堆栈内存溢出
  简体   繁体   English

如何用证书和私钥签名电子邮件?

[英]How do I sign an email message with a certificate and private key?

 原文  2015-05-01 03:45:08       c#/ winforms/ ssl/ smime/ mimekit

问题描述

So I'm trying to sign an email using an X509Certificate2 that has been selected by a user. 因此,我正在尝试使用用户已选择的X509Certificate2签署电子邮件。 I've been trying to do this using MimeKit but the documentation for this appears to be old. 我一直在尝试使用MimeKit进行此操作,但是此文档似乎很旧。

This is how they tell you to do this on the github page (found here ) 这就是他们告诉您如何在github页面上执行此操作(在此处找到) 

using (var ctx = new MySecureMimeContext ()) {
    var certificate = GetJoeysX509Certificate ();
    var signer = new CmsSigner (certificate);
    signer.DigestAlgorithm = DigestAlgorithm.Sha1;

    message.Body = MultipartSigned.Create (ctx, signer, body);
}

The first issue I have is that the above is using 我的第一个问题是以上内容正在使用 

Org.BouncyCastle.X509.X509Certificate

and I am getting the certificate from X509Store() which uses 我从X509Store()获得证书,该证书使用 

System.Security.Cryptography.X509Certificates.X509Certificate2

ie 

X509Store store = new X509Store("My");

store.Open(OpenFlags.ReadOnly);

// bind to dropdownlist for user to select...

store.Close();

This suggests that I should be retrieving my list of certificates using some other method (one that I haven't been able to find any documentation for). 这表明我应该使用其他方法(我无法为其找到任何文档的方法)来检索证书列表。

My second problem is that, CmsSigner requires a second argument (AsymmetricKeyParameter), not one, as shown in the example. 我的第二个问题是,CmsSigner需要第二个参数(AsymmetricKeyParameter),而不是一个,如示例所示。

So my questions are: 所以我的问题是:

  • How do I get a list of certificates using MimeKit? 如何使用MimeKit获取证书列表?
  • How do I get an AsymmetricKeyParameter? 如何获得AsymmetricKeyParameter?

1 个解决方案

解决方案1
 2 已采纳  2015-05-02 13:45:59

To get an Org.BouncyCastle.X509.X509Certificate from a System.Security.Cryptography.X509Certificates.X509Certificate2 , you can use the following code snippet: 要从System.Security.Cryptography.X509Certificates.X509Certificate2获取Org.BouncyCastle.X509.X509Certificate ,可以使用以下代码片段: 

static bool TryGetCertificateAndPrivateKey (X509Certificate2 x509Certificate2, out Org.BouncyCastle.X509.X509Certificate certificate, out AsymmetricKeyParameter privateKey)
{
    if (x509Certificate2 == null || !x509Certificate.HasPrivateKey) {
        certificate = null;
        privateKey = null;
        return false;
    }

    var keyPair = Org.BouncyCastle.Security.DotNetUtilities.GetKeyPair (x509Certificate2.PrivateKey);
    certificate = Org.BouncyCastle.Security.DotNetUtilities.FromX509Certificate (x509Certificate2);
    privateKey = keyPair.Private;

    return true;
}

I'll add a new CmsSigner constructor that takes an X509Certificate2 that does the conversion for you in the next release of MimeKit. 我将添加一个新的CmsSigner构造函数,该构造函数采用X509Certificate2,在下一个MimeKit版本中为您进行转换。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用.NET Core 2中存储在Azure Key Vault中的PFX证书中的私钥? - How do I use the private key from a PFX certificate stored in Azure Key Vault in .NET Core 2? 如何发送带有SSL证书的电子邮件? - How do I send an email with a SSL certificate? 没有证书中的私钥的证书身份验证和消息安全性 - Certificate Authentication and Message Security without private key in the certificate 使用 X509Certificate2 和私钥对文件进行签名 - Sign a file with a X509Certificate2 and private key 使用私钥 X509 证书签名字符串 - Sign string with private key X509 certificate 如何在 dotnet core 3.1 MacOS 上使用 ECDsa 使用现有私钥对消息进行签名? - How to sign a message with existing private key by using ECDsa on dotnet core 3.1 MacOS? 如何创建自签名证书来签署 MimeKit 消息? - How to create a self-sign certificate to sign a MimeKit Message? 如何以编程方式查找用于签署给定证书的证书? - How do I programmatically find which certificate was used to sign a given certificate? 如何从数据库的私钥中检索公钥 - How do I retrieve public key from private key in database 如何检测 AsymmetricAlgorithm 是私钥还是公钥 - How do I detect if AsymmetricAlgorithm is a private key or a public key
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM