X509BasicConstraintsExtension.PathLengthConstraint Propriété

Définition

Obtient le nombre de niveaux autorisés dans le chemin d'accès d'un certificat.

public:
 property int PathLengthConstraint { int get(); };
public int PathLengthConstraint { get; }
member this.PathLengthConstraint : int
Public ReadOnly Property PathLengthConstraint As Integer

Valeur de propriété

Entier qui indique le nombre de niveaux autorisés dans le chemin d'accès d'un certificat.

Exceptions

L'extension ne peut pas être décodée.

Exemples

L’exemple de code suivant montre comment ouvrir le magasin de certificats personnel d’un utilisateur et afficher des informations sur chaque certificat dans le magasin. Cet exemple utilise la X509BasicConstraintsExtension classe pour afficher les informations.

#using <System.dll>
#using <system.security.dll>

using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Security::Cryptography::X509Certificates;
int main()
{
   try
   {
      X509Store^ store = gcnew X509Store( L"MY",StoreLocation::CurrentUser );
      store->Open( static_cast<OpenFlags>(OpenFlags::ReadOnly | OpenFlags::OpenExistingOnly) );
      X509Certificate2Collection^ collection = dynamic_cast<X509Certificate2Collection^>(store->Certificates);
      for ( int i = 0; i < collection->Count; i++ )
      {
         System::Collections::IEnumerator^ myEnum = collection[ i ]->Extensions->GetEnumerator();
         while ( myEnum->MoveNext() )
         {
            X509Extension^ extension = safe_cast<X509Extension^>(myEnum->Current);
            Console::WriteLine( L"{0}({1})", extension->Oid->FriendlyName, extension->Oid->Value );
            if ( extension->Oid->FriendlyName == L"Key Usage" )
            {
               X509KeyUsageExtension^ ext = dynamic_cast<X509KeyUsageExtension^>(extension);
               Console::WriteLine( ext->KeyUsages );
            }
            if ( extension->Oid->FriendlyName == L"Basic Constraints" )
            {
               X509BasicConstraintsExtension^ ext = dynamic_cast<X509BasicConstraintsExtension^>(extension);
               Console::WriteLine( ext->CertificateAuthority );
               Console::WriteLine( ext->HasPathLengthConstraint );
               Console::WriteLine( ext->PathLengthConstraint );
            }
            if ( extension->Oid->FriendlyName == L"Subject Key Identifier" )
            {
               X509SubjectKeyIdentifierExtension^ ext = dynamic_cast<X509SubjectKeyIdentifierExtension^>(extension);
               Console::WriteLine( ext->SubjectKeyIdentifier );
            }
            if ( extension->Oid->FriendlyName == L"Enhanced Key Usage" )
            {
               X509EnhancedKeyUsageExtension^ ext = dynamic_cast<X509EnhancedKeyUsageExtension^>(extension);
               OidCollection^ oids = ext->EnhancedKeyUsages;
               System::Collections::IEnumerator^ myEnum1 = oids->GetEnumerator();
               while ( myEnum1->MoveNext() )
               {
                  Oid^ oid = safe_cast<Oid^>(myEnum1->Current);
                  Console::WriteLine( L"{0}({1})", oid->FriendlyName, oid->Value );
               }
            }
         }

      }
      store->Close();
   }
   catch ( CryptographicException^ ) 
   {
      Console::WriteLine( L"Information could not be written out for this certificate." );
   }

}
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;

public class CertSelect
{
    public static void Main()
    {
        try
        {
            X509Store store = new X509Store("MY", StoreLocation.CurrentUser);
            store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);

            X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;
            for (int i = 0; i < collection.Count; i++)
            {
                foreach (X509Extension extension in collection[i].Extensions)
                {
                    Console.WriteLine(extension.Oid.FriendlyName + "(" + extension.Oid.Value + ")");

                    if (extension.Oid.FriendlyName == "Key Usage")
                    {
                        X509KeyUsageExtension ext = (X509KeyUsageExtension)extension;
                        Console.WriteLine(ext.KeyUsages);
                    }

                    if (extension.Oid.FriendlyName == "Basic Constraints")
                    {
                        X509BasicConstraintsExtension ext = (X509BasicConstraintsExtension)extension;
                        Console.WriteLine(ext.CertificateAuthority);
                        Console.WriteLine(ext.HasPathLengthConstraint);
                        Console.WriteLine(ext.PathLengthConstraint);
                    }

                    if (extension.Oid.FriendlyName == "Subject Key Identifier")
                    {
                        X509SubjectKeyIdentifierExtension ext = (X509SubjectKeyIdentifierExtension)extension;
                        Console.WriteLine(ext.SubjectKeyIdentifier);
                    }

                    if (extension.Oid.FriendlyName == "Enhanced Key Usage")
                    {
                        X509EnhancedKeyUsageExtension ext = (X509EnhancedKeyUsageExtension)extension;
                        OidCollection oids = ext.EnhancedKeyUsages;
                        foreach (Oid oid in oids)
                        {
                            Console.WriteLine(oid.FriendlyName + "(" + oid.Value + ")");
                        }
                    }
                }
            }
            store.Close();
        }
        catch (CryptographicException)
        {
            Console.WriteLine("Information could not be written out for this certificate.");
        }
    }
}
Imports System.Security.Cryptography
Imports System.Security.Cryptography.X509Certificates



Module CertSelect

    Sub Main()
        Try
            Dim store As New X509Store("MY", StoreLocation.CurrentUser)
            store.Open(OpenFlags.ReadOnly Or OpenFlags.OpenExistingOnly)

            Dim collection As X509Certificate2Collection = CType(store.Certificates, X509Certificate2Collection)
            For i As Integer = 0 To collection.Count - 1
                Dim extension As X509Extension
                For Each extension In collection(i).Extensions
                    Console.WriteLine(extension.Oid.FriendlyName + "(" + extension.Oid.Value + ")")


                    If extension.Oid.FriendlyName = "Key Usage" Then
                        Dim ext As X509KeyUsageExtension = CType(extension, X509KeyUsageExtension)
                        Console.WriteLine(ext.KeyUsages)
                    End If

                    If extension.Oid.FriendlyName = "Basic Constraints" Then
                        Dim ext As X509BasicConstraintsExtension = CType(extension, X509BasicConstraintsExtension)
                        Console.WriteLine(ext.CertificateAuthority)
                        Console.WriteLine(ext.HasPathLengthConstraint)
                        Console.WriteLine(ext.PathLengthConstraint)
                    End If

                    If extension.Oid.FriendlyName = "Subject Key Identifier" Then
                        Dim ext As X509SubjectKeyIdentifierExtension = CType(extension, X509SubjectKeyIdentifierExtension)
                        Console.WriteLine(ext.SubjectKeyIdentifier)
                    End If

                    If extension.Oid.FriendlyName = "Enhanced Key Usage" Then
                        Dim ext As X509EnhancedKeyUsageExtension = CType(extension, X509EnhancedKeyUsageExtension)
                        Dim oids As OidCollection = ext.EnhancedKeyUsages
                        Dim oid As Oid
                        For Each oid In oids
                            Console.WriteLine(oid.FriendlyName + "(" + oid.Value + ")")
                        Next oid
                    End If
                Next extension
            Next i
            store.Close()
        Catch
            Console.WriteLine("Information could not be written out for this certificate.")
        End Try

    End Sub
End Module

Remarques

Si un certificat a une contrainte sur le nombre de niveaux de chemin qu’il autorise, cette propriété indique le nombre de niveaux autorisés.

S’applique à