Beispiel #1
0
        /// <summary>
        /// Building a Certificate Signing Request (CSR) in accordance with RFC 2986
        /// </summary>
        /// <returns>CSR</returns>
        public byte[] BuildCSR()
        {
            DerEncoder DER = new DerEncoder();

            DER.StartSEQUENCE();                 // CertificationRequestInfo
            DER.INTEGER(0);                      // Version

            DER.StartSEQUENCE();                 // subject
            this.EncodeIfDefined(DER, "2.5.4.3", this.commonName);
            this.EncodeIfDefined(DER, "2.5.4.4", this.surname);
            this.EncodeIfDefined(DER, "2.5.4.5", this.serialNumber);
            this.EncodeIfDefined(DER, "2.5.4.6", this.country);
            this.EncodeIfDefined(DER, "2.5.4.7", this.locality);
            this.EncodeIfDefined(DER, "2.5.4.8", this.stateOrProvince);
            this.EncodeIfDefined(DER, "2.5.4.9", this.streetAddress);
            this.EncodeIfDefined(DER, "2.5.4.10", this.organization);
            this.EncodeIfDefined(DER, "2.5.4.11", this.organizationalUnit);
            this.EncodeIfDefined(DER, "2.5.4.12", this.title);
            this.EncodeIfDefined(DER, "2.5.4.13", this.description);
            this.EncodeIfDefined(DER, "2.5.4.16", this.postalAddress);
            this.EncodeIfDefined(DER, "2.5.4.17", this.postalCode);
            this.EncodeIfDefined(DER, "2.5.4.18", this.postOfficeBox);
            this.EncodeIfDefined(DER, "2.5.4.19", this.physicalDeliveryOfficeName);
            this.EncodeIfDefined(DER, "2.5.4.20", this.telephoneNumber);
            this.EncodeIfDefined(DER, "2.5.4.26", this.registeredAddress);
            this.EncodeIfDefined(DER, "2.5.4.29", this.presentationAddress);
            this.EncodeIfDefined(DER, "2.5.4.41", this.name);
            this.EncodeIfDefined(DER, "2.5.4.42", this.givenName);
            this.EncodeIfDefined(DER, "2.5.4.43", this.initials);
            this.EncodeIfDefined(DER, "2.5.4.49", this.distinguishedName);
            this.EncodeIfDefined(DER, "2.5.4.51", this.houseIdentifier);
            this.EncodeIfDefined(DER, "1.2.840.113549.1.9.1", this.emailAddress);
            DER.EndSEQUENCE();       // end of subject

            DER.StartSEQUENCE();     // subjectPKInfo
            DER.StartSEQUENCE();     // algorithm
            DER.OBJECT_IDENTIFIER(this.signatureAlgorithm.PkiAlgorithmOID);
            DER.NULL();              // No parameters
            DER.EndSEQUENCE();       // end of algorithm
            DER.StartBITSTRING();    // subjectPublicKey

            this.signatureAlgorithm.ExportPublicKey(DER);

            DER.EndBITSTRING();                                   // end of subjectPublicKey
            DER.EndSEQUENCE();                                    // end of subjectPKInfo

            DER.StartEndOfContent(Asn1TypeClass.ContextSpecific); // attributes

            if (this.subjectAlternativeNames != null && this.subjectAlternativeNames.Length > 0)
            {
                DER.StartSEQUENCE();
                DER.OBJECT_IDENTIFIER("1.2.840.113549.1.9.14");                  // extensionRequest
                DER.StartSET();
                DER.StartSEQUENCE();
                DER.StartSEQUENCE();
                DER.OBJECT_IDENTIFIER("2.5.29.17");
                DER.StartOCTET_STRING();
                DER.StartSEQUENCE();

                foreach (string s in this.subjectAlternativeNames)
                {
                    int Pos = DER.Position;
                    DER.IA5_STRING(s);
                    DER[Pos] = 0x82;                            // Encoded as Context-specific INTEGER...
                }

                DER.EndSEQUENCE();
                DER.EndOCTET_STRING();
                DER.EndSEQUENCE();
                DER.EndSEQUENCE();
                DER.EndSET();
                DER.EndSEQUENCE();
            }

            DER.EndEndOfContent(Asn1TypeClass.ContextSpecific); // end of attributes
            DER.EndSEQUENCE();                                  // end of CertificationRequestInfo

            byte[] CertificationRequestInfo = DER.ToArray();

            DER.Clear();
            DER.StartSEQUENCE();                 // CertificationRequest
            DER.Raw(CertificationRequestInfo);

            DER.StartSEQUENCE();                                                   // signatureAlgorithm
            DER.OBJECT_IDENTIFIER(this.signatureAlgorithm.HashAlgorithmOID);
            DER.NULL();                                                            // parameters
            DER.EndSEQUENCE();                                                     // End of signatureAlgorithm

            DER.BITSTRING(this.signatureAlgorithm.Sign(CertificationRequestInfo)); // signature

            DER.EndSEQUENCE();                                                     // end of CertificationRequest

            return(DER.ToArray());
        }