概要
cscの作法、調べてみた。
証明書署名要求を作ってみた。
サンプルコード
using System;
using System.Collections.Generic;
using System.IO;
using System.Text;
using System.Security.Cryptography;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Asn1.Pkcs;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Generators;
using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Crypto.Prng;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.OpenSsl;
using Org.BouncyCastle.Pkcs;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.X509;
using Org.BouncyCastle.X509.Extension;
public class test0 {
public static void Main(string[] args) {
var keyGen = new RsaKeyPairGenerator();
var keyGenParam = new KeyGenerationParameters(new SecureRandom(), 2048);
keyGen.Init(keyGenParam);
var keyPair = keyGen.GenerateKeyPair();
var attributes = new Dictionary<DerObjectIdentifier, string>() {
{ X509Name.CN, "oreoreca" },
};
var attributeOrder = new [] {
X509Name.CN,
};
var subject = new X509Name(attributeOrder, attributes);
var extGen = new X509ExtensionsGenerator();
extGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(keyPair.Public));
extGen.AddExtension(X509Extensions.KeyUsage, false, new KeyUsage(KeyUsage.DigitalSignature));
var extensions = extGen.Generate();
var extAttr = new AttributeX509(PkcsObjectIdentifiers.Pkcs9AtExtensionRequest, new DerSet(extensions));
var csr = new Pkcs10CertificationRequest("SHA256withRSA", subject, keyPair.Public, new DerSet(extAttr), keyPair.Private);
using (var sw = new StreamWriter("ca.csr"))
{
var writer = new PemWriter(sw);
writer.WriteObject(csr);
}
}
}
以上。