本文整理匯總了C#中Org.BouncyCastle.X509.X509Certificate.GetCriticalExtensionOids方法的典型用法代碼示例。如果您正苦於以下問題:C# X509Certificate.GetCriticalExtensionOids方法的具體用法?C# X509Certificate.GetCriticalExtensionOids怎麽用?C# X509Certificate.GetCriticalExtensionOids使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類Org.BouncyCastle.X509.X509Certificate的用法示例。
在下文中一共展示了X509Certificate.GetCriticalExtensionOids方法的3個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的C#代碼示例。
示例1: ValidateCertificate
/**
* Validate the passed in certificate as being of the correct type to be used
* for time stamping. To be valid it must have an ExtendedKeyUsage extension
* which has a key purpose identifier of id-kp-timeStamping.
*
* @param cert the certificate of interest.
* @throws TspValidationException if the certicate fails on one of the check points.
*/
public static void ValidateCertificate(
X509Certificate cert)
{
if (cert.Version != 3)
throw new ArgumentException("Certificate must have an ExtendedKeyUsage extension.");
Asn1OctetString ext = cert.GetExtensionValue(X509Extensions.ExtendedKeyUsage);
if (ext == null)
throw new TspValidationException("Certificate must have an ExtendedKeyUsage extension.");
if (!cert.GetCriticalExtensionOids().Contains(X509Extensions.ExtendedKeyUsage.Id))
throw new TspValidationException("Certificate must have an ExtendedKeyUsage extension marked as critical.");
try
{
ExtendedKeyUsage extKey = ExtendedKeyUsage.GetInstance(
Asn1Object.FromByteArray(ext.GetOctets()));
if (!extKey.HasKeyPurposeId(KeyPurposeID.IdKPTimeStamping) || extKey.Count != 1)
throw new TspValidationException("ExtendedKeyUsage not solely time stamping.");
}
catch (IOException)
{
throw new TspValidationException("cannot process ExtendedKeyUsage extension");
}
}示例2: VerifyCertificate
/**
* Verifies a single certificate.
* @param cert the certificate to verify
* @param crls the certificate revocation list or <CODE>null</CODE>
* @param calendar the date or <CODE>null</CODE> for the current date
* @return a <CODE>String</CODE> with the error description or <CODE>null</CODE>
* if no error
*/
public static String VerifyCertificate(X509Certificate cert, ICollection<X509Crl> crls, DateTime calendar)
{
foreach (String oid in cert.GetCriticalExtensionOids()) {
if (oid == X509Extensions.KeyUsage.Id
|| oid == X509Extensions.CertificatePolicies.Id
|| oid == X509Extensions.PolicyMappings.Id
|| oid == X509Extensions.InhibitAnyPolicy.Id
|| oid == X509Extensions.CrlDistributionPoints.Id
|| oid == X509Extensions.IssuingDistributionPoint.Id
|| oid == X509Extensions.DeltaCrlIndicator.Id
|| oid == X509Extensions.PolicyConstraints.Id
|| oid == X509Extensions.BasicConstraints.Id
|| oid == X509Extensions.SubjectAlternativeName.Id
|| oid == X509Extensions.NameConstraints.Id) {
continue;
}
try {
// EXTENDED KEY USAGE and TIMESTAMPING is ALLOWED
if (oid == X509Extensions.ExtendedKeyUsage.Id && cert.GetExtendedKeyUsage().Contains("1.3.6.1.5.5.7.3.8")) {
continue;
}
}
catch (CertificateParsingException) {
// DO NOTHING;
}
return "Has unsupported critical extension";
}
try {
if (!cert.IsValid(calendar.ToUniversalTime()))
return "The certificate has expired or is not yet valid";
if (crls != null) {
foreach (X509Crl crl in crls) {
if (crl.IsRevoked(cert))
return "Certificate revoked";
}
}
}
catch (Exception e) {
return e.ToString();
}
return null;
}示例3: PrepareNextCertB1
internal static void PrepareNextCertB1(
int i,
IList[] policyNodes,
string id_p,
IDictionary m_idp,
X509Certificate cert)
{
bool idp_found = false;
IEnumerator nodes_i = policyNodes[i].GetEnumerator();
while (nodes_i.MoveNext())
{
PkixPolicyNode node = (PkixPolicyNode)nodes_i.Current;
if (node.ValidPolicy.Equals(id_p))
{
idp_found = true;
node.ExpectedPolicies = (ISet)m_idp[id_p];
break;
}
}
if (!idp_found)
{
nodes_i = policyNodes[i].GetEnumerator();
while (nodes_i.MoveNext())
{
PkixPolicyNode node = (PkixPolicyNode)nodes_i.Current;
if (ANY_POLICY.Equals(node.ValidPolicy))
{
ISet pq = null;
Asn1Sequence policies = null;
try
{
policies = DerSequence.GetInstance(GetExtensionValue(cert, X509Extensions.CertificatePolicies));
}
catch (Exception e)
{
throw new Exception("Certificate policies cannot be decoded.", e);
}
IEnumerator enm = policies.GetEnumerator();
while (enm.MoveNext())
{
PolicyInformation pinfo = null;
try
{
pinfo = PolicyInformation.GetInstance(enm.Current);
}
catch (Exception ex)
{
throw new Exception("Policy information cannot be decoded.", ex);
}
if (ANY_POLICY.Equals(pinfo.PolicyIdentifier.Id))
{
try
{
pq = GetQualifierSet(pinfo.PolicyQualifiers);
}
catch (PkixCertPathValidatorException ex)
{
throw new PkixCertPathValidatorException(
"Policy qualifier info set could not be built.", ex);
}
break;
}
}
bool ci = false;
ISet critExtOids = cert.GetCriticalExtensionOids();
if (critExtOids != null)
{
ci = critExtOids.Contains(X509Extensions.CertificatePolicies.Id);
}
PkixPolicyNode p_node = (PkixPolicyNode)node.Parent;
if (ANY_POLICY.Equals(p_node.ValidPolicy))
{
PkixPolicyNode c_node = new PkixPolicyNode(
Platform.CreateArrayList(), i,
(ISet)m_idp[id_p],
p_node, pq, id_p, ci);
p_node.AddChild(c_node);
policyNodes[i].Add(c_node);
}
break;
}
}
}
}