私钥存档 - 从CA恢复 - 程序化 [英] Private key archived - recovery from CA - Programmically
问题描述
我需要获取在CA服务器中存档的私钥,我需要使用证书序列号来恢复它,通过c#应用程序,请提供我从哪里开始,并且可以通过程序进行。
I need to get the private key which is archived in CA server and i need to recover that using the Certificate serial number by c# application please provide me where to start and is that possible to do this programmically.
如果有可能通过ICertAdmin2 :: GetArchivedKey方法,请提供一些示例,说明如何管理或解密BLOB字符串输出以获取我的私钥。
If it is possible by ICertAdmin2::GetArchivedKey Method please provide me some examples how i need to manage or decrypt the BLOB string output to get my private key.
提前致谢
推荐答案
嗨Mannar,
Hi Mannar,
您需要访问密钥恢复代理私钥才能解密GetArchivedKey返回的Blob。如果你看一下:
http://msdn.microsoft.com/en-us/library/aa383237 在备注部分中,它将返回的blob描述为已签名的pkcs7。 我从来没有真正解密签名的pkcs7所以我不确定
你需要做什么。也许会调用CryptMsgOpenToDecode或CryptDecodeObject为你做这件事......
You'll need to have access to the key recovery agent private key to decrypt the blob that is returned by GetArchivedKey. If you look at: http://msdn.microsoft.com/en-us/library/aa383237 in the remarks section it describes the returned blob as a signed pkcs7. I've never really had to decode a signed pkcs7 so I'm not sure what you need to do. Maybe call CryptMsgOpenToDecode or maybe CryptDecodeObject will do it for you...
Andrew
>
这篇关于私钥存档 - 从CA恢复 - 程序化的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!