X509CertificateAuthority C# (CSharp) Code Examples

Example #1

0

Show file

File: TestX509.cs Project: tmacharia/openssl-net

        public void TestRsaSha1()
        {
            using (Configuration cfg = new Configuration(Resources.OpenSslCfgFilePath))
            {
                // Test RSA/SHA1 with other SelfSigned method
                BigNumber bn = 0x10001;
                CryptoKey key;

                using (RSA rsa = new RSA())
                {
                    rsa.GenerateKeys(2048, bn, OnGenerator, null);
                    key = new CryptoKey(rsa);
                    // rsa is assigned, we no longer need this instance
                }

                using (var root = X509CertificateAuthority.SelfSigned(
                           cfg,
                           new SimpleSerialNumber(),
                           key,
                           MessageDigest.SHA1,
                           "Root1",
                           DateTime.Now,
                           TimeSpan.FromDays(365)))
                {
                    Console.WriteLine(root.Certificate);
                }
            }
        }

Example #2

0

Show file

File: CertificateAuthority.cs Project: radtek/safeid

        public void LoadCA(String PKCS12Filename)
        {
            FileInfo caPkcs12 = new FileInfo(PKCS12Filename);

            if (caPkcs12.Exists)
            {
                try
                {
                    Byte[] bPKCS12 = File.ReadAllBytes(caPkcs12.FullName);

                    // You need to write the CSR string to a BIO object as shown below.
                    BIO pkcs12BIO = BIO.MemoryBuffer();
                    pkcs12BIO.Write(bPKCS12);

                    X509Certificate cert = X509Certificate.FromPKCS12(pkcs12BIO, this.caPassword);

                    if (RootCA != null)
                    {
                        RootCA.Dispose();
                    }

                    RootCA = new X509CertificateAuthority(cert, cert.PrivateKey, new SimpleSerialNumber(1), cfg);
                }
                catch (Exception ex)
                {
                    RootCA = null;
                }
            }
        }

Example #3

0

Show file

        static void Main(string[] args)
        {
            Authorities();
            return;

            SimpleSerialNumber       seq = new SimpleSerialNumber();
            X509CertificateAuthority ca  = X509CertificateAuthority.SelfSigned(
                seq,
                new X509Name("CN=."),
                TimeSpan.FromDays(10)
                );

            Console.WriteLine(ca.Certificate);

            DSA         dsa = new DSA(new DSAParameters(512));
            CryptoKey   key = new CryptoKey(dsa);
            X509Request req = new X509Request(0, new X509Name("CN=com."), key);

            req.Sign(key, MessageDigest.DSS1);

            X509Certificate cert = ca.ProcessRequest(req, TimeSpan.FromDays(10));

            Console.WriteLine(cert);
            Console.WriteLine("CA Verified: " + cert.Verify(ca.Key));
            Console.WriteLine("Self Verified: " + cert.Verify(key));

            SimpleSerialNumber       serial2 = new SimpleSerialNumber();
            X509CertificateAuthority caSelf  = new X509CertificateAuthority(
                cert,
                key,
                serial2);

            X509Request req2    = cert.CreateRequest(key, MessageDigest.DSS1);
            X509Name    subject = req2.Subject;

            Console.WriteLine("Request1: " + req);
            Console.WriteLine("Request2: " + req2);

            X509Certificate cert2 = caSelf.ProcessRequest(req2, TimeSpan.FromDays(10));

            Console.WriteLine("Cert2: " + cert2);

            DH dh = new DH(128, 5);

            MessageDigestContext mdc = new MessageDigestContext(MessageDigest.DSS1);

            byte[] msg = dh.PublicKey;
            byte[] sig = mdc.Sign(msg, key);

            Console.WriteLine(dh);
            Console.WriteLine("DH P         : " + BitConverter.ToString(dh.P));
            Console.WriteLine("DH G         : " + BitConverter.ToString(dh.G));
            Console.WriteLine("DH Secret Key: " + BitConverter.ToString(dh.PrivateKey));
            Console.WriteLine("DH Public Key: " + BitConverter.ToString(msg));
            Console.WriteLine("DH Signature : " + BitConverter.ToString(sig));

            Console.WriteLine(mdc.Verify(msg, sig, key));
        }

Example #4

0

Show file

File: TestX509.cs Project: zhangrl/http2-katana

 public void TestDefaultDSA()
 {
     using (Configuration cfg = new Configuration("openssl.cnf")) {
         // Test default DSA method
         using (X509CertificateAuthority root = X509CertificateAuthority.SelfSigned(
                    cfg,
                    new SimpleSerialNumber(),
                    "Root1",
                    DateTime.Now,
                    TimeSpan.FromDays(365))) {
             Console.WriteLine(root.Certificate);
         }
     }
 }

Example #5

0

Show file

File: TestX509.cs Project: tmacharia/openssl-net

 public void TestDefaultDSA()
 {
     using (var cfg = new Configuration(Resources.OpenSslCfgFilePath))
     {
         // Test default DSA method
         using (var root = X509CertificateAuthority.SelfSigned(
                    cfg,
                    new SimpleSerialNumber(),
                    "Root1",
                    DateTime.Now,
                    TimeSpan.FromDays(365)))
         {
             Console.WriteLine(root.Certificate);
         }
     }
 }

Example #6

0

Show file

File: TestSSL.cs Project: tmacharia/openssl-net

        X509Certificate CreateCertificate(X509CertificateAuthority ca, string name, Configuration cfg, string section)
        {
            var now    = DateTime.Now;
            var future = now + TimeSpan.FromDays(365);

            using (var subject = new X509Name(name))
                using (var rsa = new RSA())
                {
                    rsa.GenerateKeys(1024, BigNumber.One, null, null);
                    using (var key = new CryptoKey(rsa))
                    {
                        var request = new X509Request(1, subject, key);
                        var cert    = ca.ProcessRequest(request, now, future, cfg, section);
                        cert.PrivateKey = key;
                        return(cert);
                    }
                }
        }

Example #7

0

Show file

File: TestSSL.cs Project: tmacharia/openssl-net

        public SslTestContext()
        {
            using (var cfg = new Configuration(Resources.OpenSslCfgFilePath))
                using (var ca = X509CertificateAuthority.SelfSigned(
                           cfg,
                           new SimpleSerialNumber(),
                           "Root",
                           DateTime.Now,
                           TimeSpan.FromDays(365)))
                {
                    CAChain.Add(ca.Certificate);

                    ServerCertificate = CreateCertificate(ca, "server", cfg, "tls_server");
                    ClientCertificate = CreateCertificate(ca, "client", cfg, "tls_client");
                }

            ClientCertificateList.Add(ClientCertificate);
        }

Example #8

0

Show file

File: CertificateAuthority.cs Project: radtek/safeid

        public void CreateCA(X509Name Name)
        {
            FileInfo caPkcs12 = new FileInfo(Path.Combine(certDir.FullName, Name.Common + ".pfx"));

            if (caPkcs12.Exists)
            {
                caPkcs12.Delete();
            }

            if (RootCA != null)
            {
                RootCA.Dispose();
            }

            // Create a root certificate authority which will have a self signed certificate.
            RootCA = X509CertificateAuthority.SelfSigned(cfg, new SimpleSerialNumber(), CreateNewRSAKey(2048), MessageDigest.SHA256, Name, DateTime.Now, (DateTime.Now.AddYears(10) - DateTime.Now));

            BuildPKCS12AndSave(caPkcs12.FullName, this.caPassword, RootCA.Key, RootCA.Certificate);
        }

Example #9

0

Show file

File: TestX509.cs Project: tmacharia/openssl-net

        public void TestWithoutCfg()
        {
            BigNumber bn = 0x10001;
            CryptoKey key;

            using (RSA rsa = new RSA())
            {
                rsa.GenerateKeys(2048, bn, OnGenerator, null);
                key = new CryptoKey(rsa);
                // rsa is assigned, we no longer need this instance
            }

            var extList = new List <X509V3ExtensionValue> {
                new X509V3ExtensionValue("subjectKeyIdentifier", false, "hash"),
                new X509V3ExtensionValue("authorityKeyIdentifier", false, "keyid:always,issuer:always"),
                new X509V3ExtensionValue("basicConstraints", true, "critical,CA:true"),
                new X509V3ExtensionValue("keyUsage", false, "cRLSign,keyCertSign"),
            };

            using (var root = X509CertificateAuthority.SelfSigned(
                       new SimpleSerialNumber(),
                       key,
                       MessageDigest.SHA1,
                       "Root1",
                       DateTime.Now,
                       TimeSpan.FromDays(365),
                       extList))
            {
                Console.WriteLine(root.Certificate);
                // Iterate the extensions
                Console.WriteLine("X509v3 Extensions:");
                foreach (var ext in root.Certificate.Extensions)
                {
                    Console.WriteLine("Name:{0}, IsCritical:{1}, Value:{2}", ext.Name, ext.IsCritical, ext);
                }
            }
        }

Example #10

0

Show file

File: CertificateAuthority.cs Project: rajeshwarn/SelfSignedX509OpenSslNet

        /// <summary>
        /// Creates a new Certificate Authority using a list of extensions for the CA certificate.
        /// </summary>
        public void CreateCertificateAuthorityWithExtensions()
        {
            var extensions = GetCertificateAuthorityExtensions();

            this.CA = X509CertificateAuthority.SelfSigned(this.SerialNumberSequencer, this.Key, MessageDigest.SHA512, this.Subject, DateTime.UtcNow, TimeSpan.FromDays(365), extensions);
        }

Example #11

0

Show file

File: Program2.cs Project: kengmail/OpenSSL.NET

		public void Promote(X509Certificate cert)
		{
			cert.Verify(this.key);
			this.ca = new X509CertificateAuthority(cert, this.key, this.serial);
		}

Example #12

0

Show file

File: CertificateAuthority.cs Project: radtek/safeid

        public void LoadOrCreateCA(String PKCS12Filename, X509Name Name, subjectAltName altNames)
        {
            FileInfo caPkcs12 = new FileInfo(PKCS12Filename);

            if (caPkcs12.Exists)
            {
                try
                {
                    Byte[] bPKCS12 = File.ReadAllBytes(caPkcs12.FullName);

                    // You need to write the CSR string to a BIO object as shown below.
                    BIO pkcs12BIO = BIO.MemoryBuffer();
                    pkcs12BIO.Write(bPKCS12);

                    X509Certificate cert = X509Certificate.FromPKCS12(pkcs12BIO, this.caPassword);

                    if (RootCA != null)
                    {
                        RootCA.Dispose();
                    }

                    RootCA = new X509CertificateAuthority(cert, cert.PrivateKey, new SimpleSerialNumber(1), cfg);
                }
                catch
                {
                    RootCA = null;
                }
            }

            if (RootCA == null)
            {
                X509V3ExtensionList ext = new X509V3ExtensionList();

                ext.Add(new X509V3ExtensionValue("nsComment", true, "SafeID - IAM Generated Certificate"));
                ext.Add(new X509V3ExtensionValue("basicConstraints", true, "CA:true"));
                //ext.Add(new X509V3ExtensionValue("keyUsage", true, "critical, cRLSign, keyCertSign, digitalSignature"));
                ext.Add(new X509V3ExtensionValue("subjectKeyIdentifier", true, "hash"));
                ext.Add(new X509V3ExtensionValue("authorityKeyIdentifier", true, "keyid,issuer:always"));

                if (altNames != null)
                {
                    foreach (Uri u in altNames.Uri)
                    {
                        ext.Add(new X509V3ExtensionValue("subjectAltName", true, "URI:" + u.AbsoluteUri.ToLower()));
                    }

                    foreach (String m in altNames.Mail)
                    {
                        ext.Add(new X509V3ExtensionValue("subjectAltName", true, "email:" + m));
                    }

                    foreach (String s in altNames.Dns)
                    {
                        ext.Add(new X509V3ExtensionValue("subjectAltName", true, "DNS:" + s));
                    }

                    foreach (String s in altNames.Text)
                    {
                        ext.Add(new X509V3ExtensionValue("subjectAltName", true, "otherName:1.2.3.4;UTF8:" + s));
                    }
                }

                RootCA = X509CertificateAuthority.SelfSigned(new SimpleSerialNumber(), CreateNewRSAKey(2048), MessageDigest.SHA1, Name, DateTime.Now.AddHours(-24), (DateTime.Now.AddYears(10) - DateTime.Now), ext);

                BuildPKCS12AndSave(caPkcs12.FullName, this.caPassword, RootCA.Key, RootCA.Certificate);
            }
        }

Example #13

0

Show file

File: Program.cs Project: kengmail/OpenSSL.NET

		static void Main(string[] args)
		{
			Configuration cfg = new Configuration("openssl.cnf");
			X509CertificateAuthority root = X509CertificateAuthority.SelfSigned(
				cfg, 
				new SimpleSerialNumber(), 
				"Root1", 
				DateTime.Now, 
				TimeSpan.FromDays(365));
			X509CertificateAuthority rogue = X509CertificateAuthority.SelfSigned(
				cfg,
				new SimpleSerialNumber(), 
				"Rogue", 
				DateTime.Now, 
				TimeSpan.FromDays(365));

			Identity comId = new Identity(new CryptoKey(new DSA(true)));
			X509Request comReq = comId.CreateRequest("com");
			X509Certificate comCert = root.ProcessRequest(comReq, DateTime.Now, DateTime.Now + TimeSpan.FromDays(365));

			if (!comCert.Verify(root.Key))
				Console.WriteLine("Invalid com cert");
			X509CertificateAuthority com = new X509CertificateAuthority(
				comCert, 
				comId.PrivateKey, 
				new SimpleSerialNumber(), 
				cfg);

			Identity id1 = new Identity(new CryptoKey(new DSA(true)));
			X509Request req1 = id1.CreateRequest("1");
			X509Certificate cert1 = com.ProcessRequest(
				req1, 
				DateTime.Now, 
				DateTime.Now + TimeSpan.FromDays(365));

			Identity id2 = new Identity(new CryptoKey(new DSA(true)));
			X509Request req2 = id2.CreateRequest("2");
			X509Certificate cert2 = rogue.ProcessRequest(
				req2, 
				DateTime.Now, 
				DateTime.Now + TimeSpan.FromDays(365));

			X509Store store = new X509Store();
			store.AddTrusted(root.Certificate);
			store.AddUntrusted(root.Certificate);
			store.AddUntrusted(com.Certificate);

			string error;
			if (store.Verify(cert1, out error))
				Console.WriteLine("cert1 OK");
			else
				Console.WriteLine("cert1: " + error);

			store.AddUntrusted(rogue.Certificate);
			if (store.Verify(cert2, out error))
				Console.WriteLine("cert2 OK");
			else
				Console.WriteLine("cert2: " + error);

			//Console.WriteLine("root:");
			Console.WriteLine(root.Certificate);
			//Console.WriteLine("com:");
			Console.WriteLine(com.Certificate);
			//Console.WriteLine("rogue:");
			Console.WriteLine(rogue.Certificate);
			//Console.WriteLine("id1:");
			Console.WriteLine(cert1);
			//Console.WriteLine("id2:");
			Console.WriteLine(cert2);
		}

Example #14

0

Show file

 public Authority(X509Certificate cert, CryptoKey key)
 {
     this.key  = key;
     this.ca   = new X509CertificateAuthority(cert, key, this.serial);
     this.name = cert.Subject.Common;
 }

Example #15

0

Show file

        void DoWork()
        {
            try
            {
                // Step 1
                if (nameFrm1.GetNames())
                {
                    X509Name subject = new X509Name();

                    // TODO FIX NAME FRM
                    int progress = 0;
                    int cur      = 0;
                    foreach (KeyValuePair <string, string> keyp in nameFrm1.bind.Vals)
                    {
                        progress = (int)((double)((cur / nameFrm1.bind.Vals.Count) * 100));
                        backgroundWorker1.ReportProgress(progress, 1);

                        subject.AddEntryByName(keyp.Key.ToUpper(), keyp.Value);
                        cur++;
                    }



                    backgroundWorker1.ReportProgress(100, 1);

                    // Step 2
                    progress = 0;
                    cur      = 0;

                    if (keyGenerationFrm1.GenerateKey())
                    {
                        Al.Security.CA.KeyGenerationBind keyb = keyGenerationFrm1.bind;
                        CryptoKey KeyPair = keyb.KeyPair;

                        //               var serialNumber =
                        //BigIntegers.CreateRandomInRange(
                        //    BigInteger.One, BigInteger.ValueOf(Int64.MaxValue), keyb.SRandom);
                        // CUTOM SERIAL
                        SimpleSerialNumber serial = null;
                        int serialn = 0;
                        if (keyGenerationFrm1.serialnumber.Value != null && keyGenerationFrm1.serialnumber.Value != 0)
                        {
                            serial = new SimpleSerialNumber(keyGenerationFrm1.serialnumber.Value);
                        }


                        backgroundWorker1.ReportProgress(100, 2);

                        // STEP 3
                        if (!configbox.Checked)
                        {
                            ExtensionsWork();
                        }
                        Configuration config = new Configuration(Application.StartupPath + @"\ext.cfg");
                        backgroundWorker1.ReportProgress(100, 3);
                        DateTime notbe = nameFrm1.notbefore.Value;
                        TimeSpan vali  = nameFrm1.notafter.Value.Subtract(notbe);
                        // STEP 4 SAVE
                        X509CertificateAuthority ca = null;
                        if (serial != null)
                        {
                            ca = X509CertificateAuthority.SelfSigned(config, serial,
                                                                     KeyPair, keyb.SignatureAlgorithm, subject, notbe,
                                                                     vali);
                        }
                        else
                        {
                            ca = X509CertificateAuthority.SelfSigned(config, new SimpleSerialNumber(),
                                                                     KeyPair, keyb.SignatureAlgorithm, subject, notbe,
                                                                     vali);
                        }


                        //  cfrm = new CertExportFrm();
                        cfrm.certificate = ca.Certificate;
                        cfrm.Key         = KeyPair;

                        backgroundWorker1.ReportProgress(100, 4);
                    }
                    else
                    {
                        SelectTab(superTabItem5);
                    }
                }
                else
                {
                    SelectTab(superTabItem4);
                }
            }
            catch (Exception ex)
            {
                MessageBoxEx.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Warning);
            }
        }

Example #16

0

Show file

File: Program2.cs Project: kengmail/OpenSSL.NET

		static void Main(string[] args)
		{
			Authorities();
			return;

			SimpleSerialNumber seq = new SimpleSerialNumber();
			X509CertificateAuthority ca = X509CertificateAuthority.SelfSigned(
				seq,
				new X509Name("CN=."),
				TimeSpan.FromDays(10)
			);

			Console.WriteLine(ca.Certificate);

			DSA dsa = new DSA(new DSAParameters(512));
			CryptoKey key = new CryptoKey(dsa);
			X509Request req = new X509Request(0, new X509Name("CN=com."), key);
			req.Sign(key, MessageDigest.DSS1);

			X509Certificate cert = ca.ProcessRequest(req, TimeSpan.FromDays(10));
			Console.WriteLine(cert);
			Console.WriteLine("CA Verified: " + cert.Verify(ca.Key));
			Console.WriteLine("Self Verified: " + cert.Verify(key));

			SimpleSerialNumber serial2 = new SimpleSerialNumber();
			X509CertificateAuthority caSelf = new X509CertificateAuthority(
				cert,
				key,
				serial2);

			X509Request req2 = cert.CreateRequest(key, MessageDigest.DSS1);
			X509Name subject = req2.Subject;
			Console.WriteLine("Request1: " + req);
			Console.WriteLine("Request2: " + req2);

			X509Certificate cert2 = caSelf.ProcessRequest(req2, TimeSpan.FromDays(10));
			Console.WriteLine("Cert2: " + cert2);

			DH dh = new DH(128, 5);

			MessageDigestContext mdc = new MessageDigestContext(MessageDigest.DSS1);
			byte[] msg = dh.PublicKey;
			byte[] sig = mdc.Sign(msg, key);

			Console.WriteLine(dh);
			Console.WriteLine("DH P         : " + BitConverter.ToString(dh.P));
			Console.WriteLine("DH G         : " + BitConverter.ToString(dh.G));
			Console.WriteLine("DH Secret Key: " + BitConverter.ToString(dh.PrivateKey));
			Console.WriteLine("DH Public Key: " + BitConverter.ToString(msg));
			Console.WriteLine("DH Signature : " + BitConverter.ToString(sig));

			Console.WriteLine(mdc.Verify(msg, sig, key));
		}

Example #17

0

Show file

File: Program2.cs Project: kengmail/OpenSSL.NET

		public Authority(X509Certificate cert, CryptoKey key)
		{
			this.key = key;
			this.ca = new X509CertificateAuthority(cert, key, this.serial);
			this.name = cert.Subject.Common;
		}

Example #18

0

Show file

        void DoWork()
        {
            try
            {
                //var certificateGenerator = new X509V3CertificateGenerator();
                // Step 1
                if (nameFrm1.GetNames())
                {
                    X509Name subject = new X509Name();

                    // TODO FIX NAME FRM
                    int progress = 0;
                    int cur      = 0;
                    foreach (KeyValuePair <string, string> keyp in nameFrm1.bind.Vals)
                    {
                        progress = (int)((double)((cur / nameFrm1.bind.Vals.Count) * 100));
                        backgroundWorker1.ReportProgress(progress, 1);
                        subject.AddEntryByName(keyp.Key.ToUpper(), keyp.Value);
                        cur++;
                    }



                    backgroundWorker1.ReportProgress(100, 1);

                    // Step 2
                    progress = 0;
                    cur      = 0;

                    if (keyGenerationFrm1.GenerateKey())
                    {
                        Al.Security.CA.KeyGenerationBind keyb = keyGenerationFrm1.bind;
                        CryptoKey KeyPair = keyb.KeyPair;
                        CSReq = new X509Request(2, subject, KeyPair);
                        // CUSTOM SERIAL NUMBER
                        SimpleSerialNumber serial = null;

                        if (keyGenerationFrm1.serialnumber.Value != null && keyGenerationFrm1.serialnumber.Value != 0)
                        {
                            serial = new SimpleSerialNumber(keyGenerationFrm1.serialnumber.Value);
                        }



                        backgroundWorker1.ReportProgress(100, 2);

                        // STEP 3
                        if (!configbox.Checked)
                        {
                            ExtensionsWork();
                        }
                        Configuration config = new Configuration(Application.StartupPath + @"\ext.cfg");
                        backgroundWorker1.ReportProgress(100, 3);
                        DateTime notbe = nameFrm1.notbefore.Value;
                        DateTime vali  = nameFrm1.notafter.Value;
                        // STEP 4 SAVE
                        //generate
                        SimpleSerialNumber       caserial   = new SimpleSerialNumber(PFX.Certificate.SerialNumber);
                        X509CertificateAuthority ca         = new X509CertificateAuthority(PFX.Certificate, PFX.PrivateKey, caserial, config);
                        X509Certificate          signedCert = null;
                        if (serial != null)
                        {
                            signedCert = ca.ProcessRequest(serial, config, CSReq, DateTime.UtcNow, vali, keyb.SignatureAlgorithm);
                        }

                        else
                        {
                            signedCert = ca.ProcessRequest(config, CSReq, DateTime.UtcNow, vali, keyb.SignatureAlgorithm);
                        }

                        //     CertExportFrm cfrm = new CertExportFrm();
                        cfrm.certificate = signedCert;
                        cfrm.Key         = KeyPair;
                        //   cfrm.ShowDialog();

                        backgroundWorker1.ReportProgress(100, 4);
                    }
                    else
                    {
                        SelectTab(superTabItem5);
                    }
                }
                else
                {
                    SelectTab(superTabItem4);
                }
            }
            catch (Exception ex)
            {
                MessageBoxEx.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Warning);
            }
        }

Example #19

0

Show file

File: Program.cs Project: Apuju/DatabaseEntityObjectPOC.NET

        static void Main(string[] args)
        {
            Configuration            cfg  = new Configuration("openssl.cnf");
            X509CertificateAuthority root = X509CertificateAuthority.SelfSigned(
                cfg,
                new SimpleSerialNumber(),
                "Root1",
                DateTime.Now,
                TimeSpan.FromDays(365));
            X509CertificateAuthority rogue = X509CertificateAuthority.SelfSigned(
                cfg,
                new SimpleSerialNumber(),
                "Rogue",
                DateTime.Now,
                TimeSpan.FromDays(365));

            Identity        comId   = new Identity(new CryptoKey(new DSA(true)));
            X509Request     comReq  = comId.CreateRequest("com");
            X509Certificate comCert = root.ProcessRequest(comReq, DateTime.Now, DateTime.Now + TimeSpan.FromDays(365));

            if (!comCert.Verify(root.Key))
            {
                Console.WriteLine("Invalid com cert");
            }
            X509CertificateAuthority com = new X509CertificateAuthority(
                comCert,
                comId.PrivateKey,
                new SimpleSerialNumber(),
                cfg);

            Identity        id1   = new Identity(new CryptoKey(new DSA(true)));
            X509Request     req1  = id1.CreateRequest("1");
            X509Certificate cert1 = com.ProcessRequest(
                req1,
                DateTime.Now,
                DateTime.Now + TimeSpan.FromDays(365));

            Identity        id2   = new Identity(new CryptoKey(new DSA(true)));
            X509Request     req2  = id2.CreateRequest("2");
            X509Certificate cert2 = rogue.ProcessRequest(
                req2,
                DateTime.Now,
                DateTime.Now + TimeSpan.FromDays(365));

            X509Store store = new X509Store();

            store.AddTrusted(root.Certificate);
            store.AddUntrusted(root.Certificate);
            store.AddUntrusted(com.Certificate);

            string error;

            if (store.Verify(cert1, out error))
            {
                Console.WriteLine("cert1 OK");
            }
            else
            {
                Console.WriteLine("cert1: " + error);
            }

            store.AddUntrusted(rogue.Certificate);
            if (store.Verify(cert2, out error))
            {
                Console.WriteLine("cert2 OK");
            }
            else
            {
                Console.WriteLine("cert2: " + error);
            }

            //Console.WriteLine("root:");
            Console.WriteLine(root.Certificate);
            //Console.WriteLine("com:");
            Console.WriteLine(com.Certificate);
            //Console.WriteLine("rogue:");
            Console.WriteLine(rogue.Certificate);
            //Console.WriteLine("id1:");
            Console.WriteLine(cert1);
            //Console.WriteLine("id2:");
            Console.WriteLine(cert2);
        }

Example #20

0

Show file

File: CertificateAuthority.cs Project: rajeshwarn/SelfSignedX509OpenSslNet

        /// <summary>
        /// Creates a new Certificate Authority instance that uses the configuration file when
        /// to apply extensions when the CA signs a new certificate. The CA
        /// is created with the extensions in the [ V3_CA ] section in the configuration file.
        /// </summary>
        public void CreateCertificateAuthorityWithConfigurationFile()
        {
            this.Config = LoadConfigurationFile(Path.Combine(Environment.CurrentDirectory, Settings.Default.OpenSslConfigurationFileName));

            this.CA = X509CertificateAuthority.SelfSigned(this.Config, this.SerialNumberSequencer, this.Key, MessageDigest.SHA512, this.Subject, DateTime.UtcNow, TimeSpan.FromDays(365));
        }

Example #21

0

Show file

 public void Promote(X509Certificate cert)
 {
     cert.Verify(this.key);
     this.ca = new X509CertificateAuthority(cert, this.key, this.serial);
 }

C# (CSharp) X509CertificateAuthority Examples