//Get the real OCSP response according to the OCSP request we've got from the proover
public static byte[] GetOCSPResponseFromRealResponder(byte[] origCert, byte[] ocspNonce)
{
List <byte> combinedOcspResponse = new List <byte>();
List <byte[]> certChain = SplitCertificateChain(origCert);
foreach (byte[] cert in certChain)
{
File.WriteAllBytes(OCSP_CER_FROM_CHAIN_FILE, cert);
//Create an OCSP request
DataStructs.OCSPRequestInfo ocspRequest = new DataStructs.OCSPRequestInfo();
//Fill the request fields
ocspRequest.certName = OCSP_CER_FROM_CHAIN_FILE;
ocspRequest.urlOcspResponder = OCSP_SERVER_NAME;
ocspRequest.issuerName = DataStructs.EPID_ROOT_SIGNING_FILE;
ocspRequest.ocspResponderCertName = DataStructs.SIGNED_OCSP_CERT_FILE;
ocspRequest.ocspNonce = ocspNonce;
ocspRequest.proxyHostName = "proxy-us.intel.com:911";//Resource.OcspProxy;
//Get the compatible OCSP response
uint status = OCSPWrapper.GetOCSPResponse(ref ocspRequest, OCSP_CER_FILE);
if (status != 0)
{
return(null);
}
//Concatenate the current response to the list
combinedOcspResponse.AddRange(File.ReadAllBytes(OCSP_CER_FILE));
}
//Return the whole response
return(combinedOcspResponse.ToArray());
}
public static extern uint GetOCSPResponse(ref DataStructs.OCSPRequestInfo pReqInfo,
string pOCSPRespCertName);
