如何在C#(Mono / Xamarin)中使用Bouncy Castle導入簽名的SSL證書?
[英]How to import a signed SSL certificate using Bouncy Castle in C# (Mono/Xamarin)?
問題描述
我使用Bouncy Castle生成私鑰,以及PKCS10 CSR,然后我將其發送到遠程服務器進行簽名。 我作為字符串回復了標准的base64編碼的簽名SSL證書。 問題是,如何從字符串導入簽名證書,然后將私鑰和簽名證書保存為PKCS12(.PFX)文件?
此外,如何捆綁CA證書以包含在PFX文件中?
// Generate the private/public keypair
RsaKeyPairGenerator kpgen = new RsaKeyPairGenerator ();
CryptoApiRandomGenerator randomGenerator = new CryptoApiRandomGenerator ();
kpgen.Init (new KeyGenerationParameters (new SecureRandom (randomGenerator), 2048));
AsymmetricCipherKeyPair keyPair = kpgen.GenerateKeyPair ();
// Generate the CSR
X509Name subjectName = new X509Name ("CN=domain.com/name=Name");
Pkcs10CertificationRequest kpGen = new Pkcs10CertificationRequest ("SHA256withRSA", subjectName, keyPair.Public, null, keyPair.Private);
string certCsr = Convert.ToBase64String (kpGen.GetDerEncoded ());
// ** certCsr is now sent to be signed **
// ** let's assume that we get "certSigned" in response, and also have the CA **
string certSigned = "[standard signed certificate goes here]";
string certCA = "[standard CA certificate goes here]";
// Now how do I import certSigned and certCA
// Finally how do I export everything as a PFX file?
1 個解決方案
解決方案1
3 已采納 2015-01-28 04:49:04
Bouncy Castle是一個非常強大的庫,但缺乏文檔使得它很難使用。 在通過所有類和方法搜索了太長時間之后,我終於找到了我想要的東西。 以下代碼將使用先前生成的私鑰,將其與簽名證書和CA捆綁在一起,然后將其另存為.PFX文件:
// Import the signed certificate
X509Certificate signedX509Cert = new X509CertificateParser ().ReadCertificate (Encoding.UTF8.GetBytes (certSigned));
X509CertificateEntry certEntry = new X509CertificateEntry (signedX509Cert);
// Import the CA certificate
X509Certificate signedX509CaCert = new X509CertificateParser ().ReadCertificate (Encoding.UTF8.GetBytes (certCA ));
X509CertificateEntry certCaEntry = new X509CertificateEntry (signedX509CaCert);
// Prepare the pkcs12 certificate store
Pkcs12Store store = new Pkcs12StoreBuilder ().Build ();
// Bundle together the private key, signed certificate and CA
store.SetKeyEntry (signedX509Cert.SubjectDN.ToString () + "_key", new AsymmetricKeyEntry (keyPair.Private), new X509CertificateEntry[] {
certEntry,
certCaEntry
});
// Finally save the bundle as a PFX file
using (var filestream = new FileStream (@"CertBundle.pfx", FileMode.Create, FileAccess.ReadWrite)) {
store.Save (filestream, "password".ToCharArray (), new SecureRandom ());
}
歡迎提供反饋和改進!
C# 如何使用 Bouncy Castle 而不是 x509certificate2 在 Asp.net 5 中使用 S/Mime
[英]C# How to S/Mime in Asp.net 5 with Bouncy Castle instead of x509certificate2
如何在C#中使用Bouncy Castle將X.509 v.3谷歌證書添加到項目中
[英]How to add X.509 v.3 google certificate to project with Bouncy Castle in c#
如何使用 Bouncy Castle 或其他 c# 庫在 C# 中驗證此 PGP 消息
[英]How to verify this PGP message in C# using Bouncy Castle or other c# library
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
使用Mono或Bouncy Castle c#進行TLS實現
如何在Bouncy Castle C#中使用RSA打開密鑰?
在 C# 中使用 Bouncy Castle 加密/解密
使用Bouncy Castle的C#RSA解密
在 C# 中使用 Bouncy Castle 簽署 CSR
Bouncy Castle 使用 C# 簽署和驗證 SHA256 證書
C# 如何使用 Bouncy Castle 而不是 x509certificate2 在 Asp.net 5 中使用 S/Mime
如何在C#中使用Bouncy Castle將X.509 v.3谷歌證書添加到項目中
C# 充氣城堡 FipsDRBG
如何使用 Bouncy Castle 或其他 c# 庫在 C# 中驗證此 PGP 消息
相關標簽