internal static AsymmetricKeyParameter GetPrivateKeyFromPEM(Org.BouncyCastle.Utilities.IO.Pem.PemObject pem) { if (pem == null) { throw new ArgumentNullException(nameof(pem)); } if (pem.Type.EndsWith("EC PRIVATE KEY")) { var sequence = Asn1Sequence.GetInstance(pem.Content); var e = sequence.GetEnumerator(); e.MoveNext(); var version = ((DerInteger)e.Current).Value; PrivateKeyInfo privateKeyInfo; if (version.IntValue == 0) //V1 { privateKeyInfo = PrivateKeyInfo.GetInstance(sequence); } else { var ec = ECPrivateKeyStructure.GetInstance(sequence); var algId = new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, ec.GetParameters()); privateKeyInfo = new PrivateKeyInfo(algId, ec.ToAsn1Object()); } return(PrivateKeyFactory.CreateKey(privateKeyInfo)); } else if (pem.Type.EndsWith("PRIVATE KEY")) { return(PrivateKeyFactory.CreateKey(pem.Content)); } return(null); }
internal static AsymmetricKeyParameter GetPrivateKeyFromPEM(Org.BouncyCastle.Utilities.IO.Pem.PemObject pem) { AsymmetricKeyParameter result = null; if (pem.Type.EndsWith("EC PRIVATE KEY")) { Asn1Sequence sequence = Asn1Sequence.GetInstance(pem.Content); IEnumerator e = sequence.GetEnumerator(); e.MoveNext(); BigInteger version = ((DerInteger)e.Current).Value; PrivateKeyInfo privateKeyInfo; if (version.IntValue == 0) //V1 { privateKeyInfo = PrivateKeyInfo.GetInstance(sequence); } else { Org.BouncyCastle.Asn1.Sec.ECPrivateKeyStructure ec = Org.BouncyCastle.Asn1.Sec.ECPrivateKeyStructure.GetInstance(sequence); AlgorithmIdentifier algId = new AlgorithmIdentifier(Org.BouncyCastle.Asn1.X9.X9ObjectIdentifiers.IdECPublicKey, ec.GetParameters()); privateKeyInfo = new PrivateKeyInfo(algId, ec.ToAsn1Object()); } result = Org.BouncyCastle.Security.PrivateKeyFactory.CreateKey(privateKeyInfo); } else if (pem.Type.EndsWith("PRIVATE KEY")) { result = Org.BouncyCastle.Security.PrivateKeyFactory.CreateKey(pem.Content); } return(result); }
/// <summary> /// get csr /// </summary> /// <param name="issuerName"></param> /// <returns></returns> public static Tuple <string, AsymmetricKeyParameter> GetCsr(string issuerName) { //generate KeyPair var keyGenerator = new ECKeyPairGenerator(); ECKeyGenerationParameters pa = new ECKeyGenerationParameters(SecObjectIdentifiers.SecP256r1, new SecureRandom()); keyGenerator.Init(pa); var keypair = keyGenerator.GenerateKeyPair(); //domain name of CSR file X509Name principal = new X509Name(string.Format("CN={0},OU=client,O=BSN", string.IsNullOrEmpty(issuerName) ? "test02@app0001202004161020152918451" : issuerName)); //load public key SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keypair.Public); CertificationRequestInfo info = new CertificationRequestInfo(principal, subjectPublicKeyInfo, new DerSet()); //signature byte[] bs = ECDSAHelper.CsrSignData(info.GetEncoded(Asn1Encodable.Der), keypair.Private, pa.DomainParameters.N); //generate csr object Pkcs10CertificationRequest p10 = new Pkcs10CertificationRequest(new CertificationRequest (info, new AlgorithmIdentifier(X9ObjectIdentifiers.ECDsaWithSha256), new DerBitString(bs)).GetEncoded()); //generate csr string Org.BouncyCastle.Utilities.IO.Pem.PemObject pemCSR = new Org.BouncyCastle.Utilities.IO.Pem.PemObject("CERTIFICATE REQUEST", p10.GetEncoded()); StringWriter str = new StringWriter(); Org.BouncyCastle.Utilities.IO.Pem.PemWriter pemCsr = new Org.BouncyCastle.Utilities.IO.Pem.PemWriter(str); pemCsr.WriteObject(pemCSR); pemCsr.Writer.Flush(); return(new Tuple <string, AsymmetricKeyParameter>(str.ToString(), keypair.Private)); }
/// <summary> /// Convert RSA pem files to <see cref="AsymmetricKeyParameter"/> /// </summary> /// <param name="pemFile">The content of the file. (NOT THE FILE NAME)</param> /// <returns>The key to use in bouncy castle</returns> public static AsymmetricKeyParameter ReadAsymmetricKeyParameter(string pemFile) { using (StringReader reader = new StringReader(pemFile)) { Org.BouncyCastle.OpenSsl.PemReader pr = new Org.BouncyCastle.OpenSsl.PemReader(reader); Org.BouncyCastle.Utilities.IO.Pem.PemObject po = pr.ReadPemObject(); return(PublicKeyFactory.CreateKey(po.Content)); } }
private static string ConvertRSAPemToString(Org.BouncyCastle.Utilities.IO.Pem.PemObject key) { TextWriter textWriter = new StringWriter(); PemWriter pemWriter = new PemWriter(textWriter); pemWriter.WriteObject(key); pemWriter.Writer.Flush(); string privateKey = textWriter.ToString(); return(privateKey); }
private static void SaveRSAPrivateKeyToFile(Org.BouncyCastle.Utilities.IO.Pem.PemObject key) { TextWriter textWriter = new StringWriter(); PemWriter pemWriter = new PemWriter(textWriter); pemWriter.WriteObject(key); pemWriter.Writer.Flush(); string privateKey = textWriter.ToString(); FileHelper.WriteFile(privateKey, FileHelper.RSAKeyPath); }
public static void SaveKey(AsymmetricKeyParameter key, string url) { Org.BouncyCastle.Asn1.Pkcs.PrivateKeyInfo privateKeyInfo = Org.BouncyCastle.Pkcs.PrivateKeyInfoFactory.CreatePrivateKeyInfo(key); Org.BouncyCastle.Utilities.IO.Pem.PemObject pemObj = new Org.BouncyCastle.Utilities.IO.Pem.PemObject("PRIVATE KEY", privateKeyInfo.ToAsn1Object().GetEncoded()); TextWriter textkey = new StringWriter(); PemWriter pemkey = new PemWriter(textkey); pemkey.WriteObject(pemObj); pemkey.Writer.Flush(); string pri = textkey.ToString(); pemkey.WriteObject(key); pemkey.Writer.Flush(); byte[] priInfoByte = System.Text.Encoding.UTF8.GetBytes(textkey.ToString()); FileStream fs = new FileStream(url, FileMode.Create, FileAccess.Write); fs.Write(priInfoByte, 0, priInfoByte.Length); fs.Close(); }
private static string EncryptPrivateKey(AsymmetricKeyParameter privateKey, string password) { // Create salts byte[] aesIv = new byte[16]; byte[] keySalt = new byte[20]; SecureRandom randomGen = new SecureRandom(); randomGen.NextBytes(aesIv); randomGen.NextBytes(keySalt); try { PrivateKeyInfo decryptedPrivateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKey); // Prepare encryption Pkcs5S2ParametersGenerator pkcs5S2Gen = new Pkcs5S2ParametersGenerator(); pkcs5S2Gen.Init(PKCS5PasswordToBytes(password.ToCharArray()), keySalt, hashIterationCount); ICipherParameters cipherParams = pkcs5S2Gen.GenerateDerivedParameters(NistObjectIdentifiers.IdAes256Cbc.Id, 256); IBufferedCipher cipher = CipherUtilities.GetCipher(NistObjectIdentifiers.IdAes256Cbc); cipher.Init(true, new ParametersWithIV(cipherParams, aesIv)); // Generate encrypted private key info Asn1OctetString aesIvOctetString = new DerOctetString(aesIv); KeyDerivationFunc keyFunction = new KeyDerivationFunc(PkcsObjectIdentifiers.IdPbkdf2, new Pbkdf2Params(keySalt, hashIterationCount)); EncryptionScheme encScheme = new EncryptionScheme(NistObjectIdentifiers.IdAes256Cbc, aesIvOctetString); Asn1EncodableVector encryptionInfo = new Asn1EncodableVector { keyFunction, encScheme }; AlgorithmIdentifier algIdentifier = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPbeS2, new DerSequence(encryptionInfo)); EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(algIdentifier, cipher.DoFinal(decryptedPrivateKeyInfo.GetEncoded())); Org.BouncyCastle.Utilities.IO.Pem.PemObject pkPemObject = new Org.BouncyCastle.Utilities.IO.Pem.PemObject("ENCRYPTED PRIVATE KEY", encryptedPrivateKeyInfo.GetEncoded()); // Write the PEM object to a string StringWriter txtWriter = new StringWriter(); PemWriter pemWriter = new PemWriter(txtWriter); pemWriter.WriteObject(pkPemObject); pemWriter.Writer.Close(); return(txtWriter.ToString()); } catch (Exception e) { throw new CryptoException("Could not encrypt private key.", e); } }
public static CertificateInfo GetCertificateInfo(byte[] certificate, TCertificateFormat certificateFormat) { CertificateInfo result = null; X509CertificateStructure cert = null; switch (certificateFormat) { case TCertificateFormat.NotSet: break; case TCertificateFormat.PEM: Org.BouncyCastle.Utilities.IO.Pem.PemReader reader = new Org.BouncyCastle.Utilities.IO.Pem.PemReader(new StreamReader(new MemoryStream(certificate))); Org.BouncyCastle.Utilities.IO.Pem.PemObject pem = reader.ReadPemObject(); while (pem != null) { if (pem.Type.EndsWith("CERTIFICATE")) { cert = X509CertificateStructure.GetInstance(pem.Content); } else if (pem.Type.EndsWith("PRIVATE KEY")) { if (result == null) { result = new CertificateInfo(); } result.PrivateKey = GetPrivateKeyFromPEM(pem); } pem = reader.ReadPemObject(); } break; case TCertificateFormat.PFX: break; case TCertificateFormat.CER: cert = X509CertificateStructure.GetInstance(certificate); break; default: break; } if (cert != null) { if (result == null) { result = new CertificateInfo(); } result.Subject = new CertificateSubject(cert); X509Certificate certX509 = new X509Certificate(cert); Asn1OctetString subjectKeyID = certX509.GetExtensionValue(X509Extensions.SubjectKeyIdentifier); if (subjectKeyID != null) { byte[] encodeKeyID = subjectKeyID.GetOctets(); byte[] keyID = new byte[encodeKeyID[1]]; Buffer.BlockCopy(encodeKeyID, 2, keyID, 0, encodeKeyID[1]); result.SubjectKeyID = keyID; } } return(result); }