/// <summary> /// Get the ocsp request. /// </summary> /// <param name="certificates">The certificates to get status for.</param> /// <returns>The ocsp request encoder data.</returns> private byte[] GetOcspRequest(X509Certificate2[] certificates) { byte[] ocspData = null; // Create the ocsp request. Cryptography.Key.Ocsp.OcspReqGenerator gen = new Cryptography.Key.Ocsp.OcspReqGenerator(); // For each certificate. foreach (X509Certificate2 certificate in certificates) { // Convert X509Certificate2 to X509.X509Certificate Cryptography.Key.X509.X509CertificateParser certParser = new Cryptography.Key.X509.X509CertificateParser(); Cryptography.Key.X509.X509Certificate certBouncy = certParser.ReadCertificate(certificate.RawData); // Create the certificate ID. Cryptography.Key.Ocsp.CertificateID certID = new Cryptography.Key.Ocsp.CertificateID(Cryptography.Key.Ocsp.CertificateID.HashSha1, certBouncy, certBouncy.SerialNumber); // Add the certificate ID. gen.AddRequest(certID); gen.SetRequestExtensions(GetExtentions()); } // Generate the request. Cryptography.Key.Ocsp.OcspReq req = gen.Generate(); ocspData = req.GetEncoded(); // Return the request. return(ocspData); }
/// <summary> /// Get the request data for the certificates. /// </summary> /// <param name="request">The request data.</param> /// <returns>The collection of certificate request data.</returns> public CertificateRequest[] GetRequest(byte[] request) { List <CertificateRequest> certRequests = new List <CertificateRequest>(); // Load the request into the ocsp handler. Cryptography.Key.Ocsp.OcspReq resp = new Cryptography.Key.Ocsp.OcspReq(request); // get the list of certificates within the request. Cryptography.Key.X509.X509Certificate[] certificates = resp.GetCerts(); // Get the der identifiers. Nequeo.Cryptography.Key.Asn1.DerObjectIdentifier identifier_E = Cryptography.Key.Asn1.X509.X509Name.E; Nequeo.Cryptography.Key.Asn1.DerObjectIdentifier identifier_CN = Cryptography.Key.Asn1.X509.X509Name.CN; Nequeo.Cryptography.Key.Asn1.DerObjectIdentifier identifier_OU = Cryptography.Key.Asn1.X509.X509Name.OU; Nequeo.Cryptography.Key.Asn1.DerObjectIdentifier identifier_O = Cryptography.Key.Asn1.X509.X509Name.O; Nequeo.Cryptography.Key.Asn1.DerObjectIdentifier identifier_L = Cryptography.Key.Asn1.X509.X509Name.L; Nequeo.Cryptography.Key.Asn1.DerObjectIdentifier identifier_C = Cryptography.Key.Asn1.X509.X509Name.C; // Assign the der identifiers. IDictionary derIdentifiers = new Dictionary <Nequeo.Cryptography.Key.Asn1.DerObjectIdentifier, string>(); derIdentifiers.Add(identifier_E, "E"); derIdentifiers.Add(identifier_CN, "CN"); derIdentifiers.Add(identifier_OU, "OU"); derIdentifiers.Add(identifier_O, "O"); derIdentifiers.Add(identifier_L, "L"); derIdentifiers.Add(identifier_C, "C"); // For each certificate in the response. foreach (Cryptography.Key.X509.X509Certificate cert in certificates) { // Assign the certificate request. CertificateRequest certRequest = new CertificateRequest(); certRequest.SerialNumber = cert.SerialNumber.ToByteArrayUnsigned(); certRequest.NotAfter = cert.NotAfter; certRequest.NotBefore = cert.NotBefore; certRequest.Subject = cert.SubjectDN.ToString(false, derIdentifiers); certRequest.Issuer = cert.IssuerDN.ToString(false, derIdentifiers); certRequest.SubjectUniqueID = cert.SubjectUniqueID.GetBytes(); certRequest.IssuerUniqueID = cert.IssuerUniqueID.GetBytes(); // Add the certificate to the collection. certRequests.Add(certRequest); } // Return the list if certificate requests. return(certRequests.ToArray()); }