Hi all,
after browsing for hours to fix my PKI needs, I did implement most code with Rebex. But I have one last part of Bouncy Castle code that I want to rewrite. I have been searching and trying, but without luck.
This is the code:
//Requested Certificate Name and things
X509Name name = new X509Name(String.Format("C={0}, O={1}, L={2}, OU={3},{4} CN={5}",
Landcode, // C
Organisatienaam + " (" + Organisatiecode() + ")", // O
Vestingsplaats + " " + Vestigingsadres + " (" + Vestigingscode() + ")", // L
ForEncryption ? EncryptieCertSignature : HandtekeningCertSignature, //OU
String.IsNullOrEmpty(Afdeling) ? "" : "OU=" + Afdeling + ", ", // 2e OU optioneel
Organisatienaam // CN
));
//Key generation 2048bits
var rkpg = new RsaKeyPairGenerator();
rkpg.Init(new KeyGenerationParameters(new SecureRandom(), 2048));
AsymmetricCipherKeyPair ackp = rkpg.GenerateKeyPair(); //BAPI.EncryptionKey;
//if (!ForEncryption) ackp = BAPI.SignKey;
//Key Usage Extension
var ku = new KeyUsage(ForEncryption ? KeyUsage.KeyEncipherment : KeyUsage.DigitalSignature);
var extgen = new Org.BouncyCastle.Asn1.X509.X509ExtensionsGenerator();
extgen.AddExtension(X509Extensions.KeyUsage, true, ku);
var attribute = new AttributeX509(PkcsObjectIdentifiers.Pkcs9AtExtensionRequest, new DerSet(extgen.Generate()));
//PKCS #10 Certificate Signing Request
Pkcs10CertificationRequest csr = new Pkcs10CertificationRequest("SHA1WITHRSA", name, ackp.Public, new DerSet(attribute), ackp.Private); //new DerSet(new DerOctetString(ku))
var bytedata = csr.GetDerEncoded();
I found a class CertificateRequest, but I cannot set the properties (the are probably based on the provided object in the constructor). I also found :
var keypair = SshPrivateKey.Generate(SshHostKeyAlgorithm.RSA, 2048);
But I have no clue how to glue everything together.
I have to generate a keypair (RSA, 2048 bits). I have to generate a PKCS#10 request with KeyUsage KeyEncipherment (and for a second certificate DigitalSignature). This request has te be formatted as DER to be sent as attachment to the CA.
I hope someone can help me, thanks in advance.