summary refs log tree commit diff
path: root/crypto/src/asn1
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/src/asn1')
-rw-r--r--crypto/src/asn1/ocsp/BasicOCSPResponse.cs110
-rw-r--r--crypto/src/asn1/ocsp/CertID.cs72
-rw-r--r--crypto/src/asn1/ocsp/CertStatus.cs104
-rw-r--r--crypto/src/asn1/ocsp/CrlID.cs70
-rw-r--r--crypto/src/asn1/ocsp/OCSPRequest.cs82
-rw-r--r--crypto/src/asn1/ocsp/OCSPResponse.cs83
-rw-r--r--crypto/src/asn1/ocsp/Request.cs84
-rw-r--r--crypto/src/asn1/ocsp/ResponderID.cs62
-rw-r--r--crypto/src/asn1/ocsp/ResponseBytes.cs76
-rw-r--r--crypto/src/asn1/ocsp/ResponseData.cs173
-rw-r--r--crypto/src/asn1/ocsp/RevokedInfo.cs88
-rw-r--r--crypto/src/asn1/ocsp/ServiceLocator.cs93
-rw-r--r--crypto/src/asn1/ocsp/Signature.cs106
-rw-r--r--crypto/src/asn1/ocsp/SingleResponse.cs130
-rw-r--r--crypto/src/asn1/ocsp/TBSRequest.cs142
15 files changed, 574 insertions, 901 deletions
diff --git a/crypto/src/asn1/ocsp/BasicOCSPResponse.cs b/crypto/src/asn1/ocsp/BasicOCSPResponse.cs
index 2637d36bc..fc491f78e 100644
--- a/crypto/src/asn1/ocsp/BasicOCSPResponse.cs
+++ b/crypto/src/asn1/ocsp/BasicOCSPResponse.cs
@@ -1,91 +1,66 @@
 using System;
 
-using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Asn1.Ocsp
 {
     public class BasicOcspResponse
         : Asn1Encodable
     {
-        private readonly ResponseData			tbsResponseData;
-        private readonly AlgorithmIdentifier	signatureAlgorithm;
-        private readonly DerBitString			signature;
-        private readonly Asn1Sequence			certs;
-
-		public static BasicOcspResponse GetInstance(
-			Asn1TaggedObject	obj,
-			bool				explicitly)
-		{
-			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
-		}
-
-		public static BasicOcspResponse GetInstance(
-			object obj)
-		{
-			if (obj == null || obj is BasicOcspResponse)
-			{
-				return (BasicOcspResponse)obj;
-			}
+        public static BasicOcspResponse GetInstance(object obj)
+        {
+            if (obj == null)
+                return null;
+            if (obj is BasicOcspResponse basicOcspResponse)
+                return basicOcspResponse;
+            return new BasicOcspResponse(Asn1Sequence.GetInstance(obj));
+        }
 
-			if (obj is Asn1Sequence)
-			{
-				return new BasicOcspResponse((Asn1Sequence)obj);
-			}
+        public static BasicOcspResponse GetInstance(Asn1TaggedObject obj, bool explicitly)
+        {
+            return new BasicOcspResponse(Asn1Sequence.GetInstance(obj, explicitly));
+        }
 
-            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
-		}
+        private readonly ResponseData m_tbsResponseData;
+        private readonly AlgorithmIdentifier m_signatureAlgorithm;
+        private readonly DerBitString m_signature;
+        private readonly Asn1Sequence m_certs;
 
-		public BasicOcspResponse(
-            ResponseData		tbsResponseData,
-            AlgorithmIdentifier	signatureAlgorithm,
-            DerBitString		signature,
-            Asn1Sequence		certs)
+        public BasicOcspResponse(ResponseData tbsResponseData, AlgorithmIdentifier signatureAlgorithm,
+            DerBitString signature, Asn1Sequence certs)
         {
-            this.tbsResponseData = tbsResponseData;
-            this.signatureAlgorithm = signatureAlgorithm;
-            this.signature = signature;
-            this.certs = certs;
+            m_tbsResponseData = tbsResponseData ?? throw new ArgumentNullException(nameof(tbsResponseData));
+            m_signatureAlgorithm = signatureAlgorithm ?? throw new ArgumentNullException(nameof(signatureAlgorithm));
+            m_signature = signature ?? throw new ArgumentNullException(nameof(signature));
+            m_certs = certs;
         }
 
-		private BasicOcspResponse(
-            Asn1Sequence seq)
+        private BasicOcspResponse(Asn1Sequence seq)
         {
-            this.tbsResponseData = ResponseData.GetInstance(seq[0]);
-            this.signatureAlgorithm = AlgorithmIdentifier.GetInstance(seq[1]);
-            this.signature = (DerBitString)seq[2];
+            int count = seq.Count;
+            if (count < 3 || count > 4)
+                throw new ArgumentException("Bad sequence size: " + count, nameof(seq));
+
+            int pos = 0;
+
+            m_tbsResponseData = ResponseData.GetInstance(seq[pos++]);
+            m_signatureAlgorithm = AlgorithmIdentifier.GetInstance(seq[pos++]);
+            m_signature = DerBitString.GetInstance(seq[pos++]);
+            m_certs = Asn1Utilities.ReadOptionalContextTagged(seq, ref pos, 0, true, Asn1Sequence.GetInstance);
 
-			if (seq.Count > 3)
-            {
-                this.certs = Asn1Sequence.GetInstance((Asn1TaggedObject)seq[3], true);
-            }
+            if (pos != count)
+                throw new ArgumentException("Unexpected elements in sequence", nameof(seq));
         }
 
-		public ResponseData TbsResponseData
-		{
-			get { return tbsResponseData; }
-		}
+		public ResponseData TbsResponseData => m_tbsResponseData;
 
-		public AlgorithmIdentifier SignatureAlgorithm
-		{
-			get { return signatureAlgorithm; }
-		}
+		public AlgorithmIdentifier SignatureAlgorithm => m_signatureAlgorithm;
 
-		public DerBitString Signature
-		{
-			get { return signature; }
-		}
+		public DerBitString Signature => m_signature;
 
-        public byte[] GetSignatureOctets()
-        {
-            return signature.GetOctets();
-        }
+        public byte[] GetSignatureOctets() => m_signature.GetOctets();
 
-		public Asn1Sequence Certs
-		{
-			get { return certs; }
-		}
+        public Asn1Sequence Certs => m_certs;
 
 		/**
          * Produce an object suitable for an Asn1OutputStream.
@@ -99,8 +74,9 @@ namespace Org.BouncyCastle.Asn1.Ocsp
          */
         public override Asn1Object ToAsn1Object()
         {
-            Asn1EncodableVector v = new Asn1EncodableVector(tbsResponseData, signatureAlgorithm, signature);
-            v.AddOptionalTagged(true, 0, certs);
+            Asn1EncodableVector v = new Asn1EncodableVector(4);
+            v.Add(m_tbsResponseData, m_signatureAlgorithm, m_signature);
+            v.AddOptionalTagged(true, 0, m_certs);
             return new DerSequence(v);
         }
     }
diff --git a/crypto/src/asn1/ocsp/CertID.cs b/crypto/src/asn1/ocsp/CertID.cs
index 12a111ec9..46e210032 100644
--- a/crypto/src/asn1/ocsp/CertID.cs
+++ b/crypto/src/asn1/ocsp/CertID.cs
@@ -4,19 +4,9 @@ using Org.BouncyCastle.Asn1.X509;
 
 namespace Org.BouncyCastle.Asn1.Ocsp
 {
-	public class CertID
+    public class CertID
         : Asn1Encodable
     {
-        private readonly AlgorithmIdentifier    hashAlgorithm;
-        private readonly Asn1OctetString        issuerNameHash;
-        private readonly Asn1OctetString        issuerKeyHash;
-        private readonly DerInteger             serialNumber;
-
-		public static CertID GetInstance(Asn1TaggedObject obj, bool explicitly)
-		{
-			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
-		}
-
 		public static CertID GetInstance(object obj)
 		{
 			if (obj == null)
@@ -26,48 +16,44 @@ namespace Org.BouncyCastle.Asn1.Ocsp
 			return new CertID(Asn1Sequence.GetInstance(obj));
 		}
 
-		public CertID(
-            AlgorithmIdentifier hashAlgorithm,
-            Asn1OctetString     issuerNameHash,
-            Asn1OctetString     issuerKeyHash,
-            DerInteger          serialNumber)
+        public static CertID GetInstance(Asn1TaggedObject obj, bool explicitly)
+        {
+            return new CertID(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+        private readonly AlgorithmIdentifier m_hashAlgorithm;
+        private readonly Asn1OctetString m_issuerNameHash;
+        private readonly Asn1OctetString m_issuerKeyHash;
+        private readonly DerInteger m_serialNumber;
+
+        public CertID(AlgorithmIdentifier hashAlgorithm, Asn1OctetString issuerNameHash, Asn1OctetString issuerKeyHash,
+            DerInteger serialNumber)
         {
-            this.hashAlgorithm = hashAlgorithm;
-            this.issuerNameHash = issuerNameHash;
-            this.issuerKeyHash = issuerKeyHash;
-            this.serialNumber = serialNumber;
+            m_hashAlgorithm = hashAlgorithm ?? throw new ArgumentNullException(nameof(hashAlgorithm));
+            m_issuerNameHash = issuerNameHash ?? throw new ArgumentNullException(nameof(issuerNameHash));
+            m_issuerKeyHash = issuerKeyHash ?? throw new ArgumentNullException(nameof(issuerKeyHash));
+            m_serialNumber = serialNumber ?? throw new ArgumentNullException(nameof(serialNumber));
         }
 
 		private CertID(Asn1Sequence seq)
         {
-			if (seq.Count != 4)
-				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+            int count = seq.Count;
+			if (count != 4)
+                throw new ArgumentException("Bad sequence size: " + count, nameof(seq));
 
-			this.hashAlgorithm = AlgorithmIdentifier.GetInstance(seq[0]);
-            this.issuerNameHash = Asn1OctetString.GetInstance(seq[1]);
-            this.issuerKeyHash = Asn1OctetString.GetInstance(seq[2]);
-            this.serialNumber = DerInteger.GetInstance(seq[3]);
+			m_hashAlgorithm = AlgorithmIdentifier.GetInstance(seq[0]);
+            m_issuerNameHash = Asn1OctetString.GetInstance(seq[1]);
+            m_issuerKeyHash = Asn1OctetString.GetInstance(seq[2]);
+            m_serialNumber = DerInteger.GetInstance(seq[3]);
         }
 
-		public AlgorithmIdentifier HashAlgorithm
-		{
-			get { return hashAlgorithm; }
-		}
+		public AlgorithmIdentifier HashAlgorithm => m_hashAlgorithm;
 
-		public Asn1OctetString IssuerNameHash
-		{
-			get { return issuerNameHash; }
-		}
+		public Asn1OctetString IssuerNameHash => m_issuerNameHash;
 
-		public Asn1OctetString IssuerKeyHash
-		{
-			get { return issuerKeyHash; }
-		}
+		public Asn1OctetString IssuerKeyHash => m_issuerKeyHash;
 
-		public DerInteger SerialNumber
-		{
-			get { return serialNumber; }
-		}
+		public DerInteger SerialNumber => m_serialNumber;
 
 		/**
          * Produce an object suitable for an Asn1OutputStream.
@@ -81,7 +67,7 @@ namespace Org.BouncyCastle.Asn1.Ocsp
          */
 		public override Asn1Object ToAsn1Object()
 		{
-			return new DerSequence(hashAlgorithm, issuerNameHash, issuerKeyHash, serialNumber);
+			return new DerSequence(m_hashAlgorithm, m_issuerNameHash, m_issuerKeyHash, m_serialNumber);
 		}
 	}
 }
diff --git a/crypto/src/asn1/ocsp/CertStatus.cs b/crypto/src/asn1/ocsp/CertStatus.cs
index 18b7bd21c..e1d06ed19 100644
--- a/crypto/src/asn1/ocsp/CertStatus.cs
+++ b/crypto/src/asn1/ocsp/CertStatus.cs
@@ -1,87 +1,75 @@
 using System;
 
-using Org.BouncyCastle.Utilities;
-
 namespace Org.BouncyCastle.Asn1.Ocsp
 {
     public class CertStatus
         : Asn1Encodable, IAsn1Choice
     {
-        private readonly int			tagNo;
-        private readonly Asn1Encodable	value;
-
-		/**
-         * create a CertStatus object with a tag of zero.
-         */
-        public CertStatus()
-        {
-            tagNo = 0;
-            value = DerNull.Instance;
-        }
-
-		public CertStatus(
-            RevokedInfo info)
+        public static CertStatus GetInstance(object obj)
         {
-            tagNo = 1;
-            value = info;
+            if (obj == null)
+                return null;
+            if (obj is CertStatus certStatus)
+                return certStatus;
+            return new CertStatus(Asn1TaggedObject.GetInstance(obj));
         }
 
-		public CertStatus(
-            int				tagNo,
-            Asn1Encodable	value)
+        public static CertStatus GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit)
         {
-            this.tagNo = tagNo;
-            this.value = value;
+            return Asn1Utilities.GetInstanceFromChoice(taggedObject, declaredExplicit, GetInstance);
         }
 
-		public CertStatus(Asn1TaggedObject choice)
+        private static Asn1Encodable GetValue(Asn1TaggedObject choice)
         {
-            this.tagNo = choice.TagNo;
-
-			switch (choice.TagNo)
+            if (choice.HasContextTag())
             {
-            case 0:
-                value = Asn1Null.GetInstance(choice, false);
-                break;
-            case 1:
-				value = RevokedInfo.GetInstance(choice, false);
-				break;
-			case 2:
-                value = Asn1Null.GetInstance(choice, false);
-                break;
-			default:
-				throw new ArgumentException("Unknown tag encountered: " + Asn1Utilities.GetTagText(choice));
+                switch (choice.TagNo)
+                {
+                case 0:
+                    return Asn1Null.GetInstance(choice, false);
+                case 1:
+                    return RevokedInfo.GetInstance(choice, false);
+                case 2:
+                    return Asn1Null.GetInstance(choice, false);
+                }
             }
+
+            throw new ArgumentException("Unknown tag encountered: " + Asn1Utilities.GetTagText(choice));
         }
 
-        public static CertStatus GetInstance(object obj)
-        {
-            if (obj == null)
-                return null;
+        private readonly int m_tagNo;
+        private readonly Asn1Encodable m_value;
 
-            if (obj is CertStatus certStatus)
-                return certStatus;
+		/**
+         * create a CertStatus object with a tag of zero.
+         */
+        public CertStatus()
+        {
+            m_tagNo = 0;
+            m_value = DerNull.Instance;
+        }
 
-            if (obj is Asn1TaggedObject taggedObject)
-                return new CertStatus(taggedObject);
+		public CertStatus(RevokedInfo info)
+        {
+            m_tagNo = 1;
+            m_value = info ?? throw new ArgumentNullException(nameof(info));
+        }
 
-            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		public CertStatus(int tagNo, Asn1Encodable value)
+        {
+            m_tagNo = tagNo;
+            m_value = value ?? throw new ArgumentNullException(nameof(value));
         }
 
-        public static CertStatus GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit)
+        public CertStatus(Asn1TaggedObject choice)
         {
-            return Asn1Utilities.GetInstanceFromChoice(taggedObject, declaredExplicit, GetInstance);
+            m_tagNo = choice.TagNo;
+            m_value = GetValue(choice);
         }
 
-        public int TagNo
-		{
-			get { return tagNo; }
-		}
+        public int TagNo => m_tagNo;
 
-		public Asn1Encodable Status
-		{
-			get { return value; }
-		}
+        public Asn1Encodable Status => m_value;
 
 		/**
          * Produce an object suitable for an Asn1OutputStream.
@@ -94,7 +82,7 @@ namespace Org.BouncyCastle.Asn1.Ocsp
          */
         public override Asn1Object ToAsn1Object()
         {
-            return new DerTaggedObject(false, tagNo, value);
+            return new DerTaggedObject(false, m_tagNo, m_value);
         }
     }
 }
diff --git a/crypto/src/asn1/ocsp/CrlID.cs b/crypto/src/asn1/ocsp/CrlID.cs
index 7a4172c57..c85b38ae8 100644
--- a/crypto/src/asn1/ocsp/CrlID.cs
+++ b/crypto/src/asn1/ocsp/CrlID.cs
@@ -5,15 +5,6 @@ namespace Org.BouncyCastle.Asn1.Ocsp
     public class CrlID
         : Asn1Encodable
     {
-        private readonly DerIA5String		crlUrl;
-        private readonly DerInteger			crlNum;
-        private readonly Asn1GeneralizedTime crlTime;
-
-        public static CrlID GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit)
-        {
-            return GetInstance(Asn1Sequence.GetInstance(taggedObject, declaredExplicit));
-        }
-
         public static CrlID GetInstance(object obj)
         {
             if (obj == null)
@@ -25,42 +16,39 @@ namespace Org.BouncyCastle.Asn1.Ocsp
 #pragma warning restore CS0618 // Type or member is obsolete
         }
 
+        public static CrlID GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit)
+        {
+#pragma warning disable CS0618 // Type or member is obsolete
+            return new CrlID(Asn1Sequence.GetInstance(taggedObject, declaredExplicit));
+#pragma warning restore CS0618 // Type or member is obsolete
+        }
+
+        private readonly DerIA5String m_crlUrl;
+        private readonly DerInteger m_crlNum;
+        private readonly Asn1GeneralizedTime m_crlTime;
+
         [Obsolete("Use 'GetInstance' instead")]
         public CrlID(Asn1Sequence seq)
         {
-			foreach (Asn1TaggedObject o in seq)
-			{
-				switch (o.TagNo)
-                {
-                case 0:
-                    crlUrl = DerIA5String.GetInstance(o, true);
-                    break;
-                case 1:
-                    crlNum = DerInteger.GetInstance(o, true);
-                    break;
-                case 2:
-                    crlTime = Asn1GeneralizedTime.GetInstance(o, true);
-                    break;
-                default:
-                    throw new ArgumentException("unknown tag number: " + o.TagNo);
-                }
-            }
+            int count = seq.Count;
+            if (count < 0 || count > 3)
+                throw new ArgumentException("Bad sequence size: " + count, nameof(seq));
+
+            int pos = 0;
+
+            m_crlUrl = Asn1Utilities.ReadOptionalContextTagged(seq, ref pos, 0, true, DerIA5String.GetInstance);
+            m_crlNum = Asn1Utilities.ReadOptionalContextTagged(seq, ref pos, 1, true, DerInteger.GetInstance);
+            m_crlTime = Asn1Utilities.ReadOptionalContextTagged(seq, ref pos, 2, true, Asn1GeneralizedTime.GetInstance);
+
+            if (pos != count)
+                throw new ArgumentException("Unexpected elements in sequence", nameof(seq));
         }
 
-		public DerIA5String CrlUrl
-		{
-			get { return crlUrl; }
-		}
+        public DerIA5String CrlUrl => m_crlUrl;
 
-		public DerInteger CrlNum
-		{
-			get { return crlNum; }
-		}
+        public DerInteger CrlNum => m_crlNum;
 
-		public Asn1GeneralizedTime CrlTime
-		{
-			get { return crlTime; }
-		}
+        public Asn1GeneralizedTime CrlTime => m_crlTime;
 
 		/**
          * Produce an object suitable for an Asn1OutputStream.
@@ -74,9 +62,9 @@ namespace Org.BouncyCastle.Asn1.Ocsp
         public override Asn1Object ToAsn1Object()
         {
             Asn1EncodableVector v = new Asn1EncodableVector(3);
-            v.AddOptionalTagged(true, 0, crlUrl);
-            v.AddOptionalTagged(true, 1, crlNum);
-            v.AddOptionalTagged(true, 2, crlTime);
+            v.AddOptionalTagged(true, 0, m_crlUrl);
+            v.AddOptionalTagged(true, 1, m_crlNum);
+            v.AddOptionalTagged(true, 2, m_crlTime);
             return new DerSequence(v);
         }
     }
diff --git a/crypto/src/asn1/ocsp/OCSPRequest.cs b/crypto/src/asn1/ocsp/OCSPRequest.cs
index 6ecd29cae..da5e1e5db 100644
--- a/crypto/src/asn1/ocsp/OCSPRequest.cs
+++ b/crypto/src/asn1/ocsp/OCSPRequest.cs
@@ -1,70 +1,51 @@
 using System;
 
-using Org.BouncyCastle.Utilities;
-
 namespace Org.BouncyCastle.Asn1.Ocsp
 {
     public class OcspRequest
         : Asn1Encodable
     {
-        private readonly TbsRequest	tbsRequest;
-        private readonly Signature	optionalSignature;
-
-		public static OcspRequest GetInstance(
-			Asn1TaggedObject	obj,
-			bool				explicitly)
-		{
-			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        public static OcspRequest GetInstance(object obj)
+        {
+            if (obj == null)
+                return null;
+            if (obj is OcspRequest ocspRequest)
+				return ocspRequest;
+			return new OcspRequest(Asn1Sequence.GetInstance(obj));
 		}
 
-		public static OcspRequest GetInstance(
-			object obj)
-		{
-			if (obj == null || obj is OcspRequest)
-			{
-				return (OcspRequest)obj;
-			}
-
-			if (obj is Asn1Sequence)
-			{
-				return new OcspRequest((Asn1Sequence)obj);
-			}
+        public static OcspRequest GetInstance(Asn1TaggedObject obj, bool explicitly)
+        {
+            return new OcspRequest(Asn1Sequence.GetInstance(obj, explicitly));
+        }
 
-            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
-		}
+        private readonly TbsRequest m_tbsRequest;
+        private readonly Signature m_optionalSignature;
 
-		public OcspRequest(
-            TbsRequest	tbsRequest,
-            Signature	optionalSignature)
+        public OcspRequest(TbsRequest tbsRequest, Signature optionalSignature)
         {
-			if (tbsRequest == null)
-				throw new ArgumentNullException("tbsRequest");
-
-			this.tbsRequest = tbsRequest;
-            this.optionalSignature = optionalSignature;
+			m_tbsRequest = tbsRequest ?? throw new ArgumentNullException(nameof(tbsRequest));
+            m_optionalSignature = optionalSignature;
         }
 
-		private OcspRequest(
-            Asn1Sequence seq)
+		private OcspRequest(Asn1Sequence seq)
         {
-            tbsRequest = TbsRequest.GetInstance(seq[0]);
+            int count = seq.Count;
+            if (count < 1 || count > 2)
+                throw new ArgumentException("Bad sequence size: " + count, nameof(seq));
+
+            int pos = 0;
 
-			if (seq.Count == 2)
-            {
-                optionalSignature = Signature.GetInstance(
-					(Asn1TaggedObject)seq[1], true);
-            }
+            m_tbsRequest = TbsRequest.GetInstance(seq[pos++]);
+            m_optionalSignature = Asn1Utilities.ReadOptionalContextTagged(seq, ref pos, 0, true, Signature.GetInstance);
+
+            if (pos != count)
+                throw new ArgumentException("Unexpected elements in sequence", nameof(seq));
         }
 
-		public TbsRequest TbsRequest
-		{
-			get { return tbsRequest; }
-		}
+        public TbsRequest TbsRequest => m_tbsRequest;
 
-		public Signature OptionalSignature
-		{
-			get { return optionalSignature; }
-		}
+		public Signature OptionalSignature => m_optionalSignature;
 
 		/**
          * Produce an object suitable for an Asn1OutputStream.
@@ -76,8 +57,9 @@ namespace Org.BouncyCastle.Asn1.Ocsp
          */
         public override Asn1Object ToAsn1Object()
         {
-            Asn1EncodableVector v = new Asn1EncodableVector(tbsRequest);
-            v.AddOptionalTagged(true, 0, optionalSignature);
+            Asn1EncodableVector v = new Asn1EncodableVector(2);
+            v.Add(m_tbsRequest);
+            v.AddOptionalTagged(true, 0, m_optionalSignature);
             return new DerSequence(v);
         }
     }
diff --git a/crypto/src/asn1/ocsp/OCSPResponse.cs b/crypto/src/asn1/ocsp/OCSPResponse.cs
index 649172947..c93a88f4f 100644
--- a/crypto/src/asn1/ocsp/OCSPResponse.cs
+++ b/crypto/src/asn1/ocsp/OCSPResponse.cs
@@ -1,71 +1,51 @@
 using System;
 
-using Org.BouncyCastle.Utilities;
-
 namespace Org.BouncyCastle.Asn1.Ocsp
 {
     public class OcspResponse
         : Asn1Encodable
     {
-        private readonly OcspResponseStatus	responseStatus;
-        private readonly ResponseBytes		responseBytes;
-
-		public static OcspResponse GetInstance(
-			Asn1TaggedObject	obj,
-			bool				explicitly)
-		{
-			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        public static OcspResponse GetInstance(object obj)
+        {
+            if (obj == null)
+                return null;
+            if (obj is OcspResponse ocspResponse)
+				return ocspResponse;
+            return new OcspResponse(Asn1Sequence.GetInstance(obj));
 		}
 
-		public static OcspResponse GetInstance(
-			object obj)
-		{
-			if (obj == null || obj is OcspResponse)
-			{
-				return (OcspResponse)obj;
-			}
-
-			if (obj is Asn1Sequence)
-			{
-				return new OcspResponse((Asn1Sequence)obj);
-			}
+        public static OcspResponse GetInstance(Asn1TaggedObject obj, bool explicitly)
+        {
+            return new OcspResponse(Asn1Sequence.GetInstance(obj, explicitly));
+        }
 
-            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
-		}
+        private readonly OcspResponseStatus m_responseStatus;
+        private readonly ResponseBytes m_responseBytes;
 
-		public OcspResponse(
-            OcspResponseStatus	responseStatus,
-            ResponseBytes		responseBytes)
+        public OcspResponse(OcspResponseStatus responseStatus, ResponseBytes responseBytes)
         {
-			if (responseStatus == null)
-				throw new ArgumentNullException("responseStatus");
-
-			this.responseStatus = responseStatus;
-            this.responseBytes = responseBytes;
+			m_responseStatus = responseStatus ?? throw new ArgumentNullException(nameof(responseStatus));
+            m_responseBytes = responseBytes;
         }
 
-		private OcspResponse(
-            Asn1Sequence seq)
+        private OcspResponse(Asn1Sequence seq)
         {
-            responseStatus = new OcspResponseStatus(
-				DerEnumerated.GetInstance(seq[0]));
+            int count = seq.Count;
+            if (count < 1 || count > 2)
+                throw new ArgumentException("Bad sequence size: " + count, nameof(seq));
+
+            int pos = 0;
 
-			if (seq.Count == 2)
-            {
-                responseBytes = ResponseBytes.GetInstance(
-					(Asn1TaggedObject)seq[1], true);
-            }
+            m_responseStatus = new OcspResponseStatus(DerEnumerated.GetInstance(seq[pos++]));
+            m_responseBytes = Asn1Utilities.ReadOptionalContextTagged(seq, ref pos, 0, true, ResponseBytes.GetInstance);
+
+            if (pos != count)
+                throw new ArgumentException("Unexpected elements in sequence", nameof(seq));
         }
 
-		public OcspResponseStatus ResponseStatus
-		{
-			get { return responseStatus; }
-		}
+        public OcspResponseStatus ResponseStatus => m_responseStatus;
 
-		public ResponseBytes ResponseBytes
-		{
-			get { return responseBytes; }
-		}
+        public ResponseBytes ResponseBytes => m_responseBytes;
 
 		/**
          * Produce an object suitable for an Asn1OutputStream.
@@ -77,8 +57,9 @@ namespace Org.BouncyCastle.Asn1.Ocsp
          */
         public override Asn1Object ToAsn1Object()
         {
-            Asn1EncodableVector v = new Asn1EncodableVector(responseStatus);
-            v.AddOptionalTagged(true, 0, responseBytes);
+            Asn1EncodableVector v = new Asn1EncodableVector(2);
+            v.Add(m_responseStatus);
+            v.AddOptionalTagged(true, 0, m_responseBytes);
             return new DerSequence(v);
         }
     }
diff --git a/crypto/src/asn1/ocsp/Request.cs b/crypto/src/asn1/ocsp/Request.cs
index 21121cb28..c6fb6ae47 100644
--- a/crypto/src/asn1/ocsp/Request.cs
+++ b/crypto/src/asn1/ocsp/Request.cs
@@ -1,72 +1,53 @@
 using System;
 
-using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Asn1.Ocsp
 {
     public class Request
         : Asn1Encodable
     {
-        private readonly CertID			reqCert;
-        private readonly X509Extensions	singleRequestExtensions;
-
-		public static Request GetInstance(
-			Asn1TaggedObject	obj,
-			bool				explicitly)
-		{
-			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
-		}
-
-		public static Request GetInstance(
-			object obj)
-		{
-			if (obj == null || obj is Request)
-			{
-				return (Request)obj;
-			}
+        public static Request GetInstance(object obj)
+        {
+            if (obj == null)
+                return null;
+            if (obj is Request request)
+                return request;
+            return new Request(Asn1Sequence.GetInstance(obj));
+        }
 
-			if (obj is Asn1Sequence)
-			{
-				return new Request((Asn1Sequence)obj);
-			}
+        public static Request GetInstance(Asn1TaggedObject obj, bool explicitly)
+        {
+            return new Request(Asn1Sequence.GetInstance(obj, explicitly));
+        }
 
-            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
-		}
+        private readonly CertID m_reqCert;
+        private readonly X509Extensions m_singleRequestExtensions;
 
-		public Request(
-            CertID			reqCert,
-            X509Extensions	singleRequestExtensions)
+        public Request(CertID reqCert, X509Extensions singleRequestExtensions)
         {
-			if (reqCert == null)
-				throw new ArgumentNullException("reqCert");
-
-			this.reqCert = reqCert;
-            this.singleRequestExtensions = singleRequestExtensions;
+			m_reqCert = reqCert ?? throw new ArgumentNullException(nameof(reqCert));
+            m_singleRequestExtensions = singleRequestExtensions;
         }
 
-		private Request(
-			Asn1Sequence seq)
+		private Request(Asn1Sequence seq)
         {
-			reqCert = CertID.GetInstance(seq[0]);
+            int count = seq.Count;
+            if (count < 1 || count > 2)
+                throw new ArgumentException("Bad sequence size: " + count, nameof(seq));
+
+            int pos = 0;
+
+            m_reqCert = CertID.GetInstance(seq[pos++]);
+            m_singleRequestExtensions = Asn1Utilities.ReadOptionalContextTagged(seq, ref pos, 0, true, X509Extensions.GetInstance);
 
-			if (seq.Count == 2)
-            {
-                singleRequestExtensions = X509Extensions.GetInstance(
-					(Asn1TaggedObject)seq[1], true);
-            }
+            if (pos != count)
+                throw new ArgumentException("Unexpected elements in sequence", nameof(seq));
         }
 
-		public CertID ReqCert
-		{
-			get { return reqCert; }
-		}
+        public CertID ReqCert => m_reqCert;
 
-		public X509Extensions SingleRequestExtensions
-		{
-			get { return singleRequestExtensions; }
-		}
+        public X509Extensions SingleRequestExtensions => m_singleRequestExtensions;
 
 		/**
          * Produce an object suitable for an Asn1OutputStream.
@@ -78,8 +59,9 @@ namespace Org.BouncyCastle.Asn1.Ocsp
          */
         public override Asn1Object ToAsn1Object()
         {
-            Asn1EncodableVector v = new Asn1EncodableVector(reqCert);
-            v.AddOptionalTagged(true, 0, singleRequestExtensions);
+            Asn1EncodableVector v = new Asn1EncodableVector(2);
+            v.Add(m_reqCert);
+            v.AddOptionalTagged(true, 0, m_singleRequestExtensions);
             return new DerSequence(v);
         }
     }
diff --git a/crypto/src/asn1/ocsp/ResponderID.cs b/crypto/src/asn1/ocsp/ResponderID.cs
index d677e63b0..aea935e06 100644
--- a/crypto/src/asn1/ocsp/ResponderID.cs
+++ b/crypto/src/asn1/ocsp/ResponderID.cs
@@ -1,6 +1,5 @@
 using System;
 
-using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.X509;
 
 namespace Org.BouncyCastle.Asn1.Ocsp
@@ -8,26 +7,23 @@ namespace Org.BouncyCastle.Asn1.Ocsp
     public class ResponderID
         : Asn1Encodable, IAsn1Choice
     {
-        private readonly Asn1Encodable id;
-
 		public static ResponderID GetInstance(object obj)
 		{
-			if (obj == null || obj is ResponderID)
-			{
-				return (ResponderID)obj;
-			}
+			if (obj == null)
+				return null;
 
-			if (obj is Asn1OctetString octets)
-			{
-				return new ResponderID(octets);
-			}
+			if (obj is ResponderID responderID)
+				return responderID;
 
-			if (obj is Asn1TaggedObject o)
+			if (obj is Asn1OctetString asn1OctetString)
+				return new ResponderID(asn1OctetString);
+
+			if (obj is Asn1TaggedObject taggedObject)
 			{
-				if (o.TagNo == 1)
-					return new ResponderID(X509Name.GetInstance(o, true));
+				if (taggedObject.HasContextTag(1))
+					return new ResponderID(X509Name.GetInstance(taggedObject, true));
 
-				return new ResponderID(Asn1OctetString.GetInstance(o, true));
+				return new ResponderID(Asn1OctetString.GetInstance(taggedObject, true));
 			}
 
 			return new ResponderID(X509Name.GetInstance(obj));
@@ -38,28 +34,22 @@ namespace Org.BouncyCastle.Asn1.Ocsp
             return Asn1Utilities.GetInstanceFromChoice(obj, isExplicit, GetInstance);
         }
 
-        public ResponderID(
-            Asn1OctetString id)
-        {
-			if (id == null)
-				throw new ArgumentNullException("id");
+        private readonly Asn1Encodable m_id;
 
-			this.id = id;
+        public ResponderID(Asn1OctetString id)
+        {
+			m_id = id ?? throw new ArgumentNullException(nameof(id));
         }
 
-		public ResponderID(
-            X509Name id)
+		public ResponderID(X509Name id)
         {
-			if (id == null)
-				throw new ArgumentNullException("id");
-
-			this.id = id;
+            m_id = id ?? throw new ArgumentNullException(nameof(id));
         }
 
 		public virtual byte[] GetKeyHash()
 		{
-			if (id is Asn1OctetString octetString)
-				return octetString.GetOctets();
+			if (m_id is Asn1OctetString asn1OctetString)
+				return asn1OctetString.GetOctets();
 
 			return null;
 		}
@@ -68,12 +58,10 @@ namespace Org.BouncyCastle.Asn1.Ocsp
 		{
 			get
 			{
-				if (id is Asn1OctetString)
-				{
+				if (m_id is Asn1OctetString)
 					return null;
-				}
 
-				return X509Name.GetInstance(id);
+				return X509Name.GetInstance(m_id);
 			}
 		}
 
@@ -87,12 +75,10 @@ namespace Org.BouncyCastle.Asn1.Ocsp
          */
         public override Asn1Object ToAsn1Object()
         {
-            if (id is Asn1OctetString)
-            {
-                return new DerTaggedObject(true, 2, id);
-            }
+            if (m_id is Asn1OctetString asn1OctetString)
+                return new DerTaggedObject(true, 2, asn1OctetString);
 
-			return new DerTaggedObject(true, 1, id);
+			return new DerTaggedObject(true, 1, m_id);
         }
     }
 }
diff --git a/crypto/src/asn1/ocsp/ResponseBytes.cs b/crypto/src/asn1/ocsp/ResponseBytes.cs
index d3ea044bf..c5cbc3d3f 100644
--- a/crypto/src/asn1/ocsp/ResponseBytes.cs
+++ b/crypto/src/asn1/ocsp/ResponseBytes.cs
@@ -1,70 +1,46 @@
 using System;
 
-using Org.BouncyCastle.Utilities;
-
 namespace Org.BouncyCastle.Asn1.Ocsp
 {
     public class ResponseBytes
         : Asn1Encodable
     {
-        private readonly DerObjectIdentifier responseType;
-        private readonly Asn1OctetString response;
-
-		public static ResponseBytes GetInstance(
-			Asn1TaggedObject	obj,
-			bool				explicitly)
-		{
-			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
-		}
-
-		public static ResponseBytes GetInstance(
-			object obj)
-		{
-			if (obj == null || obj is ResponseBytes)
-			{
-				return (ResponseBytes)obj;
-			}
+        public static ResponseBytes GetInstance(object obj)
+        {
+            if (obj == null)
+                return null;
+            if (obj is ResponseBytes responseBytes)
+                return responseBytes;
+            return new ResponseBytes(Asn1Sequence.GetInstance(obj));
+        }
 
-			if (obj is Asn1Sequence)
-			{
-				return new ResponseBytes((Asn1Sequence)obj);
-			}
+        public static ResponseBytes GetInstance(Asn1TaggedObject obj, bool explicitly)
+        {
+            return new ResponseBytes(Asn1Sequence.GetInstance(obj, explicitly));
+        }
 
-            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
-		}
+        private readonly DerObjectIdentifier m_responseType;
+        private readonly Asn1OctetString m_response;
 
-		public ResponseBytes(
-            DerObjectIdentifier	responseType,
-            Asn1OctetString		response)
+        public ResponseBytes(DerObjectIdentifier responseType, Asn1OctetString response)
         {
-			if (responseType == null)
-				throw new ArgumentNullException("responseType");
-			if (response == null)
-				throw new ArgumentNullException("response");
-
-			this.responseType = responseType;
-            this.response = response;
+			m_responseType = responseType ?? throw new ArgumentNullException(nameof(responseType));
+            m_response = response ?? throw new ArgumentNullException(nameof(response));
         }
 
-		private ResponseBytes(
-            Asn1Sequence seq)
+        private ResponseBytes(Asn1Sequence seq)
         {
-			if (seq.Count != 2)
-				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+            int count = seq.Count;
+            if (count != 2)
+                throw new ArgumentException("Bad sequence size: " + count, nameof(seq));
 
-			this.responseType = DerObjectIdentifier.GetInstance(seq[0]);
-            this.response = Asn1OctetString.GetInstance(seq[1]);
+            m_responseType = DerObjectIdentifier.GetInstance(seq[0]);
+            m_response = Asn1OctetString.GetInstance(seq[1]);
         }
 
-		public DerObjectIdentifier ResponseType
-		{
-			get { return responseType; }
-		}
+        public DerObjectIdentifier ResponseType => m_responseType;
 
-		public Asn1OctetString Response
-		{
-			get { return response; }
-		}
+        public Asn1OctetString Response => m_response;
 
 		/**
          * Produce an object suitable for an Asn1OutputStream.
@@ -76,7 +52,7 @@ namespace Org.BouncyCastle.Asn1.Ocsp
          */
         public override Asn1Object ToAsn1Object()
         {
-			return new DerSequence(responseType, response);
+			return new DerSequence(m_responseType, m_response);
         }
     }
 }
diff --git a/crypto/src/asn1/ocsp/ResponseData.cs b/crypto/src/asn1/ocsp/ResponseData.cs
index b79301997..08b80d673 100644
--- a/crypto/src/asn1/ocsp/ResponseData.cs
+++ b/crypto/src/asn1/ocsp/ResponseData.cs
@@ -1,126 +1,85 @@
 using System;
 
 using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Asn1.Ocsp
 {
-	public class ResponseData
+    public class ResponseData
 		: Asn1Encodable
 	{
-		private static readonly DerInteger V1 = new DerInteger(0);
-
-		private readonly bool                versionPresent;
-		private readonly DerInteger          version;
-		private readonly ResponderID         responderID;
-		private readonly Asn1GeneralizedTime producedAt;
-		private readonly Asn1Sequence        responses;
-		private readonly X509Extensions      responseExtensions;
-
-		public static ResponseData GetInstance(
-			Asn1TaggedObject	obj,
-			bool				explicitly)
-		{
-			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
-		}
+        public static ResponseData GetInstance(object obj)
+        {
+			if (obj == null)
+				return null;
+            if (obj is ResponseData responseData)
+                return responseData;
+			return new ResponseData(Asn1Sequence.GetInstance(obj));
+        }
 
-		public static ResponseData GetInstance(
-			object  obj)
-		{
-			if (obj == null || obj is ResponseData)
-			{
-				return (ResponseData)obj;
-			}
+        public static ResponseData GetInstance(Asn1TaggedObject obj, bool explicitly)
+        {
+            return new ResponseData(Asn1Sequence.GetInstance(obj, explicitly));
+        }
 
-			if (obj is Asn1Sequence)
-			{
-				return new ResponseData((Asn1Sequence)obj);
-			}
+        private static readonly DerInteger V1 = new DerInteger(0);
 
-            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
-		}
+        private readonly DerInteger m_version;
+        private readonly bool m_versionPresent;
+        private readonly ResponderID m_responderID;
+        private readonly Asn1GeneralizedTime m_producedAt;
+        private readonly Asn1Sequence m_responses;
+        private readonly X509Extensions m_responseExtensions;
 
-		public ResponseData(
-			DerInteger          version,
-			ResponderID         responderID,
-            Asn1GeneralizedTime producedAt,
-			Asn1Sequence        responses,
-			X509Extensions      responseExtensions)
-		{
-			this.version = version;
-			this.responderID = responderID;
-			this.producedAt = producedAt;
-			this.responses = responses;
-			this.responseExtensions = responseExtensions;
-		}
+        public ResponseData(ResponderID responderID, Asn1GeneralizedTime producedAt, Asn1Sequence responses,
+            X509Extensions responseExtensions)
+            : this(V1, responderID, producedAt, responses, responseExtensions)
+        {
+        }
 
-		public ResponseData(
-			ResponderID         responderID,
-            Asn1GeneralizedTime producedAt,
-			Asn1Sequence        responses,
-			X509Extensions      responseExtensions)
-			: this(V1, responderID, producedAt, responses, responseExtensions)
-		{
+        public ResponseData(DerInteger version, ResponderID responderID, Asn1GeneralizedTime producedAt,
+            Asn1Sequence responses, X509Extensions responseExtensions)
+        {
+            m_version = version ?? V1;
+			m_versionPresent = false;
+			m_responderID = responderID ?? throw new ArgumentNullException(nameof(responderID));
+			m_producedAt = producedAt ?? throw new ArgumentNullException(nameof(producedAt));
+			m_responses = responses ?? throw new ArgumentNullException(nameof(responses));
+			m_responseExtensions = responseExtensions;
 		}
 
-		private ResponseData(Asn1Sequence seq)
+        private ResponseData(Asn1Sequence seq)
 		{
-			int index = 0;
-
-			Asn1Encodable enc = seq[0];
-			if (enc is Asn1TaggedObject o)
-			{
-				if (o.TagNo == 0)
-				{
-					this.versionPresent = true;
-					this.version = DerInteger.GetInstance(o, true);
-					index++;
-				}
-				else
-				{
-					this.version = V1;
-				}
-			}
-			else
-			{
-				this.version = V1;
-			}
-
-			this.responderID = ResponderID.GetInstance(seq[index++]);
-			this.producedAt = (Asn1GeneralizedTime)seq[index++];
-			this.responses = (Asn1Sequence)seq[index++];
-
-			if (seq.Count > index)
-			{
-				this.responseExtensions = X509Extensions.GetInstance(
-					(Asn1TaggedObject)seq[index], true);
-			}
-		}
+            int count = seq.Count;
+            if (count < 3 || count > 5)
+                throw new ArgumentException("Bad sequence size: " + count, nameof(seq));
 
-		public DerInteger Version
-		{
-			get { return version; }
-		}
+            int pos = 0;
 
-		public ResponderID ResponderID
-		{
-			get { return responderID; }
-		}
+            {
+                DerInteger version = Asn1Utilities.ReadOptionalContextTagged(seq, ref pos, 0, true, DerInteger.GetInstance);
 
-		public Asn1GeneralizedTime ProducedAt
-		{
-			get { return producedAt; }
-		}
+                m_version = version ?? V1;
+                m_versionPresent = version != null;
+            }
 
-		public Asn1Sequence Responses
-		{
-			get { return responses; }
-		}
+            m_responderID = ResponderID.GetInstance(seq[pos++]);
+            m_producedAt = Asn1GeneralizedTime.GetInstance(seq[pos++]);
+            m_responses = Asn1Sequence.GetInstance(seq[pos++]);
+            m_responseExtensions = Asn1Utilities.ReadOptionalContextTagged(seq, ref pos, 1, true, X509Extensions.GetInstance);
 
-		public X509Extensions ResponseExtensions
-		{
-			get { return responseExtensions; }
-		}
+            if (pos != count)
+                throw new ArgumentException("Unexpected elements in sequence", nameof(seq));
+        }
+
+        public DerInteger Version => m_version;
+
+		public ResponderID ResponderID => m_responderID;
+
+		public Asn1GeneralizedTime ProducedAt => m_producedAt;
+
+		public Asn1Sequence Responses => m_responses;
+
+		public X509Extensions ResponseExtensions => m_responseExtensions;
 
 		/**
          * Produce an object suitable for an Asn1OutputStream.
@@ -135,15 +94,15 @@ namespace Org.BouncyCastle.Asn1.Ocsp
          */
         public override Asn1Object ToAsn1Object()
         {
-            Asn1EncodableVector v = new Asn1EncodableVector(3);
+            Asn1EncodableVector v = new Asn1EncodableVector(5);
 
-            if (versionPresent || !version.Equals(V1))
+            if (m_versionPresent || !V1.Equals(m_version))
             {
-                v.Add(new DerTaggedObject(true, 0, version));
+                v.Add(new DerTaggedObject(true, 0, m_version));
             }
 
-            v.Add(responderID, producedAt, responses);
-            v.AddOptionalTagged(true, 1, responseExtensions);
+            v.Add(m_responderID, m_producedAt, m_responses);
+            v.AddOptionalTagged(true, 1, m_responseExtensions);
             return new DerSequence(v);
         }
     }
diff --git a/crypto/src/asn1/ocsp/RevokedInfo.cs b/crypto/src/asn1/ocsp/RevokedInfo.cs
index e6438dd08..d2395e186 100644
--- a/crypto/src/asn1/ocsp/RevokedInfo.cs
+++ b/crypto/src/asn1/ocsp/RevokedInfo.cs
@@ -1,77 +1,60 @@
 using System;
 
 using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Asn1.Ocsp
 {
     public class RevokedInfo
         : Asn1Encodable
     {
-        private readonly Asn1GeneralizedTime revocationTime;
-        private readonly CrlReason revocationReason;
-
-		public static RevokedInfo GetInstance(
-			Asn1TaggedObject	obj,
-			bool				explicitly)
-		{
-			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
-		}
-
-		public static RevokedInfo GetInstance(
-			object obj)
-		{
-			if (obj == null || obj is RevokedInfo)
-			{
-				return (RevokedInfo) obj;
-			}
+        public static RevokedInfo GetInstance(object obj)
+        {
+            if (obj == null)
+                return null;
+            if (obj is RevokedInfo revokedInfo)
+                return revokedInfo;
+            return new RevokedInfo(Asn1Sequence.GetInstance(obj));
+        }
 
-			if (obj is Asn1Sequence)
-			{
-				return new RevokedInfo((Asn1Sequence) obj);
-			}
+        public static RevokedInfo GetInstance(Asn1TaggedObject obj, bool explicitly)
+        {
+            return new RevokedInfo(Asn1Sequence.GetInstance(obj, explicitly));
+        }
 
-            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
-		}
+        private readonly Asn1GeneralizedTime m_revocationTime;
+        private readonly CrlReason m_revocationReason;
 
-		public RevokedInfo(
-            Asn1GeneralizedTime revocationTime)
+        public RevokedInfo(Asn1GeneralizedTime revocationTime)
 			: this(revocationTime, null)
 		{
 		}
 
-		public RevokedInfo(
-            Asn1GeneralizedTime revocationTime,
-            CrlReason           revocationReason)
+        public RevokedInfo(Asn1GeneralizedTime revocationTime, CrlReason revocationReason)
         {
-			if (revocationTime == null)
-				throw new ArgumentNullException("revocationTime");
-
-			this.revocationTime = revocationTime;
-            this.revocationReason = revocationReason;
+			m_revocationTime = revocationTime ?? throw new ArgumentNullException("revocationTime");
+            m_revocationReason = revocationReason;
         }
 
-		private RevokedInfo(
-            Asn1Sequence seq)
+        private RevokedInfo(Asn1Sequence seq)
         {
-            this.revocationTime = (Asn1GeneralizedTime)seq[0];
+            int count = seq.Count;
+            if (count < 1 || count > 2)
+                throw new ArgumentException("Bad sequence size: " + count, nameof(seq));
+
+            int pos = 0;
+
+            m_revocationTime = Asn1GeneralizedTime.GetInstance(seq[pos++]);
+
+            m_revocationReason = Asn1Utilities.ReadOptionalContextTagged(seq, ref pos, 0, true,
+                (t, e) => new CrlReason(DerEnumerated.GetInstance(t, e)));
 
-			if (seq.Count > 1)
-            {
-                this.revocationReason = new CrlReason(
-					DerEnumerated.GetInstance((Asn1TaggedObject) seq[1], true));
-            }
+            if (pos != count)
+                throw new ArgumentException("Unexpected elements in sequence", nameof(seq));
         }
 
-		public Asn1GeneralizedTime RevocationTime
-		{
-			get { return revocationTime; }
-		}
+        public Asn1GeneralizedTime RevocationTime => m_revocationTime;
 
-		public CrlReason RevocationReason
-		{
-			get { return revocationReason; }
-		}
+        public CrlReason RevocationReason => m_revocationReason;
 
 		/**
          * Produce an object suitable for an Asn1OutputStream.
@@ -83,8 +66,9 @@ namespace Org.BouncyCastle.Asn1.Ocsp
          */
         public override Asn1Object ToAsn1Object()
         {
-            Asn1EncodableVector v = new Asn1EncodableVector(revocationTime);
-            v.AddOptionalTagged(true, 0, revocationReason);
+            Asn1EncodableVector v = new Asn1EncodableVector(2);
+            v.Add(m_revocationTime);
+            v.AddOptionalTagged(true, 0, m_revocationReason);
             return new DerSequence(v);
         }
     }
diff --git a/crypto/src/asn1/ocsp/ServiceLocator.cs b/crypto/src/asn1/ocsp/ServiceLocator.cs
index c6a9514ae..683957a5a 100644
--- a/crypto/src/asn1/ocsp/ServiceLocator.cs
+++ b/crypto/src/asn1/ocsp/ServiceLocator.cs
@@ -1,76 +1,62 @@
 using System;
 
 using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Asn1.Ocsp
 {
     public class ServiceLocator
         : Asn1Encodable
     {
-        private readonly X509Name issuer;
-        private readonly Asn1Object locator;
-
-		public static ServiceLocator GetInstance(
-			Asn1TaggedObject	obj,
-			bool				explicitly)
-		{
-			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        public static ServiceLocator GetInstance(object obj)
+        {
+            if (obj == null)
+                return null;
+            if (obj is ServiceLocator serviceLocator)
+				return serviceLocator;
+            return new ServiceLocator(Asn1Sequence.GetInstance(obj));
 		}
 
-		public static ServiceLocator GetInstance(
-			object obj)
-		{
-			if (obj == null || obj is ServiceLocator)
-			{
-				return (ServiceLocator) obj;
-			}
+        public static ServiceLocator GetInstance(Asn1TaggedObject obj, bool explicitly)
+        {
+            return new ServiceLocator(Asn1Sequence.GetInstance(obj, explicitly));
+        }
 
-			if (obj is Asn1Sequence)
-			{
-				return new ServiceLocator((Asn1Sequence) obj);
-			}
+        private readonly X509Name m_issuer;
+        private readonly Asn1Object m_locator;
 
-            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
-		}
+        public ServiceLocator(X509Name issuer)
+            : this(issuer, null)
+        {
+        }
 
-		public ServiceLocator(
-			X509Name	issuer)
-			: this(issuer, null)
-		{
+        public ServiceLocator(X509Name issuer, Asn1Object locator)
+        {
+			m_issuer = issuer ?? throw new ArgumentNullException(nameof(issuer));
+			m_locator = locator;
 		}
 
-		public ServiceLocator(
-			X509Name	issuer,
-			Asn1Object	locator)
-		{
-			if (issuer == null)
-				throw new ArgumentNullException("issuer");
+        private ServiceLocator(Asn1Sequence seq)
+        {
+            int count = seq.Count;
+            if (count < 1 || count > 2)
+                throw new ArgumentException("Bad sequence size: " + count, nameof(seq));
 
-			this.issuer = issuer;
-			this.locator = locator;
-		}
+            int pos = 0;
 
-		private ServiceLocator(
-			Asn1Sequence seq)
-		{
-			this.issuer = X509Name.GetInstance(seq[0]);
+            m_issuer = X509Name.GetInstance(seq[pos++]);
 
-			if (seq.Count > 1)
-			{
-				this.locator = seq[1].ToAsn1Object();
-			}
-		}
+            if (pos < count)
+            {
+                m_locator = seq[pos++].ToAsn1Object();
+            }
 
-		public X509Name Issuer
-		{
-			get { return issuer; }
+            if (pos != count)
+                throw new ArgumentException("Unexpected elements in sequence", nameof(seq));
 		}
 
-		public Asn1Object Locator
-		{
-			get { return locator; }
-		}
+        public X509Name Issuer => m_issuer;
+
+        public Asn1Object Locator => m_locator;
 
 		/**
          * Produce an object suitable for an Asn1OutputStream.
@@ -82,8 +68,9 @@ namespace Org.BouncyCastle.Asn1.Ocsp
          */
         public override Asn1Object ToAsn1Object()
         {
-            Asn1EncodableVector v = new Asn1EncodableVector(issuer);
-            v.AddOptional(locator);
+            Asn1EncodableVector v = new Asn1EncodableVector(2);
+            v.Add(m_issuer);
+            v.AddOptional(m_locator);
             return new DerSequence(v);
         }
     }
diff --git a/crypto/src/asn1/ocsp/Signature.cs b/crypto/src/asn1/ocsp/Signature.cs
index c6f149d62..fd77b87b1 100644
--- a/crypto/src/asn1/ocsp/Signature.cs
+++ b/crypto/src/asn1/ocsp/Signature.cs
@@ -1,94 +1,65 @@
 using System;
 
 using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Asn1.Ocsp
 {
     public class Signature
         : Asn1Encodable
     {
-        internal AlgorithmIdentifier	signatureAlgorithm;
-        internal DerBitString			signatureValue;
-        internal Asn1Sequence			certs;
-
-		public static Signature GetInstance(
-			Asn1TaggedObject	obj,
-			bool				explicitly)
-		{
-			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        public static Signature GetInstance(object obj)
+        {
+            if (obj == null)
+                return null;
+            if (obj is Signature signature)
+                return signature;
+            return new Signature(Asn1Sequence.GetInstance(obj));
 		}
 
-		public static Signature GetInstance(
-			object  obj)
-		{
-			if (obj == null || obj is Signature)
-			{
-				return (Signature)obj;
-			}
-
-			if (obj is Asn1Sequence)
-			{
-				return new Signature((Asn1Sequence)obj);
-			}
+        public static Signature GetInstance(Asn1TaggedObject obj, bool explicitly)
+        {
+            return new Signature(Asn1Sequence.GetInstance(obj, explicitly));
+        }
 
-            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
-		}
+        private readonly AlgorithmIdentifier m_signatureAlgorithm;
+        private readonly DerBitString m_signatureValue;
+        private readonly Asn1Sequence m_certs;
 
-		public Signature(
-            AlgorithmIdentifier signatureAlgorithm,
-            DerBitString        signatureValue)
-			: this(signatureAlgorithm, signatureValue, null)
+        public Signature(AlgorithmIdentifier signatureAlgorithm, DerBitString signatureValue)
+            : this(signatureAlgorithm, signatureValue, null)
         {
         }
 
-		public Signature(
-            AlgorithmIdentifier	signatureAlgorithm,
-            DerBitString		signatureValue,
-            Asn1Sequence		certs)
+        public Signature(AlgorithmIdentifier signatureAlgorithm, DerBitString signatureValue, Asn1Sequence certs)
         {
-			if (signatureAlgorithm == null)
-				throw new ArgumentException("signatureAlgorithm");
-			if (signatureValue == null)
-				throw new ArgumentException("signatureValue");
-
-			this.signatureAlgorithm = signatureAlgorithm;
-            this.signatureValue = signatureValue;
-            this.certs = certs;
+            m_signatureAlgorithm = signatureAlgorithm ?? throw new ArgumentNullException(nameof(signatureAlgorithm));
+            m_signatureValue = signatureValue ?? throw new ArgumentNullException(nameof(signatureValue));
+            m_certs = certs;
         }
 
-		private Signature(
-            Asn1Sequence seq)
+        private Signature(Asn1Sequence seq)
         {
-            signatureAlgorithm = AlgorithmIdentifier.GetInstance(seq[0]);
-            signatureValue = (DerBitString)seq[1];
+            int count = seq.Count;
+            if (count < 2 || count > 3)
+                throw new ArgumentException("Bad sequence size: " + count, nameof(seq));
 
-			if (seq.Count == 3)
-            {
-                certs = Asn1Sequence.GetInstance(
-					(Asn1TaggedObject)seq[2], true);
-            }
+            int pos = 0;
+
+            m_signatureAlgorithm = AlgorithmIdentifier.GetInstance(seq[pos++]);
+            m_signatureValue = DerBitString.GetInstance(seq[pos++]);
+            m_certs = Asn1Utilities.ReadOptionalContextTagged(seq, ref pos, 0, true, Asn1Sequence.GetInstance);
+
+            if (pos != count)
+                throw new ArgumentException("Unexpected elements in sequence", nameof(seq));
         }
 
-		public AlgorithmIdentifier SignatureAlgorithm
-		{
-			get { return signatureAlgorithm; }
-		}
+        public AlgorithmIdentifier SignatureAlgorithm => m_signatureAlgorithm;
 
-		public DerBitString SignatureValue
-		{
-			get { return signatureValue; }
-		}
+        public DerBitString SignatureValue => m_signatureValue;
 
-        public byte[] GetSignatureOctets()
-        {
-            return signatureValue.GetOctets();
-        }
+        public byte[] GetSignatureOctets() => m_signatureValue.GetOctets();
 
-        public Asn1Sequence Certs
-		{
-			get { return certs; }
-		}
+        public Asn1Sequence Certs => m_certs;
 
 		/**
          * Produce an object suitable for an Asn1OutputStream.
@@ -101,8 +72,9 @@ namespace Org.BouncyCastle.Asn1.Ocsp
          */
         public override Asn1Object ToAsn1Object()
         {
-            Asn1EncodableVector v = new Asn1EncodableVector(signatureAlgorithm, signatureValue);
-            v.AddOptionalTagged(true, 0, certs);
+            Asn1EncodableVector v = new Asn1EncodableVector(3);
+            v.Add(m_signatureAlgorithm, m_signatureValue);
+            v.AddOptionalTagged(true, 0, m_certs);
             return new DerSequence(v);
         }
     }
diff --git a/crypto/src/asn1/ocsp/SingleResponse.cs b/crypto/src/asn1/ocsp/SingleResponse.cs
index 42b451af7..c2188562b 100644
--- a/crypto/src/asn1/ocsp/SingleResponse.cs
+++ b/crypto/src/asn1/ocsp/SingleResponse.cs
@@ -1,109 +1,74 @@
 using System;
 
 using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Asn1.Ocsp
 {
     public class SingleResponse
         : Asn1Encodable
     {
-        private readonly CertID              certID;
-        private readonly CertStatus          certStatus;
-        private readonly Asn1GeneralizedTime thisUpdate;
-        private readonly Asn1GeneralizedTime nextUpdate;
-        private readonly X509Extensions      singleExtensions;
-
-		public SingleResponse(
-            CertID              certID,
-            CertStatus          certStatus,
-            Asn1GeneralizedTime thisUpdate,
-            Asn1GeneralizedTime nextUpdate,
-            X509Extensions      singleExtensions)
+        public static SingleResponse GetInstance(object obj)
         {
-            this.certID = certID;
-            this.certStatus = certStatus;
-            this.thisUpdate = thisUpdate;
-            this.nextUpdate = nextUpdate;
-            this.singleExtensions = singleExtensions;
+            if (obj == null)
+                return null;
+            if (obj is SingleResponse singleResponse)
+                return singleResponse;
+#pragma warning disable CS0618 // Type or member is obsolete
+            return new SingleResponse(Asn1Sequence.GetInstance(obj));
+#pragma warning restore CS0618 // Type or member is obsolete
         }
 
-		public SingleResponse(
-            Asn1Sequence seq)
+        public static SingleResponse GetInstance(Asn1TaggedObject obj, bool explicitly)
         {
-            this.certID = CertID.GetInstance(seq[0]);
-            this.certStatus = CertStatus.GetInstance(seq[1]);
-            this.thisUpdate = (Asn1GeneralizedTime)seq[2];
-
-			if (seq.Count > 4)
-            {
-                this.nextUpdate = Asn1GeneralizedTime.GetInstance(
-					(Asn1TaggedObject) seq[3], true);
-                this.singleExtensions = X509Extensions.GetInstance(
-					(Asn1TaggedObject) seq[4], true);
-            }
-            else if (seq.Count > 3)
-            {
-                Asn1TaggedObject o = (Asn1TaggedObject) seq[3];
-
-				if (o.TagNo == 0)
-                {
-                    this.nextUpdate = Asn1GeneralizedTime.GetInstance(o, true);
-                }
-                else
-                {
-                    this.singleExtensions = X509Extensions.GetInstance(o, true);
-                }
-            }
+#pragma warning disable CS0618 // Type or member is obsolete
+            return new SingleResponse(Asn1Sequence.GetInstance(obj, explicitly));
+#pragma warning restore CS0618 // Type or member is obsolete
         }
 
-		public static SingleResponse GetInstance(
-            Asn1TaggedObject	obj,
-            bool				explicitly)
+        private readonly CertID m_certID;
+        private readonly CertStatus m_certStatus;
+        private readonly Asn1GeneralizedTime m_thisUpdate;
+        private readonly Asn1GeneralizedTime m_nextUpdate;
+        private readonly X509Extensions m_singleExtensions;
+
+        public SingleResponse(CertID certID, CertStatus certStatus, Asn1GeneralizedTime thisUpdate,
+            Asn1GeneralizedTime nextUpdate, X509Extensions singleExtensions)
         {
-            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+            m_certID = certID ?? throw new ArgumentNullException(nameof(certID));
+            m_certStatus = certStatus ?? throw new ArgumentNullException(nameof(certStatus));
+            m_thisUpdate = thisUpdate ?? throw new ArgumentNullException(nameof(thisUpdate));
+            m_nextUpdate = nextUpdate;
+            m_singleExtensions = singleExtensions;
         }
 
-		public static SingleResponse GetInstance(
-            object obj)
+        [Obsolete("Use 'GetInstance' instead")]
+        public SingleResponse(Asn1Sequence seq)
         {
-            if (obj == null || obj is SingleResponse)
-            {
-                return (SingleResponse)obj;
-            }
+            int count = seq.Count;
+            if (count < 3 || count > 5)
+                throw new ArgumentException("Bad sequence size: " + count, nameof(seq));
+
+            int pos = 0;
 
-			if (obj is Asn1Sequence)
-            {
-                return new SingleResponse((Asn1Sequence)obj);
-            }
+            m_certID = CertID.GetInstance(seq[pos++]);
+            m_certStatus = CertStatus.GetInstance(seq[pos++]);
+            m_thisUpdate = Asn1GeneralizedTime.GetInstance(seq[pos++]);
+            m_nextUpdate = Asn1Utilities.ReadOptionalContextTagged(seq, ref pos, 0, true, Asn1GeneralizedTime.GetInstance);
+            m_singleExtensions = Asn1Utilities.ReadOptionalContextTagged(seq, ref pos, 1, true, X509Extensions.GetInstance);
 
-            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+            if (pos != count)
+                throw new ArgumentException("Unexpected elements in sequence", nameof(seq));
         }
 
-		public CertID CertId
-		{
-			get { return certID; }
-		}
+        public CertID CertId => m_certID;
 
-		public CertStatus CertStatus
-		{
-			get { return certStatus; }
-		}
+        public CertStatus CertStatus => m_certStatus;
 
-		public Asn1GeneralizedTime ThisUpdate
-		{
-			get { return thisUpdate; }
-		}
+        public Asn1GeneralizedTime ThisUpdate => m_thisUpdate;
 
-		public Asn1GeneralizedTime NextUpdate
-		{
-			get { return nextUpdate; }
-		}
+        public Asn1GeneralizedTime NextUpdate => m_nextUpdate;
 
-		public X509Extensions SingleExtensions
-		{
-			get { return singleExtensions; }
-		}
+        public X509Extensions SingleExtensions => m_singleExtensions;
 
 		/**
          * Produce an object suitable for an Asn1OutputStream.
@@ -118,9 +83,10 @@ namespace Org.BouncyCastle.Asn1.Ocsp
          */
         public override Asn1Object ToAsn1Object()
         {
-            Asn1EncodableVector v = new Asn1EncodableVector(certID, certStatus, thisUpdate);
-            v.AddOptionalTagged(true, 0, nextUpdate);
-            v.AddOptionalTagged(true, 1, singleExtensions);
+            Asn1EncodableVector v = new Asn1EncodableVector(5);
+            v.Add(m_certID, m_certStatus, m_thisUpdate);
+            v.AddOptionalTagged(true, 0, m_nextUpdate);
+            v.AddOptionalTagged(true, 1, m_singleExtensions);
             return new DerSequence(v);
         }
     }
diff --git a/crypto/src/asn1/ocsp/TBSRequest.cs b/crypto/src/asn1/ocsp/TBSRequest.cs
index 8e3373f87..e041a9763 100644
--- a/crypto/src/asn1/ocsp/TBSRequest.cs
+++ b/crypto/src/asn1/ocsp/TBSRequest.cs
@@ -1,113 +1,73 @@
 using System;
 
 using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Asn1.Ocsp
 {
     public class TbsRequest
         : Asn1Encodable
     {
-		private static readonly DerInteger V1 = new DerInteger(0);
-
-		private readonly DerInteger      version;
-        private readonly GeneralName     requestorName;
-        private readonly Asn1Sequence    requestList;
-        private readonly X509Extensions  requestExtensions;
-
-		private bool versionSet;
-
-		public static TbsRequest GetInstance(
-			Asn1TaggedObject	obj,
-			bool				explicitly)
-		{
-			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
-		}
-
-		public static TbsRequest GetInstance(
-			object obj)
-		{
-			if (obj == null || obj is TbsRequest)
-			{
-				return (TbsRequest)obj;
-			}
-
-			if (obj is Asn1Sequence)
-			{
-				return new TbsRequest((Asn1Sequence)obj);
-			}
-
-            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
-		}
-
-		public TbsRequest(
-            GeneralName     requestorName,
-            Asn1Sequence    requestList,
-            X509Extensions  requestExtensions)
+        public static TbsRequest GetInstance(object obj)
         {
-            this.version = V1;
-            this.requestorName = requestorName;
-            this.requestList = requestList;
-            this.requestExtensions = requestExtensions;
+            if (obj == null)
+                return null;
+            if (obj is TbsRequest tbsRequest)
+                return tbsRequest;
+            return new TbsRequest(Asn1Sequence.GetInstance(obj));
         }
 
-		private TbsRequest(
-            Asn1Sequence seq)
+        public static TbsRequest GetInstance(Asn1TaggedObject obj, bool explicitly)
         {
-            int index = 0;
+            return new TbsRequest(Asn1Sequence.GetInstance(obj, explicitly));
+        }
 
-			Asn1Encodable enc = seq[0];
-			if (enc is Asn1TaggedObject o)
-            {
-				if (o.TagNo == 0)
-                {
-					versionSet = true;
-					version = DerInteger.GetInstance(o, true);
-                    index++;
-                }
-                else
-                {
-                    version = V1;
-                }
-            }
-            else
-            {
-                version = V1;
-            }
+        private static readonly DerInteger V1 = new DerInteger(0);
 
-			if (seq[index] is Asn1TaggedObject taggedObject)
-            {
-                index++;
-                requestorName = GeneralName.GetInstance(taggedObject, true);
-            }
+        private readonly DerInteger m_version;
+        private readonly bool m_versionPresent;
+        private readonly GeneralName m_requestorName;
+        private readonly Asn1Sequence m_requestList;
+        private readonly X509Extensions m_requestExtensions;
 
-			requestList = (Asn1Sequence) seq[index++];
+        public TbsRequest(GeneralName requestorName, Asn1Sequence requestList, X509Extensions requestExtensions)
+        {
+            m_version = V1;
+            m_versionPresent = false;
+            m_requestorName = requestorName;
+            m_requestList = requestList ?? throw new ArgumentNullException(nameof(requestList));
+            m_requestExtensions = requestExtensions;
+        }
+
+        private TbsRequest(Asn1Sequence seq)
+        {
+            int count = seq.Count;
+            if (count < 1 || count > 4)
+                throw new ArgumentException("Bad sequence size: " + count, nameof(seq));
+
+            int pos = 0;
 
-			if (seq.Count == (index + 1))
             {
-                requestExtensions = X509Extensions.GetInstance((Asn1TaggedObject) seq[index], true);
+                DerInteger version = Asn1Utilities.ReadOptionalContextTagged(seq, ref pos, 0, true, DerInteger.GetInstance);
+
+                m_version = version ?? V1;
+                m_versionPresent = version != null;
             }
+
+            m_requestorName = Asn1Utilities.ReadOptionalContextTagged(seq, ref pos, 1, true, GeneralName.GetInstance);
+			m_requestList = Asn1Sequence.GetInstance(seq[pos++]);
+            m_requestExtensions = Asn1Utilities.ReadOptionalContextTagged(seq, ref pos, 2, true, X509Extensions.GetInstance);
+
+            if (pos != count)
+                throw new ArgumentException("Unexpected elements in sequence", nameof(seq));
         }
 
-		public DerInteger Version
-		{
-			get { return version; }
-		}
+        public DerInteger Version => m_version;
 
-		public GeneralName RequestorName
-		{
-			get { return requestorName; }
-		}
+        public GeneralName RequestorName => m_requestorName;
 
-		public Asn1Sequence RequestList
-		{
-			get { return requestList; }
-		}
+        public Asn1Sequence RequestList => m_requestList;
 
-		public X509Extensions RequestExtensions
-		{
-			get { return requestExtensions; }
-		}
+        public X509Extensions RequestExtensions => m_requestExtensions;
 
 		/**
          * Produce an object suitable for an Asn1OutputStream.
@@ -127,14 +87,14 @@ namespace Org.BouncyCastle.Asn1.Ocsp
             // if default don't include - unless explicitly provided. Not strictly correct
             // but required for some requests
             //
-            if (!version.Equals(V1) || versionSet)
+            if (m_versionPresent || !V1.Equals(m_version))
             {
-                v.Add(new DerTaggedObject(true, 0, version));
+                v.Add(new DerTaggedObject(true, 0, m_version));
             }
 
-            v.AddOptionalTagged(true, 1, requestorName);
-            v.Add(requestList);
-            v.AddOptionalTagged(true, 2, requestExtensions);
+            v.AddOptionalTagged(true, 1, m_requestorName);
+            v.Add(m_requestList);
+            v.AddOptionalTagged(true, 2, m_requestExtensions);
             return new DerSequence(v);
         }
     }