public static X509Certificate MakeV1Certificate(AsymmetricCipherKeyPair subKP, string _subDN, AsymmetricCipherKeyPair issKP, string _issDN) { AsymmetricKeyParameter subPub = subKP.Public; AsymmetricKeyParameter issPriv = issKP.Private; AsymmetricKeyParameter issPub = issKP.Public; X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator(); v1CertGen.Reset(); v1CertGen.SetSerialNumber(AllocateSerialNumber()); v1CertGen.SetIssuerDN(new X509Name(_issDN)); v1CertGen.SetNotBefore(DateTime.UtcNow); v1CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100)); v1CertGen.SetSubjectDN(new X509Name(_subDN)); v1CertGen.SetPublicKey(subPub); if (issPub is RsaKeyParameters) { v1CertGen.SetSignatureAlgorithm("SHA1WithRSA"); } else if (issPub is DsaPublicKeyParameters) { v1CertGen.SetSignatureAlgorithm("SHA1withDSA"); } else if (issPub is ECPublicKeyParameters) { ECPublicKeyParameters ecPub = (ECPublicKeyParameters)issPub; if (ecPub.AlgorithmName == "ECGOST3410") { v1CertGen.SetSignatureAlgorithm("GOST3411withECGOST3410"); } else { v1CertGen.SetSignatureAlgorithm("SHA1withECDSA"); } } else { v1CertGen.SetSignatureAlgorithm("GOST3411WithGOST3410"); } X509Certificate _cert = v1CertGen.Generate(issPriv); _cert.CheckValidity(DateTime.UtcNow); _cert.Verify(issPub); return _cert; }