1. 首頁
  2. 問答
  3. 從的RSACryptoServiceProvider創建X509Certificate2失敗,找不到請求的對象

從的RSACryptoServiceProvider創建X509Certificate2失敗,找不到請求的對象

2012-02-04 36 views
8

示例代碼:從的RSACryptoServiceProvider創建X509Certificate2失敗,找不到請求的對象

 CspParameters cspParameters = new CspParameters(); 
     cspParameters.ProviderType = 1; // PROV_RSA_FULL 

     // Create the crypto service provider, generating a new 
     // key. 
     mRsaCSP = new RSACryptoServiceProvider(mDefaultKeyLength, cspParameters); 
     mRsaCSP.PersistKeyInCsp = true; 
     RSAParameters privateKey = mRsaCSP.ExportParameters(true); 


     byte[] rsaBytes = mRsaCSP.ExportCspBlob(true); 

     try 
     { 
      X509Certificate2 cert = new X509Certificate2(rsaBytes);     
      mKeyDataPfx = Convert.ToBase64String(cert.Export(X509ContentType.Pkcs12, password)); 
     } 
     catch (Exception ce) 
     { 
      string error = ce.Message; 
     }

來源

2012-02-04 chiefbrownbotom

+0

RSA密鑰與X509證書不直接兼容。 X509證書需要由發行人簽署密鑰,即使它是自簽名的。你能告訴我們你實際上想要完成什麼嗎?您是否試圖在代碼中動態創建X509證書? – 2012-02-04 18:32:41

+1

是的。這正是我想要做的。我的想法是,我將舊的RSA證書存儲爲RSACryptoServiceProvider.ToXmlString(true)的字符串。這些需要被讀入並導出爲PFX文件。 需要生成新的RSA證書並將其存儲爲PFX文件。 – chiefbrownbotom 2012-02-04 18:50:27

+0

我建議你看看Bouncy Castle .NET的源代碼和例子。我認爲例子bccrypto-net-1.7-src \ csharp \ crypto \ test \ src \ pkcs \ examples \ PKCS12Example.cs應該讓你開始。 http://www.bouncycastle.org/csharp/ – 2012-02-04 20:11:00

回答

2

這裏是我的解決方案,使用BouncyCastle的庫。

// create the RSA key from an XML string 
RSACryptoServiceProvider key = new RSACryptoServiceProvider(); 
key.FromXmlString(keyTextBox.Text); 

// convert to BouncyCastle key object 
var keypair = DotNetUtilities.GetRsaKeyPair(key); 

var gen = new X509V3CertificateGenerator(); 

string certName = Path.GetFileNameWithoutExtension(fileName); 
var name = new X509Name("CN=" + certName); 
var serial = BigInteger.ProbablePrime(120, new Random()); 

gen.SetSerialNumber(serial); 
gen.SetSubjectDN(name); 
gen.SetIssuerDN(name); 
gen.SetNotAfter(DateTime.Now.AddYears(10)); 
gen.SetNotBefore(DateTime.Now); 
gen.SetSignatureAlgorithm("MD5WithRSA"); 
gen.SetPublicKey(keypair.Public); 

// generate the certificate 
var newCert = gen.Generate(keypair.Private); 
// convert back to .NET certificate 
var cert = DotNetUtilities.ToX509Certificate(newCert); 
// export as byte array 
byte[] certData = cert.Export(X509ContentType.Pfx); 

File.WriteAllBytes(fileName, certData);

來源

2015-09-28 11:39:22

相關問題

 相關問題