The TrustAnchor type exposes the following members.

Constructors

  NameDescription
Public methodTrustAnchor(X509Certificate, array<Byte>[]()[][])
Creates an instance of TrustAnchor with the specified X509Certificate and optional name constraints, which are intended to be used as additional constraints when validating an X.509 certification path. The name constraints are specified as a byte array. This byte array should contain the DER encoded form of the name constraints, as they would appear in the NameConstraints structure defined in RFC 2459 and X.509. The ASN.1 definition of this structure appears below. 
            	NameConstraints ::= SEQUENCE {
            		permittedSubtrees       [0]     GeneralSubtrees OPTIONAL,
            		excludedSubtrees        [1]     GeneralSubtrees OPTIONAL }
            	   
             GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
             
            		GeneralSubtree ::= SEQUENCE {
            		base                    GeneralName,
            		minimum         [0]     BaseDistance DEFAULT 0,
            		maximum         [1]     BaseDistance OPTIONAL }
            		
            		BaseDistance ::= INTEGER (0..MAX)
            
            		GeneralName ::= CHOICE {
            		otherName                       [0]     OtherName,
            		rfc822Name                      [1]     IA5String,
            		dNSName                         [2]     IA5String,
            		x400Address                     [3]     ORAddress,
            		directoryName                   [4]     Name,
            		ediPartyName                    [5]     EDIPartyName,
            		uniformResourceIdentifier       [6]     IA5String,
            		iPAddress                       [7]     OCTET STRING,
            		registeredID                    [8]     OBJECT IDENTIFIER}
Note that the name constraints byte array supplied is cloned to protect against subsequent modifications.
Public methodTrustAnchor(String, AsymmetricKeyParameter, array<Byte>[]()[][])
Creates an instance of
CopyC#
TrustAnchor
 where the most-trusted CA is specified as a distinguished name and public key. Name constraints are an optional parameter, and are intended to be used as additional constraints when validating an X.509 certification path.
The name constraints are specified as a byte array. This byte array contains the DER encoded form of the name constraints, as they would appear in the NameConstraints structure defined in RFC 2459 and X.509.
Public methodTrustAnchor(X509Name, AsymmetricKeyParameter, array<Byte>[]()[][])
Creates an instance of TrustAnchor where the most-trusted CA is specified as an X500Principal and public key.

Methods

  NameDescription
Public methodEquals
Determines whether the specified Object is equal to the current Object.
(Inherited from Object.)
Protected methodFinalize
Allows an Object to attempt to free resources and perform other cleanup operations before the Object is reclaimed by garbage collection.
(Inherited from Object.)
Public methodGetHashCode
Serves as a hash function for a particular type.
(Inherited from Object.)
Public methodGetType
Gets the Type of the current instance.
(Inherited from Object.)
Protected methodMemberwiseClone
Creates a shallow copy of the current Object.
(Inherited from Object.)
Public methodToString
Returns a formatted string describing the
CopyC#
TrustAnchor
.
(Overrides Object..::..ToString()()()().)

Properties

  NameDescription
Public propertyCA
Returns the name of the most-trusted CA as an X509Name.
Public propertyCAName
Returns the name of the most-trusted CA in RFC 2253 string format.
Public propertyCAPublicKey
Returns the public key of the most-trusted CA.
Public propertyGetNameConstraints
Public propertyTrustedCert
Returns the most-trusted CA certificate.

See Also