本文整理汇总了C#中System.Security.Cryptography.X509Certificates.X509Chain.Reset方法的典型用法代码示例。如果您正苦于以下问题:C# X509Chain.Reset方法的具体用法?C# X509Chain.Reset怎么用?C# X509Chain.Reset使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类System.Security.Cryptography.X509Certificates.X509Chain的用法示例。
在下文中一共展示了X509Chain.Reset方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: Build_Cert2
public void Build_Cert2 ()
{
X509Chain c = new X509Chain ();
foreach (X509VerificationFlags vf in Enum.GetValues (typeof (X509VerificationFlags))) {
c.ChainPolicy.VerificationFlags = vf;
CheckCert2 (c);
c.Reset ();
}
// minimal criteria for success
c.ChainPolicy.VerificationFlags = X509VerificationFlags.IgnoreNotTimeValid | X509VerificationFlags.AllowUnknownCertificateAuthority;
CheckCert2 (c);
}示例2: Reset
public void Reset ()
{
X509Chain c = new X509Chain ();
c.ChainPolicy.ApplicationPolicy.Add (new Oid ("1.2.3"));
c.ChainPolicy.CertificatePolicy.Add (new Oid ("1.2.4"));
c.ChainPolicy.ExtraStore.AddRange (collection);
c.ChainPolicy.RevocationFlag = X509RevocationFlag.EntireChain;
c.ChainPolicy.RevocationMode = X509RevocationMode.Offline;
c.ChainPolicy.UrlRetrievalTimeout = new TimeSpan (1000);
c.ChainPolicy.VerificationFlags = X509VerificationFlags.IgnoreWrongUsage;
c.ChainPolicy.VerificationTime = DateTime.MinValue;
c.Reset ();
// resetting the chain doesn't reset the policy
Assert.AreEqual (1, c.ChainPolicy.ApplicationPolicy.Count, "ApplicationPolicy");
Assert.AreEqual (1, c.ChainPolicy.CertificatePolicy.Count, "CertificatePolicy");
Assert.AreEqual (2, c.ChainPolicy.ExtraStore.Count, "ExtraStore");
Assert.AreEqual (X509RevocationFlag.EntireChain, c.ChainPolicy.RevocationFlag, "RevocationFlag");
Assert.AreEqual (X509RevocationMode.Offline, c.ChainPolicy.RevocationMode, "RevocationMode");
Assert.AreEqual (1000, c.ChainPolicy.UrlRetrievalTimeout.Ticks, "UrlRetrievalTimeout");
Assert.AreEqual (X509VerificationFlags.IgnoreWrongUsage, c.ChainPolicy.VerificationFlags, "VerificationFlags");
Assert.AreEqual (DateTime.MinValue, c.ChainPolicy.VerificationTime, "VerificationTime");
}示例3: Build_Cert1_X509RevocationMode_NoCheck
public void Build_Cert1_X509RevocationMode_NoCheck ()
{
X509Chain c = new X509Chain ();
c.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
foreach (X509VerificationFlags vf in Enum.GetValues (typeof (X509VerificationFlags))) {
c.ChainPolicy.VerificationFlags = vf;
CheckCert1 (c);
c.Reset ();
}
}示例4: Build_Twice_WithReset
public void Build_Twice_WithReset ()
{
X509Chain c = new X509Chain ();
Assert.IsFalse (c.Build (cert1), "Build-1");
c.Reset ();
Assert.IsFalse (c.Build (cert2), "Build-2");
c.Reset ();
CheckDefaultChain (c);
}示例5: AcquireClientCredentials
private bool AcquireClientCredentials(ref byte[] thumbPrint)
{
GlobalLog.Enter("SecureChannel#" + ValidationHelper.HashString(this) + "::AcquireClientCredentials");
//
// Acquire possible Client Certificate information and set it on the handle
//
X509Certificate clientCertificate = null; // This is a candidate that can come from the user callback or be guessed when targeting a session restart
ArrayList filteredCerts = new ArrayList(); // This is an intermediate client certs collection that try to use if no selectedCert is available yet.
string[] issuers = null; // This is a list of issuers sent by the server, only valid is we do know what the server cert is.
bool sessionRestartAttempt = false; // if true and no cached creds we will use anonymous creds.
if (m_CertSelectionDelegate!=null)
{
if (issuers == null)
issuers = GetIssuers();
GlobalLog.Print("SecureChannel#" + ValidationHelper.HashString(this) + "::AcquireClientCredentials() calling CertificateSelectionCallback");
X509Certificate2 remoteCert = null;
try {
X509Certificate2Collection dummyCollection;
remoteCert = GetRemoteCertificate(out dummyCollection);
clientCertificate = m_CertSelectionDelegate(m_HostName, ClientCertificates, remoteCert, issuers);
}
finally {
if (remoteCert != null)
remoteCert.Reset();
}
if (clientCertificate != null)
{
if (m_CredentialsHandle == null)
sessionRestartAttempt = true;
filteredCerts.Add(clientCertificate);
if (Logging.On) Logging.PrintInfo(Logging.Web, this, SR.GetString(SR.net_log_got_certificate_from_delegate));
}
else
{
// If ClientCertificates.Count != 0, how come we don't try to go through them and add them to the filtered certs, just like when there is no delegate????
if (ClientCertificates.Count == 0)
{
if (Logging.On) Logging.PrintInfo(Logging.Web, this, SR.GetString(SR.net_log_no_delegate_and_have_no_client_cert));
sessionRestartAttempt = true;
}
else
{
if (Logging.On) Logging.PrintInfo(Logging.Web, this, SR.GetString(SR.net_log_no_delegate_but_have_client_cert));
}
}
}
else if (m_CredentialsHandle == null && m_ClientCertificates != null && m_ClientCertificates.Count > 0)
{
// This is where we attempt to restart a session by picking the FIRST cert from the collection.
// Otheriwse (next elses) it is either server sending a client cert request or the session is renegotiated.
clientCertificate = ClientCertificates[0];
sessionRestartAttempt = true;
if (clientCertificate!=null)
filteredCerts.Add(clientCertificate);
if (Logging.On) Logging.PrintInfo(Logging.Web, this, SR.GetString(SR.net_log_attempting_restart_using_cert, (clientCertificate == null ? "null" : clientCertificate.ToString(true))));
}
else if (m_ClientCertificates!=null && m_ClientCertificates.Count > 0)
{
//
// This should be a server request for the client cert sent over currently anonyumous sessions.
//
if (issuers == null)
issuers = GetIssuers();
if (Logging.On)
{
if (issuers == null || issuers.Length == 0)
Logging.PrintInfo(Logging.Web, this, SR.GetString(SR.net_log_no_issuers_try_all_certs));
else
Logging.PrintInfo(Logging.Web, this, SR.GetString(SR.net_log_server_issuers_look_for_matching_certs, issuers.Length));
}
for (int i = 0; i < m_ClientCertificates.Count; ++i)
{
//
// make sure we add only if the cert matches one of the issuers
// If no issuers were sent and then try all client certs starting with the first one.
//
if (issuers != null && issuers.Length != 0)
{
X509Certificate2 certificateEx = null;
X509Chain chain = null;
try {
certificateEx = MakeEx(m_ClientCertificates[i]);
if (certificateEx == null)
continue;
GlobalLog.Print("SecureChannel#" + ValidationHelper.HashString(this) + "::AcquireClientCredentials() root cert:" + certificateEx.Issuer);
chain = new X509Chain();
//.........这里部分代码省略.........
示例6: FindClientCertificates
internal static X509CertificateCollection FindClientCertificates()
{
if (!ComNetOS.IsWin7orLater)
{
throw new PlatformNotSupportedException();
}
X509CertificateCollection certificates = new X509CertificateCollection();
X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
store.Open(OpenFlags.MaxAllowed);
int chainCount = 0;
SafeFreeCertChainList chainList = null;
SafeCertSelectCritera criteria = new SafeCertSelectCritera();
try
{
bool success = CertSelectCertificateChains(
IntPtr.Zero,
CertificateSelect.HasPrivateKey,
IntPtr.Zero,
criteria.Count, // DWORD
criteria, // PCCERT_SELECT_CRITERIA
store.StoreHandle,
out chainCount,
out chainList);
if (!success)
{
throw new Win32Exception(); // Calls GetLastError.
}
Debug.Assert(chainCount == 0 || !chainList.IsInvalid);
for (int i = 0; i < chainCount; i++)
{
// Resolve IntPtr in array.
using (SafeFreeCertChain chainRef = new SafeFreeCertChain(
Marshal.ReadIntPtr(chainList.DangerousGetHandle()
+ i * Marshal.SizeOf(typeof(IntPtr))), true))
{
Debug.Assert(!chainRef.IsInvalid);
// X509Chain will duplicate the chain by increasing its ref-count.
X509Chain chain = new X509Chain(chainRef.DangerousGetHandle());
// Copy base cert from chain.
if (chain.ChainElements.Count > 0)
{
X509Certificate2 cert = chain.ChainElements[0].Certificate;
certificates.Add(cert);
}
// Remove the X509Chain's reference prior to releasing the Chain List.
chain.Reset();
}
}
}
finally
{
// Close store.
store.Close();
chainList.Dispose();
criteria.Dispose();
}
return certificates;
}示例7: AcquireClientCredentials
private bool AcquireClientCredentials(ref byte[] thumbPrint)
{
X509Certificate certificate = null;
ArrayList list = new ArrayList();
string[] acceptableIssuers = null;
bool flag = false;
if (this.m_CertSelectionDelegate != null)
{
if (acceptableIssuers == null)
{
acceptableIssuers = this.GetIssuers();
}
X509Certificate2 remoteCertificate = null;
try
{
X509Certificate2Collection certificates;
remoteCertificate = this.GetRemoteCertificate(out certificates);
certificate = this.m_CertSelectionDelegate(this.m_HostName, this.ClientCertificates, remoteCertificate, acceptableIssuers);
}
finally
{
if (remoteCertificate != null)
{
remoteCertificate.Reset();
}
}
if (certificate != null)
{
if (this.m_CredentialsHandle == null)
{
flag = true;
}
list.Add(certificate);
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, this, SR.GetString("net_log_got_certificate_from_delegate"));
}
}
else if (this.ClientCertificates.Count == 0)
{
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, this, SR.GetString("net_log_no_delegate_and_have_no_client_cert"));
}
flag = true;
}
else if (Logging.On)
{
Logging.PrintInfo(Logging.Web, this, SR.GetString("net_log_no_delegate_but_have_client_cert"));
}
}
else if (((this.m_CredentialsHandle == null) && (this.m_ClientCertificates != null)) && (this.m_ClientCertificates.Count > 0))
{
certificate = this.ClientCertificates[0];
flag = true;
if (certificate != null)
{
list.Add(certificate);
}
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, this, SR.GetString("net_log_attempting_restart_using_cert", new object[] { (certificate == null) ? "null" : certificate.ToString(true) }));
}
}
else if ((this.m_ClientCertificates != null) && (this.m_ClientCertificates.Count > 0))
{
if (acceptableIssuers == null)
{
acceptableIssuers = this.GetIssuers();
}
if (Logging.On)
{
if ((acceptableIssuers == null) || (acceptableIssuers.Length == 0))
{
Logging.PrintInfo(Logging.Web, this, SR.GetString("net_log_no_issuers_try_all_certs"));
}
else
{
Logging.PrintInfo(Logging.Web, this, SR.GetString("net_log_server_issuers_look_for_matching_certs", new object[] { acceptableIssuers.Length }));
}
}
for (int j = 0; j < this.m_ClientCertificates.Count; j++)
{
if ((acceptableIssuers != null) && (acceptableIssuers.Length != 0))
{
X509Certificate2 certificate3 = null;
X509Chain chain = null;
try
{
certificate3 = MakeEx(this.m_ClientCertificates[j]);
if (certificate3 == null)
{
continue;
}
chain = new X509Chain {
ChainPolicy = { RevocationMode = X509RevocationMode.NoCheck, VerificationFlags = X509VerificationFlags.IgnoreInvalidName }
};
chain.Build(certificate3);
bool flag2 = false;
if (chain.ChainElements.Count > 0)
//.........这里部分代码省略.........