Ejemplo n.º 1
0
        /// <summary>
        /// Create self signed cert
        /// </summary>
        /// <param name="signature"></param>
        /// <param name="subject"></param>
        /// <returns></returns>
        internal static AsymmetricAlgorithm CreateCsr(this SignatureType signature, string subject,
                                                      out CertificateRequest csr)
        {
            AsymmetricAlgorithm alg = null;

            try {
                if (signature.IsRSA())
                {
                    var rsa = RSA.Create();
                    alg = rsa;
                    csr = new CertificateRequest(X500DistinguishedNameEx.Create(subject),
                                                 rsa, signature.ToHashAlgorithmName(), signature.ToRSASignaturePadding());
                    return(alg);
                }
                if (signature.IsECC())
                {
                    var ecdsa = ECDsa.Create();
                    alg = ecdsa;
                    csr = new CertificateRequest(X500DistinguishedNameEx.Create(subject),
                                                 ecdsa, signature.ToHashAlgorithmName());
                    return(alg);
                }
                throw new ArgumentException("Bad signature");
            }
            catch {
                alg?.Dispose();
                throw;
            }
        }
Ejemplo n.º 2
0
        /// <summary>
        /// To DER algorithm identifier
        /// </summary>
        /// <param name="signature"></param>
        /// <returns></returns>
        public static byte[] ToAlgorithmIdentifier(this SignatureType signature)
        {
            var    hashAlgorithm = signature.ToHashAlgorithmName();
            string oid;

            if (signature.IsRSA())
            {
                var padding = signature.ToRSASignaturePadding();
                if (padding == RSASignaturePadding.Pkcs1)
                {
                    if (hashAlgorithm == HashAlgorithmName.SHA256)
                    {
                        oid = Oids.RsaPkcs1Sha256;
                    }
                    else if (hashAlgorithm == HashAlgorithmName.SHA384)
                    {
                        oid = Oids.RsaPkcs1Sha384;
                    }
                    else if (hashAlgorithm == HashAlgorithmName.SHA512)
                    {
                        oid = Oids.RsaPkcs1Sha512;
                    }
                    else
                    {
                        throw new ArgumentOutOfRangeException(nameof(hashAlgorithm),
                                                              $"The hash algorithm {hashAlgorithm.Name} is not supported.");
                    }
                    using (var writer = new AsnWriter(AsnEncodingRules.DER)) {
                        writer.PushSequence();
                        writer.WriteObjectIdentifier(oid);
                        writer.WriteNull();
                        writer.PopSequence();
                        return(writer.Encode());
                    }
                }
                if (padding == RSASignaturePadding.Pss)
                {
                    int saltLen;

                    if (hashAlgorithm == HashAlgorithmName.SHA256)
                    {
                        saltLen = 256 / 8;
                        oid     = Oids.Sha256;
                    }
                    else if (hashAlgorithm == HashAlgorithmName.SHA384)
                    {
                        saltLen = 384 / 8;
                        oid     = Oids.Sha384;
                    }
                    else if (hashAlgorithm == HashAlgorithmName.SHA512)
                    {
                        saltLen = 512 / 8;
                        oid     = Oids.Sha512;
                    }
                    else
                    {
                        throw new ArgumentOutOfRangeException(nameof(hashAlgorithm),
                                                              $"The hash algorithm {hashAlgorithm.Name} is not supported.");
                    }
                    using (var writer = new AsnWriter(AsnEncodingRules.DER)) {
                        writer.WritePssSignatureAlgorithmIdentifier(saltLen, oid);
                        return(writer.Encode());
                    }
                }
                throw new ArgumentOutOfRangeException(nameof(signature),
                                                      "Specified Padding is not supported.");
            }

            if (hashAlgorithm == HashAlgorithmName.SHA256)
            {
                oid = Oids.ECDsaWithSha256;
            }
            else if (hashAlgorithm == HashAlgorithmName.SHA384)
            {
                oid = Oids.ECDsaWithSha384;
            }
            else if (hashAlgorithm == HashAlgorithmName.SHA512)
            {
                oid = Oids.ECDsaWithSha512;
            }
            else
            {
                throw new ArgumentOutOfRangeException(nameof(hashAlgorithm),
                                                      $"The hash algorithm {hashAlgorithm.Name} is not supported.");
            }
            using (var writer = new AsnWriter(AsnEncodingRules.DER)) {
                writer.PushSequence();
                writer.WriteObjectIdentifier(oid);
                writer.PopSequence();
                return(writer.Encode());
            }
        }