GDS: add Method CheckRevocationStatus to Client & Server

Libraries/Opc.Ua.Gds.Client.Common/GlobalDiscoveryServerClient.cs

@@ -584,6 +584,36 @@
             return null;
         }
 
+        /// <summary>
+        /// Checks the provided certificate for validity
+        /// </summary>
+        /// <param name="certificate">The DER encoded form of the Certificate to check.</param>
+        /// <param name="certificateStatus">The first error encountered when validating the Certificate.</param>
+        /// <param name="validityTime">When the result expires and should be rechecked. DateTime.MinValue if this is unknown.</param>
+        public void CheckRevocationStatus(byte[] certificate,
+            out StatusCode certificateStatus,
+            out DateTime validityTime)
+        {
+            certificateStatus = StatusCodes.Good;
+            validityTime = DateTime.MinValue;
+
+            if (!IsConnected)
+            {
+                Connect();
+            }
+
+            var outputArguments = Session.Call(
+                ExpandedNodeId.ToNodeId(Opc.Ua.Gds.ObjectIds.Directory, Session.NamespaceUris),
+                ExpandedNodeId.ToNodeId(Opc.Ua.Gds.MethodIds.CertificateDirectoryType_CheckRevocationStatus, Session.NamespaceUris),
+                certificate);
+
+            if (outputArguments.Count >= 2)
+            {
+                certificateStatus = (StatusCode)outputArguments[0];
+                validityTime = (DateTime)outputArguments[1];
+            }
+        }
+
         /// <summary>
         /// Updates the application.
         /// </summary>

Libraries/Opc.Ua.Gds.Server.Common/ApplicationsNodeManager.cs

@@ -417,6 +417,7 @@
                     activeNode.GetTrustList.OnCall = new GetTrustListMethodStateMethodCallHandler(OnGetTrustList);
                     activeNode.GetCertificateStatus.OnCall = new GetCertificateStatusMethodStateMethodCallHandler(OnGetCertificateStatus);
                     activeNode.StartSigningRequest.OnCall = new StartSigningRequestMethodStateMethodCallHandler(OnStartSigningRequest);
+                    activeNode.CheckRevocationStatus.OnCall = new CheckRevocationStatusMethodStateMethodCallHandler(OnCheckRevocationStatus);
                     // TODO
                     //activeNode.RevokeCertificate.OnCall = new RevokeCertificateMethodStateMethodCallHandler(OnRevokeCertificate);
 
@@ -606,6 +607,32 @@
             return ServiceResult.Good;
         }
 
+        private ServiceResult OnCheckRevocationStatus(
+        ISystemContext context,
+        MethodState method,
+        NodeId objectId,
+        byte[] certificate,
+        ref StatusCode certificateStatus,
+        ref DateTime validityTime)
+        {
+            //create CertificateValidator with secure defaults
+            var certificateValidator = new CertificateValidator();
+
+            validityTime = DateTime.MinValue;
+
+            try
+            {
+                certificateValidator.Validate(new X509Certificate2(certificate));
+            }
+            catch (ServiceResultException se)
+            {
+                certificateStatus = se.StatusCode;
+            }
+
+            return ServiceResult.Good;
+        }
+
+
         private ServiceResult CheckHttpsDomain(ApplicationRecordDataType application, string commonName)
         {
             if (application.ApplicationType == ApplicationType.Client)

Tests/Opc.Ua.Gds.Tests/ClientTest.cs

@@ -968,6 +968,19 @@ public void GetInvalidCertificateStatus()
             }
         }
 
+        [Test, Order(700)]
+        public void CheckRevocationStatus()
+        {
+            AssertIgnoreTestWithoutGoodRegistration();
+            ConnectGDS(false);
+            foreach (var application in m_goodApplicationTestSet)
+            {
+                m_gdsClient.GDSClient.CheckRevocationStatus(application.Certificate, out StatusCode certificateStatus, out DateTime validityTime);
+                Assert.Equals(StatusCodes.Good, certificateStatus);
+                Assert.NotNull(validityTime);
+            }
+        }
+
         [Test, Order(900)]
         public void UnregisterGoodApplications()
         {