public override List<VerificationOK> Verify(X509Certificate signCert, X509Certificate issuerCert, DateTime signDate)
{
List<VerificationOK> result = new List<VerificationOK>();
int validOCSPsFound = 0;
// first check in the list of OCSP responses that was provided
if (ocsps != null) {
foreach (BasicOcspResp ocspResp in ocsps) {
if (Verify(ocspResp, signCert, issuerCert, signDate))
validOCSPsFound++;
}
}
// then check online if allowed
bool online = false;
if (onlineCheckingAllowed && validOCSPsFound == 0) {
if (Verify(GetOcspResponse(signCert, issuerCert), signCert, issuerCert, signDate)) {
validOCSPsFound++;
online = true;
}
}
// show how many valid OCSP responses were found
LOGGER.Info("Valid OCSPs found: " + validOCSPsFound);
if (validOCSPsFound > 0)
result.Add(new VerificationOK(signCert, this, "Valid OCSPs Found: " + validOCSPsFound + (online ? " (online)" : "")));
if (verifier != null)
result.AddRange(verifier.Verify(signCert, issuerCert, signDate));
// verify using the previous verifier in the chain (if any)
return result;
}