/// <summary> /// Encodes revocation entry to a ASN.1-encoded byte array. /// </summary> /// <returns>ASN.1-encoded byte array</returns> public Byte[] Encode() { if (String.IsNullOrEmpty(SerialNumber)) { throw new UninitializedObjectException(); } List <Byte> rawData = new List <Byte>(AsnFormatter.StringToBinary(SerialNumber, EncodingType.HexAny)); rawData = new List <Byte>(Asn1Utils.Encode(rawData.ToArray(), (Byte)Asn1Type.INTEGER)); rawData.AddRange(Asn1Utils.EncodeDateTime(RevocationDate)); if (ReasonCode != 0) { Byte[] reasonEnum = new Byte[] { 10, 1, (Byte)ReasonCode }; X509ExtensionCollection exts = new X509ExtensionCollection(); X509Extension CRlReasonCode = new X509Extension("2.5.29.21", reasonEnum, false); exts.Add(CRlReasonCode); rawData.AddRange(Crypt32Managed.EncodeX509Extensions(exts)); } return(Asn1Utils.Encode(rawData.ToArray(), 48)); }
public void Indexer_String () { X509ExtensionCollection c = new X509ExtensionCollection (); c.Add (extn_empty); Assert.IsNull (c[String.Empty]); Assert.IsNull (c ["1.2.3"]); Assert.AreEqual (extn_empty, c["1.2"], "0"); }
private void buttonCreate_Click(object sender, EventArgs e) { DialogResult = DialogResult.OK; int rsaKeySize = 0; if (radioButtonSimpleCN.Checked && String.IsNullOrWhiteSpace(textBoxCN.Text)) { MessageBox.Show(this, CANAPE.Properties.Resources.CreateCertForm_MustSpecifyCN, CANAPE.Properties.Resources.MessageBox_ErrorString, MessageBoxButtons.OK, MessageBoxIcon.Error); } else if (radioButtonTemplate.Checked && _templateCert == null) { MessageBox.Show(this, CANAPE.Properties.Resources.CreateCertForm_MustSpecifyTemplate, CANAPE.Properties.Resources.MessageBox_ErrorString, MessageBoxButtons.OK, MessageBoxIcon.Error); } else if (radioButtonSpecifyCA.Checked && _specifyCert == null) { MessageBox.Show(this, CANAPE.Properties.Resources.CreateCertForm_MustSpecifyCA, CANAPE.Properties.Resources.MessageBox_ErrorString, MessageBoxButtons.OK, MessageBoxIcon.Error); } else if (!int.TryParse(comboBoxRsaKeySize.Text, out rsaKeySize)) { MessageBox.Show(this, CANAPE.Properties.Resources.CreateCertForm_MustSpecifyAValidRSAKeySize, CANAPE.Properties.Resources.MessageBox_ErrorString, MessageBoxButtons.OK, MessageBoxIcon.Error); } else { try { X509Certificate2 rootCert = null; if (radioButtonSpecifyCA.Checked) { rootCert = _specifyCert; } else if (radioButtonDefaultCA.Checked) { rootCert = CertManager.GetRootCert(); } else { // Self signed } if (radioButtonTemplate.Checked) { Certificate = CertificateUtils.CloneAndSignCertificate(_templateCert, rootCert, false, rsaKeySize, (CertificateHashAlgorithm)comboBoxHash.SelectedItem); } else { X509ExtensionCollection exts = new X509ExtensionCollection(); if (checkBoxCA.Checked) { exts.Add(new X509BasicConstraintsExtension(true, false, 0, true)); } DateTime notBefore = DateTime.Now.Subtract(TimeSpan.FromDays(1)); Certificate = CertificateUtils.CreateCert(rootCert, new X500DistinguishedName(radioButtonSubject.Checked ? textBoxCN.Text : String.Format("CN={0}", textBoxCN.Text)), null, false, rsaKeySize, (CertificateHashAlgorithm)comboBoxHash.SelectedItem, notBefore, notBefore.AddYears(10), exts); } } catch (Win32Exception ex) { MessageBox.Show(ex.Message, CANAPE.Properties.Resources.MessageBox_ErrorString, MessageBoxButtons.OK, MessageBoxIcon.Error); } catch (CryptographicException ex) { MessageBox.Show(ex.Message, CANAPE.Properties.Resources.MessageBox_ErrorString, MessageBoxButtons.OK, MessageBoxIcon.Error); } } }
public void Indexer_Int () { X509ExtensionCollection c = new X509ExtensionCollection (); c.Add (extn_empty); Assert.AreEqual (extn_empty, c[0], "0"); }
public void ICollection_CopyTo () { X509ExtensionCollection c = new X509ExtensionCollection (); c.Add (extn_empty); X509Extension[] array = new X509Extension[1]; (c as ICollection).CopyTo (array, 0); Assert.AreEqual (extn_empty, array[0], "0"); }
public void Add () { X509ExtensionCollection c = new X509ExtensionCollection (); Assert.AreEqual (0, c.Count, "Count-0"); c.Add (extn_empty); Assert.AreEqual (1, c.Count, "Count-1"); }
/// <summary> /// Take an existing certificate, clone its details and resign with a new root CA /// </summary> /// <param name="toClone">The certificate to clone</param> /// <param name="rootCert">The root CA certificate to sign with</param> /// <param name="newSerial">True to generate a new serial for this certificate</param> /// <param name="rsaKeySize">The size of the RSA key to generate</param> /// <param name="hashAlgorithm">Specify the signature hash algorithm</param> /// <returns></returns> public static X509Certificate2 CloneAndSignCertificate(X509Certificate toClone, X509Certificate2 rootCert, bool newSerial, int rsaKeySize, CertificateHashAlgorithm hashAlgorithm) { X509Certificate2 cert2 = new X509Certificate2(toClone); X509ExtensionCollection extensions = new X509ExtensionCollection(); foreach (var ext in cert2.Extensions) { // Remove CRL distribution locations and authority information, they tend to break SSL negotiation if ((ext.Oid.Value != szOID_CRL_DISTRIBUTION) && (ext.Oid.Value != szOID_AUTHORITY_INFO)) { extensions.Add(ext); } } return builder.CreateCert(rootCert, cert2.SubjectName, newSerial ? null : cert2.GetSerialNumber(), false, rsaKeySize, hashAlgorithm, cert2.NotBefore, cert2.NotAfter, extensions); }
/// <summary> /// Generate a self-signed CA certificate /// </summary> /// <param name="subject">The X500 subject string</param> /// <param name="rsaKeySize">The size of the RSA key to generate</param> /// <param name="hashAlgorithm">Specify the signature hash algorithm</param> /// <returns>An X509Certificate2 object containing the full certificate</returns> public static X509Certificate2 GenerateCACert(string subject, int rsaKeySize, CertificateHashAlgorithm hashAlgorithm) { X509ExtensionCollection exts = new X509ExtensionCollection(); DateTime dt = DateTime.Now.AddYears(-1); exts.Add(new X509BasicConstraintsExtension(true, false, 0, false)); return builder.CreateCert(null, new X500DistinguishedName(subject), null, false, rsaKeySize, hashAlgorithm, dt, dt.AddYears(10), exts); }