private static RSA GetDefaultRsaKey()
{
var rsa = RSACng.Create();
rsa.FromXmlString(@"<RSAKeyValue>
<Modulus>w7ClTEFNtbi5pnTrF7sN5weE/0L/B5/A9yY7saDpbyRPLJQ5fFfW0scwL/904r/EQ+KFtVOPH7mZQEDR393gzjbN6mx8/LIIVtfxVPmUD9zmOy8MOiO5PZg5m2C2AT/LI09R7/VESaOOV5mh8/UoT4mfI3fsI1pjwDsOmHFvOaE=</Modulus>
<Exponent>AQAB</Exponent>
<P>9yckheLIFkn4HHxNw4+wb80CMGUI3Hy69Qaft6n7OfXsMTzVxnq+VOc8JWaW7Jlecv5ZFfd3iFFbRIRnqu0ddw==</P>
<Q>yrHoctrSXraYhEIy2rykYacuLrF3GCnir8pQ6v8Do2TzXWqOFEF8OyN2FzjqPyBWpo17vCbWZAJfLDk1YFNHpw==</Q>
<DP>eJdvuaf6qu1ykyuPofD1TMfB3q0dkr+FVVLjEXFt9Ezq7udZA1wWjES7UyBoWY9Hx2IVQ6OYfjn8B0V3c634Zw==</DP>
<DQ>qoxNQK68CXNsGwS0U3Ycfgo0ApfR1GQR18XMlh4iio37c2Ofzo1XIU9yIpICD0F/hz5OmX64L4gLWmN8dOM9yw==</DQ>
<InverseQ>sNtg7hiG+w3XyEOkmjeLzw1aQWR4dlmKFBKKZoXo40fE0U3k1eUjPZllBmkBw+1EfGH1mm/fpPJ+58KrnHpxXw==</InverseQ>
<D>XAABRn9xJF0LUvmmyQpU9+euHEAIHDJ8CvW7nL/03x6n5mJtQEsfoQqqWfZ0omHbyLqHd/8ny5d7OB0BTolGtXjK4g4XzPy6WfL7f6DGcWZpIDIy6WxWCkLqU1N0VEmpVAERbTrP+p6HBshabVLMH+lO+muzAIN1HvPF7NtWau0=</D>
</RSAKeyValue>");
return(rsa);
}
public static string Encrypt(this string text, string key)
{
var keyBytes = Convert.FromBase64String(key);
var rsa = RSACng.Create();
//var rsa = new RSACryptoServiceProvider();
rsa.ImportSubjectPublicKeyInfo(keyBytes, out int _);
var encryptedBytes = rsa.Encrypt(
Encoding.UTF8.GetBytes(text),
RSAEncryptionPadding.OaepSHA256);
return(Convert.ToBase64String(encryptedBytes));
}
/// <summary>対称アルゴリズム暗号化サービスプロバイダ生成</summary>
/// <param name="easa">EnumASymmetricAlgorithm</param>
/// <param name="certificateFilePath">X.509証明書(*.pfx, *.cer)へのパス</param>
/// <param name="password">パスワード</param>
/// <param name="flag">X509KeyStorageFlags</param>
/// <returns>AsymmetricAlgorithm</returns>
public static AsymmetricAlgorithm CreateCryptographySP(EnumASymmetricAlgorithm easa,
string certificateFilePath = "", string password = "",
X509KeyStorageFlags flag = X509KeyStorageFlags.DefaultKeySet)
{
AsymmetricAlgorithm asa = null;
if (easa == EnumASymmetricAlgorithm.X509)
{
// X.509対応
X509Certificate2 x509Key = new X509Certificate2(certificateFilePath, password, flag);
if (string.IsNullOrEmpty(password))
{
asa = x509Key.PublicKey.Key;
}
else
{
asa = x509Key.PrivateKey;
}
}
else
{
if (easa == EnumASymmetricAlgorithm.RsaCsp)
{
// RSACryptoServiceProviderサービスプロバイダ
asa = RSACryptoServiceProvider.Create(); // devps(1703)
}
#if !NET45
else if (easa == EnumASymmetricAlgorithm.RsaCng)
{
// RSACngサービスプロバイダ
asa = RSACng.Create(); // devps(1703)
}
#endif
#if NETSTD
else if (easa == EnumASymmetricAlgorithm.RsaOpenSsl)
{
// RSAOpenSslサービスプロバイダ
asa = RSAOpenSsl.Create(); // devps(1703)
}
#endif
}
return(asa);
}
//Se crea un certificado autofirmado nuevo,
//se almacena en un archivo pfx con la clave privada y un cer con la pública
private static X509Certificate2 CreateCertificate(string nombreArchivo, string password)
{
var ecdsa = RSACng.Create(); // generate asymmetric key pair
CertificateRequest req = new CertificateRequest("cn=dian", ecdsa, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
X509Certificate2 cert = req.CreateSelfSigned(DateTimeOffset.Now, DateTimeOffset.Now.AddYears(1));
cert.FriendlyName = "usuario";
// Create PFX (PKCS #12) with private key
File.WriteAllBytes(nombreArchivo + ".pfx", cert.Export(X509ContentType.Pfx, password));
// Create Base 64 encoded CER (public key only)
File.WriteAllText(nombreArchivo + ".cer",
"-----BEGIN CERTIFICATE-----\r\n"
+ Convert.ToBase64String(cert.Export(X509ContentType.Cert), Base64FormattingOptions.InsertLineBreaks)
+ "\r\n-----END CERTIFICATE-----");
return(cert);
}
