无法在客户端新 X509Certificate2() 解码证书

本文介绍了无法在客户端新 X509Certificate2() 解码证书的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我正在使用这个 little class 以字节数组形式返回一个 pfx 文件.

I'm using this little class which returns me a pfx file in byte array.

服务器端:

byte[] serverCertificatebyte; var date = new DateTime(DateTime.Today.Year, DateTime.Today.Month, DateTime.Today.Day); serverCertificatebyte = Certificate.CreateSelfSignCertificatePfx("CN=RustBuster" + RandomString(5), date, date.AddDays(7));

然后我将它发送给客户端(长度:1654):

Then I send It to the client (length: 1654):

tcpClient.GetStream().Write(serverCertificatebyte , 0, serverCertificatebyte .Length);

一旦客户端阅读它，我想将它转换为证书类:(这里的长度也是1654)

Once the client read It, I would like to convert It to a certificate class: (Length is also 1654 here)

我尝试做一个新的 X509Certificate2(data);我得到了下面的错误.这适用于服务器端.怎么了?

I try to do a new X509Certificate2(data); and I get the error down below. This works on server side. What's the matter?

我也用 new X509Certificate2(data, string.Empty) 试过了；并得到相同的错误

I also tried It with new X509Certificate2(data, string.Empty); and got the same error

错误 System.Security.Cryptography.CryptographicException:无法解码证书.---> System.Security.Cryptography.CryptographicException:无法将输入数据编码为有效证书.---> System.ArgumentOutOfRangeException: 不能为负.

Error System.Security.Cryptography.CryptographicException: Unable to decode certificate. ---> System.Security.Cryptography.CryptographicException: Input data cannot be coded as a valid certificate. ---> System.ArgumentOutOfRangeException: Cannot be negative.

参数名称:长度

at System.String.Substring (Int32 startIndex, Int32 length) [0x00000] in :0

at System.String.Substring (Int32 startIndex, Int32 length) [0x00000] in :0

在 Mono.Security.X509.X509Certificate.PEM (System.String type, System.Byte[] data) [0x00000] in :0

at Mono.Security.X509.X509Certificate.PEM (System.String type, System.Byte[] data) [0x00000] in :0

在 Mono.Security.X509.X509Certificate..ctor (System.Byte[] data) [0x00000] in :0

at Mono.Security.X509.X509Certificate..ctor (System.Byte[] data) [0x00000] in :0

推荐答案

长时间的思考和帮助请求终于让我找到了解决方案.

Long thoughts and help requests finally lead me to a solution.

以下方法或示例我根本没有工作的持久连接.

The following way or examples to a persistent connections that I had DID NOT WORK AT ALL.

在服务器端，您首先必须获得要发送的字节长度，并将其写入流.这很可能是一个长度为 4 的字节.

At the server side you first must get the length of the byte you would like to send, and write It to the stream. This most likely going to be a byte having the length of 4.

byte[] intBytes = BitConverter.GetBytes(serverCertificatebyte.Length); Array.Reverse(intBytes);

在客户端，读取该字节，并将其转换为 int:

On the client side, read that byte, and convert It to an int:

byte[] length = new byte[4]; int red = 0; while (true) { red = stream.Read(length, 0, length.Length); if (red != 0) { break; } } if (BitConverter.IsLittleEndian) { Array.Reverse(length); } int i = (BitConverter.ToInt32(length, 0)); // The length of the byte that the server sent // By this time your server already sent the byte (Right after you sent the length) tcpClient.GetStream().Write(byte, 0, byte.Length); byte[] data = ByteReader(i);

此方法将读取您从服务器发送的字节，直到有可能

This method is going to read the byte that you send from the server until It's possible

internal byte[] ByteReader(int length) { using (NetworkStream stream = client.GetStream()) { byte[] data = new byte[length]; using (MemoryStream ms = new MemoryStream()) { int numBytesRead; int numBytesReadsofar = 0; while (true) { numBytesRead = stream.Read(data, 0, data.Length); numBytesReadsofar += numBytesRead; ms.Write(data, 0, numBytesRead); if (numBytesReadsofar == length) { break; } } return ms.ToArray(); } } }

与微软文档页面上提供的其他示例不同，此解决方案似乎运行良好.我希望这也能帮助其他人.

This solution seems to be working pretty well unlike the other examples that were provided on the microsoft documentation page. I hope this will help others too.