C#从证书模板中获取算法名称 / OID
使用c#,.net。
是否可以在以下2个方案中获取算法名称:
A。提供商类别是“传统加密服务提供商”,而算法名称“由CSP确定”?
B.提供商类别是“关键存储提供商”,并且已指定算法,例如“ ECDH_P256”
我能够使用以下方法来查询有限的信息,但是什么都不能弄清楚算法名或加密算法oid
DirectoryEntry dEntry = new DirectoryEntry("LDAP://CN=customerAxForbeTemplate,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration");
// Example properties I can access:
dEntry.Properties["name"].Value.ToString();
dEntry.Properties["msPKI-RA-Application-Policies"].Value.ToString();
// ...
后一个属性“ mspki-ra-application-policies”确实返回了可能对方案b可能有用的东西(我很犹豫,因为我不熟悉模板,所以我不确定是否确定这代表了同一领域 - 键的命名对我来说尚不清楚)。该字段在方案A中不存在
。
Using C#, .NET.
Is it possible to get the Algorithm name in the following 2 scenarios please:
A. Provider Category is "Legacy Cryptographic Service Provider" and the Algorithm name is "Determined by CSP"?
B. Provider Category is "Key Storage Provider" and Algorithm has been specified e.g. "ECDH_P256"
I am able to query a limited amount of information using the following approach but nothing to figure out the algorithm name, or crypto algorithm oid
DirectoryEntry dEntry = new DirectoryEntry("LDAP://CN=customerAxForbeTemplate,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration");
// Example properties I can access:
dEntry.Properties["name"].Value.ToString();
dEntry.Properties["msPKI-RA-Application-Policies"].Value.ToString();
// ...
The latter property "msPKI-RA-Application-Policies" does return something possibly useful for scenario B (I am bit hesitant as I am not familiar with templates so I am not sure if that IS representative of the same field - the naming of keys is not clear for me). This field is not present in scenario A.
"msPKI-Asymmetric-AlgorithmPZPWSTRECDH_P512` ..."
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
对于场景A,您可以读取DefaultCSPS(已检查的提供商列表)。但是有些允许多个算法(例如智能卡提供商)。他们中的大多数人的名字都有DSA,DH,RSA等,并且ADC仅支持RSA,DSA和3个NISP P-Curves。
对于场景B,您走在正确的道路上。
For scenario A you can read the DefaultCSPs (The list of providers that are checked). But there are some which allow more than one algorithm (like the smart card provider). Most of them have DSA, DH, RSA, etc in their names and ADCS only supports RSA, DSA and the 3 NISP P-Curves.
For scenario B you are on the right path.