I am trying to verify a root/self-signed certificate by trying to decrypt the signature with a known/trusted Public Key, then checking if the decrypted开发者_StackOverflow中文版 hash matches the original certificate hash.
I get the remote certificate by using RemoteCertificateValidation callback on the sslStream class.
The certificate is given as a X509Certificate class, I can get all properties of this certificate using this class except the Signature.
Is there any way I can get the byte array of the signature using the X509Certificate class or any other class?
Regards Albert
If you don't mind using third-party components, take a look at PKIBlackbox package of our SecureBlackbox product. Using TElX509Certificate class you can validate the certificate (using internal Validate method) and compute the hashes of your certificate in order to compare them to known values with a couple of lines of code.
精彩评论