// X.509からの変換
#region X.509 鍵 → ECDsaProvider(Cngkey, ECParameters) → Jwk
// X.509 は、NET47以降
#if NET45 || NET46
#else
#region *.cer
#region Jwk
/// <summary>X509CerToJwk</summary>
/// <param name="certificateFilePath">X.509鍵(*.cer)</param>
/// <param name="settings">JsonSerializerSettings</param>
/// <returns>Jwk公開鍵</returns>
public static string X509CerToJwk(
string certificateFilePath,
JsonSerializerSettings settings = null)
{
return(EccPublicKeyConverter.ParamToJwk( // *.cer is PublicKey -> ExportParameters(false)
EccPublicKeyConverter.X509CerToProvider(certificateFilePath).ExportParameters(false), settings));
}
/// <summary>X509CerToJwk</summary>
/// <param name="certificateFilePath">X.509鍵(*.pfx)</param>
/// <param name="password">string</param>
/// <param name="hashAlgorithmName">HashAlgorithmName</param>
/// <param name="settings">JsonSerializerSettings</param>
/// <returns>Jwk公開鍵</returns>
public static string X509PfxToJwk(
string certificateFilePath, string password,
HashAlgorithmName hashAlgorithmName,
JsonSerializerSettings settings = null)
{
return(EccPublicKeyConverter.ParamToJwk( // *.cer is PublicKey -> ExportParameters(false)
EccPublicKeyConverter.X509PfxToProvider(certificateFilePath, password, hashAlgorithmName).ExportParameters(false), settings));
}
/// <summary>EcParamToJwk</summary>
/// <param name="ecParams">ECParameters</param>
/// <param name="settings">JsonSerializerSettings</param>
/// <returns>Jwk公開鍵</returns>
public static string EcParamToJwk(ECParameters ecParams, JsonSerializerSettings settings)
{
Dictionary <string, string> dic = new Dictionary <string, string>();
dic[JwtConst.kty] = JwtConst.EC; // 必須
dic[JwtConst.alg] = JwtConst.ES256;
// 楕円曲線
dic[JwtConst.crv] = EccPublicKeyConverter.GetCrvStringFromECCurve(ecParams.Curve);
// Public
dic[JwtConst.x] = CustomEncode.ToBase64UrlString(ecParams.Q.X);
dic[JwtConst.y] = CustomEncode.ToBase64UrlString(ecParams.Q.Y);
// Private
dic[JwtConst.d] = CustomEncode.ToBase64UrlString(ecParams.D);
return(EccPublicKeyConverter.CreateJwkFromDictionary(dic, settings));
}
/// <summary>X509CerToECParam</summary>
/// <param name="certificateFilePath">X.509鍵(*.cer)</param>
/// <returns>ECParameters(公開鍵)</returns>
public static ECParameters X509CerToECParam(string certificateFilePath)
{
return(EccPublicKeyConverter.X509CerToProvider(
certificateFilePath).ExportParameters(false));
}
/// <summary>X509CerToCngkey</summary>
/// <param name="certificateFilePath">X.509鍵(*.cer)</param>
/// <returns>CngKey(公開鍵)</returns>
public static CngKey X509CerToCngkey(string certificateFilePath)
{
return(((ECDsaCng)EccPublicKeyConverter.X509CerToProvider(certificateFilePath)).Key);
}
/// <summary>JwkToParam</summary>
/// <param name="jwkString">string</param>
/// <returns>ECParameters(公開鍵)</returns>
public static ECParameters JwkToParam(string jwkString)
{
return(EccPublicKeyConverter.JwkToParam(
JsonConvert.DeserializeObject <JObject>(jwkString)));
}
/*
* /// <summary>CngToJwk</summary>
* /// <param name="cngkey">CngKey</param>
* /// <param name="settings">JsonSerializerSettings</param>
* /// <returns>Jwk公開鍵</returns>
* public static string CngToJwk(
* CngKey cngkey,
* JsonSerializerSettings settings = null)
* {
* EccKey eccKey = EccKey.Generate(cngkey); // ★★ この使い方が誤りらしい。
* Dictionary<string, string> dic = new Dictionary<string, string>();
*
* dic[JwtConst.kty] = JwtConst.EC; // 必須
* dic[JwtConst.alg] = JwtConst.ES256;
*
* // 楕円曲線
* dic[JwtConst.crv] = EccPublicKeyConverter.GetCrvStringFromXCoordinate(eccKey.X);
* // 公開鍵の部分
* dic[JwtConst.x] = CustomEncode.ToBase64UrlString(eccKey.X);
* dic[JwtConst.y] = CustomEncode.ToBase64UrlString(eccKey.Y);
* //if (eccKey.D != null) // 秘密鍵の部分は処理しない
* //{
* // dic[JwtConst.d] = CustomEncode.ToBase64UrlString(eccKey.D);
* //}
* return EccPublicKeyConverter.CreateJwkFromDictionary(dic, settings);
* }
*/
#endregion
#region JwkToCng
/// <summary>JwkToCng</summary>
/// <param name="jwkString">string</param>
/// <returns>CngKey(公開鍵)</returns>
public static CngKey JwkToCng(string jwkString)
{
return(EccPublicKeyConverter.JwkToCng(
JsonConvert.DeserializeObject <Dictionary <string, string> >(jwkString)));
}
/// <summary>X509PfxToParam</summary>
/// <param name="certificateFilePath">X.509鍵(*.cer)</param>
/// <param name="password">string</param>
/// <param name="hashAlgorithmName">HashAlgorithmName</param>
/// <returns>ECParameters(公開鍵)</returns>
public static ECParameters X509PfxToParam(string certificateFilePath, string password, HashAlgorithmName hashAlgorithmName)
{
return(EccPublicKeyConverter.X509PfxToProvider(certificateFilePath, password, hashAlgorithmName).ExportParameters(false));
}