Upravljanje lastne shrambe zaupanja za PQ-združljive PKI-infrastrukture.
| Razred | Opis |
|---|---|
PqTrustStore | Polnofunkcionalna shramba zaupanja s PQ-podporo |
TrustStoreExtensions | Razširitvene metode za X509Certificate2Collection |
TrustEntry | Metapodatki za vnose v shrambo zaupanja |
using WvdS.System.Security.Cryptography.X509Certificates; // Ustvarjanje shrambe zaupanja using var trustStore = new PqTrustStore(); // Dodajanje Root CA var rootCa = new X509Certificate2("root-ca.cer"); trustStore.AddTrustAnchor(rootCa, alias: "Company Root CA"); // Dodajanje Intermediate CA var intermediateCa = new X509Certificate2("intermediate-ca.cer"); trustStore.AddIntermediate(intermediateCa, alias: "Issuing CA");
// Nalaganje shrambe zaupanja using var trustStore = PqTrustStore.LoadFromPem("company-trust-store.pem"); // Validacija certifikata var userCert = new X509Certificate2("user.cer"); using var chain = new X509Chain(); bool isValid = chain.Build(userCert, trustStore, CryptoMode.Hybrid);
// Shranjevanje/nalaganje PEM-svežnja trustStore.SaveToPem("trust-store.pem"); var loadedStore = PqTrustStore.LoadFromPem("trust-store.pem"); // PKCS#7 (DER) trustStore.SaveToPkcs7("trust-store.p7b"); var p7Store = PqTrustStore.LoadFromPkcs7("trust-store.p7b");
using var trustStore = new PqTrustStore(); // Uvoz Windows Root CA-jev trustStore.ImportFromSystemRootStore(); // Izvoz kot PEM za air-gapped sisteme trustStore.SaveToPem("system-trust-store.pem");
| Vrednost | Opis |
|---|---|
TrustAnchor | Sidro zaupanja (Root CA) |
IntermediateCA | Vmesna certifikacijska agencija |
CrossCertifiedCA | Navzkrižno certificirana CA |
EndEntity | Končna entiteta (ni CA) |
// Samo sidra zaupanja var roots = trustStore.TrustAnchors; // Samo vmesne CA var intermediates = trustStore.IntermediateCAs; // Iskanje po Subject/Thumbprint var found = trustStore.FindBySubjectName("Company"); var entry = trustStore.FindByThumbprint("A1B2C3...");
Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional