Org.BouncyCastle.Pkix.PkixNameConstraintValidator.AddExcludedSubtree C# (CSharp) Method

PkixNameConstraintValidator Class Documentation Usage Examples Of Org.BouncyCastle.Pkix.PkixNameConstraintValidator::AddExcludedSubtree Show file Open project: nonorganic/dssnet

AddExcludedSubtree() public method

public AddExcludedSubtree ( GeneralSubtree subtree ) : void
subtree	Org.BouncyCastle.Asn1.X509.GeneralSubtree
return	void

        public void AddExcludedSubtree(GeneralSubtree subtree)
        {
            GeneralName subTreeBase = subtree.Base;

            switch (subTreeBase.TagNo)
            {
                case 1:
                    excludedSubtreesEmail = UnionEmail(excludedSubtreesEmail,
                        ExtractNameAsString(subTreeBase));
                    break;
                case 2:
                    excludedSubtreesDNS = unionDNS(excludedSubtreesDNS,
                        ExtractNameAsString(subTreeBase));
                    break;
                case 4:
                    excludedSubtreesDN = UnionDN(excludedSubtreesDN,
                        (Asn1Sequence)subTreeBase.Name.ToAsn1Object());
                    break;
                case 6:
                    excludedSubtreesURI = unionURI(excludedSubtreesURI,
                        ExtractNameAsString(subTreeBase));
                    break;
                case 7:
                    excludedSubtreesIP = UnionIP(excludedSubtreesIP, Asn1OctetString
                        .GetInstance(subTreeBase.Name).GetOctets());
                    break;
            }
        }

Usage Example

Example #1

Show file

File: Rfc3280CertPathUtilities.cs Project: Niladri24dutta/itextsharp

		internal static void PrepareNextCertG(
			PkixCertPath				certPath,
			int							index,
			PkixNameConstraintValidator	nameConstraintValidator)
			//throws CertPathValidatorException
		{
			IList certs = certPath.Certificates;
			X509Certificate cert = (X509Certificate)certs[index];

			//
			// (g) handle the name constraints extension
			//
			NameConstraints nc = null;
			try
			{
				Asn1Sequence ncSeq = DerSequence.GetInstance(
					PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.NameConstraints));
				if (ncSeq != null)
				{
					nc = new NameConstraints(ncSeq);
				}
			}
			catch (Exception e)
			{
				throw new PkixCertPathValidatorException(
					"Name constraints extension could not be decoded.", e, certPath, index);
			}
			if (nc != null)
			{
				//
				// (g) (1) permitted subtrees
				//
				Asn1Sequence permitted = nc.PermittedSubtrees;
				if (permitted != null)
				{
					try
					{
						nameConstraintValidator.IntersectPermittedSubtree(permitted);
					}
					catch (Exception ex)
					{
						throw new PkixCertPathValidatorException(
							"Permitted subtrees cannot be build from name constraints extension.", ex, certPath, index);
					}
				}

				//
				// (g) (2) excluded subtrees
				//
				Asn1Sequence excluded = nc.ExcludedSubtrees;
				if (excluded != null)
				{
					IEnumerator e = excluded.GetEnumerator();
					try
					{
						while (e.MoveNext())
						{
							GeneralSubtree subtree = GeneralSubtree.GetInstance(e.Current);
							nameConstraintValidator.AddExcludedSubtree(subtree);
						}
					}
					catch (Exception ex)
					{
						throw new PkixCertPathValidatorException(
							"Excluded subtrees cannot be build from name constraints extension.", ex, certPath, index);
					}
				}
			}
		}

All Usage Examples Of Org.BouncyCastle.Pkix.PkixNameConstraintValidator::AddExcludedSubtree

PkixNameConstraintValidator

AddExcludedSubtree

CheckExcludedDN

CheckExcludedEmail

CheckPermittedDN

CheckPermittedDNS

CheckPermittedEmail

CheckPermittedIP

CheckPermittedURI

CollectionsAreEqual

CompareTo