项目nuget引用 BouncyCastle。
读取证书
X509Certificate2 x509 = new X509Certificate2(lblPfxPath.Text, txtPfxPwd.Text.Trim(), X509KeyStorageFlags.Exportable); //x509.PrivateKey.ToXmlString(true);//xml格式私钥 txtPemPrivateKey.Text = xmlToPem((RSACryptoServiceProvider)x509.PrivateKey);
转成PEM私钥。
public string xmlToPem(RSACryptoServiceProvider rsa2) { string priKey = null; var p = rsa2.ExportParameters(true); var key = new RsaPrivateCrtKeyParameters( new BigInteger(1, p.Modulus), new BigInteger(1, p.Exponent), new BigInteger(1, p.D), new BigInteger(1, p.P), new BigInteger(1, p.Q), new BigInteger(1, p.DP), new BigInteger(1, p.DQ), new BigInteger(1, p.InverseQ)); using (TextWriter sw = new StringWriter()) { var pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(sw); pemWriter.WriteObject(key); pemWriter.Writer.Flush(); priKey = sw.ToString(); } return priKey; }
xml格式的直接:x509.PrivateKey.ToXmlString(true);