Bouncy Castle Decode CSR c#

Question

I'm attempting to learn how to decode a csr with the bouncy castle as I intend to use it to learn other crypto things.

I'm also not finding any documentation for c# just java.

Here's how I'm calling DecodeCSR(string str):

 static void Main(string[] args)
    {
        string csr = "-----BEGIN NEW CERTIFICATE REQUEST-----...";
        DecodeCSR(csr);
        Console.ReadLine();
    }

Here's my method where I'm getting an IO Exception(Included below), my main problem is I don't know what to give Pkcs10CertificationRequest.

private static void DecodeCSR(string csr)
    {
        try
        {
            byte[] csrEncode = Encoding.UTF8.GetBytes(csr);
            Pkcs10CertificationRequest csrDecoder = new Pkcs10CertificationRequest(csrEncode);
            byte[] csrDecode = csrDecoder.GetEncoded();
        }
        catch (IOException e)
        {
            Console.WriteLine(e);
        }

    }

The error message:

 System.IO.IOException: unknown tag 13 encountered
   at Org.BouncyCastle.Asn1.Asn1InputStream.BuildObject(Int32 tag, Int32 tagNo, Int32 length)
   at Org.BouncyCastle.Asn1.Asn1InputStream.ReadObject()
   at Org.BouncyCastle.Asn1.Asn1Object.FromByteArray(Byte[] data)
   at Org.BouncyCastle.Pkcs.Pkcs10CertificationRequest..ctor(Byte[] encoded)

Answer 1

Luke Woodward's answer is quite correct. I will add only that the functionality is implemented directly by Org.BouncyCastle.OpenSsl.PemReader:

Pkcs10CertificationRequest decodedCsr = (Pkcs10CertificationRequest)new PemReader(new StringReader(csr)).ReadObject();

Apart from brevity, this is preferable for including better syntax checking, and supporting things like headers and encryption (neither used in this particular example).

Answer 2

You are trying to decode the CSR into a byte array the wrong way.

Here's a test CSR I created to answer this question:

-----BEGIN NEW CERTIFICATE REQUEST-----
MIIC3zCCAccCAQAwajELMAkGA1UEBhMCWFgxEDAOBgNVBAgTB1Vua25vd24xEDAOBgNVBAcTB05v
d2hlcmUxGjAYBgNVBAoTEVRlc3RlcnMgVW5saW1pdGVkMQ0wCwYDVQQLEwRUZXN0MQwwCgYDVQQD
EwNCb2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUf5kRJVMNwPu+nEnJ3Av5J59H
vkeU0fOQtI+ezvHoJXc0A4iGDBm9PUw+eAXHw237Yu7+AyzgQCD8mwQt/lHLjXG/yeX66PhTFlzH
Lhk4rqL9PQATbl4uCYtWoJmeEOWHL26dfI//AFsL9/smVyjD1mJfee6998PwwHB6BxqSaqXiR1Et
lC4jx+B2E6btvMtREQ94cECoQudSgo3MRMBH+FuEcCofNtwosEpptjIN59ywVfDDU2Me58r930Ej
A8EZbXwYpUjwaHtXK80TKq8yF3Af7Hbt6FhkXOv1QtF0EYUKvE4BVTAx4mPLUy2mct8Ft8/+/Lbt
HDmslaBCAFZrAgMBAAGgMDAuBgkqhkiG9w0BCQ4xITAfMB0GA1UdDgQWBBRt0aHvY5c29iUS6/7E
3FC+Bn3FNDANBgkqhkiG9w0BAQsFAAOCAQEAe+e+3WfxJd/ztcIDRR8YfVkeOlE0b8Erze13fQi/
GsBJQ2MF/7T8x/8ZF2CqusrmLTzb5sY5qVKlRgnguow6xnGu0QOiJdC4kgoqgAaxDwz/eIhMGkt9
hyfTkMWiMD0OfYpdhXWUHrvbzWyUNI1ouWjOoqS03LvSiT4Cq+7Xca8ETVyuBN1FZeFUxO59goqI
eKKenzPqJHcPUjkQbUBgsfKpuRXveRG+vacCt0chWUK4TEVyPzH2EDH0kiQh6dsVizKrHUihh5K/
BhZNqzyBW7G5vbxq4wBz7cLDskfqTsOnHRsAlYmNsXO2wV1LQ2f04F+FHIzZ+IWaO86cxTPMtA==
-----END NEW CERTIFICATE REQUEST-----

To decode a CSR such as this one we need to:

• remove the lines -----BEGIN NEW CERTIFICATE REQUEST----- and -----END NEW CERTIFICATE REQUEST----- from the top and bottom,
• convert the remaining characters from Base64 into a byte array.
• pass the resulting byte array to Pkcs10CertificateRequest.

Here's some code that decodes a CSR and prints out the subject name:

    string csr = "....";

    char[] characters =
        csr.Replace("-----BEGIN NEW CERTIFICATE REQUEST-----", "")
        .Replace("-----END NEW CERTIFICATE REQUEST-----", "")
        .ToCharArray();

    byte[] csrEncode = Convert.FromBase64CharArray(characters, 0, characters.Length);
    Pkcs10CertificationRequest decodedCsr = new Pkcs10CertificationRequest(csrEncode);
    Console.WriteLine(decodedCsr.GetCertificationRequestInfo().Subject);

When I run this code on my CSR above, it writes the following line of output:

C=XX,ST=Unknown,L=Nowhere,O=Testers Unlimited,OU=Test,CN=Bob