to true.
/// </remarks>
/// <param name="cert"></param>
/// <returns></returns>
public virtual IList<string> GetQualifiers(CertificateAndContext cert)
{
IList<string> list = new AList<string>();
foreach (KeyValuePair<string, Condition> e in qualifiersAndConditions.EntrySet())
{
if (e.Value.Check(cert))
{
list.AddItem(e.Key);
}
}
return list;
}
/// <summary>Create a CertificateToken</summary>
/// <param name="cert"></param>
/// <param name="sourceFactory"></param>
public CertificateToken(CertificateAndContext cert, CertificateSourceFactory sourceFactory
)
{
this.cert = cert;
this.sourceFactory = sourceFactory;
}
/// <summary>Create a CertificateToken</summary>
/// <param name="cert"></param>
public CertificateToken(CertificateAndContext cert) : this(cert, null)
{
}
public virtual bool Check(CertificateAndContext cert)
{
return cert.GetCertificate().GetKeyUsage()[(int)bit];
}
/// <param name="certificate">the certificate to set</param>
public virtual void SetCertificate(CertificateAndContext certificate)
{
this.certificate = certificate;
}
