public void PrivateCertificateProcessing_CreateCertificate_CngRsa2048_ClientServerAuth_ReturnedX509Certificate2HasClientServerAuthKeyUsage()
            KeyUsage expected = KeyUsage.ServerAuthentication | KeyUsage.ClientAuthentication;

            CreatePrivateCertificateModel model = new CreatePrivateCertificateModel()
                CipherAlgorithm            = CipherAlgorithm.RSA,
                KeyUsage                   = expected.ToString(),
                HashAlgorithm              = HashAlgorithm.SHA256,
                KeySize                    = 2048,
                Provider                   = WindowsApi.Cng,
                SubjectAlternativeNamesRaw = ",integrationtestdomain",
                SubjectCity                = "Seattle",
                SubjectCommonName          = "integrationtestdomain",
                SubjectCountry             = "US",
                SubjectDepartment          = "Engineering",
                SubjectState               = "WA",
                SubjectOrganization        = "IntegrationTestingCorp"

            PrivateCertificateProcessing   processor = new PrivateCertificateProcessing(certDb, configDb, certProvider, GetAuthorizationLogic_Allow(), templateLogic, GetAuditLogic());
            CreatePrivateCertificateResult result    = processor.CreateCertificateWithPrivateKey(model, user.Object);

            X509Certificate2 cert = new X509Certificate2(result.PfxByte, result.Password);

            KeyUsage actualKeyUsage = x509Normalization.GetKeyUsage(cert);

            Assert.AreEqual(expected, actualKeyUsage);
Beispiel #2
        public void AddServiceKey(string displayName, byte[] keyValue, string protectionPassword, KeyType keyType, KeyUsage keyUsage)
                var client           = this.CreateManagementServiceClient();
                var defaultStartDate = DateTime.UtcNow;
                var defaultEndDate   = defaultStartDate.AddYears(1);

                var serviceKey = new ServiceKey
                    DisplayName = displayName,
                    Type        = keyType.ToString(),
                    Usage       = keyUsage.ToString(),
                    Value       = keyValue,
                    Password    = string.IsNullOrEmpty(protectionPassword) ? null : new UTF8Encoding().GetBytes(protectionPassword),
                    StartDate   = defaultStartDate,
                    EndDate     = defaultEndDate,
                    IsPrimary   = true

            catch (Exception ex)
                throw TryGetExceptionDetails(ex);
        public void PrivateCertificateProcessing_CreateCertificate_CngRsa2048_ClientServerAuth_Success()
            KeyUsage keyUsage = KeyUsage.ServerAuthentication | KeyUsage.ClientAuthentication;
            CreatePrivateCertificateModel model = new CreatePrivateCertificateModel()
                CipherAlgorithm            = CipherAlgorithm.RSA,
                KeyUsage                   = keyUsage.ToString(),
                HashAlgorithm              = HashAlgorithm.SHA256,
                KeySize                    = 2048,
                Provider                   = WindowsApi.Cng,
                SubjectAlternativeNamesRaw = ",integrationtestdomain",
                SubjectCity                = "Seattle",
                SubjectCommonName          = "integrationtestdomain",
                SubjectCountry             = "US",
                SubjectDepartment          = "Engineering",
                SubjectState               = "WA",
                SubjectOrganization        = "IntegrationTestingCorp"

            PrivateCertificateProcessing   processor = new PrivateCertificateProcessing(certDb, configDb, certProvider, GetAuthorizationLogic_Allow(), templateLogic, GetAuditLogic());
            CreatePrivateCertificateResult result    = processor.CreateCertificateWithPrivateKey(model, user.Object);

            Assert.AreEqual(PrivateCertificateRequestStatus.Success, result.Status);
        /// <summary>
        /// Creates a Symmetric key credential.
        /// </summary>
        /// <param name="startTime">Start time of the credential.</param>
        /// <param name="endTime">End time of the credential.</param>
        /// <param name="keyUsage">Key usage for the symmetric key.</param>
        /// <param name="credentialBlob">Credential value</param>
        /// <returns>Key credential object.</returns>
        public static KeyCredential CreateSymmetricKeyCredential(
            DateTime startTime,
            DateTime endTime,
            KeyUsage keyUsage,
            byte[] credentialBlob)
            Utils.ThrowIfNullOrEmpty(credentialBlob, "credentialBlob");
            ValidateStartAndEndTime(startTime, endTime);

            KeyCredential keyCredential = new KeyCredential();

            keyCredential.StartDate = startTime;
            keyCredential.EndDate = endTime;
            keyCredential.Type = KeyType.Symmetric.ToString();
            keyCredential.Usage = keyUsage.ToString();
            keyCredential.Value = credentialBlob;

            return keyCredential;
        /// <summary>
        /// Creates a Symmetric key credential.
        /// </summary>
        /// <param name="startTime">Start time of the credential.</param>
        /// <param name="endTime">End time of the credential.</param>
        /// <param name="keyUsage">Key usage for the symmetric key.</param>
        /// <param name="credentialBlob">Credential value</param>
        /// <returns>Key credential object.</returns>
        public static KeyCredential CreateSymmetricKeyCredential(
            DateTime startTime,
            DateTime endTime,
            KeyUsage keyUsage,
            byte[] credentialBlob)
            Utils.ThrowIfNullOrEmpty(credentialBlob, "credentialBlob");
            ValidateStartAndEndTime(startTime, endTime);

            KeyCredential keyCredential = new KeyCredential();

            keyCredential.StartDate = startTime;
            keyCredential.EndDate   = endTime;
            keyCredential.Type      = KeyType.Symmetric.ToString();
            keyCredential.Usage     = keyUsage.ToString();
            keyCredential.Value     = credentialBlob;

Beispiel #6
        static void Main(string[] args)
            foreach (string s in args)
                if (s.StartsWith("-out:"))
                    outputfile = s.Replace("-out:", "");
                if (s.StartsWith("-in:"))
                    certfile = s.Replace("-in:", "");
            if (outputfile != "stdout")
                str = new StreamWriter(outputfile, false);
            System.Security.Cryptography.X509Certificates.X509Certificate2 cer = new System.Security.Cryptography.X509Certificates.X509Certificate2(File.ReadAllBytes(certfile));
            Al.Security.X509.X509Certificate CERT = Al.Security.Security.DotNetUtilities.FromX509Certificate(cer);
            Print("     Data");
            Print("         Version : " + cer.Version.ToString());
            Print("         Valid : " + cer.Verify().ToString());
            Print("         Serial Number:");
            Print("             " + cer.SerialNumber);
            Print("         Signature Algorithm : ");
            Print("             " + cer.SignatureAlgorithm.FriendlyName);
            Print("         Issuer   : " + cer.Issuer);
            Print("         Validity :   ");
            Print("             Not Before : " + GetRFC822Date(cer.NotBefore));
            Print("             Not After  : " + GetRFC822Date(cer.NotAfter));
            Print("         Subject  : " + cer.Subject);
            Print("         Subject Public Key Info:");
            Print("             Public Key Exchange Algorithm: " + cer.PublicKey.Key.KeyExchangeAlgorithm);
            Print("             Public Key: " + cer.PublicKey.Key.KeySize.ToString() + " bit");
            Print("             Modulus:");
            Print(cer.GetPublicKey(), "              ");
            if (CERT.GetPublicKey() is Al.Security.Crypto.Parameters.RsaKeyParameters)
                RsaKeyParameters rsa = (RsaKeyParameters)CERT.GetPublicKey();
                Print("             Exponent:" + rsa.Exponent);
            else if (CERT.GetPublicKey() is Al.Security.Crypto.Parameters.DsaKeyParameters)
                DsaKeyParameters dsa = (DsaKeyParameters)CERT.GetPublicKey();
                Print("             DSA Parameters:");
                Print("                 G:");
                Print("                     " + dsa.Parameters.G.ToString());
                Print("                 P:");
                Print("                     " + dsa.Parameters.P.ToString());
                Print("                 Q:");
                Print("                     " + dsa.Parameters.Q.ToString());
            // Extensions
            Print("         X509 Extensions");
            string extab    = "            ";
            bool   critical = true;

            foreach (string oid in CERT.GetCriticalExtensionOids())
                Print(" ");

                X509Extension ext = new X509Extension(true, CERT.GetExtensionValue(oid));

                if (oid == X509Extensions.BasicConstraints.Id)
                    BasicConstraints bc = BasicConstraints.GetInstance(ext);
                    Print(extab + "Basic Constraints Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     CA:" + bc.IsCA().ToString());
                    if (bc.PathLenConstraint != null)
                        Print(extab + "     Path Length:" + bc.PathLenConstraint.ToString());
                        Print(extab + "     Path Length:Null");
                else if (oid == X509Extensions.KeyUsage.Id)
                    KeyUsage keyu = KeyUsage.GetInstance(ext);
                    Print(extab + "Key Usage Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     Key Usages:" + keyu.ToString());
                else if (oid == X509Extensions.ExtendedKeyUsage.Id)
                    ExtendedKeyUsage keyu = ExtendedKeyUsage.GetInstance(ext);

                    Print(extab + "Extended Key Usage Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     Extended Key Usages:");
                    foreach (DerObjectIdentifier id in keyu.GetAllUsages())
                        Print(extab + "         " + id.Id);
                else if (oid == X509Extensions.SubjectKeyIdentifier.Id)
                    SubjectKeyIdentifier keyu = SubjectKeyIdentifier.GetInstance(ext);
                    Print(extab + "Subject Key Identifier Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     Key Identifier:");
                    Print(keyu.GetKeyIdentifier(), extab + "         ");
                else if (oid == X509Extensions.AuthorityKeyIdentifier.Id)
                    AuthorityKeyIdentifier keyu = AuthorityKeyIdentifier.GetInstance(ext);
                    Print(extab + "Authority Key Identifier Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     Key Identifier:");
                    Print(keyu.GetKeyIdentifier(), extab + "         ");
                else if (oid == X509Extensions.SubjectAlternativeName.Id)
                    Asn1Object asn1Object = X509ExtensionUtilities.FromExtensionValue(ext.Value);

                    GeneralNames keyu = GeneralNames.GetInstance(asn1Object);

                    Print(extab + "Subject Alternative Name Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     General Names:");

                    foreach (GeneralName gen in keyu.GetNames())
                        string tagname = "Dns Name:";
                        if (gen.TagNo == GeneralName.EdiPartyName)
                            tagname = "Edi Party Name:";
                        else if (gen.TagNo == GeneralName.IPAddress)
                            tagname = "IP Address:";
                        else if (gen.TagNo == GeneralName.OtherName)
                            tagname = "Other Name:";
                        else if (gen.TagNo == GeneralName.RegisteredID)
                            tagname = "Registered ID:";
                        else if (gen.TagNo == GeneralName.Rfc822Name)
                            tagname = "Rfc822 Name:";
                        else if (gen.TagNo == GeneralName.UniformResourceIdentifier)
                            tagname = "URI:";
                        else if (gen.TagNo == GeneralName.X400Address)
                            tagname = "X400 Address:";
                        else if (gen.TagNo == GeneralName.DirectoryName)
                            tagname = "Directory Name:";

                        Print(extab + "         " + tagname + " " + gen.Name);
                else if (oid == X509Extensions.IssuerAlternativeName.Id)
                    Asn1Object asn1Object = X509ExtensionUtilities.FromExtensionValue(ext.Value);

                    GeneralNames keyu = GeneralNames.GetInstance(asn1Object);

                    Print(extab + "Issuer Alternative Name Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     General Names:");

                    foreach (GeneralName gen in keyu.GetNames())
                        string tagname = "Dns Name:";
                        if (gen.TagNo == GeneralName.EdiPartyName)
                            tagname = "Edi Party Name:";
                        else if (gen.TagNo == GeneralName.IPAddress)
                            tagname = "IP Address:";
                        else if (gen.TagNo == GeneralName.OtherName)
                            tagname = "Other Name:";
                        else if (gen.TagNo == GeneralName.RegisteredID)
                            tagname = "Registered ID:";
                        else if (gen.TagNo == GeneralName.Rfc822Name)
                            tagname = "Rfc822 Name:";
                        else if (gen.TagNo == GeneralName.UniformResourceIdentifier)
                            tagname = "URI:";
                        else if (gen.TagNo == GeneralName.X400Address)
                            tagname = "X400 Address:";
                        else if (gen.TagNo == GeneralName.DirectoryName)
                            tagname = "Directory Name:";

                        Print(extab + "         " + tagname + " " + gen.Name);
                else if (oid == X509Extensions.AuthorityInfoAccess.Id)
                    AuthorityInformationAccess keyu = AuthorityInformationAccess.GetInstance(ext);
                    Print(extab + "Authority Information Access Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     Access Descriptions:");
                    foreach (AccessDescription acc in keyu.GetAccessDescriptions())
                        Print(extab + "         Method:" + acc.AccessMethod.Id);
                        GeneralName gen     = acc.AccessLocation;
                        string      tagname = "Dns Name:";
                        if (gen.TagNo == GeneralName.EdiPartyName)
                            tagname = "Edi Party Name:";
                        else if (gen.TagNo == GeneralName.IPAddress)
                            tagname = "IP Address:";
                        else if (gen.TagNo == GeneralName.OtherName)
                            tagname = "Other Name:";
                        else if (gen.TagNo == GeneralName.RegisteredID)
                            tagname = "Registered ID:";
                        else if (gen.TagNo == GeneralName.Rfc822Name)
                            tagname = "Rfc822 Name:";
                        else if (gen.TagNo == GeneralName.UniformResourceIdentifier)
                            tagname = "URI:";
                        else if (gen.TagNo == GeneralName.X400Address)
                            tagname = "X400 Address:";
                        else if (gen.TagNo == GeneralName.DirectoryName)
                            tagname = "Directory Name:";
                        Print(extab + "         Access Location:" + tagname + "=" + gen.Name);
                else if (oid == X509Extensions.SubjectInfoAccess.Id)
                    AuthorityInformationAccess keyu = AuthorityInformationAccess.GetInstance(ext);
                    Print(extab + "Subject Information Access Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     Access Descriptions:");
                    foreach (AccessDescription acc in keyu.GetAccessDescriptions())
                        Print(extab + "         Method:" + acc.AccessMethod.Id);
                        GeneralName gen     = acc.AccessLocation;
                        string      tagname = "Dns Name:";
                        if (gen.TagNo == GeneralName.EdiPartyName)
                            tagname = "Edi Party Name:";
                        else if (gen.TagNo == GeneralName.IPAddress)
                            tagname = "IP Address:";
                        else if (gen.TagNo == GeneralName.OtherName)
                            tagname = "Other Name:";
                        else if (gen.TagNo == GeneralName.RegisteredID)
                            tagname = "Registered ID:";
                        else if (gen.TagNo == GeneralName.Rfc822Name)
                            tagname = "Rfc822 Name:";
                        else if (gen.TagNo == GeneralName.UniformResourceIdentifier)
                            tagname = "URI:";
                        else if (gen.TagNo == GeneralName.X400Address)
                            tagname = "X400 Address:";
                        else if (gen.TagNo == GeneralName.DirectoryName)
                            tagname = "Directory Name:";
                        Print(extab + "         Access Location:" + tagname + "=" + gen.Name);
                else if (oid == X509Extensions.CrlDistributionPoints.Id)
                    Asn1Object   asn1Object = X509ExtensionUtilities.FromExtensionValue(ext.Value);
                    CrlDistPoint keyu       = CrlDistPoint.GetInstance(asn1Object);

                    Print(extab + "Crl Distribution Points Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     Distribution Points:");
                    foreach (DistributionPoint acc in keyu.GetDistributionPoints())
                        if (acc.Reasons != null)
                            Print(extab + "         Reasons:" + acc.Reasons.GetString());
                            Print(extab + "         Reasons:Null");

                        if (acc.CrlIssuer != null)
                            Print(extab + "         Crl Issuer:");
                            foreach (GeneralName gen in acc.CrlIssuer.GetNames())
                                string tagname = "Dns Name:";
                                if (gen.TagNo == GeneralName.EdiPartyName)
                                    tagname = "Edi Party Name:";
                                else if (gen.TagNo == GeneralName.IPAddress)
                                    tagname = "IP Address:";
                                else if (gen.TagNo == GeneralName.OtherName)
                                    tagname = "Other Name:";
                                else if (gen.TagNo == GeneralName.RegisteredID)
                                    tagname = "Registered ID:";
                                else if (gen.TagNo == GeneralName.Rfc822Name)
                                    tagname = "Rfc822 Name:";
                                else if (gen.TagNo == GeneralName.UniformResourceIdentifier)
                                    tagname = "URI:";
                                else if (gen.TagNo == GeneralName.X400Address)
                                    tagname = "X400 Address:";
                                else if (gen.TagNo == GeneralName.DirectoryName)
                                    tagname = "Directory Name:";
                                Print(extab + "            " + tagname + ": " + gen.Name);
                            Print(extab + "         Crl Issuer:Null");
                        Print(extab + "         Distribution Point Name:");
                        if (acc.DistributionPointName.PointType == DistributionPointName.FullName)
                            GeneralNames sgen = GeneralNames.GetInstance(acc.DistributionPointName.Name);
                            foreach (GeneralName gen in sgen.GetNames())
                                string tagname = "Dns Name:";
                                if (gen.TagNo == GeneralName.EdiPartyName)
                                    tagname = "Edi Party Name:";
                                else if (gen.TagNo == GeneralName.IPAddress)
                                    tagname = "IP Address:";
                                else if (gen.TagNo == GeneralName.OtherName)
                                    tagname = "Other Name:";
                                else if (gen.TagNo == GeneralName.RegisteredID)
                                    tagname = "Registered ID:";
                                else if (gen.TagNo == GeneralName.Rfc822Name)
                                    tagname = "Rfc822 Name:";
                                else if (gen.TagNo == GeneralName.UniformResourceIdentifier)
                                    tagname = "URI:";
                                else if (gen.TagNo == GeneralName.X400Address)
                                    tagname = "X400 Address:";
                                else if (gen.TagNo == GeneralName.DirectoryName)
                                    tagname = "Directory Name:";
                                Print(extab + "                " + tagname + " " + gen.Name);
                            Print(extab + "                Not Supported by OCT");
            critical = false;
            foreach (string oid in CERT.GetNonCriticalExtensionOids())
                Print(" ");

                X509Extension ext = new X509Extension(true, CERT.GetExtensionValue(oid));

                if (oid == X509Extensions.BasicConstraints.Id)
                    BasicConstraints bc = BasicConstraints.GetInstance(ext);
                    Print(extab + "Basic Constraints Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     CA:" + bc.IsCA().ToString());
                    if (bc.PathLenConstraint != null)
                        Print(extab + "     Path Length:" + bc.PathLenConstraint.ToString());
                        Print(extab + "     Path Length:Null");
                else if (oid == X509Extensions.KeyUsage.Id)
                    KeyUsage keyu = KeyUsage.GetInstance(ext);
                    Print(extab + "Key Usage Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     Key Usages:" + keyu.ToString());
                else if (oid == X509Extensions.ExtendedKeyUsage.Id)
                    ExtendedKeyUsage keyu = ExtendedKeyUsage.GetInstance(ext);

                    Print(extab + "Extended Key Usage Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     Extended Key Usages:");
                    foreach (DerObjectIdentifier id in keyu.GetAllUsages())
                        Print(extab + "         " + id.Id);
                else if (oid == X509Extensions.SubjectKeyIdentifier.Id)
                    SubjectKeyIdentifier keyu = SubjectKeyIdentifier.GetInstance(ext);
                    Print(extab + "Subject Key Identifier Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     Key Identifier:");
                    Print(keyu.GetKeyIdentifier(), extab + "         ");
                else if (oid == X509Extensions.AuthorityKeyIdentifier.Id)
                    AuthorityKeyIdentifier keyu = AuthorityKeyIdentifier.GetInstance(ext);
                    Print(extab + "Authority Key Identifier Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     Key Identifier:");
                    Print(keyu.GetKeyIdentifier(), extab + "         ");
                else if (oid == X509Extensions.SubjectAlternativeName.Id)
                    Asn1Object asn1Object = X509ExtensionUtilities.FromExtensionValue(ext.Value);

                    GeneralNames keyu = GeneralNames.GetInstance(asn1Object);

                    Print(extab + "Subject Alternative Name Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     General Names:");

                    foreach (GeneralName gen in keyu.GetNames())
                        string tagname = "Dns Name:";
                        if (gen.TagNo == GeneralName.EdiPartyName)
                            tagname = "Edi Party Name:";
                        else if (gen.TagNo == GeneralName.IPAddress)
                            tagname = "IP Address:";
                        else if (gen.TagNo == GeneralName.OtherName)
                            tagname = "Other Name:";
                        else if (gen.TagNo == GeneralName.RegisteredID)
                            tagname = "Registered ID:";
                        else if (gen.TagNo == GeneralName.Rfc822Name)
                            tagname = "Rfc822 Name:";
                        else if (gen.TagNo == GeneralName.UniformResourceIdentifier)
                            tagname = "URI:";
                        else if (gen.TagNo == GeneralName.X400Address)
                            tagname = "X400 Address:";
                        else if (gen.TagNo == GeneralName.DirectoryName)
                            tagname = "Directory Name:";

                        Print(extab + "         " + tagname + " " + gen.Name);
                else if (oid == X509Extensions.IssuerAlternativeName.Id)
                    Asn1Object asn1Object = X509ExtensionUtilities.FromExtensionValue(ext.Value);

                    GeneralNames keyu = GeneralNames.GetInstance(asn1Object);

                    Print(extab + "Issuer Alternative Name Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     General Names:");

                    foreach (GeneralName gen in keyu.GetNames())
                        string tagname = "Dns Name:";
                        if (gen.TagNo == GeneralName.EdiPartyName)
                            tagname = "Edi Party Name:";
                        else if (gen.TagNo == GeneralName.IPAddress)
                            tagname = "IP Address:";
                        else if (gen.TagNo == GeneralName.OtherName)
                            tagname = "Other Name:";
                        else if (gen.TagNo == GeneralName.RegisteredID)
                            tagname = "Registered ID:";
                        else if (gen.TagNo == GeneralName.Rfc822Name)
                            tagname = "Rfc822 Name:";
                        else if (gen.TagNo == GeneralName.UniformResourceIdentifier)
                            tagname = "URI:";
                        else if (gen.TagNo == GeneralName.X400Address)
                            tagname = "X400 Address:";
                        else if (gen.TagNo == GeneralName.DirectoryName)
                            tagname = "Directory Name:";

                        Print(extab + "         " + tagname + " " + gen.Name);
                else if (oid == X509Extensions.AuthorityInfoAccess.Id)
                    AuthorityInformationAccess keyu = AuthorityInformationAccess.GetInstance(ext);
                    Print(extab + "Authority Information Access Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     Access Descriptions:");
                    foreach (AccessDescription acc in keyu.GetAccessDescriptions())
                        Print(extab + "         Method:" + acc.AccessMethod.Id);
                        GeneralName gen     = acc.AccessLocation;
                        string      tagname = "Dns Name:";
                        if (gen.TagNo == GeneralName.EdiPartyName)
                            tagname = "Edi Party Name:";
                        else if (gen.TagNo == GeneralName.IPAddress)
                            tagname = "IP Address:";
                        else if (gen.TagNo == GeneralName.OtherName)
                            tagname = "Other Name:";
                        else if (gen.TagNo == GeneralName.RegisteredID)
                            tagname = "Registered ID:";
                        else if (gen.TagNo == GeneralName.Rfc822Name)
                            tagname = "Rfc822 Name:";
                        else if (gen.TagNo == GeneralName.UniformResourceIdentifier)
                            tagname = "URI:";
                        else if (gen.TagNo == GeneralName.X400Address)
                            tagname = "X400 Address:";
                        else if (gen.TagNo == GeneralName.DirectoryName)
                            tagname = "Directory Name:";
                        Print(extab + "         Access Location:" + tagname + "=" + gen.Name);
                else if (oid == X509Extensions.SubjectInfoAccess.Id)
                    AuthorityInformationAccess keyu = AuthorityInformationAccess.GetInstance(ext);
                    Print(extab + "Subject Information Access Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     Access Descriptions:");
                    foreach (AccessDescription acc in keyu.GetAccessDescriptions())
                        Print(extab + "         Method:" + acc.AccessMethod.Id);
                        GeneralName gen     = acc.AccessLocation;
                        string      tagname = "Dns Name:";
                        if (gen.TagNo == GeneralName.EdiPartyName)
                            tagname = "Edi Party Name:";
                        else if (gen.TagNo == GeneralName.IPAddress)
                            tagname = "IP Address:";
                        else if (gen.TagNo == GeneralName.OtherName)
                            tagname = "Other Name:";
                        else if (gen.TagNo == GeneralName.RegisteredID)
                            tagname = "Registered ID:";
                        else if (gen.TagNo == GeneralName.Rfc822Name)
                            tagname = "Rfc822 Name:";
                        else if (gen.TagNo == GeneralName.UniformResourceIdentifier)
                            tagname = "URI:";
                        else if (gen.TagNo == GeneralName.X400Address)
                            tagname = "X400 Address:";
                        else if (gen.TagNo == GeneralName.DirectoryName)
                            tagname = "Directory Name:";
                        Print(extab + "         Access Location:" + tagname + "=" + gen.Name);
                else if (oid == X509Extensions.CrlDistributionPoints.Id)
                    Asn1Object   asn1Object = X509ExtensionUtilities.FromExtensionValue(ext.Value);
                    CrlDistPoint keyu       = CrlDistPoint.GetInstance(asn1Object);

                    Print(extab + "Crl Distribution Points Extension");
                    Print(extab + "  Critical:" + critical.ToString());
                    Print(extab + "     Distribution Points:");
                    foreach (DistributionPoint acc in keyu.GetDistributionPoints())
                        if (acc.Reasons != null)
                            Print(extab + "         Reasons:" + acc.Reasons.GetString());
                            Print(extab + "         Reasons:Null");

                        if (acc.CrlIssuer != null)
                            Print(extab + "         Crl Issuer:");
                            foreach (GeneralName gen in acc.CrlIssuer.GetNames())
                                string tagname = "Dns Name:";
                                if (gen.TagNo == GeneralName.EdiPartyName)
                                    tagname = "Edi Party Name:";
                                else if (gen.TagNo == GeneralName.IPAddress)
                                    tagname = "IP Address:";
                                else if (gen.TagNo == GeneralName.OtherName)
                                    tagname = "Other Name:";
                                else if (gen.TagNo == GeneralName.RegisteredID)
                                    tagname = "Registered ID:";
                                else if (gen.TagNo == GeneralName.Rfc822Name)
                                    tagname = "Rfc822 Name:";
                                else if (gen.TagNo == GeneralName.UniformResourceIdentifier)
                                    tagname = "URI:";
                                else if (gen.TagNo == GeneralName.X400Address)
                                    tagname = "X400 Address:";
                                else if (gen.TagNo == GeneralName.DirectoryName)
                                    tagname = "Directory Name:";
                                Print(extab + "            " + tagname + ": " + gen.Name);
                            Print(extab + "         Crl Issuer:Null");
                        Print(extab + "         Distribution Point Name:");
                        if (acc.DistributionPointName.PointType == DistributionPointName.FullName)
                            GeneralNames sgen = GeneralNames.GetInstance(acc.DistributionPointName.Name);
                            foreach (GeneralName gen in sgen.GetNames())
                                string tagname = "Dns Name:";
                                if (gen.TagNo == GeneralName.EdiPartyName)
                                    tagname = "Edi Party Name:";
                                else if (gen.TagNo == GeneralName.IPAddress)
                                    tagname = "IP Address:";
                                else if (gen.TagNo == GeneralName.OtherName)
                                    tagname = "Other Name:";
                                else if (gen.TagNo == GeneralName.RegisteredID)
                                    tagname = "Registered ID:";
                                else if (gen.TagNo == GeneralName.Rfc822Name)
                                    tagname = "Rfc822 Name:";
                                else if (gen.TagNo == GeneralName.UniformResourceIdentifier)
                                    tagname = "URI:";
                                else if (gen.TagNo == GeneralName.X400Address)
                                    tagname = "X400 Address:";
                                else if (gen.TagNo == GeneralName.DirectoryName)
                                    tagname = "Directory Name:";
                                Print(extab + "                " + tagname + " " + gen.Name);
                            Print(extab + "                Not Supported by OCT");
            // Signature
            Print("     Signature Algorithm: " + cer.SignatureAlgorithm.FriendlyName + " " + (CERT.GetSignature().Length * 8) + " bit");
            Print(CERT.GetSignature(), "        ");

            Print("     SHA1 Fingerprint : ");
            Print(Sha1(CERT.GetEncoded()), "        ");
            Print("     SHA224 Fingerprint : ");
            Print(Sha224(CERT.GetEncoded()), "        ");
            Print("     SHA256 Fingerprint : ");
            Print(Sha256(CERT.GetEncoded()), "        ");
            Print("     SHA384 Fingerprint : ");
            Print(Sha384(CERT.GetEncoded()), "        ");
            Print("     SHA512 Fingerprint : ");
            Print(Sha512(CERT.GetEncoded()), "        ");
            Print("     MD5 Fingerprint : ");
            Print(MD5(CERT.GetEncoded()), "        ");

            Print("Issuer Base64:" + Convert.ToBase64String(CERT.IssuerDN.GetDerEncoded()));
            Print("Subject Base64:" + Convert.ToBase64String(CERT.SubjectDN.GetDerEncoded()));
            Print("Serial Base64:" + Convert.ToBase64String(CERT.SerialNumber.ToByteArray()));
            if (outputfile == "stdout")
        public AdcsTemplate DiscoverTemplate(CipherAlgorithm cipher, WindowsApi api, KeyUsage keyUsage)
            Expression <Func <AdcsTemplate, bool> > query = template => template.Cipher == cipher && template.WindowsApi == api && template.KeyUsage.ToString() == keyUsage.ToString();
            AdcsTemplate results = configurationRepository.Get <AdcsTemplate>(query).First();

        public void AddServiceKey(string displayName, byte[] keyValue, string protectionPassword, KeyType keyType, KeyUsage keyUsage)
                var client = this.CreateManagementServiceClient();
                var defaultStartDate = DateTime.UtcNow;
                var defaultEndDate = defaultStartDate.AddYears(1);

                var serviceKey = new ServiceKey
                                         DisplayName = displayName,
                                         Type = keyType.ToString(),
                                         Usage = keyUsage.ToString(),
                                         Value = keyValue,
                                         Password = string.IsNullOrEmpty(protectionPassword) ? null : new UTF8Encoding().GetBytes(protectionPassword),
                                         StartDate = defaultStartDate,
                                         EndDate = defaultEndDate,
                                         IsPrimary = true

            catch (Exception ex)
                throw TryGetExceptionDetails(ex);