public void CrlIssuerDPWork(ref bool crlenabled, ref bool issuerenabled, ref CrlDistributionPointsExt crl, ref IssuingDistributionPointsExt issuer, ref bool critical)
{
List <DistributionPointEntry> crls = new List <DistributionPointEntry>();
List <DistributionPointEntry> issuers = new List <DistributionPointEntry>();
foreach (ListViewItem it in listView7.Items)
{
if (it.Tag is DistributionPointEntry)
{
if (it.Text.StartsWith("[CRL]"))
{
crls.Add((DistributionPointEntry)it.Tag);
}
else
{
issuers.Add((DistributionPointEntry)it.Tag);
}
}
}
crlenabled = (crls.Count > 0);
issuerenabled = (issuers.Count > 0);
if (crlenabled)
{
crl = new CrlDistributionPointsExt(crls);
}
else
{
crl = null;
}
if (issuerenabled)
{
issuer = new IssuingDistributionPointsExt(issuers[0]);
}
else
{
issuer = null;
}
if (issuers.Count > 1)
{
Log.ShowInfo("Only 1 issuing distribution point will be used", "ISSUING DISTRIBUTION POINTS");
}
critical = crlcrit.Checked;
}
void ExtensionsWork()
{
if (!InvokeRequired)
{
List <Al.Security.CA.X509Ext> Extensions = new List <X509Ext>();
bool critical = false;
bool enabled = false;
// Key Identifiers
bool skid = false;
bool akid = false;
extentionsfrm1.KeyIDWork(ref skid, ref akid, ref critical);
SubjectKeyIdentifierExt skidd = new SubjectKeyIdentifierExt();
skidd.Critical = critical;
AuthorityKeyIdentifierExt akidd = new AuthorityKeyIdentifierExt();
akidd.Critical = critical;
if (skid)
{
Extensions.Add(skidd);
}
if (akid)
{
Extensions.Add(akidd);
}
// CUSTOM
// Basic Constraints
BasicConstraintsExt bc = null;
extentionsfrm1.BasicConstraintWork(ref bc, ref critical);
bc.Critical = critical;
if (bc != null)
{
Extensions.Add(bc);
}
else
{
throw new ArgumentException("Basic Constraints is required");
}
// Key Usage
List <X509KeyUsages> keyusage = new List <X509KeyUsages>();
extentionsfrm1.KeyUsageWork(ref keyusage, ref critical);
if (keyusage != null)
{
X509KeyUsageExt k = new X509KeyUsageExt(keyusage);
k.Critical = critical;
Extensions.Add(k);
}
else
{
throw new ArgumentException("No Key Usage Option was defined");
}
// Extended Key Usage
List <X509ExtendedKeyUsages> keypid = null;
List <string> customoid = null;
extentionsfrm1.ExtendedKeyUsageWork(ref keypid, ref customoid, ref critical);
if (keypid != null)
{
X509ExtendedKeyUsageExt kext = null;
if (customoid != null)
{
kext = new X509ExtendedKeyUsageExt(keypid, customoid);
}
else
{
kext = new X509ExtendedKeyUsageExt(keypid);
}
kext.Critical = critical;
Extensions.Add(kext);
}
else
{
throw new ArgumentException("Extended Key Usage Error");
}
// Name Constraints
List <GlobalName> Permitted = null;
List <GlobalName> Excluded = null;
enabled = false;
extentionsfrm1.NameConstraintsWork(ref enabled, ref Permitted, ref Excluded, ref critical);
if (enabled)
{
List <NameConstraintsExt> nexts = new List <NameConstraintsExt>();
if (Permitted != null)
{
foreach (GlobalName g in Permitted)
{
NameConstraintsExt nce = new NameConstraintsExt(g, true);
// nce.Critical = critical;
nexts.Add(nce);
}
}
if (Excluded != null)
{
foreach (GlobalName g in Excluded)
{
NameConstraintsExt nce = new NameConstraintsExt(g, false);
// nce.Critical = critical;
nexts.Add(nce);
}
}
NameConstraintsExt ncef = new NameConstraintsExt(nexts);
ncef.Critical = critical;
Extensions.Add(ncef);
}
// Authority Access Informations
List <AuthorityInfoAccessExt> authseq = null;
enabled = false;
extentionsfrm1.AuthorityInfoWork(ref enabled, ref critical, ref authseq);
if (enabled && authseq != null)
{
AuthorityInfoAccessExt ext = new AuthorityInfoAccessExt(authseq);
ext.Critical = critical;
Extensions.Add(ext);
}
// Policy Settings
bool polen = false;
enabled = false;
int inhibmap = 0;
int explicitmap = 0;
int inhib = 0;
extentionsfrm1.PolicySettingsWork(ref polen, ref enabled, ref critical, ref inhibmap, ref explicitmap, ref inhib);
if (polen)
{
PolicyConstraintsExt pc = new PolicyConstraintsExt((int)explicitmap, (int)inhibmap);
pc.Critical = critical;
Extensions.Add(pc);
// certificateGenerator.AddExtension(X509Extensions.PolicyConstraints, critical, new DerOctetSequence(new byte[] { 128, 1, explicitmap, 129, 1, inhibmap }));
}
if (enabled)
{
InhibAnyPolicyConstraintsExt inh = new InhibAnyPolicyConstraintsExt(inhib);
inh.Critical = critical;
Extensions.Add(inh);
}
// Subject Alt Names
enabled = false;
List <GlobalName> names = null;
extentionsfrm1.SubjectAltWork(ref enabled, ref critical, ref names);
if (names != null && enabled)
{
SubjectAltNameExt saltext = new SubjectAltNameExt(names);
saltext.Critical = critical;
Extensions.Add(saltext);
}
// Issuer Alt Names
enabled = false;
names = null;
extentionsfrm1.IssuerAltWork(ref enabled, ref critical, ref names);
if (names != null && enabled)
{
if (names.Count > 0)
{
IssuerAltNameExt saltext = new IssuerAltNameExt(names);
saltext.Critical = critical;
Extensions.Add(saltext);
}
}
// Crl/Issuer Distribution Points
polen = false;
enabled = false;
CrlDistributionPointsExt crlext = null;
IssuingDistributionPointsExt issuerext = null;
extentionsfrm1.CrlIssuerDPWork(ref polen, ref enabled, ref crlext, ref issuerext, ref critical);
if (polen && crlext != null)
{
crlext.Critical = critical;
Extensions.Add(crlext);
}
if (enabled && issuerext != null)
{
issuerext.Critical = critical;
Extensions.Add(issuerext);
}
// Policy Information
enabled = false;
CertificatePoliciesExt pols = null;
extentionsfrm1.PolicyWork(ref enabled, ref critical, ref pols);
if (enabled && pols != null)
{
pols.Critical = critical;
Extensions.Add(pols);
}
// Netscape Informations
enabled = false;
polen = false;
string nsurl = "";
string nscomment = "";
string nspol = "";
string nscarevurl = "";
string nsrevurl = "";
string sslname = "";
extentionsfrm1.NetscapeWork(ref critical, ref enabled, ref nscomment, ref nsurl, ref nspol, ref nscarevurl, ref nsrevurl, ref sslname);
if (enabled)
{
List <NetscapeKeyUsage> nk = new List <NetscapeKeyUsage>();
foreach (X509ExtendedKeyUsages k in keypid)
{
if (k == X509ExtendedKeyUsages.clientAuth)
{
nk.Add(NetscapeKeyUsage.client);
}
else if (k == X509ExtendedKeyUsages.codeSigning)
{
nk.Add(NetscapeKeyUsage.objsign);
}
else if (k == X509ExtendedKeyUsages.emailProtection)
{
nk.Add(NetscapeKeyUsage.email);
}
else if (k == X509ExtendedKeyUsages.serverAuth)
{
nk.Add(NetscapeKeyUsage.server);
}
if (bc.Value.Contains("TRUE"))
{
if (k == X509ExtendedKeyUsages.serverAuth || k == X509ExtendedKeyUsages.clientAuth)
{
nk.Add(NetscapeKeyUsage.sslCA);
}
if (k == X509ExtendedKeyUsages.emailProtection)
{
nk.Add(NetscapeKeyUsage.emailCA);
}
if (k == X509ExtendedKeyUsages.codeSigning)
{
nk.Add(NetscapeKeyUsage.objCA);
}
}
}
NsKeyUsageExt nsk = new NsKeyUsageExt(nk);
nsk.Critical = critical;
Extensions.Add(nsk);
}
if (!string.IsNullOrEmpty(nscomment))
{
NsCommentExt nsext = new NsCommentExt(nscomment);
nsext.Critical = critical;
Extensions.Add(nsext);
}
if (!string.IsNullOrEmpty(nsurl))
{
NsUrlExt nsext = new NsUrlExt(nsurl);
nsext.Critical = critical;
Extensions.Add(nsext);
}
if (!string.IsNullOrEmpty(nscarevurl))
{
nsCaRevocationUrlExt nsext = new nsCaRevocationUrlExt(nscarevurl);
nsext.Critical = critical;
Extensions.Add(nsext);
}
if (!string.IsNullOrEmpty(nspol))
{
nsCaPolicyUrlExt nsext = new nsCaPolicyUrlExt(nspol);
nsext.Critical = critical;
Extensions.Add(nsext);
}
if (!string.IsNullOrEmpty(nsrevurl))
{
nsRevocationUrlExt nsext = new nsRevocationUrlExt(nsrevurl);
nsext.Critical = critical;
Extensions.Add(nsext);
}
if (!string.IsNullOrEmpty(sslname))
{
nsSslServerNameExt nsext = new nsSslServerNameExt(sslname);
nsext.Critical = critical;
Extensions.Add(nsext);
}
// 17 : Custom Extensions
List <CustomExtension> custom = extentionsfrm1.GetCustoms();
if (custom.Count > 0)
{
foreach (CustomExtension c in custom)
{
Extensions.Add(c);
}
}
X509ExtensionManager.Export(Application.StartupPath + @"\ext.cfg", Extensions);
SectionManager.Clean();
MainForm.mf.configbox.Text = File.ReadAllText(Application.StartupPath + @"\ext.cfg");
}
else
{
this.Invoke(new ExtWork(ExtensionsWork));
}
}
