-
-
Notifications
You must be signed in to change notification settings - Fork 14
/
CertificateFromFileProvider.cs
93 lines (83 loc) · 3.66 KB
/
CertificateFromFileProvider.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
using JetBrains.Annotations;
using OpenSSL.PrivateKeyDecoder;
using System;
using System.Security;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
namespace OpenSSL.X509Certificate2Provider
{
/// <summary>
/// CertificateFromFileProvider
/// </summary>
[PublicAPI]
public class CertificateFromFileProvider : BaseCertificateProvider, ICertificateProvider
{
/// <summary>
/// Initializes a new instance of the <see cref="CertificateFromFileProvider"/> class.
/// </summary>
/// <param name="certificateText">The certificate or public key text.</param>
/// <param name="privateKeyText">The private (rsa) key text.</param>
/// <param name="securePassword">The optional securePassword to decrypt the private key.</param>
public CertificateFromFileProvider([NotNull] string certificateText, [NotNull] string privateKeyText, [NotNull] SecureString securePassword) :
this(certificateText, privateKeyText, false, securePassword)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="CertificateFromFileProvider"/> class.
/// </summary>
/// <param name="certificateText">The certificate or public key text.</param>
/// <param name="privateKeyText">The private (rsa) key text.</param>
/// <param name="useKeyContainer">Store the private key in a key container. <see href="https://docs.microsoft.com/en-us/dotnet/standard/security/how-to-store-asymmetric-keys-in-a-key-container" /></param>
/// <param name="securePassword">The optional securePassword to decrypt the private key.</param>
/// <exception cref="ArgumentNullException">certificateText or privateKeyText</exception>
public CertificateFromFileProvider([NotNull] string certificateText, [NotNull] string privateKeyText, bool useKeyContainer = false, [CanBeNull] SecureString securePassword = null)
{
if (certificateText == null)
{
throw new ArgumentNullException(nameof(certificateText));
}
if (privateKeyText == null)
{
throw new ArgumentNullException(nameof(privateKeyText));
}
Certificate = new X509Certificate2(GetPublicKeyBytes(certificateText));
#if NETSTANDARD
PublicKey = Certificate.GetRSAPublicKey();
#else
PublicKey = (RSACryptoServiceProvider)Certificate.PublicKey.Key;
#endif
IOpenSSLPrivateKeyDecoder decoder = new OpenSSLPrivateKeyDecoder();
var privateKey = decoder.Decode(privateKeyText, securePassword);
if (useKeyContainer)
{
var cspParameters = new CspParameters { KeyContainerName = $"{{{Guid.NewGuid()}}}" };
var cspPrivateKey = new RSACryptoServiceProvider(cspParameters);
cspPrivateKey.ImportParameters(privateKey.ExportParameters(true));
PrivateKey = cspPrivateKey;
}
else
{
PrivateKey = privateKey;
}
#if !NETSTANDARD
Certificate.PrivateKey = PrivateKey;
#endif
}
/// <summary>
/// Gets the generated X509Certificate2 object.
/// </summary>
public X509Certificate2 Certificate { get; }
/// <summary>
/// Gets the PrivateKey object.
/// </summary>
public RSACryptoServiceProvider PrivateKey { get; }
/// <summary>
/// Gets the PublicKey object.
/// </summary>
#if NETSTANDARD
public RSA PublicKey { get; }
#else
public RSACryptoServiceProvider PublicKey { get; }
#endif
}
}