C＃将私有/公共RSA密钥从RSACryptoServiceProvider导出到PEM字符串

请注意：以下代码用于导出私钥。如果您要导出公共密钥，请参考我在此处给出的答案。PEM格式只是转换为Base64 的密钥（按PKCS＃1）的ASN.1 DER编码。鉴于表示密钥所需的字段数量有限，创建快捷的DER编码器以输出适当的格式然后进行Base64编码非常简单。因此，下面的代码并不是特别优雅，但是可以做到：private static void ExportPrivateKey(RSACryptoServiceProvider csp, TextWriter outputStream){    if (csp.PublicOnly) throw new ArgumentException("CSP does not contain a private key", "csp");    var parameters = csp.ExportParameters(true);    using (var stream = new MemoryStream())    {        var writer = new BinaryWriter(stream);        writer.Write((byte)0x30); // SEQUENCE        using (var innerStream = new MemoryStream())        {            var innerWriter = new BinaryWriter(innerStream);            EncodeIntegerBigEndian(innerWriter, new byte[] { 0x00 }); // Version            EncodeIntegerBigEndian(innerWriter, parameters.Modulus);            EncodeIntegerBigEndian(innerWriter, parameters.Exponent);            EncodeIntegerBigEndian(innerWriter, parameters.D);            EncodeIntegerBigEndian(innerWriter, parameters.P);            EncodeIntegerBigEndian(innerWriter, parameters.Q);            EncodeIntegerBigEndian(innerWriter, parameters.DP);            EncodeIntegerBigEndian(innerWriter, parameters.DQ);            EncodeIntegerBigEndian(innerWriter, parameters.InverseQ);            var length = (int)innerStream.Length;            EncodeLength(writer, length);            writer.Write(innerStream.GetBuffer(), 0, length);        }        var base64 = Convert.ToBase64String(stream.GetBuffer(), 0, (int)stream.Length).ToCharArray();        outputStream.WriteLine("-----BEGIN RSA PRIVATE KEY-----");        // Output as Base64 with lines chopped at 64 characters        for (var i = 0; i < base64.Length; i += 64)        {            outputStream.WriteLine(base64, i, Math.Min(64, base64.Length - i));        }        outputStream.WriteLine("-----END RSA PRIVATE KEY-----");    }}private static void EncodeLength(BinaryWriter stream, int length){    if (length < 0) throw new ArgumentOutOfRangeException("length", "Length must be non-negative");    if (length < 0x80)    {        // Short form        stream.Write((byte)length);    }    else    {        // Long form        var temp = length;        var bytesRequired = 0;        while (temp > 0)        {            temp >>= 8;            bytesRequired++;        }        stream.Write((byte)(bytesRequired | 0x80));        for (var i = bytesRequired - 1; i >= 0; i--)        {            stream.Write((byte)(length >> (8 * i) & 0xff));        }    }}private static void EncodeIntegerBigEndian(BinaryWriter stream, byte[] value, bool forceUnsigned = true){    stream.Write((byte)0x02); // INTEGER    var prefixZeros = 0;    for (var i = 0; i < value.Length; i++)    {        if (value[i] != 0) break;        prefixZeros++;    }    if (value.Length - prefixZeros == 0)    {        EncodeLength(stream, 1);        stream.Write((byte)0);    }    else    {        if (forceUnsigned && value[prefixZeros] > 0x7f)        {            // Add a prefix zero to force unsigned if the MSB is 1            EncodeLength(stream, value.Length - prefixZeros + 1);            stream.Write((byte)0);        }        else        {            EncodeLength(stream, value.Length - prefixZeros);        }        for (var i = prefixZeros; i < value.Length; i++)        {            stream.Write(value[i]);        }    }}

C＃将私有/公共RSA密钥从RSACryptoServiceProvider导出到PEM字符串

3回答