* Conversion from pem certificate with key to Pfx

nomailme · Nov 30, 2018 · 246c7e3 · 246c7e3 · nomailme · Jan 30, 2019
1 parent b2e50be
commit 246c7e3
Showing 1 changed file with 80 additions and 19 deletions.
diff --git a/source/TestAuthorityCore/Controllers/CertificateTools.cs b/source/TestAuthorityCore/Controllers/CertificateTools.cs
@@ -5,12 +5,11 @@
 using System.Text;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
-using Microsoft.AspNetCore.Mvc.Formatters;
 using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Crypto.Tls;
 using Org.BouncyCastle.OpenSsl;
 using Org.BouncyCastle.Pkcs;
 using Org.BouncyCastle.Security;
+using Org.BouncyCastle.X509;
 
 namespace TestAuthorityCore.Controllers
 {
@@ -20,6 +19,68 @@ namespace TestAuthorityCore.Controllers
     [Route("api/tools")]
     public class CertificateTools : Controller
     {
+        [HttpPost("to-pfx")]
+        public IActionResult ConvertToPfx([FromForm] IFormFile pemCertificate, [FromForm] IFormFile pemKey, string password, string filename = "certificate.pfx")
+        {
+            byte[] certificate;
+            byte[] key;
+
+            using (var memoryStream = new MemoryStream())
+            {
+                pemCertificate.OpenReadStream().CopyTo(memoryStream);
+                memoryStream.Position = 0;
+                certificate = memoryStream.ToArray();
+            }
+
+            using (var memoryStream = new MemoryStream())
+            {
+                pemKey.OpenReadStream().CopyTo(memoryStream);
+                memoryStream.Position = 0;
+                key = memoryStream.ToArray();
+            }
+
+            byte[] result = ConvertToPfxImpl(certificate, key, password);
+            return File(result, MediaTypeNames.Application.Octet, filename);
+        }
+
+        private byte[] ConvertToPfxImpl(byte[] certificate, byte[] privateKey, string password)
+        {
+            AsymmetricCipherKeyPair asymmetricCipherKeyPair = null;
+            var certificateEntry = new X509CertificateEntry[1];
+
+            Pkcs12Store store = new Pkcs12StoreBuilder().Build();
+
+            using (var stream = new MemoryStream(privateKey))
+            {
+                using (var streamReader = new StreamReader(stream))
+                {
+                    object value = new PemReader(streamReader).ReadObject();
+                    if (value is AsymmetricCipherKeyPair pair)
+                    {
+                        asymmetricCipherKeyPair = pair;
+                    }
+                }
+            }
+
+            using (var stream = new MemoryStream(certificate))
+            {
+                using (var streamReader = new StreamReader(stream))
+                {
+                    object value = new PemReader(streamReader).ReadObject();
+                    if (value is X509Certificate x509Certificate)
+                    {
+                        certificateEntry[0] = new X509CertificateEntry(x509Certificate);
+                    }
+                }
+            }
+
+            store.SetKeyEntry("certificate", new AsymmetricKeyEntry(asymmetricCipherKeyPair.Private), certificateEntry);
+            var result = new MemoryStream();
+            store.Save(result, password.ToCharArray(), new SecureRandom());
+            result.Position = 0;
+            return result.ToArray();
+        }
+
         [HttpPost("pfx-to-certificate")]
         public IActionResult GetCertificateFromPfx([FromForm] IFormFile file, string password, string certificateName = "certificate.crt")
         {
@@ -53,17 +114,17 @@ public IActionResult GetKeyFromPfx([FromForm] IFormFile file, string password, s
                 }
 
                 X509CertificateEntry certificateEntry = store.GetCertificate(firstAlias);
-                var key =  store.GetKey(firstAlias);
-                var convertedKey = ConvertToPemFormat(key.Key);
+                AsymmetricKeyEntry key = store.GetKey(firstAlias);
+                string convertedKey = ConvertToPemFormat(key.Key);
 
                 byte[] result = Encoding.ASCII.GetBytes(convertedKey);
                 return File(result, MediaTypeNames.Application.Octet, filename);
             }
         }
 
-        private static string ConvertToPemFormat(object input)
+        private static string ConvertCertificateToPem(X509CertificateEntry certificateEntry)
         {
-            var generator = new MiscPemGenerator(input);
+            var generator = new MiscPemGenerator(certificateEntry.Certificate);
 
             string certificateString;
             using (var textWriter = new StringWriter())
@@ -82,9 +143,20 @@ private static string ConvertToPemFormat(object input)
             return certificateString;
         }
 
-        private static string ConvertCertificateToPem(X509CertificateEntry certificateEntry)
+        private static string ConvertPrivateKeyToPem(AsymmetricKeyParameter privateKey)
         {
-            var generator = new MiscPemGenerator(certificateEntry.Certificate);
+            using (var stringWriter = new StringWriter())
+            {
+                var pkcsgen = new Pkcs8Generator(privateKey);
+                var pemwriter = new PemWriter(stringWriter);
+                pemwriter.WriteObject(pkcsgen.Generate());
+                return stringWriter.ToString();
+            }
+        }
+
+        private static string ConvertToPemFormat(object input)
+        {
+            var generator = new MiscPemGenerator(input);
 
             string certificateString;
             using (var textWriter = new StringWriter())
@@ -102,16 +174,5 @@ private static string ConvertCertificateToPem(X509CertificateEntry certificateEn
 
             return certificateString;
         }
-
-        private static string ConvertPrivateKeyToPem(AsymmetricKeyParameter privateKey)
-        {
-            using (var stringWriter = new StringWriter())
-            {
-                var pkcsgen = new Pkcs8Generator(privateKey);
-                var pemwriter = new PemWriter(stringWriter);
-                pemwriter.WriteObject(pkcsgen.Generate());
-                return stringWriter.ToString();
-            }
-        }
     }
 }