The attribute plugin is not available, 2fa disabled

CertificateRequestExtensions Class

Provides extension methods for CertificateRequest with PQ support.


Definition

namespace WvdS.System.Security.Cryptography.X509Certificates
 
public static class CertificateRequestExtensions

Methods

Name Description
CreateSelfSigned(DateTimeOffset, DateTimeOffset, CryptoMode?) Creates self-signed certificate with optional PQ signature
Create(X509Certificate2, DateTimeOffset, DateTimeOffset, Byte[], CryptoMode?) Creates CA-signed certificate with optional PQ signature

Remarks

This extension class extends System.Security.Cryptography.X509Certificates.CertificateRequest1).

Drop-In Behavior

The extension methods have the same signature as the original methods plus an optional CryptoMode parameter:

// Original .NET
X509Certificate2 CreateSelfSigned(DateTimeOffset notBefore, DateTimeOffset notAfter)
 
// Extension (Drop-In)
X509Certificate2 CreateSelfSigned(DateTimeOffset notBefore, DateTimeOffset notAfter, CryptoMode? mode = null)

When the using namespace is included, the extension method is automatically used.


Example

using WvdS.System.Security.Cryptography;
using WvdS.System.Security.Cryptography.X509Certificates;
 
CryptoConfig.DefaultMode = CryptoMode.Hybrid;
 
using var rsa = RSA.Create(2048);
var request = new CertificateRequest(
    "CN=Server, O=Org, C=DE",
    rsa,
    HashAlgorithmName.SHA256,
    RSASignaturePadding.Pkcs1);
 
request.CertificateExtensions.Add(
    new X509BasicConstraintsExtension(false, false, 0, true));
 
// Hybrid certificate: RSA + ML-DSA
var cert = request.CreateSelfSigned(
    DateTimeOffset.Now,
    DateTimeOffset.Now.AddYears(1));

See Also


Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional

Zuletzt geändert: on 2026/01/29 at 11:18 PM