예제 #1
0
        public X509Certificate IssueCertificate(
            string pkcs10Request,
            ExtensionBuilder extensionBuilder,
            string customDN = null
            )
        {
            Pkcs10CertificationRequest request;

            using (var _sr = new StringReader(pkcs10Request))
            {
                var pRd = new PemReader(_sr);
                request = (Pkcs10CertificationRequest)pRd.ReadObject();
                pRd.Reader.Close();
            }

            var isGost = request.SignatureAlgorithm.Algorithm.Id.Contains("1.2.643");

            PkiService service;

            if (isGost)
            {
                service = new GOSTPkiService();
            }
            else
            {
                service = new RSAPkiService();
            }

            return(service.IssueCertificate(request, extensionBuilder, customDN));
        }
예제 #2
0
        public X509Certificate IssueCertificate(
            Pkcs10CertificationRequest request,
            ExtensionBuilder extensionBuilder,
            string customDN = null
            )
        {
            var caCert = GetRootCert();
            var caKey  = GetRootKey();

            var startDate  = DateTime.Now;
            var expiryDate = DateTime.Now.AddYears(1);

            var serialNumber = BigIntegers.CreateRandomInRange(
                BigInteger.ValueOf(2).Pow(63),
                BigInteger.ValueOf(2).Pow(64),
                new SecureRandom()
                );

            var certGen = new X509V3CertificateGenerator();

            certGen.SetSerialNumber(serialNumber);
            certGen.SetIssuerDN(caCert.SubjectDN);
            certGen.SetNotBefore(startDate);
            certGen.SetNotAfter(expiryDate);
            certGen.SetPublicKey(request.GetPublicKey());

            if (!string.IsNullOrEmpty(customDN))
            {
                certGen.SetSubjectDN(new X509Name(customDN));
            }
            else
            {
                certGen.SetSubjectDN(request.GetCertificationRequestInfo().Subject);
            }

            extensionBuilder.Build(certGen, request, caCert);

            var x509Certificate = GenerateCertificate(caKey, certGen);

            return(x509Certificate);
        }