public bool IsRevoked(X509Certificate certificate) { if (certificate.IsRoot()) return false; string authorityId = certificate.GetAuthorityKeyIdentifier(); //TODO: make this thread safe Crl crl = GetCrl(authorityId); if (crl == null) crl = CreateCrlEntry(authorityId, certificate.GetCrlDistributionPointAddresses()); if (!crl.Valid) return true; return crl.Contains(certificate) || IsRevoked(crl.IssuerCertificate); }
public bool MayTrustTo(X509Certificate certificate) { Log.Write("Get authority key"); string authorityId = certificate.GetAuthorityKeyIdentifier(); Log.Write("Got authority key"); Log.Write("Get issuer"); X509Certificate issuerCertificate = GetIssuerCertificate(authorityId); Log.Write("Got issuer"); Log.Write("Check signature"); if (issuerCertificate != null && certificate.IsSignedBy(issuerCertificate)) return true; return false; }