C＃通用应用程序平台中证书的公钥 [英] Public Key from Certificate in C# Universal App Platform

问题描述

本文 https://blogs.windows.com/buildingapps/2015/10/13/create-more-secure-apps-with-less-effort-10-by-10/ 您如何安全地连接到服务器。他们检查指纹以确认证书是合法的。但是证书会随着时间而变化，我检查的硬编码字符串将不再有效。

In this article https://blogs.windows.com/buildingapps/2015/10/13/create-more-secure-apps-with-less-effort-10-by-10/ they explain you how to securely connect to a server. They check the thumbprint to see that the cert is legitimate. But the certificates change over time and the hardcoded string I check against will be no longer valid.

这就是为什么我要提取公钥的原因。因为我敢肯定它不会从一种证书更改为另一种。

That's why I want to extract the public key. Because I'm certain it's not gonna change from one certificate to other.

在此代码中：

        private async Task DemoSSLRoot()
    {
        // Send a get request to Bing
        HttpClient client = new HttpClient();
        Uri bingUri = new Uri("https://www.bing.com");
        HttpResponseMessage response = await client.GetAsync(bingUri);

        // Get the list of certificates that were used to validate the server's identity
        IReadOnlyList<Certificate> serverCertificates = response.RequestMessage.TransportInformation.ServerIntermediateCertificates;

        // Perform validation
        if (!ValidCertificates(serverCertificates))
        {
            // Close connection as chain is not valid
            return;
        }

        PrintResults("Validation passed\n");
        // Validation passed, continue with connection to service
    }

    private bool ValidCertificates(IReadOnlyList<Certificate> certs)
    {
        // In this example, we iterate through the certificates and check that the chain contains
        // one specific certificate we are expecting
        for (int i = 0; i < certs.Count; i++)
        {
            PrintResults("Cert# " + i + ": " + certs[i].Subject + "\n");
            byte[] thumbprint = certs[i].GetHashValue();

            // Check if the thumbprint matches whatever you are expecting
            // ‎d4 de 20 d0 5e 66 fc 53 fe 1a 50 88 2c 78 db 28 52 ca e4 74
            byte[] expected = new byte[] { 212, 222, 32, 208, 94, 102, 252, 83, 254, 26, 80, 136, 44, 120, 219, 40, 82, 202, 228, 116 };

            if (ThumbprintMatches(thumbprint, expected))
            {
                return true;
            }
        }

        return false;
    }

有关更多信息，请访问 https://blogs.windows.com /buildingapps/2015/10/13/create-more-secure-apps-with-effort--10--10-/#1tFDZeMtskOkOrvd.99

Read more at https://blogs.windows.com/buildingapps/2015/10/13/create-more-secure-apps-with-less-effort-10-by-10/#1tFDZeMtskOkOrvd.99

访问指纹非常容易。但是我需要公共密钥。
我正在互联网上搜索，我发现了非常疯狂的代码来检查我是否无法使其正常工作。

It's quite easy to access the thumbprint. But I need the public key. I was searching in internet and I found really crazy code to check that I was not able to make it work.

有人可以告诉我是否存在在Windows 10中从证书中提取公钥的简单方法？

Can somebody tell me if there is an easy way to extract the public key from a Certificate in Windows 10?

问候。

推荐答案

就像Tomas所说的那样，有一个名为GetPublicKey的方法。它不包含在API中。只是注意到有一个名为 System.Security.Cryptography.X509Certificates的nuget包，该方法可用。

As Tomas said there was a method called GetPublicKey. It is not included in the APIs. Just noticed there was a nuget package called "System.Security.Cryptography.X509Certificates" where this method was available.

谢谢！

这篇关于C＃通用应用程序平台中证书的公钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！