public Find ( System findType, object findValue, bool validOnly ) : System.Security.Cryptography.X509Certificates.X509Certificate2Collection | ||
findType | System | |
findValue | object | |
validOnly | bool | |
Результат | System.Security.Cryptography.X509Certificates.X509Certificate2Collection |
// dotnet/wcf#1574 - This is a workaround for dotnet/corefx#12214 // The copy constructor was removed in .NET Core, this is the workaround to allow us to make copies of certificates internal static X509Certificate2 CloneCertificateInternal(this X509Certificate2 certificateToClone) { #if TARGETS_WINDOWS return new X509Certificate2(certificateToClone.Handle); #else X509Certificate2Collection collection = new X509Certificate2Collection(certificateToClone); X509Certificate2Collection copyCollection = collection.Find(X509FindType.FindByThumbprint, certificateToClone.Thumbprint, false); return copyCollection[0]; #endif }
// dotnet/wcf#1574 - This is a workaround for dotnet/corefx#12214 internal static X509Certificate2 CloneCertificateInternal(this X509Certificate certificateToClone) { #if TARGETS_WINDOWS return new X509Certificate2(certificateToClone.Handle); #else byte[] certificateBytes = certificateToClone.Export(X509ContentType.Pfx, string.Empty); X509Certificate2 certificateToClone2 = new X509Certificate2(certificateBytes, string.Empty); X509Certificate2Collection collection = new X509Certificate2Collection(certificateToClone2); X509Certificate2Collection copyCollection = collection.Find(X509FindType.FindByThumbprint, certificateToClone2.Thumbprint, false); return copyCollection[0]; #endif }
private X509Certificate2 SelectBestFromCollection(X509Certificate2 child, X509Certificate2Collection c) { switch (c.Count) { case 0: return(null); case 1: return(c [0]); default: // multiple candidate, keep only the ones that are still valid X509Certificate2Collection time_valid = c.Find(X509FindType.FindByTimeValid, ChainPolicy.VerificationTime, false); switch (time_valid.Count) { case 0: // that's too restrictive, let's revert and try another thing... time_valid = c; break; case 1: return(time_valid [0]); default: break; } // again multiple candidates, let's find the AKI that match the SKI (if we have one) string aki = GetAuthorityKeyIdentifier(child); if (String.IsNullOrEmpty(aki)) { return(time_valid [0]); // FIXME: out of luck, you get the first one } foreach (X509Certificate2 parent in time_valid) { string ski = GetSubjectKeyIdentifier(parent); // if both id are available then they must match if (aki == ski) { return(parent); } } return(time_valid [0]); // FIXME: out of luck, you get the first one } }
private X509Certificate2 SelectBestFromCollection(X509Certificate2 child, X509Certificate2Collection c) { int count = c.Count; if (count == 0) { return(null); } if (count == 1) { return(c[0]); } X509Certificate2Collection x509Certificate2Collection = c.Find(X509FindType.FindByTimeValid, this.ChainPolicy.VerificationTime, false); int count2 = x509Certificate2Collection.Count; if (count2 != 0) { if (count2 == 1) { return(x509Certificate2Collection[0]); } } else { x509Certificate2Collection = c; } string authorityKeyIdentifier = this.GetAuthorityKeyIdentifier(child); if (string.IsNullOrEmpty(authorityKeyIdentifier)) { return(x509Certificate2Collection[0]); } foreach (X509Certificate2 x509Certificate in x509Certificate2Collection) { string subjectKeyIdentifier = this.GetSubjectKeyIdentifier(x509Certificate); if (authorityKeyIdentifier == subjectKeyIdentifier) { return(x509Certificate); } } return(x509Certificate2Collection[0]); }
private X509Certificate2 SelectBestFromCollection(X509Certificate2 child, X509Certificate2Collection c) { switch (c.Count) { case 0: return(null); case 1: return(c[0]); default: { X509Certificate2Collection x509Certificate2Collection = c.Find(X509FindType.FindByTimeValid, ChainPolicy.VerificationTime, validOnly: false); switch (x509Certificate2Collection.Count) { case 0: x509Certificate2Collection = c; break; case 1: return(x509Certificate2Collection[0]); } string authorityKeyIdentifier = GetAuthorityKeyIdentifier(child); if (string.IsNullOrEmpty(authorityKeyIdentifier)) { return(x509Certificate2Collection[0]); } X509Certificate2Enumerator enumerator = x509Certificate2Collection.GetEnumerator(); while (enumerator.MoveNext()) { X509Certificate2 current = enumerator.Current; string subjectKeyIdentifier = GetSubjectKeyIdentifier(current); if (authorityKeyIdentifier == subjectKeyIdentifier) { return(current); } } return(x509Certificate2Collection[0]); } } }
internal static unsafe uint AddCertsToMessage(System.Security.Cryptography.SafeCryptMsgHandle safeCryptMsgHandle, X509Certificate2Collection bagOfCerts, X509Certificate2Collection chainOfCerts) { uint num = 0; X509Certificate2Enumerator enumerator = chainOfCerts.GetEnumerator(); while (enumerator.MoveNext()) { X509Certificate2 current = enumerator.Current; if (bagOfCerts.Find(X509FindType.FindByThumbprint, current.Thumbprint, false).Count == 0) { System.Security.Cryptography.CAPI.CERT_CONTEXT cert_context = *((System.Security.Cryptography.CAPI.CERT_CONTEXT*) System.Security.Cryptography.X509Certificates.X509Utils.GetCertContext(current).DangerousGetHandle()); System.Security.Cryptography.CAPI.CRYPTOAPI_BLOB cryptoapi_blob = new System.Security.Cryptography.CAPI.CRYPTOAPI_BLOB { cbData = cert_context.cbCertEncoded, pbData = cert_context.pbCertEncoded }; if (!System.Security.Cryptography.CAPI.CryptMsgControl(safeCryptMsgHandle, 0, 10, new IntPtr((long) ((ulong) ((IntPtr) &cryptoapi_blob))))) { throw new CryptographicException(Marshal.GetLastWin32Error()); } num++; } } return num; }
private X509Certificate2Collection findCertificates(string prop, string storeSpec, string value) { StoreLocation storeLoc = 0; StoreName storeName = 0; string storeNameStr = null; parseStore(prop, storeSpec, ref storeLoc, ref storeName, ref storeNameStr); // // Open the X509 certificate store. // X509Store store = null; try { if(storeNameStr != null) { store = new X509Store(storeNameStr, storeLoc); } else { store = new X509Store(storeName, storeLoc); } store.Open(OpenFlags.ReadOnly); } catch(Exception ex) { Ice.PluginInitializationException e = new Ice.PluginInitializationException(ex); e.reason = "IceSSL: failure while opening store specified by " + prop; throw e; } // // Start with all of the certificates in the collection and filter as necessary. // // - If the value is "*", return all certificates. // - Otherwise, search using key:value pairs. The following keys are supported: // // Issuer // IssuerDN // Serial // Subject // SubjectDN // SubjectKeyId // Thumbprint // // A value must be enclosed in single or double quotes if it contains whitespace. // X509Certificate2Collection result = new X509Certificate2Collection(); result.AddRange(store.Certificates); try { if(value != "*") { int start = 0; int pos; while((pos = value.IndexOf(':', start)) != -1) { // // Parse the X509FindType. // string field = value.Substring(start, pos - start).Trim().ToUpperInvariant(); X509FindType findType; if(field.Equals("SUBJECT")) { findType = X509FindType.FindBySubjectName; } else if(field.Equals("SUBJECTDN")) { findType = X509FindType.FindBySubjectDistinguishedName; } else if(field.Equals("ISSUER")) { findType = X509FindType.FindByIssuerName; } else if(field.Equals("ISSUERDN")) { findType = X509FindType.FindByIssuerDistinguishedName; } else if(field.Equals("THUMBPRINT")) { findType = X509FindType.FindByThumbprint; } else if(field.Equals("SUBJECTKEYID")) { findType = X509FindType.FindBySubjectKeyIdentifier; } else if(field.Equals("SERIAL")) { findType = X509FindType.FindBySerialNumber; } else { Ice.PluginInitializationException e = new Ice.PluginInitializationException(); e.reason = "IceSSL: unknown key in `" + value + "'"; throw e; } // // Parse the argument. // start = pos + 1; while(start < value.Length && (value[start] == ' ' || value[start] == '\t')) { ++start; } if(start == value.Length) { Ice.PluginInitializationException e = new Ice.PluginInitializationException(); e.reason = "IceSSL: missing argument in `" + value + "'"; throw e; } string arg; if(value[start] == '"' || value[start] == '\'') { int end = start; ++end; while(end < value.Length) { if(value[end] == value[start] && value[end - 1] != '\\') { break; } ++end; } if(end == value.Length || value[end] != value[start]) { Ice.PluginInitializationException e = new Ice.PluginInitializationException(); e.reason = "IceSSL: unmatched quote in `" + value + "'"; throw e; } ++start; arg = value.Substring(start, end - start); start = end + 1; } else { char[] ws = new char[] { ' ', '\t' }; int end = value.IndexOfAny(ws, start); if(end == -1) { arg = value.Substring(start); start = value.Length; } else { arg = value.Substring(start, end - start); start = end + 1; } } // // Execute the query. // // TODO: allow user to specify a value for validOnly? // bool validOnly = false; result = result.Find(findType, arg, validOnly); } } } finally { store.Close(); } return result; }
public void SearchCertificates (String label) { nint row = splitViewController.MainOutlineView.SelectedRow; UIErrorHelper.CheckedExec (delegate() { if (row >= (nint)0) { NSObject item = splitViewController.MainOutlineView.ItemAtRow ((int)row); if ((item is VMCACertsNode) || (item is VMCAPersonalCertificatesNode)) { int certState; if (item is VMCACertsNode) certState = (int)(item as VMCACertsNode).Tag; else certState = -1; //private certificates if (certState != -1) { CertificateDetailsListView certView = splitViewController.MainTableView.DataSource as CertificateDetailsListView; X509Certificate2Collection certificateCollection = new X509Certificate2Collection (certView.Entries.ToArray ()); X509Certificate2Collection searchResult = certificateCollection.Find (X509FindType.FindBySubjectName, label, false); List<X509Certificate2> certList = new List<X509Certificate2> (); foreach (X509Certificate2 cert in searchResult) certList.Add (cert); splitViewController.MainTableView.DataSource = new CertificateDetailsListView (certList, this.Servernode.ServerDTO, certState); } } } }); }
public void Find_FindBySubjectKeyIdentifier () { // empty Assert.AreEqual (0, collection.Find (X509FindType.FindBySubjectKeyIdentifier, String.Empty, false).Count, "FindBySubjectKeyIdentifier/Empty/false"); X509Certificate2Collection c = new X509Certificate2Collection (collection); c.Add (new X509Certificate2 (X509Certificate2Test.cert_8)); Assert.AreEqual (0, c.Find (X509FindType.FindBySubjectKeyIdentifier, "9D2D73C3B8E34D2928C3", false).Count, "FindBySubjectKeyIdentifier/half/false"); Assert.AreEqual (1, c.Find (X509FindType.FindBySubjectKeyIdentifier, "9D2D73C3B8E34D2928C365BEA998CBD68A06689C", false).Count, "FindBySubjectKeyIdentifier/full/false"); Assert.AreEqual (1, c.Find (X509FindType.FindBySubjectKeyIdentifier, "9d2d73c3b8e34d2928c365bea998cbd68a06689c", false).Count, "FindBySubjectKeyIdentifier/full/false"); }
/// <summary> /// Finds a certificate in the specified collection. /// </summary> /// <param name="collection">The collection.</param> /// <param name="thumbprint">The thumbprint of the certificate.</param> /// <param name="subjectName">Subject name of the certificate.</param> /// <param name="needPrivateKey">if set to <c>true</c> [need private key].</param> /// <returns></returns> public static X509Certificate2 Find(X509Certificate2Collection collection, string thumbprint, string subjectName, bool needPrivateKey) { // find by thumbprint. if (!String.IsNullOrEmpty(thumbprint)) { collection = collection.Find(X509FindType.FindByThumbprint, thumbprint, false); foreach (X509Certificate2 certificate in collection) { if (!needPrivateKey || certificate.HasPrivateKey) { if (String.IsNullOrEmpty(subjectName)) { return certificate; } List<string> subjectName2 = Utils.ParseDistinguishedName(subjectName); if (Utils.CompareDistinguishedName(certificate, subjectName2)) { return certificate; } } } return null; } // find by subject name. if (!String.IsNullOrEmpty(subjectName)) { List<string> subjectName2 = Utils.ParseDistinguishedName(subjectName); foreach (X509Certificate2 certificate in collection) { if (Utils.CompareDistinguishedName(certificate, subjectName2)) { if (!needPrivateKey || certificate.HasPrivateKey) { return certificate; } } } collection = collection.Find(X509FindType.FindBySubjectName, subjectName, false); foreach (X509Certificate2 certificate in collection) { if (!needPrivateKey || certificate.HasPrivateKey) { return certificate; } } } // certificate not found. return null; }
internal static X509Certificate2 FindCertificate (SubjectIdentifier identifier, X509Certificate2Collection certificates) { X509Certificate2 certificate = null; if (certificates != null && certificates.Count > 0) { X509Certificate2Collection filters; switch (identifier.Type) { case SubjectIdentifierType.IssuerAndSerialNumber: filters = certificates.Find(X509FindType.FindByIssuerDistinguishedName, ((X509IssuerSerial) identifier.Value).IssuerName, false); if (filters.Count > 0) { filters = filters.Find(X509FindType.FindBySerialNumber, ((X509IssuerSerial) identifier.Value).SerialNumber, false); if (filters.Count > 0) certificate = filters[0]; } break; case SubjectIdentifierType.SubjectKeyIdentifier: filters = certificates.Find(X509FindType.FindBySubjectKeyIdentifier, identifier.Value, false); if (filters.Count > 0) certificate = filters[0]; break; } } return certificate; }
internal static unsafe uint AddCertsToMessage (SafeCryptMsgHandle safeCryptMsgHandle, X509Certificate2Collection bagOfCerts, X509Certificate2Collection chainOfCerts) { uint certsAdded = 0; foreach (X509Certificate2 certificate in chainOfCerts) { // Skip it if already in the bag of certs. X509Certificate2Collection foundCerts = bagOfCerts.Find(X509FindType.FindByThumbprint, certificate.Thumbprint, false); if (foundCerts.Count == 0) { SafeCertContextHandle safeCertContextHandle = X509Utils.GetCertContext(certificate); CAPI.CERT_CONTEXT pCertContext = *((CAPI.CERT_CONTEXT*) safeCertContextHandle.DangerousGetHandle()); CAPI.CRYPTOAPI_BLOB certBlob = new CAPI.CRYPTOAPI_BLOB(); certBlob.cbData = pCertContext.cbCertEncoded; certBlob.pbData = pCertContext.pbCertEncoded; if (!CAPI.CryptMsgControl(safeCryptMsgHandle, 0, CAPI.CMSG_CTRL_ADD_CERT, new IntPtr((long) &certBlob))) throw new CryptographicException(Marshal.GetLastWin32Error()); certsAdded++; } } return certsAdded; }
/////////////////////////////////////////////////////////////////////// /// <summary> /// Carry out the filters requested. /// </summary> static X509Certificate2Collection FilterCertificates(X509Certificate2Collection certificates) { int index; if (0 < certificates.Count && null != sha1) { certificates = certificates.Find(X509FindType.FindByThumbprint, sha1, false); } if (0 < certificates.Count && 0 < subjects.Count) { foreach (string subject in subjects) { certificates = certificates.Find(X509FindType.FindBySubjectName, subject, false); } } if (0 < certificates.Count && 0 < issuers.Count) { foreach (string issuer in issuers) { certificates = certificates.Find(X509FindType.FindByIssuerName, issuer, false); } } if (0 < certificates.Count && 0 < serials.Count) { foreach (string serial in serials) { certificates = certificates.Find(X509FindType.FindBySerialNumber, serial, false); } } if (0 < certificates.Count && 0 < templates.Count) { foreach (string template in templates) { certificates = certificates.Find(X509FindType.FindByTemplateName, template, false); } } if (0 < certificates.Count && 0 < extensions.Count) { foreach (string extension in extensions) { certificates = certificates.Find(X509FindType.FindByExtension, extension, false); } } if (0 < certificates.Count && 0 < ekus.Count) { foreach (string eku in ekus) { certificates = certificates.Find(X509FindType.FindByApplicationPolicy, eku, false); } } if (0 < certificates.Count && 0 < policies.Count) { foreach (string policy in policies) { certificates = certificates.Find(X509FindType.FindByCertificatePolicy, policy, false); } } if (0 < certificates.Count && 0 < keyUsages.Count) { for (index = 0; index < keyUsages.Count; index++) { certificates = certificates.Find(X509FindType.FindByKeyUsage, keyUsages[index], false); } } if (0 < certificates.Count && performTimeValidityCheck) { certificates = certificates.Find(expirationType, time, false); } if (0 < certificates.Count && validOnly) { // Use empty subject name to perform null filtering. certificates = certificates.Find(X509FindType.FindBySubjectName, string.Empty, true); } return certificates; }
public void X509Certificate2CollectionFindBySubjectName_Test () { // Created with mono makecert // makecert -n "O=Root, CN=MyCNName, T=SomeElse" -r <filename> const string Cert = "MIIB6zCCAVSgAwIBAgIQEshQw4bf1kSsYsUoLCjlpTANBgkqhkiG9w0BAQUFADA1MQ0wCwYDVQQKEwRSb290MREwDwYDVQQDEwhNeUNOTmFtZTERMA8GA1UEDBMIU29tZUVsc2UwHhcNMTIwMzE1MTUzNjE0WhcNMzkxMjMxMjM1OTU5WjA1MQ0wCwYDVQQKEwRSb290MREwDwYDVQQDEwhNeUNOTmFtZTERMA8GA1UEDBMIU29tZUVsc2UwgZ0wDQYJKoZIhvcNAQEBBQADgYsAMIGHAoGBAI8A3ay+oRKRBAD4oojA2s4feHBHn5OafJ+Vxap7wsd3IF/qBrXdnFLxfvLltCSZDarajwTjxX2rhT7Q0hm3Yyy6DnyaMoL8u//c6HCv47SFNJ4JEgu2WP9M/xNU2m+JiABX+K/nwoWfE1VIYueJWL9ftCBOG099QBCsCrpdFUcbAgERMA0GCSqGSIb3DQEBBQUAA4GBAHV+uMPliZPhfLdcMGIbYQnWY2m4YrU/IvqZK4HTKyzG/heAp7+OvkGiC0YJHtvWehgZUV9ukVEbl93rCKmXlb6BuPgN60U1iLYJQ9nAVHm7fRoAjvjDj3CGFtmYb81sYu8sc5GHqsCbvTKHwW/x2O3uLJBM5ApDlcczmgdm8xqQ"; var cerBytes = Convert.FromBase64String (Cert); var cert = new X509Certificate2 (cerBytes); var collection = new X509Certificate2Collection (); var found = collection.Find (X509FindType.FindBySubjectName, "SomeElse", false); Assert.AreEqual (0, found.Count, "empty"); collection.Add (cert); collection.Find (X509FindType.FindBySubjectName, "T=SomeElse", false); Assert.AreEqual (0, found.Count, "with prefix"); found = collection.Find (X509FindType.FindBySubjectName, "SomeElse", false); Assert.That (found.Count == 1, "full"); found = collection.Find (X509FindType.FindBySubjectName, "Else", false); Assert.That (found.Count == 1, "partial"); Assert.That (found [0].SubjectName.Name.Contains ("O=Root")); Assert.That (found [0].SubjectName.Name.Contains ("T=SomeElse")); Assert.That (found [0].SubjectName.Name.Contains ("CN=MyCNName")); found = collection.Find (X509FindType.FindBySubjectName, "MyCNName", false); Assert.IsTrue (found.Count == 1); Assert.That (found [0].SubjectName.Name.Contains ("O=Root")); Assert.That (found [0].SubjectName.Name.Contains ("T=SomeElse")); Assert.That (found [0].SubjectName.Name.Contains ("CN=MyCNName")); found = collection.Find (X509FindType.FindBySubjectName, "Root", false); Assert.IsTrue (found.Count == 1); Assert.That (found [0].SubjectName.Name.Contains ("O=Root")); Assert.That (found [0].SubjectName.Name.Contains ("T=SomeElse")); Assert.That (found [0].SubjectName.Name.Contains ("CN=MyCNName")); found = collection.Find (X509FindType.FindBySubjectName, "SomeRandomStringThatDoesn'tExist", false); Assert.AreEqual (0, found.Count); }
/////////////////////////////////////////////////////////////////////// /// /// <summary> /// Carry out the filters requested. /// </summary> /// static X509Certificate2 FilterCertificates(X509Certificate2Collection certificates) { int index; if (0 < certificates.Count && null != sha1) { certificates = certificates.Find(X509FindType.FindByThumbprint, sha1, false); } if (0 < certificates.Count && 0 < subjects.Count) { foreach (string subject in subjects) { certificates = certificates.Find(X509FindType.FindBySubjectDistinguishedName, subject, false); } } if (0 < certificates.Count && 0 < issuers.Count) { foreach (string issuer in issuers) { certificates = certificates.Find(X509FindType.FindByIssuerDistinguishedName, issuer, false); } } // filter out certificates without a private key. if (0 < certificates.Count) { X509Certificate2Collection collection = new X509Certificate2Collection(); for (index = 0; index < certificates.Count; index++) { try { if (certificates[index].PrivateKey != null) collection.Add(certificates[index]); } catch{} } certificates.Clear(); certificates = collection; } // finally, ask the user to select a certificate if more than one is found. if (1 < certificates.Count) { certificates = X509Certificate2UI.SelectFromCollection( certificates , "Certificates", "Please select a certificate", X509SelectionFlag.SingleSelection); } if (certificates.Count != 1) throw new InternalException("Internal error: No valid certificates were found to sign the document."); return (certificates.Count == 0 ? null : certificates[0]); }
// TODO: Issue #3891. Get the Trusted Issuers List from WinHTTP and use that to help narrow down // the list of eligible client certificates. public static X509Certificate2 GetEligibleClientCertificate(X509Certificate2Collection candidateCerts) { if (candidateCerts.Count == 0) { return null; } // Reduce the set of certificates to match the proper 'Client Authentication' criteria. candidateCerts = candidateCerts.Find(X509FindType.FindByKeyUsage, X509KeyUsageFlags.DigitalSignature, false); candidateCerts = candidateCerts.Find(X509FindType.FindByApplicationPolicy, ClientAuthenticationOID, false); // Build a new collection with certs that have a private key. Need to do this // manually because there is no X509FindType to match this criteria. var eligibleCerts = new X509Certificate2Collection(); foreach (X509Certificate2 cert in candidateCerts) { if (cert.HasPrivateKey) { eligibleCerts.Add(cert); } } if (eligibleCerts.Count > 0) { return eligibleCerts[0]; } else { return null; } }
internal static X509Certificate2 FindCertificate(SubjectIdentifier identifier, X509Certificate2Collection certificates) { X509Certificate2 certificate = null; if ((certificates != null) && (certificates.Count > 0)) { X509Certificate2Collection certificates2; switch (identifier.Type) { case SubjectIdentifierType.IssuerAndSerialNumber: { X509IssuerSerial serial = (X509IssuerSerial) identifier.Value; certificates2 = certificates.Find(X509FindType.FindByIssuerDistinguishedName, serial.IssuerName, false); if (certificates2.Count > 0) { X509IssuerSerial serial2 = (X509IssuerSerial) identifier.Value; certificates2 = certificates2.Find(X509FindType.FindBySerialNumber, serial2.SerialNumber, false); if (certificates2.Count > 0) { certificate = certificates2[0]; } } return certificate; } case SubjectIdentifierType.SubjectKeyIdentifier: certificates2 = certificates.Find(X509FindType.FindBySubjectKeyIdentifier, identifier.Value, false); if (certificates2.Count > 0) { certificate = certificates2[0]; } return certificate; } } return certificate; }
private X509Certificate2 SelectBestFromCollection (X509Certificate2 child, X509Certificate2Collection c) { switch (c.Count) { case 0: return null; case 1: return c [0]; default: // multiple candidate, keep only the ones that are still valid X509Certificate2Collection time_valid = c.Find (X509FindType.FindByTimeValid, ChainPolicy.VerificationTime, false); switch (time_valid.Count) { case 0: // that's too restrictive, let's revert and try another thing... time_valid = c; break; case 1: return time_valid [0]; default: break; } // again multiple candidates, let's find the AKI that match the SKI (if we have one) string aki = GetAuthorityKeyIdentifier (child); if (String.IsNullOrEmpty (aki)) { return time_valid [0]; // FIXME: out of luck, you get the first one } foreach (X509Certificate2 parent in time_valid) { string ski = GetSubjectKeyIdentifier (parent); // if both id are available then they must match if (aki == ski) return parent; } return time_valid [0]; // FIXME: out of luck, you get the first one } }
/// <summary> /// Invokes X509Certificate2Collection.Find() and creates a ClonedCertificate object that will dispose the returned certificates. This /// is a way of coping with the non-obvious fact that X509Certificate2Collection.Find() returns cloned certificates. /// </summary> public ClonedCertificates(X509Certificate2Collection certs, X509FindType findType, object findValue) { _clonedCerts = certs.Find(findType, findValue, validOnly: false); }