private static String Fingerprint(Org.BouncyCastle.Asn1.X509.X509CertificateStructure certStruct)
{
Byte[] hashBytes;
using (var hasher = new System.Security.Cryptography.SHA256Managed()) {
hashBytes = hasher.ComputeHash(certStruct.SubjectPublicKeyInfo.GetDerEncoded());
}
return(Convert.ToBase64String(hashBytes));
}
public TlsCredentials GetClientCredentials(CertificateRequest certificateRequest)
{
if (clientCertChain != null)
{
Org.BouncyCastle.Asn1.X509.X509CertificateStructure[] certs = new Org.BouncyCastle.Asn1.X509.X509CertificateStructure[clientCertChain.Length];
for (int i = 0; i < clientCertChain.Length; i++)
{
X509CertificateEntry entry = clientCertChain[i];
certs[i] = entry.Certificate.CertificateStructure;
}
/* for all signature and hsah algorithm tuples the server supports ... */
foreach (SignatureAndHashAlgorithm sh in certificateRequest.SupportedSignatureAlgorithms)
{
if (sh.Signature == SignatureAlgorithm.ecdsa) /* here, we assume the certificate is signed with ecdsa */
{
TlsSignerCredentials creds = new DefaultTlsSignerCredentials(context, new Certificate(certs), clientPrivateKey.Key, sh);
return creds;
}
}
}
return null;
}
