X509BasicConstraintsExtension 类

定义

定义对证书设置的约束。Defines the constraints set on a certificate. 此类不能被继承。This class cannot be inherited.

public ref class X509BasicConstraintsExtension sealed : System::Security::Cryptography::X509Certificates::X509Extension
public sealed class X509BasicConstraintsExtension : System.Security.Cryptography.X509Certificates.X509Extension
type X509BasicConstraintsExtension = class
    inherit X509Extension
Public NotInheritable Class X509BasicConstraintsExtension
Inherits X509Extension
继承
X509BasicConstraintsExtension

示例

下面的代码示例演示如何打开用户的个人证书存储区,并显示有关存储区中每个证书的信息。The following code example demonstrates how to open a user's personal certificate store and display information about each certificate in the store. 此示例使用 X509BasicConstraintsExtension 类来显示信息。This example uses the X509BasicConstraintsExtension class to display the information.

#using <System.dll>
#using <system.security.dll>

using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Security::Cryptography::X509Certificates;
int main()
{
   try
   {
      X509Store^ store = gcnew X509Store( L"MY",StoreLocation::CurrentUser );
      store->Open( static_cast<OpenFlags>(OpenFlags::ReadOnly | OpenFlags::OpenExistingOnly) );
      X509Certificate2Collection^ collection = dynamic_cast<X509Certificate2Collection^>(store->Certificates);
      for ( int i = 0; i < collection->Count; i++ )
      {
         System::Collections::IEnumerator^ myEnum = collection[ i ]->Extensions->GetEnumerator();
         while ( myEnum->MoveNext() )
         {
            X509Extension^ extension = safe_cast<X509Extension^>(myEnum->Current);
            Console::WriteLine( L"{0}({1})", extension->Oid->FriendlyName, extension->Oid->Value );
            if ( extension->Oid->FriendlyName == L"Key Usage" )
            {
               X509KeyUsageExtension^ ext = dynamic_cast<X509KeyUsageExtension^>(extension);
               Console::WriteLine( ext->KeyUsages );
            }
            if ( extension->Oid->FriendlyName == L"Basic Constraints" )
            {
               X509BasicConstraintsExtension^ ext = dynamic_cast<X509BasicConstraintsExtension^>(extension);
               Console::WriteLine( ext->CertificateAuthority );
               Console::WriteLine( ext->HasPathLengthConstraint );
               Console::WriteLine( ext->PathLengthConstraint );
            }
            if ( extension->Oid->FriendlyName == L"Subject Key Identifier" )
            {
               X509SubjectKeyIdentifierExtension^ ext = dynamic_cast<X509SubjectKeyIdentifierExtension^>(extension);
               Console::WriteLine( ext->SubjectKeyIdentifier );
            }
            if ( extension->Oid->FriendlyName == L"Enhanced Key Usage" )
            {
               X509EnhancedKeyUsageExtension^ ext = dynamic_cast<X509EnhancedKeyUsageExtension^>(extension);
               OidCollection^ oids = ext->EnhancedKeyUsages;
               System::Collections::IEnumerator^ myEnum1 = oids->GetEnumerator();
               while ( myEnum1->MoveNext() )
               {
                  Oid^ oid = safe_cast<Oid^>(myEnum1->Current);
                  Console::WriteLine( L"{0}({1})", oid->FriendlyName, oid->Value );
               }
            }
         }

      }
      store->Close();
   }
   catch ( CryptographicException^ ) 
   {
      Console::WriteLine( L"Information could not be written out for this certificate." );
   }

}

using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;

public class CertSelect
{
    public static void Main()
    {
        try
        {
            X509Store store = new X509Store("MY", StoreLocation.CurrentUser);
            store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);

            X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;
            for (int i = 0; i < collection.Count; i++)
            {
                foreach (X509Extension extension in collection[i].Extensions)
                {
                    Console.WriteLine(extension.Oid.FriendlyName + "(" + extension.Oid.Value + ")");

                    if (extension.Oid.FriendlyName == "Key Usage")
                    {
                        X509KeyUsageExtension ext = (X509KeyUsageExtension)extension;
                        Console.WriteLine(ext.KeyUsages);
                    }

                    if (extension.Oid.FriendlyName == "Basic Constraints")
                    {
                        X509BasicConstraintsExtension ext = (X509BasicConstraintsExtension)extension;
                        Console.WriteLine(ext.CertificateAuthority);
                        Console.WriteLine(ext.HasPathLengthConstraint);
                        Console.WriteLine(ext.PathLengthConstraint);
                    }

                    if (extension.Oid.FriendlyName == "Subject Key Identifier")
                    {
                        X509SubjectKeyIdentifierExtension ext = (X509SubjectKeyIdentifierExtension)extension;
                        Console.WriteLine(ext.SubjectKeyIdentifier);
                    }

                    if (extension.Oid.FriendlyName == "Enhanced Key Usage")
                    {
                        X509EnhancedKeyUsageExtension ext = (X509EnhancedKeyUsageExtension)extension;
                        OidCollection oids = ext.EnhancedKeyUsages;
                        foreach (Oid oid in oids)
                        {
                            Console.WriteLine(oid.FriendlyName + "(" + oid.Value + ")");
                        }
                    }
                }
            }
            store.Close();
        }
        catch (CryptographicException)
        {
            Console.WriteLine("Information could not be written out for this certificate.");
        }
    }
}
Imports System.Security.Cryptography
Imports System.Security.Cryptography.X509Certificates



Module CertSelect

    Sub Main()
        Try
            Dim store As New X509Store("MY", StoreLocation.CurrentUser)
            store.Open(OpenFlags.ReadOnly Or OpenFlags.OpenExistingOnly)

            Dim collection As X509Certificate2Collection = CType(store.Certificates, X509Certificate2Collection)
            For i As Integer = 0 To collection.Count - 1
                Dim extension As X509Extension
                For Each extension In collection(i).Extensions
                    Console.WriteLine(extension.Oid.FriendlyName + "(" + extension.Oid.Value + ")")


                    If extension.Oid.FriendlyName = "Key Usage" Then
                        Dim ext As X509KeyUsageExtension = CType(extension, X509KeyUsageExtension)
                        Console.WriteLine(ext.KeyUsages)
                    End If

                    If extension.Oid.FriendlyName = "Basic Constraints" Then
                        Dim ext As X509BasicConstraintsExtension = CType(extension, X509BasicConstraintsExtension)
                        Console.WriteLine(ext.CertificateAuthority)
                        Console.WriteLine(ext.HasPathLengthConstraint)
                        Console.WriteLine(ext.PathLengthConstraint)
                    End If

                    If extension.Oid.FriendlyName = "Subject Key Identifier" Then
                        Dim ext As X509SubjectKeyIdentifierExtension = CType(extension, X509SubjectKeyIdentifierExtension)
                        Console.WriteLine(ext.SubjectKeyIdentifier)
                    End If

                    If extension.Oid.FriendlyName = "Enhanced Key Usage" Then
                        Dim ext As X509EnhancedKeyUsageExtension = CType(extension, X509EnhancedKeyUsageExtension)
                        Dim oids As OidCollection = ext.EnhancedKeyUsages
                        Dim oid As Oid
                        For Each oid In oids
                            Console.WriteLine(oid.FriendlyName + "(" + oid.Value + ")")
                        Next oid
                    End If
                Next extension
            Next i
            store.Close()
        Catch
            Console.WriteLine("Information could not be written out for this certificate.")
        End Try

    End Sub
End Module

注解

此类提供定义证书上设置的基本约束的属性。This class provides properties that define the basic constraints set on a certificate.

构造函数

X509BasicConstraintsExtension()

初始化 X509BasicConstraintsExtension 类的新实例。Initializes a new instance of the X509BasicConstraintsExtension class.

X509BasicConstraintsExtension(AsnEncodedData, Boolean)

使用 X509BasicConstraintsExtension 对象和一个标识扩展是否重要的值初始化 AsnEncodedData 类的新实例。Initializes a new instance of the X509BasicConstraintsExtension class using an AsnEncodedData object and a value that identifies whether the extension is critical.

X509BasicConstraintsExtension(Boolean, Boolean, Int32, Boolean)

初始化 X509BasicConstraintsExtension 类的新实例。Initializes a new instance of the X509BasicConstraintsExtension class. 参数指定以下值:指示证书是否为证书颁发机构 (CA) 证书的值;指示证书对其允许的路径级别数是否有限制、证书路径允许的级别数的值;指示扩展是否重要的值。Parameters specify a value that indicates whether a certificate is a certificate authority (CA) certificate, a value that indicates whether the certificate has a restriction on the number of path levels it allows, the number of levels allowed in a certificate's path, and a value that indicates whether the extension is critical.

属性

CertificateAuthority

获取一个值,该值指示证书是否为证书颁发机构 (CA) 证书。Gets a value indicating whether a certificate is a certificate authority (CA) certificate.

Critical

获取一个指示扩展是否必不可少的布尔值。Gets a Boolean value indicating whether the extension is critical.

(继承自 X509Extension)
HasPathLengthConstraint

获取一个值,该值指示证书对其允许的路径级别数是否有限制。Gets a value indicating whether a certificate has a restriction on the number of path levels it allows.

Oid

获取或设置 Oid 对象的 AsnEncodedData 值。Gets or sets the Oid value for an AsnEncodedData object.

(继承自 AsnEncodedData)
PathLengthConstraint

获取证书路径允许的级别数。Gets the number of levels allowed in a certificate's path.

RawData

获取或设置以字节数组表示的 Abstract Syntax Notation One (ASN.1) 编码数据。Gets or sets the Abstract Syntax Notation One (ASN.1)-encoded data represented in a byte array.

(继承自 AsnEncodedData)

方法

CopyFrom(AsnEncodedData)

使用 AsnEncodedData 对象初始化 X509BasicConstraintsExtension 类的新实例。Initializes a new instance of the X509BasicConstraintsExtension class using an AsnEncodedData object.

Equals(Object)

确定指定对象是否等于当前对象。Determines whether the specified object is equal to the current object.

(继承自 Object)
Format(Boolean)

将 Abstract Syntax Notation One (ASN.1) 编码数据的格式化版本作为字符串返回。Returns a formatted version of the Abstract Syntax Notation One (ASN.1)-encoded data as a string.

(继承自 AsnEncodedData)
GetHashCode()

作为默认哈希函数。Serves as the default hash function.

(继承自 Object)
GetType()

获取当前实例的 TypeGets the Type of the current instance.

(继承自 Object)
MemberwiseClone()

创建当前 Object 的浅表副本。Creates a shallow copy of the current Object.

(继承自 Object)
ToString()

返回表示当前对象的字符串。Returns a string that represents the current object.

(继承自 Object)

适用于