Esempio n. 1
0
        /// <summary>
        /// Deserializes the raw data into the concrete class <see cref="Psd2CertificateAttributes"/>.
        /// </summary>
        /// <returns>Deserilized contents</returns>
        public Psd2CertificateAttributes ExtractAttributes()
        {
            var attributes   = new Psd2CertificateAttributes();
            var typeSequence = Value.Where(x => x is DerAsnSequence).FirstOrDefault() as DerAsnSequence;
            var roleSequence = typeSequence?.Value.Where(x => x is DerAsnSequence).FirstOrDefault() as DerAsnSequence;
            var ncaName      = typeSequence?.Value[1] as DerAsnUtf8String;
            var ncaId        = typeSequence?.Value[2] as DerAsnUtf8String;

            attributes.AuthorityName       = ncaName.Value;
            attributes.AuthorizationNumber = NCAId.Parse(ncaId.Value, false);
            foreach (var item in roleSequence.Value)
            {
                if (!(item is DerAsnSequence))
                {
                    continue;
                }
                var role          = item as DerAsnSequence;
                var roleOid       = role.Value[0] as DerAsnObjectIdentifier;
                var roleOidString = string.Join(".", roleOid.Value);
                switch (roleOidString)
                {
                case Oid_PSD2_Roles_PSP_AS: attributes.HasAccountServicing = true; break;

                case Oid_PSD2_Roles_PSP_PI: attributes.HasPaymentInitiation = true; break;

                case Oid_PSD2_Roles_PSP_AI: attributes.HasAccountInformation = true; break;

                case Oid_PSD2_Roles_PSP_IC: attributes.HasIssuingOfCardBasedPaymentInstruments = true; break;
                }
            }
            return(attributes);
        }
Esempio n. 2
0
        /// <summary>
        /// Creates a QWAC certificate on the fly
        /// </summary>
        /// <param name="request"></param>
        /// <param name="privateKey"></param>
        /// <returns></returns>
        public X509Certificate2 CreateQWACs(Psd2CertificateRequest request, out RSA privateKey)
        {
            var notBefore           = DateTimeOffset.UtcNow.AddDays(-1);
            var notAfter            = DateTimeOffset.UtcNow.AddDays(request.ValidityInDays);
            var authorizationNumber = new NCAId(request.CountryCode, request.AuthorityId, request.AuthorizationNumber);
            var subject             = new SubjectBuilder().AddCommonName(request.CommonName)
                                      .AddOrganization(request.Organization, request.OrganizationUnit)
                                      .AddLocation(request.CountryCode, request.State, request.City)
                                      .AddOrganizationIdentifier(authorizationNumber.ToString())
                                      .Build();
            var extensions = new List <X509Extension>();

            var psd2Type = new Psd2CertificateAttributes()
            {
                AuthorityName         = request.AuthorityName,
                AuthorizationNumber   = authorizationNumber,
                HasAccountInformation = request.Roles.Aisp,
                HasPaymentInitiation  = request.Roles.Pisp,
                HasIssuingOfCardBasedPaymentInstruments = request.Roles.Piisp,
                HasAccountServicing = request.Roles.Aspsp,
            };
            var psd2Extension = new QualifiedCertificateStatementsExtension(psd2Type, critical: false);

            extensions.Add(psd2Extension);
            var certificate = CreateCertificate(CreateRootCACertificate(), subject, extensions, notBefore, notAfter, out privateKey);

            if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
            {
                certificate.FriendlyName = "Qualified website authentication certificate QWAC";
            }
            return(certificate.CopyWithPrivateKey(privateKey));
        }