refactor some units

CryptoLib.Tests/Delphi.Tests/CryptoLib.Tests.dpr

@@ -43,8 +43,6 @@ uses
   ClpAsn1VerifierFactoryProvider in '..\..\CryptoLib\src\Crypto\Operators\ClpAsn1VerifierFactoryProvider.pas',
   ClpAsymmetricCipherKeyPair in '..\..\CryptoLib\src\Crypto\ClpAsymmetricCipherKeyPair.pas',
   ClpAsymmetricKeyParameter in '..\..\CryptoLib\src\Crypto\Parameters\ClpAsymmetricKeyParameter.pas',
-  ClpAttributeCertificateHolder in '..\..\CryptoLib\src\X509\ClpAttributeCertificateHolder.pas',
-  ClpAttributeCertificateIssuer in '..\..\CryptoLib\src\X509\ClpAttributeCertificateIssuer.pas',
   ClpBaseKdfBytesGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpBaseKdfBytesGenerator.pas',
   ClpBigInteger in '..\..\CryptoLib\src\Math\ClpBigInteger.pas',
   ClpBigIntegers in '..\..\CryptoLib\src\Math\ClpBigIntegers.pas',
@@ -78,7 +76,6 @@ uses
   ClpDefaultSignatureResult in '..\..\CryptoLib\src\Crypto\Operators\ClpDefaultSignatureResult.pas',
   ClpDefaultVerifierCalculator in '..\..\CryptoLib\src\Crypto\Operators\ClpDefaultVerifierCalculator.pas',
   ClpDefaultVerifierResult in '..\..\CryptoLib\src\Crypto\Operators\ClpDefaultVerifierResult.pas',
-  ClpDeltaCertificateTool in '..\..\CryptoLib\src\X509\ClpDeltaCertificateTool.pas',
   ClpDHAgreement in '..\..\CryptoLib\src\Crypto\Agreements\ClpDHAgreement.pas',
   ClpDHBasicAgreement in '..\..\CryptoLib\src\Crypto\Agreements\ClpDHBasicAgreement.pas',
   ClpDHBasicKeyPairGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpDHBasicKeyPairGenerator.pas',
@@ -357,10 +354,7 @@ uses
   ClpIX25519PrivateKeyParameters in '..\..\CryptoLib\src\Interfaces\Crypto\Parameters\ClpIX25519PrivateKeyParameters.pas',
   ClpIX25519PublicKeyParameters in '..\..\CryptoLib\src\Interfaces\Crypto\Parameters\ClpIX25519PublicKeyParameters.pas',
   ClpIX509Asn1Objects in '..\..\CryptoLib\src\Interfaces\Asn1\X509\ClpIX509Asn1Objects.pas',
-  ClpIX509Certificate in '..\..\CryptoLib\src\Interfaces\X509\ClpIX509Certificate.pas',
-  ClpIX509CertificateParser in '..\..\CryptoLib\src\Interfaces\X509\ClpIX509CertificateParser.pas',
-  ClpIX509Extension in '..\..\CryptoLib\src\Interfaces\X509\ClpIX509Extension.pas',
-  ClpIX509ExtensionsGenerator in '..\..\CryptoLib\src\Interfaces\Asn1\X509\ClpIX509ExtensionsGenerator.pas',
+  ClpIX509Asn1Generators in '..\..\CryptoLib\src\Interfaces\Asn1\X509\ClpIX509Asn1Generators.pas',
   ClpIX509NameEntryConverter in '..\..\CryptoLib\src\Interfaces\Asn1\X509\ClpIX509NameEntryConverter.pas',
   ClpIX509NameTokenizer in '..\..\CryptoLib\src\Interfaces\Asn1\X509\ClpIX509NameTokenizer.pas',
   ClpIX9Asn1Objects in '..\..\CryptoLib\src\Interfaces\Asn1\X9\ClpIX9Asn1Objects.pas',
@@ -402,7 +396,6 @@ uses
   ClpPascalCoinIESEngine in '..\..\CryptoLib\src\Crypto\Engines\ClpPascalCoinIESEngine.pas',
   ClpPbeParametersGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpPbeParametersGenerator.pas',
   ClpPemObjects in '..\..\CryptoLib\src\Pem\ClpPemObjects.pas',
-  ClpPkcs10CertificationRequest in '..\..\CryptoLib\src\Pkcs\ClpPkcs10CertificationRequest.pas',
   ClpPkcs1Encoding in '..\..\CryptoLib\src\Crypto\Encodings\ClpPkcs1Encoding.pas',
   ClpPkcs5S2ParametersGenerator in '..\..\CryptoLib\src\Crypto\Generators\ClpPkcs5S2ParametersGenerator.pas',
   ClpPkcsAsn1Objects in '..\..\CryptoLib\src\Asn1\Pkcs\ClpPkcsAsn1Objects.pas',
@@ -458,9 +451,6 @@ uses
   ClpTeleTrusTNamedCurves in '..\..\CryptoLib\src\Asn1\TeleTrust\ClpTeleTrusTNamedCurves.pas',
   ClpTeleTrusTObjectIdentifiers in '..\..\CryptoLib\src\Asn1\TeleTrust\ClpTeleTrusTObjectIdentifiers.pas',
   ClpTnaf in '..\..\CryptoLib\src\Math\EC\Abc\ClpTnaf.pas',
-  ClpV1TbsCertificateGenerator in '..\..\CryptoLib\src\Asn1\X509\ClpV1TbsCertificateGenerator.pas',
-  ClpV2AttributeCertificateInfoGenerator in '..\..\CryptoLib\src\Asn1\X509\ClpV2AttributeCertificateInfoGenerator.pas',
-  ClpV3TbsCertificateGenerator in '..\..\CryptoLib\src\Asn1\X509\ClpV3TbsCertificateGenerator.pas',
   ClpValidityPreCompInfo in '..\..\CryptoLib\src\Math\EC\Multiplier\ClpValidityPreCompInfo.pas',
   ClpWNafPreCompInfo in '..\..\CryptoLib\src\Math\EC\Multiplier\ClpWNafPreCompInfo.pas',
   ClpWTauNafPreCompInfo in '..\..\CryptoLib\src\Math\EC\Multiplier\ClpWTauNafPreCompInfo.pas',
@@ -472,23 +462,19 @@ uses
   ClpX25519PrivateKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpX25519PrivateKeyParameters.pas',
   ClpX25519PublicKeyParameters in '..\..\CryptoLib\src\Crypto\Parameters\ClpX25519PublicKeyParameters.pas',
   ClpX509Asn1Objects in '..\..\CryptoLib\src\Asn1\X509\ClpX509Asn1Objects.pas',
-  ClpX509Attribute in '..\..\CryptoLib\src\X509\ClpX509Attribute.pas',
-  ClpX509Certificate in '..\..\CryptoLib\src\X509\ClpX509Certificate.pas',
-  ClpX509CertificateParser in '..\..\CryptoLib\src\X509\ClpX509CertificateParser.pas',
   ClpX509DefaultEntryConverter in '..\..\CryptoLib\src\Asn1\X509\ClpX509DefaultEntryConverter.pas',
   ClpX509Extension in '..\..\CryptoLib\src\Asn1\X509\ClpX509Extension.pas',
-  ClpX509ExtensionBase in '..\..\CryptoLib\src\X509\ClpX509ExtensionBase.pas',
-  ClpX509ExtensionsGenerator in '..\..\CryptoLib\src\Asn1\X509\ClpX509ExtensionsGenerator.pas',
+  ClpX509Asn1Generators in '..\..\CryptoLib\src\Asn1\X509\ClpX509Asn1Generators.pas',
   ClpX509ExtensionUtilities in '..\..\CryptoLib\src\Asn1\X509\ClpX509ExtensionUtilities.pas',
   ClpX509NameEntryConverter in '..\..\CryptoLib\src\Asn1\X509\ClpX509NameEntryConverter.pas',
   ClpX509NameTokenizer in '..\..\CryptoLib\src\Asn1\X509\ClpX509NameTokenizer.pas',
   ClpX509ObjectIdentifiers in '..\..\CryptoLib\src\Asn1\X509\ClpX509ObjectIdentifiers.pas',
   ClpX509SignatureUtilities in '..\..\CryptoLib\src\Asn1\X509\ClpX509SignatureUtilities.pas',
-  ClpX509Utilities in '..\..\CryptoLib\src\X509\ClpX509Utilities.pas',
-  ClpX509V1CertificateGenerator in '..\..\CryptoLib\src\X509\ClpX509V1CertificateGenerator.pas',
-  ClpX509V2AttributeCertificate in '..\..\CryptoLib\src\X509\ClpX509V2AttributeCertificate.pas',
-  ClpX509V2AttributeCertificateGenerator in '..\..\CryptoLib\src\X509\ClpX509V2AttributeCertificateGenerator.pas',
-  ClpX509V3CertificateGenerator in '..\..\CryptoLib\src\X509\ClpX509V3CertificateGenerator.pas',
+  ClpIX509Generators in '..\..\CryptoLib\src\Interfaces\X509\ClpIX509Generators.pas',
+  ClpIAttributeCertificateHolder in '..\..\CryptoLib\src\Interfaces\X509\ClpIAttributeCertificateHolder.pas',
+  ClpIAttributeCertificateIssuer in '..\..\CryptoLib\src\Interfaces\X509\ClpIAttributeCertificateIssuer.pas',
+  ClpIX509Attribute in '..\..\CryptoLib\src\Interfaces\X509\ClpIX509Attribute.pas',
+  ClpIX509V2AttributeCertificate in '..\..\CryptoLib\src\Interfaces\X509\ClpIX509V2AttributeCertificate.pas',
   ClpX931Signer in '..\..\CryptoLib\src\Crypto\Signers\ClpX931Signer.pas',
   ClpX9Asn1Objects in '..\..\CryptoLib\src\Asn1\X9\ClpX9Asn1Objects.pas',
   ClpX9ECC in '..\..\CryptoLib\src\Asn1\X9\ClpX9ECC.pas',
@@ -517,6 +503,21 @@ uses
   ClpAsn1Encodings in '..\..\CryptoLib\src\Asn1\ClpAsn1Encodings.pas',
   ClpAsn1Generators in '..\..\CryptoLib\src\Asn1\ClpAsn1Generators.pas',
   ClpIAsn1Generators in '..\..\CryptoLib\src\Interfaces\Asn1\ClpIAsn1Generators.pas',
+  ClpPkcs10CertificationRequest in '..\..\CryptoLib\src\Pkcs\ClpPkcs10CertificationRequest.pas',
+  ClpAttributeCertificateHolder in '..\..\CryptoLib\src\X509\ClpAttributeCertificateHolder.pas',
+  ClpAttributeCertificateIssuer in '..\..\CryptoLib\src\X509\ClpAttributeCertificateIssuer.pas',
+  ClpDeltaCertificateTool in '..\..\CryptoLib\src\X509\ClpDeltaCertificateTool.pas',
+  ClpX509Attribute in '..\..\CryptoLib\src\X509\ClpX509Attribute.pas',
+  ClpX509Certificate in '..\..\CryptoLib\src\X509\ClpX509Certificate.pas',
+  ClpX509CertificateParser in '..\..\CryptoLib\src\X509\ClpX509CertificateParser.pas',
+  ClpX509ExtensionBase in '..\..\CryptoLib\src\X509\ClpX509ExtensionBase.pas',
+  ClpX509Generators in '..\..\CryptoLib\src\X509\ClpX509Generators.pas',
+  ClpX509Utilities in '..\..\CryptoLib\src\X509\ClpX509Utilities.pas',
+  ClpX509V2AttributeCertificate in '..\..\CryptoLib\src\X509\ClpX509V2AttributeCertificate.pas',
+  ClpIX509Certificate in '..\..\CryptoLib\src\Interfaces\X509\ClpIX509Certificate.pas',
+  ClpIX509CertificateParser in '..\..\CryptoLib\src\Interfaces\X509\ClpIX509CertificateParser.pas',
+  ClpIX509Extension in '..\..\CryptoLib\src\Interfaces\X509\ClpIX509Extension.pas',
+  ClpIPkcs10CertificationRequest in '..\..\CryptoLib\src\Interfaces\Pkcs\ClpIPkcs10CertificationRequest.pas',
   ClpFixedSecureRandom in '..\src\Utils\ClpFixedSecureRandom.pas',
   ClpIFixedSecureRandom in '..\src\Utils\ClpIFixedSecureRandom.pas',
   ClpIShortenedDigest in '..\src\Utils\ClpIShortenedDigest.pas',

CryptoLib.Tests/src/Asn1/X509/DeltaCertificateTests.pas

@@ -53,7 +53,8 @@ uses
   ClpSecObjectIdentifiers,
   ClpCustomNamedCurves,
   ClpECDomainParameters,
-  ClpX509V3CertificateGenerator,
+  ClpIX509Generators,
+  ClpX509Generators,
   ClpAsn1SignatureFactory,
   ClpIAsymmetricCipherKeyPairGenerator,
   ClpIAsymmetricCipherKeyPair,

CryptoLib.Tests/src/Asn1/X509/X509AltTests.pas

@@ -33,9 +33,9 @@ uses
 {$ENDIF FPC}
   ClpX509Asn1Objects,
   ClpIX509Asn1Objects,
-  ClpX509ExtensionsGenerator,
-  ClpIX509ExtensionsGenerator,
   ClpPkcsObjectIdentifiers,
+  ClpIX509Asn1Generators,
+  ClpX509Asn1Generators,
   ClpAsn1Objects,
   ClpIAsn1Objects,
   ClpCryptoLibTypes,

CryptoLib.Tests/src/Asn1/X509/X509ExtensionsTests.pas

@@ -33,9 +33,9 @@ uses
 {$ENDIF FPC}
   ClpX509Asn1Objects,
   ClpIX509Asn1Objects,
-  ClpX509ExtensionsGenerator,
-  ClpIX509ExtensionsGenerator,
   ClpIX509Extension,
+  ClpIX509Asn1Generators,
+  ClpX509Asn1Generators,
   ClpAsn1Objects,
   ClpIAsn1Objects,
   ClpAsn1Core,

CryptoLib/src/Asn1/Pkcs/ClpPkcsAsn1Objects.pas

@@ -50,7 +50,6 @@ resourcestring
   SSubjectPKInfoNil = 'subjectPKInfo';
   SUnexpectedElementsInSequence = 'Unexpected elements in sequence';
   SChallengePasswordMustHaveSingleValue = 'challengePassword attribute must have exactly one value';
-  SUnstructuredNameMustHaveSingleValue = 'unstructuredName attribute must have exactly one value';
   SPrivateKeyAlgorithmNil = 'privateKeyAlgorithm';
   SPrivateKeyNil = 'privateKey';
   SVersionNil = 'version';
@@ -370,18 +369,14 @@ type
   /// </summary>
   TRsassaPssParameters = class(TAsn1Encodable, IRsassaPssParameters)
 
-  public
+  strict private
     class var
-      DefaultHashAlgorithm: IAlgorithmIdentifier;
-      DefaultMaskGenAlgorithm: IAlgorithmIdentifier;
-      DefaultMaskGenFunction: IAlgorithmIdentifier; // Obsolete, use DefaultMaskGenAlgorithm
-      DefaultSaltLength: IDerInteger;
-      DefaultTrailerField: IDerInteger;
+      FDefaultHashAlgorithm, FDefaultMaskGenAlgorithm: IAlgorithmIdentifier;
+      FDefaultSaltLength, FDefaultTrailerField: IDerInteger;
 
     class procedure Boot; static;
     class constructor Create;
 
-  strict private
   var
     FHashAlgorithm: IAlgorithmIdentifier;
     FMaskGenAlgorithm: IAlgorithmIdentifier;
@@ -415,6 +410,11 @@ type
     property SaltLength: IDerInteger read GetSaltLength;
     property TrailerField: IDerInteger read GetTrailerField;
 
+    class property DefaultHashAlgorithm: IAlgorithmIdentifier read FDefaultHashAlgorithm;
+    class property DefaultMaskGenAlgorithm: IAlgorithmIdentifier read FDefaultMaskGenAlgorithm;
+    class property DefaultSaltLength: IDerInteger read FDefaultSaltLength;
+    class property DefaultTrailerField: IDerInteger read FDefaultTrailerField;
+
   end;
 
 implementation
@@ -637,13 +637,6 @@ begin
         begin
           raise EArgumentCryptoLibException.Create(SChallengePasswordMustHaveSingleValue);
         end;
-      end
-      else if TPkcsObjectIdentifiers.Pkcs9AtUnstructuredName.Equals(LAttr.AttrType) then
-      begin
-        if LAttr.AttrValues.Count <> 1 then
-        begin
-          raise EArgumentCryptoLibException.Create(SUnstructuredNameMustHaveSingleValue);
-        end;
       end;
     end;
   end;
@@ -1169,14 +1162,14 @@ function TRsaPrivateKeyStructure.ToAsn1Object: IAsn1Object;
 begin
   Result := TDerSequence.Create([
     FVersion,
-    TDerInteger.Create(FModulus),
-    TDerInteger.Create(FPublicExponent),
-    TDerInteger.Create(FPrivateExponent),
-    TDerInteger.Create(FPrime1),
-    TDerInteger.Create(FPrime2),
-    TDerInteger.Create(FExponent1),
-    TDerInteger.Create(FExponent2),
-    TDerInteger.Create(FCoefficient)
+    TDerInteger.Create(FModulus) as IDerInteger,
+    TDerInteger.Create(FPublicExponent) as IDerInteger,
+    TDerInteger.Create(FPrivateExponent) as IDerInteger,
+    TDerInteger.Create(FPrime1) as IDerInteger,
+    TDerInteger.Create(FPrime2) as IDerInteger,
+    TDerInteger.Create(FExponent1) as IDerInteger,
+    TDerInteger.Create(FExponent2) as IDerInteger,
+    TDerInteger.Create(FCoefficient) as IDerInteger
   ]);
 end;
 
@@ -1189,11 +1182,10 @@ end;
 
 class procedure TRsassaPssParameters.Boot;
 begin
-  DefaultHashAlgorithm := TAlgorithmIdentifier.Create(TOiwObjectIdentifiers.IdSha1, TDerNull.Instance);
-  DefaultMaskGenAlgorithm := TAlgorithmIdentifier.Create(TPkcsObjectIdentifiers.IdMgf1, DefaultHashAlgorithm);
-  DefaultMaskGenFunction := DefaultMaskGenAlgorithm; // Obsolete, use DefaultMaskGenAlgorithm
-  DefaultSaltLength := TDerInteger.ValueOf(20);
-  DefaultTrailerField := TDerInteger.One;
+  FDefaultHashAlgorithm := TAlgorithmIdentifier.Create(TOiwObjectIdentifiers.IdSha1, TDerNull.Instance);
+  FDefaultMaskGenAlgorithm := TAlgorithmIdentifier.Create(TPkcsObjectIdentifiers.IdMgf1, DefaultHashAlgorithm);
+  FDefaultSaltLength := TDerInteger.ValueOf(20);
+  FDefaultTrailerField := TDerInteger.One;
 end;
 
 class function TRsassaPssParameters.GetInstance(AObj: TObject): IRsassaPssParameters;

CryptoLib/src/Asn1/X509/ClpV1TbsCertificateGenerator.pas

@@ -1,154 +0,0 @@
-{ *********************************************************************************** }
-{ *                              CryptoLib Library                                  * }
-{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
-{ *                 Github Repository <https://github.com/Xor-el>                   * }
-
-{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
-{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
-
-{ *                              Acknowledgements:                                  * }
-{ *                                                                                 * }
-{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
-{ *                           development of this library                           * }
-
-{ * ******************************************************************************* * }
-
-(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
-
-unit ClpV1TbsCertificateGenerator;
-
-{$I ..\..\Include\CryptoLib.inc}
-
-interface
-
-uses
-  SysUtils,
-  ClpAsn1Objects,
-  ClpIAsn1Objects,
-  ClpIX509Asn1Objects,
-  ClpX509Asn1Objects,
-  ClpCryptoLibTypes;
-
-type
-  /// <summary>
-  /// Interface for V1 TbsCertificate structure generator.
-  /// </summary>
-  IV1TbsCertificateGenerator = interface
-    ['{A1B2C3D4-E5F6-7890-ABCD-EF1234567890}']
-    procedure SetSerialNumber(const ASerialNumber: IDerInteger);
-    procedure SetSignature(const ASignature: IAlgorithmIdentifier);
-    procedure SetIssuer(const AIssuer: IX509Name);
-    procedure SetValidity(const AValidity: IValidity);
-    procedure SetStartDate(const AStartDate: ITime); overload;
-    procedure SetStartDate(const AStartDate: IAsn1UtcTime); overload;
-    procedure SetEndDate(const AEndDate: ITime); overload;
-    procedure SetEndDate(const AEndDate: IAsn1UtcTime); overload;
-    procedure SetSubject(const ASubject: IX509Name);
-    procedure SetSubjectPublicKeyInfo(const APubKeyInfo: ISubjectPublicKeyInfo);
-    function GenerateTbsCertificate: ITbsCertificateStructure;
-  end;
-
-  /// <summary>
-  /// Generator for Version 1 TbsCertificateStructures.
-  /// </summary>
-  TV1TbsCertificateGenerator = class(TInterfacedObject, IV1TbsCertificateGenerator)
-  strict private
-    FSerialNumber: IDerInteger;
-    FSignature: IAlgorithmIdentifier;
-    FIssuer: IX509Name;
-    FValidity: IValidity;
-    FStartDate: ITime;
-    FEndDate: ITime;
-    FSubject: IX509Name;
-    FSubjectPublicKeyInfo: ISubjectPublicKeyInfo;
-  public
-    procedure SetSerialNumber(const ASerialNumber: IDerInteger);
-    procedure SetSignature(const ASignature: IAlgorithmIdentifier);
-    procedure SetIssuer(const AIssuer: IX509Name);
-    procedure SetValidity(const AValidity: IValidity);
-    procedure SetStartDate(const AStartDate: ITime); overload;
-    procedure SetStartDate(const AStartDate: IAsn1UtcTime); overload;
-    procedure SetEndDate(const AEndDate: ITime); overload;
-    procedure SetEndDate(const AEndDate: IAsn1UtcTime); overload;
-    procedure SetSubject(const ASubject: IX509Name);
-    procedure SetSubjectPublicKeyInfo(const APubKeyInfo: ISubjectPublicKeyInfo);
-    function GenerateTbsCertificate: ITbsCertificateStructure;
-  end;
-
-implementation
-
-{ TV1TbsCertificateGenerator }
-
-procedure TV1TbsCertificateGenerator.SetSerialNumber(const ASerialNumber: IDerInteger);
-begin
-  FSerialNumber := ASerialNumber;
-end;
-
-procedure TV1TbsCertificateGenerator.SetSignature(const ASignature: IAlgorithmIdentifier);
-begin
-  FSignature := ASignature;
-end;
-
-procedure TV1TbsCertificateGenerator.SetIssuer(const AIssuer: IX509Name);
-begin
-  FIssuer := AIssuer;
-end;
-
-procedure TV1TbsCertificateGenerator.SetValidity(const AValidity: IValidity);
-begin
-  FValidity := AValidity;
-  FStartDate := nil;
-  FEndDate := nil;
-end;
-
-procedure TV1TbsCertificateGenerator.SetStartDate(const AStartDate: ITime);
-begin
-  FValidity := nil;
-  FStartDate := AStartDate;
-end;
-
-procedure TV1TbsCertificateGenerator.SetStartDate(const AStartDate: IAsn1UtcTime);
-begin
-  SetStartDate(TTime.Create(AStartDate));
-end;
-
-procedure TV1TbsCertificateGenerator.SetEndDate(const AEndDate: ITime);
-begin
-  FValidity := nil;
-  FEndDate := AEndDate;
-end;
-
-procedure TV1TbsCertificateGenerator.SetEndDate(const AEndDate: IAsn1UtcTime);
-begin
-  SetEndDate(TTime.Create(AEndDate));
-end;
-
-procedure TV1TbsCertificateGenerator.SetSubject(const ASubject: IX509Name);
-begin
-  FSubject := ASubject;
-end;
-
-procedure TV1TbsCertificateGenerator.SetSubjectPublicKeyInfo(const APubKeyInfo: ISubjectPublicKeyInfo);
-begin
-  FSubjectPublicKeyInfo := APubKeyInfo;
-end;
-
-function TV1TbsCertificateGenerator.GenerateTbsCertificate: ITbsCertificateStructure;
-var
-  LValidity: IValidity;
-begin
-  if (FSerialNumber = nil) or (FSignature = nil) or (FIssuer = nil) or
-     ((FValidity = nil) and ((FStartDate = nil) or (FEndDate = nil))) or
-     (FSubject = nil) or (FSubjectPublicKeyInfo = nil) then
-    raise EInvalidOperationCryptoLibException.Create('not all mandatory fields set in V1 TBScertificate generator');
-
-  if FValidity <> nil then
-    LValidity := FValidity
-  else
-    LValidity := TValidity.Create(FStartDate, FEndDate);
-
-  Result := TTbsCertificateStructure.Create(TDerInteger.Zero, FSerialNumber,
-    FSignature, FIssuer, LValidity, FSubject, FSubjectPublicKeyInfo, nil, nil, nil);
-end;
-
-end.

CryptoLib/src/Asn1/X509/ClpV2AttributeCertificateInfoGenerator.pas

@@ -1,161 +0,0 @@
-{ *********************************************************************************** }
-{ *                              CryptoLib Library                                  * }
-{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
-{ *                 Github Repository <https://github.com/Xor-el>                   * }
-
-{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
-{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
-
-{ *                              Acknowledgements:                                  * }
-{ *                                                                                 * }
-{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
-{ *                           development of this library                           * }
-
-{ * ******************************************************************************* * }
-
-(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
-
-unit ClpV2AttributeCertificateInfoGenerator;
-
-{$I ..\..\Include\CryptoLib.inc}
-
-interface
-
-uses
-  SysUtils,
-  ClpAsn1Objects,
-  ClpIAsn1Objects,
-  ClpAsn1Core,
-  ClpIAsn1Core,
-  ClpIX509Asn1Objects,
-  ClpX509Asn1Objects,
-  ClpCryptoLibTypes;
-
-type
-  /// <summary>
-  /// Interface for V2 AttributeCertificateInfo generator.
-  /// </summary>
-  IV2AttributeCertificateInfoGenerator = interface
-    ['{C3D4E5F6-A7B8-9012-CDEF-012345678901}']
-    procedure SetHolder(const AHolder: IHolder);
-    procedure AddAttribute(const AOid: String; const AValue: IAsn1Encodable); overload;
-    procedure AddAttribute(const AAttribute: IAttributeX509); overload;
-    procedure SetSerialNumber(const ASerialNumber: IDerInteger);
-    procedure SetSignature(const ASignature: IAlgorithmIdentifier);
-    procedure SetIssuer(const AIssuer: IAttCertIssuer);
-    procedure SetStartDate(const AStartDate: IAsn1GeneralizedTime);
-    procedure SetEndDate(const AEndDate: IAsn1GeneralizedTime);
-    procedure SetIssuerUniqueID(const AIssuerUniqueID: IDerBitString);
-    procedure SetExtensions(const AExtensions: IX509Extensions);
-    function GenerateAttributeCertificateInfo: IAttributeCertificateInfo;
-  end;
-
-  /// <summary>
-  /// Generator for Version 2 AttributeCertificateInfo.
-  /// </summary>
-  TV2AttributeCertificateInfoGenerator = class(TInterfacedObject, IV2AttributeCertificateInfoGenerator)
-  strict private
-    FVersion: IDerInteger;
-    FHolder: IHolder;
-    FIssuer: IAttCertIssuer;
-    FSignature: IAlgorithmIdentifier;
-    FSerialNumber: IDerInteger;
-    FAttributes: IAsn1EncodableVector;
-    FIssuerUniqueID: IDerBitString;
-    FExtensions: IX509Extensions;
-    FStartDate: IAsn1GeneralizedTime;
-    FEndDate: IAsn1GeneralizedTime;
-  public
-    constructor Create;
-    procedure SetHolder(const AHolder: IHolder);
-    procedure AddAttribute(const AOid: String; const AValue: IAsn1Encodable); overload;
-    procedure AddAttribute(const AAttribute: IAttributeX509); overload;
-    procedure SetSerialNumber(const ASerialNumber: IDerInteger);
-    procedure SetSignature(const ASignature: IAlgorithmIdentifier);
-    procedure SetIssuer(const AIssuer: IAttCertIssuer);
-    procedure SetStartDate(const AStartDate: IAsn1GeneralizedTime);
-    procedure SetEndDate(const AEndDate: IAsn1GeneralizedTime);
-    procedure SetIssuerUniqueID(const AIssuerUniqueID: IDerBitString);
-    procedure SetExtensions(const AExtensions: IX509Extensions);
-    function GenerateAttributeCertificateInfo: IAttributeCertificateInfo;
-  end;
-
-implementation
-
-{ TV2AttributeCertificateInfoGenerator }
-
-constructor TV2AttributeCertificateInfoGenerator.Create;
-begin
-  inherited Create;
-  FVersion := TDerInteger.One;
-  FAttributes := TAsn1EncodableVector.Create;
-end;
-
-procedure TV2AttributeCertificateInfoGenerator.SetHolder(const AHolder: IHolder);
-begin
-  FHolder := AHolder;
-end;
-
-procedure TV2AttributeCertificateInfoGenerator.AddAttribute(const AOid: String; const AValue: IAsn1Encodable);
-begin
-  FAttributes.Add(TAttributeX509.Create(TDerObjectIdentifier.Create(AOid), TDerSet.Create(AValue)));
-end;
-
-procedure TV2AttributeCertificateInfoGenerator.AddAttribute(const AAttribute: IAttributeX509);
-begin
-  FAttributes.Add(AAttribute);
-end;
-
-procedure TV2AttributeCertificateInfoGenerator.SetSerialNumber(const ASerialNumber: IDerInteger);
-begin
-  FSerialNumber := ASerialNumber;
-end;
-
-procedure TV2AttributeCertificateInfoGenerator.SetSignature(const ASignature: IAlgorithmIdentifier);
-begin
-  FSignature := ASignature;
-end;
-
-procedure TV2AttributeCertificateInfoGenerator.SetIssuer(const AIssuer: IAttCertIssuer);
-begin
-  FIssuer := AIssuer;
-end;
-
-procedure TV2AttributeCertificateInfoGenerator.SetStartDate(const AStartDate: IAsn1GeneralizedTime);
-begin
-  FStartDate := AStartDate;
-end;
-
-procedure TV2AttributeCertificateInfoGenerator.SetEndDate(const AEndDate: IAsn1GeneralizedTime);
-begin
-  FEndDate := AEndDate;
-end;
-
-procedure TV2AttributeCertificateInfoGenerator.SetIssuerUniqueID(const AIssuerUniqueID: IDerBitString);
-begin
-  FIssuerUniqueID := AIssuerUniqueID;
-end;
-
-procedure TV2AttributeCertificateInfoGenerator.SetExtensions(const AExtensions: IX509Extensions);
-begin
-  FExtensions := AExtensions;
-end;
-
-function TV2AttributeCertificateInfoGenerator.GenerateAttributeCertificateInfo: IAttributeCertificateInfo;
-var
-  LV: IAsn1EncodableVector;
-  LSeq: IAsn1Sequence;
-begin
-  if (FSerialNumber = nil) or (FSignature = nil) or (FIssuer = nil) or
-     (FStartDate = nil) or (FEndDate = nil) or (FHolder = nil) or (FAttributes = nil) then
-    raise EInvalidOperationCryptoLibException.Create('not all mandatory fields set in V2 AttributeCertificateInfo generator');
-
-  LV := TAsn1EncodableVector.Create([FVersion, FHolder, FIssuer, FSignature, FSerialNumber]);
-  LV.Add(TAttCertValidityPeriod.Create(FStartDate, FEndDate));
-  LV.Add(TDerSequence.Create(FAttributes));
-  LV.AddOptional(FIssuerUniqueID, FExtensions);
-  LSeq := TDerSequence.Create(LV);
-  Result := TAttributeCertificateInfo.GetInstance(LSeq);
-end;
-
-end.

CryptoLib/src/Asn1/X509/ClpV3TbsCertificateGenerator.pas

@@ -1,237 +0,0 @@
-{ *********************************************************************************** }
-{ *                              CryptoLib Library                                  * }
-{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
-{ *                 Github Repository <https://github.com/Xor-el>                   * }
-
-{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
-{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
-
-{ *                              Acknowledgements:                                  * }
-{ *                                                                                 * }
-{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
-{ *                           development of this library                           * }
-
-{ * ******************************************************************************* * }
-
-(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
-
-unit ClpV3TbsCertificateGenerator;
-
-{$I ..\..\Include\CryptoLib.inc}
-
-interface
-
-uses
-  SysUtils,
-  ClpAsn1Objects,
-  ClpIAsn1Objects,
-  ClpAsn1Core,
-  ClpIAsn1Core,
-  ClpIX509Asn1Objects,
-  ClpIX509Extension,
-  ClpX509Asn1Objects,
-  ClpCryptoLibTypes;
-
-type
-  /// <summary>
-  /// Interface for V3 TbsCertificate structure generator.
-  /// </summary>
-  IV3TbsCertificateGenerator = interface
-    ['{B2C3D4E5-F6A7-8901-BCDE-F12345678901}']
-    procedure SetSerialNumber(const ASerialNumber: IDerInteger);
-    procedure SetSignature(const ASignature: IAlgorithmIdentifier);
-    procedure SetIssuer(const AIssuer: IX509Name);
-    procedure SetValidity(const AValidity: IValidity);
-    procedure SetStartDate(const AStartDate: ITime); overload;
-    procedure SetStartDate(const AStartDate: IAsn1UtcTime); overload;
-    procedure SetEndDate(const AEndDate: ITime); overload;
-    procedure SetEndDate(const AEndDate: IAsn1UtcTime); overload;
-    procedure SetSubject(const ASubject: IX509Name);
-    procedure SetSubjectPublicKeyInfo(const APubKeyInfo: ISubjectPublicKeyInfo);
-    procedure SetIssuerUniqueID(const AUniqueID: IDerBitString);
-    procedure SetSubjectUniqueID(const AUniqueID: IDerBitString);
-    procedure SetExtensions(const AExtensions: IX509Extensions);
-    function GeneratePreTbsCertificate: IAsn1Sequence;
-    function GenerateTbsCertificate: ITbsCertificateStructure;
-  end;
-
-  /// <summary>
-  /// Generator for Version 3 TbsCertificateStructures.
-  /// </summary>
-  TV3TbsCertificateGenerator = class(TInterfacedObject, IV3TbsCertificateGenerator)
-  strict private
-    FSerialNumber: IDerInteger;
-    FSignature: IAlgorithmIdentifier;
-    FIssuer: IX509Name;
-    FValidity: IValidity;
-    FStartDate: ITime;
-    FEndDate: ITime;
-    FSubject: IX509Name;
-    FSubjectPublicKeyInfo: ISubjectPublicKeyInfo;
-    FExtensions: IX509Extensions;
-    FIssuerUniqueID: IDerBitString;
-    FSubjectUniqueID: IDerBitString;
-    FAltNamePresentAndCritical: Boolean;
-  public
-    procedure SetSerialNumber(const ASerialNumber: IDerInteger);
-    procedure SetSignature(const ASignature: IAlgorithmIdentifier);
-    procedure SetIssuer(const AIssuer: IX509Name);
-    procedure SetValidity(const AValidity: IValidity);
-    procedure SetStartDate(const AStartDate: ITime); overload;
-    procedure SetStartDate(const AStartDate: IAsn1UtcTime); overload;
-    procedure SetEndDate(const AEndDate: ITime); overload;
-    procedure SetEndDate(const AEndDate: IAsn1UtcTime); overload;
-    procedure SetSubject(const ASubject: IX509Name);
-    procedure SetSubjectPublicKeyInfo(const APubKeyInfo: ISubjectPublicKeyInfo);
-    procedure SetIssuerUniqueID(const AUniqueID: IDerBitString);
-    procedure SetSubjectUniqueID(const AUniqueID: IDerBitString);
-    procedure SetExtensions(const AExtensions: IX509Extensions);
-    function GeneratePreTbsCertificate: IAsn1Sequence;
-    function GenerateTbsCertificate: ITbsCertificateStructure;
-  end;
-
-implementation
-
-{ TV3TbsCertificateGenerator }
-
-procedure TV3TbsCertificateGenerator.SetSerialNumber(const ASerialNumber: IDerInteger);
-begin
-  FSerialNumber := ASerialNumber;
-end;
-
-procedure TV3TbsCertificateGenerator.SetSignature(const ASignature: IAlgorithmIdentifier);
-begin
-  FSignature := ASignature;
-end;
-
-procedure TV3TbsCertificateGenerator.SetIssuer(const AIssuer: IX509Name);
-begin
-  FIssuer := AIssuer;
-end;
-
-procedure TV3TbsCertificateGenerator.SetValidity(const AValidity: IValidity);
-begin
-  FValidity := AValidity;
-  FStartDate := nil;
-  FEndDate := nil;
-end;
-
-procedure TV3TbsCertificateGenerator.SetStartDate(const AStartDate: ITime);
-begin
-  FValidity := nil;
-  FStartDate := AStartDate;
-end;
-
-procedure TV3TbsCertificateGenerator.SetStartDate(const AStartDate: IAsn1UtcTime);
-begin
-  SetStartDate(TTime.Create(AStartDate));
-end;
-
-procedure TV3TbsCertificateGenerator.SetEndDate(const AEndDate: ITime);
-begin
-  FValidity := nil;
-  FEndDate := AEndDate;
-end;
-
-procedure TV3TbsCertificateGenerator.SetEndDate(const AEndDate: IAsn1UtcTime);
-begin
-  SetEndDate(TTime.Create(AEndDate));
-end;
-
-procedure TV3TbsCertificateGenerator.SetSubject(const ASubject: IX509Name);
-begin
-  FSubject := ASubject;
-end;
-
-procedure TV3TbsCertificateGenerator.SetSubjectPublicKeyInfo(const APubKeyInfo: ISubjectPublicKeyInfo);
-begin
-  FSubjectPublicKeyInfo := APubKeyInfo;
-end;
-
-procedure TV3TbsCertificateGenerator.SetIssuerUniqueID(const AUniqueID: IDerBitString);
-begin
-  FIssuerUniqueID := AUniqueID;
-end;
-
-procedure TV3TbsCertificateGenerator.SetSubjectUniqueID(const AUniqueID: IDerBitString);
-begin
-  FSubjectUniqueID := AUniqueID;
-end;
-
-procedure TV3TbsCertificateGenerator.SetExtensions(const AExtensions: IX509Extensions);
-var
-  LAltName: IX509Extension;
-begin
-  FExtensions := AExtensions;
-  FAltNamePresentAndCritical := False;
-  if AExtensions <> nil then
-  begin
-    LAltName := AExtensions.GetExtension(TX509Extensions.SubjectAlternativeName);
-    if (LAltName <> nil) and LAltName.IsCritical then
-      FAltNamePresentAndCritical := True;
-  end;
-end;
-
-function TV3TbsCertificateGenerator.GeneratePreTbsCertificate: IAsn1Sequence;
-var
-  LV: IAsn1EncodableVector;
-  LValidity: IValidity;
-  LSubject: IX509Name;
-begin
-  if FSignature <> nil then
-    raise EInvalidOperationCryptoLibException.Create('signature field should not be set in PreTBSCertificate');
-
-  if (FSerialNumber = nil) or (FIssuer = nil) or
-     ((FValidity = nil) and ((FStartDate = nil) or (FEndDate = nil))) or
-     ((FSubject = nil) and (not FAltNamePresentAndCritical)) or (FSubjectPublicKeyInfo = nil) then
-    raise EInvalidOperationCryptoLibException.Create('not all mandatory fields set in V3 TBScertificate generator');
-
-  if FValidity <> nil then
-    LValidity := FValidity
-  else
-    LValidity := TValidity.Create(FStartDate, FEndDate);
-
-  if FSubject <> nil then
-    LSubject := FSubject
-  else
-    LSubject := TX509Name.GetInstance(TDerSequence.Empty as IAsn1Convertible);
-
-  LV := TAsn1EncodableVector.Create(9);
-  LV.Add(TDerTaggedObject.Create(0, TDerInteger.Two));
-  LV.Add(FSerialNumber);
-  LV.Add(FIssuer);
-  LV.Add(LValidity);
-  LV.Add(LSubject);
-  LV.Add(FSubjectPublicKeyInfo);
-  LV.AddOptionalTagged(False, 1, FIssuerUniqueID);
-  LV.AddOptionalTagged(False, 2, FSubjectUniqueID);
-  LV.AddOptionalTagged(True, 3, FExtensions);
-  Result := TDerSequence.Create(LV);
-end;
-
-function TV3TbsCertificateGenerator.GenerateTbsCertificate: ITbsCertificateStructure;
-var
-  LValidity: IValidity;
-  LSubject: IX509Name;
-begin
-  if (FSerialNumber = nil) or (FSignature = nil) or (FIssuer = nil) or
-     ((FValidity = nil) and ((FStartDate = nil) or (FEndDate = nil))) or
-     ((FSubject = nil) and (not FAltNamePresentAndCritical)) or (FSubjectPublicKeyInfo = nil) then
-    raise EInvalidOperationCryptoLibException.Create('not all mandatory fields set in V3 TBScertificate generator');
-
-  if FValidity <> nil then
-    LValidity := FValidity
-  else
-    LValidity := TValidity.Create(FStartDate, FEndDate);
-
-  if FSubject <> nil then
-    LSubject := FSubject
-  else
-    LSubject := TX509Name.GetInstance(TDerSequence.Empty as IAsn1Convertible);
-
-  Result := TTbsCertificateStructure.Create(TDerInteger.Two, FSerialNumber,
-    FSignature, FIssuer, LValidity, LSubject, FSubjectPublicKeyInfo,
-    FIssuerUniqueID, FSubjectUniqueID, FExtensions);
-end;
-
-end.

CryptoLib/src/Asn1/X509/ClpX509Asn1Generators.pas

@@ -0,0 +1,655 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpX509Asn1Generators;
+
+{$I ..\..\Include\CryptoLib.inc}
+
+interface
+
+uses
+  SysUtils,
+  Generics.Collections,
+  ClpAsn1Objects,
+  ClpIAsn1Objects,
+  ClpAsn1Core,
+  ClpIAsn1Core,
+  ClpIX509Asn1Objects,
+  ClpX509Asn1Objects,
+  ClpIX509Extension,
+  ClpX509Extension,
+  ClpCryptoLibTypes,
+  ClpCryptoLibComparers,
+  ClpIX509Asn1Generators;
+
+type
+  /// <summary>
+  /// Generator for Version 1 TbsCertificateStructures.
+  /// </summary>
+  TV1TbsCertificateGenerator = class(TInterfacedObject, IV1TbsCertificateGenerator)
+  strict private
+    FSerialNumber: IDerInteger;
+    FSignature: IAlgorithmIdentifier;
+    FIssuer: IX509Name;
+    FValidity: IValidity;
+    FStartDate: ITime;
+    FEndDate: ITime;
+    FSubject: IX509Name;
+    FSubjectPublicKeyInfo: ISubjectPublicKeyInfo;
+  public
+    procedure SetSerialNumber(const ASerialNumber: IDerInteger);
+    procedure SetSignature(const ASignature: IAlgorithmIdentifier);
+    procedure SetIssuer(const AIssuer: IX509Name);
+    procedure SetValidity(const AValidity: IValidity);
+    procedure SetStartDate(const AStartDate: ITime); overload;
+    procedure SetStartDate(const AStartDate: IAsn1UtcTime); overload;
+    procedure SetEndDate(const AEndDate: ITime); overload;
+    procedure SetEndDate(const AEndDate: IAsn1UtcTime); overload;
+    procedure SetSubject(const ASubject: IX509Name);
+    procedure SetSubjectPublicKeyInfo(const APubKeyInfo: ISubjectPublicKeyInfo);
+    function GenerateTbsCertificate: ITbsCertificateStructure;
+  end;
+
+  /// <summary>
+  /// Generator for Version 3 TbsCertificateStructures.
+  /// </summary>
+  TV3TbsCertificateGenerator = class(TInterfacedObject, IV3TbsCertificateGenerator)
+  strict private
+    FSerialNumber: IDerInteger;
+    FSignature: IAlgorithmIdentifier;
+    FIssuer: IX509Name;
+    FValidity: IValidity;
+    FStartDate: ITime;
+    FEndDate: ITime;
+    FSubject: IX509Name;
+    FSubjectPublicKeyInfo: ISubjectPublicKeyInfo;
+    FExtensions: IX509Extensions;
+    FIssuerUniqueID: IDerBitString;
+    FSubjectUniqueID: IDerBitString;
+    FAltNamePresentAndCritical: Boolean;
+  public
+    procedure SetSerialNumber(const ASerialNumber: IDerInteger);
+    procedure SetSignature(const ASignature: IAlgorithmIdentifier);
+    procedure SetIssuer(const AIssuer: IX509Name);
+    procedure SetValidity(const AValidity: IValidity);
+    procedure SetStartDate(const AStartDate: ITime); overload;
+    procedure SetStartDate(const AStartDate: IAsn1UtcTime); overload;
+    procedure SetEndDate(const AEndDate: ITime); overload;
+    procedure SetEndDate(const AEndDate: IAsn1UtcTime); overload;
+    procedure SetSubject(const ASubject: IX509Name);
+    procedure SetSubjectPublicKeyInfo(const APubKeyInfo: ISubjectPublicKeyInfo);
+    procedure SetIssuerUniqueID(const AUniqueID: IDerBitString);
+    procedure SetSubjectUniqueID(const AUniqueID: IDerBitString);
+    procedure SetExtensions(const AExtensions: IX509Extensions);
+    function GeneratePreTbsCertificate: IAsn1Sequence;
+    function GenerateTbsCertificate: ITbsCertificateStructure;
+  end;
+
+  /// <summary>
+  /// Generator for Version 2 AttributeCertificateInfo.
+  /// </summary>
+  TV2AttributeCertificateInfoGenerator = class(TInterfacedObject, IV2AttributeCertificateInfoGenerator)
+  strict private
+    FVersion: IDerInteger;
+    FHolder: IHolder;
+    FIssuer: IAttCertIssuer;
+    FSignature: IAlgorithmIdentifier;
+    FSerialNumber: IDerInteger;
+    FAttributes: IAsn1EncodableVector;
+    FIssuerUniqueID: IDerBitString;
+    FExtensions: IX509Extensions;
+    FStartDate: IAsn1GeneralizedTime;
+    FEndDate: IAsn1GeneralizedTime;
+  public
+    constructor Create;
+    procedure SetHolder(const AHolder: IHolder);
+    procedure AddAttribute(const AOid: String; const AValue: IAsn1Encodable); overload;
+    procedure AddAttribute(const AAttribute: IAttributeX509); overload;
+    procedure SetSerialNumber(const ASerialNumber: IDerInteger);
+    procedure SetSignature(const ASignature: IAlgorithmIdentifier);
+    procedure SetIssuer(const AIssuer: IAttCertIssuer);
+    procedure SetStartDate(const AStartDate: IAsn1GeneralizedTime);
+    procedure SetEndDate(const AEndDate: IAsn1GeneralizedTime);
+    procedure SetIssuerUniqueID(const AIssuerUniqueID: IDerBitString);
+    procedure SetExtensions(const AExtensions: IX509Extensions);
+    function GenerateAttributeCertificateInfo: IAttributeCertificateInfo;
+  end;
+
+  /// <remarks>Generator for X.509 extensions</remarks>
+  TX509ExtensionsGenerator = class(TInterfacedObject, IX509ExtensionsGenerator)
+
+  strict private
+  var
+    FExtensions: TDictionary<IDerObjectIdentifier, IX509Extension>;
+    FOrdering: TList<IDerObjectIdentifier>;
+
+  strict private
+    class var
+      FDupsAllowed: TDictionary<IDerObjectIdentifier, Boolean>;
+
+    class procedure Boot; static;
+    class constructor Create;
+    class destructor Destroy;
+
+  strict private
+    procedure ImplAddExtension(const AOid: IDerObjectIdentifier;
+      const AX509Extension: IX509Extension);
+    procedure ImplAddExtensionDup(const AExistingExtension: IX509Extension;
+      const AOid: IDerObjectIdentifier; ACritical: Boolean;
+      const AExtValue: TCryptoLibByteArray);
+
+  public
+    constructor Create;
+    destructor Destroy; override;
+
+    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
+      const AExtValue: IAsn1Convertible); overload;
+    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
+      const AExtValue: IAsn1Encodable); overload;
+    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
+      const AExtValue: TCryptoLibByteArray); overload;
+    procedure AddExtension(const AOid: IDerObjectIdentifier;
+      const AX509Extension: IX509Extension); overload;
+    procedure AddExtensions(const AExtensions: IX509Extensions);
+    function Generate: IX509Extensions;
+    function GetExtension(const AOid: IDerObjectIdentifier): IX509Extension;
+    function HasExtension(const AOid: IDerObjectIdentifier): Boolean;
+    function IsEmpty: Boolean;
+    procedure RemoveExtension(const AOid: IDerObjectIdentifier);
+    procedure ReplaceExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
+      const AExtValue: IAsn1Convertible); overload;
+    procedure ReplaceExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
+      const AExtValue: IAsn1Encodable); overload;
+    procedure ReplaceExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
+      const AExtValue: TCryptoLibByteArray); overload;
+    procedure ReplaceExtension(const AOid: IDerObjectIdentifier;
+      const AX509Extension: IX509Extension); overload;
+    procedure Reset;
+
+  end;
+
+implementation
+
+{ TV1TbsCertificateGenerator }
+
+procedure TV1TbsCertificateGenerator.SetSerialNumber(const ASerialNumber: IDerInteger);
+begin
+  FSerialNumber := ASerialNumber;
+end;
+
+procedure TV1TbsCertificateGenerator.SetSignature(const ASignature: IAlgorithmIdentifier);
+begin
+  FSignature := ASignature;
+end;
+
+procedure TV1TbsCertificateGenerator.SetIssuer(const AIssuer: IX509Name);
+begin
+  FIssuer := AIssuer;
+end;
+
+procedure TV1TbsCertificateGenerator.SetValidity(const AValidity: IValidity);
+begin
+  FValidity := AValidity;
+  FStartDate := nil;
+  FEndDate := nil;
+end;
+
+procedure TV1TbsCertificateGenerator.SetStartDate(const AStartDate: ITime);
+begin
+  FValidity := nil;
+  FStartDate := AStartDate;
+end;
+
+procedure TV1TbsCertificateGenerator.SetStartDate(const AStartDate: IAsn1UtcTime);
+begin
+  SetStartDate(TTime.Create(AStartDate));
+end;
+
+procedure TV1TbsCertificateGenerator.SetEndDate(const AEndDate: ITime);
+begin
+  FValidity := nil;
+  FEndDate := AEndDate;
+end;
+
+procedure TV1TbsCertificateGenerator.SetEndDate(const AEndDate: IAsn1UtcTime);
+begin
+  SetEndDate(TTime.Create(AEndDate));
+end;
+
+procedure TV1TbsCertificateGenerator.SetSubject(const ASubject: IX509Name);
+begin
+  FSubject := ASubject;
+end;
+
+procedure TV1TbsCertificateGenerator.SetSubjectPublicKeyInfo(const APubKeyInfo: ISubjectPublicKeyInfo);
+begin
+  FSubjectPublicKeyInfo := APubKeyInfo;
+end;
+
+function TV1TbsCertificateGenerator.GenerateTbsCertificate: ITbsCertificateStructure;
+var
+  LValidity: IValidity;
+begin
+  if (FSerialNumber = nil) or (FSignature = nil) or (FIssuer = nil) or
+     ((FValidity = nil) and ((FStartDate = nil) or (FEndDate = nil))) or
+     (FSubject = nil) or (FSubjectPublicKeyInfo = nil) then
+    raise EInvalidOperationCryptoLibException.Create('not all mandatory fields set in V1 TBScertificate generator');
+
+  if FValidity <> nil then
+    LValidity := FValidity
+  else
+    LValidity := TValidity.Create(FStartDate, FEndDate);
+
+  Result := TTbsCertificateStructure.Create(TDerInteger.Zero, FSerialNumber,
+    FSignature, FIssuer, LValidity, FSubject, FSubjectPublicKeyInfo, nil, nil, nil);
+end;
+
+{ TV3TbsCertificateGenerator }
+
+procedure TV3TbsCertificateGenerator.SetSerialNumber(const ASerialNumber: IDerInteger);
+begin
+  FSerialNumber := ASerialNumber;
+end;
+
+procedure TV3TbsCertificateGenerator.SetSignature(const ASignature: IAlgorithmIdentifier);
+begin
+  FSignature := ASignature;
+end;
+
+procedure TV3TbsCertificateGenerator.SetIssuer(const AIssuer: IX509Name);
+begin
+  FIssuer := AIssuer;
+end;
+
+procedure TV3TbsCertificateGenerator.SetValidity(const AValidity: IValidity);
+begin
+  FValidity := AValidity;
+  FStartDate := nil;
+  FEndDate := nil;
+end;
+
+procedure TV3TbsCertificateGenerator.SetStartDate(const AStartDate: ITime);
+begin
+  FValidity := nil;
+  FStartDate := AStartDate;
+end;
+
+procedure TV3TbsCertificateGenerator.SetStartDate(const AStartDate: IAsn1UtcTime);
+begin
+  SetStartDate(TTime.Create(AStartDate));
+end;
+
+procedure TV3TbsCertificateGenerator.SetEndDate(const AEndDate: ITime);
+begin
+  FValidity := nil;
+  FEndDate := AEndDate;
+end;
+
+procedure TV3TbsCertificateGenerator.SetEndDate(const AEndDate: IAsn1UtcTime);
+begin
+  SetEndDate(TTime.Create(AEndDate));
+end;
+
+procedure TV3TbsCertificateGenerator.SetSubject(const ASubject: IX509Name);
+begin
+  FSubject := ASubject;
+end;
+
+procedure TV3TbsCertificateGenerator.SetSubjectPublicKeyInfo(const APubKeyInfo: ISubjectPublicKeyInfo);
+begin
+  FSubjectPublicKeyInfo := APubKeyInfo;
+end;
+
+procedure TV3TbsCertificateGenerator.SetIssuerUniqueID(const AUniqueID: IDerBitString);
+begin
+  FIssuerUniqueID := AUniqueID;
+end;
+
+procedure TV3TbsCertificateGenerator.SetSubjectUniqueID(const AUniqueID: IDerBitString);
+begin
+  FSubjectUniqueID := AUniqueID;
+end;
+
+procedure TV3TbsCertificateGenerator.SetExtensions(const AExtensions: IX509Extensions);
+var
+  LAltName: IX509Extension;
+begin
+  FExtensions := AExtensions;
+  FAltNamePresentAndCritical := False;
+  if AExtensions <> nil then
+  begin
+    LAltName := AExtensions.GetExtension(TX509Extensions.SubjectAlternativeName);
+    if (LAltName <> nil) and LAltName.IsCritical then
+      FAltNamePresentAndCritical := True;
+  end;
+end;
+
+function TV3TbsCertificateGenerator.GeneratePreTbsCertificate: IAsn1Sequence;
+var
+  LV: IAsn1EncodableVector;
+  LValidity: IValidity;
+  LSubject: IX509Name;
+begin
+  if FSignature <> nil then
+    raise EInvalidOperationCryptoLibException.Create('signature field should not be set in PreTBSCertificate');
+
+  if (FSerialNumber = nil) or (FIssuer = nil) or
+     ((FValidity = nil) and ((FStartDate = nil) or (FEndDate = nil))) or
+     ((FSubject = nil) and (not FAltNamePresentAndCritical)) or (FSubjectPublicKeyInfo = nil) then
+    raise EInvalidOperationCryptoLibException.Create('not all mandatory fields set in V3 TBScertificate generator');
+
+  if FValidity <> nil then
+    LValidity := FValidity
+  else
+    LValidity := TValidity.Create(FStartDate, FEndDate);
+
+  if FSubject <> nil then
+    LSubject := FSubject
+  else
+    LSubject := TX509Name.GetInstance(TDerSequence.Empty as IAsn1Convertible);
+
+  LV := TAsn1EncodableVector.Create(9);
+  LV.Add(TDerTaggedObject.Create(0, TDerInteger.Two));
+  LV.Add(FSerialNumber);
+  LV.Add(FIssuer);
+  LV.Add(LValidity);
+  LV.Add(LSubject);
+  LV.Add(FSubjectPublicKeyInfo);
+  LV.AddOptionalTagged(False, 1, FIssuerUniqueID);
+  LV.AddOptionalTagged(False, 2, FSubjectUniqueID);
+  LV.AddOptionalTagged(True, 3, FExtensions);
+  Result := TDerSequence.Create(LV);
+end;
+
+function TV3TbsCertificateGenerator.GenerateTbsCertificate: ITbsCertificateStructure;
+var
+  LValidity: IValidity;
+  LSubject: IX509Name;
+begin
+  if (FSerialNumber = nil) or (FSignature = nil) or (FIssuer = nil) or
+     ((FValidity = nil) and ((FStartDate = nil) or (FEndDate = nil))) or
+     ((FSubject = nil) and (not FAltNamePresentAndCritical)) or (FSubjectPublicKeyInfo = nil) then
+    raise EInvalidOperationCryptoLibException.Create('not all mandatory fields set in V3 TBScertificate generator');
+
+  if FValidity <> nil then
+    LValidity := FValidity
+  else
+    LValidity := TValidity.Create(FStartDate, FEndDate);
+
+  if FSubject <> nil then
+    LSubject := FSubject
+  else
+    LSubject := TX509Name.GetInstance(TDerSequence.Empty as IAsn1Convertible);
+
+  Result := TTbsCertificateStructure.Create(TDerInteger.Two, FSerialNumber,
+    FSignature, FIssuer, LValidity, LSubject, FSubjectPublicKeyInfo,
+    FIssuerUniqueID, FSubjectUniqueID, FExtensions);
+end;
+
+{ TV2AttributeCertificateInfoGenerator }
+
+constructor TV2AttributeCertificateInfoGenerator.Create;
+begin
+  inherited Create;
+  FVersion := TDerInteger.One;
+  FAttributes := TAsn1EncodableVector.Create;
+end;
+
+procedure TV2AttributeCertificateInfoGenerator.SetHolder(const AHolder: IHolder);
+begin
+  FHolder := AHolder;
+end;
+
+procedure TV2AttributeCertificateInfoGenerator.AddAttribute(const AOid: String; const AValue: IAsn1Encodable);
+begin
+  FAttributes.Add(TAttributeX509.Create(TDerObjectIdentifier.Create(AOid), TDerSet.Create(AValue)));
+end;
+
+procedure TV2AttributeCertificateInfoGenerator.AddAttribute(const AAttribute: IAttributeX509);
+begin
+  FAttributes.Add(AAttribute);
+end;
+
+procedure TV2AttributeCertificateInfoGenerator.SetSerialNumber(const ASerialNumber: IDerInteger);
+begin
+  FSerialNumber := ASerialNumber;
+end;
+
+procedure TV2AttributeCertificateInfoGenerator.SetSignature(const ASignature: IAlgorithmIdentifier);
+begin
+  FSignature := ASignature;
+end;
+
+procedure TV2AttributeCertificateInfoGenerator.SetIssuer(const AIssuer: IAttCertIssuer);
+begin
+  FIssuer := AIssuer;
+end;
+
+procedure TV2AttributeCertificateInfoGenerator.SetStartDate(const AStartDate: IAsn1GeneralizedTime);
+begin
+  FStartDate := AStartDate;
+end;
+
+procedure TV2AttributeCertificateInfoGenerator.SetEndDate(const AEndDate: IAsn1GeneralizedTime);
+begin
+  FEndDate := AEndDate;
+end;
+
+procedure TV2AttributeCertificateInfoGenerator.SetIssuerUniqueID(const AIssuerUniqueID: IDerBitString);
+begin
+  FIssuerUniqueID := AIssuerUniqueID;
+end;
+
+procedure TV2AttributeCertificateInfoGenerator.SetExtensions(const AExtensions: IX509Extensions);
+begin
+  FExtensions := AExtensions;
+end;
+
+function TV2AttributeCertificateInfoGenerator.GenerateAttributeCertificateInfo: IAttributeCertificateInfo;
+var
+  LV: IAsn1EncodableVector;
+  LSeq: IAsn1Sequence;
+begin
+  if (FSerialNumber = nil) or (FSignature = nil) or (FIssuer = nil) or
+     (FStartDate = nil) or (FEndDate = nil) or (FHolder = nil) or (FAttributes = nil) then
+    raise EInvalidOperationCryptoLibException.Create('not all mandatory fields set in V2 AttributeCertificateInfo generator');
+
+  LV := TAsn1EncodableVector.Create([FVersion, FHolder, FIssuer, FSignature, FSerialNumber]);
+  LV.Add(TAttCertValidityPeriod.Create(FStartDate, FEndDate));
+  LV.Add(TDerSequence.Create(FAttributes));
+  LV.AddOptional(FIssuerUniqueID, FExtensions);
+  LSeq := TDerSequence.Create(LV);
+  Result := TAttributeCertificateInfo.GetInstance(LSeq);
+end;
+
+{ TX509ExtensionsGenerator }
+
+class constructor TX509ExtensionsGenerator.Create;
+begin
+  Boot;
+end;
+
+class destructor TX509ExtensionsGenerator.Destroy;
+begin
+  FDupsAllowed.Free;
+end;
+
+class procedure TX509ExtensionsGenerator.Boot;
+begin
+  FDupsAllowed := TDictionary<IDerObjectIdentifier, Boolean>.Create(TCryptoLibComparers.OidEqualityComparer);
+  // OIDs that allow duplicate extensions
+  FDupsAllowed.Add(TX509Extensions.SubjectAlternativeName, True);
+  FDupsAllowed.Add(TX509Extensions.IssuerAlternativeName, True);
+  FDupsAllowed.Add(TX509Extensions.SubjectDirectoryAttributes, True);
+  FDupsAllowed.Add(TX509Extensions.CertificateIssuer, True);
+end;
+
+constructor TX509ExtensionsGenerator.Create;
+begin
+  inherited Create();
+  FExtensions := TDictionary<IDerObjectIdentifier, IX509Extension>.Create(TCryptoLibComparers.OidEqualityComparer);
+  FOrdering := TList<IDerObjectIdentifier>.Create(TCryptoLibComparers.OidComparer);
+end;
+
+destructor TX509ExtensionsGenerator.Destroy;
+begin
+  FExtensions.Free;
+  FOrdering.Free;
+  inherited Destroy;
+end;
+
+procedure TX509ExtensionsGenerator.AddExtension(const AOid: IDerObjectIdentifier;
+  ACritical: Boolean; const AExtValue: IAsn1Convertible);
+begin
+  AddExtension(AOid, ACritical, AExtValue.ToAsn1Object());
+end;
+
+procedure TX509ExtensionsGenerator.AddExtension(const AOid: IDerObjectIdentifier;
+  ACritical: Boolean; const AExtValue: IAsn1Encodable);
+var
+  LExisting: IX509Extension;
+begin
+  if FExtensions.TryGetValue(AOid, LExisting) then
+  begin
+    ImplAddExtensionDup(LExisting, AOid, ACritical, AExtValue.GetEncoded(TAsn1Encodable.Der));
+  end
+  else
+  begin
+    ImplAddExtension(AOid, TX509Extension.Create(ACritical, TDerOctetString.Create(AExtValue)));
+  end;
+end;
+
+procedure TX509ExtensionsGenerator.AddExtension(const AOid: IDerObjectIdentifier;
+  ACritical: Boolean; const AExtValue: TCryptoLibByteArray);
+var
+  LExisting: IX509Extension;
+begin
+  if FExtensions.TryGetValue(AOid, LExisting) then
+  begin
+    ImplAddExtensionDup(LExisting, AOid, ACritical, AExtValue);
+  end
+  else
+  begin
+    ImplAddExtension(AOid, TX509Extension.Create(ACritical, TDerOctetString.FromContents(AExtValue)));
+  end;
+end;
+
+procedure TX509ExtensionsGenerator.AddExtension(const AOid: IDerObjectIdentifier;
+  const AX509Extension: IX509Extension);
+begin
+  if HasExtension(AOid) then
+    raise EArgumentCryptoLibException.CreateFmt('extension %s already added', [AOid.Id]);
+  ImplAddExtension(AOid, AX509Extension);
+end;
+
+procedure TX509ExtensionsGenerator.AddExtensions(const AExtensions: IX509Extensions);
+var
+  LOid: IDerObjectIdentifier;
+  LExt: IX509Extension;
+begin
+  for LOid in AExtensions.GetExtensionOids() do
+  begin
+    LExt := AExtensions.GetExtension(LOid);
+    AddExtension(LOid, LExt.IsCritical, LExt.Value.GetOctets());
+  end;
+end;
+
+function TX509ExtensionsGenerator.Generate: IX509Extensions;
+begin
+  Result := TX509Extensions.Create(FOrdering, FExtensions);
+end;
+
+function TX509ExtensionsGenerator.GetExtension(const AOid: IDerObjectIdentifier): IX509Extension;
+begin
+  if not FExtensions.TryGetValue(AOid, Result) then
+    Result := nil;
+end;
+
+function TX509ExtensionsGenerator.HasExtension(const AOid: IDerObjectIdentifier): Boolean;
+begin
+  Result := FExtensions.ContainsKey(AOid);
+end;
+
+function TX509ExtensionsGenerator.IsEmpty: Boolean;
+begin
+  Result := FOrdering.Count < 1;
+end;
+
+procedure TX509ExtensionsGenerator.RemoveExtension(const AOid: IDerObjectIdentifier);
+begin
+  if not HasExtension(AOid) then
+    raise EInvalidOperationCryptoLibException.CreateFmt('extension %s not present', [AOid.Id]);
+  FOrdering.Remove(AOid);
+  FExtensions.Remove(AOid);
+end;
+
+procedure TX509ExtensionsGenerator.ReplaceExtension(const AOid: IDerObjectIdentifier;
+  ACritical: Boolean; const AExtValue: IAsn1Convertible);
+begin
+  ReplaceExtension(AOid, ACritical, AExtValue.ToAsn1Object());
+end;
+
+procedure TX509ExtensionsGenerator.ReplaceExtension(const AOid: IDerObjectIdentifier;
+  ACritical: Boolean; const AExtValue: IAsn1Encodable);
+begin
+  ReplaceExtension(AOid, TX509Extension.Create(ACritical, TDerOctetString.Create(AExtValue)));
+end;
+
+procedure TX509ExtensionsGenerator.ReplaceExtension(const AOid: IDerObjectIdentifier;
+  ACritical: Boolean; const AExtValue: TCryptoLibByteArray);
+begin
+  ReplaceExtension(AOid, TX509Extension.Create(ACritical, TDerOctetString.FromContents(AExtValue)));
+end;
+
+procedure TX509ExtensionsGenerator.ReplaceExtension(const AOid: IDerObjectIdentifier;
+  const AX509Extension: IX509Extension);
+begin
+  if not HasExtension(AOid) then
+    raise EInvalidOperationCryptoLibException.CreateFmt('extension %s not present', [AOid.Id]);
+  FExtensions[AOid] := AX509Extension;
+end;
+
+procedure TX509ExtensionsGenerator.Reset;
+begin
+  FExtensions.Clear;
+  FOrdering.Clear;
+end;
+
+procedure TX509ExtensionsGenerator.ImplAddExtension(const AOid: IDerObjectIdentifier;
+  const AX509Extension: IX509Extension);
+begin
+  FOrdering.Add(AOid);
+  FExtensions.Add(AOid, AX509Extension);
+end;
+
+procedure TX509ExtensionsGenerator.ImplAddExtensionDup(const AExistingExtension: IX509Extension;
+  const AOid: IDerObjectIdentifier; ACritical: Boolean; const AExtValue: TCryptoLibByteArray);
+var
+  LSeq1, LSeq2, LConcat: IAsn1Sequence;
+begin
+  if not FDupsAllowed.ContainsKey(AOid) then
+    raise EArgumentCryptoLibException.CreateFmt('extension %s already added', [AOid.Id]);
+
+  LSeq1 := TAsn1Sequence.GetInstance(AExistingExtension.Value.GetOctets());
+  LSeq2 := TAsn1Sequence.GetInstance(AExtValue);
+  LConcat := TDerSequence.Concatenate([LSeq1, LSeq2]);
+
+  FExtensions[AOid] := TX509Extension.Create(AExistingExtension.IsCritical or ACritical,
+    TDerOctetString.Create(LConcat));
+end;
+
+end.

CryptoLib/src/Asn1/X509/ClpX509ExtensionsGenerator.pas

@@ -1,271 +0,0 @@
-{ *********************************************************************************** }
-{ *                              CryptoLib Library                                  * }
-{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
-{ *                 Github Repository <https://github.com/Xor-el>                   * }
-
-{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
-{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
-
-{ *                              Acknowledgements:                                  * }
-{ *                                                                                 * }
-{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
-{ *                           development of this library                           * }
-
-{ * ******************************************************************************* * }
-
-(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
-
-unit ClpX509ExtensionsGenerator;
-
-{$I ..\..\Include\CryptoLib.inc}
-
-interface
-
-uses
-  SysUtils,
-  Generics.Collections,
-  ClpAsn1Objects,
-  ClpIAsn1Objects,
-  ClpAsn1Core,
-  ClpIAsn1Core,
-  ClpIX509ExtensionsGenerator,
-  ClpIX509Asn1Objects,
-  ClpIX509Extension,
-  ClpX509Extension,
-  ClpX509Asn1Objects,
-  ClpCryptoLibTypes,
-  ClpCryptoLibComparers;
-
-type
-  /// <remarks>Generator for X.509 extensions</remarks>
-  TX509ExtensionsGenerator = class(TInterfacedObject, IX509ExtensionsGenerator)
-
-  strict private
-  var
-    FExtensions: TDictionary<IDerObjectIdentifier, IX509Extension>;
-    FOrdering: TList<IDerObjectIdentifier>;
-
-  strict private
-    class var
-      FDupsAllowed: TDictionary<IDerObjectIdentifier, Boolean>;
-
-    class procedure Boot; static;
-    class constructor Create;
-    class destructor Destroy;
-
-  strict private
-    procedure ImplAddExtension(const AOid: IDerObjectIdentifier;
-      const AX509Extension: IX509Extension);
-    procedure ImplAddExtensionDup(const AExistingExtension: IX509Extension;
-      const AOid: IDerObjectIdentifier; ACritical: Boolean;
-      const AExtValue: TCryptoLibByteArray);
-
-  public
-    constructor Create;
-    destructor Destroy; override;
-
-    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
-      const AExtValue: IAsn1Convertible); overload;
-    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
-      const AExtValue: IAsn1Encodable); overload;
-    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
-      const AExtValue: TCryptoLibByteArray); overload;
-    procedure AddExtension(const AOid: IDerObjectIdentifier;
-      const AX509Extension: IX509Extension); overload;
-    procedure AddExtensions(const AExtensions: IX509Extensions);
-    function Generate: IX509Extensions;
-    function GetExtension(const AOid: IDerObjectIdentifier): IX509Extension;
-    function HasExtension(const AOid: IDerObjectIdentifier): Boolean;
-    function IsEmpty: Boolean;
-    procedure RemoveExtension(const AOid: IDerObjectIdentifier);
-    procedure ReplaceExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
-      const AExtValue: IAsn1Convertible); overload;
-    procedure ReplaceExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
-      const AExtValue: IAsn1Encodable); overload;
-    procedure ReplaceExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
-      const AExtValue: TCryptoLibByteArray); overload;
-    procedure ReplaceExtension(const AOid: IDerObjectIdentifier;
-      const AX509Extension: IX509Extension); overload;
-    procedure Reset;
-
-  end;
-
-implementation
-
-{ TX509ExtensionsGenerator }
-
-class constructor TX509ExtensionsGenerator.Create;
-begin
-  Boot;
-end;
-
-class destructor TX509ExtensionsGenerator.Destroy;
-begin
-  FDupsAllowed.Free;
-end;
-
-class procedure TX509ExtensionsGenerator.Boot;
-begin
-  FDupsAllowed := TDictionary<IDerObjectIdentifier, Boolean>.Create(TCryptoLibComparers.OidEqualityComparer);
-  // OIDs that allow duplicate extensions
-  FDupsAllowed.Add(TX509Extensions.SubjectAlternativeName, True);
-  FDupsAllowed.Add(TX509Extensions.IssuerAlternativeName, True);
-  FDupsAllowed.Add(TX509Extensions.SubjectDirectoryAttributes, True);
-  FDupsAllowed.Add(TX509Extensions.CertificateIssuer, True);
-end;
-
-constructor TX509ExtensionsGenerator.Create;
-begin
-  inherited Create();
-  FExtensions := TDictionary<IDerObjectIdentifier, IX509Extension>.Create(TCryptoLibComparers.OidEqualityComparer);
-  FOrdering := TList<IDerObjectIdentifier>.Create(TCryptoLibComparers.OidComparer);
-end;
-
-destructor TX509ExtensionsGenerator.Destroy;
-begin
-  FExtensions.Free;
-  FOrdering.Free;
-  inherited Destroy;
-end;
-
-procedure TX509ExtensionsGenerator.AddExtension(const AOid: IDerObjectIdentifier;
-  ACritical: Boolean; const AExtValue: IAsn1Convertible);
-begin
-  AddExtension(AOid, ACritical, AExtValue.ToAsn1Object());
-end;
-
-procedure TX509ExtensionsGenerator.AddExtension(const AOid: IDerObjectIdentifier;
-  ACritical: Boolean; const AExtValue: IAsn1Encodable);
-var
-  LExisting: IX509Extension;
-begin
-  if FExtensions.TryGetValue(AOid, LExisting) then
-  begin
-    ImplAddExtensionDup(LExisting, AOid, ACritical, AExtValue.GetEncoded(TAsn1Encodable.Der));
-  end
-  else
-  begin
-    ImplAddExtension(AOid, TX509Extension.Create(ACritical, TDerOctetString.Create(AExtValue)));
-  end;
-end;
-
-procedure TX509ExtensionsGenerator.AddExtension(const AOid: IDerObjectIdentifier;
-  ACritical: Boolean; const AExtValue: TCryptoLibByteArray);
-var
-  LExisting: IX509Extension;
-begin
-  if FExtensions.TryGetValue(AOid, LExisting) then
-  begin
-    ImplAddExtensionDup(LExisting, AOid, ACritical, AExtValue);
-  end
-  else
-  begin
-    ImplAddExtension(AOid, TX509Extension.Create(ACritical, TDerOctetString.FromContents(AExtValue)));
-  end;
-end;
-
-procedure TX509ExtensionsGenerator.AddExtension(const AOid: IDerObjectIdentifier;
-  const AX509Extension: IX509Extension);
-begin
-  if HasExtension(AOid) then
-    raise EArgumentCryptoLibException.CreateFmt('extension %s already added', [AOid.Id]);
-  ImplAddExtension(AOid, AX509Extension);
-end;
-
-procedure TX509ExtensionsGenerator.AddExtensions(const AExtensions: IX509Extensions);
-var
-  LOid: IDerObjectIdentifier;
-  LExt: IX509Extension;
-begin
-  for LOid in AExtensions.GetExtensionOids() do
-  begin
-    LExt := AExtensions.GetExtension(LOid);
-    AddExtension(LOid, LExt.IsCritical, LExt.Value.GetOctets());
-  end;
-end;
-
-function TX509ExtensionsGenerator.Generate: IX509Extensions;
-begin
-  Result := TX509Extensions.Create(FOrdering, FExtensions);
-end;
-
-function TX509ExtensionsGenerator.GetExtension(const AOid: IDerObjectIdentifier): IX509Extension;
-begin
-  if not FExtensions.TryGetValue(AOid, Result) then
-    Result := nil;
-end;
-
-function TX509ExtensionsGenerator.HasExtension(const AOid: IDerObjectIdentifier): Boolean;
-begin
-  Result := FExtensions.ContainsKey(AOid);
-end;
-
-function TX509ExtensionsGenerator.IsEmpty: Boolean;
-begin
-  Result := FOrdering.Count < 1;
-end;
-
-procedure TX509ExtensionsGenerator.RemoveExtension(const AOid: IDerObjectIdentifier);
-begin
-  if not HasExtension(AOid) then
-    raise EInvalidOperationCryptoLibException.CreateFmt('extension %s not present', [AOid.Id]);
-  FOrdering.Remove(AOid);
-  FExtensions.Remove(AOid);
-end;
-
-procedure TX509ExtensionsGenerator.ReplaceExtension(const AOid: IDerObjectIdentifier;
-  ACritical: Boolean; const AExtValue: IAsn1Convertible);
-begin
-  ReplaceExtension(AOid, ACritical, AExtValue.ToAsn1Object());
-end;
-
-procedure TX509ExtensionsGenerator.ReplaceExtension(const AOid: IDerObjectIdentifier;
-  ACritical: Boolean; const AExtValue: IAsn1Encodable);
-begin
-  ReplaceExtension(AOid, TX509Extension.Create(ACritical, TDerOctetString.Create(AExtValue)));
-end;
-
-procedure TX509ExtensionsGenerator.ReplaceExtension(const AOid: IDerObjectIdentifier;
-  ACritical: Boolean; const AExtValue: TCryptoLibByteArray);
-begin
-  ReplaceExtension(AOid, TX509Extension.Create(ACritical, TDerOctetString.FromContents(AExtValue)));
-end;
-
-procedure TX509ExtensionsGenerator.ReplaceExtension(const AOid: IDerObjectIdentifier;
-  const AX509Extension: IX509Extension);
-begin
-  if not HasExtension(AOid) then
-    raise EInvalidOperationCryptoLibException.CreateFmt('extension %s not present', [AOid.Id]);
-  FExtensions[AOid] := AX509Extension;
-end;
-
-procedure TX509ExtensionsGenerator.Reset;
-begin
-  FExtensions.Clear;
-  FOrdering.Clear;
-end;
-
-procedure TX509ExtensionsGenerator.ImplAddExtension(const AOid: IDerObjectIdentifier;
-  const AX509Extension: IX509Extension);
-begin
-  FOrdering.Add(AOid);
-  FExtensions.Add(AOid, AX509Extension);
-end;
-
-procedure TX509ExtensionsGenerator.ImplAddExtensionDup(const AExistingExtension: IX509Extension;
-  const AOid: IDerObjectIdentifier; ACritical: Boolean; const AExtValue: TCryptoLibByteArray);
-var
-  LSeq1, LSeq2, LConcat: IAsn1Sequence;
-begin
-  if not FDupsAllowed.ContainsKey(AOid) then
-    raise EArgumentCryptoLibException.CreateFmt('extension %s already added', [AOid.Id]);
-
-  LSeq1 := TAsn1Sequence.GetInstance(AExistingExtension.Value.GetOctets());
-  LSeq2 := TAsn1Sequence.GetInstance(AExtValue);
-  LConcat := TDerSequence.Concatenate([LSeq1, LSeq2]);
-
-  FExtensions[AOid] := TX509Extension.Create(AExistingExtension.IsCritical or ACritical,
-    TDerOctetString.Create(LConcat));
-end;
-
-end.

CryptoLib/src/Interfaces/Asn1/X509/ClpIX509Asn1Generators.pas

@@ -0,0 +1,123 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpIX509Asn1Generators;
+
+{$I ..\..\..\Include\CryptoLib.inc}
+
+interface
+
+uses
+  ClpIAsn1Objects,
+  ClpIAsn1Core,
+  ClpIX509Asn1Objects,
+  ClpIX509Extension,
+  ClpCryptoLibTypes;
+
+type
+  /// <summary>
+  /// Interface for V1 TbsCertificate structure generator.
+  /// </summary>
+  IV1TbsCertificateGenerator = interface
+    ['{A1B2C3D4-E5F6-7890-ABCD-EF1234567890}']
+    procedure SetSerialNumber(const ASerialNumber: IDerInteger);
+    procedure SetSignature(const ASignature: IAlgorithmIdentifier);
+    procedure SetIssuer(const AIssuer: IX509Name);
+    procedure SetValidity(const AValidity: IValidity);
+    procedure SetStartDate(const AStartDate: ITime); overload;
+    procedure SetStartDate(const AStartDate: IAsn1UtcTime); overload;
+    procedure SetEndDate(const AEndDate: ITime); overload;
+    procedure SetEndDate(const AEndDate: IAsn1UtcTime); overload;
+    procedure SetSubject(const ASubject: IX509Name);
+    procedure SetSubjectPublicKeyInfo(const APubKeyInfo: ISubjectPublicKeyInfo);
+    function GenerateTbsCertificate: ITbsCertificateStructure;
+  end;
+
+  /// <summary>
+  /// Interface for V3 TbsCertificate structure generator.
+  /// </summary>
+  IV3TbsCertificateGenerator = interface
+    ['{B2C3D4E5-F6A7-8901-BCDE-F12345678901}']
+    procedure SetSerialNumber(const ASerialNumber: IDerInteger);
+    procedure SetSignature(const ASignature: IAlgorithmIdentifier);
+    procedure SetIssuer(const AIssuer: IX509Name);
+    procedure SetValidity(const AValidity: IValidity);
+    procedure SetStartDate(const AStartDate: ITime); overload;
+    procedure SetStartDate(const AStartDate: IAsn1UtcTime); overload;
+    procedure SetEndDate(const AEndDate: ITime); overload;
+    procedure SetEndDate(const AEndDate: IAsn1UtcTime); overload;
+    procedure SetSubject(const ASubject: IX509Name);
+    procedure SetSubjectPublicKeyInfo(const APubKeyInfo: ISubjectPublicKeyInfo);
+    procedure SetIssuerUniqueID(const AUniqueID: IDerBitString);
+    procedure SetSubjectUniqueID(const AUniqueID: IDerBitString);
+    procedure SetExtensions(const AExtensions: IX509Extensions);
+    function GeneratePreTbsCertificate: IAsn1Sequence;
+    function GenerateTbsCertificate: ITbsCertificateStructure;
+  end;
+
+  /// <summary>
+  /// Interface for V2 AttributeCertificateInfo generator.
+  /// </summary>
+  IV2AttributeCertificateInfoGenerator = interface
+    ['{C3D4E5F6-A7B8-9012-CDEF-012345678901}']
+    procedure SetHolder(const AHolder: IHolder);
+    procedure AddAttribute(const AOid: String; const AValue: IAsn1Encodable); overload;
+    procedure AddAttribute(const AAttribute: IAttributeX509); overload;
+    procedure SetSerialNumber(const ASerialNumber: IDerInteger);
+    procedure SetSignature(const ASignature: IAlgorithmIdentifier);
+    procedure SetIssuer(const AIssuer: IAttCertIssuer);
+    procedure SetStartDate(const AStartDate: IAsn1GeneralizedTime);
+    procedure SetEndDate(const AEndDate: IAsn1GeneralizedTime);
+    procedure SetIssuerUniqueID(const AIssuerUniqueID: IDerBitString);
+    procedure SetExtensions(const AExtensions: IX509Extensions);
+    function GenerateAttributeCertificateInfo: IAttributeCertificateInfo;
+  end;
+
+  /// <summary>
+  /// Interface for X509ExtensionsGenerator.
+  /// </summary>
+  IX509ExtensionsGenerator = interface
+    ['{F2A3B4C5-D6E7-8901-FABC-0123456789DE}']
+
+    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
+      const AExtValue: IAsn1Convertible); overload;
+    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
+      const AExtValue: IAsn1Encodable); overload;
+    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
+      const AExtValue: TCryptoLibByteArray); overload;
+    procedure AddExtension(const AOid: IDerObjectIdentifier;
+      const AX509Extension: IX509Extension); overload;
+    procedure AddExtensions(const AExtensions: IX509Extensions);
+    function Generate: IX509Extensions;
+    function GetExtension(const AOid: IDerObjectIdentifier): IX509Extension;
+    function HasExtension(const AOid: IDerObjectIdentifier): Boolean;
+    function IsEmpty: Boolean;
+    procedure RemoveExtension(const AOid: IDerObjectIdentifier);
+    procedure ReplaceExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
+      const AExtValue: IAsn1Convertible); overload;
+    procedure ReplaceExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
+      const AExtValue: IAsn1Encodable); overload;
+    procedure ReplaceExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
+      const AExtValue: TCryptoLibByteArray); overload;
+    procedure ReplaceExtension(const AOid: IDerObjectIdentifier;
+      const AX509Extension: IX509Extension); overload;
+    procedure Reset;
+  end;
+
+implementation
+
+end.

CryptoLib/src/Interfaces/Asn1/X509/ClpIX509ExtensionsGenerator.pas

@@ -1,65 +0,0 @@
-{ *********************************************************************************** }
-{ *                              CryptoLib Library                                  * }
-{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
-{ *                 Github Repository <https://github.com/Xor-el>                   * }
-
-{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
-{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
-
-{ *                              Acknowledgements:                                  * }
-{ *                                                                                 * }
-{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
-{ *                           development of this library                           * }
-
-{ * ******************************************************************************* * }
-
-(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
-
-unit ClpIX509ExtensionsGenerator;
-
-{$I ..\..\..\Include\CryptoLib.inc}
-
-interface
-
-uses
-  ClpIAsn1Objects,
-  ClpIAsn1Core,
-  ClpIX509Asn1Objects,
-  ClpIX509Extension,
-  ClpCryptoLibTypes;
-
-type
-  /// <summary>
-  /// Interface for X509ExtensionsGenerator.
-  /// </summary>
-  IX509ExtensionsGenerator = interface
-    ['{F2A3B4C5-D6E7-8901-FABC-0123456789DE}']
-
-    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
-      const AExtValue: IAsn1Convertible); overload;
-    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
-      const AExtValue: IAsn1Encodable); overload;
-    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
-      const AExtValue: TCryptoLibByteArray); overload;
-    procedure AddExtension(const AOid: IDerObjectIdentifier;
-      const AX509Extension: IX509Extension); overload;
-    procedure AddExtensions(const AExtensions: IX509Extensions);
-    function Generate: IX509Extensions;
-    function GetExtension(const AOid: IDerObjectIdentifier): IX509Extension;
-    function HasExtension(const AOid: IDerObjectIdentifier): Boolean;
-    function IsEmpty: Boolean;
-    procedure RemoveExtension(const AOid: IDerObjectIdentifier);
-    procedure ReplaceExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
-      const AExtValue: IAsn1Convertible); overload;
-    procedure ReplaceExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
-      const AExtValue: IAsn1Encodable); overload;
-    procedure ReplaceExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
-      const AExtValue: TCryptoLibByteArray); overload;
-    procedure ReplaceExtension(const AOid: IDerObjectIdentifier;
-      const AX509Extension: IX509Extension); overload;
-    procedure Reset;
-  end;
-
-implementation
-
-end.

CryptoLib/src/Interfaces/Pkcs/ClpIPkcs10CertificationRequest.pas

@@ -0,0 +1,50 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpIPkcs10CertificationRequest;
+
+{$I ..\..\Include\CryptoLib.inc}
+
+interface
+
+uses
+  ClpIPkcsAsn1Objects,
+  ClpIX509Asn1Objects,
+  ClpIAsymmetricKeyParameter,
+  ClpIVerifierFactoryProvider,
+  ClpIVerifierFactory;
+
+type
+  /// <summary>
+  /// Interface for Pkcs10CertificationRequest (PKCS#10 CSR with verify/get public key/extensions).
+  /// </summary>
+  IPkcs10CertificationRequest = interface(ICertificationRequest)
+    ['{D4E5F6A7-B8C9-0123-DEF0-123456789ABC}']
+
+    function GetPublicKey: IAsymmetricKeyParameter;
+    function GetRequestedExtensions: IX509Extensions;
+    function Verify: Boolean; overload;
+    function Verify(const APublicKey: IAsymmetricKeyParameter): Boolean; overload;
+    function Verify(const AVerifierProvider: IVerifierFactoryProvider): Boolean; overload;
+    function Verify(const AVerifier: IVerifierFactory): Boolean; overload;
+
+    property RequestedExtensions: IX509Extensions read GetRequestedExtensions;
+  end;
+
+implementation
+
+end.

CryptoLib/src/Interfaces/X509/ClpIAttributeCertificateHolder.pas

@@ -0,0 +1,61 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpIAttributeCertificateHolder;
+
+{$I ..\..\Include\CryptoLib.inc}
+
+interface
+
+uses
+  ClpIAsn1Objects,
+  ClpIX509Asn1Objects,
+  ClpIX509Certificate,
+  ClpBigInteger,
+  ClpCryptoLibTypes;
+
+type
+  /// <summary>
+  /// The Holder object for attribute certificates.
+  /// </summary>
+  IAttributeCertificateHolder = interface
+    ['{C2D3E4F5-A6B7-8901-CDEF-234567890ABC}']
+
+    function GetDigestedObjectType: Int32;
+    function GetDigestAlgorithm: String;
+    function GetObjectDigest: TCryptoLibByteArray;
+    function GetOtherObjectTypeID: String;
+    function GetHolder: IHolder;
+    function GetSerialNumber: TBigInteger;
+
+    function GetEntityNames: TCryptoLibGenericArray<IX509Name>;
+    function GetIssuer: TCryptoLibGenericArray<IX509Name>;
+    function Clone: IAttributeCertificateHolder;
+    function Match(const AX509Cert: IX509Certificate): Boolean;
+    function Equals(const AOther: IAttributeCertificateHolder): Boolean;
+
+    property DigestedObjectType: Int32 read GetDigestedObjectType;
+    property DigestAlgorithm: String read GetDigestAlgorithm;
+    property OtherObjectTypeID: String read GetOtherObjectTypeID;
+    property SerialNumber: TBigInteger read GetSerialNumber;
+    property Holder: IHolder read GetHolder;
+  end;
+
+implementation
+
+end.
+

CryptoLib/src/Interfaces/X509/ClpIAttributeCertificateIssuer.pas

@@ -0,0 +1,51 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpIAttributeCertificateIssuer;
+
+{$I ..\..\Include\CryptoLib.inc}
+
+interface
+
+uses
+  ClpIAsn1Core,
+  ClpIAsn1Objects,
+  ClpIX509Asn1Objects,
+  ClpIX509Certificate,
+  ClpCryptoLibTypes;
+
+type
+  /// <summary>
+  /// Carrying class for an attribute certificate issuer.
+  /// </summary>
+  IAttributeCertificateIssuer = interface
+    ['{D3E4F5A6-B7C8-9012-DEF0-3456789ABCDE}']
+
+    function GetForm: IAsn1Encodable;
+    function GetAttCertIssuer: IAttCertIssuer;
+    function GetPrincipals: TCryptoLibGenericArray<IX509Name>;
+    function Clone: IAttributeCertificateIssuer;
+    function Match(const AX509Cert: IX509Certificate): Boolean;
+    function Equals(const AOther: IAttributeCertificateIssuer): Boolean;
+
+    property Form: IAsn1Encodable read GetForm;
+  end;
+
+implementation
+
+end.
+

CryptoLib/src/Interfaces/X509/ClpIX509Attribute.pas

@@ -0,0 +1,46 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpIX509Attribute;
+
+{$I ..\..\Include\CryptoLib.inc}
+
+interface
+
+uses
+  ClpIAsn1Core,
+  ClpIAsn1Objects,
+  ClpCryptoLibTypes;
+
+type
+  /// <summary>
+  /// Class for carrying the values in an X.509 Attribute.
+  /// </summary>
+  IX509Attribute = interface
+    ['{B1C2D3E4-F5A6-7890-BCDE-F12345678901}']
+
+    function GetOid: String;
+    function GetValues: TCryptoLibGenericArray<IAsn1Encodable>;
+    function ToAsn1Object: IAsn1Object;
+
+    property Oid: String read GetOid;
+  end;
+
+implementation
+
+end.
+

CryptoLib/src/Interfaces/X509/ClpIX509Generators.pas

@@ -0,0 +1,113 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpIX509Generators;
+
+{$I ..\..\Include\CryptoLib.inc}
+
+interface
+
+uses
+  SysUtils,
+  ClpCryptoLibTypes,
+  ClpBigInteger,
+  ClpIAsn1Core,
+  ClpIAsn1Objects,
+  ClpIX509Asn1Objects,
+  ClpIX509Extension,
+  ClpIX509Attribute,
+  ClpIX509V2AttributeCertificate,
+  ClpIAttributeCertificateHolder,
+  ClpIAttributeCertificateIssuer,
+  ClpIAsymmetricKeyParameter,
+  ClpISignatureFactory,
+  ClpIX509Certificate;
+
+type
+  IX509V1CertificateGenerator = interface
+    ['{C2D3E4F5-A6B7-8901-CDEF-234567890123}']
+    procedure Reset;
+    procedure SetSerialNumber(const ASerialNumber: TBigInteger);
+    procedure SetIssuerDN(const AIssuer: IX509Name);
+    procedure SetValidity(const AValidity: IValidity);
+    procedure SetNotBefore(const ADate: TDateTime);
+    procedure SetNotAfter(const ADate: TDateTime);
+    procedure SetSubjectDN(const ASubject: IX509Name);
+    procedure SetPublicKey(const APublicKey: IAsymmetricKeyParameter);
+    function Generate(const ASignatureFactory: ISignatureFactory): IX509Certificate;
+    function GetSignatureAlgNames: TCryptoLibStringArray;
+  end;
+
+  IX509V3CertificateGenerator = interface
+    ['{D3E4F5A6-B7C8-9012-DEF0-345678901234}']
+    procedure Reset;
+    procedure SetSerialNumber(const ASerialNumber: TBigInteger);
+    procedure SetIssuerDN(const AIssuer: IX509Name);
+    procedure SetValidity(const AValidity: IValidity);
+    procedure SetNotBefore(const ADate: TDateTime);
+    procedure SetNotAfter(const ADate: TDateTime);
+    procedure SetSubjectDN(const ASubject: IX509Name);
+    procedure SetPublicKey(const APublicKey: IAsymmetricKeyParameter);
+    procedure SetSubjectPublicKeyInfo(const APubKeyInfo: ISubjectPublicKeyInfo);
+    procedure SetSubjectUniqueID(const AUniqueID: TCryptoLibBooleanArray);
+    procedure SetIssuerUniqueID(const AUniqueID: TCryptoLibBooleanArray);
+    procedure AddExtension(const AOid: String; ACritical: Boolean;
+      const AExtValue: IAsn1Encodable); overload;
+    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
+      const AExtValue: IAsn1Encodable); overload;
+    procedure AddExtension(const AOid: String; ACritical: Boolean;
+      const AExtValue: IAsn1Convertible); overload;
+    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
+      const AExtValue: IAsn1Convertible); overload;
+    procedure AddExtension(const AOid: String; ACritical: Boolean;
+      const AExtValue: TCryptoLibByteArray); overload;
+    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
+      const AExtValue: TCryptoLibByteArray); overload;
+    procedure AddExtension(const AOid: IDerObjectIdentifier;
+      const AX509Extension: IX509Extension); overload;
+    procedure AddExtensions(const AExtensions: IX509Extensions);
+    procedure CopyAndAddExtension(const AOid: IDerObjectIdentifier;
+      ACritical: Boolean; const ACert: IX509Certificate);
+    function Generate(const ASignatureFactory: ISignatureFactory): IX509Certificate;
+    function GetSignatureAlgNames: TCryptoLibStringArray;
+  end;
+
+  /// <summary>
+  /// Interface for X.509 V2 Attribute Certificate generator.
+  /// </summary>
+  IX509V2AttributeCertificateGenerator = interface
+    ['{A5B6C7D8-E9F0-1234-5678-9ABCDEF01234}']
+    procedure Reset;
+    procedure SetHolder(const AHolder: IAttributeCertificateHolder);
+    procedure SetIssuer(const AIssuer: IAttributeCertificateIssuer);
+    procedure SetSerialNumber(const ASerialNumber: TBigInteger);
+    procedure SetNotBefore(const ADate: TDateTime);
+    procedure SetNotAfter(const ADate: TDateTime);
+    procedure AddAttribute(const AAttribute: IX509Attribute);
+    procedure SetIssuerUniqueID(const AIui: TCryptoLibBooleanArray);
+    procedure AddExtension(const AOid: String; ACritical: Boolean;
+      const AExtensionValue: IAsn1Encodable); overload;
+    procedure AddExtension(const AOid: String; ACritical: Boolean;
+      const AExtensionValue: TCryptoLibByteArray); overload;
+    function Generate(const ASignatureFactory: ISignatureFactory): IX509V2AttributeCertificate;
+    function GetSignatureAlgNames: TCryptoLibStringArray;
+  end;
+
+implementation
+
+end.
+

CryptoLib/src/Interfaces/X509/ClpIX509V2AttributeCertificate.pas

@@ -0,0 +1,84 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpIX509V2AttributeCertificate;
+
+{$I ..\..\Include\CryptoLib.inc}
+
+interface
+
+uses
+  SysUtils,
+  ClpIAsn1Core,
+  ClpIX509Asn1Objects,
+  ClpIX509Extension,
+  ClpIAsymmetricKeyParameter,
+  ClpIVerifierFactoryProvider,
+  ClpBigInteger,
+  ClpCryptoLibTypes,
+  ClpIX509Attribute,
+  ClpIAttributeCertificateHolder,
+  ClpIAttributeCertificateIssuer;
+
+type
+  /// <summary>
+  /// An implementation of a version 2 X.509 Attribute Certificate.
+  /// </summary>
+  IX509V2AttributeCertificate = interface(IX509Extension)
+    ['{E4F5A6B7-C8D9-0123-EF01-456789ABCDEF}']
+
+    function GetAttributeCertificate: IAttributeCertificate;
+    function GetVersion: Int32;
+    function GetSerialNumber: TBigInteger;
+    function GetHolder: IAttributeCertificateHolder;
+    function GetIssuer: IAttributeCertificateIssuer;
+    function GetNotBefore: TDateTime;
+    function GetNotAfter: TDateTime;
+
+    function GetIssuerUniqueID: TCryptoLibBooleanArray;
+    function IsValidNow: Boolean;
+    function IsValid(const ADate: TDateTime): Boolean;
+    procedure CheckValidity; overload;
+    procedure CheckValidity(const ADate: TDateTime); overload;
+
+    function GetSignatureAlgorithm: IAlgorithmIdentifier;
+    function GetSignature: TCryptoLibByteArray;
+
+    function IsSignatureValid(const AKey: IAsymmetricKeyParameter): Boolean; overload;
+    function IsSignatureValid(const AVerifierProvider: IVerifierFactoryProvider): Boolean; overload;
+    procedure Verify(const AKey: IAsymmetricKeyParameter); overload;
+    procedure Verify(const AVerifierProvider: IVerifierFactoryProvider); overload;
+
+    function GetEncoded: TCryptoLibByteArray;
+    function GetAttributes: TCryptoLibGenericArray<IX509Attribute>; overload;
+    function GetAttributes(const AOid: String): TCryptoLibGenericArray<IX509Attribute>; overload;
+    function Equals(const AOther: IX509V2AttributeCertificate): Boolean;
+
+    property AttributeCertificate: IAttributeCertificate read GetAttributeCertificate;
+    property Version: Int32 read GetVersion;
+    property SerialNumber: TBigInteger read GetSerialNumber;
+    property Holder: IAttributeCertificateHolder read GetHolder;
+    property Issuer: IAttributeCertificateIssuer read GetIssuer;
+    property NotBefore: TDateTime read GetNotBefore;
+    property NotAfter: TDateTime read GetNotAfter;
+    property SignatureAlgorithm: IAlgorithmIdentifier read GetSignatureAlgorithm;
+  end;
+
+implementation
+
+end.
+

CryptoLib/src/Pkcs/ClpPkcs10CertificationRequest.pas

@@ -29,14 +29,15 @@ uses
   ClpAsn1Objects,
   ClpIAsn1Objects,
   ClpIPkcsAsn1Objects,
+  ClpIPkcs10CertificationRequest,
   ClpPkcsAsn1Objects,
   ClpPkcsObjectIdentifiers,
   ClpX509Asn1Objects,
   ClpIX509Asn1Objects,
   ClpX509Utilities,
-  ClpX509ExtensionsGenerator,
-  ClpIX509ExtensionsGenerator,
   ClpAsn1SignatureFactory,
+  ClpIX509Asn1Generators,
+  ClpX509Asn1Generators,
   ClpAsn1VerifierFactoryProvider,
   ClpSubjectPublicKeyInfoFactory,
   ClpPublicKeyFactory,
@@ -56,22 +57,6 @@ uses
   ClpCryptoLibTypes;
 
 type
-  /// <summary>
-  /// Interface for Pkcs10CertificationRequest (PKCS#10 CSR with verify/get public key/extensions).
-  /// </summary>
-  IPkcs10CertificationRequest = interface(ICertificationRequest)
-    ['{D4E5F6A7-B8C9-0123-DEF0-123456789ABC}']
-
-    function GetPublicKey: IAsymmetricKeyParameter;
-    function GetRequestedExtensions: IX509Extensions;
-    function Verify: Boolean; overload;
-    function Verify(const APublicKey: IAsymmetricKeyParameter): Boolean; overload;
-    function Verify(const AVerifierProvider: IVerifierFactoryProvider): Boolean; overload;
-    function Verify(const AVerifier: IVerifierFactory): Boolean; overload;
-
-    property RequestedExtensions: IX509Extensions read GetRequestedExtensions;
-  end;
-
   /// <summary>
   /// A class for verifying and creating PKCS#10 Certification requests.
   /// </summary>

CryptoLib/src/X509/ClpAttributeCertificateHolder.pas

@@ -24,6 +24,7 @@ interface
 uses
   Generics.Collections,
   ClpIAsn1Objects,
+  ClpIAttributeCertificateHolder,
   ClpIX509Asn1Objects,
   ClpIX509Certificate,
   ClpIDigest,
@@ -36,32 +37,6 @@ uses
   ClpCryptoLibTypes;
 
 type
-  /// <summary>
-  /// The Holder object for attribute certificates.
-  /// </summary>
-  IAttributeCertificateHolder = interface
-    ['{C2D3E4F5-A6B7-8901-CDEF-234567890ABC}']
-
-    function GetDigestedObjectType: Int32;
-    function GetDigestAlgorithm: String;
-    function GetObjectDigest: TCryptoLibByteArray;
-    function GetOtherObjectTypeID: String;
-    function GetHolder: IHolder;
-    function GetSerialNumber: TBigInteger;
-
-    function GetEntityNames: TCryptoLibGenericArray<IX509Name>;
-    function GetIssuer: TCryptoLibGenericArray<IX509Name>;
-    function Clone: IAttributeCertificateHolder;
-    function Match(const AX509Cert: IX509Certificate): Boolean;
-    function Equals(const AOther: IAttributeCertificateHolder): Boolean;
-
-    property DigestedObjectType: Int32 read GetDigestedObjectType;
-    property DigestAlgorithm: String read GetDigestAlgorithm;
-    property OtherObjectTypeID: String read GetOtherObjectTypeID;
-    property SerialNumber: TBigInteger read GetSerialNumber;
-    property Holder: IHolder read GetHolder;
-  end;
-
   /// <summary>
   /// Implementation of AttributeCertificateHolder.
   /// </summary>
@@ -133,14 +108,14 @@ end;
 constructor TAttributeCertificateHolder.Create(const AIssuerName: IX509Name;
   const ASerialNumber: TBigInteger);
 begin
-  Create(AIssuerName, TDerInteger.Create(ASerialNumber));
+  Create(AIssuerName, TDerInteger.Create(ASerialNumber) as IDerInteger);
 end;
 
 constructor TAttributeCertificateHolder.Create(const AIssuerName: IX509Name;
   const ASerialNumber: IDerInteger);
 begin
   inherited Create();
-  FHolder := THolder.Create(TIssuerSerial.Create(AIssuerName, ASerialNumber));
+  FHolder := THolder.Create(TIssuerSerial.Create(AIssuerName, ASerialNumber) as IIssuerSerial);
 end;
 
 constructor TAttributeCertificateHolder.Create(const ACert: IX509Certificate);
@@ -152,7 +127,7 @@ end;
 constructor TAttributeCertificateHolder.Create(const APrincipal: IX509Name);
 begin
   inherited Create();
-  FHolder := THolder.Create(TGeneralNames.Create(TGeneralName.Create(APrincipal)));
+  FHolder := THolder.Create(TGeneralNames.Create(TGeneralName.Create(APrincipal) as IGeneralName) as IGeneralNames);
 end;
 
 constructor TAttributeCertificateHolder.Create(ADigestedObjectType: Int32;

CryptoLib/src/X509/ClpAttributeCertificateIssuer.pas

@@ -23,29 +23,16 @@ interface
 
 uses
   SysUtils,
+  Generics.Collections,
   ClpIAsn1Core,
   ClpIAsn1Objects,
+  ClpIAttributeCertificateIssuer,
   ClpIX509Asn1Objects,
+  ClpX509Asn1Objects,
   ClpIX509Certificate,
   ClpCryptoLibTypes;
 
 type
-  /// <summary>
-  /// Carrying class for an attribute certificate issuer.
-  /// </summary>
-  IAttributeCertificateIssuer = interface
-    ['{D3E4F5A6-B7C8-9012-DEF0-3456789ABCDE}']
-
-    function GetForm: IAsn1Encodable;
-    function GetAttCertIssuer: IAttCertIssuer;
-    function GetPrincipals: TCryptoLibGenericArray<IX509Name>;
-    function Clone: IAttributeCertificateIssuer;
-    function Match(const AX509Cert: IX509Certificate): Boolean;
-    function Equals(const AOther: IAttributeCertificateIssuer): Boolean;
-
-    property Form: IAsn1Encodable read GetForm;
-  end;
-
   /// <summary>
   /// Implementation of AttributeCertificateIssuer.
   /// </summary>
@@ -79,10 +66,6 @@ type
 
 implementation
 
-uses
-  Generics.Collections,
-  ClpX509Asn1Objects;
-
 { TAttributeCertificateIssuer }
 
 constructor TAttributeCertificateIssuer.Create(const AIssuer: IAttCertIssuer);
@@ -94,7 +77,7 @@ end;
 constructor TAttributeCertificateIssuer.Create(const APrincipal: IX509Name);
 begin
   inherited Create();
-  FForm := TV2Form.Create(TGeneralNames.Create(TGeneralName.Create(APrincipal)));
+  FForm := TV2Form.Create(TGeneralNames.Create(TGeneralName.Create(APrincipal) as IGeneralName) as IGeneralNames);
 end;
 
 function TAttributeCertificateIssuer.GetNames

CryptoLib/src/X509/ClpDeltaCertificateTool.pas

@@ -30,7 +30,7 @@ uses
   ClpIX509Certificate,
   ClpIX509Extension,
   ClpX509Asn1Objects,
-  ClpX509ExtensionsGenerator,
+  ClpX509Asn1Generators,
   ClpCryptoLibTypes;
 
 type

CryptoLib/src/X509/ClpX509Attribute.pas

@@ -24,24 +24,12 @@ interface
 uses
   ClpIAsn1Core,
   ClpIAsn1Objects,
+  ClpIX509Attribute,
   ClpIX509Asn1Objects,
   ClpX509Asn1Objects,
   ClpCryptoLibTypes;
 
 type
-  /// <summary>
-  /// Class for carrying the values in an X.509 Attribute.
-  /// </summary>
-  IX509Attribute = interface
-    ['{B1C2D3E4-F5A6-7890-BCDE-F12345678901}']
-
-    function GetOid: String;
-    function GetValues: TCryptoLibGenericArray<IAsn1Encodable>;
-    function ToAsn1Object: IAsn1Object;
-
-    property Oid: String read GetOid;
-  end;
-
   /// <summary>
   /// Implementation of X.509 Attribute.
   /// </summary>

CryptoLib/src/X509/ClpX509V3CertificateGenerator.pas → CryptoLib/src/X509/ClpX509Generators.pas

@@ -15,7 +15,7 @@
 
 (* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
 
-unit ClpX509V3CertificateGenerator;
+unit ClpX509Generators;
 
 {$I ..\Include\CryptoLib.inc}
 
@@ -31,20 +31,29 @@ uses
   ClpIX509Certificate,
   ClpX509Certificate,
   ClpIX509Extension,
-  ClpIX509ExtensionsGenerator,
-  ClpX509ExtensionsGenerator,
   ClpIAsymmetricKeyParameter,
   ClpISignatureFactory,
-  ClpV3TbsCertificateGenerator,
   ClpSubjectPublicKeyInfoFactory,
   ClpX509Utilities,
   ClpBigInteger,
   ClpCryptoLibTypes,
-  ClpDeltaCertificateTool;
+  ClpDeltaCertificateTool,
+  ClpIX509Attribute,
+  ClpIX509V2AttributeCertificate,
+  ClpIAttributeCertificateHolder,
+  ClpIAttributeCertificateIssuer,
+  ClpX509V2AttributeCertificate,
+  ClpRfc5280Asn1Utilities,
+  ClpIX509Generators,
+  ClpIX509Asn1Generators,
+  ClpX509Asn1Generators;
 
 type
-  IX509V3CertificateGenerator = interface
-    ['{D3E4F5A6-B7C8-9012-DEF0-345678901234}']
+  TX509V1CertificateGenerator = class(TInterfacedObject, IX509V1CertificateGenerator)
+  strict private
+    FTbsGen: IV1TbsCertificateGenerator;
+  public
+    constructor Create;
     procedure Reset;
     procedure SetSerialNumber(const ASerialNumber: TBigInteger);
     procedure SetIssuerDN(const AIssuer: IX509Name);
@@ -53,26 +62,6 @@ type
     procedure SetNotAfter(const ADate: TDateTime);
     procedure SetSubjectDN(const ASubject: IX509Name);
     procedure SetPublicKey(const APublicKey: IAsymmetricKeyParameter);
-    procedure SetSubjectPublicKeyInfo(const APubKeyInfo: ISubjectPublicKeyInfo);
-    procedure SetSubjectUniqueID(const AUniqueID: TCryptoLibBooleanArray);
-    procedure SetIssuerUniqueID(const AUniqueID: TCryptoLibBooleanArray);
-    procedure AddExtension(const AOid: String; ACritical: Boolean;
-      const AExtValue: IAsn1Encodable); overload;
-    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
-      const AExtValue: IAsn1Encodable); overload;
-    procedure AddExtension(const AOid: String; ACritical: Boolean;
-      const AExtValue: IAsn1Convertible); overload;
-    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
-      const AExtValue: IAsn1Convertible); overload;
-    procedure AddExtension(const AOid: String; ACritical: Boolean;
-      const AExtValue: TCryptoLibByteArray); overload;
-    procedure AddExtension(const AOid: IDerObjectIdentifier; ACritical: Boolean;
-      const AExtValue: TCryptoLibByteArray); overload;
-    procedure AddExtension(const AOid: IDerObjectIdentifier;
-      const AX509Extension: IX509Extension); overload;
-    procedure AddExtensions(const AExtensions: IX509Extensions);
-    procedure CopyAndAddExtension(const AOid: IDerObjectIdentifier;
-      ACritical: Boolean; const ACert: IX509Certificate);
     function Generate(const ASignatureFactory: ISignatureFactory): IX509Certificate;
     function GetSignatureAlgNames: TCryptoLibStringArray;
   end;
@@ -120,8 +109,110 @@ type
     function GetSignatureAlgNames: TCryptoLibStringArray;
   end;
 
+  /// <summary>
+  /// Class to produce an X.509 Version 2 AttributeCertificate.
+  /// </summary>
+  TX509V2AttributeCertificateGenerator = class(TInterfacedObject,
+    IX509V2AttributeCertificateGenerator)
+  strict private
+    FExtGenerator: IX509ExtensionsGenerator;
+    FACInfoGen: IV2AttributeCertificateInfoGenerator;
+  public
+    constructor Create;
+    procedure Reset;
+    procedure SetHolder(const AHolder: IAttributeCertificateHolder);
+    procedure SetIssuer(const AIssuer: IAttributeCertificateIssuer);
+    procedure SetSerialNumber(const ASerialNumber: TBigInteger);
+    procedure SetNotBefore(const ADate: TDateTime);
+    procedure SetNotAfter(const ADate: TDateTime);
+    procedure AddAttribute(const AAttribute: IX509Attribute);
+    procedure SetIssuerUniqueID(const AIui: TCryptoLibBooleanArray);
+    procedure AddExtension(const AOid: String; ACritical: Boolean;
+      const AExtensionValue: IAsn1Encodable); overload;
+    procedure AddExtension(const AOid: String; ACritical: Boolean;
+      const AExtensionValue: TCryptoLibByteArray); overload;
+    function Generate(const ASignatureFactory: ISignatureFactory): IX509V2AttributeCertificate;
+    function GetSignatureAlgNames: TCryptoLibStringArray;
+  end;
+
 implementation
 
+{ TX509V1CertificateGenerator }
+
+constructor TX509V1CertificateGenerator.Create;
+begin
+  inherited Create;
+  FTbsGen := TV1TbsCertificateGenerator.Create;
+end;
+
+procedure TX509V1CertificateGenerator.Reset;
+begin
+  FTbsGen := TV1TbsCertificateGenerator.Create;
+end;
+
+procedure TX509V1CertificateGenerator.SetSerialNumber(const ASerialNumber: TBigInteger);
+begin
+  if ASerialNumber.SignValue <= 0 then
+    raise EArgumentCryptoLibException.Create('serial number must be a positive integer');
+  FTbsGen.SetSerialNumber(TDerInteger.Create(ASerialNumber));
+end;
+
+procedure TX509V1CertificateGenerator.SetIssuerDN(const AIssuer: IX509Name);
+begin
+  FTbsGen.SetIssuer(AIssuer);
+end;
+
+procedure TX509V1CertificateGenerator.SetValidity(const AValidity: IValidity);
+begin
+  FTbsGen.SetValidity(AValidity);
+end;
+
+procedure TX509V1CertificateGenerator.SetNotBefore(const ADate: TDateTime);
+begin
+  FTbsGen.SetStartDate(TTime.Create(ADate) as ITime);
+end;
+
+procedure TX509V1CertificateGenerator.SetNotAfter(const ADate: TDateTime);
+begin
+  FTbsGen.SetEndDate(TTime.Create(ADate) as ITime);
+end;
+
+procedure TX509V1CertificateGenerator.SetSubjectDN(const ASubject: IX509Name);
+begin
+  FTbsGen.SetSubject(ASubject);
+end;
+
+procedure TX509V1CertificateGenerator.SetPublicKey(const APublicKey: IAsymmetricKeyParameter);
+begin
+  try
+    FTbsGen.SetSubjectPublicKeyInfo(
+      TSubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(APublicKey));
+  except
+    on E: Exception do
+      raise EArgumentCryptoLibException.Create('unable to process key - ' + E.ToString);
+  end;
+end;
+
+function TX509V1CertificateGenerator.Generate(const ASignatureFactory: ISignatureFactory): IX509Certificate;
+var
+  LSigAlgID: IAlgorithmIdentifier;
+  LTbs: ITbsCertificateStructure;
+  LSignature: IDerBitString;
+  LStruct: IX509CertificateStructure;
+begin
+  LSigAlgID := ASignatureFactory.AlgorithmDetails;
+  FTbsGen.SetSignature(LSigAlgID);
+  LTbs := FTbsGen.GenerateTbsCertificate;
+  LSignature := TX509Utilities.GenerateSignature(ASignatureFactory, LTbs);
+  LStruct := TX509CertificateStructure.Create(LTbs, LSigAlgID, LSignature);
+  Result := TX509Certificate.Create(LStruct);
+end;
+
+function TX509V1CertificateGenerator.GetSignatureAlgNames: TCryptoLibStringArray;
+begin
+  Result := TX509Utilities.GetAlgNames;
+end;
+
 { TX509V3CertificateGenerator }
 
 procedure TX509V3CertificateGenerator.ImplInitFromTemplate(const ATemplate: IX509CertificateStructure);
@@ -329,4 +420,92 @@ begin
   Result := TX509Utilities.GetAlgNames;
 end;
 
+{ TX509V2AttributeCertificateGenerator }
+
+constructor TX509V2AttributeCertificateGenerator.Create;
+begin
+  inherited Create;
+  FExtGenerator := TX509ExtensionsGenerator.Create;
+  FACInfoGen := TV2AttributeCertificateInfoGenerator.Create;
+end;
+
+procedure TX509V2AttributeCertificateGenerator.Reset;
+begin
+  FExtGenerator.Reset;
+  FACInfoGen := TV2AttributeCertificateInfoGenerator.Create;
+end;
+
+procedure TX509V2AttributeCertificateGenerator.SetHolder(const AHolder: IAttributeCertificateHolder);
+begin
+  FACInfoGen.SetHolder(AHolder.GetHolder);
+end;
+
+procedure TX509V2AttributeCertificateGenerator.SetIssuer(const AIssuer: IAttributeCertificateIssuer);
+begin
+  FACInfoGen.SetIssuer(AIssuer.GetAttCertIssuer);
+end;
+
+procedure TX509V2AttributeCertificateGenerator.SetSerialNumber(const ASerialNumber: TBigInteger);
+begin
+  FACInfoGen.SetSerialNumber(TDerInteger.Create(ASerialNumber));
+end;
+
+procedure TX509V2AttributeCertificateGenerator.SetNotBefore(const ADate: TDateTime);
+begin
+  FACInfoGen.SetStartDate(TRfc5280Asn1Utilities.CreateGeneralizedTime(ADate));
+end;
+
+procedure TX509V2AttributeCertificateGenerator.SetNotAfter(const ADate: TDateTime);
+begin
+  FACInfoGen.SetEndDate(TRfc5280Asn1Utilities.CreateGeneralizedTime(ADate));
+end;
+
+procedure TX509V2AttributeCertificateGenerator.AddAttribute(const AAttribute: IX509Attribute);
+begin
+  FACInfoGen.AddAttribute(TAttributeX509.GetInstance(AAttribute.ToAsn1Object));
+end;
+
+procedure TX509V2AttributeCertificateGenerator.SetIssuerUniqueID(const AIui: TCryptoLibBooleanArray);
+begin
+  FACInfoGen.SetIssuerUniqueID(TX509Utilities.BooleanToBitString(AIui));
+end;
+
+procedure TX509V2AttributeCertificateGenerator.AddExtension(const AOid: String;
+  ACritical: Boolean; const AExtensionValue: IAsn1Encodable);
+begin
+  FExtGenerator.AddExtension(TDerObjectIdentifier.Create(AOid), ACritical, AExtensionValue);
+end;
+
+procedure TX509V2AttributeCertificateGenerator.AddExtension(const AOid: String;
+  ACritical: Boolean; const AExtensionValue: TCryptoLibByteArray);
+begin
+  FExtGenerator.AddExtension(TDerObjectIdentifier.Create(AOid), ACritical, AExtensionValue);
+end;
+
+function TX509V2AttributeCertificateGenerator.Generate(
+  const ASignatureFactory: ISignatureFactory): IX509V2AttributeCertificate;
+var
+  LSigAlgID: IAlgorithmIdentifier;
+  LAcInfo: IAttributeCertificateInfo;
+  LSignature: IDerBitString;
+  LAc: IAttributeCertificate;
+begin
+  LSigAlgID := ASignatureFactory.AlgorithmDetails;
+  FACInfoGen.SetSignature(LSigAlgID);
+
+  if not FExtGenerator.IsEmpty then
+    FACInfoGen.SetExtensions(FExtGenerator.Generate);
+
+  LAcInfo := FACInfoGen.GenerateAttributeCertificateInfo;
+  LSignature := TX509Utilities.GenerateSignature(ASignatureFactory, LAcInfo);
+  LAc := TAttributeCertificate.Create(LAcInfo, LSigAlgID, LSignature);
+  Result := TX509V2AttributeCertificate.Create(LAc);
+end;
+
+function TX509V2AttributeCertificateGenerator.GetSignatureAlgNames: TCryptoLibStringArray;
+begin
+  Result := TX509Utilities.GetAlgNames;
+end;
+
 end.
+

CryptoLib/src/X509/ClpX509V1CertificateGenerator.pas

@@ -1,150 +0,0 @@
-{ *********************************************************************************** }
-{ *                              CryptoLib Library                                  * }
-{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
-{ *                 Github Repository <https://github.com/Xor-el>                   * }
-
-{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
-{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
-
-{ *                              Acknowledgements:                                  * }
-{ *                                                                                 * }
-{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
-{ *                           development of this library                           * }
-
-{ * ******************************************************************************* * }
-
-(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
-
-unit ClpX509V1CertificateGenerator;
-
-{$I ..\Include\CryptoLib.inc}
-
-interface
-
-uses
-  SysUtils,
-  ClpAsn1Objects,
-  ClpIAsn1Objects,
-  ClpIX509Asn1Objects,
-  ClpX509Asn1Objects,
-  ClpIX509Certificate,
-  ClpX509Certificate,
-  ClpIAsymmetricKeyParameter,
-  ClpISignatureFactory,
-  ClpV1TbsCertificateGenerator,
-  ClpSubjectPublicKeyInfoFactory,
-  ClpX509Utilities,
-  ClpBigInteger,
-  ClpCryptoLibTypes;
-
-type
-  IX509V1CertificateGenerator = interface
-    ['{C2D3E4F5-A6B7-8901-CDEF-234567890123}']
-    procedure Reset;
-    procedure SetSerialNumber(const ASerialNumber: TBigInteger);
-    procedure SetIssuerDN(const AIssuer: IX509Name);
-    procedure SetValidity(const AValidity: IValidity);
-    procedure SetNotBefore(const ADate: TDateTime);
-    procedure SetNotAfter(const ADate: TDateTime);
-    procedure SetSubjectDN(const ASubject: IX509Name);
-    procedure SetPublicKey(const APublicKey: IAsymmetricKeyParameter);
-    function Generate(const ASignatureFactory: ISignatureFactory): IX509Certificate;
-    function GetSignatureAlgNames: TCryptoLibStringArray;
-  end;
-
-  TX509V1CertificateGenerator = class(TInterfacedObject, IX509V1CertificateGenerator)
-  strict private
-    FTbsGen: IV1TbsCertificateGenerator;
-  public
-    constructor Create;
-    procedure Reset;
-    procedure SetSerialNumber(const ASerialNumber: TBigInteger);
-    procedure SetIssuerDN(const AIssuer: IX509Name);
-    procedure SetValidity(const AValidity: IValidity);
-    procedure SetNotBefore(const ADate: TDateTime);
-    procedure SetNotAfter(const ADate: TDateTime);
-    procedure SetSubjectDN(const ASubject: IX509Name);
-    procedure SetPublicKey(const APublicKey: IAsymmetricKeyParameter);
-    function Generate(const ASignatureFactory: ISignatureFactory): IX509Certificate;
-    function GetSignatureAlgNames: TCryptoLibStringArray;
-  end;
-
-implementation
-
-{ TX509V1CertificateGenerator }
-
-constructor TX509V1CertificateGenerator.Create;
-begin
-  inherited Create;
-  FTbsGen := TV1TbsCertificateGenerator.Create;
-end;
-
-procedure TX509V1CertificateGenerator.Reset;
-begin
-  FTbsGen := TV1TbsCertificateGenerator.Create;
-end;
-
-procedure TX509V1CertificateGenerator.SetSerialNumber(const ASerialNumber: TBigInteger);
-begin
-  if ASerialNumber.SignValue <= 0 then
-    raise EArgumentCryptoLibException.Create('serial number must be a positive integer');
-  FTbsGen.SetSerialNumber(TDerInteger.Create(ASerialNumber));
-end;
-
-procedure TX509V1CertificateGenerator.SetIssuerDN(const AIssuer: IX509Name);
-begin
-  FTbsGen.SetIssuer(AIssuer);
-end;
-
-procedure TX509V1CertificateGenerator.SetValidity(const AValidity: IValidity);
-begin
-  FTbsGen.SetValidity(AValidity);
-end;
-
-procedure TX509V1CertificateGenerator.SetNotBefore(const ADate: TDateTime);
-begin
-  FTbsGen.SetStartDate(TTime.Create(ADate));
-end;
-
-procedure TX509V1CertificateGenerator.SetNotAfter(const ADate: TDateTime);
-begin
-  FTbsGen.SetEndDate(TTime.Create(ADate));
-end;
-
-procedure TX509V1CertificateGenerator.SetSubjectDN(const ASubject: IX509Name);
-begin
-  FTbsGen.SetSubject(ASubject);
-end;
-
-procedure TX509V1CertificateGenerator.SetPublicKey(const APublicKey: IAsymmetricKeyParameter);
-begin
-  try
-    FTbsGen.SetSubjectPublicKeyInfo(
-      TSubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(APublicKey));
-  except
-    on E: Exception do
-      raise EArgumentCryptoLibException.Create('unable to process key - ' + E.ToString);
-  end;
-end;
-
-function TX509V1CertificateGenerator.Generate(const ASignatureFactory: ISignatureFactory): IX509Certificate;
-var
-  LSigAlgID: IAlgorithmIdentifier;
-  LTbs: ITbsCertificateStructure;
-  LSignature: IDerBitString;
-  LStruct: IX509CertificateStructure;
-begin
-  LSigAlgID := ASignatureFactory.AlgorithmDetails;
-  FTbsGen.SetSignature(LSigAlgID);
-  LTbs := FTbsGen.GenerateTbsCertificate;
-  LSignature := TX509Utilities.GenerateSignature(ASignatureFactory, LTbs);
-  LStruct := TX509CertificateStructure.Create(LTbs, LSigAlgID, LSignature);
-  Result := TX509Certificate.Create(LStruct);
-end;
-
-function TX509V1CertificateGenerator.GetSignatureAlgNames: TCryptoLibStringArray;
-begin
-  Result := TX509Utilities.GetAlgNames;
-end;
-
-end.

CryptoLib/src/X509/ClpX509V2AttributeCertificate.pas

@@ -29,12 +29,16 @@ uses
   ClpIAsn1Objects,
   ClpIX509Asn1Objects,
   ClpIX509Extension,
+  ClpIX509Attribute,
+  ClpIX509V2AttributeCertificate,
   ClpIAsymmetricKeyParameter,
   ClpIVerifierFactory,
   ClpIVerifierFactoryProvider,
   ClpX509ExtensionBase,
   ClpX509Attribute,
+  ClpIAttributeCertificateHolder,
   ClpAttributeCertificateHolder,
+  ClpIAttributeCertificateIssuer,
   ClpAttributeCertificateIssuer,
   ClpBigInteger,
   ClpAsn1Objects,
@@ -44,49 +48,6 @@ uses
   ClpCryptoLibTypes;
 
 type
-  /// <summary>
-  /// An implementation of a version 2 X.509 Attribute Certificate.
-  /// </summary>
-  IX509V2AttributeCertificate = interface(IX509Extension)
-    ['{E4F5A6B7-C8D9-0123-EF01-456789ABCDEF}']
-
-    function GetAttributeCertificate: IAttributeCertificate;
-    function GetVersion: Int32;
-    function GetSerialNumber: TBigInteger;
-    function GetHolder: IAttributeCertificateHolder;
-    function GetIssuer: IAttributeCertificateIssuer;
-    function GetNotBefore: TDateTime;
-    function GetNotAfter: TDateTime;
-
-    function GetIssuerUniqueID: TCryptoLibBooleanArray;
-    function IsValidNow: Boolean;
-    function IsValid(const ADate: TDateTime): Boolean;
-    procedure CheckValidity; overload;
-    procedure CheckValidity(const ADate: TDateTime); overload;
-
-    function GetSignatureAlgorithm: IAlgorithmIdentifier;
-    function GetSignature: TCryptoLibByteArray;
-
-    function IsSignatureValid(const AKey: IAsymmetricKeyParameter): Boolean; overload;
-    function IsSignatureValid(const AVerifierProvider: IVerifierFactoryProvider): Boolean; overload;
-    procedure Verify(const AKey: IAsymmetricKeyParameter); overload;
-    procedure Verify(const AVerifierProvider: IVerifierFactoryProvider); overload;
-
-    function GetEncoded: TCryptoLibByteArray;
-    function GetAttributes: TCryptoLibGenericArray<IX509Attribute>; overload;
-    function GetAttributes(const AOid: String): TCryptoLibGenericArray<IX509Attribute>; overload;
-    function Equals(const AOther: IX509V2AttributeCertificate): Boolean;
-
-    property AttributeCertificate: IAttributeCertificate read GetAttributeCertificate;
-    property Version: Int32 read GetVersion;
-    property SerialNumber: TBigInteger read GetSerialNumber;
-    property Holder: IAttributeCertificateHolder read GetHolder;
-    property Issuer: IAttributeCertificateIssuer read GetIssuer;
-    property NotBefore: TDateTime read GetNotBefore;
-    property NotAfter: TDateTime read GetNotAfter;
-    property SignatureAlgorithm: IAlgorithmIdentifier read GetSignatureAlgorithm;
-  end;
-
   /// <summary>
   /// Implementation of X.509 V2 Attribute Certificate.
   /// </summary>

CryptoLib/src/X509/ClpX509V2AttributeCertificateGenerator.pas

@@ -1,186 +0,0 @@
-{ *********************************************************************************** }
-{ *                              CryptoLib Library                                  * }
-{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
-{ *                 Github Repository <https://github.com/Xor-el>                   * }
-
-{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
-{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
-
-{ * ******************************************************************************* * }
-
-(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
-
-unit ClpX509V2AttributeCertificateGenerator;
-
-{$I ..\Include\CryptoLib.inc}
-
-interface
-
-uses
-  ClpAsn1Objects,
-  ClpIAsn1Objects,
-  ClpIX509Asn1Objects,
-  ClpX509Asn1Objects,
-  ClpIAsn1Core,
-  ClpX509Attribute,
-  ClpX509V2AttributeCertificate,
-  ClpAttributeCertificateHolder,
-  ClpAttributeCertificateIssuer,
-  ClpV2AttributeCertificateInfoGenerator,
-  ClpX509ExtensionsGenerator,
-  ClpIX509ExtensionsGenerator,
-  ClpISignatureFactory,
-  ClpRfc5280Asn1Utilities,
-  ClpX509Utilities,
-  ClpBigInteger,
-  ClpCryptoLibTypes;
-
-type
-  /// <summary>
-  /// Interface for X.509 V2 Attribute Certificate generator.
-  /// </summary>
-  IX509V2AttributeCertificateGenerator = interface
-    ['{A5B6C7D8-E9F0-1234-5678-9ABCDEF01234}']
-
-    procedure Reset;
-    procedure SetHolder(const AHolder: IAttributeCertificateHolder);
-    procedure SetIssuer(const AIssuer: IAttributeCertificateIssuer);
-    procedure SetSerialNumber(const ASerialNumber: TBigInteger);
-    procedure SetNotBefore(const ADate: TDateTime);
-    procedure SetNotAfter(const ADate: TDateTime);
-    procedure AddAttribute(const AAttribute: IX509Attribute);
-    procedure SetIssuerUniqueID(const AIui: TCryptoLibBooleanArray);
-    procedure AddExtension(const AOid: String; ACritical: Boolean;
-      const AExtensionValue: IAsn1Encodable); overload;
-    procedure AddExtension(const AOid: String; ACritical: Boolean;
-      const AExtensionValue: TCryptoLibByteArray); overload;
-    function Generate(const ASignatureFactory: ISignatureFactory): IX509V2AttributeCertificate;
-    function GetSignatureAlgNames: TCryptoLibStringArray;
-  end;
-
-  /// <summary>
-  /// Class to produce an X.509 Version 2 AttributeCertificate.
-  /// </summary>
-  TX509V2AttributeCertificateGenerator = class(TInterfacedObject,
-    IX509V2AttributeCertificateGenerator)
-
-  strict private
-    FExtGenerator: IX509ExtensionsGenerator;
-    FACInfoGen: IV2AttributeCertificateInfoGenerator;
-
-  public
-    constructor Create;
-    procedure Reset;
-    procedure SetHolder(const AHolder: IAttributeCertificateHolder);
-    procedure SetIssuer(const AIssuer: IAttributeCertificateIssuer);
-    procedure SetSerialNumber(const ASerialNumber: TBigInteger);
-    procedure SetNotBefore(const ADate: TDateTime);
-    procedure SetNotAfter(const ADate: TDateTime);
-    procedure AddAttribute(const AAttribute: IX509Attribute);
-    procedure SetIssuerUniqueID(const AIui: TCryptoLibBooleanArray);
-    procedure AddExtension(const AOid: String; ACritical: Boolean;
-      const AExtensionValue: IAsn1Encodable); overload;
-    procedure AddExtension(const AOid: String; ACritical: Boolean;
-      const AExtensionValue: TCryptoLibByteArray); overload;
-    function Generate(const ASignatureFactory: ISignatureFactory): IX509V2AttributeCertificate;
-    function GetSignatureAlgNames: TCryptoLibStringArray;
-  end;
-
-implementation
-
-{ TX509V2AttributeCertificateGenerator }
-
-constructor TX509V2AttributeCertificateGenerator.Create;
-begin
-  inherited Create;
-  FExtGenerator := TX509ExtensionsGenerator.Create;
-  FACInfoGen := TV2AttributeCertificateInfoGenerator.Create;
-end;
-
-procedure TX509V2AttributeCertificateGenerator.Reset;
-begin
-  FExtGenerator.Reset;
-  FACInfoGen := TV2AttributeCertificateInfoGenerator.Create;
-end;
-
-procedure TX509V2AttributeCertificateGenerator.SetHolder(const AHolder
-  : IAttributeCertificateHolder);
-begin
-  FACInfoGen.SetHolder(AHolder.GetHolder);
-end;
-
-procedure TX509V2AttributeCertificateGenerator.SetIssuer(const AIssuer
-  : IAttributeCertificateIssuer);
-begin
-  FACInfoGen.SetIssuer(AIssuer.GetAttCertIssuer);
-end;
-
-procedure TX509V2AttributeCertificateGenerator.SetSerialNumber(const ASerialNumber
-  : TBigInteger);
-begin
-  FACInfoGen.SetSerialNumber(TDerInteger.Create(ASerialNumber));
-end;
-
-procedure TX509V2AttributeCertificateGenerator.SetNotBefore(const ADate: TDateTime);
-begin
-  FACInfoGen.SetStartDate(TRfc5280Asn1Utilities.CreateGeneralizedTime(ADate));
-end;
-
-procedure TX509V2AttributeCertificateGenerator.SetNotAfter(const ADate: TDateTime);
-begin
-  FACInfoGen.SetEndDate(TRfc5280Asn1Utilities.CreateGeneralizedTime(ADate));
-end;
-
-procedure TX509V2AttributeCertificateGenerator.AddAttribute(const AAttribute
-  : IX509Attribute);
-begin
-  FACInfoGen.AddAttribute(TAttributeX509.GetInstance(AAttribute.ToAsn1Object));
-end;
-
-procedure TX509V2AttributeCertificateGenerator.SetIssuerUniqueID(const AIui
-  : TCryptoLibBooleanArray);
-begin
-  FACInfoGen.SetIssuerUniqueID(TX509Utilities.BooleanToBitString(AIui));
-end;
-
-procedure TX509V2AttributeCertificateGenerator.AddExtension(const AOid: String;
-  ACritical: Boolean; const AExtensionValue: IAsn1Encodable);
-begin
-  FExtGenerator.AddExtension(TDerObjectIdentifier.Create(AOid), ACritical,
-    AExtensionValue);
-end;
-
-procedure TX509V2AttributeCertificateGenerator.AddExtension(const AOid: String;
-  ACritical: Boolean; const AExtensionValue: TCryptoLibByteArray);
-begin
-  FExtGenerator.AddExtension(TDerObjectIdentifier.Create(AOid), ACritical,
-    AExtensionValue);
-end;
-
-function TX509V2AttributeCertificateGenerator.Generate(const ASignatureFactory
-  : ISignatureFactory): IX509V2AttributeCertificate;
-var
-  LSigAlgID: IAlgorithmIdentifier;
-  LAcInfo: IAttributeCertificateInfo;
-  LSignature: IDerBitString;
-  LAc: IAttributeCertificate;
-begin
-  LSigAlgID := ASignatureFactory.AlgorithmDetails;
-  FACInfoGen.SetSignature(LSigAlgID);
-
-  if not FExtGenerator.IsEmpty then
-    FACInfoGen.SetExtensions(FExtGenerator.Generate);
-
-  LAcInfo := FACInfoGen.GenerateAttributeCertificateInfo;
-  LSignature := TX509Utilities.GenerateSignature(ASignatureFactory, LAcInfo);
-  LAc := TAttributeCertificate.Create(LAcInfo, LSigAlgID, LSignature);
-  Result := TX509V2AttributeCertificate.Create(LAc);
-end;
-
-function TX509V2AttributeCertificateGenerator.GetSignatureAlgNames
-  : TCryptoLibStringArray;
-begin
-  Result := TX509Utilities.GetAlgNames;
-end;
-
-end.