how to get private key from PEM file?

.net private-key ssl cryptography pem

There's an article on the Code Project that has all the code you need to do this. It's just a couple of classes so it's a light-weight solution.

To get the bytes for either a certificate or a key from the PEM file the following method will work, regardless of the order of the key and certificate in the file.

 byte[] GetBytesFromPEM( string pemString, string section )
 {
     var header = String.Format("-----BEGIN {0}-----", section);
     var footer = String.Format("-----END {0}-----", section);

     var start= pemString.IndexOf(header, StringComparison.Ordinal);
     if( start < 0 )
        return null;

     start += header.Length;
     var end = pemString.IndexOf(footer, start, StringComparison.Ordinal) - start;

     if( end < 0 )
        return null;

     return Convert.FromBase64String( pemString.Substring( start, end ) );
 }

Load the PEM file into a string and call the method above to get the bytes that represent the certificate. Next you pass the obtained bytes to the constructor of an X509Certificate2 :

 var pem = System.IO.File.ReadAllText( "c:\\myKey.pem" );
 byte[] certBuffer = GetBytesFromPEM( pem, "CERTIFICATE" );
 var certificate = new X509Certificate2( certBuffer );

Loading the (RSA) private key from the PEM file is a bit more complicated but you'll find support for that in the above mentioned article as well using the Crypto.DecodeRsaPrivateKey method.


AFAIK the .NET framework does not support PEM anywhere.

You can hack around this easily for the X509Certificate part since you can extract the base64 string between the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines, convert it into a byte[] and create the X509Certificate from it.

An easy solution is to copy-paste code from Mono.Security's X509Certificate.cs to do this.

Getting the private key is a bit tricky since getting the byte[] won't be of much help to reconstruct the RSA instance (which we can assume since the PEM header states it's RSA).

This time you better copy-paste from Mono.Security's PKCS8.cs file and sioply call the decode method.

Disclaimer: I'm the main author of the Mono code discussed above and it is all available under the MIT.X11 license

Related

Change background of a card when radio selected
Search a "String" in folder containing zips of text files
Kusto ingestion limit and command throttle because of capacity policy
Is alpha value really necessary to show the colour?
Rust reference of string literal behaves differently when I use in single function or only in main function
Why can't I use an arbitrary nesting of braces to construct most classes?
submit, keyup.enter not working on angular 10
Page tries to render before data is loaded from API - React
How to format a text inside a variable in React using \n or <br/> or similar
Domain-wide delegation with impersonation
IdentityServer4 always returning "error": "invalid_scope"
How To Add extra String "Names" in a String Array?