API tools faq
paste
Advertisement
Nicolai

DecodeOpenSSLPrivateKey

Nicolai
May 2nd, 2011
754
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C# 2.62 KB | None | 0 0
raw download clone embed print report
  1. // NOT MADE BY ME
  2.  
  3. public static byte[] DecodeOpenSSLPrivateKey(String instr)
  4.   {
  5.   const  String pemprivheader = "-----BEGIN RSA PRIVATE KEY-----" ;
  6.   const  String pemprivfooter   = "-----END RSA PRIVATE KEY-----" ;
  7.   String pemstr = instr.Trim() ;
  8.   byte[] binkey;
  9.        if(!pemstr.StartsWith(pemprivheader) || !pemstr.EndsWith(pemprivfooter))
  10.     return null;
  11.  
  12.        StringBuilder sb = new StringBuilder(pemstr) ;
  13.         sb.Replace(pemprivheader, "") ;  //remove headers/footers, if present
  14.         sb.Replace(pemprivfooter, "") ;
  15.  
  16. String pvkstr = sb.ToString().Trim();   //get string after removing leading/trailing whitespace
  17.  
  18.    try{        // if there are no PEM encryption info lines, this is an UNencrypted PEM private key
  19.     binkey = Convert.FromBase64String(pvkstr) ;
  20.     return binkey;
  21.     }
  22.    catch(System.FormatException) {      //if can't b64 decode, it must be an encrypted private key
  23.     //Console.WriteLine("Not an unencrypted OpenSSL PEM private key");  
  24.     }
  25.  
  26.  StringReader str = new StringReader(pvkstr);
  27.  
  28. //-------- read PEM encryption info. lines and extract salt -----
  29.  if(!str.ReadLine().StartsWith("Proc-Type: 4,ENCRYPTED"))
  30.     return null;
  31.  String saltline = str.ReadLine();
  32.  if(!saltline.StartsWith("DEK-Info: DES-EDE3-CBC,") )
  33.     return null;
  34.  String saltstr =  saltline.Substring(saltline.IndexOf(",") + 1).Trim() ;
  35.  byte[] salt = new byte[saltstr.Length/2];
  36.  for (int i=0; i <salt.Length; i++)  
  37.     salt[i] = Convert.ToByte(saltstr.Substring (i*2, 2), 16);
  38.  if(! (str.ReadLine() == ""))
  39.     return null;
  40.  
  41. //------ remaining b64 data is encrypted RSA key ----
  42. String encryptedstr =  str.ReadToEnd() ;
  43.  
  44.  try{   //should have b64 encrypted RSA key now
  45.     binkey = Convert.FromBase64String(encryptedstr) ;
  46.  }
  47.    catch(System.FormatException) {  // bad b64 data.
  48.     return null;
  49.     }
  50.  
  51. //------ Get the 3DES 24 byte key using PDK used by OpenSSL ----
  52.  
  53.     SecureString  despswd = GetSecPswd("Enter password to derive 3DES key==>") ;
  54.    //Console.Write("\nEnter password to derive 3DES key: ");
  55.    //String pswd = Console.ReadLine();
  56.   byte[] deskey = GetOpenSSL3deskey(salt, despswd, 1, 2);    // count=1 (for OpenSSL implementation); 2 iterations to get at least 24 bytes
  57.   if(deskey == null)
  58.     return null;
  59.   //showBytes("3DES key", deskey) ;
  60.  
  61. //------ Decrypt the encrypted 3des-encrypted RSA private key ------
  62.  byte[] rsakey = DecryptKey(binkey, deskey, salt);  //OpenSSL uses salt value in PEM header also as 3DES IV
  63. if(rsakey !=null)
  64.     return rsakey;  //we have a decrypted RSA private key
  65. else {
  66.     Console.WriteLine("Failed to decrypt RSA private key; probably wrong password.");
  67.     return null;
  68.    }
  69.  }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!