C# (CSharp) X509Crl.X509CrlEntry 예제들

프로그래밍 언어: C# (CSharp)

클래스/타입: X509Crl.X509CrlEntry

hotexamples.com에서의 예제들: 5

C# (CSharp) X509Crl.X509CrlEntry - 5개의 예제가 발견되었습니다. 이것들은 오픈소스 프로젝트에서 추출된 C# (CSharp)의 X509Crl.X509CrlEntry에 대한 실세계 최고 등급의 예제들입니다. 예제들을 평가하여 예제의 품질 향상에 도움을 줄 수 있습니다.

예제 #1

파일 보기

파일: X509Chain.cs 프로젝트: msruzy/digimon-linkz-client

 private bool ProcessCrlEntryExtensions(X509Crl.X509CrlEntry entry)
 {
     foreach (object obj in entry.Extensions)
     {
         X509Extension x509Extension = (X509Extension)obj;
         if (x509Extension.Critical)
         {
             string oid = x509Extension.Oid;
             if (oid != null)
             {
                 if (X509Chain.< > f__switch$mapD == null)
                 {
                     X509Chain.< > f__switch$mapD = new Dictionary <string, int>(1)
                     {
                         {
                             "2.5.29.21",
                             0
                         }
                     };
                 }
                 int num;
                 if (X509Chain.< > f__switch$mapD.TryGetValue(oid, out num))
                 {
                     if (num == 0)
                     {
                         continue;
                     }
                 }
             }
             return(false);
         }
     }
     return(true);
 }

예제 #2

파일 보기

파일: X509Chain.cs 프로젝트: msruzy/digimon-linkz-client

        private X509ChainStatusFlags CheckRevocation(X509Certificate2 certificate, X509Certificate2 ca_cert, bool online)
        {
            X509KeyUsageExtension x509KeyUsageExtension = (X509KeyUsageExtension)ca_cert.Extensions["2.5.29.15"];

            if (x509KeyUsageExtension != null)
            {
                X509KeyUsageFlags x509KeyUsageFlags = X509KeyUsageFlags.CrlSign;
                if ((x509KeyUsageExtension.KeyUsages & x509KeyUsageFlags) != x509KeyUsageFlags)
                {
                    return(X509ChainStatusFlags.RevocationStatusUnknown);
                }
            }
            X509Crl x509Crl = this.FindCrl(ca_cert);

            if (x509Crl != null || online)
            {
            }
            if (x509Crl == null)
            {
                return(X509ChainStatusFlags.RevocationStatusUnknown);
            }
            if (!x509Crl.VerifySignature(ca_cert.PublicKey.Key))
            {
                return(X509ChainStatusFlags.RevocationStatusUnknown);
            }
            X509Crl.X509CrlEntry crlEntry = x509Crl.GetCrlEntry(certificate.MonoCertificate);
            if (crlEntry != null)
            {
                if (!this.ProcessCrlEntryExtensions(crlEntry))
                {
                    return(X509ChainStatusFlags.Revoked);
                }
                if (crlEntry.RevocationDate <= this.ChainPolicy.VerificationTime)
                {
                    return(X509ChainStatusFlags.Revoked);
                }
            }
            if (x509Crl.NextUpdate < this.ChainPolicy.VerificationTime)
            {
                return(X509ChainStatusFlags.RevocationStatusUnknown | X509ChainStatusFlags.OfflineRevocation);
            }
            if (!this.ProcessCrlExtensions(x509Crl))
            {
                return(X509ChainStatusFlags.RevocationStatusUnknown);
            }
            return(X509ChainStatusFlags.NoError);
        }

예제 #3

파일 보기

        private bool ProcessCrlEntryExtensions(X509Crl.X509CrlEntry entry)
        {
            foreach (Mono.Security.X509.X509Extension extension in entry.Extensions)
            {
                if (extension.Critical)
                {
                    switch (extension.Oid)
                    {
                    default:
                        return(false);

                    case "2.5.29.21":
                        break;
                    }
                }
            }
            return(true);
        }

예제 #4

파일 보기

        private bool ProcessCrlEntryExtensions(X509Crl.X509CrlEntry entry)
        {
            foreach (X509Extension ext in entry.Extensions)
            {
                if (ext.Critical)
                {
                    switch (ext.Oid)
                    {
                    case "2.5.29.21":                             // cRLReason
                        // we processed/know about this extension
                        break;

                    default:
                        return(false);
                    }
                }
            }
            return(true);
        }

예제 #5

파일 보기

        private X509ChainStatusFlags CheckRevocation(BCX509Certificate2 certificate, BCX509Certificate2 ca_cert, bool online)
        {
            // change this if/when we support OCSP
            KeyUsage kue = KeyUsage.GetInstance(ca_cert.CertificateStructure.TbsCertificate.Extensions.GetExtension(X509Extensions.KeyUsage));

            if (kue != null)
            {
                // ... verify CrlSign is set
                //KeyUsage success = new KeyUsage(KeyUsage.CrlSign);
                if ((kue.IntValue & KeyUsage.CrlSign) != KeyUsage.CrlSign)
                {
                    // FIXME - we should try to find an alternative CA that has the CrlSign bit
                    return(X509ChainStatusFlags.RevocationStatusUnknown);
                }
            }

            X509Crl crl = FindCrl(ca_cert);

            if ((crl == null) && online)
            {
                // FIXME - download and install new CRL
                // then you get a second chance
                // crl = FindCrl (ca_cert, ref valid, ref out_of_date);

                // We need to get the subjectAltName and an URI from there (or use OCSP)
                // X509KeyUsageExtension subjectAltName = (ca_cert.Extensions["2.5.29.17"] as X509KeyUsageExtension);
            }

#if !NETCF
            if (crl != null)
            {
                // validate the digital signature on the CRL using the CA public key
                // note #1: we can't use X509Crl.VerifySignature(X509Certificate) because it duplicates
                // checks and we loose the "why" of the failure
                // note #2: we do this before other tests as an invalid signature could be a hacked CRL
                // (so anything within can't be trusted)
                if (!crl.VerifySignature(ca_cert.GetPublicKey()))
                {
                    return(X509ChainStatusFlags.RevocationStatusUnknown);
                }

                X509Crl.X509CrlEntry entry = crl.GetCrlEntry(certificate);
                if (entry != null)
                {
                    // We have an entry for this CRL that includes an unknown CRITICAL extension
                    // See [X.509 7.3] NOTE 4
                    if (!ProcessCrlEntryExtensions(entry))
                    {
                        return(X509ChainStatusFlags.Revoked);
                    }

                    // FIXME - a little more is involved
                    if (entry.RevocationDate <= ChainPolicy.VerificationTime)
                    {
                        return(X509ChainStatusFlags.Revoked);
                    }
                }

                // are we overdue for a CRL update ? if so we can't be sure of any certificate status
                if (crl.NextUpdate.Value < ChainPolicy.VerificationTime)
                {
                    return(X509ChainStatusFlags.RevocationStatusUnknown | X509ChainStatusFlags.OfflineRevocation);
                }

                // we have a CRL that includes an unknown CRITICAL extension
                // we put this check at the end so we do not "hide" any Revoked flags
                if (!ProcessCrlExtensions(crl))
                {
                    return(X509ChainStatusFlags.RevocationStatusUnknown);
                }
            }
            else
#endif
            return(X509ChainStatusFlags.RevocationStatusUnknown);

#if !NETCF
            return(X509ChainStatusFlags.NoError);
#endif
        }