注册
登录
云鉴权
X509Certificate2访问私钥到安全令牌
返回
X509Certificate2访问私钥到安全令牌
作者:
布偶的表弟派大星丶
发布时间:
2024-10-20 02:21:49 (2天前)
转自:
<div class =“excerpt”> 我必须使用存储在a中的证书 <span class =“result-highlight”> 安全 </跨度> <span class =“result-highlight”> 代币 </跨度> 。我可以从Windows证书存储区访问它,但设备有密码,因此会显示一个带有输入字段的弹出窗口。 这是代码 - </DIV>
收藏
举报
2 条回复
0#
回复此人
無口君哦哦
|
2019-08-31 10-32
<div class =“post-text”itemprop =“text”> <P> 我没有ACS CryptoMate64 0.但是此代码适用于Siemens CardOS v4.3B(驱动程序CardOS API v5.2 build 15)。你必须检查它是否也适合你。 </p> <pre> <code> using System.Security; using System.Security.Cryptography; using System.Security.Cryptography.Pkcs; using System.Security.Cryptography.X509Certificates; namespace SignWithToken { class Program { static void Main(string[] args) { // ------ select certificate for signing --------- // open store X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.MaxAllowed); // find cert by thumbprint var foundCerts = store.Certificates.Find(X509FindType.FindByThumbprint, "44 df b8 96 73 55 e4 e2 56 3a c0 a2 e0 66 8e 52 8a 3a 4a f4", true); if (foundCerts.Count == 0) return; var certForSigning = foundCerts[0]; store.Close(); // -------- prepare private key with password -------- // prepare password var pass = new SecureString(); for(var i=0;i<8;i++) pass.AppendChar('1'); // take private key var privateKey = certForSigning.PrivateKey as RSACryptoServiceProvider; // make new CSP parameters based on parameters from current private key but throw in password CspParameters cspParameters = new CspParameters(privateKey.CspKeyContainerInfo.ProviderType, privateKey.CspKeyContainerInfo.ProviderName, privateKey.CspKeyContainerInfo.KeyContainerName, null, pass); // make RSA crypto provider based on given CSP parameters var rsaCsp = new RSACryptoServiceProvider(cspParameters); // set modified RSA crypto provider back certForSigning.PrivateKey = rsaCsp; // ---- Sign ----- // prepare content to be signed ContentInfo content = new ContentInfo(new byte[] {0x01, 0x02, 0x03}); SignedCms cms = new SignedCms(content); // prepare CMS signer CmsSigner signer = new CmsSigner(certForSigning); // sign to PKCS#7 cms.ComputeSignature(signer); // get encoded PKCS#7 value var result = cms.Encode(); // ------ Verify signature ------ SignedCms cmsToVerify = new SignedCms(); // decode signed PKCS#7 cmsToVerify.Decode(result); // check signature of PKCS#7 cmsToVerify.CheckSignature(true); } } } </code> </pre> </DIV>
编辑
登录
后才能参与评论
