public PolicyData GetPolicyData() { EnsureCertificateData(); PolicyData policyData = default; foreach (X509Extension extension in _certData.Extensions) { switch (extension.Oid !.Value) {
private static CertificatePolicy ReadPolicy(X509Certificate2 cert) { // If no ApplicationCertPolicies extension is provided then it uses the EKU // OIDS. ISet <string>? applicationCertPolicies = null; ISet <string>? ekus = null; CertificatePolicy policy = new CertificatePolicy(); PolicyData policyData = cert.Pal.GetPolicyData(); if (policyData.ApplicationCertPolicies != null) { applicationCertPolicies = ReadCertPolicyExtension(policyData.ApplicationCertPolicies); } if (policyData.CertPolicies != null) { policy.DeclaredCertificatePolicies = ReadCertPolicyExtension(policyData.CertPolicies); } if (policyData.CertPolicyMappings != null) { policy.PolicyMapping = ReadCertPolicyMappingsExtension(policyData.CertPolicyMappings); } if (policyData.CertPolicyConstraints != null) { ReadCertPolicyConstraintsExtension(policyData.CertPolicyConstraints, policy); } if (policyData.EnhancedKeyUsage != null && applicationCertPolicies == null) { // No reason to do this if the applicationCertPolicies was already read ekus = ReadExtendedKeyUsageExtension(policyData.EnhancedKeyUsage); } if (policyData.InhibitAnyPolicyExtension != null) { policy.InhibitAnyDepth = ReadInhibitAnyPolicyExtension(policyData.InhibitAnyPolicyExtension); } policy.DeclaredApplicationPolicies = applicationCertPolicies ?? ekus; policy.ImplicitAnyApplicationPolicy = policy.DeclaredApplicationPolicies == null; policy.ImplicitAnyCertificatePolicy = policy.DeclaredCertificatePolicies == null; policy.SpecifiedAnyApplicationPolicy = CheckExplicitAnyPolicy(policy.DeclaredApplicationPolicies); policy.SpecifiedAnyCertificatePolicy = CheckExplicitAnyPolicy(policy.DeclaredCertificatePolicies); return(policy); }