/// <summary>Verifies a time stamp against a KeyStore.</summary>
/// <param name="ts">the time stamp</param>
/// <param name="keystore">the <CODE>KeyStore</CODE></param>
/// <param name="provider">the provider or <CODE>null</CODE> to use the BouncyCastle provider</param>
/// <returns><CODE>true</CODE> is a certificate was found</returns>
public static bool VerifyTimestampCertificates(TimeStampToken ts, List <X509Certificate> keystore)
{
IList <Exception> exceptionsThrown = new List <Exception>();
try {
foreach (X509Certificate certStoreX509 in SignUtils.GetCertificates(keystore))
{
try {
SignUtils.IsSignatureValid(ts, certStoreX509);
return(true);
}
catch (Exception ex) {
exceptionsThrown.Add(ex);
}
}
}
catch (Exception e) {
exceptionsThrown.Add(e);
}
foreach (Exception ex in exceptionsThrown)
{
LOGGER.Error(ex.Message, ex);
}
return(false);
}
/// <summary>Checks if an OCSP response is genuine</summary>
/// <param name="ocspResp">the OCSP response</param>
/// <param name="responderCert">the responder certificate</param>
/// <returns>true if the OCSP response verifies against the responder certificate</returns>
public virtual bool IsSignatureValid(BasicOcspResp ocspResp, X509Certificate responderCert)
{
try {
return(SignUtils.IsSignatureValid(ocspResp, responderCert));
}
catch (Exception) {
return(false);
}
}
/// <summary>Verifies an OCSP response against a KeyStore.</summary>
/// <param name="ocsp">the OCSP response</param>
/// <param name="keystore">the <CODE>KeyStore</CODE></param>
/// <param name="provider">the provider or <CODE>null</CODE> to use the BouncyCastle provider</param>
/// <returns><CODE>true</CODE> is a certificate was found</returns>
public static bool VerifyOcspCertificates(BasicOcspResp ocsp, List <X509Certificate> keystore)
{
try {
foreach (X509Certificate certStoreX509 in SignUtils.GetCertificates(keystore))
{
try {
return(SignUtils.IsSignatureValid(ocsp, certStoreX509));
}
catch (Exception) {
}
}
}
catch (Exception) {
}
return(false);
}
/// <summary>Verifies a time stamp against a KeyStore.</summary>
/// <param name="ts">the time stamp</param>
/// <param name="keystore">the <CODE>KeyStore</CODE></param>
/// <param name="provider">the provider or <CODE>null</CODE> to use the BouncyCastle provider</param>
/// <returns><CODE>true</CODE> is a certificate was found</returns>
public static bool VerifyTimestampCertificates(TimeStampToken ts, List <X509Certificate> keystore)
{
try {
foreach (X509Certificate certStoreX509 in SignUtils.GetCertificates(keystore))
{
try {
SignUtils.IsSignatureValid(ts, certStoreX509);
return(true);
}
catch (Exception) {
}
}
}
catch (Exception) {
}
return(false);
}
/// <summary>Verifies an OCSP response against a KeyStore.</summary>
/// <param name="ocsp">the OCSP response</param>
/// <param name="keystore">the <CODE>KeyStore</CODE></param>
/// <param name="provider">the provider or <CODE>null</CODE> to use the BouncyCastle provider</param>
/// <returns><CODE>true</CODE> is a certificate was found</returns>
public static bool VerifyOcspCertificates(BasicOcspResp ocsp, List <X509Certificate> keystore)
{
IList <Exception> exceptionsThrown = new List <Exception>();
try {
foreach (X509Certificate certStoreX509 in SignUtils.GetCertificates(keystore))
{
try {
return(SignUtils.IsSignatureValid(ocsp, certStoreX509));
}
catch (Exception ex) {
exceptionsThrown.Add(ex);
}
}
}
catch (Exception e) {
exceptionsThrown.Add(e);
}
foreach (Exception ex in exceptionsThrown)
{
LOGGER.Error(ex.Message, ex);
}
return(false);
}
