protected void Page_Load(object sender, EventArgs e) { validationMethodConf = ConfigurationSettings.AppSettings["ValidationMethod"]; ocspUrl = ConfigurationSettings.AppSettings["OCSP_URL"]; issuersPath = Request.MapPath("~/ca_certs"); crlsPath = Request.MapPath("~/crls"); byte[] data = null; byte[] signature = null; X509Certificate2 cert = null; String signType = Request.Params["signType"]; if ("Auth".Equals(signType)) { data = (byte[])Session["Challenge"]; } else if ("Sign".Equals(signType)) { data = System.Text.Encoding.ASCII.GetBytes(Request.Params["SignData"]); } String signatureB64 = Request.Params["signature"]; signature = Convert.FromBase64String(signatureB64); String certificateB64 = Request.Params["certificate"]; byte[] certBin = Convert.FromBase64String(certificateB64); try { cert = new X509Certificate2(certBin); } catch (Exception ex) { } PKIFacade pkiFacade = new PKIFacade(); bool sigVerified = false; bool certVerified = false; try { certVerified = ValidateCerificate(cert); if (certVerified) { sigVerified = pkiFacade.Verify(data, cert, signature); } } catch (Exception ex) { } SignatureVerified.Text = sigVerified.ToString(); CertificateVerified.Text = certVerified.ToString(); ValidationMethod.Text = validationMethodConf; }
private bool ValidateCerificate(X509Certificate2 cert) { PKIFacade pkiFacade = new PKIFacade(); if (validationMethodConf.ToUpper().Equals("OCSP")) { X509Certificate2 issuer = GetCertificateIssuer(cert, issuersPath); if (issuer == null) { return(false); } try { return(pkiFacade.ValidateCertificateOCSP(cert, issuer, ocspUrl)); } catch (MiddlewareException ex) { return(false); } } else if (validationMethodConf.ToUpper().Equals("CRL")) { X509Crl crl = GetCertificateCRL(cert, crlsPath); if (crl == null) { return(false); } try { return(pkiFacade.ValidateCertificateOffline(cert, crl)); } catch (Exception ex) { return(false); } } else if (validationMethodConf.ToUpper().Equals("CDP")) { try { return(pkiFacade.ValidateCertificateCDP(cert)); } catch (Exception e) { return(false); } } return(false); }