public static AsymmetricCipherKeyPair RsaKeyPair(this RsaKeyLength size)
{
RsaKeyPairGenerator gen = new RsaKeyPairGenerator();
RsaKeyGenerationParameters parameters = new RsaKeyGenerationParameters(new BigInteger("10001", 16), SecureRandom.GetInstance("SHA1PRNG"), (int)size, 80);
gen.Init(parameters);
return(gen.GenerateKeyPair());
}
/// <summary>
/// Create a Vault in the specified database by the specified
/// name using the specified password to create it if it
/// doesn't exist
/// </summary>
/// <param name="database"></param>
/// <param name="name"></param>
/// <param name="password"></param>
/// <param name="rsaKeyLength"></param>
/// <returns></returns>
public static Vault Create(Database database, string name, string password, RsaKeyLength rsaKeyLength = RsaKeyLength._1024)
{
Vault result = Vault.OneWhere(c => c.Name == name, database);
if (result == null)
{
result = new Vault();
result.Name = name;
result.Save(database);
VaultKey key = result.VaultKeysByVaultId.JustOne(database, false);
AsymmetricCipherKeyPair keys = RsaKeyGen.GenerateKeyPair(rsaKeyLength);
key.RsaKey = keys.ToPem();
key.Password = password.EncryptWithPublicKey(keys);
key.Save(database);
}
return(result);
}
public static Generator GenPki(string cn, string org, string orgun, string city, string state, string country,
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.SHA256,
RsaKeyLength rsaKeyLength = RsaKeyLength.Length2048Bits)
{
Generator generator = new Generator();
// Determines Signature Algorithm
string signatureAlgorithmStr;
switch (signatureAlgorithm)
{
case SignatureAlgorithm.SHA1:
signatureAlgorithmStr = PkcsObjectIdentifiers.Sha1WithRsaEncryption.Id;
break;
case SignatureAlgorithm.SHA256:
signatureAlgorithmStr = PkcsObjectIdentifiers.Sha256WithRsaEncryption.Id;
break;
case SignatureAlgorithm.SHA512:
signatureAlgorithmStr = PkcsObjectIdentifiers.Sha512WithRsaEncryption.Id;
break;
default:
signatureAlgorithmStr = PkcsObjectIdentifiers.Sha256WithRsaEncryption.Id;
break;
}
// Cert Info
IDictionary attrs = new Hashtable();
attrs.Add(X509Name.CN, cn);
attrs.Add(X509Name.O, org);
attrs.Add(X509Name.OU, orgun);
attrs.Add(X509Name.L, city);
attrs.Add(X509Name.ST, state);
attrs.Add(X509Name.C, country);
X509Name subject = new X509Name(new ArrayList(attrs.Keys), attrs);
//Key Generator
//ECKeyPairGenerator ecKeyPairGenerator = new ECKeyPairGenerator();
//ecKeyPairGenerator.Init(new KeyGenerationParameters(new SecureRandom(new CryptoApiRandomGenerator()), (int)rsaKeyLength));
//AsymmetricCipherKeyPair pair = ecKeyPairGenerator.GenerateKeyPair();
X9ECParameters curve = ECNamedCurveTable.GetByName("secp256k1");
ECDomainParameters ecParam = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H, curve.GetSeed());
ECKeyPairGenerator ecKeyPairGenerator = new ECKeyPairGenerator();
ecKeyPairGenerator.Init(new ECKeyGenerationParameters(ecParam, new SecureRandom()));
AsymmetricCipherKeyPair pair = ecKeyPairGenerator.GenerateKeyPair();
//RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator();
//rsaKeyPairGenerator.Init(new KeyGenerationParameters(new SecureRandom(new CryptoApiRandomGenerator()), (int)rsaKeyLength));
//AsymmetricCipherKeyPair pair = rsaKeyPairGenerator.GenerateKeyPair();
//CSR Generator
//Asn1SignatureFactory signatureFactory = new Asn1SignatureFactory(signatureAlgorithmStr, pair.Private);
Asn1SignatureFactory signatureFactory = new Asn1SignatureFactory("SHA256WITHECDSA", pair.Private);
Pkcs10CertificationRequest csr = new Pkcs10CertificationRequest(signatureFactory, subject, pair.Public, null, pair.Private);
/***************************
****************************
**Convert to PEM and Output*
****************************
***************************/
//Private Key
StringBuilder privateKeyStrBuilder = new StringBuilder();
PemWriter privateKeyPemWriter = new PemWriter(new StringWriter(privateKeyStrBuilder));
privateKeyPemWriter.WriteObject(pair.Private);
privateKeyPemWriter.Writer.Flush();
pkey = privateKeyStrBuilder.ToString();
//Public Key
StringBuilder publicKeyStrBuilder = new StringBuilder();
PemWriter publicKeyPemWriter = new PemWriter(new StringWriter(publicKeyStrBuilder));
publicKeyPemWriter.WriteObject(pair.Private);
publicKeyPemWriter.Writer.Flush();
generator.PublicKey = publicKeyStrBuilder.ToString();
//CSR
StringBuilder csrStrBuilder = new StringBuilder();
PemWriter csrPemWriter = new PemWriter(new StringWriter(csrStrBuilder));
csrPemWriter.WriteObject(csr);
csrPemWriter.Writer.Flush();
csR = csrStrBuilder.ToString();
return(generator);
}
public static AsymmetricCipherKeyPair GenerateKeyPair(RsaKeyLength size)
{
return(RsaKeyGen.GenerateKeyPair(size));
}
void IPKIEncordeService.GenerateGemFileForKPI(
string commonName,
string organization,
string organizationalUnit,
string locality,
string state,
string countryIso2Characters,
string emailAddress,
SignatureAlgorithm signatureAlgorithm,
RsaKeyLength rsaKeyLength)
{
countryIso2Characters = "US";
emailAddress = "";
signatureAlgorithm = SignatureAlgorithm.SHA256;
rsaKeyLength = RsaKeyLength.Length2048Bits;
#region Determine Signature Algorithm
string signatureAlgorithmStr;
switch (signatureAlgorithm)
{
case SignatureAlgorithm.SHA1:
signatureAlgorithmStr = PkcsObjectIdentifiers.Sha1WithRsaEncryption.Id;
break;
case SignatureAlgorithm.SHA256:
signatureAlgorithmStr = PkcsObjectIdentifiers.Sha256WithRsaEncryption.Id;
break;
case SignatureAlgorithm.SHA512:
signatureAlgorithmStr = PkcsObjectIdentifiers.Sha512WithRsaEncryption.Id;
break;
default:
signatureAlgorithmStr = PkcsObjectIdentifiers.Sha256WithRsaEncryption.Id;
break;
}
#endregion
#region Cert Info
IDictionary attrs = new Hashtable();
attrs.Add(X509Name.CN, commonName);
attrs.Add(X509Name.O, organization);
attrs.Add(X509Name.OU, organizationalUnit);
attrs.Add(X509Name.L, locality);
attrs.Add(X509Name.ST, state);
attrs.Add(X509Name.C, countryIso2Characters);
attrs.Add(X509Name.EmailAddress, emailAddress);
X509Name subject = new X509Name(new ArrayList(attrs.Keys), attrs);
#endregion
#region Key Generator
RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator();
rsaKeyPairGenerator.Init(new KeyGenerationParameters(new SecureRandom(new CryptoApiRandomGenerator()), (int)rsaKeyLength));
AsymmetricCipherKeyPair pair = rsaKeyPairGenerator.GenerateKeyPair();
#endregion
#region CSR Generator
string path_project_bin = Path.GetDirectoryName(Assembly.GetEntryAssembly().Location.Substring(0, Assembly.GetEntryAssembly().Location.IndexOf("bin\\")));
Asn1SignatureFactory signatureFactory = new Asn1SignatureFactory(signatureAlgorithmStr, pair.Private);
Pkcs10CertificationRequest csr = new Pkcs10CertificationRequest(signatureFactory, subject, pair.Public, null, pair.Private);
#endregion
#region Convert to PEM and Output
#region Private Key
StringBuilder privateKeyStrBuilder = new StringBuilder();
PemWriter privateKeyPemWriter = new PemWriter(new StringWriter(privateKeyStrBuilder));
privateKeyPemWriter.WriteObject(pair.Private);
privateKeyPemWriter.Writer.Flush();
string pathToNewFolder = System.IO.Path.Combine(path_project_bin + "/bin/keys/users/", "2");
DirectoryInfo directory = Directory.CreateDirectory(pathToNewFolder);
File.WriteAllText(path_project_bin + "/bin/keys/users/2/private.pem", privateKeyStrBuilder.ToString());
PrivateKey = privateKeyStrBuilder.ToString();
#endregion Private Key
#region Public Key
StringBuilder publicKeyStrBuilder = new StringBuilder();
PemWriter publicKeyPemWriter = new PemWriter(new StringWriter(publicKeyStrBuilder));
publicKeyPemWriter.WriteObject(pair.Public);
publicKeyPemWriter.Writer.Flush();
File.WriteAllText(path_project_bin + "/bin/keys/users/2/public.pem", publicKeyStrBuilder.ToString());
PublicKey = publicKeyStrBuilder.ToString();
#endregion Public Key
#region CSR
StringBuilder csrStrBuilder = new StringBuilder();
PemWriter csrPemWriter = new PemWriter(new StringWriter(csrStrBuilder));
csrPemWriter.WriteObject(csr);
csrPemWriter.Writer.Flush();
File.WriteAllText(path_project_bin + "/bin/keys/users/2/publicCert.pem", csrStrBuilder.ToString());
Csr = csrStrBuilder.ToString();
#endregion CSR
#endregion
}
