public ValidationResponse ValidateCertificate(X509Certificate2 certificate, X509Certificate2 issuer)
{
Org.BouncyCastle.X509.X509Certificate certificateBC = Org.BouncyCastle.Security.DotNetUtilities.FromX509Certificate(certificate);
try
{
Asn1Object derAiaExtension = Asn1Object.FromByteArray(certificateBC.GetExtensionValue(new DerObjectIdentifier("1.3.6.1.5.5.7.1.1")).GetOctets());
Asn1InputStream asn1Stream = new Asn1InputStream(derAiaExtension.GetDerEncoded());
Asn1Sequence asn1Sequence = (Asn1Sequence)asn1Stream.ReadObject();
foreach (Asn1Encodable entry in asn1Sequence)
{
AccessDescription aiaEntry = AccessDescription.GetInstance(entry.ToAsn1Object());
if (aiaEntry.AccessMethod.Id == AccessDescription.IdADOcsp.Id)
{
Console.Out.WriteLine(aiaEntry.AccessLocation.ToString());
GeneralName gn = (GeneralName)aiaEntry.AccessLocation;
ValidationResponse validationResponse = ValidateCertificate(certificate, issuer, gn.Name.ToString());
if ((validationResponse.status == ValidationExtensions.Enums.CertificateStatus.VALID) ||
(validationResponse.status == ValidationExtensions.Enums.CertificateStatus.REVOKED))
{
return(validationResponse);
}
}
}
}
catch (NullReferenceException)
{
// No Access Information Exception
}
return(new ValidationResponse(ValidationExtensions.Enums.CertificateStatus.UNKNOWN));
}
private AuthorityInformationAccess(Asn1Sequence seq)
{
if (seq.Count < 1)
{
throw new ArgumentException("sequence may not be empty");
}
descriptions = new AccessDescription[seq.Count];
for (int i = 0; i < seq.Count; i++)
{
descriptions[i] = AccessDescription.GetInstance(seq[i]);
}
}