internal static void ProcessAttrCert7(IX509AttributeCertificate attrCert, PkixCertPath certPath, PkixCertPath holderCertPath, PkixParameters pkixParams)
    {
        ISet criticalExtensionOids = attrCert.GetCriticalExtensionOids();

        if (criticalExtensionOids.Contains(X509Extensions.TargetInformation.Id))
        {
            try
            {
                TargetInformation.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue(attrCert, X509Extensions.TargetInformation));
            }
            catch (Exception cause)
            {
                throw new PkixCertPathValidatorException("Target information extension could not be read.", cause);
            }
        }
        criticalExtensionOids.Remove(X509Extensions.TargetInformation.Id);
        foreach (PkixAttrCertChecker attrCertChecker in pkixParams.GetAttrCertCheckers())
        {
            attrCertChecker.Check(attrCert, certPath, holderCertPath, criticalExtensionOids);
        }
        if (!criticalExtensionOids.IsEmpty)
        {
            throw new PkixCertPathValidatorException("Attribute certificate contains unsupported critical extensions: " + criticalExtensionOids);
        }
    }
 internal static void CheckCrls(IX509AttributeCertificate attrCert, PkixParameters paramsPKIX, X509Certificate issuerCert, DateTime validDate, IList certPathCerts)
 {
     if (!paramsPKIX.IsRevocationEnabled)
     {
         return;
     }
     if (attrCert.GetExtensionValue(X509Extensions.NoRevAvail) == null)
     {
         CrlDistPoint crlDistPoint = null;
         try
         {
             crlDistPoint = CrlDistPoint.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue(attrCert, X509Extensions.CrlDistributionPoints));
         }
         catch (Exception cause)
         {
             throw new PkixCertPathValidatorException("CRL distribution point extension could not be read.", cause);
         }
         try
         {
             PkixCertPathValidatorUtilities.AddAdditionalStoresFromCrlDistributionPoint(crlDistPoint, paramsPKIX);
         }
         catch (Exception cause2)
         {
             throw new PkixCertPathValidatorException("No additional CRL locations could be decoded from CRL distribution point extension.", cause2);
         }
         CertStatus  certStatus  = new CertStatus();
         ReasonsMask reasonsMask = new ReasonsMask();
         Exception   cause3      = null;
         bool        flag        = false;
         if (crlDistPoint != null)
         {
             DistributionPoint[] array = null;
             try
             {
                 array = crlDistPoint.GetDistributionPoints();
             }
             catch (Exception cause4)
             {
                 throw new PkixCertPathValidatorException("Distribution points could not be read.", cause4);
             }
             try
             {
                 for (int i = 0; i < array.Length; i++)
                 {
                     if (certStatus.Status != 11)
                     {
                         break;
                     }
                     if (reasonsMask.IsAllReasons)
                     {
                         break;
                     }
                     PkixParameters paramsPKIX2 = (PkixParameters)paramsPKIX.Clone();
                     CheckCrl(array[i], attrCert, paramsPKIX2, validDate, issuerCert, certStatus, reasonsMask, certPathCerts);
                     flag = true;
                 }
             }
             catch (Exception innerException)
             {
                 cause3 = new Exception("No valid CRL for distribution point found.", innerException);
             }
         }
         if (certStatus.Status == 11 && !reasonsMask.IsAllReasons)
         {
             try
             {
                 Asn1Object asn1Object = null;
                 try
                 {
                     asn1Object = new Asn1InputStream(attrCert.Issuer.GetPrincipals()[0].GetEncoded()).ReadObject();
                 }
                 catch (Exception innerException2)
                 {
                     throw new Exception("Issuer from certificate for CRL could not be reencoded.", innerException2);
                 }
                 DistributionPoint dp          = new DistributionPoint(new DistributionPointName(0, new GeneralNames(new GeneralName(4, asn1Object))), null, null);
                 PkixParameters    paramsPKIX3 = (PkixParameters)paramsPKIX.Clone();
                 CheckCrl(dp, attrCert, paramsPKIX3, validDate, issuerCert, certStatus, reasonsMask, certPathCerts);
                 flag = true;
             }
             catch (Exception innerException3)
             {
                 cause3 = new Exception("No valid CRL for distribution point found.", innerException3);
             }
         }
         if (!flag)
         {
             throw new PkixCertPathValidatorException("No valid CRL found.", cause3);
         }
         if (certStatus.Status != 11)
         {
             string str  = certStatus.RevocationDate.Value.ToString("ddd MMM dd HH:mm:ss K yyyy");
             string str2 = "Attribute certificate revocation after " + str;
             str2 = str2 + ", reason: " + Rfc3280CertPathUtilities.CrlReasons[certStatus.Status];
             throw new PkixCertPathValidatorException(str2);
         }
         if (!reasonsMask.IsAllReasons && certStatus.Status == 11)
         {
             certStatus.Status = 12;
         }
         if (certStatus.Status == 12)
         {
             throw new PkixCertPathValidatorException("Attribute certificate status could not be determined.");
         }
     }
     else if (attrCert.GetExtensionValue(X509Extensions.CrlDistributionPoints) != null || attrCert.GetExtensionValue(X509Extensions.AuthorityInfoAccess) != null)
     {
         throw new PkixCertPathValidatorException("No rev avail extension is set, but also an AC revocation pointer.");
     }
 }