在 C# 的 BouncyCastle 库中通过 x509Crl.IsRevoked() 方法检查证书?

Checking certificate by x509Crl.IsRevoked() method in BouncyCastle library in C#?

我正在尝试使用吊销列表(crl 文件)检查证书。在 BouncyCustle 库中有一个方法 x509Crl.IsRevoked(),应该用于此。关键是它获取 x509Certificate 对象作为参数,但我不明白如何创建这个 x509Certificate 对象。 我使用 DotNetUtilities.FromX509Certificate()System.Security.Cryptography.X509Certificates.x509Certificate2 对象转换为 Org.BouncyCastle.X509.X509Certificate 对象,但我遇到了问题 - 方法 IsRevoked() 总是 returns true - 对于所有crl 我测试过了。

问题:如何直接从二进制创建 Org.BouncyCastle.X509.X509Certificate 对象而不从 System.Security.Cryptography.X509Certificates.x509Certificate2 转换?

我用它的 crl 文件检查证书的代码:

static public void RevocationChecker(string certPath, string crlPath)
    {
        X509Certificate2 cert = new X509Certificate2();
        cert.Import(File.ReadAllBytes(certPath));
        Org.BouncyCastle.X509.X509Certificate bouncyCert = DotNetUtilities.FromX509Certificate(cert);

        X509CrlParser crlParser = new X509CrlParser();
        X509Crl crl = crlParser.ReadCrl(File.ReadAllBytes(crlPath));

        bool rezult = crl.IsRevoked(bouncyCert);
        Console.WriteLine(rezult);
    }

试一试:

System.Security.Cryptography.X509Certificates.X509Certificate cert = new System.Security
.Cryptography.X509Certificates.X509Certificate(File.ReadAllBytes(certPath));`    

Org.BouncyCastle.X509.X509Certificate bouncyCert = new Org.BouncyCastle.X509
.X509CertificateParser().ReadCertificate(cert.GetRawCertData());