/// <summary> /// Populate a CertificateGenerator with the mandatory fields and create certificate /// </summary> /// <param name="gen">X509CertificateGenerator object</param> /// <param name="expired">True for an expired certificate</param> /// <returns>Certificate</returns> public static X509Certificate RunCertGenerator(BcV3CertGen gen, bool expired) { // generate a key pair SecureRandom random = new SecureRandom(new CryptoApiRandomGenerator()); KeyGenerationParameters genParam = new KeyGenerationParameters(random, 1024); RsaKeyPairGenerator rsaGenerator = new RsaKeyPairGenerator(); rsaGenerator.Init(genParam); AsymmetricCipherKeyPair keyPair = rsaGenerator.GenerateKeyPair(); gen.SetSerialNumber(new BigInteger("42")); gen.SetIssuerDN(new X509Name("CN=Test Cert")); gen.SetSubjectDN(new X509Name("CN=Test Cert")); gen.SetPublicKey(keyPair.Public); gen.SetSignatureAlgorithm("SHA1withRSA"); gen.AddExtension(X509Extensions.AuthorityKeyIdentifier, true, new AuthorityKeyIdentifierStructure(keyPair.Public)); gen.AddExtension(X509Extensions.SubjectKeyIdentifier, true, new SubjectKeyIdentifierStructure(keyPair.Public)); if (expired) { DateTime old = new DateTime(2000, 01, 01); gen.SetNotBefore(old); gen.SetNotAfter(old.AddYears(1)); } else { gen.SetNotBefore(DateTime.Today); gen.SetNotAfter(DateTime.Today.AddYears(1)); } return(gen.Generate(keyPair.Private)); }
public void inhibitAnyPolicyConstructorTest2() { // Build an extension BcV3CertGen gen = new BcV3CertGen(); inhibitAnyPolicy testExt = new inhibitAnyPolicy(testData1); gen.AddExtension(testExt.OID, testExt.Critical, testExt.DerEncoding); X509Certificate cert = CertTestHarness.RunCertGenerator(gen); X509Extension ext = CertTestHarness.ExtractExtension(cert, X509Extensions.InhibitAnyPolicy); // Test code inhibitAnyPolicy target = new inhibitAnyPolicy(ext); Assert.IsFalse(target.Critical); Assert.AreEqual(1, target.Skip); }
public void basicConstraintsConstructorTest4() { // Build an extension BcV3CertGen gen = new BcV3CertGen(); basicConstraints testExt = new basicConstraints(testData2); gen.AddExtension(testExt.OID, testExt.Critical, testExt.DerEncoding); X509Certificate cert = CertTestHarness.RunCertGenerator(gen); X509Extension ext = CertTestHarness.ExtractExtension(cert, X509Extensions.BasicConstraints); // Test code basicConstraints target = new basicConstraints(ext); Assert.IsTrue(target.IsCA); Assert.AreEqual(target.PathLength, "4"); }
public void policyConstraintsConstructorTest4() { // Build an extension BcV3CertGen gen = new BcV3CertGen(); policyConstraints testExt = new policyConstraints(testData2); gen.AddExtension(testExt.OID, testExt.Critical, testExt.DerEncoding); X509Certificate cert = CertTestHarness.RunCertGenerator(gen); X509Extension ext = CertTestHarness.ExtractExtension(cert, X509Extensions.PolicyConstraints); // Test code policyConstraints target = new policyConstraints(ext); Assert.IsTrue(target.Critical); Assert.AreEqual(-1, target.RequireExplicitPolicy); Assert.AreEqual(2, target.InhibitPolicyMapping); }
public void authorityInfoAccessConstructorTest3() { // Build an extension BcV3CertGen gen = new BcV3CertGen(); authorityInfoAccess testExt = new authorityInfoAccess(testXmlInput); gen.AddExtension(testExt.OID, testExt.Critical, testExt.DerEncoding); X509Certificate cert = CertTestHarness.RunCertGenerator(gen); X509Extension ext = CertTestHarness.ExtractExtension(cert, X509Extensions.AuthorityInfoAccess); // Test code authorityInfoAccess target = new authorityInfoAccess(ext); List <AccessDesc> list = target.AuthInfoAccess; Assert.IsFalse(target.Critical); Assert.AreEqual(2, list.Count); }
public void extendedKeyUsageConstructorTest3() { // Build an extension BcV3CertGen gen = new BcV3CertGen(); extendedKeyUsage testExt = new extendedKeyUsage(testData1); gen.AddExtension(testExt.OID, testExt.Critical, testExt.DerEncoding); X509Certificate cert = CertTestHarness.RunCertGenerator(gen); X509Extension ext = CertTestHarness.ExtractExtension(cert, X509Extensions.ExtendedKeyUsage); // Test code extendedKeyUsage target = new extendedKeyUsage(ext); List <string> list = target.ExtKUsage; Assert.IsFalse(target.Critical); Assert.AreEqual(2, list.Count); Assert.AreEqual("ClientAuth", list[0]); Assert.AreEqual("ServerAuth", list[1]); }
public void certificatePoliciesConstructorTest2() { // Build an extension BcV3CertGen gen = new BcV3CertGen(); certificatePolicies testExt = new certificatePolicies(testData1); gen.AddExtension(testExt.OID, testExt.Critical, testExt.DerEncoding); X509Certificate cert = CertTestHarness.RunCertGenerator(gen); X509Extension ext = CertTestHarness.ExtractExtension(cert, X509Extensions.CertificatePolicies); // Test code certificatePolicies target = new certificatePolicies(ext); List <CertPolicy> list = target.CertPolicies; Assert.IsFalse(target.Critical); Assert.AreEqual(2, list.Count); Assert.AreEqual("http://foo.com/cps.htm", list[0].Cps); Assert.AreEqual("This is a test notice", list[0].Unotice); Assert.AreEqual("1.2.860.0.1311.1.3", list[1].Oid); }
public void policyMappingsConstructorTest2() { // Build an extension BcV3CertGen gen = new BcV3CertGen(); policyMappings testExt = new policyMappings(testData1); gen.AddExtension(testExt.OID, testExt.Critical, testExt.DerEncoding); X509Certificate cert = CertTestHarness.RunCertGenerator(gen); X509Extension ext = CertTestHarness.ExtractExtension(cert, X509Extensions.PolicyMappings); // Test code policyMappings target = new policyMappings(ext); List <PolicyMapping> list = target.Mappings; Assert.IsFalse(target.Critical); Assert.AreEqual(1, list.Count); Assert.AreEqual("1.2.3.4", list[0].issuerOid); Assert.IsNull(list[0].issuerPolicyName); Assert.AreEqual("2.4.5.6.7", list[0].subjectOid); Assert.IsNull(list[0].subjectPolicyName); }