X509Certificate2.Verify Metoda
Definice
Důležité
Některé informace platí pro předběžně vydaný produkt, který se může zásadně změnit, než ho výrobce nebo autor vydá. Microsoft neposkytuje žádné záruky, výslovné ani předpokládané, týkající se zde uváděných informací.
Provede ověření řetězu X.509 pomocí základních zásad ověřování.
public:
bool Verify();public bool Verify ();member this.Verify : unit -> boolPublic Function Verify () As BooleanNávraty
true pokud ověření proběhne úspěšně; false pokud ověření selže.
Výjimky
Certifikát je nečitelný.
Příklady
Následující příklad kódu otevře aktuální úložiště uživatelských certifikátů, vybere pouze aktivní certifikáty a pak umožní uživateli vybrat jeden nebo více certifikátů. Příklad pak zapíše informace o certifikátu do konzoly.
#using <System.dll>
#using <System.Security.dll>
using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Security::Permissions;
using namespace System::IO;
using namespace System::Security::Cryptography::X509Certificates;
int main()
{
try
{
X509Store ^ store = gcnew X509Store( "MY",StoreLocation::CurrentUser );
store->Open( static_cast<OpenFlags>(OpenFlags::ReadOnly | OpenFlags::OpenExistingOnly) );
X509Certificate2Collection ^ collection = dynamic_cast<X509Certificate2Collection^>(store->Certificates);
X509Certificate2Collection ^ fcollection = dynamic_cast<X509Certificate2Collection^>(collection->Find( X509FindType::FindByTimeValid, DateTime::Now, false ));
X509Certificate2Collection ^ scollection = X509Certificate2UI::SelectFromCollection(fcollection, "Test Certificate Select","Select a certificate from the following list to get information on that certificate",X509SelectionFlag::MultiSelection);
Console::WriteLine( "Number of certificates: {0}{1}", scollection->Count, Environment::NewLine );
System::Collections::IEnumerator^ myEnum = scollection->GetEnumerator();
while ( myEnum->MoveNext() )
{
X509Certificate2 ^ x509 = safe_cast<X509Certificate2 ^>(myEnum->Current);
array<Byte>^rawdata = x509->RawData;
Console::WriteLine( "Content Type: {0}{1}", X509Certificate2::GetCertContentType( rawdata ), Environment::NewLine );
Console::WriteLine( "Friendly Name: {0}{1}", x509->FriendlyName, Environment::NewLine );
Console::WriteLine( "Certificate Verified?: {0}{1}", x509->Verify(), Environment::NewLine );
Console::WriteLine( "Simple Name: {0}{1}", x509->GetNameInfo( X509NameType::SimpleName, true ), Environment::NewLine );
Console::WriteLine( "Signature Algorithm: {0}{1}", x509->SignatureAlgorithm->FriendlyName, Environment::NewLine );
Console::WriteLine( "Private Key: {0}{1}", x509->PrivateKey->ToXmlString( false ), Environment::NewLine );
Console::WriteLine( "Public Key: {0}{1}", x509->PublicKey->Key->ToXmlString( false ), Environment::NewLine );
Console::WriteLine( "Certificate Archived?: {0}{1}", x509->Archived, Environment::NewLine );
Console::WriteLine( "Length of Raw Data: {0}{1}", x509->RawData->Length, Environment::NewLine );
x509->Reset();
}
store->Close();
}
catch ( CryptographicException^ )
{
Console::WriteLine( "Information could not be written out for this certificate." );
}
}
using System;
using System.Security.Cryptography;
using System.Security.Permissions;
using System.IO;
using System.Security.Cryptography.X509Certificates;
class CertSelect
{
static void Main()
{
X509Store store = new X509Store("MY",StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;
X509Certificate2Collection fcollection = (X509Certificate2Collection)collection.Find(X509FindType.FindByTimeValid,DateTime.Now,false);
X509Certificate2Collection scollection = X509Certificate2UI.SelectFromCollection(fcollection, "Test Certificate Select","Select a certificate from the following list to get information on that certificate",X509SelectionFlag.MultiSelection);
Console.WriteLine("Number of certificates: {0}{1}",scollection.Count,Environment.NewLine);
foreach (X509Certificate2 x509 in scollection)
{
try
{
byte[] rawdata = x509.RawData;
Console.WriteLine("Content Type: {0}{1}",X509Certificate2.GetCertContentType(rawdata),Environment.NewLine);
Console.WriteLine("Friendly Name: {0}{1}",x509.FriendlyName,Environment.NewLine);
Console.WriteLine("Certificate Verified?: {0}{1}",x509.Verify(),Environment.NewLine);
Console.WriteLine("Simple Name: {0}{1}",x509.GetNameInfo(X509NameType.SimpleName,true),Environment.NewLine);
Console.WriteLine("Signature Algorithm: {0}{1}",x509.SignatureAlgorithm.FriendlyName,Environment.NewLine);
Console.WriteLine("Public Key: {0}{1}",x509.PublicKey.Key.ToXmlString(false),Environment.NewLine);
Console.WriteLine("Certificate Archived?: {0}{1}",x509.Archived,Environment.NewLine);
Console.WriteLine("Length of Raw Data: {0}{1}",x509.RawData.Length,Environment.NewLine);
X509Certificate2UI.DisplayCertificate(x509);
x509.Reset();
}
catch (CryptographicException)
{
Console.WriteLine("Information could not be written out for this certificate.");
}
}
store.Close();
}
}
Imports System.Security.Cryptography
Imports System.Security.Permissions
Imports System.IO
Imports System.Security.Cryptography.X509Certificates
Class CertSelect
Shared Sub Main()
Dim store As New X509Store("MY", StoreLocation.CurrentUser)
store.Open(OpenFlags.ReadOnly Or OpenFlags.OpenExistingOnly)
Dim collection As X509Certificate2Collection = CType(store.Certificates, X509Certificate2Collection)
Dim fcollection As X509Certificate2Collection = CType(collection.Find(X509FindType.FindByTimeValid, DateTime.Now, False), X509Certificate2Collection)
Dim scollection As X509Certificate2Collection = X509Certificate2UI.SelectFromCollection(fcollection, "Test Certificate Select", "Select a certificate from the following list to get information on that certificate", X509SelectionFlag.MultiSelection)
Console.WriteLine("Number of certificates: {0}{1}", scollection.Count, Environment.NewLine)
For Each x509 As X509Certificate2 In scollection
Try
Dim rawdata As Byte() = x509.RawData
Console.WriteLine("Content Type: {0}{1}", X509Certificate2.GetCertContentType(rawdata), Environment.NewLine)
Console.WriteLine("Friendly Name: {0}{1}", x509.FriendlyName, Environment.NewLine)
Console.WriteLine("Certificate Verified?: {0}{1}", x509.Verify(), Environment.NewLine)
Console.WriteLine("Simple Name: {0}{1}", x509.GetNameInfo(X509NameType.SimpleName, True), Environment.NewLine)
Console.WriteLine("Signature Algorithm: {0}{1}", x509.SignatureAlgorithm.FriendlyName, Environment.NewLine)
Console.WriteLine("Public Key: {0}{1}", x509.PublicKey.Key.ToXmlString(False), Environment.NewLine)
Console.WriteLine("Certificate Archived?: {0}{1}", x509.Archived, Environment.NewLine)
Console.WriteLine("Length of Raw Data: {0}{1}", x509.RawData.Length, Environment.NewLine)
X509Certificate2UI.DisplayCertificate(x509)
x509.Reset()
Catch cExcept As CryptographicException
Console.WriteLine("Information could not be written out for this certificate.")
End Try
Next x509
store.Close()
End Sub
End Class
Poznámky
Tato metoda vytvoří pro certifikát jednoduchý řetěz a použije základní zásadu pro tento řetěz. Pokud potřebujete další informace o selhání, ověřte certifikát přímo pomocí objektu X509Chain .
Všimněte si, že výchozí řetězovací modul lze přepsat pomocí CryptoConfig třídy. Na Microsoft Windows Server 2003 výchozí modul odpovídá specifikaci popsané v dokumentu RFC3280, "Certifikát a seznam odvolaných certifikátů (CRL) profil" (Certifikát a seznam odvolaných certifikátů).