private void TestOCSP() { OcspLookup ocspLookup = new OcspLookup(); X509Store certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser); certStore.Open(OpenFlags.ReadOnly); string serial = "4c 05 5a 37"; X509Certificate2Collection collection = certStore.Certificates.Find(X509FindType.FindBySerialNumber, serial, true); X509Certificate2 cert = null; if (collection.Count > 0) { cert = collection[0]; } else { // the certificate not found throw new NotImplementedException("The certificate was not found."); } X509Chain x509Chain = new X509Chain(); x509Chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck; x509Chain.Build(cert); // Iterate though the chain, to validate if it contain a valid root vertificate X509ChainElementCollection x509ChainElementCollection = x509Chain.ChainElements; X509ChainElementEnumerator enumerator = x509ChainElementCollection.GetEnumerator(); X509ChainElement x509ChainElement; X509Certificate2 x509Certificate2 = null; IDictionary <string, X509Certificate2> map = new Dictionary <string, X509Certificate2>(); IList <X509Certificate2> list = new List <X509Certificate2>(); // At this point, the certificate is not valid, until a // it is proved that it has a valid root certificate while (enumerator.MoveNext()) { x509ChainElement = enumerator.Current; x509Certificate2 = x509ChainElement.Certificate; list.Add(x509Certificate2); } ocspLookup.RevocationResponseOnline(list[0], list[1], "http://ocsp.systemtest8.trust2408.com/responder"); }
private OcspLookup CreateOcesLookup() { OcspConfig ocspConfig = new OcspConfig(); ocspConfig.DefaultTimeoutMsec = 20000; X509Certificate2 oces2RootCertificate = new X509Certificate2(LookupTest.oces2RootCertificate); IList <X509Certificate2> list = new List <X509Certificate2>(); list.Add(oces2RootCertificate); OcspLookup ocspLookup = new OcspLookup(ocspConfig, list); return(ocspLookup); }
public void LookupTestRevokedFoces2() { try { X509Certificate2 certificate = new X509Certificate2(LookupTest.foces2RevokedCertificate, "Test1234"); Assert.IsNotNull(certificate, "Test certificate was null."); OcspLookup ocspLookup = this.CreateOcesLookup(); RevocationResponse response = ocspLookup.CheckCertificate(certificate); Assert.IsFalse(response.IsValid, "Certificate is not valid."); Assert.IsNull(response.Exception, "The lookup return an exception."); Assert.AreEqual(RevocationCheckStatus.CertificateRevoked, response.RevocationCheckStatus, "Not all check was performed."); } catch (Exception exception) { Assert.Fail(exception.ToString()); } }