c# BC证书生成
2016-04-21 09:54
751 查看
//产生证书文件 internal class CertificateGenerate { /// <summary> /// 公钥类型 /// </summary> private PublicKeyKind publicKeyKind = PublicKeyKind.UNKNOWN; private AsymmetricCipherKeyPair createdkeyPair = null; /// <summary> /// 创建公密钥对 /// </summary> /// <returns></returns> protected virtual AsymmetricCipherKeyPair createRasKeyPair() { //RSA密钥对的构造器 RsaKeyPairGenerator keyGenerator = new RsaKeyPairGenerator(); //RSA密钥构造器的参数 RsaKeyGenerationParameters param = new RsaKeyGenerationParameters(BigInteger.ValueOf(3), new SecureRandom(), 1024, 25); //用参数初始化密钥构造器 keyGenerator.Init(param); //产生密钥对 AsymmetricCipherKeyPair keyPair = keyGenerator.GenerateKeyPair(); return keyPair; } /// <summary> /// 创建证书实体 /// </summary> /// <returns></returns> private Framework.Basic.Crypto.X509.X509Certificate createX509Certificate(AsymmetricKeyParameter publicKey, AsymmetricKeyParameter privateKey) { IDictionary attrs = new Hashtable(); attrs[X509Name.E] = ""; attrs[X509Name.CN] = ""; attrs[X509Name.O] = ""; attrs[X509Name.C] = ""; attrs[X509Name.L] = ""; attrs[X509Name.T] = ""; IList ord = new ArrayList(); ord.Add(X509Name.E); ord.Add(X509Name.CN); ord.Add(X509Name.O); ord.Add(X509Name.C); ord.Add(X509Name.L); ord.Add(X509Name.T); X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); certGen.SetSerialNumber(BigInteger.One); certGen.SetIssuerDN(new X509Name(ord, attrs)); certGen.SetNotBefore(DateTime.Today.Subtract(new TimeSpan(1, 0, 0, 0))); certGen.SetNotAfter(DateTime.Today.AddYears(150)); certGen.SetSubjectDN(new X509Name(ord, attrs)); certGen.SetPublicKey(publicKey); certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false)); certGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, true, new AuthorityKeyIdentifier(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey))); UMS.Framework.Basic.Crypto.X509.X509Certificate x509 = certGen.Generate(new Asn1SignatureFactory("SHA1withRSA", privateKey, new SecureRandom())); x509.CheckValidity(); x509.Verify(publicKey); return x509; } internal void CreateIfNotExist() { X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.ReadWrite); bool isExist = false; //轮询存储区中的所有证书 foreach (X509Certificate2 myX509Certificate2 in store.Certificates) { if (myX509Certificate2.FriendlyName.Equals("" + publicKeyKind.ToString())) { isExist = true; break; } } if (!isExist) { //产生密钥对 if (createdkeyPair == null) createdkeyPair = createRasKeyPair(); //获取公钥和密钥 AsymmetricKeyParameter publicKey = createdkeyPair.Public; AsymmetricKeyParameter privateKey = createdkeyPair.Private; if (((RsaKeyParameters)publicKey).Modulus.BitLength < 1024) throw new Exception("failed key generation (1024) length test"); UMS.Framework.Basic.Crypto.X509.X509Certificate x509 = createX509Certificate(publicKey, privateKey); X509Certificate2 myPrivateCertificate = new X509Certificate2(x509.GetEncoded(), UMS.ITTS.Pidgen.Core.PublicKeyFactory.cerificatePassword, X509KeyStorageFlags.Exportable); myPrivateCertificate.FriendlyName = "" + publicKeyKind.ToString(); myPrivateCertificate.PrivateKey = DotNetUtilities.ToRSA(privateKey as RsaPrivateCrtKeyParameters); store.Add(myPrivateCertificate); } store.Close(); } //导出 internal void Export(string path) { X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.ReadOnly); //轮询存储区中的所有证书 X509Certificate2 currrent = null; foreach (X509Certificate2 myX509Certificate2 in store.Certificates) { if (myX509Certificate2.FriendlyName.Equals("" + publicKeyKind.ToString())) { currrent = myX509Certificate2; break; } } if (currrent == null) throw new Exception("未找到相关证书文件."); byte[] cerByte = currrent.Export(X509ContentType.Cert); using (FileStream fileStream = new FileStream(path, FileMode.Create)) { // Write the data to the file, byte by byte. for (int i = 0; i < cerByte.Length; i++) fileStream.WriteByte(cerByte[i]); // Set the stream position to the beginning of the file. fileStream.Seek(0, SeekOrigin.Begin); // Read and verify the data. for (int i = 0; i < fileStream.Length; i++) { if (cerByte[i] != fileStream.ReadByte()) { fileStream.Close(); } } fileStream.Close(); } currrent = null; } internal PublicKeyKind PublicKeyKind { get { return this.publicKeyKind; } set { if (value != publicKeyKind) this.publicKeyKind = value; } } }
相关文章推荐
- C# Convert.ToInt32()与int.Parse()的区别
- C# Hashtable源码剖析
- INTEGRATING LABVIEW AND C#
- C# 正则匹配domain
- C#可空类型
- C#利用原图和水印图的重叠简单实现水印的方法
- c#编码规范
- c# long转 datetime
- 关于C# winform 程序退出说明
- C#反射
- 【C#】剪切出图片的一部分
- 【C#】取得并改变图像解析度
- c# MyXls 导出excel文件
- 细说C#多线程那些事-线程基础
- 拿什么拯救你,我的代码--c#编码规范实战篇
- C# 矩形面积 0002
- C# helloworld 0001
- C# 去除字符串前0,保留有效数字的解决方案
- [C#][Log4Net] 配置
- C#把白色背景变成透明