X509FindType 枚举

定义

指定通过 Find(X509FindType, Object, Boolean) 方法搜索的值的类型。Specifies the type of value the Find(X509FindType, Object, Boolean) method searches for.

public enum class X509FindType
public enum X509FindType
type X509FindType = 
Public Enum X509FindType
继承
X509FindType

字段

FindByApplicationPolicy 10

Find(X509FindType, Object, Boolean) 方法的 findValue 参数必须是一个字符串,该字符串表示证书的应用程序策略友好名称或对象标识符(OID,或 Oid)。The findValue parameter for the Find(X509FindType, Object, Boolean) method must be a string representing either the application policy friendly name or the object identifier (OID, or Oid) of the certificate. 例如,可以使用“加密文件系统”或“1.3.6.1.4.1.311.10.3.4”。For example, "Encrypting File System" or "1.3.6.1.4.1.311.10.3.4" can be used. 对于将要本地化的应用程序,由于友好名称经过本地化处理,因此必须使用 OID 值。For an application that will be localized, the OID value must be used, because the friendly name is localized.

FindByCertificatePolicy 11

Find(X509FindType, Object, Boolean) 方法的 findValue 参数必须是一个字符串,该字符串表示证书策略的友好名称或对象标识符(OID,或 Oid)。The findValue parameter for the Find(X509FindType, Object, Boolean) method must be a string representing either the friendly name or the object identifier (OID, or Oid) of the certificate policy. 最佳做法是使用 OID,如“1.3.6.1.4.1.311.10.3.4”。The best practice is to use the OID, such as "1.3.6.1.4.1.311.10.3.4". 对于将要本地化的应用程序,由于友好名称经过本地化处理,因此必须使用 OID。For an application that will be localized, the OID must be used, because the friendly name is localized.

FindByExtension 12

Find(X509FindType, Object, Boolean) 方法的 findValue 参数必须是一个字符串,该字符串描述要查找的扩展名。The findValue parameter for the Find(X509FindType, Object, Boolean) method must be a string describing the extension to find. 对象标识符 (OID) 常用于指示 Find(X509FindType, Object, Boolean) 方法搜索扩展名与 OID 值相匹配的所有证书。The object identifier (OID) is most commonly used to direct the Find(X509FindType, Object, Boolean) method to search for all certificates that have an extension matching that OID value.

FindByIssuerDistinguishedName 4

Find(X509FindType, Object, Boolean) 方法的 findValue 参数必须是一个字符串,该字符串表示证书的颁发者可分辨名称。The findValue parameter for the Find(X509FindType, Object, Boolean) method must be a string representing the issuer distinguished name of the certificate. FindByIssuerName 枚举值所提供的相比,这是一种更具体的搜索方式。This is a more specific search than that provided by the FindByIssuerName enumeration value. 通过使用 FindByIssuerDistinguishedName 值,Find(X509FindType, Object, Boolean) 方法将对整个可分辨名称执行不区分大小写的字符串比较。Using the FindByIssuerDistinguishedName value, the Find(X509FindType, Object, Boolean) method performs a case-insensitive string comparison for the entire distinguished name. 按颁发者名称搜索的精确性较低。Searching by issuer name is a less precise search.

FindByIssuerName 3

Find(X509FindType, Object, Boolean) 方法的 findValue 参数必须是一个字符串,该字符串表示证书颁发者的名称。The findValue parameter for the Find(X509FindType, Object, Boolean) method must be a string representing the issuer name of the certificate. FindByIssuerDistinguishedName 枚举值所提供的相比,这是一种不太具体的搜索方式。This is a less specific search than that provided by the FindByIssuerDistinguishedName enumeration value. 通过使用 FindByIssuerName 值,Find(X509FindType, Object, Boolean) 方法将使用提供的值执行不区分大小写的字符串比较。Using the FindByIssuerName value, the Find(X509FindType, Object, Boolean) method performs a case-insensitive string comparison using the supplied value. 例如,如果将“MyCA”传递给 Find(X509FindType, Object, Boolean) 方法,该方法将查找颁发者名称中包含该字符串的所有证书,而不管其是否包含其他颁发者值。For example, if you pass "MyCA" to the Find(X509FindType, Object, Boolean) method, it will find all certificates with the issuer name containing that string, regardless of other issuer values.

FindByKeyUsage 13

Find(X509FindType, Object, Boolean) 方法的 findValue 参数必须是一个表示密钥用法的字符串或一个表示位掩码(包含所有请求的密钥用法)的整数。The findValue parameter for the Find(X509FindType, Object, Boolean) method must be either a string representing the key usage or an integer representing a bit mask containing all the requested key usages. 对于字符串值,一次只能指定一种密钥用法,但是可以按级联序列使用 Find(X509FindType, Object, Boolean) 方法以使请求用法交叉。For the string value, only one key usage at a time can be specified, but the Find(X509FindType, Object, Boolean) method can be used in a cascading sequence to get the intersection of the requested usages. 例如,可以将 findValue 参数设置为“KeyEncipherment”或整数(0x30 指示“KeyEncipherment”和“DataEncipherment”)。For example, the findValue parameter can be set to "KeyEncipherment" or an integer (0x30 indicates "KeyEncipherment" and "DataEncipherment"). 还可以使用 X509KeyUsageFlags 枚举的值。Values of the X509KeyUsageFlags enumeration can also be used.

FindBySerialNumber 5

Find(X509FindType, Object, Boolean) 方法的 findValue 参数必须是一个字符串,它表示通过证书对话框显示的或 GetSerialNumberString() 方法返回的证书的序列号,但不包含空格。The findValue parameter for the Find(X509FindType, Object, Boolean) method must be a string that represents the serial number of the certificate as displayed by the certificate dialog box, but without the spaces, or as returned by the GetSerialNumberString() method.

FindBySubjectDistinguishedName 2

Find(X509FindType, Object, Boolean) 方法的 findValue 参数必须是一个字符串,该字符串表示证书的主题可分辨名称。The findValue parameter for the Find(X509FindType, Object, Boolean) method must be a string representing the subject distinguished name of the certificate. FindBySubjectName 枚举值所提供的相比,这是一种更具体的搜索方式。This is a more specific search than that provided by the FindBySubjectName enumeration value. 通过使用 FindBySubjectDistinguishedName 值,Find(X509FindType, Object, Boolean) 方法将对整个可分辨名称执行不区分大小写的字符串比较。Using the FindBySubjectDistinguishedName value, the Find(X509FindType, Object, Boolean) method performs a case-insensitive string comparison for the entire distinguished name. 按主题名称搜索的精确性较低。Searching by subject name is a less precise search.

FindBySubjectKeyIdentifier 14

Find(X509FindType, Object, Boolean) 方法的 findValue 参数必须是一个字符串,该字符串用十六进制值表示主题密钥标识符,如 UI 中显示的“F3E815D45E83B8477B9284113C64EF208E897112”。The findValue parameter for the Find(X509FindType, Object, Boolean) method must be a string representing the subject key identifier in hexadecimal, such as "F3E815D45E83B8477B9284113C64EF208E897112", as displayed in the UI.

FindBySubjectName 1

Find(X509FindType, Object, Boolean) 方法的 findValue 参数必须是一个字符串,该字符串表示证书的主题名称。The findValue parameter for the Find(X509FindType, Object, Boolean) method must be a string representing the subject name of the certificate. FindBySubjectDistinguishedName 枚举值所提供的相比,这是一种不太具体的搜索方式。This is a less specific search than that provided by the FindBySubjectDistinguishedName enumeration value. 通过使用 FindBySubjectName 值,Find(X509FindType, Object, Boolean) 方法将使用提供的值执行不区分大小写的字符串比较。Using the FindBySubjectName value, the Find(X509FindType, Object, Boolean) method performs a case-insensitive string comparison using the supplied value. 例如,如果将“MyCert”传递给 Find(X509FindType, Object, Boolean) 方法,该方法将查找主题名称中包含该字符串的所有证书,而不考虑其他主题值。For example, if you pass "MyCert" to the Find(X509FindType, Object, Boolean) method, it will find all certificates with the subject name containing that string, regardless of other subject values. 按可分辨名称搜索的精确性较高。Searching by distinguished name is a more precise search.

FindByTemplateName 9

Find(X509FindType, Object, Boolean) 方法的 findValue 参数必须是一个字符串,该字符串表示证书的模板名,如“ClientAuth”。The findValue parameter for the Find(X509FindType, Object, Boolean) method must be a string representing the template name of the certificate, such as "ClientAuth". 模板名为 X509 3 版扩展名,指定证书的使用。A template name is an X509 version 3 extension that specifies the uses of the certificate.

FindByThumbprint 0

Find(X509FindType, Object, Boolean) 方法的 findValue 参数必须是一个字符串,该字符串表示证书的指纹。The findValue parameter for the Find(X509FindType, Object, Boolean) method must be a string representing the thumbprint of the certificate.

FindByTimeExpired 8

Find(X509FindType, Object, Boolean) 方法的 findValue 参数必须是一个以当地时间表示的 DateTime 值。The findValue parameter for the Find(X509FindType, Object, Boolean) method must be a DateTime value in local time. 例如,通过从 Find(X509FindType, Object, Boolean)FindByTimeExpired 操作的结果中消除今年的最后一天的 Find(X509FindType, Object, Boolean)Now 操作的结果,可以查找有效期截止到今年年底的所有证书。For example, you can find all the certificates that will be valid until the end of the year by eliminating the results of a Find(X509FindType, Object, Boolean) operation for FindByTimeExpired of the last day of the year from the results of a Find(X509FindType, Object, Boolean) operation for Now.

FindByTimeNotYetValid 7

Find(X509FindType, Object, Boolean) 方法的 findValue 参数必须是一个以当地时间表示的 DateTime 值。The findValue parameter for the Find(X509FindType, Object, Boolean) method must be a DateTime value in local time. 值不必处于将来时间。The value does not have to be in the future. 例如,通过从 FindByTimeNotYetValidFind(X509FindType, Object, Boolean)FindByTimeNotYetValid 操作的结果中采用去年最后一天的 Find(X509FindType, Object, Boolean)FindByTimeValid 操作的结果的交集,可以使用 Now 来查找已在当前年中有效的证书。For example, you can use FindByTimeNotYetValid to find certificates that became valid in the current year by taking the intersection of the results of a Find(X509FindType, Object, Boolean) operation for FindByTimeNotYetValid for the last day of last year with the results of a Find(X509FindType, Object, Boolean) operation for FindByTimeValid of Now.

FindByTimeValid 6

Find(X509FindType, Object, Boolean) 方法的 findValue 参数必须是一个以当地时间表示的 DateTime 值。The findValue parameter for the Find(X509FindType, Object, Boolean) method must be a DateTime value in local time. 可使用 Now 查找当前有效的所有证书。You can use Now to find all the currently valid certificates.

示例

下面的示例将打开当前用户的个人证书存储区, 仅查找有效证书, 允许用户选择证书, 然后将证书信息写入控制台。The following example opens the current user's personal certificate store, finds only valid certificates, allows the user to select a certificate, and then writes certificate information to the console. 输出取决于所选的证书。The output depends on the certificate you select.

#using <System.dll>
#using <System.Security.dll>

using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Security::Permissions;
using namespace System::IO;
using namespace System::Security::Cryptography::X509Certificates;
int main()
{
   try
   {
      X509Store ^ store = gcnew X509Store( "MY",StoreLocation::CurrentUser );
      store->Open( static_cast<OpenFlags>(OpenFlags::ReadOnly | OpenFlags::OpenExistingOnly) );
      X509Certificate2Collection ^ collection = dynamic_cast<X509Certificate2Collection^>(store->Certificates);
      X509Certificate2Collection ^ fcollection = dynamic_cast<X509Certificate2Collection^>(collection->Find( X509FindType::FindByTimeValid, DateTime::Now, false ));
      X509Certificate2Collection ^ scollection = X509Certificate2UI::SelectFromCollection(fcollection, "Test Certificate Select","Select a certificate from the following list to get information on that certificate",X509SelectionFlag::MultiSelection);
      Console::WriteLine( "Number of certificates: {0}{1}", scollection->Count, Environment::NewLine );
      System::Collections::IEnumerator^ myEnum = scollection->GetEnumerator();
      while ( myEnum->MoveNext() )
      {
         X509Certificate2 ^ x509 = safe_cast<X509Certificate2 ^>(myEnum->Current);
         array<Byte>^rawdata = x509->RawData;
         Console::WriteLine( "Content Type: {0}{1}", X509Certificate2::GetCertContentType( rawdata ), Environment::NewLine );
         Console::WriteLine( "Friendly Name: {0}{1}", x509->FriendlyName, Environment::NewLine );
         Console::WriteLine( "Certificate Verified?: {0}{1}", x509->Verify(), Environment::NewLine );
         Console::WriteLine( "Simple Name: {0}{1}", x509->GetNameInfo( X509NameType::SimpleName, true ), Environment::NewLine );
         Console::WriteLine( "Signature Algorithm: {0}{1}", x509->SignatureAlgorithm->FriendlyName, Environment::NewLine );
         Console::WriteLine( "Private Key: {0}{1}", x509->PrivateKey->ToXmlString( false ), Environment::NewLine );
         Console::WriteLine( "Public Key: {0}{1}", x509->PublicKey->Key->ToXmlString( false ), Environment::NewLine );
         Console::WriteLine( "Certificate Archived?: {0}{1}", x509->Archived, Environment::NewLine );
         Console::WriteLine( "Length of Raw Data: {0}{1}", x509->RawData->Length, Environment::NewLine );
         x509->Reset();
      }
      store->Close();
   }
   catch ( CryptographicException^ ) 
   {
      Console::WriteLine( "Information could not be written out for this certificate." );
   }

}

using System;
using System.Security.Cryptography;
using System.Security.Permissions;
using System.IO;
using System.Security.Cryptography.X509Certificates;

class CertSelect
{
    static void Main()
    {
        X509Store store = new X509Store("MY",StoreLocation.CurrentUser);
        store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);

        X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;
        X509Certificate2Collection fcollection = (X509Certificate2Collection)collection.Find(X509FindType.FindByTimeValid,DateTime.Now,false);
        X509Certificate2Collection scollection = X509Certificate2UI.SelectFromCollection(fcollection, "Test Certificate Select","Select a certificate from the following list to get information on that certificate",X509SelectionFlag.MultiSelection);
        Console.WriteLine("Number of certificates: {0}{1}",scollection.Count,Environment.NewLine);

        foreach (X509Certificate2 x509 in scollection)
        {
            try
            {
                byte[] rawdata = x509.RawData;
                Console.WriteLine("Content Type: {0}{1}",X509Certificate2.GetCertContentType(rawdata),Environment.NewLine);
                Console.WriteLine("Friendly Name: {0}{1}",x509.FriendlyName,Environment.NewLine);
                Console.WriteLine("Certificate Verified?: {0}{1}",x509.Verify(),Environment.NewLine);
                Console.WriteLine("Simple Name: {0}{1}",x509.GetNameInfo(X509NameType.SimpleName,true),Environment.NewLine);
                Console.WriteLine("Signature Algorithm: {0}{1}",x509.SignatureAlgorithm.FriendlyName,Environment.NewLine);
                Console.WriteLine("Private Key: {0}{1}",x509.PrivateKey.ToXmlString(false),Environment.NewLine);
                Console.WriteLine("Public Key: {0}{1}",x509.PublicKey.Key.ToXmlString(false),Environment.NewLine);
                Console.WriteLine("Certificate Archived?: {0}{1}",x509.Archived,Environment.NewLine);
                Console.WriteLine("Length of Raw Data: {0}{1}",x509.RawData.Length,Environment.NewLine);
                X509Certificate2UI.DisplayCertificate(x509);
                x509.Reset();
            }
            catch (CryptographicException)
            {
                Console.WriteLine("Information could not be written out for this certificate.");
            }
        }
        store.Close();
    }
}
Imports System.Security.Cryptography
Imports System.Security.Permissions
Imports System.IO
Imports System.Security.Cryptography.X509Certificates

Class CertSelect

    Shared Sub Main()

        Dim store As New X509Store("MY", StoreLocation.CurrentUser)
        store.Open(OpenFlags.ReadOnly Or OpenFlags.OpenExistingOnly)

        Dim collection As X509Certificate2Collection = CType(store.Certificates, X509Certificate2Collection)
        Dim fcollection As X509Certificate2Collection = CType(collection.Find(X509FindType.FindByTimeValid, DateTime.Now, False), X509Certificate2Collection)
        Dim scollection As X509Certificate2Collection = X509Certificate2UI.SelectFromCollection(fcollection, "Test Certificate Select", "Select a certificate from the following list to get information on that certificate", X509SelectionFlag.MultiSelection)
        Console.WriteLine("Number of certificates: {0}{1}", scollection.Count, Environment.NewLine)
         
        For Each x509 As X509Certificate2 In scollection
            Try
                Dim rawdata As Byte() = x509.RawData
                Console.WriteLine("Content Type: {0}{1}", X509Certificate2.GetCertContentType(rawdata), Environment.NewLine)
                Console.WriteLine("Friendly Name: {0}{1}", x509.FriendlyName, Environment.NewLine)
                Console.WriteLine("Certificate Verified?: {0}{1}", x509.Verify(), Environment.NewLine)
                Console.WriteLine("Simple Name: {0}{1}", x509.GetNameInfo(X509NameType.SimpleName, True), Environment.NewLine)
                Console.WriteLine("Signature Algorithm: {0}{1}", x509.SignatureAlgorithm.FriendlyName, Environment.NewLine)
                Console.WriteLine("Private Key: {0}{1}", x509.PrivateKey.ToXmlString(False), Environment.NewLine)
                Console.WriteLine("Public Key: {0}{1}", x509.PublicKey.Key.ToXmlString(False), Environment.NewLine)
                Console.WriteLine("Certificate Archived?: {0}{1}", x509.Archived, Environment.NewLine)
                Console.WriteLine("Length of Raw Data: {0}{1}", x509.RawData.Length, Environment.NewLine)
                X509Certificate2UI.DisplayCertificate(x509)
                x509.Reset()         
             Catch cExcept As CryptographicException
                 Console.WriteLine("Information could not be written out for this certificate.")
             End Try
        Next x509

        store.Close()
    End Sub
End Class

注解

X509FindType标识在findValue Find方法的参数中提供的值的类型。X509FindType identifies the type of value provided in the findValue parameter for the Find method. 你可以使用X509FindType按使用者X509Certificate2名称、指纹、序列号、有效日期范围或其他值搜索集合。You can use X509FindType to search an X509Certificate2 collection by subject name, thumbprint, serial number, valid date range, or other value.

您可以使用FindByTime值类型的组合来查找在给定时间范围内有效的证书。You can use a combination of FindByTime value types to find certificates that are valid in a given time range. 在给定时间内使用 FindByTimeValid、FindByTimeNotYetValid 和 FindByTimeExpired 返回的证书的联合表示所查询集合中的所有证书。The union of certificates returned using FindByTimeValid, FindByTimeNotYetValid, and FindByTimeExpired for a given time represents all certificates in the queried collection.

适用于