Skip to content

Креирање и валидација X.509 сертификата

Преузмите софтвер за креирање “само-потписаних” x.509 сертификата овде:

https://s3.amazonaws.com/pluralsight-free/keith-brown/samples/SelfCert.zip

Преузми пример сертификата ОВДЕ.

Задатак

Креирајте само-потписани x.509 сертификат. Креирајте конзолну апликацију у програмском језику C# за испис вредности из x.509 сертификата.

using System;
using System.Security.Cryptography;
using System.Security.Permissions;
using System.IO;
using System.Security.Cryptography.X509Certificates;

class x509cert
{
    internal static byte[] ReadFile(string fileName)
    {
        FileStream f = new FileStream(fileName, FileMode.Open, FileAccess.Read);
        int size = (int)f.Length;
        byte[] data = new byte[size];
        size = f.Read(data, 0, size);
        f.Close();
        return data;
    }
    
    static void Main(string[] args)
    {
        if (args.Length < 1)
        {
            Console.WriteLine("UNESITE: x509cert ime_fajla.ekstenzija");
            return;
        }
        try
        {
            X509Certificate2 x509 = new X509Certificate2();
            byte[] rawData = ReadFile(args[0]);
            x509.Import(rawData);
            Console.WriteLine("{0}Subject: {1}{0}", Environment.NewLine, x509.Subject);
            Console.WriteLine("{0}Issuer: {1}{0}", Environment.NewLine, x509.Issuer);
            Console.WriteLine("{0}Version: {1}{0}", Environment.NewLine, x509.Version);
            Console.WriteLine("{0}Valid Date: {1}{0}", Environment.NewLine, x509.NotBefore);
            Console.WriteLine("{0}Expiry Date: {1}{0}", Environment.NewLine, x509.NotAfter);
            Console.WriteLine("{0}Thumbprint: {1}{0}", Environment.NewLine, x509.Thumbprint);
            Console.WriteLine("{0}Serial Number: {1}{0}", Environment.NewLine, x509.SerialNumber);
            Console.WriteLine("{0}Friendly Name: {1}{0}", Environment.NewLine, x509.PublicKey.Oid.FriendlyName);
            Console.WriteLine("{0}Public Key Format: {1}{0}", Environment.NewLine, x509.PublicKey.EncodedKeyValue.Format(true));
            Console.WriteLine("{0}Raw Data Length: {1}{0}", Environment.NewLine, x509.RawData.Length);
            Console.WriteLine("{0}Certificate to string: {1}{0}", Environment.NewLine, x509.ToString(true));
            Console.WriteLine("{0}Certificate to XML String: {1}{0}", Environment.NewLine, x509.PublicKey.Key.ToXmlString(false));
            X509Store store = new X509Store();
            store.Open(OpenFlags.MaxAllowed);
            store.Add(x509);
            store.Close();
        }
        catch (DirectoryNotFoundException)
        {
            Console.WriteLine("Greška: Navedeni direktorijum ne postoji,");
        }
        catch (IOException)
        {
            Console.WriteLine("Greška: Nije moguće pristupiti navedenom fajlu.");
        }
        catch (NullReferenceException)
        {
            Console.WriteLine("Greška: Nepoznat tip fajla. Fajl mora biti x509 sertifikat.");
        }
    }
}

Тест примери

Ако корисник није унео име фајла, односно путању као параметар приликом покретања апликације:

C:\dev\x509cert\x509cert\bin\Debug>x509cert
UNESITE: x509cert ime_fajla.ekstenzija

Ако је корисник унео име фајла, односно путању као параметар:

C:\dev\x509cert\x509cert\bin\Debug>x509cert cert.pfx

Subject: CN=localhost


Issuer: CN=localhost


Version: 3


Valid Date: 10/12/2021 12:00:00 AM


Expiry Date: 10/19/2031 12:00:00 AM


Thumbprint: D963A3CA167369A34DF14B53FA9DB6D3F73ECF63


Serial Number: 4909E732207000A049D68615624C0EBE


Friendly Name: RSA


Public Key Format: 30 82 02 0a 02 82 02 01 00 cc 89 47 19 37 cd 5e 08 08 04 a0 bf e4 f7 e0 02 b9 89 7a 4a 17 9b ed 66 da e8 3d 23 22 5e 7b b3 cd 2f 0b 9d 32 d9 ec 6d d1 38 af c9 7a 19 dc 3f fa 54 c2 55 80 26 0a 6b 8d 43 70 6b 41 4c 8b 27 51 1f 01 3a a9 ff 4a db 3a 60 e5 42 f5 45 01 23 af f2 ff 2e 16 73 68 fa 4a 35 35 12 2e 41 76 0e e1 eb b9 aa 0b a0 9d 00 39 9d 46 71 0b 75 e4 0e ac 44 0c 06 1d 66 c3 42 58 d1 6b 9d e3 1f fd bc 66 e2 01 9a de de 45 eb e4 85 cd 4b 75 80 ba 49 a0 95 b3 10 ed 01 2f 53 fd 1c 8b c8 9b 90 17 23 30 31 8e b7 e2 57 12 7e 93 23 49 3e b0 0d fa 9f 86 64 d1 71 47 28 ca 0b d6 43 4e 13 f8 92 7f 7a a0 d8 4d 5c af cf 09 2d 6c e9 7e 4d 7e 1c b4 48 33 48 c4 26 e2 1d 59 5f 08 b2 30 93 62 bc a1 ed 9a 1b b6 b5 7c 7f 32 ce e7 63 2d 62 45 53 5b b4 02 65 72 68 cb 04 ef 40 d5 38 a4 75 00 35 6f c5 db 5e f3 ab a8 cd e8 92 2a b3 cd d2 ac f2 1d 8d 98 45 01 eb 4c 5b 6e 14 a0 71 44 90 55 36 23 70 05 5a 32 64 c2 d5 fb 37 4f d5 e6 87 68 ad 83 20 45 0a 35 83 8e 32 4a 1b 8c d6 c5 20 83 6c dc 0c ee 1c 8b e4 2b b2 5e ba ad d0 46 c0 3a 64 1b 7e f6 8e a2 7d e9 dd 50 48 99 85 7c 91 fc 0e cf cb 03 76 53 6e 1a 3b fa 3d 33 ac 8e 4c d9 bc d5 0c cb 28 3e f8 9f e0 42 e8 16 6f fe 4f de e4 9b 6b 78 21 b0 02 e0 89 8f 9d d2 03 fd c0 ac 0d 35 f2 83 66 c1 7a 2d 75 9f e0 20 20 59 18 bb 0d 05 28 6d 6a 40 79 e3 5d 5e aa 0d 16 6c 0e 5c 7e 8b 98 23 d5 8f 67 10 61 00 32 2e f0 73 61 4c 6d 52 49 c6 e3 9b 1c 04 65 37 4f ba b6 8e 7a 36 8b 36 95 39 bd ed 69 f1 1c 2d 35 33 4c e6 03 42 2d a7 e6 5d b8 26 39 de 2e 51 b4 6d 64 d1 f5 03 c7 8d a7 13 34 98 c2 b5 00 c6 78 5e fc 9f 3f 28 d2 1c 91 02 03 01 00 01


Raw Data Length: 1204


Certificate to string: [Version]
  V3

[Subject]
  CN=localhost
  Simple Name: localhost
  DNS Name: localhost

[Issuer]
  CN=localhost
  Simple Name: localhost
  DNS Name: localhost

[Serial Number]
  4909E732207000A049D68615624C0EBE

[Not Before]
  10/12/2021 12:00:00 AM

[Not After]
  10/19/2031 12:00:00 AM

[Thumbprint]
  D963A3CA167369A34DF14B53FA9DB6D3F73ECF63

[Signature Algorithm]
  sha1RSA(1.2.840.113549.1.1.5)

[Public Key]
  Algorithm: RSA
  Length: 4096
  Key Blob: 30 82 02 0a 02 82 02 01 00 cc 89 47 19 37 cd 5e 08 08 04 a0 bf e4 f7 e0 02 b9 89 7a 4a 17 9b ed 66 da e8 3d 23 22 5e 7b b3 cd 2f 0b 9d 32 d9 ec 6d d1 38 af c9 7a 19 dc 3f fa 54 c2 55 80 26 0a 6b 8d 43 70 6b 41 4c 8b 27 51 1f 01 3a a9 ff 4a db 3a 60 e5 42 f5 45 01 23 af f2 ff 2e 16 73 68 fa 4a 35 35 12 2e 41 76 0e e1 eb b9 aa 0b a0 9d 00 39 9d 46 71 0b 75 e4 0e ac 44 0c 06 1d 66 c3 42 58 d1 6b 9d e3 1f fd bc 66 e2 01 9a de de 45 eb e4 85 cd 4b 75 80 ba 49 a0 95 b3 10 ed 01 2f 53 fd 1c 8b c8 9b 90 17 23 30 31 8e b7 e2 57 12 7e 93 23 49 3e b0 0d fa 9f 86 64 d1 71 47 28 ca 0b d6 43 4e 13 f8 92 7f 7a a0 d8 4d 5c af cf 09 2d 6c e9 7e 4d 7e 1c b4 48 33 48 c4 26 e2 1d 59 5f 08 b2 30 93 62 bc a1 ed 9a 1b b6 b5 7c 7f 32 ce e7 63 2d 62 45 53 5b b4 02 65 72 68 cb 04 ef 40 d5 38 a4 75 00 35 6f c5 db 5e f3 ab a8 cd e8 92 2a b3 cd d2 ac f2 1d 8d 98 45 01 eb 4c 5b 6e 14 a0 71 44 90 55 36 23 70 05 5a 32 64 c2 d5 fb 37 4f d5 e6 87 68 ad 83 20 45 0a 35 83 8e 32 4a 1b 8c d6 c5 20 83 6c dc 0c ee 1c 8b e4 2b b2 5e ba ad d0 46 c0 3a 64 1b 7e f6 8e a2 7d e9 dd 50 48 99 85 7c 91 fc 0e cf cb 03 76 53 6e 1a 3b fa 3d 33 ac 8e 4c d9 bc d5 0c cb 28 3e f8 9f e0 42 e8 16 6f fe 4f de e4 9b 6b 78 21 b0 02 e0 89 8f 9d d2 03 fd c0 ac 0d 35 f2 83 66 c1 7a 2d 75 9f e0 20 20 59 18 bb 0d 05 28 6d 6a 40 79 e3 5d 5e aa 0d 16 6c 0e 5c 7e 8b 98 23 d5 8f 67 10 61 00 32 2e f0 73 61 4c 6d 52 49 c6 e3 9b 1c 04 65 37 4f ba b6 8e 7a 36 8b 36 95 39 bd ed 69 f1 1c 2d 35 33 4c e6 03 42 2d a7 e6 5d b8 26 39 de 2e 51 b4 6d 64 d1 f5 03 c7 8d a7 13 34 98 c2 b5 00 c6 78 5e fc 9f 3f 28 d2 1c 91 02 03 01 00 01
  Parameters: 05 00

[Private Key]
  Key Store: User
  Provider Name: Microsoft Enhanced Cryptographic Provider v1.0
  Provider type: 1
  Key Spec: Exchange
  Key Container Name: {74D1798D-243E-45A1-B798-B3E367EB795B}
  Unique Key Container Name: c8e723398d230ff16cdf6833fe948733_12e2ef93-68b3-4d69-b578-bac32467a05f
  Hardware Device: False
  Removable: False
  Protected: False



Certificate to XML String: <RSAKeyValue><Modulus>zIlHGTfNXggIBKC/5PfgArmJekoXm+1m2ug9IyJee7PNLwudMtnsbdE4r8l6Gdw/+lTCVYAmCmuNQ3BrQUyLJ1EfATqp/0rbOmDlQvVFASOv8v8uFnNo+ko1NRIuQXYO4eu5qgugnQA5nUZxC3XkDqxEDAYdZsNCWNFrneMf/bxm4gGa3t5F6+SFzUt1gLpJoJWzEO0BL1P9HIvIm5AXIzAxjrfiVxJ+kyNJPrAN+p+GZNFxRyjKC9ZDThP4kn96oNhNXK/PCS1s6X5Nfhy0SDNIxCbiHVlfCLIwk2K8oe2aG7a1fH8yzudjLWJFU1u0AmVyaMsE70DVOKR1ADVvxdte86uozeiSKrPN0qzyHY2YRQHrTFtuFKBxRJBVNiNwBVoyZMLV+zdP1eaHaK2DIEUKNYOOMkobjNbFIINs3AzuHIvkK7Jeuq3QRsA6ZBt+9o6ifendUEiZhXyR/A7PywN2U24aO/o9M6yOTNm81QzLKD74n+BC6BZv/k/e5JtreCGwAuCJj53SA/3ArA018oNmwXotdZ/gICBZGLsNBShtakB5411eqg0WbA5cfouYI9WPZxBhADIu8HNhTG1SScbjmxwEZTdPuraOejaLNpU5ve1p8RwtNTNM5gNCLafmXbgmOd4uUbRtZNH1A8eNpxM0mMK1AMZ4XvyfPyjSHJE=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>