C # decryption with X.509 certificate without private key

Question

C # decryption with X.509 certificate without private key

The client encrypts the message using an X.509 certificate and sends the encrypted message to my web server. The client provided an X.509 certificate without a private key (exported as DER-encoded X.509 binary (.cer)). Now my task is to decrypt the message using the X.509 certificate that I have.

Whenever I try to decrypt a message, I get a "Private key does not exist" exception, which is expected because the certificate does not contain a private key. Is it possible to decrypt a message using an x.509 certificate without a private key?

Secondly, if the client provides the password separately for the certificate, I can create an instance of X509Certificate2 and use it to decrypt the message, for example:

X509Certificate2 c = new X509Certificate2("filename", "password");

+4

c # cryptography encryption x509certificate2 private-key

Amey 21 sept '15 at 17:42

source share

1 answer

tarun713 · Accepted Answer · 2015-09-21T18:23:41+0000

To decrypt the message, you will need a secret key. For example, you can ask your client to provide you with a .pfx file that contains the private key, however this is a little back, as usual, with asymmetric encryption, the sender (your client) should encrypt the message with the recipient (your) public key, which you decrypt with recipient’s private key (yours). Thus, the private key is not divided into several parties, which reduces the likelihood of its compromise. The whole idea of a private key is that it is private - only the owner of the key receives it.

. , . , . , , .

2: , , , , , . , , , .

C # decryption with X.509 certificate without private key

More articles: