blob: 2d1dd649ea5ae957c16eda9dd64cc4580a486a2a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
using System;
using System.Collections;
using System.Security.Cryptography;
namespace Emby.Server.Core.Cryptography
{
public class PFXGenerator
{
// http://www.freekpaans.nl/2015/04/creating-self-signed-x-509-certificates-using-mono-security/
public static byte[] GeneratePfx(string certificateName, string password)
{
byte[] sn = GenerateSerialNumber();
string subject = string.Format("CN={0}", certificateName);
DateTime notBefore = DateTime.Now;
DateTime notAfter = DateTime.Now.AddYears(20);
RSA subjectKey = new RSACryptoServiceProvider(2048);
string hashName = "SHA256";
X509CertificateBuilder cb = new X509CertificateBuilder(3);
cb.SerialNumber = sn;
cb.IssuerName = subject;
cb.NotBefore = notBefore;
cb.NotAfter = notAfter;
cb.SubjectName = subject;
cb.SubjectPublicKey = subjectKey;
cb.Hash = hashName;
byte[] rawcert = cb.Sign(subjectKey);
PKCS12 p12 = new PKCS12();
p12.Password = password;
Hashtable attributes = GetAttributes();
p12.AddCertificate(new X509Certificate(rawcert), attributes);
p12.AddPkcs8ShroudedKeyBag(subjectKey, attributes);
return p12.GetBytes();
}
private static Hashtable GetAttributes()
{
ArrayList list = new ArrayList();
// we use a fixed array to avoid endianess issues
// (in case some tools requires the ID to be 1).
list.Add(new byte[4] { 1, 0, 0, 0 });
Hashtable attributes = new Hashtable(1);
attributes.Add(PKCS9.localKeyId, list);
return attributes;
}
private static byte[] GenerateSerialNumber()
{
byte[] sn = Guid.NewGuid().ToByteArray();
//must be positive
if ((sn[0] & 0x80) == 0x80)
sn[0] -= 0x80;
return sn;
}
public static byte[] GetCertificateForBytes(byte[] pfx, string password)
{
var pkcs = new PKCS12(pfx, password);
var cert = pkcs.GetCertificate(GetAttributes());
return cert.RawData;
}
}
}
|
