X509Extension Classe
Definição
Representa uma extensão X509.Represents an X509 extension.
public ref class X509Extension : System::Security::Cryptography::AsnEncodedData
public class X509Extension : System.Security.Cryptography.AsnEncodedData
type X509Extension = class
inherit AsnEncodedData
Public Class X509Extension
Inherits AsnEncodedData
- Herança
- Derivado
Exemplos
O exemplo de código a seguir demonstra como usar a X509Extension classe.The following code example demonstrates using the X509Extension class.
#using <System.dll>
#using <system.security.dll>
using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Security::Cryptography::X509Certificates;
int main()
{
try
{
X509Store^ store = gcnew X509Store( L"MY",StoreLocation::CurrentUser );
store->Open( static_cast<OpenFlags>(OpenFlags::ReadOnly | OpenFlags::OpenExistingOnly) );
X509Certificate2Collection^ collection = dynamic_cast<X509Certificate2Collection^>(store->Certificates);
for ( int i = 0; i < collection->Count; i++ )
{
System::Collections::IEnumerator^ myEnum = collection[ i ]->Extensions->GetEnumerator();
while ( myEnum->MoveNext() )
{
X509Extension^ extension = safe_cast<X509Extension^>(myEnum->Current);
Console::WriteLine( L"{0}({1})", extension->Oid->FriendlyName, extension->Oid->Value );
if ( extension->Oid->FriendlyName == L"Key Usage" )
{
X509KeyUsageExtension^ ext = dynamic_cast<X509KeyUsageExtension^>(extension);
Console::WriteLine( ext->KeyUsages );
}
if ( extension->Oid->FriendlyName == L"Basic Constraints" )
{
X509BasicConstraintsExtension^ ext = dynamic_cast<X509BasicConstraintsExtension^>(extension);
Console::WriteLine( ext->CertificateAuthority );
Console::WriteLine( ext->HasPathLengthConstraint );
Console::WriteLine( ext->PathLengthConstraint );
}
if ( extension->Oid->FriendlyName == L"Subject Key Identifier" )
{
X509SubjectKeyIdentifierExtension^ ext = dynamic_cast<X509SubjectKeyIdentifierExtension^>(extension);
Console::WriteLine( ext->SubjectKeyIdentifier );
}
if ( extension->Oid->FriendlyName == L"Enhanced Key Usage" )
{
X509EnhancedKeyUsageExtension^ ext = dynamic_cast<X509EnhancedKeyUsageExtension^>(extension);
OidCollection^ oids = ext->EnhancedKeyUsages;
System::Collections::IEnumerator^ myEnum1 = oids->GetEnumerator();
while ( myEnum1->MoveNext() )
{
Oid^ oid = safe_cast<Oid^>(myEnum1->Current);
Console::WriteLine( L"{0}({1})", oid->FriendlyName, oid->Value );
}
}
}
}
store->Close();
}
catch ( CryptographicException^ )
{
Console::WriteLine( L"Information could not be written out for this certificate." );
}
}
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
public class CertSelect
{
public static void Main()
{
try
{
X509Store store = new X509Store("MY", StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;
for (int i = 0; i < collection.Count; i++)
{
foreach (X509Extension extension in collection[i].Extensions)
{
Console.WriteLine(extension.Oid.FriendlyName + "(" + extension.Oid.Value + ")");
if (extension.Oid.FriendlyName == "Key Usage")
{
X509KeyUsageExtension ext = (X509KeyUsageExtension)extension;
Console.WriteLine(ext.KeyUsages);
}
if (extension.Oid.FriendlyName == "Basic Constraints")
{
X509BasicConstraintsExtension ext = (X509BasicConstraintsExtension)extension;
Console.WriteLine(ext.CertificateAuthority);
Console.WriteLine(ext.HasPathLengthConstraint);
Console.WriteLine(ext.PathLengthConstraint);
}
if (extension.Oid.FriendlyName == "Subject Key Identifier")
{
X509SubjectKeyIdentifierExtension ext = (X509SubjectKeyIdentifierExtension)extension;
Console.WriteLine(ext.SubjectKeyIdentifier);
}
if (extension.Oid.FriendlyName == "Enhanced Key Usage")
{
X509EnhancedKeyUsageExtension ext = (X509EnhancedKeyUsageExtension)extension;
OidCollection oids = ext.EnhancedKeyUsages;
foreach (Oid oid in oids)
{
Console.WriteLine(oid.FriendlyName + "(" + oid.Value + ")");
}
}
}
}
store.Close();
}
catch (CryptographicException)
{
Console.WriteLine("Information could not be written out for this certificate.");
}
}
}
Imports System.Security.Cryptography
Imports System.Security.Cryptography.X509Certificates
Module CertSelect
Sub Main()
Try
Dim store As New X509Store("MY", StoreLocation.CurrentUser)
store.Open(OpenFlags.ReadOnly Or OpenFlags.OpenExistingOnly)
Dim collection As X509Certificate2Collection = CType(store.Certificates, X509Certificate2Collection)
For i As Integer = 0 To collection.Count - 1
Dim extension As X509Extension
For Each extension In collection(i).Extensions
Console.WriteLine(extension.Oid.FriendlyName + "(" + extension.Oid.Value + ")")
If extension.Oid.FriendlyName = "Key Usage" Then
Dim ext As X509KeyUsageExtension = CType(extension, X509KeyUsageExtension)
Console.WriteLine(ext.KeyUsages)
End If
If extension.Oid.FriendlyName = "Basic Constraints" Then
Dim ext As X509BasicConstraintsExtension = CType(extension, X509BasicConstraintsExtension)
Console.WriteLine(ext.CertificateAuthority)
Console.WriteLine(ext.HasPathLengthConstraint)
Console.WriteLine(ext.PathLengthConstraint)
End If
If extension.Oid.FriendlyName = "Subject Key Identifier" Then
Dim ext As X509SubjectKeyIdentifierExtension = CType(extension, X509SubjectKeyIdentifierExtension)
Console.WriteLine(ext.SubjectKeyIdentifier)
End If
If extension.Oid.FriendlyName = "Enhanced Key Usage" Then
Dim ext As X509EnhancedKeyUsageExtension = CType(extension, X509EnhancedKeyUsageExtension)
Dim oids As OidCollection = ext.EnhancedKeyUsages
Dim oid As Oid
For Each oid In oids
Console.WriteLine(oid.FriendlyName + "(" + oid.Value + ")")
Next oid
End If
Next extension
Next i
store.Close()
Catch
Console.WriteLine("Information could not be written out for this certificate.")
End Try
End Sub
End Module
Comentários
As extensões X509 são propriedades dinâmicas e estendidas que podem ser adicionadas a um certificado X509 e alteradas.X509 extensions are dynamic, extended properties that can be added to an X509 certificate and changed. A X509Extension classe pode ser usada para criar extensões associadas a um certificado, mas que não fazem parte de um certificado, conforme emitido por uma autoridade de certificação (CA).The X509Extension class can be used to create extensions that are associated with a certificate but are not part of a certificate as issued by a certification authority (CA).
Em sua forma mais básica, uma extensão X509 tem um OID (identificador de objeto), um valor booliano que descreve se a extensão é considerada crítica ou não e dados codificados por ASN.In its most basic form, an X509 extension has an object identifier (OID), a Boolean value describing whether the extension is considered critical or not, and ASN-encoded data. Extensões personalizadas podem ser registradas em um CryptoConfig arquivo.Custom extensions can be registered in a CryptoConfig file.
A estrutura The.NET inclui implementações de várias extensões X509 comuns:The.NET Framework includes implementations of several common X509 extensions:
X509KeyUsageExtension.X509KeyUsageExtension. Descreve os usos de chave de um certificado.Describes the key usages of a certificate.
X509BasicConstraintsExtension.X509BasicConstraintsExtension. Descreve as restrições de um certificado.Describes the constraints for a certificate.
X509EnhancedKeyUsageExtension.X509EnhancedKeyUsageExtension. Descreve os usos avançados de chave de um certificado.Describes the enhanced key usages of a certificate.
X509SubjectKeyIdentifierExtension.X509SubjectKeyIdentifierExtension. Descreve o identificador de chave.Describes the key identifier. Por exemplo, usado com XMLDSIG.For example, used with XMLDSIG.
Construtores
| X509Extension() |
Inicializa uma nova instância da classe X509Extension.Initializes a new instance of the X509Extension class. |
| X509Extension(AsnEncodedData, Boolean) |
Inicializa uma nova instância da classe X509Extension.Initializes a new instance of the X509Extension class. |
| X509Extension(Oid, Byte[], Boolean) |
Inicializa uma nova instância da classe X509Extension.Initializes a new instance of the X509Extension class. |
| X509Extension(Oid, ReadOnlySpan<Byte>, Boolean) |
Inicializa uma nova instância da classe X509Extension.Initializes a new instance of the X509Extension class. |
| X509Extension(String, Byte[], Boolean) |
Inicializa uma nova instância da classe X509Extension.Initializes a new instance of the X509Extension class. |
| X509Extension(String, ReadOnlySpan<Byte>, Boolean) |
Inicializa uma nova instância da classe X509Extension.Initializes a new instance of the X509Extension class. |
Propriedades
| Critical |
Obtém um valor booliano que indica se a extensão é crítica.Gets a Boolean value indicating whether the extension is critical. |
| Oid |
Obtém ou define o valor Oid para um objeto AsnEncodedData.Gets or sets the Oid value for an AsnEncodedData object. (Herdado de AsnEncodedData) |
| RawData |
Obtém ou define os dados codificados em ASN.1 (Abstract Syntax Notation One) representados em uma matriz de bytes.Gets or sets the Abstract Syntax Notation One (ASN.1)-encoded data represented in a byte array. (Herdado de AsnEncodedData) |
Métodos
| CopyFrom(AsnEncodedData) |
Copia as propriedades de extensão do objeto AsnEncodedData especificado.Copies the extension properties of the specified AsnEncodedData object. |
| Equals(Object) |
Determina se o objeto especificado é igual ao objeto atual.Determines whether the specified object is equal to the current object. (Herdado de Object) |
| Format(Boolean) |
Retorna uma versão formatada dos dados codificados em ASN.1 (Abstract Syntax Notation One) como uma cadeia de caracteres.Returns a formatted version of the Abstract Syntax Notation One (ASN.1)-encoded data as a string. (Herdado de AsnEncodedData) |
| GetHashCode() |
Serve como a função de hash padrão.Serves as the default hash function. (Herdado de Object) |
| GetType() |
Obtém o Type da instância atual.Gets the Type of the current instance. (Herdado de Object) |
| MemberwiseClone() |
Cria uma cópia superficial do Object atual.Creates a shallow copy of the current Object. (Herdado de Object) |
| ToString() |
Retorna uma cadeia de caracteres que representa o objeto atual.Returns a string that represents the current object. (Herdado de Object) |