상속: X509ExtensionBase
예제 #1
0
        public virtual X509CrlEntry GetRevokedCertificate(BigInteger serialNumber)
        {
            global::System.Collections.IEnumerable revokedCertificateEnumeration = c.GetRevokedCertificateEnumeration();
            X509Name previousCertificateIssuer = IssuerDN;

            global::System.Collections.IEnumerator enumerator = revokedCertificateEnumeration.GetEnumerator();
            try
            {
                while (enumerator.MoveNext())
                {
                    CrlEntry     crlEntry     = (CrlEntry)enumerator.get_Current();
                    X509CrlEntry x509CrlEntry = new X509CrlEntry(crlEntry, isIndirect, previousCertificateIssuer);
                    if (serialNumber.Equals(crlEntry.UserCertificate.Value))
                    {
                        return(x509CrlEntry);
                    }
                    previousCertificateIssuer = x509CrlEntry.GetCertificateIssuer();
                }
            }
            finally
            {
                global::System.IDisposable disposable = enumerator as global::System.IDisposable;
                if (disposable != null)
                {
                    disposable.Dispose();
                }
            }
            return(null);
        }
예제 #2
0
        private ISet LoadCrlEntries()
        {
            ISet set = new HashSet();

            global::System.Collections.IEnumerable revokedCertificateEnumeration = c.GetRevokedCertificateEnumeration();
            X509Name previousCertificateIssuer = IssuerDN;

            global::System.Collections.IEnumerator enumerator = revokedCertificateEnumeration.GetEnumerator();
            try
            {
                while (enumerator.MoveNext())
                {
                    CrlEntry     crlEntry     = (CrlEntry)enumerator.get_Current();
                    X509CrlEntry x509CrlEntry = new X509CrlEntry(crlEntry, isIndirect, previousCertificateIssuer);
                    set.Add(x509CrlEntry);
                    previousCertificateIssuer = x509CrlEntry.GetCertificateIssuer();
                }
                return(set);
            }
            finally
            {
                global::System.IDisposable disposable = enumerator as global::System.IDisposable;
                if (disposable != null)
                {
                    disposable.Dispose();
                }
            }
        }
예제 #3
0
        public virtual X509CrlEntry GetRevokedCertificate(BigInteger serialNumber)
        {
            IEnumerable revokedCertificateEnumeration = this.c.GetRevokedCertificateEnumeration();
            X509Name    issuerDN   = this.IssuerDN;
            IEnumerator enumerator = revokedCertificateEnumeration.GetEnumerator();

            try
            {
                while (enumerator.MoveNext())
                {
                    CrlEntry     current = (CrlEntry)enumerator.Current;
                    X509CrlEntry entry2  = new X509CrlEntry(current, this.isIndirect, issuerDN);
                    if (serialNumber.Equals(current.UserCertificate.Value))
                    {
                        return(entry2);
                    }
                    issuerDN = entry2.GetCertificateIssuer();
                }
            }
            finally
            {
                if (enumerator is IDisposable disposable)
                {
                    IDisposable disposable;
                    disposable.Dispose();
                }
            }
            return(null);
        }
예제 #4
0
        private ISet LoadCrlEntries()
        {
            ISet        set = new HashSet();
            IEnumerable revokedCertificateEnumeration = this.c.GetRevokedCertificateEnumeration();
            X509Name    issuerDN   = this.IssuerDN;
            IEnumerator enumerator = revokedCertificateEnumeration.GetEnumerator();

            try
            {
                while (enumerator.MoveNext())
                {
                    CrlEntry     current = (CrlEntry)enumerator.Current;
                    X509CrlEntry o       = new X509CrlEntry(current, this.isIndirect, issuerDN);
                    set.Add(o);
                    issuerDN = o.GetCertificateIssuer();
                }
            }
            finally
            {
                if (enumerator is IDisposable disposable)
                {
                    IDisposable disposable;
                    disposable.Dispose();
                }
            }
            return(set);
        }
예제 #5
0
        /// <summary>
        /// Validates the cert with the provided crl responses.
        /// </summary>
        /// <param name="certificate">The cert to validate</param>
        /// <param name="issuer">The issuer of the cert to validate</param>
        /// <param name="validationTime">The time on which the cert was needed to validated</param>
        /// <param name="certLists">The list of crls  to use</param>
        /// <returns>The crl response that was used, <c>null</c> if none used</returns>
        /// <exception cref="RevocationException{T}">When the certificate was revoked on the provided time</exception>
        /// <exception cref="RevocationUnknownException">When the certificate (or the crl) can't be validated</exception>
        public static BCAX.CertificateList Verify(this X509Certificate2 certificate, X509Certificate2 issuer, DateTime validationTime, IList <BCAX.CertificateList> certLists)
        {
            DateTime minTime = validationTime - ClockSkewness;
            DateTime maxTime = validationTime + ClockSkewness;

            BCX.X509Certificate certificateBC = DotNetUtilities.FromX509Certificate(certificate);
            BCX.X509Certificate issuerBC      = DotNetUtilities.FromX509Certificate(issuer);

            ValueWithRef <BCX.X509Crl, BCAX.CertificateList> crlWithOrg = certLists
                                                                          .Select((c) => new ValueWithRef <BCX.X509Crl, BCAX.CertificateList>(new BCX.X509Crl(c), c)) //convert, keep orginal
                                                                          .Where((c) => c.Value.IssuerDN.Equals(certificateBC.IssuerDN))
                                                                          .Where((c) => c.Value.ThisUpdate >= minTime || (c.Value.NextUpdate != null && c.Value.NextUpdate.Value >= minTime))
                                                                          .OrderByDescending((c) => c.Value.ThisUpdate)
                                                                          .FirstOrDefault();

            if (crlWithOrg == null)
            {
                return(null);
            }

            BCX.X509Crl          crl      = crlWithOrg.Value;
            BCAX.CertificateList certList = crlWithOrg.Reference;

            //check the signature (no need the check the issuer here)
            try
            {
                crl.Verify(issuerBC.GetPublicKey());
            }
            catch (Exception e)
            {
                throw new RevocationUnknownException("The CRL has an invalid signature", e);
            }

            //check the signer (only the part relevant for CRL)
            if (!issuerBC.GetKeyUsage()[6])
            {
                throw new RevocationUnknownException("The CRL was signed with a certificate that isn't allowed to sign CRLs");
            }

            //check if the certificate is revoked
            BCX.X509CrlEntry crlEntry = crl.GetRevokedCertificate(certificateBC.SerialNumber);
            if (crlEntry != null)
            {
                trace.TraceEvent(TraceEventType.Verbose, 0, "CRL indicates that {0} is revoked on {1}", certificate.Subject, crlEntry.RevocationDate);
                if (maxTime >= crlEntry.RevocationDate)
                {
                    throw new RevocationException <BCAX.CertificateList>(certList, "The certificate was revoked on " + crlEntry.RevocationDate.ToString("o"));
                }
            }

            return(certList);
        }
예제 #6
0
        private ISet LoadCrlEntries()
        {
            ISet        set = new HashSet();
            IEnumerable revokedCertificateEnumeration = c.GetRevokedCertificateEnumeration();
            X509Name    previousCertificateIssuer     = IssuerDN;

            foreach (CrlEntry item in revokedCertificateEnumeration)
            {
                X509CrlEntry x509CrlEntry = new X509CrlEntry(item, isIndirect, previousCertificateIssuer);
                set.Add(x509CrlEntry);
                previousCertificateIssuer = x509CrlEntry.GetCertificateIssuer();
            }
            return(set);
        }
예제 #7
0
        private ISet LoadCrlEntries()
        {
            ISet        entrySet = new HashSet();
            IEnumerable certs    = c.GetRevokedCertificateEnumeration();

            X509Name previousCertificateIssuer = IssuerDN;

            foreach (CrlEntry entry in certs)
            {
                X509CrlEntry crlEntry = new X509CrlEntry(entry, isIndirect, previousCertificateIssuer);
                entrySet.Add(crlEntry);
                previousCertificateIssuer = crlEntry.GetCertificateIssuer();
            }

            return(entrySet);
        }
예제 #8
0
        public virtual X509CrlEntry GetRevokedCertificate(BigInteger serialNumber)
        {
            IEnumerable revokedCertificateEnumeration = c.GetRevokedCertificateEnumeration();
            X509Name    previousCertificateIssuer     = IssuerDN;

            foreach (CrlEntry item in revokedCertificateEnumeration)
            {
                X509CrlEntry x509CrlEntry = new X509CrlEntry(item, isIndirect, previousCertificateIssuer);
                if (serialNumber.Equals(item.UserCertificate.Value))
                {
                    return(x509CrlEntry);
                }
                previousCertificateIssuer = x509CrlEntry.GetCertificateIssuer();
            }
            return(null);
        }
예제 #9
0
        public virtual ISet GetRevokedCertificates()
        {
            CrlEntry[] certs = c.GetRevokedCertificates();

            if (certs != null)
            {
                ISet     s = new HashSet();
                X509Name previousCertificateIssuer = IssuerDN;
                for (int i = 0; i < certs.Length; i++)
                {
                    X509CrlEntry crlEntry = new X509CrlEntry(
                        certs[i], isIndirect, previousCertificateIssuer);
                    s.Add(crlEntry);
                    previousCertificateIssuer = crlEntry.GetCertificateIssuer();
                }

                return(s);
            }

            return(null);
        }
예제 #10
0
        public virtual X509CrlEntry GetRevokedCertificate(
            BigInteger serialNumber)
        {
            IEnumerable certs = c.GetRevokedCertificateEnumeration();

            X509Name previousCertificateIssuer = IssuerDN;

            foreach (CrlEntry entry in certs)
            {
                X509CrlEntry crlEntry = new X509CrlEntry(entry, isIndirect, previousCertificateIssuer);

                if (serialNumber.Equals(entry.UserCertificate.Value))
                {
                    return(crlEntry);
                }

                previousCertificateIssuer = crlEntry.GetCertificateIssuer();
            }

            return(null);
        }
예제 #11
0
        public void AddCrl(X509Crl other)
        {
            //IL_0008: Unknown result type (might be due to invalid IL or missing references)
            //IL_004b: Expected O, but got Unknown
            if (other == null)
            {
                throw new ArgumentNullException("other");
            }
            ISet revokedCertificates = other.GetRevokedCertificates();

            if (revokedCertificates == null)
            {
                return;
            }
            global::System.Collections.IEnumerator enumerator = ((global::System.Collections.IEnumerable)revokedCertificates).GetEnumerator();
            try
            {
                while (enumerator.MoveNext())
                {
                    X509CrlEntry x509CrlEntry = (X509CrlEntry)enumerator.get_Current();
                    try
                    {
                        tbsGen.AddCrlEntry(Asn1Sequence.GetInstance(Asn1Object.FromByteArray(x509CrlEntry.GetEncoded())));
                    }
                    catch (IOException val)
                    {
                        IOException e = val;
                        throw new CrlException("exception processing encoding of CRL", (global::System.Exception)(object) e);
                    }
                }
            }
            finally
            {
                global::System.IDisposable disposable = enumerator as global::System.IDisposable;
                if (disposable != null)
                {
                    disposable.Dispose();
                }
            }
        }
예제 #12
0
        public virtual X509CrlEntry GetRevokedCertificate(
            BigInteger serialNumber)
        {
            CrlEntry[] certs = c.GetRevokedCertificates();

            if (certs != null)
            {
                X509Name previousCertificateIssuer = IssuerDN;
                for (int i = 0; i < certs.Length; i++)
                {
                    X509CrlEntry crlEntry = new X509CrlEntry(
                        certs[i], isIndirect, previousCertificateIssuer);
                    previousCertificateIssuer = crlEntry.GetCertificateIssuer();
                    if (crlEntry.SerialNumber.Equals(serialNumber))
                    {
                        return(crlEntry);
                    }
                }
            }

            return(null);
        }
예제 #13
0
        public override bool Equals(object other)
        {
            if (this == other)
            {
                return(true);
            }

            X509CrlEntry that = other as X509CrlEntry;

            if (null == that)
            {
                return(false);
            }

            if (this.hashValueSet && that.hashValueSet)
            {
                if (this.hashValue != that.hashValue)
                {
                    return(false);
                }
            }

            return(this.c.Equals(that.c));
        }
예제 #14
0
        public virtual X509CrlEntry GetRevokedCertificate(
			BigInteger serialNumber)
        {
            CrlEntry[] certs = c.GetRevokedCertificates();

            if (certs != null)
            {
                X509Name previousCertificateIssuer = IssuerDN;
                for (int i = 0; i < certs.Length; i++)
                {
                    X509CrlEntry crlEntry = new X509CrlEntry(
                        certs[i], isIndirect, previousCertificateIssuer);
                    previousCertificateIssuer = crlEntry.GetCertificateIssuer();
                    if (crlEntry.SerialNumber.Equals(serialNumber))
                    {
                        return crlEntry;
                    }
                }
            }

            return null;
        }
		public virtual X509CrlEntry GetRevokedCertificate(
			BigInteger serialNumber)
		{
			IEnumerable certs = c.GetRevokedCertificateEnumeration();

			X509Name previousCertificateIssuer = IssuerDN;
			foreach (CrlEntry entry in certs)
			{
				X509CrlEntry crlEntry = new X509CrlEntry(entry, isIndirect, previousCertificateIssuer);

				if (serialNumber.Equals(entry.UserCertificate.Value))
				{
					return crlEntry;
				}

				previousCertificateIssuer = crlEntry.GetCertificateIssuer();
			}

			return null;
		}
		private ISet LoadCrlEntries()
		{
			ISet entrySet = new HashSet();
			IEnumerable certs = c.GetRevokedCertificateEnumeration();

			X509Name previousCertificateIssuer = IssuerDN;
			foreach (CrlEntry entry in certs)
			{
				X509CrlEntry crlEntry = new X509CrlEntry(entry, isIndirect, previousCertificateIssuer);
				entrySet.Add(crlEntry);
				previousCertificateIssuer = crlEntry.GetCertificateIssuer();
			}

			return entrySet;
		}
예제 #17
0
        public virtual ISet GetRevokedCertificates()
        {
            CrlEntry[] certs = c.GetRevokedCertificates();

            if (certs != null)
            {
                ISet s = new HashSet();
                X509Name previousCertificateIssuer = IssuerDN;
                for (int i = 0; i < certs.Length; i++)
                {
                    X509CrlEntry crlEntry = new X509CrlEntry(
                        certs[i], isIndirect, previousCertificateIssuer);
                    s.Add(crlEntry);
                    previousCertificateIssuer = crlEntry.GetCertificateIssuer();
                }

                return s;
            }

            return null;
        }
예제 #18
0
        public override string ToString()
        {
            //IL_0000: Unknown result type (might be due to invalid IL or missing references)
            //IL_0006: Expected O, but got Unknown
            StringBuilder val     = new StringBuilder();
            string        newLine = Platform.NewLine;

            val.Append("              Version: ").Append(Version).Append(newLine);
            val.Append("             IssuerDN: ").Append((object)IssuerDN).Append(newLine);
            val.Append("          This update: ").Append((object)ThisUpdate).Append(newLine);
            val.Append("          Next update: ").Append((object)NextUpdate).Append(newLine);
            val.Append("  Signature Algorithm: ").Append(SigAlgName).Append(newLine);
            byte[] signature = GetSignature();
            val.Append("            Signature: ");
            val.Append(Hex.ToHexString(signature, 0, 20)).Append(newLine);
            for (int i = 20; i < signature.Length; i += 20)
            {
                int length = Math.Min(20, signature.Length - i);
                val.Append("                       ");
                val.Append(Hex.ToHexString(signature, i, length)).Append(newLine);
            }
            X509Extensions extensions = c.TbsCertList.Extensions;

            if (extensions != null)
            {
                global::System.Collections.IEnumerator enumerator = extensions.ExtensionOids.GetEnumerator();
                if (enumerator.MoveNext())
                {
                    val.Append("           Extensions: ").Append(newLine);
                }
                do
                {
                    DerObjectIdentifier derObjectIdentifier = (DerObjectIdentifier)enumerator.get_Current();
                    X509Extension       extension           = extensions.GetExtension(derObjectIdentifier);
                    if (extension.Value != null)
                    {
                        Asn1Object asn1Object = X509ExtensionUtilities.FromExtensionValue(extension.Value);
                        val.Append("                       critical(").Append(extension.IsCritical).Append(") ");
                        try
                        {
                            if (derObjectIdentifier.Equals(X509Extensions.CrlNumber))
                            {
                                val.Append((object)new CrlNumber(DerInteger.GetInstance(asn1Object).PositiveValue)).Append(newLine);
                                continue;
                            }
                            if (derObjectIdentifier.Equals(X509Extensions.DeltaCrlIndicator))
                            {
                                val.Append(string.Concat((object)"Base CRL: ", (object)new CrlNumber(DerInteger.GetInstance(asn1Object).PositiveValue))).Append(newLine);
                                continue;
                            }
                            if (derObjectIdentifier.Equals(X509Extensions.IssuingDistributionPoint))
                            {
                                val.Append((object)IssuingDistributionPoint.GetInstance((Asn1Sequence)asn1Object)).Append(newLine);
                                continue;
                            }
                            if (derObjectIdentifier.Equals(X509Extensions.CrlDistributionPoints))
                            {
                                val.Append((object)CrlDistPoint.GetInstance((Asn1Sequence)asn1Object)).Append(newLine);
                                continue;
                            }
                            if (derObjectIdentifier.Equals(X509Extensions.FreshestCrl))
                            {
                                val.Append((object)CrlDistPoint.GetInstance((Asn1Sequence)asn1Object)).Append(newLine);
                                continue;
                            }
                            val.Append(derObjectIdentifier.Id);
                            val.Append(" value = ").Append(Asn1Dump.DumpAsString(asn1Object)).Append(newLine);
                        }
                        catch (global::System.Exception)
                        {
                            val.Append(derObjectIdentifier.Id);
                            val.Append(" value = ").Append("*****").Append(newLine);
                        }
                    }
                    else
                    {
                        val.Append(newLine);
                    }
                }while (enumerator.MoveNext());
            }
            ISet revokedCertificates = GetRevokedCertificates();

            if (revokedCertificates != null)
            {
                {
                    global::System.Collections.IEnumerator enumerator2 = ((global::System.Collections.IEnumerable)revokedCertificates).GetEnumerator();
                    try
                    {
                        while (enumerator2.MoveNext())
                        {
                            X509CrlEntry x509CrlEntry = (X509CrlEntry)enumerator2.get_Current();
                            val.Append((object)x509CrlEntry);
                            val.Append(newLine);
                        }
                    }
                    finally
                    {
                        global::System.IDisposable disposable = enumerator2 as global::System.IDisposable;
                        if (disposable != null)
                        {
                            disposable.Dispose();
                        }
                    }
                }
            }
            return(val.ToString());
        }
예제 #19
0
        /// <summary>
        /// Downloads a new CRL from the URL stored in the class.
        /// </summary>
        private void upgradeData()
        {
            try
            {
                this.logger.Debug(string.Format("Downloading CRL from: '{0}'.", url.ToString()));
                WebRequest      request  = WebRequest.Create(url);
                HttpWebResponse response = (HttpWebResponse)request.GetResponse();

                // Only download .crl file if it is present on the server.
                if (response.StatusCode == HttpStatusCode.OK)
                {
                    // Everything went well.
                    using (Stream stream = response.GetResponseStream())
                    {
                        if (stream == null)
                        {
                            this.logger.Warn(string.Format("The downloaded CRL stream from {0} is null.", url.ToString()));
                        }

                        // Downloads the .crl file into an X509CRL object.
                        this.logger.Debug(string.Format("Parsing the CRL data ({1}) retrieved from: '{0}'.", url.ToString(), response.ContentLength));

                        this.logger.Trace("Start 'crlParser.ReadCrl(stream)'");
                        this.data = this.crlParser.ReadCrl(stream);
                        this.logger.Trace("Finish with 'crlParser.ReadCrl(stream)'");


                        if (this.logger.IsDebugEnabled)
                        {
                            ISet revokedCertificates = this.data.GetRevokedCertificates();
                            if (revokedCertificates == null)
                            {
                                this.logger.Debug(string.Format("There exist {1} revoked certificates in the CRL from '{0}'.", url.ToString(), 0));
                            }
                            else
                            {
                                StringBuilder sb = new StringBuilder();
                                sb.AppendLine(string.Format("There exist {1} revoked certificates in the CRL from '{0}'.", url.ToString(), revokedCertificates.Count));
                                foreach (object obj in revokedCertificates)
                                {
                                    sb.AppendLine(string.Format("  {0}", obj.ToString()));
                                }

#if DEBUG
                                // Default this is not enabled. Can be manual enabled in debug mode.
                                bool dump = false;
                                if (dump)
                                {
                                    StringBuilder sb2 = new StringBuilder();

                                    foreach (object obj in revokedCertificates)
                                    {
                                        if (obj is Org.BouncyCastle.X509.X509CrlEntry)
                                        {
                                            Org.BouncyCastle.X509.X509CrlEntry entry = obj as Org.BouncyCastle.X509.X509CrlEntry;
                                            sb2.AppendLine(entry.RevocationDate + ";" + entry.SerialNumber);
                                        }
                                        else
                                        {
                                        }
                                    }

                                    File.WriteAllText("d:/crl_dump.txt", sb2.ToString());
                                }
#endif



                                this.logger.Debug(sb.ToString());
                            }
                        }

                        DateTime f = data.NextUpdate.Value;
                    }
                }
                else
                {
                    string urlString = string.Empty;
                    if (url != null)
                    {
                        urlString = url.ToString();
                    }

                    this.logger.Error(string.Format("Error downloading CRL from url '{0}'. Reason was {1}.", urlString, response.StatusDescription));
                    throw new CheckCertificateRevokedUnexpectedException(new Exception("CRL could not be downloaded: " + response.StatusDescription));
                }
            }
            catch (CheckCertificateRevokedUnexpectedException)
            {
                // This has already been logged.
                // Re-throw original exception
                throw;
            }
            catch (IOException e)
            {
                // Could not download new crl
                string urlString = string.Empty;
                if (url != null)
                {
                    urlString = url.ToString();
                }

                this.logger.Error(string.Format("Error downloading/parsing the CRL from url: '{0}'.", urlString), e);
                throw new CheckCertificateRevokedUnexpectedException(e);
            }
            catch (Exception e)
            {
                // Could not download new crl
                string urlString = string.Empty;
                if (url != null)
                {
                    urlString = url.ToString();
                }

                this.logger.Error(string.Format("Error downolading/parsing the CRL from url: '{0}'.", urlString), e);

                // Re-throw original exception
                throw;
            }

            return;
        }
예제 #20
0
        public override string ToString()
        {
            StringBuilder builder = new StringBuilder();
            string        newLine = Platform.NewLine;

            builder.Append("              Version: ").Append(this.Version).Append(newLine);
            builder.Append("             IssuerDN: ").Append(this.IssuerDN).Append(newLine);
            builder.Append("          This update: ").Append(this.ThisUpdate).Append(newLine);
            builder.Append("          Next update: ").Append(this.NextUpdate).Append(newLine);
            builder.Append("  Signature Algorithm: ").Append(this.SigAlgName).Append(newLine);
            byte[] signature = this.GetSignature();
            builder.Append("            Signature: ");
            builder.Append(Hex.ToHexString(signature, 0, 20)).Append(newLine);
            for (int i = 20; i < signature.Length; i += 20)
            {
                int length = Math.Min(20, signature.Length - i);
                builder.Append("                       ");
                builder.Append(Hex.ToHexString(signature, i, length)).Append(newLine);
            }
            X509Extensions extensions = this.c.TbsCertList.Extensions;

            if (extensions != null)
            {
                IEnumerator enumerator = extensions.ExtensionOids.GetEnumerator();
                if (enumerator.MoveNext())
                {
                    builder.Append("           Extensions: ").Append(newLine);
                }
                do
                {
                    DerObjectIdentifier current   = (DerObjectIdentifier)enumerator.Current;
                    X509Extension       extension = extensions.GetExtension(current);
                    if (extension.Value != null)
                    {
                        Asn1Object obj2 = X509ExtensionUtilities.FromExtensionValue(extension.Value);
                        builder.Append("                       critical(").Append(extension.IsCritical).Append(") ");
                        try
                        {
                            if (current.Equals(X509Extensions.CrlNumber))
                            {
                                builder.Append(new CrlNumber(DerInteger.GetInstance(obj2).PositiveValue)).Append(newLine);
                            }
                            else if (current.Equals(X509Extensions.DeltaCrlIndicator))
                            {
                                builder.Append("Base CRL: " + new CrlNumber(DerInteger.GetInstance(obj2).PositiveValue)).Append(newLine);
                            }
                            else if (current.Equals(X509Extensions.IssuingDistributionPoint))
                            {
                                builder.Append(IssuingDistributionPoint.GetInstance((Asn1Sequence)obj2)).Append(newLine);
                            }
                            else if (current.Equals(X509Extensions.CrlDistributionPoints))
                            {
                                builder.Append(CrlDistPoint.GetInstance((Asn1Sequence)obj2)).Append(newLine);
                            }
                            else if (current.Equals(X509Extensions.FreshestCrl))
                            {
                                builder.Append(CrlDistPoint.GetInstance((Asn1Sequence)obj2)).Append(newLine);
                            }
                            else
                            {
                                builder.Append(current.Id);
                                builder.Append(" value = ").Append(Asn1Dump.DumpAsString((Asn1Encodable)obj2)).Append(newLine);
                            }
                        }
                        catch (Exception)
                        {
                            builder.Append(current.Id);
                            builder.Append(" value = ").Append("*****").Append(newLine);
                        }
                    }
                    else
                    {
                        builder.Append(newLine);
                    }
                }while (enumerator.MoveNext());
            }
            ISet revokedCertificates = this.GetRevokedCertificates();

            if (revokedCertificates != null)
            {
                IEnumerator enumerator = revokedCertificates.GetEnumerator();
                try
                {
                    while (enumerator.MoveNext())
                    {
                        X509CrlEntry current = (X509CrlEntry)enumerator.Current;
                        builder.Append(current);
                        builder.Append(newLine);
                    }
                }
                finally
                {
                    if (enumerator is IDisposable disposable)
                    {
                        IDisposable disposable;
                        disposable.Dispose();
                    }
                }
            }
            return(builder.ToString());
        }