private static X509Certificate2 DownloadCertificate(
byte[] authorityInformationAccess,
ref TimeSpan remainingDownloadTime)
{
// Don't do any work if we're over limit.
if (remainingDownloadTime <= TimeSpan.Zero)
{
return(null);
}
DerSequenceReader reader = new DerSequenceReader(authorityInformationAccess);
while (reader.HasData)
{
DerSequenceReader innerReader = reader.ReadSequence();
// If the sequence's first element is a sequence, unwrap it.
if (innerReader.PeekTag() == ConstructedSequenceTagId)
{
innerReader = innerReader.ReadSequence();
}
Oid oid = innerReader.ReadOid();
if (StringComparer.Ordinal.Equals(oid.Value, Oids.CertificateAuthorityIssuers))
{
string uri = innerReader.ReadIA5String();
Uri parsedUri;
if (!Uri.TryCreate(uri, UriKind.Absolute, out parsedUri))
{
continue;
}
if (!StringComparer.Ordinal.Equals(parsedUri.Scheme, "http"))
{
continue;
}
return(CertificateAssetDownloader.DownloadCertificate(uri, ref remainingDownloadTime));
}
}
return(null);
}
private static X509Certificate2 DownloadCertificate(
byte[] authorityInformationAccess,
ref TimeSpan remainingDownloadTime)
{
// Don't do any work if we're over limit.
if (remainingDownloadTime <= TimeSpan.Zero)
{
return(null);
}
string uri = FindHttpAiaRecord(authorityInformationAccess, Oids.CertificateAuthorityIssuers);
if (uri == null)
{
return(null);
}
return(CertificateAssetDownloader.DownloadCertificate(uri, ref remainingDownloadTime));
}
