stackoom
  简体   繁体   中英

RSAParameters to pfx (X509Certificate2) conversion

 原文  2013-07-05 12:19:26       c#/ .net/ security/ pfx/ rsacryptoserviceprovider

Question

I want to create a pfx file from keys created by RSACryptoServiceProvider . I tried: 

certificate.PrivateKey =  rsa as AsymmetricAlgorithm;

which is the reverse of: 

rsa = (RSACryptoServiceProvider)certificate.PrivateKey;

which seems to work (the second, that is). But got the following error:

m_safeCertContext is an invalid handle.

I tried some things using RSAParameters - but to no avail.

1 answers

solution1
 0  2019-04-23 12:18:23

You can use Bouncy Castle to do it: 

private static byte[] MergePFXFromPrivateAndCertificate(RSAParameters privateKey, X509Certificate2 certificate, string pfxPassPhrase)
{
    RsaPrivateCrtKeyParameters rsaParam = new RsaPrivateCrtKeyParameters(
        ParseAsUnsignedBigInteger(privateKey.Modulus),
        ParseAsUnsignedBigInteger(privateKey.Exponent),
        ParseAsUnsignedBigInteger(privateKey.D),
        ParseAsUnsignedBigInteger(privateKey.P),
        ParseAsUnsignedBigInteger(privateKey.Q),
        ParseAsUnsignedBigInteger(privateKey.DP),
        ParseAsUnsignedBigInteger(privateKey.DQ),
        ParseAsUnsignedBigInteger(privateKey.InverseQ)
    );

    Org.BouncyCastle.X509.X509Certificate bcCert = new Org.BouncyCastle.X509.X509CertificateParser().ReadCertificate(certificate.RawData);

    MemoryStream p12Stream = new MemoryStream();
    Pkcs12Store p12 = new Pkcs12Store();
    p12.SetKeyEntry("key", new AsymmetricKeyEntry(rsaParam), new X509CertificateEntry[] { new X509CertificateEntry(bcCert) });
    p12.Save(p12Stream, pfxPassPhrase.ToCharArray(), new SecureRandom());

    return p12Stream.ToArray();
}

private static BigInteger ParseAsUnsignedBigInteger(byte[] rawUnsignedNumber)
{
    return new BigInteger(1, rawUnsignedNumber, 0, rawUnsignedNumber.Length);
}

You will need the following namespaces: 

using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Pkcs;
using Org.BouncyCastle.Security;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question RemoteCertificateValidationCallback with X509Certificate2 X509Certificate2 to EccKey X509Certificate2 Info Create X509Certificate2 from Cert and Key, without making a PFX file “An internal error occurred.” when loading pfx file with X509Certificate2 how do I create a pfx compatible with X509Certificate2 with openssl Why does self signed PFX X509Certificate2 private key raise a NotSupportedException? Get "The server mode SSL must use a certificate with the associated private key." error in X509Certificate2 by use .cer instead of .pfx X509Certificate2 to X509Certificate on Windows Phone 8 Retrieving issuer of a X509Certificate2 object
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM