Export (0) Print
Expand All

X509SubjectKeyIdentifierExtension Class

Defines a string that identifies a certificate's subject key identifier (SKI). This class cannot be inherited.

System.Object
  System.Security.Cryptography.AsnEncodedData
    System.Security.Cryptography.X509Certificates.X509Extension
      System.Security.Cryptography.X509Certificates.X509SubjectKeyIdentifierExtension

Namespace:  System.Security.Cryptography.X509Certificates
Assembly:  System (in System.dll)

public sealed class X509SubjectKeyIdentifierExtension : X509Extension

The X509SubjectKeyIdentifierExtension type exposes the following members.

  NameDescription
Public methodX509SubjectKeyIdentifierExtension()Initializes a new instance of the X509SubjectKeyIdentifierExtension class.
Public methodX509SubjectKeyIdentifierExtension(AsnEncodedData, Boolean)Initializes a new instance of the X509SubjectKeyIdentifierExtension class using encoded data and a value that identifies whether the extension is critical.
Public methodX509SubjectKeyIdentifierExtension(Byte[], Boolean)Initializes a new instance of the X509SubjectKeyIdentifierExtension class using a byte array and a value that identifies whether the extension is critical.
Public methodX509SubjectKeyIdentifierExtension(PublicKey, Boolean)Initializes a new instance of the X509SubjectKeyIdentifierExtension class using a public key and a value indicating whether the extension is critical.
Public methodX509SubjectKeyIdentifierExtension(String, Boolean)Initializes a new instance of the X509SubjectKeyIdentifierExtension class using a string and a value that identifies whether the extension is critical.
Public methodX509SubjectKeyIdentifierExtension(PublicKey, X509SubjectKeyIdentifierHashAlgorithm, Boolean)Initializes a new instance of the X509SubjectKeyIdentifierExtension class using a public key, a hash algorithm identifier, and a value indicating whether the extension is critical.
Top

  NameDescription
Public propertyCriticalGets a Boolean value indicating whether the extension is critical. (Inherited from X509Extension.)
Public propertyOidGets or sets the Oid value for an AsnEncodedData object. (Inherited from AsnEncodedData.)
Public propertyRawDataGets or sets the Abstract Syntax Notation One (ASN.1)-encoded data represented in a byte array. (Inherited from AsnEncodedData.)
Public propertySubjectKeyIdentifierGets a string that represents the subject key identifier (SKI) for a certificate.
Top

  NameDescription
Public methodCopyFromCreates a new instance of the X509SubjectKeyIdentifierExtension class by copying information from encoded data. (Overrides X509Extension.CopyFrom(AsnEncodedData).)
Public methodEquals(Object)Determines whether the specified object is equal to the current object. (Inherited from Object.)
Public methodFormatReturns a formatted version of the Abstract Syntax Notation One (ASN.1)-encoded data as a string. (Inherited from AsnEncodedData.)
Public methodGetHashCodeServes as the default hash function. (Inherited from Object.)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Public methodToStringReturns a string that represents the current object. (Inherited from Object.)
Top

There are several ways to identify a certificate: by the hash of the certificate, by the issuer and serial number, and by the subject key identifier (SKI). The SKI provides a unique identification for the certificate's subject and is often used when working with XML digital signing.

The following code example demonstrates how to open a user’s personal certificate store and display information about each certificate in the store. This example uses the X509SubjectKeyIdentifierExtension class to display the information.

using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;

public class CertSelect
{
    public static void Main()
    {
        try
        {
            X509Store store = new X509Store("MY", StoreLocation.CurrentUser);
            store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);

            X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;
            for (int i = 0; i < collection.Count; i++)
            {
                foreach (X509Extension extension in collection[i].Extensions)
                {
                    Console.WriteLine(extension.Oid.FriendlyName + "(" + extension.Oid.Value + ")");


                    if (extension.Oid.FriendlyName == "Key Usage")
                    {
                        X509KeyUsageExtension ext = (X509KeyUsageExtension)extension;
                        Console.WriteLine(ext.KeyUsages);
                    }

                    if (extension.Oid.FriendlyName == "Basic Constraints")
                    {
                        X509BasicConstraintsExtension ext = (X509BasicConstraintsExtension)extension;
                        Console.WriteLine(ext.CertificateAuthority);
                        Console.WriteLine(ext.HasPathLengthConstraint);
                        Console.WriteLine(ext.PathLengthConstraint);
                    }

                    if (extension.Oid.FriendlyName == "Subject Key Identifier")
                    {
                        X509SubjectKeyIdentifierExtension ext = (X509SubjectKeyIdentifierExtension)extension;
                        Console.WriteLine(ext.SubjectKeyIdentifier);
                    }

                    if (extension.Oid.FriendlyName == "Enhanced Key Usage")
                    {
                        X509EnhancedKeyUsageExtension ext = (X509EnhancedKeyUsageExtension)extension;
                        OidCollection oids = ext.EnhancedKeyUsages;
                        foreach (Oid oid in oids)
                        {
                            Console.WriteLine(oid.FriendlyName + "(" + oid.Value + ")");
                        }
                    }
                }
            }
            store.Close();
        }
        catch (CryptographicException)
        {
            Console.WriteLine("Information could not be written out for this certificate.");
        }
    }
}

.NET Framework

Supported in: 4.5.2, 4.5.1, 4.5, 4, 3.5, 3.0, 2.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Show:
© 2014 Microsoft