| public GetTargetConstraints ( ) : IX509Selector | ||
| Результат | IX509Selector | |
public virtual PkixCertPathValidatorResult Validate(PkixCertPath certPath, PkixParameters pkixParams)
{
//IL_002d: Unknown result type (might be due to invalid IL or missing references)
IX509Selector targetConstraints = pkixParams.GetTargetConstraints();
if (!(targetConstraints is X509AttrCertStoreSelector))
{
throw new ArgumentException("TargetConstraints must be an instance of " + typeof(X509AttrCertStoreSelector).get_FullName(), "pkixParams");
}
IX509AttributeCertificate attributeCert = ((X509AttrCertStoreSelector)targetConstraints).AttributeCert;
PkixCertPath holderCertPath = Rfc3281CertPathUtilities.ProcessAttrCert1(attributeCert, pkixParams);
PkixCertPathValidatorResult result = Rfc3281CertPathUtilities.ProcessAttrCert2(certPath, pkixParams);
X509Certificate x509Certificate = (X509Certificate)certPath.Certificates.get_Item(0);
Rfc3281CertPathUtilities.ProcessAttrCert3(x509Certificate, pkixParams);
Rfc3281CertPathUtilities.ProcessAttrCert4(x509Certificate, pkixParams);
Rfc3281CertPathUtilities.ProcessAttrCert5(attributeCert, pkixParams);
Rfc3281CertPathUtilities.ProcessAttrCert7(attributeCert, certPath, holderCertPath, pkixParams);
Rfc3281CertPathUtilities.AdditionalChecks(attributeCert, pkixParams);
global::System.DateTime validCertDateFromValidityModel;
try
{
validCertDateFromValidityModel = PkixCertPathValidatorUtilities.GetValidCertDateFromValidityModel(pkixParams, null, -1);
}
catch (global::System.Exception cause)
{
throw new PkixCertPathValidatorException("Could not get validity date from attribute certificate.", cause);
}
Rfc3281CertPathUtilities.CheckCrls(attributeCert, pkixParams, x509Certificate, validCertDateFromValidityModel, certPath.Certificates);
return(result);
}
/**
* Validates an attribute certificate with the given certificate path.
*
* <p>
* <code>params</code> must be an instance of
* <code>ExtendedPkixParameters</code>.
* </p><p>
* The target constraints in the <code>params</code> must be an
* <code>X509AttrCertStoreSelector</code> with at least the attribute
* certificate criterion set. Obey that also target informations may be
* necessary to correctly validate this attribute certificate.
* </p><p>
* The attribute certificate issuer must be added to the trusted attribute
* issuers with {@link ExtendedPkixParameters#setTrustedACIssuers(Set)}.
* </p>
* @param certPath The certificate path which belongs to the attribute
* certificate issuer public key certificate.
* @param params The PKIX parameters.
* @return A <code>PKIXCertPathValidatorResult</code> of the result of
* validating the <code>certPath</code>.
* @throws InvalidAlgorithmParameterException if <code>params</code> is
* inappropriate for this validator.
* @throws CertPathValidatorException if the verification fails.
*/
public virtual PkixCertPathValidatorResult Validate(
PkixCertPath certPath,
PkixParameters pkixParams)
{
IX509Selector certSelect = pkixParams.GetTargetConstraints();
if (!(certSelect is X509AttrCertStoreSelector))
{
throw new ArgumentException(
"TargetConstraints must be an instance of " + typeof(X509AttrCertStoreSelector).FullName,
"pkixParams");
}
IX509AttributeCertificate attrCert = ((X509AttrCertStoreSelector) certSelect).AttributeCert;
PkixCertPath holderCertPath = Rfc3281CertPathUtilities.ProcessAttrCert1(attrCert, pkixParams);
PkixCertPathValidatorResult result = Rfc3281CertPathUtilities.ProcessAttrCert2(certPath, pkixParams);
X509Certificate issuerCert = (X509Certificate)certPath.Certificates[0];
Rfc3281CertPathUtilities.ProcessAttrCert3(issuerCert, pkixParams);
Rfc3281CertPathUtilities.ProcessAttrCert4(issuerCert, pkixParams);
Rfc3281CertPathUtilities.ProcessAttrCert5(attrCert, pkixParams);
// 6 already done in X509AttrCertStoreSelector
Rfc3281CertPathUtilities.ProcessAttrCert7(attrCert, certPath, holderCertPath, pkixParams);
Rfc3281CertPathUtilities.AdditionalChecks(attrCert, pkixParams);
DateTime date;
try
{
date = PkixCertPathValidatorUtilities.GetValidCertDateFromValidityModel(pkixParams, null, -1);
}
catch (Exception e)
{
throw new PkixCertPathValidatorException(
"Could not get validity date from attribute certificate.", e);
}
Rfc3281CertPathUtilities.CheckCrls(attrCert, pkixParams, issuerCert, date, certPath.Certificates);
return result;
}
/**
* Validates an attribute certificate with the given certificate path.
*
* <p>
* <code>params</code> must be an instance of
* <code>ExtendedPkixParameters</code>.
* </p><p>
* The target constraints in the <code>params</code> must be an
* <code>X509AttrCertStoreSelector</code> with at least the attribute
* certificate criterion set. Obey that also target informations may be
* necessary to correctly validate this attribute certificate.
* </p><p>
* The attribute certificate issuer must be added to the trusted attribute
* issuers with {@link ExtendedPkixParameters#setTrustedACIssuers(Set)}.
* </p>
* @param certPath The certificate path which belongs to the attribute
* certificate issuer public key certificate.
* @param params The PKIX parameters.
* @return A <code>PKIXCertPathValidatorResult</code> of the result of
* validating the <code>certPath</code>.
* @throws InvalidAlgorithmParameterException if <code>params</code> is
* inappropriate for this validator.
* @throws CertPathValidatorException if the verification fails.
*/
public virtual PkixCertPathValidatorResult Validate(
PkixCertPath certPath,
PkixParameters pkixParams)
{
IX509Selector certSelect = pkixParams.GetTargetConstraints();
if (!(certSelect is X509AttrCertStoreSelector))
{
throw new ArgumentException(
"TargetConstraints must be an instance of " + typeof(X509AttrCertStoreSelector).FullName,
"pkixParams");
}
IX509AttributeCertificate attrCert = ((X509AttrCertStoreSelector)certSelect).AttributeCert;
PkixCertPath holderCertPath = Rfc3281CertPathUtilities.ProcessAttrCert1(attrCert, pkixParams);
PkixCertPathValidatorResult result = Rfc3281CertPathUtilities.ProcessAttrCert2(certPath, pkixParams);
X509Certificate issuerCert = (X509Certificate)certPath.Certificates[0];
Rfc3281CertPathUtilities.ProcessAttrCert3(issuerCert, pkixParams);
Rfc3281CertPathUtilities.ProcessAttrCert4(issuerCert, pkixParams);
Rfc3281CertPathUtilities.ProcessAttrCert5(attrCert, pkixParams);
// 6 already done in X509AttrCertStoreSelector
Rfc3281CertPathUtilities.ProcessAttrCert7(attrCert, certPath, holderCertPath, pkixParams);
Rfc3281CertPathUtilities.AdditionalChecks(attrCert, pkixParams);
DateTime date;
try
{
date = PkixCertPathValidatorUtilities.GetValidCertDateFromValidityModel(pkixParams, null, -1);
}
catch (Exception e)
{
throw new PkixCertPathValidatorException(
"Could not get validity date from attribute certificate.", e);
}
Rfc3281CertPathUtilities.CheckCrls(attrCert, pkixParams, issuerCert, date, certPath.Certificates);
return(result);
}