Exemplo n.º 1
0
        public static void InitializeTrustAnchor()
        {
            X500DistinguishedName   dn      = new X500DistinguishedName("CN=Trust Anchor, O=TNT, C=US");
            AsymmetricCipherKeyPair keyPair = Certificate.CreateRSAKeyPair();
            Extensions extensions           = new Extensions();

            extensions.Add(new TNT.Cryptography.Extension.KeyUsage(KeyUsage.CrlSign | KeyUsage.KeyCertSign | KeyUsage.DigitalSignature));
            extensions.Add(new TNT.Cryptography.Extension.SubjectKeyIdentifier(keyPair.Public));
            extensions.Add(new TNT.Cryptography.Extension.BasicConstraints(new BasicConstraints(0)));
            List <Uri> uris = new List <Uri>(new Uri[] { new Uri("http://domain1.com"), new Uri("http://domain2.com") });

            extensions.Add(new TNT.Cryptography.Extension.CrlDistributionPoints(uris));

            Pkcs10CertificationRequest csr = Certificate.CreateCertificationRequest(dn.Name, keyPair, extensions);
            string csrB64 = csr.ToBase64();
            Pkcs10CertificationRequest copiedCsr = csrB64.ToPkcs10CertificationRequest();

            Assert.AreEqual(csr, copiedCsr);

            TA = Certificate.CreateCertificate(csr, keyPair, m_EffectiveDate, m_ExpirationDate);

            Assert.IsNotNull(TA);
            Assert.IsTrue(TA.HasPrivateKey);

            Assert.AreEqual(m_EffectiveDate.ToString(), TA.NotBefore.ToString());
            Assert.AreEqual(m_ExpirationDate.ToString(), TA.NotAfter.ToString());
            Assert.AreEqual(TA.Subject, TA.Issuer);
            Assert.AreEqual(4, TA.Extensions.Count);

            Assert.AreEqual(typeof(X509KeyUsageExtension), TA.Extensions[0].GetType());
            Assert.IsTrue(TA.Extensions[0].Critical);
            Assert.AreEqual(typeof(X509SubjectKeyIdentifierExtension), TA.Extensions[1].GetType());
            Assert.AreEqual(typeof(X509BasicConstraintsExtension), TA.Extensions[2].GetType());
            Assert.IsTrue(TA.Extensions[2].Critical);
            Assert.AreEqual(typeof(System.Security.Cryptography.X509Certificates.X509Extension), TA.Extensions[3].GetType());

            File.WriteAllBytes("Trust Anchor.cer", TA.Export(X509ContentType.Cert));
        }
 /// <summary>
 /// Saves a <see cref="Pkcs10CertificationRequest"/> to <paramref name="fileName"/>
 /// </summary>
 /// <param name="csr"><see cref="Pkcs10CertificationRequest"/></param>
 /// <param name="fileName">Name of file</param>
 public static void SaveCSR(Pkcs10CertificationRequest csr, string fileName)
 {
     File.WriteAllText(fileName, csr.ToBase64());
 }