如何将BouncyCastle X509Certificate转换为X509Certificate2?
有没有办法将Org.BouncyCastle.X509.X509Certificate转换为System.Security.Cryptography.X509Certificates.X509Certificate2 ?
逆操作很简单,将Org.BouncyCastle.X509.X509CertificateParser与System.Security.Cryptography.X509Certificates.X509Certificate2.Export()相结合。
简单!!
using B = Org.BouncyCastle.X509; //Bouncy certificates using W = System.Security.Cryptography.X509Certificates; W.X509Certificate2 certificate = new W.X509Certificate2(); certificate.Import(pdfCertificate.GetEncoded());
现在我可以validation服务器中的证书链:
W.X509Chain ch = new W.X509Chain(); ch.ChainPolicy.RevocationMode = W.X509RevocationMode.NoCheck; if (!ch.Build(certificate)) res |= ErroresValidacion.CAInvalida;
用于validation使用iTextSharp提取的pdf证书。
我猜这是最好的答案:
var cert = pdf.Certificates[0];//Org.BouncyCastle.X509.X509Certificate var cert50 = new X509Certificate(); cert50.Import(cert.GetEncoded());
来自https://github.com/dotnet/corefx/wiki/ApiCompat :
X509Certificate和X509Certificate2对象的大多数用户都认为该对象是不可变的,除了Reset()/ Dispose()方法,使用Import违反了这个假设。
换句话说,尝试使用import会在.net核心中引发exception。 你现在应该使用:
new X509Certificate(cert.GetEncoded());
但是,根据.net API分析器( https://docs.microsoft.com/en-us/dotnet/standard/analyzers/api-analyzer ),
警告PC001:XOS9Certificate2.X509Certificate2(byte [])不支持macOS