/// <summary>
/// Generate an X509Certificate using your own SecureRandom.
/// </summary>
/// <param name="privateKey">The private key of the issuer that is signing this certificate.</param>
/// <param name="random">You Secure Random instance.</param>
/// <returns>An X509Certificate.</returns>
public X509Certificate Generate(
AsymmetricKeyParameter privateKey,
SecureRandom random)
{
TbsCertificateStructure tbsCert = GenerateTbsCert();
byte[] signature;
try
{
signature = X509Utilities.GetSignatureForObject(
sigOid, signatureAlgorithm, privateKey, random, tbsCert);
}
catch (Exception e)
{
// TODO
// throw new ExtCertificateEncodingException("exception encoding TBS cert", e);
throw new CertificateEncodingException("exception encoding TBS cert", e);
}
try
{
return(GenerateJcaObject(tbsCert, signature));
}
catch (CertificateParsingException e)
{
// TODO
// throw new ExtCertificateEncodingException("exception producing certificate object", e);
throw new CertificateEncodingException("exception producing certificate object", e);
}
}
/// <summary>
/// Generate an X509 certificate, based on the current issuer and subject,
/// using the supplied source of randomness, if required.
/// </summary>
public IX509AttributeCertificate Generate(
AsymmetricKeyParameter publicKey,
SecureRandom random)
{
if (!extGenerator.IsEmpty)
{
acInfoGen.SetExtensions(extGenerator.Generate());
}
AttributeCertificateInfo acInfo = acInfoGen.GenerateAttributeCertificateInfo();
Asn1EncodableVector v = new Asn1EncodableVector();
v.Add(acInfo, sigAlgId);
try
{
v.Add(new DerBitString(X509Utilities.GetSignatureForObject(sigOID, signatureAlgorithm, publicKey, random, acInfo)));
return(new X509V2AttributeCertificate(AttributeCertificate.GetInstance(new DerSequence(v))));
}
catch (Exception e)
{
// TODO
// throw new ExtCertificateEncodingException("constructed invalid certificate", e);
throw new CertificateEncodingException("constructed invalid certificate", e);
}
}
/**
* Set the signature algorithm. This can be either a name or an oid, names
* are treated as case insensitive.
*
* @param signatureAlgorithm string representation of the algorithm name.
*/
public void SetSignatureAlgorithm(
string signatureAlgorithm)
{
this.signatureAlgorithm = signatureAlgorithm;
try
{
sigOID = X509Utilities.GetAlgorithmOid(signatureAlgorithm);
}
catch (Exception e)
{
throw new ArgumentException("Unknown signature type requested", e);
}
sigAlgId = X509Utilities.GetSigAlgID(sigOID, signatureAlgorithm);
tbsGen.SetSignature(sigAlgId);
}
/// <summary>Generate an X509 CRL, based on the current issuer and subject.</summary>
/// <param name="privateKey">The key used for signing.</param>
/// <param name="random">A user-defined source of randomness.</param>
public X509Crl Generate(
AsymmetricKeyParameter privateKey,
SecureRandom random)
{
TbsCertificateList tbsCrl = GenerateCertList();
byte[] signature;
try
{
signature = X509Utilities.GetSignatureForObject(
sigOID, signatureAlgorithm, privateKey, random, tbsCrl);
}
catch (IOException e)
{
// TODO
// throw new ExtCrlException("cannot generate CRL encoding", e);
throw new CrlException("cannot generate CRL encoding", e);
}
return(GenerateJcaObject(tbsCrl, signature));
}