private static String Fingerprint(Org.BouncyCastle.Asn1.X509.X509CertificateStructure certStruct) { Byte[] hashBytes; using (var hasher = new System.Security.Cryptography.SHA256Managed()) { hashBytes = hasher.ComputeHash(certStruct.SubjectPublicKeyInfo.GetDerEncoded()); } return(Convert.ToBase64String(hashBytes)); }
public TlsCredentials GetClientCredentials(CertificateRequest certificateRequest) { if (clientCertChain != null) { Org.BouncyCastle.Asn1.X509.X509CertificateStructure[] certs = new Org.BouncyCastle.Asn1.X509.X509CertificateStructure[clientCertChain.Length]; for (int i = 0; i < clientCertChain.Length; i++) { X509CertificateEntry entry = clientCertChain[i]; certs[i] = entry.Certificate.CertificateStructure; } /* for all signature and hsah algorithm tuples the server supports ... */ foreach (SignatureAndHashAlgorithm sh in certificateRequest.SupportedSignatureAlgorithms) { if (sh.Signature == SignatureAlgorithm.ecdsa) /* here, we assume the certificate is signed with ecdsa */ { TlsSignerCredentials creds = new DefaultTlsSignerCredentials(context, new Certificate(certs), clientPrivateKey.Key, sh); return creds; } } } return null; }