protected byte[] GetDistinguishedNames() { MemoryStream ms = new MemoryStream(); byte[] buffer; CertificateStore cs = new CertificateStore("ROOT"); Certificate c = cs.FindCertificate((Certificate)null); while(c != null) { if( c.IsCurrent ) { bool include = ( c.GetIntendedKeyUsage() & SecurityConstants.CERT_KEY_CERT_SIGN_KEY_USAGE ) != 0; if( !include ) { System.Collections.Specialized.StringCollection usages = c.GetEnhancedKeyUsage(); if( usages.Count == 0 || usages.Contains( "1.3.6.1.5.5.7.3.2" ) ) { include = true; } } if( include ) { buffer = GetDistinguishedName(c); if (ms.Length + buffer.Length + 2 < 65536) { ms.Write(new byte[]{(byte)(buffer.Length / 256), (byte)(buffer.Length % 256)}, 0, 2); ms.Write(buffer, 0, buffer.Length); } else { break; } } } c = cs.FindCertificate( c ); } return ms.ToArray(); }
protected byte[] GetDistinguishedNames() { MemoryStream ms = new MemoryStream(); byte[] buffer; CertificateStore cs = new CertificateStore("ROOT"); Certificate c = cs.FindCertificate((Certificate)null); while(c != null) { if ((c.GetIntendedKeyUsage() & SecurityConstants.CERT_KEY_CERT_SIGN_KEY_USAGE) != 0 && c.IsCurrent) { buffer = GetDistinguishedName(c); if (ms.Length + buffer.Length + 2 < 65536) { ms.Write(new byte[]{(byte)(buffer.Length / 256), (byte)(buffer.Length % 256)}, 0, 2); ms.Write(buffer, 0, buffer.Length); } } c = cs.FindCertificate(c); } return ms.ToArray(); }
/// <summary> /// see <see cref="Ch.Elca.Iiop.Security.Ssl.IClientSideAuthentication.GetClientCertificate"/> /// </summary> public override Certificate GetClientCertificate(DistinguishedNameList acceptable) { CertificateStore store = new CertificateStore(m_storeLocation, MY_STORE_NAME); Certificate toCheck = store.FindCertificate(); while(toCheck != null) { if ((toCheck.IsCurrent) && IsClientCertificate(toCheck)) { // check, if the root certificate in the chain is known by the server, if yes // -> server will be able to verify the certificate chain Certificate[] chain = toCheck.GetCertificateChain().GetCertificates(); if (chain.Length >= 1) { // last certificate in the chain is the root certificate if (IsDistinguishedNameInList(chain[chain.Length - 1].GetDistinguishedName(), acceptable)) { return toCheck; } } } toCheck = store.FindCertificate(toCheck); } return null; }