如何使用PEM格式的公钥创建证书对象?
我想使用iText在PDF中嵌入签名的哈希值和公共对象。
I want to use iText to embed signed hash and public in PDF.
根据iText 7中sign方法的参数,我需要通过证书链,
As per arguments to sign method in iText 7 I need to pass certificate chain,
如何直接从公钥字符串创建此证书对象?
How can I create this certificate object directly from public key string?
更新1
下面是小的C#代码。您可以看到我正在尝试从公共密钥获取x509证书。该证书将用于验证来自相应私钥的签名数据。
Update 1 Below is small c# code. You can see I am trying to get x509 certificate from public key. This certificate will be used to verify the signed data from corresponding private key. Also it will be used to embed this public certificate and signed hash into PDF for digital signature.
在下面的代码中,我得到如下错误
In below code I am getting error as below
错误:
'DigiSignDemo.exe'(CLR v4.0.30319:DigiSignDemo.exe) :加载了 C:\\ Users \\ xposs \\ source \\ repos \\ DigiSignDemo \\ bin \\ Debug \\ itext.forms.dll。跳过的加载符号。模块已优化,调试器选项仅我的代码已启用。
引发的异常:mscorlib.dll中的'System.Security.Cryptography.CryptographicException'
mscorlib.dll中发生了类型为'System.Security.Cryptography.CryptographicException'的未处理异常
找不到
public static readonly string publickey = @"-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGhYfAvWxqIwsZsO1zUN
NyFT/3US7HGLXiW48NvYn2qNyn/9hm/BFWG901YoJAjlPTcNtMo1t8lUr2dRkc3l
8YyP8SetWKbznerQuXYBZZy31kp8u3Wj+zQSroZsFn69FoMAMWXqhkw9woFumINe
gw4sMtQ1S8CucX0uXJ4a2ElzoaUKp1M+MOCATDnmsXSyf/2/ERO71SpD+alDV2rE
m5DqvEnE0t27fm7PpNeCX0XEHRvx620LooGv1Co+0w5Au37sfSjOZp1B9V0n8KFR
6gLFY7mAZ1krZJscYgkNAPIz2QE6voBR8OVSHMnNcPH+0KLfGuNVHhaTyI4naPH+
0QIDAQAB
-----END PUBLIC KEY-----
";
public static System.Security.Cryptography.X509Certificates.X509Certificate getPublicCertificate()
{
//Here below I am getting error
X509Certificate2 clientCertificate =
new X509Certificate2(Encoding.UTF8.GetBytes(publickey));
return clientCertificate;
}
您无法创建来自公共密钥的证书。就像问如何从方向盘上创建汽车一样……在它成为汽车之前,您还错过了许多其他东西。
You can't create a certificate from a public key. It's analogous to asking how to create a car from a steering wheel... you're missing a lot of other stuff before it'd be a car.
给出您具有SubjectPublicKeyInfo格式的RSA公钥,则可以将其作为RSA密钥导入,从.NET Core 3.0开始,通过
Given that you have an RSA public key in the SubjectPublicKeyInfo format, you can import it as an RSA key, starting with .NET Core 3.0, via
RSA rsa = RSA.Create();
rsa.ImportSubjectPublicKeyInfo(
Convert.FromBase64String(@"
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGhYfAvWxqIwsZsO1zUN
NyFT/3US7HGLXiW48NvYn2qNyn/9hm/BFWG901YoJAjlPTcNtMo1t8lUr2dRkc3l
8YyP8SetWKbznerQuXYBZZy31kp8u3Wj+zQSroZsFn69FoMAMWXqhkw9woFumINe
gw4sMtQ1S8CucX0uXJ4a2ElzoaUKp1M+MOCATDnmsXSyf/2/ERO71SpD+alDV2rE
m5DqvEnE0t27fm7PpNeCX0XEHRvx620LooGv1Co+0w5Au37sfSjOZp1B9V0n8KFR
6gLFY7mAZ1krZJscYgkNAPIz2QE6voBR8OVSHMnNcPH+0KLfGuNVHhaTyI4naPH+
0QIDAQAB"),
out _);
// the key is loaded now.
如果您不在.NET Core上,则要困难得多。请参阅如何加载RSA公钥从C#文件中或如何仅在c#中获取RSACryptoServiceProvider公钥和私钥以获取更多信息。
If you're not on .NET Core, this is a lot harder. See How to load the RSA public key from file in C# or How to get RSACryptoServiceProvider public and private key only in c# for more information.