c# BC证书生成
来源:互联网 发布:自媒体网络推广 编辑:程序博客网 时间:2024/05/14 04:43
//产生证书文件 internal class CertificateGenerate { /// <summary> /// 公钥类型 /// </summary> private PublicKeyKind publicKeyKind = PublicKeyKind.UNKNOWN; private AsymmetricCipherKeyPair createdkeyPair = null; /// <summary> /// 创建公密钥对 /// </summary> /// <returns></returns> protected virtual AsymmetricCipherKeyPair createRasKeyPair() { //RSA密钥对的构造器 RsaKeyPairGenerator keyGenerator = new RsaKeyPairGenerator(); //RSA密钥构造器的参数 RsaKeyGenerationParameters param = new RsaKeyGenerationParameters(BigInteger.ValueOf(3), new SecureRandom(), 1024, 25); //用参数初始化密钥构造器 keyGenerator.Init(param); //产生密钥对 AsymmetricCipherKeyPair keyPair = keyGenerator.GenerateKeyPair(); return keyPair; } /// <summary> /// 创建证书实体 /// </summary> /// <returns></returns> private Framework.Basic.Crypto.X509.X509Certificate createX509Certificate(AsymmetricKeyParameter publicKey, AsymmetricKeyParameter privateKey) { IDictionary attrs = new Hashtable(); attrs[X509Name.E] = ""; attrs[X509Name.CN] = ""; attrs[X509Name.O] = ""; attrs[X509Name.C] = ""; attrs[X509Name.L] = ""; attrs[X509Name.T] = ""; IList ord = new ArrayList(); ord.Add(X509Name.E); ord.Add(X509Name.CN); ord.Add(X509Name.O); ord.Add(X509Name.C); ord.Add(X509Name.L); ord.Add(X509Name.T); X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); certGen.SetSerialNumber(BigInteger.One); certGen.SetIssuerDN(new X509Name(ord, attrs)); certGen.SetNotBefore(DateTime.Today.Subtract(new TimeSpan(1, 0, 0, 0))); certGen.SetNotAfter(DateTime.Today.AddYears(150)); certGen.SetSubjectDN(new X509Name(ord, attrs)); certGen.SetPublicKey(publicKey); certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false)); certGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, true, new AuthorityKeyIdentifier(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey))); UMS.Framework.Basic.Crypto.X509.X509Certificate x509 = certGen.Generate(new Asn1SignatureFactory("SHA1withRSA", privateKey, new SecureRandom())); x509.CheckValidity(); x509.Verify(publicKey); return x509; } internal void CreateIfNotExist() { X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.ReadWrite); bool isExist = false; //轮询存储区中的所有证书 foreach (X509Certificate2 myX509Certificate2 in store.Certificates) { if (myX509Certificate2.FriendlyName.Equals("" + publicKeyKind.ToString())) { isExist = true; break; } } if (!isExist) { //产生密钥对 if (createdkeyPair == null) createdkeyPair = createRasKeyPair(); //获取公钥和密钥 AsymmetricKeyParameter publicKey = createdkeyPair.Public; AsymmetricKeyParameter privateKey = createdkeyPair.Private; if (((RsaKeyParameters)publicKey).Modulus.BitLength < 1024) throw new Exception("failed key generation (1024) length test"); UMS.Framework.Basic.Crypto.X509.X509Certificate x509 = createX509Certificate(publicKey, privateKey); X509Certificate2 myPrivateCertificate = new X509Certificate2(x509.GetEncoded(), UMS.ITTS.Pidgen.Core.PublicKeyFactory.cerificatePassword, X509KeyStorageFlags.Exportable); myPrivateCertificate.FriendlyName = "" + publicKeyKind.ToString(); myPrivateCertificate.PrivateKey = DotNetUtilities.ToRSA(privateKey as RsaPrivateCrtKeyParameters); store.Add(myPrivateCertificate); } store.Close(); } //导出 internal void Export(string path) { X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.ReadOnly); //轮询存储区中的所有证书 X509Certificate2 currrent = null; foreach (X509Certificate2 myX509Certificate2 in store.Certificates) { if (myX509Certificate2.FriendlyName.Equals("" + publicKeyKind.ToString())) { currrent = myX509Certificate2; break; } } if (currrent == null) throw new Exception("未找到相关证书文件."); byte[] cerByte = currrent.Export(X509ContentType.Cert); using (FileStream fileStream = new FileStream(path, FileMode.Create)) { // Write the data to the file, byte by byte. for (int i = 0; i < cerByte.Length; i++) fileStream.WriteByte(cerByte[i]); // Set the stream position to the beginning of the file. fileStream.Seek(0, SeekOrigin.Begin); // Read and verify the data. for (int i = 0; i < fileStream.Length; i++) { if (cerByte[i] != fileStream.ReadByte()) { fileStream.Close(); } } fileStream.Close(); } currrent = null; } internal PublicKeyKind PublicKeyKind { get { return this.publicKeyKind; } set { if (value != publicKeyKind) this.publicKeyKind = value; } } }
0 0
- c# BC证书生成
- C#通过CertEnroll.dll创建证书请求并生成证书
- 利用BC的X509v3CertificateBuilder组装X509证书
- 生成证书
- 证书生成
- C# 通过PKCS#10证书申请,生成一个cer格式的设备证书
- bc
- bc
- bc
- bc
- BC
- BC
- 利用BC替换X509证书的公钥
- 生成ca证书生成方式
- 用keytool生成证书
- 用keytool生成证书
- 用keytool生成证书
- OpenSSL证书生成
- 1002 Strange fuction
- 160. Intersection of Two Linked Lists
- java语言实现网络爬虫
- Intent传递对象
- Java集合对象排序测试
- c# BC证书生成
- React + ES6环境搭建与第一个应用
- django缓存优化 Local-memory 缓存 Dummy缓存 解析
- VS2013 git 版本控制 团队合作
- 使用Dom4j解析XML
- 常用正则之一
- 第四次上机作业
- java基础知识归纳
- Android 基础(二)、SDK中重要的pacakages(包)