/// <summary>
/// Create a X509Certificate2 with a private key by combining
/// the new certificate with a private key from an existing certificate
/// </summary>
public static X509Certificate2 CreateCertificateWithPrivateKey(
X509Certificate2 certificate,
X509Certificate2 certificateWithPrivateKey)
{
if (!certificateWithPrivateKey.HasPrivateKey)
{
throw new NotSupportedException("Need a certificate with a private key.");
}
if (!X509Utils.VerifyRSAKeyPair(certificate, certificateWithPrivateKey))
{
throw new NotSupportedException("The public and the private key pair doesn't match.");
}
string passcode = Guid.NewGuid().ToString();
RSA rsaPrivateKey = null;
try
{
rsaPrivateKey = certificateWithPrivateKey.GetRSAPrivateKey();
byte[] pfxData = CertificateBuilder.CreatePfxWithRSAPrivateKey(
certificate, certificate.FriendlyName, rsaPrivateKey, passcode);
return(X509Utils.CreateCertificateFromPKCS12(pfxData, passcode));
}
finally
{
RsaUtils.RSADispose(rsaPrivateKey);
}
}
/// <summary>
/// Create a X509Certificate2 with a private key by combining
/// the certificate with a private key from a PEM stream
/// </summary>
public static X509Certificate2 CreateCertificateWithPEMPrivateKey(
X509Certificate2 certificate,
byte[] pemDataBlob,
string password = null)
{
RSA privateKey = PEMReader.ImportPrivateKeyFromPEM(pemDataBlob, password);
if (privateKey == null)
{
throw new ServiceResultException("PEM data blob does not contain a private key.");
}
string passcode = X509Utils.GeneratePasscode();
byte[] pfxData = CertificateBuilder.CreatePfxWithRSAPrivateKey(
certificate, certificate.FriendlyName, privateKey, passcode);
return(X509Utils.CreateCertificateFromPKCS12(pfxData, passcode));
}
/// <summary>
/// Create a X509Certificate2 with a private key by combining
/// the new certificate with a private key from an existing certificate
/// </summary>
public static X509Certificate2 CreateCertificateWithPrivateKey(
X509Certificate2 certificate,
X509Certificate2 certificateWithPrivateKey)
{
if (!certificateWithPrivateKey.HasPrivateKey)
{
throw new NotSupportedException("Need a certificate with a private key.");
}
if (!X509Utils.VerifyRSAKeyPair(certificate, certificateWithPrivateKey))
{
throw new NotSupportedException("The public and the private key pair doesn't match.");
}
string passcode = X509Utils.GeneratePasscode();
using (RSA rsaPrivateKey = certificateWithPrivateKey.GetRSAPrivateKey())
{
byte[] pfxData = CertificateBuilder.CreatePfxWithRSAPrivateKey(
certificate, certificate.FriendlyName, rsaPrivateKey, passcode);
return(X509Utils.CreateCertificateFromPKCS12(pfxData, passcode));
}
}
