Validate certificate in C#
Question
I can't use the System.Security library due to restrictions on the windows 8 applications. I need to use Windows.Security.Cryptography and I need to validate that a certificate (.cer file) and a key (.key file) are a valid pair.
I'm already reading the file and creating a new instance of a certificate:
Windows.Security.Cryptography.Certificates.Certificate objCert = new Windows.Security.Cryptography.Certificates.Certificate(stream);
stream being the .cer file as an IBuffer.
I can extract some of the properties of the .cer file like expiration or issuer, but I can't get the key that it was signed with, and compare it to the key contained in the .key file.
1 answers
solution1
0 ACCPTED 2014-07-28 22:46:46
You shouldn't compare those keys. You normally compare their hash codes. This is so, because you don't give away the private key.
The certificate has a hash code of the private key. From the key file you can compute that same hash code. Once you have both hash codes you can compare them.
Don't put the private key in the cer file, keep there only the public key and that hash of the private key.
Also look here: How to validate X509 certificate?
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.