/// <summary> /// Export an RSA key to a PEM format string /// </summary> /// <param name="cert">The certificate to export key from (must be exportable)</param> /// <param name="password">An optional password</param> /// <returns>A PEM string form of the key</returns> public static string ExportPrivateKeyToPEM(this X509Certificate2 cert, string password) { if (!cert.HasPrivateKey) { throw new ArgumentException("Must specify certificate with a private key", "cert"); } StringWriter swriter = new StringWriter(); PemWriter writer = new PemWriter(swriter); RSAParameters ps = cert.GetRSAPrivateKey().ExportParameters(true); BigInteger modulus = new BigInteger(1, ps.Modulus); BigInteger exp = new BigInteger(1, ps.Exponent); BigInteger d = new BigInteger(1, ps.D); BigInteger p = new BigInteger(1, ps.P); BigInteger q = new BigInteger(1, ps.Q); BigInteger dp = new BigInteger(1, ps.DP); BigInteger dq = new BigInteger(1, ps.DQ); BigInteger qinv = new BigInteger(1, ps.InverseQ); RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters(modulus, exp, d, p, q, dp, dq, qinv); if (password != null) { writer.WriteObject(privKey, "DES-EDE3-CBC", password != null ? password.ToCharArray() : null, new SecureRandom()); } else { writer.WriteObject(privKey); } return(swriter.ToString()); }
public static void WriteCertificateAsPem(byte[] rawBytes, string exportPassword, Stream s) { var a = new Pkcs12Store(); a.Load(new MemoryStream(rawBytes), Array.Empty <char>()); var entry = a.GetCertificate(a.Aliases.Cast <string>().First()); var key = a.Aliases.Cast <string>().Select(a.GetKey).First(x => x != null); using (var writer = new StreamWriter(s, Encoding.ASCII, 1024, leaveOpen: true)) { var pw = new PemWriter(writer); pw.WriteObject(entry.Certificate); object privateKey; if (exportPassword != null) { privateKey = new MiscPemGenerator( key.Key, "AES-128-CBC", exportPassword.ToCharArray(), CertificateUtils.GetSeededSecureRandom()) .Generate(); } else { privateKey = key.Key; } pw.WriteObject(privateKey); writer.Flush(); } }
private bool WriteKeyAndCertificate(object obj, string dir, string fileName, string extension) { // create directory if not exists Directory.CreateDirectory(dir); //fileName = PrefixString(fileName); using (StreamWriter outputFile = new StreamWriter(Path.Combine(dir, fileName + extension), false)) { PemWriter pw = new PemWriter(outputFile); try { switch (obj) { case X509Certificate cert: pw.WriteObject(cert); break; case AsymmetricKeyParameter key: pw.WriteObject(key); break; } return(true); } catch (Exception) { return(false); } finally { pw.Writer.Close(); } } }
private void GetRsaWithPem(Int32 strength, Boolean usePkcs8, out string pirvKey, out string pubKey) { IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); kpGen.Init(new KeyGenerationParameters(new SecureRandom(), strength)); var privKeyParam = kpGen.GenerateKeyPair().Private; var pubKeyParam = kpGen.GenerateKeyPair().Public; using (StringWriter sw = new StringWriter()) { PemWriter pWrt = new PemWriter(sw); if (usePkcs8) { var pkcs8 = new Pkcs8Generator(privKeyParam); pWrt.WriteObject(pkcs8); } else { pWrt.WriteObject(privKeyParam); } pirvKey = sw.ToString(); } using (StringWriter sw = new StringWriter()) { PemWriter pWrt = new PemWriter(sw); pWrt.WriteObject(pubKeyParam); pubKey = sw.ToString(); } }
/// <summary> /// Export an RSA key to a PEM format string /// </summary> /// <param name="rsa">The RSA key to export (must be exportable)</param> /// <param name="password">An optional password</param> /// <returns>A PEM string form of the key</returns> public static string ExportToPEM(RSA rsa, SecureString password) { StringWriter swriter = new StringWriter(); PemWriter writer = new PemWriter(swriter); RSAParameters ps = rsa.ExportParameters(true); BigInteger modulus = new BigInteger(1, ps.Modulus); BigInteger exp = new BigInteger(1, ps.Exponent); BigInteger d = new BigInteger(1, ps.D); BigInteger p = new BigInteger(1, ps.P); BigInteger q = new BigInteger(1, ps.Q); BigInteger dp = new BigInteger(1, ps.DP); BigInteger dq = new BigInteger(1, ps.DQ); BigInteger qinv = new BigInteger(1, ps.InverseQ); RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters(modulus, exp, d, p, q, dp, dq, qinv); if (password != null) { writer.WriteObject(privKey, "DES-EDE3-CBC", SecureStringToCharArray(password), new Org.BouncyCastle.Security.SecureRandom()); } else { writer.WriteObject(privKey); } return(swriter.ToString()); }
public static string StringBuilder(AsymmetricCipherKeyPair key, KeyType keyType) { if (key == null) { throw new Exception("String Builder: key is null"); } try { TextWriter textWriter = new StringWriter(); PemWriter pemWriter = new PemWriter(textWriter); if (keyType == KeyType.PrivateKey) { pemWriter.WriteObject(key.Private); } else { pemWriter.WriteObject(key.Public); } pemWriter.Writer.Flush(); return(textWriter.ToString()); } catch (Exception e) { FileHelper.WriteFile(ErrorHelper.FormatError(e), FileHelper.ErrorPath, true); return(null); } }
/// <summary> /// Write the PEM Key to the file and optionally encrypt it with the requested algorithm or AES-256-CBC. /// </summary> /// <param name="keyPath">Path to the key file</param> /// <param name="key">Asymmetric Key</param> /// <param name="password">Password to encrypt the key file</param> /// <param name="algorithm">Encryption algorithm</param> /// <returns></returns> public static bool WritePEMKeyToFile(string keyPath, AsymmetricKeyParameter key, string password = null, string algorithm = "AES-256-CBC") { if (key == null) { throw new ArgumentNullException(PEMKEY_NULL); } if (File.Exists(keyPath)) { throw new ArgumentException($"{KEYFILE_EXISTS} {keyPath}"); } using (var textWriter = new StreamWriter(keyPath)) { var pemWriter = new PemWriter(textWriter); if (password != null) { pemWriter.WriteObject(key, algorithm, password.ToCharArray(), new SecureRandom()); } else { pemWriter.WriteObject(key); } pemWriter.Writer.Flush(); } //<TODO> add file permissions; Currently .Net Standard doesn't support ACL Permissions. return(true); }
public static void Main(string[] args) { var rsa = new RSACryptoServiceProvider(2048); var rsaKeyPair = DotNetUtilities.GetRsaKeyPair(rsa); var writer = new StringWriter(); var pemWriter = new PemWriter(writer); pemWriter.WriteObject(rsaKeyPair.Public); pemWriter.WriteObject(rsaKeyPair.Private); Console.WriteLine(writer); }
/// <summary> /// Writes PEM encoded data to the given Writer /// </summary> /// <param name="wrt">Stream to write the data in</param> /// <param name="obj">data to write in Stream</param> /// <param name="algorithm">algorithm to encrypt the data(Generally used for writing PrivateKeys)</param> /// <param name="password">password to protect the data with(Generally used for writing PrivateKeys)</param> /// <param name="rand">source of randomness</param> public static void Encode(TextWriter wrt, Object obj, String algorithm, char[] password, SecureRandom rand) { PemWriter pemWriter = new PemWriter(wrt); if ((password != null)) { pemWriter.WriteObject(obj, algorithm, password, rand); } else { pemWriter.WriteObject(obj); } }
internal string GetCertComponentsAsPEMString(byte[] pfxData, string pwd, ExportFlags flags) { // See also https://www.digicert.com/ssl-support/pem-ssl-creation.htm var cert = new X509Certificate2(pfxData, pwd); var chain = new X509Chain(); chain.Build(cert); using (var writer = new StringWriter()) { var certParser = new X509CertificateParser(); var pemWriter = new PemWriter(writer); //output in order of private key, primary cert, intermediates, root if (flags.HasFlag(ExportFlags.PrivateKey)) { var key = GetCertKeyPem(pfxData, pwd); writer.Write(key); } var i = 0; foreach (var c in chain.ChainElements) { if (i == 0 && flags.HasFlag(ExportFlags.EndEntityCertificate)) { // first cert is end entity cert (primary certificate) var o = c.Certificate.Export(X509ContentType.Cert); pemWriter.WriteObject(certParser.ReadCertificate(o)); } else if (i == chain.ChainElements.Count - 1 && flags.HasFlag(ExportFlags.RootCertificate)) { // last cert is root ca public cert var o = c.Certificate.Export(X509ContentType.Cert); pemWriter.WriteObject(certParser.ReadCertificate(o)); } else if (i != 0 && (i != chain.ChainElements.Count - 1) && flags.HasFlag(ExportFlags.IntermediateCertificates)) { // intermediate cert(s), if any, not including end entity and root var o = c.Certificate.Export(X509ContentType.Cert); pemWriter.WriteObject(certParser.ReadCertificate(o)); } i++; } writer.Flush(); return(writer.ToString()); } }
/// <summary> /// Erstellt die für die PKCS#10-Datei notwendigen Daten /// </summary> /// <returns>Die für die PKCS#10-Datei notwendigen Daten</returns> public Pkcs10Data CreateRequest() { var sigAlgoName = "SHA256WITHRSA"; var subject = new X509Name( true, $"CN={Requester.Surname}, OU={Requester.Number}, OU={Requester.CompanyName}, O={"ITSG TrustCenter fuer Arbeitgeber"}, C={"DE"}", new Pkcs.X509ItsgEntryConverter() ); var rng = new SecureRandom(); var rsaKeyPair = RSA; if (rsaKeyPair == null) { var keyPairGen = new RsaKeyPairGenerator(); keyPairGen.Init(new KeyGenerationParameters(rng, 2048)); rsaKeyPair = keyPairGen.GenerateKeyPair(); } var csr = new Pkcs10CertificationRequest(new Asn1SignatureFactory(sigAlgoName, rsaKeyPair.Private), subject, rsaKeyPair.Public, null, rsaKeyPair.Private); var outputCsrPem = new StringWriter(); { var pemWriter = new PemWriter(outputCsrPem); pemWriter.WriteObject(csr); } var outputPrivateKeyPem = new StringWriter(); { var pemWriter = new PemWriter(outputPrivateKeyPem); if (string.IsNullOrEmpty(Password)) { pemWriter.WriteObject(rsaKeyPair.Private); } else { pemWriter.WriteObject( rsaKeyPair.Private, "des-ede3-cbc", Password.ToCharArray(), rng ); } } var rsaPubKey = (RsaKeyParameters)rsaKeyPair.Public; var rawPubKeyData = OstcUtils.CalculatePublicKeyHash(rsaPubKey); return(new Pkcs10Data(csr.GetEncoded(), outputCsrPem.ToString(), outputPrivateKeyPem.ToString(), rawPubKeyData)); }
/// <summary> /// Encodes the full certificate chain in PEM. /// </summary> /// <param name="certificateChain">The certificate chain.</param> /// <param name="certKey">The certificate key.</param> /// <returns>The encoded certificate chain.</returns> public static string ToPem(this CertificateChain certificateChain, IKey certKey = null) { var certStore = new CertificateStore(); foreach (var issuer in certificateChain.Issuers) { certStore.Add(issuer.ToDer()); } var issuers = certStore.GetIssuers(certificateChain.Certificate.ToDer()); using (var writer = new StringWriter()) { if (certKey != null) { writer.WriteLine(certKey.ToPem().TrimEnd()); } writer.WriteLine(certificateChain.Certificate.ToPem().TrimEnd()); var certParser = new X509CertificateParser(); var pemWriter = new PemWriter(writer); foreach (var issuer in issuers) { var cert = certParser.ReadCertificate(issuer); pemWriter.WriteObject(cert); } return(writer.ToString()); } }
public KeyPair GetKeyPair() { var keyGenerationParameters = new KeyGenerationParameters(new SecureRandom(), 4096); var keyPairGenerator = new RsaKeyPairGenerator(); keyPairGenerator.Init(keyGenerationParameters); var keys = keyPairGenerator.GenerateKeyPair(); var keyPair = new KeyPair(); var textWriter = new StringWriter(); var pemWriter = new PemWriter(textWriter); pemWriter.WriteObject(keys.Public); pemWriter.Writer.Flush(); keyPair.pemPublicKey = textWriter.ToString(); var textReader = new StringReader(keyPair.pemPublicKey); var pemReader = new PemReader(textReader); keyPair.publicKey = pemReader.ReadPemObject().Content; textWriter = new StringWriter(); pemWriter = new PemWriter(textWriter); pemWriter.WriteObject(keys.Private); pemWriter.Writer.Flush(); keyPair.pemPrivateKey = textWriter.ToString(); textReader = new StringReader(keyPair.pemPrivateKey); pemReader = new PemReader(textReader); keyPair.privateKey = pemReader.ReadPemObject().Content; return(keyPair); }
private void GenerateRSA(int bit) { RsaKeyPairGenerator rsaGenerator = new RsaKeyPairGenerator(); rsaGenerator.Init(new KeyGenerationParameters(new SecureRandom(), bit)); var keyPair = rsaGenerator.GenerateKeyPair(); using (TextWriter privateKeyTextWriter = new StringWriter()) { PemWriter pemWriter = new PemWriter(privateKeyTextWriter); pemWriter.WriteObject(keyPair.Private); pemWriter.Writer.Flush(); RSAKEYserver = privateKeyTextWriter.ToString(); } Console.WriteLine($">>>>>> OpenSSL RSA PRIVATE KEY {bit} bits <<<<<"); using (TextWriter publicKeyTextWriter = new StringWriter()) { PemWriter pemWriter = new PemWriter(publicKeyTextWriter); pemWriter.WriteObject(keyPair.Public); pemWriter.Writer.Flush(); RSAKEYpublic = publicKeyTextWriter.ToString(); } //Console.WriteLine(">>>>>> OpenSSL RSA PUBLIC KEY <<<<<"); Console.WriteLine(); Console.WriteLine(RSAKEYpublic); }
public override void PerformTest() { IAsymmetricCipherKeyPairGenerator dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA"); dsaKpg.Init(new DsaKeyGenerationParameters(random, testDsaParams)); AsymmetricCipherKeyPair testDsaKp = dsaKpg.GenerateKeyPair(); AsymmetricKeyParameter testDsaKey = testDsaKp.Private; doWriteReadTest(testDsaKey); doWriteReadTests(testDsaKey, algorithms); doWriteReadTest(testRsaKey); doWriteReadTests(testRsaKey, algorithms); AsymmetricKeyParameter ecPriv = PrivateKeyFactory.CreateKey(testEcDsaKeyBytes); doWriteReadTest(ecPriv); doWriteReadTests(ecPriv, algorithms); IAsymmetricCipherKeyPairGenerator ecKpg = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); ecKpg.Init(new KeyGenerationParameters(random, 239)); ecPriv = ecKpg.GenerateKeyPair().Private; doWriteReadTest(ecPriv); doWriteReadTests(ecPriv, algorithms); // override test PemWriter pWrt = new PemWriter(new StringWriter()); object o = new PemObject("FRED", new byte[100]); pWrt.WriteObject(o); pWrt.Writer.Close(); }
private (string certificate, string key) TransformPfx(IPasswordFinder passwordFinder) { var certOutput = new StringWriter(); var keyOutput = new StringWriter(); using (var input = File.OpenRead(CertificatePath)) { var certWriter = new PemWriter(certOutput); var keyWriter = new PemWriter(keyOutput); var store = new Pkcs12Store(input, passwordFinder.GetPassword()); foreach (string alias in store.Aliases) { var cert = store.GetCertificate(alias); if (cert != null) { certWriter.WriteObject(cert.Certificate); } var key = store.GetKey(alias); if (key != null && key.Key.IsPrivate) { keyWriter.WriteObject(key.Key); } } } return(certOutput.ToString(), keyOutput.ToString()); }
/// <summary> /// 创建密钥对(pem格式 PKCS1) /// </summary> /// <param name="keysize"></param> /// <returns>[公钥 , 私钥]</returns> public static string[] CreateKeyPair(int keysize = 2048) { RsaKeyPairGenerator r = new RsaKeyPairGenerator(); r.Init(new KeyGenerationParameters(new SecureRandom(), keysize)); AsymmetricCipherKeyPair keys = r.GenerateKeyPair(); AsymmetricKeyParameter private_key = keys.Private; AsymmetricKeyParameter public_key = keys.Public; TextWriter textWriter = new StringWriter(); PemWriter pemWriter = new PemWriter(textWriter); pemWriter.WriteObject(keys.Private); pemWriter.Writer.Flush(); string privateKey = textWriter.ToString(); TextWriter textpubWriter = new StringWriter(); PemWriter pempubWriter = new PemWriter(textpubWriter); pempubWriter.WriteObject(keys.Public); pempubWriter.Writer.Flush(); string pubKey = textpubWriter.ToString(); return(new string[] { pubKey, privateKey }); }
/// <summary> /// Create instance of RSAManager /// </summary> public RSAManager RSAGenerateManager() { var keyGen = new RsaKeyPairGenerator(); keyGen.Init(new KeyGenerationParameters(new SecureRandom(), 2048)); var keyPair = keyGen.GenerateKeyPair(); Func <string, string> decrypt = (string encryptedValue) => { var decryptEngine = new OaepEncoding(new RsaEngine()); var bytesToDecrypt = Convert.FromBase64String(encryptedValue); decryptEngine.Init(false, keyPair.Private as RsaPrivateCrtKeyParameters); return(Encoding.UTF8.GetString(decryptEngine.ProcessBlock(bytesToDecrypt, 0, bytesToDecrypt.Length))); }; var info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyPair.Public); var stringWriter = new StringWriter(); var pemWriter = new PemWriter(stringWriter); var pemObject = new PemObject("PUBLIC KEY", info.GetEncoded()); pemWriter.WriteObject(pemObject); return(new RSAManager { Decrypt = decrypt, PublicKey = stringWriter.ToString(), }); }
/// <inheritdoc /> public async Task <string> ExportAsync(string name, char[] password, CancellationToken cancel = default(CancellationToken)) { string pem = ""; using (var repo = await ipfs.Repository(cancel)) { var pk = new string[] { name }; var key = await repo.EncryptedKeys .Where(k => k.Name == name) .FirstAsync(cancel); UseEncryptedKey(key, pkey => { using (var sw = new StringWriter()) { var pkcs8 = new Pkcs8Generator(pkey, Pkcs8Generator.PbeSha1_3DES) { Password = password }; var pw = new PemWriter(sw); pw.WriteObject(pkcs8); pw.Writer.Flush(); pem = sw.ToString(); } }); } return(pem); }
public void GenRSAKeyPair(string name) { var generator = new RsaKeyPairGenerator(); var seed = Encoding.UTF8.GetBytes(name); var secureRandom = new SecureRandom(); secureRandom.SetSeed(seed); generator.Init(new KeyGenerationParameters(secureRandom, 2048)); var pair = generator.GenerateKeyPair(); var twPrivate = new StringWriter(); PemWriter pwPrivate = new PemWriter(twPrivate); pwPrivate.WriteObject(pair.Private); pwPrivate.Writer.Flush(); var privateKey = twPrivate.ToString().Replace("-----BEGIN RSA PRIVATE KEY-----", "").Replace("-----END RSA PRIVATE KEY-----", "").Trim(); Console.WriteLine(privateKey); var twPublic = new StringWriter(); PemWriter pwPublic = new PemWriter(twPublic); pwPublic.WriteObject(pair.Public); pwPublic.Writer.Flush(); var publicKey = twPublic.ToString().Replace("-----BEGIN PUBLIC KEY-----", "").Replace("-----END PUBLIC KEY-----", "").Trim(); Console.WriteLine(publicKey); }
public void TestPkcs8Plain() { IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); kpGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024)); AsymmetricKeyParameter privKey = kpGen.GenerateKeyPair().Private; StringWriter sw = new StringWriter(); PemWriter pWrt = new PemWriter(sw); Pkcs8Generator pkcs8 = new Pkcs8Generator(privKey); pWrt.WriteObject(pkcs8); pWrt.Writer.Close(); string result = sw.ToString(); PemReader pRd = new PemReader(new StringReader(result), new Password("hello".ToCharArray())); AsymmetricKeyParameter rdKey = (AsymmetricKeyParameter)pRd.ReadObject(); pRd.Reader.Close(); Assert.AreEqual(privKey, rdKey); }
private static string EncodeAsPem( object item) { if (item == null) { throw new ArgumentNullException(nameof(item)); } string result; var stringBuilder = new StringBuilder(); using (var stringWriter = new StringWriter(stringBuilder, CultureInfo.InvariantCulture)) { var pemWriter = new PemWriter(stringWriter); pemWriter.WriteObject(item); pemWriter.Writer.Flush(); result = stringBuilder.ToString(); } return(result); }
async Task <IKey> AddPrivateKeyAsync(string name, AsymmetricCipherKeyPair keyPair, CancellationToken cancel) { // Create the key ID var keyId = CreateKeyId(keyPair.Public); // Create the PKCS #8 container for the key string pem; using (var sw = new StringWriter()) { var pkcs8 = new Pkcs8Generator(keyPair.Private, Pkcs8Generator.PbeSha1_3DES) { Password = dek }; var pw = new PemWriter(sw); pw.WriteObject(pkcs8); pw.Writer.Flush(); pem = sw.ToString(); } // Store the key in the repository. var key = new EncryptedKey { Id = keyId.ToBase58(), Name = name, Pem = pem }; await Store.PutAsync(name, key); log.DebugFormat("Added key '{0}' with ID {1}", name, keyId); return(new KeyInfo { Id = key.Id, Name = key.Name }); }
public static (string publicKey, string privateKey) GenerateRsaKeyPair() { RsaKeyPairGenerator rsaGenerator = new RsaKeyPairGenerator(); rsaGenerator.Init(new KeyGenerationParameters(new SecureRandom(), 2048)); var keyPair = rsaGenerator.GenerateKeyPair(); string publicKey; using (TextWriter publicKeyTextWriter = new StringWriter()) { PemWriter pemWriter = new PemWriter(publicKeyTextWriter); pemWriter.WriteObject(keyPair.Public); pemWriter.Writer.Flush(); publicKey = publicKeyTextWriter.ToString(); } string privateKey; using (TextWriter privateKeyTextWriter = new StringWriter()) { PemWriter pemWriter = new PemWriter(privateKeyTextWriter); pemWriter.WriteObject(keyPair.Private); pemWriter.Writer.Flush(); privateKey = privateKeyTextWriter.ToString(); } return(publicKey : publicKey, privateKey : privateKey); }
/// <summary> /// RSA: öffentlicher und privaten Schlüssel erzeugen /// </summary> /// <param name="privatekey">Privater Schlüssel</param> /// <param name="publickey">Öffentlicher Schlüssel</param> public static void createRSAKeyPair(out string privatekey, out string publickey) { //RSA-Schlüssel-Paar erzeugen var r = new RsaKeyPairGenerator(); r.Init(new KeyGenerationParameters(new SecureRandom(), 1024)); var keys = r.GenerateKeyPair(); //Private Key im PEM-Format TextWriter textWriter = new StringWriter(); var pemWriter = new PemWriter(textWriter); pemWriter.WriteObject(keys.Private); pemWriter.Writer.Flush(); textWriter.Close(); privatekey = textWriter.ToString(); //Public Key im PEM-Formart TextWriter textWriter1 = new StringWriter(); var pemWriter1 = new PemWriter(textWriter1); pemWriter1.WriteObject(keys.Public); pemWriter1.Writer.Flush(); textWriter1.Close(); publickey = textWriter1.ToString(); }
public static PemKeyPair GenerateKeyPair() { String privateKey = String.Empty; String publicKey = String.Empty; RsaKeyPairGenerator keyGenerator = new RsaKeyPairGenerator(); keyGenerator.Init(new KeyGenerationParameters(new SecureRandom(), 2048)); AsymmetricCipherKeyPair keyPair = keyGenerator.GenerateKeyPair(); using (TextWriter writer = new StringWriter()) { PemWriter pemWriter = new PemWriter(writer); pemWriter.WriteObject(keyPair.Private); pemWriter.Writer.Flush(); privateKey = writer.ToString(); } using (TextWriter writer = new StringWriter()) { PemWriter pemWriter = new PemWriter(writer); pemWriter.WriteObject(keyPair.Public); pemWriter.Writer.Flush(); publicKey = writer.ToString(); } return(new PemKeyPair(publicKey, privateKey)); }
public CsrResult GenerateCsr(AsymmetricCipherKeyPair keypair, string certificateSubjectText) { //PKCS #10 Certificate Signing Request var signatureFactory = new Asn1SignatureFactory("SHA1WITHRSA", keypair.Private, _random); var csr = new Pkcs10CertificationRequest(signatureFactory, new X509Name(certificateSubjectText), keypair.Public, null, keypair.Private); //Convert BouncyCastle CSR to PEM file var csrAsPem = new StringBuilder(); var csrAsPemWriter = new PemWriter(new StringWriter(csrAsPem)); csrAsPemWriter.WriteObject(csr); csrAsPemWriter.Writer.Flush(); //Push the CSR text var csrText = csrAsPem.ToString(); //Convert BouncyCastle Private Key to PEM file var privateKeyPem = new StringBuilder(); var privateKeyPemWriter = new PemWriter(new StringWriter(privateKeyPem)); privateKeyPemWriter.WriteObject(keypair.Private); csrAsPemWriter.Writer.Flush(); //Push the private key text var privateKeyText = privateKeyPem.ToString(); return(new CsrResult() { PrivateKeyAsPem = privateKeyText, CsrAsPem = csrText }); }
public static PemKeyPair GenerateKeyPair() { String privateKey = String.Empty; String publicKey = String.Empty; X9ECParameters ecParameters = ECNamedCurveTable.GetByName("secp256k1"); ECKeyPairGenerator keyGenerator = new ECKeyPairGenerator(); keyGenerator.Init(new ECKeyGenerationParameters(new ECDomainParameters(ecParameters.Curve, ecParameters.G, ecParameters.N, ecParameters.H), new SecureRandom())); AsymmetricCipherKeyPair keyPair = keyGenerator.GenerateKeyPair(); using (TextWriter writer = new StringWriter()) { PemWriter pemWriter = new PemWriter(writer); pemWriter.WriteObject(keyPair.Private); pemWriter.Writer.Flush(); privateKey = writer.ToString(); } using (TextWriter writer = new StringWriter()) { PemWriter pemWriter = new PemWriter(writer); pemWriter.WriteObject(keyPair.Public); pemWriter.Writer.Flush(); publicKey = writer.ToString(); } return(new PemKeyPair(publicKey, privateKey)); }
public static string PrivateKeyXmlToPkcs8(string privateKey) { var root = XElement.Parse(privateKey); var modulus = root.Element("Modulus"); var exponent = root.Element("Exponent"); var p = root.Element("P"); var q = root.Element("Q"); var dp = root.Element("DP"); var dq = root.Element("DQ"); var inverseQ = root.Element("InverseQ"); var d = root.Element("D"); var rsaPrivateCrtKeyParameters = new RsaPrivateCrtKeyParameters( new BigInteger(1, Convert.FromBase64String(modulus.Value)), new BigInteger(1, Convert.FromBase64String(exponent.Value)), new BigInteger(1, Convert.FromBase64String(d.Value)), new BigInteger(1, Convert.FromBase64String(p.Value)), new BigInteger(1, Convert.FromBase64String(q.Value)), new BigInteger(1, Convert.FromBase64String(dp.Value)), new BigInteger(1, Convert.FromBase64String(dq.Value)), new BigInteger(1, Convert.FromBase64String(inverseQ.Value))); using var writer = new StringWriter(); var pemWriter = new PemWriter(writer); var pkcs8 = new Pkcs8Generator(rsaPrivateCrtKeyParameters); pemWriter.WriteObject(pkcs8); pemWriter.Writer.Close(); return(writer.ToString()); }
/// <summary> /// Create a new private/public key pair as PEM formatted strings. /// </summary> /// <returns>An <see cref="RsaKeyPair"/>.</returns> public static RsaKeyPair GenerateRsaKeyPair() { var rsaGenerator = new RsaKeyPairGenerator(); rsaGenerator.Init(new KeyGenerationParameters(new SecureRandom(), 2048)); var keyPair = rsaGenerator.GenerateKeyPair(); var rsaKeyPair = new RsaKeyPair(); using (var privateKeyTextWriter = new StringWriter()) { var pemWriter = new PemWriter(privateKeyTextWriter); pemWriter.WriteObject(keyPair.Private); pemWriter.Writer.Flush(); rsaKeyPair.PrivateKey = privateKeyTextWriter.ToString(); } using (var publicKeyTextWriter = new StringWriter()) { var pemWriter = new PemWriter(publicKeyTextWriter); pemWriter.WriteObject(keyPair.Public); pemWriter.Writer.Flush(); rsaKeyPair.PublicKey = publicKeyTextWriter.ToString(); } return(rsaKeyPair); }
private void lengthTest(string type, IList headers, byte[] data) { StringWriter sw = new StringWriter(); PemWriter pWrt = new PemWriter(sw); PemObject pemObj = new PemObject(type, headers, data); pWrt.WriteObject(pemObj); pWrt.Writer.Close(); Assert.AreEqual(sw.ToString().Length, pWrt.GetOutputSize(pemObj)); }
public override void PerformTest() { IPasswordFinder pGet = new Password("secret".ToCharArray()); PemReader pemRd = OpenPemResource("test.pem", pGet); IAsymmetricCipherKeyPair pair; object o; while ((o = pemRd.ReadObject()) != null) { // if (o is AsymmetricCipherKeyPair) // { // ackp = (AsymmetricCipherKeyPair)o; // // Console.WriteLine(ackp.Public); // Console.WriteLine(ackp.Private); // } // else // { // Console.WriteLine(o.ToString()); // } } // // pkcs 7 data // pemRd = OpenPemResource("pkcs7.pem", null); ContentInfo d = (ContentInfo)pemRd.ReadObject(); if (!d.ContentType.Equals(CmsObjectIdentifiers.EnvelopedData)) { Fail("failed envelopedData check"); } /* { // // ECKey // pemRd = OpenPemResource("eckey.pem", null); // TODO Resolve return type issue with EC keys and fix PemReader to return parameters // ECNamedCurveParameterSpec spec = (ECNamedCurveParameterSpec)pemRd.ReadObject(); pair = (AsymmetricCipherKeyPair)pemRd.ReadObject(); ISigner sgr = SignerUtilities.GetSigner("ECDSA"); sgr.Init(true, pair.Private); byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; sgr.BlockUpdate(message, 0, message.Length); byte[] sigBytes = sgr.GenerateSignature(); sgr.Init(false, pair.Public); sgr.BlockUpdate(message, 0, message.Length); if (!sgr.VerifySignature(sigBytes)) { Fail("EC verification failed"); } // TODO Resolve this issue with the algorithm name, study Java version // if (!((ECPublicKeyParameters) pair.Public).AlgorithmName.Equals("ECDSA")) // { // Fail("wrong algorithm name on public got: " + ((ECPublicKeyParameters) pair.Public).AlgorithmName); // } // // if (!((ECPrivateKeyParameters) pair.Private).AlgorithmName.Equals("ECDSA")) // { // Fail("wrong algorithm name on private got: " + ((ECPrivateKeyParameters) pair.Private).AlgorithmName); // } } */ // // writer/parser test // IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); kpGen.Init( new RsaKeyGenerationParameters( BigInteger.ValueOf(0x10001), new SecureRandom(), 768, 25)); pair = kpGen.GenerateKeyPair(); keyPairTest("RSA", pair); // kpGen = KeyPairGenerator.getInstance("DSA"); // kpGen.initialize(512, new SecureRandom()); DsaParametersGenerator pGen = new DsaParametersGenerator(); pGen.Init(512, 80, new SecureRandom()); kpGen = GeneratorUtilities.GetKeyPairGenerator("DSA"); kpGen.Init( new DsaKeyGenerationParameters( new SecureRandom(), pGen.GenerateParameters())); pair = kpGen.GenerateKeyPair(); keyPairTest("DSA", pair); // // PKCS7 // MemoryStream bOut = new MemoryStream(); PemWriter pWrt = new PemWriter(new StreamWriter(bOut)); pWrt.WriteObject(d); pWrt.Writer.Close(); pemRd = new PemReader(new StreamReader(new MemoryStream(bOut.ToArray(), false))); d = (ContentInfo)pemRd.ReadObject(); if (!d.ContentType.Equals(CmsObjectIdentifiers.EnvelopedData)) { Fail("failed envelopedData recode check"); } // OpenSSL test cases (as embedded resources) doOpenSslDsaTest("unencrypted"); doOpenSslRsaTest("unencrypted"); doOpenSslTests("aes128"); doOpenSslTests("aes192"); doOpenSslTests("aes256"); doOpenSslTests("blowfish"); doOpenSslTests("des1"); doOpenSslTests("des2"); doOpenSslTests("des3"); doOpenSslTests("rc2_128"); doOpenSslDsaTest("rc2_40_cbc"); doOpenSslRsaTest("rc2_40_cbc"); doOpenSslDsaTest("rc2_64_cbc"); doOpenSslRsaTest("rc2_64_cbc"); // TODO Figure out why exceptions differ for commented out cases doDudPasswordTest("7fd98", 0, "Corrupted stream - out of bounds length found"); doDudPasswordTest("ef677", 1, "Corrupted stream - out of bounds length found"); // doDudPasswordTest("800ce", 2, "cannot recognise object in stream"); doDudPasswordTest("b6cd8", 3, "DEF length 81 object truncated by 56"); doDudPasswordTest("28ce09", 4, "DEF length 110 object truncated by 28"); doDudPasswordTest("2ac3b9", 5, "DER length more than 4 bytes: 11"); doDudPasswordTest("2cba96", 6, "DEF length 100 object truncated by 35"); doDudPasswordTest("2e3354", 7, "DEF length 42 object truncated by 9"); doDudPasswordTest("2f4142", 8, "DER length more than 4 bytes: 14"); doDudPasswordTest("2fe9bb", 9, "DER length more than 4 bytes: 65"); doDudPasswordTest("3ee7a8", 10, "DER length more than 4 bytes: 57"); doDudPasswordTest("41af75", 11, "malformed sequence in DSA private key"); doDudPasswordTest("1704a5", 12, "corrupted stream detected"); // doDudPasswordTest("1c5822", 13, "corrupted stream detected"); // doDudPasswordTest("5a3d16", 14, "corrupted stream detected"); doDudPasswordTest("8d0c97", 15, "corrupted stream detected"); doDudPasswordTest("bc0daf", 16, "corrupted stream detected"); doDudPasswordTest("aaf9c4d",17, "Corrupted stream - out of bounds length found"); // encrypted private key test pGet = new Password("password".ToCharArray()); pemRd = OpenPemResource("enckey.pem", pGet); RsaPrivateCrtKeyParameters privKey = (RsaPrivateCrtKeyParameters)pemRd.ReadObject(); if (!privKey.PublicExponent.Equals(new BigInteger("10001", 16))) { Fail("decryption of private key data check failed"); } // general PKCS8 test pGet = new Password("password".ToCharArray()); pemRd = OpenPemResource("pkcs8test.pem", pGet); while ((privKey = (RsaPrivateCrtKeyParameters)pemRd.ReadObject()) != null) { if (!privKey.PublicExponent.Equals(new BigInteger("10001", 16))) { Fail("decryption of private key data check failed"); } } }
private void keyPairTest( string name, IAsymmetricCipherKeyPair pair) { MemoryStream bOut = new MemoryStream(); PemWriter pWrt = new PemWriter(new StreamWriter(bOut)); pWrt.WriteObject(pair.Public); pWrt.Writer.Close(); PemReader pemRd = new PemReader(new StreamReader(new MemoryStream(bOut.ToArray(), false))); IAsymmetricKeyParameter pubK = (AsymmetricKeyParameter) pemRd.ReadObject(); if (!pubK.Equals(pair.Public)) { Fail("Failed public key read: " + name); } bOut = new MemoryStream(); pWrt = new PemWriter(new StreamWriter(bOut)); pWrt.WriteObject(pair.Private); pWrt.Writer.Close(); pemRd = new PemReader(new StreamReader(new MemoryStream(bOut.ToArray(), false))); IAsymmetricCipherKeyPair kPair = (AsymmetricCipherKeyPair) pemRd.ReadObject(); if (!kPair.Private.Equals(pair.Private)) { Fail("Failed private key read: " + name); } if (!kPair.Public.Equals(pair.Public)) { Fail("Failed private key public read: " + name); } }
private void EncryptedTest(IAsymmetricKeyParameter privKey, string algorithm) { StringWriter sw = new StringWriter(); PemWriter pWrt = new PemWriter(sw); Pkcs8Generator pkcs8 = new Pkcs8Generator(privKey, algorithm); pkcs8.Password = "******".ToCharArray(); pWrt.WriteObject(pkcs8); pWrt.Writer.Close(); String result = sw.ToString(); PemReader pRd = new PemReader(new StringReader(result), new Password("hello".ToCharArray())); IAsymmetricKeyParameter rdKey = (AsymmetricKeyParameter)pRd.ReadObject(); pRd.Reader.Close(); Assert.AreEqual(privKey, rdKey); }
public void TestPkcs8Plain() { IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); kpGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024)); IAsymmetricKeyParameter privKey = kpGen.GenerateKeyPair().Private; StringWriter sw = new StringWriter(); PemWriter pWrt = new PemWriter(sw); Pkcs8Generator pkcs8 = new Pkcs8Generator(privKey); pWrt.WriteObject(pkcs8); pWrt.Writer.Close(); string result = sw.ToString(); PemReader pRd = new PemReader(new StringReader(result), new Password("hello".ToCharArray())); IAsymmetricKeyParameter rdKey = (AsymmetricKeyParameter)pRd.ReadObject(); pRd.Reader.Close(); Assert.AreEqual(privKey, rdKey); }