private static void WriteKeyBag(EncryptionMethod p, DerWriter wr)
{
wr.WriteOID(PKCS12KeyBag);
using (wr.BeginTaggedObject(0))
{
using (wr.BeginSequence())
{
p.WritePrivateKey(wr);
}
}
using (wr.BeginSet())
{
using (wr.BeginSequence())
{
wr.WriteOID(PKCS12LocalKeyID);
using (wr.BeginSet())
{
wr.WriteOctetString(new byte[] { 1 });
}
}
using (wr.BeginSequence())
{
wr.WriteOID(PKCS12FriendlyName);
using (wr.BeginSet())
{
wr.Write("Certificate1");
}
}
}
}
private static void WriteX509Cert(byte[] cert, EncryptionMethod p, DerWriter wr)
{
wr.WriteOID(PKCS12X509Certificate);
using (wr.BeginTaggedObject(0))
{
wr.WriteOctetString(cert);
}
}
private static void InnerDataObject2(byte[] cert, EncryptionMethod p, DerWriter wr)
{
wr.WriteOID(PKCS7Data);
using (wr.BeginTaggedObject(0))
{
using (wr.BeginOctetString())
{
using (wr.BeginSequence())
{
using (wr.BeginSequence())
{
WriteCertBag(cert, p, wr);
}
}
}
}
}
private static void InnerDataObject1(EncryptionMethod p, DerWriter wr)
{
wr.WriteOID(PKCS7Data);
using (wr.BeginTaggedObject(0))
{
using (wr.BeginOctetString())
{
using (wr.BeginSequence())
{
using (wr.BeginSequence())
{
WriteKeyBag(p, wr);
}
}
}
}
}
public override void WritePrivateKey(DerWriter wr)
{
wr.WriteInteger(0);
using (wr.BeginSequence())
{
wr.WriteOID(EcPublicKey);
wr.WriteOID(m_curveOID);
}
using (wr.BeginOctetString())
{
using (wr.BeginSequence())
{
wr.WriteInteger(1);
wr.WriteOctetString(d);
using (wr.BeginTaggedObject(0))
{
wr.WriteOID(m_curveOID);
}
}
}
}
private static void WriteCertBag(byte[] cert, EncryptionMethod p, DerWriter wr)
{
wr.WriteOID(PKCS12CertBag);
using (wr.BeginTaggedObject(0))
{
using (wr.BeginSequence())
{
WriteX509Cert(cert, p, wr);
}
}
using (wr.BeginSet())
{
using (wr.BeginSequence())
{
wr.WriteOID(PKCS12LocalKeyID);
using (wr.BeginSet())
{
wr.WriteOctetString(new byte[] { 1 });
}
}
}
}
/// <summary>
/// Generate a new X509Certificate using the passed in SignatureCalculator.
/// </summary>
/// <returns>An X509Certificate.</returns>
public X509Certificate2 Generate()
{
EncryptionMethod method;
switch (CipherEngine)
{
case CipherEngine.RSACryptoServiceProvider:
method = new RSAMode(SignatureBits, KeySize, false);
break;
case CipherEngine.RSACng:
method = new RSAMode(SignatureBits, KeySize, true);
break;
case CipherEngine.ECDsaCng:
method = new ECDSAMode(SignatureBits, KeySize);
break;
default:
throw new ArgumentOutOfRangeException();
}
using (method)
{
if (SerialNumber <= 0 || string.IsNullOrWhiteSpace(Issuer) || string.IsNullOrWhiteSpace(Subject))
{
throw new InvalidOperationException("not all mandatory fields set");
}
DerWriter tbsCertificate = new DerWriter();
using (tbsCertificate.BeginSequence())
{
using (tbsCertificate.BeginSequence())
{
using (tbsCertificate.BeginTaggedObject(0))
{
tbsCertificate.WriteInteger(2);
}
tbsCertificate.WriteInteger(SerialNumber);
using (tbsCertificate.BeginSequence())
{
tbsCertificate.WriteOID(method.SignatureOID);
}
using (tbsCertificate.BeginSequence())
using (tbsCertificate.BeginSet())
using (tbsCertificate.BeginSequence())
{
tbsCertificate.WriteOID(Cn);
tbsCertificate.Write(Issuer);
}
using (tbsCertificate.BeginSequence())
{
tbsCertificate.Write(NotBefore);
tbsCertificate.Write(NotAfter);
}
using (tbsCertificate.BeginSequence())
using (tbsCertificate.BeginSet())
using (tbsCertificate.BeginSequence())
{
tbsCertificate.WriteOID(Cn);
tbsCertificate.Write(Subject);
}
using (tbsCertificate.BeginSequence())
{
method.WritePublicKey(tbsCertificate);
}
}
byte[] encoded = tbsCertificate.ToArray();
using (tbsCertificate.BeginSequence())
tbsCertificate.WriteOID(method.SignatureOID);
method.SignData(encoded, tbsCertificate);
}
byte[] data = tbsCertificate.ToArray();
byte[] data2 = MakePFX(data, method);
return(new X509Certificate2(data2, "", X509KeyStorageFlags.Exportable));
}
}
