Exemplo n.º 1
0
        /// <summary>Generate an X509 CRL, based on the current issuer and subject.</summary>
        /// <param name="cspParam">CSP Parameters containing the key</param>
        public X509Crl Generate(CngKey key)
        {
            TbsCertificateList tbsCrl = GenerateCertList();

            byte[] signature;

            try
            {
                signature = CngSigner.Sign(tbsCrl.GetDerEncoded(), key, CngAlgorithm.Sha256);
            }
            catch (IOException e)
            {
                throw new CrlException("cannot generate CRL encoding", e);
            }

            return(new X509Crl(CertificateList.GetInstance(new DerSequence(tbsCrl, sigAlgId, new DerBitString(signature)))));
        }
Exemplo n.º 2
0
        /// <summary>
        /// Generate an X509Certificate.
        /// </summary>
        /// <param name="cspParam">CspParameters instance that has the private signing key</param>
        /// <param name="Extensions">Extensions to include in the certificate</param>
        /// <returns>An X509Certificate.</returns>
        public X509Certificate Generate(CngKey key, X509Extensions Extensions)
        {
            TbsCertificateStructure tbsCert = GenerateTbsCert(Extensions);

            // Check this complies with policy
            if (policy != null)
            {
                TestAgainstPolicy test = new TestAgainstPolicy(policy);
                if (!test.report(tbsCert))
                {
                    throw new PolicyEnforcementException(test.status.ToString());
                }
            }

            byte[] cert = tbsCert.GetEncoded();
            byte[] signature;

            try
            {
                //AlgorithmIdentifier sigAlg = tbsCert.Signature;
                //sigAlg.ObjectID
                signature = CngSigner.Sign(cert, key, CngAlgorithm.Sha256);
            }
            catch (Exception e)
            {
                throw new CertificateEncodingException("Exception encoding TBS cert", e);
            }

            try
            {
                return(new X509Certificate(new X509CertificateStructure(tbsCert, sigAlgId, new DerBitString(signature))));
            }
            catch (CertificateParsingException e)
            {
                throw new CertificateEncodingException("Exception producing certificate object", e);
            }
        }