本文整理匯總了C#中Org.BouncyCastle.X509.X509Certificate.Verify方法的典型用法代碼示例。如果您正苦於以下問題:C# X509Certificate.Verify方法的具體用法?C# X509Certificate.Verify怎麽用?C# X509Certificate.Verify使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類Org.BouncyCastle.X509.X509Certificate的用法示例。
在下文中一共展示了X509Certificate.Verify方法的9個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的C#代碼示例。
示例1: FindTrustAnchor
/// <summary>
/// Search the given Set of TrustAnchor's for one that is the
/// issuer of the given X509 certificate.
/// </summary>
/// <param name="cert">the X509 certificate</param>
/// <param name="trustAnchors">a Set of TrustAnchor's</param>
/// <returns>the <code>TrustAnchor</code> object if found or
/// <code>null</code> if not.
/// </returns>
/// @exception
internal static TrustAnchor FindTrustAnchor(
X509Certificate cert,
ISet trustAnchors)
{
IEnumerator iter = trustAnchors.GetEnumerator();
TrustAnchor trust = null;
AsymmetricKeyParameter trustPublicKey = null;
Exception invalidKeyEx = null;
X509CertStoreSelector certSelectX509 = new X509CertStoreSelector();
try
{
certSelectX509.Subject = GetIssuerPrincipal(cert);
}
catch (IOException ex)
{
throw new Exception("Cannot set subject search criteria for trust anchor.", ex);
}
while (iter.MoveNext() && trust == null)
{
trust = (TrustAnchor) iter.Current;
if (trust.TrustedCert != null)
{
if (certSelectX509.Match(trust.TrustedCert))
{
trustPublicKey = trust.TrustedCert.GetPublicKey();
}
else
{
trust = null;
}
}
else if (trust.CAName != null && trust.CAPublicKey != null)
{
try
{
X509Name certIssuer = GetIssuerPrincipal(cert);
X509Name caName = new X509Name(trust.CAName);
if (certIssuer.Equivalent(caName, true))
{
trustPublicKey = trust.CAPublicKey;
}
else
{
trust = null;
}
}
catch (InvalidParameterException)
{
trust = null;
}
}
else
{
trust = null;
}
if (trustPublicKey != null)
{
try
{
cert.Verify(trustPublicKey);
}
catch (Exception ex)
{
invalidKeyEx = ex;
trust = null;
}
}
}
if (trust == null && invalidKeyEx != null)
{
throw new Exception("TrustAnchor found but certificate validation failed.", invalidKeyEx);
}
return trust;
}示例2: GetParent
/**
* Returns the issuing certificate for a child certificate.
* @param cert the certificate for which we search the parent
* @param certs an array with certificates that contains the parent
* @return the partent certificate
*/
private X509Certificate GetParent(X509Certificate cert, X509Certificate[] certs) {
X509Certificate parent;
for (int i = 0; i < certs.Length; i++) {
parent = certs[i];
if (!cert.IssuerDN.Equals(parent.SubjectDN))
continue;
try {
cert.Verify(parent.GetPublicKey());
return parent;
} catch {
// do nothing
}
}
return null;
}示例3: EnsureCertificateValidity
private void EnsureCertificateValidity(X509Certificate certificate)
{
certificate.CheckValidity(DateTime.UtcNow);
certificate.Verify(_authorityKeyPair.Public);
}示例4: Verify
/**
* Checks the validity of the certificate, and calls the next
* verifier in the chain, if any.
* @param signCert the certificate that needs to be checked
* @param issuerCert its issuer
* @param signDate the date the certificate needs to be valid
* @return a list of <code>VerificationOK</code> objects.
* The list will be empty if the certificate couldn't be verified.
* @throws GeneralSecurityException
* @throws IOException
*/
virtual public List<VerificationOK> Verify(X509Certificate signCert, X509Certificate issuerCert, DateTime signDate) {
// Check if the certificate is valid on the signDate
//if (signDate != null)
signCert.CheckValidity(signDate);
// Check if the signature is valid
if (issuerCert != null) {
signCert.Verify(issuerCert.GetPublicKey());
}
// Also in case, the certificate is self-signed
else {
signCert.Verify(signCert.GetPublicKey());
}
List<VerificationOK> result = new List<VerificationOK>();
if (verifier != null)
result.AddRange(verifier.Verify(signCert, issuerCert, signDate));
return result;
}示例5: CertIsSelfSigned
/// <summary>
/// Checks wether the certificate is self-signed.
/// </summary>
/// <returns>
/// <c>true</c>, if is self-signed, <c>false</c> otherwise.
/// </returns>
/// <param name='BCCert'>
/// BouncyCastle cert to check.
/// </param>
private static bool CertIsSelfSigned(X509Certificate BCCert)
{
try {
BCCert.Verify (BCCert.GetPublicKey ());
return true;
} catch (SignatureException sigex) {
// Invalid signature --> not self-signed
return false;
} catch (InvalidKeyException kex) {
// Invalid key --> not self-signed
return false;
}
}示例6: Verify
/**
* Verifies a single certificate against a key store (if present).
*
* @param signCert
* the certificate to verify
* @param issuerCert
* the issuer certificate
* @param signDate
* the date the certificate needs to be valid
* @return a list of <code>VerificationOK</code> objects.
* The list will be empty if the certificate couldn't be verified.
*/
override public List<VerificationOK> Verify(X509Certificate signCert, X509Certificate issuerCert, DateTime signDate) {
LOGGER.Info("Root store verification: " + signCert.SubjectDN);
// verify using the CertificateVerifier if root store is missing
if (certificates == null)
return base.Verify(signCert, issuerCert, signDate);
try {
List<VerificationOK> result = new List<VerificationOK>();
// loop over the trusted anchors in the root store
foreach (X509Certificate anchor in certificates) {
try {
signCert.Verify(anchor.GetPublicKey());
LOGGER.Info("Certificate verified against root store");
result.Add(new VerificationOK(signCert, this, "Certificate verified against root store."));
result.AddRange(base.Verify(signCert, issuerCert, signDate));
return result;
} catch (GeneralSecurityException) {}
}
result.AddRange(base.Verify(signCert, issuerCert, signDate));
return result;
} catch (GeneralSecurityException) {
return base.Verify(signCert, issuerCert, signDate);
}
}示例7: IsSelfSigned
private static bool IsSelfSigned(X509Certificate certificate)
{
if (!certificate.SubjectDN.Equivalent(certificate.IssuerDN))
return false;
try
{
certificate.Verify(certificate.GetPublicKey());
return true;
}
catch (SignatureException)
{
return false;
}
catch (InvalidKeyException)
{
return false;
}
}示例8: IsSelfSigned
/// <summary>
/// Checks to see whether the certificate is self-signed so that it can be determined whether it is root or not
/// </summary>
/// <param name="cert">The BouncyCastle certificate parameter</param>
/// <returns>a boolean to denote whether it is self-signed or not</returns>
private static bool IsSelfSigned(X509Certificate cert)
{
bool isSelfSigned = true;
try
{
cert.Verify(cert.GetPublicKey());
}
catch (Exception)
{
isSelfSigned = false;
}
return isSelfSigned;
}示例9: IsSelfSigned
//jbonilla
private static bool IsSelfSigned(X509Certificate cert)
{
try
{
cert.Verify(cert.GetPublicKey());
return true;
}
catch { }
return false;
}