public void CanAddExtensions() { X509V3ExtensionList extList = new X509V3ExtensionList(); extList.Add(new X509V3ExtensionValue("subjectKeyIdentifier", false, "hash")); extList.Add(new X509V3ExtensionValue("authorityKeyIdentifier", false, "keyid:always,issuer:always")); extList.Add(new X509V3ExtensionValue("basicConstraints", true, "critical,CA:true")); extList.Add(new X509V3ExtensionValue("keyUsage", false, "cRLSign,keyCertSign")); DateTime start = DateTime.Now; DateTime end = start + TimeSpan.FromMinutes(10); CryptoKey key = new CryptoKey(new DSA(true)); using (X509Certificate cert = new X509Certificate(101, "CN=Root", "CN=Root", key, start, end)) { foreach (X509V3ExtensionValue extValue in extList) { using (X509Extension ext = new X509Extension(cert, cert, extValue.Name, extValue.IsCritical, extValue.Value)) { cert.AddExtension(ext); } } foreach (X509Extension ext in cert.Extensions) { Console.WriteLine(ext); } Assert.AreEqual(extList.Count, cert.Extensions.Count); } }
public void CanAddRequestExtensions() { var extList = new List<X509V3ExtensionValue> { new X509V3ExtensionValue("subjectAltName", false, "DNS:foo.com,DNS:bar.org"), new X509V3ExtensionValue("keyUsage", false, "cRLSign,keyCertSign"), }; var start = DateTime.Now; var end = start + TimeSpan.FromMinutes(10); using (var key = new CryptoKey(RSA.FromPrivateKey(new BIO(RSA_KEY)))) using (var request = new X509Request(1,new X509Name("foo"),key)) { OpenSSL.Core.Stack<X509Extension> extensions = new OpenSSL.Core.Stack<X509Extension>(); foreach (var extValue in extList) { using (var ext = new X509Extension(request, extValue.Name, extValue.IsCritical, extValue.Value)) { Console.WriteLine(ext); extensions.Add(ext); } } request.AddExtensions(extensions); Assert.AreEqual(EXPECTED_CERT, request.PEM); } }
/// <summary> /// Factory method that creates a X509CertificateAuthority instance with /// an internal self signed certificate. This method allows creation without /// the need for the Configuration file, X509V3Extensions may be added /// with the X509V3ExtensionList parameter /// </summary> /// <param name="seq"></param> /// <param name="key"></param> /// <param name="digest"></param> /// <param name="subject"></param> /// <param name="start"></param> /// <param name="validity"></param> /// <param name="extensions"></param> /// <returns></returns> public static X509CertificateAuthority SelfSigned( ISequenceNumber seq, CryptoKey key, MessageDigest digest, X509Name subject, DateTime start, TimeSpan validity, IEnumerable<X509V3ExtensionValue> extensions) { var cert = new X509Certificate( seq.Next(), subject, subject, key, start, start + validity); if (extensions != null) { foreach (var extValue in extensions) { using (var ext = new X509Extension(cert, cert, extValue.Name, extValue.IsCritical, extValue.Value)) { cert.AddExtension(ext); } } } cert.Sign(key, digest); return new X509CertificateAuthority(cert, key, seq); }
/// <summary> /// Factory method that creates a X509CertificateAuthority instance with /// an internal self signed certificate. This method allows creation without /// the need for the Configuration file, X509V3Extensions may be added /// with the X509V3ExtensionList parameter /// </summary> /// <param name="seq"></param> /// <param name="key"></param> /// <param name="digest"></param> /// <param name="subject"></param> /// <param name="start"></param> /// <param name="validity"></param> /// <param name="extensions"></param> /// <returns></returns> public static X509CertificateAuthority SelfSigned( ISequenceNumber seq, CryptoKey key, MessageDigest digest, X509Name subject, DateTime start, TimeSpan validity, X509V3ExtensionList extensions) { X509Certificate cert = new X509Certificate( seq.Next(), subject, subject, key, start, start + validity); if (null != extensions) { foreach (X509V3ExtensionValue extValue in extensions) { X509Extension ext = new X509Extension(cert, cert, extValue.Name, extValue.IsCritical, extValue.Value); cert.AddExtension(ext); } } cert.Sign(key, digest); return new X509CertificateAuthority(cert, key, seq, null); }
/// <summary> /// Calls X509_add_ext() /// </summary> /// <param name="ext"></param> public void AddExtension(X509Extension ext) { Native.ExpectSuccess(Native.X509_add_ext(ptr, ext.Handle, -1)); }