====== CertificateRequestExtensions Class ======

Provides extension methods for ''CertificateRequest'' with PQ support.

----

===== Definition =====

<code csharp>
namespace WvdS.System.Security.Cryptography.X509Certificates

public static class CertificateRequestExtensions
</code>

----

===== Methods =====

^  Name  ^  Description  ^
| CreateSelfSigned(DateTimeOffset, DateTimeOffset, CryptoMode?) | Creates self-signed certificate with optional PQ signature |
| Create(X509Certificate2, DateTimeOffset, DateTimeOffset, Byte[], CryptoMode?) | Creates CA-signed certificate with optional PQ signature |

----

===== Remarks =====

This extension class extends ''System.Security.Cryptography.X509Certificates.CertificateRequest''((Microsoft Docs: https://learn.microsoft.com/dotnet/api/system.security.cryptography.x509certificates.certificaterequest)).

==== Drop-In Behavior ====

The extension methods have the same signature as the original methods plus an optional ''CryptoMode'' parameter:

<code csharp>
// Original .NET
X509Certificate2 CreateSelfSigned(DateTimeOffset notBefore, DateTimeOffset notAfter)

// Extension (Drop-In)
X509Certificate2 CreateSelfSigned(DateTimeOffset notBefore, DateTimeOffset notAfter, CryptoMode? mode = null)
</code>

When the ''using'' namespace is included, the extension method is automatically used.

----

===== Example =====

<code csharp>
using WvdS.System.Security.Cryptography;
using WvdS.System.Security.Cryptography.X509Certificates;

CryptoConfig.DefaultMode = CryptoMode.Hybrid;

using var rsa = RSA.Create(2048);
var request = new CertificateRequest(
    "CN=Server, O=Org, C=DE",
    rsa,
    HashAlgorithmName.SHA256,
    RSASignaturePadding.Pkcs1);

request.CertificateExtensions.Add(
    new X509BasicConstraintsExtension(false, false, 0, true));

// Hybrid certificate: RSA + ML-DSA
var cert = request.CreateSelfSigned(
    DateTimeOffset.Now,
    DateTimeOffset.Now.AddYears(1));
</code>

----

===== See Also =====

  * [[.:start|X509Certificates Namespace]]
  * [[.:x509certificate2extensions|X509Certificate2Extensions]]
  * [[..:cryptomode|CryptoMode Enum]]

{{tag>class extension static}}

----
//Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional//