/// <summary>
/// Fetch the value of a given Extenstion.
/// </summary>
/// <param name="oid">The string representation of the oid.</param>
/// <returns>A byte array or null if not found.</returns>
private byte[] getExtensionBytes(string oid)
{
X509Extensions exts = xStruct.getTBSCertificate().getExtensions();
if (exts != null)
{
X509Extension ext = exts.getExtension(new DERObjectIdentifier(oid));
if (ext != null)
{
return(ext.getValue().getOctets());
}
}
return(null);
}
public X509CertificateEntry[] getCertificateChain(
String alias)
{
if (alias == null)
{
throw new ArgumentException("null alias passed to getCertificateChain.");
}
X509CertificateEntry c = getCertificate(alias);
if (c != null)
{
ArrayList cs = new ArrayList();
while (c != null)
{
X509Certificate x509c = c.getCertificate();
X509CertificateEntry nextC = null;
X509Extension ext = x509c.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
if (ext != null)
{
ASN1InputStream aIn = new ASN1InputStream(new MemoryStream(ext.getValue().getOctets()));
AuthorityKeyIdentifier id = new AuthorityKeyIdentifier((ASN1Sequence)aIn.readObject());
if (id.getKeyIdentifier() != null)
{
nextC = (X509CertificateEntry)chainCerts[new CertId(id.getKeyIdentifier())];
}
}
if (nextC == null)
{
//
// no authority key id, try the Issuer DN
//
X509Name i = x509c.getIssuerDN();
X509Name s = x509c.getSubjectDN();
if (!i.Equals(s))
{
IEnumerator e = chainCerts.Keys.GetEnumerator();
while (e.MoveNext())
{
X509Certificate crt = ((X509CertificateEntry)chainCerts[e.Current]).getCertificate();
X509Name sub = crt.getSubjectDN();
if (sub.Equals(i))
{
try
{
x509c.verify(crt.getPublicKey());
nextC = ((X509CertificateEntry)chainCerts[e.Current]);
break;
}
catch
{
// continue
}
}
}
}
}
cs.Add(c);
if (nextC != c) // self signed - end of the chain
{
c = nextC;
}
else
{
c = null;
}
}
X509CertificateEntry[] certChain = new X509CertificateEntry[cs.Count];
for (int i = 0; i != certChain.Length; i++)
{
certChain[i] = (X509CertificateEntry)cs[i];
}
return(certChain);
}
return(null);
}
