148 references to X509ChainStatusFlags
netstandard (1)
netstandard.cs (1)
1965
[assembly: System.Runtime.CompilerServices.TypeForwardedTo(typeof(System.Security.Cryptography.X509Certificates.
X509ChainStatusFlags
))]
NuGet.Packaging (37)
Signing\ChainBuilding\RetriableX509ChainBuildPolicy.cs (1)
64
if (chainStatus.Status.HasFlag(
X509ChainStatusFlags
.UntrustedRoot))
Signing\Signatures\Signature.cs (5)
221
var
statusFlags = CertificateChainUtility.DefaultObservedStatusFlags;
237
if (CertificateChainUtility.TryGetStatusAndMessage(chainStatuses,
X509ChainStatusFlags
.Revoked, out messages))
245
if (CertificateChainUtility.TryGetStatusAndMessage(chainStatuses,
X509ChainStatusFlags
.UntrustedRoot, out messages))
261
var offlineRevocationErrors = CertificateChainUtility.TryGetStatusAndMessage(chainStatuses,
X509ChainStatusFlags
.OfflineRevocation, out var _);
262
var unknownRevocationErrors = CertificateChainUtility.TryGetStatusAndMessage(chainStatuses,
X509ChainStatusFlags
.RevocationStatusUnknown, out var unknownRevocationStatusMessages);
Signing\Timestamp\Timestamp.cs (5)
179
var
timestampInvalidCertificateFlags = CertificateChainUtility.DefaultObservedStatusFlags;
196
if (CertificateChainUtility.TryGetStatusAndMessage(chainStatusList,
X509ChainStatusFlags
.UntrustedRoot, out messages))
206
if (CertificateChainUtility.TryGetStatusAndMessage(chainStatusList,
X509ChainStatusFlags
.Revoked, out messages))
214
var offlineRevocationErrors = CertificateChainUtility.TryGetStatusAndMessage(chainStatusList,
X509ChainStatusFlags
.OfflineRevocation, out var _);
215
var unknownRevocationErrors = CertificateChainUtility.TryGetStatusAndMessage(chainStatusList,
X509ChainStatusFlags
.RevocationStatusUnknown, out var unknownRevocationStatusMessages);
Signing\TrustStore\CertificateBundleX509ChainFactory.cs (1)
83
if (root.ChainElementStatus.Any(status => status.Status.HasFlag(
X509ChainStatusFlags
.UntrustedRoot)) &&
Signing\Utility\CertificateChainUtility.cs (19)
48
/// <param name="allowUntrustedRoot">When <see langword="true" />, an <see cref="
X509ChainStatusFlags
.UntrustedRoot" />
103
X509ChainStatusFlags
errorStatusFlags;
104
X509ChainStatusFlags
warningStatusFlags;
173
out
X509ChainStatusFlags
errorStatusFlags,
174
out
X509ChainStatusFlags
warningStatusFlags)
181
warningStatusFlags =
X509ChainStatusFlags
.RevocationStatusUnknown |
X509ChainStatusFlags
.OfflineRevocation;
185
warningStatusFlags |=
X509ChainStatusFlags
.UntrustedRoot;
189
errorStatusFlags = (~(
X509ChainStatusFlags
)0) & ~warningStatusFlags;
250
internal const
X509ChainStatusFlags
DefaultObservedStatusFlags =
252
(~(
X509ChainStatusFlags
)0) & // Start with all flags
254
(~
X509ChainStatusFlags
.NotTimeValid) &
255
(~
X509ChainStatusFlags
.NotTimeNested) & // Deprecated and therefore ignored.
256
(~
X509ChainStatusFlags
.Revoked) &
257
(~
X509ChainStatusFlags
.RevocationStatusUnknown) &
258
(~
X509ChainStatusFlags
.OfflineRevocation) &
259
(~
X509ChainStatusFlags
.UntrustedRoot);
261
internal static bool ChainStatusListIncludesStatus(X509ChainStatus[] chainStatuses,
X509ChainStatusFlags
status, out IEnumerable<X509ChainStatus> chainStatus)
269
internal static bool TryGetStatusAndMessage(X509ChainStatus[] chainStatuses,
X509ChainStatusFlags
status, [NotNullWhen(returnValue: true)] out IEnumerable<string>? statusAndMessages)
Signing\Utility\CertificateUtility.cs (3)
358
chainStatus => chainStatus.Status.HasFlag(
X509ChainStatusFlags
.Cyclic) ||
359
chainStatus.Status.HasFlag(
X509ChainStatusFlags
.PartialChain) ||
360
chainStatus.Status.HasFlag(
X509ChainStatusFlags
.NotSignatureValid)))
Signing\Utility\SignatureUtility.cs (3)
672
chainStatus.Status.HasFlag(
X509ChainStatusFlags
.Cyclic) ||
673
chainStatus.Status.HasFlag(
X509ChainStatusFlags
.PartialChain) ||
674
chainStatus.Status.HasFlag(
X509ChainStatusFlags
.NotSignatureValid)))
PresentationUI (46)
MS\Internal\Documents\DigitalSignatureProvider.cs (46)
600
X509ChainStatusFlags
x509ChainStatusFlags;
608
X509ChainStatusFlags
x509RemainingFlags = (x509ChainStatusFlags ^ _x509NonCorruptedFlags) &
616
if (x509RemainingFlags ==
X509ChainStatusFlags
.NoError)
619
if ((x509ChainStatusFlags & _x509CannotBeVerifiedFlags) !=
X509ChainStatusFlags
.NoError)
624
else if ((x509ChainStatusFlags & _x509IssuerNotTrustedFlags) !=
X509ChainStatusFlags
.NoError)
629
else if ((x509ChainStatusFlags & _x509RevokedFlags) !=
X509ChainStatusFlags
.NoError)
634
else if ((x509ChainStatusFlags & _x509ExpiredFlags) !=
X509ChainStatusFlags
.NoError)
802
private const
X509ChainStatusFlags
_x509NonCorruptedFlags =
803
X509ChainStatusFlags
.HasExcludedNameConstraint |
804
X509ChainStatusFlags
.HasNotDefinedNameConstraint |
805
X509ChainStatusFlags
.HasNotPermittedNameConstraint |
806
X509ChainStatusFlags
.HasNotSupportedNameConstraint |
807
X509ChainStatusFlags
.InvalidBasicConstraints |
808
X509ChainStatusFlags
.InvalidExtension |
809
X509ChainStatusFlags
.InvalidNameConstraints |
810
X509ChainStatusFlags
.InvalidPolicyConstraints |
811
X509ChainStatusFlags
.NoIssuanceChainPolicy |
812
X509ChainStatusFlags
.PartialChain |
813
X509ChainStatusFlags
.UntrustedRoot |
814
X509ChainStatusFlags
.Revoked |
815
X509ChainStatusFlags
.NotTimeValid |
816
X509ChainStatusFlags
.NoError |
817
X509ChainStatusFlags
.CtlNotSignatureValid |
818
X509ChainStatusFlags
.CtlNotTimeValid |
819
X509ChainStatusFlags
.CtlNotValidForUsage |
820
X509ChainStatusFlags
.NotTimeNested |
821
X509ChainStatusFlags
.NotValidForUsage |
822
X509ChainStatusFlags
.OfflineRevocation |
823
X509ChainStatusFlags
.RevocationStatusUnknown;
826
private const
X509ChainStatusFlags
_x509CannotBeVerifiedFlags =
827
X509ChainStatusFlags
.HasExcludedNameConstraint |
828
X509ChainStatusFlags
.HasNotDefinedNameConstraint |
829
X509ChainStatusFlags
.HasNotPermittedNameConstraint |
830
X509ChainStatusFlags
.HasNotSupportedNameConstraint |
831
X509ChainStatusFlags
.InvalidBasicConstraints |
832
X509ChainStatusFlags
.InvalidExtension |
833
X509ChainStatusFlags
.InvalidNameConstraints |
834
X509ChainStatusFlags
.InvalidPolicyConstraints |
835
X509ChainStatusFlags
.NoIssuanceChainPolicy;
838
private const
X509ChainStatusFlags
_x509IssuerNotTrustedFlags =
839
X509ChainStatusFlags
.PartialChain |
840
X509ChainStatusFlags
.UntrustedRoot;
843
private const
X509ChainStatusFlags
_x509RevokedFlags =
844
X509ChainStatusFlags
.Revoked;
847
private const
X509ChainStatusFlags
_x509ExpiredFlags =
848
X509ChainStatusFlags
.NotTimeValid;
ReachFramework (2)
packaging\XpsDigitalSignature.cs (2)
277
X509ChainStatusFlags
289
X509ChainStatusFlags
System (1)
src\runtime\src\libraries\shims\System\ref\System.cs (1)
874
[assembly: System.Runtime.CompilerServices.TypeForwardedTo(typeof(System.Security.Cryptography.X509Certificates.
X509ChainStatusFlags
))]
System.Net.Security (27)
src\runtime\src\libraries\Common\src\Interop\Unix\System.Security.Cryptography.Native\Interop.OpenSsl.cs (1)
1024
if (options.SslStream!.VerifyRemoteCertificate(certificate, chain, options.CertificateContext?.Trust, ref alertToken, out SslPolicyErrors sslPolicyErrors, out
X509ChainStatusFlags
chainStatus))
System\Net\Security\SslStream.IO.cs (6)
592
private bool CompleteHandshake(ref ProtocolToken alertToken, out SslPolicyErrors sslPolicyErrors, out
X509ChainStatusFlags
chainStatus)
601
chainStatus =
X509ChainStatusFlags
.NoError;
646
chainStatus =
X509ChainStatusFlags
.NoError;
657
if (!CompleteHandshake(ref alertToken, out SslPolicyErrors sslPolicyErrors, out
X509ChainStatusFlags
chainStatus))
663
internal static Exception CreateCertificateValidationException(SslAuthenticationOptions options, SslPolicyErrors sslPolicyErrors,
X509ChainStatusFlags
chainStatus)
670
else if (sslPolicyErrors == SslPolicyErrors.RemoteCertificateChainErrors && chainStatus !=
X509ChainStatusFlags
.NoError)
System\Net\Security\SslStream.Protocol.cs (19)
1110
internal bool VerifyRemoteCertificate(SslCertificateTrust? trust, ref ProtocolToken alertToken, out SslPolicyErrors sslPolicyErrors, out
X509ChainStatusFlags
chainStatus)
1163
out
X509ChainStatusFlags
chainStatus)
1166
chainStatus =
X509ChainStatusFlags
.NoError;
1374
if (chainStatus.Status ==
X509ChainStatusFlags
.NoError)
1380
(
X509ChainStatusFlags
.UntrustedRoot |
X509ChainStatusFlags
.PartialChain |
1381
X509ChainStatusFlags
.Cyclic)) != 0)
1387
(
X509ChainStatusFlags
.Revoked |
X509ChainStatusFlags
.OfflineRevocation)) != 0)
1393
(
X509ChainStatusFlags
.CtlNotTimeValid |
X509ChainStatusFlags
.NotTimeNested |
1394
X509ChainStatusFlags
.NotTimeValid)) != 0)
1399
if ((chainStatus.Status &
X509ChainStatusFlags
.CtlNotValidForUsage) != 0)
1405
(
X509ChainStatusFlags
.CtlNotSignatureValid |
X509ChainStatusFlags
.InvalidExtension |
1406
X509ChainStatusFlags
.NotSignatureValid |
X509ChainStatusFlags
.InvalidPolicyConstraints |
1407
X509ChainStatusFlags
.NoIssuanceChainPolicy |
X509ChainStatusFlags
.NotValidForUsage)) != 0)
System\Net\Security\SslStreamCertificateContext.cs (1)
113
if (status.Status.HasFlag(
X509ChainStatusFlags
.PartialChain))
System.Security.Cryptography (27)
System\Security\Cryptography\X509Certificates\ChainPal.Windows.GetChainStatusInformation.cs (26)
40
chainStatus[index].Status = (
X509ChainStatusFlags
)(1 << shiftCount);
56
public readonly
X509ChainStatusFlags
ChainStatusFlag;
59
public X509ChainErrorMapping(CertTrustErrorStatus win32Flag, int win32ErrorCode,
X509ChainStatusFlags
chainStatusFlag)
70
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_IS_NOT_SIGNATURE_VALID, ErrorCode.TRUST_E_CERT_SIGNATURE,
X509ChainStatusFlags
.NotSignatureValid),
71
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID, ErrorCode.TRUST_E_CERT_SIGNATURE,
X509ChainStatusFlags
.CtlNotSignatureValid),
72
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_IS_UNTRUSTED_ROOT, ErrorCode.CERT_E_UNTRUSTEDROOT,
X509ChainStatusFlags
.UntrustedRoot),
73
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_IS_PARTIAL_CHAIN, ErrorCode.CERT_E_CHAINING,
X509ChainStatusFlags
.PartialChain),
74
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_IS_REVOKED, ErrorCode.CRYPT_E_REVOKED,
X509ChainStatusFlags
.Revoked),
75
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_IS_NOT_VALID_FOR_USAGE, ErrorCode.CERT_E_WRONG_USAGE,
X509ChainStatusFlags
.NotValidForUsage),
76
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE, ErrorCode.CERT_E_WRONG_USAGE,
X509ChainStatusFlags
.CtlNotValidForUsage),
77
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_IS_NOT_TIME_VALID, ErrorCode.CERT_E_EXPIRED,
X509ChainStatusFlags
.NotTimeValid),
78
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_CTL_IS_NOT_TIME_VALID, ErrorCode.CERT_E_EXPIRED,
X509ChainStatusFlags
.CtlNotTimeValid),
79
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_INVALID_NAME_CONSTRAINTS, ErrorCode.CERT_E_INVALID_NAME,
X509ChainStatusFlags
.InvalidNameConstraints),
80
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT, ErrorCode.CERT_E_INVALID_NAME,
X509ChainStatusFlags
.HasNotSupportedNameConstraint),
81
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT, ErrorCode.CERT_E_INVALID_NAME,
X509ChainStatusFlags
.HasNotDefinedNameConstraint),
82
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, ErrorCode.CERT_E_INVALID_NAME,
X509ChainStatusFlags
.HasNotPermittedNameConstraint),
83
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT, ErrorCode.CERT_E_INVALID_NAME,
X509ChainStatusFlags
.HasExcludedNameConstraint),
84
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_INVALID_POLICY_CONSTRAINTS, ErrorCode.CERT_E_INVALID_POLICY,
X509ChainStatusFlags
.InvalidPolicyConstraints),
85
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_NO_ISSUANCE_CHAIN_POLICY, ErrorCode.CERT_E_INVALID_POLICY,
X509ChainStatusFlags
.NoIssuanceChainPolicy),
86
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_INVALID_BASIC_CONSTRAINTS, ErrorCode.TRUST_E_BASIC_CONSTRAINTS,
X509ChainStatusFlags
.InvalidBasicConstraints),
87
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_IS_NOT_TIME_NESTED, ErrorCode.CERT_E_VALIDITYPERIODNESTING,
X509ChainStatusFlags
.NotTimeNested),
88
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_REVOCATION_STATUS_UNKNOWN, ErrorCode.CRYPT_E_NO_REVOCATION_CHECK,
X509ChainStatusFlags
.RevocationStatusUnknown),
89
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_IS_OFFLINE_REVOCATION, ErrorCode.CRYPT_E_REVOCATION_OFFLINE,
X509ChainStatusFlags
.OfflineRevocation),
90
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_IS_EXPLICIT_DISTRUST, ErrorCode.TRUST_E_EXPLICIT_DISTRUST,
X509ChainStatusFlags
.ExplicitDistrust),
91
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT, ErrorCode.CERT_E_CRITICAL,
X509ChainStatusFlags
.HasNotSupportedCriticalExtension),
92
new X509ChainErrorMapping(CertTrustErrorStatus.CERT_TRUST_HAS_WEAK_SIGNATURE, ErrorCode.CERTSRV_E_WEAK_SIGNATURE_OR_KEY,
X509ChainStatusFlags
.HasWeakSignature),
System\Security\Cryptography\X509Certificates\X509ChainStatus.cs (1)
12
public
X509ChainStatusFlags
Status { get; set; }
System.Security.Cryptography.Pkcs (1)
System\Security\Cryptography\Pkcs\CmsSigner.cs (1)
462
if (status.Status ==
X509ChainStatusFlags
.PartialChain)
System.Security.Cryptography.X509Certificates (1)
System.Security.Cryptography.X509Certificates.cs (1)
28
[assembly: System.Runtime.CompilerServices.TypeForwardedTo(typeof(System.Security.Cryptography.X509Certificates.
X509ChainStatusFlags
))]
System.Security.Cryptography.Xml (5)
System\Security\Cryptography\Xml\KeyInfoX509Data.cs (4)
66
((chain.ChainStatus[0].Status &
X509ChainStatusFlags
.PartialChain) ==
X509ChainStatusFlags
.PartialChain))
87
((chain.ChainStatus[0].Status &
X509ChainStatusFlags
.PartialChain) ==
X509ChainStatusFlags
.PartialChain))
System\Security\Cryptography\Xml\SignedXmlDebugLog.cs (1)
995
if (status.Status !=
X509ChainStatusFlags
.NoError)