} // End Sub ReadCertificationRequest // https://stackoverflow.com/questions/21912390/decode-read-a-csr-certificate-signing-request-using-java-or-bouncycastle private static string GetX509Field(string asn1ObjectIdentifier, Org.BouncyCastle.Asn1.X509.X509Name x500Name) { string retVal = null; System.Collections.IList rdnArray = x500Name.GetValueList( new Org.BouncyCastle.Asn1.DerObjectIdentifier(asn1ObjectIdentifier) ); System.Collections.IList oids = x500Name.GetOidList(); System.Collections.IList foo = x500Name.GetValueList(); System.Console.WriteLine(oids); System.Console.WriteLine(foo); foreach (Org.BouncyCastle.Asn1.DerObjectIdentifier thisOID in oids) { string oidName = System.Convert.ToString(Org.BouncyCastle.Asn1.X509.X509Name.DefaultSymbols[thisOID]); System.Console.WriteLine(oidName); System.Collections.IList values = x500Name.GetValueList(thisOID); System.Console.WriteLine(values); } // Next thisOID foreach (object x in rdnArray) { // System.Console.WriteLine(x); retVal = System.Convert.ToString(x); return(retVal); } // Next x return(retVal); } // End Function GetX509Field
/// <summary> /// Formata o assunto no padrão codificar /// </summary> /// <param name="subject"></param> /// <returns></returns> private static Subject getSubject(BCA.X509.X509Name subject) { /** * Codificar Signature Sample * C=BR, * O=ICP-Brasil, * ST=MG, * L=Belo Horizonte, * OU=Secretaria da Receita Federal do Brasil - RFB, * OU=RFB e-CNPJ A3, * OU=Autenticado por PRODEMGE, * CN=CODIFICAR SISTEMAS TECNOLOGICOS LTDA ME:05957264000151 **/ /*List<Tuple<SubjectType, BCA.DerObjectIdentifier>> listSubject = new List<Tuple<SubjectType, BCA.DerObjectIdentifier>> * { * new Tuple<SubjectType, BCA.DerObjectIdentifier>(SubjectType.Country, iTextSharp.text.pdf.security.CertificateInfo.X509Name.C), * new Tuple<SubjectType, BCA.DerObjectIdentifier>(SubjectType.Organization, iTextSharp.text.pdf.security.CertificateInfo.X509Name.O), * new Tuple<SubjectType, BCA.DerObjectIdentifier>(SubjectType.State, iTextSharp.text.pdf.security.CertificateInfo.X509Name.ST), * new Tuple<SubjectType, BCA.DerObjectIdentifier>(SubjectType.Locality, iTextSharp.text.pdf.security.CertificateInfo.X509Name.L), * new Tuple<SubjectType, BCA.DerObjectIdentifier>(SubjectType.OrganizationalUnit, iTextSharp.text.pdf.security.CertificateInfo.X509Name.OU), * new Tuple<SubjectType, BCA.DerObjectIdentifier>(SubjectType.CommonName, iTextSharp.text.pdf.security.CertificateInfo.X509Name.CN), * }; * * Subject sub = new Subject(); * * foreach (Tuple<SubjectType, BCA.DerObjectIdentifier> item in listSubject) * foreach (string obj in subject.GetValueList(item.Item2)) * sub.Add(new SubjectDetail(item.Item1, obj)); * * return sub;*/ Dictionary <SubjectType, BCA.DerObjectIdentifier> listSubject = new Dictionary <SubjectType, BCA.DerObjectIdentifier>(); listSubject.Add(SubjectType.Country, iTextSharp.text.pdf.security.CertificateInfo.X509Name.C); listSubject.Add(SubjectType.Organization, iTextSharp.text.pdf.security.CertificateInfo.X509Name.O); listSubject.Add(SubjectType.State, iTextSharp.text.pdf.security.CertificateInfo.X509Name.ST); listSubject.Add(SubjectType.Locality, iTextSharp.text.pdf.security.CertificateInfo.X509Name.L); listSubject.Add(SubjectType.OrganizationalUnit, iTextSharp.text.pdf.security.CertificateInfo.X509Name.OU); listSubject.Add(SubjectType.CommonName, iTextSharp.text.pdf.security.CertificateInfo.X509Name.CN); Subject sub = new Subject(); foreach (KeyValuePair <SubjectType, BCA.DerObjectIdentifier> pair in listSubject) { foreach (string obj in subject.GetValueList(pair.Value)) { sub.Add(new SubjectDetail(pair.Key, obj)); } } return(sub); }
public static byte[] CreatePfxBytes( Org.BouncyCastle.X509.X509Certificate certificate , Org.BouncyCastle.Crypto.AsymmetricKeyParameter privateKey , string password = "") { byte[] pfxBytes = null; // create certificate entry Org.BouncyCastle.Pkcs.X509CertificateEntry certEntry = new Org.BouncyCastle.Pkcs.X509CertificateEntry(certificate); Org.BouncyCastle.Asn1.X509.X509Name name = new Org.BouncyCastle.Asn1.X509.X509Name(certificate.SubjectDN.ToString()); string friendlyName = (string)name.GetValueList(Org.BouncyCastle.Asn1.X509.X509Name.O)[0]; if (System.StringComparer.InvariantCultureIgnoreCase.Equals("Skynet Earth Inc.", friendlyName)) { friendlyName = "Skynet Certification Authority"; } Org.BouncyCastle.Pkcs.Pkcs12StoreBuilder builder = new Org.BouncyCastle.Pkcs.Pkcs12StoreBuilder(); builder.SetUseDerEncoding(true); Org.BouncyCastle.Pkcs.Pkcs12Store store = builder.Build(); store.SetCertificateEntry(friendlyName, certEntry); // create store entry store.SetKeyEntry( friendlyName , new Org.BouncyCastle.Pkcs.AsymmetricKeyEntry(privateKey) , new Org.BouncyCastle.Pkcs.X509CertificateEntry[] { certEntry } ); using (System.IO.MemoryStream stream = new System.IO.MemoryStream()) { // Cert is contained in store // null: no password, "": an empty passwords // note: Linux needs empty password on null... store.Save(stream, password == null ? "".ToCharArray() : password.ToCharArray(), new Org.BouncyCastle.Security.SecureRandom()); // stream.Position = 0; pfxBytes = Org.BouncyCastle.Pkcs.Pkcs12Utilities.ConvertToDefiniteLength(stream.ToArray()); } // End Using stream return(pfxBytes); } // End Function CreatePfxBytes
// System.Security.Cryptography.X509Certificates.X509Certificate2.Import (string fileName); // https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.x509certificates.x509certificate2.import?view=netframework-4.7.2 // https://gist.github.com/yutopio/a217a4af63cf6bcf0a530c14c074cf8f // https://gist.githubusercontent.com/yutopio/a217a4af63cf6bcf0a530c14c074cf8f/raw/42b2f8cb27f6d22b7e22d65da5bbd0f1ce9b2fff/cert.cs // https://stackoverflow.com/questions/44755155/store-pkcs12-container-pfx-with-bouncycastle // https://github.com/Worlaf/RSADemo/blob/328692e28e48db92340d55563480c8724d916384/RSADemo_WinForms/frmRsaDemo.cs public static void Create( string fileName , Org.BouncyCastle.X509.X509Certificate certificate , Org.BouncyCastle.Crypto.AsymmetricKeyParameter privateKey , string password = "") { // create certificate entry Org.BouncyCastle.Pkcs.X509CertificateEntry certEntry = new Org.BouncyCastle.Pkcs.X509CertificateEntry(certificate); Org.BouncyCastle.Asn1.X509.X509Name name = new Org.BouncyCastle.Asn1.X509.X509Name(certificate.SubjectDN.ToString()); string friendlyName = name .GetValueList(Org.BouncyCastle.Asn1.X509.X509Name.O) .OfType <string>() .FirstOrDefault(); if (System.StringComparer.InvariantCultureIgnoreCase.Equals("Skynet Earth Inc.", friendlyName)) { friendlyName = "Skynet Certification Authority"; } // get bytes of private key. Org.BouncyCastle.Asn1.Pkcs.PrivateKeyInfo keyInfo = Org.BouncyCastle.Pkcs.PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKey); //byte[] keyBytes = keyInfo.ToAsn1Object().GetEncoded(); Org.BouncyCastle.Pkcs.Pkcs12StoreBuilder builder = new Org.BouncyCastle.Pkcs.Pkcs12StoreBuilder(); builder.SetUseDerEncoding(true); Org.BouncyCastle.Pkcs.Pkcs12Store store = builder.Build(); store.SetCertificateEntry(friendlyName, certEntry); // create store entry store.SetKeyEntry( //keyFriendlyName friendlyName , new Org.BouncyCastle.Pkcs.AsymmetricKeyEntry(privateKey) , new Org.BouncyCastle.Pkcs.X509CertificateEntry[] { certEntry } ); byte[] pfxBytes = null; using (System.IO.MemoryStream stream = new System.IO.MemoryStream()) { // Cert is contained in store // null: no password, "": an empty passwords // note: Linux needs empty password on null... store.Save(stream, password == null ? "".ToCharArray() : password.ToCharArray(), new Org.BouncyCastle.Security.SecureRandom()); // stream.Position = 0; pfxBytes = stream.ToArray(); } // End Using stream #if WITH_MS_PFX WithMsPfx(pfxBytes, fileName, password); #else byte[] result = Org.BouncyCastle.Pkcs.Pkcs12Utilities.ConvertToDefiniteLength(pfxBytes); // this.StoreCertificate(System.Convert.ToBase64String(result)); using (System.IO.BinaryWriter writer = new System.IO.BinaryWriter(System.IO.File.Open(fileName, System.IO.FileMode.Create))) { writer.Write(result); } // End Using writer #endif } // End Sub Create