public void ConvertPfxToPem( string pfxPath, string pfxPassword, string keyPath) { using (Stream stream = File.Open(pfxPath, FileMode.Open)) { Pkcs12Store pkcs = new Pkcs12Store(stream, pfxPassword.ToCharArray()); foreach (string alias in pkcs.Aliases) { if (pkcs.IsKeyEntry(alias) && pkcs.GetKey(alias).Key.IsPrivate) { AsymmetricKeyParameter privateKey = pkcs.GetKey(alias).Key; using (Stream s = new FileStream(keyPath, FileMode.Create)) using (TextWriter textWriter = new StreamWriter(s)) { var generator = new MiscPemGenerator(privateKey); PemWriter pemWriter = new PemWriter(textWriter); pemWriter.WriteObject(generator); textWriter.Flush(); } } } } }
/// <summary> /// get csr /// </summary> /// <param name="issuerName"></param> /// <returns></returns> public static Tuple <string, AsymmetricKeyParameter> GetCsr(string issuerName) { //generate KeyPair var keyGenerator = new ECKeyPairGenerator(); ECKeyGenerationParameters pa = new ECKeyGenerationParameters(SecObjectIdentifiers.SecP256r1, new SecureRandom()); keyGenerator.Init(pa); var keypair = keyGenerator.GenerateKeyPair(); //domain name of CSR file X509Name principal = new X509Name(string.Format("CN={0},OU=client,O=BSN", string.IsNullOrEmpty(issuerName) ? "test02@app0001202004161020152918451" : issuerName)); //load public key SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keypair.Public); CertificationRequestInfo info = new CertificationRequestInfo(principal, subjectPublicKeyInfo, new DerSet()); //signature byte[] bs = ECDSAHelper.CsrSignData(info.GetEncoded(Asn1Encodable.Der), keypair.Private, pa.DomainParameters.N); //generate csr object Pkcs10CertificationRequest p10 = new Pkcs10CertificationRequest(new CertificationRequest (info, new AlgorithmIdentifier(X9ObjectIdentifiers.ECDsaWithSha256), new DerBitString(bs)).GetEncoded()); //generate csr string Org.BouncyCastle.Utilities.IO.Pem.PemObject pemCSR = new Org.BouncyCastle.Utilities.IO.Pem.PemObject("CERTIFICATE REQUEST", p10.GetEncoded()); StringWriter str = new StringWriter(); Org.BouncyCastle.Utilities.IO.Pem.PemWriter pemCsr = new Org.BouncyCastle.Utilities.IO.Pem.PemWriter(str); pemCsr.WriteObject(pemCSR); pemCsr.Writer.Flush(); return(new Tuple <string, AsymmetricKeyParameter>(str.ToString(), keypair.Private)); }
private static byte[] ExportCertificate(X509Certificate certificate, AsymmetricCipherKeyPair subjectKeyPair, TCertificateFormat certificateFormat) { byte[] result = null; switch (certificateFormat) { case TCertificateFormat.NotSet: break; case TCertificateFormat.PEM: using (MemoryStream stream = new MemoryStream()) { using (StreamWriter writer = new StreamWriter(stream)) { Org.BouncyCastle.Utilities.IO.Pem.PemWriter pemWriter = new Org.BouncyCastle.Utilities.IO.Pem.PemWriter(writer); if (subjectKeyPair.Private is ECKeyParameters) { ECPrivateKeyParameters priv = (ECPrivateKeyParameters)subjectKeyPair.Private; ECDomainParameters dp = priv.Parameters; int orderBitLength = dp.N.BitLength; Org.BouncyCastle.Asn1.Sec.ECPrivateKeyStructure ec; Org.BouncyCastle.Asn1.X9.X962Parameters x962; if (priv.PublicKeyParamSet == null) { Org.BouncyCastle.Asn1.X9.X9ECParameters ecP = new Org.BouncyCastle.Asn1.X9.X9ECParameters(dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed()); x962 = new Org.BouncyCastle.Asn1.X9.X962Parameters(ecP); } else { x962 = new Org.BouncyCastle.Asn1.X9.X962Parameters(priv.PublicKeyParamSet); } ec = new Org.BouncyCastle.Asn1.Sec.ECPrivateKeyStructure(orderBitLength, priv.D, SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(subjectKeyPair.Public).PublicKeyData, x962); pemWriter.WriteObject(new Org.BouncyCastle.Utilities.IO.Pem.PemObject("EC PRIVATE KEY", ec.GetEncoded())); } else { pemWriter.WriteObject(new Org.BouncyCastle.OpenSsl.MiscPemGenerator(subjectKeyPair.Private)); } pemWriter.WriteObject(new Org.BouncyCastle.OpenSsl.MiscPemGenerator(subjectKeyPair.Public)); pemWriter.WriteObject(new Org.BouncyCastle.OpenSsl.MiscPemGenerator(certificate)); writer.Flush(); result = stream.ToArray(); } } break; case TCertificateFormat.PFX: //Asn1Sequence asn1Sequence = Asn1Sequence.GetInstance(Asn1Object.FromByteArray(certificate.GetEncoded())); //asn1Sequence.GetObjects //Org.BouncyCastle.Asn1.Pkcs.Pfx pfx = new Org.BouncyCastle.Asn1.Pkcs.Pfx(); //Org.BouncyCastle.Asn1.Pkcs.PrivateKeyInfo info = Org.BouncyCastle.Pkcs.PrivateKeyInfoFactory.CreatePrivateKeyInfo(subjectKeyPair.Private); //result = pfx.GetEncoded(Asn1Encodable.Der); break; case TCertificateFormat.CER: result = certificate.GetEncoded(); break; default: break; } return result; }
private static byte[] ExportCertificate(X509Certificate certificate, AsymmetricCipherKeyPair subjectKeyPair, TCertificateFormat certificateFormat) { byte[] result = null; switch (certificateFormat) { case TCertificateFormat.NotSet: break; case TCertificateFormat.PEM: using (MemoryStream stream = new MemoryStream()) { using (StreamWriter writer = new StreamWriter(stream)) { Org.BouncyCastle.Utilities.IO.Pem.PemWriter pemWriter = new Org.BouncyCastle.Utilities.IO.Pem.PemWriter(writer); if (subjectKeyPair.Private is ECKeyParameters) { ECPrivateKeyParameters priv = (ECPrivateKeyParameters)subjectKeyPair.Private; ECDomainParameters dp = priv.Parameters; int orderBitLength = dp.N.BitLength; Org.BouncyCastle.Asn1.Sec.ECPrivateKeyStructure ec; Org.BouncyCastle.Asn1.X9.X962Parameters x962; if (priv.PublicKeyParamSet == null) { Org.BouncyCastle.Asn1.X9.X9ECParameters ecP = new Org.BouncyCastle.Asn1.X9.X9ECParameters(dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed()); x962 = new Org.BouncyCastle.Asn1.X9.X962Parameters(ecP); } else { x962 = new Org.BouncyCastle.Asn1.X9.X962Parameters(priv.PublicKeyParamSet); } ec = new Org.BouncyCastle.Asn1.Sec.ECPrivateKeyStructure(orderBitLength, priv.D, SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(subjectKeyPair.Public).PublicKeyData, x962); pemWriter.WriteObject(new Org.BouncyCastle.Utilities.IO.Pem.PemObject("EC PRIVATE KEY", ec.GetEncoded())); } else { pemWriter.WriteObject(new Org.BouncyCastle.OpenSsl.MiscPemGenerator(subjectKeyPair.Private)); } pemWriter.WriteObject(new Org.BouncyCastle.OpenSsl.MiscPemGenerator(subjectKeyPair.Public)); pemWriter.WriteObject(new Org.BouncyCastle.OpenSsl.MiscPemGenerator(certificate)); writer.Flush(); result = stream.ToArray(); } } break; case TCertificateFormat.PFX: //Asn1Sequence asn1Sequence = Asn1Sequence.GetInstance(Asn1Object.FromByteArray(certificate.GetEncoded())); //asn1Sequence.GetObjects //Org.BouncyCastle.Asn1.Pkcs.Pfx pfx = new Org.BouncyCastle.Asn1.Pkcs.Pfx(); //Org.BouncyCastle.Asn1.Pkcs.PrivateKeyInfo info = Org.BouncyCastle.Pkcs.PrivateKeyInfoFactory.CreatePrivateKeyInfo(subjectKeyPair.Private); //result = pfx.GetEncoded(Asn1Encodable.Der); break; case TCertificateFormat.CER: result = certificate.GetEncoded(); break; default: break; } return(result); }
public static bool ExportPrimaryAsPkcs(this IKeySet keySet, string location, Func <string> passwordPrompt) { var i = keySet.Metadata.Versions.First(it => it.Status == KeyStatus.Primary).VersionNumber; using (var key = keySet.GetKey(i)) { using (var stream = new FileStream(location, FileMode.Create)) using (var writer = new StreamWriter(stream)) { var pemWriter = new Org.BouncyCastle.Utilities.IO.Pem.PemWriter(writer); AsymmetricKeyParameter writeKey; if (!(key is IPrivateKey)) { if (key.KeyType == KeyType.DsaPub) { var dsaKey = (DsaPublicKey)key; writeKey = new DsaPublicKeyParameters(dsaKey.Y.ToBouncyBigInteger(), new DsaParameters( dsaKey.P.ToBouncyBigInteger(), dsaKey.Q.ToBouncyBigInteger(), dsaKey.G.ToBouncyBigInteger())); } else if (key is IRsaPublicKey) { var rsaKey = (IRsaPublicKey)key; writeKey = new RsaKeyParameters(false, rsaKey.Modulus.ToBouncyBigInteger(), rsaKey.PublicExponent.ToBouncyBigInteger()); } else { throw new InvalidKeyTypeException("Non exportable key type."); } pemWriter.WriteObject(new MiscPemGenerator(writeKey)); } else { if (key.KeyType == KeyType.DsaPriv) { var dsaKey = (DsaPrivateKey)key; writeKey = new DsaPrivateKeyParameters(dsaKey.X.ToBouncyBigInteger(), new DsaParameters( dsaKey.PublicKey.P.ToBouncyBigInteger(), dsaKey.PublicKey.Q.ToBouncyBigInteger(), dsaKey.PublicKey.G.ToBouncyBigInteger())); } else if (key is IRsaPrivateKey) { var rsaKey = (IRsaPrivateKey)key; writeKey = new RsaPrivateCrtKeyParameters( rsaKey.PublicKey.Modulus.ToBouncyBigInteger(), rsaKey.PublicKey.PublicExponent.ToBouncyBigInteger(), rsaKey.PrivateExponent.ToBouncyBigInteger(), rsaKey.PrimeP.ToBouncyBigInteger(), rsaKey.PrimeQ.ToBouncyBigInteger(), rsaKey.PrimeExponentP.ToBouncyBigInteger(), rsaKey.PrimeExponentQ.ToBouncyBigInteger(), rsaKey.CrtCoefficient.ToBouncyBigInteger()); } else { throw new InvalidKeyTypeException("Non exportable key type."); } pemWriter.WriteObject(new Pkcs8Generator(writeKey, Pkcs8Generator.PbeSha1_RC2_128) { Password = (passwordPrompt() ?? String.Empty).ToCharArray(), SecureRandom = Secure.Random, IterationCount = 4096 }); } } } return(true); }
public static bool ExportPrimaryAsPkcs(this IKeySet keySet, Stream stream, Func <string> passwordPrompt) { using (var key = keySet.GetPrimaryKey()) { using (var writer = new StreamWriter(stream)) { var pemWriter = new Org.BouncyCastle.Utilities.IO.Pem.PemWriter(writer); string password = null; if (key is IPrivateKey) { password = (passwordPrompt?.Invoke() ?? String.Empty); } AsymmetricKeyParameter writeKey; if (!(key is IPrivateKey) || String.IsNullOrWhiteSpace(password)) { switch (key) { case DsaPublicKey dsa: writeKey = BouncyCastleFromKey(dsa); break; case IRsaPublicKey rsa: writeKey = BouncyCastleFromKey(rsa); break; case DsaPrivateKey dsa: writeKey = BouncyCastleFromKey(dsa.PublicKey); pemWriter.WriteObject(new MiscPemGenerator(writeKey)); writeKey = BouncyCastleFromKey(dsa); break; case IRsaPrivateKey rsa: writeKey = BouncyCastleFromKey(rsa.PublicKey); pemWriter.WriteObject(new MiscPemGenerator(writeKey)); writeKey = BouncyCastleFromKey(rsa); break; default: throw new InvalidKeyTypeException("Non exportable key type."); } pemWriter.WriteObject(new MiscPemGenerator(writeKey)); } else { switch (key) { case DsaPrivateKey dsa: writeKey = BouncyCastleFromKey(dsa); break; case IRsaPrivateKey rsa: writeKey = BouncyCastleFromKey(rsa); break; default: throw new InvalidKeyTypeException("Non exportable key type."); } pemWriter.WriteObject(new Pkcs8Generator(writeKey, Pkcs8Generator.PbeSha1_RC2_128) { Password = (password)?.ToCharArray(), SecureRandom = Secure.Random, IterationCount = 4096 }); } } } return(true); }