问题
I am looking for ways to decode a PKCS#12 file in .NET, I need to extract the private key and any certificates so that i can programatically access the following.
- modulus
- publicExponent
- privateExponent
- prime1
- prime2
- exponent1
- exponent2
- coefficient
I need this informatio so that i can successfully use PKCS#11 to create a private key and cetificate on a USB token.
I have found a website that uses OpenSSL to output this data. I was pretty excited when I found OpenSSL.NET however the functionallity to split PKCS#12 files hasn't been implemented yet. I was wondering if anyone knew of any altenatives.
Thanks
Rohan
回答1:
I've used bouncy castle API extensibly on a recent project, on its Java port, and it works wonders, flawlessly.
I bet their C# isn't much different, and it does a really good work at what is targeted.
http://www.bouncycastle.org/
回答2:
Cheers Manuel,
I downloaded the Bouncy Castle API and it didn't take long to find what i needed. The source code includes an extensive list of unit tests.
static void Main(string[] args)
{
char[] password = new char[] {'p','a','s','s','w','o','r','d'};
using(StreamReader reader = new StreamReader(@"Test.pfx"))
{
Pkcs12Store store = new Pkcs12Store(reader.BaseStream,password);
foreach (string n in store.Aliases)
{
if(store.IsKeyEntry(n))
{
AsymmetricKeyEntry key = store.GetKey(n);
if(key.Key.IsPrivate)
{
RsaPrivateCrtKeyParameters parameters = key.Key as RsaPrivateCrtKeyParameters;
Console.WriteLine(parameters.PublicExponent);
}
}
}
}
}
回答3:
AFAIK you have to pinvoke out to the win32 crypto libraries, see this MSDN article: http://msdn.microsoft.com/en-us/library/ms867088.aspx
回答4:
You should be able to use OpenSSL directly via pInvoke. Maybe you could contribute back to the OpenSSL.NET project when you get it working.
The win32 crypto providers is a good alternative, but it can be a bit inflexible in terms of what formats it can parse and generate.
来源:https://stackoverflow.com/questions/555184/decode-a-pkcs12-file