-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCertificateLoader.cs
93 lines (76 loc) · 3.74 KB
/
CertificateLoader.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using Org.BouncyCastle.OpenSsl;
using Org.BouncyCastle.Crypto.Parameters;
namespace Api_Itau_V2
{
public static class CertificateLoader
{
public static X509Certificate2 LoadCertificateFromPem(string pemFilePath, string privateKeyFilePath = null)
{
// Ler o conteúdo do arquivo PEM
var certPem = File.ReadAllText(pemFilePath);
// Extrair o certificado
var cert = ExtractCertificate(certPem);
if (!string.IsNullOrEmpty(privateKeyFilePath))
{
// Ler a chave privada, se fornecida
var privateKeyPem = File.ReadAllText(privateKeyFilePath);
var rsa = ExtractPrivateKey(privateKeyPem);
cert = cert.CopyWithPrivateKey(rsa);
}
return cert;
}
private static X509Certificate2 ExtractCertificate(string certPem)
{
if (!certPem.Contains("-----BEGIN CERTIFICATE-----"))
return null;
if (!certPem.Contains("-----END CERTIFICATE-----"))
return null;
var certBody = certPem.Replace("\n", string.Empty).Replace("\r", string.Empty);
certBody = certBody.Substring(certBody.IndexOf("-----BEGIN CERTIFICATE-----") + "-----BEGIN CERTIFICATE-----".Length);
certBody = certBody.Substring(0, certBody.IndexOf("-----END CERTIFICATE-----"));
var certBytes = Convert.FromBase64String(certBody);
return new X509Certificate2(certBytes);
}
private static RSACryptoServiceProvider ExtractPrivateKey(string privateKeyPem)
{
if (!privateKeyPem.Contains("-----BEGIN PRIVATE KEY-----"))
return null;
if (!privateKeyPem.Contains("-----END PRIVATE KEY-----"))
return null;
//var keyBody = privateKeyPem.Replace("\n", string.Empty).Replace("\r", string.Empty);
//keyBody = keyBody.Substring(keyBody.IndexOf("-----BEGIN PRIVATE KEY-----") + "-----BEGIN PRIVATE KEY-----".Length);
//keyBody = keyBody.Substring(0, keyBody.IndexOf("-----END PRIVATE KEY-----"));
var keyBody = privateKeyPem;
keyBody = keyBody.Substring(keyBody.IndexOf("-----BEGIN PRIVATE KEY-----"));
keyBody = keyBody.Substring(0, keyBody.IndexOf("-----END PRIVATE KEY-----") + "-----END PRIVATE KEY-----".Length);
// Crie um leitor PEM
using (StringReader reader = new StringReader(keyBody))
{
var pemReader = new PemReader(reader);
// Leia o certificado
object pemObject = pemReader.ReadObject();
var privateKey = (RsaPrivateCrtKeyParameters)pemObject;
return ConvertToRSACryptoServiceProvider(privateKey);
}
}
static RSACryptoServiceProvider ConvertToRSACryptoServiceProvider(RsaPrivateCrtKeyParameters privateKey)
{
RSAParameters rsaParams = new RSAParameters
{
Modulus = privateKey.Modulus.ToByteArrayUnsigned(),
Exponent = privateKey.PublicExponent.ToByteArrayUnsigned(),
D = privateKey.Exponent.ToByteArrayUnsigned(),
P = privateKey.P.ToByteArrayUnsigned(),
Q = privateKey.Q.ToByteArrayUnsigned(),
DP = privateKey.DP.ToByteArrayUnsigned(),
DQ = privateKey.DQ.ToByteArrayUnsigned(),
InverseQ = privateKey.QInv.ToByteArrayUnsigned()
};
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.ImportParameters(rsaParams);
return rsa;
}
}
}