有和銀行或者支付公司對接過API接口的人都知道,為了保證數據傳輸過程中的安全性,大部分公司會選擇證書來進行簽名和驗證。證書有不同格式的,如 .cer .pfx .pem 等。下面就來看看 .pem格式證書如何轉換成xml字符串。
1.假設證書路徑存放在(F:/cer/public.pem 和 F:/cer/private.pem)
2.添加BouncyCastle.Crypto.dll 引用
代碼如下:
using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Security; using System.IO; string privatekeyConent=privateKeyContent("F:/cer/private.pem");//獲取pem私鑰正文內容 string publickeyConent = Utils.PublicKeyContent(“F:/cer/public.pem”);//獲取pem公鑰正文內容 RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider(); string privatekeyXml = ConvertToXmlPrivateKey(RSAalg, privatekeyConent);//把java的私鑰轉換成.net的xml格式 string publickeyXml = ConvertToXmlPublicJavaKey(RSAalg, publickeyConent);//把java的公鑰轉換成.net的xml格式 /// <summary> ///獲取pem私鑰正文內容 /// </summary> /// <param name="filePath">私鑰證書路徑</param> /// <returns></returns> public static string privateKeyContent(string filePath) { string content= File.ReadAllText(filePath, Encoding.ASCII);//獲取pem證書完整內容 if (string.IsNullOrEmpty(content)) { throw new ArgumentNullException("pemFileConent", "This arg cann't be empty."); } string privatekeyConent= content.Replace("-----BEGIN PRIVATE KEY-----", "").Replace("-----END PRIVATE KEY-----", "").Replace("\n", "").Replace("\r", "");//去掉證書的頭部和尾部 return privatekeyConent; } /// <summary> ///獲取pem公鑰正文內容 /// </summary> /// <param name="filePath">私鑰證書路徑</param> /// <returns></returns> public static string publicKeyContent(string filePath) { string content= File.ReadAllText(filePath, Encoding.ASCII);//獲取pem證書完整內容 if (string.IsNullOrEmpty(content)) { throw new ArgumentNullException("pemFileConent", "This arg cann't be empty."); } string publickeyConent = content.Replace("-----BEGIN PUBLIC KEY-----", "").Replace("-----END PUBLIC KEY-----", "").Replace("\n", "").Replace("\r", "");//去掉證書的頭部和尾部 return publickeyConent ; } /// <summary> /// 把java的私鑰轉換成.net的xml格式 /// </summary> /// <param name="rsa"></param> /// <param name="privateJavaKey"></param> /// <returns></returns> public static string ConvertToXmlPrivateKey(this RSA rsa, string privateJavaKey) { RsaPrivateCrtKeyParameters privateKeyParam = (RsaPrivateCrtKeyParameters)PrivateKeyFactory.CreateKey(Convert.FromBase64String(privateJavaKey)); string xmlPrivateKey = string.Format("<RSAKeyValue><Modulus>{0}</Modulus><Exponent>{1}</Exponent><P>{2}</P><Q>{3}</Q><DP>{4}</DP><DQ>{5}</DQ><InverseQ>{6}</InverseQ><D>{7}</D></RSAKeyValue>", Convert.ToBase64String(privateKeyParam.Modulus.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.PublicExponent.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.P.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.Q.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.DP.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.DQ.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.QInv.ToByteArrayUnsigned()), Convert.ToBase64String(privateKeyParam.Exponent.ToByteArrayUnsigned())); return xmlPrivateKey; } /// <summary> /// 把java的公鑰轉換成.net的xml格式 /// </summary> /// <param name="privateKey">java提供的第三方公鑰</param> /// <returns></returns> public static string ConvertToXmlPublicJavaKey(this RSA rsa, string publicJavaKey) { RsaKeyParameters publicKeyParam = (RsaKeyParameters)PublicKeyFactory.CreateKey(Convert.FromBase64String(publicJavaKey)); string xmlpublicKey = string.Format("<RSAKeyValue><Modulus>{0}</Modulus><Exponent>{1}</Exponent></RSAKeyValue>", Convert.ToBase64String(publicKeyParam.Modulus.ToByteArrayUnsigned()), Convert.ToBase64String(publicKeyParam.Exponent.ToByteArrayUnsigned())); return xmlpublicKey; }