本文介绍了使用Bouncy Castle c#创建CRL文件的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我已经用Bouncy Castle构建了自己的根CA证书,并且正在使用它来构建其他证书。我想使用Bouncy Castle C#构建一个证书吊销列表(CRL)以包括已吊销的证书列表。示例:
I've build my own root CA certificate with Bouncy Castle, and I'm using it to build other certificates. I want to build a Certificate Revocation List (CRL) to include the list of revoqued certificates, using Bouncy Castle C#. Example:
//Retrieve CA root certificate
X509Store CAstore = new X509Store(StoreName.Root, StoreLocation.CurrentUser);
CAstore.Open(OpenFlags.ReadWrite | OpenFlags.OpenExistingOnly);
X509Certificate2Collection x509Certificate2Collection =
CAstore.Certificates.Find(X509FindType.FindBySerialNumber,
this.textBoxSerialCA.Text, true);
X509Certificate2 cert = x509Certificate2Collection[0];
var certCA = DotNetUtilities.FromX509Certificate(cert);
CAstore.Close();
X509V2CrlGenerator crlGen = new X509V2CrlGenerator();
crlGen.SetIssuerDN(certCA.IssuerDN);
crlGen.SetThisUpdate(DateTime.Now);
crlGen.SetNextUpdate(DateTime.Now.AddYears(1));
crlGen.SetSignatureAlgorithm("SHA1withRSA");
crlGen.AddCrlEntry(BigInteger.One, DateTime.Now, CrlReason.PrivilegeWithdrawn);
crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier,
false,
new AuthorityKeyIdentifierStructure(certCA));
crlGen.AddExtension(X509Extensions.CrlNumber,
false,
new CrlNumber(BigInteger.One));
var randomGenerator = new CryptoApiRandomGenerator();
var random = new SecureRandom(randomGenerator);
var Akp = Org.BouncyCastle.Security.DotNetUtilities.GetKeyPair(cert.PrivateKey).Private;
X509Crl crlTemp = crlGen.Generate(Akp,random);
在这一点上一切正常。如何将X509Crl对象保存到.crl文件?
All is OK until this point. How can I save the X509Crl object into a .crl file?
最诚挚的问候。
推荐答案
这个答案来得很晚,但是您可以使用Bouncy Castle中的 PemWriter
类来写入PEM文件。
This answer comes quite late, but you can use the PemWriter
class in Bouncy Castle to write to a PEM file.
PemWriter pemWriter = new PemWriter(new StreamWriter(File.Open(fileName, FileMode.Create)));
pemWriter.WriteObject(crlTemp);
pemWriter.Writer.Flush();
pemWriter.Writer.Close();
这篇关于使用Bouncy Castle c#创建CRL文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!