diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2021-09-08 13:38:49 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2021-09-08 13:38:49 +0700 |
| commit | e88f68ad1b5abad7f9665a12c47908abed559527 (patch) | |
| tree | 62974e48d5d1f917556f9b89e1c2ed0d45907217 | |
| parent | Removed unused variable. (diff) | |
| download | BouncyCastle.NET-ed25519-e88f68ad1b5abad7f9665a12c47908abed559527.tar.xz | |
CRL NextUpdate can be null
- see https://github.com/bcgit/bc-csharp/issues/315
| -rw-r--r-- | crypto/src/pkix/PkixCrlUtilities.cs | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/crypto/src/pkix/PkixCrlUtilities.cs b/crypto/src/pkix/PkixCrlUtilities.cs index c386b8a05..06a7caa2a 100644 --- a/crypto/src/pkix/PkixCrlUtilities.cs +++ b/crypto/src/pkix/PkixCrlUtilities.cs @@ -2,6 +2,7 @@ using System; using System.Collections; using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Date; using Org.BouncyCastle.X509; using Org.BouncyCastle.X509.Store; @@ -35,21 +36,16 @@ namespace Org.BouncyCastle.Pkix // based on RFC 5280 6.3.3 foreach (X509Crl crl in initialSet) { - if (crl.NextUpdate.Value.CompareTo(validityDate) > 0) + DateTimeObject nextUpdate = crl.NextUpdate; + + if (null == nextUpdate || nextUpdate.Value.CompareTo(validityDate) > 0) { X509Certificate cert = crlselect.CertificateChecking; - if (cert != null) - { - if (crl.ThisUpdate.CompareTo(cert.NotAfter) < 0) - { - finalSet.Add(crl); - } - } - else - { - finalSet.Add(crl); - } + if (null == cert || crl.ThisUpdate.CompareTo(cert.NotAfter) < 0) + { + finalSet.Add(crl); + } } } |