/// <summary> /// Fetch the value of a given Extenstion. /// </summary> /// <param name="oid">The string representation of the oid.</param> /// <returns>A byte array or null if not found.</returns> private byte[] getExtensionBytes(string oid) { X509Extensions exts = xStruct.getTBSCertificate().getExtensions(); if (exts != null) { X509Extension ext = exts.getExtension(new DERObjectIdentifier(oid)); if (ext != null) { return(ext.getValue().getOctets()); } } return(null); }
public X509CertificateEntry[] getCertificateChain( String alias) { if (alias == null) { throw new ArgumentException("null alias passed to getCertificateChain."); } X509CertificateEntry c = getCertificate(alias); if (c != null) { ArrayList cs = new ArrayList(); while (c != null) { X509Certificate x509c = c.getCertificate(); X509CertificateEntry nextC = null; X509Extension ext = x509c.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId()); if (ext != null) { ASN1InputStream aIn = new ASN1InputStream(new MemoryStream(ext.getValue().getOctets())); AuthorityKeyIdentifier id = new AuthorityKeyIdentifier((ASN1Sequence)aIn.readObject()); if (id.getKeyIdentifier() != null) { nextC = (X509CertificateEntry)chainCerts[new CertId(id.getKeyIdentifier())]; } } if (nextC == null) { // // no authority key id, try the Issuer DN // X509Name i = x509c.getIssuerDN(); X509Name s = x509c.getSubjectDN(); if (!i.Equals(s)) { IEnumerator e = chainCerts.Keys.GetEnumerator(); while (e.MoveNext()) { X509Certificate crt = ((X509CertificateEntry)chainCerts[e.Current]).getCertificate(); X509Name sub = crt.getSubjectDN(); if (sub.Equals(i)) { try { x509c.verify(crt.getPublicKey()); nextC = ((X509CertificateEntry)chainCerts[e.Current]); break; } catch { // continue } } } } } cs.Add(c); if (nextC != c) // self signed - end of the chain { c = nextC; } else { c = null; } } X509CertificateEntry[] certChain = new X509CertificateEntry[cs.Count]; for (int i = 0; i != certChain.Length; i++) { certChain[i] = (X509CertificateEntry)cs[i]; } return(certChain); } return(null); }