/// <summary>
/// Factory method which creates a X509CertifiateAuthority where
/// the internal certificate is self-signed
/// </summary>
/// <param name="cfg"></param>
/// <param name="seq"></param>
/// <param name="subject"></param>
/// <param name="start"></param>
/// <param name="validity"></param>
/// <returns></returns>
public static X509CertificateAuthority SelfSigned(
Configuration cfg,
ISequenceNumber seq,
X509Name subject,
DateTime start,
TimeSpan validity)
{
CryptoKey key;
using (DSA dsa = new DSA(true))
{
key = new CryptoKey(dsa);
// Dispose the DSA key, the CryptoKey assignment increments the reference count
}
X509Certificate cert = new X509Certificate(
seq.Next(),
subject,
subject,
key,
start,
start + validity);
if (cfg != null)
{
cfg.ApplyExtensions("v3_ca", cert, cert, null);
}
cert.Sign(key, MessageDigest.DSS1);
return(new X509CertificateAuthority(cert, key, seq, cfg));
}
/// <summary>
/// Factory method that creates a X509CertificateAuthority instance with
/// an internal self signed certificate
/// </summary>
/// <param name="cfg"></param>
/// <param name="seq"></param>
/// <param name="key"></param>
/// <param name="digest"></param>
/// <param name="subject"></param>
/// <param name="start"></param>
/// <param name="validity"></param>
/// <returns></returns>
public static X509CertificateAuthority SelfSigned(
Configuration cfg,
ISequenceNumber seq,
CryptoKey key,
MessageDigest digest,
X509Name subject,
DateTime start,
TimeSpan validity)
{
X509Certificate cert = new X509Certificate(
seq.Next(),
subject,
subject,
key,
start,
start + validity);
if (cfg != null)
{
cfg.ApplyExtensions("v3_ca", cert, cert, null);
}
cert.Sign(key, digest);
return(new X509CertificateAuthority(cert, key, seq, cfg));
}
/// <summary>
/// Process an X509Request. This includes creating a new X509Certificate
/// and signing this certificate with this CA's private key.
/// </summary>
/// <param name="request"></param>
/// <param name="startTime"></param>
/// <param name="endTime"></param>
/// <param name="cfg"></param>
/// <param name="section"></param>
/// <param name="digest"></param>
/// <returns></returns>
public X509Certificate ProcessRequest(
X509Request request,
DateTime startTime,
DateTime endTime,
Configuration cfg,
string section,
MessageDigest digest)
{
// using (var pkey = request.PublicKey)
// {
// if (!request.Verify(pkey))
// throw new Exception("Request signature validation failed");
// }
var cert = new X509Certificate(
serial.Next(),
request.Subject,
this.caCert.Subject,
request.PublicKey,
startTime,
endTime);
if (cfg != null)
{
cfg.ApplyExtensions(section, caCert, cert, request);
}
cert.Sign(caKey, digest);
return(cert);
}
/// <summary>
/// Process and X509Request. This includes creating a new X509Certificate
/// and signing this certificate with this CA's private key.
/// </summary>
/// <param name="config"></param>
/// <param name="request"></param>
/// <param name="startTime"></param>
/// <param name="endTime"></param>
/// <param name="digest"></param>
/// <returns></returns>
public X509Certificate ProcessRequest(Configuration config, X509Request request, DateTime startTime, DateTime endTime, MessageDigest digest)
{
//using (CryptoKey pkey = request.PublicKey)
//{
// if (!request.Verify(pkey))
// throw new Exception("Request signature validation failed");
//}
X509Certificate cert = new X509Certificate(
serial.Next(),
request.Subject,
this.caCert.Subject,
request.PublicKey,
startTime,
endTime);
if (config != null)
{
config.ApplyExtensions("v3_ca", this.caCert, cert, request);
}
cert.Sign(this.caKey, digest);
return(cert);
}
/// <summary>
/// Process an X509Request. This includes creating a new X509Certificate
/// and signing this certificate with this CA's private key.
/// </summary>
/// <param name="request"></param>
/// <param name="startTime"></param>
/// <param name="endTime"></param>
/// <param name="cfg"></param>
/// <param name="section"></param>
/// <param name="digest"></param>
/// <returns></returns>
public X509Certificate ProcessRequest(
X509Request request,
DateTime startTime,
DateTime endTime,
Configuration cfg,
string section,
MessageDigest digest)
{
// using (var pkey = request.PublicKey)
// {
// if (!request.Verify(pkey))
// throw new Exception("Request signature validation failed");
// }
var cert = new X509Certificate(
serial.Next(),
request.Subject,
this.caCert.Subject,
request.PublicKey,
startTime,
endTime);
if (cfg != null)
cfg.ApplyExtensions(section, caCert, cert, request);
cert.Sign(caKey, digest);
return cert;
}
/// <summary>
/// Factory method that creates a X509CertificateAuthority instance with
/// an internal self signed certificate
/// </summary>
/// <param name="cfg"></param>
/// <param name="seq"></param>
/// <param name="key"></param>
/// <param name="digest"></param>
/// <param name="subject"></param>
/// <param name="start"></param>
/// <param name="validity"></param>
/// <returns></returns>
public static X509CertificateAuthority SelfSigned(
Configuration cfg,
ISequenceNumber seq,
CryptoKey key,
MessageDigest digest,
X509Name subject,
DateTime start,
TimeSpan validity)
{
var cert = new X509Certificate(
seq.Next(),
subject,
subject,
key,
start,
start + validity);
if (cfg != null)
cfg.ApplyExtensions("v3_ca", cert, cert, null);
cert.Sign(key, digest);
return new X509CertificateAuthority(cert, key, seq);
}
/// <summary>
/// Factory method which creates a X509CertifiateAuthority where
/// the internal certificate is self-signed
/// </summary>
/// <param name="cfg"></param>
/// <param name="seq"></param>
/// <param name="subject"></param>
/// <param name="start"></param>
/// <param name="validity"></param>
/// <returns></returns>
public static X509CertificateAuthority SelfSigned(
Configuration cfg,
ISequenceNumber seq,
X509Name subject,
DateTime start,
TimeSpan validity)
{
CryptoKey key;
using (var dsa = new DSA(true))
{
key = new CryptoKey(dsa);
// Dispose the DSA key, the CryptoKey assignment increments the reference count
}
var cert = new X509Certificate(
seq.Next(),
subject,
subject,
key,
start,
start + validity);
if (cfg != null)
cfg.ApplyExtensions("v3_ca", cert, cert, null);
cert.Sign(key, MessageDigest.DSS1);
return new X509CertificateAuthority(cert, key, seq);
}