本文整理匯總了C#中Org.BouncyCastle.X509.X509Certificate類的典型用法代碼示例。如果您正苦於以下問題:C# X509Certificate類的具體用法?C# X509Certificate怎麽用?C# X509Certificate使用的例子?那麽, 這裏精選的類代碼示例或許可以為您提供幫助。
X509Certificate類屬於Org.BouncyCastle.X509命名空間,在下文中一共展示了X509Certificate類的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的C#代碼示例。
示例1: IsSignedBy
public virtual bool IsSignedBy(X509Certificate potentialIssuer)
{
try
{
GetCertificate().Verify(potentialIssuer.GetPublicKey());
return true;
}
catch (InvalidKeyException)
{
return false;
}
catch (CertificateException)
{
return false;
}
catch (NoSuchAlgorithmException)
{
return false;
}
/*catch (NoSuchProviderException e)
{
throw new RuntimeException(e);
}*/
catch (SignatureException)
{
return false;
}
}示例2: CheckRevocation
public static int CheckRevocation(PdfPKCS7 pkcs7, X509Certificate signCert, X509Certificate issuerCert, DateTime date)
{
List<BasicOcspResp> ocsps = new List<BasicOcspResp>();
if (pkcs7.Ocsp != null)
ocsps.Add(pkcs7.Ocsp);
OcspVerifier ocspVerifier = new OcspVerifier(null, ocsps);
List<VerificationOK> verification =
ocspVerifier.Verify(signCert, issuerCert, date);
if (verification.Count == 0)
{
List<X509Crl> crls = new List<X509Crl>();
if (pkcs7.CRLs != null)
foreach (X509Crl crl in pkcs7.CRLs)
crls.Add(crl);
CrlVerifier crlVerifier = new CrlVerifier(null, crls);
verification.AddRange(crlVerifier.Verify(signCert, issuerCert, date));
}
if (verification.Count == 0)
{
Console.WriteLine("No se pudo verificar estado de revocación del certificado por CRL ni OCSP");
return CER_STATUS_NOT_VERIFIED;
}
else
{
foreach (VerificationOK v in verification)
Console.WriteLine(v);
return 0;
}
}示例3: SaveToFile
public static void SaveToFile(
X509Certificate newCert,
AsymmetricCipherKeyPair kp,
string FilePath,
string CertAlias,
string Password)
{
var newStore = new Pkcs12Store();
var certEntry = new X509CertificateEntry(newCert);
newStore.SetCertificateEntry(
CertAlias,
certEntry
);
newStore.SetKeyEntry(
CertAlias,
new AsymmetricKeyEntry(kp.Private),
new[] { certEntry }
);
using (var certFile = File.Create(FilePath))
{
newStore.Save(
certFile,
Password.ToCharArray(),
new SecureRandom(new CryptoApiRandomGenerator())
);
}
}示例4: X509CertificateEntry
public X509CertificateEntry(
X509Certificate cert,
IDictionary attributes)
: base(attributes)
{
this.cert = cert;
}示例5: ValidateCertificate
/**
* Validate the passed in certificate as being of the correct type to be used
* for time stamping. To be valid it must have an ExtendedKeyUsage extension
* which has a key purpose identifier of id-kp-timeStamping.
*
* @param cert the certificate of interest.
* @throws TspValidationException if the certicate fails on one of the check points.
*/
public static void ValidateCertificate(
X509Certificate cert)
{
if (cert.Version != 3)
throw new ArgumentException("Certificate must have an ExtendedKeyUsage extension.");
Asn1OctetString ext = cert.GetExtensionValue(X509Extensions.ExtendedKeyUsage);
if (ext == null)
throw new TspValidationException("Certificate must have an ExtendedKeyUsage extension.");
if (!cert.GetCriticalExtensionOids().Contains(X509Extensions.ExtendedKeyUsage.Id))
throw new TspValidationException("Certificate must have an ExtendedKeyUsage extension marked as critical.");
try
{
ExtendedKeyUsage extKey = ExtendedKeyUsage.GetInstance(
Asn1Object.FromByteArray(ext.GetOctets()));
if (!extKey.HasKeyPurposeId(KeyPurposeID.IdKPTimeStamping) || extKey.Count != 1)
throw new TspValidationException("ExtendedKeyUsage not solely time stamping.");
}
catch (IOException)
{
throw new TspValidationException("cannot process ExtendedKeyUsage extension");
}
}示例6: TimeStampTokenGenerator
/**
* create with a signer with extra signed/unsigned attributes.
*/
public TimeStampTokenGenerator(
AsymmetricKeyParameter key,
X509Certificate cert,
string digestOID,
string tsaPolicyOID,
Asn1.Cms.AttributeTable signedAttr,
Asn1.Cms.AttributeTable unsignedAttr)
{
this.key = key;
this.cert = cert;
this.digestOID = digestOID;
this.tsaPolicyOID = tsaPolicyOID;
this.unsignedAttr = unsignedAttr;
TspUtil.ValidateCertificate(cert);
//
// add the essCertid
//
Hashtable signedAttrs;
if (signedAttr != null)
{
signedAttrs = signedAttr.ToHashtable();
}
else
{
signedAttrs = new Hashtable();
}
IDigest digest;
try
{
digest = DigestUtilities.GetDigest("SHA-1");
}
catch (Exception e)
{
throw new TspException("Can't find a SHA-1 implementation.", e);
}
try
{
byte[] certEncoded = cert.GetEncoded();
digest.BlockUpdate(certEncoded, 0, certEncoded.Length);
byte[] hash = DigestUtilities.DoFinal(digest);
EssCertID essCertid = new EssCertID(hash);
Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(
PkcsObjectIdentifiers.IdAASigningCertificate,
new DerSet(new SigningCertificate(essCertid)));
signedAttrs[attr.AttrType] = attr;
}
catch (CertificateEncodingException e)
{
throw new TspException("Exception processing certificate.", e);
}
this.signedAttr = new Asn1.Cms.AttributeTable(signedAttrs);
}示例7: Generate
public OcspReq Generate(
string signingAlgorithm,
IAsymmetricKeyParameter privateKey,
X509Certificate[] chain)
{
return Generate(signingAlgorithm, privateKey, chain, null);
}示例8: GetCRLURL
// Certificate Revocation Lists
/**
* Gets the URL of the Certificate Revocation List for a Certificate
* @param certificate the Certificate
* @return the String where you can check if the certificate was revoked
* @throws CertificateParsingException
* @throws IOException
*/
public static String GetCRLURL(X509Certificate certificate) {
try {
Asn1Object obj = GetExtensionValue(certificate, X509Extensions.CrlDistributionPoints.Id);
if (obj == null) {
return null;
}
CrlDistPoint dist = CrlDistPoint.GetInstance(obj);
DistributionPoint[] dists = dist.GetDistributionPoints();
foreach (DistributionPoint p in dists) {
DistributionPointName distributionPointName = p.DistributionPointName;
if (DistributionPointName.FullName != distributionPointName.PointType) {
continue;
}
GeneralNames generalNames = (GeneralNames)distributionPointName.Name;
GeneralName[] names = generalNames.GetNames();
foreach (GeneralName name in names) {
if (name.TagNo != GeneralName.UniformResourceIdentifier) {
continue;
}
DerIA5String derStr = DerIA5String.GetInstance((Asn1TaggedObject)name.ToAsn1Object(), false);
//return derStr.GetString();
//jbonilla - El URL del CRL para el BCE está en la tercera posición y solo se puede acceder desde HTTP.
string urlCrl = derStr.GetString();
if (urlCrl.ToUpperInvariant().StartsWith("HTTP") && urlCrl.ToUpperInvariant().Contains("CRL"))
return derStr.GetString();
}
}
} catch {
}
return null;
}示例9: AddSigner
/**
* add a signer - no attributes other than the default ones will be
* provided here.
*
* @param key signing key to use
* @param cert certificate containing corresponding public key
* @param digestOID digest algorithm OID
*/
public void AddSigner(
AsymmetricKeyParameter privateKey,
X509Certificate cert,
string digestOID)
{
AddSigner(privateKey, cert, GetEncOid(privateKey, digestOID), digestOID);
}示例10: CustomPdfReader
/// <summary>
/// CustomPdfReader to be able to work with streams.
/// </summary>
public CustomPdfReader(Stream isp, X509Certificate certificate, ICipherParameters certificateKey)
{
this.certificate = certificate;
this.certificateKey = certificateKey;
tokens = new PRTokeniser(new RandomAccessFileOrArray(isp));
ReadPdf();
}示例11: Crl
public Crl(X509Certificate issuerCertificate, List<string> cdpAddresses)
{
_issuerCertificate = issuerCertificate;
_cdpAddresses = cdpAddresses;
_timer = new Timer(UpdateCrl);
UpdateCrl(null);
}示例12: SecureMimeDigitalCertificate
internal SecureMimeDigitalCertificate(X509Certificate certificate)
{
Certificate = certificate;
var pubkey = certificate.GetPublicKey ();
if (pubkey is DsaKeyParameters)
PublicKeyAlgorithm = PublicKeyAlgorithm.Dsa;
else if (pubkey is RsaKeyParameters)
PublicKeyAlgorithm = PublicKeyAlgorithm.RsaGeneral;
else if (pubkey is ElGamalKeyParameters)
PublicKeyAlgorithm = PublicKeyAlgorithm.ElGamalGeneral;
else if (pubkey is ECKeyParameters)
PublicKeyAlgorithm = PublicKeyAlgorithm.EllipticCurve;
else if (pubkey is DHKeyParameters)
PublicKeyAlgorithm = PublicKeyAlgorithm.DiffieHellman;
var encoded = certificate.GetEncoded ();
var fingerprint = new StringBuilder ();
var sha1 = new Sha1Digest ();
var data = new byte[20];
sha1.BlockUpdate (encoded, 0, encoded.Length);
sha1.DoFinal (data, 0);
for (int i = 0; i < data.Length; i++)
fingerprint.Append (data[i].ToString ("X2"));
Fingerprint = fingerprint.ToString ();
}示例13: CreateOcspRequest
public static OcspReqAndId CreateOcspRequest(X509Certificate rootCertificate, string serialNumber)
{
Asn1OctetString issuerNameHash = CreateIssuerNameHash(rootCertificate);
Asn1OctetString issuerKeyHash = CreateIssuerKeyHash(rootCertificate);
return CreateOcspRequest(issuerNameHash, issuerKeyHash, serialNumber);
}示例14: AssertDefaultValues
static void AssertDefaultValues (CmsRecipient recipient, X509Certificate certificate)
{
Assert.AreEqual (certificate, recipient.Certificate);
Assert.AreEqual (1, recipient.EncryptionAlgorithms.Length);
Assert.AreEqual (EncryptionAlgorithm.TripleDes, recipient.EncryptionAlgorithms[0]);
Assert.AreEqual (SubjectIdentifierType.IssuerAndSerialNumber, recipient.RecipientIdentifierType);
}示例15: GetCRLURL
// Certificate Revocation Lists
/**
* Gets the URL of the Certificate Revocation List for a Certificate
* @param certificate the Certificate
* @return the String where you can check if the certificate was revoked
* @throws CertificateParsingException
* @throws IOException
*/
public static String GetCRLURL(X509Certificate certificate) {
try {
Asn1Object obj = GetExtensionValue(certificate, X509Extensions.CrlDistributionPoints.Id);
if (obj == null) {
return null;
}
CrlDistPoint dist = CrlDistPoint.GetInstance(obj);
DistributionPoint[] dists = dist.GetDistributionPoints();
foreach (DistributionPoint p in dists) {
DistributionPointName distributionPointName = p.DistributionPointName;
if (DistributionPointName.FullName != distributionPointName.PointType) {
continue;
}
GeneralNames generalNames = (GeneralNames)distributionPointName.Name;
GeneralName[] names = generalNames.GetNames();
foreach (GeneralName name in names) {
if (name.TagNo != GeneralName.UniformResourceIdentifier) {
continue;
}
DerIA5String derStr = DerIA5String.GetInstance((Asn1TaggedObject)name.ToAsn1Object(), false);
return derStr.GetString();
}
}
} catch {
}
return null;
}