using Org.BouncyCastle.Asn1;

using Org.BouncyCastle.Asn1.Pkcs;

using Org.BouncyCastle.Asn1.Sec;

using Org.BouncyCastle.Asn1.X509;

using Org.BouncyCastle.Crypto;

using Org.BouncyCastle.Crypto.Generators;

using Org.BouncyCastle.Crypto.Parameters;

using Org.BouncyCastle.Pkcs;

using Org.BouncyCastle.Security;

using System;

using System.Collections.Generic;

using X509Extension = Org.BouncyCastle.Asn1.X509.X509Extension;

public class Program

{

    public static void Main()

    {

        string result = GeneratePkcs10ECDSA("127.0.0.1", "amman Branchch", "haya yag 3", "SA", "sanDirName");

        Console.WriteLine(result);

    }

    public static string GeneratePkcs10ECDSA(string commonName, string organizationUnitName, string organizationName, string country, string sanDirName)

    {

        try

        {

            // Create ECDSA key pair generator

            var ecKeyPairGenerator = new ECKeyPairGenerator();

            var genParam = new ECKeyGenerationParameters(SecObjectIdentifiers.SecP256k1, new SecureRandom());

            ecKeyPairGenerator.Init(genParam);

            AsymmetricCipherKeyPair ecKeyPair = ecKeyPairGenerator.GenerateKeyPair();

​

            // Subject Name

            var subjectAttrs = new List<DerObjectIdentifier>() { X509Name.C, X509Name.OU, X509Name.O, X509Name.CN };

            var subjectValues = new List<string>() { country, organizationUnitName, organizationName, commonName };

            var subject = new X509Name(subjectAttrs.ToArray(), subjectValues.ToArray());

​

            // SAN

            var sanAttrs = new List<DerObjectIdentifier>() { X509Name.Surname, X509Name.UID, X509Name.T, new DerObjectIdentifier("2.5.4.26"), X509Name.BusinessCategory};

            var sanValues = new List<string>() { "1-haya|2-234|3-354", "310175397400003", "1100", "Zatca 3", "Food Bussiness3" };

            var san = new X509Name(sanAttrs.ToArray(), sanValues.ToArray());

​

            // Extensions using SAN

            var extensionsDictionary = new Dictionary<DerObjectIdentifier, X509Extension>()

            {

                {

                    new DerObjectIdentifier("1.3.6.1.4.1.311.20.2"),

                    new X509Extension(false, new DerOctetString(new DerPrintableString("TSTZATCA-Code-Signing")))

                },

                {

                    X509Extensions.SubjectAlternativeName,

                    new X509Extension(false, new DerOctetString(new DerSequence(new DerTaggedObject(4, san))))

                },

            };

            var extensions = new X509Extensions(extensionsDictionary); 

            var attribute = new AttributePkcs(PkcsObjectIdentifiers.Pkcs9AtExtensionRequest, new DerSet(extensions));

            var extensionsSet = new DerSet(attribute);

            // Create CSR using keys, subject, extensions 

            var pkcs10CertificationRequest = new Pkcs10CertificationRequest(

                "SHA256withECDSA",

                subject,

                ecKeyPair.Public,

                extensionsSet,

                ecKeyPair.Private);

            var csr = Convert.ToBase64String(pkcs10CertificationRequest.GetEncoded());

​

            return csr; // check the result in an ASN.1 oarser, e.g. h ttps://lapo.it/asn1js/

        }

        catch (Exception ex)

        {

            // Handle errors as needed

            throw new Exception(ex.Message);

        }

    }

}