public PkixCertPathBuilderResult( PkixCertPath certPath, TrustAnchor trustAnchor, PkixPolicyNode policyTree, AsymmetricKeyParameter subjectPublicKey) : base(trustAnchor, policyTree, subjectPublicKey) { if (certPath == null) throw new ArgumentNullException("certPath"); this.certPath = certPath; }
public PkixCertPathBuilderResult( PkixCertPath certPath, TrustAnchor trustAnchor, PkixPolicyNode policyTree, AsymmetricKeyParameter subjectPublicKey) : base(trustAnchor, policyTree, subjectPublicKey) { if (certPath == null) { throw new ArgumentNullException("certPath"); } this.certPath = certPath; }
public PkixCertPathValidatorResult( TrustAnchor trustAnchor, PkixPolicyNode policyTree, AsymmetricKeyParameter subjectPublicKey) { if (subjectPublicKey == null) { throw new NullReferenceException("subjectPublicKey must be non-null"); } if (trustAnchor == null) { throw new NullReferenceException("trustAnchor must be non-null"); } this.trustAnchor = trustAnchor; this.policyTree = policyTree; this.subjectPublicKey = subjectPublicKey; }
/// <summary> /// Search the given Set of TrustAnchor's for one that is the /// issuer of the given X509 certificate. /// </summary> /// <param name="cert">the X509 certificate</param> /// <param name="trustAnchors">a Set of TrustAnchor's</param> /// <returns>the <code>TrustAnchor</code> object if found or /// <code>null</code> if not. /// </returns> /// @exception internal static TrustAnchor FindTrustAnchor( X509Certificate cert, ISet trustAnchors) { IEnumerator iter = trustAnchors.GetEnumerator(); TrustAnchor trust = null; AsymmetricKeyParameter trustPublicKey = null; Exception invalidKeyEx = null; X509CertStoreSelector certSelectX509 = new X509CertStoreSelector(); try { certSelectX509.Subject = GetIssuerPrincipal(cert); } catch (IOException ex) { throw new Exception("Cannot set subject search criteria for trust anchor.", ex); } while (iter.MoveNext() && trust == null) { trust = (TrustAnchor)iter.Current; if (trust.TrustedCert != null) { if (certSelectX509.Match(trust.TrustedCert)) { trustPublicKey = trust.TrustedCert.GetPublicKey(); } else { trust = null; } } else if (trust.CAName != null && trust.CAPublicKey != null) { try { X509Name certIssuer = GetIssuerPrincipal(cert); X509Name caName = new X509Name(trust.CAName); if (certIssuer.Equivalent(caName, true)) { trustPublicKey = trust.CAPublicKey; } else { trust = null; } } catch (InvalidParameterException) { trust = null; } } else { trust = null; } if (trustPublicKey != null) { try { cert.Verify(trustPublicKey); } catch (Exception ex) { invalidKeyEx = ex; trust = null; } } } if (trust == null && invalidKeyEx != null) { throw new Exception("TrustAnchor found but certificate validation failed.", invalidKeyEx); } return(trust); }