/// <summary> /// Generate an X509Certificate. /// </summary> /// <param name="cspParam">CspParameters instance that has the private signing key</param> /// <param name="Extensions">Extensions to include in the certificate</param> /// <returns>An X509Certificate.</returns> public X509Certificate Generate(CspParameters cspParam, X509Extensions Extensions) { TbsCertificateStructure tbsCert = GenerateTbsCert(Extensions); // Check this complies with policy if (policy != null) { TestAgainstPolicy test = new TestAgainstPolicy(policy); if (!test.report(tbsCert)) { throw new PolicyEnforcementException(test.status.ToString()); } } byte[] cert = tbsCert.GetEncoded(); byte[] signature; try { signature = SysSigner.Sign(cert, cspParam, signatureAlgorithm); } catch (Exception e) { throw new CertificateEncodingException("Exception encoding TBS cert", e); } try { return(new X509Certificate(new X509CertificateStructure(tbsCert, sigAlgId, new DerBitString(signature)))); } catch (CertificateParsingException e) { throw new CertificateEncodingException("Exception producing certificate object", e); } }
/// <summary> /// Generate an X509 Certificate /// </summary> /// <param name="cspParam">CspParameters instance that has the private signing key</param> /// <returns>An X509 Certificate</returns> public X509Certificate Generate(CspParameters cspParam) { TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate(); byte[] cert = tbsCert.GetEncoded(); byte[] signature; try { signature = SysSigner.Sign(cert, cspParam, signatureAlgorithm); } catch (Exception e) { throw new CertificateEncodingException("Exception encoding TBS cert", e); } try { return(new X509Certificate(new X509CertificateStructure(tbsCert, sigAlgId, new DerBitString(signature)))); } catch (CertificateParsingException e) { throw new CertificateEncodingException("Exception producing certificate object", e); } }
private void TbsV3CertGenerate() { V3TbsCertificateGenerator gen = new V3TbsCertificateGenerator(); DateTime startDate = MakeUtcDateTime(1970, 1, 1, 0, 0, 1); DateTime endDate = MakeUtcDateTime(1970, 1, 1, 0, 0, 2); gen.SetSerialNumber(new DerInteger(2)); gen.SetStartDate(new Time(startDate)); gen.SetEndDate(new Time(endDate)); gen.SetIssuer(new X509Name("CN=AU,O=Bouncy Castle")); gen.SetSubject(new X509Name("CN=AU,O=Bouncy Castle,OU=Test 2")); gen.SetSignature(new AlgorithmIdentifier(PkcsObjectIdentifiers.MD5WithRsaEncryption, DerNull.Instance)); SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( new AlgorithmIdentifier( OiwObjectIdentifiers.ElGamalAlgorithm, new ElGamalParameter(BigInteger.One, BigInteger.Two)), new DerInteger(3)); gen.SetSubjectPublicKeyInfo(info); // // add extensions // IList order = new ArrayList(); IDictionary extensions = new Hashtable(); order.Add(X509Extensions.AuthorityKeyIdentifier); order.Add(X509Extensions.SubjectKeyIdentifier); order.Add(X509Extensions.KeyUsage); extensions.Add(X509Extensions.AuthorityKeyIdentifier, new X509Extension(true, new DerOctetString(CreateAuthorityKeyId(info, new X509Name("CN=AU,O=Bouncy Castle,OU=Test 2"), 2)))); extensions.Add(X509Extensions.SubjectKeyIdentifier, new X509Extension(true, new DerOctetString(new SubjectKeyIdentifier(info)))); extensions.Add(X509Extensions.KeyUsage, new X509Extension(false, new DerOctetString(new KeyUsage(KeyUsage.DataEncipherment)))); X509Extensions ex = new X509Extensions(order, extensions); gen.SetExtensions(ex); TbsCertificateStructure tbs = gen.GenerateTbsCertificate(); if (!Arrays.AreEqual(tbs.GetEncoded(), v3Cert)) { Fail("failed v3 cert generation"); } // // read back test // Asn1Object o = Asn1Object.FromByteArray(v3Cert); if (!Arrays.AreEqual(o.GetEncoded(), v3Cert)) { Fail("failed v3 cert read back test"); } }
private void TbsV1CertGenerate() { V1TbsCertificateGenerator gen = new V1TbsCertificateGenerator(); DateTime startDate = MakeUtcDateTime(1970, 1, 1, 0, 0, 1); DateTime endDate = MakeUtcDateTime(1970, 1, 1, 0, 0, 12); gen.SetSerialNumber(new DerInteger(1)); gen.SetStartDate(new Time(startDate)); gen.SetEndDate(new Time(endDate)); gen.SetIssuer(new X509Name("CN=AU,O=Bouncy Castle")); gen.SetSubject(new X509Name("CN=AU,O=Bouncy Castle,OU=Test 1")); gen.SetSignature(new AlgorithmIdentifier(PkcsObjectIdentifiers.MD5WithRsaEncryption, DerNull.Instance)); SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance), new RsaPublicKeyStructure(BigInteger.One, BigInteger.Two)); gen.SetSubjectPublicKeyInfo(info); TbsCertificateStructure tbs = gen.GenerateTbsCertificate(); if (!Arrays.AreEqual(tbs.GetEncoded(), v1Cert)) { Fail("failed v1 cert generation"); } // // read back test // Asn1InputStream aIn = new Asn1InputStream(v1Cert); Asn1Object o = aIn.ReadObject(); if (!Arrays.AreEqual(o.GetEncoded(), v1Cert)) { Fail("failed v1 cert read back test"); } }
private void TbsV3CertGenWithNullSubject() { V3TbsCertificateGenerator gen = new V3TbsCertificateGenerator(); DateTime startDate = MakeUtcDateTime(1970, 1, 1, 0, 0, 1); DateTime endDate = MakeUtcDateTime(1970, 1, 1, 0, 0, 2); gen.SetSerialNumber(new DerInteger(2)); gen.SetStartDate(new Time(startDate)); gen.SetEndDate(new Time(endDate)); gen.SetIssuer(new X509Name("CN=AU,O=Bouncy Castle")); gen.SetSignature(new AlgorithmIdentifier(PkcsObjectIdentifiers.MD5WithRsaEncryption, DerNull.Instance)); SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( new AlgorithmIdentifier(OiwObjectIdentifiers.ElGamalAlgorithm, new ElGamalParameter(BigInteger.One, BigInteger.Two)), new DerInteger(3)); gen.SetSubjectPublicKeyInfo(info); try { gen.GenerateTbsCertificate(); Fail("null subject not caught!"); } catch (InvalidOperationException e) { if (!e.Message.Equals("not all mandatory fields set in V3 TBScertificate generator")) { Fail("unexpected exception", e); } } // // add extensions // IList order = new ArrayList(); IDictionary extensions = new Hashtable(); order.Add(X509Extensions.SubjectAlternativeName); extensions.Add( X509Extensions.SubjectAlternativeName, new X509Extension( true, new DerOctetString( new GeneralNames( new GeneralName( new X509Name("CN=AU,O=Bouncy Castle,OU=Test 2")))))); X509Extensions ex = new X509Extensions(order, extensions); gen.SetExtensions(ex); TbsCertificateStructure tbs = gen.GenerateTbsCertificate(); if (!Arrays.AreEqual(tbs.GetEncoded(), v3CertNullSubject)) { Fail("failed v3 null sub cert generation"); } // // read back test // Asn1Object o = Asn1Object.FromByteArray(v3CertNullSubject); if (!Arrays.AreEqual(o.GetEncoded(), v3CertNullSubject)) { Fail("failed v3 null sub cert read back test"); } }