本文整理汇总了C#中System.Security.Cryptography.X509Certificates.X509Certificate2.GetRSAPrivateKey方法的典型用法代码示例。如果您正苦于以下问题:C# X509Certificate2.GetRSAPrivateKey方法的具体用法?C# X509Certificate2.GetRSAPrivateKey怎么用?C# X509Certificate2.GetRSAPrivateKey使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类System.Security.Cryptography.X509Certificates.X509Certificate2的用法示例。
在下文中一共展示了X509Certificate2.GetRSAPrivateKey方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: LoadPrivateKey
/// <summary>
/// Loads the private key from a PFX file in the certificate store.
/// </summary>
public X509Certificate2 LoadPrivateKey(string thumbprint, string subjectName, string password)
{
if (m_certificateSubdir == null || !m_certificateSubdir.Exists)
{
return null;
}
if (string.IsNullOrEmpty(thumbprint) && string.IsNullOrEmpty(subjectName))
{
return null;
}
foreach (FileInfo file in m_certificateSubdir.GetFiles("*.der"))
{
try
{
X509Certificate2 certificate = new X509Certificate2(file.FullName);
if (!String.IsNullOrEmpty(thumbprint))
{
if (!string.Equals(certificate.Thumbprint, thumbprint, StringComparison.CurrentCultureIgnoreCase))
{
continue;
}
}
if (!String.IsNullOrEmpty(subjectName))
{
if (!Utils.CompareDistinguishedName(subjectName, certificate.Subject))
{
if (subjectName.Contains("=") || !certificate.Subject.Contains("CN=" + subjectName))
{
continue;
}
}
}
string fileRoot = file.Name.Substring(0, file.Name.Length - file.Extension.Length);
StringBuilder filePath = new StringBuilder();
filePath.Append(m_privateKeySubdir.FullName);
filePath.Append(Path.DirectorySeparatorChar);
filePath.Append(fileRoot);
FileInfo privateKeyFile = new FileInfo(filePath.ToString() + ".pfx");
RSA rsa = null;
try
{
certificate = new X509Certificate2(
privateKeyFile.FullName,
(password == null) ? String.Empty : password,
X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet);
rsa = certificate.GetRSAPrivateKey();
}
catch (Exception)
{
certificate = new X509Certificate2(
privateKeyFile.FullName,
(password == null) ? String.Empty : password,
X509KeyStorageFlags.Exportable | X509KeyStorageFlags.DefaultKeySet);
rsa = certificate.GetRSAPrivateKey();
}
if (rsa != null)
{
int inputBlockSize = rsa.KeySize / 8 - 42;
byte[] bytes1 = rsa.Encrypt(new byte[inputBlockSize], RSAEncryptionPadding.OaepSHA1);
byte[] bytes2 = rsa.Decrypt(bytes1, RSAEncryptionPadding.OaepSHA1);
if (bytes2 != null)
{
// Utils.Trace(1, "RSA: {0}", certificate.Thumbprint);
return certificate;
}
}
}
catch (Exception e)
{
Utils.Trace(e, "Could not load private key for certificate " + subjectName);
}
}
return null;
}示例2: RsaPkcs15Sha1_Sign
/// <summary>
/// Computes an RSA/SHA1 PKCS#1 v1.5 signature.
/// </summary>
public static byte[] RsaPkcs15Sha1_Sign(
ArraySegment<byte> dataToSign,
X509Certificate2 signingCertificate)
{
// extract the private key.
using (RSA rsa = signingCertificate.GetRSAPrivateKey())
{
if (rsa == null)
{
throw ServiceResultException.Create(StatusCodes.BadSecurityChecksFailed, "No private key for certificate.");
}
// create the signature.
return rsa.SignData(dataToSign.Array, dataToSign.Offset, dataToSign.Count, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
}
}示例3: CreateCertificateFromPKCS12
/// <summary>
/// Creates a certificate from a PKCS #12 store with a private key.
/// </summary>
/// <param name="rawData">The raw PKCS #12 store data.</param>
/// <param name="password">The password to use to access the store.</param>
/// <returns>The certificate with a private key.</returns>
public static X509Certificate2 CreateCertificateFromPKCS12(
byte[] rawData,
string password
)
{
Exception ex = null;
int flagsRetryCounter = 0;
X509Certificate2 certificate = null;
X509KeyStorageFlags[] storageFlags = {
X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet,
X509KeyStorageFlags.Exportable | X509KeyStorageFlags.DefaultKeySet
};
// try some combinations of storage flags, support is platform dependent
while (certificate == null &&
flagsRetryCounter < storageFlags.Length)
{
try
{
// merge first cert with private key into X509Certificate2
certificate = new X509Certificate2(
rawData,
(password == null) ? String.Empty : password,
storageFlags[flagsRetryCounter]);
// can we really access the private key?
using (RSA rsa = certificate.GetRSAPrivateKey()) { }
}
catch (Exception e)
{
ex = e;
certificate = null;
}
flagsRetryCounter++;
}
if (certificate == null)
{
throw new NotSupportedException("Creating X509Certificate from PKCS #12 store failed", ex);
}
return certificate;
}示例4: Decrypt
/// <summary>
/// Des the message using RSA OAEP encryption.
/// </summary>
public static ArraySegment<byte> Decrypt(
ArraySegment<byte> dataToDecrypt,
X509Certificate2 encryptingCertificate,
bool useOaep,
ArraySegment<byte> outputBuffer)
{
// get the encrypting key.
using (RSA rsa = encryptingCertificate.GetRSAPrivateKey())
{
if (rsa == null)
{
throw ServiceResultException.Create(StatusCodes.BadSecurityChecksFailed, "No private key for certificate.");
}
int inputBlockSize = rsa.KeySize / 8;
int outputBlockSize = GetPlainTextBlockSize(encryptingCertificate, useOaep);
// verify the input data is the correct block size.
if (dataToDecrypt.Count % inputBlockSize != 0)
{
Utils.Trace("Message is not an integral multiple of the block size. Length = {0}, BlockSize = {1}.", dataToDecrypt.Count, inputBlockSize);
}
byte[] decryptedBuffer = outputBuffer.Array;
using (MemoryStream ostrm = new MemoryStream(
decryptedBuffer,
outputBuffer.Offset,
outputBuffer.Count))
{
// decrypt body.
byte[] input = new byte[inputBlockSize];
for (int ii = dataToDecrypt.Offset; ii < dataToDecrypt.Offset + dataToDecrypt.Count; ii += inputBlockSize)
{
Array.Copy(dataToDecrypt.Array, ii, input, 0, input.Length);
if (useOaep == true)
{
byte[] plainText = rsa.Decrypt(input, RSAEncryptionPadding.OaepSHA1);
ostrm.Write(plainText, 0, plainText.Length);
}
else
{
byte[] plainText = rsa.Decrypt(input, RSAEncryptionPadding.Pkcs1);
ostrm.Write(plainText, 0, plainText.Length);
}
}
}
// return buffers.
return new ArraySegment<byte>(decryptedBuffer, outputBuffer.Offset, (dataToDecrypt.Count / inputBlockSize) * outputBlockSize);
}
}示例5: FromCertificate
/// <summary>Extracts a <see cref="Key"/> from the given certificate.</summary>
public Initializer FromCertificate(X509Certificate2 certificate)
{
#if NETSTANDARD
Key = certificate.GetRSAPrivateKey();
#else
// Workaround to correctly cast the private key as a RSACryptoServiceProvider type 24.
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)certificate.PrivateKey;
byte[] privateKeyBlob = rsa.ExportCspBlob(true);
Key = new RSACryptoServiceProvider();
Key.ImportCspBlob(privateKeyBlob);
#endif
return this;
}