public void CreateSubCATest2()
{
// Setup
CaTestHarness.InitialiseCA(true);
ICA ca = CaTestHarness.LoadCA();
// Test
//string caLocation;
Directory.CreateDirectory(CaTestHarness.testHarnessLocation + @"\subCA");
Pkcs10CertificationRequest p10;
p10 = CaFactory.CreateSubCA(SysSubCaConfig);
Assert.AreEqual("CN=Test subCA Sys", p10.GetCertificationRequestInfo().Subject.ToString());
Assert.IsTrue(p10.Verify());
// Test 2
Profile profile = new Profile(CaTestHarness.testHarnessLocation + @"\subCA.xml");
X509Certificate cert = ca.IssueCertificate(p10, profile);
CaFactory.CreateSubCA(CaTestHarness.testHarnessLocation + @"\subCA\CAConfig.xml", cert);
ICA subCa = OSCA.OSCA.LoadCA(CaTestHarness.testHarnessLocation + @"\subCA\CAConfig.xml", "foobar");
Assert.AreEqual("CN=Test subCA Sys", subCa.CAName);
Assert.IsTrue(subCa.FIPS140Mode);
}
public void CreateSubCATest1()
{
// Setup
CaTestHarness.InitialiseCA(true);
ICA ca = CaTestHarness.LoadCA();
// Test
string caLocation;
Directory.CreateDirectory(CaTestHarness.testHarnessLocation + @"\subCA");
caLocation = CaFactory.CreateSubCA(SysSubCaConfig, ca);
Assert.AreEqual(CaTestHarness.testHarnessLocation + @"\subCA\CAConfig.xml", caLocation);
// Test 2
ICA subCa = OSCA.OSCA.LoadCA(caLocation, "foobar");
Assert.AreEqual("CN=Test subCA Sys", subCa.CAName);
Assert.IsTrue(subCa.FIPS140Mode);
}
public static void InitialiseCA(bool FipsMode)
{
Directory.CreateDirectory(testHarnessLocation + @"\CA");
// Setup the CA type
CAConfig config;
if (FipsMode)
{
config = SysConfig;
}
else
{
config = BcConfig;
}
string cAConfigFile = CaFactory.CreateRootCA(config);
if (cAConfigFile != testCAConfigFile)
{
throw new ApplicationException("Mismatch in config file names");
}
}
private void butCreate_Click(object sender, EventArgs e)
{
CAConfig caConfig;
// Assemble all the info
try
{
caConfig = new CAConfig()
{
name = tbName.Text,
DN = new X509Name(true, tbDN.Text), // 'true' reverses the name to have C= on the left
profile = profile,
profileFile = profileFile,
pkAlgo = pkAlgo,
pkSize = pkSize,
sigAlgo = sigAlgo + pkAlgo,
keyUsage = 0x06, // Hardwired to CertSign|CRLSign per RFC 5280
version = version,
life = Convert.ToInt32(tbCertValid.Text),
units = lbCertUnits.Text,
location = tbFolder.Text,
crlInterval = Convert.ToInt32(tbCRLInterval.Text)
};
}
catch (Exception ex)
{
MessageBox.Show("Error " + ex.Message, "Create CA", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
if (cbFIPS.Checked)
{
if (rbTA.Checked)
{
caConfig.caType = CA_Type.dhTA;
}
else if (!rbECDSA.Checked)
{
caConfig.caType = CA_Type.sysCA;
}
else
{
caConfig.caType = CA_Type.cngCA;
}
caConfig.FIPS140 = true;
}
else
{
if (rbTA.Checked)
{
MessageBox.Show("CA of type TA is only supported with FIPS crypto", "Create CA", MessageBoxButtons.OK, MessageBoxIcon.Hand);
DialogResult = DialogResult.Cancel;
}
caConfig.caType = CA_Type.bcCA;
caConfig.FIPS140 = false;
// Set a password
Setpassword password = new Setpassword();
if (password.ShowDialog() == DialogResult.OK)
{
caConfig.password = password.tbPassword.Text;
}
else
{
// Abort
DialogResult = DialogResult.Cancel;
}
}
// Now lets create the CA
CA newCA = new CA();
// Create the profiles directory
Directory.CreateDirectory(tbFolder.Text + "\\Profiles");
switch (caConfig.profile)
{
case CA_Profile.rootCA:
newCA.CaName = caConfig.name;
newCA.Role = "rootCA";
// Create the CA
newCA.ConfigLocation = CaFactory.CreateRootCA(caConfig);
break;
case CA_Profile.SubCA:
// find the CA entry
CA issuingCA = mgrConfig.CaList.Find(m => m.CaName == lbIssuingCA.Text);
if (issuingCA.CaControl.CAStatus == CAstatus.Stopped)
{
MessageBox.Show("Issuing CA is STOPPED", "Create CA", MessageBoxButtons.OK, MessageBoxIcon.Error);
DialogResult = DialogResult.Cancel;
}
//find the Profile entry
ProfileDb profile = issuingCA.CaControl.Profiles.Find(m => m.profile.Name == lbProfile.Text);
caConfig.profileFile = profile.file;
// populate the CA entry
newCA.CaName = caConfig.name;
newCA.Role = "subCA";
// Create the CA
try
{
newCA.ConfigLocation = CaFactory.CreateSubCA(caConfig, issuingCA.CaControl);
}
catch (Exception ex)
{
MessageBox.Show("There was a problem: " + ex.Message, "OSCA - Issue Certificate", MessageBoxButtons.OK, MessageBoxIcon.Error);
butCancel_Click(null, null);
}
break;
}
// Add the new CA into the list
mgrConfig.InsertCA(newCA);
DialogResult = DialogResult.OK;
}
