protected override X509Certificate GenerateCertificate(AsymmetricKeyParameter privateKey, X509V3CertificateGenerator certGen) { var signer = new GostSignerFactory(privateKey); return(certGen.Generate(signer)); }
public static X509Certificate IssueCertificate(string pkcs10Request) { Pkcs10CertificationRequest request; using (var _sr = new StringReader(pkcs10Request)) { var pRd = new PemReader(_sr); request = (Pkcs10CertificationRequest)pRd.ReadObject(); pRd.Reader.Close(); } var caCert = (X509Certificate)RootCertificates.GetRootCertGOST(); var caKey = (AsymmetricKeyParameter)RootCertificates.GetPrivateKeyGOST(); var startDate = DateTime.Now; var expiryDate = DateTime.Now.AddYears(1); var serialNumber = BigIntegers.CreateRandomInRange( BigInteger.ValueOf(2).Pow(63), BigInteger.ValueOf(2).Pow(64), new SecureRandom() ); var certGen = new X509V3CertificateGenerator(); var requestInfo = request.GetCertificationRequestInfo(); certGen.SetSerialNumber(serialNumber); certGen.SetIssuerDN(caCert.SubjectDN); certGen.SetNotBefore(startDate); certGen.SetNotAfter(expiryDate); certGen.SetSubjectDN(requestInfo.Subject); certGen.SetPublicKey(request.GetPublicKey()); /// extensions certGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert)); certGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(request.GetPublicKey())); certGen.AddExtension( X509Extensions.ExtendedKeyUsage, true, new ExtendedKeyUsage(new[] { new DerObjectIdentifier("1.1.1.1.1.1.2") }) ); var signer = new GostSignerFactory(caKey); var certificate = certGen.Generate(signer); return(certificate); }
public static (AsymmetricCipherKeyPair, X509Certificate) GenerateSelfSigned() { var startDate = DateTime.Now; var expiryDate = DateTime.Now.AddYears(10); var serialNumber = BigIntegers.CreateRandomInRange( BigInteger.ValueOf(2).Pow(63), BigInteger.ValueOf(2).Pow(64), new SecureRandom() ); var oid = ECGost3410NamedCurves.GetOid("Tc26-Gost-3410-12-256-paramSetA"); var param = new ECKeyGenerationParameters(oid, new SecureRandom()); var engine = new ECKeyPairGenerator(); engine.Init(param); var keyPair = engine.GenerateKeyPair(); var certGen = new X509V1CertificateGenerator(); var dnName = new X509Name("CN=Test CA Certificate"); certGen.SetSerialNumber(serialNumber); certGen.SetIssuerDN(dnName); certGen.SetNotBefore(startDate); certGen.SetNotAfter(expiryDate); certGen.SetSubjectDN(dnName); certGen.SetPublicKey(keyPair.Public); var signer = new GostSignerFactory(keyPair.Private); var certificate = certGen.Generate(signer); return(keyPair, certificate); }
protected override X509Crl GenerateCrl(AsymmetricKeyParameter privateKey, X509V2CrlGenerator crlGen) { var signer = new GostSignerFactory(privateKey); return(crlGen.Generate(signer)); }