4

plesae help me; i use bouncy castle to create a certificate x.509 with private/publi key DSA, the following code is what i use:

SecureRandom randomdsa = new SecureRandom();

            DateTime startDatedsa = DateTime.Today;

            DateTime expiryDatedsa = DateTime.Today.AddYears(2); // Set whatever expiration date you want

            BigInteger serialNumberdsa = new BigInteger(1, BitConverter.GetBytes(DateTime.Now.Ticks));


            DsaKeyPairGenerator generatordsa = new DsaKeyPairGenerator();

            DsaParametersGenerator paramgen = new DsaParametersGenerator();

            paramgen.Init(512, 100, new SecureRandom());

            DsaKeyGenerationParameters genParamdsa = new DsaKeyGenerationParameters(new SecureRandom(), paramgen.GenerateParameters());

            generatordsa.Init(genParamdsa);


            AsymmetricCipherKeyPair keyPairdsa = generatordsa.GenerateKeyPair();

            DsaPrivateKeyParameters dsaprivkey2=  ((DsaPrivateKeyParameters) keyPairdsa.Private);


            X509V3CertificateGenerator certGendsa = new X509V3CertificateGenerator();

            X509Name dnNamedsa = new X509Name("CN= DSA with private ");

            certGendsa.SetSerialNumber(serialNumberdsa);

            certGendsa.SetIssuerDN(cert.IssuerDN); // a name of the issuer
            certGendsa.SetSubjectDN(dnNamedsa);

            certGendsa.SetPublicKey(keyPairdsa.Public);

            certGendsa.SetSignatureAlgorithm("sha512WithRSA");

            certGendsa.SetNotBefore(startDatedsa);

            certGendsa.SetNotAfter(expiryDatedsa);

            Org.BouncyCastle.X509.X509Certificate certdsa = certGendsa.Generate(ackp.Private); // a private key of the issuer

certGendsa.AddExtension(X509Extensions.AuthorityKeyIdentifier, true, new AuthorityKeyIdentifierStructure(cert)); // cert is the authority

        certGendsa.AddExtension(X509Extensions.ExtendedKeyUsage, false, new ExtendedKeyUsage(us));
        certGendsa.AddExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage. CrlSign|KeyUsage.KeyCertSign));
        certGendsa.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false));

//private parametres:

            DSACryptoServiceProvider rcspdsa = new DSACryptoServiceProvider();
            DSAParameters parmsdsa = new DSAParameters();
            parmsdsa.X = dsaprivkey2.X.ToByteArrayUnsigned();
            parmsdsa.P= dsaprivkey2.Parameters.P.ToByteArrayUnsigned();
            parmsdsa.Q= dsaprivkey2.Parameters.Q.ToByteArrayUnsigned();
            parmsdsa.G= dsaprivkey2.Parameters.G.ToByteArrayUnsigned(); 

            rcspdsa.ImportParameters(parmsdsa);

            Pkcs12Store pkcs12Storedsa = new Pkcs12StoreBuilder().Build();

            byte[] importcertds = DotNetUtilities.ToX509Certificate(certdsa).Export(System.Security.Cryptography.X509Certificates.X509ContentType.Pkcs12, "password");
            var importcertdsa = new X509Certificate2(importcertds, "password");

            X509CertificateEntry cedsa = new X509CertificateEntry(DotNetUtilities.FromX509Certificate(importcertdsa));
            pkcs12Storedsa.SetCertificateEntry("DSACertificate", cedsa);
            pkcs12Storedsa.SetKeyEntry("DSAPrivKey", new AsymmetricKeyEntry(DotNetUtilities.GetDsaKeyPair(rcspdsa).Private), new[] { cedsa });

            pkcs12Storedsa.Save(File.Open("dsacert.pfx", FileMode.OpenOrCreate), "password".ToCharArray(), new SecureRandom());

            rcspdsa.PersistKeyInCsp = true;

            DSACryptoServiceProvider.UseMachineKeyStore = true;
            importcertdsa.PrivateKey = rcspdsa;// hear is the exception

// adding the certificate to the current user:

              var storedsa = new X509Store("Root", StoreLocation.CurrentUser);
              storedsa.Open(OpenFlags.ReadWrite);
            storedsa.Add(importcertdsa);
            storedsa.Close();

a probleme is that i recieve an exception:

CryptographicUnexpectedOperationException : la clé publique du certificat ne correspond pas a la valeur spécifié (the public key of the certificate does not match with the value specified ) the exception is the thrown at the instruction :

importcertdsa.PrivateKey = rcspdsa;

is thers any one who can help me ?

thanks a lot

Mely
  • 317
  • 2
  • 4
  • 16
  • Did you manage to solve this issue? What was the problem? I am facing the very same issue... – vojta Sep 11 '15 at 06:31
  • 1
    For those who might found this question - similar issue was resolved here - http://stackoverflow.com/q/32516636/5311735 – Evk Sep 11 '15 at 09:08

0 Answers0