在Mono上使用X509Certificate2

编程入门行业动态更新时间:2024-10-19 02:17:25

本文介绍了在Mono上使用X509Certificate2-使用公钥和私钥加载吗?的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！问题描述

现在，我尝试像这样实例化X509Certificate2:

Right now, I try instantiating an X509Certificate2 like this:

cert = new X509Certificate2(Resources.cred);

Resources.cred是表示 .pfx 文件的byte[]. 在Windows/.NET上，这绝对可以正常工作.

Where Resources.cred is a byte[] representing a .pfx file. This works absolutely fine on Windows/.NET.

但是，在 Mono JIT编译器版本3.2.8(Debian 3.2.8 + dfsg-4ubuntu1)(在Ubuntu Server 14.04 LTS上为Mono)下运行相同的代码，我得到以下异常:

However, running the same code under Mono JIT compiler version 3.2.8 (Debian 3.2.8+dfsg-4ubuntu1) (Mono on Ubuntu Server 14.04 LTS), I get the following exception:

System.TypeInitializationException: An exception was thrown by the type initializer for <snipped irrelevant type name> ---> System.Security.Cryptography.CryptographicException: Unable to decode certificate. ---> System.Security.Cryptography.CryptographicException: Input data cannot be coded as a valid certificate. ---> System.Security.Cryptography.CryptographicException: Input data cannot be coded as a valid certificate. at Mono.Security.X509.X509Certificate.Parse (System.Byte[] data) [0x00000] in <filename unknown>:0 --- End of inner exception stack trace --- at Mono.Security.X509.X509Certificate.Parse (System.Byte[] data) [0x00000] in <filename unknown>:0 at Mono.Security.X509.X509Certificate..ctor (System.Byte[] data) [0x00000] in <filename unknown>:0 at System.Security.Cryptography.X509Certificates.X509Certificate2.Import (System.Byte[] rawData, System.String password, X509KeyStorageFlags keyStorageFlags) [0x00000] in <filename unknown>:0 --- End of inner exception stack trace --- at System.Security.Cryptography.X509Certificates.X509Certificate2.Import (System.Byte[] rawData, System.String password, X509KeyStorageFlags keyStorageFlags) [0x00000] in <filename unknown>:0 at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor (System.Byte[] rawData) [0x00000] in <filename unknown>:0 --- End of relevant stack trace ---

这很重要，此证书已用我自己的CA签名，并用于原始RSA.

Should it matter, this certificated is signed with my own CA, and is used in raw RSA.

我有 .pfx ， .cer 和 .pvk 文件可用于此证书. 我如何继续在Mono下使用私钥加载此证书?

I have the .pfx, .cer and .pvk files available for this certificate. How must I proceed to load this certificate with the private key under Mono?

推荐答案

此构造函数引发异常:

byte[] pkcs12 = ...; X509Certificate2 cert = X509Certificate2(pkcs12);

此构造函数有效:

byte[] pkcs12 = ...; X509Certificate2 cert = X509Certificate2(pkcs12, string.Empty);

这似乎是一个错误，因此我将对其进行修复并将修补程序发送给上游开发人员.我会让你知道进度.

This seems to be a bug so I am going to fix it and send patch to the upstream developers. I will let you know of the progress.

更多推荐