使用C#读取证书签名请求 [英] Reading a certificate signing request with C#

问题描述

我想用C#阅读CSR的内容.但是，我还没有在C#中找到任何方法来做到这一点. 我发现的是名称空间System.Security.Cryptography.X509Certificates，但它仅处理现有证书，而不处理证书请求.

I want to read the contents of a CSR in C#. However, I haven't found any way to do it in C#. What I've found was the namespace System.Security.Cryptography.X509Certificates, but it only handles existing certificates, not certificate requests.

有人可以给我一个提示吗? 预先感谢.

Can anyone give me an hint about it? Thanks in advance.

推荐答案

有一种方法，Windows附带的CertEnroll库(尽管我不能说它已经有多久了)允许您加载证书请求并解析它们.

There is a way, the CertEnroll library which comes with Windows (although I can't say how far back it's been there) allows you to load certificate requests and have them parsed.

首先，您需要将对CERTENROLLLib COM库的引用导入到您的项目中.这将创建一个CERTENROLLLib命名空间，您可以随后使用它.

First you need to import a reference to the CERTENROLLLib COM library into your project. This will create a CERTENROLLLib name space you can then use.

然后您执行类似的操作；

Then you do something like this;

string csr = "-----BEGIN CERTIFICATE REQUEST-----\r\n" +
             "MIIBnTCCAQYCAQAwXTELMAkGA1UEBhMCU0cxETAPBgNVBAoTCE0yQ3J5cHRvMRIw\r\n" +
             "EAYDVQQDEwlsb2NhbGhvc3QxJzAlBgkqhkiG9w0BCQEWGGFkbWluQHNlcnZlci5l\r\n" +
             "eGFtcGxlLmRvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAr1nYY1Qrll1r\r\n" +
             "uB/FqlCRrr5nvupdIN+3wF7q915tvEQoc74bnu6b8IbbGRMhzdzmvQ4SzFfVEAuM\r\n" +
             "MuTHeybPq5th7YDrTNizKKxOBnqE2KYuX9X22A1Kh49soJJFg6kPb9MUgiZBiMlv\r\n" +
             "tb7K3CHfgw5WagWnLl8Lb+ccvKZZl+8CAwEAAaAAMA0GCSqGSIb3DQEBBAUAA4GB\r\n" +
             "AHpoRp5YS55CZpy+wdigQEwjL/wSluvo+WjtpvP0YoBMJu4VMKeZi405R7o8oEwi\r\n" +
             "PdlrrliKNknFmHKIaCKTLRcU59ScA6ADEIWUzqmUzP5Cs6jrSRo3NKfg1bd09D1K\r\n" +
             "9rsQkRc9Urv9mRBIsredGnYECNeRaK5R1yzpOowninXC\r" + 
             "-----END CERTIFICATE REQUEST-----";

CX509CertificateRequestPkcs10 request = new CX509CertificateRequestPkcs10();
request.InitializeDecode(csr, EncodingType.XCN_CRYPT_STRING_BASE64_ANY);
request.CheckSignature();

Console.WriteLine(((CX500DistinguishedName)request.Subject).Name);
Console.WriteLine(request.PublicKey.Length);
Console.WriteLine(request.HashAlgorithm.FriendlyName);

您可以看到，唯一有趣的部分是删除主题名称，因为您需要先将其转换为CX500DistinguishedName实例.

You can see the only fun part is getting the subject name out, as you need to cast it to a CX500DistinguishedName instance first.

这篇关于使用C#读取证书签名请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！