我怎样才能比较.NET公共密钥？ [英] How can I compare public keys in .NET?

问题描述

我有一个<一href="http://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509certificate2.aspx"相对=nofollow> X509Certificate2 包含公钥。我有一个<一href="http://msdn.microsoft.com/en-us/library/system.security.cryptography.rsacryptoserviceprovider.aspx"相对=nofollow> 的RSACryptoServiceProvider （其中来自调用<一个href="http://msdn.microsoft.com/en-us/library/system.security.cryptography.xml.signedxml.checksignaturereturningkey.aspx"相对=nofollow> SignedXml.CheckSignatureReturningKey ），还包含公开密钥。

I've got an X509Certificate2 containing a public key. I've got an RSACryptoServiceProvider (which came from calling SignedXml.CheckSignatureReturningKey), also containing a public key.

我想看看，如果一个来自其他。我如何比较两个？

I want to find out if one came from the other. How can I compare the two?

推荐答案

您可以比较<一href="https://msdn.microsoft.com/query/dev12.query?appId=Dev12IDEF1&l=EN-US&k=k(System.Security.Cryptography.X509Certificates.X509Certificate2.PublicKey);k(PublicKey);k(TargetFrameworkMoniker-.NETFramework,Version%3Dv4.5.2);k(DevLang-csharp)&rd=true"相对=nofollow>公钥的签名证书，在<属性href="https://msdn.microsoft.com/query/dev12.query?appId=Dev12IDEF1&l=EN-US&k=k(System.Security.Cryptography.Xml.SignedXml.KeyInfo);k(KeyInfo);k(TargetFrameworkMoniker-.NETFramework,Version%3Dv4.5.2);k(DevLang-csharp)&rd=true"相对=nofollow> SignedXml.KeyIfo 与签名密钥输出<一个href="https://msdn.microsoft.com/query/dev12.query?appId=Dev12IDEF1&l=EN-US&k=k(System.Security.Cryptography.Xml.SignedXml.CheckSignatureReturningKey);k(CheckSignatureReturningKey);k(TargetFrameworkMoniker-.NETFramework,Version%3Dv4.5.2);k(DevLang-csharp)&rd=true"相对=nofollow> SignedXml.CheckSignatureReturningKey 。这个C＃扩展方法做这项工作对我来说：

You can compare the PublicKey property of signing certificates in the SignedXml.KeyIfo with signing key output from SignedXml.CheckSignatureReturningKey. This C# extension method does the job for me:

public static bool CheckSignatureReturningCertificate(this SignedXml signedXml, out X509Certificate2 signingCertificate)
{
    signingCertificate = null;
    AsymmetricAlgorithm signingKey;
    bool isValid = signedXml.CheckSignatureReturningKey(out signingKey);
    if (isValid)
    {
        IEnumerable<X509Certificate2> keyInfoCertificates =
            signedXml.KeyInfo.OfType<KeyInfoX509Data>()
                .SelectMany(x => x.Certificates.Cast<X509Certificate2>());

        signingCertificate = keyInfoCertificates.FirstOrDefault(x => x.PublicKey.Key == signingKey);
        if (signingCertificate == null)
        {
            throw new Exception("Signing certificate not found in KeyInfo.");
        }
    }

    return isValid;
}

使用这样的：

X509Certificate2 signingCertificate = null;
bool isValid = signedXml.CheckSignatureReturningCertificate(out signingCertificate);
if(isValid)
{
    // signingCertificate now contains the certificate used to sign
}

这篇关于我怎样才能比较.NET公共密钥？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！