我目前可以使用OpenSSL使用以下命令从PFX文件中提取私钥:
openssl pkcs12 -in filename.pfx -nocerts -out privateKey.pem
openssl.exe rsa -in privateKey.pem -out private.pem
private.pem文件以
---BEGIN RSA PRIVATE KEY---开头,以---END RSA PRIVATE KEY---结尾我想使用.NET库或Bouncy CaSTLe库在C#中执行相同的操作。
我该怎么做呢?
最佳答案
这就是对我有用的。也应该为您工作:
using System;
using System.IO;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.OpenSsl;
using Org.BouncyCastle.Security;
namespace SO6258771
{
class Program
{
static void Main()
{
// Load your certificate from file
X509Certificate2 certificate = new X509Certificate2("filename.pfx", "password", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet);
// Now you have your private key in binary form as you wanted
// You can use rsa.ExportParameters() or rsa.ExportCspBlob() to get you bytes
// depending on format you need them in
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)certificate.PrivateKey;
// Just for lulz, let's write out the PEM representation of the private key
// using Bouncy Castle, so that we are 100% sure that the result is exaclty the same as:
// openssl pkcs12 -in filename.pfx -nocerts -out privateKey.pem
// openssl.exe rsa -in privateKey.pem -out private.pem
// You should of course dispose of / close the streams properly. I'm skipping this part for brevity
MemoryStream memoryStream = new MemoryStream();
TextWriter streamWriter = new StreamWriter(memoryStream);
PemWriter pemWriter = new PemWriter(streamWriter);
AsymmetricCipherKeyPair keyPair = DotNetUtilities.GetRsaKeyPair(rsa);
pemWriter.WriteObject(keyPair.Private);
streamWriter.Flush();
// Here is the output with ---BEGIN RSA PRIVATE KEY---
// that should be exactly the same as in private.pem
Console.Write(Encoding.ASCII.GetString(memoryStream.GetBuffer()));
}
}
}
关于.net - 提取C#中的私钥字节,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/6258771/