Org.BouncyCastle.Pkix.PkixNameConstraintValidator.IntersectPermittedSubtree C# (CSharp) Метод

        public void IntersectPermittedSubtree(Asn1Sequence permitted)
        {
            IDictionary subtreesMap = Platform.CreateHashtable();

            // group in ISets in a map ordered by tag no.
            for (IEnumerator e = permitted.GetEnumerator(); e.MoveNext(); )
            {
                GeneralSubtree subtree = GeneralSubtree.GetInstance(e.Current);

                int tagNo = subtree.Base.TagNo;
                if (subtreesMap[tagNo] == null)
                {
                    subtreesMap[tagNo] = new HashSet();
                }

                ((ISet)subtreesMap[tagNo]).Add(subtree);
            }

            for (IEnumerator it = subtreesMap.GetEnumerator(); it.MoveNext(); )
            {
                DictionaryEntry entry = (DictionaryEntry)it.Current;

                // go through all subtree groups
                switch ((int)entry.Key )
                {
                    case 1:
                        permittedSubtreesEmail = IntersectEmail(permittedSubtreesEmail,
                            (ISet)entry.Value);
                        break;
                    case 2:
                        permittedSubtreesDNS = intersectDNS(permittedSubtreesDNS,
                            (ISet)entry.Value);
                        break;
                    case 4:
                        permittedSubtreesDN = IntersectDN(permittedSubtreesDN,
                            (ISet)entry.Value);
                        break;
                    case 6:
                        permittedSubtreesURI = intersectURI(permittedSubtreesURI,
                            (ISet)entry.Value);
                        break;
                    case 7:
                        permittedSubtreesIP = IntersectIP(permittedSubtreesIP,
                            (ISet)entry.Value);
                        break;
                }
            }
        }

		internal static void PrepareNextCertG(
			PkixCertPath				certPath,
			int							index,
			PkixNameConstraintValidator	nameConstraintValidator)
			//throws CertPathValidatorException
		{
			IList certs = certPath.Certificates;
			X509Certificate cert = (X509Certificate)certs[index];

			//
			// (g) handle the name constraints extension
			//
			NameConstraints nc = null;
			try
			{
				Asn1Sequence ncSeq = DerSequence.GetInstance(
					PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.NameConstraints));
				if (ncSeq != null)
				{
					nc = new NameConstraints(ncSeq);
				}
			}
			catch (Exception e)
			{
				throw new PkixCertPathValidatorException(
					"Name constraints extension could not be decoded.", e, certPath, index);
			}
			if (nc != null)
			{
				//
				// (g) (1) permitted subtrees
				//
				Asn1Sequence permitted = nc.PermittedSubtrees;
				if (permitted != null)
				{
					try
					{
						nameConstraintValidator.IntersectPermittedSubtree(permitted);
					}
					catch (Exception ex)
					{
						throw new PkixCertPathValidatorException(
							"Permitted subtrees cannot be build from name constraints extension.", ex, certPath, index);
					}
				}

				//
				// (g) (2) excluded subtrees
				//
				Asn1Sequence excluded = nc.ExcludedSubtrees;
				if (excluded != null)
				{
					IEnumerator e = excluded.GetEnumerator();
					try
					{
						while (e.MoveNext())
						{
							GeneralSubtree subtree = GeneralSubtree.GetInstance(e.Current);
							nameConstraintValidator.AddExcludedSubtree(subtree);
						}
					}
					catch (Exception ex)
					{
						throw new PkixCertPathValidatorException(
							"Excluded subtrees cannot be build from name constraints extension.", ex, certPath, index);
					}
				}
			}
		}