c# - Bouncy Castle's X509V3CertificateGenerator.SetSignatureAlgorithm marked obsolete. What do I do? -

-

i trying create self-signed trusted certificate. using bouncy castle nuget, , answer on this question. code on page:

public static x509certificate2 generateselfsignedcertificate(string subjectname, string issuername, asymmetrickeyparameter issuerprivkey,  int keystrength = 2048) { // generating random numbers var randomgenerator = new cryptoapirandomgenerator(); var random = new securerandom(randomgenerator);  // certificate generator var certificategenerator = new x509v3certificategenerator();  // serial number var serialnumber = bigintegers.createrandominrange(biginteger.one, biginteger.valueof(int64.maxvalue), random); certificategenerator.setserialnumber(serialnumber);  // signature algorithm const string signaturealgorithm = "sha256withrsa"; certificategenerator.setsignaturealgorithm(signaturealgorithm);  // issuer , subject name var subjectdn = new x509name(subjectname); var issuerdn = issuername; certificategenerator.setissuerdn(issuerdn); certificategenerator.setsubjectdn(subjectdn);  // valid var notbefore = datetime.utcnow.date; var notafter = notbefore.addyears(2);  certificategenerator.setnotbefore(notbefore); certificategenerator.setnotafter(notafter);  // subject public key asymmetriccipherkeypair subjectkeypair; var keygenerationparameters = new keygenerationparameters(random, keystrength); var keypairgenerator = new rsakeypairgenerator(); keypairgenerator.init(keygenerationparameters); subjectkeypair = keypairgenerator.generatekeypair();  certificategenerator.setpublickey(subjectkeypair.public);  // generating certificate var issuerkeypair = subjectkeypair;  // selfsign certificate var certificate = certificategenerator.generate(issuerprivkey, random);  // correcponding private key privatekeyinfo info = privatekeyinfofactory.createprivatekeyinfo(subjectkeypair.private);   // merge x509certificate2 var x509 = new system.security.cryptography.x509certificates.x509certificate2(certificate.getencoded());  var seq = (asn1sequence)asn1object.frombytearray(info.privatekey.getderencoded()); if (seq.count != 9)     throw new pemexception("malformed sequence in rsa private key");  var rsa = new rsaprivatekeystructure(seq); rsaprivatecrtkeyparameters rsaparams = new rsaprivatecrtkeyparameters(     rsa.modulus, rsa.publicexponent, rsa.privateexponent, rsa.prime1, rsa.prime2, rsa.exponent1, rsa.exponent2, rsa.coefficient);  x509.privatekey = dotnetutilities.torsa(rsaparams); return x509; }   public static asymmetrickeyparameter generatecacertificate(string subjectname, int keystrength = 2048) { // generating random numbers var randomgenerator = new cryptoapirandomgenerator(); var random = new securerandom(randomgenerator);  // certificate generator var certificategenerator = new x509v3certificategenerator();  // serial number var serialnumber = bigintegers.createrandominrange(biginteger.one, biginteger.valueof(int64.maxvalue), random); certificategenerator.setserialnumber(serialnumber);  // signature algorithm const string signaturealgorithm = "sha256withrsa"; certificategenerator.setsignaturealgorithm(signaturealgorithm);  // issuer , subject name var subjectdn = new x509name(subjectname); var issuerdn = subjectdn; certificategenerator.setissuerdn(issuerdn); certificategenerator.setsubjectdn(subjectdn);  // valid var notbefore = datetime.utcnow.date; var notafter = notbefore.addyears(2);  certificategenerator.setnotbefore(notbefore); certificategenerator.setnotafter(notafter);  // subject public key asymmetriccipherkeypair subjectkeypair; var keygenerationparameters = new keygenerationparameters(random, keystrength); var keypairgenerator = new rsakeypairgenerator(); keypairgenerator.init(keygenerationparameters); subjectkeypair = keypairgenerator.generatekeypair();  certificategenerator.setpublickey(subjectkeypair.public);  // generating certificate var issuerkeypair = subjectkeypair;  // selfsign certificate var certificate = certificategenerator.generate(issuerkeypair.private, random); var x509 = new system.security.cryptography.x509certificates.x509certificate2(certificate.getencoded()); // add ca certificate root store addcerttostore(cert, storename.root, storelocation.currentuser);  return issuerkeypair.private; }

so far, good, "setsignaturealgorithm" , "generate" methods marked obsolete. intellisense suggests using "isignaturefactory", , that's got lost. can point me in right direction?

static void main() {     //console.writeline(executecommand("netsh http delete sslcert ipport=0.0.0.0:4443"));     var applicationid = ((guidattribute)typeof(program).assembly.getcustomattributes(typeof(guidattribute), true)[0]).value;     var certsubjectname = "test";     var sslcert = executecommand("netsh http show sslcert 0.0.0.0:4443");     console.writeline();      if (sslcert.indexof(applicationid, stringcomparison.ordinalignorecase) >= 0)     {         console.writeline("this implies can start running.");         console.writeline(executecommand("netsh http delete sslcert ipport=0.0.0.0:4443"));         //store.remove(certs.first(x => x.subject.contains(certsubjectname)));     }      asymmetrickeyparameter mycaprivatekey = null;     console.writeline("creating ca");     x509certificate2 certificateauthoritycertificate = createcertificateauthoritycertificate("cn=" + certsubjectname + "ca", ref mycaprivatekey);     console.writeline("adding ca store");     addcertificatetospecifiedstore(certificateauthoritycertificate, storename.root, storelocation.localmachine);      console.writeline("creating certificate based on ca");     x509certificate2 certificate = createselfsignedcertificatebasedoncertificateauthorityprivatekey("cn=" + certsubjectname, "cn=" + certsubjectname + "ca", mycaprivatekey);     console.writeline("adding certificate store");     addcertificatetospecifiedstore(certificate, storename.my, storelocation.localmachine);      console.writeline(executecommand($"netsh http add sslcert ipport=0.0.0.0:4443 certhash={certificate.thumbprint} appid={{{applicationid}}}"));      // check see if our cert exists     // if cert not exist create bind port     // if cert exist check port bound     // if port , thumbprint match , applicationid match continue     // else throw exception     // see here more netsh commands https://msdn.microsoft.com/en-us/library/ms733791(v=vs.110).aspx }  public static x509certificate2 createselfsignedcertificatebasedoncertificateauthorityprivatekey(string subjectname, string issuername, asymmetrickeyparameter issuerprivkey) {     const int keystrength = 2048;      // generating random numbers     cryptoapirandomgenerator randomgenerator = new cryptoapirandomgenerator();     securerandom random = new securerandom(randomgenerator);     isignaturefactory signaturefactory = new asn1signaturefactory("sha512withrsa", issuerprivkey, random);     // certificate generator     x509v3certificategenerator certificategenerator = new x509v3certificategenerator();     certificategenerator.addextension(x509extensions.extendedkeyusage, true, new extendedkeyusage((new arraylist() { new derobjectidentifier("1.3.6.1.5.5.7.3.1") })));      // serial number     biginteger serialnumber = bigintegers.createrandominrange(biginteger.one, biginteger.valueof(int64.maxvalue), random);     certificategenerator.setserialnumber(serialnumber);      // signature algorithm     //const string signaturealgorithm = "sha512withrsa";     //certificategenerator.setsignaturealgorithm(signaturealgorithm);      // issuer , subject name     x509name subjectdn = new x509name(subjectname);     x509name issuerdn = new x509name(issuername);     certificategenerator.setissuerdn(issuerdn);     certificategenerator.setsubjectdn(subjectdn);      // valid     datetime notbefore = datetime.utcnow.date;     datetime notafter = notbefore.addyears(2);      certificategenerator.setnotbefore(notbefore);     certificategenerator.setnotafter(notafter);      // subject public key     asymmetriccipherkeypair subjectkeypair;     var keygenerationparameters = new keygenerationparameters(random, keystrength);     var keypairgenerator = new rsakeypairgenerator();     keypairgenerator.init(keygenerationparameters);     subjectkeypair = keypairgenerator.generatekeypair();      certificategenerator.setpublickey(subjectkeypair.public);      // generating certificate     asymmetriccipherkeypair issuerkeypair = subjectkeypair;      // selfsign certificate     x509certificate certificate = certificategenerator.generate(signaturefactory);      // correcponding private key     privatekeyinfo info = privatekeyinfofactory.createprivatekeyinfo(subjectkeypair.private);       // merge x509certificate2     x509certificate2 x509 = new x509certificate2(certificate.getencoded());      asn1sequence seq = (asn1sequence)asn1object.frombytearray(info.parseprivatekey().getderencoded());     if (seq.count != 9)     {         //throw new pemexception("malformed sequence in rsa private key");     }      rsaprivatekeystructure rsa = rsaprivatekeystructure.getinstance(seq); //new rsaprivatekeystructure(seq);     rsaprivatecrtkeyparameters rsaparams = new rsaprivatecrtkeyparameters(         rsa.modulus, rsa.publicexponent, rsa.privateexponent, rsa.prime1, rsa.prime2, rsa.exponent1, rsa.exponent2, rsa.coefficient);      x509.privatekey = dotnetutilities.torsa(rsaparams);     return x509;  } public static x509certificate2 createcertificateauthoritycertificate(string subjectname, ref asymmetrickeyparameter caprivatekey) {     const int keystrength = 2048;      // generating random numbers     cryptoapirandomgenerator randomgenerator = new cryptoapirandomgenerator();     securerandom random = new securerandom(randomgenerator);      // certificate generator     x509v3certificategenerator certificategenerator = new x509v3certificategenerator();      // serial number     biginteger serialnumber = bigintegers.createrandominrange(biginteger.one, biginteger.valueof(int64.maxvalue), random);     certificategenerator.setserialnumber(serialnumber);      // signature algorithm     //const string signaturealgorithm = "sha256withrsa";     //certificategenerator.setsignaturealgorithm(signaturealgorithm);      // issuer , subject name     x509name subjectdn = new x509name(subjectname);     x509name issuerdn = subjectdn;     certificategenerator.setissuerdn(issuerdn);     certificategenerator.setsubjectdn(subjectdn);      // valid     datetime notbefore = datetime.utcnow.date;     datetime notafter = notbefore.addyears(2);      certificategenerator.setnotbefore(notbefore);     certificategenerator.setnotafter(notafter);      // subject public key     asymmetriccipherkeypair subjectkeypair;     keygenerationparameters keygenerationparameters = new keygenerationparameters(random, keystrength);     rsakeypairgenerator keypairgenerator = new rsakeypairgenerator();     keypairgenerator.init(keygenerationparameters);     subjectkeypair = keypairgenerator.generatekeypair();      certificategenerator.setpublickey(subjectkeypair.public);      // generating certificate     asymmetriccipherkeypair issuerkeypair = subjectkeypair;     isignaturefactory signaturefactory = new asn1signaturefactory("sha512withrsa", issuerkeypair.private, random);     // selfsign certificate     x509certificate certificate = certificategenerator.generate(signaturefactory);     x509certificate2 x509 = new x509certificate2(certificate.getencoded());      caprivatekey = issuerkeypair.private;      return x509;     //return issuerkeypair.private;  } public static bool addcertificatetospecifiedstore(x509certificate2 cert, storename st, storelocation sl) {     bool bret = false;      try     {         x509store store = new x509store(st, sl);         store.open(openflags.readwrite);         store.add(cert);          store.close();     }     catch     {         console.writeline("an error occured");     }      return bret; } public static string executecommand(string action) {     stringbuilder stringbuilder = new stringbuilder();     using (process process = new process     {         startinfo = new processstartinfo         {             windowstyle = processwindowstyle.normal,             filename = "cmd.exe",             useshellexecute = false,             redirectstandardoutput = true,             arguments = "/c " + action         }     })     {         console.writeline("executing command:");         console.writeline(action);         process.start();         while (!process.standardoutput.endofstream)         {             stringbuilder.appendline(process.standardoutput.readline());         }         process.close();     }      return stringbuilder.tostring(); }

here more complete answer. gets rid of obsolete calls in both methods.

note - using nuget install-package bouncycastle.crypto.dll


Comments

Post a Comment

Popular posts from this blog

Ansible - ERROR! the field 'hosts' is required but was not set -

-
i've error when launch playbook don't found why.... error! field 'hosts' required not set there main.yml : --- - hosts: hosts - vars: - elasticsearch_java_home: /usr/lib/jmv/jre-1.7.0 - elasticsearch_http_port: 8443 - tasks: - include: tasks/main.yml - handlers: - include: handlers/main.yml and /etc/ansible/hosts : [hosts] 10.23.108.182 10.23.108.183 10.23.108.184 10.23.108.185 when test ping, : [root@poste08-08-00 elasticsearch]# ansible hosts -m ping 10.23.108.183 | success => { "changed": false, "ping": "pong" } 10.23.108.182 | success => { "changed": false, "ping": "pong" } 10.23.108.185 | success => { "changed": false, "ping": "pong" } 10.23.108.184 | success => { "changed": false, "ping": "pong" } please, me :) regards, you have syntax error in playbook.
Read more

customize file_field button ruby on rails -

-
i'm trying rid of ugly button rails has default file upload. want add glyphicon <%= f.file_field :image_url, class:"glyphicon glyphicon-camera" %> this didn't work , have tried other things in different post saw on page, don't attach file. as suggested here bootstrap filestyle , can use bootstrap's filestyle style file upload buttons. step-1: add layout application.html.erb i have added bootstrap filestyle library cdn. should make sure have both jquery , boostrap loaded. <script type="text/javascript" src="https://cdn.jsdelivr.net/bootstrap.filestyle/1.1.0/js/bootstrap-filestyle.min.js"> </script> step-2: add corresponding js file: $(":file").filestyle({input: false}); step-3: image_url file field follows: <%= f.file_field :image_url,class: "filestyle", "data-input" => false %>
Read more

SoapUI on windows 10 - high DPI/4K scaling issue -

-
Image
soapui doesn't seem dpi-aware , displays small on high dpi screen (tiny text , buttons). other applications running fine (screen resolution 3840 x 2160). version : soapui 5.1.2 os : windows 10 i have tried: configure soapui run "disable display scaling on high dpi settings" - parts of soapui looking bigger , don't display (image) changing resolution changing font size (preferences > editor settings > select font...) therefore assume, soapui pretends dpi-aware, not scale itself. have same issue? this workaround until developers round making version dpi-aware. step 1: add registry key hkey_local_machine\software\microsoft\windows\currentversion\sidebyside\preferexternalmanifest (dword) 1 step 2: add manifest file 'soapui-5.2.1.exe.manifest' in same directory 'soapui-5.2.1.exe' content of manifest file: <?xml version="1.0" encoding="utf-8" standalone="yes"?> <assembly xml
Read more