SecureRandom randomdsa = new SecureRandom();
DateTime startDatedsa = DateTime.Today;
DateTime expiryDatedsa = DateTime.Today.AddYears(2); // Set whatever expiration date you want
BigInteger serialNumberdsa = new BigInteger(1, BitConverter.GetBytes(DateTime.Now.Ticks));
DsaKeyPairGenerator generatordsa = new DsaKeyPairGenerator();
DsaParametersGenerator paramgen = new DsaParametersGenerator();
paramgen.Init(512, 100, new SecureRandom());
DsaKeyGenerationParameters genParamdsa = new DsaKeyGenerationParameters(new SecureRandom(), paramgen.GenerateParameters());
generatordsa.Init(genParamdsa);
AsymmetricCipherKeyPair keyPairdsa = generatordsa.GenerateKeyPair();
DsaPrivateKeyParameters dsaprivkey2= ((DsaPrivateKeyParameters) keyPairdsa.Private);
X509V3CertificateGenerator certGendsa = new X509V3CertificateGenerator();
X509Name dnNamedsa = new X509Name("CN= DSA with private ");
certGendsa.SetSerialNumber(serialNumberdsa);
certGendsa.SetIssuerDN(cert.IssuerDN); // a name of the issuer
certGendsa.SetSubjectDN(dnNamedsa);
certGendsa.SetPublicKey(keyPairdsa.Public);
certGendsa.SetSignatureAlgorithm("sha512WithRSA");
certGendsa.SetNotBefore(startDatedsa);
certGendsa.SetNotAfter(expiryDatedsa);
Org.BouncyCastle.X509.X509Certificate certdsa = certGendsa.Generate(ackp.Private); // a private key of the issuer
certGendsa.AddExtension(X509Extensions.AuthorityKeyIdentifier,true,new AuthorityKeyIdentifierStructure(cert)); // cert是权限
certGendsa.AddExtension(X509Extensions.ExtendedKeyUsage, false, new ExtendedKeyUsage(us));
certGendsa.AddExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage. CrlSign|KeyUsage.KeyCertSign));
certGendsa.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false));
//私人参数:
DSACryptoServiceProvider rcspdsa = new DSACryptoServiceProvider();
DSAParameters parmsdsa = new DSAParameters();
parmsdsa.X = dsaprivkey2.X.ToByteArrayUnsigned();
parmsdsa.P= dsaprivkey2.Parameters.P.ToByteArrayUnsigned();
parmsdsa.Q= dsaprivkey2.Parameters.Q.ToByteArrayUnsigned();
parmsdsa.G= dsaprivkey2.Parameters.G.ToByteArrayUnsigned();
rcspdsa.ImportParameters(parmsdsa);
Pkcs12Store pkcs12Storedsa = new Pkcs12StoreBuilder().Build();
byte[] importcertds = DotNetUtilities.ToX509Certificate(certdsa).Export(System.Security.Cryptography.X509Certificates.X509ContentType.Pkcs12, "password");
var importcertdsa = new X509Certificate2(importcertds, "password");
X509CertificateEntry cedsa = new X509CertificateEntry(DotNetUtilities.FromX509Certificate(importcertdsa));
pkcs12Storedsa.SetCertificateEntry("DSACertificate", cedsa);
pkcs12Storedsa.SetKeyEntry("DSAPrivKey", new AsymmetricKeyEntry(DotNetUtilities.GetDsaKeyPair(rcspdsa).Private), new[] { cedsa });
pkcs12Storedsa.Save(File.Open("dsacert.pfx", FileMode.OpenOrCreate), "password".ToCharArray(), new SecureRandom());
rcspdsa.PersistKeyInCsp = true;
DSACryptoServiceProvider.UseMachineKeyStore = true;
importcertdsa.PrivateKey = rcspdsa;// hear is the exception
//将证书添加到当前用户:
var storedsa = new X509Store("Root", StoreLocation.CurrentUser);
storedsa.Open(OpenFlags.ReadWrite);
storedsa.Add(importcertdsa);
storedsa.Close();
一个问题是我接受了一个例外:
CryptographicUnexpectedOperationException: laclépubliquedu certificat ne对应一个lavaleurspécifié(证书的公钥与指定的值不匹配) ) 异常是在指令处抛出:
importcertdsa.PrivateKey = rcspdsa;
是谁可以帮助我?
非常感谢