Create() [4/4]

X509Certificate2 System.Security.Cryptography.X509Certificates.CertificateRequest.Create ( X509Certificate2 issuerCertificate, DateTimeOffset notBefore, DateTimeOffset notAfter, ReadOnlySpan< byte > serialNumber )

inline

Definition at line 198 of file CertificateRequest.cs.

    {
        if (issuerCertificate == null)
        {
            throw new ArgumentNullException("issuerCertificate");
        }
        if (!issuerCertificate.HasPrivateKey)
        {
            throw new ArgumentException(System.SR.Cryptography_CertReq_IssuerRequiresPrivateKey, "issuerCertificate");
        }
        if (notAfter < notBefore)
        {
            throw new ArgumentException(System.SR.Cryptography_CertReq_DatesReversed);
        }
        if (serialNumber.IsEmpty)
        {
            throw new ArgumentException(System.SR.Arg_EmptyOrNullArray, "serialNumber");
        }
        if (issuerCertificate.PublicKey.Oid.Value != PublicKey.Oid.Value)
        {
            throw new ArgumentException(System.SR.Format(System.SR.Cryptography_CertReq_AlgorithmMustMatch, issuerCertificate.PublicKey.Oid.Value, PublicKey.Oid.Value), "issuerCertificate");
        }
        DateTime localDateTime = notBefore.LocalDateTime;
        if (localDateTime < issuerCertificate.NotBefore)
        {
            throw new ArgumentException(System.SR.Format(System.SR.Cryptography_CertReq_NotBeforeNotNested, localDateTime, issuerCertificate.NotBefore), "notBefore");
        }
        DateTime localDateTime2 = notAfter.LocalDateTime;
        long ticks = localDateTime2.Ticks;
        long num = ticks % 10000000;
        ticks -= num;
        localDateTime2 = new DateTime(ticks, localDateTime2.Kind);
        if (localDateTime2 > issuerCertificate.NotAfter)
        {
            throw new ArgumentException(System.SR.Format(System.SR.Cryptography_CertReq_NotAfterNotNested, localDateTime2, issuerCertificate.NotAfter), "notAfter");
        }
        X509BasicConstraintsExtension x509BasicConstraintsExtension = (X509BasicConstraintsExtension)issuerCertificate.Extensions["2.5.29.19"];
        X509KeyUsageExtension x509KeyUsageExtension = (X509KeyUsageExtension)issuerCertificate.Extensions["2.5.29.15"];
        if (x509BasicConstraintsExtension == null)
        {
            throw new ArgumentException(System.SR.Cryptography_CertReq_BasicConstraintsRequired, "issuerCertificate");
        }
        if (!x509BasicConstraintsExtension.CertificateAuthority)
        {
            throw new ArgumentException(System.SR.Cryptography_CertReq_IssuerBasicConstraintsInvalid, "issuerCertificate");
        }
        if (x509KeyUsageExtension != null && (x509KeyUsageExtension.KeyUsages & X509KeyUsageFlags.KeyCertSign) == 0)
        {
            throw new ArgumentException(System.SR.Cryptography_CertReq_IssuerKeyUsageInvalid, "issuerCertificate");
        }
        AsymmetricAlgorithm asymmetricAlgorithm = null;
        string keyAlgorithm = issuerCertificate.GetKeyAlgorithm();
        try
        {
            X509SignatureGenerator generator;
            if (!(keyAlgorithm == "1.2.840.113549.1.1.1"))
            {
                if (!(keyAlgorithm == "1.2.840.10045.2.1"))
                {
                    throw new ArgumentException(System.SR.Format(System.SR.Cryptography_UnknownKeyAlgorithm, keyAlgorithm), "issuerCertificate");
                }
                ECDsa eCDsaPrivateKey = issuerCertificate.GetECDsaPrivateKey();
                asymmetricAlgorithm = eCDsaPrivateKey;
                generator = X509SignatureGenerator.CreateForECDsa(eCDsaPrivateKey);
            }
            else
            {
                if (_rsaPadding == null)
                {
                    throw new InvalidOperationException(System.SR.Cryptography_CertReq_RSAPaddingRequired);
                }
                RSA rSAPrivateKey = issuerCertificate.GetRSAPrivateKey();
                asymmetricAlgorithm = rSAPrivateKey;
                generator = X509SignatureGenerator.CreateForRSA(rSAPrivateKey, _rsaPadding);
            }
            return Create(issuerCertificate.SubjectName, generator, notBefore, notAfter, serialNumber);
        }
        finally
        {
            asymmetricAlgorithm?.Dispose();
        }
    }

References System.Security.Cryptography.X509Certificates.CertificateRequest._rsaPadding, System.SR.Arg_EmptyOrNullArray, System.Security.Cryptography.X509Certificates.CertificateRequest.Create(), System.Security.Cryptography.X509Certificates.X509SignatureGenerator.CreateForECDsa(), System.Security.Cryptography.X509Certificates.X509SignatureGenerator.CreateForRSA(), System.SR.Cryptography_CertReq_AlgorithmMustMatch, System.SR.Cryptography_CertReq_BasicConstraintsRequired, System.SR.Cryptography_CertReq_DatesReversed, System.SR.Cryptography_CertReq_IssuerBasicConstraintsInvalid, System.SR.Cryptography_CertReq_IssuerKeyUsageInvalid, System.SR.Cryptography_CertReq_IssuerRequiresPrivateKey, System.SR.Cryptography_CertReq_NotAfterNotNested, System.SR.Cryptography_CertReq_NotBeforeNotNested, System.SR.Cryptography_CertReq_RSAPaddingRequired, System.SR.Cryptography_UnknownKeyAlgorithm, System.DateTime, System.SR.Format(), System.Security.Cryptography.X509Certificates.PublicKey.Oid, and System.Security.Cryptography.Oid.Value.