biohazard999 · April 29, 2018 04:55
diff --git a/Make.cert.cs b/Make.cert.cs
 Task("Cert.Make")
    .Does(() =>
    {
        if(FileExists("Scissors.FeatureCenter.Package\\Scissors.FeatureCenter.Package.pfx"))
        {
            Information("Key exists, no need to regenerate it.");
            return;
        }

        var subjectName = "DN=mgrun";
        const string password = "12345";
        
        var randomGenerator = new Org.BouncyCastle.Crypto.Prng.CryptoApiRandomGenerator();
        var random = new Org.BouncyCastle.Security.SecureRandom(randomGenerator);
        var certificateGenerator = new Org.BouncyCastle.X509.X509V3CertificateGenerator();

        var serialNumber = Org.BouncyCastle.Utilities.BigIntegers.CreateRandomInRange(
            Org.BouncyCastle.Math.BigInteger.One,
            Org.BouncyCastle.Math.BigInteger.ValueOf(Int64.MaxValue),
            random);

        certificateGenerator.SetSerialNumber(serialNumber);

        const string signatureAlgorithm = "SHA256WithRSA";
        certificateGenerator.SetSignatureAlgorithm(signatureAlgorithm);

        var subjectDN = new Org.BouncyCastle.Asn1.X509.X509Name(subjectName);
        var issuerDN = subjectDN;
        certificateGenerator.SetIssuerDN(issuerDN);
        certificateGenerator.SetSubjectDN(subjectDN);

        var notBefore = DateTime.UtcNow.Date;
        var notAfter = notBefore.AddYears(1);

        certificateGenerator.SetNotBefore(notBefore);
        certificateGenerator.SetNotAfter(notAfter);

        const int strength = 2048;
        var keyGenerationParameters = new Org.BouncyCastle.Crypto.KeyGenerationParameters(random, strength);

        var keyPairGenerator = new Org.BouncyCastle.Crypto.Generators.RsaKeyPairGenerator();
        keyPairGenerator.Init(keyGenerationParameters);
        var subjectKeyPair = keyPairGenerator.GenerateKeyPair();

        certificateGenerator.SetPublicKey(subjectKeyPair.Public);

        var issuerKeyPair = subjectKeyPair;
        var certificate = certificateGenerator.Generate(issuerKeyPair.Private, random);

        var store = new Org.BouncyCastle.Pkcs.Pkcs12Store();
        var friendlyName = certificate.SubjectDN.ToString();

        var certificateEntry = new Org.BouncyCastle.Pkcs.X509CertificateEntry(certificate);
        store.SetCertificateEntry(friendlyName, certificateEntry);

        store.SetKeyEntry(friendlyName, new Org.BouncyCastle.Pkcs.AsymmetricKeyEntry(subjectKeyPair.Private), new[] { certificateEntry });
        var stream = new System.IO.MemoryStream();
        store.Save(stream, password.ToCharArray(), random);

        System.IO.File.WriteAllBytes(@"Scissors.FeatureCenter.Package\\Scissors.FeatureCenter.Package.pfx", stream.ToArray());

        stream.Position = 0;

        var convertedCertificate =
            new System.Security.Cryptography.X509Certificates.X509Certificate2(
                stream.ToArray(), 
                password,
                System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.PersistKeySet | System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.Exportable);

        using (var dotnetStore = new System.Security.Cryptography.X509Certificates.X509Store(System.Security.Cryptography.X509Certificates.StoreName.My, System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser))
        {
            dotnetStore.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadWrite);
            dotnetStore.Add(convertedCertificate);
        }
        // var today = DateTime.Today;
        // var nextYear = today.AddYears(1);

        // var args = $"-n \"CN=mgrun\" -r -pe -a sha512 -len 4096 -h 0 -eku \"1.3.6.1.5.5.7.3.3,1.3.6.1.4.1.311.10.3.13\" -sv Scissors.FeatureCenter.Package\\Scissors.FeatureCenter.Package.pvk Scissors.FeatureCenter.Package\\Scissors.FeatureCenter.Package.cer";
        // Information(args);
        // var exitCode = StartProcess(makeCertLocation, args);

        // Information($"Cert.Make.MakeCert.ExitCode: {exitCode}");
        // if(exitCode > 0) {
        //     throw new Exception($"Cert.MakeCert failed with non zero Exit-Code: {exitCode}");
        // }

        // args = $"-f -pi 1234 -pvk Scissors.FeatureCenter.Package\\Scissors.FeatureCenter.Package.pvk -spc Scissors.FeatureCenter.Package\\Scissors.FeatureCenter.Package.cer -pfx Scissors.FeatureCenter.Package\\Scissors.FeatureCenter.Package.pfx";
        // Information(args);
        // exitCode = StartProcess(pvk2PfxLocation, args);

        // Information($"Cert.Make.Pvk2Pfx.ExitCode: {exitCode}");
        // if(exitCode > 0) {
        //     throw new Exception($"Cert.Make.Pvk2Pfx failed with non zero Exit-Code: {exitCode}");
        // }

        // args = $"-addStore TrustedPeople Scissors.FeatureCenter.Package\\Scissors.FeatureCenter.Package.cer";
        // exitCode = StartProcess("certutil", args);

        // Information($"Cert.MakeCert.ExitCode: {exitCode}");
        // if(exitCode > 0) {
        //     throw new Exception($"Cert.MakeCert failed with non zero Exit-Code: {exitCode}");
        // }
    });
	Task("Cert.Make")
	.Does(() =>
	{
	if(FileExists("Scissors.FeatureCenter.Package\\Scissors.FeatureCenter.Package.pfx"))
	{
	Information("Key exists, no need to regenerate it.");
	return;
	}

	var subjectName = "DN=mgrun";
	const string password = "12345";

	var randomGenerator = new Org.BouncyCastle.Crypto.Prng.CryptoApiRandomGenerator();
	var random = new Org.BouncyCastle.Security.SecureRandom(randomGenerator);
	var certificateGenerator = new Org.BouncyCastle.X509.X509V3CertificateGenerator();

	var serialNumber = Org.BouncyCastle.Utilities.BigIntegers.CreateRandomInRange(
	Org.BouncyCastle.Math.BigInteger.One,
	Org.BouncyCastle.Math.BigInteger.ValueOf(Int64.MaxValue),
	random);

	certificateGenerator.SetSerialNumber(serialNumber);

	const string signatureAlgorithm = "SHA256WithRSA";
	certificateGenerator.SetSignatureAlgorithm(signatureAlgorithm);

	var subjectDN = new Org.BouncyCastle.Asn1.X509.X509Name(subjectName);
	var issuerDN = subjectDN;
	certificateGenerator.SetIssuerDN(issuerDN);
	certificateGenerator.SetSubjectDN(subjectDN);

	var notBefore = DateTime.UtcNow.Date;
	var notAfter = notBefore.AddYears(1);

	certificateGenerator.SetNotBefore(notBefore);
	certificateGenerator.SetNotAfter(notAfter);

	const int strength = 2048;
	var keyGenerationParameters = new Org.BouncyCastle.Crypto.KeyGenerationParameters(random, strength);

	var keyPairGenerator = new Org.BouncyCastle.Crypto.Generators.RsaKeyPairGenerator();
	keyPairGenerator.Init(keyGenerationParameters);
	var subjectKeyPair = keyPairGenerator.GenerateKeyPair();

	certificateGenerator.SetPublicKey(subjectKeyPair.Public);

	var issuerKeyPair = subjectKeyPair;
	var certificate = certificateGenerator.Generate(issuerKeyPair.Private, random);

	var store = new Org.BouncyCastle.Pkcs.Pkcs12Store();
	var friendlyName = certificate.SubjectDN.ToString();

	var certificateEntry = new Org.BouncyCastle.Pkcs.X509CertificateEntry(certificate);
	store.SetCertificateEntry(friendlyName, certificateEntry);

	store.SetKeyEntry(friendlyName, new Org.BouncyCastle.Pkcs.AsymmetricKeyEntry(subjectKeyPair.Private), new[] { certificateEntry });
	var stream = new System.IO.MemoryStream();
	store.Save(stream, password.ToCharArray(), random);

	System.IO.File.WriteAllBytes(@"Scissors.FeatureCenter.Package\\Scissors.FeatureCenter.Package.pfx", stream.ToArray());

	stream.Position = 0;

	var convertedCertificate =
	new System.Security.Cryptography.X509Certificates.X509Certificate2(
	stream.ToArray(),
	password,
	System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.PersistKeySet \| System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.Exportable);

	using (var dotnetStore = new System.Security.Cryptography.X509Certificates.X509Store(System.Security.Cryptography.X509Certificates.StoreName.My, System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser))
	{
	dotnetStore.Open(System.Security.Cryptography.X509Certificates.OpenFlags.ReadWrite);
	dotnetStore.Add(convertedCertificate);
	}
	// var today = DateTime.Today;
	// var nextYear = today.AddYears(1);

	// var args = $"-n \"CN=mgrun\" -r -pe -a sha512 -len 4096 -h 0 -eku \"1.3.6.1.5.5.7.3.3,1.3.6.1.4.1.311.10.3.13\" -sv Scissors.FeatureCenter.Package\\Scissors.FeatureCenter.Package.pvk Scissors.FeatureCenter.Package\\Scissors.FeatureCenter.Package.cer";
	// Information(args);
	// var exitCode = StartProcess(makeCertLocation, args);

	// Information($"Cert.Make.MakeCert.ExitCode: {exitCode}");
	// if(exitCode > 0) {
	// throw new Exception($"Cert.MakeCert failed with non zero Exit-Code: {exitCode}");
	// }

	// args = $"-f -pi 1234 -pvk Scissors.FeatureCenter.Package\\Scissors.FeatureCenter.Package.pvk -spc Scissors.FeatureCenter.Package\\Scissors.FeatureCenter.Package.cer -pfx Scissors.FeatureCenter.Package\\Scissors.FeatureCenter.Package.pfx";
	// Information(args);
	// exitCode = StartProcess(pvk2PfxLocation, args);

	// Information($"Cert.Make.Pvk2Pfx.ExitCode: {exitCode}");
	// if(exitCode > 0) {
	// throw new Exception($"Cert.Make.Pvk2Pfx failed with non zero Exit-Code: {exitCode}");
	// }

	// args = $"-addStore TrustedPeople Scissors.FeatureCenter.Package\\Scissors.FeatureCenter.Package.cer";
	// exitCode = StartProcess("certutil", args);

	// Information($"Cert.MakeCert.ExitCode: {exitCode}");
	// if(exitCode > 0) {
	// throw new Exception($"Cert.MakeCert failed with non zero Exit-Code: {exitCode}");
	// }
	});