public virtual void ValidCrl01()
{
X509Certificate caCert = (X509Certificate)Pkcs12FileHelper.ReadFirstChain(certsSrc + "rootRsa.p12", password
)[0];
TestCrlBuilder crlBuilder = new TestCrlBuilder(caCert, DateTimeUtil.GetCurrentUtcTime().AddDays(-1));
NUnit.Framework.Assert.IsTrue(VerifyTest(crlBuilder));
}
public virtual void InvalidRevokedCrl01()
{
NUnit.Framework.Assert.That(() => {
X509Certificate caCert = (X509Certificate)Pkcs12FileHelper.ReadFirstChain(certsSrc + "rootRsa.p12", password
)[0];
TestCrlBuilder crlBuilder = new TestCrlBuilder(caCert, DateTimeUtil.GetCurrentUtcTime().AddDays(-1));
String checkCertFileName = certsSrc + "signCertRsa01.p12";
X509Certificate checkCert = (X509Certificate)Pkcs12FileHelper.ReadFirstChain(checkCertFileName, password)[
0];
crlBuilder.AddCrlEntry(checkCert, DateTimeUtil.GetCurrentUtcTime().AddDays(-40), Org.BouncyCastle.Asn1.X509.CrlReason.KeyCompromise
);
VerifyTest(crlBuilder);
}
, NUnit.Framework.Throws.TypeOf <VerificationException>());
;
}
/// <exception cref="Org.BouncyCastle.Security.GeneralSecurityException"/>
/// <exception cref="System.IO.IOException"/>
private bool VerifyTest(TestCrlBuilder crlBuilder)
{
String caCertFileName = certsSrc + "rootRsa.p12";
X509Certificate caCert = (X509Certificate)Pkcs12FileHelper.ReadFirstChain(caCertFileName, password)[0];
ICipherParameters caPrivateKey = Pkcs12FileHelper.ReadFirstKey(caCertFileName, password, password);
String checkCertFileName = certsSrc + "signCertRsa01.p12";
X509Certificate checkCert = (X509Certificate)Pkcs12FileHelper.ReadFirstChain(checkCertFileName, password)[
0];
TestCrlClient crlClient = new TestCrlClient(crlBuilder, caPrivateKey);
ICollection <byte[]> crlBytesCollection = crlClient.GetEncoded(checkCert, null);
bool verify = false;
foreach (byte[] crlBytes in crlBytesCollection)
{
X509Crl crl = (X509Crl)SignTestPortUtil.ParseCrlFromStream(new MemoryStream(crlBytes));
CRLVerifier verifier = new CRLVerifier(null, null);
verify = verifier.Verify(crl, checkCert, caCert, DateTimeUtil.GetCurrentUtcTime());
break;
}
return(verify);
}
/// <exception cref="Org.BouncyCastle.Security.Certificates.CertificateEncodingException"/>
public TestCrlClient(X509Certificate caCert, ICipherParameters caPrivateKey)
{
this.crlBuilder = new TestCrlBuilder(caCert, DateTimeUtil.GetCurrentUtcTime().AddDays(-1));
this.caPrivateKey = caPrivateKey;
}
/// <exception cref="Org.BouncyCastle.Security.Certificates.CertificateEncodingException"/>
public TestCrlClient(TestCrlBuilder crlBuilder, ICipherParameters caPrivateKey)
{
this.crlBuilder = crlBuilder;
this.caPrivateKey = caPrivateKey;
}
