Exemplo n.º 1
0
 public static X509Certificate2 AddPemPrivateKeyToCertificate(X509Certificate2 certificate, byte[] privateKeyBuffer)
 {
     try
     {
         var keyPair       = ReadPrivateKey(privateKeyBuffer);
         var rsaPrivateKey = PemUtilsHelper.ToRSA(keyPair.Private as RsaPrivateCrtKeyParameters);
         certificate = certificate.CopyWithPrivateKey(rsaPrivateKey);
         return(certificate);
     }
     catch (Exception ex)
     {
         logger.Error(ex, $"The Method \"{nameof(AddPemPrivateKeyToCertificate)}\" has failed.");
         return(null);
     }
 }
Exemplo n.º 2
0
        protected RSACryptoServiceProvider GetRsaProvider()
        {
            var rsaParameters = new RSAParameters();

            if (HasPrivateKey)
            {
                rsaParameters = PemUtilsHelper.ToRSAParameters(PrivateKey);
            }
            else
            {
                rsaParameters = PemUtilsHelper.ToRSAParameters(PublicKey);
            }
            var rsa = new RSACryptoServiceProvider();

            rsa.ImportParameters(rsaParameters);
            return(rsa);
        }
Exemplo n.º 3
0
 public bool ValidSignature(string data, string base64Data, HashAlgorithmName hashAlgorithm)
 {
     try
     {
         var sha       = new SHA256CryptoServiceProvider();
         var hash      = sha.ComputeHash(Encoding.UTF8.GetBytes(data));
         var signature = Convert.FromBase64String(base64Data);
         using RSA rsa = RSA.Create();
         var rsaParameters = PemUtilsHelper.ToRSAParameters(PrivateKey);
         rsa.ImportParameters(rsaParameters);
         return(rsa.VerifyHash(hash, signature, hashAlgorithm, RSASignaturePadding.Pss));
     }
     catch (Exception ex)
     {
         throw new Exception("The public key could not be properly verified.", ex);
     }
 }
Exemplo n.º 4
0
 public string SignWithPrivateKey(string data, HashAlgorithmName hashAlgorithm, bool useIndent = false)
 {
     try
     {
         using RSA rsa = RSA.Create();
         var rsaParameters = PemUtilsHelper.ToRSAParameters(PrivateKey);
         rsa.ImportParameters(rsaParameters);
         var sha       = new SHA256CryptoServiceProvider();
         var hash      = sha.ComputeHash(Encoding.UTF8.GetBytes(data));
         var signature = rsa.SignHash(hash, hashAlgorithm, RSASignaturePadding.Pss);
         if (useIndent)
         {
             return(Convert.ToBase64String(signature, Base64FormattingOptions.InsertLineBreaks));
         }
         return(Convert.ToBase64String(signature));
     }
     catch (Exception ex)
     {
         throw new Exception("Data could not signing.", ex);
     }
 }
Exemplo n.º 5
0
        public static X509Certificate2 GenerateSelfSignedCertificate(string subjectName, string issuerName, int keyStrength)
        {
            try
            {
                // Generating Random Numbers
                var randomGenerator = new VmpcRandomGenerator();
                var random          = new SecureRandom(randomGenerator);

                // The Certificate Generator
                var certificateGenerator = new X509V3CertificateGenerator();

                // Serial Number
                var serialNumber = BigInteger.ProbablePrime(128, new Random());
                certificateGenerator.SetSerialNumber(serialNumber);

                // Issuer and Subject Name
                var subjectDN = new X509Name(subjectName);
                var issuerDN  = new X509Name(issuerName);
                certificateGenerator.SetIssuerDN(issuerDN);
                certificateGenerator.SetSubjectDN(subjectDN);

                // Valid For
                var notBefore = DateTime.UtcNow.Date.AddYears(-1);
                var notAfter  = notBefore.AddYears(10);
                certificateGenerator.SetNotBefore(notBefore);
                certificateGenerator.SetNotAfter(notAfter);

                // Subject Public Key
                var keyGenerationParameters = new KeyGenerationParameters(random, keyStrength);
                var keyPairGenerator        = new RsaKeyPairGenerator();
                keyPairGenerator.Init(keyGenerationParameters);

                if (userKeyPair == null)
                {
                    userKeyPair = keyPairGenerator.GenerateKeyPair();
                }

                certificateGenerator.SetPublicKey(userKeyPair.Public);

                //Extented
                certificateGenerator.AddExtension(X509Extensions.SubjectKeyIdentifier, false,
                                                  new SubjectKeyIdentifierStructure(userKeyPair.Public));
                certificateGenerator.AddExtension(X509Extensions.AuthorityKeyIdentifier, false,
                                                  new AuthorityKeyIdentifier(SubjectPublicKeyInfoFactory
                                                                             .CreateSubjectPublicKeyInfo(userKeyPair.Public)));
                var valueData = Encoding.ASCII.GetBytes("Client");
                certificateGenerator.AddExtension("1.3.6.1.5.5.7.13.3", false, valueData);

                // Generating the Certificate
                var issuerKeyPair = userKeyPair;

                // Signature Algorithm
                ISignatureFactory signatureFactory = new Asn1SignatureFactory("SHA512WITHRSA", userKeyPair.Private, random);

                // selfsign certificate
                var certificate = certificateGenerator.Generate(signatureFactory);

                // correcponding private key
                var info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(userKeyPair.Private);

                // merge into X509Certificate2
                var x509 = new X509Certificate2(certificate.GetEncoded());

                var seq = (Asn1Sequence)info.ParsePrivateKey();
                if (seq.Count != 9)
                {
                    throw new Exception("malformed sequence in RSA private key");
                }

                var rsa       = RsaPrivateKeyStructure.GetInstance(seq);
                var rsaparams = new RsaPrivateCrtKeyParameters(rsa.Modulus, rsa.PublicExponent, rsa.PrivateExponent,
                                                               rsa.Prime1, rsa.Prime2, rsa.Exponent1, rsa.Exponent2,
                                                               rsa.Coefficient);
                x509 = x509.CopyWithPrivateKey(PemUtilsHelper.ToRSA(rsaparams));
                return(x509);
            }
            catch (Exception ex)
            {
                logger.Error(ex, $"The Method \"{nameof(GenerateSelfSignedCertificate)}\" has failed.");
                return(null);
            }
        }