Update src/WebEid.Security/Validator/CertValidators/SubjectCertificateNotRevokedValidator.cs

metsma · mrts · commit 88f32e643b9d · 2023-08-23T09:26:53.000+03:00
diff --git a/src/WebEid.Security/Validator/CertValidators/SubjectCertificateNotRevokedValidator.cs b/src/WebEid.Security/Validator/CertValidators/SubjectCertificateNotRevokedValidator.cs
@@ -134,6 +134,7 @@ private void VerifyOcspResponse(BasicOcspResp basicResponse,
             if (responseCertificates.Length < 1)
             {
                 throw new UserCertificateOcspCheckFailedException("OCSP response must contain the responder certificate, but none was provided");
+            }
             // The first certificate is the responder certificate. Any subsequent certificates, if provided, represent the
             // certificate chain, which we already possess via the configured trusted CA certificates.
             // Thus, the chain doesn't require validation, only the responder certificate does.

Original file line number	Diff line number	Diff line change
`@@ -134,6 +134,7 @@ private void VerifyOcspResponse(BasicOcspResp basicResponse,`
`134`	`134`	`if (responseCertificates.Length < 1)`
`135`	`135`	`{`
`136`	`136`	`throw new UserCertificateOcspCheckFailedException("OCSP response must contain the responder certificate, but none was provided");`
	`137`	`+ }`
`137`	`138`	`// The first certificate is the responder certificate. Any subsequent certificates, if provided, represent the`
`138`	`139`	`// certificate chain, which we already possess via the configured trusted CA certificates.`
`139`	`140`	`// Thus, the chain doesn't require validation, only the responder certificate does.`