Home Explore Help
Sign In
mirrors
/
jellyfin
mirror of https://github.com/jellyfin/jellyfin
2
0
Fork 0
Files Issues 0 Wiki
Tree: c2e9df41dc
Branches Tags
jellyfin
/
MediaBrowser.Server.Startup.Common
/
Cryptography
/
PfxGenerator.cs

PfxGenerator.cs 2.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475 
  1. using System;
    2. 

  2. using System.Collections;
    3. 

  3. using System.Security.Cryptography;
    4. 

  4. 

  5. namespace Emby.Common.Implementations.Security
    6. 

  6. {
    7. 

  7.     public class PFXGenerator
    8. 

  8.     {
    9. 

  9.         // http://www.freekpaans.nl/2015/04/creating-self-signed-x-509-certificates-using-mono-security/
    10. 

  10.         public static byte[] GeneratePfx(string certificateName, string password)
    11. 

  11.         {
    12. 

  12.             byte[] sn = GenerateSerialNumber();
    13. 

  13.             string subject = string.Format("CN={0}", certificateName);
    14. 

  14. 

  15.             DateTime notBefore = DateTime.Now;
    16. 

  16.             DateTime notAfter = DateTime.Now.AddYears(20);
    17. 

  17. 

  18.             RSA subjectKey = new RSACryptoServiceProvider(2048);
    19. 

  19. 

  20. 

  21.             string hashName = "SHA256";
    22. 

  22. 

  23.             X509CertificateBuilder cb = new X509CertificateBuilder(3);
    24. 

  24.             cb.SerialNumber = sn;
    25. 

  25.             cb.IssuerName = subject;
    26. 

  26.             cb.NotBefore = notBefore;
    27. 

  27.             cb.NotAfter = notAfter;
    28. 

  28.             cb.SubjectName = subject;
    29. 

  29.             cb.SubjectPublicKey = subjectKey;
    30. 

  30.             cb.Hash = hashName;
    31. 

  31. 

  32.             byte[] rawcert = cb.Sign(subjectKey);
    33. 

  33. 

  34. 

  35.             PKCS12 p12 = new PKCS12();
    36. 

  36.             p12.Password = password;
    37. 

  37. 

  38.             Hashtable attributes = GetAttributes();
    39. 

  39. 

  40.             p12.AddCertificate(new X509Certificate(rawcert), attributes);
    41. 

  41.             p12.AddPkcs8ShroudedKeyBag(subjectKey, attributes);
    42. 

  42. 

  43.             return p12.GetBytes();
    44. 

  44.         }
    45. 

  45. 

  46.         private static Hashtable GetAttributes()
    47. 

  47.         {
    48. 

  48.             ArrayList list = new ArrayList();
    49. 

  49.             // we use a fixed array to avoid endianess issues 
    50. 

  50.             // (in case some tools requires the ID to be 1).
    51. 

  51.             list.Add(new byte[4] { 1, 0, 0, 0 });
    52. 

  52.             Hashtable attributes = new Hashtable(1);
    53. 

  53.             attributes.Add(PKCS9.localKeyId, list);
    54. 

  54.             return attributes;
    55. 

  55.         }
    56. 

  56. 

  57.         private static byte[] GenerateSerialNumber()
    58. 

  58.         {
    59. 

  59.             byte[] sn = Guid.NewGuid().ToByteArray();
    60. 

  60. 

  61.             //must be positive
    62. 

  62.             if ((sn[0] & 0x80) == 0x80)
    63. 

  63.                 sn[0] -= 0x80;
    64. 

  64.             return sn;
    65. 

  65.         }
    66. 

  66. 

  67.         public static byte[] GetCertificateForBytes(byte[] pfx, string password)
    68. 

  68.         {
    69. 

  69.             var pkcs = new PKCS12(pfx, password);
    70. 

  70.             var cert = pkcs.GetCertificate(GetAttributes());
    71. 

  71. 

  72.             return cert.RawData;
    73. 

  73.         }
    74. 

  74.     }
    75. 

  75. }
    76.