public void subjectAltNameConstructorTest1() { bool critical = true; subjectAltName target = new subjectAltName(critical); Assert.IsTrue(target.Critical); }
public void AddTest() { OSCAGeneralName Name = testData2; subjectAltName target = new subjectAltName(); target.Add(Name); Assert.AreEqual(testData2, target.SubjAltNames[0]); }
public void RemoveTest() { subjectAltName target = new subjectAltName(testData1); OSCAGeneralName Name = testData2; target.Remove(Name); Assert.AreEqual(1, target.SubjAltNames.Count); }
public void subjectAltNameConstructorTest2() { XElement Xml = testData1; subjectAltName target = new subjectAltName(Xml); Assert.AreEqual("SubjectAlternativeName", target.Name); Assert.IsFalse(target.Critical); Assert.IsTrue(target.SubjAltNames.Count == 2); }
public void ToXmlTest() { subjectAltName target = new subjectAltName(testData1); XNode expected = testData1; XNode actual; actual = target.ToXml(); Assert.AreEqual(expected.ToString(), actual.ToString()); }
public void GeneralNamesTest() { subjectAltName target = new subjectAltName(testData1); GeneralNames actual; actual = target.GeneralNames; GeneralName[] gn = actual.GetNames(); Assert.AreEqual("*****@*****.**", gn[0].Name.ToString()); Assert.IsTrue(gn[1].TagNo == 2); }
public void LoadOrCreateCA(String PKCS12Filename, String CommonName, subjectAltName altNames) { X509Name DN = new X509Name(); DN.Common = CommonName; DN.Organization = "SafeId - IAM"; DN.Country = "BR"; LoadOrCreateCA(PKCS12Filename, DN, altNames); }
public void SubjAltNamesTest() { subjectAltName target = new subjectAltName(testData1); List <OSCAGeneralName> actual; actual = target.SubjAltNames; Assert.IsTrue(actual[0].Name == "*****@*****.**"); Assert.IsTrue(actual[0].Type == GenName.rfc822Name); Assert.IsTrue(actual[1].Name == "peter.foo.com"); Assert.IsTrue(actual[1].Type == GenName.dNSName); }
private string SANasString() { if (OscaExtensions == null) { return(null); } // Retrieve the SAN extension from the Extensions list subjectAltName san = (subjectAltName)FindExtension("SubjectAlternativeName"); if (san == null) { return(null); } return(san.ToString()); }
// Load an existing extension private void edit(subjectAltName subjan) { san = subjan; // Populate the dataset for (int i = 0; i < san.SubjAltNames.Count; i++) { updateDataSet(san.SubjAltNames[i], i); } // critical setting if (san.Critical) { cbCritical.Checked = true; } else { cbCritical.Checked = false; } }
/// <summary> /// Get a GeneralNames object containing the SubjectAltNames /// </summary> /// <returns>Subject Alt Names (or null)</returns> private GeneralNames getSubjectAltNames() { if (Extensions == null) { return(null); } // Retrieve the SAN extension from the Extensions list subjectAltName san = (subjectAltName)FindExtension("SubjectAlternativeName"); //X509Extension san = Extensions.GetExtension(X509Extensions.SubjectAlternativeName); if (san == null) { return(null); } // Create a new GeneralNames object that includes the sequence of names return(san.GeneralNames); }
public SubjectAltNames(subjectAltName san) { InitializeComponent(); if (san == null) { create(); } else { edit(san); } // Setup the dataset ds.Tables.Add("generalNames"); ds.Tables["generalNames"].Columns.Add("#"); ds.Tables["generalNames"].Columns.Add("Type"); ds.Tables["generalNames"].Columns.Add("Name"); // Setup the grid dgv.DataSource = ds.Tables["generalNames"]; }
public String SignCert(X509Name Name, Boolean ca, subjectAltName altNames, Boolean saveFile, DateTime?expirationDate) { String certData = ""; FileInfo file = new FileInfo(Path.Combine(certDir.FullName, Name.Common + ".pfx")); using (CryptoKey key = CreateNewRSAKey(4096)) { int version = 2; // Version 2 is X.509 Version 3 using (X509Request request = new X509Request(version, Name, key)) using (X509Certificate certificate = RootCA.ProcessRequest(request, DateTime.Now.AddHours(-24), (expirationDate.HasValue ? expirationDate.Value : DateTime.Now + TimeSpan.FromDays(365)), MessageDigest.SHA1)) { if (ca) { certificate.AddExtension(new X509Extension(RootCA.Certificate, certificate, "basicConstraints", true, "CA:true")); certificate.AddExtension(new X509Extension(RootCA.Certificate, certificate, "keyUsage", true, "critical, cRLSign, keyCertSign, digitalSignature")); certificate.AddExtension(new X509Extension(RootCA.Certificate, certificate, "certificatePolicies", true, "2.5.29.32.0")); } else { certificate.AddExtension(new X509Extension(RootCA.Certificate, certificate, "basicConstraints", true, "CA:false")); } certificate.AddExtension(new X509Extension(RootCA.Certificate, certificate, "issuerAltName", true, "issuer:copy")); certificate.AddExtension(new X509Extension(RootCA.Certificate, certificate, "nsComment", true, "SafeID - IAM Generated Certificate")); certificate.AddExtension(new X509Extension(RootCA.Certificate, certificate, "subjectKeyIdentifier", true, "hash")); certificate.AddExtension(new X509Extension(RootCA.Certificate, certificate, "authorityKeyIdentifier", true, "keyid,issuer:always")); //certificate.AddExtension(new X509Extension(RootCA.Certificate, certificate, "subjectAltName", true, "DNS:" + Name.Common)); if (altNames != null) { foreach (Uri u in altNames.Uri) { certificate.AddExtension(new X509Extension(RootCA.Certificate, certificate, "subjectAltName", true, "URI:" + u.AbsoluteUri.ToLower())); } foreach (String m in altNames.Mail) { certificate.AddExtension(new X509Extension(RootCA.Certificate, certificate, "subjectAltName", true, "email:" + m)); } foreach (String s in altNames.Dns) { certificate.AddExtension(new X509Extension(RootCA.Certificate, certificate, "subjectAltName", true, "DNS:" + s)); } foreach (String s in altNames.Text) { certificate.AddExtension(new X509Extension(RootCA.Certificate, certificate, "subjectAltName", true, "otherName:1.2.3.4;UTF8:" + s)); } } /* * subjectAltName=email:copy,email:[email protected],URI:http://my.url.here/ * subjectAltName=IP:192.168.7.1 * subjectAltName=IP:13::17 * subjectAltName=email:[email protected],RID:1.2.3.4 * subjectAltName=otherName:1.2.3.4;UTF8:some other identifier*/ //certificate.AddExtension(new X509Extension(RootCA.Certificate, certificate, "keyUsage", true, "nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment, encipherOnly, decipherOnly, keyAgreement")); //certificate.AddExtension(new X509Extension(RootCA.Certificate, certificate, "extendedKeyUsage", true, "clientAuth")); //certificate.AddExtension(new X509Extension(RootCA.Certificate, certificate, "crlDistributionPoints", true, "URI:http://ok/certEnroll/ok-ca.crl")); certificate.Sign(RootCA.Key, MessageDigest.SHA1); if (saveFile) { certData = BuildPKCS12AndSave(file.FullName, this.signedPassword, key, certificate); } else { certData = BuildPKCS12(this.signedPassword, key, certificate); } } } return(certData); }
public String SignCert(String Common, Boolean ca, subjectAltName altNames, Boolean saveFile, DateTime?expirationDate) { X509Name name = GetCertificateSigningRequestSubject(Common); return(SignCert(name, ca, altNames, saveFile, expirationDate)); }
public String SignCert(X509Name Name, subjectAltName altNames) { return(SignCert(Name, false, altNames, true, null)); }
public String SignCert(String Common, subjectAltName altNames) { return(SignCert(Common, false, altNames, true, null)); }
public String SignCert(String Common, subjectAltName altNames, Boolean saveFile) { return(SignCert(Common, false, altNames, saveFile, null)); }
public void LoadOrCreateCA(String PKCS12Filename, X509Name Name, subjectAltName altNames) { FileInfo caPkcs12 = new FileInfo(PKCS12Filename); if (caPkcs12.Exists) { try { Byte[] bPKCS12 = File.ReadAllBytes(caPkcs12.FullName); // You need to write the CSR string to a BIO object as shown below. BIO pkcs12BIO = BIO.MemoryBuffer(); pkcs12BIO.Write(bPKCS12); X509Certificate cert = X509Certificate.FromPKCS12(pkcs12BIO, this.caPassword); if (RootCA != null) { RootCA.Dispose(); } RootCA = new X509CertificateAuthority(cert, cert.PrivateKey, new SimpleSerialNumber(1), cfg); } catch { RootCA = null; } } if (RootCA == null) { X509V3ExtensionList ext = new X509V3ExtensionList(); ext.Add(new X509V3ExtensionValue("nsComment", true, "SafeID - IAM Generated Certificate")); ext.Add(new X509V3ExtensionValue("basicConstraints", true, "CA:true")); //ext.Add(new X509V3ExtensionValue("keyUsage", true, "critical, cRLSign, keyCertSign, digitalSignature")); ext.Add(new X509V3ExtensionValue("subjectKeyIdentifier", true, "hash")); ext.Add(new X509V3ExtensionValue("authorityKeyIdentifier", true, "keyid,issuer:always")); if (altNames != null) { foreach (Uri u in altNames.Uri) { ext.Add(new X509V3ExtensionValue("subjectAltName", true, "URI:" + u.AbsoluteUri.ToLower())); } foreach (String m in altNames.Mail) { ext.Add(new X509V3ExtensionValue("subjectAltName", true, "email:" + m)); } foreach (String s in altNames.Dns) { ext.Add(new X509V3ExtensionValue("subjectAltName", true, "DNS:" + s)); } foreach (String s in altNames.Text) { ext.Add(new X509V3ExtensionValue("subjectAltName", true, "otherName:1.2.3.4;UTF8:" + s)); } } RootCA = X509CertificateAuthority.SelfSigned(new SimpleSerialNumber(), CreateNewRSAKey(2048), MessageDigest.SHA1, Name, DateTime.Now.AddHours(-24), (DateTime.Now.AddYears(10) - DateTime.Now), ext); BuildPKCS12AndSave(caPkcs12.FullName, this.caPassword, RootCA.Key, RootCA.Certificate); } }
// Create a new extension private void create() { san = new subjectAltName(); }
public void subjectAltNameConstructorTest() { subjectAltName target = new subjectAltName(); Assert.AreEqual("SubjectAlternativeName", target.Name); }