private static Pkcs10CertificationRequest CreatePKCS10(string sCN, string challengePassword, AsymmetricCipherKeyPair rsaKeyPair)
{
BCPkcs.AttributePkcs attrPassword = new BCPkcs.AttributePkcs(BCPkcs.PkcsObjectIdentifiers.Pkcs9AtChallengePassword, new DerSet(new DerPrintableString(challengePassword)));
Pkcs10CertificationRequest request = new Pkcs10CertificationRequest(
"SHA256WITHRSA",
new AsnX509.X509Name(new DerObjectIdentifier[] { AsnX509.X509Name.CN }, new string[] { sCN }),
rsaKeyPair.Public,
new DerSet(attrPassword),
rsaKeyPair.Private
);
return(request);
}
private static Pkcs10CertificationRequest CreatePKCS10ForComputer(string challengePassword, AsymmetricCipherKeyPair rsaKeyPair)
{
// GenerateSelfSignedCertificate("CN=" + LDAPTools.QuoteRDN(fqdn), out RSA algRSA, out CertificateRequest req, out X509Certificate2 selfSignedCert);
AsnX509.X509ExtensionsGenerator extensions = new AsnX509.X509ExtensionsGenerator();
ISet <string> sanDNSCollection = new HashSet <string>();
string hostName = Dns.GetHostName();
sanDNSCollection.Add(hostName);
string fqdn = Dns.GetHostEntry(hostName).HostName;
sanDNSCollection.Add(fqdn);
#if !DEBUG
Domain computerDomain = Domain.GetComputerDomain();
sanDNSCollection.Add(computerDomain.Name);
string NetBIOSDomain = GetNetbiosDomainName(computerDomain.Name);
if (!string.IsNullOrEmpty(NetBIOSDomain))
{
sanDNSCollection.Add(NetBIOSDomain);
}
#endif // !DEBUG
GeneralNames subjectAlternateNames = new GeneralNames(
sanDNSCollection
.Select(dnsName => new GeneralName(GeneralName.DnsName, dnsName))
.ToArray()
);
extensions.AddExtension(X509Extensions.SubjectAlternativeName, false, subjectAlternateNames);
BCPkcs.AttributePkcs extensionRequest = new BCPkcs.AttributePkcs(BCPkcs.PkcsObjectIdentifiers.Pkcs9AtExtensionRequest, new DerSet(extensions.Generate()));
BCPkcs.AttributePkcs attrPassword = new BCPkcs.AttributePkcs(BCPkcs.PkcsObjectIdentifiers.Pkcs9AtChallengePassword, new DerSet(new DerPrintableString(challengePassword)));
Pkcs10CertificationRequest request = new Pkcs10CertificationRequest(
"SHA256WITHRSA",
new AsnX509.X509Name(new DerObjectIdentifier[] { AsnX509.X509Name.CN }, new string[] { fqdn }),
rsaKeyPair.Public,
new DerSet(extensionRequest, attrPassword),
rsaKeyPair.Private
);
return(request);
}
public static AttributePkcs GetInstance(object obj)
{
AttributePkcs attributePkcs = obj as AttributePkcs;
if (obj == null || attributePkcs != null)
{
return(attributePkcs);
}
Asn1Sequence asn1Sequence = obj as Asn1Sequence;
if (asn1Sequence != null)
{
return(new AttributePkcs(asn1Sequence));
}
throw new ArgumentException("Unknown object in factory: " + obj.GetType().FullName, "obj");
}
private static Pkcs10CertificationRequest CreatePKCS10ForComputer(string challengePassword, AsymmetricCipherKeyPair rsaKeyPair)
{
// GenerateSelfSignedCertificate("CN=" + LDAPTools.QuoteRDN(fqdn), out RSA algRSA, out CertificateRequest req, out X509Certificate2 selfSignedCert);
AsnX509.X509ExtensionsGenerator extensions = new AsnX509.X509ExtensionsGenerator();
ISet <string> sanDNSCollection = new HashSet <string>(4);
string hostName = Dns.GetHostName();
sanDNSCollection.Add(hostName);
string fqdn = Dns.GetHostEntry(hostName).HostName;
sanDNSCollection.Add(fqdn);
#if !DEBUG
Domain computerDomain = Domain.GetComputerDomain();
sanDNSCollection.Add(computerDomain.Name);
string NetBIOSDomain = GetNetbiosDomainName(computerDomain.Name);
if (!string.IsNullOrEmpty(NetBIOSDomain))
{
sanDNSCollection.Add(NetBIOSDomain);
}
#endif // !DEBUG
SubjectAlternativeNameBuilder sanBuilder = new SubjectAlternativeNameBuilder();
foreach (string dnsName in sanDNSCollection)
{
sanBuilder.AddDnsName(dnsName);
}
System.Security.Cryptography.X509Certificates.X509Extension sanExtension = sanBuilder.Build();
extensions.AddExtension(new DerObjectIdentifier(sanExtension.Oid.Value), sanExtension.Critical, sanExtension.RawData);
BCPkcs.AttributePkcs extensionRequest = new BCPkcs.AttributePkcs(BCPkcs.PkcsObjectIdentifiers.Pkcs9AtExtensionRequest, new DerSet(extensions.Generate()));
BCPkcs.AttributePkcs attrPassword = new BCPkcs.AttributePkcs(BCPkcs.PkcsObjectIdentifiers.Pkcs9AtChallengePassword, new DerSet(new DerPrintableString(challengePassword)));
Pkcs10CertificationRequest request = new Pkcs10CertificationRequest(
"SHA256WITHRSA",
new AsnX509.X509Name(new DerObjectIdentifier[] { AsnX509.X509Name.CN }, new string[] { fqdn }),
rsaKeyPair.Public,
new DerSet(extensionRequest, attrPassword),
rsaKeyPair.Private
);
return(request);
}
public static AttributePkcs GetInstance(object obj)
{
//IL_0035: Unknown result type (might be due to invalid IL or missing references)
AttributePkcs attributePkcs = obj as AttributePkcs;
if (obj == null || attributePkcs != null)
{
return(attributePkcs);
}
Asn1Sequence asn1Sequence = obj as Asn1Sequence;
if (asn1Sequence != null)
{
return(new AttributePkcs(asn1Sequence));
}
throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
}
/**
* return an Attribute object from the given object.
*
* @param o the object we want converted.
* @exception ArgumentException if the object cannot be converted.
*/
public static AttributePkcs GetInstance(
object obj)
{
AttributePkcs attr = obj as AttributePkcs;
if (obj == null || attr != null)
{
return(attr);
}
Asn1Sequence seq = obj as Asn1Sequence;
if (seq != null)
{
return(new AttributePkcs(seq));
}
throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
}
private static void ValidateAttributes(Asn1Set attributes)
{
if (attributes == null)
{
return;
}
foreach (Asn1Encodable ae in attributes)
{
Asn1Object obj = ae.ToAsn1Object();
AttributePkcs attr = AttributePkcs.GetInstance(obj);
if (attr.AttrType.Equals(PkcsObjectIdentifiers.Pkcs9AtChallengePassword))
{
if (attr.AttrValues.Count != 1)
{
throw new ArgumentException("challengePassword attribute must have one value");
}
}
}
}
// previous code found to cause a NullPointerException
private void nullPointerTest()
{
IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
keyGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024));
IAsymmetricCipherKeyPair pair = keyGen.GenerateKeyPair();
IList oids = new ArrayList();
IList values = new ArrayList();
oids.Add(X509Extensions.BasicConstraints);
values.Add(new X509Extension(true, new DerOctetString(new BasicConstraints(true))));
oids.Add(X509Extensions.KeyUsage);
values.Add(new X509Extension(true, new DerOctetString(
new KeyUsage(KeyUsage.KeyCertSign | KeyUsage.CrlSign))));
SubjectKeyIdentifier subjectKeyIdentifier = new SubjectKeyIdentifierStructure(pair.Public);
X509Extension ski = new X509Extension(false, new DerOctetString(subjectKeyIdentifier));
oids.Add(X509Extensions.SubjectKeyIdentifier);
values.Add(ski);
AttributePkcs attribute = new AttributePkcs(PkcsObjectIdentifiers.Pkcs9AtExtensionRequest,
new DerSet(new X509Extensions(oids, values)));
Pkcs10CertificationRequest p1 = new Pkcs10CertificationRequest(
"SHA1WithRSA", new X509Name("cn=csr"), pair.Public, new DerSet(attribute), pair.Private);
Pkcs10CertificationRequest p2 = new Pkcs10CertificationRequest(
"SHA1WithRSA", new X509Name("cn=csr"), pair.Public, new DerSet(attribute), pair.Private);
if (!p1.Equals(p2))
{
Fail("cert request comparison failed");
}
}
