public virtual void SetTrustAnchors(ISet tas)
{
//IL_0008: Unknown result type (might be due to invalid IL or missing references)
//IL_0020: Unknown result type (might be due to invalid IL or missing references)
if (tas == null)
{
throw new ArgumentNullException("value");
}
if (tas.IsEmpty)
{
throw new ArgumentException("non-empty set required", "value");
}
trustAnchors = new HashSet();
global::System.Collections.IEnumerator enumerator = ((global::System.Collections.IEnumerable)tas).GetEnumerator();
try
{
while (enumerator.MoveNext())
{
TrustAnchor trustAnchor = (TrustAnchor)enumerator.get_Current();
if (trustAnchor != null)
{
trustAnchors.Add(trustAnchor);
}
}
}
finally
{
global::System.IDisposable disposable = enumerator as global::System.IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
}
internal static void ProcessAttrCert4(X509Certificate acIssuerCert, PkixParameters pkixParams)
{
ISet trustedACIssuers = pkixParams.GetTrustedACIssuers();
bool flag = false;
global::System.Collections.IEnumerator enumerator = ((global::System.Collections.IEnumerable)trustedACIssuers).GetEnumerator();
try
{
while (enumerator.MoveNext())
{
TrustAnchor trustAnchor = (TrustAnchor)enumerator.get_Current();
IDictionary rFC2253Symbols = (IDictionary)(object)X509Name.RFC2253Symbols;
if (acIssuerCert.SubjectDN.ToString(reverse: false, rFC2253Symbols).Equals(trustAnchor.CAName) || acIssuerCert.Equals(trustAnchor.TrustedCert))
{
flag = true;
}
}
}
finally
{
global::System.IDisposable disposable = enumerator as global::System.IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
if (!flag)
{
throw new PkixCertPathValidatorException("Attribute certificate issuer is not directly trusted.");
}
}
public PkixCertPathBuilderResult(PkixCertPath certPath, TrustAnchor trustAnchor, PkixPolicyNode policyTree, AsymmetricKeyParameter subjectPublicKey) : base(trustAnchor, policyTree, subjectPublicKey)
{
if (certPath == null)
{
throw new ArgumentNullException("certPath");
}
this.certPath = certPath;
}
public PkixCertPathBuilderResult(PkixCertPath certPath, TrustAnchor trustAnchor, PkixPolicyNode policyTree, AsymmetricKeyParameter subjectPublicKey)
: base(trustAnchor, policyTree, subjectPublicKey)
{
//IL_0012: Unknown result type (might be due to invalid IL or missing references)
if (certPath == null)
{
throw new ArgumentNullException("certPath");
}
this.certPath = certPath;
}
public PkixCertPathBuilderResult(
PkixCertPath certPath,
TrustAnchor trustAnchor,
PkixPolicyNode policyTree,
AsymmetricKeyParameter subjectPublicKey)
: base(trustAnchor, policyTree, subjectPublicKey)
{
if (certPath == null)
throw new ArgumentNullException("certPath");
this.certPath = certPath;
}
public PkixCertPathValidatorResult(TrustAnchor trustAnchor, PkixPolicyNode policyTree, AsymmetricKeyParameter subjectPublicKey)
{
if (subjectPublicKey == null)
{
throw new NullReferenceException("subjectPublicKey must be non-null");
}
if (trustAnchor == null)
{
throw new NullReferenceException("trustAnchor must be non-null");
}
this.trustAnchor = trustAnchor;
this.policyTree = policyTree;
this.subjectPublicKey = subjectPublicKey;
}
public PkixCertPathValidatorResult(TrustAnchor trustAnchor, PkixPolicyNode policyTree, AsymmetricKeyParameter subjectPublicKey)
{
//IL_000e: Unknown result type (might be due to invalid IL or missing references)
//IL_001c: Unknown result type (might be due to invalid IL or missing references)
if (subjectPublicKey == null)
{
throw new NullReferenceException("subjectPublicKey must be non-null");
}
if (trustAnchor == null)
{
throw new NullReferenceException("trustAnchor must be non-null");
}
this.trustAnchor = trustAnchor;
this.policyTree = policyTree;
this.subjectPublicKey = subjectPublicKey;
}
public PkixCertPathValidatorResult(
TrustAnchor trustAnchor,
PkixPolicyNode policyTree,
IAsymmetricKeyParameter subjectPublicKey)
{
if (subjectPublicKey == null)
{
throw new NullReferenceException("subjectPublicKey must be non-null");
}
if (trustAnchor == null)
{
throw new NullReferenceException("trustAnchor must be non-null");
}
this.trustAnchor = trustAnchor;
this.policyTree = policyTree;
this.subjectPublicKey = subjectPublicKey;
}
/// <summary>
/// Search the given Set of TrustAnchor's for one that is the
/// issuer of the given X509 certificate.
/// </summary>
/// <param name="cert">the X509 certificate</param>
/// <param name="trustAnchors">a Set of TrustAnchor's</param>
/// <returns>the <code>TrustAnchor</code> object if found or
/// <code>null</code> if not.
/// </returns>
/// @exception
internal static TrustAnchor FindTrustAnchor(
X509Certificate cert,
ISet trustAnchors)
{
IEnumerator iter = trustAnchors.GetEnumerator();
TrustAnchor trust = null;
AsymmetricKeyParameter trustPublicKey = null;
Exception invalidKeyEx = null;
X509CertStoreSelector certSelectX509 = new X509CertStoreSelector();
try
{
certSelectX509.Subject = GetIssuerPrincipal(cert);
}
catch (IOException ex)
{
throw new Exception("Cannot set subject search criteria for trust anchor.", ex);
}
while (iter.MoveNext() && trust == null)
{
trust = (TrustAnchor)iter.Current;
if (trust.TrustedCert != null)
{
if (certSelectX509.Match(trust.TrustedCert))
{
trustPublicKey = trust.TrustedCert.GetPublicKey();
}
else
{
trust = null;
}
}
else if (trust.CAName != null && trust.CAPublicKey != null)
{
try
{
X509Name certIssuer = GetIssuerPrincipal(cert);
X509Name caName = new X509Name(trust.CAName);
if (certIssuer.Equivalent(caName, true))
{
trustPublicKey = trust.CAPublicKey;
}
else
{
trust = null;
}
}
catch (InvalidParameterException)
{
trust = null;
}
}
else
{
trust = null;
}
if (trustPublicKey != null)
{
try
{
cert.Verify(trustPublicKey);
}
catch (Exception ex)
{
invalidKeyEx = ex;
trust = null;
}
}
}
if (trust == null && invalidKeyEx != null)
{
throw new Exception("TrustAnchor found but certificate validation failed.", invalidKeyEx);
}
return(trust);
}
internal static TrustAnchor FindTrustAnchor(X509Certificate cert, ISet trustAnchors)
{
//IL_0028: Expected O, but got Unknown
global::System.Collections.IEnumerator enumerator = ((global::System.Collections.IEnumerable)trustAnchors).GetEnumerator();
TrustAnchor trustAnchor = null;
AsymmetricKeyParameter asymmetricKeyParameter = null;
global::System.Exception ex = null;
X509CertStoreSelector x509CertStoreSelector = new X509CertStoreSelector();
try
{
x509CertStoreSelector.Subject = GetIssuerPrincipal(cert);
}
catch (IOException val)
{
IOException val2 = val;
throw new global::System.Exception("Cannot set subject search criteria for trust anchor.", (global::System.Exception)(object) val2);
}
while (enumerator.MoveNext() && trustAnchor == null)
{
trustAnchor = (TrustAnchor)enumerator.get_Current();
if (trustAnchor.TrustedCert != null)
{
if (x509CertStoreSelector.Match(trustAnchor.TrustedCert))
{
asymmetricKeyParameter = trustAnchor.TrustedCert.GetPublicKey();
}
else
{
trustAnchor = null;
}
}
else if (trustAnchor.CAName != null && trustAnchor.CAPublicKey != null)
{
try
{
X509Name issuerPrincipal = GetIssuerPrincipal(cert);
X509Name other = new X509Name(trustAnchor.CAName);
if (issuerPrincipal.Equivalent(other, inOrder: true))
{
asymmetricKeyParameter = trustAnchor.CAPublicKey;
}
else
{
trustAnchor = null;
}
}
catch (InvalidParameterException)
{
trustAnchor = null;
}
}
else
{
trustAnchor = null;
}
if (asymmetricKeyParameter != null)
{
try
{
cert.Verify(asymmetricKeyParameter);
}
catch (global::System.Exception ex3)
{
ex = ex3;
trustAnchor = null;
}
}
}
if (trustAnchor == null && ex != null)
{
throw new global::System.Exception("TrustAnchor found but certificate validation failed.", ex);
}
return(trustAnchor);
}
internal static TrustAnchor FindTrustAnchor(X509Certificate cert, ISet trustAnchors)
{
IEnumerator enumerator = trustAnchors.GetEnumerator();
TrustAnchor trustAnchor = null;
AsymmetricKeyParameter asymmetricKeyParameter = null;
Exception ex = null;
X509CertStoreSelector x509CertStoreSelector = new X509CertStoreSelector();
try
{
x509CertStoreSelector.Subject = PkixCertPathValidatorUtilities.GetIssuerPrincipal(cert);
goto IL_C4;
}
catch (IOException innerException)
{
throw new Exception("Cannot set subject search criteria for trust anchor.", innerException);
}
IL_35:
trustAnchor = (TrustAnchor)enumerator.Current;
if (trustAnchor.TrustedCert != null)
{
if (x509CertStoreSelector.Match(trustAnchor.TrustedCert))
{
asymmetricKeyParameter = trustAnchor.TrustedCert.GetPublicKey();
}
else
{
trustAnchor = null;
}
}
else
{
if (trustAnchor.CAName != null && trustAnchor.CAPublicKey != null)
{
try
{
X509Name issuerPrincipal = PkixCertPathValidatorUtilities.GetIssuerPrincipal(cert);
X509Name other = new X509Name(trustAnchor.CAName);
if (issuerPrincipal.Equivalent(other, true))
{
asymmetricKeyParameter = trustAnchor.CAPublicKey;
}
else
{
trustAnchor = null;
}
goto IL_AF;
}
catch (InvalidParameterException)
{
trustAnchor = null;
goto IL_AF;
}
}
trustAnchor = null;
}
IL_AF:
if (asymmetricKeyParameter != null)
{
try
{
cert.Verify(asymmetricKeyParameter);
}
catch (Exception ex2)
{
ex = ex2;
trustAnchor = null;
}
}
IL_C4:
if (enumerator.MoveNext() && trustAnchor == null)
{
goto IL_35;
}
if (trustAnchor == null && ex != null)
{
throw new Exception("TrustAnchor found but certificate validation failed.", ex);
}
return(trustAnchor);
}
