X509BasicConstraintsExtension 类

定义

定义对证书设置的约束。 此类不能被继承。

public ref class X509BasicConstraintsExtension sealed : System::Security::Cryptography::X509Certificates::X509Extension
public sealed class X509BasicConstraintsExtension : System.Security.Cryptography.X509Certificates.X509Extension
type X509BasicConstraintsExtension = class
    inherit X509Extension
Public NotInheritable Class X509BasicConstraintsExtension
Inherits X509Extension
继承
X509BasicConstraintsExtension

示例

下面的代码示例演示如何打开用户的个人证书存储并显示有关存储中每个证书的信息。 此示例使用 X509BasicConstraintsExtension 类来显示信息。

#using <System.dll>
#using <system.security.dll>

using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Security::Cryptography::X509Certificates;
int main()
{
   try
   {
      X509Store^ store = gcnew X509Store( L"MY",StoreLocation::CurrentUser );
      store->Open( static_cast<OpenFlags>(OpenFlags::ReadOnly | OpenFlags::OpenExistingOnly) );
      X509Certificate2Collection^ collection = dynamic_cast<X509Certificate2Collection^>(store->Certificates);
      for ( int i = 0; i < collection->Count; i++ )
      {
         System::Collections::IEnumerator^ myEnum = collection[ i ]->Extensions->GetEnumerator();
         while ( myEnum->MoveNext() )
         {
            X509Extension^ extension = safe_cast<X509Extension^>(myEnum->Current);
            Console::WriteLine( L"{0}({1})", extension->Oid->FriendlyName, extension->Oid->Value );
            if ( extension->Oid->FriendlyName == L"Key Usage" )
            {
               X509KeyUsageExtension^ ext = dynamic_cast<X509KeyUsageExtension^>(extension);
               Console::WriteLine( ext->KeyUsages );
            }
            if ( extension->Oid->FriendlyName == L"Basic Constraints" )
            {
               X509BasicConstraintsExtension^ ext = dynamic_cast<X509BasicConstraintsExtension^>(extension);
               Console::WriteLine( ext->CertificateAuthority );
               Console::WriteLine( ext->HasPathLengthConstraint );
               Console::WriteLine( ext->PathLengthConstraint );
            }
            if ( extension->Oid->FriendlyName == L"Subject Key Identifier" )
            {
               X509SubjectKeyIdentifierExtension^ ext = dynamic_cast<X509SubjectKeyIdentifierExtension^>(extension);
               Console::WriteLine( ext->SubjectKeyIdentifier );
            }
            if ( extension->Oid->FriendlyName == L"Enhanced Key Usage" )
            {
               X509EnhancedKeyUsageExtension^ ext = dynamic_cast<X509EnhancedKeyUsageExtension^>(extension);
               OidCollection^ oids = ext->EnhancedKeyUsages;
               System::Collections::IEnumerator^ myEnum1 = oids->GetEnumerator();
               while ( myEnum1->MoveNext() )
               {
                  Oid^ oid = safe_cast<Oid^>(myEnum1->Current);
                  Console::WriteLine( L"{0}({1})", oid->FriendlyName, oid->Value );
               }
            }
         }

      }
      store->Close();
   }
   catch ( CryptographicException^ ) 
   {
      Console::WriteLine( L"Information could not be written out for this certificate." );
   }

}
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;

public class CertSelect
{
    public static void Main()
    {
        try
        {
            X509Store store = new X509Store("MY", StoreLocation.CurrentUser);
            store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);

            X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;
            for (int i = 0; i < collection.Count; i++)
            {
                foreach (X509Extension extension in collection[i].Extensions)
                {
                    Console.WriteLine(extension.Oid.FriendlyName + "(" + extension.Oid.Value + ")");

                    if (extension.Oid.FriendlyName == "Key Usage")
                    {
                        X509KeyUsageExtension ext = (X509KeyUsageExtension)extension;
                        Console.WriteLine(ext.KeyUsages);
                    }

                    if (extension.Oid.FriendlyName == "Basic Constraints")
                    {
                        X509BasicConstraintsExtension ext = (X509BasicConstraintsExtension)extension;
                        Console.WriteLine(ext.CertificateAuthority);
                        Console.WriteLine(ext.HasPathLengthConstraint);
                        Console.WriteLine(ext.PathLengthConstraint);
                    }

                    if (extension.Oid.FriendlyName == "Subject Key Identifier")
                    {
                        X509SubjectKeyIdentifierExtension ext = (X509SubjectKeyIdentifierExtension)extension;
                        Console.WriteLine(ext.SubjectKeyIdentifier);
                    }

                    if (extension.Oid.FriendlyName == "Enhanced Key Usage")
                    {
                        X509EnhancedKeyUsageExtension ext = (X509EnhancedKeyUsageExtension)extension;
                        OidCollection oids = ext.EnhancedKeyUsages;
                        foreach (Oid oid in oids)
                        {
                            Console.WriteLine(oid.FriendlyName + "(" + oid.Value + ")");
                        }
                    }
                }
            }
            store.Close();
        }
        catch (CryptographicException)
        {
            Console.WriteLine("Information could not be written out for this certificate.");
        }
    }
}
Imports System.Security.Cryptography
Imports System.Security.Cryptography.X509Certificates



Module CertSelect

    Sub Main()
        Try
            Dim store As New X509Store("MY", StoreLocation.CurrentUser)
            store.Open(OpenFlags.ReadOnly Or OpenFlags.OpenExistingOnly)

            Dim collection As X509Certificate2Collection = CType(store.Certificates, X509Certificate2Collection)
            For i As Integer = 0 To collection.Count - 1
                Dim extension As X509Extension
                For Each extension In collection(i).Extensions
                    Console.WriteLine(extension.Oid.FriendlyName + "(" + extension.Oid.Value + ")")


                    If extension.Oid.FriendlyName = "Key Usage" Then
                        Dim ext As X509KeyUsageExtension = CType(extension, X509KeyUsageExtension)
                        Console.WriteLine(ext.KeyUsages)
                    End If

                    If extension.Oid.FriendlyName = "Basic Constraints" Then
                        Dim ext As X509BasicConstraintsExtension = CType(extension, X509BasicConstraintsExtension)
                        Console.WriteLine(ext.CertificateAuthority)
                        Console.WriteLine(ext.HasPathLengthConstraint)
                        Console.WriteLine(ext.PathLengthConstraint)
                    End If

                    If extension.Oid.FriendlyName = "Subject Key Identifier" Then
                        Dim ext As X509SubjectKeyIdentifierExtension = CType(extension, X509SubjectKeyIdentifierExtension)
                        Console.WriteLine(ext.SubjectKeyIdentifier)
                    End If

                    If extension.Oid.FriendlyName = "Enhanced Key Usage" Then
                        Dim ext As X509EnhancedKeyUsageExtension = CType(extension, X509EnhancedKeyUsageExtension)
                        Dim oids As OidCollection = ext.EnhancedKeyUsages
                        Dim oid As Oid
                        For Each oid In oids
                            Console.WriteLine(oid.FriendlyName + "(" + oid.Value + ")")
                        Next oid
                    End If
                Next extension
            Next i
            store.Close()
        Catch
            Console.WriteLine("Information could not be written out for this certificate.")
        End Try

    End Sub
End Module

注解

此类提供用于定义在证书上设置的基本约束的属性。

构造函数

X509BasicConstraintsExtension()

初始化 X509BasicConstraintsExtension 类的新实例。

X509BasicConstraintsExtension(AsnEncodedData, Boolean)

使用 X509BasicConstraintsExtension 对象和一个标识扩展是否重要的值初始化 AsnEncodedData 类的新实例。

X509BasicConstraintsExtension(Boolean, Boolean, Int32, Boolean)

初始化 X509BasicConstraintsExtension 类的新实例。 参数指定以下值:指示证书是否为证书颁发机构 (CA) 证书的值;指示证书对其允许的路径级别数是否有限制、证书路径允许的级别数的值;指示扩展是否重要的值。

属性

CertificateAuthority

获取一个值,该值指示证书是否为证书颁发机构 (CA) 证书。

Critical

获取一个指示扩展是否必不可少的布尔值。

(继承自 X509Extension)
HasPathLengthConstraint

获取一个值,该值指示证书对其允许的路径级别数是否有限制。

Oid

获取或设置 Oid 对象的 AsnEncodedData 值。

(继承自 AsnEncodedData)
PathLengthConstraint

获取证书路径允许的级别数。

RawData

获取或设置以字节数组表示的 Abstract Syntax Notation One (ASN.1) 编码数据。

(继承自 AsnEncodedData)

方法

CopyFrom(AsnEncodedData)

使用 AsnEncodedData 对象初始化 X509BasicConstraintsExtension 类的新实例。

CreateForCertificateAuthority(Nullable<Int32>)

创建适用于证书颁发机构的 X509BasicConstraintsExtension 实例,(可选)包括路径长度约束值。

CreateForEndEntity(Boolean)

创建适用于最终实体证书的 X509BasicConstraintsExtension 实例,可以选择将扩展标记为关键。

Equals(Object)

确定指定对象是否等于当前对象。

(继承自 Object)
Format(Boolean)

将 Abstract Syntax Notation One (ASN.1) 编码数据的格式化版本作为字符串返回。

(继承自 AsnEncodedData)
GetHashCode()

作为默认哈希函数。

(继承自 Object)
GetType()

获取当前实例的 Type

(继承自 Object)
MemberwiseClone()

创建当前 Object 的浅表副本。

(继承自 Object)
ToString()

返回表示当前对象的字符串。

(继承自 Object)

适用于