2
byte[] plaintext = System.Text.Encoding.UTF8.GetBytes("AAAAAAAAAAAAA");

TextReader trCer = new StreamReader(@"AA.key"); //key in PEM format

PemReader rdCer = new PemReader(trCer);

AsymmetricCipherKeyPair o = rdCer.ReadObject() as AsymmetricCipherKeyPair;

ISigner sig = SignerUtilities.GetSigner("MD5WithRSAEncryption");

sig.Init(true, o.Private);

sig.BlockUpdate(plaintext,0,plaintext.Length);

Byte[] signature  = sig.GenerateSignature();

string signatureHeader = Convert.ToBase64String(signature);

Console.WriteLine(signatureHeader);

How I can use a key in DER format? I'm using the library BouncyCastle.Crypto.dll

`

beto
  • 21
  • 1
  • 2
  • 1
    "DER format" is not enough information. DER is applicable for any structure described using ASN.1. – President James K. Polk Jul 03 '10 at 01:06
  • Did you find a way to read keys in DER format? – Carlos Gutiérrez Sep 09 '10 at 02:17
  • 1
    Also see [Signing and verifying signatures with RSA C#](https://stackoverflow.com/q/8437288/608639), [how to sign bytes using my own rsa private key using rs256 algorithm?](https://stackoverflow.com/q/25909044/608639), [Signing data with private key in c#](https://stackoverflow.com/q/31828420/608639), [How can I sign a file using RSA and SHA256 with .NET?](https://stackoverflow.com/q/7444586/608639), [Signing a string with RSA private key on .NET?](https://stackoverflow.com/q/3169829/608639), etc. – jww May 30 '17 at 13:54
  • May be related: https://stackoverflow.com/questions/20269406/read-der-private-key-in-c-sharp-using-bouncycastle – mtmk Feb 15 '20 at 13:35

1 Answers1

0

You should convert der file to pem file using OpenSsl:

openssl x509 -inform der -in certificate.cer -out certificate.pem

And then generate sign from pem using BountyCastle like this:

using (var rsa = new RSACryptoServiceProvider())
            {
                var privateKey = new StringBuilder();
                privateKey.AppendLine("-----BEGIN RSA PRIVATE KEY-----");
                privateKey.AppendLine(_config.Value.PrivateKey);
                privateKey.AppendLine("-----END RSA PRIVATE KEY-----");

                var pem = new PemReader(new StringReader(privateKey.ToString()));
                var keyPair = (AsymmetricCipherKeyPair)pem.ReadObject();
                var privateKeyParameters = (RsaPrivateCrtKeyParameters)keyPair.Private;
                var rsaParameters = DotNetUtilities.ToRSAParameters(privateKeyParameters);

                rsa.ImportParameters(rsaParameters);
                var sign = rsa.SignData(Encoding.UTF8.GetBytes(data), new HashAlgorithmName("SHA1"),
                    RSASignaturePadding.Pkcs1);

                return Convert.ToBase64String(sign);
            }

Above snipped code use private key as a string and I wrap it into pem format.

sa-es-ir
  • 3,722
  • 2
  • 13
  • 31
  • 2
    You might want to add a note that the `DotNetUtilities.ToRSAParameters` is provided by [BouncyCastle](https://github.com/bcgit/bc-csharp/blob/master/crypto/src/security/DotNetUtilities.cs), because it does not come with .NET framework as such. – Christian.K Feb 19 '21 at 08:12
  • Yes you are right but in question was mentioned ``BountyCastle`` – sa-es-ir Feb 19 '21 at 08:50
  • Oh didn't see that. Thanks for pointing out. Probably worth mentioning anyway. – Christian.K Feb 19 '21 at 09:18
  • @Christian.K Answer updated and mentioned ``BountryCastle``. Thanks – sa-es-ir Feb 19 '21 at 09:47