有什麼辦法可以將Org.BouncyCastle.X509.X509Certificate轉換成System.Security.Cryptography.X509Certificates.X509Certificate2?如何將BouncyCastle X509Certificate轉換爲X509Certificate2?
反向操作很簡單,結合Org.BouncyCastle.X509.X509CertificateParser與 System.Security.Cryptography.X509Certificates.X509Certificate2.Export()。
簡單!!
using B = Org.BouncyCastle.X509; //Bouncy certificates
using W = System.Security.Cryptography.X509Certificates;
W.X509Certificate2 certificate = new W.X509Certificate2();
certificate.Import(pdfCertificate.GetEncoded());
現在我可以在服務器驗證證書鏈:
W.X509Chain ch = new W.X509Chain();
ch.ChainPolicy.RevocationMode = W.X509RevocationMode.NoCheck;
if (!ch.Build(certificate))
res |= ErroresValidacion.CAInvalida;
可用來驗證與iTextSharp的提取PDF榮譽證書。
我想這是最好的答案:
var cert = pdf.Certificates[0];//Org.BouncyCastle.X509.X509Certificate
var cert50 = new X509Certificate();
cert50.Import(cert.GetEncoded());
從https://github.com/dotnet/corefx/wiki/ApiCompat:
大多數x509證書和X509Certificate2對象的用戶認爲 對象是除復位()不可改變/處置()方法,使用Import的 違反了這個假設。
換句話說,嘗試使用import會在.net core中引發異常。您現在應該使用:
new X509Certificate(cert.GetEncoded());
但是,根據.NET API分析儀(https://docs.microsoft.com/en-us/dotnet/standard/analyzers/api-analyzer),
警告PC001:X509Certificate2.X509Certificate2(字節[])不支持在MacOS
這太奇怪了... OP要求將*轉換爲X509Certificate2 *的方法,但是轉換爲*「X509Certificate」*。並且糾正這一點,所有這些仍然是kaptux公認的答案中已經說過的。 – mkl