C# Класс Brunet.Security.CertificateHandler

.NET provides a very complicated (and complete) x509 Certificate handler. We do not require all those features and we also embed data that we use for quick retrieval that wouldn't be easy to reproduce using that framework. This model can be used on non-x509 certificate models and perhaps even abstract to support handshakes on pre-shared keys. In our system, certificate's serial numbers are equivalent to the data common to a certificate request and signed certificate, so that the model can support self-signed CAs. Thus a cert.SerialNumber == hash(cert.ca.unsigned data). This class is thread-safe.

Показать файл Открыть проект Примеры использования класса

Открытые свойства

Свойство	Тип	Описание
CertDir	String

Защищенные свойства (Protected)

Свойство	Тип	Описание
_cas	X509Certificate>.Dictionary
_certificate_verifiers	List
_lc	X509Certificate>.Dictionary
_lc_issuers	List
_local_id	string
_supported_cas	List
_sync	object

Открытые методы

Метод	Описание
AddCACertificate ( Mono.Security.X509.X509Certificate cert ) : bool	Adds CA certificate to this CH.
AddCertificate ( string filename ) : bool
AddCertificateVerification ( ICertificateVerification certificate_verifier ) : bool	Add an ICertificateVerification to be called during verification of certificates
AddSignedCertificate ( Mono.Security.X509.X509Certificate cert ) : bool	Adds a local signed public certificate to this CH.
CertificateHandler ( ) : Brunet
CertificateHandler ( string cert_dir ) : Brunet
CertificateHandler ( string cert_dir, string local_id ) : Brunet
FindCertificate ( List supported_cas ) : Mono.Security.X509.X509Certificate	Returns the first certificate that matches one of the CAs listed in the array.
LoadAllCertificates ( ) : void	Loads all the local certificates.
ReadCertificate ( string Filename ) : Mono.Security.X509.X509Certificate	Reads a certificate from a file.
RemoveCertificateVerification ( ICertificateVerification certificate_verifier ) : bool	Remove an ICertificateVerification.
Verify ( Mono.Security.X509.X509Certificate x509, ISender sender ) : bool	True if this certificate is signed by a CA whose cetificate we have, false otherwise.
Verify ( Mono.Security.X509.X509Certificate x509, ISender sender, string remote_id ) : bool	First makes sure we have a CA that supports this certificate, then looks through an x509 certificates SubjectAltName Extension's URI list to determine if the given URI (RemoteID) exists in the certificate.
Verify ( Mono.Security.X509.X509Certificate x509, string remote_id ) : bool	Given a string, this looks inside the certificates SANE to see if the string is present. This isn't inefficient as it looks, there tends to be no entries at most of those places, so this usually has runtime of 1. Also this doesn't actually verify any other properties of the certificate, such as being properly signed.

Описание методов

AddCACertificate() публичный Метод

Adds CA certificate to this CH.

public AddCACertificate ( Mono.Security.X509.X509Certificate cert ) : bool
cert	Mono.Security.X509.X509Certificate
Результат	bool

AddCertificate() публичный Метод

public AddCertificate ( string filename ) : bool
filename	string
Результат	bool

AddCertificateVerification() публичный Метод

Add an ICertificateVerification to be called during verification of certificates

public AddCertificateVerification ( ICertificateVerification certificate_verifier ) : bool
certificate_verifier	ICertificateVerification
Результат	bool

AddSignedCertificate() публичный Метод

Adds a local signed public certificate to this CH.

public AddSignedCertificate ( Mono.Security.X509.X509Certificate cert ) : bool
cert	Mono.Security.X509.X509Certificate
Результат	bool

CertificateHandler() публичный Метод

public CertificateHandler ( ) : Brunet
Результат	Brunet

CertificateHandler() публичный Метод

public CertificateHandler ( string cert_dir ) : Brunet
cert_dir	string
Результат	Brunet

CertificateHandler() публичный Метод

public CertificateHandler ( string cert_dir, string local_id ) : Brunet
cert_dir	string
local_id	string
Результат	Brunet

FindCertificate() публичный Метод

Returns the first certificate that matches one of the CAs listed in the array.

public FindCertificate ( List supported_cas ) : Mono.Security.X509.X509Certificate
supported_cas	List	A list of CAs of which you would like to /// find a certificate that matches.
Результат	Mono.Security.X509.X509Certificate

LoadAllCertificates() публичный Метод

Loads all the local certificates.

public LoadAllCertificates ( ) : void
Результат	void

ReadCertificate() публичный Метод

Reads a certificate from a file.

public ReadCertificate ( string Filename ) : Mono.Security.X509.X509Certificate
Filename	string
Результат	Mono.Security.X509.X509Certificate

RemoveCertificateVerification() публичный Метод

Remove an ICertificateVerification.

public RemoveCertificateVerification ( ICertificateVerification certificate_verifier ) : bool
certificate_verifier	ICertificateVerification
Результат	bool

Verify() публичный Метод

True if this certificate is signed by a CA whose cetificate we have, false otherwise.

public Verify ( Mono.Security.X509.X509Certificate x509, ISender sender ) : bool
x509	Mono.Security.X509.X509Certificate
sender	ISender
Результат	bool

Verify() публичный Метод

First makes sure we have a CA that supports this certificate, then looks through an x509 certificates SubjectAltName Extension's URI list to determine if the given URI (RemoteID) exists in the certificate.

public Verify ( Mono.Security.X509.X509Certificate x509, ISender sender, string remote_id ) : bool
x509	Mono.Security.X509.X509Certificate	The certificate to check
sender	ISender
remote_id	string
Результат	bool

Verify() статический публичный Метод

Given a string, this looks inside the certificates SANE to see if the string is present. This isn't inefficient as it looks, there tends to be no entries at most of those places, so this usually has runtime of 1. Also this doesn't actually verify any other properties of the certificate, such as being properly signed.

static public Verify ( Mono.Security.X509.X509Certificate x509, string remote_id ) : bool
x509	Mono.Security.X509.X509Certificate
remote_id	string
Результат	bool

Описание свойств

CertDir публичное свойство

Default directory for storing certificates.

public String CertDir
Результат	String

_cas защищенное свойство

Dictionary for authorities local certificates by SerialNumber.

protected Dictionary _cas
Результат	X509Certificate>.Dictionary

_certificate_verifiers защищенное свойство

protected List _certificate_verifiers
Результат	List

_lc защищенное свойство

Dictionary for local certificates by SerialNumber.

protected Dictionary _lc
Результат	X509Certificate>.Dictionary

_lc_issuers защищенное свойство

List of local certificate serial numbers.

protected List _lc_issuers
Результат	List

_local_id защищенное свойство

protected string _local_id
Результат	string

_supported_cas защищенное свойство

List of supported CAs serial numbers.

protected List _supported_cas
Результат	List

_sync защищенное свойство

protected object _sync
Результат	object