使用p7b加密数据

问题描述 投票:0回答:1

如何在.net6中使用p7b证书加密字节数组?我必须“即时”执行此操作,而不在我的计算机上安装证书。我可以在配置中存储 byte64 字符串,但接下来怎么办?我尝试过 

X509Certificate2(certBytes)
但对我不起作用。 有什么想法或例子吗?

encryption certificate p7b
1个回答
0
投票

对于导入 PKCS#7/.p7b 文件,可以使用 

SignedCms.Decode()

Certificates
属性提供了所包含证书的列表,从中可以确定有问题的证书。

然后可以从中提取公钥,最终可以用于加密。

示例代码:

using System.Security.Cryptography;
using System.Security.Cryptography.Pkcs;
using System.Security.Cryptography.X509Certificates;

...

string certPkcs7Pem = @"-----BEGIN PKCS7-----
MIIDnAYJKoZIhvcNAQcCoIIDjTCCA4kCAQExADALBgkqhkiG9w0BBwGgggNvMIID
azCCAlOgAwIBAgIUZHKTKuZUNTr2YOAjYcIGL8BA/uYwDQYJKoZIhvcNAQELBQAw
RTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMzExMjAxNzA4NTdaFw0yNDExMTkx
NzA4NTdaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDPnM9a8TNIT8fcj/QcG5AQ/Hghs3PQNSpX52oPoEVq4fNf
3O1gNDVRWU/A5jZyevho7CN5eLu66MNmuVWlB8uUKjOAdV9lZfGBG/RHaUgAjxjz
vr6FJUDGYKeBs2La0h5wVnznA2PrTeDygdsjk4EwjCqGZLBm9/MzEDjmJGX8g3rx
cDRqtj0dGMoEAKb8Qe7of+/7gMAdL/e4ah5I8pn6S+yklcizPMs6lgNzGsnOa29V
6h65HdkZ3MuxeDPLH7Z8l4ka+frDTv2y53d99d/X5BcmOO1l7LrgirXhfrfqgZN9
qqefmwQb48BUiEI7s+8bJskdkc9/2dekLo5VgtpfAgMBAAGjUzBRMB0GA1UdDgQW
BBRfeiVpG6aM8da1mtUOjyym0EAwGDAfBgNVHSMEGDAWgBRfeiVpG6aM8da1mtUO
jyym0EAwGDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBk4ePL
NagcsTa1mRNND1NqTRd2ziaygiszxBXI5l7kqKXhhWaEVd3zJqQhnKuH0S7VnoW9
oxUhIBmYFl9Bl5yg22YIrypdWjp1ZggrbnsSBGZiMzEuD/q/9CfduON0FVWc2LVA
XxNCUHis3BwCrs0943L9yd4Nzpp083Fq8tDSrNBvYHCrYgpealV1ynYK7XKKrYVJ
sEc0XU8obqUcsAVxmyOW9cA0D7lBYu6efqwkfOQCFp/HVOrKyBjAja0KeW0zb0Q3
1mXNerqx7Z4w1iE+0jKIWXCYhMNb4RQ4YUKahPos5TD5VDRVSzMTGqZuxqvCIJHp
EHIkK0Zod+1tgsE3oQAxAA==
-----END PKCS7-----";

// PEM -> DER
PemFields pemFields = PemEncoding.Find(certPkcs7Pem);
byte[] cert = Convert.FromBase64String(certPkcs7Pem[pemFields.Base64Data]);

// Import PKCS#7 certificate
SignedCms signedCms = new SignedCms();
signedCms.Decode(cert);
X509Certificate2Collection x509Certificate2Collection = signedCms.Certificates; 
using X509Certificate2 x509Certificate2 = x509Certificate2Collection[0];

// Extract public key
using RSA rsa = x509Certificate2.GetRSAPublicKey();

// Encrypt 
byte[] ciphertext = rsa.Encrypt(Encoding.UTF8.GetBytes("The quick brown fox jumps over the lazy dog"), RSAEncryptionPadding.Pkcs1);
Console.WriteLine(Convert.ToBase64String(ciphertext));
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.