/// <summary> /// Process and X509Request. This includes creating a new X509Certificate /// and signing this certificate with this CA's private key. /// </summary> /// <param name="request"></param> /// <param name="startTime"></param> /// <param name="endTime"></param> /// <param name="digest"></param> /// <returns></returns> public X509Certificate ProcessRequest(X509Request request, DateTime startTime, DateTime endTime, MessageDigest digest) { //using (CryptoKey pkey = request.PublicKey) //{ // if (!request.Verify(pkey)) // throw new Exception("Request signature validation failed"); //} X509Certificate cert = new X509Certificate( serial.Next(), request.Subject, this.caCert.Subject, request.PublicKey, startTime, endTime); if (this.cfg != null) { this.cfg.ApplyExtensions("v3_ca", this.caCert, cert, request); } cert.Sign(this.caKey, digest); return(cert); }
/// <summary> /// Create a X509Request for this identity, using the specified name and digest. /// </summary> /// <param name="name"></param> /// <param name="digest"></param> /// <returns></returns> public X509Request CreateRequest(string name, MessageDigest digest) { X509Name subject = new X509Name(name); X509Request request = new X509Request(2, subject, this.key); request.Sign(key, digest); return(request); }
/// <summary> /// Calls X509V3_set_ctx() /// </summary> /// <param name="issuer"></param> /// <param name="subject"></param> /// <param name="request"></param> public X509V3Context(X509Certificate issuer, X509Certificate subject, X509Request request) : this() { Native.X509V3_set_ctx( this.ptr, issuer != null ? issuer.Handle : IntPtr.Zero, subject != null ? subject.Handle : IntPtr.Zero, request != null ? request.Handle : IntPtr.Zero, IntPtr.Zero, 0); }
/// <summary> /// Creates a X509v3Context(), calls X509V3_set_ctx() on it, then calls /// X509V3_EXT_add_nconf() /// </summary> /// <param name="section"></param> /// <param name="issuer"></param> /// <param name="subject"></param> /// <param name="request"></param> public void ApplyExtensions( string section, X509Certificate issuer, X509Certificate subject, X509Request request) { using (X509V3Context ctx = new X509V3Context(issuer, subject, request)) { ctx.SetConfiguration(this); Native.ExpectSuccess(Native.X509V3_EXT_add_nconf( this.ptr, ctx.Handle, Encoding.ASCII.GetBytes(section), subject.Handle)); } }
/// <summary> /// Process and X509Request. This includes creating a new X509Certificate /// and signing this certificate with this CA's private key. /// </summary> /// <param name="request"></param> /// <param name="startTime"></param> /// <param name="endTime"></param> /// <returns></returns> public X509Certificate ProcessRequest(X509Request request, DateTime startTime, DateTime endTime) { return(ProcessRequest(request, startTime, endTime, MessageDigest.DSS1)); }