internal static X509VerifyStatusCode X509ChainVerifyOcsp(
SafeX509StoreCtxHandle ctx,
SafeOcspRequestHandle req,
SafeOcspResponseHandle resp,
string cachePath)
{
X509VerifyStatusCode response = CryptoNative_X509ChainVerifyOcsp(ctx, req, resp, cachePath);
if (response < 0)
{
Debug.Fail($"Unexpected response from X509ChainGetCachedOcspSuccess: {response}");
throw new CryptographicException();
}
return(response);
}
internal static SafeOcspResponseHandle?DownloadOcspGet(string uri, TimeSpan downloadTimeout)
{
byte[]? data = DownloadAsset(uri, downloadTimeout);
if (data == null)
{
return(null);
}
// https://tools.ietf.org/html/rfc6960#appendix-A.2 says that the response is the DER-encoded
// response, so no rebuffering to interpret PEM is required.
SafeOcspResponseHandle resp = Interop.Crypto.DecodeOcspResponse(data);
if (resp.IsInvalid)
{
// We're not going to report this error to a user, so clear it
// (to avoid tainting future exceptions)
Interop.Crypto.ErrClearError();
}
return(resp);
}
private static partial int CryptoNative_X509ChainVerifyOcsp(
SafeX509StoreCtxHandle ctx,
SafeOcspRequestHandle req,
SafeOcspResponseHandle resp,
string cachePath,
int chainDepth);
private static extern X509VerifyStatusCode CryptoNative_X509ChainVerifyOcsp(
SafeX509StoreCtxHandle ctx,
SafeOcspRequestHandle req,
SafeOcspResponseHandle resp,
string cachePath,
int chainDepth);
