OpenPGP decryption in C# with X.509 Certificate .pfx file private key

1
votes

Friends,

We procured class 3 certificate both .pfx and .cer certificates from Certificate Authority. And shared .cer(public key) to our partner.

Encryption (Java)

Our Partner encrypted the message (with our public key) using Java bouncy castle openpgp standard and shared the encrypted message like below, -----BEGIN PGP MESSAGE----- Version: x v2hQEMAzFXJ94q1Nm8AQf/Tld0/3dAvgFKPQVBS8bmbXChXeApeReo1ydNS+...... -----END PGP MESSAGE-----

Decryption: (C#)

We need to decrypt the message with our .pfx file.

I have gone through below articles, http://burnignorance.com/c-coding-tips/pgp-encryption-decryption-in-c/ It seems new PGPKeyPair is being generated and used for encryption and decryption.

But in my case, i have .pfx file How do we extract the pgpprivate key from .pfx file use for decryption? Could you share some thoughts on how we can do this. Advance thanks for all your time on this.

13/12/2020

I had imported the X509Certificate .pfx into store like below and trying to convert the pgpprivate key,

string certPath = @"C:\Users\test.pfx";
            string certPass = "apples";

            // Create a collection object and populate it using the PFX file
            X509Certificate2Collection collection = new X509Certificate2Collection();
            collection.Import(certPath, certPass, X509KeyStorageFlags.PersistKeySet);

            X509Certificate2 certificate = collection[0];
            AsymmetricAlgorithm x509PrivateKey = certificate.PrivateKey;
            PgpPrivateKey pK = x509PrivateKey; //Here i am gettting the invalid conversion error.

I am trying to use the X.509 certificate Private key as PGPrivatekey in decryption. But while assigning the private key to pgpprivatekey, getting the invalid cast exception.

Is there any way to achive this?

Regards, Stalin

1
c#encryption
Use the import method : docs.microsoft.com/en-us/dotnet/api/…jdweng
Thanks. I already imported the certificate to X509Certificate2 object. But i am not aware of converting X.509 PrivateKey to PGPPrivatekey object to use the PGP decryption algorithm.Stalin
You need the private key which you can get from the X509Certificate2 : docs.microsoft.com/en-us/dotnet/api/…jdweng
As you mentioned, i tried to import the X.509 certificate (.pfx) into store and got the privatekey object and trying to convert to pgpprivatekey which can be used in the PGPdecrytion Process as similar to the blog, burnignorance.com/c-coding-tips/pgp-encryption-decryption-in-c However receiving the invalid cast exception on assigning the privatekey to pgprivatekey. Could you share your thoughts. I had also added the code in questionStalin

1 Answers

0
votes

You can try using BouncyCastle API to read pfx file using PKCS12 class file, then convert the key to PgpSecretKey.

read document on -- > pkcs12.GetKey() and PgpSecretKey class.

Method 1.

public static void GetPriveKey(String pfxFile, String pfxPassword) { //Load PKCS12 file Pkcs12Store pkcs12 = new Pkcs12Store(new FileStream(pfxFile, FileMode.Open, FileAccess.Read), pfxPassword.ToArray()); string keyAlias = null;

        foreach (string name in pkcs12.Aliases)
        {
            if (pkcs12.IsKeyEntry(name))
            {
               keyAlias = name;
                break;
            }
        }

        //
        AsymmetricKeyParameter Privatekey = pkcs12.GetKey(keyAlias).Key;
        X509CertificateEntry[] ce = pkcs12.GetCertificateChain(keyAlias);
        AsymmetricKeyParameter PublicKey= ce[0].Certificate.GetPublicKey();


        PgpSecretKey mySecretKey = new PgpSecretKey(PgpSignature.DefaultCertification,
            PublicKeyAlgorithmTag.RsaGeneral,
            PublicKey,
            Privatekey,
            DateTime.UtcNow,
            keyAlias,
            SymmetricKeyAlgorithmTag.Cast5,
            pfxPassword.ToCharArray(), 
            true,
            null, 
            null,
            new SecureRandom());

Method 2