Added ability to export keys to PEM format

Author: alan-null

Crypto.RSA/Private/EncodeIntegerBigEndian.ps1

@@ -0,0 +1,39 @@
+function EncodeIntegerBigEndian {
+    [CmdletBinding()]
+    param (
+        [Parameter(Mandatory = $true, Position = 0 )]
+        [System.IO.BinaryWriter]$stream,
+        [Parameter(Mandatory = $true, Position = 1 )]
+        [byte[]]$value,
+        [Parameter(Mandatory = $false, Position = 2 )]
+        [bool]$forceUnsigned = $true
+    )
+
+    process {
+        $stream.Write([byte]0x02); # INTEGER
+        $prefixZeros = 0;
+        for ($i = 0; $i -lt $value.Length; $i++) {
+            if ($value[$i] -ne 0) {
+                break
+            }
+            $prefixZeros++;
+        }
+        if ($value.Length - $prefixZeros -eq 0) {
+            EncodeLength $stream 1
+            $stream.Write([byte]0);
+        }
+        else {
+            if ($forceUnsigned -and $value[$prefixZeros] -gt 0x7f) {
+                # Add a prefix zero to force unsigned if the MSB is 1
+                EncodeLength $stream ($value.Length - $prefixZeros + 1)
+                $stream.Write([byte]0);
+            }
+            else {
+                EncodeLength $stream ($value.Length - $prefixZeros)
+            }
+            for ($i = $prefixZeros; $i -lt $value.Length; $i++) {
+                $stream.Write($value[$i]);
+            }
+        }
+    }
+}

Crypto.RSA/Private/EncodeLength.ps1

@@ -0,0 +1,32 @@
+function EncodeLength {
+    [CmdletBinding()]
+    param (
+        [Parameter(Mandatory = $true, Position = 0 )]
+        [System.IO.BinaryWriter]$stream,
+        [Parameter(Mandatory = $true, Position = 1 )]
+        [int]$length
+    )
+
+    process {
+        if ($length -lt 0) {
+            throw [System.ArgumentOutOfRangeException]::new("$length", "Length must be non-negative")
+        }
+        if ($length -lt 0x80) {
+            # Short form
+            $stream.Write([byte]$length)
+        }
+        else {
+            # Long form
+            $temp = $length;
+            $bytesRequired = 0;
+            while ($temp -gt 0) {
+                $temp = $temp -shr 8;
+                $bytesRequired++;
+            }
+            $stream.Write([byte]($bytesRequired -bor 0x80));
+            for ($i = $bytesRequired - 1; $i -ge 0; $i--) {
+                $stream.Write([byte]($length -shr (8 * $i) -band 0xff));
+            }
+        }
+    }
+}

Crypto.RSA/Public/Export-PrivateKey.ps1

@@ -0,0 +1,44 @@
+# src: https://gist.github.com/therightstuff/aa65356e95f8d0aae888e9f61aa29414
+function Export-PrivateKey {
+    param (
+        [Parameter(Mandatory = $true, Position = 0 )]
+        [System.Security.Cryptography.RSACryptoServiceProvider]$csp
+    )
+
+    $outputStream = [System.IO.StringWriter]::new()
+    if ($csp.PublicOnly) {
+        throw [System.ArgumentException]::new("CSP does not contain a private key", "csp")
+    }
+    $parameters = $csp.ExportParameters($true);
+
+
+    Use ($stream = [System.IO.MemoryStream]::new()) {
+        $writer = [System.IO.BinaryWriter]::new($stream);
+        $writer.Write([byte]0x30); # SEQUENCE
+        Use ($innerStream = [System.IO.MemoryStream]::new()) {
+            $innerWriter = [System.IO.BinaryWriter]::new($innerStream);
+            EncodeIntegerBigEndian $innerWriter @([byte]0x00)
+            EncodeIntegerBigEndian $innerWriter $parameters.Modulus
+            EncodeIntegerBigEndian $innerWriter $parameters.Exponent
+            EncodeIntegerBigEndian $innerWriter $parameters.D
+            EncodeIntegerBigEndian $innerWriter $parameters.P
+            EncodeIntegerBigEndian $innerWriter $parameters.Q
+            EncodeIntegerBigEndian $innerWriter $parameters.DP
+            EncodeIntegerBigEndian $innerWriter $parameters.DQ
+            EncodeIntegerBigEndian $innerWriter $parameters.InverseQ
+            [int]$length = $innerStream.Length;
+            EncodeLength $writer $length
+            $writer.Write($innerStream.GetBuffer(), 0, $length);
+        }
+
+        $base64 = [System.Convert]::ToBase64String($stream.GetBuffer(), 0, [int]$stream.Length).ToCharArray();
+        $outputStream.Write("-----BEGIN RSA PRIVATE KEY-----`n");
+        for ($i = 0; $i -lt $base64.Length; $i += 64) {
+            $outputStream.Write($base64, $i, [System.Math]::Min(64, $base64.Length - $i));
+            $outputStream.Write("`n");
+        }
+        $outputStream.Write("-----END RSA PRIVATE KEY-----");
+    }
+
+    return $outputStream.ToString();
+}

Crypto.RSA/Public/Export-PublicKey.ps1

@@ -0,0 +1,55 @@
+# src: https://gist.github.com/therightstuff/aa65356e95f8d0aae888e9f61aa29414
+function Export-PublicKey {
+    param (
+        [Parameter(Mandatory = $true, Position = 0 )]
+        [System.Security.Cryptography.RSACryptoServiceProvider]$csp
+    )
+
+    $outputStream = [System.IO.StringWriter]::new()
+    $parameters = $csp.ExportParameters($false);
+    Use ( $stream = [System.IO.MemoryStream]::new()) {
+        $writer = [System.IO.BinaryWriter]::new($stream);
+        $writer.Write([byte]0x30); # SEQUENCE
+        Use ($innerStream = [System.IO.MemoryStream]::new()) {
+            $innerWriter = [System.IO.BinaryWriter]::new($innerStream);
+            $innerWriter.Write([byte]0x30); # SEQUENCE
+            EncodeLength $innerWriter 13
+            $innerWriter.Write([byte]0x06); # OBJECT IDENTIFIER
+            $rsaEncryptionOid = @(0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01 )
+            EncodeLength $innerWriter $rsaEncryptionOid.Length
+            $innerWriter.Write($rsaEncryptionOid);
+            $innerWriter.Write([byte]0x05); # NULL
+            EncodeLength $innerWriter 0
+            $innerWriter.Write([byte]0x03); # BIT STRING
+            Use ($bitStringStream = [System.IO.MemoryStream]::new()) {
+                $bitStringWriter = [System.IO.BinaryWriter]::new($bitStringStream);
+                $bitStringWriter.Write([byte]0x00); # # of unused bits
+                $bitStringWriter.Write([byte]0x30); # SEQUENCE
+                Use ($paramsStream = [System.IO.MemoryStream]::new()) {
+                    $paramsWriter = [System.IO.BinaryWriter]::new($paramsStream);
+                    EncodeIntegerBigEndian $paramsWriter $parameters.Modulus  # Modulus
+                    EncodeIntegerBigEndian $paramsWriter $parameters.Exponent  # Exponent
+                    [int]$paramsLength = $paramsStream.Length;
+                    EncodeLength $bitStringWriter $paramsLength
+                    $bitStringWriter.Write($paramsStream.GetBuffer(), 0, $paramsLength);
+                }
+                [int]$bitStringLength = $bitStringStream.Length;
+                EncodeLength $innerWriter $bitStringLength
+                $innerWriter.Write($bitStringStream.GetBuffer(), 0, $bitStringLength);
+            }
+            [int]$length = $innerStream.Length;
+            EncodeLength $writer $length
+            $writer.Write($innerStream.GetBuffer(), 0, $length);
+        }
+
+        $base64 = [System.Convert]::ToBase64String($stream.GetBuffer(), 0, [int]$stream.Length).ToCharArray();
+        $outputStream.Write("-----BEGIN PUBLIC KEY-----`n");
+        for ($i = 0; $i -lt $base64.Length; $i += 64) {
+            $outputStream.Write($base64, $i, [System.Math]::Min(64, $base64.Length - $i));
+            $outputStream.Write("`n");
+        }
+        $outputStream.Write("-----END PUBLIC KEY-----");
+    }
+
+    return $outputStream.ToString();
+}

Crypto.RSA/Public/Get-KeyString.ps1

@@ -2,7 +2,7 @@ function Get-KeyString {
     [CmdletBinding()]
     param (
         [Parameter(Mandatory = $true, Position = 0 )]
-          [System.Security.Cryptography.RSAParameters]$publicKey
+        [System.Security.Cryptography.RSAParameters]$publicKey
     )
 
     begin {