/// <summary>
/// Exports the current key in the PKCS#8 EncryptedPrivateKeyInfo format with a char-based password.
/// </summary>
/// <param name="csp"></param>
/// <param name="password">The password to use when encrypting the key material.</param>
/// <param name="pbeParameters">The password-based encryption (PBE) parameters to use when encrypting the key material.</param>
/// <returns cref="String">A PEMBase64 string containing the PKCS#8 EncryptedPrivateKeyInfo representation of this key.</returns>
/// <remarks>
/// When pbeParameters indicates an algorithm that uses PBKDF2 (Password-
/// Based Key Derivation Function 2), the password is converted to bytes via the
/// UTF-8 encoding.
/// </remarks>
/// <exception cref="CryptographicException">The key could not be exported.</exception>
public static string ExportEncryptedPkcs8PrivateKeyAsPEM(this RSACryptoServiceProvider csp, ReadOnlySpan <char> password, PbeParameters pbeParameters)
{
var result = csp.ExportEncryptedPkcs8PrivateKey(password, pbeParameters);
var base64 = Convert.ToBase64String(result).ToCharArray();
using (var sw = new StringWriter())
{
sw.Write("-----BEGIN ENCRYPTED PRIVATE KEY-----\n");
for (var i = 0; i < base64.Length; i += 64)
{
sw.Write(base64, i, Math.Min(64, base64.Length - i));
sw.Write('\n');
}
sw.Write("-----END ENCRYPTED PRIVATE KEY-----");
return(sw.ToString());
}
}
