public static bool ValidateSslCertificateFields(Certificate certificate) { Logger.log("Validating Certificate Fields"); if (!CertificateFieldValidator.Validate(certificate)) { Logger.log("Ssl Certificate Field validation failed"); return(false); } Logger.log("Validating Basic Contraints"); if (certificate.BasicConstraints.HasBasicConstraints) { if (certificate.BasicConstraints.IsCa) { Logger.log("End user certificates can not have basic constraint field with isCa flag"); return(false); } } Logger.log("Validating Key Usage"); if (!ValidateSslCertificateKeyUsage(certificate)) { Logger.log("Ssl Certificate Key Usage Flags invalid"); return(false); } Logger.log("Validating Extended Usage"); if (!ValidateSslCertificateExtendedKeyUsage(certificate.ExtendedKeyUsage.Oids)) { Logger.log("Ssl Certificate Extended Key Usage Flags invalid"); return(false); } return(true); }
public static bool ValidateSubCaCertificate(Certificate subCaCertificate) { if (!CertificateFieldValidator.Validate(subCaCertificate)) { Logger.log("Can not validate Sub CA Certificate Fields"); return(false); } if (!CheckValidityPeriod(subCaCertificate)) { Logger.log("Can not validate Sub CA Validity Period"); return(false); } if (!CertificateChainValidator.ValidateCertificateSignatureWithChain(subCaCertificate)) { Logger.log("Can not validate Sub CA Signature with Issuer Certificate"); return(false); } return(true); }
public static bool ValidateRootCaCertificate(Certificate rootCaCertificate) { if (!CertificateFieldValidator.Validate(rootCaCertificate)) { return(false); } if (!CertificateSignatureValidator.ValidateSelfSignedCertificateSignature(rootCaCertificate)) { return(false); } if (!CheckValidityPeriod(rootCaCertificate)) { return(false); } if (!ValidateRootCaCertificateFields(rootCaCertificate)) { return(false); } return(true); }