Reputation: 6381
Does X509Certificate2 specifiy key exchange algorithm?
Does X509Certificate2 class (or a certificate itself) specify the preferred/required key exchange algorithm (e.g. RSA or RSAES-OAEP) to be used for symmetric encryption?
Upvotes: 0
Views: 307
Answers (1)
Reputation: 93988
No, an X.509 certificate does not specify anything like that. Nor should it.
The certificate only defines general use cases of the key (e.g. key encipherment). The choice of the right key exchange algorithm is however responsibility of the protocol, not the certificate itself.
Note that TLS specifications nowadays contain ECDHE_ and DHE_ ciphersuites. For this kind of protocol the private key is used to sign parameters for entity authentication rather than to directly encrypt a key. The messages themselves then use a symmetric cipher for encryption.
I presume however that your question was more about, for instance, Cryptographic Message Syntax encryption, XML encryption or other container formats.
Upvotes: 1
Related Questions
- Does the X509Certificate2 GetRSAPrivateKey method also return public key data?
- What is the difference between X509Certificate2 and X509Certificate in .NET?
- How do I verify Certificate for KeyUsage
- Create and verify x509 certificates in .Net
- AES encryption key stored in X509Certificate?
- X509Certificate2 Info
- How do I use X509Certificate2 for mutual SSL in .NET? Private key is not recognized
- x509 and digital signature
- Is there any way to do X.509 Certificate creation in .net?
- X509Certificate and SSL