private static RSA CreateCertificateKey(RSAPublicKeyParameters publicKey)
{
var parameters = new RSAParameters {
Modulus = publicKey.Modulus, Exponent = publicKey.Exponent
};
return(RSA.Create(parameters));
}
public async Task <X509Certificate2> IssueCertificateAsync(string subjectName, RSAPublicKeyParameters publicKey)
{
var certificateBundle = await _keyVaultClient.GetCertificateAsync(_rootCertificateId);
using var issuerCertificate = new X509Certificate2(certificateBundle.Cer);
using RSA certificateKey = CreateCertificateKey(publicKey);
CertificateRequest request = CreateCertificateRequest(subjectName, certificateKey, issuerCertificate.Extensions[SubjectIdExtensionOid]);
byte[] certificateSerialNumber = await _serialNumberGenerator.GenerateSerialAsync();
using var rsaKeyVault = _keyVaultClient.ToRSA(certificateBundle.KeyIdentifier, issuerCertificate);
var generator = X509SignatureGenerator.CreateForRSA(rsaKeyVault, RSASignaturePadding.Pkcs1);
return(request.Create(issuerCertificate.SubjectName, generator, DateTime.Today.AddDays(-1), DateTime.Today.AddYears(1), certificateSerialNumber));
}
