//Get the real OCSP response according to the OCSP request we've got from the proover public static byte[] GetOCSPResponseFromRealResponder(byte[] origCert, byte[] ocspNonce) { List <byte> combinedOcspResponse = new List <byte>(); List <byte[]> certChain = SplitCertificateChain(origCert); foreach (byte[] cert in certChain) { File.WriteAllBytes(OCSP_CER_FROM_CHAIN_FILE, cert); //Create an OCSP request DataStructs.OCSPRequestInfo ocspRequest = new DataStructs.OCSPRequestInfo(); //Fill the request fields ocspRequest.certName = OCSP_CER_FROM_CHAIN_FILE; ocspRequest.urlOcspResponder = OCSP_SERVER_NAME; ocspRequest.issuerName = DataStructs.EPID_ROOT_SIGNING_FILE; ocspRequest.ocspResponderCertName = DataStructs.SIGNED_OCSP_CERT_FILE; ocspRequest.ocspNonce = ocspNonce; ocspRequest.proxyHostName = "proxy-us.intel.com:911";//Resource.OcspProxy; //Get the compatible OCSP response uint status = OCSPWrapper.GetOCSPResponse(ref ocspRequest, OCSP_CER_FILE); if (status != 0) { return(null); } //Concatenate the current response to the list combinedOcspResponse.AddRange(File.ReadAllBytes(OCSP_CER_FILE)); } //Return the whole response return(combinedOcspResponse.ToArray()); }
public static extern uint GetOCSPResponse(ref DataStructs.OCSPRequestInfo pReqInfo, string pOCSPRespCertName);