/// <summary>
/// Factory method to create a X509Certificate from a PKCS12
/// </summary>
/// <param name="bio"></param>
/// <param name="password"></param>
/// <returns></returns>
public static X509Certificate FromPKCS12(BIO bio, string password)
{
using (PKCS12 p12 = new PKCS12(bio, password))
{
return(p12.Certificate);
}
}
public void CanCreatePKCS12() {
using (BIO bio = new BIO(LoadBytes(Resources.ServerPfx))) {
using (var pfx = new PKCS12(bio, password)) {
using (var new_pfx = new PKCS12(password, pfx.PrivateKey, pfx.Certificate, pfx.CACertificates)) {
TestCert(new_pfx.Certificate, "CN=localhost", "CN=Root", 1235);
}
}
}
}
/// <summary>
/// Writes the specified Certificate and Crypto key out to the file defined in the fileName parameter. This
/// file is protected with the specified password. The password is optional.
/// </summary>
/// <param name="fileName">The file name and path of the pfx file to be created.</param>
/// <param name="password">The password to be put on the pfx file if any.</param>
/// <param name="cryptoKey">The CryptoKey containing the private key that belongs to the certificate parameter.</param>
/// <param name="certificate">The certificate to write to file.</param>
public static void WritePfxToFile(string fileName, string password, CryptoKey cryptoKey, X509Certificate certificate)
{
if (cryptoKey == null)
{
throw new ArgumentNullException("cryptoKey", "CryptoKey is null");
}
if (certificate == null)
{
throw new ArgumentNullException("certificate", "certificate is null");
}
using (var bio = FileHelpers.Write(fileName))
using (var caStack = new OpenSSL.Core.Stack<X509Certificate>())
using (var pfx = new PKCS12(password, cryptoKey, certificate, caStack))
{
pfx.Write(bio);
}
}
/// <summary>
/// Converts a certificate and private key to a PKCS#12 (.PFX) file.
/// </summary>
public static void ConvertToPfx(Stream keyPemSource, Stream crtPemSource, Stream isrPemSource, Stream pfxTarget)
{
using (BIO keyBio = BIO.MemoryBuffer(),
crtBio = BIO.MemoryBuffer(),
isrBio = BIO.MemoryBuffer())
{
using (var ms = new MemoryStream())
{
keyPemSource.CopyTo(ms);
keyBio.Write(ms.ToArray());
}
using (var ms = new MemoryStream())
{
crtPemSource.CopyTo(ms);
crtBio.Write(ms.ToArray());
}
using (var ms = new MemoryStream())
{
isrPemSource.CopyTo(ms);
isrBio.Write(ms.ToArray());
}
using (var key = CryptoKey.FromPrivateKey(keyBio, null))
{
using (var crt = new X509Certificate(crtBio))
{
using (var isr = new X509Certificate(isrBio))
{
var isrStack = new OpenSSL.Core.Stack<X509Certificate>();
isrStack.Add(isr);
using (var pfx = new PKCS12(null, key, crt, isrStack))
{
using (var pfxBio = BIO.MemoryBuffer())
{
pfx.Write(pfxBio);
var arr = pfxBio.ReadBytes((int)pfxBio.BytesPending);
pfxTarget.Write(arr.Array, arr.Offset, arr.Count);
}
}
}
}
}
}
}
public void CanCreatePKCS12()
{
using (BIO bio = BIO.File(Paths.ServerPfx, "r")) {
using (var pfx = new PKCS12(bio, password)) {
using (var new_pfx = new PKCS12(password, pfx.PrivateKey, pfx.Certificate, pfx.CACertificates)) {
using (BIO bout = BIO.File(Paths.ServerOutPfx, "w")) {
new_pfx.Write(bout);
}
TestCert(new_pfx.Certificate, "CN=localhost", "CN=Root", 1235);
}
}
}
}