/// <summary>
/// 用指定的证书名称对数据做签名
/// </summary>
/// <param name="data"></param>
/// <param name="certName"></param>
/// <returns></returns>
public static string Sign(byte[] data, string certName)
{
return(X509Finder.FindBySubject(certName, true).Sign(data));
//if( data == null )
// return null;
//// 查找私钥,优先在计算机的证书存储中查找
//X509Certificate2 cert = FindCertificate(certName);
//if( cert == null )
// throw new ArgumentException($"加密证书{certName}不存在。");
//return Sign(data, cert);
}
/// <summary>
/// 根据证书名查找X509证书,优先查找LocalMachine存储区域,如果失败则再查找CurrentUser
/// </summary>
/// <param name="certName"></param>
/// <returns></returns>
public static X509Certificate2 FindCertificate(string certName)
{
return(X509Finder.FindBySubject(certName));
//// 先查找 LocalMachine
//X509Certificate2 cert = FindCertificate(certName, StoreName.My, StoreLocation.LocalMachine);
//if( cert == null ) {
// // 再查找 CurrentUser
// cert = FindCertificate(certName, StoreName.My, StoreLocation.CurrentUser);
//}
//return cert;
}
/// <summary>
/// RSA数据加密
/// </summary>
/// <param name="data">二进制数据</param>
/// <param name="certName">证书名称</param>
/// <returns>加密后的数据</returns>
public static byte[] Encrypt(byte[] data, string certName)
{
return(X509Finder.FindBySubject(certName, true).Encrypt(data));
//if( data == null )
// return null;
//// 私钥存在在计算机的证书存储中
//X509Certificate2 cert = FindCertificate(certName);
//if( cert == null )
// throw new ArgumentException($"加密证书{certName}不存在。");
//// 获得证书公钥
//RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)cert.PublicKey.Key;
//// 注意:这个方法只能加密比较短的内容(一般是密钥)
//return rsa.Encrypt(data, true);
}
/// <summary>
/// 用X509证书解密数据
/// </summary>
/// <param name="data"></param>
/// <param name="certName"></param>
/// <returns></returns>
public static byte[] Decrypt(byte[] data, string certName)
{
return(X509Finder.FindBySubject(certName, true).Decrypt(data));
//if( data == null )
// return null;
//// 私钥存在在计算机的证书存储中
//X509Certificate2 cert = FindCertificate(certName);
//if( cert == null )
// throw new ArgumentException($"加密证书{certName}不存在。");
//// 读取证书私钥
//RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)cert.PrivateKey;
//if( rsa == null )
// throw new ArgumentException("证书没有私钥。");
//return rsa.Decrypt(data, true);
}
/// <summary>
/// 根据指定的证书名称和位置,查找证书。
/// </summary>
/// <param name="certName"></param>
/// <param name="storeName"></param>
/// <param name="storeLocation"></param>
/// <returns></returns>
public static X509Certificate2 FindCertificate(string certName, StoreName storeName, StoreLocation storeLocation)
{
return(X509Finder.FindBySubject(certName, storeLocation, storeName));
//// 查找这个存储区域,是与生成证书所使用的命令行对应的: -ss my -sr localMachine
//X509Store x509Store = new X509Store(storeName, storeLocation);
//try {
// x509Store.Open(OpenFlags.ReadOnly);
// string subjectName = "CN=" + certName;
// foreach( X509Certificate2 current in x509Store.Certificates )
// if( current.Subject == subjectName )
// return current;
//}
//finally {
// x509Store.Close();
//}
//return null;
}