Class CertUtils

Static class containing miscellaneous fuctions for using X.509 certificates in an NG9-1-1 system.

Inheritance

object

CertUtils

Inherited Members

object.Equals(object)

object.Equals(object, object)

object.GetHashCode()

object.GetType()

object.MemberwiseClone()

object.ReferenceEquals(object, object)

object.ToString()

Namespace: Ng911CertUtils

Assembly: Ng911Lib.dll

Syntax

public static class CertUtils

Methods

AddNg911San(Ng911SanParams, CertificateRequest)

Adds the Subject Alternate Name (SAN) extension to a CertificateRequest that contains the otherName sequence that contains the ID type, ID, roles and owner information for building a new X.509 certificate for use in NG9-1-1 systems. See Section 7.1.2.11 of "Public Safety Answering Point (PSAP) Credentialing Agency (PCA) Certificate Policy, v1.01" and Section 4.2.1.6 of RFC 5280.

Declaration

public static void AddNg911San(Ng911SanParams Params, CertificateRequest req)

Parameters

Type	Name	Description
Ng911SanParams	Params	Input parameters to use to build the otherName sequence to add to the SAN extension.
CertificateRequest	req	Input CertificateRequest to add the SAN extension to.

CreateEcdsaSelfSignedCertificate(DistinguishedNameParams, KeyUsageParams, Ng911SanParams, int, string, bool, out Exception)

Creates an ECDSA (Elliptic Curve Digital Signature Algorithm) self-signed X.509 certificate with a private key.

Declaration

public static X509Certificate2 CreateEcdsaSelfSignedCertificate(DistinguishedNameParams Dnp, KeyUsageParams Kup, Ng911SanParams Nsp, int ExpiresYears, string strPw, bool IsCa, out Exception Ex)

Parameters

Type	Name	Description
DistinguishedNameParams	Dnp	Contains the parameters for building the distinguished name that will be used in the Subject certificate extension.
KeyUsageParams	Kup	Contains the parameters for the key usage extension.
Ng911SanParams	Nsp	Contains the parameters for building the identity and roles to be contained in the otherName field of the Subject Alternate Name (SAN) certificate extension. This parameter may be null if a SAN extension is not needed.
int	ExpiresYears	Specifies the number of years that the certificate will be valid for.
string	strPw	Password for the private key of the certificate
bool	IsCa	If true then the self-signed certificate can be used to sign other certificates.
Exception	Ex	If an exception occurred then the Ex output parameter is set to the exception that was caught.

Returns

Type	Description
X509Certificate2	Returns a new X.509 certificate with a private key. Set to null if the Ex output parameter is non-null.

CreateEcdsaSelfSignedCertificate(DistinguishedNameParams, KeyUsageParams, Ng911SanParams, int, string, string, string, bool, out Exception)

Creates an ECDSA self-signed X.509 certificate with a private key. This function writes the certificate containing a private key to a *.pfx file and the certificate without the private key to a *.cer file.

Declaration

public static void CreateEcdsaSelfSignedCertificate(DistinguishedNameParams Dnp, KeyUsageParams Kup, Ng911SanParams Nsp, int ExpiresYears, string strPw, string strDir, string strFileNameNoExtension, bool IsCa, out Exception Ex)

Parameters

Type	Name	Description
DistinguishedNameParams	Dnp	Contains the parameters for building the distinguished name that will be used in the Subject certificate extension.
KeyUsageParams	Kup	Contains the parameters for the key usage extension.
Ng911SanParams	Nsp	Contains the parameters for building the identity and roles to be contained in the otherName field of the Subject Alternate Name (SAN) certificate extension. This parameter may be null if a SAN extension is not needed.
int	ExpiresYears	Specifies the number of years that the certificate will be valid for.
string	strPw	Password for the private key of the certificate
string	strDir	Directory in which to save the certificate files. Must already exist.
string	strFileNameNoExtension	File name for the files with no extension.
bool	IsCa	If true then the self-signed certificate can be used to sign other certificates.
Exception	Ex	If an exception occurred then the Ex output parameter is set to the exception that was caught.

CreateEcdsaSignedCertificate(X509Certificate2, DistinguishedNameParams, KeyUsageParams, Ng911SanParams, bool, out Exception)

Creates an ECDSA (Elliptic Curve Digital Signature Algorithm) signed X.509 certificate with a private key.

Declaration

public static X509Certificate2 CreateEcdsaSignedCertificate(X509Certificate2 Root, DistinguishedNameParams Dnp, KeyUsageParams Kup, Ng911SanParams Nsp, bool IsCa, out Exception Ex)

Parameters

Type	Name	Description
X509Certificate2	Root	X.509 certificate to use for signing the new certificate.
DistinguishedNameParams	Dnp	Contains the parameters for building the distinguished name that will be used in the Subject certificate extension.
KeyUsageParams	Kup	Contains the parameters for the key usage extension.
Ng911SanParams	Nsp	Contains the parameters for building the identity and roles to be contained in the otherName field of the Subject Alternate Name (SAN) certificate extension. This parameter may be null if a SAN extension is not needed.
bool	IsCa	If true then the certificate can be used to sign other certificates.
Exception	Ex	If an exception occurred then the Ex output parameter is set to the exception that was caught.

Returns

Type	Description
X509Certificate2	A signed X.509 certificate with a private key. Returns null if an exception occured.

CreateEcdsaSignedCertificate(X509Certificate2, DistinguishedNameParams, KeyUsageParams, Ng911SanParams, string, string, string, bool, out Exception)

Creates an ECDSA (Elliptic Curve Digital Signature Algorithm) signed X.509 certificate. This function writes the certificate containing a private key to a *.pfx file and the certificate without the private key to a *.cer file.

Declaration

public static void CreateEcdsaSignedCertificate(X509Certificate2 Root, DistinguishedNameParams Dnp, KeyUsageParams Kup, Ng911SanParams Nsp, string strPw, string strDir, string fileNameNoExtension, bool IsCa, out Exception Ex)

Parameters

Type	Name	Description
X509Certificate2	Root	X.509 certificate to use for signing the new certificate.
DistinguishedNameParams	Dnp	Contains the parameters for building the distinguished name that will be used in the Subject certificate extension.
KeyUsageParams	Kup	Contains the parameters for the key usage extension.
Ng911SanParams	Nsp	Contains the parameters for building the identity and roles to be contained in the otherName field of the Subject Alternate Name (SAN) certificate extension. This parameter may be null if a SAN extension is not needed.
string	strPw	Password for the private key of the certificate.
string	strDir	Directory in which to store the certificate files.
string	fileNameNoExtension	Filename with no extension for the certificate files.
bool	IsCa	If true then the certificate can be used to sign other certificates.
Exception	Ex	If an exception occurred then the Ex output parameter is set to the exception that was caught.

CreateRsaSelfSignedCertificate(DistinguishedNameParams, KeyUsageParams, Ng911SanParams, int, string, bool, out Exception)

Creates a RSA self-signed X.509 certificate with a private key. This function creates an RSA key that is 2048 bits in length and uses the SHA 512 bit hash algorithm.

Declaration

public static X509Certificate2 CreateRsaSelfSignedCertificate(DistinguishedNameParams Dnp, KeyUsageParams Kup, Ng911SanParams Nsp, int ExpiresYears, string strPw, bool IsCa, out Exception Ex)

Parameters

Type	Name	Description
DistinguishedNameParams	Dnp	Contains the parameters for building the distinguished name that will be used in the Subject certificate extension.
KeyUsageParams	Kup	Contains the parameters for the key usage extension.
Ng911SanParams	Nsp	Contains the parameters for building the identity and roles to be contained in the otherName field of the Subject Alternate Name (SAN) certificate extension. This parameter may be null if a SAN extension is not needed.
int	ExpiresYears	Specifies the number of years that the certificate will be valid for.
string	strPw	Password for the private key of the certificate
bool	IsCa	If true then the self-signed certificate can be used to sign other certificates.
Exception	Ex	If an exception occurred then the Ex output parameter is set to the exception that was caught. If this output is non-null, the return value will be null.

Returns

Type	Description
X509Certificate2	Returns a new X.509 certificate with a private key. Set to null if the Ex output parameter is non-null.

CreateRsaSelfSignedCertificate(DistinguishedNameParams, KeyUsageParams, Ng911SanParams, int, string, string, string, bool, out Exception)

Creates a RSA self-signed X.509 certificates containing a private key. This function writes the certificate containing a private key to a *.pfx file and the certificate without the private key to a *.cer file. This function creates an RSA key that is 2048 bits in length and uses the SHA 512 bit hash algorithm.

Declaration

public static void CreateRsaSelfSignedCertificate(DistinguishedNameParams Dnp, KeyUsageParams Kup, Ng911SanParams Nsp, int ExpiresYears, string strPw, string strDir, string strFileNameNoExtension, bool IsCa, out Exception Ex)

Parameters

Type	Name	Description
DistinguishedNameParams	Dnp	Contains the parameters for building the distinguished name that will be used in the Subject certificate extension.
KeyUsageParams	Kup	Contains the parameters for the key usage extension.
Ng911SanParams	Nsp	Contains the parameters for building the identity and roles to be contained in the otherName field of the Subject Alternate Name (SAN) certificate extension. This parameter may be null if a SAN extension is not needed.
int	ExpiresYears	Specifies the number of years that the certificate will be valid for.
string	strPw	Password for the private key of the certificate
string	strDir	Directory in which to save the certificate files. Must already exist.
string	strFileNameNoExtension	File name for the files with no extension.
bool	IsCa	If true then the self-signed certificate can be used to sign other certificates.
Exception	Ex	If an exception occurred then the Ex output parameter is set to the exception that was caught.

CreateRsaSignedCertificate(X509Certificate2, DistinguishedNameParams, KeyUsageParams, Ng911SanParams, string, bool, out Exception)

Creates an RSA signed X.509 certificate with a private key. This function creates an RSA key that is 2048 bits in length and uses the SHA 512 bit hash algorithm.

Declaration

public static X509Certificate2 CreateRsaSignedCertificate(X509Certificate2 Root, DistinguishedNameParams Dnp, KeyUsageParams Kup, Ng911SanParams Nsp, string strPw, bool IsCa, out Exception Ex)

Parameters

Type	Name	Description
X509Certificate2	Root	X.509 certificate to use for signing the new certificate.
DistinguishedNameParams	Dnp	Contains the parameters for building the distinguished name that will be used in the Subject certificate extension.
KeyUsageParams	Kup	Contains the parameters for the key usage extension.
Ng911SanParams	Nsp	Contains the parameters for building the identity and roles to be contained in the otherName field of the Subject Alternate Name (SAN) certificate extension. This parameter may be null if a SAN extension is not needed.
string	strPw	Password for the private key of the certificate
bool	IsCa	If true, then the new certificate can be used to sign other certificates
Exception	Ex	Output. Set to an exception object if an exception occurred. Null if an exception did not occur.

Returns

Type	Description
X509Certificate2	Returns a new X.509 certificate with a private key. Returns null if an exception occured.

CreateRsaSignedCertificate(X509Certificate2, DistinguishedNameParams, KeyUsageParams, Ng911SanParams, string, string, string, bool, out Exception)

Creates an RSA signed X.509 certificate. This function writes the certificate containing a private key to a *.pfx file and the certificate without the private key to a *.cer file. This function creates an RSA key that is 2048 bits in length and uses the SHA 512 bit hash algorithm.

Declaration

public static void CreateRsaSignedCertificate(X509Certificate2 Root, DistinguishedNameParams Dnp, KeyUsageParams Kup, Ng911SanParams Nsp, string strPw, string strDir, string strFileNameNoExtension, bool IsCa, out Exception Ex)

Parameters

Type	Name	Description
X509Certificate2	Root	X.509 certificate to use for signing the new certificate.
DistinguishedNameParams	Dnp	Contains the parameters for building the distinguished name that will be used in the Subject certificate extension.
KeyUsageParams	Kup	Contains the parameters for the key usage extension.
Ng911SanParams	Nsp	Contains the parameters for building the identity and roles to be contained in the otherName field of the Subject Alternate Name (SAN) certificate extension. This parameter may be null if a SAN extension is not needed.
string	strPw	Password for the private key of the certificate
string	strDir	Directory in which to save the certificate files.
string	strFileNameNoExtension	File name for the files with no extension.
bool	IsCa	If true then the certificate can be used to sign other certificates.
Exception	Ex	If an exception occurred then the Ex output parameter is set to the exception that was caught.

GetOtherNameParams(X509Certificate2)

In NG9-1-1, the otherName sequence within the Subject Alternate Name (SAN) certificate extension is used to pass the identity and roles roles of an entity. This function reads an X.509 certificate and extracts this information from it. See Section 7.1.2.11 of "Public Safety Answering Point (PSAP) Credentialing Agency (PCA) Certificate Policy, v1.01" and Section 4.2.1.6 of RFC 5280.

Declaration

public static Ng911SanParams GetOtherNameParams(X509Certificate2 Cert)

Parameters

Type	Name	Description
X509Certificate2	Cert	Input certificate.

Returns

Type	Description
Ng911SanParams	Returns a Ng911SanParameters object containing the identity and roles in the X.509 certificate.

Exceptions

Type	Condition
AsnContentException