所以我和.Net的RSACryptoServiceProvider和Bouncy Castle搞错了,以便能够创建RSA密钥对,然后再创建X509证书。
我很好奇是否有人知道这两个代码块之间是否存在任何差异,我认为这些代码块也是如此,但纯粹的Bouncy Castle版本需要更长时间才能完成。
.Net与Bouncy Castle:
private const int RsaKeySize = 4096;
public static AsymmetricCipherKeyPair GetKeyPairWithDotNet()
{
using (RSACryptoServiceProvider rsaProvider = new RSACryptoServiceProvider(RsaKeySize))
{
RSAParameters rsaKeyInfo = rsaProvider.ExportParameters(true);
return DotNetUtilities.GetRsaKeyPair(rsaKeyInfo);
}
}
Pure Bouncy Castle:
private const int RsaKeySize = 4096;
public static AsymmetricCipherKeyPair GetKeyPair()
{
CryptoApiRandomGenerator randomGenerator = new CryptoApiRandomGenerator();
SecureRandom secureRandom = new SecureRandom(randomGenerator);
var keyGenerationParameters = new KeyGenerationParameters(secureRandom, RsaKeySize);
var keyPairGenerator = new RsaKeyPairGenerator();
keyPairGenerator.Init(keyGenerationParameters);
return keyPairGenerator.GenerateKeyPair();
}