堆栈内存溢出
  简体   繁体   English

RSAParameters到pfx(X509Certificate2)转换

[英]RSAParameters to pfx (X509Certificate2) conversion

 原文  2013-07-05 12:19:26       c#/ .net/ security/ pfx/ rsacryptoserviceprovider

问题描述

I want to create a pfx file from keys created by RSACryptoServiceProvider . 我想从RSACryptoServiceProvider创建的密钥创建一个pfx文件。 I tried: 我试过了: 

certificate.PrivateKey =  rsa as AsymmetricAlgorithm;

which is the reverse of: 这是相反的: 

rsa = (RSACryptoServiceProvider)certificate.PrivateKey;

which seems to work (the second, that is). 这似乎工作(第二,也就是说)。 But got the following error: 但得到以下错误:

m_safeCertContext is an invalid handle. m_safeCertContext是一个无效的句柄。

I tried some things using RSAParameters - but to no avail. 我尝试了一些使用RSAParameters的东西 - 但无济于事。

1 个解决方案

解决方案1
 0  2019-04-23 12:18:23

You can use Bouncy Castle to do it: 你可以使用Bouncy Castle来做到这一点: 

private static byte[] MergePFXFromPrivateAndCertificate(RSAParameters privateKey, X509Certificate2 certificate, string pfxPassPhrase)
{
    RsaPrivateCrtKeyParameters rsaParam = new RsaPrivateCrtKeyParameters(
        ParseAsUnsignedBigInteger(privateKey.Modulus),
        ParseAsUnsignedBigInteger(privateKey.Exponent),
        ParseAsUnsignedBigInteger(privateKey.D),
        ParseAsUnsignedBigInteger(privateKey.P),
        ParseAsUnsignedBigInteger(privateKey.Q),
        ParseAsUnsignedBigInteger(privateKey.DP),
        ParseAsUnsignedBigInteger(privateKey.DQ),
        ParseAsUnsignedBigInteger(privateKey.InverseQ)
    );

    Org.BouncyCastle.X509.X509Certificate bcCert = new Org.BouncyCastle.X509.X509CertificateParser().ReadCertificate(certificate.RawData);

    MemoryStream p12Stream = new MemoryStream();
    Pkcs12Store p12 = new Pkcs12Store();
    p12.SetKeyEntry("key", new AsymmetricKeyEntry(rsaParam), new X509CertificateEntry[] { new X509CertificateEntry(bcCert) });
    p12.Save(p12Stream, pfxPassPhrase.ToCharArray(), new SecureRandom());

    return p12Stream.ToArray();
}

private static BigInteger ParseAsUnsignedBigInteger(byte[] rawUnsignedNumber)
{
    return new BigInteger(1, rawUnsignedNumber, 0, rawUnsignedNumber.Length);
}

You will need the following namespaces: 您将需要以下命名空间: 

using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Pkcs;
using Org.BouncyCastle.Security;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 X509Certificate2的RemoteCertificateValidationCallback - RemoteCertificateValidationCallback with X509Certificate2 X509Certificate2到EccKey - X509Certificate2 to EccKey X509Certificate2信息 - X509Certificate2 Info 从证书和密钥创建 X509Certificate2,无需制作 PFX 文件 - Create X509Certificate2 from Cert and Key, without making a PFX file 使用X509Certificate2加载pfx文件时出现“内部错误。” - “An internal error occurred.” when loading pfx file with X509Certificate2 如何使用 openssl 创建与 X509Certificate2 兼容的 pfx - how do I create a pfx compatible with X509Certificate2 with openssl 为什么自签名 PFX X509Certificate2 私钥会引发 NotSupportedException? - Why does self signed PFX X509Certificate2 private key raise a NotSupportedException? 获取“服务器模式 SSL 必须使用具有关联私钥的证书。” X509Certificate2 中的错误由 use.cer 而不是.pfx - Get "The server mode SSL must use a certificate with the associated private key." error in X509Certificate2 by use .cer instead of .pfx Windows Phone 8上的X509Certificate2到X509Certificate - X509Certificate2 to X509Certificate on Windows Phone 8 检索X509Certificate2对象的颁发者 - Retrieving issuer of a X509Certificate2 object
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM