internal CertificateStatus GetStatus(CertificateID certificateId)
{
if (certificateId == null)
{
throw new ArgumentNullException(nameof(certificateId));
}
if (certificateId.MatchesIssuer(Certificate) &&
_issuedCertificates.ContainsKey(certificateId.SerialNumber))
{
RevocationInfo revocationInfo;
if (!_revokedCertificates.TryGetValue(certificateId.SerialNumber, out revocationInfo))
{
return(CertificateStatus.Good);
}
var datetimeString = DerGeneralizedTimeUtility.ToDerGeneralizedTimeString(revocationInfo.RevocationDate);
// The DateTime constructor truncates fractional seconds;
// however, the string constructor preserves full accuracy.
var revocationDate = new DerGeneralizedTime(datetimeString);
var reason = new CrlReason((int)revocationInfo.Reason);
var revokedInfo = new RevokedInfo(revocationDate, reason);
return(new RevokedStatus(revokedInfo));
}
return(new UnknownStatus());
}
internal CertificateStatus GetStatus(CertificateID certificateId)
{
if (certificateId == null)
{
throw new ArgumentNullException(nameof(certificateId));
}
if (certificateId.MatchesIssuer(Certificate) &&
_issuedCertificates.ContainsKey(certificateId.SerialNumber))
{
RevocationInfo revocationInfo;
if (!_revokedCertificates.TryGetValue(certificateId.SerialNumber, out revocationInfo))
{
return(CertificateStatus.Good);
}
var revocationDate = new DerGeneralizedTime(revocationInfo.RevocationDate);
var reason = new CrlReason(revocationInfo.Reason);
var revokedInfo = new RevokedInfo(revocationDate, reason);
return(new RevokedStatus(revokedInfo));
}
return(new UnknownStatus());
}
public object GetCertStatus()
{
CertStatus certStatus = this.resp.CertStatus;
if (certStatus.TagNo == 0)
{
return(null);
}
if (certStatus.TagNo == 1)
{
return(new RevokedStatus(RevokedInfo.GetInstance(certStatus.Status)));
}
return(new UnknownStatus());
}
public Object getCertStatus()
{
CertStatus s = resp.getCertStatus();
if (s.getTagNo() == 0)
{
return(null); // good
}
else if (s.getTagNo() == 1)
{
return(new RevokedStatus(RevokedInfo.getInstance(s.getStatus())));
}
return(new UnknownStatus());
}
public CertStatus(Asn1TaggedObject choice)
{
tagNo = choice.TagNo;
switch (choice.TagNo)
{
case 1:
value = RevokedInfo.GetInstance(choice, explicitly: false);
break;
case 0:
case 2:
value = DerNull.Instance;
break;
}
}
/**
* Return the status object for the response - null indicates good.
*
* @return the status object for the response, null if it is good.
*/
public object GetCertStatus()
{
CertStatus s = resp.CertStatus;
if (s.TagNo == 0)
{
return(null); // good
}
if (s.TagNo == 1)
{
return(new RevokedStatus(RevokedInfo.GetInstance(s.Status)));
}
return(new UnknownStatus());
}
public RevokedStatus(
DateTime revocationDate,
int reason)
{
this.info = new RevokedInfo(new DerGeneralizedTime(revocationDate), new CrlReason(reason));
}
public RevokedStatus(
RevokedInfo info)
{
this.info = info;
}
public RevokedStatus(global::System.DateTime revocationDate, int reason)
{
info = new RevokedInfo(new DerGeneralizedTime(revocationDate), new CrlReason(reason));
}
public CertStatus(RevokedInfo info)
{
tagNo = 1;
value = info;
}
public override void handlePOSTRequest(HttpProcessor p, MemoryStream ms)
{
try
{
byte[] ocspdata = ms.ToArray();
OcspReq req = new OcspReq(ocspdata);
GeneralName name = req.RequestorName;
if (validator != null)
{
string stat = "GOOD";
foreach (CertificateID id in req.GetIDs())
{
Stopwatch st = new Stopwatch();
st.Start();
OCSPCache cac = GetCache(id.SerialNumber.LongValue);
if (cac != null)
{
Console.Write("[CACHED] ");
string header = GetRFC822Date(cac.CacheTime);
byte[] responseBytes = cac.data;
p.outputStream.WriteLine("HTTP/1.1 200 OK");
p.outputStream.WriteLine("content-transfer-encoding: binary");
p.outputStream.WriteLine("Last-Modified: " + header);
p.outputStream.WriteLine("Content-Type: application/ocsp-response");
p.outputStream.WriteLine("Connection: keep-alive");
p.outputStream.WriteLine("Accept-Ranges: bytes");
p.outputStream.WriteLine("Server: AS-OCSP-1.0");
p.outputStream.WriteLine("Content-Length: " + responseBytes.Length.ToString());
p.outputStream.WriteLine("");
p.outputStream.WriteContent(responseBytes);
}
else
{
// validate
OCSPRespGenerator gen = new OCSPRespGenerator();
BasicOcspRespGenerator resp = new BasicOcspRespGenerator(validator.CACert.GetPublicKey());
DerGeneralizedTime dt = new DerGeneralizedTime(DateTime.Parse("03/09/2014 14:00:00"));
CrlReason reason = new CrlReason(CrlReason.CACompromise);
if (validator.IsRevoked(id, ref dt, ref reason))
{
RevokedInfo rinfo = new RevokedInfo(dt, reason);
RevokedStatus rstatus = new RevokedStatus(rinfo);
resp.AddResponse(id, rstatus);
stat = "REVOKED";
}
else
{
resp.AddResponse(id, CertificateStatus.Good);
}
BasicOcspResp response = resp.Generate("SHA1withRSA", validator.CAKey, new X509Certificate[] { validator.CACert }, DateTime.Now);
OcspResp or = gen.Generate(OCSPRespGenerator.Successful, response);
string header = GetRFC822Date(DateTime.Now);
byte[] responseBytes = or.GetEncoded();
AddCache(responseBytes, id.SerialNumber.LongValue);
p.outputStream.WriteLine("HTTP/1.1 200 OK");
p.outputStream.WriteLine("content-transfer-encoding: binary");
p.outputStream.WriteLine("Last-Modified: " + header);
p.outputStream.WriteLine("Content-Type: application/ocsp-response");
p.outputStream.WriteLine("Connection: keep-alive");
p.outputStream.WriteLine("Accept-Ranges: bytes");
p.outputStream.WriteLine("Server: AS-OCSP-1.0");
p.outputStream.WriteLine("Content-Length: " + responseBytes.Length.ToString());
p.outputStream.WriteLine("");
p.outputStream.WriteContent(responseBytes);
}
Console.Write(id.SerialNumber + " PROCESSED IN " + st.Elapsed + " STATUS " + stat);
Console.WriteLine("");
}
}
else
{
p.writeFailure();
}
}
catch (Exception ex)
{
Console.WriteLine("OCSP Server Error : " + ex.Message);
}
}
