Beispiel #1
0
        public KeyInfoX509Data(X509Certificate cert, X509IncludeOption includeOption)
        {
            if (cert == null)
            {
                throw new ArgumentNullException(nameof(cert));
            }

            X509Certificate2           certificate = new X509Certificate2(cert);
            X509ChainElementCollection elements;
            X509Chain chain;

            switch (includeOption)
            {
            case X509IncludeOption.ExcludeRoot:
                // Build the certificate chain
                chain = new X509Chain();
                chain.Build(certificate);

                // Can't honor the option if we only have a partial chain.
                if ((chain.ChainStatus.Length > 0) &&
                    ((chain.ChainStatus[0].Status & X509ChainStatusFlags.PartialChain) == X509ChainStatusFlags.PartialChain))
                {
                    throw new CryptographicException(SR.Cryptography_Partial_Chain);
                }

                elements = (X509ChainElementCollection)chain.ChainElements;
                for (int index = 0; index < (Utils.IsSelfSigned(chain) ? 1 : elements.Count - 1); index++)
                {
                    AddCertificate(elements[index].Certificate);
                }
                break;

            case X509IncludeOption.EndCertOnly:
                AddCertificate(certificate);
                break;

            case X509IncludeOption.WholeChain:
                // Build the certificate chain
                chain = new X509Chain();
                chain.Build(certificate);

                // Can't honor the option if we only have a partial chain.
                if ((chain.ChainStatus.Length > 0) &&
                    ((chain.ChainStatus[0].Status & X509ChainStatusFlags.PartialChain) == X509ChainStatusFlags.PartialChain))
                {
                    throw new CryptographicException(SR.Cryptography_Partial_Chain);
                }

                elements = (X509ChainElementCollection)chain.ChainElements;
                foreach (X509ChainElement element in elements)
                {
                    AddCertificate(element.Certificate);
                }
                break;
            }
        }