public object GetResponseObject()
{
ResponseBytes rb = this.resp.ResponseBytes;
if (rb == null)
{
return(null);
}
if (rb.ResponseType.Equals(OcspObjectIdentifiers.PkixOcspBasic))
{
try
{
return(new BasicOcspResp(
BasicOcspResponse.GetInstance(
Asn1Object.FromByteArray(rb.Response.GetOctets()))));
}
catch (Exception e)
{
throw new OcspException("problem decoding object: " + e, e);
}
}
return(rb.Response);
}
private ITestResult Response()
{
try
{
OcspResponse resp = OcspResponse.GetInstance(
Asn1Object.FromByteArray(_response));
ResponseBytes rBytes = ResponseBytes.GetInstance(resp.ResponseBytes);
BasicOcspResponse bResp = BasicOcspResponse.GetInstance(
Asn1Object.FromByteArray(rBytes.Response.GetOctets()));
resp = new OcspResponse(
resp.ResponseStatus,
new ResponseBytes(
rBytes.ResponseType,
new DerOctetString(bResp.GetEncoded())));
if (!Arrays.AreEqual(resp.GetEncoded(), _response))
{
return(new SimpleTestResult(false, Name + ": Ocsp response failed to re-encode"));
}
return(new SimpleTestResult(true, Name + ": Okay"));
}
catch (Exception e)
{
return(new SimpleTestResult(false, Name + ": failed response exception - " + e.ToString(), e));
}
}
private IDictionary ExtendUnsignedAttributes(IDictionary unsignedAttrs, X509Certificate signingCertificate, DateTime signingDate, ICertificateSource optionalCertificateSource)
{
var validationContext = CertificateVerifier.ValidateCertificate(signingCertificate, signingDate, optionalCertificateSource, null, null);
List <X509CertificateStructure> certificateValues = new List <X509CertificateStructure>();
List <CertificateList> crlValues = new List <CertificateList>();
List <BasicOcspResponse> ocspValues = new List <BasicOcspResponse>();
foreach (CertificateAndContext c in validationContext.NeededCertificates)
{
if (!c.Equals(signingCertificate))
{
certificateValues.Add(X509CertificateStructure.GetInstance(((Asn1Sequence)Asn1Object.FromByteArray(c.Certificate.GetEncoded()))));
}
}
foreach (X509Crl relatedcrl in validationContext.NeededCRL)
{
crlValues.Add(CertificateList.GetInstance((Asn1Sequence)Asn1Object.FromByteArray(relatedcrl.GetEncoded())));
}
foreach (BasicOcspResp relatedocspresp in validationContext.NeededOCSPResp)
{
ocspValues.Add((BasicOcspResponse.GetInstance((Asn1Sequence)Asn1Object.FromByteArray(relatedocspresp.GetEncoded()))));
}
RevocationValues revocationValues = new RevocationValues(crlValues.ToArray(), ocspValues.ToArray(), null);
unsignedAttrs.Add(PkcsObjectIdentifiers.IdAAEtsRevocationValues, new BcCms.Attribute(PkcsObjectIdentifiers.IdAAEtsRevocationValues, new DerSet(revocationValues)));
unsignedAttrs.Add(PkcsObjectIdentifiers.IdAAEtsCertValues, new BcCms.Attribute(PkcsObjectIdentifiers.IdAAEtsCertValues, new DerSet(new DerSequence(certificateValues.ToArray()))));
return(unsignedAttrs);
}
static void CheckValidityOfResponse(CertID id, BasicOcspResp responseObject, Ca ca)
{
var inputStream = new MemoryStream(responseObject.GetEncoded());
var asn1Sequence = (Asn1Sequence) new Asn1InputStream(inputStream).ReadObject();
var response = BasicOcspResponse.GetInstance(asn1Sequence);
var ocspChain = CreateOcspCertificateChain(ca);
if (ocspChain.Length == 0)
{
throw new OcspException("OCSP certificate chain is invalid");
}
var ocesOcspCertificate = OcesCertificateFactory.Instance.Generate(CompleteOcspChain(response, ocspChain));
CheckBasicOcspResp(id, responseObject, ocesOcspCertificate, ca);
var signingCertificate = new X509CertificateParser().ReadCertificate(response.Certs[0].GetEncoded());
var issuingCertificate = new X509CertificateParser().ReadCertificate(ocspChain[0].GetRawCertData());
signingCertificate.Verify(issuingCertificate.GetPublicKey());
if (!responseObject.Verify(signingCertificate.GetPublicKey()))
{
throw new OcspException("Signature is invalid");
}
}
/// <exception cref="System.IO.IOException"/>
/// <exception cref="Org.BouncyCastle.Operator.OperatorCreationException"/>
/// <exception cref="Org.BouncyCastle.Security.GeneralSecurityException"/>
public virtual bool VerifyAuthorizedOCSPResponderTest(DateTime ocspResponderCertStartDate, DateTime ocspResponderCertEndDate
, DateTime checkDate)
{
X509Certificate caCert = (X509Certificate)Pkcs12FileHelper.ReadFirstChain(certsSrc + "intermediateRsa.p12"
, password)[0];
ICipherParameters caPrivateKey = Pkcs12FileHelper.ReadFirstKey(certsSrc + "intermediateRsa.p12", password,
password);
String checkCertFileName = certsSrc + "signCertRsaWithChain.p12";
X509Certificate checkCert = (X509Certificate)Pkcs12FileHelper.ReadFirstChain(checkCertFileName, password)[
0];
RsaKeyPairGenerator keyGen = SignTestPortUtil.BuildRSA2048KeyPairGenerator();
AsymmetricCipherKeyPair key = keyGen.GenerateKeyPair();
ICipherParameters ocspRespPrivateKey = key.Private;
AsymmetricKeyParameter ocspRespPublicKey = key.Public;
TestCertificateBuilder certBuilder = new TestCertificateBuilder(ocspRespPublicKey, caCert, caPrivateKey, "CN=iTextTestOCSPResponder, OU=test, O=iText"
);
certBuilder.SetStartDate(ocspResponderCertStartDate);
certBuilder.SetEndDate(ocspResponderCertEndDate);
X509Certificate ocspResponderCert = certBuilder.BuildAuthorizedOCSPResponderCert();
TestOcspResponseBuilder builder = new TestOcspResponseBuilder(ocspResponderCert, ocspRespPrivateKey);
TestOcspClient ocspClient = new TestOcspClient().AddBuilderForCertIssuer(caCert, builder);
byte[] basicOcspRespBytes = ocspClient.GetEncoded(checkCert, caCert, null);
Asn1Object var2 = Asn1Object.FromByteArray(basicOcspRespBytes);
BasicOcspResp basicOCSPResp = new BasicOcspResp(BasicOcspResponse.GetInstance(var2));
OCSPVerifier ocspVerifier = new OCSPVerifier(null, null);
return(ocspVerifier.Verify(basicOCSPResp, checkCert, caCert, checkDate));
}
public BasicOcspResponse[] GetOcspVals()
{
BasicOcspResponse[] array = new BasicOcspResponse[ocspVals.Count];
for (int i = 0; i < ocspVals.Count; i++)
{
array[i] = BasicOcspResponse.GetInstance(ocspVals[i].ToAsn1Object());
}
return(array);
}
private static List <X509Certificate2> CompleteOcspChain(BasicOcspResponse ocspResponse, IEnumerable <X509Certificate2> ocspChain)
{
var ocspCertificate = new X509Certificate2(ocspResponse.Certs[0].GetEncoded());
return(new List <X509Certificate2>(ocspChain)
{
ocspCertificate
});
}
public BasicOcspResponse[] GetOcspVals()
{
BasicOcspResponse[] result = new BasicOcspResponse[ocspVals.Count];
for (int i = 0; i < ocspVals.Count; ++i)
{
result[i] = BasicOcspResponse.GetInstance(ocspVals[i].ToAsn1Object());
}
return(result);
}
/// <exception cref="System.IO.IOException"></exception>
//private IDictionary<DerObjectIdentifier, Asn1Encodable> ExtendUnsignedAttributes(IDictionary
// <DerObjectIdentifier, Asn1Encodable> unsignedAttrs, X509Certificate signingCertificate
// , DateTime signingDate, CertificateSource optionalCertificateSource)
private IDictionary ExtendUnsignedAttributes(IDictionary unsignedAttrs
, X509Certificate signingCertificate, DateTime signingDate
, CertificateSource optionalCertificateSource)
{
ValidationContext validationContext = certificateVerifier.ValidateCertificate(signingCertificate
, signingDate, optionalCertificateSource, null, null);
try
{
IList <X509CertificateStructure> certificateValues = new AList <X509CertificateStructure
>();
AList <CertificateList> crlValues = new AList <CertificateList>();
AList <BasicOcspResponse> ocspValues = new AList <BasicOcspResponse>();
foreach (CertificateAndContext c in validationContext.GetNeededCertificates())
{
if (!c.Equals(signingCertificate))
{
certificateValues.AddItem(X509CertificateStructure.GetInstance(((Asn1Sequence)Asn1Object.FromByteArray
(c.GetCertificate().GetEncoded()))));
}
}
foreach (X509Crl relatedcrl in validationContext.GetNeededCRL())
{
crlValues.AddItem(CertificateList.GetInstance((Asn1Sequence)Asn1Object.FromByteArray(((X509Crl
)relatedcrl).GetEncoded())));
}
foreach (BasicOcspResp relatedocspresp in validationContext.GetNeededOCSPResp())
{
ocspValues.AddItem((BasicOcspResponse.GetInstance((Asn1Sequence)Asn1Object.FromByteArray(
relatedocspresp.GetEncoded()))));
}
CertificateList[] crlValuesArray = new CertificateList[crlValues.Count];
BasicOcspResponse[] ocspValuesArray = new BasicOcspResponse[ocspValues.Count];
RevocationValues revocationValues = new RevocationValues(Sharpen.Collections.ToArray
(crlValues, crlValuesArray), Sharpen.Collections.ToArray(ocspValues, ocspValuesArray
), null);
//unsignedAttrs.Put(PkcsObjectIdentifiers.IdAAEtsRevocationValues, new Attribute
unsignedAttrs.Add(PkcsObjectIdentifiers.IdAAEtsRevocationValues, new BcCms.Attribute
(PkcsObjectIdentifiers.IdAAEtsRevocationValues, new DerSet(revocationValues))
);
X509CertificateStructure[] certValuesArray = new X509CertificateStructure[certificateValues
.Count];
//unsignedAttrs.Put(PkcsObjectIdentifiers.IdAAEtsCertValues, new Attribute(PkcsObjectIdentifiers.IdAAEtsCertValues, new DerSet(new DerSequence(Sharpen.Collections.ToArray(certificateValues
unsignedAttrs.Add(PkcsObjectIdentifiers.IdAAEtsCertValues, new BcCms.Attribute(PkcsObjectIdentifiers.IdAAEtsCertValues, new DerSet(new DerSequence(Sharpen.Collections.ToArray(certificateValues
, certValuesArray)))));
}
catch (CertificateEncodingException e)
{
throw new RuntimeException(e);
}
catch (CrlException e)
{
throw new RuntimeException(e);
}
return(unsignedAttrs);
}
public void GetOCSPOfNewEid_Downloaded()
{
var target = newEid;
var issuer = newEidIssuer;
OcspResponse result = target.GetOcspResponse(issuer);
BasicOcspResponse resultDetail = BasicOcspResponse.GetInstance(Asn1Object.FromByteArray(result.ResponseBytes.Response.GetOctets()));
Assert.NotNull(result);
Assert.Equal(0, result.ResponseStatus.IntValueExact);
Assert.Equal(resultDetail.TbsResponseData.ProducedAt.ToDateTime().Floor(), DateTime.UtcNow.Floor());
}
public void GetOCSPOfEgelke_Downloaded()
{
var target = new X509Certificate2(@"files/egelke.crt");
var issuer = new X509Certificate2(@"files/sentigoCA.cer");
OcspResponse result = target.GetOcspResponse(issuer);
BasicOcspResponse resultDetail = BasicOcspResponse.GetInstance(Asn1Object.FromByteArray(result.ResponseBytes.Response.GetOctets()));
Assert.NotNull(result);
Assert.Equal(0, result.ResponseStatus.IntValueExact);
Assert.True(resultDetail.TbsResponseData.ProducedAt.ToDateTime() <= DateTime.UtcNow);
}
private RevocationValues(
Asn1Sequence seq)
{
if (seq == null)
{
throw new ArgumentNullException("seq");
}
if (seq.Count < 1 || seq.Count > 3)
{
throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
}
bool otherRevValsFound = false;
foreach (Asn1TaggedObject taggedObj in seq)
{
Asn1Object asn1Obj = taggedObj.GetObject();
switch (taggedObj.TagNo)
{
case 0:
Asn1Sequence crlValsSeq = (Asn1Sequence)asn1Obj;
foreach (Asn1Encodable ae in crlValsSeq)
{
CertificateList.GetInstance(ae.ToAsn1Object());
}
this.crlVals = crlValsSeq;
break;
case 1:
Asn1Sequence ocspValsSeq = (Asn1Sequence)asn1Obj;
foreach (Asn1Encodable ae in ocspValsSeq)
{
BasicOcspResponse.GetInstance(ae.ToAsn1Object());
}
this.ocspVals = ocspValsSeq;
break;
case 2:
this.otherRevVals = OtherRevVals.GetInstance(asn1Obj);
otherRevValsFound = true;
break;
default:
throw new ArgumentException("Illegal tag in RevocationValues", "seq");
}
}
if (!otherRevValsFound)
{
throw new ArgumentException("No otherRevVals found", "seq");
}
}
public async Task GetOCSPOfNewEid_DownloadedAsync()
{
var target = newEid;
var issuer = newEidIssuer;
OcspResponse result = await target.GetOcspResponseAsync(issuer);
BasicOcspResponse resultDetail = BasicOcspResponse.GetInstance(Asn1Object.FromByteArray(result.ResponseBytes.Response.GetOctets()));
Assert.IsNotNull(result);
Assert.AreEqual(0, result.ResponseStatus.IntValueExact);
Assert.IsTrue(resultDetail.TbsResponseData.ProducedAt.ToDateTime() <= DateTime.UtcNow);
}
static PdfName getOcspHashKey(byte[] basicResponseBytes)
{
BasicOcspResponse basicResponse = BasicOcspResponse.GetInstance(Asn1Sequence.GetInstance(basicResponseBytes));
byte[] signatureBytes = basicResponse.Signature.GetBytes();
DerOctetString octetString = new DerOctetString(signatureBytes);
byte[] octetBytes = octetString.GetEncoded();
byte[] octetHash = hashBytesSha1(octetBytes);
PdfName octetName = new PdfName(Utilities.ConvertToHex(octetHash));
return(octetName);
}
public void VerifyOCSPOfOldEid_Single()
{
var target = oldEid;
var issuer = oldEidIssuer;
var revocationInfo = new List <BasicOcspResponse>();
revocationInfo.Add(oldEidOcsp);
BasicOcspResponse result = target.Verify(issuer, new DateTime(2014, 3, 4, 0, 0, 0, DateTimeKind.Utc), revocationInfo);
Assert.NotNull(result);
Assert.Equal(new DateTime(2014, 3, 5, 18, 12, 19, DateTimeKind.Utc), result.TbsResponseData.ProducedAt.ToDateTime());
}
public void VerifyOCSPOfOldEid_NotFound()
{
var target = oldEid;
var issuer = oldEidIssuer;
var revocationInfo = new List <BasicOcspResponse>();
revocationInfo.Add(oldEidOcsp);
revocationInfo.Add(oldEidOcsp2);
BasicOcspResponse result = target.Verify(issuer, DateTime.UtcNow, revocationInfo);
Assert.Null(result);
}
public X509CertificateHelperTest()
{
newEid = new X509Certificate2(@"files/eid79021802145-2027.crt");
newEidIssuer = new X509Certificate2(@"files/Citizen201709.crt");
OcspResponse ocspMsg = OcspResponse.GetInstance(Asn1Sequence.GetInstance(File.ReadAllBytes(@"files/eid79021802145-2027.ocsp-rsp")));
newEidOcsp = BasicOcspResponse.GetInstance(Asn1Sequence.GetInstance(ocspMsg.ResponseBytes.Response.GetOctets()));
oldEid = new X509Certificate2(@"files/eid79021802145.crt");
oldEidIssuer = new X509Certificate2(@"files/Citizen201204.crt");
oldEidOcsp = BasicOcspResponse.GetInstance(Asn1Sequence.GetInstance(File.ReadAllBytes(@"files/eid79021802145.ocsp")));
oldEidOcsp2 = BasicOcspResponse.GetInstance(Asn1Sequence.GetInstance(File.ReadAllBytes(@"files/eid79021802145-2.ocsp")));
oldEidCrl = CertificateList.GetInstance(Asn1Sequence.GetInstance(File.ReadAllBytes(@"files/eid79021802145.crl")));
}
/// <exception cref="System.IO.IOException"/>
/// <exception cref="Org.BouncyCastle.Security.GeneralSecurityException"/>
private bool VerifyTest(TestOcspResponseBuilder rootRsaOcspBuilder, String checkCertFileName, DateTime checkDate
)
{
X509Certificate checkCert = (X509Certificate)Pkcs12FileHelper.ReadFirstChain(checkCertFileName, password)[
0];
X509Certificate rootCert = rootRsaOcspBuilder.GetIssuerCert();
TestOcspClient ocspClient = new TestOcspClient().AddBuilderForCertIssuer(rootCert, rootRsaOcspBuilder);
byte[] basicOcspRespBytes = ocspClient.GetEncoded(checkCert, rootCert, null);
Asn1Object var2 = Asn1Object.FromByteArray(basicOcspRespBytes);
BasicOcspResp basicOCSPResp = new BasicOcspResp(BasicOcspResponse.GetInstance(var2));
OCSPVerifier ocspVerifier = new OCSPVerifier(null, null);
return(ocspVerifier.Verify(basicOCSPResp, checkCert, rootCert, checkDate));
}
//
// OCSP response helpers
//
static X509Certificate getOcspSignerCertificate(byte[] basicResponseBytes)
{
BasicOcspResponse borRaw = BasicOcspResponse.GetInstance(Asn1Sequence.GetInstance(basicResponseBytes));
BasicOcspResp bor = new BasicOcspResp(borRaw);
foreach (X509Certificate x509Certificate in bor.GetCerts())
{
if (bor.Verify(x509Certificate.GetPublicKey()))
{
return(x509Certificate);
}
}
return(null);
}
/**
* Helper method that creates the BasicOCSPResp object.
* @param seq
* @throws IOException
*/
private void FindOcsp(Asn1Sequence seq)
{
basicResp = null;
bool ret = false;
while (true)
{
if ((seq[0] is DerObjectIdentifier) &&
((DerObjectIdentifier)seq[0]).Id.Equals(OcspObjectIdentifiers.PkixOcspBasic.Id))
{
break;
}
ret = true;
for (int k = 0; k < seq.Count; ++k)
{
if (seq[k] is Asn1Sequence)
{
seq = (Asn1Sequence)seq[0];
ret = false;
break;
}
if (seq[k] is Asn1TaggedObject)
{
Asn1TaggedObject tag = (Asn1TaggedObject)seq[k];
if (tag.GetObject() is Asn1Sequence)
{
seq = (Asn1Sequence)tag.GetObject();
ret = false;
break;
}
else
{
return;
}
}
}
if (ret)
{
return;
}
}
Asn1OctetString os = (Asn1OctetString)seq[1];
Asn1InputStream inp = new Asn1InputStream(os.GetOctets());
BasicOcspResponse resp = BasicOcspResponse.GetInstance(inp.ReadObject());
basicResp = new BasicOcspResp(resp);
}
/// <exception cref="System.IO.IOException"/>
/// <exception cref="Org.BouncyCastle.Security.GeneralSecurityException"/>
private bool VerifyTest(TestOcspResponseBuilder builder)
{
String caCertFileName = certsSrc + "rootRsa.p12";
String checkCertFileName = certsSrc + "signCertRsa01.p12";
X509Certificate caCert = (X509Certificate)Pkcs12FileHelper.ReadFirstChain(caCertFileName, password)[0];
ICipherParameters caPrivateKey = Pkcs12FileHelper.ReadFirstKey(caCertFileName, password, password);
X509Certificate checkCert = (X509Certificate)Pkcs12FileHelper.ReadFirstChain(checkCertFileName, password)[
0];
TestOcspClient ocspClient = new TestOcspClient(builder, caPrivateKey);
byte[] basicOcspRespBytes = ocspClient.GetEncoded(checkCert, caCert, null);
Asn1Object var2 = Asn1Object.FromByteArray(basicOcspRespBytes);
BasicOcspResp basicOCSPResp = new BasicOcspResp(BasicOcspResponse.GetInstance(var2));
OCSPVerifier ocspVerifier = new OCSPVerifier(null, null);
return(ocspVerifier.Verify(basicOCSPResp, checkCert, caCert, DateTimeUtil.GetCurrentUtcTime()));
}
private RevocationValues(Asn1Sequence seq)
{
if (seq == null)
{
throw new ArgumentNullException("seq");
}
if (seq.Count > 3)
{
throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
}
foreach (Asn1TaggedObject item in seq)
{
Asn1Object @object = item.GetObject();
switch (item.TagNo)
{
case 0:
{
Asn1Sequence asn1Sequence2 = (Asn1Sequence)@object;
foreach (Asn1Encodable item2 in asn1Sequence2)
{
CertificateList.GetInstance(item2.ToAsn1Object());
}
crlVals = asn1Sequence2;
break;
}
case 1:
{
Asn1Sequence asn1Sequence = (Asn1Sequence)@object;
foreach (Asn1Encodable item3 in asn1Sequence)
{
BasicOcspResponse.GetInstance(item3.ToAsn1Object());
}
ocspVals = asn1Sequence;
break;
}
case 2:
otherRevVals = OtherRevVals.GetInstance(@object);
break;
default:
throw new ArgumentException("Illegal tag in RevocationValues", "seq");
}
}
}
public void VerifyOCSPOfNewEid_LiveRetrieval()
{
var target = newEid;
var issuer = newEidIssuer;
OcspResponse ocspMsg = target.GetOcspResponse(issuer);
BasicOcspResponse liveOcsp = BasicOcspResponse.GetInstance(Asn1Object.FromByteArray(ocspMsg.ResponseBytes.Response.GetOctets()));
var revocationInfo = new List <BasicOcspResponse>();
revocationInfo.Add(liveOcsp);
revocationInfo.Add(newEidOcsp);
BasicOcspResponse result = target.Verify(issuer, DateTime.UtcNow, revocationInfo);
Assert.NotNull(result);
Assert.Equal(DateTime.UtcNow.Floor(), result.TbsResponseData.ProducedAt.ToDateTime().Floor());
}
public object GetResponseObject()
{
ResponseBytes responseBytes = resp.ResponseBytes;
if (responseBytes == null)
{
return(null);
}
if (responseBytes.ResponseType.Equals(OcspObjectIdentifiers.PkixOcspBasic))
{
try
{
return(new BasicOcspResp(BasicOcspResponse.GetInstance(Asn1Object.FromByteArray(responseBytes.Response.GetOctets()))));
}
catch (global::System.Exception ex)
{
throw new OcspException(string.Concat((object)"problem decoding object: ", (object)ex), ex);
}
}
return(responseBytes.Response);
}
public void TestOldEid_WithHistoricalRevocation()
{
X509Certificate2 target = new X509Certificate2(@"files/eid79021802145.crt");
X509Certificate2Collection extraStore = new X509Certificate2Collection();
extraStore.Add(new X509Certificate2(@"files/Citizen201204.crt"));
IList <CertificateList> crls = new List <CertificateList>();
crls.Add(CertificateList.GetInstance(Asn1Sequence.GetInstance(File.ReadAllBytes(@"files/Citizen201204.crl"))));
IList <BasicOcspResponse> ocsps = new List <BasicOcspResponse>();
ocsps.Add(BasicOcspResponse.GetInstance(Asn1Sequence.GetInstance(File.ReadAllBytes(@"files/eid79021802145.ocsp"))));
Chain rsp = target.BuildChain(new DateTime(2014, 03, 05, 18, 00, 00, DateTimeKind.Utc), extraStore, crls, ocsps);
Assert.AreEqual(0, rsp.ChainStatus.Count(x => x.Status != X509ChainStatusFlags.NoError));
Assert.AreEqual(3, rsp.ChainElements.Count);
Assert.AreEqual("SERIALNUMBER=79021802145, G=Bryan Eduard, SN=Brouckaert, CN=Bryan Brouckaert (Authentication), C=BE", rsp.ChainElements[0].Certificate.Subject);
Assert.AreEqual("SERIALNUMBER=201204, CN=Citizen CA, C=BE", rsp.ChainElements[1].Certificate.Subject);
Assert.AreEqual("CN=Belgium Root CA2, C=BE", rsp.ChainElements[2].Certificate.Subject);
Assert.AreEqual(1, crls.Count);
Assert.AreEqual(1, ocsps.Count);
}
// private readonly X509Certificate[] chain;
public BasicOcspResp(
BasicOcspResponse resp)
{
this.resp = resp;
this.data = resp.TbsResponseData;
}
private RevocationValues(Asn1Sequence seq)
{
//IL_000e: Unknown result type (might be due to invalid IL or missing references)
//IL_0037: Unknown result type (might be due to invalid IL or missing references)
//IL_0141: Unknown result type (might be due to invalid IL or missing references)
if (seq == null)
{
throw new ArgumentNullException("seq");
}
if (seq.Count > 3)
{
throw new ArgumentException(string.Concat((object)"Bad sequence size: ", (object)seq.Count), "seq");
}
global::System.Collections.IEnumerator enumerator = seq.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
Asn1TaggedObject asn1TaggedObject = (Asn1TaggedObject)enumerator.get_Current();
Asn1Object @object = asn1TaggedObject.GetObject();
switch (asn1TaggedObject.TagNo)
{
case 0:
{
Asn1Sequence asn1Sequence2 = (Asn1Sequence)@object;
{
global::System.Collections.IEnumerator enumerator2 = asn1Sequence2.GetEnumerator();
try
{
while (enumerator2.MoveNext())
{
Asn1Encodable asn1Encodable2 = (Asn1Encodable)enumerator2.get_Current();
CertificateList.GetInstance(asn1Encodable2.ToAsn1Object());
}
}
finally
{
global::System.IDisposable disposable2 = enumerator2 as global::System.IDisposable;
if (disposable2 != null)
{
disposable2.Dispose();
}
}
}
crlVals = asn1Sequence2;
break;
}
case 1:
{
Asn1Sequence asn1Sequence = (Asn1Sequence)@object;
{
global::System.Collections.IEnumerator enumerator2 = asn1Sequence.GetEnumerator();
try
{
while (enumerator2.MoveNext())
{
Asn1Encodable asn1Encodable = (Asn1Encodable)enumerator2.get_Current();
BasicOcspResponse.GetInstance(asn1Encodable.ToAsn1Object());
}
}
finally
{
global::System.IDisposable disposable3 = enumerator2 as global::System.IDisposable;
if (disposable3 != null)
{
disposable3.Dispose();
}
}
}
ocspVals = asn1Sequence;
break;
}
case 2:
otherRevVals = OtherRevVals.GetInstance(@object);
break;
default:
throw new ArgumentException("Illegal tag in RevocationValues", "seq");
}
}
}
finally
{
global::System.IDisposable disposable = enumerator as global::System.IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
}
