从BouncyCastle X509证书获取私钥？ C＃

不知道BouncyCastle那么多，但在我看来，简单的事情是根据关键参数重新创建密钥。

public static AsymmetricKeyParameter TransformRSAPrivateKey(AsymmetricAlgorithm privateKey) { RSACryptoServiceProvider prov = privateKey as RSACryptoServiceProvider; RSAParameters parameters = prov.ExportParameters(true); return new RsaPrivateCrtKeyParameters( new BigInteger(1,parameters.Modulus), new BigInteger(1,parameters.Exponent), new BigInteger(1,parameters.D), new BigInteger(1,parameters.P), new BigInteger(1,parameters.Q), new BigInteger(1,parameters.DP), new BigInteger(1,parameters.DQ), new BigInteger(1,parameters.InverseQ)); }
public static AsymmetricKeyParameter TransformRSAPrivateKey(AsymmetricAlgorithm privateKey) { RSACryptoServiceProvider prov = privateKey as RSACryptoServiceProvider; RSAParameters parameters = prov.ExportParameters(true); return new RsaPrivateCrtKeyParameters( new BigInteger(1,parameters.Modulus), new BigInteger(1,parameters.Exponent), new BigInteger(1,parameters.D), new BigInteger(1,parameters.P), new BigInteger(1,parameters.Q), new BigInteger(1,parameters.DP), new BigInteger(1,parameters.DQ), new BigInteger(1,parameters.InverseQ)); } 

您可以使用调用代码

AsymmetricKeyParameter bouncyCastlePrivateKey = TransformRSAPrivateKey(mycert.PrivateKey);
AsymmetricKeyParameter bouncyCastlePrivateKey = TransformRSAPrivateKey(mycert.PrivateKey); 

显然，这假设证书包含RSA密钥，但使用DSACryptoServiceProvider和DSAParameters可以为DSA实现相同的结果

 Akp = Org.BouncyCastle.Security.DotNetUtilities.GetKeyPair(this.Certificate.PrivateKey).Private; 

查找.NET X509Certificate2：

 X509Certificate2 cert = this.FindCertificate(certificateFriendlyName); 

将其解析为BouncyCastle证书并使用X509Certificate2Signature获取签名：

 var parser = new X509CertificateParser(); var bouncyCertificate = parser.ReadCertificate(cert.RawData); var algorithm = DigestAlgorithms.GetDigest(bouncyCertificate.SigAlgOid); var signature = new X509Certificate2Signature(cert, algorithm);