public static void CreateCert(string parentcer, string csrFile) { var issuer = new X509CertificateParser().ReadCertificate(File.OpenRead(parentcer)); var reader = new PemReader(File.OpenText(csrFile)); var csr = (Pkcs10CertificationRequest)(reader.ReadObject()); var csrinfo = csr.GetCertificationRequestInfo(); AlgorithmIdentifier sigAlgId = new AlgorithmIdentifier(PkcsObjectIdentifiers.Sha256WithRsaEncryption); AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId); BigInteger serial = new BigInteger(128, new SecureRandom()); DateTime from = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day); DateTime to = from.AddYears(5); V3TbsCertificateGenerator tbsGen = new V3TbsCertificateGenerator(); tbsGen.SetIssuer(issuer.SubjectDN); tbsGen.SetSerialNumber(new DerInteger(serial)); tbsGen.SetStartDate(new Time(from)); tbsGen.SetEndDate(new Time(to)); tbsGen.SetSubjectPublicKeyInfo(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(csr.GetPublicKey())); tbsGen.SetSubject(csrinfo.Subject); // add certificate purposes Asn1EncodableVector vector = new Asn1EncodableVector(); vector.Add(new DerObjectIdentifier("1.3.6.1.5.5.7.3.2")); vector.Add(new DerObjectIdentifier("1.3.6.1.4.1.311.20.2.2")); vector.Add(new DerObjectIdentifier("1.3.6.1.4.1.311.10.3.12")); vector.Add(new DerObjectIdentifier("1.3.6.1.5.5.7.3.4")); DerSequence seq = new DerSequence(vector); X509ExtensionsGenerator extGenerator = new X509ExtensionsGenerator(); extGenerator.AddExtension(X509Extensions.ExtendedKeyUsage, false, seq); tbsGen.SetExtensions(extGenerator.Generate()); tbsGen.SetSignature(sigAlgId); TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate(); // save the TBS System.IO.File.WriteAllBytes("tbs.cer", tbsCert.GetDerEncoded()); Console.WriteLine("generate the signature (SHA->DER->ENCRYPT) for tbs.cer and call it tbs.sig"); Console.WriteLine("And then press enter"); Console.ReadLine(); var t1 = GenerateJcaObject(tbsCert, sigAlgId, System.IO.File.ReadAllBytes("tbs.sig").Take(256).ToArray()); System.IO.File.WriteAllBytes("cert.cer", t1.GetEncoded()); Console.WriteLine("saved as cert.cer"); }
public X509Certificate Generate(ISignatureFactory signatureCalculatorFactory) { tbsGen.SetSignature((AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails); TbsCertificateStructure tbsCertificateStructure = tbsGen.GenerateTbsCertificate(); IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator(); byte[] derEncoded = tbsCertificateStructure.GetDerEncoded(); streamCalculator.Stream.Write(derEncoded, 0, derEncoded.Length); Platform.Dispose(streamCalculator.Stream); return(GenerateJcaObject(tbsCertificateStructure, (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails, ((IBlockResult)streamCalculator.GetResult()).Collect())); }
public byte[] GenerateDerEncodedUnsignedCertificate() { if (!extGenerator.IsEmpty) { tbsGen.SetExtensions(extGenerator.Generate()); } TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate(); return(tbsCert.GetDerEncoded()); }
/// <summary> /// Generate a new X509Certificate using the passed in SignatureCalculator. /// </summary> /// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param> /// <returns>An X509Certificate.</returns> public X509Certificate Generate(ISignatureFactory signatureCalculatorFactory) { tbsGen.SetSignature((AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails); TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate(); IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator(); byte[] encoded = tbsCert.GetDerEncoded(); streamCalculator.Stream.Write(encoded, 0, encoded.Length); BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.Dispose(streamCalculator.Stream); return(GenerateJcaObject(tbsCert, (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails, ((IBlockResult)streamCalculator.GetResult()).Collect())); }
/// <summary> /// Generate a new X509Certificate using the passed in SignatureCalculator. /// </summary> /// <param name="signatureCalculator">A signature calculator with the necessary algorithm details.</param> /// <returns>An X509Certificate.</returns> public X509Certificate Generate(ISignatureCalculator signatureCalculator) { tbsGen.SetSignature((AlgorithmIdentifier)signatureCalculator.AlgorithmDetails); TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate(); IStreamCalculator streamCalculator = signatureCalculator.CreateCalculator(); byte[] encoded = tbsCert.GetDerEncoded(); streamCalculator.Stream.Write(encoded, 0, encoded.Length); streamCalculator.Stream.Close(); return(GenerateJcaObject(tbsCert, (AlgorithmIdentifier)signatureCalculator.AlgorithmDetails, ((IBlockResult)streamCalculator.GetResult()).DoFinal())); }
/// <summary> /// Generate a new X509Certificate using the passed in SignatureCalculator. /// </summary> /// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param> /// <returns>An X509Certificate.</returns> public X509Certificate Generate(ISignatureFactory <AlgorithmIdentifier> signatureCalculatorFactory) { tbsGen.SetSignature(signatureCalculatorFactory.AlgorithmDetails); if (!extGenerator.IsEmpty) { tbsGen.SetExtensions(extGenerator.Generate()); } TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate(); IStreamCalculator <IBlockResult> streamCalculator = signatureCalculatorFactory.CreateCalculator(); byte[] encoded = tbsCert.GetDerEncoded(); streamCalculator.Stream.Write(encoded, 0, encoded.Length); Platform.Dispose(streamCalculator.Stream); return(GenerateJcaObject(tbsCert, signatureCalculatorFactory.AlgorithmDetails, ((IBlockResult)streamCalculator.GetResult()).Collect())); }
// TODO: Abstract out common code to another method /// <summary> /// Generate a new X509Certificate using the passed in SignatureCalculator. /// </summary> /// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param> /// <returns>An X509Certificate.</returns> public async Task <X509Certificate> GenerateAsync(ISignatureFactory signatureCalculatorFactory) { tbsGen.SetSignature((AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails); if (!extGenerator.IsEmpty) { tbsGen.SetExtensions(extGenerator.Generate()); } TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate(); IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator(); byte[] encoded = tbsCert.GetDerEncoded(); streamCalculator.Stream.Write(encoded, 0, encoded.Length); Platform.Dispose(streamCalculator.Stream); var signedBits = await streamCalculator.GetResultAsync(); return(GenerateJcaObject(tbsCert, (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails, ((IBlockResult)signedBits).Collect())); }