internal static PemObject LoadPemResource(string resource)
{
Stream s = SimpleTest.GetTestDataAsStream("tls." + resource);
PemReader p = new PemReader(new StreamReader(s));
PemObject o = p.ReadPemObject();
p.Reader.Close();
return o;
}
internal static AsymmetricKeyParameter ConvertPemToPrivateKey(string pem)
{
var pemReader = new PemReader(new StringReader(pem));
var key = PrivateKeyFactory.CreateKey(pemReader.ReadPemObject().Content);
return(key);
}
private static AsymmetricKeyParameter ConvertPemToPublicKey(string pem)
{
using (var stringReader = new StringReader(pem))
{
var pemReader = new PemReader(stringReader);
return(PublicKeyFactory.CreateKey(pemReader.ReadPemObject().Content));
}
}
public static PemObject LoadPemResource(string path)
{
using (var s = new StreamReader(path))
{
PemReader p = new PemReader(s);
PemObject o = p.ReadPemObject();
return(o);
}
throw new Exception("'resource' doesn't specify a valid private key");
}
private void DoWriteReadTest(
AsymmetricKeyParameter akp,
string algorithm)
{
StringWriter sw = new StringWriter();
PemWriter pw = new PemWriter(sw);
pw.WriteObject(akp, algorithm, testPassword, random);
pw.Writer.Close();
string data = sw.ToString();
PemReader pr = new PemReader(new StringReader(data), new Password(testPassword));
AsymmetricCipherKeyPair kp = pr.ReadObject() as AsymmetricCipherKeyPair;
if (kp == null || !kp.Private.Equals(akp))
{
Fail("Failed to read back test key encoded with: " + algorithm);
}
}
private void DoWriteReadTest(
AsymmetricKeyParameter akp)
{
StringWriter sw = new StringWriter();
PemWriter pw = new PemWriter(sw);
pw.WriteObject(akp);
pw.Writer.Close();
string data = sw.ToString();
PemReader pr = new PemReader(new StringReader(data));
AsymmetricCipherKeyPair kp = pr.ReadObject() as AsymmetricCipherKeyPair;
if (kp == null || !kp.Private.Equals(akp))
{
Fail("Failed to read back test key");
}
}
public void LoadCertificateFromPem(Stream stream)
{
List<byte[]> chain = new List<byte[]>();
PemReader reader = new PemReader(new StreamReader(stream));
PemObject pem = reader.ReadPemObject();
while (pem != null)
{
if (pem.Type.EndsWith("CERTIFICATE"))
{
chain.Add(pem.Content);
}
else if (pem.Type.EndsWith("PRIVATE KEY"))
{
_PrivateKey = Certificates.GetPrivateKeyFromPEM(pem);
}
pem = reader.ReadPemObject();
}
_Certificate = new Certificate();
_Certificate.CertChain = chain;
_Certificate.CertificateType = TCertificateType.X509;
}
private static string[] keysFromPem(string pem)
{
checkValidPEM (pem);
StringReader stringReader = new StringReader (pem);
PemReader pemReader = new PemReader (stringReader);
PemObject pemObj = pemReader.ReadPemObject ();
string DERfromPEM = BitCoinSharp.Utils.BytesToHexString (pemObj.Content);
string uncompPubKey = DERfromPEM.Substring (DERfromPEM.Length - 128);
string compPubKey = compPubKeyFromUncompPubKey (uncompPubKey);
string privKey = DERfromPEM.Substring (14, 64);
compPubKey = checkHas64 (compPubKey);
privKey = checkHas64 (privKey);
string[] keyInfo = {uncompPubKey.ToUpper (), compPubKey.ToUpper (), privKey.ToUpper ()};
return keyInfo;
}
internal static AsymmetricKeyParameter ConvertPemToPrivateKey(string pem)
{
var pemReader = new PemReader(new StringReader(pem));
var key = PrivateKeyFactory.CreateKey(pemReader.ReadPemObject().Content);
return key;
}
private static AsymmetricKeyParameter ConvertPemToPublicKey(string pem)
{
using (var stringReader = new StringReader(pem))
{
var pemReader = new PemReader(stringReader);
return PublicKeyFactory.CreateKey(pemReader.ReadPemObject().Content);
}
}
private string GenerateX509Cert(string publicKey, string x509Subject)
{
Asn1Sequence asn1Sequence = null;
using (var reader = new StringReader(publicKey))
{
// Read the RSA public key from the input string.
var pemReader = new PemReader(reader);
var pemObject = pemReader.ReadPemObject();
asn1Sequence = (Asn1Sequence)Asn1Object.FromByteArray(pemObject.Content);
}
// Generate a TBS certificate. We use placeholder-like values since
// the consumer of this certificate should only use the subject
// public key info.
var tbsCertGen = new V3TbsCertificateGenerator();
tbsCertGen.SetSerialNumber(new DerInteger(1));
var signatureAlgId = new AlgorithmIdentifier(PkcsObjectIdentifiers.Sha1WithRsaEncryption, DerNull.Instance);
tbsCertGen.SetSignature(signatureAlgId);
tbsCertGen.SetIssuer(new X509Name("CN=Root Agency"));
var dateTimeNow = DateTime.Now;
tbsCertGen.SetStartDate(new Time(dateTimeNow.AddMinutes(-10)));
tbsCertGen.SetEndDate(new Time(dateTimeNow.AddYears(1))); // Openssh key doesn`t have any start/end date, this is to satisfy RDFE
tbsCertGen.SetSubject(new X509Name(x509Subject));
tbsCertGen.SetSubjectPublicKeyInfo(new SubjectPublicKeyInfo(new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance), asn1Sequence));
var tbsCert = tbsCertGen.GenerateTbsCertificate();
// Per RFC 3280, the layout of an X.509 v3 certificate looks like:
// Certificate ::= SEQUENCE {
// tbsCertificate TBSCertificate,
// signatureAlgorithm AlgorithmIdentifier,
// signatureValue BIT STRING
// }
// Since we don't have access to the private key, we cannot create
// a signature for the TBS. However, a valid certificate requires
// a bit string for the signature value, so we use a 0-byte array
// in its place.
Asn1EncodableVector v = new Asn1EncodableVector();
v.Add(tbsCert);
v.Add(signatureAlgId);
v.Add(new DerBitString(new byte[0]));
var derSequence = new DerSequence(v);
// Output the DER-encoded X509 certificate.
var sb = new StringBuilder();
using (var writer = new StringWriter(sb, CultureInfo.InvariantCulture))
{
var pemWriter = new PemWriter(writer);
pemWriter.WriteObject(new PemObject("CERTIFICATE", derSequence.GetEncoded()));
}
return sb.ToString();
}
