public static TrustedTestCert <TestCertificate> GenerateTrustedTestCertificateThatWillExpireSoon(TimeSpan expiresIn) { var actionGenerator = CertificateModificationGeneratorForCertificateThatWillExpireSoon(expiresIn); // Code Sign EKU needs trust to a root authority // Add the cert to Root CA list in LocalMachine as it does not prompt a dialog // This makes all the associated tests to require admin privilege return(TestCertificate.Generate(actionGenerator).WithTrust()); }
public static TrustedTestCert <TestCertificate> GenerateTrustedTestCertificateNotYetValid() { var actionGenerator = CertificateModificationGeneratorNotYetValidCert; // Code Sign EKU needs trust to a root authority // Add the cert to Root CA list in LocalMachine as it does not prompt a dialog // This makes all the associated tests to require admin privilege return(TestCertificate.Generate(actionGenerator).WithTrust()); }
public static TrustedTestCert <TestCertificate> GenerateTrustedTestCertificateThatExpiresIn10Seconds() { var actionGenerator = CertificateModificationGeneratorExpireIn10Seconds; // Code Sign EKU needs trust to a root authority // Add the cert to Root CA list in LocalMachine as it does not prompt a dialog // This makes all the associated tests to require admin privilege return(TestCertificate.Generate(actionGenerator).WithTrust(StoreName.Root, StoreLocation.LocalMachine)); }
/// <summary> /// Generates a list of certificates representing a chain of certificates. /// The first certificate is the root certificate stored in StoreName.Root and StoreLocation.LocalMachine. /// The last certificate is the leaf certificate stored in StoreName.TrustedPeople and StoreLocation.LocalMachine. /// Please dispose all the certificates in the list after use. /// </summary> /// <param name="length">Length of the chain.</param> /// <param name="crlServerUri">Uri for crl server</param> /// <param name="crlLocalUri">Uri for crl local</param> /// <param name="configureLeafCrl">Indicates if leaf crl should be configured</param> /// <param name="leafCertificateActionGenerator">Specify actionGenerator for the leaf certificate of the chain</param> /// <returns>List of certificates representing a chain of certificates.</returns> public static IList <TrustedTestCert <TestCertificate> > GenerateCertificateChain(int length, string crlServerUri, string crlLocalUri, bool configureLeafCrl = true, Action <TestCertificateGenerator> leafCertificateActionGenerator = null) { var certChain = new List <TrustedTestCert <TestCertificate> >(); var actionGenerator = CertificateModificationGeneratorForCodeSigningEkuCert; var leafGenerator = leafCertificateActionGenerator ?? actionGenerator; TrustedTestCert <TestCertificate> issuer = null; TrustedTestCert <TestCertificate> cert = null; for (var i = 0; i < length; i++) { if (i == 0) // root CA cert { var chainCertificateRequest = new ChainCertificateRequest() { ConfigureCrl = true, CrlLocalBaseUri = crlLocalUri, CrlServerBaseUri = crlServerUri, IsCA = true }; cert = TestCertificate.Generate(actionGenerator, chainCertificateRequest).WithPrivateKeyAndTrust(StoreName.Root); issuer = cert; } else if (i < length - 1) // intermediate CA cert { var chainCertificateRequest = new ChainCertificateRequest() { ConfigureCrl = true, CrlLocalBaseUri = crlLocalUri, CrlServerBaseUri = crlServerUri, IsCA = true, Issuer = issuer.Source.Cert }; cert = TestCertificate.Generate(actionGenerator, chainCertificateRequest).WithPrivateKeyAndTrustForIntermediateCertificateAuthority(); issuer = cert; } else // leaf cert { var chainCertificateRequest = new ChainCertificateRequest() { CrlLocalBaseUri = crlLocalUri, CrlServerBaseUri = crlServerUri, IsCA = false, ConfigureCrl = configureLeafCrl, Issuer = issuer.Source.Cert }; cert = TestCertificate.Generate(leafGenerator, chainCertificateRequest).WithPrivateKeyAndTrustForLeafOrSelfIssued(); } certChain.Add(cert); } return(certChain); }
public static IX509CertificateChain GenerateCertificateChainWithoutTrust( int length, string crlServerUri, string crlLocalUri, bool configureLeafCrl = true, Action <TestCertificateGenerator> leafCertificateActionGenerator = null, bool revokeEndCertificate = false) { List <TestCertificate> testCertificates = new(); X509CertificateChain certificateChain = new(); Action <TestCertificateGenerator> actionGenerator = CertificateModificationGeneratorForCodeSigningEkuCert; Action <TestCertificateGenerator> leafGenerator = leafCertificateActionGenerator ?? actionGenerator; X509Certificate2 issuer = null; X509Certificate2 certificate = null; CertificateRevocationList crl = null; for (var i = 0; i < length; i++) { TestCertificate testCertificate; if (i == 0) // root CA cert { ChainCertificateRequest chainCertificateRequest = new() { ConfigureCrl = true, CrlLocalBaseUri = crlLocalUri, CrlServerBaseUri = crlServerUri, IsCA = true }; testCertificate = TestCertificate.Generate(actionGenerator, chainCertificateRequest); testCertificates.Add(testCertificate); issuer = certificate = testCertificate.PublicCertWithPrivateKey; } else if (i < length - 1) // intermediate CA cert { ChainCertificateRequest chainCertificateRequest = new ChainCertificateRequest() { ConfigureCrl = true, CrlLocalBaseUri = crlLocalUri, CrlServerBaseUri = crlServerUri, IsCA = true, Issuer = issuer }; testCertificate = TestCertificate.Generate(actionGenerator, chainCertificateRequest); testCertificates.Add(testCertificate); issuer = certificate = testCertificate.PublicCertWithPrivateKey; if (revokeEndCertificate) { crl = testCertificate.Crl; } } else // leaf cert { ChainCertificateRequest chainCertificateRequest = new() { CrlLocalBaseUri = crlLocalUri, CrlServerBaseUri = crlServerUri, IsCA = false, ConfigureCrl = configureLeafCrl, Issuer = issuer }; testCertificate = TestCertificate.Generate(leafGenerator, chainCertificateRequest); certificate = testCertificate.PublicCertWithPrivateKey; if (revokeEndCertificate) { testCertificates[testCertificates.Count - 1].Crl.RevokeCertificate(certificate); } testCertificates.Add(testCertificate); } certificateChain.Insert(index: 0, certificate); } foreach (TestCertificate testCertificate in testCertificates) { testCertificate.Cert.Dispose(); } return(certificateChain); }