1

我正在尝试使用其吊销列表(crl 文件)检查证书。在 BouncyCustle 库中有一个方法x509Crl.IsRevoked(),应该用于此目的。关键是它获取x509Certificate对象作为参数,但我不明白如何创建这个x509Certificate对象。我用于DotNetUtilities.FromX509Certificate()System.Security.Cryptography.X509Certificates.x509Certificate2对象转换为Org.BouncyCastle.X509.X509Certificate对象,但我遇到了问题 - 方法IsRevoked()总是返回true- 对于我测试的所有 crl。

问题:如何Org.BouncyCastle.X509.X509Certificate直接从二进制创建对象而不转换 from System.Security.Cryptography.X509Certificates.x509Certificate2

我用它的 crl 文件检查证书的代码:

static public void RevocationChecker(string certPath, string crlPath)
    {
        X509Certificate2 cert = new X509Certificate2();
        cert.Import(File.ReadAllBytes(certPath));
        Org.BouncyCastle.X509.X509Certificate bouncyCert = DotNetUtilities.FromX509Certificate(cert);

        X509CrlParser crlParser = new X509CrlParser();
        X509Crl crl = crlParser.ReadCrl(File.ReadAllBytes(crlPath));

        bool rezult = crl.IsRevoked(bouncyCert);
        Console.WriteLine(rezult);
    }
4

1 回答 1

1

试一试:

System.Security.Cryptography.X509Certificates.X509Certificate cert = new System.Security
.Cryptography.X509Certificates.X509Certificate(File.ReadAllBytes(certPath));`    

Org.BouncyCastle.X509.X509Certificate bouncyCert = new Org.BouncyCastle.X509
.X509CertificateParser().ReadCertificate(cert.GetRawCertData());
于 2018-07-09T19:00:06.153 回答