/// <summary>
/// Create an ASN.1 DER-encoded PKCS#10 CertificationRequest representing the current state
/// of this object using the provided signature generator.
/// </summary>
/// <param name="signatureGenerator">
/// A <see cref="X509SignatureGenerator"/> with which to sign the request.
/// </param>
public byte[] CreateSigningRequest(X509SignatureGenerator signatureGenerator)
{
ArgumentNullException.ThrowIfNull(signatureGenerator);
X501Attribute[] attributes = Array.Empty <X501Attribute>();
if (CertificateExtensions.Count > 0)
{
attributes = new X501Attribute[] { new Pkcs9ExtensionRequest(CertificateExtensions) };
}
var requestInfo = new Pkcs10CertificationRequestInfo(SubjectName, PublicKey, attributes);
return(requestInfo.ToPkcs10Request(signatureGenerator, HashAlgorithm));
}
/// <summary>
/// Create an ASN.1 DER-encoded PKCS#10 CertificationRequest representing the current state
/// of this object using the provided signature generator.
/// </summary>
/// <param name="signatureGenerator">
/// A <see cref="X509SignatureGenerator"/> with which to sign the request.
/// </param>
/// <exception cref="ArgumentNullException">
/// <paramref name="signatureGenerator" /> is <see langword="null" />.
/// </exception>
/// <exception cref="InvalidOperationException">
/// <para>
/// <see cref="OtherRequestAttributes"/> contains a <see langword="null" /> value.
/// </para>
/// <para>- or -</para>
/// <para>
/// <see cref="OtherRequestAttributes"/> contains an entry with a <see langword="null" />
/// <see cref="AsnEncodedData.Oid" /> value.
/// </para>
/// <para>- or -</para>
/// <para>
/// <see cref="OtherRequestAttributes"/> contains an entry representing the PKCS#9
/// Extension Request Attribute (1.2.840.113549.1.9.14).
/// </para>
/// <para>- or -</para>
/// <para>
/// <see cref="CertificateExtensions"/> contains a <see langword="null" /> value.
/// </para>
/// <para>- or -</para>
/// <para>
/// <see cref="CertificateExtensions"/> contains an entry with a <see langword="null" />
/// <see cref="AsnEncodedData.Oid" /> value.
/// </para>
/// <para>- or -</para>
/// <para>
/// This object was created with a constructor which did not accept a signing key.
/// </para>
/// </exception>
/// <exception cref="CryptographicException">
/// A cryptographic error occurs while creating the signing request.
/// </exception>
/// <remarks>
/// When submitting a certificate signing request via a web browser, or other graphical or textual
/// interface, the input is frequently expected to be in the PEM (Privacy Enhanced Mail) format,
/// instead of the DER binary format.
/// </remarks>
/// <seealso cref="CreateSigningRequestPem(X509SignatureGenerator)"/>
public byte[] CreateSigningRequest(X509SignatureGenerator signatureGenerator)
{
ArgumentNullException.ThrowIfNull(signatureGenerator);
X501Attribute[] attributes = Array.Empty <X501Attribute>();
bool hasExtensions = CertificateExtensions.Count > 0;
if (OtherRequestAttributes.Count > 0 || hasExtensions)
{
attributes = new X501Attribute[OtherRequestAttributes.Count + (hasExtensions ? 1 : 0)];
}
int attrCount = 0;
foreach (AsnEncodedData attr in OtherRequestAttributes)
{
if (attr is null)
{
throw new InvalidOperationException(
SR.Format(SR.Cryptography_CertReq_NullValueInCollection, nameof(OtherRequestAttributes)));
}
if (attr.Oid is null || attr.Oid.Value is null)
{
throw new InvalidOperationException(
SR.Format(SR.Cryptography_CertReq_MissingOidInCollection, nameof(OtherRequestAttributes)));
}
if (attr.Oid.Value == Oids.Pkcs9ExtensionRequest)
{
throw new InvalidOperationException(SR.Cryptography_CertReq_ExtensionRequestInOtherAttributes);
}
Helpers.ValidateDer(attr.RawData);
attributes[attrCount] = new X501Attribute(attr.Oid.Value, attr.RawData);
attrCount++;
}
if (hasExtensions)
{
attributes[attrCount] = new Pkcs9ExtensionRequest(CertificateExtensions);
}
var requestInfo = new Pkcs10CertificationRequestInfo(SubjectName, PublicKey, attributes);
return(requestInfo.ToPkcs10Request(signatureGenerator, HashAlgorithm));
}
/// <summary>
/// Create an ASN.1 DER-encoded PKCS#10 CertificationRequest representing the current state
/// of this object using the provided signature generator.
/// </summary>
/// <param name="signatureGenerator">
/// A <see cref="X509SignatureGenerator"/> with which to sign the request.
/// </param>
public byte[] CreateSigningRequest(X509SignatureGenerator signatureGenerator)
{
if (signatureGenerator == null)
{
throw new ArgumentNullException(nameof(signatureGenerator));
}
X501Attribute[] attributes = null;
if (CertificateExtensions.Count > 0)
{
attributes = new X501Attribute[] { new Pkcs9ExtensionRequest(CertificateExtensions) };
}
var requestInfo = new Pkcs10CertificationRequestInfo(SubjectName, PublicKey, attributes);
return(requestInfo.ToPkcs10Request(signatureGenerator, HashAlgorithm));
}
