// This is a non-recursive chain/path building algorithm.
        //
        // At this stage we only checks for PartialChain, Cyclic and UntrustedRoot errors are they
        // affect the path building (other errors are verification errors).
        //
        // Note that the order match the one we need to match MS and not the one defined in RFC3280,
        // we also include the trusted root certificate (trust anchor in RFC3280) in the list.
        // (this isn't an issue, just keep that in mind if you look at the source and the RFC)
        private X509ChainStatusFlags BuildChainFrom(X509Certificate2 certificate)
        {
            elements.Add(certificate);

            while (!IsChainComplete(certificate))
            {
                certificate = FindParent(certificate);

                if (certificate == null)
                {
                    return(X509ChainStatusFlags.PartialChain);
                }

                if (elements.Contains(certificate))
                {
                    return(X509ChainStatusFlags.Cyclic);
                }

                elements.Add(certificate);
            }

            // roots may be supplied (e.g. in the ExtraStore) so we need to confirm their
            // trustiness (what a cute word) in the trusted root collection
            if (!Roots.Contains(certificate))
            {
                elements [elements.Count - 1].StatusFlags |= X509ChainStatusFlags.UntrustedRoot;
            }

            return(X509ChainStatusFlags.NoError);
        }
Ejemplo n.º 2
0
 private X509ChainStatusFlags BuildChainFrom(X509Certificate2 certificate)
 {
     elements.Add(certificate);
     while (!IsChainComplete(certificate))
     {
         certificate = FindParent(certificate);
         if (certificate == null)
         {
             return(X509ChainStatusFlags.PartialChain);
         }
         if (elements.Contains(certificate))
         {
             return(X509ChainStatusFlags.Cyclic);
         }
         elements.Add(certificate);
     }
     if (!Roots.Certificates.Contains(certificate))
     {
         elements[elements.Count - 1].StatusFlags |= X509ChainStatusFlags.UntrustedRoot;
     }
     return(X509ChainStatusFlags.NoError);
 }