public PolicyData GetPolicyData()
{
EnsureCertificateData();
PolicyData policyData = default;
foreach (X509Extension extension in _certData.Extensions)
{
switch (extension.Oid !.Value)
{
private static CertificatePolicy ReadPolicy(X509Certificate2 cert)
{
// If no ApplicationCertPolicies extension is provided then it uses the EKU
// OIDS.
ISet <string>? applicationCertPolicies = null;
ISet <string>? ekus = null;
CertificatePolicy policy = new CertificatePolicy();
PolicyData policyData = cert.Pal.GetPolicyData();
if (policyData.ApplicationCertPolicies != null)
{
applicationCertPolicies = ReadCertPolicyExtension(policyData.ApplicationCertPolicies);
}
if (policyData.CertPolicies != null)
{
policy.DeclaredCertificatePolicies = ReadCertPolicyExtension(policyData.CertPolicies);
}
if (policyData.CertPolicyMappings != null)
{
policy.PolicyMapping = ReadCertPolicyMappingsExtension(policyData.CertPolicyMappings);
}
if (policyData.CertPolicyConstraints != null)
{
ReadCertPolicyConstraintsExtension(policyData.CertPolicyConstraints, policy);
}
if (policyData.EnhancedKeyUsage != null && applicationCertPolicies == null)
{
// No reason to do this if the applicationCertPolicies was already read
ekus = ReadExtendedKeyUsageExtension(policyData.EnhancedKeyUsage);
}
if (policyData.InhibitAnyPolicyExtension != null)
{
policy.InhibitAnyDepth = ReadInhibitAnyPolicyExtension(policyData.InhibitAnyPolicyExtension);
}
policy.DeclaredApplicationPolicies = applicationCertPolicies ?? ekus;
policy.ImplicitAnyApplicationPolicy = policy.DeclaredApplicationPolicies == null;
policy.ImplicitAnyCertificatePolicy = policy.DeclaredCertificatePolicies == null;
policy.SpecifiedAnyApplicationPolicy = CheckExplicitAnyPolicy(policy.DeclaredApplicationPolicies);
policy.SpecifiedAnyCertificatePolicy = CheckExplicitAnyPolicy(policy.DeclaredCertificatePolicies);
return(policy);
}
