public async Task <RevocationResult> CheckCrlRevocation(string host, X509Certificate peerCertificate)
{
BcX509Certificate bcPeerCertificate = _certificateParser.ReadCertificate(peerCertificate.Raw);
List <string> urls = GetCrlDistPoints(bcPeerCertificate);
if (!urls.Any())
{
_log.LogWarning("No urls present in crl distribution point extension for host {Host} certificate {CommonName}", host, peerCertificate.CommonName);
return(new RevocationResult("No urls present in crl distribution point extension"));
}
RevocationResult result = null;
foreach (var url in urls)
{
result = await GetCrlResponse(url, host, bcPeerCertificate);
if (result.Revoked.HasValue)
{
return(result);
}
}
return(result);
}
public async Task <RevocationResult> CheckOcspRevocation(string host, X509Certificate peerCertificate, X509Certificate issuerCertificate)
{
BcX509Certificate bcPeerCertificate = _certificateParser.ReadCertificate(peerCertificate.Raw);
BcX509Certificate bcIssuerCertificate = _certificateParser.ReadCertificate(issuerCertificate.Raw);
List <string> urls = GetOcspEndPoints(bcPeerCertificate);
if (!urls.Any())
{
_log.LogWarning("No urls present in Authority Info Access extension for host {Host} certificate {CommonName}", host, peerCertificate.CommonName);
return(new RevocationResult("No urls present in Authority Info Access extension"));
}
RevocationResult result = null;
foreach (var url in urls)
{
result = await GetOcspResponse(url, host, bcPeerCertificate, bcIssuerCertificate);
if (result.Revoked.HasValue)
{
return(result);
}
}
return(result);
}