public X509Certificate2 GetCertificateForHostPlain(string sHostname) { return(_certificateCache.GetOrAdd(sHostname, hostname => { var signatureAlgorithm = CertificateConfiguration.EECertificateHashAlgorithm; return _generator.GenerateCertificate(GetRootCertificate(), EEPrivateKey, new X500DistinguishedName(FIDDLER_EE_DN), new[] { hostname }, signatureAlgorithm: signatureAlgorithm); })); }
public static IWebHost BuildWebHost() => WebHost.CreateDefaultBuilder() .UseKestrel( options => { #if DEBUG options.Listen(IPAddress.Loopback, 5000); backendServerPort = 5000; #else // Get free TCP port and write it to STDOUT where the Electron frontend can catch it. backendServerPort = FindFreeTcpPort(); options.Listen(IPAddress.Loopback, backendServerPort, listenOptions => { var httpsOptions = new HttpsConnectionAdapterOptions { ServerCertificate = CertificateGenerator .GenerateCertificate( $"CN={DigestUtils.GetDigestFromAssembly(typeof(Program).Assembly).ToLowerInvariant()}") }; listenOptions.UseHttps(httpsOptions); }); #endif }) .UseStartup <Startup>() .Build();
static public void CreateGroup(APIServer server, CertificateGenerator generator) { // Generate group Certificate var groupKeys = generator.GenerateCertificate("C=DE,O=Organiztion", TimeSpan.FromDays(1), "cert.pfx", "Test.123"); Console.WriteLine("Group certificate was generated"); BlindSigner blindSigner = new BlindSigner(groupKeys); GroupCreator groupCreator = new GroupCreator(server, blindSigner); Console.WriteLine("Create group"); Console.WriteLine("Enter group name:"); string groupName = Console.ReadLine(); //string groupName = "Loazarii"; Group group = new Group(); group.Name = groupName; Console.WriteLine("Enter owner email:"); string ownerEmail = Console.ReadLine(); //string ownerEmail = "*****@*****.**"; group.OwnerEmail = ownerEmail; group.RsaPublicKey = (RsaKeyParameters)groupKeys.Public; groupCreator.RegisterGroup(group); Console.WriteLine(""); //Write keys to file File.WriteAllText(group.Name + "PublicKey.txt", RsaKeyUtils.GetSerializedPublicKey((RsaKeyParameters)groupKeys.Public)); File.WriteAllText(group.Name + "PrivateKey.txt", RsaKeyUtils.GetSerializedPrivateKey((RsaKeyParameters)groupKeys.Private)); Console.WriteLine("You're group " + group.Name + " was registered!"); }
public X509Certificate2 GetCertificateForHostPlain(string sHostname) { _rwl.AcquireReaderLock(LOCK_TIMEOUT); try { var certExists = _certificateCache.ContainsKey(sHostname); if (certExists) { return(_certificateCache[sHostname]); } else { var signatureAlgorithm = CertificateConfiguration.EECertificateHashAlgorithm; var cert = _generator.GenerateCertificate(GetRootCertificate(), EEPrivateKey, new X500DistinguishedName(FIDDLER_EE_DN), new[] { sHostname }, signatureAlgorithm: signatureAlgorithm); var lockCookie = default(LockCookie); try { lockCookie = _rwl.UpgradeToWriterLock(LOCK_TIMEOUT); if (!_certificateCache.ContainsKey(sHostname)) { _certificateCache.Add(sHostname, cert); } else { return(_certificateCache[sHostname]); } } finally { _rwl.DowngradeFromWriterLock(ref lockCookie); } return(cert); } } finally { _rwl.ReleaseReaderLock(); } }
static public void RegisterParticipant(APIServer server, GroupRepository groupRepository, CertificateGenerator generator) { Console.WriteLine("Enter the group for which you want to register participants:"); string groupName = Console.ReadLine(); string pubKeyFile = groupName + "PublicKey.txt"; string privKeyFile = groupName + "PrivateKey.txt"; if (pubKeyFile != null && privKeyFile != null) { var groupCreator = GetGroupCreator(server, pubKeyFile, privKeyFile); Console.WriteLine(); Console.WriteLine("Enter participant email to be confirmed:"); var participantEmail = Console.ReadLine(); var participant = groupCreator.GetParticipantToConfirm(groupName, participantEmail); int invitationCode = participant.InvitationCode; Guid groupId = (Guid)participant.GroupId; string email = participant.Email; Group user_group = groupCreator.GetGroup(participant.InvitationCode); ClientParticipant clientParticipant = new ClientParticipant(server, groupRepository); var groupPublicKey = clientParticipant.GetGroupDetails(invitationCode); //Generate certificate var participantKeys = generator.GenerateCertificate("C=RO,O=Qubiz", TimeSpan.FromDays(1), "certParticipant.pfx", "Test.123"); Console.WriteLine("Client certificate was generated"); //Write keys to file File.WriteAllText(participantEmail.Substring(0, participantEmail.IndexOf("@")) + "PublicKey.txt", RsaKeyUtils.GetSerializedPublicKey((RsaKeyParameters)participantKeys.Public)); File.WriteAllText(participantEmail.Substring(0, participantEmail.IndexOf("@")) + "PrivateKey.txt", RsaKeyUtils.GetSerializedPrivateKey((RsaKeyParameters)participantKeys.Private)); Console.WriteLine("Participant keys were saved to file"); //Create GroupRegistration var groupRegistration = clientParticipant.GetGroupRegistration(invitationCode, (RsaKeyParameters)participantKeys.Public); Console.WriteLine("Blind factor was saved"); //Save blindedCertificate clientParticipant.RegisterBlindCertificate(invitationCode, groupRegistration); Console.WriteLine("Blind certificate was saved"); } else { Console.WriteLine("Group creator Keys were not saved to file, please go to step 1"); } }
private static void Certificate_Sample() { var algorithm = "RSA"; var keySize = 2048; //颁发者DN var issuer = new X509Name(new ArrayList { X509Name.C, X509Name.O, X509Name.OU, X509Name.L, X509Name.ST }, new Hashtable { [X509Name.C] = "CN", [X509Name.O] = "Fulu Newwork", [X509Name.OU] = "Fulu RSA CA 2020", [X509Name.L] = "Wuhan", [X509Name.ST] = "Hubei", }); //使用者DN var subject = new X509Name(new ArrayList { X509Name.C, X509Name.O, X509Name.CN }, new Hashtable { [X509Name.C] = "CN", [X509Name.O] = "ICH", [X509Name.CN] = "*.fulu.com" }); CertificateGenerator.GenerateCertificate(new GenerateCertificateOptions { Path = "mypfx.pfx", Issuer = issuer, Subject = subject }); var password = "******"; //证书密码 var signatureAlgorithm = "SHA256WITHRSA"; //签名算法 //var keyP = RSAKeyGenerator.Pkcs1(); //var pK = AsymmetricKeyUtilities.GetAsymmetricKeyParameterFormPrivateKey(keyP.PrivateKey); //CertificateGenerator.GenerateCertificate(new GenerateCertificateOptions{ Path = "mypfx.pfx", Issuer = issuer, Subject = subject }); //生成证书 // CertificateGenerator.X509V3(algorithm, keySize, password, signatureAlgorithm, DateTime.Now.AddDays(-1),DateTime.Now.AddDays(2), issuer, subject, "mycert.cert", "mypfx.pfx"); var pfx = new X509Certificate2("mypfx.pfx", password, X509KeyStorageFlags.Exportable); var keyPair2 = DotNetUtilities.GetKeyPair(pfx.PrivateKey); var subjectPublicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyPair2.Public); var privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(keyPair2.Private); var privateKey = Base64.ToBase64String(privateKeyInfo.ParsePrivateKey().GetEncoded()); var publicKey = Base64.ToBase64String(subjectPublicKeyInfo.GetEncoded()); //var cert = new X509Certificate2("mycert.cert", string.Empty, X509KeyStorageFlags.Exportable); //var publicKey2 = Base64.ToBase64String(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(DotNetUtilities.FromX509Certificate(cert).GetPublicKey()).GetEncoded()); Console.ForegroundColor = ConsoleColor.DarkYellow; Console.WriteLine("Pfx证书私钥:"); Console.WriteLine(privateKey); Console.WriteLine("Pfx证书公钥:"); Console.WriteLine(publicKey); //Console.WriteLine("Cert证书公钥:"); //Console.WriteLine(publicKey2); var data = "hello rsa"; Console.WriteLine($"加密原文:{data}"); var pkcs1data = RSA.EncryptToBase64(data, AsymmetricKeyUtilities.GetAsymmetricKeyParameterFormPublicKey(publicKey), Algorithms.RSA_ECB_PKCS1Padding); Console.WriteLine("加密结果:"); Console.WriteLine(pkcs1data); //pkcs1data = // "KGbgP3Ns6kFyjJ7tbepdZ3X8zssoHKWyVzVesghWg8fFP0ZMVumf+iXJ93LBu3xqKWE/5JTr1qFc5u0Cm3BUPnusMjBTgMrQk3zopVOELpChFbkeTR2YHsdDZdBzaJVN4SQQwHMkp2w8Pyb9x1NjsFoHHQEskBUNnOEuGkEFZdg="; Console.WriteLine("解密结果:"); var datares = RSA.DecryptFromBase64(pkcs1data, AsymmetricKeyUtilities.GetAsymmetricKeyParameterFormPrivateKey(privateKey), Algorithms.RSA_ECB_PKCS1Padding); Console.WriteLine(datares); }
static void Main(string[] args) { //Asta va fi inlocuit cu un API call SignatureVerifier signatureVerifier = new SignatureVerifier(); RNGRandomGenerator rngGenerator = new RNGRandomGenerator(); EmailSender emailSender = new EmailSender(); BlindChatDbContext context = new BlindChatDbContext(); GroupRepository groupRepository = new GroupRepository(context); APIServer server = new APIServer(groupRepository, emailSender, rngGenerator, signatureVerifier); //Set participants List <Participant> unconfirmedParticipants = server.GetParticipantsToConfirm("Loazarii"); foreach (var participant in unconfirmedParticipants) { int invitationCode = participant.InvitationCode; Guid groupId = (Guid)participant.GroupId; string email = participant.Email; Group group = server.GetGroup(participant.InvitationCode); ClientParticipant clientParticipant = new ClientParticipant(server, groupRepository); var groupPublicKey = clientParticipant.GetGroupDetails(invitationCode); //Generate certificate CertificateGenerator generator = new CertificateGenerator(); var participantKeys = generator.GenerateCertificate("C=RO,O=Qubiz", TimeSpan.FromDays(1), "certParticipant.pfx", "Test.123"); //Serialize var privateSerializedKey = RsaKeyUtils.GetSerializedPrivateKey(participantKeys.Private); var publicSerializedKey = RsaKeyUtils.GetSerializedPublicKey(participantKeys.Public); //Concatenante serialized key var content = RsaKeyUtils.Combine(publicSerializedKey, privateSerializedKey); //Generate blind content ContentBlinder contentBlinder = new ContentBlinder((RsaKeyParameters)groupPublicKey, "Loazarii"); var blindedContent = contentBlinder.GetBlindedContent(content); var groupRegistration = clientParticipant.GetGroupRegistration(invitationCode, (RsaKeyParameters)participantKeys.Public); //Save blindedCertificate clientParticipant.RegisterBlindCertificate(invitationCode, groupRegistration); //Send for sign DONE //Get blindSignature var blindMessage = server.GetSignedMessage(groupId, email); var signature = Convert.FromBase64CharArray(blindMessage.Signature.ToCharArray(), 0, blindMessage.Signature.Length); //Unblind signature var unblindedSignature = contentBlinder.GetUnblindedSignature(signature); //Verify var verifiedParticipant = clientParticipant.CheckVerifiedEntity(group, participant.Email, groupRegistration); clientParticipant.AddClientCertificate(verifiedParticipant, group, email); ParticipantMessage message = new ParticipantMessage(); message.Message = "Andreiu, ce nevoie faci?"; clientParticipant.AddMessage(groupId, message, verifiedParticipant); } Console.ReadKey(); }