Bouncy Castle C#-密码保护密钥
我可以用以下代码解密受密码保护的PKCS8 DER密钥:Bouncy Castle C#-密码保护密钥,c#,.net,bouncycastle,pfx,C#,.net,Bouncycastle,Pfx,我可以用以下代码解密受密码保护的PKCS8 DER密钥: MemoryStream ms = new MemoryStream(privateKey); AsymmetricKeyParameter keyparams = Org.BouncyCastle.Security.PrivateKeyFactory.DecryptKey(password.ToCharArray(), ms); RSAParameters rsaparams = DotNetUtilities.ToRSAP
MemoryStream ms = new MemoryStream(privateKey);
AsymmetricKeyParameter keyparams = Org.BouncyCastle.Security.PrivateKeyFactory.DecryptKey(password.ToCharArray(), ms);
RSAParameters rsaparams = DotNetUtilities.ToRSAParameters((RsaPrivateCrtKeyParameters)keyparams);
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.ImportParameters(rsaparams);
return rsa;
X509Certificate2 cert = new X509Certificate2(pfx_bytes, password,X509KeyStorageFlags.Exportable);
var pkey = cert.PrivateKey;
var bcCert = DotNetUtilities.FromX509Certificate(cert);
var bcPkey = DotNetUtilities.GetKeyPair(pkey).Private;
return PrivateKeyFactory.EncryptKey(Org.BouncyCastle.Asn1.DerObjectIdentifier.Der, password.ToCharArray(), Encoding.UTF8.GetBytes(Guid.NewGuid().ToString()), 10, bcPkey);
有人能告诉我如何使用该函数从标准.net私钥创建受密码保护的PKCS8 DER密钥吗?PrivateKeyFactory.EncryptKey的第一个参数应该是识别要加密的算法。最简单的方法是给出标准PBE算法的ObjectIdentifier(OID),例如PKCSObjectIdentifiers.pbewithsha和3keyTripleDescbc,而不是DerObjectIdentifier.Der。如果您想了解其他可用的算法,可以查看PbeUtilities类。PBEUtil支持的PBE算法: PBEWITHD2和DES CBC,PBEWITHD2和RC2 CBC,PBEWITHD5和DES CBC,PBEWITHH1和DES CBC,PBEWITHH1和C2 CBC,PBEwithSHA-1和128BITRC4,PBEwithSHA-1和40BITRC4,PBEwithSHA-1和3-keyDESEDE-CBC,PBEwithSHA-1和2-keyDESEDE-CBC,PBEwithSHA-1和128BITRC2-CBC,PBEwithSHA-1和40BITTHSHA-ACH,PBTHSHA-224,PBEWITHmACSHA-256、PBEWITHmACRIPEMD128、PBEWITHmACRIPEMD160和PBEWITHmACRIPEMD256 例如:
private static string EncryptPrivateKey(AsymmetricKeyParameter privateKey)
{
var encKey = PrivateKeyFactory.EncryptKey("PBEwithSHA1andDES-CBC", "test".ToCharArray(),
new byte[256], 1, privateKey);
return Convert.ToBase64String(encKey);
}