本文整理匯總了C#中Org.BouncyCastle.X509.X509Crl.Verify方法的典型用法代碼示例。如果您正苦於以下問題:C# X509Crl.Verify方法的具體用法?C# X509Crl.Verify怎麽用?C# X509Crl.Verify使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類Org.BouncyCastle.X509.X509Crl的用法示例。
在下文中一共展示了X509Crl.Verify方法的3個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的C#代碼示例。
示例1: IsSignatureValid
/**
* Checks if a CRL verifies against the issuer certificate or a trusted anchor.
* @param crl the CRL
* @param crlIssuer the trusted anchor
* @return true if the CRL can be trusted
*/
public bool IsSignatureValid(X509Crl crl, X509Certificate crlIssuer)
{
// check if the CRL was issued by the issuer
if (crlIssuer != null) {
try {
crl.Verify(crlIssuer.GetPublicKey());
return true;
} catch (GeneralSecurityException) {
LOGGER.Warn("CRL not issued by the same authority as the certificate that is being checked");
}
}
// check the CRL against trusted anchors
if (certificates == null)
return false;
try {
// loop over the certificate in the key store
foreach (X509Certificate anchor in certificates) {
try {
crl.Verify(anchor.GetPublicKey());
return true;
} catch (GeneralSecurityException) {}
}
}
catch (GeneralSecurityException) {
return false;
}
return false;
}示例2: ProcessCrlG
internal static AsymmetricKeyParameter ProcessCrlG(
X509Crl crl,
ISet keys)
{
Exception lastException = null;
foreach (AsymmetricKeyParameter key in keys)
{
try
{
crl.Verify(key);
return key;
}
catch (Exception e)
{
lastException = e;
}
}
throw new Exception("Cannot verify CRL.", lastException);
}示例3: IsCRLOK
private bool IsCRLOK(X509Crl x509crl, X509Certificate issuerCertificate, DateTime
validationDate)
{
if (issuerCertificate == null)
{
throw new ArgumentNullException("Must provide a issuer certificate to validate the signature"
);
}
if (!x509crl.IssuerDN.Equals(issuerCertificate.SubjectDN))
{
LOG.Warn("The CRL must be signed by the issuer (" + issuerCertificate.SubjectDN
+ " ) but instead is signed by " + x509crl.IssuerDN);
return false;
}
try
{
x509crl.Verify(issuerCertificate.GetPublicKey());
}
catch (Exception e)
{
LOG.Warn("The signature verification for CRL cannot be performed : " + e.Message
);
return false;
}
DateTime thisUpdate = x509crl.ThisUpdate;
LOG.Info("validation date: " + validationDate);
LOG.Info("CRL this update: " + thisUpdate);
// if (thisUpdate.after(validationDate)) {
// LOG.warning("CRL too young");
// return false;
// }
LOG.Info("CRL next update: " + x509crl.NextUpdate);
if (x509crl.NextUpdate != null && validationDate.CompareTo(x509crl.NextUpdate.Value) > 0) //jbonilla After
{
LOG.Info("CRL too old");
return false;
}
// assert cRLSign KeyUsage bit
if (null == issuerCertificate.GetKeyUsage())
{
LOG.Warn("No KeyUsage extension for CRL issuing certificate");
return false;
}
if (false == issuerCertificate.GetKeyUsage()[6])
{
LOG.Warn("cRLSign bit not set for CRL issuing certificate");
return false;
}
return true;
}