我正在将.NetFramework 4.6.1库迁移到.NetCore 2.2。 但是我无法设置x509certificate.PrivateKey,如下所示。
I am migrating a .NetFramework 4.6.1 library to a .NetCore 2.2. But i am unable to set x509certificate.PrivateKey as shown below.
我读到这可能是由于RSAServiceProvider引起的,但是我不知道如何设置属性。甚至实例化: x509certificate.PrivateKey = new RSACryptoServiceProvider(); 引发PlatformNotSupportedException。
I have read that may be due to the RSAServiceProvider but i am unaware how to set this property. Even instantiating: x509certificate.PrivateKey = new RSACryptoServiceProvider();throws the PlatformNotSupportedException.
// selfsign certificate Org.BouncyCastle.X509.X509Certificate certificate = certificateGenerator.Generate(signatureFactory); // correponding private key PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(subjectKeyPair.Private); // merge into X509Certificate2 var x509certificate = new X509Certificate2(certificate.GetEncoded()); Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray(info.ParsePrivateKey().GetDerEncoded() ); RsaPrivateKeyStructure rsa = RsaPrivateKeyStructure.GetInstance(seq); RsaPrivateCrtKeyParameters rsaParams = new RsaPrivateCrtKeyParameters( rsa.Modulus, rsa.PublicExponent, rsa.PrivateExponent, rsa.Prime1, rsa.Prime2, rsa.Exponent1, rsa.Exponent2, rsa.Coefficient); x509certificate.PrivateKey = DotNetUtilities.ToRSA(rsaParams);在.NetCore库中,将x509certificate.PrivateKey与DotNetUtilities.ToRSA(rsaParams)中的RSA一起设置PlatformNotSupportedException。
In the .NetCore library setting x509certificate.PrivateKey with the RSA from DotNetUtilities.ToRSA(rsaParams) throws an PlatformNotSupportedException.
System.PlatformNotSupportedException HResult=0x80131539 Message=Operation is not supported on this platform. Source=System.Security.Cryptography.X509Certificates StackTrace: at System.Security.Cryptography.X509Certificates.X509Certificate2.set_PrivateKey(AsymmetricAlgorithm value)推荐答案
正如LexLi所说,内核中的设计无法在现有证书上设置私钥。
As LexLi said, setting the private key on an existing certificate is not possible by design in core.
按照此处所述,您可以做的是使用方法RSACertificateExtensions.CopyWithPrivateKey。
Following what is described here, what you can do is use the method RSACertificateExtensions.CopyWithPrivateKey.
而不是
x509certificate.PrivateKey = DotNetUtilities.ToRSA(rsaParams);您可以拥有
var rsa = DotNetUtilities.ToRSA(rsaParams); var cert = x509certificate.CopyWithPrivateKey(rsa); return cert;要访问 CopyWithPrivateKey扩展方法,请使用:
To get access to the "CopyWithPrivateKey" extension method, add this using :
using System.Security.Cryptography.X509Certificates; /* for getting access to extension methods in RSACertificateExtensions */
( CopyWithPrivateKey)将RSA证书的私钥和公钥组合在一起,以生成新的RSA证书。
"(CopyWithPrivateKey) Combines a private key with the public key of an RSA certificate to generate a new RSA certificate."
https:// docs.microsoft/zh-CN/dotnet/api/system.security.cryptography.x509certificates.rsacertificateextensions.copywithprivatekey?view=netcore-3.0
更多推荐
设置X509Certificate2私钥时出错
发布评论