diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2023-05-04 16:43:06 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2023-05-04 16:43:06 +0700 |
| commit | e7cb9e780da9b4ed2cee55feb0c4e7302222267d (patch) | |
| tree | b5fb6c8609afbc925021b763b06b45e61df3c4f8 | |
| parent | Update Dilithium PrivateKeyInfo code from bc-java (diff) | |
| download | BouncyCastle.NET-ed25519-e7cb9e780da9b4ed2cee55feb0c4e7302222267d.tar.xz | |
Refactoring around BasicConstraints
| -rw-r--r-- | crypto/src/asn1/x509/BasicConstraints.cs | 9 | ||||
| -rw-r--r-- | crypto/src/pkix/Rfc3280CertPathUtilities.cs | 14 | ||||
| -rw-r--r-- | crypto/src/x509/X509Certificate.cs | 13 |
3 files changed, 10 insertions, 26 deletions
diff --git a/crypto/src/asn1/x509/BasicConstraints.cs b/crypto/src/asn1/x509/BasicConstraints.cs index acc8766a7..92e0e3dae 100644 --- a/crypto/src/asn1/x509/BasicConstraints.cs +++ b/crypto/src/asn1/x509/BasicConstraints.cs @@ -82,10 +82,11 @@ namespace Org.BouncyCastle.Asn1.X509 return cA != null && cA.IsTrue; } - public BigInteger PathLenConstraint - { - get { return pathLenConstraint == null ? null : pathLenConstraint.Value; } - } + // TODO[api] Return DerInteger + public BigInteger PathLenConstraint => pathLenConstraint?.Value; + + internal int PathLenConstraint_Int32 => + pathLenConstraint == null ? int.MaxValue : pathLenConstraint.IntValueExact; /** * Produce an object suitable for an Asn1OutputStream. diff --git a/crypto/src/pkix/Rfc3280CertPathUtilities.cs b/crypto/src/pkix/Rfc3280CertPathUtilities.cs index 1a2346d9e..88b842abb 100644 --- a/crypto/src/pkix/Rfc3280CertPathUtilities.cs +++ b/crypto/src/pkix/Rfc3280CertPathUtilities.cs @@ -1776,19 +1776,9 @@ namespace Org.BouncyCastle.Pkix { throw new PkixCertPathValidatorException("Basic constraints extension cannot be decoded.", e, index); } - if (bc != null) + if (bc != null && bc.IsCA()) { - BigInteger _pathLengthConstraint = bc.PathLenConstraint; - - if (_pathLengthConstraint != null) - { - int _plc = _pathLengthConstraint.IntValue; - - if (_plc < maxPathLength) - { - return _plc; - } - } + maxPathLength = System.Math.Min(maxPathLength, bc.PathLenConstraint_Int32); } return maxPathLength; } diff --git a/crypto/src/x509/X509Certificate.cs b/crypto/src/x509/X509Certificate.cs index c903811d4..30cdd6e2d 100644 --- a/crypto/src/x509/X509Certificate.cs +++ b/crypto/src/x509/X509Certificate.cs @@ -364,17 +364,10 @@ namespace Org.BouncyCastle.X509 public virtual int GetBasicConstraints() { - if (basicConstraints != null && basicConstraints.IsCA()) - { - if (basicConstraints.PathLenConstraint == null) - { - return int.MaxValue; - } - - return basicConstraints.PathLenConstraint.IntValue; - } + if (basicConstraints == null || !basicConstraints.IsCA()) + return -1; - return -1; + return basicConstraints.PathLenConstraint_Int32; } public virtual GeneralNames GetIssuerAlternativeNameExtension() |