X509Store 类

标题：X509Store 类

地址：https://docs.microsoft.com/zh-cn/dotnet/api/system.security.cryptography.x509certificates.x509store?view=netframework-4.8

表示 X.509 存储区，该存储区是保留和管理证书的物理存储区。 此类不能被继承。

示例

本部分包含两个示例。 第一个示例演示如何打开标准 x.509 存储, 并列出每个存储中的证书数量。

第二个示例演示如何添加和删除单个证书和证书范围。

示例1

此示例尝试打开当前计算机上每个标准位置中的每个标准存储区。 它将打印摘要, 其中显示每个存储是否存在, 如果存在, 则显示它包含的证书的数量。

该示例为标准X509Store名称和标准位置的每个组合创建一个对象。 Open 它OpenFlags.OpenExistingOnly通过标志调用方法, 该标志仅在已存在时打开物理存储区。 如果物理存储存在, 则该示例使用Name、 Location和Certificates属性显示存储区中的证书数量。

using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;

public class Example
{
    static void Main()
    {
        Console.WriteLine("
Exists Certs Name and Location");
        Console.WriteLine("------ ----- -------------------------");

        foreach (StoreLocation storeLocation in (StoreLocation[]) 
            Enum.GetValues(typeof(StoreLocation)))
        {
            foreach (StoreName storeName in (StoreName[]) 
                Enum.GetValues(typeof(StoreName)))
            {
                X509Store store = new X509Store(storeName, storeLocation);

                try
                {
                    store.Open(OpenFlags.OpenExistingOnly);

                    Console.WriteLine("Yes    {0,4}  {1}, {2}", 
                        store.Certificates.Count, store.Name, store.Location);
                }   
                catch (CryptographicException)
                {
                    Console.WriteLine("No           {0}, {1}", 
                        store.Name, store.Location);
                }
            }
            Console.WriteLine();
        }
    }
}

/* This example produces output similar to the following:

Exists Certs Name and Location
------ ----- -------------------------
Yes       1  AddressBook, CurrentUser
Yes      25  AuthRoot, CurrentUser
Yes     136  CA, CurrentUser
Yes      55  Disallowed, CurrentUser
Yes      20  My, CurrentUser
Yes      36  Root, CurrentUser
Yes       0  TrustedPeople, CurrentUser
Yes       1  TrustedPublisher, CurrentUser

No           AddressBook, LocalMachine
Yes      25  AuthRoot, LocalMachine
Yes     131  CA, LocalMachine
Yes      55  Disallowed, LocalMachine
Yes       3  My, LocalMachine
Yes      36  Root, LocalMachine
Yes       0  TrustedPeople, LocalMachine
Yes       1  TrustedPublisher, LocalMachine

 */

示例2

此示例将打开一个 x.509 证书存储区, 添加并删除证书, 然后关闭存储区。 它假定你有三个要在本地存储区中添加和删除的证书。

using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.IO;

public class X509store2
{
    public static void Main (string[] args)
    {
        //Create new X509 store called teststore from the local certificate store.
        X509Store store = new X509Store ("teststore", StoreLocation.CurrentUser);
        store.Open (OpenFlags.ReadWrite);
        X509Certificate2 certificate = new X509Certificate2 ();

        //Create certificates from certificate files.
        //You must put in a valid path to three certificates in the following constructors.
        X509Certificate2 certificate1 = new X509Certificate2 ("c:\mycerts\*****.cer");
        X509Certificate2 certificate2 = new X509Certificate2 ("c:\mycerts\*****.cer");
        X509Certificate2 certificate5 = new X509Certificate2 ("c:\mycerts\*****.cer");

        //Create a collection and add two of the certificates.
        X509Certificate2Collection collection = new X509Certificate2Collection ();
        collection.Add (certificate2);
        collection.Add (certificate5);

        //Add certificates to the store.
        store.Add (certificate1);
        store.AddRange (collection);

        X509Certificate2Collection storecollection = (X509Certificate2Collection)store.Certificates;
        Console.WriteLine ("Store name: {0}", store.Name);
        Console.WriteLine ("Store location: {0}", store.Location);
        foreach (X509Certificate2 x509 in storecollection)
        {
            Console.WriteLine("certificate name: {0}",x509.Subject);
        }

        //Remove a certificate.
        store.Remove (certificate1);
        X509Certificate2Collection storecollection2 = (X509Certificate2Collection)store.Certificates;
        Console.WriteLine ("{1}Store name: {0}", store.Name, Environment.NewLine);
        foreach (X509Certificate2 x509 in storecollection2)
        {
            Console.WriteLine ("certificate name: {0}", x509.Subject);
        }

        //Remove a range of certificates.
        store.RemoveRange (collection);
        X509Certificate2Collection storecollection3 = (X509Certificate2Collection)store.Certificates;
        Console.WriteLine ("{1}Store name: {0}", store.Name, Environment.NewLine);
        if (storecollection3.Count == 0)
        {
            Console.WriteLine ("Store contains no certificates.");
        }
        else
        {
            foreach (X509Certificate2 x509 in storecollection3)
            {
                Console.WriteLine ("certificate name: {0}", x509.Subject);
            }
        }

        //Close the store.
        store.Close ();
    }    
}

注解

使用此类处理 x.509 存储。

 重要

从开始IDisposable , 此类型实现接口。 .NET Framework 4.6 在使用完类型后，您应直接或间接释放类型。 若要直接释放类型，请在 try/catch 块中调用其 Dispose 方法。 若要间接释放类型，请使用 using（在 C# 中）或 Using（在 Visual Basic 中）等语言构造。 有关详细信息，请参阅 IDisposable 接口主题中的“使用实现 IDisposable 的对象”一节。

对于面向.NET Framework 4.5.2和更早版本的应用X509Store , IDisposable类不实现接口, 因此不具有Dispose方法。