/// <summary> /// Procesa la respuesta del servidor OCSP y devuelve el estado del certificado /// </summary> /// <param name="binaryResp"></param> /// <returns></returns> public CertificateStatus ProcessOcspResponse(byte[] binaryResp, bool checkNonce) { if (binaryResp.Length == 0) { return(CertificateStatus.Unknown); } OcspResp r = new OcspResp(binaryResp); CertificateStatus cStatus = CertificateStatus.Unknown; if (r.Status == OcspRespStatus.Successful) { BasicOcspResp or = (BasicOcspResp)r.GetResponseObject(); if (checkNonce) { if (or.GetExtensionValue(OcspObjectIdentifiers.PkixOcspNonce).ToString() != _nonceAsn1OctetString.ToString()) { throw new Exception("Bad nonce value"); } } if (or.Responses.Length == 1) { SingleResp resp = or.Responses[0]; object certificateStatus = resp.GetCertStatus(); if (certificateStatus == Org.BouncyCastle.Ocsp.CertificateStatus.Good) { cStatus = CertificateStatus.Good; } else if (certificateStatus is Org.BouncyCastle.Ocsp.RevokedStatus) { cStatus = CertificateStatus.Revoked; } else if (certificateStatus is Org.BouncyCastle.Ocsp.UnknownStatus) { cStatus = CertificateStatus.Unknown; } } } else { throw new Exception("Unknow status '" + r.Status + "'."); } return(cStatus); }