stackoom
  简体   繁体   中英

Storing private key and certificate (.pem) on android/iOS Keystore C#

 原文  2020-07-09 00:08:23       c#/ xamarin/ keychain/ client-certificates/ android-keystore

Question

I would like to create an asymmetric keypair on a client device (an iOS or Android phone running Xamarin.Forms) and create a Certificate Signing Request to be sent to an ASP.NET Core Restful API on a linux server running my database. To do so, I am using the Portable Bouncy Castle and the net core version on the API.

The CSR sent would be signed by a custom CA through the WebAPI and added to a Certificate Table on my DB, such that when the device sends a GET request, it can retrieve it (a one time activation key is used to authenticate the post of the csr as well as retrieval of the signed certificate).

Using this , I have created a Private Key and CSR request, and converted the csr into a string that can be Posted to the API. When the API receives this, it places it in a text file that the script accesses to sign it using the CA certificate and CA key, creating a client-cert.pem file. This would be read as text and stored on the database so that the device can retrieve it.

After this point, I would like to store the Certificate and the Private Key in the device's Keystore, however as I am using Bouncy Castle to create the Keypair, it is in the type AsymmetricCipherKeyPair.

How would I go about storing these items in the Keystore such that it could be accessed to authenticate the client when connecting to the DB? I am currently unsure how Xamarin.Forms handles Keystores and how to store keys/certificates within them.

1 answers

solution1
 1 ACCPTED  2020-07-09 02:47:17

If you can find a way to convert AsymmetricCipherKeyPair to string, you can use Xamarin.Essentials: Secure Storage to store those keys in the KeyStore:

To save a value for a given key in secure storage:

try
{
  await SecureStorage.SetAsync("oauth_token", "secret-oauth-token-value");
}
catch (Exception ex)
{
  // Possible that device doesn't support secure storage on device.
}

To retrieve a value from secure storage:

try
{
  var oauthToken = await SecureStorage.GetAsync("oauth_token");
}
catch (Exception ex)
{
  // Possible that device doesn't support secure storage on device.
}

Refer: AsymmetricCipherKeyPair and /bouncy-castle-rsa-transforming-keys-into-a-string-format

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question C# Extract public key from RSA PEM private key .pem private key to X509Certificate2 Read ECC private key PEM into AsymmetricCipherKeyPair c# bouncy castle how to hash the value using private key in .pem file in C# Using PEM file with multiple certificate and Private Key How can I use an X.509 certificate with private key from the android keychain in C#/Xamarin? C# verify server certificate with .pem file Adding a private key to X509Certificate2 - C# Combining Public Certificate with Private RSA Key in C# Providing an EC private key to certificate for use in HttpClient C#
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM