summary refs log tree commit diff
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2022-06-27 12:36:37 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2022-06-27 12:36:37 +0700
commit3176c087b90511375c9bbd90cc5a4b5ed7857c35 (patch)
tree8bbe7bb81547c2e9afc719f6fdbcf258698c226c
parentGenerics migration work (diff)
downloadBouncyCastle.NET-ed25519-3176c087b90511375c9bbd90cc5a4b5ed7857c35.tar.xz
Generics migration in Pkcs
Diffstat (limited to '')
-rw-r--r--crypto/src/pkcs/AsymmetricKeyEntry.cs15
-rw-r--r--crypto/src/pkcs/Pkcs10CertificationRequest.cs221
-rw-r--r--crypto/src/pkcs/Pkcs10CertificationRequestDelaySigned.cs23
-rw-r--r--crypto/src/pkcs/Pkcs12Entry.cs33
-rw-r--r--crypto/src/pkcs/Pkcs12Store.cs555
-rw-r--r--crypto/src/pkcs/X509CertificateEntry.cs14
-rw-r--r--crypto/src/util/collections/CollectionUtilities.cs9
7 files changed, 346 insertions, 524 deletions
diff --git a/crypto/src/pkcs/AsymmetricKeyEntry.cs b/crypto/src/pkcs/AsymmetricKeyEntry.cs
index 8158bc9fc..4d9a63ce1 100644
--- a/crypto/src/pkcs/AsymmetricKeyEntry.cs
+++ b/crypto/src/pkcs/AsymmetricKeyEntry.cs
@@ -1,8 +1,7 @@
-using System;
-using System.Collections;
+using System.Collections.Generic;
 
+using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Pkcs
 {
@@ -11,16 +10,14 @@ namespace Org.BouncyCastle.Pkcs
     {
         private readonly AsymmetricKeyParameter key;
 
-		public AsymmetricKeyEntry(
-            AsymmetricKeyParameter key)
-			: base(Platform.CreateHashtable())
+		public AsymmetricKeyEntry(AsymmetricKeyParameter key)
+			: base(new Dictionary<DerObjectIdentifier, Asn1Encodable>())
         {
             this.key = key;
         }
 
-        public AsymmetricKeyEntry(
-            AsymmetricKeyParameter  key,
-            IDictionary             attributes)
+        public AsymmetricKeyEntry(AsymmetricKeyParameter key,
+			IDictionary<DerObjectIdentifier, Asn1Encodable> attributes)
 			: base(attributes)
         {
             this.key = key;
diff --git a/crypto/src/pkcs/Pkcs10CertificationRequest.cs b/crypto/src/pkcs/Pkcs10CertificationRequest.cs
index be956c6cd..b4afceed9 100644
--- a/crypto/src/pkcs/Pkcs10CertificationRequest.cs
+++ b/crypto/src/pkcs/Pkcs10CertificationRequest.cs
@@ -1,5 +1,4 @@
 using System;
-using System.Collections;
 using System.Collections.Generic;
 using System.IO;
 
@@ -47,147 +46,151 @@ namespace Org.BouncyCastle.Pkcs
     public class Pkcs10CertificationRequest
         : CertificationRequest
     {
-        protected static readonly IDictionary algorithms = Platform.CreateHashtable();
-        protected static readonly IDictionary exParams = Platform.CreateHashtable();
-        protected static readonly IDictionary keyAlgorithms = Platform.CreateHashtable();
-        protected static readonly IDictionary oids = Platform.CreateHashtable();
-        protected static readonly HashSet<DerObjectIdentifier> noParams = new HashSet<DerObjectIdentifier>();
+        internal static readonly Dictionary<string, DerObjectIdentifier> m_algorithms =
+            new Dictionary<string, DerObjectIdentifier>(StringComparer.OrdinalIgnoreCase);
+        internal static readonly Dictionary<string, Asn1Encodable> m_exParams =
+            new Dictionary<string, Asn1Encodable>(StringComparer.OrdinalIgnoreCase);
+        internal static readonly Dictionary<DerObjectIdentifier, string> m_keyAlgorithms =
+            new Dictionary<DerObjectIdentifier, string>();
+        internal static readonly Dictionary<DerObjectIdentifier, string> m_oids =
+            new Dictionary<DerObjectIdentifier, string>();
+        internal static readonly HashSet<DerObjectIdentifier> m_noParams = new HashSet<DerObjectIdentifier>();
 
         static Pkcs10CertificationRequest()
         {
-            algorithms.Add("MD2WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD2WithRsaEncryption);
-            algorithms.Add("MD2WITHRSA", PkcsObjectIdentifiers.MD2WithRsaEncryption);
-            algorithms.Add("MD5WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD5WithRsaEncryption);
-            algorithms.Add("MD5WITHRSA", PkcsObjectIdentifiers.MD5WithRsaEncryption);
-            algorithms.Add("RSAWITHMD5", PkcsObjectIdentifiers.MD5WithRsaEncryption);
-            algorithms.Add("SHA1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
-            algorithms.Add("SHA-1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
-            algorithms.Add("SHA1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
-            algorithms.Add("SHA-1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
-            algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
-            algorithms.Add("SHA-224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
-            algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
-            algorithms.Add("SHA-224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
-            algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
-            algorithms.Add("SHA-256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
-            algorithms.Add("SHA256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
-            algorithms.Add("SHA-256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
-            algorithms.Add("SHA384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
-            algorithms.Add("SHA-384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
-            algorithms.Add("SHA384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
-            algorithms.Add("SHA-384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
-            algorithms.Add("SHA512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
-            algorithms.Add("SHA-512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
-            algorithms.Add("SHA512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
-            algorithms.Add("SHA-512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
-            algorithms.Add("SHA512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
-            algorithms.Add("SHA-512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
-            algorithms.Add("SHA512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
-            algorithms.Add("SHA-512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
-            algorithms.Add("SHA512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
-            algorithms.Add("SHA-512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
-            algorithms.Add("SHA512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
-            algorithms.Add("SHA-512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
-            algorithms.Add("SHA1WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
-            algorithms.Add("SHA224WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
-            algorithms.Add("SHA256WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
-            algorithms.Add("SHA384WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
-            algorithms.Add("SHA512WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
-            algorithms.Add("RSAWITHSHA1", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
-            algorithms.Add("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
-            algorithms.Add("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
-            algorithms.Add("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
-            algorithms.Add("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
-            algorithms.Add("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
-            algorithms.Add("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
-            algorithms.Add("SHA1WITHDSA", X9ObjectIdentifiers.IdDsaWithSha1);
-            algorithms.Add("DSAWITHSHA1", X9ObjectIdentifiers.IdDsaWithSha1);
-            algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224);
-            algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256);
-            algorithms.Add("SHA384WITHDSA", NistObjectIdentifiers.DsaWithSha384);
-            algorithms.Add("SHA512WITHDSA", NistObjectIdentifiers.DsaWithSha512);
-            algorithms.Add("SHA1WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha1);
-            algorithms.Add("SHA224WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha224);
-            algorithms.Add("SHA256WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha256);
-            algorithms.Add("SHA384WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha384);
-            algorithms.Add("SHA512WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha512);
-            algorithms.Add("ECDSAWITHSHA1", X9ObjectIdentifiers.ECDsaWithSha1);
-            algorithms.Add("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
-            algorithms.Add("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
-            algorithms.Add("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
-            algorithms.Add("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
-            algorithms.Add("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+            m_algorithms.Add("MD2WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD2WithRsaEncryption);
+            m_algorithms.Add("MD2WITHRSA", PkcsObjectIdentifiers.MD2WithRsaEncryption);
+            m_algorithms.Add("MD5WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD5WithRsaEncryption);
+            m_algorithms.Add("MD5WITHRSA", PkcsObjectIdentifiers.MD5WithRsaEncryption);
+            m_algorithms.Add("RSAWITHMD5", PkcsObjectIdentifiers.MD5WithRsaEncryption);
+            m_algorithms.Add("SHA1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+            m_algorithms.Add("SHA-1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+            m_algorithms.Add("SHA1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+            m_algorithms.Add("SHA-1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+            m_algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+            m_algorithms.Add("SHA-224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+            m_algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+            m_algorithms.Add("SHA-224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+            m_algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+            m_algorithms.Add("SHA-256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+            m_algorithms.Add("SHA256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+            m_algorithms.Add("SHA-256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+            m_algorithms.Add("SHA384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+            m_algorithms.Add("SHA-384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+            m_algorithms.Add("SHA384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+            m_algorithms.Add("SHA-384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+            m_algorithms.Add("SHA512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+            m_algorithms.Add("SHA-512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+            m_algorithms.Add("SHA512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+            m_algorithms.Add("SHA-512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+            m_algorithms.Add("SHA512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
+            m_algorithms.Add("SHA-512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
+            m_algorithms.Add("SHA512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
+            m_algorithms.Add("SHA-512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
+            m_algorithms.Add("SHA512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
+            m_algorithms.Add("SHA-512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
+            m_algorithms.Add("SHA512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
+            m_algorithms.Add("SHA-512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
+            m_algorithms.Add("SHA1WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+            m_algorithms.Add("SHA224WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+            m_algorithms.Add("SHA256WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+            m_algorithms.Add("SHA384WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+            m_algorithms.Add("SHA512WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+            m_algorithms.Add("RSAWITHSHA1", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+            m_algorithms.Add("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
+            m_algorithms.Add("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
+            m_algorithms.Add("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
+            m_algorithms.Add("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
+            m_algorithms.Add("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
+            m_algorithms.Add("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
+            m_algorithms.Add("SHA1WITHDSA", X9ObjectIdentifiers.IdDsaWithSha1);
+            m_algorithms.Add("DSAWITHSHA1", X9ObjectIdentifiers.IdDsaWithSha1);
+            m_algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224);
+            m_algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256);
+            m_algorithms.Add("SHA384WITHDSA", NistObjectIdentifiers.DsaWithSha384);
+            m_algorithms.Add("SHA512WITHDSA", NistObjectIdentifiers.DsaWithSha512);
+            m_algorithms.Add("SHA1WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha1);
+            m_algorithms.Add("SHA224WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha224);
+            m_algorithms.Add("SHA256WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha256);
+            m_algorithms.Add("SHA384WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha384);
+            m_algorithms.Add("SHA512WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha512);
+            m_algorithms.Add("ECDSAWITHSHA1", X9ObjectIdentifiers.ECDsaWithSha1);
+            m_algorithms.Add("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+            m_algorithms.Add("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+            m_algorithms.Add("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+            m_algorithms.Add("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+            m_algorithms.Add("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
 
             //
             // reverse mappings
             //
-            oids.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1WITHRSA");
-            oids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224WITHRSA");
-            oids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256WITHRSA");
-            oids.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384WITHRSA");
-            oids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512WITHRSA");
-            oids.Add(PkcsObjectIdentifiers.Sha512_224WithRSAEncryption, "SHA512(224)WITHRSA");
-            oids.Add(PkcsObjectIdentifiers.Sha512_256WithRSAEncryption, "SHA512(256)WITHRSA");
-            oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, "GOST3411WITHGOST3410");
-            oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001, "GOST3411WITHECGOST3410");
-
-            oids.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5WITHRSA");
-            oids.Add(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2WITHRSA");
-            oids.Add(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1WITHDSA");
-            oids.Add(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1WITHECDSA");
-            oids.Add(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224WITHECDSA");
-            oids.Add(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256WITHECDSA");
-            oids.Add(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384WITHECDSA");
-            oids.Add(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512WITHECDSA");
-            oids.Add(OiwObjectIdentifiers.MD5WithRsa, "MD5WITHRSA");
-            oids.Add(OiwObjectIdentifiers.Sha1WithRsa, "SHA1WITHRSA");
-            oids.Add(OiwObjectIdentifiers.DsaWithSha1, "SHA1WITHDSA");
-            oids.Add(NistObjectIdentifiers.DsaWithSha224, "SHA224WITHDSA");
-            oids.Add(NistObjectIdentifiers.DsaWithSha256, "SHA256WITHDSA");
+            m_oids.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1WITHRSA");
+            m_oids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224WITHRSA");
+            m_oids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256WITHRSA");
+            m_oids.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384WITHRSA");
+            m_oids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512WITHRSA");
+            m_oids.Add(PkcsObjectIdentifiers.Sha512_224WithRSAEncryption, "SHA512(224)WITHRSA");
+            m_oids.Add(PkcsObjectIdentifiers.Sha512_256WithRSAEncryption, "SHA512(256)WITHRSA");
+            m_oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, "GOST3411WITHGOST3410");
+            m_oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001, "GOST3411WITHECGOST3410");
+
+            m_oids.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5WITHRSA");
+            m_oids.Add(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2WITHRSA");
+            m_oids.Add(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1WITHDSA");
+            m_oids.Add(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1WITHECDSA");
+            m_oids.Add(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224WITHECDSA");
+            m_oids.Add(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256WITHECDSA");
+            m_oids.Add(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384WITHECDSA");
+            m_oids.Add(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512WITHECDSA");
+            m_oids.Add(OiwObjectIdentifiers.MD5WithRsa, "MD5WITHRSA");
+            m_oids.Add(OiwObjectIdentifiers.Sha1WithRsa, "SHA1WITHRSA");
+            m_oids.Add(OiwObjectIdentifiers.DsaWithSha1, "SHA1WITHDSA");
+            m_oids.Add(NistObjectIdentifiers.DsaWithSha224, "SHA224WITHDSA");
+            m_oids.Add(NistObjectIdentifiers.DsaWithSha256, "SHA256WITHDSA");
 
             //
             // key types
             //
-            keyAlgorithms.Add(PkcsObjectIdentifiers.RsaEncryption, "RSA");
-            keyAlgorithms.Add(X9ObjectIdentifiers.IdDsa, "DSA");
+            m_keyAlgorithms.Add(PkcsObjectIdentifiers.RsaEncryption, "RSA");
+            m_keyAlgorithms.Add(X9ObjectIdentifiers.IdDsa, "DSA");
 
             //
             // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
             // The parameters field SHALL be NULL for RSA based signature algorithms.
             //
-            noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1);
-            noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224);
-            noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256);
-            noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384);
-            noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512);
-            noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1);
-            noParams.Add(OiwObjectIdentifiers.DsaWithSha1);
-            noParams.Add(NistObjectIdentifiers.DsaWithSha224);
-            noParams.Add(NistObjectIdentifiers.DsaWithSha256);
+            m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1);
+            m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224);
+            m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256);
+            m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384);
+            m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512);
+            m_noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1);
+            m_noParams.Add(OiwObjectIdentifiers.DsaWithSha1);
+            m_noParams.Add(NistObjectIdentifiers.DsaWithSha224);
+            m_noParams.Add(NistObjectIdentifiers.DsaWithSha256);
 
             //
             // RFC 4491
             //
-            noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
-            noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+            m_noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+            m_noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
 
             //
             // explicit params
             //
             AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance);
-            exParams.Add("SHA1WITHRSAANDMGF1", CreatePssParams(sha1AlgId, 20));
+            m_exParams.Add("SHA1WITHRSAANDMGF1", CreatePssParams(sha1AlgId, 20));
 
             AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance);
-            exParams.Add("SHA224WITHRSAANDMGF1", CreatePssParams(sha224AlgId, 28));
+            m_exParams.Add("SHA224WITHRSAANDMGF1", CreatePssParams(sha224AlgId, 28));
 
             AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance);
-            exParams.Add("SHA256WITHRSAANDMGF1", CreatePssParams(sha256AlgId, 32));
+            m_exParams.Add("SHA256WITHRSAANDMGF1", CreatePssParams(sha256AlgId, 32));
 
             AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance);
-            exParams.Add("SHA384WITHRSAANDMGF1", CreatePssParams(sha384AlgId, 48));
+            m_exParams.Add("SHA384WITHRSAANDMGF1", CreatePssParams(sha384AlgId, 48));
 
             AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance);
-            exParams.Add("SHA512WITHRSAANDMGF1", CreatePssParams(sha512AlgId, 64));
+            m_exParams.Add("SHA512WITHRSAANDMGF1", CreatePssParams(sha512AlgId, 64));
         }
 
         private static RsassaPssParameters CreatePssParams(
diff --git a/crypto/src/pkcs/Pkcs10CertificationRequestDelaySigned.cs b/crypto/src/pkcs/Pkcs10CertificationRequestDelaySigned.cs
index ecbb4ab62..e3a710f37 100644
--- a/crypto/src/pkcs/Pkcs10CertificationRequestDelaySigned.cs
+++ b/crypto/src/pkcs/Pkcs10CertificationRequestDelaySigned.cs
@@ -1,19 +1,10 @@
 using System;
-using System.Collections;
-using System.Globalization;
 using System.IO;
 
 using Org.BouncyCastle.Asn1;
-using Org.BouncyCastle.Asn1.CryptoPro;
-using Org.BouncyCastle.Asn1.Nist;
-using Org.BouncyCastle.Asn1.Oiw;
 using Org.BouncyCastle.Asn1.Pkcs;
-using Org.BouncyCastle.Asn1.TeleTrust;
 using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Asn1.X9;
 using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Security;
-using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.Utilities.Collections;
 using Org.BouncyCastle.X509;
 
@@ -103,27 +94,26 @@ namespace Org.BouncyCastle.Pkcs
 				throw new ArgumentNullException("publicKey");
 			if (publicKey.IsPrivate)
 				throw new ArgumentException("expected public key", "publicKey");
-//			DerObjectIdentifier sigOid = SignerUtilities.GetObjectIdentifier(signatureAlgorithm);
-			string algorithmName = Platform.ToUpperInvariant(signatureAlgorithm);
-			DerObjectIdentifier sigOid = (DerObjectIdentifier) algorithms[algorithmName];
+
+			DerObjectIdentifier sigOid = CollectionUtilities.GetValueOrNull(m_algorithms, signatureAlgorithm);
 			if (sigOid == null)
 			{
 				try
 				{
-					sigOid = new DerObjectIdentifier(algorithmName);
+					sigOid = new DerObjectIdentifier(signatureAlgorithm);
 				}
 				catch (Exception e)
 				{
 					throw new ArgumentException("Unknown signature type requested", e);
 				}
 			}
-			if (noParams.Contains(sigOid))
+			if (m_noParams.Contains(sigOid))
 			{
 				this.sigAlgId = new AlgorithmIdentifier(sigOid);
 			}
-			else if (exParams.Contains(algorithmName))
+			else if (m_exParams.TryGetValue(signatureAlgorithm, out var explicitParameters))
 			{
-				this.sigAlgId = new AlgorithmIdentifier(sigOid, (Asn1Encodable) exParams[algorithmName]);
+				this.sigAlgId = new AlgorithmIdentifier(sigOid, explicitParameters);
 			}
 			else
 			{
@@ -132,6 +122,7 @@ namespace Org.BouncyCastle.Pkcs
 			SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
 			this.reqInfo = new CertificationRequestInfo(subject, pubInfo, attributes);
 		}
+
 		public byte[] GetDataToSign()
 		{
 			return reqInfo.GetDerEncoded();
diff --git a/crypto/src/pkcs/Pkcs12Entry.cs b/crypto/src/pkcs/Pkcs12Entry.cs
index 6546f9eee..2d3cfd4e5 100644
--- a/crypto/src/pkcs/Pkcs12Entry.cs
+++ b/crypto/src/pkcs/Pkcs12Entry.cs
@@ -1,5 +1,4 @@
-using System;
-using System.Collections;
+using System.Collections.Generic;
 
 using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Utilities.Collections;
@@ -8,37 +7,21 @@ namespace Org.BouncyCastle.Pkcs
 {
     public abstract class Pkcs12Entry
     {
-        private readonly IDictionary attributes;
+		private readonly IDictionary<DerObjectIdentifier, Asn1Encodable> m_attributes;
 
-		protected internal Pkcs12Entry(
-            IDictionary attributes)
+		protected internal Pkcs12Entry(IDictionary<DerObjectIdentifier, Asn1Encodable> attributes)
         {
-            this.attributes = attributes;
-
-			foreach (DictionaryEntry entry in attributes)
-			{
-				if (!(entry.Key is string))
-					throw new ArgumentException("Attribute keys must be of type: " + typeof(string).FullName, "attributes");
-				if (!(entry.Value is Asn1Encodable))
-					throw new ArgumentException("Attribute values must be of type: " + typeof(Asn1Encodable).FullName, "attributes");
-			}
+            m_attributes = attributes;
         }
 
-		public Asn1Encodable this[
-			DerObjectIdentifier oid]
-		{
-			get { return (Asn1Encodable) this.attributes[oid.Id]; }
-		}
-
-		public Asn1Encodable this[
-			string oid]
+		public Asn1Encodable this[DerObjectIdentifier oid]
 		{
-			get { return (Asn1Encodable) this.attributes[oid]; }
+			get { return CollectionUtilities.GetValueOrNull(m_attributes, oid); }
 		}
 
-		public IEnumerable BagAttributeKeys
+		public IEnumerable<DerObjectIdentifier> BagAttributeKeys
 		{
-			get { return new EnumerableProxy(this.attributes.Keys); }
+			get { return CollectionUtilities.Proxy(m_attributes.Keys); }
 		}
     }
 }
diff --git a/crypto/src/pkcs/Pkcs12Store.cs b/crypto/src/pkcs/Pkcs12Store.cs
index 7553088a2..f6e5c32e5 100644
--- a/crypto/src/pkcs/Pkcs12Store.cs
+++ b/crypto/src/pkcs/Pkcs12Store.cs
@@ -1,13 +1,11 @@
 using System;
-using System.Collections;
+using System.Collections.Generic;
 using System.IO;
-using System.Text;
 
 using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Oiw;
 using Org.BouncyCastle.Asn1.Pkcs;
 using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Asn1.Utilities;
 using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Security;
 using Org.BouncyCastle.Utilities;
@@ -21,23 +19,26 @@ namespace Org.BouncyCastle.Pkcs
     {
         public const string IgnoreUselessPasswordProperty = "Org.BouncyCastle.Pkcs12.IgnoreUselessPassword";
 
-        private readonly IgnoresCaseHashtable   keys = new IgnoresCaseHashtable();
-        private readonly IDictionary            localIds = Platform.CreateHashtable();
-        private readonly IgnoresCaseHashtable   certs = new IgnoresCaseHashtable();
-        private readonly IDictionary            chainCerts = Platform.CreateHashtable();
-        private readonly IDictionary            keyCerts = Platform.CreateHashtable();
-        private readonly DerObjectIdentifier    keyAlgorithm;
-        private readonly DerObjectIdentifier    keyPrfAlgorithm;
-        private readonly DerObjectIdentifier    certAlgorithm;
-        private readonly bool                   useDerEncoding;
+        private readonly Dictionary<string, AsymmetricKeyEntry> m_keys =
+            new Dictionary<string, AsymmetricKeyEntry>(StringComparer.OrdinalIgnoreCase);
+        private readonly Dictionary<string, string> m_localIds = new Dictionary<string, string>();
+        private readonly Dictionary<string, X509CertificateEntry> m_certs =
+            new Dictionary<string, X509CertificateEntry>(StringComparer.OrdinalIgnoreCase);
+        private readonly Dictionary<CertId, X509CertificateEntry> m_chainCerts =
+            new Dictionary<CertId, X509CertificateEntry>();
+        private readonly Dictionary<string, X509CertificateEntry> m_keyCerts =
+            new Dictionary<string, X509CertificateEntry>();
+        private readonly DerObjectIdentifier keyAlgorithm;
+        private readonly DerObjectIdentifier keyPrfAlgorithm;
+        private readonly DerObjectIdentifier certAlgorithm;
+        private readonly bool useDerEncoding;
 
         private AsymmetricKeyEntry unmarkedKeyEntry = null;
 
         private const int MinIterations = 1024;
         private const int SaltSize = 20;
 
-        private static SubjectKeyIdentifier CreateSubjectKeyID(
-            AsymmetricKeyParameter pubKey)
+        private static SubjectKeyIdentifier CreateSubjectKeyID(AsymmetricKeyParameter pubKey)
         {
             return new SubjectKeyIdentifier(
                 SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pubKey));
@@ -97,7 +98,7 @@ namespace Org.BouncyCastle.Pkcs
         {
             AsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(privKeyInfo);
 
-            IDictionary attributes = Platform.CreateHashtable();
+            var attributes = new Dictionary<DerObjectIdentifier, Asn1Encodable>();
             AsymmetricKeyEntry keyEntry = new AsymmetricKeyEntry(privKey, attributes);
 
             string alias = null;
@@ -118,22 +119,22 @@ namespace Org.BouncyCastle.Pkcs
 
                         // TODO We might want to "merge" attribute sets with
                         // the same OID - currently, differing values give an error
-                        if (attributes.Contains(aOid.Id))
+                        if (attributes.TryGetValue(aOid, out var attributeValue))
                         {
                             // OK, but the value has to be the same
-                            if (!attributes[aOid.Id].Equals(attr))
+                            if (!attributeValue.Equals(attr))
                                 throw new IOException("attempt to add existing attribute with different value");
                         }
                         else
                         {
-                            attributes.Add(aOid.Id, attr);
+                            attributes[aOid] = attr;
                         }
 
                         if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName))
                         {
                             alias = ((DerBmpString)attr).GetString();
                             // TODO Do these in a separate loop, just collect aliases here
-                            keys[alias] = keyEntry;
+                            m_keys[alias] = keyEntry;
                         }
                         else if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID))
                         {
@@ -149,12 +150,12 @@ namespace Org.BouncyCastle.Pkcs
 
                 if (alias == null)
                 {
-                    keys[name] = keyEntry;
+                    m_keys[name] = keyEntry;
                 }
                 else
                 {
                     // TODO There may have been more than one alias
-                    localIds[alias] = name;
+                    m_localIds[alias] = name;
                 }
             }
             else
@@ -175,9 +176,7 @@ namespace Org.BouncyCastle.Pkcs
             }
         }
 
-        public void Load(
-            Stream  input,
-            char[]  password)
+        public void Load(Stream input, char[] password)
         {
             if (input == null)
                 throw new ArgumentNullException("input");
@@ -227,11 +226,11 @@ namespace Org.BouncyCastle.Pkcs
                 }
             }
 
-            keys.Clear();
-            localIds.Clear();
+            m_keys.Clear();
+            m_localIds.Clear();
             unmarkedKeyEntry = null;
 
-            IList certBags = Platform.CreateArrayList();
+            var certBags = new List<SafeBag>();
 
             if (info.ContentType.Equals(PkcsObjectIdentifiers.Data))
             {
@@ -292,9 +291,9 @@ namespace Org.BouncyCastle.Pkcs
                 }
             }
 
-            certs.Clear();
-            chainCerts.Clear();
-            keyCerts.Clear();
+            m_certs.Clear();
+            m_chainCerts.Clear();
+            m_keyCerts.Clear();
 
             foreach (SafeBag b in certBags)
             {
@@ -305,7 +304,7 @@ namespace Org.BouncyCastle.Pkcs
                 //
                 // set the attributes
                 //
-                IDictionary attributes = Platform.CreateHashtable();
+                var attributes = new Dictionary<DerObjectIdentifier, Asn1Encodable>();
                 Asn1OctetString localId = null;
                 string alias = null;
 
@@ -323,27 +322,25 @@ namespace Org.BouncyCastle.Pkcs
 
                             // TODO We might want to "merge" attribute sets with
                             // the same OID - currently, differing values give an error
-                            if (attributes.Contains(aOid.Id))
+                            if (attributes.TryGetValue(aOid, out var attributeValue))
                             {
                                 // we've found more than one - one might be incorrect
-                                if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID))
+                                if (PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Equals(aOid))
                                 {
                                     string id = Hex.ToHexString(Asn1OctetString.GetInstance(attr).GetOctets());
-                                    if (!(keys[id] != null || localIds[id] != null))
-                                    {
+                                    if (!m_keys.ContainsKey(id) && !m_localIds.ContainsKey(id))
                                         continue; // ignore this one - it's not valid
-                                    }
                                 }
 
                                 // OK, but the value has to be the same
-                                if (!attributes[aOid.Id].Equals(attr))
+                                if (!attributeValue.Equals(attr))
                                 {
                                     throw new IOException("attempt to add existing attribute with different value");
                                 }
                             }
                             else
                             {
-                                attributes.Add(aOid.Id, attr);
+                                attributes[aOid] = attr;
                             }
 
                             if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName))
@@ -361,20 +358,20 @@ namespace Org.BouncyCastle.Pkcs
                 CertId certId = new CertId(cert.GetPublicKey());
                 X509CertificateEntry certEntry = new X509CertificateEntry(cert, attributes);
 
-                chainCerts[certId] = certEntry;
+                m_chainCerts[certId] = certEntry;
 
                 if (unmarkedKeyEntry != null)
                 {
-                    if (keyCerts.Count == 0)
+                    if (m_keyCerts.Count == 0)
                     {
                         string name = Hex.ToHexString(certId.Id);
 
-                        keyCerts[name] = certEntry;
-                        keys[name] = unmarkedKeyEntry;
+                        m_keyCerts[name] = certEntry;
+                        m_keys[name] = unmarkedKeyEntry;
                     }
                     else
                     {
-                        keys["unmarked"] = unmarkedKeyEntry;
+                        m_keys["unmarked"] = unmarkedKeyEntry;
                     }
                 }
                 else
@@ -383,309 +380,236 @@ namespace Org.BouncyCastle.Pkcs
                     {
                         string name = Hex.ToHexString(localId.GetOctets());
 
-                        keyCerts[name] = certEntry;
+                        m_keyCerts[name] = certEntry;
                     }
 
                     if (alias != null)
                     {
                         // TODO There may have been more than one alias
-                        certs[alias] = certEntry;
+                        m_certs[alias] = certEntry;
                     }
                 }
             }
         }
 
-        public AsymmetricKeyEntry GetKey(
-            string alias)
+        public AsymmetricKeyEntry GetKey(string alias)
         {
             if (alias == null)
-                throw new ArgumentNullException("alias");
+                throw new ArgumentNullException(nameof(alias));
 
-            return (AsymmetricKeyEntry)keys[alias];
+            return CollectionUtilities.GetValueOrNull(m_keys, alias);
         }
 
-        public bool IsCertificateEntry(
-            string alias)
+        public bool IsCertificateEntry(string alias)
         {
             if (alias == null)
-                throw new ArgumentNullException("alias");
+                throw new ArgumentNullException(nameof(alias));
 
-            return (certs[alias] != null && keys[alias] == null);
+            return m_certs.ContainsKey(alias) && !m_keys.ContainsKey(alias);
         }
 
-        public bool IsKeyEntry(
-            string alias)
+        public bool IsKeyEntry(string alias)
         {
             if (alias == null)
-                throw new ArgumentNullException("alias");
+                throw new ArgumentNullException(nameof(alias));
 
-            return (keys[alias] != null);
+            return m_keys.ContainsKey(alias);
         }
 
-        private IDictionary GetAliasesTable()
+        public IEnumerable<string> Aliases
         {
-            IDictionary tab = Platform.CreateHashtable();
-
-            foreach (string key in certs.Keys)
+            get
             {
-                tab[key] = "cert";
+                var aliases = new HashSet<string>(m_certs.Keys);
+                aliases.UnionWith(m_keys.Keys);
+                return CollectionUtilities.Proxy(aliases);
             }
-
-            foreach (string a in keys.Keys)
-            {
-                if (tab[a] == null)
-                {
-                    tab[a] = "key";
-                }
-            }
-
-            return tab;
         }
 
-        public IEnumerable Aliases
+        public bool ContainsAlias(string alias)
         {
-            get { return new EnumerableProxy(GetAliasesTable().Keys); }
-        }
+            if (alias == null)
+                throw new ArgumentNullException(nameof(alias));
 
-        public bool ContainsAlias(
-            string alias)
-        {
-            return certs[alias] != null || keys[alias] != null;
+            return m_certs.ContainsKey(alias) || m_keys.ContainsKey(alias);
         }
 
         /**
          * simply return the cert entry for the private key
          */
-        public X509CertificateEntry GetCertificate(
-            string alias)
+        public X509CertificateEntry GetCertificate(string alias)
         {
             if (alias == null)
-                throw new ArgumentNullException("alias");
+                throw new ArgumentNullException(nameof(alias));
 
-            X509CertificateEntry c = (X509CertificateEntry) certs[alias];
+            if (m_certs.TryGetValue(alias, out var cert))
+                return cert;
 
-            //
-            // look up the key table - and try the local key id
-            //
-            if (c == null)
+            var keyCertKey = alias;
+            if (m_localIds.TryGetValue(alias, out var localId))
             {
-                string id = (string)localIds[alias];
-                if (id != null)
-                {
-                    c = (X509CertificateEntry)keyCerts[id];
-                }
-                else
-                {
-                    c = (X509CertificateEntry)keyCerts[alias];
-                }
+                keyCertKey = localId;
             }
 
-            return c;
+            return CollectionUtilities.GetValueOrNull(m_keyCerts, keyCertKey);
         }
 
-        public string GetCertificateAlias(
-            X509Certificate cert)
+        public string GetCertificateAlias(X509Certificate cert)
         {
             if (cert == null)
-                throw new ArgumentNullException("cert");
+                throw new ArgumentNullException(nameof(cert));
 
-            foreach (DictionaryEntry entry in certs)
+            foreach (var entry in m_certs)
             {
-                X509CertificateEntry entryValue = (X509CertificateEntry) entry.Value;
-                if (entryValue.Certificate.Equals(cert))
-                {
-                    return (string) entry.Key;
-                }
+                if (entry.Value.Certificate.Equals(cert))
+                    return entry.Key;
             }
 
-            foreach (DictionaryEntry entry in keyCerts)
+            foreach (var entry in m_keyCerts)
             {
-                X509CertificateEntry entryValue = (X509CertificateEntry) entry.Value;
-                if (entryValue.Certificate.Equals(cert))
-                {
-                    return (string) entry.Key;
-                }
+                if (entry.Value.Certificate.Equals(cert))
+                    return entry.Key;
             }
 
             return null;
         }
 
-        public X509CertificateEntry[] GetCertificateChain(
-            string alias)
+        public X509CertificateEntry[] GetCertificateChain(string alias)
         {
             if (alias == null)
-                throw new ArgumentNullException("alias");
+                throw new ArgumentNullException(nameof(alias));
 
             if (!IsKeyEntry(alias))
-            {
                 return null;
-            }
 
             X509CertificateEntry c = GetCertificate(alias);
+            if (c == null)
+                return null;
+
+            var cs = new List<X509CertificateEntry>();
 
-            if (c != null)
+            while (c != null)
             {
-                IList cs = Platform.CreateArrayList();
+                X509Certificate x509c = c.Certificate;
+                X509CertificateEntry nextC = null;
 
-                while (c != null)
+                Asn1OctetString akiValue = x509c.GetExtensionValue(X509Extensions.AuthorityKeyIdentifier);
+                if (akiValue != null)
                 {
-                    X509Certificate x509c = c.Certificate;
-                    X509CertificateEntry nextC = null;
+                    AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.GetInstance(akiValue.GetOctets());
 
-                    Asn1OctetString akiValue = x509c.GetExtensionValue(X509Extensions.AuthorityKeyIdentifier);
-                    if (akiValue != null)
+                    byte[] keyID = aki.GetKeyIdentifier();
+                    if (keyID != null)
                     {
-                        AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.GetInstance(akiValue.GetOctets());
-
-                        byte[] keyID = aki.GetKeyIdentifier();
-                        if (keyID != null)
-                        {
-                            nextC = (X509CertificateEntry)chainCerts[new CertId(keyID)];
-                        }
+                        nextC = CollectionUtilities.GetValueOrNull(m_chainCerts, new CertId(keyID));
                     }
+                }
 
-                    if (nextC == null)
-                    {
-                        //
-                        // no authority key id, try the Issuer DN
-                        //
-                        X509Name i = x509c.IssuerDN;
-                        X509Name s = x509c.SubjectDN;
+                if (nextC == null)
+                {
+                    //
+                    // no authority key id, try the Issuer DN
+                    //
+                    X509Name i = x509c.IssuerDN;
+                    X509Name s = x509c.SubjectDN;
 
-                        if (!i.Equivalent(s))
+                    if (!i.Equivalent(s))
+                    {
+                        foreach (var entry in m_chainCerts)
                         {
-                            foreach (CertId certId in chainCerts.Keys)
-                            {
-                                X509CertificateEntry x509CertEntry = (X509CertificateEntry) chainCerts[certId];
+                            X509Certificate cert = entry.Value.Certificate;
 
-                                X509Certificate crt = x509CertEntry.Certificate;
+                            if (cert.SubjectDN.Equivalent(i))
+                            {
+                                try
+                                {
+                                    x509c.Verify(cert.GetPublicKey());
 
-                                X509Name sub = crt.SubjectDN;
-                                if (sub.Equivalent(i))
+                                    nextC = entry.Value;
+                                    break;
+                                }
+                                catch (InvalidKeyException)
                                 {
-                                    try
-                                    {
-                                        x509c.Verify(crt.GetPublicKey());
-
-                                        nextC = x509CertEntry;
-                                        break;
-                                    }
-                                    catch (InvalidKeyException)
-                                    {
-                                        // TODO What if it doesn't verify?
-                                    }
+                                    // TODO What if it doesn't verify?
                                 }
                             }
                         }
                     }
-
-                    cs.Add(c);
-                    if (nextC != c) // self signed - end of the chain
-                    {
-                        c = nextC;
-                    }
-                    else
-                    {
-                        c = null;
-                    }
                 }
 
-                X509CertificateEntry[] result = new X509CertificateEntry[cs.Count];
-                for (int i = 0; i < cs.Count; ++i)
+                cs.Add(c);
+                if (nextC != c) // self signed - end of the chain
+                {
+                    c = nextC;
+                }
+                else
                 {
-                    result[i] = (X509CertificateEntry)cs[i];
+                    c = null;
                 }
-                return result;
             }
 
-            return null;
+            return cs.ToArray();
         }
 
-        public void SetCertificateEntry(
-            string                  alias,
-            X509CertificateEntry    certEntry)
+        public void SetCertificateEntry(string alias, X509CertificateEntry certEntry)
         {
             if (alias == null)
-                throw new ArgumentNullException("alias");
+                throw new ArgumentNullException(nameof(alias));
             if (certEntry == null)
-                throw new ArgumentNullException("certEntry");
-            if (keys[alias] != null)
+                throw new ArgumentNullException(nameof(certEntry));
+            if (m_keys.ContainsKey(alias))
                 throw new ArgumentException("There is a key entry with the name " + alias + ".");
 
-            certs[alias] = certEntry;
-            chainCerts[new CertId(certEntry.Certificate.GetPublicKey())] = certEntry;
+            m_certs[alias] = certEntry;
+            m_chainCerts[new CertId(certEntry.Certificate.GetPublicKey())] = certEntry;
         }
 
-        public void SetKeyEntry(
-            string                  alias,
-            AsymmetricKeyEntry      keyEntry,
-            X509CertificateEntry[]  chain)
+        public void SetKeyEntry(string alias, AsymmetricKeyEntry keyEntry, X509CertificateEntry[] chain)
         {
             if (alias == null)
-                throw new ArgumentNullException("alias");
+                throw new ArgumentNullException(nameof(alias));
             if (keyEntry == null)
-                throw new ArgumentNullException("keyEntry");
-            if (keyEntry.Key.IsPrivate && (chain == null))
+                throw new ArgumentNullException(nameof(keyEntry));
+            if (keyEntry.Key.IsPrivate && chain == null)
                 throw new ArgumentException("No certificate chain for private key");
 
-            if (keys[alias] != null)
+            if (m_keys.ContainsKey(alias))
             {
                 DeleteEntry(alias);
             }
 
-            keys[alias] = keyEntry;
-            certs[alias] = chain[0];
+            m_keys[alias] = keyEntry;
+            m_certs[alias] = chain[0];
 
             for (int i = 0; i != chain.Length; i++)
             {
-                chainCerts[new CertId(chain[i].Certificate.GetPublicKey())] = chain[i];
+                m_chainCerts[new CertId(chain[i].Certificate.GetPublicKey())] = chain[i];
             }
         }
 
-        public void DeleteEntry(
-            string alias)
+        public void DeleteEntry(string alias)
         {
             if (alias == null)
-                throw new ArgumentNullException("alias");
-
-            AsymmetricKeyEntry k = (AsymmetricKeyEntry)keys[alias];
-            if (k != null)
-            {
-                keys.Remove(alias);
-            }
+                throw new ArgumentNullException(nameof(alias));
 
-            X509CertificateEntry c = (X509CertificateEntry)certs[alias];
-
-            if (c != null)
+            if (CollectionUtilities.Remove(m_certs, alias, out var cert))
             {
-                certs.Remove(alias);
-                chainCerts.Remove(new CertId(c.Certificate.GetPublicKey()));
+                m_chainCerts.Remove(new CertId(cert.Certificate.GetPublicKey()));
             }
 
-            if (k != null)
+            if (m_keys.Remove(alias))
             {
-                string id = (string)localIds[alias];
-                if (id != null)
-                {
-                    localIds.Remove(alias);
-                    c = (X509CertificateEntry)keyCerts[id];
-                }
-                if (c != null)
+                if (CollectionUtilities.Remove(m_localIds, alias, out var id))
                 {
-                    keyCerts.Remove(id);
-                    chainCerts.Remove(new CertId(c.Certificate.GetPublicKey()));
+                    if (CollectionUtilities.Remove(m_keyCerts, id, out var keyCert))
+                    {
+                        m_chainCerts.Remove(new CertId(keyCert.Certificate.GetPublicKey()));
+                    }
                 }
             }
-
-            if (c == null && k == null)
-            {
-                throw new ArgumentException("no such entry as " + alias);
-            }
         }
 
-        public bool IsEntryOfType(
-            string  alias,
-            Type    entryType)
+        public bool IsEntryOfType(string alias, Type entryType)
         {
             if (entryType == typeof(X509CertificateEntry))
                 return IsCertificateEntry(alias);
@@ -698,31 +622,41 @@ namespace Org.BouncyCastle.Pkcs
 
         public int Count
         {
-            // TODO Seems a little inefficient
-            get { return GetAliasesTable().Count; }
+            get
+            {
+                int count = m_certs.Count;
+
+                foreach (var key in m_keys.Keys)
+                {
+                    if (!m_certs.ContainsKey(key))
+                    {
+                        ++count;
+                    }
+                }
+
+                return count;
+            }
         }
 
-        public void Save(
-            Stream          stream,
-            char[]          password,
-            SecureRandom    random)
+        public void Save(Stream stream, char[] password, SecureRandom random)
         {
             if (stream == null)
-                throw new ArgumentNullException("stream");
+                throw new ArgumentNullException(nameof(stream));
             if (random == null)
-                throw new ArgumentNullException("random");
+                throw new ArgumentNullException(nameof(random));
 
             //
             // handle the keys
             //
             Asn1EncodableVector keyBags = new Asn1EncodableVector();
-            foreach (string name in keys.Keys)
+            foreach (var keyEntry in m_keys)
             {
+                var name = keyEntry.Key;
+                var privKey = keyEntry.Value;
+
                 byte[] kSalt = new byte[SaltSize];
                 random.NextBytes(kSalt);
 
-                AsymmetricKeyEntry privKey = (AsymmetricKeyEntry)keys[name];
-
                 DerObjectIdentifier bagOid;
                 Asn1Encodable bagData;
 
@@ -736,30 +670,25 @@ namespace Org.BouncyCastle.Pkcs
                     bagOid = PkcsObjectIdentifiers.Pkcs8ShroudedKeyBag;
                     if (keyPrfAlgorithm != null)
                     {
-                        bagData = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(
-                                        keyAlgorithm, keyPrfAlgorithm, password, kSalt, MinIterations, random, privKey.Key);
+                        bagData = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(keyAlgorithm,
+                            keyPrfAlgorithm, password, kSalt, MinIterations, random, privKey.Key);
                     }
                     else
                     {
-                        bagData = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(
-                                            keyAlgorithm, password, kSalt, MinIterations, privKey.Key);
+                        bagData = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(keyAlgorithm, password,
+                            kSalt, MinIterations, privKey.Key);
                     }
                 }
 
                 Asn1EncodableVector kName = new Asn1EncodableVector();
 
-                foreach (string oid in privKey.BagAttributeKeys)
+                foreach (var oid in privKey.BagAttributeKeys)
                 {
-                    Asn1Encodable entry = privKey[oid];
-
                     // NB: Ignore any existing FriendlyName
-                    if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id))
-                        continue;
-
-                    kName.Add(
-                        new DerSequence(
-                            new DerObjectIdentifier(oid),
-                            new DerSet(entry)));
+                    if (!PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Equals(oid))
+                    {
+                        kName.Add(new DerSequence(oid, new DerSet(privKey[oid])));
+                    }
                 }
 
                 //
@@ -805,9 +734,9 @@ namespace Org.BouncyCastle.Pkcs
             Asn1EncodableVector certBags = new Asn1EncodableVector();
             Pkcs12PbeParams     cParams = new Pkcs12PbeParams(cSalt, MinIterations);
             AlgorithmIdentifier cAlgId = new AlgorithmIdentifier(certAlgorithm, cParams.ToAsn1Object());
-            ISet                doneCerts = new HashSet();
+            var doneCerts = new HashSet<X509Certificate>();
 
-            foreach (string name in keys.Keys)
+            foreach (string name in m_keys.Keys)
             {
                 X509CertificateEntry certEntry = GetCertificate(name);
                 CertBag cBag = new CertBag(
@@ -816,18 +745,13 @@ namespace Org.BouncyCastle.Pkcs
 
                 Asn1EncodableVector fName = new Asn1EncodableVector();
 
-                foreach (string oid in certEntry.BagAttributeKeys)
+                foreach (var oid in certEntry.BagAttributeKeys)
                 {
-                    Asn1Encodable entry = certEntry[oid];
-
                     // NB: Ignore any existing FriendlyName
-                    if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id))
-                        continue;
-
-                    fName.Add(
-                        new DerSequence(
-                            new DerObjectIdentifier(oid),
-                            new DerSet(entry)));
+                    if (!PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Equals(oid))
+                    {
+                        fName.Add(new DerSequence(oid, new DerSet(certEntry[oid])));
+                    }
                 }
 
                 //
@@ -861,11 +785,12 @@ namespace Org.BouncyCastle.Pkcs
                 doneCerts.Add(certEntry.Certificate);
             }
 
-            foreach (string certId in certs.Keys)
+            foreach (var certEntry in m_certs)
             {
-                X509CertificateEntry cert = (X509CertificateEntry)certs[certId];
+                var certId = certEntry.Key;
+                var cert = certEntry.Value;
 
-                if (keys[certId] != null)
+                if (m_keys.ContainsKey(certId))
                     continue;
 
                 CertBag cBag = new CertBag(
@@ -874,25 +799,20 @@ namespace Org.BouncyCastle.Pkcs
 
                 Asn1EncodableVector fName = new Asn1EncodableVector();
 
-                foreach (string oid in cert.BagAttributeKeys)
+                foreach (var oid in cert.BagAttributeKeys)
                 {
                     // a certificate not immediately linked to a key doesn't require
                     // a localKeyID and will confuse some PKCS12 implementations.
                     //
                     // If we find one, we'll prune it out.
-                    if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id))
+                    if (PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Equals(oid))
                         continue;
 
-                    Asn1Encodable entry = cert[oid];
-
                     // NB: Ignore any existing FriendlyName
-                    if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id))
-                        continue;
-
-                    fName.Add(
-                        new DerSequence(
-                            new DerObjectIdentifier(oid),
-                            new DerSet(entry)));
+                    if (!PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Equals(oid))
+                    {
+                        fName.Add(new DerSequence(oid, new DerSet(cert[oid])));
+                    }
                 }
 
                 //
@@ -912,9 +832,10 @@ namespace Org.BouncyCastle.Pkcs
                 doneCerts.Add(cert.Certificate);
             }
 
-            foreach (CertId certId in chainCerts.Keys)
+            foreach (var chainCertEntry in m_chainCerts)
             {
-                X509CertificateEntry cert = (X509CertificateEntry)chainCerts[certId];
+                var certId = chainCertEntry.Key;
+                var cert = chainCertEntry.Value;
 
                 if (doneCerts.Contains(cert.Certificate))
                     continue;
@@ -925,19 +846,16 @@ namespace Org.BouncyCastle.Pkcs
 
                 Asn1EncodableVector fName = new Asn1EncodableVector();
 
-                foreach (string oid in cert.BagAttributeKeys)
+                foreach (var oid in cert.BagAttributeKeys)
                 {
                     // a certificate not immediately linked to a key doesn't require
                     // a localKeyID and will confuse some PKCS12 implementations.
                     //
                     // If we find one, we'll prune it out.
-                    if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id))
+                    if (PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Equals(oid))
                         continue;
 
-                    fName.Add(
-                        new DerSequence(
-                            new DerObjectIdentifier(oid),
-                            new DerSet(cert[oid])));
+                    fName.Add(new DerSequence(oid, new DerSet(cert[oid])));
                 }
 
                 certBags.Add(new SafeBag(PkcsObjectIdentifiers.CertBag, cBag.ToAsn1Object(), new DerSet(fName)));
@@ -1038,80 +956,5 @@ namespace Org.BouncyCastle.Pkcs
                 return cipher.DoFinal(data);
             }
         }
-
-        private class IgnoresCaseHashtable
-            : IEnumerable
-        {
-            private readonly IDictionary orig = Platform.CreateHashtable();
-            private readonly IDictionary keys = Platform.CreateHashtable();
-
-            public void Clear()
-            {
-                orig.Clear();
-                keys.Clear();
-            }
-
-            public IEnumerator GetEnumerator()
-            {
-                return orig.GetEnumerator();
-            }
-
-            public ICollection Keys
-            {
-                get { return orig.Keys; }
-            }
-
-            public object Remove(
-                string alias)
-            {
-                string upper = Platform.ToUpperInvariant(alias);
-                string k = (string)keys[upper];
-
-                if (k == null)
-                    return null;
-
-                keys.Remove(upper);
-
-                object o = orig[k];
-                orig.Remove(k);
-                return o;
-            }
-
-            public object this[
-                string alias]
-            {
-                get
-                {
-                    string upper = Platform.ToUpperInvariant(alias);
-                    string k = (string)keys[upper];
-
-                    if (k == null)
-                        return null;
-
-                    return orig[k];
-                }
-                set
-                {
-                    string upper = Platform.ToUpperInvariant(alias);
-                    string k = (string)keys[upper];
-                    if (k != null)
-                    {
-                        orig.Remove(k);
-                    }
-                    keys[upper] = alias;
-                    orig[alias] = value;
-                }
-            }
-
-            public ICollection Values
-            {
-                get { return orig.Values; }
-            }
-
-            public int Count
-            {
-                get { return orig.Count; }
-            }
-        }
     }
 }
diff --git a/crypto/src/pkcs/X509CertificateEntry.cs b/crypto/src/pkcs/X509CertificateEntry.cs
index 9d850f885..43aa5b304 100644
--- a/crypto/src/pkcs/X509CertificateEntry.cs
+++ b/crypto/src/pkcs/X509CertificateEntry.cs
@@ -1,7 +1,6 @@
-using System;
-using System.Collections;
+using System.Collections.Generic;
 
-using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.X509;
 
 namespace Org.BouncyCastle.Pkcs
@@ -11,16 +10,13 @@ namespace Org.BouncyCastle.Pkcs
     {
         private readonly X509Certificate cert;
 
-		public X509CertificateEntry(
-            X509Certificate cert)
-			: base(Platform.CreateHashtable())
+		public X509CertificateEntry(X509Certificate cert)
+			: base(new Dictionary<DerObjectIdentifier, Asn1Encodable>())
         {
             this.cert = cert;
         }
 
-        public X509CertificateEntry(
-            X509Certificate cert,
-            IDictionary     attributes)
+        public X509CertificateEntry(X509Certificate cert, IDictionary<DerObjectIdentifier, Asn1Encodable> attributes)
 			: base(attributes)
         {
             this.cert = cert;
diff --git a/crypto/src/util/collections/CollectionUtilities.cs b/crypto/src/util/collections/CollectionUtilities.cs
index 97bc374e1..f1d2bac21 100644
--- a/crypto/src/util/collections/CollectionUtilities.cs
+++ b/crypto/src/util/collections/CollectionUtilities.cs
@@ -71,6 +71,15 @@ namespace Org.BouncyCastle.Utilities.Collections
             return new UnmodifiableSetProxy(s);
         }
 
+        public static bool Remove<K, V>(IDictionary<K, V> d, K k, out V v)
+        {
+            if (!d.TryGetValue(k, out v))
+                return false;
+
+            d.Remove(k);
+            return true;
+        }
+
         public static object RequireNext(IEnumerator e)
         {
             if (!e.MoveNext())