堆棧內存溢出
  簡體   English   中英

來自帶有私鑰的商店的 X509Certificate2

[英]X509Certificate2 from store with private key

 原文  2016-04-02 08:49:12       c#/ client-certificates/ x509certificate2/ mutual-authentication

問題描述

我有一個帶有私鑰的X509Certificate2 ,不能使用以下代碼從 Windows 商店導出:

X509Certificate2 oCertificato = null;

X509Store my = new X509Store(StoreName.My, StoreLocation.CurrentUser);
my.Open(OpenFlags.ReadOnly);
System.Security.Cryptography.RSACryptoServiceProvider csp = null;
foreach (X509Certificate2 cert in my.Certificates)
{
    if (cert.SerialNumber.Trim() == cSerial)
    {
        csp = (System.Security.Cryptography.RSACryptoServiceProvider)cert.PrivateKey;
        oCertificato = cert;
        break;
    }
}

當我將證書與 Web 服務一起使用時,Windows 會詢問私鑰。 問題:如何將私鑰發送到證書?

問候。

編輯:這是將連接作為 Web 服務的功能:

string cEndPoint = Leo.myendpoint();

ServicePointManager.ServerCertificateValidationCallback = CertificateHandler;

datiOperatore DataOp = Leo.OperatorData();//Operator data request from system (it's ok)
datiApplicativo DataApp = Leo.AppData();//program data request from system (it's ok)

var b = new CustomBinding();
var sec = new AsymmetricSecurityBindingElement(
    new X509SecurityTokenParameters(X509KeyIdentifierClauseType.Any, SecurityTokenInclusionMode.Never),
    new X509SecurityTokenParameters(X509KeyIdentifierClauseType.Any, SecurityTokenInclusionMode.AlwaysToRecipient));
sec.MessageSecurityVersion = MessageSecurityVersion.WSSecurity10WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10;
sec.SecurityHeaderLayout = SecurityHeaderLayout.Strict;
sec.IncludeTimestamp = true;
sec.SetKeyDerivation(false);
sec.KeyEntropyMode = System.ServiceModel.Security.SecurityKeyEntropyMode.ServerEntropy;
sec.EnableUnsecuredResponse = true;

b.Elements.Add(sec);

b.Elements.Add(new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8));
b.Elements.Add(new HttpsTransportBindingElement());

EndpointAddress ea = new EndpointAddress(cEndPoint);

oClient = new CVPClient(b, ea);

X509Certificate2 certSigned = Leo.GetSignedCert();//HERE IS THE REQUEST OF PRIVATE KEY
X509Certificate2 certUnsigned = Leo.GetUnSignedCertificate();

oClient.ClientCredentials.ClientCertificate.Certificate = certSigned;
oClient.ClientCredentials.ServiceCertificate.DefaultCertificate = certUnsigned;

1 個解決方案

解決方案1
 1  2016-04-02 14:54:13

我解決問題:

string cPin = "12345";
System.Security.SecureString SecurePIN = new System.Security.SecureString();
foreach (char ch in cPin)
{ SecurePIN.AppendChar(ch); }
var rsa = (RSACryptoServiceProvider)certSigned.PrivateKey;
string ContinerName = rsa.CspKeyContainerInfo.KeyContainerName;
string CspName = rsa.CspKeyContainerInfo.ProviderName;
int CspType = rsa.CspKeyContainerInfo.ProviderType;
CspParameters csp = new CspParameters(CspType, CspName, ContinerName, new System.Security.AccessControl.CryptoKeySecurity(), SecurePIN);
RSACryptoServiceProvider CSP = new RSACryptoServiceProvider(csp);

我希望它對其他人有用

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 X509Certificate2 的 .pem 私鑰 從X509Certificate2刪除私鑰 將X509Certificate2證書與.NET中的私鑰相關聯 X509Certificate2 的私鑰不可導出? 無法讀取X509Certificate2上的私鑰 使用私鑰將X509Certificate2導出到字節數組 將私鑰添加到 X509Certificate2 - C# 使用 X509Certificate2 和私鑰對文件進行簽名 X509Certificate2訪問私鑰到安全令牌 將私鑰與.net中的X509Certificate2 class關聯
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM