Reputation: 51
Create certificate from public key
There is a method : GetPublicKeyString from X509Certificate, if we pass the output which is hex base 64 , can we create a public key certificate ?
Upvotes: 1
Views: 225
Answers (1)
Reputation: 33266
The X509Certificate instance is already a "public key certificate", in that it's an X.509 certificate that isn't an "attribute certificate" (a much, much less commonly used type of certificate from the X.509 specification)
Certificates in .NET can have an associated private key, but they're really not part of the certificate. So, if you meant that you want to create a certificate instance that is guaranteed to not know about a private key, then you want to do
X509Certificate2 publicOnly = new X509Certificate2(cert.RawData);
(Or, if you're really using X509Certificate and can't access RawData, you can also get it from cert.Export(X509ContentType.Cert).
The output of cert.GetPublicKeyString() is of a format that depends on cert.GetKeyAlgorithm(). For RSA keys (1.2.840.113549.1.1.1) GetPublicKeyString produces an RSAPublicKey value, which is sufficient to hydrate a key object (e.g. the ImportRSAPublicKey method on the RSA class). For DSA keys, it's not, and you also need to interpret cert.GetKeyAlgorithmParameters(). Though, for any built-in algorithm there's no need to use these values at all. cert.GetRSAPublicKey() and friends will do that work for you.
Upvotes: 0
Related Questions
- Using a pre-existing private key to sign file to create a certificate (C#)
- Using public key in asymmetric encryption with X.509 certificates
- Encrypting the X509Certificate public Key
- encryption and decryption using certificates in C#
- Construct RSACryptoServiceProvider from public key (not certificate)
- Trying to create certificate request from existing public key (programmatically)
- Using AsymmetricAlgorithm Private and Public key with RSA C#
- Public Key Crypto with Private Key Encryption
- Public Key Encryption
- Encryption with certificate