c# получить из сертификата открытый и закрытый ключ / Get from X509 certificate private and public keys

X509Certificate2 cert = new X509Certificate2("cert.pfx");
//(RSACryptoServiceProvider)cert.PrivateKey
//(RSACryptoServiceProvider)cert.PublicKey.Key

c# проверяем подпись сертификата x509 у файла / c# Verify x509 certificate signature

public static bool CertificateSignVerify(string signFilePath, byte[] data, RSACryptoServiceProvider rsaKey)
        {
            byte[] signature = File.ReadAllBytes(signFilePath);
            return rsaKey.VerifyData(data, new SHA1CryptoServiceProvider(), signature);
        }

c# How to encrypt file using x509 certificate

public static void EncryptFile(string encrDumpFilePath, string dumpFilePath, RSACryptoServiceProvider rsaKey)
        {
            using (AesManaged aesManaged = new AesManaged())
            {
                aesManaged.KeySize = 256;
                aesManaged.BlockSize = 128;
                aesManaged.Mode = CipherMode.CBC;
                using (ICryptoTransform transform = aesManaged.CreateEncryptor())
                {
                    RSAPKCS1KeyExchangeFormatter keyFormatter = new RSAPKCS1KeyExchangeFormatter(rsaKey);
                    byte[] keyEncrypted = keyFormatter.CreateKeyExchange(aesManaged.Key, aesManaged.GetType());
                    byte[] LenK = new byte[4];
                    byte[] LenIV = new byte[4];
                    int lKey = keyEncrypted.Length;
                    LenK = BitConverter.GetBytes(lKey);
                    int lIV = aesManaged.IV.Length;
                    LenIV = BitConverter.GetBytes(lIV);
                    int startFileName = dumpFilePath.LastIndexOf("\\") + 1;

                    string outFile = encrDumpFilePath;
                    Directory.CreateDirectory(Path.GetDirectoryName(encrDumpFilePath));
                    using (FileStream outFs = new FileStream(outFile, FileMode.Create))
                    {
                        outFs.Write(LenK, 0, 4);
                        outFs.Write(LenIV, 0, 4);
                        outFs.Write(keyEncrypted, 0, lKey);
                        outFs.Write(aesManaged.IV, 0, lIV);
                        using (CryptoStream outStreamEncrypted = new CryptoStream(outFs, transform, CryptoStreamMode.Write))
                        {
                            int count = 0;
                            int offset = 0;
                            int blockSizeBytes = aesManaged.BlockSize / 8;
                            byte[] data = new byte[blockSizeBytes];
                            int bytesRead = 0;

                            using (FileStream inFs = new FileStream(dumpFilePath, FileMode.Open))
                            {
                                do
                                {
                                    count = inFs.Read(data, 0, blockSizeBytes);
                                    offset += count;
                                    outStreamEncrypted.Write(data, 0, count);
                                    bytesRead += blockSizeBytes;
                                }
                                while (count > 0);
                                inFs.Close();
                            }
                            outStreamEncrypted.FlushFinalBlock();
                            outStreamEncrypted.Close();
                        }
                        outFs.Close();
                    }
                }
            }
        }

c# Расшифровываем файл, зашифрованный ключом из сертификата x509 / x509 Certificate Decrypt file

public static MemoryStream DecryptFile(string dumpFilePath, RSACryptoServiceProvider rsaKey)
        {
            MemoryStream outFs = new MemoryStream();
            using (AesManaged aesManaged = new AesManaged())
            {
                aesManaged.KeySize = 256;
                aesManaged.BlockSize = 128;
                aesManaged.Mode = CipherMode.CBC;
                byte[] LenK = new byte[4];
                byte[] LenIV = new byte[4];
                using (FileStream inFs = new FileStream(dumpFilePath, FileMode.Open))
                {
                    inFs.Seek(0, SeekOrigin.Begin);
                    inFs.Seek(0, SeekOrigin.Begin);
                    inFs.Read(LenK, 0, 3);
                    inFs.Seek(4, SeekOrigin.Begin);
                    inFs.Read(LenIV, 0, 3);
                    int lenK = BitConverter.ToInt32(LenK, 0);
                    int lenIV = BitConverter.ToInt32(LenIV, 0);
                    int startC = lenK + lenIV + 8;
                    int lenC = (int)inFs.Length - startC;
                    byte[] KeyEncrypted = new byte[lenK];
                    byte[] IV = new byte[lenIV];
                    inFs.Seek(8, SeekOrigin.Begin);
                    inFs.Read(KeyEncrypted, 0, lenK);
                    inFs.Seek(8 + lenK, SeekOrigin.Begin);
                    inFs.Read(IV, 0, lenIV);
                    byte[] KeyDecrypted = rsaKey.Decrypt(KeyEncrypted, false);
                    using (ICryptoTransform transform = aesManaged.CreateDecryptor(KeyDecrypted, IV))
                    {
                        int count = 0;
                        int offset = 0;
                        int blockSizeBytes = aesManaged.BlockSize / 8;
                        byte[] data = new byte[blockSizeBytes];
                        inFs.Seek(startC, SeekOrigin.Begin);
                        using (CryptoStream outStreamDecrypted = new CryptoStream(outFs, transform, CryptoStreamMode.Write))
                        {
                            do
                            {
                                count = inFs.Read(data, 0, blockSizeBytes);
                                offset += count;
                                outStreamDecrypted.Write(data, 0, count);
                            }
                            while (count > 0);

                            outStreamDecrypted.FlushFinalBlock();
                        }
                    }

                }

            }
            return outFs;

        }

c# возвращаем сертификат из файла / C# get certificate from .crt .pfx file

public static X509Certificate2 GetCertificateFromFile(string certPath)
        {
            return new X509Certificate2(certPath);
        }

c# Возвращаем сертификат из хранилища Windows сертификатов / c# get certificate from windows store

public static X509Certificate2 GetCertificateFromStore(string certName)
        {
            X509Store store = new X509Store(StoreLocation.CurrentUser);
            try
            {
                store.Open(OpenFlags.ReadOnly);
                X509Certificate2Collection certCollection = store.Certificates;
                X509Certificate2Collection currentCerts = certCollection.Find(X509FindType.FindByTimeValid, DateTime.Now, false);
                X509Certificate2 o = currentCerts[0];
                X509Certificate2Collection signingCert = currentCerts.Find(X509FindType.FindBySubjectName, certName, false);
                if (signingCert.Count == 0)
                    return null;
                return signingCert[0];
            }
            finally
            {
                store.Close();
            }

        }