private static IList SortCerts(
IList certs)
{
if (certs.Count < 2)
return certs;
X509Name issuer = ((X509Certificate)certs[0]).IssuerDN;
bool okay = true;
for (int i = 1; i != certs.Count; i++)
{
X509Certificate cert = (X509Certificate)certs[i];
if (issuer.Equivalent(cert.SubjectDN, true))
{
issuer = ((X509Certificate)certs[i]).IssuerDN;
}
else
{
okay = false;
break;
}
}
if (okay)
return certs;
// find end-entity cert
IList retList = new ArrayList(certs.Count);
IList orig = new ArrayList(certs);
for (int i = 0; i < certs.Count; i++)
{
X509Certificate cert = (X509Certificate)certs[i];
bool found = false;
X509Name subject = cert.SubjectDN;
foreach (X509Certificate c in certs)
{
if (c.IssuerDN.Equivalent(subject, true))
{
found = true;
break;
}
}
if (!found)
{
retList.Add(cert);
certs.RemoveAt(i);
}
}
// can only have one end entity cert - something's wrong, give up.
if (retList.Count > 1)
return orig;
for (int i = 0; i != retList.Count; i++)
{
issuer = ((X509Certificate)retList[i]).IssuerDN;
for (int j = 0; j < certs.Count; j++)
{
X509Certificate c = (X509Certificate)certs[j];
if (issuer.Equivalent(c.SubjectDN, true))
{
retList.Add(c);
certs.RemoveAt(j);
break;
}
}
}
// make sure all certificates are accounted for.
if (certs.Count > 0)
return orig;
return retList;
}