PkixBuilderParameters.cs
3.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
using System;
using System.Text;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.X509.Store;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.Collections;
namespace Org.BouncyCastle.Pkix
{
/// <summary>
/// Summary description for PkixBuilderParameters.
/// </summary>
public class PkixBuilderParameters
: PkixParameters
{
private int maxPathLength = 5;
private ISet excludedCerts = new HashSet();
/**
* Returns an instance of <code>PkixBuilderParameters</code>.
* <p>
* This method can be used to get a copy from other
* <code>PKIXBuilderParameters</code>, <code>PKIXParameters</code>,
* and <code>ExtendedPKIXParameters</code> instances.
* </p>
*
* @param pkixParams The PKIX parameters to create a copy of.
* @return An <code>PkixBuilderParameters</code> instance.
*/
public static PkixBuilderParameters GetInstance(
PkixParameters pkixParams)
{
PkixBuilderParameters parameters = new PkixBuilderParameters(
pkixParams.GetTrustAnchors(),
new X509CertStoreSelector(pkixParams.GetTargetCertConstraints()));
parameters.SetParams(pkixParams);
return parameters;
}
public PkixBuilderParameters(
ISet trustAnchors,
IX509Selector targetConstraints)
: base(trustAnchors)
{
SetTargetCertConstraints(targetConstraints);
}
public virtual int MaxPathLength
{
get { return maxPathLength; }
set
{
if (value < -1)
{
throw new InvalidParameterException(
"The maximum path length parameter can not be less than -1.");
}
this.maxPathLength = value;
}
}
/// <summary>
/// Excluded certificates are not used for building a certification path.
/// </summary>
/// <returns>the excluded certificates.</returns>
public virtual ISet GetExcludedCerts()
{
return new HashSet(excludedCerts);
}
/// <summary>
/// Sets the excluded certificates which are not used for building a
/// certification path. If the <code>ISet</code> is <code>null</code> an
/// empty set is assumed.
/// </summary>
/// <remarks>
/// The given set is cloned to protect it against subsequent modifications.
/// </remarks>
/// <param name="excludedCerts">The excluded certificates to set.</param>
public virtual void SetExcludedCerts(
ISet excludedCerts)
{
if (excludedCerts == null)
{
excludedCerts = new HashSet();
}
else
{
this.excludedCerts = new HashSet(excludedCerts);
}
}
/**
* Can alse handle <code>ExtendedPKIXBuilderParameters</code> and
* <code>PKIXBuilderParameters</code>.
*
* @param params Parameters to set.
* @see org.bouncycastle.x509.ExtendedPKIXParameters#setParams(java.security.cert.PKIXParameters)
*/
protected override void SetParams(
PkixParameters parameters)
{
base.SetParams(parameters);
if (parameters is PkixBuilderParameters)
{
PkixBuilderParameters _params = (PkixBuilderParameters) parameters;
maxPathLength = _params.maxPathLength;
excludedCerts = new HashSet(_params.excludedCerts);
}
}
/**
* Makes a copy of this <code>PKIXParameters</code> object. Changes to the
* copy will not affect the original and vice versa.
*
* @return a copy of this <code>PKIXParameters</code> object
*/
public override object Clone()
{
PkixBuilderParameters parameters = new PkixBuilderParameters(
GetTrustAnchors(), GetTargetCertConstraints());
parameters.SetParams(this);
return parameters;
}
public override string ToString()
{
string nl = Platform.NewLine;
StringBuilder s = new StringBuilder();
s.Append("PkixBuilderParameters [" + nl);
s.Append(base.ToString());
s.Append(" Maximum Path Length: ");
s.Append(MaxPathLength);
s.Append(nl + "]" + nl);
return s.ToString();
}
}
}