using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Pkcs;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Pkcs;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.X509;
using System.IO;
///
/// RSA PCKS12证书帮助类
///
public class RSAPcks12Helper
{
#region 私钥签名公钥验签
///
/// 签名
///
/// P12/PFX证书的 base64格式
/// 证书密码
/// 要签名的数据
/// 签名算法
///
public static string SignDataWithPcks12(string p12Cert, string certPwd, byte[] contentData, string signAlgorithm = "SHA1WithRSA")
{
return Convert.ToBase64String(SignDataWithPcks12(Convert.FromBase64String(p12Cert), certPwd.ToCharArray(), contentData, signAlgorithm));
}
///
/// 签名
///
/// P12/PFX证书
/// 证书密码
/// 要签名的数据
/// 签名算法
///
public static byte[] SignDataWithPcks12(byte[] p12CertData, char[] certPwdData, byte[] contentData, string signAlgorithm = "SHA1WithRSA")
{
var key = GetFromPcks12(p12CertData, certPwdData, (store, keyAlias) => store.GetKey(keyAlias).Key);
ISigner oSig = SignerUtilities.GetSigner(signAlgorithm);
oSig.Init(true, key);
oSig.BlockUpdate(contentData, 0, contentData.Length);
return oSig.GenerateSignature();
}
///
/// 验签
///
/// x509通用证书base64格式
/// 原始数据
/// 签名结果base64格式
/// 签名算法
///
public static bool VerifyDataWithX509(string x509Cert, byte[] content, string sign, string signAlgorithm = "SHA1WithRSA")
{
return VerifyDataWithX509(Convert.FromBase64String(x509Cert), content, Convert.FromBase64String(sign), signAlgorithm);
}
///
/// 验签
///
/// x509通用证书
/// 原始数据
/// 签名结果
/// 签名算法
///
public static bool VerifyDataWithX509(byte[] x509CertData, byte[] contentData, byte[] signData, string signAlgorithm = "SHA1WithRSA")
{
var publicKey = GetAsymmetricKeyParameterWithX509(x509CertData);
return VerifyData(publicKey, contentData, signData, signAlgorithm);
}
private static T GetFromPcks12(byte[] p12CertData, char[] certPwdData, Func func)
{
using (MemoryStream stream = new MemoryStream(p12CertData))
{
Pkcs12Store store = new Pkcs12Store(stream, certPwdData);
string keyAlias = null;
foreach (string alias in store.Aliases)
{
try
{
keyAlias = alias;
return func(store, keyAlias);
}
catch { }
}
throw new ArgumentException();
}
}
private static bool VerifyData(AsymmetricKeyParameter publicKey, byte[] contentData, byte[] signData, string signAlgorithm = "SHA1WithRSA")
{
ISigner oSig = SignerUtilities.GetSigner(signAlgorithm);
oSig.Init(false, publicKey);
oSig.BlockUpdate(contentData, 0, contentData.Length);
return oSig.VerifySignature(signData);
}
#endregion
#region 公钥、私钥获取 pcks8格式
///
/// 获取RSA私钥
///
/// P12/PFX证书的 base64格式
/// 证书密码
///
public static string GetPrivateKeyFromPcks12(string p12Cert, string certPwd)
{
return Convert.ToBase64String(GetPrivateKeyFromPcks12(Convert.FromBase64String(p12Cert), certPwd.ToCharArray()));
}
///
/// 获取RSA私钥
///
/// P12/PFX证书
/// 证书密码
///
public static byte[] GetPrivateKeyFromPcks12(byte[] p12CertData, char[] certPwdData)
{
var privateKeyParam = GetFromPcks12(p12CertData, certPwdData, (store, keyAlias) => store.GetKey(keyAlias).Key);
PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateKeyParam);
return privateKeyInfo.ToAsn1Object().GetEncoded();
}
///
/// 获取RSA公钥
///
/// P12/PFX证书的 base64格式
/// 证书密码
///
public static string GetPublicKeyFromPcks12(string p12Cert, string certPwd)
{
return Convert.ToBase64String(GetPublicKeyFromPcks12(Convert.FromBase64String(p12Cert), certPwd.ToCharArray()));
}
///
/// 获取RSA公钥
///
/// P12/PFX证书
/// 证书密码
///
public static byte[] GetPublicKeyFromPcks12(byte[] p12CertData, char[] certPwdData)
{
X509CertificateEntry[] chain = GetFromPcks12(p12CertData, certPwdData,
(store, keyAlias) => store.GetCertificateChain(keyAlias));
var cert = chain[0].Certificate;
var publicKey = cert.GetPublicKey();
return SerializePublicKey(publicKey);
}
///
/// 获取RSA公钥
///
/// x509通用证书base64格式
///
public static string GetPublicKeyFromX509(string x509Cert)
{
return Convert.ToBase64String(GetPublicKeyFromX509(Convert.FromBase64String(x509Cert)));
}
///
/// 获取RSA公钥
///
/// x509通用证书
///
public static byte[] GetPublicKeyFromX509(byte[] x509CertData)
{
var publicKey = GetAsymmetricKeyParameterWithX509(x509CertData);
return SerializePublicKey(publicKey);
}
private static byte[] SerializePublicKey(AsymmetricKeyParameter publicKey)
{
SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
return SerializeKey(publicKeyInfo);
}
private static byte[] SerializeKey(Asn1Encodable asn1)
{
return asn1.ToAsn1Object().GetDerEncoded();
}
private static AsymmetricKeyParameter GetAsymmetricKeyParameterWithX509(byte[] x509CertData)
{
var certificate = new X509CertificateParser().ReadCertificate(x509CertData);
return certificate.GetPublicKey();
}
#endregion
#region 公钥加密私钥解密
///
/// 公钥加密
///
/// x509通用证书base64格式
/// 待加密的数据
/// 加密算法
///
public static string EncryptWithX509(string x509Cert, byte[] contentData, string algorithm = "RSA/ECB/PKCS1Padding")
{
return Convert.ToBase64String(EncryptWithX509(Convert.FromBase64String(x509Cert), contentData, algorithm));
}
///
/// 公钥加密
///
/// x509通用证书
/// 待加密的数据
/// 加密算法
///
public static byte[] EncryptWithX509(byte[] x509CertData, byte[] contentData, string algorithm = "RSA/ECB/PKCS1Padding")
{
return EncryptWithPublicKey(GetPublicKeyFromX509(x509CertData), contentData, algorithm);
}
///
/// 公钥加密
///
/// RSA公钥 base64格式
/// 待加密的数据
/// 加密算法
///
public static string EncryptWithPublicKey(string publicKey, byte[] contentData, string algorithm = "RSA/ECB/PKCS1Padding")
{
return Convert.ToBase64String(EncryptWithPublicKey(Convert.FromBase64String(publicKey), contentData, algorithm));
}
///
/// 公钥加密
///
/// RSA公钥
/// 待加密的数据
/// 加密算法
///
public static byte[] EncryptWithPublicKey(byte[] publicKey, byte[] contentData, string algorithm = "RSA/ECB/PKCS1Padding")
{
RsaKeyParameters publicKeyParam = (RsaKeyParameters)PublicKeyFactory.CreateKey(publicKey);
return Transform(publicKeyParam, contentData, algorithm, true);
}
///
/// 解密
///
/// P12/PFX证书的 base64格式
/// 证书密码
/// 待解密数据 base64格式
/// 解密出来的数据编码格式,默认UTF-8
/// 加密算法
///
public static string DecryptWithPcks12(string p12Cert, string certPwd, string content, string encoding = "UTF-8", string algorithm = "RSA/ECB/PKCS1Padding")
{
return Encoding.GetEncoding(encoding).GetString(DecryptWithPcks12(Convert.FromBase64String(p12Cert), certPwd.ToCharArray(), Convert.FromBase64String(content), algorithm));
}
///
/// 解密
///
/// P12/PFX证书
/// 证书密码
/// 待解密数据
/// 加密算法
///
public static byte[] DecryptWithPcks12(byte[] p12Data, char[] certPwdData, byte[] contentData, string algorithm = "RSA/ECB/PKCS1Padding")
{
var privateKey = GetFromPcks12(p12Data, certPwdData, (store, keyAlias) => store.GetKey(keyAlias).Key);
return Transform(privateKey, contentData, algorithm, false);
}
///
/// 私钥解密
///
/// RSA私钥 base64格式
/// 待解密数据 base64格式
/// 解密出来的数据编码格式,默认UTF-8
/// 加密算法
///
public static string DecryptWithPrivateKey(string privateKey, string content, string encoding = "UTF-8", string algorithm = "RSA/ECB/PKCS1Padding")
{
return Encoding.GetEncoding(encoding).GetString(DecryptWithPrivateKey(Convert.FromBase64String(privateKey), Convert.FromBase64String(content), algorithm));
}
///
/// 私钥解密
///
/// RSA私钥
/// 待解密数据
/// 加密算法
///
public static byte[] DecryptWithPrivateKey(byte[] privateKey, byte[] contentData, string algorithm)
{
RsaPrivateCrtKeyParameters privateKeyParam = (RsaPrivateCrtKeyParameters)PrivateKeyFactory.CreateKey(privateKey);
return Transform(privateKeyParam, contentData, algorithm, false);
}
private static byte[] Transform(AsymmetricKeyParameter key, byte[] contentData, string algorithm, bool forEncryption)
{
var c = CipherUtilities.GetCipher(algorithm);
c.Init(forEncryption, new ParametersWithRandom(key));
return c.DoFinal(contentData);
}
#endregion
#region 私钥加密,公钥解密
///
/// 私钥加密
///
/// RSA私钥 base64格式
/// 待加密的数据
/// 加密算法
///
public static string EncryptWithPrivateKey(string privateKey, byte[] contentData, string algorithm = "RSA/ECB/PKCS1Padding")
{
return Convert.ToBase64String(EncryptWithPrivateKey(Convert.FromBase64String(privateKey), contentData, algorithm));
}
///
/// 私钥加密
///
/// RSA私钥
/// 待加密的数据
/// 加密算法
///
public static byte[] EncryptWithPrivateKey(byte[] privateKey, byte[] contentData, string algorithm = "RSA/ECB/PKCS1Padding")
{
RsaPrivateCrtKeyParameters privateKeyParam = (RsaPrivateCrtKeyParameters)PrivateKeyFactory.CreateKey(privateKey);
return Transform(privateKeyParam, contentData, algorithm, true);
}
///
/// 公钥解密
///
/// RSA公钥 base64格式
/// 待解密数据 base64格式
/// 解密出来的数据编码格式,默认UTF-8
/// 加密算法
///
public static string DecryptWithPublicKey(string publicKey, string content, string encoding = "UTF-8", string algorithm = "RSA/ECB/PKCS1Padding")
{
return Encoding.GetEncoding(encoding).GetString(DecryptWithPublicKey(Convert.FromBase64String(publicKey), Convert.FromBase64String(content), algorithm));
}
///
/// 公钥解密
///
/// RSA公钥
/// 待解密数据
/// 加密算法
///
public static byte[] DecryptWithPublicKey(byte[] publicKey, byte[] contentData, string algorithm = "RSA/ECB/PKCS1Padding")
{
RsaKeyParameters publicKeyParam = (RsaKeyParameters)PublicKeyFactory.CreateKey(publicKey);
return Transform(publicKeyParam, contentData, algorithm, false);
}
#endregion
#region 生成pfx
///
/// 根据crt以及RSA私钥生成pfx证书
///
/// 证书密码
/// crt证书
/// Rsa私钥
/// 证书链
/// 默认别名
///
public static MemoryStream GeneratePFX(string passWord, byte[] x509CertData, byte[] privateKey, byte[] x509CertChainData = null, string alias = "PrimaryCertificate")
{
RsaPrivateCrtKeyParameters privateKeyParam = (RsaPrivateCrtKeyParameters)PrivateKeyFactory.CreateKey(privateKey);
var certEntry = GetX509CertificateEntry(x509CertData);
Pkcs12Store store = new Pkcs12StoreBuilder().Build();
store.SetCertificateEntry(alias, certEntry);
X509CertificateEntry[] chain = new X509CertificateEntry[1];
if (x509CertChainData != null)
{
chain = new X509CertificateEntry[2];
chain[1] = GetX509CertificateEntry(x509CertChainData);
}
chain[0] = certEntry;
store.SetKeyEntry(alias, new AsymmetricKeyEntry(privateKeyParam), chain); //设置私钥
var ms = new MemoryStream();
store.Save(ms, passWord.ToCharArray(), new SecureRandom());
ms.Position = 0;
return ms;
}
private static X509CertificateEntry GetX509CertificateEntry(byte[] certData)
{
var certificate = new X509CertificateParser().ReadCertificate(certData);
X509CertificateEntry certEntry = new X509CertificateEntry(certificate);
return certEntry;
}
#endregion
}
BouncyCastle的Nuget下载地址为https://www.nuget.org/packages/BouncyCastle/,测试代码如下:
static void Pcks12Demo()
{
string p12Cert = "MIIMLgIBAzCCC/gGCSqGSIb3DQEHAaCCC+kEggvlMIIL4TCCBocGCSqGSIb3DQEHBqCCBngwggZ0AgEAMIIGbQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIx2MSjr1/ocgCAggAgIIGQLxs45vrlNNeHpiHoCOItdqpY8jGT4Yyek0/dRtQhKL32PReq0q6W48ycfK6KkmLtAUMdR8BwwK+A4C1JQ5vRWfJcq0yGs/DfNH1pgZdpcpW4PuEe95hylLrerUq+qrY42kevPCCt7mhJx+E1Z1ZHP5T8t0BiSKRxYzCynqzzHP2WaSkLcsO6DV4LJyMUdcgvOm92CkS0rDhwfKt8R0Q//h7FQrlN9IQEDYbBhh1tRa0uIzm9SG08zxUKKQeyWK9QhiKfTL3XLrUOBm+V6d2Uk+UsftODSsMF5L04H59RmEhO9+nrPzU30szEG0wiaVFiUurI2+2QPsuQoFHEBnn/7GTWc8sdjYr5SZWnzBTfAADTcvXm2BWlunZ3sJ0KRKzCaJGmMALqkarDc1iZ6CzFYB0VdgbNdJGzeXKmxXKnRzSodffE+YG6wyb59NyNiUq1cqEwtk3xaBbF7+oRXjCSTiWoikhhBEXMkhnSNvUMtiLRaYDAAlmNOP3+8gexkSYj4e7jTgwcm6sv40Qx4keFAeONIiy5vcVwu0VZ0aLBPGoCJziP+svKwNxKXTeQK3lBJ3ZR6WBQIlFEpnCxftb/W2/sul7BlDSNIOwb9FJpe4bV6ChBLM0igpNDq4XBrdLaNncHQHkOKx9pjoAU6Adcw0C6ZbfL6gUqJ0VCGmXcgT5v0uJj3NJYsJbd8SWeUst3m77o+UtutNxwcX+mWugemNsUu0IhL9EwsnKU4W1r4IR/F0M2qEGNl776p5h1rCV81pd5r7WPMdxn/gyOfdvfO1A1xFWxjKO85fJZQmJQ2flY1nGN1oe4LmBY4AOv3oyoIt8VsvezNm2eVCLxs/V0CvU8/+kL4+0MShkpX/INTYMDTfF3GM3FmkX1rztVI+MuBTUZw10CuaHG1LIWLTgREKkSux7c4+EDhDxvdYIWT1aqr0RzYXBDOcRPm1I6D7v9bjbNk6D892TXt3G6sh5QH3BPs/zOEqvSuwEitm0NbFTE9AA4wzBuzBjBwaXWo8O/BdV9gHtf/tVZ+HA9pvqobTHv/kp3aNY1CeM2N6HbOUk++a4rgibOO+TwnVfTkFYkDu4MvJzD+n2AbYcssHmEkdffeKHeGzmBixoUiqRIxw+T6tUYJ1bFHcsORn9aH/yHxz8Ie03biyRCQyvgzuHGZg5TGcXuRGVHx1oqfomDDW879RiizP5ZxLO3iinjoVFOBAGgJCw6zJmvXLMENhtwWJ6UYBpaiU75Ju0qBjOuqlxS0PAHVKl7XIXiKOBq1GO4cTJvjye6p1Q6iQNDqp63F8wdLsLf5gly2+hzEVqIfZiz7K7L6OFTus9qyT8zo2tjbpBgEYMI1DNEcE6i+tmDB1XkvS1z0kpwnCHsDoIpmkfT7aR6kl1lFs4mfToPwNu0Vq7SkjqLZPUg4LmO0bIG2+HRjMENGs5cWJ4YuIO33vcuGEnrF4oQ+S3IVqNBPIn8cHnnAB9AmnBAeg6ia4SfIEdKgw8lCmiVTj2Nm1jMcMeTG82fkpug2vIOFEdxpSmiGkI9uH1445EMVYLnm3zTLNfrw0hE5oUnW0K6WwN4sW2iCqv2jHY9AvfFmXxFTn6vypyiGV3aQZh4TT3d71RYlZKB2kSMfGOSXijj+wG3fGhGXY9P2noa1MYXhhajyY9m5j0fJmBTe5gF7AJDxA59eIWUaHyFXXQmk68Z2LXmxlU1BSj9ddxcd/Pdn77jZCpOwrGM0sEG50xJ5fhglvHqeN9j+wpME+YofdacLQlm9UkIN1s2PhVlHiQLbqkA2hFQXZ6Gsq9Uuv4sgjUUYGOpABZB4RKCwbrD26OW++QnMqVx84EFaLrS9ih+p/Bh6oNRj28UHQQdFmpprmDsZPsB5yNVrymSG2QpR5rsy92iHzbp/oW7X+6CDjlWBeRiVZ3sJ+mnKEMFXbM3/fVcatHIIuOkH9EfQ67fAW0Q+VpcFlTxcQzKxxeTfEJgajy+mZr7qdaDyekjoiiO4FgtLV9UxpwdSVKcc6kelOLbkcLYbNsbKdFdBEeOrIOh1h4ve6xnkMCw4Q+YKkKh61a3ISmrDLv/qCklR1yeyx+on0zsiVKdohdtQuAI5U9tfBs7WLgFTcZPKTUHGsgs8I1NvbFpgcwggVSBgkqhkiG9w0BBwGgggVDBIIFPzCCBTswggU3BgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIzuKZ8wM8nvYCAggABIIEyBHZRxBj2by9U+ddfvI2BOgETLQW58Qb72o3Om1gBJysDKRh0Fei1A8USBMndhOFZQSFS+rSTXh4mw6lsJEBFVrFwwGz5LpjvwD65Lxd2Wxl5RKJcvZC7hJdobzh1Ll0uBSAG3EF69co8RuIlOrVla3tTTyxDUB/j3oSLp6JPZ4UrwsiI4mLWhPieZ3SfVuJkEII1E9JwD/erVzPqwFGFTtDTcJijMBGyR05BCuFfvQJx6hP9IQCB7AtxizYZH6Wg/6zBxaflInx2Lcusu1JNnKhx/qgmpUSkHvFWVwbP51r1zOU0yvNPHQ+ZniDrBepPCGxodtwbvnaKaQEwzv0WUQsR16SYAKIERI/QVHLMZDRgZPasQKw3Pj4Nlgg54bmkQ5sCy7h6Wc//V1N7fAy0s0Sgt/rTmCi7C+qchu1EvGIo9kpF4q8gH6sILsYItlyIKoYK/m9Y1NXu13apzaQqMaR3BF8SyqS3FRwujIyCZx5fjg8rRRHqipJurR6zgbDpn1KgZcUJ10TuTJkicJu0PViic2bKIX9XE/kOiqXhU0+9bofBgwGEZp1OGsxG0p9qRDDGAPj90HcyJ9vY7RotxgSPal4vsya141eUIGYKfApvE9LTxPHW1Py9wOvs5GgipRuMiYKZH9h67PSSmGWJ0U2p/tBHc/m4SDNYj3vBzI0IKrOQ0WGYRrl22usev8tpHL+uB/jSTYa1/ThDOMw76OGmalLacGKjtuK4DG+cG72VNpiGTPV+agZeNje/CsClaLwQPWI1duVLlTfkSdP6HaZvGXmXlu3l2gPJ3A8LgTf0Lao+i3hlnTHpgaZIyhKmxKRbDpUrGa+qFpqctk311NyvhEew+GIxVbN2vYO53+GpCrkra8IlTYKwiset62j/Bz+gemHgiLEMacvTqGzAI/6tdNgBrqcPr3DdfqGrCRnxaS0CpWnh3T39KenMc21pQ+qa42dbOnqZO4W7hR+vIbqS1LXy4sJQDjpucYy033txEZrUfkPo/CMO/bRwoatzBHSFExfdPwjYbVvGXMo2t6AjwpZTzVB1a5KnkpOsdzbTbJOinRCTF01sEAAsZNkDuuCfrfHjBickKCSAv1Xzx6BQeklEgfI2kZTcLwLTl0zCBtc7ID+Bp/PiF6kcBHCwNjpJaERgdbEswM4bVtoflYGddtYb9AtEmCnP6UwRArm5u1OouhqpkqZE9YG6dickHa/UtSLFJS9ng3Ko+OqWcpHnilcYiuupPMtTQQMvYAGTM6OwVkkjtBnWQ72Gut+6nPlm0LEwlsQMrkJ63E1eK7bNQDCSePldg8HumpCAh3CzXPckDbJY0QG41yfeJsGYy6bQGpH3ad6agj9SMTw/yGD8LCYFgL44Mlb5onPveB9jI+uvy1zslLwRJUIdEo8f5u7EANth/a0w6V3KI/jyGq6M8XkJkr6SOLP/A71na+5Wp6tG0E19zLpDoouRLCBzWSEJqsy2Uv2XIagCYuZfc/sXWgd3qh8gWDEFc8tUlaBsxzAlAKWWbmZ6I9qPwgfIX1CahCZBpBMo9H6UfHSa3D9JPoQ+8X7wi0YvSDlYf4xh8ItPrv1U1pAQKWIjJDd5zff+v0Lhy5ixBh+aEzZQfdsHMhmmgrnAzE2MA8GCSqGSIb3DQEJFDECHgAwIwYJKoZIhvcNAQkVMRYEFNC5sxIHwlgps6fymSYihXWSZuuqMC0wITAJBgUrDgMCGgUABBT9kOn8xX8Sey8yI90nSzMgORrGwwQI6HgfrDylDrE=";
string p12Pwd = "fa8eb8a6";
var x509Cert = "QmFnIEF0dHJpYnV0ZXMKICAgIGZyaWVuZGx5TmFtZTogCiAgICBsb2NhbEtleUlEOiBEMCBCOSBCMyAxMiAwNyBDMiA1OCAyOSBCMyBBNyBGMiA5OSAyNiAyMiA4NSA3NSA5MiA2NiBFQiBBQSAKc3ViamVjdD0vQz1DTi9TVD1OXHgwQW13Xlx4MDIvTz1tS1x4OEJceEQ1L0NOPVx4MDAwXHgwMDlceDAwLlx4MDAwXHgwMDBceDAwLlx4MDAwXHgwMDNceDAwLlx4MDAwXHgwMDEKaXNzdWVyPS9DPUNOL089VW5pVHJ1c3QvQ049U0hFQ0EgQWRtaW4KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZ5ekNDQkxPZ0F3SUJBZ0lRZlZ3bXFmWmU2cmZvMTdZQmViZklnREFOQmdrcWhraUc5dzBCQVFzRkFEQTIKTVFzd0NRWURWUVFHRXdKRFRqRVJNQThHQTFVRUNoTUlWVzVwVkhKMWMzUXhGREFTQmdOVkJBTVRDMU5JUlVOQgpJRUZrYldsdU1CNFhEVEUzTURJeU56QTVNREV6TVZvWERURTRNREl5TnpFMU5UazFPVm93VGpFTE1Ba0dBMVVFCkJoTUNRMDR4RHpBTkJnTlZCQWdlQms0S2JYZGVBakVOTUFzR0ExVUVDaDRFYlV1TDFURWZNQjBHQTFVRUF4NFcKQURBQU9RQXVBREFBTUFBdUFEQUFNd0F1QURBQU1UQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQwpBUW9DZ2dFQkFMR25HRm90eElkVWo3L01JMXVvMmtmRGJ3YTBzUTljR2JOWGM1V21hdnJtYUQ0cDdFNUtZM3N2ClFMN2ttZDNTQlBFbHBXeW5Rd0U3QzBhWXNjQWQzTVQ1VVVkYzBaMFdVRHdIL1BUMzJmcVZISGxSZEpMUnJsZkEKUFpWQ1NkbVpBWFhsNlRaWlBEV29nY253WUxpY0dJbTRRN1NBbGdKT0laQlFUZVBMbEJNUFFCVFBXeUptSDJEKwpWbDl4S2ZleHA4Zk5jZGFjR3AvMVZXNkJKQ0s0MzhISU5xVzZ0TVVPdllJalRnb2pUSXcwWFUyODhqdUpaekh5CnlhK3BVYit6MDJ6dENFNlF0N0o2WEs2YzlmU041blZMZkJEbEhmR3B1M3BieHp5WkhTL2FXVFh0OXpNSXVNWU8KTUNRRjN3TVpndGZubzN3dG5iTVNpOHN0NGVva0Q0OENBd0VBQWFPQ0Fyc3dnZ0szTUI4R0ExVWRJd1FZTUJhQQpGRkhaUmxLbXZLcVIzbVRKWldDZk9jaEpDcmsxTUIwR0ExVWREZ1FXQkJUUDcrMHlFS1l5VEt4RzU2ZmNlcEVtClg0MGViekFMQmdOVkhROEVCQU1DQnNBd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSEF3RUdDQ3NHQVFVRkJ3TUMKTUVJR0ExVWRJQVE3TURrd053WUpLb0VjQVlidk9vRVZNQ293S0FZSUt3WUJCUVVIQWdFV0hHaDBkSEE2THk5MwpkM2N1YzJobFkyRXVZMjl0TDNCdmJHbGplUzh3Q1FZRFZSMFRCQUl3QURDQmdBWUlLd1lCQlFVSEFRRUVkREJ5Ck1EZ0dDQ3NHQVFVRkJ6QUJoaXhvZEhSd09pOHZiMk56Y0RNdWMyaGxZMkV1WTI5dEwyOWpjM0F2YzJobFkyRXYKYzJobFkyRXViMk56Y0RBMkJnZ3JCZ0VGQlFjd0FvWXFhSFIwY0RvdkwyeGtZWEF5TG5Ob1pXTmhMbU52YlM5eQpiMjkwTDNOb1pXTmhZV1J0YVc0dVpHVnlNSUhxQmdOVkhSOEVnZUl3Z2Q4d2dhR2dnWjZnZ1p1R2daaHNaR0Z3Ck9pOHZiR1JoY0RJdWMyaGxZMkV1WTI5dE9qTTRPUzlqYmoxRFVrd3hPREl3Tnk1amNtd3NiM1U5VWtFeE1qQTEKTURFd01DeHZkVDFEUVRJd0xHOTFQV055YkN4dlBWVnVhVlJ5ZFhOMElFRmtiV2x1UDJObGNuUnBabWxqWVhSbApVbVYyYjJOaGRHbHZia3hwYzNRL1ltRnpaVDl2WW1wbFkzUkRiR0Z6Y3oxalVreEVhWE4wY21saWRYUnBiMjVRCmIybHVkREE1b0RlZ05ZWXphSFIwY0RvdkwyeGtZWEF5TG5Ob1pXTmhMbU52YlM5RFFUSXdMMUpCTVRJd05UQXgKTURBdlExSk1NVGd5TURjdVkzSnNNSUdKQmdZcWdSd0J4VGdFZnpCOU1Fa0dDQ3FCSEFIRk9JRVFCRDFzWkdGdwpPaTh2YkdSaGNESXVjMmhsWTJFdVkyOXRMMjkxUFhOb1pXTmhJR05sY25ScFptbGpZWFJsSUdOb1lXbHVMRzg5CmMyaGxZMkV1WTI5dE1CRUdDQ3FCSEFIRk9JRVRCQVUyTmpNeE1UQWRCZ2dxZ1J3QnhUaUJGQVFSV0Zrd01ERXgKTXpBME16UTVPRFU0TXpjd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFOL081OXdpczgyWlhpK0tFVXozRkw4NQphL2RmMFVLekcyNHhMbU9jOWVGdzhHbk9uaEhKMTBFT21icXluWHljNXBrdFI0TlNBSEV4alUxZGhIVkRvVlpWCkk4Q05aelpXVzdxaHVIaGhHQkFpSFNWVXpOcGhhS3UwR2F2VXRHL2V0d25QWUlmTXFFV0RQVU85TXJ3aHVQdXIKczJqTElzMzZXdmsyN2Y2ZjBlOHlXbzJzVlR5QlNFTk0vZ1dhdEpGOFlzRC9xQ3Z5WGhCWEM1SkxZYkNLMlRObwp6NmdtUVg2QlN0OUVHenR6SkVrbHo4Nk5RQUk4aDRScTJJbXNVeXZtbEpVaDNCMlZuem1qc3crc3o5R0N2cXJRCm5mRGJEWXFzaG41KytVdjJjUWtYUnNLV3BEOE45V2hZNEFQOVp0aEt1bzIxMTFjR2VjUUJCU05CQWVBVWtoYz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=";
var contentData = Encoding.GetEncoding("UTF-8").GetBytes("ceshi测试");
var signData = RSAPcks12Helper.SignDataWithPcks12(p12Cert, p12Pwd, contentData);
var result = RSAPcks12Helper.VerifyDataWithX509(x509Cert, contentData, signData);
string privateKey = "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCxpxhaLcSHVI+/zCNbqNpHw28GtLEPXBmzV3OVpmr65mg+KexOSmN7L0C+5Jnd0gTxJaVsp0MBOwtGmLHAHdzE+VFHXNGdFlA8B/z099n6lRx5UXSS0a5XwD2VQknZmQF15ek2WTw1qIHJ8GC4nBiJuEO0gJYCTiGQUE3jy5QTD0AUz1siZh9g/lZfcSn3safHzXHWnBqf9VVugSQiuN/ByDalurTFDr2CI04KI0yMNF1NvPI7iWcx8smvqVG/s9Ns7QhOkLeyelyunPX0jeZ1S3wQ5R3xqbt6W8c8mR0v2lk17fczCLjGDjAkBd8DGYLX56N8LZ2zEovLLeHqJA+PAgMBAAECggEABcCNT04wENmyFdm8Q1mCR9SSIbt0CDVJN79bJLtQt3MCaRDeb+KEuhZbmFK6kK4eLtizNINt7fpFcTG8f6X34gDYmuDsgJOaYXc4v43O5wgw9dSnW6GibYDx/YU58uu7Wl/pXzMgefRMz4cS+qdDPCJVPuDy+nwhJhUTkI6k6sED2E23MsIPFpA78k6TVpEGOS9RC1++A6mj7NOrgGhIO7BkgmVfRRpAkVKABGEaNHav8nTZ1IIQYCshRbyPAni/W/KmN2URSlED5tX4/VdJP/PyQE4BO6OuJ2wnkJkv2JMDNwicLZBVz+pS8PfBS1kHyrYsC3xv3ybUbIgBtnUH4QKBgQDYnwYXB314QUWr7VzkbH53vAi4JhC4AoycTkOYgerkjXt9R5cJPT2/Ofv2ZmxQuz6cQ6aTynxfdtN7Cb+VGZI1FGkklV1KzwhhmLjuaNhMRDE/XUDSXkRaj55cX8ik6pPMBOSNrt9T+6Y0H5kr3PcnSkCpfF1wO7PeUSCEDTQiyQKBgQDR8pT3zYwE6E7sQBIkl3YrMfJMyci+nXNjp+O/vFY6bHFf/5I3qHJzWthIF2UeXzVnJQPBccmbIEdtbXk1petZvOMtEVrptJmGUrV7r2LFeRn4oUYCgqMr8XVldqlUG24lrROkIHNNHWQFRXyXwEYrz4bLeR6r8pSI4QcQWwmzlwKBgCNAVbRfsqpkLNtaqDg/86C2h9C32Raoy4sQLW3fDoOdBpCPmuOVBLxeykMBzfShVAIH/E6mr/C1HJs0LeosnB9pL+cVK3ZmFJ4VRVr+0twuaLlACrFxR7xZDNNJfxRfXCfiT/NClvNKy3RGBB4gOlQ5gCZUp7wA6zdtilYS8/4JAoGAE7Rn5OYm2SMQnT3aNhL9JUq3yhs6OyG9/cF5L7q2gR9CeNcc2xp1O3xwRjvj4rje40JnGtXaLTQXYB7hPHbJIxAGZml1le+8ZQ4IOIaah5w5IsvILV4jgHFWKmK7u8gjS2f2KvZcvAUhKRl/eyKxs1Tz+s7wYQUQidRM/Gz++RsCgYEAh13t8/5+k3MhWRfuo9YmUcGAGyrH7HQwZdVXIWRfIq23l+suFGRLsrbYTPBDkgIgRS3l1uP+SoEg3xdRK62klTmpAtbpRa3NM2bJ9xgxtfXkgamEQGuRyzKBdiUjqdcUB0Md9xdQK69sjVQZJysomFbIhNrNFD3KxOZsYX5WNPU=";
string publicKey = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsacYWi3Eh1SPv8wjW6jaR8NvBrSxD1wZs1dzlaZq+uZoPinsTkpjey9AvuSZ3dIE8SWlbKdDATsLRpixwB3cxPlRR1zRnRZQPAf89PfZ+pUceVF0ktGuV8A9lUJJ2ZkBdeXpNlk8NaiByfBguJwYibhDtICWAk4hkFBN48uUEw9AFM9bImYfYP5WX3Ep97Gnx81x1pwan/VVboEkIrjfwcg2pbq0xQ69giNOCiNMjDRdTbzyO4lnMfLJr6lRv7PTbO0ITpC3snpcrpz19I3mdUt8EOUd8am7elvHPJkdL9pZNe33Mwi4xg4wJAXfAxmC1+ejfC2dsxKLyy3h6iQPjwIDAQAB";
string privateKeyFromPcks12 = RSAPcks12Helper.GetPrivateKeyFromPcks12(p12Cert, p12Pwd);
string publicKeyFromPcks12 = RSAPcks12Helper.GetPublicKeyFromPcks12(p12Cert, p12Pwd);
string publicKeyFromX509 = RSAPcks12Helper.GetPublicKeyFromX509(x509Cert);
Console.WriteLine("私钥相等:{0}", privateKey == privateKeyFromPcks12);
Console.WriteLine("公钥Pck12相等:{0}", publicKeyFromPcks12 == publicKey);
Console.WriteLine("公钥Pck12与X509相等:{0}", publicKeyFromX509 == publicKeyFromPcks12);
Console.WriteLine("公钥X509相等:{0}", publicKeyFromX509 == publicKey);
Console.WriteLine("-----公钥加密,私钥解密-----");
//var enc = RSAPcks12Helper.EncryptWithX509(x509Cert, contentData);
var enc = RSAPcks12Helper.EncryptWithPublicKey(publicKeyFromX509, contentData);
Console.WriteLine(enc);
//var dec = RSAPcks12Helper.DecryptWithPcks12(p12Cert, p12Pwd, enc);
var dec = RSAPcks12Helper.DecryptWithPrivateKey(privateKey, enc);
Console.WriteLine(dec);
Console.WriteLine("-----私钥加密,公钥解密-----");
enc = RSAPcks12Helper.EncryptWithPrivateKey(privateKey, contentData);
Console.WriteLine(enc);
dec = RSAPcks12Helper.DecryptWithPublicKey(publicKey, enc);
Console.WriteLine(dec);
}
//生成1.key文件 仅包含私钥,移除-nocerts则同时包含公钥私钥
openssl pkcs12 -in D:\ssl\p.p12 -nocerts -nodes -out D:\ssl\1.key
//生成cert
openssl pkcs12 -in D:\ssl\p.p12 -nokeys -nodes -out D:\ssl\cert.crt
//导出RSA私钥
openssl rsa -in D:\ssl\1.key -out D:\ssl\pri.pem
//导出RSA公钥
openssl rsa -in D:\ssl\1.key -pubout -out D:\ssl\pub.pem
最后再加个证书相关的参考资料:http://www.cnblogs.com/guogangj/p/4118605.html