/// <summary> /// Imports certificates and private keys from the specified stream. /// </summary> /// <remarks> /// <para>Imports certificates and private keys from the specified pkcs12 stream.</para> /// </remarks> /// <param name="stream">The stream to import.</param> /// <param name="password">The password to unlock the stream.</param> /// <exception cref="System.ArgumentNullException"> /// <para><paramref name="stream"/> is <c>null</c>.</para> /// <para>-or-</para> /// <para><paramref name="password"/> is <c>null</c>.</para> /// </exception> /// <exception cref="System.IO.IOException"> /// An error occurred reading the stream. /// </exception> public void Import(System.IO.Stream stream, string password) { if (stream == null) { throw new System.ArgumentNullException(nameof(stream)); } if (password == null) { throw new System.ArgumentNullException(nameof(password)); } Org.BouncyCastle.Pkcs.Pkcs12Store pkcs12 = new Org.BouncyCastle.Pkcs.Pkcs12Store(stream, password.ToCharArray()); foreach (string alias in pkcs12.Aliases) { if (pkcs12.IsKeyEntry(alias)) { Org.BouncyCastle.Pkcs.X509CertificateEntry[] chain = pkcs12.GetCertificateChain(alias); Org.BouncyCastle.Pkcs.AsymmetricKeyEntry entry = pkcs12.GetKey(alias); for (int i = 0; i < chain.Length; i++) { if (unique.Add(chain[i].Certificate)) { certs.Add(chain[i].Certificate); } } if (entry.Key.IsPrivate) { keys.Add(chain[0].Certificate, entry.Key); } } else if (pkcs12.IsCertificateEntry(alias)) { Org.BouncyCastle.Pkcs.X509CertificateEntry entry = pkcs12.GetCertificate(alias); if (unique.Add(entry.Certificate)) { certs.Add(entry.Certificate); } } } }
public static X509Certificate2 OpenCertificate(string pfxPath, string contrasenia) { var ms = new MemoryStream(File.ReadAllBytes(pfxPath)); var st = new Org.BouncyCastle.Pkcs.Pkcs12Store(ms, contrasenia.ToCharArray()); var alias = st.Aliases.Cast <string>().FirstOrDefault(p => st.IsCertificateEntry(p)); var keyEntryX = st.GetCertificate(alias); var x509 = new X509Certificate2(DotNetUtilities.ToX509Certificate(keyEntryX.Certificate)); alias = st.Aliases.Cast <string>().FirstOrDefault(p => st.IsKeyEntry(p)); var keyEntry = st.GetKey(alias); var intermediateProvider = (RSACryptoServiceProvider)DotNetUtilities.ToRSA((Org.BouncyCastle.Crypto.Parameters.RsaPrivateCrtKeyParameters)keyEntry.Key); x509.PrivateKey = intermediateProvider; return(x509); }