public void CreateSubCATest2() { // Setup CaTestHarness.InitialiseCA(true); ICA ca = CaTestHarness.LoadCA(); // Test //string caLocation; Directory.CreateDirectory(CaTestHarness.testHarnessLocation + @"\subCA"); Pkcs10CertificationRequest p10; p10 = CaFactory.CreateSubCA(SysSubCaConfig); Assert.AreEqual("CN=Test subCA Sys", p10.GetCertificationRequestInfo().Subject.ToString()); Assert.IsTrue(p10.Verify()); // Test 2 Profile profile = new Profile(CaTestHarness.testHarnessLocation + @"\subCA.xml"); X509Certificate cert = ca.IssueCertificate(p10, profile); CaFactory.CreateSubCA(CaTestHarness.testHarnessLocation + @"\subCA\CAConfig.xml", cert); ICA subCa = OSCA.OSCA.LoadCA(CaTestHarness.testHarnessLocation + @"\subCA\CAConfig.xml", "foobar"); Assert.AreEqual("CN=Test subCA Sys", subCa.CAName); Assert.IsTrue(subCa.FIPS140Mode); }
public void CreateSubCATest1() { // Setup CaTestHarness.InitialiseCA(true); ICA ca = CaTestHarness.LoadCA(); // Test string caLocation; Directory.CreateDirectory(CaTestHarness.testHarnessLocation + @"\subCA"); caLocation = CaFactory.CreateSubCA(SysSubCaConfig, ca); Assert.AreEqual(CaTestHarness.testHarnessLocation + @"\subCA\CAConfig.xml", caLocation); // Test 2 ICA subCa = OSCA.OSCA.LoadCA(caLocation, "foobar"); Assert.AreEqual("CN=Test subCA Sys", subCa.CAName); Assert.IsTrue(subCa.FIPS140Mode); }
public static void InitialiseCA(bool FipsMode) { Directory.CreateDirectory(testHarnessLocation + @"\CA"); // Setup the CA type CAConfig config; if (FipsMode) { config = SysConfig; } else { config = BcConfig; } string cAConfigFile = CaFactory.CreateRootCA(config); if (cAConfigFile != testCAConfigFile) { throw new ApplicationException("Mismatch in config file names"); } }
private void butCreate_Click(object sender, EventArgs e) { CAConfig caConfig; // Assemble all the info try { caConfig = new CAConfig() { name = tbName.Text, DN = new X509Name(true, tbDN.Text), // 'true' reverses the name to have C= on the left profile = profile, profileFile = profileFile, pkAlgo = pkAlgo, pkSize = pkSize, sigAlgo = sigAlgo + pkAlgo, keyUsage = 0x06, // Hardwired to CertSign|CRLSign per RFC 5280 version = version, life = Convert.ToInt32(tbCertValid.Text), units = lbCertUnits.Text, location = tbFolder.Text, crlInterval = Convert.ToInt32(tbCRLInterval.Text) }; } catch (Exception ex) { MessageBox.Show("Error " + ex.Message, "Create CA", MessageBoxButtons.OK, MessageBoxIcon.Error); return; } if (cbFIPS.Checked) { if (rbTA.Checked) { caConfig.caType = CA_Type.dhTA; } else if (!rbECDSA.Checked) { caConfig.caType = CA_Type.sysCA; } else { caConfig.caType = CA_Type.cngCA; } caConfig.FIPS140 = true; } else { if (rbTA.Checked) { MessageBox.Show("CA of type TA is only supported with FIPS crypto", "Create CA", MessageBoxButtons.OK, MessageBoxIcon.Hand); DialogResult = DialogResult.Cancel; } caConfig.caType = CA_Type.bcCA; caConfig.FIPS140 = false; // Set a password Setpassword password = new Setpassword(); if (password.ShowDialog() == DialogResult.OK) { caConfig.password = password.tbPassword.Text; } else { // Abort DialogResult = DialogResult.Cancel; } } // Now lets create the CA CA newCA = new CA(); // Create the profiles directory Directory.CreateDirectory(tbFolder.Text + "\\Profiles"); switch (caConfig.profile) { case CA_Profile.rootCA: newCA.CaName = caConfig.name; newCA.Role = "rootCA"; // Create the CA newCA.ConfigLocation = CaFactory.CreateRootCA(caConfig); break; case CA_Profile.SubCA: // find the CA entry CA issuingCA = mgrConfig.CaList.Find(m => m.CaName == lbIssuingCA.Text); if (issuingCA.CaControl.CAStatus == CAstatus.Stopped) { MessageBox.Show("Issuing CA is STOPPED", "Create CA", MessageBoxButtons.OK, MessageBoxIcon.Error); DialogResult = DialogResult.Cancel; } //find the Profile entry ProfileDb profile = issuingCA.CaControl.Profiles.Find(m => m.profile.Name == lbProfile.Text); caConfig.profileFile = profile.file; // populate the CA entry newCA.CaName = caConfig.name; newCA.Role = "subCA"; // Create the CA try { newCA.ConfigLocation = CaFactory.CreateSubCA(caConfig, issuingCA.CaControl); } catch (Exception ex) { MessageBox.Show("There was a problem: " + ex.Message, "OSCA - Issue Certificate", MessageBoxButtons.OK, MessageBoxIcon.Error); butCancel_Click(null, null); } break; } // Add the new CA into the list mgrConfig.InsertCA(newCA); DialogResult = DialogResult.OK; }