C# private-key bouncycastle x509certificate

从 BouncyCastle X509 证书获取私钥？ C#

发布于 2024-09-10 05:27:53 字数 759 浏览 8 评论 0原文

通常，当我从密钥库中获取 X509Certificate2 时，我可以调用 .PrivateKey 来检索证书的私钥作为 AmetryAlgorithm。但是，我决定使用 Bouncy Castle，其 X509Certificate 实例只有一个 getPublicKey(); 我看不到从证书中获取私钥的方法。有什么想法吗？

我从我的 Windows-MY 密钥库获取 X509Certificate2，然后使用：

//mycert is an X509Certificate2 retrieved from Windows-MY Keystore
X509CertificateParser certParser = new X509CertificateParser();
X509Certificate privateCertBouncy = certParser.ReadCertificate(mycert.GetRawCertData());
AsymmetricKeyParameter pubKey = privateCertBouncy.GetPublicKey();
//how do i now get the private key to make a keypair?

是否有办法将 AmetryAlgorithm（C# 私钥）转换为 AmetryKeyParameter（bouncycastle 私钥）？

原文

Normally when I grab an X509Certificate2 out of my keystore I can call .PrivateKey to retrieve the cert's private key as an AsymmetricAlgorithm. However I have decided to use Bouncy Castle and its instance of X509Certificate only has a getPublicKey(); I cannot see a way to get the private key out of the cert. Any ideas?

I get the an X509Certificate2 from my Windows-MY keystore then use:

//mycert is an X509Certificate2 retrieved from Windows-MY Keystore
X509CertificateParser certParser = new X509CertificateParser();
X509Certificate privateCertBouncy = certParser.ReadCertificate(mycert.GetRawCertData());
AsymmetricKeyParameter pubKey = privateCertBouncy.GetPublicKey();
//how do i now get the private key to make a keypair?

Is there anyway to convert a AsymmetricAlgorithm(C# private key) to a AsymmetricKeyParameter(bouncycastle private key)?

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

生活了然无味 2024-09-17 05:27:53

Akp = Org.BouncyCastle.Security.DotNetUtilities.GetKeyPair(this.Certificate.PrivateKey).Private;

Akp = Org.BouncyCastle.Security.DotNetUtilities.GetKeyPair(this.Certificate.PrivateKey).Private;

回复收藏 0 原文

如何视而不见 2024-09-17 05:27:53

对 BouncyCastle 不太了解，但在我看来，最简单的事情就是根据关键参数重新创建密钥。

public static AsymmetricKeyParameter TransformRSAPrivateKey(
    AsymmetricAlgorithm privateKey)
{
    RSACryptoServiceProvider prov = privateKey as RSACryptoServiceProvider;
    RSAParameters parameters = prov.ExportParameters(true);
    
    return new RsaPrivateCrtKeyParameters(
        new BigInteger(1,parameters.Modulus),
        new BigInteger(1,parameters.Exponent),
        new BigInteger(1,parameters.D),
        new BigInteger(1,parameters.P),
        new BigInteger(1,parameters.Q),
        new BigInteger(1,parameters.DP),
        new BigInteger(1,parameters.DQ),
        new BigInteger(1,parameters.InverseQ));
}

您可以使用以下方式调用代码：

AsymmetricKeyParameter bouncyCastlePrivateKey = 
    TransformRSAPrivateKey(mycert.PrivateKey);

显然，这假设证书包含 RSA 密钥，但使用 DSACryptoServiceProvider 和 DSAParameters 对于 DSA 可以实现相同的结果。

Don't know BouncyCastle that much but it seems to me that the simple thing to do is to recreate the key based on the key parameters.

public static AsymmetricKeyParameter TransformRSAPrivateKey(
    AsymmetricAlgorithm privateKey)
{
    RSACryptoServiceProvider prov = privateKey as RSACryptoServiceProvider;
    RSAParameters parameters = prov.ExportParameters(true);
    
    return new RsaPrivateCrtKeyParameters(
        new BigInteger(1,parameters.Modulus),
        new BigInteger(1,parameters.Exponent),
        new BigInteger(1,parameters.D),
        new BigInteger(1,parameters.P),
        new BigInteger(1,parameters.Q),
        new BigInteger(1,parameters.DP),
        new BigInteger(1,parameters.DQ),
        new BigInteger(1,parameters.InverseQ));
}

You can call the code by using

AsymmetricKeyParameter bouncyCastlePrivateKey = 
    TransformRSAPrivateKey(mycert.PrivateKey);

Obviously this assumes that the certificate includes a RSA Key but the same result can be achieved for DSA with DSACryptoServiceProvider and DSAParameters.

回复收藏 0 原文

狠疯拽 2024-09-17 05:27:53

找到.NET X509Certificate2：

X509Certificate2 cert = this.FindCertificate(certificateFriendlyName);

将其解析为BouncyCastle证书并使用X509Certificate2Signature获取签名：

var parser = new X509CertificateParser();
var bouncyCertificate = parser.ReadCertificate(cert.RawData);
var algorithm = DigestAlgorithms.GetDigest(bouncyCertificate.SigAlgOid);
var signature = new X509Certificate2Signature(cert, algorithm);

Find .NET X509Certificate2:

X509Certificate2 cert = this.FindCertificate(certificateFriendlyName);

Parse it to BouncyCastle certificate and use X509Certificate2Signature to get signature:

var parser = new X509CertificateParser();
var bouncyCertificate = parser.ReadCertificate(cert.RawData);
var algorithm = DigestAlgorithms.GetDigest(bouncyCertificate.SigAlgOid);
var signature = new X509Certificate2Signature(cert, algorithm);

回复收藏 0 原文

~没有更多了~