从RSACryptoServiceProvider创建X509Certificate2失败,无法找到请求的对象
示例代码:
CspParameters cspParameters = new CspParameters(); cspParameters.ProviderType = 1; // PROV_RSA_FULL // Create the crypto service provider, generating a new // key. mRsaCSP = new RSACryptoServiceProvider(mDefaultKeyLength, cspParameters); mRsaCSP.PersistKeyInCsp = true; RSAParameters privateKey = mRsaCSP.ExportParameters(true); byte[] rsaBytes = mRsaCSP.ExportCspBlob(true); try { X509Certificate2 cert = new X509Certificate2(rsaBytes); mKeyDataPfx = Convert.ToBase64String(cert.Export(X509ContentType.Pkcs12, password)); } catch (Exception ce) { string error = ce.Message; } 这是我的解决方案,使用BouncyCastle库。
// create the RSA key from an XML string RSACryptoServiceProvider key = new RSACryptoServiceProvider(); key.FromXmlString(keyTextBox.Text); // convert to BouncyCastle key object var keypair = DotNetUtilities.GetRsaKeyPair(key); var gen = new X509V3CertificateGenerator(); string certName = Path.GetFileNameWithoutExtension(fileName); var name = new X509Name("CN=" + certName); var serial = BigInteger.ProbablePrime(120, new Random()); gen.SetSerialNumber(serial); gen.SetSubjectDN(name); gen.SetIssuerDN(name); gen.SetNotAfter(DateTime.Now.AddYears(10)); gen.SetNotBefore(DateTime.Now); gen.SetSignatureAlgorithm("MD5WithRSA"); gen.SetPublicKey(keypair.Public); // generate the certificate var newCert = gen.Generate(keypair.Private); // convert back to .NET certificate var cert = DotNetUtilities.ToX509Certificate(newCert); // export as byte array byte[] certData = cert.Export(X509ContentType.Pfx); File.WriteAllBytes(fileName, certData);