/// <summary>
/// Procesa la respuesta del servidor OCSP y devuelve el estado del certificado
/// </summary>
/// <param name="binaryResp"></param>
/// <returns></returns>
public CertificateStatus ProcessOcspResponse(byte[] binaryResp, bool checkNonce)
{
if (binaryResp.Length == 0)
{
return(CertificateStatus.Unknown);
}
OcspResp r = new OcspResp(binaryResp);
CertificateStatus cStatus = CertificateStatus.Unknown;
if (r.Status == OcspRespStatus.Successful)
{
BasicOcspResp or = (BasicOcspResp)r.GetResponseObject();
if (checkNonce)
{
if (or.GetExtensionValue(OcspObjectIdentifiers.PkixOcspNonce).ToString() !=
_nonceAsn1OctetString.ToString())
{
throw new Exception("Bad nonce value");
}
}
if (or.Responses.Length == 1)
{
SingleResp resp = or.Responses[0];
object certificateStatus = resp.GetCertStatus();
if (certificateStatus == Org.BouncyCastle.Ocsp.CertificateStatus.Good)
{
cStatus = CertificateStatus.Good;
}
else if (certificateStatus is Org.BouncyCastle.Ocsp.RevokedStatus)
{
cStatus = CertificateStatus.Revoked;
}
else if (certificateStatus is Org.BouncyCastle.Ocsp.UnknownStatus)
{
cStatus = CertificateStatus.Unknown;
}
}
}
else
{
throw new Exception("Unknow status '" + r.Status + "'.");
}
return(cStatus);
}