コード例 #1
0
        private static X509Crl CreateCrl(
            X509CertificateWithKeyInfo issuerCert,
            BigInteger version,
            X509Certificate2 revokedCertificate = null)
        {
            var bcIssuerCert = DotNetUtilities.FromX509Certificate(issuerCert.Certificate);
            var crlGen       = new X509V2CrlGenerator();

            crlGen.SetIssuerDN(bcIssuerCert.SubjectDN);
            crlGen.SetThisUpdate(DateTime.Now);
            crlGen.SetNextUpdate(DateTime.Now.AddYears(1));
            crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(bcIssuerCert));
            crlGen.AddExtension(X509Extensions.CrlNumber, false, new CrlNumber(version));

            if (revokedCertificate != null)
            {
                var bcRevokedCert = DotNetUtilities.FromX509Certificate(revokedCertificate);
                crlGen.AddCrlEntry(bcRevokedCert.SerialNumber, DateTime.Now, CrlReason.PrivilegeWithdrawn);
            }

            var random           = new SecureRandom();
            var issuerPrivateKey = DotNetUtilities.GetKeyPair(issuerCert.KeyPair).Private;
            var signatureFactory = new Asn1SignatureFactory(bcIssuerCert.SigAlgOid, issuerPrivateKey, random);
            var crl = crlGen.Generate(signatureFactory);

            return(crl);
        }
コード例 #2
0
        public static CertificateRevocationList CreateCrl(
            X509CertificateWithKeyInfo issuerCert,
            string crlLocalUri)
        {
            var version = BigInteger.One;
            var crl     = CreateCrl(issuerCert, version);

            return(new CertificateRevocationList()
            {
                Crl = crl,
                IssuerCert = issuerCert,
                CrlLocalPath = Path.Combine(crlLocalUri, $"{issuerCert.Certificate.Subject}.crl"),
                Version = version
            });
        }
コード例 #3
0
 public static CertificateRevocationList CreateCrl(X509CertificateWithKeyInfo certCA, string crlLocalUri)
 {
     throw new NotImplementedException();
 }