问题
I have some data of an X509v3 certificate that is used at a central licensing station. My question is is the following amount of information enough for me to decrypt data using C# code? And additionally, how are the certificate properties imported into a project? Do I have to create a certificate file in order to go on?
Known to me are:
- Subject
- Serial Number
- Issuer
- "root-ca"
- Public Key Algorithm: "rsaEncryption"
- RSA Modulus, 128 bytes
- RSA Public Key Exponent
- X509v3 Extended Key Usage: "critical"
- Signature Algorithm: "md5WithRSAEncryption", followed by 256 untitled bytes
- SHA1 Fingerprint
I do not have any certificate file. Excuse me if a similar question has already been answered, unfortunately I wasn't able to find one like mine.
回答1:
No, your data is not enough. First of all, this is all public data. It doesn't contain a private key. A private key is used for decryption or signature generation. A public key is used for encryption and signature verification.
The .NET API is peculiar in that you can seemingly use a certificate to decrypt. This is not really the case; the certificate and private key pair are seen as one; only if the private key is included then you can actually decrypt. Personally I see this as a minor design mistake.
In principle you could create a certificate given the information. Basically you would have to generate a certificate with the same information and then replace the issuer and signature fields.
This is however not for the weak of heart; I recommend a few years of experience before you even try. If any information is missing from the list above you won't get a valid certificate / signature, and you won't get any warning what is wrong, just a failure. You've got one advantage though; if the signature verifies or fingerprint is identical to the one you've got then you know that you've succeeded.
You would not be able to decrypt of course; the private key would still be missing.
Note that the signature is the 256 untitled bytes.
回答2:
This information is not enough. This data is a public key to encrypt data. RSAParameters
来源:https://stackoverflow.com/questions/44705282/using-a-x509-certificate-for-decryption