Ask a Question

Can I use a Rebex .NET library fo C# to create a CSR and sign it with an Ed25519 key?

0 votes
by (130 points)

Hello there!

I don't have many more details to add to my question. That is what I was wondering if I would be able to do using a .NET Rebex library, generate a CSR by using Ed25519 keys in C#, in .NET Standard 2.0/2.1 to be exact.

Thank you!
Faye

1 Answer

+1 vote
by (73.5k points)

Yes. It can be done like this:

using Rebex.Security.Certificates;
using Rebex.Security.Cryptography.Pkcs;
...

var pri = PrivateKeyInfo.Generate(KeyAlgorithm.ED25519);
var csr = new CertificationRequest(new DistinguishedName("CN=example.com, O=Sample company"),
                                    pri.GetPublicKey());
csr.Sign(pri, SignatureHashAlgorithm.SHA512);
csr.Save(@"c:\data\example.csr");
pri.Save(@"c:\data\example.ppk", "test", PrivateKeyFormat.Putty);

Console.WriteLine(csr.Subject);
Console.WriteLine(csr.PublicKey.GetKeyAlgorithm());
Console.WriteLine(csr.Validate());
by (130 points)
Thank you so much!

Is there any documentation online where I can study our options regarding security and cryptography with Rebex and see more examples? We are fairly new to security matters and I'd like to see options on how to extract private key, how to store it safely, how to encrypt information using someone else's public key, etc.

Also, do I need a paid version to use the Security library just for creating keys and csr's? I had a trial key that I used to set the Licensing.Key property of Rebex but I am not sure if we even needed that. We have already purchased a lisence for the Websocket library.
by (73.5k points)
Please visit:
- certificate basics at https://www.rebex.net/ftp-ssl.net/features/x509-certificates.aspx
- certificate issuing at https://www.rebex.net/security.net/features/certificates.aspx
- crypto operations with certs at https://www.rebex.net/security.net/features/cryptography.aspx

To extract private key, use SavePrivateKey() method: https://www.rebex.net/doc/api/Rebex.Security.Certificates.Certificate.SavePrivateKey.html
More info about Rebex Certificate API is available at https://www.rebex.net/doc/api/Rebex.Security.Certificates.Certificate.html

>> do I need a paid version to use the Security library just for creating keys and csr's?
No. You don't need to use the Security library at all. The keys, certificates and CSR are part of the Rebex.Common.dll which is also part of your purchased Rebex WebSocket library.
by (130 points)
Thank you again so much!
...