나는 탄력이 강한 성으로 일하고 있으며 생성 된 임의의 키 대신 특정 개인 키를 생성하려고합니다.특정 개인 키를 사용하여 인증서 생성
개인 키를 제공하고 싶지만 코드는 임의의 키를 계속 생성합니다. 탄력성있는 성에서 사용할 정확한 개인 키를 지정하는 방법이 있습니까?
내 코드는 아래와 같습니다. 생성 된 인증서의 공개 키를 확인하면 항상 다른 값을 얻습니다. 내가 지정한 값이 필요해. 잘못 자바에 대한 대답의 주요
var cb = new X509CertBuilder(suppliers, "CN=MandarinAS, OU=Scheme42, O=MandarinAS, C=GB",
CertStrength.Bits1024);
var cert = cb.MakeCertificate(pwd, "CN=Mandarin, OU=CustomerId, OU=Scheme42, O=OrgX, C=GB", 1,keypair);
File.WriteAllBytes("Cert.pfx", cert.Export(X509ContentType.Pkcs12, pwd));
File.WriteAllBytes("Cert.cer", cert.Export(X509ContentType.Cert, pwd));
var store = new X509Store(storeLocation);
store.Open(OpenFlags.ReadOnly);
var myCertificate = new X509Certificate2("Cert.pfx", "password");
if (myCertificate.PrivateKey !
= null)
{
store.Close();
}
//here i debug and compare the public key values myCertificate is always changing
X509CertBuilder.cs
public class X509CertBuilder
{
private const string SignatureAlgorithm = "SHA1WithRSA";
private readonly int _strength;
private readonly CryptoApiRandomGenerator _randomGenerator = new CryptoApiRandomGenerator();
private readonly X509V3CertificateGenerator _certificateGenerator = new X509V3CertificateGenerator();
private readonly SecureRandom _random;
private readonly X509Name _issuer;
private readonly GeneralName[] _generalNames;
public X509CertBuilder(string[] validWithDomainNames, string issuer, CertStrength certStrength)
{
_random = new SecureRandom(_randomGenerator);
_issuer = new X509Name(issuer);
_strength = (int) certStrength;
_generalNames = new GeneralName[validWithDomainNames.Length];
for (var t = 0; t < validWithDomainNames.Length; t++)
{
_generalNames[t] = new GeneralName(new X509Name(validWithDomainNames[t]));
}
}
public X509Certificate2 MakeCertificate(string password, string issuedToDomainName, int validYears, AsymmetricCipherKeyPair mykey=null)
{
_certificateGenerator.Reset();
_certificateGenerator.SetSignatureAlgorithm(SignatureAlgorithm);
var serialNumber = BigIntegers.CreateRandomInRange(BigInteger.One, BigInteger.ValueOf(long.MaxValue),
_random);
_certificateGenerator.SetSerialNumber(serialNumber);
_certificateGenerator.SetSubjectDN(new X509Name(issuedToDomainName));
_certificateGenerator.SetIssuerDN(_issuer);
var subjectAlternativeNames = new Asn1Encodable[_generalNames.Length + 1];
// first subject alternative name is the same as the subject
subjectAlternativeNames[0] = new GeneralName(new X509Name(issuedToDomainName));
for (var t = 1; t <= _generalNames.Length; t++)
{
subjectAlternativeNames[t] = _generalNames[t - 1];
}
var subjectAlternativeNamesExtension = new DerSequence(subjectAlternativeNames);
_certificateGenerator.AddExtension(X509Extensions.SubjectAlternativeName.Id, false,
subjectAlternativeNamesExtension);
_certificateGenerator.SetNotBefore(DateTime.UtcNow.Date);
_certificateGenerator.SetNotAfter(DateTime.UtcNow.Date.AddYears(validYears));
var keyGenerationParameters = new KeyGenerationParameters(_random, _strength);
var keyPairGenerator = new RsaKeyPairGenerator();
keyPairGenerator.Init(keyGenerationParameters);
var subjectKeyPair = keyPairGenerator.GenerateKeyPair();
_certificateGenerator.SetPublicKey(subjectKeyPair.Public);
//Previouse auto key
//var issuerKeyPair = subjectKeyPair;
//My mykey
var issuerKeyPair = mykey;
var certificate = _certificateGenerator.Generate(issuerKeyPair.Private,_random);
var store = new Pkcs12Store();
var friendlyName = certificate.SubjectDN.ToString();
var certificateEntry = new X509CertificateEntry(certificate);
store.SetCertificateEntry(friendlyName, certificateEntry);
store.SetKeyEntry(friendlyName, new AsymmetricKeyEntry(issuerKeyPair.Private), new[] {certificateEntry});
using (var stream = new MemoryStream())
{
store.Save(stream, password.ToCharArray(), _random);
return new X509Certificate2(stream.ToArray(), password,
X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);
}
}
}