Bouncy Castle Library
Trust
Creates an instance of TrustAnchor where the
most-trusted CA is specified as an X500Principal and public key.
Definition
Namespace: Org.BouncyCastle.Pkix
Assembly: BouncyCastle.Cryptography (in BouncyCastle.Cryptography.dll) Version: 2.3.0-beta.187+d6da5648ae
Assembly: BouncyCastle.Cryptography (in BouncyCastle.Cryptography.dll) Version: 2.3.0-beta.187+d6da5648ae
C#
public TrustAnchor(
X509Name caPrincipal,
AsymmetricKeyParameter pubKey,
byte[] nameConstraints
)VB
Public Sub New (
caPrincipal As X509Name,
pubKey As AsymmetricKeyParameter,
nameConstraints As Byte()
)C++
public:
TrustAnchor(
X509Name^ caPrincipal,
AsymmetricKeyParameter^ pubKey,
array<unsigned char>^ nameConstraints
)JavaScript
Org.BouncyCastle.Pkix.TrustAnchor = function(caPrincipal, pubKey, nameConstraints);Parameters
- caPrincipal X509Name
- the name of the most-trusted CA as X509Name
- pubKey AsymmetricKeyParameter
- the public key of the most-trusted CA
- nameConstraints Byte
- a byte array containing the ASN.1 DER encoding of a NameConstraints extension to be used for checking name constraints. Only the value of the extension is included, not the OID or criticality flag. Specify null to omit the parameter.
Remarks
Name constraints are an optional parameter, and are intended to be used as additional constraints when validating an X.509 certification path.
The name constraints are specified as a byte array. This byte array contains the DER encoded form of the name constraints, as they would appear in the NameConstraints structure defined in RFC 2459 and X.509. The ASN.1 notation for this structure is supplied in the documentation for the other constructors.
Note that the name constraints byte array supplied here is cloned to protect against subsequent modifications.
Exceptions
| ArgumentNullException | if caPrincipal or pubKey is null |