私钥存档 - 从CA恢复 - 程序化 [英] Private key archived - recovery from CA - Programmically

问题描述

我需要获取在CA服务器中存档的私钥，我需要使用证书序列号来恢复它，通过c＃应用程序，请提供我从哪里开始，并且可以通过程序进行。

I need to get the private key which is archived in CA server and i need to recover that using the Certificate serial number by c# application please provide me where to start and is that possible to do this programmically.

如果有可能通过ICertAdmin2 :: GetArchivedKey方法，请提供一些示例，说明如何管理或解密BLOB字符串输出以获取我的私钥。

If it is possible by ICertAdmin2::GetArchivedKey Method please provide me some examples how i need to manage or decrypt the BLOB string output to get my private key.

提前致谢

 

推荐答案

嗨Mannar，

Hi Mannar,

 您需要访问密钥恢复代理私钥才能解密GetArchivedKey返回的Blob。如果你看一下：
http://msdn.microsoft.com/en-us/library/aa383237  在备注部分中，它将返回的blob描述为已签名的pkcs7。 我从来没有真正解密签名的pkcs7所以我不确定
你需要做什么。也许会调用CryptMsgOpenToDecode或CryptDecodeObject为你做这件事......

  You'll need to have access to the key recovery agent private key to decrypt the blob that is returned by GetArchivedKey. If you look at: http://msdn.microsoft.com/en-us/library/aa383237 in the remarks section it describes the returned blob as a signed pkcs7.  I've never really had to decode a signed pkcs7 so I'm not sure what you need to do. Maybe call CryptMsgOpenToDecode or maybe CryptDecodeObject will do it for you...

 

Andrew

这篇关于私钥存档 - 从CA恢复 - 程序化的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！