-
Notifications
You must be signed in to change notification settings - Fork 4.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
why CngKey.Import is not supported on ubuntu? #21259
Comments
What result do you get? |
@danmosemsft
|
CngKey represents direct interop to the Windows CNG libraries (BCrypt.dll and NCrypt.dll), which is not available on non-Windows platforms. There are not any cross-platform APIs in .NET Core capable of reading a PKCS#8 blob. |
Where is the exception coming from (I don't see) . we can add a more speicfic message. |
CngKey (and CngKeyBlobFormat) is in the Cng library, so auto-generated PNSE: https://github.com/dotnet/corefx/blob/master/src/System.Security.Cryptography.Cng/src/System.Security.Cryptography.Cng.csproj#L11 So there's not really a place to add a message |
Oh of course. We could modify GenAPI to add a message that we could define in the project (can't find its sources. @weshaggard ..). I guess |
The code for GenAPI lives in BuildTools. It would take some work to allow for custom messages for everything but it wouldn't be too difficult to pass a common message for all of them. We would just need to plumb a parameter down into https://github.com/dotnet/buildtools/blob/73d034cddac9ed39af4c3acc4a030cc8598f1006/src/Microsoft.Cci.Extensions/Writers/CSharp/CSDeclarationWriter.Methods.cs#L204. |
Now I see there are 21 libraries with this property and doing this would improve 100's of PNSE maybe it 's worth it. |
X509Certificate2 has extension method GetECDsaPrivateKey which returns ECDsa - it is appropriate for me and it looks like ECDsa supported on ubuntu. |
$ openssl req -new -x509 -key key.p8 -out selfsigned.cer
$ openssl pkcs12 -export -in selfsigned.cer -inkey key.p8 -out selfsigned.certandkey.pfx Then you can load the cert with using (var cert = new X509Certificate2(pfx, password))
{
return cert.GetECDsaPrivateKey();
}
|
@bartonjs thank you! |
Is there any workaround to make this code working?
The text was updated successfully, but these errors were encountered: