充气城堡错误!证书的公钥与指定的值不匹配
请帮助我; 我使用 bouncy castle 创建带有私钥/公钥 DSA 的证书 x.509,我使用以下代码:
SecureRandom randomdsa = new SecureRandom();
DateTime startDatedsa = DateTime.Today;
DateTime expiryDatedsa = DateTime.Today.AddYears(2); // Set whatever expiration date you want
BigInteger serialNumberdsa = new BigInteger(1, BitConverter.GetBytes(DateTime.Now.Ticks));
DsaKeyPairGenerator generatordsa = new DsaKeyPairGenerator();
DsaParametersGenerator paramgen = new DsaParametersGenerator();
paramgen.Init(512, 100, new SecureRandom());
DsaKeyGenerationParameters genParamdsa = new DsaKeyGenerationParameters(new SecureRandom(), paramgen.GenerateParameters());
generatordsa.Init(genParamdsa);
AsymmetricCipherKeyPair keyPairdsa = generatordsa.GenerateKeyPair();
DsaPrivateKeyParameters dsaprivkey2= ((DsaPrivateKeyParameters) keyPairdsa.Private);
X509V3CertificateGenerator certGendsa = new X509V3CertificateGenerator();
X509Name dnNamedsa = new X509Name("CN= DSA with private ");
certGendsa.SetSerialNumber(serialNumberdsa);
certGendsa.SetIssuerDN(cert.IssuerDN); // a name of the issuer
certGendsa.SetSubjectDN(dnNamedsa);
certGendsa.SetPublicKey(keyPairdsa.Public);
certGendsa.SetSignatureAlgorithm("sha512WithRSA");
certGendsa.SetNotBefore(startDatedsa);
certGendsa.SetNotAfter(expiryDatedsa);
Org.BouncyCastle.X509.X509Certificate certdsa = certGendsa.Generate(ackp.Private); // a private key of the issuer
certGendsa.AddExtension(X509Extensions.AuthorityKeyIdentifier, true, new AuthorityKeyIdentifierStructure(cert)); // cert 是权限
certGendsa.AddExtension(X509Extensions.ExtendedKeyUsage, false, new ExtendedKeyUsage(us));
certGendsa.AddExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage. CrlSign|KeyUsage.KeyCertSign));
certGendsa.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false));
//私有参数:
DSACryptoServiceProvider rcspdsa = new DSACryptoServiceProvider();
DSAParameters parmsdsa = new DSAParameters();
parmsdsa.X = dsaprivkey2.X.ToByteArrayUnsigned();
parmsdsa.P= dsaprivkey2.Parameters.P.ToByteArrayUnsigned();
parmsdsa.Q= dsaprivkey2.Parameters.Q.ToByteArrayUnsigned();
parmsdsa.G= dsaprivkey2.Parameters.G.ToByteArrayUnsigned();
rcspdsa.ImportParameters(parmsdsa);
Pkcs12Store pkcs12Storedsa = new Pkcs12StoreBuilder().Build();
byte[] importcertds = DotNetUtilities.ToX509Certificate(certdsa).Export(System.Security.Cryptography.X509Certificates.X509ContentType.Pkcs12, "password");
var importcertdsa = new X509Certificate2(importcertds, "password");
X509CertificateEntry cedsa = new X509CertificateEntry(DotNetUtilities.FromX509Certificate(importcertdsa));
pkcs12Storedsa.SetCertificateEntry("DSACertificate", cedsa);
pkcs12Storedsa.SetKeyEntry("DSAPrivKey", new AsymmetricKeyEntry(DotNetUtilities.GetDsaKeyPair(rcspdsa).Private), new[] { cedsa });
pkcs12Storedsa.Save(File.Open("dsacert.pfx", FileMode.OpenOrCreate), "password".ToCharArray(), new SecureRandom());
rcspdsa.PersistKeyInCsp = true;
DSACryptoServiceProvider.UseMachineKeyStore = true;
importcertdsa.PrivateKey = rcspdsa;// hear is the exception
// 将证书添加到当前用户:
var storedsa = new X509Store("Root", StoreLocation.CurrentUser);
storedsa.Open(OpenFlags.ReadWrite);
storedsa.Add(importcertdsa);
storedsa.Close();
问题是我收到异常:
CryptographicUnexpectedOperationException : la clé publique du certificat ne recognizes pas a la valeur spécifié(证书的公钥与指定的值不匹配 ) 异常是在指令处抛出的:
importcertdsa.PrivateKey = rcspdsa;
有人可以帮助我吗?
多谢
plesae help me;
i use bouncy castle to create a certificate x.509 with private/publi key DSA, the following code is what i use:
SecureRandom randomdsa = new SecureRandom();
DateTime startDatedsa = DateTime.Today;
DateTime expiryDatedsa = DateTime.Today.AddYears(2); // Set whatever expiration date you want
BigInteger serialNumberdsa = new BigInteger(1, BitConverter.GetBytes(DateTime.Now.Ticks));
DsaKeyPairGenerator generatordsa = new DsaKeyPairGenerator();
DsaParametersGenerator paramgen = new DsaParametersGenerator();
paramgen.Init(512, 100, new SecureRandom());
DsaKeyGenerationParameters genParamdsa = new DsaKeyGenerationParameters(new SecureRandom(), paramgen.GenerateParameters());
generatordsa.Init(genParamdsa);
AsymmetricCipherKeyPair keyPairdsa = generatordsa.GenerateKeyPair();
DsaPrivateKeyParameters dsaprivkey2= ((DsaPrivateKeyParameters) keyPairdsa.Private);
X509V3CertificateGenerator certGendsa = new X509V3CertificateGenerator();
X509Name dnNamedsa = new X509Name("CN= DSA with private ");
certGendsa.SetSerialNumber(serialNumberdsa);
certGendsa.SetIssuerDN(cert.IssuerDN); // a name of the issuer
certGendsa.SetSubjectDN(dnNamedsa);
certGendsa.SetPublicKey(keyPairdsa.Public);
certGendsa.SetSignatureAlgorithm("sha512WithRSA");
certGendsa.SetNotBefore(startDatedsa);
certGendsa.SetNotAfter(expiryDatedsa);
Org.BouncyCastle.X509.X509Certificate certdsa = certGendsa.Generate(ackp.Private); // a private key of the issuer
certGendsa.AddExtension(X509Extensions.AuthorityKeyIdentifier, true, new AuthorityKeyIdentifierStructure(cert)); // cert is the authority
certGendsa.AddExtension(X509Extensions.ExtendedKeyUsage, false, new ExtendedKeyUsage(us));
certGendsa.AddExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage. CrlSign|KeyUsage.KeyCertSign));
certGendsa.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false));
//private parametres:
DSACryptoServiceProvider rcspdsa = new DSACryptoServiceProvider();
DSAParameters parmsdsa = new DSAParameters();
parmsdsa.X = dsaprivkey2.X.ToByteArrayUnsigned();
parmsdsa.P= dsaprivkey2.Parameters.P.ToByteArrayUnsigned();
parmsdsa.Q= dsaprivkey2.Parameters.Q.ToByteArrayUnsigned();
parmsdsa.G= dsaprivkey2.Parameters.G.ToByteArrayUnsigned();
rcspdsa.ImportParameters(parmsdsa);
Pkcs12Store pkcs12Storedsa = new Pkcs12StoreBuilder().Build();
byte[] importcertds = DotNetUtilities.ToX509Certificate(certdsa).Export(System.Security.Cryptography.X509Certificates.X509ContentType.Pkcs12, "password");
var importcertdsa = new X509Certificate2(importcertds, "password");
X509CertificateEntry cedsa = new X509CertificateEntry(DotNetUtilities.FromX509Certificate(importcertdsa));
pkcs12Storedsa.SetCertificateEntry("DSACertificate", cedsa);
pkcs12Storedsa.SetKeyEntry("DSAPrivKey", new AsymmetricKeyEntry(DotNetUtilities.GetDsaKeyPair(rcspdsa).Private), new[] { cedsa });
pkcs12Storedsa.Save(File.Open("dsacert.pfx", FileMode.OpenOrCreate), "password".ToCharArray(), new SecureRandom());
rcspdsa.PersistKeyInCsp = true;
DSACryptoServiceProvider.UseMachineKeyStore = true;
importcertdsa.PrivateKey = rcspdsa;// hear is the exception
// adding the certificate to the current user:
var storedsa = new X509Store("Root", StoreLocation.CurrentUser);
storedsa.Open(OpenFlags.ReadWrite);
storedsa.Add(importcertdsa);
storedsa.Close();
a probleme is that i recieve an exception:
CryptographicUnexpectedOperationException :
la clé publique du certificat ne correspond pas a la valeur spécifié (the public key of the certificate does not match with the value specified
)
the exception is the thrown at the instruction :
importcertdsa.PrivateKey = rcspdsa;
is thers any one who can help me ?
thanks a lot
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论