public static X509Certificate2 AddPrivateKey(this Org.BouncyCastle.X509.X509Certificate cert, AsymmetricKeyParameter privateKey)
{
var keyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKey);
var seq = Asn1Object.FromByteArray(keyInfo.ParsePrivateKey().GetDerEncoded()) as Asn1Sequence;
if (seq.Count != 9)
{
throw new PemException("malformed sequence in RSA private key");
}
var rsa = RsaPrivateKeyStructure.GetInstance(seq);
var rsaParams = new RsaPrivateKeyStructure(
rsa.Modulus,
rsa.PublicExponent,
rsa.PrivateExponent,
rsa.Prime1,
rsa.Prime2,
rsa.Exponent1,
rsa.Exponent2,
rsa.Coefficient);
var store = new Pkcs12Store();
var certEntry = new X509CertificateEntry(cert);
store.SetCertificateEntry(cert.SubjectDN.ToString(), certEntry);
store.SetKeyEntry(cert.SubjectDN.ToString(), new AsymmetricKeyEntry(privateKey), new[] { certEntry });
using (var stream = new MemoryStream())
{
store.Save(stream, privateKeyPassword.ToCharArray(), new SecureRandom(new CryptoApiRandomGenerator()));
return(new X509Certificate2(stream.ToArray(), privateKeyPassword, X509KeyStorageFlags.Exportable));
}
}
private string SignToken(string payload, string name)
{
List <string> pjeset = new List <string>();
var header = new { alg = "RS256", typ = "JWT" };
byte[] headerB = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(header, Formatting.None));
byte[] payloadB = Encoding.UTF8.GetBytes(payload);
pjeset.Add(Base64UrlEncode(headerB));
pjeset.Add(Base64UrlEncode(payloadB));
string str = string.Join(".", pjeset.ToArray());
byte[] bytesToSign = Encoding.UTF8.GetBytes(str);
string path = "C://keys//" + name + ".xml";
StreamReader reader = new StreamReader(path);
string parametrat = reader.ReadToEnd();
objRSA.FromXmlString(parametrat);
byte[] key = objRSA.ExportRSAPrivateKey();
var privat = Asn1Object.FromByteArray(key);
var privatS = RsaPrivateKeyStructure.GetInstance((Asn1Sequence)privat);
ISigner nenshkrimi = SignerUtilities.GetSigner("SHA256withRSA");
nenshkrimi.Init(true, new RsaKeyParameters(true, privatS.Modulus, privatS.PrivateExponent));
nenshkrimi.BlockUpdate(bytesToSign, 0, bytesToSign.Length);
byte[] gensignature = nenshkrimi.GenerateSignature();
pjeset.Add(Base64UrlEncode(gensignature));
return(string.Join(".", pjeset.ToArray()));
}
public PemKeyPair Parse(byte[] encoding)
{
try
{
Asn1Sequence seq = Asn1Sequence.GetInstance(encoding);
if (seq.Count != 9)
{
throw new OpenSslPemParsingException("malformed sequence in RSA private key");
}
RsaPrivateKeyStructure keyStruct = RsaPrivateKeyStructure.GetInstance(seq);
RsaPublicKeyStructure pubSpec = new RsaPublicKeyStructure(
keyStruct.Modulus, keyStruct.PublicExponent);
AlgorithmIdentifier algId = new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance);
return(new PemKeyPair(new SubjectPublicKeyInfo(algId, pubSpec), new PrivateKeyInfo(algId, keyStruct)));
}
catch (IOException e)
{
throw e;
}
catch (Exception e)
{
throw new OpenSslPemParsingException(
"problem creating RSA private key: " + e.ToString(), e);
}
}
private static ICipherParameters GetPrivateKeyParameters(string privateKey)
{
var rsaPrivStructure = RsaPrivateKeyStructure.GetInstance(Convert.FromBase64String(privateKey));
return(new RsaPrivateCrtKeyParameters(rsaPrivStructure.Modulus, rsaPrivStructure.PublicExponent, rsaPrivStructure.PrivateExponent,
rsaPrivStructure.Prime1, rsaPrivStructure.Prime2, rsaPrivStructure.Exponent1, rsaPrivStructure.Exponent2, rsaPrivStructure.Coefficient));
}
public static string GetSignature(DateTime dateTime, string cfInstanceCertContent, string roleName, string cfInstanceKeyContent)
{
var formattedSigningTime = GetFormattedSigningTime(dateTime);
var stringToSign = $"{formattedSigningTime}{cfInstanceCertContent}{roleName}";
var data = Encoding.UTF8.GetBytes(stringToSign);
byte[] keyBytes;
using (var reader = new StringReader(cfInstanceKeyContent))
{
var pemReader = new PemReader(reader);
var pemObject = pemReader.ReadPemObject();
keyBytes = pemObject.Content;
}
var seq = (Asn1Sequence)Asn1Object.FromByteArray(keyBytes);
var rsa = RsaPrivateKeyStructure.GetInstance(seq);
var signer = new PssSigner(new RsaEngine(), new Sha256Digest(), 222);
signer.Init(true, new RsaKeyParameters(true, rsa.Modulus, rsa.PrivateExponent));
signer.BlockUpdate(data, 0, data.Length);
var signature = signer.GenerateSignature();
return($"v1:{Convert.ToBase64String(signature)}");
}
private static AsymmetricAlgorithm ToDotNetKey(RsaPrivateCrtKeyParameters privateKey)
{
var keyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKey);
var seq = (Asn1Sequence)Asn1Object.FromByteArray(keyInfo.ParsePrivateKey().GetDerEncoded());
if (seq.Count != 9)
{
throw new Exception("Malformed sequence in RSA private key");
}
var rsa = RsaPrivateKeyStructure.GetInstance(seq);
var rsaParams = new RsaPrivateCrtKeyParameters(
rsa.Modulus, rsa.PublicExponent, rsa.PrivateExponent,
rsa.Prime1, rsa.Prime2, rsa.Exponent1,
rsa.Exponent2, rsa.Coefficient);
var cspParams = new CspParameters
{
KeyContainerName = Guid.NewGuid().ToString(),
KeyNumber = (int)KeyNumber.Exchange,
Flags = CspProviderFlags.UseMachineKeyStore
};
return(DotNetUtilities.ToRSA(rsaParams, cspParams));
}
public string Sign(string payload, string privateKey)
{
List <string> segments = new List <string>();
var header = new { alg = "RS256", typ = "JWT" };
DateTime issued = DateTime.Now;
DateTime expire = DateTime.Now.AddHours(10);
byte[] headerBytes = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(header, Formatting.None));
byte[] payloadBytes = Encoding.UTF8.GetBytes(payload);
segments.Add(Base64UrlEncode(headerBytes));
segments.Add(Base64UrlEncode(payloadBytes));
string stringToSign = string.Join(".", segments.ToArray());
byte[] bytesToSign = Encoding.UTF8.GetBytes(stringToSign);
byte[] keyBytes = Convert.FromBase64String(privateKey);
var privKeyObj = Asn1Object.FromByteArray(keyBytes);
var privStruct = RsaPrivateKeyStructure.GetInstance((Asn1Sequence)privKeyObj);
ISigner sig = SignerUtilities.GetSigner("SHA256withRSA");
sig.Init(true, new RsaKeyParameters(true, privStruct.Modulus, privStruct.PrivateExponent));
sig.BlockUpdate(bytesToSign, 0, bytesToSign.Length);
byte[] signature = sig.GenerateSignature();
segments.Add(Base64UrlEncode(signature));
return(string.Join(".", segments.ToArray()));
}
/// <summary>Get the Private Key Provider from the Vault Private Key</summary>
/// <param name="privateKeyData">Private Key Data</param>
/// <returns>RSA Crypto Service Provider</returns>
public RSACryptoServiceProvider GetPrivateKeyProvider(byte[] privateKeyData)
{
var stream = new Asn1InputStream(privateKeyData).ReadObject();
var rsaKey = RsaPrivateKeyStructure.GetInstance(stream);
var rsaParameters = new RSAParameters
{
Modulus = rsaKey.Modulus.ToByteArrayUnsigned(),
Exponent = rsaKey.PublicExponent.ToByteArrayUnsigned(),
P = rsaKey.Prime1.ToByteArrayUnsigned(),
Q = rsaKey.Prime2.ToByteArrayUnsigned()
};
rsaParameters.D = ConvertRsaParametersField(rsaKey.PrivateExponent, rsaParameters.Modulus.Length);
rsaParameters.DP = ConvertRsaParametersField(rsaKey.Exponent1, rsaParameters.P.Length);
rsaParameters.DQ = ConvertRsaParametersField(rsaKey.Exponent2, rsaParameters.Q.Length);
rsaParameters.InverseQ = ConvertRsaParametersField(rsaKey.Coefficient, rsaParameters.Q.Length);
var cspParameters = new CspParameters
{
KeyContainerName = Constants.PrivateKeyContainerName,
Flags = CspProviderFlags.UseMachineKeyStore
};
var rsaProvider = new RSACryptoServiceProvider(cspParameters);
rsaProvider.ImportParameters(rsaParameters);
return(rsaProvider);
}
private X509CertificateCollection GetCertificate()
{
X509CertificateCollection outCertificate = new X509CertificateCollection();
X509Certificate2 x509 = null;
AsymmetricCipherKeyPair privateKey = null;
x509 = new X509Certificate2(Encoding.ASCII.GetBytes(MobileStaticVariables.ConectSettings.Certificates[0].Certificate));
var stringReader = new StringReader(MobileStaticVariables.ConectSettings.Certificates[0].PrivateKey);
var key = new PemReader(stringReader).ReadObject();
//as AsymmetricCipherKeyPair;
if (key != null)
{
privateKey = (AsymmetricCipherKeyPair)key;
}
if (privateKey != null)
{
PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKey.Private);
var seq = (Asn1Sequence)Asn1Object.FromByteArray(info.ParsePrivateKey().GetDerEncoded());
if (seq.Count != 9)
{
throw new PemException("malformed sequence in RSA private key");
}
var rsa = RsaPrivateKeyStructure.GetInstance(seq);
RsaPrivateCrtKeyParameters rsaparams = new RsaPrivateCrtKeyParameters(
rsa.Modulus, rsa.PublicExponent, rsa.PrivateExponent, rsa.Prime1, rsa.Prime2, rsa.Exponent1, rsa.Exponent2, rsa.Coefficient);
x509.PrivateKey = DotNetUtilities.ToRSA(rsaparams);
//Logger.WriteLine("Certificates : " + x509.GetCertHashString() + " hash class : " + this.GetHashCode());
outCertificate.Add(x509);
}
return(outCertificate);
}
/// <summary>
/// Convert RSA private key bytes to RSA parameters
/// </summary>
/// <param name="bytes">input</param>
/// <returns>RSA private key parameters</returns>
public static RsaPrivateCrtKeyParameters UnmarshalPKCS1PrivateKey(byte[] bytes)
{
var obj = Asn1Object.FromByteArray(bytes);
var pk = RsaPrivateKeyStructure.GetInstance(obj);
return(new RsaPrivateCrtKeyParameters(pk.Modulus, pk.PublicExponent, pk.PrivateExponent, pk.Prime1,
pk.Prime2, pk.Exponent1, pk.Exponent2, pk.Coefficient));
}
/// <summary>
/// Loads RSA private key.
/// </summary>
/// <param name="key">RSA private key DER encoded.</param>
/// <returns>RSA Private Key</returns>
public static RsaPrivateCrtKeyParameters LoadPrivateKey(byte[] key)
{
var algorithm = new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance);
var privateKeyStructure = RsaPrivateKeyStructure.GetInstance(Asn1Sequence.GetInstance(key));
var privateKeyInfo = new PrivateKeyInfo(algorithm, privateKeyStructure);
return(PrivateKeyFactory.CreateKey(privateKeyInfo) as RsaPrivateCrtKeyParameters);
}
public static TlsSignerCredentials Get(
TlsContext tlsContext,
IList supportedSignatureAlgorithms,
string certificateResource,
string keyResource
)
{
foreach (SignatureAndHashAlgorithm signatureAndHashAlgorithm in supportedSignatureAlgorithms)
{
if (signatureAndHashAlgorithm.Signature == SignatureAlgorithm.rsa)
{
var certificateResources = new[] { certificateResource, "x509-ca.pem" };
var certificateStructures = new X509CertificateStructure[certificateResources.Length];
for (int i = 0; i < certificateResources.Length; ++i)
{
using (var stream = new StreamReader(certificateResources[i])) {
var certificatePemObject = new PemReader(stream).ReadPemObject();
if (certificatePemObject.Type.EndsWith("CERTIFICATE"))
{
certificateStructures[i] = X509CertificateStructure.GetInstance(certificatePemObject.Content);
}
}
}
var certificate = new Certificate(certificateStructures);
AsymmetricKeyParameter privateKey;
using (var stream = new StreamReader(keyResource)) {
var privateKeyPemObject = new PemReader(stream).ReadPemObject();
if (privateKeyPemObject.Type.EndsWith("RSA PRIVATE KEY"))
{
var rsa = RsaPrivateKeyStructure.GetInstance(privateKeyPemObject.Content);
privateKey = new RsaPrivateCrtKeyParameters(
rsa.Modulus,
rsa.PublicExponent,
rsa.PrivateExponent,
rsa.Prime1,
rsa.Prime2,
rsa.Exponent1,
rsa.Exponent2,
rsa.Coefficient);
}
else if (privateKeyPemObject.Type.EndsWith("PRIVATE KEY"))
{
privateKey = PrivateKeyFactory.CreateKey(privateKeyPemObject.Content);
}
else
{
throw new InvalidOperationException($"\"{keyResource}\" doesn't specify a valid private key");
}
}
return(new DefaultTlsSignerCredentials(tlsContext, certificate, privateKey, signatureAndHashAlgorithm));
}
}
return(null);
}
public byte[] ComputeRS256(byte[] toBeHashed, byte[] key)
{
var privKeyObj = Asn1Object.FromByteArray(key);
var privStruct = RsaPrivateKeyStructure.GetInstance((Asn1Sequence)privKeyObj);
ISigner sig = SignerUtilities.GetSigner("SHA256withRSA");
sig.Init(true, new RsaKeyParameters(true, privStruct.Modulus, privStruct.PrivateExponent));
sig.BlockUpdate(toBeHashed, 0, toBeHashed.Length);
return(sig.GenerateSignature());
}
private static RsaPrivateKeyStructure ParsePrivateKey(PrivateKeyInfo privateKeyInfo)
{
try
{
return(RsaPrivateKeyStructure.GetInstance(privateKeyInfo.ParsePrivateKey()));
}
catch (Exception e)
{
throw new ArgumentException("Unable to parse private key: " + e.Message, e);
}
}
/// <summary>
/// -----BEGIN RSA PRIVATE KEY-----
/// ...
/// -----END RSA PRIVATE KEY-----
/// </summary>
/// <param name="privateKey">Pkcs1格式私钥</param>
/// <returns></returns>
public static AsymmetricKeyParameter GetAsymmetricKeyParameterFormPrivateKey(string privateKey)
{
if (string.IsNullOrEmpty(privateKey))
{
throw new ArgumentNullException(nameof(privateKey));
}
var instance = RsaPrivateKeyStructure.GetInstance(Base64.Decode(privateKey));
return(new RsaPrivateCrtKeyParameters(instance.Modulus, instance.PublicExponent, instance.PrivateExponent, instance.Prime1, instance.Prime2, instance.Exponent1, instance.Exponent2, instance.Coefficient));
}
/// <summary>
/// -----BEGIN RSA PRIVATE KEY-----
/// ...
/// -----END RSA PRIVATE KEY-----
/// </summary>
/// <param name="privateKey"></param>
/// <returns></returns>
public static AsymmetricKeyParameter GetAsymmetricKeyParameterFormRsaPrivateKey(string privateKey)
{
if (string.IsNullOrEmpty(privateKey))
{
throw new ArgumentNullException(nameof(privateKey));
}
var key = RsaPrivateKeyStructure.GetInstance(Convert.FromBase64String(privateKey));
return(new RsaPrivateCrtKeyParameters(key.Modulus, key.PublicExponent, key.PrivateExponent, key.Prime1, key.Prime2, key.Exponent1, key.Exponent2, key.Coefficient));
}
/// <summary>
/// 从Pkcs1私钥中提取公钥
/// </summary>
/// <param name="privateKey">Pkcs1私钥</param>
/// <returns></returns>
public static string GetPublicKeyFromPrivateKeyPkcs1(string privateKey)
{
var instance = RsaPrivateKeyStructure.GetInstance(Base64.Decode(privateKey));
var publicParameter = (AsymmetricKeyParameter) new RsaKeyParameters(false, instance.Modulus, instance.PublicExponent);
var privateParameter = (AsymmetricKeyParameter) new RsaPrivateCrtKeyParameters(instance.Modulus, instance.PublicExponent, instance.PrivateExponent, instance.Prime1, instance.Prime2, instance.Exponent1, instance.Exponent2, instance.Coefficient);
var keyPair = new AsymmetricCipherKeyPair(publicParameter, privateParameter);
var subjectPublicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyPair.Public);
return(Base64.ToBase64String(subjectPublicKeyInfo.GetEncoded()));
}
private static X509Certificate2 GenerateX509WithPrivateKey(
AsymmetricCipherKeyPair keyPair,
X509Certificate bcCert)
{
var privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(keyPair.Private);
var asn1Seq = (Asn1Sequence)Asn1Object.FromByteArray(
privateKeyInfo.ParsePrivateKey().GetDerEncoded());
var rsaPrivateKeyStruct = RsaPrivateKeyStructure.GetInstance(asn1Seq);
var rsa = DotNetUtilities.ToRSA(rsaPrivateKeyStruct);
var x509Cert = new X509Certificate2(bcCert.GetEncoded());
return(x509Cert.CopyWithPrivateKey(rsa));
}
/// <summary>
///
/// PrivateKeyWrapper
///
/// Extracts Modulus and Exponent of a private key.
/// Support for PEM format (unencrypted).
///
/// </summary>
/// <param name="key">Private Key in PEM Format</param>
/// <returns>PrivateKeyWrapper</returns>
public static PrivateKeyWrapper CreatePrivateKeyWrapper(string key)
{
var keyStruct = RsaPrivateKeyStructure
.GetInstance(
(Asn1Sequence)Asn1Object
.FromByteArray(Convert
.FromBase64String(CommonHelpers.RemoveHeaderFooterFromKey(key)))
);
return(new PrivateKeyWrapper
{
Modulus = keyStruct.Modulus,
Exponent = keyStruct.PrivateExponent
});
}
internal static RSAParameters GetRSAParametersFormPrivateKey(string privateKey)
{
var keyStructure = RsaPrivateKeyStructure.GetInstance(Convert.FromBase64String(privateKey));
return(new RSAParameters
{
Modulus = keyStructure.Modulus.ToByteArrayUnsigned(),
Exponent = keyStructure.PublicExponent.ToByteArrayUnsigned(),
D = keyStructure.PrivateExponent.ToByteArrayUnsigned(),
P = keyStructure.Prime1.ToByteArrayUnsigned(),
Q = keyStructure.Prime2.ToByteArrayUnsigned(),
DP = keyStructure.Exponent1.ToByteArrayUnsigned(),
DQ = keyStructure.Exponent2.ToByteArrayUnsigned(),
InverseQ = keyStructure.Coefficient.ToByteArrayUnsigned(),
});
}
/// <summary>Get the Private Key Provider from the Vault Private Key</summary>
/// <param name="privateKeyData">Private Key Data</param>
/// <returns>RSA Crypto Service Provider</returns>
public RSACryptoServiceProvider GetPrivateKeyProvider(byte[] privateKeyData)
{
var stream = new Asn1InputStream(privateKeyData).ReadObject();
var privateKeyStructure = RsaPrivateKeyStructure.GetInstance(stream);
var rsaParameters = DotNetUtilities.ToRSAParameters(privateKeyStructure);
var cspParameters = new CspParameters
{
KeyContainerName = Constants.PrivateKeyContainerName
};
var rsaProvider = new RSACryptoServiceProvider(cspParameters);
rsaProvider.ImportParameters(rsaParameters);
return(rsaProvider);
}
public static void ExportPrivateKey(AsymmetricKeyParameter privKey, TextWriter outputStream)
{
PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privKey);
var seq = (Asn1Sequence)Asn1Object.FromByteArray(info.ParsePrivateKey().GetDerEncoded());
if (seq.Count != 9)
{
throw new PemException("Malformed sequence in RSA private key");
}
var rsa = RsaPrivateKeyStructure.GetInstance(seq);
var parameters = new RsaPrivateCrtKeyParameters(rsa.Modulus, rsa.PublicExponent, rsa.PrivateExponent,
rsa.Prime1, rsa.Prime2, rsa.Exponent1,
rsa.Exponent2, rsa.Coefficient);
using (var stream = new MemoryStream())
{
var writer = new BinaryWriter(stream);
writer.Write((byte)0x30); // SEQUENCE
using (var innerStream = new MemoryStream())
{
var innerWriter = new BinaryWriter(innerStream);
EncodeIntegerBigEndian(innerWriter, new byte[] { 0x00 }); // Version
EncodeIntegerBigEndian(innerWriter, parameters.Modulus.ToByteArray());
EncodeIntegerBigEndian(innerWriter, parameters.PublicExponent.ToByteArray());
EncodeIntegerBigEndian(innerWriter, parameters.Exponent.ToByteArray());
EncodeIntegerBigEndian(innerWriter, parameters.P.ToByteArray());
EncodeIntegerBigEndian(innerWriter, parameters.Q.ToByteArray());
EncodeIntegerBigEndian(innerWriter, parameters.DP.ToByteArray());
EncodeIntegerBigEndian(innerWriter, parameters.DQ.ToByteArray());
EncodeIntegerBigEndian(innerWriter, parameters.QInv.ToByteArray());
var length = (int)innerStream.Length;
EncodeLength(writer, length);
writer.Write(innerStream.GetBuffer(), 0, length);
}
var base64 = Convert.ToBase64String(stream.GetBuffer(), 0, (int)stream.Length).ToCharArray();
outputStream.WriteLine("-----BEGIN RSA PRIVATE KEY-----");
// Output as Base64 with lines chopped at 64 characters
for (var i = 0; i < base64.Length; i += 64)
{
outputStream.WriteLine(base64, i, Math.Min(64, base64.Length - i));
}
outputStream.WriteLine("-----END RSA PRIVATE KEY-----");
}
}
/// <summary>
/// Converts to RSA private key.
/// </summary>
/// <param name="keyPair">The key pair.</param>
/// <returns></returns>
/// <exception cref="PemException">malformed sequence in RSA private key.</exception>
private static AsymmetricAlgorithm ConvertToRsaPrivateKey(AsymmetricCipherKeyPair keyPair)
{
var keyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(keyPair.Private);
var seq = (Asn1Sequence)Asn1Object.FromByteArray(keyInfo.ParsePrivateKey().GetDerEncoded());
if (seq.Count != 9)
{
throw new PemException("malformed sequence in RSA private key");
}
var rsa = RsaPrivateKeyStructure.GetInstance(seq);
var rsaparams = new RsaPrivateCrtKeyParameters(
rsa.Modulus, rsa.PublicExponent, rsa.PrivateExponent, rsa.Prime1, rsa.Prime2, rsa.Exponent1,
rsa.Exponent2, rsa.Coefficient);
return(DotNetUtilities.ToRSA(rsaparams));
}
internal static AsymmetricKeyParameter LoadPrivateKeyResource(string resource)
{
PemObject pem = LoadPemResource(resource);
if (pem.Type.EndsWith("RSA PRIVATE KEY"))
{
RsaPrivateKeyStructure rsa = RsaPrivateKeyStructure.GetInstance(pem.Content);
return(new RsaPrivateCrtKeyParameters(rsa.Modulus, rsa.PublicExponent,
rsa.PrivateExponent, rsa.Prime1, rsa.Prime2, rsa.Exponent1,
rsa.Exponent2, rsa.Coefficient));
}
if (pem.Type.EndsWith("PRIVATE KEY"))
{
return(PrivateKeyFactory.CreateKey(pem.Content));
}
throw new ArgumentException("doesn't specify a valid private key", "resource");
}
public static void MergePrivateKey(X509Certificate2 certificate, AsymmetricKeyParameter keyPrivate)
{
// correcponding private key
var info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(keyPrivate);
var seq = (Asn1Sequence)Asn1Object.FromByteArray(info.ParsePrivateKey().GetDerEncoded());
if (seq.Count != 9)
{
throw new PemException("malformed sequence in RSA private key");
}
var rsa = RsaPrivateKeyStructure.GetInstance(seq);
var rsaparams = new RsaPrivateCrtKeyParameters(
rsa.Modulus, rsa.PublicExponent, rsa.PrivateExponent, rsa.Prime1, rsa.Prime2, rsa.Exponent1, rsa.Exponent2, rsa.Coefficient);
certificate.PrivateKey = ToDotNetKey(rsaparams); //x509.PrivateKey = DotNetUtilities.ToRSA(rsaparams);
}
/// <summary>
/// -----BEGIN PRIVATE KEY-----
/// ...
/// -----END PRIVATE KEY-----
/// </summary>
/// <param name="privateKey">Pkcs8格式私钥</param>
/// <returns></returns>
public static RSAParameters GetRsaParametersFormAsn1PrivateKey(string privateKey)
{
var keyInfo = PrivateKeyInfo.GetInstance(Asn1Object.FromByteArray(Base64.Decode(privateKey)));
var instance = RsaPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey());
return(new RSAParameters
{
D = instance.PrivateExponent.ToByteArrayUnsigned(),
DP = instance.Exponent1.ToByteArrayUnsigned(),
DQ = instance.Exponent2.ToByteArrayUnsigned(),
Exponent = instance.PublicExponent.ToByteArrayUnsigned(),
InverseQ = instance.Coefficient.ToByteArrayUnsigned(),
Modulus = instance.Modulus.ToByteArrayUnsigned(),
P = instance.Prime1.ToByteArrayUnsigned(),
Q = instance.Prime2.ToByteArrayUnsigned(),
});
}
public static Rsa CreateFromPrivatePEM(string privatePem)
{
using (var privatePemStream = GetMemoryStream(privatePem))
{
using (var streamReaderPriv = new StreamReader(privatePemStream))
{
var pemPrivReader = new PemReader(streamReaderPriv);
var priv = pemPrivReader.ReadPemObject();
var seq = Asn1Sequence.GetInstance(priv.Content);
var rsa = RsaPrivateKeyStructure.GetInstance(seq);
var pubSpec = new RsaKeyParameters(false, rsa.Modulus, rsa.PublicExponent);
var privSpec = new RsaPrivateCrtKeyParameters(
rsa.Modulus, rsa.PublicExponent, rsa.PrivateExponent,
rsa.Prime1, rsa.Prime2, rsa.Exponent1, rsa.Exponent2,
rsa.Coefficient);
return(new Rsa(pubSpec, privSpec));
}
}
}
private void BaseOaepTest(
int id,
byte[] pubKeyEnc,
byte[] privKeyEnc,
byte[] output)
{
//
// extract the public key info.
//
Asn1Object pubKeyObj = Asn1Object.FromByteArray(pubKeyEnc);
RsaPublicKeyStructure pubStruct = RsaPublicKeyStructure.GetInstance(
SubjectPublicKeyInfo.GetInstance(pubKeyObj).GetPublicKey());
//
// extract the private key info.
//
Asn1Object privKeyObj = Asn1Object.FromByteArray(privKeyEnc);
RsaPrivateKeyStructure privStruct = RsaPrivateKeyStructure.GetInstance(
PrivateKeyInfo.GetInstance(privKeyObj).ParsePrivateKey());
RsaKeyParameters pubParameters = new RsaKeyParameters(
false,
pubStruct.Modulus,
pubStruct.PublicExponent);
RsaKeyParameters privParameters = new RsaPrivateCrtKeyParameters(
privStruct.Modulus,
privStruct.PublicExponent,
privStruct.PrivateExponent,
privStruct.Prime1,
privStruct.Prime2,
privStruct.Exponent1,
privStruct.Exponent2,
privStruct.Coefficient);
byte[] input = new byte[] {
(byte)0x54, (byte)0x85, (byte)0x9b, (byte)0x34,
(byte)0x2c, (byte)0x49, (byte)0xea, (byte)0x2a
};
EncDec("id(" + id + ")", pubParameters, privParameters, seed, input, output);
}
public static string PrintPrivateKey(AsymmetricCipherKeyPair keys)
{
StringBuilder sb = new StringBuilder();
PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(keys.Private);
RsaPrivateKeyStructure rsa = RsaPrivateKeyStructure.GetInstance(privateKeyInfo.ParsePrivateKey());
byte[] serializedBytes = privateKeyInfo.ToAsn1Object().GetDerEncoded();
string serialized = Convert.ToBase64String(serializedBytes);
sb.AppendLine("Key==>" + serialized);
sb.AppendLine("Prime 1 ==>" + rsa.Prime1.ToString());
sb.AppendLine("Prime 2 ==>" + rsa.Prime2.ToString());
sb.AppendLine("Modulus ==>" + rsa.Modulus.ToString());
sb.AppendLine("Coefficient ==>" + rsa.Coefficient.ToString());
sb.AppendLine("Exponent1 ==>" + rsa.Exponent1.ToString());
sb.AppendLine("Exponent2 ==>" + rsa.Exponent2.ToString());
sb.AppendLine("PrivateExponent ==>" + rsa.PrivateExponent.ToString());
sb.AppendLine("PublicExponent ==>" + rsa.PublicExponent.ToString());
return(sb.ToString());
}
/// <summary>
/// -----BEGIN RSA PRIVATE KEY-----
/// ...
/// -----END RSA PRIVATE KEY-----
/// </summary>
/// <param name="privateKey"></param>
/// <returns></returns>
public static RSAParameters GetRSAParametersFormRsaPrivateKey(string privateKey)
{
if (string.IsNullOrEmpty(privateKey))
{
throw new ArgumentNullException(nameof(privateKey));
}
var key = RsaPrivateKeyStructure.GetInstance(Convert.FromBase64String(privateKey));
return(new RSAParameters
{
D = key.PrivateExponent.ToByteArrayUnsigned(),
DP = key.Exponent1.ToByteArrayUnsigned(),
DQ = key.Exponent2.ToByteArrayUnsigned(),
Exponent = key.PublicExponent.ToByteArrayUnsigned(),
InverseQ = key.Coefficient.ToByteArrayUnsigned(),
Modulus = key.Modulus.ToByteArrayUnsigned(),
P = key.Prime1.ToByteArrayUnsigned(),
Q = key.Prime2.ToByteArrayUnsigned(),
});
}