Inheritance: AsnEncodedData
Exemple #1
0
        /// <summary>
        /// Create an ASN.1 DER-encoded PKCS#10 CertificationRequest representing the current state
        /// of this object using the provided signature generator.
        /// </summary>
        /// <param name="signatureGenerator">
        ///   A <see cref="X509SignatureGenerator"/> with which to sign the request.
        /// </param>
        public byte[] CreateSigningRequest(X509SignatureGenerator signatureGenerator)
        {
            ArgumentNullException.ThrowIfNull(signatureGenerator);

            X501Attribute[] attributes = Array.Empty <X501Attribute>();

            if (CertificateExtensions.Count > 0)
            {
                attributes = new X501Attribute[] { new Pkcs9ExtensionRequest(CertificateExtensions) };
            }

            var requestInfo = new Pkcs10CertificationRequestInfo(SubjectName, PublicKey, attributes);

            return(requestInfo.ToPkcs10Request(signatureGenerator, HashAlgorithm));
        }
Exemple #2
0
        /// <summary>
        /// Create an ASN.1 DER-encoded PKCS#10 CertificationRequest representing the current state
        /// of this object using the provided signature generator.
        /// </summary>
        /// <param name="signatureGenerator">
        ///   A <see cref="X509SignatureGenerator"/> with which to sign the request.
        /// </param>
        /// <exception cref="ArgumentNullException">
        ///   <paramref name="signatureGenerator" /> is <see langword="null" />.
        /// </exception>
        /// <exception cref="InvalidOperationException">
        ///   <para>
        ///     <see cref="OtherRequestAttributes"/> contains a <see langword="null" /> value.
        ///   </para>
        ///   <para>- or -</para>
        ///   <para>
        ///     <see cref="OtherRequestAttributes"/> contains an entry with a <see langword="null" />
        ///     <see cref="AsnEncodedData.Oid" /> value.
        ///   </para>
        ///   <para>- or -</para>
        ///   <para>
        ///     <see cref="OtherRequestAttributes"/> contains an entry representing the PKCS#9
        ///     Extension Request Attribute (1.2.840.113549.1.9.14).
        ///   </para>
        ///   <para>- or -</para>
        ///   <para>
        ///     <see cref="CertificateExtensions"/> contains a <see langword="null" /> value.
        ///   </para>
        ///   <para>- or -</para>
        ///   <para>
        ///     <see cref="CertificateExtensions"/> contains an entry with a <see langword="null" />
        ///     <see cref="AsnEncodedData.Oid" /> value.
        ///   </para>
        ///   <para>- or -</para>
        ///   <para>
        ///     This object was created with a constructor which did not accept a signing key.
        ///   </para>
        /// </exception>
        /// <exception cref="CryptographicException">
        ///   A cryptographic error occurs while creating the signing request.
        /// </exception>
        /// <remarks>
        ///   When submitting a certificate signing request via a web browser, or other graphical or textual
        ///   interface, the input is frequently expected to be in the PEM (Privacy Enhanced Mail) format,
        ///   instead of the DER binary format.
        /// </remarks>
        /// <seealso cref="CreateSigningRequestPem(X509SignatureGenerator)"/>
        public byte[] CreateSigningRequest(X509SignatureGenerator signatureGenerator)
        {
            ArgumentNullException.ThrowIfNull(signatureGenerator);

            X501Attribute[] attributes    = Array.Empty <X501Attribute>();
            bool            hasExtensions = CertificateExtensions.Count > 0;

            if (OtherRequestAttributes.Count > 0 || hasExtensions)
            {
                attributes = new X501Attribute[OtherRequestAttributes.Count + (hasExtensions ? 1 : 0)];
            }

            int attrCount = 0;

            foreach (AsnEncodedData attr in OtherRequestAttributes)
            {
                if (attr is null)
                {
                    throw new InvalidOperationException(
                              SR.Format(SR.Cryptography_CertReq_NullValueInCollection, nameof(OtherRequestAttributes)));
                }

                if (attr.Oid is null || attr.Oid.Value is null)
                {
                    throw new InvalidOperationException(
                              SR.Format(SR.Cryptography_CertReq_MissingOidInCollection, nameof(OtherRequestAttributes)));
                }

                if (attr.Oid.Value == Oids.Pkcs9ExtensionRequest)
                {
                    throw new InvalidOperationException(SR.Cryptography_CertReq_ExtensionRequestInOtherAttributes);
                }

                Helpers.ValidateDer(attr.RawData);
                attributes[attrCount] = new X501Attribute(attr.Oid.Value, attr.RawData);
                attrCount++;
            }

            if (hasExtensions)
            {
                attributes[attrCount] = new Pkcs9ExtensionRequest(CertificateExtensions);
            }

            var requestInfo = new Pkcs10CertificationRequestInfo(SubjectName, PublicKey, attributes);

            return(requestInfo.ToPkcs10Request(signatureGenerator, HashAlgorithm));
        }
        /// <summary>
        /// Create an ASN.1 DER-encoded PKCS#10 CertificationRequest representing the current state
        /// of this object using the provided signature generator.
        /// </summary>
        /// <param name="signatureGenerator">
        ///   A <see cref="X509SignatureGenerator"/> with which to sign the request.
        /// </param>
        public byte[] CreateSigningRequest(X509SignatureGenerator signatureGenerator)
        {
            if (signatureGenerator == null)
            {
                throw new ArgumentNullException(nameof(signatureGenerator));
            }

            X501Attribute[] attributes = null;

            if (CertificateExtensions.Count > 0)
            {
                attributes = new X501Attribute[] { new Pkcs9ExtensionRequest(CertificateExtensions) };
            }

            var requestInfo = new Pkcs10CertificationRequestInfo(SubjectName, PublicKey, attributes);

            return(requestInfo.ToPkcs10Request(signatureGenerator, HashAlgorithm));
        }