BouncyCastle PrivateKey 到 X509Certificate2 PrivateKey

时间:2023-03-26
本文介绍了BouncyCastle PrivateKey 到 X509Certificate2 PrivateKey的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

问题描述

我使用 BouncyCastle 创建证书

I create a certificate using BouncyCastle

        var keypairgen = new RsaKeyPairGenerator();
        keypairgen.Init(new KeyGenerationParameters(new SecureRandom(new CryptoApiRandomGenerator()), 1024));

        var keypair = keypairgen.GenerateKeyPair();

        var gen = new X509V3CertificateGenerator();

        var CN = new X509Name("CN=" + certName);
        var SN = BigInteger.ProbablePrime(120, new Random());

        gen.SetSerialNumber(SN);
        gen.SetSubjectDN(CN);
        gen.SetIssuerDN(CN);
        gen.SetNotAfter(DateTime.Now.AddYears(1));
        gen.SetNotBefore(DateTime.Now.Subtract(new TimeSpan(7,0,0,0)));
        gen.SetSignatureAlgorithm("MD5WithRSA");
        gen.SetPublicKey(keypair.Public);

        gen.AddExtension( 
            X509Extensions.AuthorityKeyIdentifier.Id, 
            false, 
            new AuthorityKeyIdentifier( 
                SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keypair.Public), 
                new GeneralNames(new GeneralName(CN)), 
                SN 
            )); 

        gen.AddExtension( 
            X509Extensions.ExtendedKeyUsage.Id, 
            false, 
            new ExtendedKeyUsage(new ArrayList() 
            { 
                new DerObjectIdentifier("1.3.6.1.5.5.7.3.1") 
            }));

        var newCert = gen.Generate(keypair.Private);

X509Certificate2 certificate = new X509Certificate2(DotNetUtilities.ToX509Certificate((Org.BouncyCastle.X509.X509Certificate)newCert));

现在,因为我的任务告诉我将证书和 PrivateKey 都存储在 X509Certificate2 对象中,所以我需要一种将 keypair.Private 转换为 X509Certificate2.Private 的方法.有什么想法吗?

Now, because my assignment tells me to store both the Certificate and the PrivateKey in the X509Certificate2 object I need a way to convert the keypair.Private into a X509Certificate2.Private. Any ideas?

谢谢.

推荐答案

如果您查看 this question,你应该可以使用类似于 DotNetUtilities.ToRSA(...) 并将其返回值放入X509Certificate2PrivateKey中.

If you look at the links from this question, you should be able to use something similar to DotNetUtilities.ToRSA(...) and put its return value into the X509Certificate2's PrivateKey.

这篇关于BouncyCastle PrivateKey 到 X509Certificate2 PrivateKey的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

上一篇:将数据放入 cookie 是否安全? 下一篇:CMS 使用不在本地受信任证书存储中的证书链登录 .NET

相关文章