private static void WriteKeyBag(EncryptionMethod p, DerWriter wr)
{
wr.WriteOID(PKCS12KeyBag);
using (wr.BeginTaggedObject(0))
{
using (wr.BeginSequence())
{
p.WritePrivateKey(wr);
}
}
using (wr.BeginSet())
{
using (wr.BeginSequence())
{
wr.WriteOID(PKCS12LocalKeyID);
using (wr.BeginSet())
{
wr.WriteOctetString(new byte[] { 1 });
}
}
using (wr.BeginSequence())
{
wr.WriteOID(PKCS12FriendlyName);
using (wr.BeginSet())
{
wr.Write("Certificate1");
}
}
}
}
private static void WriteX509Cert(byte[] cert, EncryptionMethod p, DerWriter wr)
{
wr.WriteOID(PKCS12X509Certificate);
using (wr.BeginTaggedObject(0))
{
wr.WriteOctetString(cert);
}
}
public override void WritePublicKey(DerWriter wr)
{
using (wr.BeginSequence())
{
wr.WriteOID(EcPublicKey);
wr.WriteOID(m_curveOID);
}
wr.Write(PublicKeyData);
}
public override void WritePublicKey(DerWriter wr)
{
using (wr.BeginSequence())
{
wr.WriteOID(RsaEncryption);
wr.WriteNull();
}
using (wr.BeginBitString())
using (wr.BeginSequence())
{
wr.WriteInteger(m_parameters.Modulus);
wr.WriteInteger(m_parameters.Exponent);
}
}
private byte[] MakePFX(byte[] cert, EncryptionMethod p)
{
var wr = new DerWriter();
using (wr.BeginSequence())
{
wr.WriteInteger(3);
using (wr.BeginSequence())
{
OuterDataObject(cert, p, wr);
}
}
return(wr.ToArray());
}
public override void SignData(byte[] data, DerWriter wr)
{
byte[] sign = m_cng.SignData(data);
byte[] sx = new byte[sign.Length / 2];
byte[] sy = new byte[sign.Length / 2];
Array.Copy(sign, 0, sx, 0, sx.Length);
Array.Copy(sign, sy.Length, sy, 0, sy.Length);
using (wr.BeginBitString())
{
using (wr.BeginSequence())
{
wr.WriteInteger(sx);
wr.WriteInteger(sy);
}
}
}
private static void InnerDataObject2(byte[] cert, EncryptionMethod p, DerWriter wr)
{
wr.WriteOID(PKCS7Data);
using (wr.BeginTaggedObject(0))
{
using (wr.BeginOctetString())
{
using (wr.BeginSequence())
{
using (wr.BeginSequence())
{
WriteCertBag(cert, p, wr);
}
}
}
}
}
private static void InnerDataObject1(EncryptionMethod p, DerWriter wr)
{
wr.WriteOID(PKCS7Data);
using (wr.BeginTaggedObject(0))
{
using (wr.BeginOctetString())
{
using (wr.BeginSequence())
{
using (wr.BeginSequence())
{
WriteKeyBag(p, wr);
}
}
}
}
}
public override void WritePrivateKey(DerWriter wr)
{
wr.WriteInteger(0);
using (wr.BeginSequence())
{
wr.WriteOID(EcPublicKey);
wr.WriteOID(m_curveOID);
}
using (wr.BeginOctetString())
{
using (wr.BeginSequence())
{
wr.WriteInteger(1);
wr.WriteOctetString(d);
using (wr.BeginTaggedObject(0))
{
wr.WriteOID(m_curveOID);
}
}
}
}
private static void WriteCertBag(byte[] cert, EncryptionMethod p, DerWriter wr)
{
wr.WriteOID(PKCS12CertBag);
using (wr.BeginTaggedObject(0))
{
using (wr.BeginSequence())
{
WriteX509Cert(cert, p, wr);
}
}
using (wr.BeginSet())
{
using (wr.BeginSequence())
{
wr.WriteOID(PKCS12LocalKeyID);
using (wr.BeginSet())
{
wr.WriteOctetString(new byte[] { 1 });
}
}
}
}
public override void WritePrivateKey(DerWriter wr)
{
wr.WriteInteger(0);
using (wr.BeginSequence())
{
wr.WriteOID(RsaEncryption);
}
using (wr.BeginOctetString())
{
using (wr.BeginSequence())
{
wr.WriteInteger(0);
wr.WriteInteger(m_parameters.Modulus);
wr.WriteInteger(m_parameters.Exponent);
wr.WriteInteger(m_parameters.D);
wr.WriteInteger(m_parameters.P);
wr.WriteInteger(m_parameters.Q);
wr.WriteInteger(m_parameters.DP);
wr.WriteInteger(m_parameters.DQ);
wr.WriteInteger(m_parameters.InverseQ);
}
}
}
public abstract void WritePrivateKey(DerWriter wr);
public override void SignData(byte[] data, DerWriter wr)
{
byte[] sign = m_rsa.SignData(data, hashName, RSASignaturePadding.Pkcs1);
wr.Write(sign);
}
public abstract void SignData(byte[] data, DerWriter wr);
/// <summary>
/// Generate a new X509Certificate using the passed in SignatureCalculator.
/// </summary>
/// <returns>An X509Certificate.</returns>
public X509Certificate2 Generate()
{
EncryptionMethod method;
switch (CipherEngine)
{
case CipherEngine.RSACryptoServiceProvider:
method = new RSAMode(SignatureBits, KeySize, false);
break;
case CipherEngine.RSACng:
method = new RSAMode(SignatureBits, KeySize, true);
break;
case CipherEngine.ECDsaCng:
method = new ECDSAMode(SignatureBits, KeySize);
break;
default:
throw new ArgumentOutOfRangeException();
}
using (method)
{
if (SerialNumber <= 0 || string.IsNullOrWhiteSpace(Issuer) || string.IsNullOrWhiteSpace(Subject))
{
throw new InvalidOperationException("not all mandatory fields set");
}
DerWriter tbsCertificate = new DerWriter();
using (tbsCertificate.BeginSequence())
{
using (tbsCertificate.BeginSequence())
{
using (tbsCertificate.BeginTaggedObject(0))
{
tbsCertificate.WriteInteger(2);
}
tbsCertificate.WriteInteger(SerialNumber);
using (tbsCertificate.BeginSequence())
{
tbsCertificate.WriteOID(method.SignatureOID);
}
using (tbsCertificate.BeginSequence())
using (tbsCertificate.BeginSet())
using (tbsCertificate.BeginSequence())
{
tbsCertificate.WriteOID(Cn);
tbsCertificate.Write(Issuer);
}
using (tbsCertificate.BeginSequence())
{
tbsCertificate.Write(NotBefore);
tbsCertificate.Write(NotAfter);
}
using (tbsCertificate.BeginSequence())
using (tbsCertificate.BeginSet())
using (tbsCertificate.BeginSequence())
{
tbsCertificate.WriteOID(Cn);
tbsCertificate.Write(Subject);
}
using (tbsCertificate.BeginSequence())
{
method.WritePublicKey(tbsCertificate);
}
}
byte[] encoded = tbsCertificate.ToArray();
using (tbsCertificate.BeginSequence())
tbsCertificate.WriteOID(method.SignatureOID);
method.SignData(encoded, tbsCertificate);
}
byte[] data = tbsCertificate.ToArray();
byte[] data2 = MakePFX(data, method);
return(new X509Certificate2(data2, "", X509KeyStorageFlags.Exportable));
}
}
public Section(DerWriter caller, SectionMode mode)
{
m_caller = caller;
m_mode = mode;
}
public void Dispose()
{
m_caller?.EndSection(m_mode);
m_caller = null;
}
public abstract void WritePublicKey(DerWriter wr);
