How can I convert a BouncyCastle X509Certificate t

Is there any way to convert a Org.BouncyCastle.X509.X509Certificate to System.Security.Cryptography.X509Certificates.X509Certificate2?

The inverse operation is easy, combining Org.BouncyCastle.X509.X509CertificateParser with System.Security.Cryptography.X509Certificates.X509Certificate2.Export().

标签： c# .net itextsharp bouncycastle

3条回答

霸刀☆藐视天下

2楼-- · 2019-03-31 03:35

Easy!!

using B = Org.BouncyCastle.X509; //Bouncy certificates
using W = System.Security.Cryptography.X509Certificates;

W.X509Certificate2 certificate = new W.X509Certificate2();
certificate.Import(pdfCertificate.GetEncoded());

And now I can validate certificate chain in the server:

W.X509Chain ch = new W.X509Chain();
ch.ChainPolicy.RevocationMode = W.X509RevocationMode.NoCheck;
if (!ch.Build(certificate))
   res |= ErroresValidacion.CAInvalida;

Useful to validate pdf certifcates extracted with iTextSharp.

0人赞添加讨论(0) 举报

淡お忘

3楼-- · 2019-03-31 03:35

From https://github.com/dotnet/corefx/wiki/ApiCompat :

Most users of X509Certificate and X509Certificate2 objects assume that the object is immutable except for the Reset()/Dispose() methods, the use of Import violates this assumption.

In other words, trying to use import throws an exception in .net core. You should now use:

new X509Certificate(cert.GetEncoded());

but, according to the .net API analyzer (https://docs.microsoft.com/en-us/dotnet/standard/analyzers/api-analyzer),

warning PC001: X509Certificate2.X509Certificate2(byte[]) isn't supported on macOS

0人赞添加讨论(0) 举报

叛逆

4楼-- · 2019-03-31 03:58

I guess that is the best answer:

var cert = pdf.Certificates[0];//Org.BouncyCastle.X509.X509Certificate
        var cert50 = new X509Certificate();
        cert50.Import(cert.GetEncoded());

0人赞添加讨论(0) 举报

How can I convert a BouncyCastle X509Certificate t

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间