} // End Sub GenerateRootCertificate

        public static Org.BouncyCastle.X509.X509Certificate SelfSignSslCertificate(
            Org.BouncyCastle.Security.SecureRandom random
            , Org.BouncyCastle.X509.X509Certificate caRoot
            , Org.BouncyCastle.Crypto.AsymmetricKeyParameter subjectPublicKey
            , Org.BouncyCastle.Crypto.AsymmetricKeyParameter rootCertPrivateKey
            ) // PrivatePublicPemKeyPair subjectKeyPair)
        {
            Org.BouncyCastle.X509.X509Certificate caSsl = null;

            string countryIso2Characters = "GA";
            string stateOrProvince       = "Aremorica";
            string localityOrCity        = "Erquy, Bretagne";
            string companyName           = "Coopérative Ménhir Obelix Gmbh & Co. KGaA";
            string division   = "Neanderthal Technology Group (NT)";
            string domainName = "localhost";

            domainName = "*.sql.guru";
            domainName = "localhost";
            string email = "webmaster@localhost";


            CertificateInfo ci = new CertificateInfo(
                countryIso2Characters, stateOrProvince
                , localityOrCity, companyName
                , division, domainName, email
                , System.DateTime.UtcNow
                , System.DateTime.UtcNow.AddYears(5)
                );

            ci.AddAlternativeNames("localhost", System.Environment.MachineName, "127.0.0.1",
                                   "sql.guru", "*.sql.guru", "example.int", "foo.int", "bar.int", "foobar.int", "*.com");

            // Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair kp1 = KeyGenerator.GenerateEcKeyPair(curveName, random);
            Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair kp1 = KeyGenerator.GenerateRsaKeyPair(2048, random);
            // Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair kp1 = KeyGenerator.GenerateDsaKeyPair(1024, random);
            // Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair kp1 = KeyGenerator.GenerateDHKeyPair(1024, random);


            caSsl = CerGenerator.GenerateSslCertificate(
                ci
                , subjectPublicKey
                , rootCertPrivateKey
                , caRoot
                , random
                );

            /*
             * PfxGenerator.CreatePfxFile(@"obelix.pfx", caSsl, kp1.Private, "");
             * CerGenerator.WritePrivatePublicKey("obelix", ci.SubjectKeyPair);
             *
             *
             * CerGenerator.WriteCerAndCrt(@"ca", caRoot);
             * CerGenerator.WriteCerAndCrt(@"obelix", caSsl);
             */

            return(caSsl);
        } // End Sub SelfSignSslCertificate
Esempio n. 2
0
        private static Org.BouncyCastle.X509.X509Certificate SelfSignSslCertificate(
            Org.BouncyCastle.Security.SecureRandom random
            , Org.BouncyCastle.X509.X509Certificate caRoot
            , Org.BouncyCastle.Crypto.AsymmetricKeyParameter subjectPublicKey
            , Org.BouncyCastle.Crypto.AsymmetricKeyParameter rootCertPrivateKey
            , string[] alternativeNames
            )
        {
            Org.BouncyCastle.X509.X509Certificate caSsl = null;

            string countryIso2Characters = "GA";
            string stateOrProvince       = "Aremorica";
            string localityOrCity        = "Erquy, Bretagne";
            string companyName           = "Coopérative Ménhir Obelix Gmbh & Co. KGaA";
            string division   = "Neanderthal Technology Group (NT)";
            string domainName = "localhost";
            string email      = "webmaster@localhost";


            CertificateInfo ci = new CertificateInfo(
                countryIso2Characters, stateOrProvince
                , localityOrCity, companyName
                , division, domainName, email
                , System.DateTime.UtcNow
                , System.DateTime.UtcNow.AddYears(50)
                );


            ci.AddAlternativeNames(alternativeNames);

            // Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair kp1 = KeyGenerator.GenerateEcKeyPair(curveName, random);
            Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair kp1 = KeyGenerator.GenerateRsaKeyPair(2048, random);
            // Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair kp1 = KeyGenerator.GenerateDsaKeyPair(1024, random);
            // Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair kp1 = KeyGenerator.GenerateDHKeyPair(1024, random);


            caSsl = CerGenerator.GenerateSslCertificate(
                ci
                , subjectPublicKey
                , rootCertPrivateKey
                , caRoot
                , random
                );

            return(caSsl);
        } // End Sub SelfSignSslCertificate
Esempio n. 3
0
        } // End Sub Test

        public static void SelfSignSslCertificate(Org.BouncyCastle.Security.SecureRandom random, Org.BouncyCastle.X509.X509Certificate caRoot, Org.BouncyCastle.Crypto.AsymmetricKeyParameter rootCertPrivateKey) // PrivatePublicPemKeyPair subjectKeyPair)
        {
            Org.BouncyCastle.X509.X509Certificate caSsl = null;

            string countryIso2Characters = "GA";
            string stateOrProvince       = "Aremorica";
            string localityOrCity        = "Erquy, Bretagne";
            string companyName           = "Coopérative Ménhir Obelix Gmbh & Co. KGaA";
            string division   = "NT (Neanderthal Technology)";
            string domainName = "localhost";

            domainName = "*.sql.guru";
            domainName = "localhost";
            string email = "webmaster@localhost";


            CertificateInfo ci = new CertificateInfo(
                countryIso2Characters, stateOrProvince
                , localityOrCity, companyName
                , division, domainName, email
                , System.DateTime.UtcNow
                , System.DateTime.UtcNow.AddYears(5)
                );

            ci.AddAlternativeNames("localhost", System.Environment.MachineName, "127.0.0.1",
                                   "sql.guru", "*.sql.guru");

            // Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair kp1 = KeyGenerator.GenerateEcKeyPair(curveName, random);
            Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair kp1 = KeyGenerator.GenerateRsaKeyPair(2048, random);
            // Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair kp1 = KeyGenerator.GenerateDsaKeyPair(1024, random);
            // Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair kp1 = KeyGenerator.GenerateDHKeyPair(1024, random);



            ci.SubjectKeyPair = KeyImportExport.GetPemKeyPair(kp1);
            // ci.IssuerKeyPair.PrivateKey = rootCert.PrivateKey;

            // caSsl = CerGenerator.GenerateSslCertificate(ci, random, caRoot);

            Org.BouncyCastle.Crypto.AsymmetricKeyParameter subjectPublicKey = null;
            // This is the private key of the root certificate
            Org.BouncyCastle.Crypto.AsymmetricKeyParameter issuerPrivateKey = null;

            caSsl = CerGenerator.GenerateSslCertificate(
                ci
                , subjectPublicKey
                , issuerPrivateKey
                , caRoot
                , random
                );


            CertificateToDerPem(caSsl);



            // Just to clarify, an X.509 certificate does not contain the private key
            // The whole point of using certificates is to send them more or less openly,
            // without sending the private key, which must be kept secret.
            // An X509Certificate2 object may have a private key associated with it (via its PrivateKey property),
            // but that's only a convenience as part of the design of this class.
            // System.Security.Cryptography.X509Certificates.X509Certificate2 = new System.Security.Cryptography.X509Certificates.X509Certificate2(caRoot.GetEncoded());
            // System.Console.WriteLine(cc.PublicKey);
            // System.Console.WriteLine(cc.PrivateKey);

            bool val = CerGenerator.ValidateSelfSignedCert(caSsl, caRoot.GetPublicKey());

            System.Console.WriteLine(val);

            PfxGenerator.CreatePfxFile(@"obelix.pfx", caSsl, kp1.Private, "");
            CerGenerator.WritePrivatePublicKey("obelix", ci.SubjectKeyPair);


            CerGenerator.WriteCerAndCrt(@"ca", caRoot);
            CerGenerator.WriteCerAndCrt(@"obelix", caSsl);
        } // End Sub SelfSignSslCertificate