2

I want to import (RSA and ECDsa) private keys from pkcs8 files (-----BEGIN ENCRYPTED PRIVATE KEY-----).

This question How to import PKCS#8 RSA privateKey (created by OpenSSL) in C# has been answered, but the only acceptable solution for me is to implement pkcs8 parser which I want to avoid to as well as using of 3rd party libraries (beside the Chillkat there is also BouncyCastle and its PemReader) as well as pinvoke and NCryptImportKey (mentioned here: Importing PKCS#8 encrypted key to RSACng?) (I didn't go this way so far, so I'm not sure it is suitable. Is it?).

I would expect something like CngKey key = CngKey.Import(bytes, CngKeyBlobFormat.Pkcs8PrivateBlob, password) unfortunately Import method supports import of unencrypted keys only (-----BEGIN PRIVATE KEY-----).

Is there any other way to get those keys using .NET version: 4.7.2?

Thanks.

grim.ub
  • 192
  • 2
  • 11
  • 1
    I'm not sure I understand. The question and answer from the second of your links is from only a few months ago. Are expecting something to have changed since then? – President James K. Polk Oct 25 '18 at 21:54
  • @JamesKPolk: second link/QA solves RSA only. I need ECDsa as well. Change or new information would be great as well. Meanwhile I found out that ECDsa key is imported as ECDH via CngKey.Import(..) which is quite useless for me as I need it to recreate X509Certificate2 (the file contains both key and certificate) – grim.ub Oct 26 '18 at 06:02
  • `NCryptImportKey` is the way to go, but the code isn't really pleasant. https://github.com/dotnet/corefx/blob/64477348da1ff57a43deb65a4b12d32986ed00bd/src/System.Security.Cryptography.Cng/src/System/Security/Cryptography/CngKey.Import.cs#L49-L100 is an example of this in .NET Core 3.0 (for the DER/binary form, no idea if NCryptImport does PEM parsing), if you want to try to use it as a guide; but it's pretty messy. Or, you could try [.NET Core Daily Builds](https://github.com/dotnet/core/blob/master/daily-builds.md) and preview the feature. – bartonjs Oct 30 '18 at 04:34

0 Answers0