无法在客户端新 X509Certificate2() 解码证书 [英] Unable to decode certificate at client new X509Certificate2()
问题描述
我正在使用这个 little class 以字节数组形式返回一个 pfx 文件.
I'm using this little class which returns me a pfx file in byte array.
服务器端:
byte[] serverCertificatebyte;
var date = new DateTime(DateTime.Today.Year, DateTime.Today.Month, DateTime.Today.Day);
serverCertificatebyte = Certificate.CreateSelfSignCertificatePfx("CN=RustBuster" + RandomString(5),
date,
date.AddDays(7));
然后我将它发送给客户端(长度:1654):
Then I send It to the client (length: 1654):
tcpClient.GetStream().Write(serverCertificatebyte , 0, serverCertificatebyte .Length);
一旦客户端阅读它,我想将它转换为证书类:(这里的长度也是1654)
Once the client read It, I would like to convert It to a certificate class: (Length is also 1654 here)
我尝试做一个新的 X509Certificate2(data);我得到了下面的错误.这适用于服务器端.怎么了?
I try to do a new X509Certificate2(data); and I get the error down below. This works on server side. What's the matter?
我也用 new X509Certificate2(data, string.Empty) 试过了;并得到相同的错误
I also tried It with new X509Certificate2(data, string.Empty); and got the same error
错误 System.Security.Cryptography.CryptographicException:无法解码证书.---> System.Security.Cryptography.CryptographicException:无法将输入数据编码为有效证书.---> System.ArgumentOutOfRangeException: 不能为负.
Error System.Security.Cryptography.CryptographicException: Unable to decode certificate. ---> System.Security.Cryptography.CryptographicException: Input data cannot be coded as a valid certificate. ---> System.ArgumentOutOfRangeException: Cannot be negative.
参数名称:长度
at System.String.Substring (Int32 startIndex, Int32 length) [0x00000] in :0
at System.String.Substring (Int32 startIndex, Int32 length) [0x00000] in :0
在 Mono.Security.X509.X509Certificate.PEM (System.String type, System.Byte[] data) [0x00000] in :0
at Mono.Security.X509.X509Certificate.PEM (System.String type, System.Byte[] data) [0x00000] in :0
在 Mono.Security.X509.X509Certificate..ctor (System.Byte[] data) [0x00000] in :0
at Mono.Security.X509.X509Certificate..ctor (System.Byte[] data) [0x00000] in :0
推荐答案
长时间的思考和帮助请求终于让我找到了解决方案.
Long thoughts and help requests finally lead me to a solution.
以下方法或示例我根本没有工作的持久连接.
The following way or examples to a persistent connections that I had DID NOT WORK AT ALL.
在服务器端,您首先必须获得要发送的字节长度,并将其写入流.这很可能是一个长度为 4 的字节.
At the server side you first must get the length of the byte you would like to send, and write It to the stream. This most likely going to be a byte having the length of 4.
byte[] intBytes = BitConverter.GetBytes(serverCertificatebyte.Length);
Array.Reverse(intBytes);
在客户端,读取该字节,并将其转换为 int:
On the client side, read that byte, and convert It to an int:
byte[] length = new byte[4];
int red = 0;
while (true)
{
red = stream.Read(length, 0, length.Length);
if (red != 0)
{
break;
}
}
if (BitConverter.IsLittleEndian)
{
Array.Reverse(length);
}
int i = (BitConverter.ToInt32(length, 0)); // The length of the byte that the server sent
// By this time your server already sent the byte (Right after you sent the length) tcpClient.GetStream().Write(byte, 0, byte.Length);
byte[] data = ByteReader(i);
此方法将读取您从服务器发送的字节,直到有可能
This method is going to read the byte that you send from the server until It's possible
internal byte[] ByteReader(int length)
{
using (NetworkStream stream = client.GetStream())
{
byte[] data = new byte[length];
using (MemoryStream ms = new MemoryStream())
{
int numBytesRead;
int numBytesReadsofar = 0;
while (true)
{
numBytesRead = stream.Read(data, 0, data.Length);
numBytesReadsofar += numBytesRead;
ms.Write(data, 0, numBytesRead);
if (numBytesReadsofar == length)
{
break;
}
}
return ms.ToArray();
}
}
}
与微软文档页面上提供的其他示例不同,此解决方案似乎运行良好.我希望这也能帮助其他人.
This solution seems to be working pretty well unlike the other examples that were provided on the microsoft documentation page. I hope this will help others too.
这篇关于无法在客户端新 X509Certificate2() 解码证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
