internal static void ProcessAttrCert5(IX509AttributeCertificate attrCert, PkixParameters pkixParams)
{
try
{
attrCert.CheckValidity(PkixCertPathValidatorUtilities.GetValidDate(pkixParams));
}
catch (CertificateExpiredException cause)
{
throw new PkixCertPathValidatorException("Attribute certificate is not valid.", cause);
}
catch (CertificateNotYetValidException cause2)
{
throw new PkixCertPathValidatorException("Attribute certificate is not valid.", cause2);
}
}
internal static void ProcessAttrCert5(
IX509AttributeCertificate attrCert,
PkixParameters pkixParams)
{
try
{
attrCert.CheckValidity(PkixCertPathValidatorUtilities.GetValidDate(pkixParams));
}
catch (CertificateExpiredException e)
{
throw new PkixCertPathValidatorException(
"Attribute certificate is not valid.", e);
}
catch (CertificateNotYetValidException e)
{
throw new PkixCertPathValidatorException(
"Attribute certificate is not valid.", e);
}
}
private void doTestGenerateWithPrincipal()
{
X509CertificateParser fact = new X509CertificateParser();
X509Certificate iCert = fact.ReadCertificate(signCert);
//
// a sample key pair.
//
RsaKeyParameters pubKey = new RsaKeyParameters(
false,
new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
new BigInteger("11", 16));
//
// set up the keys
//
// PrivateKey privKey;
// PublicKey pubKey;
//
// KeyFactory kFact = KeyFactory.getInstance("RSA");
//
// privKey = kFact.generatePrivate(RSA_PRIVATE_KEY_SPEC);
// pubKey = kFact.generatePublic(pubKeySpec);
AsymmetricKeyParameter privKey = RSA_PRIVATE_KEY_SPEC;
X509V2AttributeCertificateGenerator gen = new X509V2AttributeCertificateGenerator();
// the actual attributes
GeneralName roleName = new GeneralName(GeneralName.Rfc822Name, "DAU123456789");
// roleSyntax OID: 2.5.24.72
X509Attribute attributes = new X509Attribute("2.5.24.72",
new DerSequence(roleName));
gen.AddAttribute(attributes);
gen.SetHolder(new AttributeCertificateHolder(iCert.SubjectDN));
gen.SetIssuer(new AttributeCertificateIssuer(new X509Name("cn=test")));
gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
gen.SetSerialNumber(BigInteger.One);
gen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
IX509AttributeCertificate aCert = gen.Generate(privKey);
aCert.CheckValidity();
aCert.Verify(pubKey);
AttributeCertificateHolder holder = aCert.Holder;
if (holder.GetEntityNames() == null)
{
Fail("entity names not set when expected");
}
if (holder.SerialNumber != null)
{
Fail("holder serial number found when none expected");
}
if (holder.GetIssuer() != null)
{
Fail("holder issuer found when none expected");
}
if (!holder.Match(iCert))
{
Fail("generated holder not matching holder certificate");
}
X509Certificate sCert = fact.ReadCertificate(holderCertWithBaseCertificateID);
if (holder.Match(sCert))
{
Fail("principal generated holder matching wrong certificate");
}
equalityAndHashCodeTest(aCert, aCert.GetEncoded());
}