使用C#读取证书签名请求 [英] Reading a certificate signing request with C#
问题描述
我想用C#阅读CSR的内容.但是,我还没有在C#中找到任何方法来做到这一点.
我发现的是名称空间System.Security.Cryptography.X509Certificates
,但它仅处理现有证书,而不处理证书请求.
I want to read the contents of a CSR in C#. However, I haven't found any way to do it in C#.
What I've found was the namespace System.Security.Cryptography.X509Certificates
, but it only handles existing certificates, not certificate requests.
有人可以给我一个提示吗? 预先感谢.
Can anyone give me an hint about it? Thanks in advance.
推荐答案
有一种方法,Windows附带的CertEnroll库(尽管我不能说它已经有多久了)允许您加载证书请求并解析它们.
There is a way, the CertEnroll library which comes with Windows (although I can't say how far back it's been there) allows you to load certificate requests and have them parsed.
首先,您需要将对CERTENROLLLib
COM库的引用导入到您的项目中.这将创建一个CERTENROLLLib
命名空间,您可以随后使用它.
First you need to import a reference to the CERTENROLLLib
COM library into your project. This will create a CERTENROLLLib
name space you can then use.
然后您执行类似的操作;
Then you do something like this;
string csr = "-----BEGIN CERTIFICATE REQUEST-----\r\n" +
"MIIBnTCCAQYCAQAwXTELMAkGA1UEBhMCU0cxETAPBgNVBAoTCE0yQ3J5cHRvMRIw\r\n" +
"EAYDVQQDEwlsb2NhbGhvc3QxJzAlBgkqhkiG9w0BCQEWGGFkbWluQHNlcnZlci5l\r\n" +
"eGFtcGxlLmRvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAr1nYY1Qrll1r\r\n" +
"uB/FqlCRrr5nvupdIN+3wF7q915tvEQoc74bnu6b8IbbGRMhzdzmvQ4SzFfVEAuM\r\n" +
"MuTHeybPq5th7YDrTNizKKxOBnqE2KYuX9X22A1Kh49soJJFg6kPb9MUgiZBiMlv\r\n" +
"tb7K3CHfgw5WagWnLl8Lb+ccvKZZl+8CAwEAAaAAMA0GCSqGSIb3DQEBBAUAA4GB\r\n" +
"AHpoRp5YS55CZpy+wdigQEwjL/wSluvo+WjtpvP0YoBMJu4VMKeZi405R7o8oEwi\r\n" +
"PdlrrliKNknFmHKIaCKTLRcU59ScA6ADEIWUzqmUzP5Cs6jrSRo3NKfg1bd09D1K\r\n" +
"9rsQkRc9Urv9mRBIsredGnYECNeRaK5R1yzpOowninXC\r" +
"-----END CERTIFICATE REQUEST-----";
CX509CertificateRequestPkcs10 request = new CX509CertificateRequestPkcs10();
request.InitializeDecode(csr, EncodingType.XCN_CRYPT_STRING_BASE64_ANY);
request.CheckSignature();
Console.WriteLine(((CX500DistinguishedName)request.Subject).Name);
Console.WriteLine(request.PublicKey.Length);
Console.WriteLine(request.HashAlgorithm.FriendlyName);
您可以看到,唯一有趣的部分是删除主题名称,因为您需要先将其转换为CX500DistinguishedName
实例.
You can see the only fun part is getting the subject name out, as you need to cast it to a CX500DistinguishedName
instance first.
这篇关于使用C#读取证书签名请求的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!