C# 如何从X509证书初始化ECDiffieHellmanCngPublicKey
我想从X509证书的公钥(该证书是使用ECDH_P384模板颁发的)初始化ECDiffieHellmanCngPublicKey。 以下是我尝试过的:C# 如何从X509证书初始化ECDiffieHellmanCngPublicKey,c#,cryptography,C#,Cryptography,我想从X509证书的公钥(该证书是使用ECDH_P384模板颁发的)初始化ECDiffieHellmanCngPublicKey。 以下是我尝试过的: var store = new X509Store(StoreName.My, StoreLocation.LocalMachine); store.Open(OpenFlags.OpenExistingOnly); var cert = store.Certificates.Find(X509FindType.FindByTemplateNam
var store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
store.Open(OpenFlags.OpenExistingOnly);
var cert = store.Certificates.Find(X509FindType.FindByTemplateName, "ComputerECC", true)[0];
var keyType = new byte[] { 0x45, 0x43, 0x53, 0x33 };
var keyLength = new byte[] { 0x30, 0x00, 0x00, 0x00 };
var key = cert.PublicKey.EncodedKeyValue.RawData.Skip(1);
var keyImport = keyType.Concat(keyLength).Concat(key).ToArray();
var pubKey = ECDiffieHellmanCngPublicKey.FromByteArray(keyImport, CngKeyBlobFormat.EccPublicBlob);
我怀疑我的证书模板中缺少某些内容。模板没有问题。问题实际上在于密钥类型
var-keyType=新字节[]{0x45、0x43、0x53、0x33};var-keyType=newbyte[]{0x45,0x43,0x4B,0x33};您提供的密钥类型用于ECDSA公钥(BCRYPT_ECDSA_public_P384_MAGIC),而不是ECDH公钥(BCRYPT_ECDH_public_P384_MAGIC),如参考中所示。尝试了以下操作:私有静态ECDiffieHellmanPublicKey ImporteCPublicKeyFromCertificate(X509Certificate2 Certificate){var keyType=new byte[]{0x45,0x43,0x53,0x33};var-keyLength=new byte[]{0x30,0x00,0x00,0x00};var-key=cert.PublicKey.EncodedKeyValue.RawData.Skip(1);var-keyImport=keyType.Concat(keyLength).Concat(key.ToArray();返回ecdiffieHellmancingPublicKey.FromByteArray(keyImport,CngKeyBlobFormat.EccPublicBlob); }