stackoom
  简体   繁体   中英

How can I load client certificates from personal store using ASP.NET?

 原文  2011-11-09 09:43:06       c#/ asp.net/ cryptography/ x509certificate/ rsacryptoserviceprovider

Question

How can I load client certificates from personal store using ASP.NET?

If it is possible, can I a crypt data with it?

For that I created an application in ASP.NET 2.0 that retrieves all certificates installed in the client certificate store (personal) to create with it a digital signature.

but it does not work , and I don't know what is the problem 

// ...
using System.Security.Cryptography.X509Certificates;

namespace WebApplication4
{
    public partial class _Default : System.Web.UI.Page
    {
        public static string ToHexString(byte[] bytes)
        {
           // ...
        }

        protected void btnSignature_Click(object sender, EventArgs e)
        {
            X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
            store.Open(OpenFlags.OpenExistingOnly);
            X509Certificate2Collection certificates = store.Certificates;

            int a = certificates.Count;

            lbCertCount.Text = System.Convert.ToString(a);

            if (a > 0)
            {
                X509Certificate2 certificate = certificates[1];

                string publicKey = certificate.GetPublicKeyString();
                lbMypublicKey.Text = publicKey + "<br/>";

                // AsymmetricAlgorithm privateKey = certificate.PrivateKey;

                RSACryptoServiceProvider privateKey = certificate.PrivateKey as RSACryptoServiceProvider;

                // test message 
                byte[] buffer = Encoding.Default.GetBytes("Welcome");
                byte[] signature = privateKey.SignData(buffer, new SHA1Managed());
                string me = ToHexString(signature);

                lbSignature.Text = me;


                RSACryptoServiceProvider publicKey1 = certificate.PublicKey.Key as RSACryptoServiceProvider;

                bool verify = publicKey1.VerifyData(buffer, new SHA1Managed(), signature);

                if (verify == true)
                {
                    lbControl.Text = "Signature valid";
                }
                else
                {
                    lbControl.Text = "Signature not Valid";
                }
            }
        }
    }
}

2 answers

solution1
 1  2011-11-10 13:03:45

For all Googlers:

Add this to your Web.Config : 

<identity impersonate="true" />

For more information, see msdn on impersonation .

solution2
 0  2011-11-09 09:47:54

I'm guessing you have knocked up this ASP.NET app. as a test harness and it is not actually your intention to write a production application that accesses the personal cert. store on a web server? I haven't studied or tested your code at all but I would check security priviledges in the first instance. I expect the account under which the ASP.Net worker process is running does not have access to the personal cert. store.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How Can i access soap webservice using Client certificates in asp.net c# ASP.NET WebApi - How do I “allow”, but not “require” client certificates? How can i extend downloading of personal data in ASP.NET Core Mvc? how to authenicate clients using certificates in an ASP.NET web service How can I store session data in ASP.NET? How can I store a boolean matrix in MVC ASP.NET How can I store an array in a ViewState in asp.net? How can I get client PC Printer settings using C#, asp.net Reading all certificates from asp.net How can I get file from filepath in ASP.NET and return the file to the client
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM