在 C# 的 BouncyCastle 库中通过 x509Crl.IsRevoked() 方法检查证书?
Checking certificate by x509Crl.IsRevoked() method in BouncyCastle library in C#?
我正在尝试使用吊销列表(crl 文件)检查证书。在 BouncyCustle 库中有一个方法 x509Crl.IsRevoked()
,应该用于此。关键是它获取 x509Certificate
对象作为参数,但我不明白如何创建这个 x509Certificate
对象。
我使用 DotNetUtilities.FromX509Certificate()
从 System.Security.Cryptography.X509Certificates.x509Certificate2
对象转换为 Org.BouncyCastle.X509.X509Certificate
对象,但我遇到了问题 - 方法 IsRevoked()
总是 returns true
- 对于所有crl 我测试过了。
问题:如何直接从二进制创建 Org.BouncyCastle.X509.X509Certificate
对象而不从 System.Security.Cryptography.X509Certificates.x509Certificate2
转换?
我用它的 crl 文件检查证书的代码:
static public void RevocationChecker(string certPath, string crlPath)
{
X509Certificate2 cert = new X509Certificate2();
cert.Import(File.ReadAllBytes(certPath));
Org.BouncyCastle.X509.X509Certificate bouncyCert = DotNetUtilities.FromX509Certificate(cert);
X509CrlParser crlParser = new X509CrlParser();
X509Crl crl = crlParser.ReadCrl(File.ReadAllBytes(crlPath));
bool rezult = crl.IsRevoked(bouncyCert);
Console.WriteLine(rezult);
}
试一试:
System.Security.Cryptography.X509Certificates.X509Certificate cert = new System.Security
.Cryptography.X509Certificates.X509Certificate(File.ReadAllBytes(certPath));`
Org.BouncyCastle.X509.X509Certificate bouncyCert = new Org.BouncyCastle.X509
.X509CertificateParser().ReadCertificate(cert.GetRawCertData());
我正在尝试使用吊销列表(crl 文件)检查证书。在 BouncyCustle 库中有一个方法 x509Crl.IsRevoked()
,应该用于此。关键是它获取 x509Certificate
对象作为参数,但我不明白如何创建这个 x509Certificate
对象。
我使用 DotNetUtilities.FromX509Certificate()
从 System.Security.Cryptography.X509Certificates.x509Certificate2
对象转换为 Org.BouncyCastle.X509.X509Certificate
对象,但我遇到了问题 - 方法 IsRevoked()
总是 returns true
- 对于所有crl 我测试过了。
问题:如何直接从二进制创建 Org.BouncyCastle.X509.X509Certificate
对象而不从 System.Security.Cryptography.X509Certificates.x509Certificate2
转换?
我用它的 crl 文件检查证书的代码:
static public void RevocationChecker(string certPath, string crlPath)
{
X509Certificate2 cert = new X509Certificate2();
cert.Import(File.ReadAllBytes(certPath));
Org.BouncyCastle.X509.X509Certificate bouncyCert = DotNetUtilities.FromX509Certificate(cert);
X509CrlParser crlParser = new X509CrlParser();
X509Crl crl = crlParser.ReadCrl(File.ReadAllBytes(crlPath));
bool rezult = crl.IsRevoked(bouncyCert);
Console.WriteLine(rezult);
}
试一试:
System.Security.Cryptography.X509Certificates.X509Certificate cert = new System.Security
.Cryptography.X509Certificates.X509Certificate(File.ReadAllBytes(certPath));`
Org.BouncyCastle.X509.X509Certificate bouncyCert = new Org.BouncyCastle.X509
.X509CertificateParser().ReadCertificate(cert.GetRawCertData());