示例#1
0
        /// <inheritdoc/>
        public override X509Certificate2 CreateForRSA()
        {
            CreateDefaults();

            if (m_rsaPublicKey != null &&
                (IssuerCAKeyCert == null || !IssuerCAKeyCert.HasPrivateKey))
            {
                throw new NotSupportedException("Cannot use a public key without a issuer certificate with a private key.");
            }

            RSA rsaKeyPair   = null;
            RSA rsaPublicKey = m_rsaPublicKey;

            if (rsaPublicKey == null)
            {
                rsaKeyPair   = RSA.Create(m_keySize == 0 ? X509Defaults.RSAKeySize : m_keySize);
                rsaPublicKey = rsaKeyPair;
            }

            var padding = RSASignaturePadding.Pkcs1;
            var request = new CertificateRequest(SubjectName, rsaPublicKey, HashAlgorithmName, padding);

            CreateX509Extensions(request, false);

            X509Certificate2 signedCert;
            var serialNumber = m_serialNumber.Reverse().ToArray();

            if (IssuerCAKeyCert != null)
            {
                var issuerSubjectName = IssuerCAKeyCert.SubjectName;
                using (RSA rsaIssuerKey = IssuerCAKeyCert.GetRSAPrivateKey())
                {
                    signedCert = request.Create(
                        IssuerCAKeyCert.SubjectName,
                        X509SignatureGenerator.CreateForRSA(rsaIssuerKey, padding),
                        NotBefore,
                        NotAfter,
                        serialNumber
                        );
                }
            }
            else
            {
                signedCert = request.Create(
                    SubjectName,
                    X509SignatureGenerator.CreateForRSA(rsaKeyPair, padding),
                    NotBefore,
                    NotAfter,
                    serialNumber
                    );
            }

            return((rsaKeyPair == null) ? signedCert : signedCert.CopyWithPrivateKey(rsaKeyPair));
        }
示例#2
0
        /// <inheritdoc/>
        public override X509Certificate2 CreateForECDsa()
        {
            if (m_ecdsaPublicKey != null && IssuerCAKeyCert == null)
            {
                throw new NotSupportedException("Cannot use a public key without a issuer certificate with a private key.");
            }

            if (m_ecdsaPublicKey == null && m_curve == null)
            {
                throw new NotSupportedException("Need a public key or a ECCurve to create the certificate.");
            }

            CreateDefaults();

            ECDsa key       = null;
            ECDsa publicKey = m_ecdsaPublicKey;

            if (publicKey == null)
            {
                key       = ECDsa.Create((ECCurve)m_curve);
                publicKey = key;
            }

            var request = new CertificateRequest(SubjectName, publicKey, HashAlgorithmName);

            CreateX509Extensions(request, true);

            var serialNumber = m_serialNumber.Reverse().ToArray();

            if (IssuerCAKeyCert != null)
            {
                using (ECDsa issuerKey = IssuerCAKeyCert.GetECDsaPrivateKey())
                {
                    return(request.Create(
                               IssuerCAKeyCert.SubjectName,
                               X509SignatureGenerator.CreateForECDsa(issuerKey),
                               NotBefore,
                               NotAfter,
                               serialNumber
                               ));
                }
            }
            else
            {
                return(request.Create(
                           SubjectName,
                           X509SignatureGenerator.CreateForECDsa(key),
                           NotBefore,
                           NotAfter,
                           serialNumber
                           )
                       .CopyWithPrivateKey(key));
            }
        }