Esempio n. 1
0
        /// <summary>
        /// Generates a self-signed certificate with a specified <paramref name="issuerName"/> and <paramref name="subjectName"/>.
        /// </summary>
        /// <param name="subjectName">The subject name of the self-signed certificate.</param>
        /// <param name="issuerName">The issuer name of the self-signed certificate.</param>
        /// <exception cref="ArgumentException">When the <paramref name="subjectName"/> is <c>null</c>.</exception>
        /// <exception cref="ArgumentException">When the <paramref name="issuerName"/> is <c>null</c>.</exception>
        public static X509Certificate2 CreateWithIssuerAndSubjectName(string issuerName, string subjectName)
        {
            Guard.NotNullOrWhitespace(subjectName, nameof(subjectName), "Subject name should not be blank");
            Guard.NotNullOrWhitespace(issuerName, nameof(issuerName), "Issuer name should not be blank");

            issuerName  = issuerName.StartsWith("CN=") ? issuerName : "CN=" + issuerName;
            subjectName = subjectName.StartsWith("CN=") ? subjectName : "CN=" + subjectName;

            SecureRandom            random         = GetSecureRandom();
            AsymmetricCipherKeyPair subjectKeyPair = GenerateKeyPair(random, 2048);
            BigInteger serialNumber = GenerateSerialNumber(random);

            using (X509Certificate2 issuerCert = GenerateCA(issuerName))
            {
                AsymmetricCipherKeyPair issuerKeyPair = DotNetUtilities.GetKeyPair(issuerCert.PrivateKey);
                var issuerSerialNumber = new BigInteger(issuerCert.GetSerialNumber());

                var certificateGenerator = new X509V3CertificateGenerator();

                certificateGenerator.AddIssuer(issuerName, issuerKeyPair, issuerSerialNumber);
                certificateGenerator.SetSubjectDN(new X509Name(subjectName));

                certificateGenerator.SetNotBefore(DateTime.UtcNow.Date);
                certificateGenerator.SetNotAfter(DateTime.UtcNow.Date.AddYears(30));
                certificateGenerator.SetPublicKey(subjectKeyPair.Public);
                certificateGenerator.SetSerialNumber(serialNumber);

                certificateGenerator.AddSubjectKeyIdentifier(subjectKeyPair);
                certificateGenerator.AddBasicConstraints(isCertificateAuthority: false);

                X509Certificate  certificate        = certificateGenerator.GenerateCertificateAsn1(issuerKeyPair, random);
                X509Certificate2 convertCertificate = ConvertCertificate(certificate, subjectKeyPair, random);
                return(convertCertificate);
            }
        }
Esempio n. 2
0
        private static X509Certificate2 GenerateCA(string subjectName)
        {
            SecureRandom            random         = GetSecureRandom();
            AsymmetricCipherKeyPair subjectKeyPair = GenerateKeyPair(random, 2048);
            BigInteger serialNumber = GenerateSerialNumber(random);

            var certificateGenerator = new X509V3CertificateGenerator();

            certificateGenerator.AddIssuer(subjectName, subjectKeyPair, serialNumber);
            certificateGenerator.SetSubjectDN(new X509Name(subjectName));

            certificateGenerator.SetNotBefore(DateTime.UtcNow.Date);
            certificateGenerator.SetNotAfter(DateTime.UtcNow.Date.AddYears(30));
            certificateGenerator.SetPublicKey(subjectKeyPair.Public);
            certificateGenerator.SetSerialNumber(serialNumber);

            certificateGenerator.AddSubjectKeyIdentifier(subjectKeyPair);
            certificateGenerator.AddBasicConstraints(isCertificateAuthority: true);

            X509Certificate certificate = certificateGenerator.GenerateCertificateAsn1(subjectKeyPair, random);

            return(ConvertCertificate(certificate, subjectKeyPair, random));
        }