/* $Id: KeyCertsAsStrings.cs $ */
/* Example code using base64/PEM strings instead of filename for private keys and X.509 certificates.
That is, you can pass a string directly instead of a filename for the `keyFile` or `certFile` argument.
For example,
certFile = "mycert.cer"; // A file
or
certFile = "MIICLDCCAZWgAwIBAgIQRjRrx4AA...";
*/
using System;
using System.Text;
using System.Diagnostics;
using CryptoSysPKI;
namespace PKI_keycerts_as_strings
{
class KeyCertsAsStrings
{
static void Main(string[] args)
{
Console.WriteLine("PKI Version={0}", General.Version());
// Encrypted private key with password 'password'
string epkStr = "-----BEGIN ENCRYPTED PRIVATE KEY-----" +
"MIICojAcBgoqhkiG9w0BDAEDMA4ECHPQz6NdAmoFAgIH0ASCAoBKn9KXr+dm" +
"Vtc0ZhEog7t3Prs4rJazwUsXExU78ePLMquxLi/cPmqtyjb472r6XUOa9J/v" +
"g2gYHlJ7D7FfAdTdVbHmXWfZzdIqI+AKZmrMoIfSVSSrI8mLDXLDgJVm2Gxa" +
"r/YJ154L4fwqWjj0b06v8nTrXTp7G3ZSxjmXc3auf8tS1RatpDuSn027jBGt" +
"Pg2CGPjeSomOU7Efd89R+gryW3RfXaMEv1TtGmdS+szxN4TAzgFTzjzE7qJ2" +
"+WL09hBRxSyi5JybbxblrO5zDbGJD8rq4kGawWUj4PYDpOkxQYQyK/cALEvv" +
"EipLeWvk03CadKER3EcpL7wQT3N5wJGNx7GR3efkO7lO/VfGf6kYFsJ8Qt94" +
"vBlgq84abgSD+rlRX03re/NLJQ00Qxl3bDrkSiRoXSfBiOeVzBVTsh03Sj4B" +
"V0v2KLENsMXr40rMqTGfKD3V+FyYUehWEkEl3NrIVpBSJir+g4H3tl76SdNe" +
"mq/cTtQP+EY8fpC3I46dyDXFat3wQfubw+E5nGfv7xp6vRVRRolpZx7DpuB/" +
"z1tzO3uP0vJ0pjATriO/ZAVs6UrXx+DJ6XsfrAVt0jpW5Ngr8rm2EiD3/1T9" +
"7q1dELJ7GzCY1dG99XVjt9ZXb7cI8zsPpT/gzQJLfeLe3U5Mdw0hKZLfPCex" +
"0urs3ytK0XNu+jZAYeSaysG8/rHJaH74WOgJ8gnSPY4QtWsu6+3qBErS2jbq" +
"7E2jRvBKWICVd1yiQCDq/c6s9LeYhNhZsmcWxuX9b4lG9f1LHZy0djhIYi4x" +
"IpcEfjkTH+7zUOkMQ+fXZHtSEVFt9L2Ci49jB8YReqbfOuDFzzwsk3xxfL2h" +
"ZoRK" +
"-----END ENCRYPTED PRIVATE KEY-----";
StringBuilder sbKey = Rsa.ReadPrivateKey(epkStr, "password");
Debug.Assert(sbKey.Length > 0, "Failed to read encrypted private key");
Console.WriteLine("Private key is " + Rsa.KeyBits(sbKey.ToString()) + " bits long");
Console.WriteLine("KeyHashCode={0,8:X}", Rsa.KeyHashCode(sbKey.ToString()));
// Same again but with unencrypted key
string priStr =
"-----BEGIN PRIVATE KEY-----" +
"MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAOCJczmN2PX16Id2" +
"OX9OsAW7U4PeD7er3H3HdSkNBS5tEt+mhibU0m+qWCn8l+z6glEPMIC+sVCeRkTx" +
"LLvYMs/GaG8H2bBgrL7uNAlqE/X3BQWT3166NVbZYf8Zf8mB5vhs6odAcO+sbSx0" +
"ny36VTq5mXcCpkhSjE7zVzhXdFdfAgMBAAECgYAApAPDJ0d2NDRspoa1eUkBSy6K" +
"0shissfXSAlqi5H3NvJ11ujNFZBgJzFHNWRNlc1nY860n1asLzduHO4Ovygt9DmQ" +
"bzTYbghb1WVq2EHzE9ctOV7+M8v/KeQDCz0Foo+38Y6idjeweVfTLyvehwYifQRm" +
"Xskbr4saw+yRRKt/IQJBAPbW4CIhTF8KcP8n/OWzUGqd5Q+1hZbGQPqoCrSbmwxV" +
"wgEd+TeCihTI8pMOks2lZiG5PNIGv7RVMcncrcqYLdECQQDo3rARJQnSAlEB3oro" +
"mFD1d3dhpEWTawhVlnNd9MhbEpMic4t/03B/9aSqu3T9PCJq2jiRKoZbbBTorkye" +
"+o4vAkEAl0zwh5sXf+4bgxsUtgtqkF+GJ1Hht6B/9eSI41m5+R6b0yl3OCJI1yKx" +
"JZi6PVlTt/oeILLIURYjdZNR56vN8QJALPAkW/qgzYUi6tBuT/pszSHTyOTxhERI" +
"ZHPXKY9+RozsFd7kUbOU5yyZLVVleyTqo2IfPmxNZ0ERO+G+6YMCgwJAWIjZoVA4" +
"hGqrA7y730v0nG+4tCol+/bkBS9u4oiJIW9LJZ7Qq1CTyr9AcewhJcV/+wLpIZa4" +
"M83ixpXub41fKA==" +
"-----END PRIVATE KEY-----";
// NB No password
StringBuilder sbKey1 = Rsa.ReadPrivateKey(priStr, "");
Debug.Assert(sbKey1.Length > 0, "Failed to read private key");
Console.WriteLine("Private key is " + Rsa.KeyBits(sbKey1.ToString()) + " bits long");
Console.WriteLine("KeyHashCode={0,8:X}", Rsa.KeyHashCode(sbKey1.ToString()));
// Corresponding X.509 certificate as base64 string
// No need for '-----BEGIN CERTIFICATE-----' for certificate
// (but required for private key)
string certStr =
"MIICLDCCAZWgAwIBAgIQRjRrx4AAVrwR024uxBCzsDANBgkqhkiG9w0BAQUFADAS" +
"MRAwDgYDVQQDEwdDYXJsUlNBMB4XDTk5MDkxOTAxMDg0N1oXDTM5MTIzMTIzNTk1" +
"OVowEzERMA8GA1UEAxMIQWxpY2VSU0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ" +
"AoGBAOCJczmN2PX16Id2OX9OsAW7U4PeD7er3H3HdSkNBS5tEt+mhibU0m+qWCn8" +
"l+z6glEPMIC+sVCeRkTxLLvYMs/GaG8H2bBgrL7uNAlqE/X3BQWT3166NVbZYf8Z" +
"f8mB5vhs6odAcO+sbSx0ny36VTq5mXcCpkhSjE7zVzhXdFdfAgMBAAGjgYEwfzAM" +
"BgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBTp4JAnrHgg" +
"eprTTPJCN04irp44uzAdBgNVHQ4EFgQUd9K00bdMioqjzkWdzuw8oDrj/1AwHwYD" +
"VR0RBBgwFoEUQWxpY2VSU0FAZXhhbXBsZS5jb20wDQYJKoZIhvcNAQEFBQADgYEA" +
"PnBHqEjME1iPylFxa042GF0EfoCxjU3MyqOPzH1WyLzPbrMcWakgqgWBqE4lradw" +
"FHUv9ceb0Q7pY9Jkt8ZmbnMhVN/0uiVdfUnTlGsiNnRzuErsL2Tt0z3Sp0LF6DeK" +
"tNufZ+S9n/n+dO/q+e5jatg/SyUJtdgadq7rm9tJsCI=";
// No need for StringBuilder for public key; use an ordinary string
string pubKey = Rsa.ReadPublicKey(certStr).ToString();
Debug.Assert(pubKey.Length > 0, "Failed to read X.509 certificate");
Console.WriteLine("Public key is " + Rsa.KeyBits(pubKey) + " bits long");
Console.WriteLine("KeyHashCode={0,8:X}", Rsa.KeyHashCode(pubKey));
// Show that private key and certificate are matched
int r = Rsa.KeyMatch(sbKey1.ToString(), pubKey);
Console.WriteLine("Rsa.KeyMatch() returns {0} (expected 0)", r);
Debug.Assert(0 == r, "Rsa.KeyMatch failed");
// Clean up private key StringBuilders
Wipe.String(sbKey);
Wipe.String(sbKey1);
}
}
}