I am using RSACryptoServiceProvider for security.
I built the code using a self signed certificate for testing purposes. not user has provided us with the actual thumbprint. I was expecting to get a certificate instead ? how do i use the Thumbprint ?
here is the code:
/// Builds Authorization in using self signed certificate
/// </summary>
/// <returns></returns>
private string BuildAuthorization()
{
X509Certificate2 cert = GetCertificate();
RSACryptoServiceProvider provideEncryptor = (RSACryptoServiceProvider)cert.PublicKey.Key;
string authorizaionValue = string.Format("{0}:{1}:{2}", _userName,_password, _currentTime);
byte[] encryptedData = provideEncryptor.Encrypt(Encoding.UTF8.GetBytes(authorizaionValue), false);
string encryptedString = Convert.ToBase64String(encryptedData);
return encryptedString;
}
/// <summary>
/// creates a self signed certificate
/// </summary>
/// <returns></returns>
private X509Certificate2 GetCertificate()
{
X509Store store = new X509Store(StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
X509Certificate2 cert = null;
string certName = ConfigurationManager.AppSettings["CertName"];
foreach (var c in store.Certificates)
{
if (c.Subject.Equals(certName, StringComparison.OrdinalIgnoreCase))
{
cert = c;
break;
}
}
store.Close();
return cert;
}
the thumbprint provided is something like :
87aa7f6********************9b2d95093a6
A thumbprint is just an identifier of a certificate, usually an MD5 or SHA1 hash of the certificate.
You cannot really do anything with the thumbprint itself, think of it as an ID of a record in a database. You will need to sure, but what I suspect the intention is they are giving your the thumbprint of a certificate that is in the certificate store. This StackOverflow question provides information on how to load a certificate from the certificate store by thumbprint.