public void Should_serialize_a_certificate_signing_request()
{
// Arrange
var keyManager = new FileKeyStore(Environment.CurrentDirectory);
var rsa = keyManager.GetOrCreateKey("test.startliste.info");
var key = rsa.ExportParameters(true);
var data = new CertificateRequestData("test.startliste.info", key)
{
C = "DE",
S = "NRW",
L = "Werther",
O = "Aero Club Bünde",
OU = ""
};
var serializer = new Asn1Serializer();
var sut = new CertificateRequestAsn1DEREncoder(serializer);
// Act
var csr = sut.Encode(data);
var der = sut.EncodeAsDER(data);
var base64 = sut.EncodeAsBase64(data);
var bytes = serializer.Serialize(csr).ToArray();
// Assert
File.WriteAllBytes(@"request.der", der);
File.WriteAllText(@"request.txt", base64);
bytes.Should().NotBeNull();
// openssl req -in r:\request.txt -noout -text
}
public byte[] EncodeAsDER(CertificateRequestData requestData)
{
var asn1 = Encode(requestData);
var bytes = serializer.Serialize(asn1).ToArray();
return(bytes);
}
public string EncodeAsBase64Url(CertificateRequestData requestData)
{
var bytes = EncodeAsDER(requestData);
var base64 = bytes.Base64UrlEncoded();
string base64lines = "";
for (int i = 0; i < base64.Length; i += 64)
{
base64lines += base64.Substring(i, Math.Min(64, base64.Length - i)) + "\n";
}
return $"-----BEGIN NEW CERTIFICATE REQUEST-----\r\n{base64lines}-----END NEW CERTIFICATE REQUEST-----";
}
public string EncodeAsBase64Url(CertificateRequestData requestData)
{
var bytes = EncodeAsDER(requestData);
var base64 = bytes.Base64UrlEncoded();
string base64lines = "";
for (int i = 0; i < base64.Length; i += 64)
{
base64lines += base64.Substring(i, Math.Min(64, base64.Length - i)) + "\n";
}
return($"-----BEGIN NEW CERTIFICATE REQUEST-----\r\n{base64lines}-----END NEW CERTIFICATE REQUEST-----");
}
public CertificationRequest Encode(CertificateRequestData requestData)
{
var publicKeyBytes = serializer.Serialize(new Sequence(new Integer(requestData.Key.Modulus), new Integer(requestData.Key.Exponent))).ToArray();
var certificationRequestInfo = new CertificationRequestInfo(
new Integer(0),
new Name(
/*new RelativeDistinguishedName(
* new AttributeTypeAndValue(new ObjectIdentifier(Oid.Attribute.C),
* new PrintableString(requestData.C))),
* new RelativeDistinguishedName(
* new AttributeTypeAndValue(new ObjectIdentifier(Oid.Attribute.S), new UTF8String(requestData.S))),
* new RelativeDistinguishedName(
* new AttributeTypeAndValue(new ObjectIdentifier(Oid.Attribute.L), new UTF8String(requestData.L))),
* new RelativeDistinguishedName(
* new AttributeTypeAndValue(new ObjectIdentifier(Oid.Attribute.O), new UTF8String(requestData.O))),
* new RelativeDistinguishedName(
* new AttributeTypeAndValue(new ObjectIdentifier(Oid.Attribute.OU), new UTF8String(requestData.OU))),*/
new RelativeDistinguishedName(
new AttributeTypeAndValue(new ObjectIdentifier(Oid.Attribute.CN), new UTF8String(requestData.CN)))),
new SubjectPublicKeyInfo(
new AlgorithmIdentifier(Oid.Algorithm.RSA),
new BitString(publicKeyBytes)),
new ContextSpecific());
var certificationRequestInfoBytes = serializer.Serialize(certificationRequestInfo).ToArray();
var rsa = new RSACryptoServiceProvider();
rsa.ImportParameters(requestData.Key);
var signatureBytes = rsa.SignData(certificationRequestInfoBytes, SHA256.Create());
return(new CertificationRequest(
certificationRequestInfo,
new AlgorithmIdentifier(Oid.Algorithm.sha256RSA),
new BitString(signatureBytes)));
}
public CertificationRequest Encode(CertificateRequestData requestData)
{
var publicKeyBytes = serializer.Serialize(new Sequence(new Integer(requestData.Key.Modulus), new Integer(requestData.Key.Exponent))).ToArray();
var certificationRequestInfo = new CertificationRequestInfo(
new Integer(0),
new Name(
/*new RelativeDistinguishedName(
new AttributeTypeAndValue(new ObjectIdentifier(Oid.Attribute.C),
new PrintableString(requestData.C))),
new RelativeDistinguishedName(
new AttributeTypeAndValue(new ObjectIdentifier(Oid.Attribute.S), new UTF8String(requestData.S))),
new RelativeDistinguishedName(
new AttributeTypeAndValue(new ObjectIdentifier(Oid.Attribute.L), new UTF8String(requestData.L))),
new RelativeDistinguishedName(
new AttributeTypeAndValue(new ObjectIdentifier(Oid.Attribute.O), new UTF8String(requestData.O))),
new RelativeDistinguishedName(
new AttributeTypeAndValue(new ObjectIdentifier(Oid.Attribute.OU), new UTF8String(requestData.OU))),*/
new RelativeDistinguishedName(
new AttributeTypeAndValue(new ObjectIdentifier(Oid.Attribute.CN), new UTF8String(requestData.CN)))),
new SubjectPublicKeyInfo(
new AlgorithmIdentifier(Oid.Algorithm.RSA),
new BitString(publicKeyBytes)),
new ContextSpecific());
var certificationRequestInfoBytes = serializer.Serialize(certificationRequestInfo).ToArray();
var rsa = new RSACryptoServiceProvider();
rsa.ImportParameters(requestData.Key);
var signatureBytes = rsa.SignData(certificationRequestInfoBytes, SHA256.Create());
return new CertificationRequest(
certificationRequestInfo,
new AlgorithmIdentifier(Oid.Algorithm.sha256RSA),
new BitString(signatureBytes));
}
private byte[] CreateCertificateRequest(string domain, RSAParameters key)
{
var data = new CertificateRequestData(domain, key);
var csr = certificateRequestEncoder.EncodeAsDER(data);
return csr;
}
public byte[] EncodeAsDER(CertificateRequestData requestData)
{
var asn1 = Encode(requestData);
var bytes = serializer.Serialize(asn1).ToArray();
return bytes;
}
