我正在使用自签名证书ECDH_secP384r1来签署令牌。这是我创建证书的 PowerShell:
$Cert = New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname $Certname -NotAfter $ExpireDate -KeyAlgorithm ECDH_secP384r1
现在在我的 .net 核心应用程序中,我首先加载证书:
private readonly string _certificateSubjectName;
public X509Certificate2 GetSigningCertificate()
{
using (var store = new X509Store(StoreLocation.LocalMachine))
{
store.Open(OpenFlags.ReadOnly);
var certificates = store.Certificates.Find(X509FindType.FindBySubjectName, _certificateSubjectName, false);
return certificates[0];
}
}
而且我也可以ECDsa像这样获取私钥
ECDsa privateKey = signingCertificate.GetECDsaPrivateKey();
ECDsa publicKey = signingCertificate.GetECDsaPublicKey()
但是我怎么能有这些键的字节数组呢?
对于 Rsa,我可以使用:
public byte[] GetPrivateKey(X509Certificate2 certificate)
{
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)certificate.PrivateKey;
MemoryStream memoryStream = new MemoryStream();
TextWriter streamWriter = new StreamWriter(memoryStream);
PemWriter pemWriter = new PemWriter(streamWriter);
AsymmetricCipherKeyPair keyPair = DotNetUtilities.GetRsaKeyPair(rsa);
pemWriter.WriteObject(keyPair.Private);
streamWriter.Flush();
byte[] byteArray = memoryStream.GetBuffer();
return byteArray;
}
但是怎么样ECDsa?任何想法?