} // End Sub ExportKeyPair
// https://stackoverflow.com/questions/22008337/generating-keypair-using-bouncy-castle
// https://stackoverflow.com/questions/14052485/converting-a-public-key-in-subjectpublickeyinfo-format-to-rsapublickey-format-ja
// https://stackoverflow.com/questions/10963756/get-der-encoded-public-key
// http://www.programcreek.com/java-api-examples/index.php?api=org.bouncycastle.crypto.util.SubjectPublicKeyInfoFactory
public static void CerKeyInfo(Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair keyPair)
{
Org.BouncyCastle.Asn1.Pkcs.PrivateKeyInfo pkInfo = Org.BouncyCastle.Pkcs.PrivateKeyInfoFactory.CreatePrivateKeyInfo(keyPair.Private);
string privateKey = System.Convert.ToBase64String(pkInfo.GetDerEncoded());
// and following for public:
Org.BouncyCastle.Asn1.X509.SubjectPublicKeyInfo info = Org.BouncyCastle.X509.SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyPair.Public);
string publicKey = System.Convert.ToBase64String(info.GetDerEncoded());
System.Console.WriteLine(privateKey);
System.Console.WriteLine(publicKey);
} // End Sub CerKeyInfo
/// <summary>
/// Get RSA public key from a CSR.
/// </summary>
public static RSA GetRSAPublicKey(Org.BouncyCastle.Asn1.X509.SubjectPublicKeyInfo subjectPublicKeyInfo)
{
Org.BouncyCastle.Crypto.AsymmetricKeyParameter asymmetricKeyParameter = Org.BouncyCastle.Security.PublicKeyFactory.CreateKey(subjectPublicKeyInfo);
Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters rsaKeyParameters = (Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters)asymmetricKeyParameter;
RSAParameters rsaKeyInfo = new RSAParameters
{
Modulus = rsaKeyParameters.Modulus.ToByteArrayUnsigned(),
Exponent = rsaKeyParameters.Exponent.ToByteArrayUnsigned()
};
RSA rsa = RSA.Create(rsaKeyInfo);
return(rsa);
}
internal TbsCertificateStructure(Asn1Sequence seq)
{
int num = 0;
this.seq = seq;
if (seq[0] is DerTaggedObject)
{
this.version = DerInteger.GetInstance((Asn1TaggedObject)seq[0], true);
}
else
{
num = -1;
this.version = new DerInteger(0);
}
this.serialNumber = DerInteger.GetInstance(seq[num + 1]);
this.signature = AlgorithmIdentifier.GetInstance(seq[num + 2]);
this.issuer = X509Name.GetInstance(seq[num + 3]);
Asn1Sequence sequence = (Asn1Sequence)seq[num + 4];
this.startDate = Time.GetInstance(sequence[0]);
this.endDate = Time.GetInstance(sequence[1]);
this.subject = X509Name.GetInstance(seq[num + 5]);
this.subjectPublicKeyInfo = Org.BouncyCastle.Asn1.X509.SubjectPublicKeyInfo.GetInstance(seq[num + 6]);
for (int i = (seq.Count - (num + 6)) - 1; i > 0; i--)
{
DerTaggedObject obj2 = (DerTaggedObject)seq[(num + 6) + i];
switch (obj2.TagNo)
{
case 1:
this.issuerUniqueID = DerBitString.GetInstance(obj2, false);
break;
case 2:
this.subjectUniqueID = DerBitString.GetInstance(obj2, false);
break;
case 3:
this.extensions = X509Extensions.GetInstance(obj2);
break;
}
}
}
public static Org.BouncyCastle.Crypto.AsymmetricKeyParameter BCPublicKey(this System.Security.Cryptography.X509Certificates.PublicKey public_key)
{
Org.BouncyCastle.Asn1.X509.SubjectPublicKeyInfo subinfo = Org.BouncyCastle.Asn1.X509.SubjectPublicKeyInfo.GetInstance(Org.BouncyCastle.Asn1.Asn1Sequence.GetInstance(Org.BouncyCastle.Asn1.Asn1Object.FromByteArray(Conversions.EncodeX509PublicKey(public_key))));
return(Org.BouncyCastle.Security.PublicKeyFactory.CreateKey(subinfo));
}
public static System.Security.Cryptography.X509Certificates.PublicKey MSPublicKey(this Org.BouncyCastle.Crypto.AsymmetricKeyParameter public_key)
{
Org.BouncyCastle.Asn1.X509.SubjectPublicKeyInfo gensubinfo = Org.BouncyCastle.X509.SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(public_key);
return(Conversions.DecodeX509PublicKey(gensubinfo.ToAsn1Object().GetEncoded()));
}
private bool verifySign(byte[] certificateData, byte[] signature, byte[] data, string digestAlg, out string errorMessage)
{
try
{
Org.BouncyCastle.Asn1.X509.SubjectPublicKeyInfo ski = Org.BouncyCastle.Asn1.X509.X509CertificateStructure.GetInstance(Org.BouncyCastle.Asn1.Asn1Object.FromByteArray(certificateData)).SubjectPublicKeyInfo;
Org.BouncyCastle.Crypto.AsymmetricKeyParameter pk = Org.BouncyCastle.Security.PublicKeyFactory.CreateKey(ski);
string algStr = ""; //signature alg
//find digest
switch (digestAlg)
{
case "http://www.w3.org/2000/09/xmldsig#rsa-sha1":
algStr = "sha1";
break;
case "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256":
algStr = "sha256";
break;
case "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384":
algStr = "sha384";
break;
case "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512":
algStr = "sha512";
break;
}
//find encryption
switch (ski.AlgorithmID.ObjectID.Id)
{
case "1.2.840.10040.4.1": //dsa
algStr += "withdsa";
break;
case "1.2.840.113549.1.1.1": //rsa
algStr += "withrsa";
break;
default:
errorMessage = "verifySign 5: Unknown key algId = " + ski.AlgorithmID.ObjectID.Id;
return(false);
}
Console.WriteLine("Hash digest pred decryptom: " + Convert.ToBase64String(data));
errorMessage = "verifySign 8: Creating signer: " + algStr;
Org.BouncyCastle.Crypto.ISigner verif = Org.BouncyCastle.Security.SignerUtilities.GetSigner(algStr);
verif.Init(false, pk);
verif.BlockUpdate(data, 0, data.Length);
bool res = verif.VerifySignature(signature);
Console.WriteLine("Hodnota pk je: " + pk.GetHashCode());
Console.WriteLine("Hash digest po decrypte: " + Convert.ToBase64String(data));
Console.WriteLine("- ");
Console.WriteLine("Hodnota je " + res);
Console.WriteLine("- ");
if (!res)
{
errorMessage = "verifySign 9: VerifySignature=false: dataB64=" + Convert.ToBase64String(data) + Environment.NewLine + "signatureB64=" + Convert.ToBase64String(signature) + Environment.NewLine + "certificateDataB64=" + Convert.ToBase64String(certificateData);
}
return(res);
}
catch (Exception ex)
{
errorMessage = "verifySign 10: " + ex.ToString();
return(false);
}
}
