Revert "Show CRL and OCSP URLs in verify output (#7181)" (#7220)

This reverts commit e0311a9.

Author: zivkan

src/NuGet.Core/NuGet.Packaging/Signing/Utility/CertificateUtility.cs

@@ -56,16 +56,6 @@ internal static IReadOnlyList<SignatureLog> X509Certificate2ToLogMessages(X509Ce
             issues.Add(SignatureLog.InformationLog($"{indentation}{string.Format(CultureInfo.CurrentCulture, Strings.CertUtilityCertificateIssuer, cert.IssuerName.Name)}"));
             issues.Add(SignatureLog.MinimalLog($"{indentation}{string.Format(CultureInfo.CurrentCulture, Strings.CertUtilityCertificateValidity, cert.NotBefore, cert.NotAfter)}"));
 
-            foreach (string url in GetCrlDistributionPointUrls(cert))
-            {
-                issues.Add(SignatureLog.InformationLog($"{indentation}{string.Format(CultureInfo.CurrentCulture, Strings.CertUtilityCertificateCrlUrl, url)}"));
-            }
-
-            foreach (string url in GetOcspUrls(cert))
-            {
-                issues.Add(SignatureLog.InformationLog($"{indentation}{string.Format(CultureInfo.CurrentCulture, Strings.CertUtilityCertificateOcspUrl, url)}"));
-            }
-
             return issues;
         }
 
@@ -78,16 +68,6 @@ private static void X509Certificate2ToString(X509Certificate2 cert, StringBuilde
             certStringBuilder.AppendLine(indentation + string.Format(CultureInfo.CurrentCulture, Strings.CertUtilityCertificateHash, fingerprintAlgorithm.ToString(), certificateFingerprint));
             certStringBuilder.AppendLine(indentation + string.Format(CultureInfo.CurrentCulture, Strings.CertUtilityCertificateIssuer, cert.IssuerName.Name));
             certStringBuilder.AppendLine(indentation + string.Format(CultureInfo.CurrentCulture, Strings.CertUtilityCertificateValidity, cert.NotBefore, cert.NotAfter));
-
-            foreach (string url in GetCrlDistributionPointUrls(cert))
-            {
-                certStringBuilder.AppendLine(indentation + string.Format(CultureInfo.CurrentCulture, Strings.CertUtilityCertificateCrlUrl, url));
-            }
-
-            foreach (string url in GetOcspUrls(cert))
-            {
-                certStringBuilder.AppendLine(indentation + string.Format(CultureInfo.CurrentCulture, Strings.CertUtilityCertificateOcspUrl, url));
-            }
         }
 
         /// <summary>
@@ -467,117 +447,5 @@ private static bool IsHex(string certificateFingerprint)
 
             return true;
         }
-
-        /// <summary>
-        /// Extracts CRL Distribution Point URLs from the certificate's CRL Distribution Points extension (OID 2.5.29.31).
-        /// </summary>
-        internal static IReadOnlyList<string> GetCrlDistributionPointUrls(X509Certificate2 cert)
-        {
-            const string CrlDistributionPointsOid = "2.5.29.31";
-            // context-specific primitive tag [6] for uniformResourceIdentifier in GeneralName
-            const byte GeneralNameUriTag = 0x86;
-
-            var urls = new List<string>();
-            var extension = cert.Extensions[CrlDistributionPointsOid];
-
-            if (extension == null)
-            {
-                return urls;
-            }
-
-            try
-            {
-                // CRLDistributionPoints ::= SEQUENCE OF DistributionPoint
-                var reader = new DerEncoding.DerSequenceReader(extension.RawData);
-
-                while (reader.HasData)
-                {
-                    // DistributionPoint ::= SEQUENCE { distributionPoint [0] ... }
-                    var dpReader = reader.ReadSequence();
-
-                    if (dpReader.HasData && dpReader.HasTag(DerEncoding.DerSequenceReader.ContextSpecificConstructedTag0))
-                    {
-                        // distributionPoint [0] CONSTRUCTED
-                        byte[] dpNameData = dpReader.ReadValue((DerEncoding.DerSequenceReader.DerTag)DerEncoding.DerSequenceReader.ContextSpecificConstructedTag0);
-                        var dpNameReader = DerEncoding.DerSequenceReader.CreateForPayload(dpNameData);
-
-                        if (dpNameReader.HasData && dpNameReader.HasTag(DerEncoding.DerSequenceReader.ContextSpecificConstructedTag0))
-                        {
-                            // fullName [0] CONSTRUCTED = GeneralNames
-                            byte[] fullNameData = dpNameReader.ReadValue((DerEncoding.DerSequenceReader.DerTag)DerEncoding.DerSequenceReader.ContextSpecificConstructedTag0);
-                            var gnReader = DerEncoding.DerSequenceReader.CreateForPayload(fullNameData);
-
-                            while (gnReader.HasData)
-                            {
-                                byte tag = gnReader.PeekTag();
-
-                                if (tag == GeneralNameUriTag)
-                                {
-                                    byte[] uriBytes = gnReader.ReadValue((DerEncoding.DerSequenceReader.DerTag)GeneralNameUriTag);
-                                    urls.Add(Encoding.ASCII.GetString(uriBytes));
-                                }
-                                else
-                                {
-                                    gnReader.SkipValue();
-                                }
-                            }
-                        }
-                    }
-                }
-            }
-            catch (System.Security.Cryptography.CryptographicException)
-            {
-            }
-
-            return urls;
-        }
-
-        /// <summary>
-        /// Extracts OCSP responder URLs from the certificate's Authority Information Access extension (OID 1.3.6.1.5.5.7.1.1).
-        /// </summary>
-        internal static IReadOnlyList<string> GetOcspUrls(X509Certificate2 cert)
-        {
-            const string AuthorityInfoAccessOid = "1.3.6.1.5.5.7.1.1";
-            const string OcspAccessMethodOid = "1.3.6.1.5.5.7.48.1";
-            // context-specific primitive tag [6] for uniformResourceIdentifier in GeneralName
-            const byte GeneralNameUriTag = 0x86;
-
-            var urls = new List<string>();
-            var extension = cert.Extensions[AuthorityInfoAccessOid];
-
-            if (extension == null)
-            {
-                return urls;
-            }
-
-            try
-            {
-                // AuthorityInfoAccessSyntax ::= SEQUENCE OF AccessDescription
-                var reader = new DerEncoding.DerSequenceReader(extension.RawData);
-
-                while (reader.HasData)
-                {
-                    // AccessDescription ::= SEQUENCE { accessMethod OID, accessLocation GeneralName }
-                    var adReader = reader.ReadSequence();
-                    string oid = adReader.ReadOidAsString();
-
-                    if (string.Equals(oid, OcspAccessMethodOid, StringComparison.Ordinal) && adReader.HasData)
-                    {
-                        byte tag = adReader.PeekTag();
-
-                        if (tag == GeneralNameUriTag)
-                        {
-                            byte[] uriBytes = adReader.ReadValue((DerEncoding.DerSequenceReader.DerTag)GeneralNameUriTag);
-                            urls.Add(Encoding.ASCII.GetString(uriBytes));
-                        }
-                    }
-                }
-            }
-            catch (System.Security.Cryptography.CryptographicException)
-            {
-            }
-
-            return urls;
-        }
     }
 }

src/NuGet.Core/NuGet.Packaging/Strings.Designer.cs

@@ -271,14 +271,6 @@
     <comment>0 -  start date
 1 - end date</comment>
   </data>
-  <data name="CertUtilityCertificateCrlUrl" xml:space="preserve">
-    <value>CRL URL: {0}</value>
-    <comment>0 - CRL distribution point URL</comment>
-  </data>
-  <data name="CertUtilityCertificateOcspUrl" xml:space="preserve">
-    <value>OCSP URL: {0}</value>
-    <comment>0 - OCSP responder URL</comment>
-  </data>
   <data name="CertUtilityMultipleCertificatesFooter" xml:space="preserve">
     <value>... {0} more.</value>
     <comment>0 - number of certificates left</comment>

src/NuGet.Core/NuGet.Packaging/Strings.resx

@@ -44,16 +44,6 @@
         <note>0 -  start date
 1 - end date</note>
       </trans-unit>
-      <trans-unit id="CertUtilityCertificateCrlUrl">
-        <source>CRL URL: {0}</source>
-        <target state="translated">Adresa URL seznamu CRL: {0}</target>
-        <note>0 - CRL distribution point URL</note>
-      </trans-unit>
-      <trans-unit id="CertUtilityCertificateOcspUrl">
-        <source>OCSP URL: {0}</source>
-        <target state="translated">Adresa URL protokolu OCSP: {0}</target>
-        <note>0 - OCSP responder URL</note>
-      </trans-unit>
       <trans-unit id="CertUtilityMultipleCertificatesFooter">
         <source>... {0} more.</source>
         <target state="translated">... dalších {0}.</target>
@@ -1146,4 +1136,4 @@ Valid from:</note>
       </trans-unit>
     </body>
   </file>
-</xliff>
+</xliff>

src/NuGet.Core/NuGet.Packaging/xlf/Strings.cs.xlf

@@ -44,16 +44,6 @@
         <note>0 -  start date
 1 - end date</note>
       </trans-unit>
-      <trans-unit id="CertUtilityCertificateCrlUrl">
-        <source>CRL URL: {0}</source>
-        <target state="translated">CRL-URL: {0}</target>
-        <note>0 - CRL distribution point URL</note>
-      </trans-unit>
-      <trans-unit id="CertUtilityCertificateOcspUrl">
-        <source>OCSP URL: {0}</source>
-        <target state="translated">OCSP-URL: {0}</target>
-        <note>0 - OCSP responder URL</note>
-      </trans-unit>
       <trans-unit id="CertUtilityMultipleCertificatesFooter">
         <source>... {0} more.</source>
         <target state="translated">... {0} weitere.</target>
@@ -1146,4 +1136,4 @@ Valid from:</note>
       </trans-unit>
     </body>
   </file>
-</xliff>
+</xliff>

src/NuGet.Core/NuGet.Packaging/xlf/Strings.de.xlf

@@ -44,16 +44,6 @@
         <note>0 -  start date
 1 - end date</note>
       </trans-unit>
-      <trans-unit id="CertUtilityCertificateCrlUrl">
-        <source>CRL URL: {0}</source>
-        <target state="translated">DIRECCIÓN URL DE CRL: {0}</target>
-        <note>0 - CRL distribution point URL</note>
-      </trans-unit>
-      <trans-unit id="CertUtilityCertificateOcspUrl">
-        <source>OCSP URL: {0}</source>
-        <target state="translated">DIRECCIÓN URL DE OCSP: {0}</target>
-        <note>0 - OCSP responder URL</note>
-      </trans-unit>
       <trans-unit id="CertUtilityMultipleCertificatesFooter">
         <source>... {0} more.</source>
         <target state="translated">... {0} más.</target>
@@ -1146,4 +1136,4 @@ Valid from:</note>
       </trans-unit>
     </body>
   </file>
-</xliff>
+</xliff>

src/NuGet.Core/NuGet.Packaging/xlf/Strings.es.xlf

@@ -44,16 +44,6 @@
         <note>0 -  start date
 1 - end date</note>
       </trans-unit>
-      <trans-unit id="CertUtilityCertificateCrlUrl">
-        <source>CRL URL: {0}</source>
-        <target state="translated">URL de la liste de révocation des certificats (CRL) : {0}</target>
-        <note>0 - CRL distribution point URL</note>
-      </trans-unit>
-      <trans-unit id="CertUtilityCertificateOcspUrl">
-        <source>OCSP URL: {0}</source>
-        <target state="translated">URL du serveur OCSP : {0}</target>
-        <note>0 - OCSP responder URL</note>
-      </trans-unit>
       <trans-unit id="CertUtilityMultipleCertificatesFooter">
         <source>... {0} more.</source>
         <target state="translated">... {0} de plus.</target>
@@ -1146,4 +1136,4 @@ Valid from:</note>
       </trans-unit>
     </body>
   </file>
-</xliff>
+</xliff>

src/NuGet.Core/NuGet.Packaging/xlf/Strings.fr.xlf

@@ -44,16 +44,6 @@
         <note>0 -  start date
 1 - end date</note>
       </trans-unit>
-      <trans-unit id="CertUtilityCertificateCrlUrl">
-        <source>CRL URL: {0}</source>
-        <target state="translated">URL CRL: {0}</target>
-        <note>0 - CRL distribution point URL</note>
-      </trans-unit>
-      <trans-unit id="CertUtilityCertificateOcspUrl">
-        <source>OCSP URL: {0}</source>
-        <target state="translated">URL OCSP: {0}</target>
-        <note>0 - OCSP responder URL</note>
-      </trans-unit>
       <trans-unit id="CertUtilityMultipleCertificatesFooter">
         <source>... {0} more.</source>
         <target state="translated">... altri {0}.</target>
@@ -1146,4 +1136,4 @@ Valid from:</note>
       </trans-unit>
     </body>
   </file>
-</xliff>
+</xliff>

src/NuGet.Core/NuGet.Packaging/xlf/Strings.it.xlf

@@ -44,16 +44,6 @@
         <note>0 -  start date
 1 - end date</note>
       </trans-unit>
-      <trans-unit id="CertUtilityCertificateCrlUrl">
-        <source>CRL URL: {0}</source>
-        <target state="translated">CRL URL: {0}</target>
-        <note>0 - CRL distribution point URL</note>
-      </trans-unit>
-      <trans-unit id="CertUtilityCertificateOcspUrl">
-        <source>OCSP URL: {0}</source>
-        <target state="translated">OCSP URL: {0}</target>
-        <note>0 - OCSP responder URL</note>
-      </trans-unit>
       <trans-unit id="CertUtilityMultipleCertificatesFooter">
         <source>... {0} more.</source>
         <target state="translated">... さらに {0}。</target>
@@ -1147,4 +1137,4 @@ Valid from:</note>
       </trans-unit>
     </body>
   </file>
-</xliff>
+</xliff>

src/NuGet.Core/NuGet.Packaging/xlf/Strings.ja.xlf

@@ -44,16 +44,6 @@
         <note>0 -  start date
 1 - end date</note>
       </trans-unit>
-      <trans-unit id="CertUtilityCertificateCrlUrl">
-        <source>CRL URL: {0}</source>
-        <target state="translated">CRL URL: {0}</target>
-        <note>0 - CRL distribution point URL</note>
-      </trans-unit>
-      <trans-unit id="CertUtilityCertificateOcspUrl">
-        <source>OCSP URL: {0}</source>
-        <target state="translated">OCSP URL: {0}</target>
-        <note>0 - OCSP responder URL</note>
-      </trans-unit>
       <trans-unit id="CertUtilityMultipleCertificatesFooter">
         <source>... {0} more.</source>
         <target state="translated">...기타 {0}개.</target>
@@ -1146,4 +1136,4 @@ Valid from:</note>
       </trans-unit>
     </body>
   </file>
-</xliff>
+</xliff>