Bouncy Castle Library
Trust
Creates an instance of where the most-trusted
CA is specified as a distinguished name and public key. Name constraints
are an optional parameter, and are intended to be used as additional
constraints when validating an X.509 certification path.
The name constraints are specified as a byte array. This byte array contains the DER encoded form of the name constraints, as they would appear in the NameConstraints structure defined in RFC 2459 and X.509.
C#
TrustAnchorThe name constraints are specified as a byte array. This byte array contains the DER encoded form of the name constraints, as they would appear in the NameConstraints structure defined in RFC 2459 and X.509.
Definition
Namespace: Org.BouncyCastle.Pkix
Assembly: BouncyCastle.Cryptography (in BouncyCastle.Cryptography.dll) Version: 2.3.0-beta.187+d6da5648ae
Assembly: BouncyCastle.Cryptography (in BouncyCastle.Cryptography.dll) Version: 2.3.0-beta.187+d6da5648ae
C#
public TrustAnchor(
string caName,
AsymmetricKeyParameter pubKey,
byte[] nameConstraints
)VB
Public Sub New (
caName As String,
pubKey As AsymmetricKeyParameter,
nameConstraints As Byte()
)C++
public:
TrustAnchor(
String^ caName,
AsymmetricKeyParameter^ pubKey,
array<unsigned char>^ nameConstraints
)JavaScript
Org.BouncyCastle.Pkix.TrustAnchor = function(caName, pubKey, nameConstraints);Parameters
- caName String
- the X.500 distinguished name of the most-trusted CA in RFC 2253 string format
- pubKey AsymmetricKeyParameter
- the public key of the most-trusted CA
- nameConstraints Byte
- a byte array containing the ASN.1 DER encoding of a NameConstraints extension to be used for checking name constraints. Only the value of the extension is included, not the OID or criticality flag. Specify null to omit the parameter.