X509FindType Enumeration
.NET Framework 3.0
Specifies the type of value searched for by the Find method.
Namespace: System.Security.Cryptography.X509Certificates
Assembly: System (in system.dll)
Assembly: System (in system.dll)
| Member name | Description | |
|---|---|---|
| FindByApplicationPolicy | The findValue parameter for the Find must be a string representing either the application policy friendly name or the object identifier (Oid) of the certificate. For example, "Encrypting File System" or "1.3.6.1.4.1.311.10.3.4" can be used. Note that for an application that is going to be localized, the OID value must be used since the friendly name is localized. | |
| FindByCertificatePolicy | The findValue parameter for the Find must be a string representing either the friendly name or the object identifier (Oid) of the certificate policy. The best practice is to use the OID, such as "1.3.6.1.4.1.311.10.3.4". Note that for an application that is going to be localized, the OID must be used since the friendly name is localized. | |
| FindByExtension | The findValue parameter for the Find must be a string describing the extension to find. The object identifier (OID) is most commonly used to direct the Find method to search for all certificates that have an extension matching that OID value. | |
| FindByIssuerDistinguishedName | The findValue parameter for the Find method must be a string representing the issuer distinguished name of the certificate. This is a more specific search than if you use the FindByIssuerName enumeration value. Using the FindByIssuerDistinguishedName value, the Find method performs a case-insensitive string compare for the entire distinguished name. Searching by issuer name is a less precise search. | |
| FindByIssuerName | The findValue parameter for the Find method must be a string representing the issuer name of the certificate. This is a less specific search than if you use the FindByIssuerDistinguishedName enumeration value. Using the FindByIssuerName value, the Find method performs a case-insensitive string compare using the supplied value. For example, if you pass "MyCA" to the Find method, it will find all certificates with the issuer name containing that string, regardless of other issuer values. | |
| FindByKeyUsage | The findValue parameter for the Find must be either a string representing the key usage or an integer representing a bit mask containing all the requested key usages. For the string value, only one key usage at a time can be specified, but the Find method can be used in a cascading sequence to get the intersection of the requested usages. For example, the findValue parameter can be set to "KeyEncipherment" or an integer (0x30 indicates "KeyEncipherment" and "DataEncipherment"). Values of the X509KeyUsageFlags enumeration can also be used. | |
| FindBySerialNumber | The findValue parameter for the Find must be a string representing the serial number of the certificate as it is displayed by the UI. The serial number must be in reverse order since it is an integer. | |
| FindBySubjectDistinguishedName | The findValue parameter for the Find method must be a string representing the subject distinguished name of the certificate. This is a more specific search than if you use the FindBySubjectName enumeration value. Using the FindBySubjectDistinguishedName value, the Find method performs a case-insensitive string compare for the entire distinguished name. Searching by subject name is a less precise search. | |
| FindBySubjectKeyIdentifier | The findValue parameter for the Find must be a string representing the subject key identifier in hexadecimal, such as "F3E815D45E83B8477B9284113C64EF208E897112," as displayed in the UI. | |
| FindBySubjectName | The findValue parameter for the Find method must be a string representing the subject name of the certificate. This is a less specific search than if you use the FindBySubjectDistinguishedName enumeration value. Using the FindBySubjectName value, the Find method performs a case-insensitive string compare using the supplied value. For example, if you pass "MyCert" to the Find method, it will find all certificates with the subject name containing that string, regardless of other subject values. Searching by distinguished name is a more precise search. | |
| FindByTemplateName | The findValue parameter for the Find must be a string representing the template name of the certificate, such as "ClientAuth." A template name is an X509 version 3 extension that specifies the uses of the certificate. | |
| FindByThumbprint | The findValue parameter for the Find method must be a string representing the thumbprint of the certificate. | |
| FindByTimeExpired | The findValue parameter for the Find must be a DateTime value in local time, such as Now. Note that the union of certificates returned using FindByTimeValid, FindByTimeNotYetValid and FindByTimeExpired should represent all certificates in the queried collection. | |
| FindByTimeNotYetValid | The findValue parameter for the Find must be a DateTime value in local time, such as Now. Note that the union of certificates returned using FindByTimeValid, FindByTimeNotYetValid and FindByTimeExpired should represent all certificates in the queried collection. | |
| FindByTimeValid | The findValue parameter for the Find must be a DateTime value in local time, such as Now. Note that the union of certificates returned using FindByTimeValid, FindByTimeNotYetValid and FindByTimeExpired should represent all certificates in the queried collection. |
This value specifies the search criteria for the Find method. For example, you can search an X509Certificate2 collection by subject name, thumbprint or serial number, as well as by other values.
The following example opens the current user's personal certificate store, finds only valid certificates, allows the user to select a certificate, and then writes certificate information to the console. The output depends on the certificate you select.
Imports System Imports System.Security.Cryptography Imports System.Security.Permissions Imports System.IO Imports System.Security.Cryptography.X509Certificates Class CertSelect Shared Sub Main() Try Dim store As New X509Store("MY", StoreLocation.CurrentUser) store.Open(OpenFlags.ReadOnly Or OpenFlags.OpenExistingOnly) Dim collection As X509Certificate2Collection = CType(store.Certificates, X509Certificate2Collection) Dim fcollection As X509Certificate2Collection = CType(collection.Find(X509FindType.FindByTimeValid, DateTime.Now, False), X509Certificate2Collection) Dim scollection As X509Certificate2Collection = X509Certificate2UI.SelectFromCollection(fcollection, "Test Certificate Select", "Select a certificate from the following list to get information on that certificate", X509SelectionFlag.MultiSelection) Console.WriteLine("Number of certificates: {0}{1}", scollection.Count, Environment.NewLine) Dim x509 As X509Certificate2 For Each x509 In scollection Dim rawdata As Byte() = x509.RawData Console.WriteLine("Content Type: {0}{1}", X509Certificate2.GetCertContentType(rawdata), Environment.NewLine) Console.WriteLine("Friendly Name: {0}{1}", x509.FriendlyName, Environment.NewLine) Console.WriteLine("Certificate Verified?: {0}{1}", x509.Verify(), Environment.NewLine) Console.WriteLine("Simple Name: {0}{1}", x509.GetNameInfo(X509NameType.SimpleName, True), Environment.NewLine) Console.WriteLine("Signature Algorithm: {0}{1}", x509.SignatureAlgorithm.FriendlyName, Environment.NewLine) Console.WriteLine("Private Key: {0}{1}", x509.PrivateKey.ToXmlString(False), Environment.NewLine) Console.WriteLine("Public Key: {0}{1}", x509.PublicKey.Key.ToXmlString(False), Environment.NewLine) Console.WriteLine("Certificate Archived?: {0}{1}", x509.Archived, Environment.NewLine) Console.WriteLine("Length of Raw Data: {0}{1}", x509.RawData.Length, Environment.NewLine) X509Certificate2UI.DisplayCertificate(x509) x509.Reset() Next x509 store.Close() Catch cExcept As CryptographicException Console.WriteLine("Information could not be written out for this certificate.") End Try End Sub End Class
import System.*;
import System.Security.Cryptography.*;
import System.Security.Permissions.*;
import System.IO.*;
import System.Security.Cryptography.X509Certificates.*;
public class CertSelect
{
/** @attribute SecurityPermission(SecurityAction.LinkDemand,
Unrestricted = true) */
public static void main(String[] args)
{
try {
X509Store store = new X509Store("MY", StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
X509Certificate2Collection collection =
(X509Certificate2Collection)store.get_Certificates();
X509Certificate2Collection fCollection =
(X509Certificate2Collection)collection.Find(
X509FindType.FindByTimeValid, DateTime.get_Now(), false);
X509Certificate2Collection sCollection = X509Certificate2UI.SelectFromCollection(fCollection, "Test Certificate Select","Select a certificate from the following list to get information on that certificate",X509SelectionFlag.MultiSelection);
Console.WriteLine("Number of certificates: {0}{1}",
(Int32)sCollection.get_Count(), Environment.get_NewLine());
for (int iCtr = 0; iCtr < sCollection.get_Count(); iCtr++) {
X509Certificate2 x509 =
(X509Certificate2)(sCollection.get_Item(iCtr));
ubyte rawData[] = x509.get_RawData();
Console.WriteLine("Content Type: {0}{1}",
X509Certificate2.GetCertContentType(rawData),
Environment.get_NewLine());
Console.WriteLine("Friendly Name: {0}{1}",
x509.get_FriendlyName(), Environment.get_NewLine());
Console.WriteLine("Certificate Verified?: {0}{1}",
(System.Boolean)x509.Verify(), Environment.get_NewLine());
Console.WriteLine("Simple Name: {0}{1}",
x509.GetNameInfo(X509NameType.SimpleName, true),
Environment.get_NewLine());
Console.WriteLine("Signature Algorithm: {0}{1}",
x509.get_SignatureAlgorithm().get_FriendlyName(),
Environment.get_NewLine());
Console.WriteLine("Private Key: {0}{1}",
x509.get_PrivateKey().ToXmlString(false),
Environment.get_NewLine());
Console.WriteLine("Public Key: {0}{1}",
x509.get_PublicKey().get_Key().ToXmlString(false),
Environment.get_NewLine());
Console.WriteLine("Certificate Archived?: {0}{1}",
(System.Boolean)x509.get_Archived(),
Environment.get_NewLine());
Console.WriteLine("Length of Raw Data: {0}{1}",
(Int32)x509.get_RawData().length,
Environment.get_NewLine());
X509Certificate2UI.DisplayCertificate(x509);
x509.Reset();
}
store.Close();
}
catch (CryptographicException exp) {
Console.WriteLine("Information could not be written out for this "
+ "certificate.");
}
} //main
} //CertSelect
Windows 98, Windows Server 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition
The Microsoft .NET Framework 3.0 is supported on Windows Vista, Microsoft Windows XP SP2, and Windows Server 2003 SP1.Community Additions
ADD
Show: