} // End Sub ReadCertificationRequest
// https://stackoverflow.com/questions/21912390/decode-read-a-csr-certificate-signing-request-using-java-or-bouncycastle
private static string GetX509Field(string asn1ObjectIdentifier, Org.BouncyCastle.Asn1.X509.X509Name x500Name)
{
string retVal = null;
System.Collections.IList rdnArray = x500Name.GetValueList(
new Org.BouncyCastle.Asn1.DerObjectIdentifier(asn1ObjectIdentifier)
);
System.Collections.IList oids = x500Name.GetOidList();
System.Collections.IList foo = x500Name.GetValueList();
System.Console.WriteLine(oids);
System.Console.WriteLine(foo);
foreach (Org.BouncyCastle.Asn1.DerObjectIdentifier thisOID in oids)
{
string oidName = System.Convert.ToString(Org.BouncyCastle.Asn1.X509.X509Name.DefaultSymbols[thisOID]);
System.Console.WriteLine(oidName);
System.Collections.IList values = x500Name.GetValueList(thisOID);
System.Console.WriteLine(values);
} // Next thisOID
foreach (object x in rdnArray)
{
// System.Console.WriteLine(x);
retVal = System.Convert.ToString(x);
return(retVal);
} // Next x
return(retVal);
} // End Function GetX509Field
/// <summary>
/// Formata o assunto no padrão codificar
/// </summary>
/// <param name="subject"></param>
/// <returns></returns>
private static Subject getSubject(BCA.X509.X509Name subject)
{
/**
* Codificar Signature Sample
* C=BR,
* O=ICP-Brasil,
* ST=MG,
* L=Belo Horizonte,
* OU=Secretaria da Receita Federal do Brasil - RFB,
* OU=RFB e-CNPJ A3,
* OU=Autenticado por PRODEMGE,
* CN=CODIFICAR SISTEMAS TECNOLOGICOS LTDA ME:05957264000151
**/
/*List<Tuple<SubjectType, BCA.DerObjectIdentifier>> listSubject = new List<Tuple<SubjectType, BCA.DerObjectIdentifier>>
* {
* new Tuple<SubjectType, BCA.DerObjectIdentifier>(SubjectType.Country, iTextSharp.text.pdf.security.CertificateInfo.X509Name.C),
* new Tuple<SubjectType, BCA.DerObjectIdentifier>(SubjectType.Organization, iTextSharp.text.pdf.security.CertificateInfo.X509Name.O),
* new Tuple<SubjectType, BCA.DerObjectIdentifier>(SubjectType.State, iTextSharp.text.pdf.security.CertificateInfo.X509Name.ST),
* new Tuple<SubjectType, BCA.DerObjectIdentifier>(SubjectType.Locality, iTextSharp.text.pdf.security.CertificateInfo.X509Name.L),
* new Tuple<SubjectType, BCA.DerObjectIdentifier>(SubjectType.OrganizationalUnit, iTextSharp.text.pdf.security.CertificateInfo.X509Name.OU),
* new Tuple<SubjectType, BCA.DerObjectIdentifier>(SubjectType.CommonName, iTextSharp.text.pdf.security.CertificateInfo.X509Name.CN),
* };
*
* Subject sub = new Subject();
*
* foreach (Tuple<SubjectType, BCA.DerObjectIdentifier> item in listSubject)
* foreach (string obj in subject.GetValueList(item.Item2))
* sub.Add(new SubjectDetail(item.Item1, obj));
*
* return sub;*/
Dictionary <SubjectType, BCA.DerObjectIdentifier> listSubject = new Dictionary <SubjectType, BCA.DerObjectIdentifier>();
listSubject.Add(SubjectType.Country, iTextSharp.text.pdf.security.CertificateInfo.X509Name.C);
listSubject.Add(SubjectType.Organization, iTextSharp.text.pdf.security.CertificateInfo.X509Name.O);
listSubject.Add(SubjectType.State, iTextSharp.text.pdf.security.CertificateInfo.X509Name.ST);
listSubject.Add(SubjectType.Locality, iTextSharp.text.pdf.security.CertificateInfo.X509Name.L);
listSubject.Add(SubjectType.OrganizationalUnit, iTextSharp.text.pdf.security.CertificateInfo.X509Name.OU);
listSubject.Add(SubjectType.CommonName, iTextSharp.text.pdf.security.CertificateInfo.X509Name.CN);
Subject sub = new Subject();
foreach (KeyValuePair <SubjectType, BCA.DerObjectIdentifier> pair in listSubject)
{
foreach (string obj in subject.GetValueList(pair.Value))
{
sub.Add(new SubjectDetail(pair.Key, obj));
}
}
return(sub);
}
public static byte[] CreatePfxBytes(
Org.BouncyCastle.X509.X509Certificate certificate
, Org.BouncyCastle.Crypto.AsymmetricKeyParameter privateKey
, string password = "")
{
byte[] pfxBytes = null;
// create certificate entry
Org.BouncyCastle.Pkcs.X509CertificateEntry certEntry =
new Org.BouncyCastle.Pkcs.X509CertificateEntry(certificate);
Org.BouncyCastle.Asn1.X509.X509Name name = new Org.BouncyCastle.Asn1.X509.X509Name(certificate.SubjectDN.ToString());
string friendlyName = (string)name.GetValueList(Org.BouncyCastle.Asn1.X509.X509Name.O)[0];
if (System.StringComparer.InvariantCultureIgnoreCase.Equals("Skynet Earth Inc.", friendlyName))
{
friendlyName = "Skynet Certification Authority";
}
Org.BouncyCastle.Pkcs.Pkcs12StoreBuilder builder = new Org.BouncyCastle.Pkcs.Pkcs12StoreBuilder();
builder.SetUseDerEncoding(true);
Org.BouncyCastle.Pkcs.Pkcs12Store store = builder.Build();
store.SetCertificateEntry(friendlyName, certEntry);
// create store entry
store.SetKeyEntry(
friendlyName
, new Org.BouncyCastle.Pkcs.AsymmetricKeyEntry(privateKey)
, new Org.BouncyCastle.Pkcs.X509CertificateEntry[] { certEntry }
);
using (System.IO.MemoryStream stream = new System.IO.MemoryStream())
{
// Cert is contained in store
// null: no password, "": an empty passwords
// note: Linux needs empty password on null...
store.Save(stream, password == null ? "".ToCharArray() : password.ToCharArray(), new Org.BouncyCastle.Security.SecureRandom());
// stream.Position = 0;
pfxBytes = Org.BouncyCastle.Pkcs.Pkcs12Utilities.ConvertToDefiniteLength(stream.ToArray());
} // End Using stream
return(pfxBytes);
} // End Function CreatePfxBytes
// System.Security.Cryptography.X509Certificates.X509Certificate2.Import (string fileName);
// https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.x509certificates.x509certificate2.import?view=netframework-4.7.2
// https://gist.github.com/yutopio/a217a4af63cf6bcf0a530c14c074cf8f
// https://gist.githubusercontent.com/yutopio/a217a4af63cf6bcf0a530c14c074cf8f/raw/42b2f8cb27f6d22b7e22d65da5bbd0f1ce9b2fff/cert.cs
// https://stackoverflow.com/questions/44755155/store-pkcs12-container-pfx-with-bouncycastle
// https://github.com/Worlaf/RSADemo/blob/328692e28e48db92340d55563480c8724d916384/RSADemo_WinForms/frmRsaDemo.cs
public static void Create(
string fileName
, Org.BouncyCastle.X509.X509Certificate certificate
, Org.BouncyCastle.Crypto.AsymmetricKeyParameter privateKey
, string password = "")
{
// create certificate entry
Org.BouncyCastle.Pkcs.X509CertificateEntry certEntry =
new Org.BouncyCastle.Pkcs.X509CertificateEntry(certificate);
Org.BouncyCastle.Asn1.X509.X509Name name = new Org.BouncyCastle.Asn1.X509.X509Name(certificate.SubjectDN.ToString());
string friendlyName = name
.GetValueList(Org.BouncyCastle.Asn1.X509.X509Name.O)
.OfType <string>()
.FirstOrDefault();
if (System.StringComparer.InvariantCultureIgnoreCase.Equals("Skynet Earth Inc.", friendlyName))
{
friendlyName = "Skynet Certification Authority";
}
// get bytes of private key.
Org.BouncyCastle.Asn1.Pkcs.PrivateKeyInfo keyInfo = Org.BouncyCastle.Pkcs.PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKey);
//byte[] keyBytes = keyInfo.ToAsn1Object().GetEncoded();
Org.BouncyCastle.Pkcs.Pkcs12StoreBuilder builder = new Org.BouncyCastle.Pkcs.Pkcs12StoreBuilder();
builder.SetUseDerEncoding(true);
Org.BouncyCastle.Pkcs.Pkcs12Store store = builder.Build();
store.SetCertificateEntry(friendlyName, certEntry);
// create store entry
store.SetKeyEntry(
//keyFriendlyName
friendlyName
, new Org.BouncyCastle.Pkcs.AsymmetricKeyEntry(privateKey)
, new Org.BouncyCastle.Pkcs.X509CertificateEntry[] { certEntry }
);
byte[] pfxBytes = null;
using (System.IO.MemoryStream stream = new System.IO.MemoryStream())
{
// Cert is contained in store
// null: no password, "": an empty passwords
// note: Linux needs empty password on null...
store.Save(stream, password == null ? "".ToCharArray() : password.ToCharArray(), new Org.BouncyCastle.Security.SecureRandom());
// stream.Position = 0;
pfxBytes = stream.ToArray();
} // End Using stream
#if WITH_MS_PFX
WithMsPfx(pfxBytes, fileName, password);
#else
byte[] result = Org.BouncyCastle.Pkcs.Pkcs12Utilities.ConvertToDefiniteLength(pfxBytes);
// this.StoreCertificate(System.Convert.ToBase64String(result));
using (System.IO.BinaryWriter writer = new System.IO.BinaryWriter(System.IO.File.Open(fileName, System.IO.FileMode.Create)))
{
writer.Write(result);
} // End Using writer
#endif
} // End Sub Create