TElCertificateRequest.Generate Method

TElCertificateRequest.Generate

Generates new Certificate Request using previously set subject information

Declaration

[C#]
void Generate(int PublicKeyAlgorithm, int Bits, int SignatureAlgorithm);
void Generate(TElAlgorithmIdentifier PublicKeyAlgorithm, int Bits, TElAlgorithmIdentifier SignatureAlgorithm);

[VB.NET]
Sub Generate(ByVal PublicKeyAlgorithm As Integer, ByVal Bits As Integer, ByVal SignatureAlgorithm As Integer)
Sub Generate(ByVal PublicKeyAlgorithm As TElAlgorithmIdentifier, ByVal Bits As Integer, ByVal SignatureAlgorithm As TElAlgorithmIdentifier)

[Pascal]
procedure Generate(PublicKeyAlgorithm : integer; Bits : integer; SignatureAlgorithm : integer);

[C++]
    void Generate(int32_t PublicKeyAlgorithm, int32_t Bits, int32_t SignatureAlgorithm);
    void Generate(TElAlgorithmIdentifier &PublicKeyAlgorithm, int32_t Bits, TElAlgorithmIdentifier &SignatureAlgorithm);
    void Generate(TElAlgorithmIdentifier *PublicKeyAlgorithm, int32_t Bits, TElAlgorithmIdentifier *SignatureAlgorithm);

[PHP]
void Generate(integer $PublicKeyAlgorithm, integer $Bits, integer $SignatureAlgorithm)
void Generate(TElAlgorithmIdentifier $PublicKeyAlgorithm, integer $Bits, TElAlgorithmIdentifier $SignatureAlgorithm)

[Java]
void generate(int PublicKeyAlgorithm, int Bits, int SignatureAlgorithm);
void generate(TElAlgorithmIdentifier PublicKeyAlgorithm, int Bits, TElAlgorithmIdentifier SignatureAlgorithm);

Parameters

PublicKeyAlgorithm - specifies the type of the key to be generated. Possible values are listed below.
Bits - The number of bits in resulting public key.
SignatureAlgorithm - specifies the algorithm which is used to sign the content of Certificate Request.

Values:

The following algorithms may be used as public key algorithms:

Definition	Value	Description
SB_CERT_ALGORITHM_ID_RSA_ENCRYPTION	0 (0x00)	RSA
SB_CERT_ALGORITHM_ID_DSA	4 (0x04)	DSA
SB_CERT_ALGORITHM_DH_PUBLIC	6 (0x06)	Diffie-Hellman
SB_CERT_ALGORITHM_ID_RSAPSS	11 (0x0B)	RSA key, which can be used only in RSA-PSS signature scheme
SB_CERT_ALGORITHM_ID_RSAOAEP	12 (0x0C)	RSA key, which can be used only for RSA-OAEP encryption
SB_CERT_ALGORITHM_UNKNOWN	65535 (0xFFFF)	the algorithm is unknown

The following algorithms may be used as signature algorithms:

Definition	Value	Description
SB_CERT_ALGORITHM_MD2_RSA_ENCRYPTION	1 (0x01)	RSA digital signature with MD2 digest
SB_CERT_ALGORITHM_MD5_RSA_ENCRYPTION	2 (0x02)	RSA digital signature with MD5 digest
SB_CERT_ALGORITHM_SHA1_RSA_ENCRYPTION	3 (0x03)	RSA digital signature with SHA1 digest
SB_CERT_ALGORITHM_ID_DSA_SHA1	5 (0x05)	DSA digital signature with SHA1 digest
SB_CERT_ALGORITHM_SHA224_RSA_ENCRYPTION	7 (0x07)	RSA digital signature with SHA-224 digest
SB_CERT_ALGORITHM_SHA256_RSA_ENCRYPTION	8 (0x08)	RSA digital signature with SHA-256 digest
SB_CERT_ALGORITHM_SHA384_RSA_ENCRYPTION	9 (0x09)	RSA digital signature with SHA-384 digest
SB_CERT_ALGORITHM_SHA512_RSA_ENCRYPTION	10 (0x0A)	RSA digital signature with SHA-512 digest
SB_CERT_ALGORITHM_ID_RSAPSS	11 (0x0B)	DSA digital signature with SHA1 digest
SB_CERT_ALGORITHM_RSASIGNATURE_RIPEMD160	13 (0x0D)	RSA-PSS digital signature
SB_CERT_ALGORITHM_UNKNOWN	65535 (0xFFFF)	the algorithm is unknown

Description

Use this method to generate new certificate request. New public and private key are also generated.

Note, that the signature algorithm should correspond with public key algorithm. I.e. if the public key algorithm is set to SB_CERT_ALGORITHM_ID_RSA_ENCRYPTION, the signature algorithm should be set to one of SB_CERT_ALGORITHM_MD2_RSA_ENCRYPTION, SB_CERT_ALGORITHM_MD5_RSA_ENCRYPTION or SB_CERT_ALGORITHM_SHA1_RSA_ENCRYPTION.

You can use exising key material (eg. the one from the PKCS#11 device) by setting KeyMaterial and PreserveKeyMaterial properties. If you don't set them, new key material is generated.

Discuss this help topic in SecureBlackbox Forum