CODEWITHSUNDEEP
c#encryption
Stalin
Stalin

Reputation: 15

OpenPGP decryption in C# with X.509 Certificate .pfx file private key

We procured class 3 certificate both .pfx and .cer certificates from Certificate Authority. And shared .cer(public key) to our partner.

Encryption (Java)

Our Partner encrypted the message (with our public key) using Java bouncy castle openpgp standard and shared the encrypted message like below, -----BEGIN PGP MESSAGE----- Version: x v2hQEMAzFXJ94q1Nm8AQf/Tld0/3dAvgFKPQVBS8bmbXChXeApeReo1ydNS+...... -----END PGP MESSAGE-----

Decryption: (C#)

We need to decrypt the message with our .pfx file.

I have gone through below articles, http://burnignorance.com/c-coding-tips/pgp-encryption-decryption-in-c/ It seems new PGPKeyPair is being generated and used for encryption and decryption.

But in my case, i have .pfx file How do we extract the pgpprivate key from .pfx file use for decryption? Could you share some thoughts on how we can do this. Advance thanks for all your time on this.

13/12/2020

I had imported the X509Certificate .pfx into store like below and trying to convert the pgpprivate key,

string certPath = @"C:\Users\test.pfx";
            string certPass = "apples";

            // Create a collection object and populate it using the PFX file
            X509Certificate2Collection collection = new X509Certificate2Collection();
            collection.Import(certPath, certPass, X509KeyStorageFlags.PersistKeySet);

            X509Certificate2 certificate = collection[0];
            AsymmetricAlgorithm x509PrivateKey = certificate.PrivateKey;
            // Here I am getting the invalid conversion error.
            PgpPrivateKey pK = x509PrivateKey;

I am trying to use the X.509 certificate Private key as PGPrivatekey in decryption. But while assigning the private key to pgpprivatekey, getting the invalid cast exception.

Is there any way to achieve this?

Regards, Stalin

Upvotes: 1

Views: 1238

Answers (1)

srrinivas Chinimilli
srrinivas Chinimilli

Reputation: 1

You can try using BouncyCastle API to read pfx file using PKCS12 class file, then convert the key to PgpSecretKey.

read document on -- > pkcs12.GetKey() and PgpSecretKey class.

public static void GetPriveKey(String pfxFile, String pfxPassword)
{
    //Load PKCS12 file
    Pkcs12Store pkcs12 = new Pkcs12Store(new FileStream(pfxFile, FileMode.Open, FileAccess.Read), pfxPassword.ToArray());
    string keyAlias = null;

    foreach (string name in pkcs12.Aliases)
    {
        if (pkcs12.IsKeyEntry(name))
        {
           keyAlias = name;
            break;
        }
    }

    //
    AsymmetricKeyParameter Privatekey = pkcs12.GetKey(keyAlias).Key;
    X509CertificateEntry[] ce = pkcs12.GetCertificateChain(keyAlias);
    AsymmetricKeyParameter PublicKey= ce[0].Certificate.GetPublicKey();


    PgpSecretKey mySecretKey = new PgpSecretKey(PgpSignature.DefaultCertification,
        PublicKeyAlgorithmTag.RsaGeneral,
        PublicKey,
        Privatekey,
        DateTime.UtcNow,
        keyAlias,
        SymmetricKeyAlgorithmTag.Cast5,
        pfxPassword.ToCharArray(), 
        true,
        null, 
        null,
        new SecureRandom());
 }

Upvotes: 0

Related Questions