private void CheckPEMWriter(X509Certificate2 certificate, string password = null)
{
PEMWriter.ExportCertificateAsPEM(certificate);
if (certificate.HasPrivateKey)
{
#if NETFRAMEWORK || NETCOREAPP2_1
// The implementation based on bouncy castle has no support to export with password
password = null;
#endif
PEMWriter.ExportPrivateKeyAsPEM(certificate, password);
#if NETCOREAPP3_1_OR_GREATER
PEMWriter.ExportRSAPrivateKeyAsPEM(certificate);
#endif
}
}
public void VerifyPemWriterRSAPrivateKeys()
{
// all app certs are trusted
foreach (var appCert in m_appSelfSignedCerts)
{
var pemDataBlob = PEMWriter.ExportRSAPrivateKeyAsPEM(appCert);
var pemString = Encoding.UTF8.GetString(pemDataBlob);
TestContext.Out.WriteLine(pemString);
var cert = CertificateFactory.CreateCertificateWithPEMPrivateKey(new X509Certificate2(appCert.RawData), pemDataBlob);
Assert.NotNull(cert);
// note: password is ignored
var newCert = CertificateFactory.CreateCertificateWithPEMPrivateKey(new X509Certificate2(appCert.RawData), pemDataBlob, "password");
X509Utils.VerifyRSAKeyPair(newCert, newCert, true);
}
}