如何在仅给定密钥库的情况下使用 C# 对哈希进行签名和加密
我正在使用使用 vc 6.0 和 cryptoAPI 创建的密钥库。密钥库包含所有交换/签名密钥。因此,我可以很好地使用公钥来使用 RSA 加密数据,但是当需要签名或解密数据时,我似乎无法找到如何使用私钥解密。
我见过很多网站使用 rsa = (RSACryptoServiceProvider)cert.PrivateKey;
但在我的密钥库中,当我查看证书时,所有私钥都不存在。
// 这就是我设置商店的方式
public cryptTest(string storeName)
{
store = new X509Store(storeName);
this.storename = storename;
}
// 这就是我从商店获取证书的方式
public X509Certificate2 getCertificate(string ID, certType ct)
{
if (store == null)
{
return null;
}
store.Open(OpenFlags.ReadOnly);
foreach (X509Certificate2 cert in store.Certificates)
{
if ((ct == certType.exchange && cert.Subject.Contains("Exchange")) ||
(ct == certType.signature && cert.Subject.Contains("Signature")))
{
if (cert.Subject.Contains(ID)) // if the ID match
{
// todo check date etc ! is cert still valid if not delete etc.
store.Close();
return cert;
}
}
}
store.Close();
return null;
}
,但在证书中他们永远没有私钥,所以我怎么可能使用密钥库中的证书进行解密或签名?
谢谢一百万!
I'm using a keystore that was created using vc 6.0 and the cryptoAPI. The keystore contains all the exchange/signature keys. So i can use the public keys just fine to encrypt data using RSA but when it comes time to sign or decrypt the data I cant seem to find how to decrypt using the private key.
I've seen lots of sites using
rsa = (RSACryptoServiceProvider)cert.PrivateKey;
but in my keystore when i look at the certs all of the private keys do not exist.
// this is how i setup the store
public cryptTest(string storeName)
{
store = new X509Store(storeName);
this.storename = storename;
}
// this is how i get the certificate from the store
public X509Certificate2 getCertificate(string ID, certType ct)
{
if (store == null)
{
return null;
}
store.Open(OpenFlags.ReadOnly);
foreach (X509Certificate2 cert in store.Certificates)
{
if ((ct == certType.exchange && cert.Subject.Contains("Exchange")) ||
(ct == certType.signature && cert.Subject.Contains("Signature")))
{
if (cert.Subject.Contains(ID)) // if the ID match
{
// todo check date etc ! is cert still valid if not delete etc.
store.Close();
return cert;
}
}
}
store.Close();
return null;
}
but then in the certs they never have a private key, so how could i possibly decrypt or sign using the certs in the keystore ?
Thanks a million !
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我认为 EncryptTo/DecryptTo:.NET 中使用 CryptoAPI 证书存储的加密 MSDN 上的文章应该有您需要的答案。
I think the EncryptTo/DecryptTo: Encryption in .NET with CryptoAPI Certificate Stores article on MSDN should have the answers you need.