Get Private Key from BouncyCastle X509 Certificate? C#
Solution 1
Don't know BouncyCastle that much but it seems to me that the simple thing to do is to recreate the key based on the key parameters.
public static AsymmetricKeyParameter TransformRSAPrivateKey(
AsymmetricAlgorithm privateKey)
{
RSACryptoServiceProvider prov = privateKey as RSACryptoServiceProvider;
RSAParameters parameters = prov.ExportParameters(true);
return new RsaPrivateCrtKeyParameters(
new BigInteger(1,parameters.Modulus),
new BigInteger(1,parameters.Exponent),
new BigInteger(1,parameters.D),
new BigInteger(1,parameters.P),
new BigInteger(1,parameters.Q),
new BigInteger(1,parameters.DP),
new BigInteger(1,parameters.DQ),
new BigInteger(1,parameters.InverseQ));
}
You can call the code by using
AsymmetricKeyParameter bouncyCastlePrivateKey =
TransformRSAPrivateKey(mycert.PrivateKey);
Obviously this assumes that the certificate includes a RSA Key but the same result can be achieved for DSA with DSACryptoServiceProvider
and DSAParameters
.
Solution 2
Akp = Org.BouncyCastle.Security.DotNetUtilities.GetKeyPair(this.Certificate.PrivateKey).Private;
Solution 3
Find .NET X509Certificate2:
X509Certificate2 cert = this.FindCertificate(certificateFriendlyName);
Parse it to BouncyCastle certificate and use X509Certificate2Signature to get signature:
var parser = new X509CertificateParser();
var bouncyCertificate = parser.ReadCertificate(cert.RawData);
var algorithm = DigestAlgorithms.GetDigest(bouncyCertificate.SigAlgOid);
var signature = new X509Certificate2Signature(cert, algorithm);
Comments
-
Petey B almost 3 years
Normally when I grab an
X509Certificate2
out of my keystore I can call.PrivateKey
to retrieve the cert's private key as anAsymmetricAlgorithm
. However I have decided to use Bouncy Castle and its instance ofX509Certificate
only has agetPublicKey();
I cannot see a way to get the private key out of the cert. Any ideas?I get the an X509Certificate2 from my Windows-MY keystore then use:
//mycert is an X509Certificate2 retrieved from Windows-MY Keystore X509CertificateParser certParser = new X509CertificateParser(); X509Certificate privateCertBouncy = certParser.ReadCertificate(mycert.GetRawCertData()); AsymmetricKeyParameter pubKey = privateCertBouncy.GetPublicKey(); //how do i now get the private key to make a keypair?
Is there anyway to convert a
AsymmetricAlgorithm
(C# private key) to aAsymmetricKeyParameter
(bouncycastle private key)? -
Sushant over 9 yearsthis should be the answer?
-
Freeedy almost 4 yearsThis is not working for EC Elliptic Curve private key
-
gakera over 2 yearsDoing this I just get
Internal.Cryptography.CryptoThrowHelper.WindowsCryptographicException: 'The requested operation is not supported.'