private void LoadCertificateAndPrivateKey()
{
try
{
// Try to load existing (public key) and associated private key
appCertificate = new X509Certificate2("ServerCert.der");
cryptPrivateKey = new RSACryptoServiceProvider();
var rsaPrivParams = UASecurity.ImportRSAPrivateKey(File.ReadAllText("ServerKey.pem"));
cryptPrivateKey.ImportParameters(rsaPrivParams);
}
catch
{
// Make a new certificate (public key) and associated private key
var dn = new X500DistinguishedName("CN=Client certificate;OU=Demo organization", X500DistinguishedNameFlags.UseSemicolons);
var keyCreationParameters = new CngKeyCreationParameters()
{
KeyUsage = CngKeyUsages.AllUsages,
KeyCreationOptions = CngKeyCreationOptions.OverwriteExistingKey,
ExportPolicy = CngExportPolicies.AllowPlaintextExport
};
keyCreationParameters.Parameters.Add(new CngProperty("Length", BitConverter.GetBytes(1024), CngPropertyOptions.None));
var cngKey = CngKey.Create(CngAlgorithm2.Rsa, "KeyName", keyCreationParameters);
var certParams = new X509CertificateCreationParameters(dn)
{
StartTime = DateTime.Now,
EndTime = DateTime.Now.AddYears(10),
SignatureAlgorithm = X509CertificateSignatureAlgorithm.RsaSha1,
TakeOwnershipOfKey = true
};
appCertificate = cngKey.CreateSelfSignedCertificate(certParams);
var certPrivateCNG = new RSACng(appCertificate.GetCngPrivateKey());
var certPrivateParams = certPrivateCNG.ExportParameters(true);
File.WriteAllText("ServerCert.der", UASecurity.ExportPEM(appCertificate));
File.WriteAllText("ServerKey.pem", UASecurity.ExportRSAPrivateKey(certPrivateParams));
cryptPrivateKey = new RSACryptoServiceProvider();
cryptPrivateKey.ImportParameters(certPrivateParams);
}
}
public static RSAParameters ImportRSAPublicKey(string buf)
{
var rsa = new RSACng();
var parameters = rsa.ExportParameters(false);
var b64line = string.Join(string.Empty, buf
.Split(Environment.NewLine.ToArray())
.Where(line => !line.Trim().StartsWith("-"))
.ToArray());
var byteArr = Convert.FromBase64String(b64line);
var ms = new MemoryStream();
ms.Write(byteArr, 0, byteArr.Length);
ms.Seek(0, SeekOrigin.Begin);
using (var inputStream = new BinaryReader(ms))
{
if (inputStream.ReadByte() != 0x30)
{
return(parameters);
}
int length = DecodeLength(inputStream);
byte[] version = DecodeIntBigEndian(inputStream);
if (version.Length != 1 || version[0] != 0)
{
return(parameters);
}
parameters.Modulus = DecodeIntBigEndian(inputStream);
parameters.Exponent = DecodeIntBigEndian(inputStream);
DecodeIntBigEndian(inputStream);
DecodeIntBigEndian(inputStream);
DecodeIntBigEndian(inputStream);
DecodeIntBigEndian(inputStream);
DecodeIntBigEndian(inputStream);
DecodeIntBigEndian(inputStream);
}
return(parameters);
}