/// <summary> /// Sign certificate. The issuer name and key identifier are taken from the /// signing certificate. /// </summary> /// <param name="SigningCertificate">Certificate of signer.</param> public void Sign(Certificate SigningCertificate) { if (SigningCertificate != null) { TBSCertificate.Issuer = SigningCertificate.TBSCertificate.Subject; TBSCertificate.SetSubjectKeyIdentifier(SubjectKeyIdentifier); TBSCertificate.SetAuthorityKeyIdentifier(SigningCertificate.SubjectKeyIdentifier); Sign(SigningCertificate.CryptoProviderSignature); } else { Sign(); } }
/// <summary> /// Construct a certification request for the specified certificate. /// </summary> /// <param name="Certificate"></param> public CertificationRequest(Certificate Certificate) { CertificationRequestInfo = new CertificationRequestInfo(); CertificationRequestInfo.Subject = Certificate.TBSCertificate.Subject; CertificationRequestInfo.SubjectPublicKeyInfo = Certificate.TBSCertificate.SubjectPublicKeyInfo; Sign(Certificate.CryptoProviderSignature); }
/// <summary> /// Create an anonymous certificate with the specified key uses, subject Key and /// sign with the specified key. /// <para> /// Default lifespan is 20 years. /// </para> /// </summary> /// <param name="SubjectKey">Cryptographic provider for the subject key.</param> /// <param name="Application">Certificate application(s).</param> /// <param name="SigningCertificate">Certificate of signer.</param> public Certificate(KeyPair SubjectKey, Application Application, Certificate SigningCertificate) : this(SubjectKey, Application) { _UDF = SubjectKey.UDF; TBSCertificate.SetValidity(20); Sign(SigningCertificate); this.Application = Application; }
/// <summary> /// Form a KeyHandle from an end entity certificate /// </summary> /// <param name="Certificate"></param> public KeyHandle(Certificate Certificate) { }
/// <summary> /// Create an application certificate with the specified SubjectAltName. /// </summary> /// <param name="PKIXUse">Bit mask specifying certificate uses.</param> /// <param name="SubjectAltName">The subjectAltName. Must be a DNS domain name /// or a RFC822 email address.</param> /// <param name="Signer">The signing key (which must have an attached certificate).</param> public void SignCertificate(Application PKIXUse, string SubjectAltName, PublicKey Signer) { //NB it is essential that the assignment to the Certificate property //takes place AFTER the cert is signed. Otherwise the value of X509Certificate // is not set correctly. var NewCert = new Certificate(_KeyPair, PKIXUse, SubjectAltName, SubjectAltName); NewCert.Sign(Signer.Certificate); Certificate = NewCert; }
/// <summary> /// Create an application or intermediary certificate /// </summary> /// <param name="PKIXUse">Bit mask specifying certificate uses.</param> /// <param name="Signer">The signing key (which must have an attached certificate).</param> public void SignCertificate(Application PKIXUse, PublicKey Signer) { Certificate = new Certificate(_KeyPair, PKIXUse, Signer.Certificate); }
/// <summary> /// Create a self signed root certificate /// </summary> /// <param name="PKIXUse">Bit mask specifying certificate uses.</param> public void SelfSignCertificate(Application PKIXUse) { Certificate = new Certificate(_KeyPair, PKIXUse, null); }