Public 来自 C# 通用应用程序平台证书的密钥
Public Key from Certificate in C# Universal App Platform
在这篇文章中 https://blogs.windows.com/buildingapps/2015/10/13/create-more-secure-apps-with-less-effort-10-by-10/ 他们向您解释了如何安全地连接到服务器。他们检查指纹以查看证书是否合法。但是证书会随着时间的推移而变化,我检查的硬编码字符串将不再有效。
这就是我要提取 public 密钥的原因。因为我确定它不会从一个证书更改为另一个证书。
在此代码中:
private async Task DemoSSLRoot()
{
// Send a get request to Bing
HttpClient client = new HttpClient();
Uri bingUri = new Uri("https://www.bing.com");
HttpResponseMessage response = await client.GetAsync(bingUri);
// Get the list of certificates that were used to validate the server's identity
IReadOnlyList<Certificate> serverCertificates = response.RequestMessage.TransportInformation.ServerIntermediateCertificates;
// Perform validation
if (!ValidCertificates(serverCertificates))
{
// Close connection as chain is not valid
return;
}
PrintResults("Validation passed\n");
// Validation passed, continue with connection to service
}
private bool ValidCertificates(IReadOnlyList<Certificate> certs)
{
// In this example, we iterate through the certificates and check that the chain contains
// one specific certificate we are expecting
for (int i = 0; i < certs.Count; i++)
{
PrintResults("Cert# " + i + ": " + certs[i].Subject + "\n");
byte[] thumbprint = certs[i].GetHashValue();
// Check if the thumbprint matches whatever you are expecting
// d4 de 20 d0 5e 66 fc 53 fe 1a 50 88 2c 78 db 28 52 ca e4 74
byte[] expected = new byte[] { 212, 222, 32, 208, 94, 102, 252, 83, 254, 26, 80, 136, 44, 120, 219, 40, 82, 202, 228, 116 };
if (ThumbprintMatches(thumbprint, expected))
{
return true;
}
}
return false;
}
阅读更多内容
访问指纹非常容易。但我需要 public 键。
我在互联网上搜索,我发现了非常疯狂的代码来检查我是否能够让它工作。
有人可以告诉我是否有一种简单的方法可以从 Windows 10 中的证书中提取 public 密钥?
此致。
X509Certificate.GetPublicKey 方法可用于通用 Windows 平台。
您可以使用例如:
var publicKey = certs[i].GetPublicKey();
或
byte[] publicKey = certs[i].GetPublicKey.EncodedKeyValue.RawData;
正如 Tomas 所说,有一个名为 GetPublicKey 的方法。它不包含在 API 中。刚刚注意到有一个名为 "System.Security.Cryptography.X509Certificates" 的 nuget 包,其中可以使用此方法。
谢谢!
在这篇文章中 https://blogs.windows.com/buildingapps/2015/10/13/create-more-secure-apps-with-less-effort-10-by-10/ 他们向您解释了如何安全地连接到服务器。他们检查指纹以查看证书是否合法。但是证书会随着时间的推移而变化,我检查的硬编码字符串将不再有效。
这就是我要提取 public 密钥的原因。因为我确定它不会从一个证书更改为另一个证书。
在此代码中:
private async Task DemoSSLRoot()
{
// Send a get request to Bing
HttpClient client = new HttpClient();
Uri bingUri = new Uri("https://www.bing.com");
HttpResponseMessage response = await client.GetAsync(bingUri);
// Get the list of certificates that were used to validate the server's identity
IReadOnlyList<Certificate> serverCertificates = response.RequestMessage.TransportInformation.ServerIntermediateCertificates;
// Perform validation
if (!ValidCertificates(serverCertificates))
{
// Close connection as chain is not valid
return;
}
PrintResults("Validation passed\n");
// Validation passed, continue with connection to service
}
private bool ValidCertificates(IReadOnlyList<Certificate> certs)
{
// In this example, we iterate through the certificates and check that the chain contains
// one specific certificate we are expecting
for (int i = 0; i < certs.Count; i++)
{
PrintResults("Cert# " + i + ": " + certs[i].Subject + "\n");
byte[] thumbprint = certs[i].GetHashValue();
// Check if the thumbprint matches whatever you are expecting
// d4 de 20 d0 5e 66 fc 53 fe 1a 50 88 2c 78 db 28 52 ca e4 74
byte[] expected = new byte[] { 212, 222, 32, 208, 94, 102, 252, 83, 254, 26, 80, 136, 44, 120, 219, 40, 82, 202, 228, 116 };
if (ThumbprintMatches(thumbprint, expected))
{
return true;
}
}
return false;
}
访问指纹非常容易。但我需要 public 键。 我在互联网上搜索,我发现了非常疯狂的代码来检查我是否能够让它工作。
有人可以告诉我是否有一种简单的方法可以从 Windows 10 中的证书中提取 public 密钥?
此致。
X509Certificate.GetPublicKey 方法可用于通用 Windows 平台。
您可以使用例如:
var publicKey = certs[i].GetPublicKey();
或
byte[] publicKey = certs[i].GetPublicKey.EncodedKeyValue.RawData;
正如 Tomas 所说,有一个名为 GetPublicKey 的方法。它不包含在 API 中。刚刚注意到有一个名为 "System.Security.Cryptography.X509Certificates" 的 nuget 包,其中可以使用此方法。
谢谢!