充气城堡解码CSR c#

时间:2017-06-08 16:22:49

标签: c# bouncycastle

我正在尝试学习如何使用充气城堡解码csr,因为我打算用它来学习其他加密的东西。

我也没有找到任何关于c#java的文档。

以下是我调用DecodeCSR(string str)的方式:

 static void Main(string[] args)
    {
        string csr = "-----BEGIN NEW CERTIFICATE REQUEST-----...";
        DecodeCSR(csr);
        Console.ReadLine();
    }

这是我的方法,我得到一个IO异常(包含在下面),我的主要问题是我不知道该给什么Pkcs10CertificationRequest

private static void DecodeCSR(string csr)
    {
        try
        {
            byte[] csrEncode = Encoding.UTF8.GetBytes(csr);
            Pkcs10CertificationRequest csrDecoder = new Pkcs10CertificationRequest(csrEncode);
            byte[] csrDecode = csrDecoder.GetEncoded();
        }
        catch (IOException e)
        {
            Console.WriteLine(e);
        }

    }
 System.IO.IOException: unknown tag 13 encountered
   at Org.BouncyCastle.Asn1.Asn1InputStream.BuildObject(Int32 tag, Int32 tagNo, Int32 length)
   at Org.BouncyCastle.Asn1.Asn1InputStream.ReadObject()
   at Org.BouncyCastle.Asn1.Asn1Object.FromByteArray(Byte[] data)
   at Org.BouncyCastle.Pkcs.Pkcs10CertificationRequest..ctor(Byte[] encoded)

2 个答案:

答案 0 :(得分:3)

您正试图以错误的方式将CSR解码为字节数组。

这是我为回答这个问题而创建的测试CSR:

-----BEGIN NEW CERTIFICATE REQUEST-----
MIIC3zCCAccCAQAwajELMAkGA1UEBhMCWFgxEDAOBgNVBAgTB1Vua25vd24xEDAOBgNVBAcTB05v
d2hlcmUxGjAYBgNVBAoTEVRlc3RlcnMgVW5saW1pdGVkMQ0wCwYDVQQLEwRUZXN0MQwwCgYDVQQD
EwNCb2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUf5kRJVMNwPu+nEnJ3Av5J59H
vkeU0fOQtI+ezvHoJXc0A4iGDBm9PUw+eAXHw237Yu7+AyzgQCD8mwQt/lHLjXG/yeX66PhTFlzH
Lhk4rqL9PQATbl4uCYtWoJmeEOWHL26dfI//AFsL9/smVyjD1mJfee6998PwwHB6BxqSaqXiR1Et
lC4jx+B2E6btvMtREQ94cECoQudSgo3MRMBH+FuEcCofNtwosEpptjIN59ywVfDDU2Me58r930Ej
A8EZbXwYpUjwaHtXK80TKq8yF3Af7Hbt6FhkXOv1QtF0EYUKvE4BVTAx4mPLUy2mct8Ft8/+/Lbt
HDmslaBCAFZrAgMBAAGgMDAuBgkqhkiG9w0BCQ4xITAfMB0GA1UdDgQWBBRt0aHvY5c29iUS6/7E
3FC+Bn3FNDANBgkqhkiG9w0BAQsFAAOCAQEAe+e+3WfxJd/ztcIDRR8YfVkeOlE0b8Erze13fQi/
GsBJQ2MF/7T8x/8ZF2CqusrmLTzb5sY5qVKlRgnguow6xnGu0QOiJdC4kgoqgAaxDwz/eIhMGkt9
hyfTkMWiMD0OfYpdhXWUHrvbzWyUNI1ouWjOoqS03LvSiT4Cq+7Xca8ETVyuBN1FZeFUxO59goqI
eKKenzPqJHcPUjkQbUBgsfKpuRXveRG+vacCt0chWUK4TEVyPzH2EDH0kiQh6dsVizKrHUihh5K/
BhZNqzyBW7G5vbxq4wBz7cLDskfqTsOnHRsAlYmNsXO2wV1LQ2f04F+FHIzZ+IWaO86cxTPMtA==
-----END NEW CERTIFICATE REQUEST-----

要解码像这样的CSR,我们需要:

  • 从顶部和底部删除行-----BEGIN NEW CERTIFICATE REQUEST----------END NEW CERTIFICATE REQUEST-----
  • 将剩余字符从Base64转换为字节数组。
  • 将生成的字节数组传递给Pkcs10CertificateRequest

以下是一些解码CSR并打印出主题名称的代码:

    string csr = "....";

    char[] characters =
        csr.Replace("-----BEGIN NEW CERTIFICATE REQUEST-----", "")
        .Replace("-----END NEW CERTIFICATE REQUEST-----", "")
        .ToCharArray();

    byte[] csrEncode = Convert.FromBase64CharArray(characters, 0, characters.Length);
    Pkcs10CertificationRequest decodedCsr = new Pkcs10CertificationRequest(csrEncode);
    Console.WriteLine(decodedCsr.GetCertificationRequestInfo().Subject);

当我在上面的CSR上运行此代码时,它会写下以下输出行:

C=XX,ST=Unknown,L=Nowhere,O=Testers Unlimited,OU=Test,CN=Bob

答案 1 :(得分:3)

卢克伍德沃德的回答非常正确。我将仅添加该功能由Org.BouncyCastle.OpenSsl.PemReader直接实现:

Pkcs10CertificationRequest decodedCsr = (Pkcs10CertificationRequest)new PemReader(new StringReader(csr)).ReadObject();

除了简洁之外,这对于包括更好的语法检查以及支持标题和加密(在此特定示例中均未使用)等内容更为可取。