private static OcesEnvironment GetEnvironmentForRoot(Ca ca) { if (!ca.IsRoot) { return(GetEnvironmentForRoot(ca.IssuingCa)); } return(RootCertificates.GetEnvironment(ca)); }
public bool IsRevoked(Ca ca) { if (ca.IsRoot) { return(false); } OcesEnvironment environment = RootCertificates.GetEnvironment(ca.IssuingCa); return(DownloadCrl(ca, environment).IsRevoked(ca) || IsRevoked(ca.IssuingCa)); }
static bool CheckCertificate(IOcesCertificate certificate) { var environment = RootCertificates.GetEnvironment(certificate.IssuingCa); string serverUrl = certificate.OcspUrl; var reqAndId = RequestGenerator.CreateOcspRequest(certificate); OcspResp resp = Requester.Send(reqAndId.Request, serverUrl); return(ResponseParser.CertificateIsValid(reqAndId.Id, resp, certificate)); }
/// <summary> /// The partitioned CRL to check for revocation is retrieved using LDAP. /// </summary> public bool IsRevoked(IOcesCertificate certificate) { string ldapPath = certificate.PartitionedCrlDistributionPoint; OcesEnvironment environment = RootCertificates.GetEnvironment(certificate.IssuingCa); Crl crl = _crlDownloader.Download(environment, ldapPath); if (!crl.IsPartial()) { throw new InvalidCrlException("Crl was downloaded successfully, but is not a partial CRL:" + ldapPath); } if (!crl.IsCorrectPartialCrl(ldapPath)) { throw new InvalidCrlException("Crl was downloaded successfully, but is not the correct partitioned crl:" + ldapPath); } return(crl.IsRevoked(certificate) || IsRevoked(certificate.IssuingCa)); }