/// <summary>
/// Retorna el sello digital para el certificado y firmando con la llave.
/// </summary>
/// <param name="rutaLlave"></param>
/// <param name="clavePrivada"></param>
/// <param name="cadenaOriginal"></param>
/// <returns></returns>
public string GetSelloDigital(ref string error, string rutaLlave, string clavePrivada, string cadenaOriginal)
{
try
{
byte[] ArrayKey = File.ReadAllBytes(rutaLlave); // Convertimos el archivo anterior a byte
//1) Desencriptar la llave privada, el primer parámetro es la contraseña de llave privada y el segundo es la llave privada en formato binario.
Org.BouncyCastle.Crypto.AsymmetricKeyParameter asp = Org.BouncyCastle.Security.PrivateKeyFactory.DecryptKey(clavePrivada.ToCharArray(), ArrayKey);
//2) Convertir a parámetros de RSA
Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters key = (Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters)asp;
//3) Crear el firmador con SHA1
Org.BouncyCastle.Crypto.ISigner sig = Org.BouncyCastle.Security.SignerUtilities.GetSigner("SHA-256withRSA");
//La siguiente linea es para generar el sello para la nueva versión de CFDI 3.3
// Org.BouncyCastle.Crypto.ISigner sig = Org.BouncyCastle.Security.SignerUtilities.GetSigner("SHA-256withRSA");
//4) Inicializar el firmador con la llave privada
sig.Init(true, key);
// 5) Pasar la cadena original a formato binario
byte[] bytes = Encoding.UTF8.GetBytes(cadenaOriginal);
// 6) Encriptar
sig.BlockUpdate(bytes, 0, bytes.Length);
byte[] bytesFirmados = sig.GenerateSignature();
// 7) Finalmente obtenemos el sello
String sello = Convert.ToBase64String(bytesFirmados);
return(sello);
}
catch (Exception e)
{
_logger.EscribirError(e.ToString());
error = "Problemas al generar xml para el timbrado, favor revisar clave o certificados.";
return("");
}
}
private string generaSello()
{
String pass = ConfigurationManager.AppSettings["keypass"]; //Contraseña de la llave privada
String llave = ConfigurationManager.AppSettings["rutaKey"]; //Archivo de la llave privada
byte[] llave2 = File.ReadAllBytes(llave); // Convertimos el archivo anterior a byte
String CadenaOriginal = generarCadenaOriginal(@"C:\CFDI\SinTimbrar.xml");
//1) Desencriptar la llave privada, el primer parámetro es la contraseña de llave privada y el segundo es la llave privada en formato binario.
Org.BouncyCastle.Crypto.AsymmetricKeyParameter asp = Org.BouncyCastle.Security.PrivateKeyFactory.DecryptKey(pass.ToCharArray(), llave2);
//2) Convertir a parámetros de RSA
Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters key = (Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters)asp;
//3) Crear el firmador con SHA1
//Org.BouncyCastle.Crypto.ISigner sig = Org.BouncyCastle.Security.SignerUtilities.GetSigner("SHA1withRSA");
//La siguiente linea es para generar el sello para la nueva versión de CFDI 3.3
Org.BouncyCastle.Crypto.ISigner sig = Org.BouncyCastle.Security.SignerUtilities.GetSigner("SHA-256withRSA");
//4) Inicializar el firmador con la llave privada
sig.Init(true, key);
// 5) Pasar la cadena original a formato binario
byte[] bytes = Encoding.UTF8.GetBytes(CadenaOriginal);
// 6) Encriptar
sig.BlockUpdate(bytes, 0, bytes.Length);
byte[] bytesFirmados = sig.GenerateSignature();
// 7) Finalmente obtenemos el sello
String sello = Convert.ToBase64String(bytesFirmados);
return(sello);
}
// https://www.csharpcodi.com/csharp-examples/Org.BouncyCastle.X509.X509Certificate.GetPublicKey()/
public static bool CheckRequestSignature(
byte[] serializedSpeechletRequest
, string expectedSignature
, Org.BouncyCastle.X509.X509Certificate cert)
{
byte[] expectedSig = null;
try
{
expectedSig = System.Convert.FromBase64String(expectedSignature);
}
catch (System.FormatException)
{
return(false);
}
Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters publicKey =
(Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters)cert.GetPublicKey();
Org.BouncyCastle.Crypto.ISigner signer =
Org.BouncyCastle.Security.SignerUtilities.GetSigner("Sdk.SIGNATURE_ALGORITHM");
signer.Init(false, publicKey);
signer.BlockUpdate(serializedSpeechletRequest, 0, serializedSpeechletRequest.Length);
return(signer.VerifySignature(expectedSig));
}
private static byte[] fromRSAPublicKey(RSAPublicKey key)
{
DNSOutput @out = new DNSOutput();
Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters kp = key.PublicKey;
// BigInteger exponent = key.getPublicExponent();
Org.BouncyCastle.Math.BigInteger exponent = kp.Exponent;
// BigInteger modulus = key.getModulus();
Org.BouncyCastle.Math.BigInteger modulus = kp.Modulus;
int exponentLength = Helpers.BigIntegerLength(exponent);
if (exponentLength < 256)
{
@out.writeU8(exponentLength);
}
else
{
@out.writeU8(0);
@out.writeU16(exponentLength);
}
Helpers.writeBigInteger(@out, exponent);
Helpers.writeBigInteger(@out, modulus);
return(@out.toByteArray());
}
private void button1_Click(object sender, EventArgs e)
{
rsap = new RSACryptoServiceProvider();
var p = rsap.ExportParameters(false);
var pubkeyout = new Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters(false, new BigInteger(1, p.Modulus), new BigInteger(1, p.Exponent));
var pubbuilder = new StringBuilder();
var pubwriter = new System.IO.StringWriter(pubbuilder);
var pw = new Org.BouncyCastle.OpenSsl.PemWriter(pubwriter);
pw.WriteObject(pubkeyout);
pub_box.Text = pubbuilder.ToString();
var pv = rsap.ExportParameters(true);
var privkeyout = new Org.BouncyCastle.Crypto.Parameters.RsaPrivateCrtKeyParameters(
new BigInteger(1, pv.Modulus), new BigInteger(1, pv.Exponent), new BigInteger(1, pv.D), new BigInteger(1, pv.P), new BigInteger(1, pv.Q),
new BigInteger(1, pv.DP), new BigInteger(1, pv.DQ), new BigInteger(1, pv.InverseQ)
);
var privbuilder = new StringBuilder();
var privwriter = new System.IO.StringWriter(privbuilder);
var pvw = new Org.BouncyCastle.OpenSsl.PemWriter(privwriter);
pvw.WriteObject(privkeyout);
pv_box.Text = privbuilder.ToString();
}
/// <summary>
/// 使用公钥解密
/// </summary>
/// <param name="data"></param>
/// <returns></returns>
public byte[] DecryptByPublic(byte[] data)
{
//var xml = this._provider.ToXmlString(false);
var parameter = this._provider.ExportParameters(false);
var pub = new Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters(false,
new Org.BouncyCastle.Math.BigInteger(1, parameter.Modulus),
new Org.BouncyCastle.Math.BigInteger(1, parameter.Exponent));
var helper = new RsaKeyHelper(pub, null);
return(helper.DecryptByPublic(data));
}
/// <summary>
/// Get RSA public key from a CSR.
/// </summary>
public static RSA GetRSAPublicKey(Org.BouncyCastle.Asn1.X509.SubjectPublicKeyInfo subjectPublicKeyInfo)
{
Org.BouncyCastle.Crypto.AsymmetricKeyParameter asymmetricKeyParameter = Org.BouncyCastle.Security.PublicKeyFactory.CreateKey(subjectPublicKeyInfo);
Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters rsaKeyParameters = (Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters)asymmetricKeyParameter;
RSAParameters rsaKeyInfo = new RSAParameters
{
Modulus = rsaKeyParameters.Modulus.ToByteArrayUnsigned(),
Exponent = rsaKeyParameters.Exponent.ToByteArrayUnsigned()
};
RSA rsa = RSA.Create(rsaKeyInfo);
return(rsa);
}
public static RSAParameters ToRSAParameters(Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters rsaKey)
{
RSAParameters rp = new RSAParameters();
rp.Modulus = rsaKey.Modulus.ToByteArrayUnsigned();
if (rsaKey.IsPrivate)
{
rp.D = ConvertRSAParametersField(rsaKey.Exponent, rp.Modulus.Length);
}
else
{
rp.Exponent = rsaKey.Exponent.ToByteArrayUnsigned();
}
return(rp);
}
/// <summary>Extension method which initializes an RSACryptoServiceProvider from a PEM public key string.</summary>
public static void LoadPublicKeyPEM(RSACryptoServiceProvider provider, string sPEM)
{
sPEM = sPEM.Replace("-----BEGIN PUBLIC KEY-----", "");
sPEM = sPEM.Replace("-----END PUBLIC KEY-----", "");
sPEM = sPEM.Trim();
byte[] publicKeyBytes = Convert.FromBase64String(sPEM);
Org.BouncyCastle.Crypto.AsymmetricKeyParameter asymmetricKeyParameter = Org.BouncyCastle.Security.PublicKeyFactory.CreateKey(publicKeyBytes);
Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters rsaKeyParameters = (Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters)asymmetricKeyParameter;
RSAParameters rsaParameters = new RSAParameters();
rsaParameters.Modulus = rsaKeyParameters.Modulus.ToByteArrayUnsigned();
rsaParameters.Exponent = rsaKeyParameters.Exponent.ToByteArrayUnsigned();
provider.ImportParameters(rsaParameters);
}
public PublicKey GetPublicKey()
{
if (storedPublicKey == null)
{
Org.BouncyCastle.OpenSsl.PemReader pr =
new Org.BouncyCastle.OpenSsl.PemReader(
new System.IO.StringReader(publicKey));
Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters keyParams
= (Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters)pr.ReadObject();
var rsaKeyInfo = Org.BouncyCastle.Security.DotNetUtilities.ToRSAParameters(keyParams);
var exponent = ByteArrayToUInt(rsaKeyInfo.Exponent);
var modulus = Convert.ToBase64String(rsaKeyInfo.Modulus);
storedPublicKey = new PublicKey(modulus, exponent);
}
return(storedPublicKey);
}
/// <summary>
/// 使用私钥加密
/// </summary>
/// <param name="data"></param>
/// <returns></returns>
public byte[] EncryptByPrivate(byte[] data)
{
//var xml = this._provider.ToXmlString(true);
var parameter = this._provider.ExportParameters(true);
var pub = new Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters(false, new Org.BouncyCastle.Math.BigInteger(1, parameter.Modulus),
new Org.BouncyCastle.Math.BigInteger(1, parameter.Exponent));
var pvt = new Org.BouncyCastle.Crypto.Parameters.RsaPrivateCrtKeyParameters(
new Org.BouncyCastle.Math.BigInteger(1, parameter.Modulus),
new Org.BouncyCastle.Math.BigInteger(1, parameter.Exponent),
new Org.BouncyCastle.Math.BigInteger(1, parameter.D),
new Org.BouncyCastle.Math.BigInteger(1, parameter.P),
new Org.BouncyCastle.Math.BigInteger(1, parameter.Q),
new Org.BouncyCastle.Math.BigInteger(1, parameter.DP),
new Org.BouncyCastle.Math.BigInteger(1, parameter.DQ),
new Org.BouncyCastle.Math.BigInteger(1, parameter.InverseQ)
);
RsaKeyHelper helper = new RsaKeyHelper(pub, pvt);
//var helper = RsaKeyHelper.FromXmlKey(xml);
return(helper.EncryptByPrivate(data));
}
private static Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair GetRsaKeyPair(RSAParameters rp)
{
Org.BouncyCastle.Math.BigInteger modulus = new Org.BouncyCastle.Math.BigInteger(1, rp.Modulus);
Org.BouncyCastle.Math.BigInteger pubExp = new Org.BouncyCastle.Math.BigInteger(1, rp.Exponent);
Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters pubKey =
new Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters(
false,
modulus,
pubExp);
Org.BouncyCastle.Crypto.Parameters.RsaPrivateCrtKeyParameters privKey =
new Org.BouncyCastle.Crypto.Parameters.RsaPrivateCrtKeyParameters(
modulus,
pubExp,
new Org.BouncyCastle.Math.BigInteger(1, rp.D),
new Org.BouncyCastle.Math.BigInteger(1, rp.P),
new Org.BouncyCastle.Math.BigInteger(1, rp.Q),
new Org.BouncyCastle.Math.BigInteger(1, rp.DP),
new Org.BouncyCastle.Math.BigInteger(1, rp.DQ),
new Org.BouncyCastle.Math.BigInteger(1, rp.InverseQ));
return(new Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair(pubKey, privKey));
}
private static PublicKey toRSAPublicKey(byte[] keyBytes) // throws IOException, GeneralSecurityException
{
DNSInput @in = new DNSInput(keyBytes);
int exponentLength = @in.readU8();
if (exponentLength == 0)
{
exponentLength = @in.readU16();
}
Org.BouncyCastle.Math.BigInteger exponent = Helpers.readBigInteger(@in, exponentLength);
Org.BouncyCastle.Math.BigInteger modulus = Helpers.readBigInteger(@in);
/*
* KeyFactory factory = KeyFactory.getInstance("RSA");
* return factory.generatePublic(new RSAPublicKeySpec(modulus, exponent));
*/
Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters kp
= new Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters(false, modulus, exponent);
return(PublicKey.CreateInstance(kp));
}
public RSAPublicKey(Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters publicKey)
{
m_publicKey = publicKey;
}
