private static DerObjectIdentifier GetDigitalSignatureAlgoOID(AlgParSet parameters)
{
return(parameters.Len_AlgParSet.Value_Len switch
{
256 => RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256,
512 => RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512,
_ => throw new Exception("Wrong parameters length!"),
});
private static AsymmetricCipherKeyPair GenerateKeyPair(AlgParSet parameters)
{
while (true)
{
using var form = new KeyGenerationForm();
var result = form.ShowDialog();
if (result == DialogResult.OK)
{
var parametersObject = GetDigitalSignatureAlgoParameterSetOID(parameters);
var ecp = new ECNamedDomainParameters(parametersObject, ECGost3410NamedCurves.GetByOidX9(parametersObject));
var gostParams = new ECGost3410Parameters(ecp, parametersObject, GetDigitalSignatureAlgoOID(parameters), null);
SecureRandom rand = new SecureRandom();
rand.SetSeed(form.Seed.ToArray());
var pars = new ECKeyGenerationParameters(gostParams, rand);
var generator = new ECKeyPairGenerator();
generator.Init(pars);
return(generator.GenerateKeyPair());
}
}
}
public static byte[] GetSignedCertificate(AlgParSet parameters, Subj subj)
{
X509Certificate root = new X509CertificateParser().ReadCertificate(GetRootCertificate());
Cert data = CreateDatabaseInfoFromCertificate(root);
var keys = GenerateKeyPair(parameters);
string serial = string.Empty;
do
{
serial = BigIntegers.CreateRandomBigInteger(512, new SecureRandom()).ToString();
}while (DatabaseInstance.GetInstance().Certs.FirstOrDefault(elm => elm.SerialNumber_Cert == serial) != null);
Cert certificate = new Cert
{
Ver_Cert = DatabaseInstance.GetInstance().Vers.FirstOrDefault(),
SignAlg_Cert = new SignAlg
{
AlgParSet_SignAlg = parameters,
PrivateKey_SignAlg = PrivateKeyInfoFactory.CreatePrivateKeyInfo(keys.Private).ToAsn1Object().GetEncoded(),
PublicKey_SignAlg = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keys.Public).ToAsn1Object().GetEncoded()
},
Issuer_Cert = data.Issuer_Cert,
Subj_Cert = subj,
SerialNumber_Cert = serial,
ValidFrom_Cert = DateTime.Now,
ValidBy_Cert = DateTimeOffset.Now.AddYears(5).UtcDateTime,
SignSerialNumber_Cert = data.SerialNumber_Cert
};
var cert = CreateCertificateFromDatabaseInfo(certificate);
certificate.SignValue_Cert = string.Join("", BitConverter.ToString(cert.GetSignature()).Split('-'));
DatabaseInstance.GetInstance().Certs.Add(certificate);
DatabaseInstance.GetInstance().SaveChanges();
return(cert.GetEncoded());
}