public static void SelfSign(string privateKey, string csrFile) { var pk = ReadAsymmetricKeyParameter(privateKey); var PKKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(pk.Private); var reader = new PemReader(File.OpenText(csrFile)); var csr = (Pkcs10CertificationRequest)(reader.ReadObject()); var csrinfo = csr.GetCertificationRequestInfo(); AlgorithmIdentifier sigAlgId = new AlgorithmIdentifier(PkcsObjectIdentifiers.Sha256WithRsaEncryption); AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId); BigInteger serial = new BigInteger(128, new SecureRandom()); DateTime from = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day); DateTime to = from.AddYears(20); X509V3CertificateGenerator tbsGen = new X509V3CertificateGenerator(); tbsGen.SetIssuerDN(csrinfo.Subject); tbsGen.SetSerialNumber(serial); tbsGen.SetNotBefore((from)); tbsGen.SetNotAfter((to)); tbsGen.SetPublicKey(csr.GetPublicKey()); tbsGen.SetSubjectDN(csrinfo.Subject); tbsGen.SetSignatureAlgorithm("SHA256WITHRSA"); var cert = tbsGen.Generate(pk.Private); // save the TBS System.IO.File.WriteAllBytes("cert.cer", cert.GetEncoded()); }
public static void CreateCert(string parentcer, string csrFile) { var issuer = new X509CertificateParser().ReadCertificate(File.OpenRead(parentcer)); var reader = new PemReader(File.OpenText(csrFile)); var csr = (Pkcs10CertificationRequest)(reader.ReadObject()); var csrinfo = csr.GetCertificationRequestInfo(); AlgorithmIdentifier sigAlgId = new AlgorithmIdentifier(PkcsObjectIdentifiers.Sha256WithRsaEncryption); AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId); BigInteger serial = new BigInteger(128, new SecureRandom()); DateTime from = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day); DateTime to = from.AddYears(5); V3TbsCertificateGenerator tbsGen = new V3TbsCertificateGenerator(); tbsGen.SetIssuer(issuer.SubjectDN); tbsGen.SetSerialNumber(new DerInteger(serial)); tbsGen.SetStartDate(new Time(from)); tbsGen.SetEndDate(new Time(to)); tbsGen.SetSubjectPublicKeyInfo(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(csr.GetPublicKey())); tbsGen.SetSubject(csrinfo.Subject); // add certificate purposes Asn1EncodableVector vector = new Asn1EncodableVector(); vector.Add(new DerObjectIdentifier("1.3.6.1.5.5.7.3.2")); vector.Add(new DerObjectIdentifier("1.3.6.1.4.1.311.20.2.2")); vector.Add(new DerObjectIdentifier("1.3.6.1.4.1.311.10.3.12")); vector.Add(new DerObjectIdentifier("1.3.6.1.5.5.7.3.4")); DerSequence seq = new DerSequence(vector); X509ExtensionsGenerator extGenerator = new X509ExtensionsGenerator(); extGenerator.AddExtension(X509Extensions.ExtendedKeyUsage, false, seq); tbsGen.SetExtensions(extGenerator.Generate()); tbsGen.SetSignature(sigAlgId); TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate(); // save the TBS System.IO.File.WriteAllBytes("tbs.cer", tbsCert.GetDerEncoded()); Console.WriteLine("generate the signature (SHA->DER->ENCRYPT) for tbs.cer and call it tbs.sig"); Console.WriteLine("And then press enter"); Console.ReadLine(); var t1 = GenerateJcaObject(tbsCert, sigAlgId, System.IO.File.ReadAllBytes("tbs.sig").Take(256).ToArray()); System.IO.File.WriteAllBytes("cert.cer", t1.GetEncoded()); Console.WriteLine("saved as cert.cer"); }
private static string GetFingerprint(X509Certificate certificate, out string hashFunctionName) { var algorithms = DigestUtilities.Algorithms; var digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(certificate.CertificateStructure.SignatureAlgorithm); IDigest digest = DigestUtilities.GetDigest(digAlgId.Algorithm); byte[] input = certificate.GetEncoded(); digest.BlockUpdate(input, 0, input.Length); byte[] output = new byte[digest.GetDigestSize()]; digest.DoFinal(output, 0); hashFunctionName = digest.AlgorithmName; return(BytesToFingerprintString(output)); }
public CertificateConfirmationContent(CertConfirmContent content, DefaultDigestAlgorithmIdentifierFinder digestAlgFinder) { this.content = content; this.digestAlgFinder = digestAlgFinder; }
public CertificateConfirmationContentBuilder(DefaultDigestAlgorithmIdentifierFinder digestAlgFinder) { this.digestAlgFinder = digestAlgFinder; }
public CertificateStatus(DefaultDigestAlgorithmIdentifierFinder digestAlgFinder, CertStatus certStatus) { this.digestAlgFinder = digestAlgFinder; this.certStatus = certStatus; }