/// <summary>
/// Create a CRL builder initialized with a decoded CRL.
/// </summary>
/// <param name="crl">The decoded CRL</param>
private CrlBuilder(IX509CRL crl)
{
IssuerName = crl.IssuerName;
HashAlgorithmName = crl.HashAlgorithmName;
ThisUpdate = crl.ThisUpdate;
NextUpdate = crl.NextUpdate;
RawData = crl.RawData;
m_revokedCertificates = new List <RevokedCertificate>(crl.RevokedCertificates);
m_crlExtensions = new X509ExtensionCollection();
foreach (var extension in crl.CrlExtensions)
{
m_crlExtensions.Add(extension);
}
}
/// <summary>
/// Create CRL from IX509CRL interface.
/// </summary>
/// <param name="crl"></param>
public X509CRL(IX509CRL crl)
{
m_decoded = true;
m_issuerName = crl.IssuerName;
m_hashAlgorithmName = crl.HashAlgorithmName;
m_thisUpdate = crl.ThisUpdate;
m_nextUpdate = crl.NextUpdate;
m_revokedCertificates = new List <RevokedCertificate>(crl.RevokedCertificates);
m_crlExtensions = new X509ExtensionCollection();
foreach (var extension in crl.CrlExtensions)
{
m_crlExtensions.Add(extension);
}
RawData = crl.RawData;
}
public void GlobalSetup()
{
m_issuerCert = CertificateBuilder.Create("CN=Root CA")
.SetCAConstraint()
.CreateForRSA();
m_certificate = CertificateBuilder.Create("CN=TestCert")
.SetNotBefore(DateTime.Today.AddDays(-1))
.AddExtension(
new X509SubjectAltNameExtension("urn:opcfoundation.org:mypc",
new string[] { "mypc", "mypc.opcfoundation.org", "192.168.1.100" }))
.CreateForRSA();
var crlBuilder = CrlBuilder.Create(m_issuerCert.SubjectName, HashAlgorithmName.SHA256)
.SetThisUpdate(DateTime.UtcNow.Date)
.SetNextUpdate(DateTime.UtcNow.Date.AddDays(30));
var revokedarray = new RevokedCertificate(m_certificate.SerialNumber);
crlBuilder.RevokedCertificates.Add(revokedarray);
crlBuilder.CrlExtensions.Add(X509Extensions.BuildCRLNumber(1));
crlBuilder.CrlExtensions.Add(X509Extensions.BuildAuthorityKeyIdentifier(m_issuerCert));
m_issuerCrl = crlBuilder.CreateForRSA(m_issuerCert);
m_x509Crl = new X509CRL(m_issuerCrl.RawData);
var random = new Random();
m_rsaPrivateKey = m_certificate.GetRSAPrivateKey();
m_rsaPublicKey = m_certificate.GetRSAPublicKey();
// blob size for RSA padding OaepSHA256
int blobSize = m_rsaPublicKey.KeySize / 8 - 66;
m_randomByteArray = new byte[blobSize];
random.NextBytes(m_randomByteArray);
m_encryptedByteArray = m_rsaPublicKey.Encrypt(m_randomByteArray, RSAEncryptionPadding.OaepSHA256);
m_signature = m_rsaPrivateKey.SignData(m_randomByteArray, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
}
/// <summary>
/// Create a CRL builder initialized with a decoded CRL.
/// </summary>
/// <param name="crl">The decoded CRL</param>
public static CrlBuilder Create(IX509CRL crl)
{
return(new CrlBuilder(crl));
}
