我正在将.NetFramework 4.6.1库迁移到.NetCore 2.2。但是我无法设置x509certificate.PrivateKey,如下所示。
我读过这可能是由于RSAServiceProvider引起的,但我不知道如何设置此属性。甚至实例化:
x509certificate.PrivateKey = new RSACryptoServiceProvider();
引发PlatformNotSupportedException。
// selfsign certificate
Org.BouncyCastle.X509.X509Certificate certificate =
certificateGenerator.Generate(signatureFactory);
// correponding private key
PrivateKeyInfo info =
PrivateKeyInfoFactory.CreatePrivateKeyInfo(subjectKeyPair.Private);
// merge into X509Certificate2
var x509certificate = new X509Certificate2(certificate.GetEncoded());
Asn1Sequence seq = (Asn1Sequence)
Asn1Object.FromByteArray(info.ParsePrivateKey().GetDerEncoded()
);
RsaPrivateKeyStructure rsa = RsaPrivateKeyStructure.GetInstance(seq);
RsaPrivateCrtKeyParameters rsaParams = new
RsaPrivateCrtKeyParameters(
rsa.Modulus,
rsa.PublicExponent,
rsa.PrivateExponent,
rsa.Prime1,
rsa.Prime2,
rsa.Exponent1,
rsa.Exponent2,
rsa.Coefficient);
x509certificate.PrivateKey = DotNetUtilities.ToRSA(rsaParams);
在.NetCore库中,将x509certificate.PrivateKey与DotNetUtilities.ToRSA(rsaParams)中的RSA一起设置,将引发PlatformNotSupportedException。
System.PlatformNotSupportedException
HResult=0x80131539
Message=Operation is not supported on this platform.
Source=System.Security.Cryptography.X509Certificates
StackTrace:
at System.Security.Cryptography.X509Certificates.X509Certificate2.set_PrivateKey(AsymmetricAlgorithm value)
正如LexLi所说,.net内核中的设计无法在现有证书上设置私钥。
按照这里描述的,您可以使用方法RSACertificateExtensions.CopyWithPrivateKey。
代替
x509certificate.PrivateKey = DotNetUtilities.ToRSA(rsaParams);
你可以有
var rsa = DotNetUtilities.ToRSA(rsaParams);
var cert = x509certificate.CopyWithPrivateKey(rsa);
return cert;
| 归档时间: |
|
| 查看次数: |
977 次 |
| 最近记录: |