//---------------------------------------私钥转换
public static void getPriKeyPem()
{
var rsa = new RSACryptoServiceProvider();
using (var sr = new StreamReader("E:\\PriKey.xml"))
{
rsa.FromXmlString(sr.ReadToEnd());
}
var p = rsa.ExportParameters(true);
var key = new RsaPrivateCrtKeyParameters(
new BigInteger(1, p.Modulus), new BigInteger(1, p.Exponent), new BigInteger(1, p.D),
new BigInteger(1, p.P), new BigInteger(1, p.Q), new BigInteger(1, p.DP), new BigInteger(1, p.DQ),
new BigInteger(1, p.InverseQ));
using (var sw = new StreamWriter("e:\\PriKey.pem"))
{
var pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(sw);
pemWriter.WriteObject(key);
}
}
public static string X509Certificate2ToPEM(X509Certificate2 cert)
{
try
{
if (cert.HasPrivateKey)
{
byte[] pkcsarray = cert.Export(X509ContentType.Pkcs12);
if (pkcsarray.Length == 0)
{
throw new CryptoException("Empty PKCS12 Array");
}
X509Certificate certout = null;
AsymmetricKeyParameter priv = null;
using (MemoryStream ms = new MemoryStream(pkcsarray))
{
Pkcs12Store pkstore = new Pkcs12Store();
pkstore.Load(ms, new char[] { });
foreach (string s in pkstore.Aliases.Cast <string>())
{
X509CertificateEntry entry = pkstore.GetCertificate(s);
if (entry != null)
{
certout = entry.Certificate;
}
AsymmetricKeyEntry kentry = pkstore.GetKey(s);
if (kentry != null)
{
priv = kentry.Key;
}
}
if (certout == null)
{
throw new CryptoException("Certificate not found");
}
}
using (StringWriter sw = new StringWriter())
{
PemWriter pemWriter = new PemWriter(sw);
pemWriter.WriteObject(certout);
if (priv != null)
{
pemWriter.WriteObject(priv);
}
sw.Flush();
return(sw.ToString());
}
}
X509Certificate c = DotNetUtilities.FromX509Certificate(cert);
return(DumpOnePEM(c, null));
// return cert.Export(X509ContentType.SerializedCert).ToUTF8String();
}
catch (Exception e)
{
throw new CryptoException($"Unable to open pkcs12, wrong password?. {e.Message}", e);
}
}
public static string DumpOnePEM(X509Certificate cert, AsymmetricKeyParameter privkey)
{
using (StringWriter sw = new StringWriter())
{
PemWriter pemWriter = new PemWriter(sw);
pemWriter.WriteObject(cert);
if (privkey != null)
{
pemWriter.WriteObject(privkey);
}
sw.Flush();
return(sw.ToString());
}
}
// https://social.msdn.microsoft.com/Forums/vstudio/en-US/80ccc76f-bf98-4cda-9583-f651013b24a5/extract-private-key-as-string-from-pfx-file?forum=csharpgeneral
// One of my collegues actually found the solution and I thought I'd share it.
// Extract Private Key as String from PFX File
public static void GetPrivateKey(string pfxLocation, string password)
{
// Windows's PFX files are just renamed PKCS#12 files,
// Load your certificate from file
System.Security.Cryptography.X509Certificates.X509Certificate2 certificate =
new System.Security.Cryptography.X509Certificates.X509Certificate2(pfxLocation, password
, System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.Exportable
| System.Security.Cryptography.X509Certificates.X509KeyStorageFlags.PersistKeySet);
// Private Key
if (certificate.HasPrivateKey)
{
throw new System.IO.InvalidDataException("no private key in pfx file.");
}
System.Security.Cryptography.RSACryptoServiceProvider rsa = (System.Security.Cryptography.RSACryptoServiceProvider)certificate.PrivateKey;
System.IO.MemoryStream memoryStream = new System.IO.MemoryStream();
System.IO.TextWriter streamWriter = new System.IO.StreamWriter(memoryStream);
Org.BouncyCastle.OpenSsl.PemWriter pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(streamWriter);
Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair keyPair = Org.BouncyCastle.Security.DotNetUtilities.GetRsaKeyPair(rsa);
pemWriter.WriteObject(keyPair.Private);
streamWriter.Flush();
string output = System.Text.Encoding.ASCII.GetString(memoryStream.GetBuffer()).Trim();
int index_of_footer = output.IndexOf("-----END RSA PRIVATE KEY-----");
memoryStream.Close();
streamWriter.Close();
string PrivKey = output.Substring(0, index_of_footer + 29);
}
/***
* Creates a TLSCertificateKeyPair out of the given {@link X509Certificate} and {@link KeyPair}
* encoded in PEM and also in DER for the certificate
* @param x509Cert the certificate to process
* @param keyPair the key pair to process
* @return a TLSCertificateKeyPair
* @throws IOException upon failure
*/
public TLSCertificateKeyPair(Certificate x509Cert, KeyPair keyPair)
{
using (MemoryStream baos = new MemoryStream())
{
StreamWriter writer = new StreamWriter(baos);
PemWriter w = new PemWriter(writer);
w.WriteObject(x509Cert.X509Certificate);
writer.Flush();
writer.Close();
CertPEMBytes = baos.ToArray();
}
using (MemoryStream isr = new MemoryStream(CertPEMBytes))
{
StreamReader reader = new StreamReader(isr);
PemReader pr = new PemReader(reader);
PemObject po = pr.ReadPemObject();
CertDERBytes = po.Content;
}
using (MemoryStream baos = new MemoryStream())
{
StreamWriter writer = new StreamWriter(baos);
PemWriter w = new PemWriter(writer);
w.WriteObject(keyPair.PrivateKey);
writer.Flush();
writer.Close();
KeyPEMBytes = baos.ToArray();
}
}
public static void XmlConvertToPem(string xmlPath, string pemPath, bool generatePrivateKey = true)//XML格式密钥转PEM
{
var rsa2 = new RSACryptoServiceProvider();
rsa2.FromXmlString(File.ReadAllText(xmlPath));
var p = rsa2.ExportParameters(!rsa2.PublicOnly);
//Public Key Convert to Private Key
if (rsa2.PublicOnly)
{
generatePrivateKey = false;
}
AsymmetricKeyParameter key = null;
if (generatePrivateKey)
{
//Private Key
key = new RsaPrivateCrtKeyParameters(
new BigInteger(1, p.Modulus), new BigInteger(1, p.Exponent), new BigInteger(1, p.D),
new BigInteger(1, p.P), new BigInteger(1, p.Q), new BigInteger(1, p.DP), new BigInteger(1, p.DQ),
new BigInteger(1, p.InverseQ));
}
else
{
//Public key
key = new RsaKeyParameters(false, new BigInteger(1, p.Modulus), new BigInteger(1, p.Exponent)); //Public Key
}
using (var sw = new StreamWriter(pemPath))
{
var pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(sw);
pemWriter.WriteObject(key);
}
}
private void button1_Click(object sender, EventArgs e)
{
rsap = new RSACryptoServiceProvider();
var p = rsap.ExportParameters(false);
var pubkeyout = new Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters(false, new BigInteger(1, p.Modulus), new BigInteger(1, p.Exponent));
var pubbuilder = new StringBuilder();
var pubwriter = new System.IO.StringWriter(pubbuilder);
var pw = new Org.BouncyCastle.OpenSsl.PemWriter(pubwriter);
pw.WriteObject(pubkeyout);
pub_box.Text = pubbuilder.ToString();
var pv = rsap.ExportParameters(true);
var privkeyout = new Org.BouncyCastle.Crypto.Parameters.RsaPrivateCrtKeyParameters(
new BigInteger(1, pv.Modulus), new BigInteger(1, pv.Exponent), new BigInteger(1, pv.D), new BigInteger(1, pv.P), new BigInteger(1, pv.Q),
new BigInteger(1, pv.DP), new BigInteger(1, pv.DQ), new BigInteger(1, pv.InverseQ)
);
var privbuilder = new StringBuilder();
var privwriter = new System.IO.StringWriter(privbuilder);
var pvw = new Org.BouncyCastle.OpenSsl.PemWriter(privwriter);
pvw.WriteObject(privkeyout);
pv_box.Text = privbuilder.ToString();
}
/// <summary>
/// RSA密钥转Pem密钥
/// </summary>
/// <param name="RSAKey">RSA密钥</param>
/// <param name="isPrivateKey">是否是私钥</param>
/// <returns>Pem密钥</returns>
public static string RSAKeyToPem(string RSAKey, bool isPrivateKey)
{
string pemKey = string.Empty;
var rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(RSAKey);
RSAParameters rsaPara = new RSAParameters();
RsaKeyParameters key;
//RSA私钥
if (isPrivateKey)
{
rsaPara = rsa.ExportParameters(true);
key = new RsaPrivateCrtKeyParameters(
new BigInteger(1, rsaPara.Modulus), new BigInteger(1, rsaPara.Exponent), new BigInteger(1, rsaPara.D),
new BigInteger(1, rsaPara.P), new BigInteger(1, rsaPara.Q), new BigInteger(1, rsaPara.DP), new BigInteger(1, rsaPara.DQ),
new BigInteger(1, rsaPara.InverseQ));
}
//RSA公钥
else
{
rsaPara = rsa.ExportParameters(false);
key = new RsaKeyParameters(false,
new BigInteger(1, rsaPara.Modulus),
new BigInteger(1, rsaPara.Exponent));
}
using (TextWriter sw = new StringWriter())
{
var pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(sw);
pemWriter.WriteObject(key);
pemWriter.Writer.Flush();
pemKey = sw.ToString();
}
return(pemKey);
}
public static void SavePem(this X509Certificate2 @this, out string cert, out string privateKey)
{
cert = string.Empty;
privateKey = string.Empty;
try
{
if (@this.HasPrivateKey)
{
var p = @this.GetRSAPrivateKey().ExportParameters(true);
var key = new RsaPrivateCrtKeyParameters(
new Org.BouncyCastle.Math.BigInteger(1, p.Modulus), new Org.BouncyCastle.Math.BigInteger(1, p.Exponent), new Org.BouncyCastle.Math.BigInteger(1, p.D),
new Org.BouncyCastle.Math.BigInteger(1, p.P), new Org.BouncyCastle.Math.BigInteger(1, p.Q), new Org.BouncyCastle.Math.BigInteger(1, p.DP), new Org.BouncyCastle.Math.BigInteger(1, p.DQ),
new Org.BouncyCastle.Math.BigInteger(1, p.InverseQ));
using (var stringWriter = new StringWriter())
{
var pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(stringWriter);
pemWriter.WriteObject(key);
privateKey = stringWriter.GetStringBuilder().ToString();
}
}
cert = PemCertificateHelper.ExportCertificateToPEM(@this);
}
catch (Exception ex)
{
throw new Exception($"Certificate could not be saved. ", ex);
}
}
public static void SavePem(this X509Certificate2 @this, string certFile, string privateKeyFile = null)
{
try
{
Directory.CreateDirectory(Path.GetDirectoryName(certFile));
if (!string.IsNullOrEmpty(privateKeyFile) && @this.HasPrivateKey)
{
Directory.CreateDirectory(Path.GetDirectoryName(privateKeyFile));
var p = @this.GetRSAPrivateKey().ExportParameters(true);
var key = new RsaPrivateCrtKeyParameters(
new Org.BouncyCastle.Math.BigInteger(1, p.Modulus), new Org.BouncyCastle.Math.BigInteger(1, p.Exponent), new Org.BouncyCastle.Math.BigInteger(1, p.D),
new Org.BouncyCastle.Math.BigInteger(1, p.P), new Org.BouncyCastle.Math.BigInteger(1, p.Q), new Org.BouncyCastle.Math.BigInteger(1, p.DP), new Org.BouncyCastle.Math.BigInteger(1, p.DQ),
new Org.BouncyCastle.Math.BigInteger(1, p.InverseQ));
using (var sw = new StreamWriter(privateKeyFile))
{
var pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(sw);
pemWriter.WriteObject(key);
}
}
File.WriteAllText(certFile, PemCertificateHelper.ExportCertificateToPEM(@this));
}
catch (Exception ex)
{
throw new Exception($"Certificate could not be saved. cert: {certFile} - key: {privateKeyFile}", ex);
}
}
} // End Function GenerateRsaKeyPair
public static void WritePrivatePublic(Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair keyPair)
{
string privateKey = null;
string publicKey = null;
// id_rsa
using (System.IO.TextWriter textWriter = new System.IO.StringWriter())
{
Org.BouncyCastle.OpenSsl.PemWriter pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(textWriter);
pemWriter.WriteObject(keyPair.Private);
pemWriter.Writer.Flush();
privateKey = textWriter.ToString();
} // End Using textWriter
// id_rsa.pub
using (System.IO.TextWriter textWriter = new System.IO.StringWriter())
{
Org.BouncyCastle.OpenSsl.PemWriter pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(textWriter);
pemWriter.WriteObject(keyPair.Public);
pemWriter.Writer.Flush();
publicKey = textWriter.ToString();
} // End Using textWriter
System.Console.WriteLine(privateKey);
System.Console.WriteLine(publicKey);
} // End Sub WritePrivatePublic
/// <summary>
/// Converts a PEM-encodable object into a string with the header provided "PUBLIC KEY", "CERTIFICATE", etc.
/// </summary>
/// <param name="header">PEM header</param>
/// <param name="obj">Object to be PEM encoded (only some objects are encodable)</param>
/// <returns>PEM encoded object</returns>
private static string DerToPem(string header, object obj)
{
var stream = new StringWriter();
Org.BouncyCastle.OpenSsl.PemWriter writer = new Org.BouncyCastle.OpenSsl.PemWriter(stream);
writer.WriteObject(obj);
writer.Writer.Flush();
return(stream.ToString());
}
private static string GimmeKey(AsymmetricKeyParameter key)
{
var sb = new StringBuilder();
using (var prvSw = new StringWriter(sb)) {
var pmw = new Org.BouncyCastle.OpenSsl.PemWriter(prvSw);
pmw.WriteObject(key);
}
return sb.ToString();
}
public static string GetPemTextFromPublicKey(AsymmetricCipherKeyPair keys)
{
TextWriter textWriter = new StringWriter();
var pemWriter = new PemWriter(textWriter);
pemWriter.WriteObject(keys.Public);
pemWriter.Writer.Flush();
return(textWriter.ToString());
}
internal static void WritePEMObject(string fileName, Object pemObject)
{
var stream = new StreamWriter(fileName, false);
Org.BouncyCastle.OpenSsl.PemWriter writer = new Org.BouncyCastle.OpenSsl.PemWriter(stream);
writer.WriteObject(pemObject);
writer.Writer.Flush();
stream.Close();
}
private static string GimmeKey(AsymmetricKeyParameter key)
{
var sb = new StringBuilder();
using (var prvSw = new StringWriter(sb)) {
var pmw = new Org.BouncyCastle.OpenSsl.PemWriter(prvSw);
pmw.WriteObject(key);
}
return(sb.ToString());
}
public string GetAsPem(IEcKey key)
{
string keyHeader = key.IsPrivateKey ? "EC PRIVATE KEY" : "PUBLIC KEY";
var pemObject = new PemObject(keyHeader, key.Content);
var pemWriter = new PemWriter(new StringWriter());
pemWriter.WriteObject(pemObject);
return(pemWriter.Writer.ToString());
}
public static string GetPemTextFromCertificate(X509Certificate cert)
{
TextWriter textWriter = new StringWriter();
var pemWriter = new PemWriter(textWriter);
PemObjectGenerator pog = new PemObject("CERTIFICATE", cert.GetRawCertData());
pemWriter.WriteObject(pog);
pemWriter.Writer.Flush();
return(textWriter.ToString());
}
/// <summary>
/// Helper function for PEM encoding
/// </summary>
/// <param name="obj"></param>
/// <returns></returns>
public string GetPem(object obj, string?password = null)
{
string pem;
using (var tw = new StringWriter())
{
var pw = new bc.OpenSsl.PemWriter(tw);
if (string.IsNullOrEmpty(password))
{
pw.WriteObject(obj);
}
else
{
pw.WriteObject(obj, "AES-256-CBC", password.ToCharArray(), new bc.Security.SecureRandom());
}
pem = tw.GetStringBuilder().ToString();
tw.GetStringBuilder().Clear();
}
return(pem);
}
public string getCSRWithHeaders()
{
Pkcs10CertificationRequest pkcs10CertificationRequest = new Pkcs10CertificationRequest(Convert.FromBase64String(csr));
System.Text.StringBuilder stringBuilder = new System.Text.StringBuilder();
System.IO.StringWriter stringWriter = new System.IO.StringWriter(stringBuilder);
Org.BouncyCastle.OpenSsl.PemWriter pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(stringWriter);
pemWriter.WriteObject(pkcs10CertificationRequest);
pemWriter.Writer.Flush();
return(stringBuilder.ToString());
}
public static string ToPem(string type, byte[] encoded)
{
using (var writer = new StringWriter())
{
var pemObject = new PemObject(type, encoded);
var pemWriter = new PemWriter(writer);
pemWriter.WriteObject(pemObject);
return(writer.ToString());
}
}
private static byte[] ExportToPEMKey(X509Certificate2 cert)
{
AsymmetricCipherKeyPair keyPair = DotNetUtilities.GetRsaKeyPair(cert.GetRSAPrivateKey());
using (StringWriter str = new StringWriter())
{
PemWriter pw = new PemWriter(str);
pw.WriteObject(keyPair.Private);
str.Flush();
return(str.ToString().ToBytes());
}
}
/// <summary>
/// Helper function for PEM encoding
/// </summary>
/// <param name="obj"></param>
/// <returns></returns>
private string GetPem(object obj)
{
string pem;
using (var tw = new StringWriter())
{
var pw = new bc.OpenSsl.PemWriter(tw);
pw.WriteObject(obj);
pem = tw.GetStringBuilder().ToString();
tw.GetStringBuilder().Clear();
}
return(pem);
}
internal static void WritePEMObjects(string fileName, Object[] pemObjects)
{
var stream = new StreamWriter(fileName, false);
Org.BouncyCastle.OpenSsl.PemWriter writer = new Org.BouncyCastle.OpenSsl.PemWriter(stream);
foreach (var o in pemObjects)
{
writer.WriteObject(o);
}
writer.Writer.Flush();
stream.Close();
}
} // End Sub GenerateRsaKeyPair
public static void WritePrivatePublic(Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair keyPair)
{
string privateKey = null;
string publicKey = null;
string bothKeys = null;
// id_rsa
using (System.IO.TextWriter textWriter = new System.IO.StringWriter())
{
Org.BouncyCastle.OpenSsl.PemWriter pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(textWriter);
pemWriter.WriteObject(keyPair.Private);
pemWriter.Writer.Flush();
privateKey = textWriter.ToString();
} // End Using textWriter
// id_rsa.pub
using (System.IO.TextWriter textWriter = new System.IO.StringWriter())
{
Org.BouncyCastle.OpenSsl.PemWriter pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(textWriter);
pemWriter.WriteObject(keyPair.Public);
pemWriter.Writer.Flush();
publicKey = textWriter.ToString();
} // End Using textWriter
// // This writes the same as private key, not both
//using (System.IO.TextWriter textWriter = new System.IO.StringWriter())
//{
// Org.BouncyCastle.OpenSsl.PemWriter pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(textWriter);
// pemWriter.WriteObject(keyPair);
// pemWriter.Writer.Flush();
// bothKeys = textWriter.ToString();
//} // End Using textWriter
System.Console.WriteLine(privateKey);
System.Console.WriteLine(publicKey);
//System.Console.WriteLine(bothKeys);
// Org.BouncyCastle.Crypto.AsymmetricKeyParameter pk = ReadPrivateKey(privateKey);
// Org.BouncyCastle.Crypto.AsymmetricKeyParameter pubKey = ReadPublicKey(publicKey);
// ReadPublicKey(privateKey); // Cannot read this
// ReadPrivateKey(publicKey); // Cannot read this either...
// CerKeyInfo(keyPair);
} // End Sub WritePrivatePublic
public ClientCertificateWithKey(byte[] pkcs12data, string password)
{
if (pkcs12data == null || pkcs12data.Length == 0)
{
throw new ArgumentException("No PKCS#12 data specified", nameof(pkcs12data));
}
var inputKeyStore = new Pkcs12Store();
try
{
using (var ms = new MemoryStream(pkcs12data))
{
inputKeyStore.Load(ms, string.IsNullOrEmpty(password) ? new char[0] : password.ToCharArray());
}
}
catch (IOException ex)
{
throw new AuthenticationException("Parsing of the PKCS#12 data failed", ex);
}
catch (Exception)
{
throw;
}
var keyAlias = inputKeyStore.Aliases.Cast <string>().FirstOrDefault(n => inputKeyStore.IsKeyEntry(n));
if (keyAlias == null)
{
throw new InvalidDataException("No private key found in PKCS12 data");
}
var bcert = inputKeyStore.GetCertificate(keyAlias);
this.Certificate = new X509Certificate2(bcert.Certificate.GetEncoded());
var ck = inputKeyStore.GetKey(keyAlias);
var ecpk = ck.Key as ECPrivateKeyParameters;
this.Key = ecpk.D.ToByteArrayUnsigned();
var sb = new StringBuilder();
TextWriter tw = new StringWriter(sb);
var pw = new Org.BouncyCastle.OpenSsl.PemWriter(tw);
pw.WriteObject(ecpk);
this.Key = Encoding.ASCII.GetBytes(sb.ToString());
}
public static void Xml2PemPrivate(string xml, string saveFile)
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(xml);
RSAParameters p = rsa.ExportParameters(true);
RsaPrivateCrtKeyParameters key = new RsaPrivateCrtKeyParameters(new BigInteger(1, p.Modulus), new BigInteger(1, p.Exponent), new BigInteger(1, p.D), new BigInteger(1, p.P), new BigInteger(1, p.Q), new BigInteger(1, p.DP), new BigInteger(1, p.DQ), new BigInteger(1, p.InverseQ));
using (StreamWriter sw = new StreamWriter(saveFile))
{
Org.BouncyCastle.OpenSsl.PemWriter pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(sw);
pemWriter.WriteObject(key);
}
}
/// <summary>
/// Creates a new X509 certificate and returns its data in PEM format.
///
/// <see cref="PatchingCertificatePem"/> is generated using this method.
/// </summary>
public string GenerateNewCertificatePem()
{
var randomGenerator = new CryptoApiRandomGenerator();
var random = new SecureRandom(randomGenerator);
var certificateGenerator = new X509V3CertificateGenerator();
var serialNumber = BigIntegers.CreateRandomInRange(BigInteger.One, BigInteger.ValueOf(Int64.MaxValue), random);
certificateGenerator.SetSerialNumber(serialNumber);
// TODO: Figure out ISignatureFactory to avoid these deprecated methods
#pragma warning disable 618
certificateGenerator.SetSignatureAlgorithm("SHA256WithRSA");
#pragma warning restore 618
var subjectDn = new X509Name("cn=Unknown");
var issuerDn = subjectDn;
certificateGenerator.SetIssuerDN(issuerDn);
certificateGenerator.SetSubjectDN(subjectDn);
certificateGenerator.SetNotBefore(DateTime.UtcNow.Date.AddYears(-10));
certificateGenerator.SetNotAfter(DateTime.UtcNow.Date.AddYears(50));
var keyGenerationParameters = new KeyGenerationParameters(random, 2048);
var keyPairGenerator = new RsaKeyPairGenerator();
keyPairGenerator.Init(keyGenerationParameters);
var subjectKeyPair = keyPairGenerator.GenerateKeyPair();
certificateGenerator.SetPublicKey(subjectKeyPair.Public);
// TODO: Figure out ISignatureFactory to avoid these deprecated methods
#pragma warning disable 618
X509Certificate cert = certificateGenerator.Generate(subjectKeyPair.Private);
#pragma warning restore 618
using var writer = new StringWriter();
var pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(writer);
pemWriter.WriteObject(new PemObject("CERTIFICATE", cert.GetEncoded()));
pemWriter.WriteObject(subjectKeyPair.Private);
return(writer.ToString());
}
public static string Xml2PemPublic(string xml, string saveFile)
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(xml);
RSAParameters p = rsa.ExportParameters(false);
RsaKeyParameters key = new RsaKeyParameters(false, new BigInteger(1, p.Modulus), new BigInteger(1, p.Exponent));
using (StreamWriter sw = new StreamWriter(saveFile))
{
Org.BouncyCastle.OpenSsl.PemWriter pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(sw);
pemWriter.WriteObject(key);
}
return(System.IO.File.ReadAllText(saveFile));
}
public static string GetPemPublicKey(X509Certificate2 cert)
{
var x509CertificateParser = new Org.BouncyCastle.X509.X509CertificateParser();
var bcCert = x509CertificateParser.ReadCertificate(cert.RawData);
var asymmetricKeyParameter = bcCert.GetPublicKey();
var stringWrite = new StringWriter();
var pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(stringWrite);
pemWriter.WriteObject(asymmetricKeyParameter);
stringWrite.Close();
return(stringWrite.ToString());
}
public static string XmlPublicKeyToPemg(string publicKey)
{
var rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(publicKey);
var p = rsa.ExportParameters(false);
var key = new RsaKeyParameters(false, new BigInteger(1, p.Modulus), new BigInteger(1, p.Exponent));
using (var sw = new StringWriter())
{
var pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(sw);
pemWriter.WriteObject(key);
return(sw.ToString());
}
}
} // End Sub WritePrivatePublic
public static string StringifyAsymmetricKey(Org.BouncyCastle.Crypto.AsymmetricKeyParameter privateOrPublicKey)
{
string key = null;
using (System.IO.TextWriter textWriter = new System.IO.StringWriter())
{
Org.BouncyCastle.OpenSsl.PemWriter pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(textWriter);
pemWriter.WriteObject(privateOrPublicKey);
pemWriter.Writer.Flush();
key = textWriter.ToString();
} // End Using textWriter
return(key);
} // End Function StringifyAsymmetricKey