From 246c7e3b8be4dd66504f4068c58040a5c849bcee Mon Sep 17 00:00:00 2001 From: Iskander Yarmukhametov Date: Fri, 30 Nov 2018 08:32:00 +0300 Subject: [PATCH] * Conversion from pem certificate with key to Pfx --- .../Controllers/CertificateTools.cs | 99 +++++++++++++++---- 1 file changed, 80 insertions(+), 19 deletions(-) diff --git a/source/TestAuthorityCore/Controllers/CertificateTools.cs b/source/TestAuthorityCore/Controllers/CertificateTools.cs index b57efd3..2a79382 100644 --- a/source/TestAuthorityCore/Controllers/CertificateTools.cs +++ b/source/TestAuthorityCore/Controllers/CertificateTools.cs @@ -5,12 +5,11 @@ using System.Text; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; -using Microsoft.AspNetCore.Mvc.Formatters; using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Crypto.Tls; using Org.BouncyCastle.OpenSsl; using Org.BouncyCastle.Pkcs; using Org.BouncyCastle.Security; +using Org.BouncyCastle.X509; namespace TestAuthorityCore.Controllers { @@ -20,6 +19,68 @@ namespace TestAuthorityCore.Controllers [Route("api/tools")] public class CertificateTools : Controller { + [HttpPost("to-pfx")] + public IActionResult ConvertToPfx([FromForm] IFormFile pemCertificate, [FromForm] IFormFile pemKey, string password, string filename = "certificate.pfx") + { + byte[] certificate; + byte[] key; + + using (var memoryStream = new MemoryStream()) + { + pemCertificate.OpenReadStream().CopyTo(memoryStream); + memoryStream.Position = 0; + certificate = memoryStream.ToArray(); + } + + using (var memoryStream = new MemoryStream()) + { + pemKey.OpenReadStream().CopyTo(memoryStream); + memoryStream.Position = 0; + key = memoryStream.ToArray(); + } + + byte[] result = ConvertToPfxImpl(certificate, key, password); + return File(result, MediaTypeNames.Application.Octet, filename); + } + + private byte[] ConvertToPfxImpl(byte[] certificate, byte[] privateKey, string password) + { + AsymmetricCipherKeyPair asymmetricCipherKeyPair = null; + var certificateEntry = new X509CertificateEntry[1]; + + Pkcs12Store store = new Pkcs12StoreBuilder().Build(); + + using (var stream = new MemoryStream(privateKey)) + { + using (var streamReader = new StreamReader(stream)) + { + object value = new PemReader(streamReader).ReadObject(); + if (value is AsymmetricCipherKeyPair pair) + { + asymmetricCipherKeyPair = pair; + } + } + } + + using (var stream = new MemoryStream(certificate)) + { + using (var streamReader = new StreamReader(stream)) + { + object value = new PemReader(streamReader).ReadObject(); + if (value is X509Certificate x509Certificate) + { + certificateEntry[0] = new X509CertificateEntry(x509Certificate); + } + } + } + + store.SetKeyEntry("certificate", new AsymmetricKeyEntry(asymmetricCipherKeyPair.Private), certificateEntry); + var result = new MemoryStream(); + store.Save(result, password.ToCharArray(), new SecureRandom()); + result.Position = 0; + return result.ToArray(); + } + [HttpPost("pfx-to-certificate")] public IActionResult GetCertificateFromPfx([FromForm] IFormFile file, string password, string certificateName = "certificate.crt") { @@ -53,17 +114,17 @@ public IActionResult GetKeyFromPfx([FromForm] IFormFile file, string password, s } X509CertificateEntry certificateEntry = store.GetCertificate(firstAlias); - var key = store.GetKey(firstAlias); - var convertedKey = ConvertToPemFormat(key.Key); + AsymmetricKeyEntry key = store.GetKey(firstAlias); + string convertedKey = ConvertToPemFormat(key.Key); byte[] result = Encoding.ASCII.GetBytes(convertedKey); return File(result, MediaTypeNames.Application.Octet, filename); } } - private static string ConvertToPemFormat(object input) + private static string ConvertCertificateToPem(X509CertificateEntry certificateEntry) { - var generator = new MiscPemGenerator(input); + var generator = new MiscPemGenerator(certificateEntry.Certificate); string certificateString; using (var textWriter = new StringWriter()) @@ -82,9 +143,20 @@ private static string ConvertToPemFormat(object input) return certificateString; } - private static string ConvertCertificateToPem(X509CertificateEntry certificateEntry) + private static string ConvertPrivateKeyToPem(AsymmetricKeyParameter privateKey) { - var generator = new MiscPemGenerator(certificateEntry.Certificate); + using (var stringWriter = new StringWriter()) + { + var pkcsgen = new Pkcs8Generator(privateKey); + var pemwriter = new PemWriter(stringWriter); + pemwriter.WriteObject(pkcsgen.Generate()); + return stringWriter.ToString(); + } + } + + private static string ConvertToPemFormat(object input) + { + var generator = new MiscPemGenerator(input); string certificateString; using (var textWriter = new StringWriter()) @@ -102,16 +174,5 @@ private static string ConvertCertificateToPem(X509CertificateEntry certificateEn return certificateString; } - - private static string ConvertPrivateKeyToPem(AsymmetricKeyParameter privateKey) - { - using (var stringWriter = new StringWriter()) - { - var pkcsgen = new Pkcs8Generator(privateKey); - var pemwriter = new PemWriter(stringWriter); - pemwriter.WriteObject(pkcsgen.Generate()); - return stringWriter.ToString(); - } - } } }