/* $Id: KeyCertsAsStrings.cs $ */ /* Example code using base64/PEM strings instead of filename for private keys and X.509 certificates. That is, you can pass a string directly instead of a filename for the `keyFile` or `certFile` argument. For example, certFile = "mycert.cer"; // A file or certFile = "MIICLDCCAZWgAwIBAgIQRjRrx4AA..."; */ using System; using System.Text; using System.Diagnostics; using CryptoSysPKI; namespace PKI_keycerts_as_strings { class KeyCertsAsStrings { static void Main(string[] args) { Console.WriteLine("PKI Version={0}", General.Version()); // Encrypted private key with password 'password' string epkStr = "-----BEGIN ENCRYPTED PRIVATE KEY-----" + "MIICojAcBgoqhkiG9w0BDAEDMA4ECHPQz6NdAmoFAgIH0ASCAoBKn9KXr+dm" + "Vtc0ZhEog7t3Prs4rJazwUsXExU78ePLMquxLi/cPmqtyjb472r6XUOa9J/v" + "g2gYHlJ7D7FfAdTdVbHmXWfZzdIqI+AKZmrMoIfSVSSrI8mLDXLDgJVm2Gxa" + "r/YJ154L4fwqWjj0b06v8nTrXTp7G3ZSxjmXc3auf8tS1RatpDuSn027jBGt" + "Pg2CGPjeSomOU7Efd89R+gryW3RfXaMEv1TtGmdS+szxN4TAzgFTzjzE7qJ2" + "+WL09hBRxSyi5JybbxblrO5zDbGJD8rq4kGawWUj4PYDpOkxQYQyK/cALEvv" + "EipLeWvk03CadKER3EcpL7wQT3N5wJGNx7GR3efkO7lO/VfGf6kYFsJ8Qt94" + "vBlgq84abgSD+rlRX03re/NLJQ00Qxl3bDrkSiRoXSfBiOeVzBVTsh03Sj4B" + "V0v2KLENsMXr40rMqTGfKD3V+FyYUehWEkEl3NrIVpBSJir+g4H3tl76SdNe" + "mq/cTtQP+EY8fpC3I46dyDXFat3wQfubw+E5nGfv7xp6vRVRRolpZx7DpuB/" + "z1tzO3uP0vJ0pjATriO/ZAVs6UrXx+DJ6XsfrAVt0jpW5Ngr8rm2EiD3/1T9" + "7q1dELJ7GzCY1dG99XVjt9ZXb7cI8zsPpT/gzQJLfeLe3U5Mdw0hKZLfPCex" + "0urs3ytK0XNu+jZAYeSaysG8/rHJaH74WOgJ8gnSPY4QtWsu6+3qBErS2jbq" + "7E2jRvBKWICVd1yiQCDq/c6s9LeYhNhZsmcWxuX9b4lG9f1LHZy0djhIYi4x" + "IpcEfjkTH+7zUOkMQ+fXZHtSEVFt9L2Ci49jB8YReqbfOuDFzzwsk3xxfL2h" + "ZoRK" + "-----END ENCRYPTED PRIVATE KEY-----"; StringBuilder sbKey = Rsa.ReadPrivateKey(epkStr, "password"); Debug.Assert(sbKey.Length > 0, "Failed to read encrypted private key"); Console.WriteLine("Private key is " + Rsa.KeyBits(sbKey.ToString()) + " bits long"); Console.WriteLine("KeyHashCode={0,8:X}", Rsa.KeyHashCode(sbKey.ToString())); // Same again but with unencrypted key string priStr = "-----BEGIN PRIVATE KEY-----" + "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAOCJczmN2PX16Id2" + "OX9OsAW7U4PeD7er3H3HdSkNBS5tEt+mhibU0m+qWCn8l+z6glEPMIC+sVCeRkTx" + "LLvYMs/GaG8H2bBgrL7uNAlqE/X3BQWT3166NVbZYf8Zf8mB5vhs6odAcO+sbSx0" + "ny36VTq5mXcCpkhSjE7zVzhXdFdfAgMBAAECgYAApAPDJ0d2NDRspoa1eUkBSy6K" + "0shissfXSAlqi5H3NvJ11ujNFZBgJzFHNWRNlc1nY860n1asLzduHO4Ovygt9DmQ" + "bzTYbghb1WVq2EHzE9ctOV7+M8v/KeQDCz0Foo+38Y6idjeweVfTLyvehwYifQRm" + "Xskbr4saw+yRRKt/IQJBAPbW4CIhTF8KcP8n/OWzUGqd5Q+1hZbGQPqoCrSbmwxV" + "wgEd+TeCihTI8pMOks2lZiG5PNIGv7RVMcncrcqYLdECQQDo3rARJQnSAlEB3oro" + "mFD1d3dhpEWTawhVlnNd9MhbEpMic4t/03B/9aSqu3T9PCJq2jiRKoZbbBTorkye" + "+o4vAkEAl0zwh5sXf+4bgxsUtgtqkF+GJ1Hht6B/9eSI41m5+R6b0yl3OCJI1yKx" + "JZi6PVlTt/oeILLIURYjdZNR56vN8QJALPAkW/qgzYUi6tBuT/pszSHTyOTxhERI" + "ZHPXKY9+RozsFd7kUbOU5yyZLVVleyTqo2IfPmxNZ0ERO+G+6YMCgwJAWIjZoVA4" + "hGqrA7y730v0nG+4tCol+/bkBS9u4oiJIW9LJZ7Qq1CTyr9AcewhJcV/+wLpIZa4" + "M83ixpXub41fKA==" + "-----END PRIVATE KEY-----"; // NB No password StringBuilder sbKey1 = Rsa.ReadPrivateKey(priStr, ""); Debug.Assert(sbKey1.Length > 0, "Failed to read private key"); Console.WriteLine("Private key is " + Rsa.KeyBits(sbKey1.ToString()) + " bits long"); Console.WriteLine("KeyHashCode={0,8:X}", Rsa.KeyHashCode(sbKey1.ToString())); // Corresponding X.509 certificate as base64 string // No need for '-----BEGIN CERTIFICATE-----' for certificate // (but required for private key) string certStr = "MIICLDCCAZWgAwIBAgIQRjRrx4AAVrwR024uxBCzsDANBgkqhkiG9w0BAQUFADAS" + "MRAwDgYDVQQDEwdDYXJsUlNBMB4XDTk5MDkxOTAxMDg0N1oXDTM5MTIzMTIzNTk1" + "OVowEzERMA8GA1UEAxMIQWxpY2VSU0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ" + "AoGBAOCJczmN2PX16Id2OX9OsAW7U4PeD7er3H3HdSkNBS5tEt+mhibU0m+qWCn8" + "l+z6glEPMIC+sVCeRkTxLLvYMs/GaG8H2bBgrL7uNAlqE/X3BQWT3166NVbZYf8Z" + "f8mB5vhs6odAcO+sbSx0ny36VTq5mXcCpkhSjE7zVzhXdFdfAgMBAAGjgYEwfzAM" + "BgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBTp4JAnrHgg" + "eprTTPJCN04irp44uzAdBgNVHQ4EFgQUd9K00bdMioqjzkWdzuw8oDrj/1AwHwYD" + "VR0RBBgwFoEUQWxpY2VSU0FAZXhhbXBsZS5jb20wDQYJKoZIhvcNAQEFBQADgYEA" + "PnBHqEjME1iPylFxa042GF0EfoCxjU3MyqOPzH1WyLzPbrMcWakgqgWBqE4lradw" + "FHUv9ceb0Q7pY9Jkt8ZmbnMhVN/0uiVdfUnTlGsiNnRzuErsL2Tt0z3Sp0LF6DeK" + "tNufZ+S9n/n+dO/q+e5jatg/SyUJtdgadq7rm9tJsCI="; // No need for StringBuilder for public key; use an ordinary string string pubKey = Rsa.ReadPublicKey(certStr).ToString(); Debug.Assert(pubKey.Length > 0, "Failed to read X.509 certificate"); Console.WriteLine("Public key is " + Rsa.KeyBits(pubKey) + " bits long"); Console.WriteLine("KeyHashCode={0,8:X}", Rsa.KeyHashCode(pubKey)); // Show that private key and certificate are matched int r = Rsa.KeyMatch(sbKey1.ToString(), pubKey); Console.WriteLine("Rsa.KeyMatch() returns {0} (expected 0)", r); Debug.Assert(0 == r, "Rsa.KeyMatch failed"); // Clean up private key StringBuilders Wipe.String(sbKey); Wipe.String(sbKey1); } } }