private Csr GenerateCsr(CsrDetails csrDetails, RsaPrivateKey rsaKeyPair, string messageDigest = "SHA256")
{
var rsaKeys = CryptoKey.FromPrivateKey(rsaKeyPair.Pem, null);
// Translate from our external form to our OpenSSL internal form
// Ref: https://www.openssl.org/docs/manmaster/crypto/X509_NAME_new.html
var xn = new X509Name();
if (!string.IsNullOrEmpty(csrDetails.CommonName /**/))
{
xn.Common = csrDetails.CommonName; // CN;
}
if (!string.IsNullOrEmpty(csrDetails.Country /**/))
{
xn.Country = csrDetails.Country; // C;
}
if (!string.IsNullOrEmpty(csrDetails.StateOrProvince /**/))
{
xn.StateOrProvince = csrDetails.StateOrProvince; // ST;
}
if (!string.IsNullOrEmpty(csrDetails.Locality /**/))
{
xn.Locality = csrDetails.Locality; // L;
}
if (!string.IsNullOrEmpty(csrDetails.Organization /**/))
{
xn.Organization = csrDetails.Organization; // O;
}
if (!string.IsNullOrEmpty(csrDetails.OrganizationUnit /**/))
{
xn.OrganizationUnit = csrDetails.OrganizationUnit; // OU;
}
if (!string.IsNullOrEmpty(csrDetails.Description /**/))
{
xn.Description = csrDetails.Description; // D;
}
if (!string.IsNullOrEmpty(csrDetails.Surname /**/))
{
xn.Surname = csrDetails.Surname; // S;
}
if (!string.IsNullOrEmpty(csrDetails.GivenName /**/))
{
xn.Given = csrDetails.GivenName; // G;
}
if (!string.IsNullOrEmpty(csrDetails.Initials /**/))
{
xn.Initials = csrDetails.Initials; // I;
}
if (!string.IsNullOrEmpty(csrDetails.Title /**/))
{
xn.Title = csrDetails.Title; // T;
}
if (!string.IsNullOrEmpty(csrDetails.SerialNumber /**/))
{
xn.SerialNumber = csrDetails.SerialNumber; // SN;
}
if (!string.IsNullOrEmpty(csrDetails.UniqueIdentifier /**/))
{
xn.UniqueIdentifier = csrDetails.UniqueIdentifier; // UID;
}
var xr = new X509Request(0, xn, rsaKeys);
var md = MessageDigest.CreateByName(messageDigest);
xr.Sign(rsaKeys, md);
using (var bio = BIO.MemoryBuffer())
{
xr.Write(bio);
return(new Csr(bio.ReadString()));
}
}
protected Csr GenerateCsr(CsrDetails csrDetails, RsaPrivateKey rsaKeyPair, string messageDigest = "SHA256")
{
var rsaKeys = CryptoKey.FromPrivateKey(rsaKeyPair.Pem, null);
// Translate from our external form to our OpenSSL internal form
// Ref: https://www.openssl.org/docs/manmaster/crypto/X509_NAME_new.html
var xn = new X509Name();
if (!string.IsNullOrEmpty(csrDetails.CommonName /**/))
{
xn.Common = csrDetails.CommonName; // CN;
}
if (!string.IsNullOrEmpty(csrDetails.Country /**/))
{
xn.Country = csrDetails.Country; // C;
}
if (!string.IsNullOrEmpty(csrDetails.StateOrProvince /**/))
{
xn.StateOrProvince = csrDetails.StateOrProvince; // ST;
}
if (!string.IsNullOrEmpty(csrDetails.Locality /**/))
{
xn.Locality = csrDetails.Locality; // L;
}
if (!string.IsNullOrEmpty(csrDetails.Organization /**/))
{
xn.Organization = csrDetails.Organization; // O;
}
if (!string.IsNullOrEmpty(csrDetails.OrganizationUnit /**/))
{
xn.OrganizationUnit = csrDetails.OrganizationUnit; // OU;
}
if (!string.IsNullOrEmpty(csrDetails.Description /**/))
{
xn.Description = csrDetails.Description; // D;
}
if (!string.IsNullOrEmpty(csrDetails.Surname /**/))
{
xn.Surname = csrDetails.Surname; // S;
}
if (!string.IsNullOrEmpty(csrDetails.GivenName /**/))
{
xn.Given = csrDetails.GivenName; // G;
}
if (!string.IsNullOrEmpty(csrDetails.Initials /**/))
{
xn.Initials = csrDetails.Initials; // I;
}
if (!string.IsNullOrEmpty(csrDetails.Title /**/))
{
xn.Title = csrDetails.Title; // T;
}
if (!string.IsNullOrEmpty(csrDetails.SerialNumber /**/))
{
xn.SerialNumber = csrDetails.SerialNumber; // SN;
}
if (!string.IsNullOrEmpty(csrDetails.UniqueIdentifier /**/))
{
xn.UniqueIdentifier = csrDetails.UniqueIdentifier; // UID;
}
var xr = new X509Request(0, xn, rsaKeys);
if (csrDetails.AlternativeNames != null)
{
// Format the common name as the first alternative name
var commonName = $"{EXT_SAN_PREFIX_DNS}:{xn.Common}";
// Concat with all subsequent alternative names
var altNames = commonName + string.Join("", csrDetails.AlternativeNames.Select(
x => $",{EXT_SAN_PREFIX_DNS}:{x}"));
// Assemble and add the SAN extension value
var extensions = new OpenSSL.Core.Stack <X509Extension>();
extensions.Add(new X509Extension(xr, EXT_NAME_SAN, false, altNames));
xr.AddExtensions(extensions);
}
var md = MessageDigest.CreateByName(messageDigest);
xr.Sign(rsaKeys, md);
using (var bio = BIO.MemoryBuffer())
{
xr.Write(bio);
return(new Csr(bio.ReadString()));
}
}