/// <summary>
/// Set all mandatory fields.
/// </summary>
/// <param name="cg">The cert generator</param>
private void CreateMandatoryFields(X509V3CertificateGenerator cg)
{
m_subjectDN = new CertificateFactoryX509Name(SubjectName.Name);
// subject and issuer DN, issuer of issuer for AKI
m_issuerDN = null;
m_issuerIssuerAKI = null;
if (IssuerCAKeyCert != null)
{
m_issuerDN = new CertificateFactoryX509Name(IssuerCAKeyCert.Subject);
m_issuerIssuerAKI = new CertificateFactoryX509Name(IssuerCAKeyCert.Issuer);
}
else
{
// self signed
m_issuerDN = m_subjectDN;
m_issuerIssuerAKI = m_subjectDN;
}
cg.SetIssuerDN(m_issuerDN);
cg.SetSubjectDN(m_subjectDN);
// valid for
cg.SetNotBefore(NotBefore.ToUniversalTime());
cg.SetNotAfter(NotAfter.ToUniversalTime());
// serial number
cg.SetSerialNumber(new BigInteger(1, m_serialNumber.Reverse().ToArray()));
}
/// <summary>
/// Gets the hash code
/// </summary>
/// <returns>Hash code</returns>
public override int GetHashCode()
{
unchecked // Overflow is fine, just wrap
{
var hashCode = 41;
// Suitable nullity checks etc, of course :)
if (Subject != null)
{
hashCode = hashCode * 59 + Subject.GetHashCode();
}
if (Issuer != null)
{
hashCode = hashCode * 59 + Issuer.GetHashCode();
}
if (NotBefore != null)
{
hashCode = hashCode * 59 + NotBefore.GetHashCode();
}
if (NotAfter != null)
{
hashCode = hashCode * 59 + NotAfter.GetHashCode();
}
if (SerialNumber != null)
{
hashCode = hashCode * 59 + SerialNumber.GetHashCode();
}
return(hashCode);
}
}
public override int GetHashCode()
{
unchecked
{
var hashCode = Subject?.GetHashCode() ?? 0;
hashCode = (hashCode * 397) ^ (IssuedBy?.GetHashCode() ?? 0);
hashCode = (hashCode * 397) ^ NotBefore.GetHashCode();
hashCode = (hashCode * 397) ^ NotAfter.GetHashCode();
hashCode = (hashCode * 397) ^ (Thumbprint?.GetHashCode() ?? 0);
return(hashCode);
}
}
/// <summary>
/// Returns true if TruststoreItems instances are equal
/// </summary>
/// <param name="other">Instance of TruststoreItems to be compared</param>
/// <returns>Boolean</returns>
public bool Equals(TruststoreItems other)
{
if (other is null)
{
return(false);
}
if (ReferenceEquals(this, other))
{
return(true);
}
return
((
Alias == other.Alias ||
Alias != null &&
Alias.Equals(other.Alias)
) &&
(
EntryType == other.EntryType ||
EntryType != null &&
EntryType.Equals(other.EntryType)
) &&
(
Subject == other.Subject ||
Subject != null &&
Subject.Equals(other.Subject)
) &&
(
Issuer == other.Issuer ||
Issuer != null &&
Issuer.Equals(other.Issuer)
) &&
(
NotBefore == other.NotBefore ||
NotBefore != null &&
NotBefore.Equals(other.NotBefore)
) &&
(
NotAfter == other.NotAfter ||
NotAfter != null &&
NotAfter.Equals(other.NotAfter)
) &&
(
SerialNumber == other.SerialNumber ||
SerialNumber != null &&
SerialNumber.Equals(other.SerialNumber)
));
}
/// <summary>
/// Returns true if KeystoreChainItems instances are equal
/// </summary>
/// <param name="other">Instance of KeystoreChainItems to be compared</param>
/// <returns>Boolean</returns>
public bool Equals(KeystoreChainItems other)
{
if (other is null)
{
return(false);
}
if (ReferenceEquals(this, other))
{
return(true);
}
return
((
Subject == other.Subject ||
Subject != null &&
Subject.Equals(other.Subject)
) &&
(
Issuer == other.Issuer ||
Issuer != null &&
Issuer.Equals(other.Issuer)
) &&
(
NotBefore == other.NotBefore ||
NotBefore != null &&
NotBefore.Equals(other.NotBefore)
) &&
(
NotAfter == other.NotAfter ||
NotAfter != null &&
NotAfter.Equals(other.NotAfter)
) &&
(
SerialNumber == other.SerialNumber ||
SerialNumber != null &&
SerialNumber.Equals(other.SerialNumber)
));
}
public virtual string GetExpirationDateString()
{
return(NotAfter.ToString());
}
void ReleaseDesignerOutlets()
{
if (CountryPopUpButton != null)
{
CountryPopUpButton.Dispose();
CountryPopUpButton = null;
}
if (CancelButton != null)
{
CancelButton.Dispose();
CancelButton = null;
}
if (Country != null)
{
Country.Dispose();
Country = null;
}
if (CreateButton != null)
{
CreateButton.Dispose();
CreateButton = null;
}
if (DNSName != null)
{
DNSName.Dispose();
DNSName = null;
}
if (Email != null)
{
Email.Dispose();
Email = null;
}
if (IPAddress != null)
{
IPAddress.Dispose();
IPAddress = null;
}
if (KeyUSageContraints != null)
{
KeyUSageContraints.Dispose();
KeyUSageContraints = null;
}
if (Locality != null)
{
Locality.Dispose();
Locality = null;
}
if (Name != null)
{
Name.Dispose();
Name = null;
}
if (NotAfter != null)
{
NotAfter.Dispose();
NotAfter = null;
}
if (NotBefore != null)
{
NotBefore.Dispose();
NotBefore = null;
}
if (Organization != null)
{
Organization.Dispose();
Organization = null;
}
if (OU != null)
{
OU.Dispose();
OU = null;
}
if (PrivateKey != null)
{
PrivateKey.Dispose();
PrivateKey = null;
}
if (SelectPriKey != null)
{
SelectPriKey.Dispose();
SelectPriKey = null;
}
if (State != null)
{
State.Dispose();
State = null;
}
if (URIName != null)
{
URIName.Dispose();
URIName = null;
}
}
public X509Certificate2 CreateCertificate(string subjectName, string alternateName)
{
using (var rsa = Authority == null
? new RSACryptoServiceProvider(KeyLength)
: new RSACryptoServiceProvider(KeyLength, new CspParameters(1, "Microsoft Base Cryptographic Provider v1.0", Guid.NewGuid().ToString())))
{
var certificateRequest = new CertificateRequest(subjectName, rsa, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
if (Authority == null)
{
certificateRequest.CertificateExtensions.Add(new X509BasicConstraintsExtension(true, false, 0, true));
certificateRequest.CertificateExtensions.Add(new X509SubjectKeyIdentifierExtension(certificateRequest.PublicKey, false));
using (X509Certificate2 certificate = certificateRequest.CreateSelfSigned(NotBefore.ToUniversalTime(), NotAfter.ToUniversalTime()))
{
certificate.FriendlyName = alternateName;
return(new X509Certificate2(certificate.Export(X509ContentType.Pfx, string.Empty), string.Empty, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet));
}
}
else
{
var sanBuilder = new SubjectAlternativeNameBuilder();
sanBuilder.AddDnsName(alternateName);
certificateRequest.CertificateExtensions.Add(sanBuilder.Build());
certificateRequest.CertificateExtensions.Add(new X509BasicConstraintsExtension(false, false, 0, false));
certificateRequest.CertificateExtensions.Add(new X509SubjectKeyIdentifierExtension(certificateRequest.PublicKey, false));
using (X509Certificate2 certificate = certificateRequest.Create(Authority, Authority.NotBefore, Authority.NotAfter, Guid.NewGuid().ToByteArray()))
using (X509Certificate2 certificateWithPrivateKey = certificate.CopyWithPrivateKey(rsa))
{
certificateWithPrivateKey.FriendlyName = alternateName;
return(new X509Certificate2(certificateWithPrivateKey.Export(X509ContentType.Pfx, string.Empty), string.Empty, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet));
}
}
}
}
public X509Certificate2 CreateCertificate(string subjectName, string alternateName, X509Certificate2 authority)
{
var rsa = authority == null
? new RSACryptoServiceProvider(KeyLength)
: new RSACryptoServiceProvider(KeyLength, new CspParameters(1, "Microsoft Base Cryptographic Provider v1.0", Guid.NewGuid().ToString()));
if (authority == null)
{
var authorityCertificateRequest = new CertificateRequest(subjectName, rsa, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
authorityCertificateRequest.CertificateExtensions.Add(new X509BasicConstraintsExtension(true, false, 0, true));
authorityCertificateRequest.CertificateExtensions.Add(new X509SubjectKeyIdentifierExtension(authorityCertificateRequest.PublicKey, false));
authority = authorityCertificateRequest.CreateSelfSigned(NotBefore.ToUniversalTime(), NotAfter.ToUniversalTime());
return(new X509Certificate2(authority.Export(X509ContentType.Pfx, string.Empty), string.Empty, X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet));
}
else
{
var sanBuilder = new SubjectAlternativeNameBuilder();
sanBuilder.AddDnsName(alternateName);
var certificateRequest = new CertificateRequest(subjectName, rsa, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
certificateRequest.CertificateExtensions.Add(sanBuilder.Build());
certificateRequest.CertificateExtensions.Add(new X509BasicConstraintsExtension(false, false, 0, false));
certificateRequest.CertificateExtensions.Add(new X509KeyUsageExtension(X509KeyUsageFlags.DigitalSignature | X509KeyUsageFlags.NonRepudiation | X509KeyUsageFlags.DataEncipherment | X509KeyUsageFlags.KeyEncipherment, true));
certificateRequest.CertificateExtensions.Add(new X509EnhancedKeyUsageExtension(new OidCollection {
new Oid("1.3.6.1.5.5.7.3.1")
}, true));
certificateRequest.CertificateExtensions.Add(new X509SubjectKeyIdentifierExtension(certificateRequest.PublicKey, false));
X509Certificate2 certificate = certificateRequest.Create(authority, authority.NotBefore.ToUniversalTime(), authority.NotAfter.ToUniversalTime(), Guid.NewGuid().ToByteArray());
certificate = certificate.CopyWithPrivateKey(rsa);
return(new X509Certificate2(certificate.Export(X509ContentType.Pfx, string.Empty), string.Empty, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet));
}
}
protected bool Equals(CertificateInfo other)
{
return(string.Equals(Subject, other.Subject) && string.Equals(IssuedBy, other.IssuedBy) && NotBefore.Equals(other.NotBefore) && NotAfter.Equals(other.NotAfter) && string.Equals(Thumbprint, other.Thumbprint));
}
