我正在尝试更新 this article's code允许我创建(和使用)基于 ECC 的自签名证书,以及 do basic signing and verification用它 ( ECDSA )。
- 是否有任何方法可以使用跨平台 .NET Core API 来实现这一点,或者是否需要 Win32 P/Invoke?
根据 this post ,我需要使用更标准的id-ecc类型
最佳答案
Is there any way to accomplish this with cross platform .NET Core APIs
是的!
X509Certificate2 cert;
using (ECDsa key = ECDsa.Create(ECCurve.NamedCurves.nistP256))
{
CertificateRequest request = new CertificateRequest(
"CN=Self-Signed ECDSA",
key,
HashAlgorithmName.SHA256);
request.CertificateExtensions.Add(
new X509KeyUsageExtension(X509KeyUsageFlags.DigitalSignature, critical: false));
request.CertificateExtensions.Add(
new X509BasicConstraintsExtension(false, false, 0, false));
// If it was for TLS, then Subject Alternative Names and
// Extended (Enhanced) Key Usages would also be useful.
DateTimeOffset start = DateTimeOffset.UtcNow;
cert = request.CreateSelfSigned(notBefore: start, notAfter: start.AddMonths(3));
}
// If you want to save a PFX or something, you can do so now.
关于.net-core - 如何使用 id-ecc 创建自签名证书以用于 ECDSA 签名和验证?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/53820166/