UI: allow custom private keys with modern PKCS signatures

webprofusion-chrisc · webprofusion-chrisc · commit f4577d4a43da · 2025-03-27T15:34:27.000+08:00
diff --git a/src/Certify.Shared/Utils/PKI/CSRUtils.cs b/src/Certify.Shared/Utils/PKI/CSRUtils.cs
@@ -141,10 +141,16 @@ public static bool CanParsePrivateKey(string keyContent)
         {
             using (var keyReader = new StringReader(keyContent))
             {
-                var readKeyPair = (AsymmetricCipherKeyPair)new Org.BouncyCastle.OpenSsl.PemReader(keyReader).ReadObject();
-                if (readKeyPair.Private.IsPrivate)
+                var pemReader = new Org.BouncyCastle.OpenSsl.PemReader(keyReader);
+                var readObject = pemReader.ReadObject();
+
+                if (readObject is AsymmetricCipherKeyPair keyPair)
+                {
+                    return keyPair.Private.IsPrivate;
+                }
+                else if (readObject is AsymmetricKeyParameter keyParameter)
                 {
-                    return true;
+                    return keyParameter.IsPrivate;
                 }
                 else
                 {

Original file line number	Diff line number	Diff line change
`@@ -141,10 +141,16 @@ public static bool CanParsePrivateKey(string keyContent)`
`141`	`141`	`{`
`142`	`142`	`using (var keyReader = new StringReader(keyContent))`
`143`	`143`	`{`
`144`		`- var readKeyPair = (AsymmetricCipherKeyPair)new Org.BouncyCastle.OpenSsl.PemReader(keyReader).ReadObject();`
`145`		`- if (readKeyPair.Private.IsPrivate)`
	`144`	`+ var pemReader = new Org.BouncyCastle.OpenSsl.PemReader(keyReader);`
	`145`	`+ var readObject = pemReader.ReadObject();`
	`146`	`+`
	`147`	`+ if (readObject is AsymmetricCipherKeyPair keyPair)`
	`148`	`+ {`
	`149`	`+ return keyPair.Private.IsPrivate;`
	`150`	`+ }`
	`151`	`+ else if (readObject is AsymmetricKeyParameter keyParameter)`
`146`	`152`	`{`
`147`		`- return true;`
	`153`	`+ return keyParameter.IsPrivate;`
`148`	`154`	`}`
`149`	`155`	`else`
`150`	`156`	`{`