| public Verify ( Mono.Security.X509.X509Certificate x509, ISender sender ) : bool | ||
| x509 | Mono.Security.X509.X509Certificate | |
| sender | ISender | |
| return | bool | |
public bool Verify(X509Certificate x509, ISender sender) {
Brunet.Util.MemBlock sn = Brunet.Util.MemBlock.Reference(x509.SerialNumber);
lock(_sync) {
if(!_cas.ContainsKey(sn)) {
throw new Exception("Unsupported CA!");
}
if(!x509.VerifySignature(_cas[sn].RSA)) {
throw new Exception("Unable to verify certificate, bad signature!");
}
}
foreach(ICertificateVerification icv in _certificate_verifiers) {
if(!icv.Verify(x509, sender)) {
throw new Exception("Certificate not valid, reason unsure");
}
}
return true;
}
public void ValidityTest()
{
CertificateHandler ch = new CertificateHandler();
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(512);
byte[] blob = rsa.ExportCspBlob(false);
RSACryptoServiceProvider rsa_pub = new RSACryptoServiceProvider();
rsa_pub.ImportCspBlob(blob);
string ID = "brunet:node:PXYSWDL5SZDHDDXJKZCLFENOP2KZDMBU";
CertificateMaker cm = new CertificateMaker("US", "UFL", "ACIS", "David Wolinsky",
"*****@*****.**", rsa_pub, ID);
Certificate cert_0 = cm.Sign(cm, rsa);
ch.AddSignedCertificate(cert_0.X509);
ch.AddCACertificate(cert_0.X509);
rsa = new RSACryptoServiceProvider(1024);
rsa_pub.ImportCspBlob(rsa.ExportCspBlob(false));
cm = new CertificateMaker("US", "UFL", "ACIS", "David Wolinsky",
"*****@*****.**", rsa_pub, ID);
Certificate cert_1 = cm.Sign(cm, rsa);
Assert.IsTrue(ch.Verify(cert_0.X509, null, ID), "Valid");
bool success = false;
try {
success = ch.Verify(cert_1.X509, null, ID);
} catch { }
Assert.IsTrue(!success, "Valid cert2");
}
