private CertificateDto CreateCertificate(CertificateCreateDto certificateCreateDto,
AsymmetricCipherKeyPair rsaKeyPair,
SecureRandom random)
{
ValidateCreateDto(certificateCreateDto);
var certificateGenerator = new X509V3CertificateGenerator();
var signatureFactory = new Asn1SignatureFactory(_signatureAlgorithm, rsaKeyPair.Private, random);
var serialNumber = BigIntegers.CreateRandomInRange(BigInteger.One, BigInteger.ValueOf(Int64.MaxValue), random);
var subject = CreateSubject(certificateCreateDto);
certificateGenerator.SetIssuerDN(subject);
certificateGenerator.SetSubjectDN(subject);
certificateGenerator.SetSerialNumber(serialNumber);
certificateGenerator.SetNotBefore(certificateCreateDto.NotBefore);
certificateGenerator.SetNotAfter(certificateCreateDto.NotAfter);
certificateGenerator.SetPublicKey(rsaKeyPair.Public);
var certificate = certificateGenerator.Generate(signatureFactory);
return(new CertificateDto
{
Certificate = new SystemX509.X509Certificate2(certificate.GetEncoded()),
KeyPair = rsaKeyPair
});
}
private void ValidateCreateDto(CertificateCreateDto certificateCreateDto)
{
if (string.IsNullOrEmpty(certificateCreateDto.CommonName))
{
throw new ArgumentException("'Common name' must have value");
}
if (certificateCreateDto.ValidityDays == 0)
{
throw new ArgumentException("'Validity' must have value");
}
}
public async Task <CertificateTransactionResponse> CreateAndStore(CertificateCreateDto certificateDataToCreate)
{
ValidateCreateDto(certificateDataToCreate);
var subject = CreateSubject(certificateDataToCreate);
var randomGenerator = new CryptoApiRandomGenerator();
var random = new SecureRandom(randomGenerator);
var pair = _remmeKeyStorage.GenerateRsaKeyPair(random, _rsaKeySize);
var certificateDto = CreateCertificate(certificateDataToCreate, pair, random);
return(await Store(certificateDto));
}
public ActionResult <CertificateReadDto> CreateCertificate(CertificateCreateDto certificateCreateDto)
{
// used to Map the created certificate back to database and the save changes is needed so as to allow the saving of the created item to theh daatabase
var certificateModel = _mapper.Map <Certificate>(certificateCreateDto);
_repository.CreateCertificate(certificateModel);
_repository.SaveChanges();
// Variable used to return created certificate
var certificateReadDto = _mapper.Map <CertificateReadDto>(certificateModel);
//return Ok(certificateReadDto);
return(CreatedAtRoute(nameof(GetCertificateById), new { Id = certificateReadDto.Id }, certificateReadDto));
}
private X509Name CreateSubject(CertificateCreateDto certificateDataToCreate)
{
//TODO: Refactor this method to look better
var attributes = new Dictionary <DerObjectIdentifier, string>();
AddValueToSubject(attributes, X509Name.CN, certificateDataToCreate.CommonName);
AddValueToSubject(attributes, X509Name.O, certificateDataToCreate.OrganizationName);
AddValueToSubject(attributes, X509Name.EmailAddress, certificateDataToCreate.Email);
AddValueToSubject(attributes, X509Name.C, certificateDataToCreate.CountryName);
AddValueToSubject(attributes, X509Name.L, certificateDataToCreate.LocalityName);
AddValueToSubject(attributes, X509Name.PostalAddress, certificateDataToCreate.PostalAddress);
AddValueToSubject(attributes, X509Name.PostalCode, certificateDataToCreate.PostalCode);
AddValueToSubject(attributes, X509Name.Street, certificateDataToCreate.StreetAddress);
AddValueToSubject(attributes, X509Name.ST, certificateDataToCreate.StateName);
AddValueToSubject(attributes, X509Name.Name, certificateDataToCreate.Name);
AddValueToSubject(attributes, X509Name.Surname, certificateDataToCreate.Surname);
AddValueToSubject(attributes, X509Name.Pseudonym, certificateDataToCreate.Pseudonym);
AddValueToSubject(attributes, X509Name.Generation, certificateDataToCreate.GenerationQualifier);
AddValueToSubject(attributes, X509Name.T, certificateDataToCreate.Title);
AddValueToSubject(attributes, X509Name.SerialNumber, certificateDataToCreate.Serial);
AddValueToSubject(attributes, X509Name.BusinessCategory, certificateDataToCreate.BusinessCategory);
return(new X509Name(attributes.Keys.ToList(), attributes));
}
