public static bool ValidateSslCertificateFields(Certificate certificate)
{
if (!CertificateFieldValidator.Validate(certificate))
{
return(false);
}
if (certificate.BasicConstraints.HasBasicConstraints)
{
if (certificate.BasicConstraints.IsCa)
{
return(false);
}
}
if (!ValidateSslCertificateKeyUsage(certificate.KeyUsage.KeyUsageFlags))
{
return(false);
}
if (!ValidateSslCertificateExtendedKeyUsage(certificate.ExtendedKeyUsage.Oids, certificate.ExtendedKeyUsage.Count))
{
return(false);
}
return(true);
}
public static bool ValidateSubCaCertificate(Certificate subCaCertificate)
{
if (!CertificateFieldValidator.Validate(subCaCertificate))
{
return(false);
}
if (!CheckValidityPeriod(subCaCertificate))
{
return(false);
}
if (!CertificateChainValidator.ValidateCertificateSignatureWithChain(subCaCertificate))
{
return(false);
}
return(true);
}
public static bool ValidateRootCaCertificate(Certificate rootCaCertificate)
{
if (!CertificateFieldValidator.Validate(rootCaCertificate))
{
return(false);
}
if (!CertificateSignatureValidator.ValidateSelfSignedCertificateSignature(rootCaCertificate))
{
return(false);
}
if (!CheckValidityPeriod(rootCaCertificate))
{
return(false);
}
if (!ValidateRootCaCertificateFields(rootCaCertificate))
{
return(false);
}
return(true);
}