public RSA GetOrCreateKey(string keyName)
{
var rsa = new RSACryptoServiceProvider(2048);
var keyFileName = Path.Combine(basePath, $"{keyName}.pem");
Debug.WriteLine(keyFileName);
if (File.Exists(keyFileName))
{
Verbose($"using existing key file {keyFileName}");
var keyXml = File.ReadAllText(keyFileName);
var privateKey = RSAPrivateKey.ParsePem(keyXml);
rsa.ImportParameters(privateKey.Key);
}
else
{
var privateKey = new RSAPrivateKey(rsa.ExportParameters(true));
Verbose($"writing new key to file {keyFileName}");
var pemEncodedPrivateKey = privateKey.ToPemString();
File.WriteAllText(keyFileName, pemEncodedPrivateKey);
}
return(rsa);
}
public void Can_read_jwt_base64url_encoded_key()
{
var key = RSAPrivateKey.ParsePem(jwtPrivateKey).Key;
Assert.Equal(@"{
""D"": ""D+onAtVye4ic7VR7V50DF9bOnwRwNXrARcDhq9LWNRrRGElESYYTQ6EbatXS3MCyjjX2eMhu/aF5YhXBwkppwxg+EOmXeh+MzL7Zh284OuPbkglAaGhV9bb6/5CpuGb1esyPbYW+Ty2PC0GSZfIXkXs76jXAu9TOBvD0ybc2Ylk="",
""DP"": ""ZZ2XIpsitLyPpuiMOvBbzPavd4gY6Z8KWrfYzJoI/Q9FuBo6rKwl4BFoToD7WIUS+hpkagwWiz+6zLoX1dbOZw=="",
""DQ"": ""CmH5fSSjAkLRi54PKJ8TFUeOP15h9sQzydI8zJU+upvDEKZsZc/UhT/SySDOxQ4G/523Y0sz/OZtSWcol/UMgQ=="",
""Exponent"": ""AQAB"",
""InverseQ"": ""Lesy++GdvoIDLfJX5GBQpuFgFenRiRDabxrE9MNUZ2aPFaFp+DyAe+b4nDwuJaW2LURbr8AEZga7oQj0uYxcYw=="",
""Modulus"": ""3ZWrUY0Y6IKN1qI4BhxR2C7oHVFgGPYkd38uGq1jQNSqEvJFcN93CYm16/G78FAFKWqwsJb3Wx+nbxDn6LtP4AhULB1H0K0g7/jLklDAHvI8yhOKlvoyvsUFPWtNxlJyh5JJXvkNKV/4Oo12e69f8QCuQ6NpEPl+cSvXIqUYBCs="",
""P"": ""8sINkf+7d0NjhNvsqN/NgiyXa5Ui1UTlisG+LW9j44WOFwMFfHdb8tEXp8UwfiuTLue7lUkx7azCtBgLRa/N9w=="",
""Q"": ""6avx20OHo61Yela/4k5kQDtjEf1N0LfI+BcWZtxsS3jDM3i1Hp0KSu5rsCPb8acJo5RO26gGVrfAsDcIXKC+bQ==""
}", JsonConvert.SerializeObject(new
{
key.D,
key.DP,
key.DQ,
key.Exponent,
key.InverseQ,
key.Modulus,
key.P,
key.Q
}, Formatting.Indented));
}
public void Can_read_a_private_key_from_a_PEM_file()
{
var rsa = RSAPrivateKey.ParsePem(new MemoryStream(Encoding.ASCII.GetBytes(TestPrivateKey)));
// Assert
rsa.Key.Exponent.Should().Equal(1, 0, 1);
rsa.Key.Modulus.Length.Should().Be(256);
rsa.Key.Modulus[0].Should().Be(0xb2);
rsa.Key.Modulus[255].Should().Be(0xab);
rsa.Key.P.Length.Should().Be(128);
}
private static RSA GetPrivateKey()
{
var key = RSAPrivateKey.ParsePem(@"-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQDdlatRjRjogo3WojgGHFHYLugdUWAY9iR3fy4arWNA1KoS8kVw33cJibXr8bvwUAUparCwlvdbH6dvEOfou0/gCFQsHUfQrSDv+MuSUMAe8jzKE4qW+jK+xQU9a03GUnKHkkle+Q0pX/g6jXZ7r1/xAK5Do2kQ+X5xK9cipRgEKwIDAQABAoGAD+onAtVye4ic7VR7V50DF9bOnwRwNXrARcDhq9LWNRrRGElESYYTQ6EbatXS3MCyjjX2eMhu/aF5YhXBwkppwxg+EOmXeh+MzL7Zh284OuPbkglAaGhV9bb6/5CpuGb1esyPbYW+Ty2PC0GSZfIXkXs76jXAu9TOBvD0ybc2YlkCQQDywg2R/7t3Q2OE2+yo382CLJdrlSLVROWKwb4tb2PjhY4XAwV8d1vy0RenxTB+K5Mu57uVSTHtrMK0GAtFr833AkEA6avx20OHo61Yela/4k5kQDtjEf1N0LfI+BcWZtxsS3jDM3i1Hp0KSu5rsCPb8acJo5RO26gGVrfAsDcIXKC+bQJAZZ2XIpsitLyPpuiMOvBbzPavd4gY6Z8KWrfYzJoI/Q9FuBo6rKwl4BFoToD7WIUS+hpkagwWiz+6zLoX1dbOZwJACmH5fSSjAkLRi54PKJ8TFUeOP15h9sQzydI8zJU+upvDEKZsZc/UhT/SySDOxQ4G/523Y0sz/OZtSWcol/UMgQJALesy++GdvoIDLfJX5GBQpuFgFenRiRDabxrE9MNUZ2aPFaFp+DyAe+b4nDwuJaW2LURbr8AEZga7oQj0uYxcYw==
-----END RSA PRIVATE KEY-----");
var rsa = RSA.Create();
rsa.ImportParameters(key.Key);
return(rsa);
}
public void RSAPrivateKey_parse_and_encode_to_pem_should_result_in_equal_keys()
{
// TODO this test sometimes has a missing leading '0' byte.
var rsa = new RSACryptoServiceProvider(2048);
var rsaParameters = rsa.ExportParameters(true);
var privateKey = new RSAPrivateKey(rsaParameters);
var parsedRsaKey = RSAPrivateKey.ParsePem(privateKey.ToPemString());
Assert.Equal(rsaParameters.Exponent, parsedRsaKey.Key.Exponent);
Assert.Equal(rsaParameters.Modulus, parsedRsaKey.Key.Modulus);
Assert.Equal(rsaParameters.P, parsedRsaKey.Key.P);
Assert.Equal(rsaParameters.D, parsedRsaKey.Key.D);
Assert.Equal(rsaParameters.DP, parsedRsaKey.Key.DP);
Assert.Equal(rsaParameters.Q, parsedRsaKey.Key.Q);
Assert.Equal(rsaParameters.DQ, parsedRsaKey.Key.DQ);
Assert.Equal(rsaParameters.InverseQ, parsedRsaKey.Key.InverseQ);
}
public void Should_serialize_a_certificate_signing_request()
{
/*
* var keyManager = new FileKeyStore(Environment.CurrentDirectory);
* var rsa = keyManager.GetOrCreateKey("test.startliste.info");
* var key = rsa.ExportParameters(true);
*/
var key = RSAPrivateKey.ParsePem(@"
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAq57sJKTDY5K3w9Gf40xDhpHwyOshO2EXEg4doP4tX6+eAHUP
h04Kb3/X2jfgdQHGjTYMyv9Q0AZ5msMOUjxnxbt1GvhVih/yaDOqjysWbBXbRWFZ
5eBk6PHbYmPTVcfE9RyyNS8bp9ykZgJoU0Q1V2UxjQX5JkMJLnFxegKkw/fSZizj
IlUSjnDCP13Gs/cmualyqxlZipsSzaAuasoeIT/qanick3UL+tATIJJ8Zytacntj
Gca9ZMs6xtmvSkumEd2d6pBsIItEwRIG0+9MFb7q7yTySiewFs/+5duEpIL+K83k
IX0nB+15TsjZFnJ+6rLY+YRifjc8vVZHeFD8iwIDAQABAoIBAERetQuqGe7mqc/Y
iH5YSQRoyoh4Z45M0RCP0Azthaz7fRIIkI2iMPUXdKoKHaDveqaR9EnAqfSdx784
WtG3H849rlr2uLkkngEWKCoOC8o2cNq0fEhge0Lz6ybIxw4C3juZ2YLnh/h5JYNA
DUiywR9WgIWCbi3ogdVfO0pUmEg7IG6Q0KLPicabLwcrBKDAloBdS/q7aeFrSEIG
0Hu+CJCKPterdYbFmJ5zHFmOYvToIkX5AYT+G1EfaGx4FHly0wC1eSZIaU/krNd/
U9vdMA2gd8alcG/GwOih5RunIJoGad20hh6gLsw8KHX0s2GDlRvk2Q71cH2YEdo4
SXe7Tw0CgYEA3epZNvO/gZj/YM5ljcn6Hxf2/RscqreH2K4GM0yTp6OEOvm6Dg4t
9JOA+6YxT3Dbf8aEcWDleDcJJY4EfkL4Lqq2dn4vbF+AevVAH1Ml6/ZJwvFuqcMk
9g8FJQqO/Ul/MrFHhi4oXzg3dZPeMKZTN2ACZHiKTwzC0GtCzXdRGVUCgYEAxfsA
1CCUpgsjKvhBxLvpVqIEi5gzMarO7UvgVprvZ/0NFGkgrQC5c3Hhs5mrsf8pB1Gf
EJvTaFGGgr9o2+JzVXs9PJ1njEoelS35PUrHZ8raW2TWJQVAToCfzbylPTY0sJEl
iX++fJJa7AjgYPcriOiZbtBTZHBiqpdAKsC+Pl8CgYEAh25J3BuNuE3jLPVJTOsC
1o8NkRJGwHkZUseByTTmt9w3Crb1MTa+HREYGnwmg9DgZG6GzZrQ8DjGQEEXxOai
B/jvOglwb7co9eFOrM9VyVeZVHt7iecqW3B3N0/mS/XaxtkiSWVKBjKMxhjj9NTM
3HKfgyl9Xxjum7uaHULAH7ECgYATPwJmnMA2oBCMJdQm7umRHXD5rRMU+fjhwqWN
ZcRuRIBYApxFlTNyEJkTX5X8WMTBTGL9N1jG5F4CKd9kuM/jeHaMhPTDA5WThQOc
vL9DzMmLZvMWaDtHJmPimTsrBzD6FTIj+sIm1Ad4uKgvZPfbeFkqF6BzvCUrVkbL
oS8dWwKBgGevHLbGPIeNjrAN3YK3T0VaeB60aigK1PRb+qHL4TDngK2wG6Xy6XVd
iQoWlyFgiNQ/qJcD8dcVwT83KvogfIGb/PLZ9LLRkt4g4ZEKj76gaQIr/U/DVB2I
yXgq378FifWsRemLckRjOC+T0brxqxzqPflbe+c2AHZgMSjuRplC
-----END RSA PRIVATE KEY-----").Key;
var data = new CertificateRequestData("test.startliste.info", key)
{
C = "DE",
S = "NRW",
L = "Werther",
O = "Aero Club Bünde",
OU = ""
};
var csr = Pkcs10.Encode(data);
var der = Pkcs10.EncodeAsDer(data);
var base64 = Pkcs10.EncodeAsBase64(data);
var bytes = Asn1.Encode(csr);
Assert.Equal(
@"-----BEGIN NEW CERTIFICATE REQUEST-----
MIICZDCCAUwCAQAwHzEdMBsGA1UEAwwUdGVzdC5zdGFydGxpc3RlLmluZm8wggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrnuwkpMNjkrfD0Z/jTEOGkfDI
6yE7YRcSDh2g/i1fr54AdQ+HTgpvf9faN+B1AcaNNgzK/1DQBnmaww5SPGfFu3Ua
+FWKH/JoM6qPKxZsFdtFYVnl4GTo8dtiY9NVx8T1HLI1Lxun3KRmAmhTRDVXZTGN
BfkmQwkucXF6AqTD99JmLOMiVRKOcMI/Xcaz9ya5qXKrGVmKmxLNoC5qyh4hP+pq
eJyTdQv60BMgknxnK1pye2MZxr1kyzrG2a9KS6YR3Z3qkGwgi0TBEgbT70wVvurv
JPJKJ7AWz/7l24Skgv4rzeQhfScH7XlOyNkWcn7qstj5hGJ+Nzy9Vkd4UPyLAgMB
AAGgADANBgkqhkiG9w0BAQsFAAOCAQEALuD1Xha1+qUH1eiXlMO6xiFUtKPMnwR1
XgYf7OILUnFvG4gdE80clIKR8smLOg59nURhIzHhPRacT5jRmcbl4zruZhL8yCuV
JOacbdoV69iElZ4BODJwHmJPGajcAw89bUFLezPwRflDlVuiw8/ldAQWsyWtnKVI
n9IgTWDEDboUIrUgv+sRwEue+fOCEtVOj1X4Yi0jOCsnihzn0pQNvvU/w9Vpe5Jr
Gm1FyD6z3pdGktxJKW3ns+xYcova+2nQeSbuVFHA/OTmIckrDa87EUJNbNVWLtwo
FXTQmRtze3w5yKOadkSEyr6FG3qq+3IukRgiuxK12SsN7dE0sIO7ow==
-----END NEW CERTIFICATE REQUEST-----".Replace("\r\n", "\n"), base64);
File.WriteAllBytes(@"request.der", der);
File.WriteAllText(@"request.txt", base64);
// openssl req -in r:\request.txt -noout -text
}