diff --git a/crypto/src/pkix/PkixCrlUtilities.cs b/crypto/src/pkix/PkixCrlUtilities.cs
index 3451b8ac0..ed347f841 100644
--- a/crypto/src/pkix/PkixCrlUtilities.cs
+++ b/crypto/src/pkix/PkixCrlUtilities.cs
@@ -7,10 +7,15 @@ using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Pkix
{
- public class PkixCrlUtilities
+ public class PkixCrlUtilities
{
- // TODO bc-fips-csharp implements this for ISelector<X509Crl>, using optional ICheckingCertificate
- public virtual ISet<X509Crl> FindCrls(X509CrlStoreSelector crlSelector, PkixParameters paramsPkix)
+ // TODO[api] Redundant
+ public virtual ISet<X509Crl> FindCrls(X509CrlStoreSelector crlSelector, PkixParameters paramsPkix)
+ {
+ return FindCrls((ISelector<X509Crl>)crlSelector, paramsPkix);
+ }
+
+ public virtual ISet<X509Crl> FindCrls(ISelector<X509Crl> crlSelector, PkixParameters paramsPkix)
{
// get complete CRL(s)
try
@@ -23,10 +28,16 @@ namespace Org.BouncyCastle.Pkix
}
}
- // TODO bc-fips-csharp implements this for ISelector<X509Crl>, using optional ICheckingCertificate
+ // TODO[api] Redundant
public virtual ISet<X509Crl> FindCrls(X509CrlStoreSelector crlSelector, PkixParameters paramsPkix,
DateTime currentDate)
{
+ return FindCrls((ISelector<X509Crl>)crlSelector, paramsPkix, currentDate);
+ }
+
+ public virtual ISet<X509Crl> FindCrls(ISelector<X509Crl> crlSelector, PkixParameters paramsPkix,
+ DateTime currentDate)
+ {
var initialSet = FindCrls(crlSelector, paramsPkix);
var finalSet = new HashSet<X509Crl>();
@@ -37,7 +48,11 @@ namespace Org.BouncyCastle.Pkix
validityDate = paramsPkix.Date.Value;
}
- X509Certificate cert = crlSelector.CertificateChecking;
+ X509Certificate cert = null;
+ if (crlSelector is ICheckingCertificate checkingCertificate)
+ {
+ cert = checkingCertificate.CertificateChecking;
+ }
// based on RFC 5280 6.3.3
foreach (X509Crl crl in initialSet)
@@ -84,12 +99,12 @@ namespace Org.BouncyCastle.Pkix
}
catch (Exception e)
{
- lastException = new Exception("Exception searching in X.509 CRL store.", e);
+ lastException = e;
}
}
if (!foundValidStore && lastException != null)
- throw lastException;
+ throw new Exception("Exception searching in X.509 CRL store.", lastException);
return crls;
}
diff --git a/crypto/src/x509/store/X509CrlStoreSelector.cs b/crypto/src/x509/store/X509CrlStoreSelector.cs
index 9e84b82ae..f3b574d27 100644
--- a/crypto/src/x509/store/X509CrlStoreSelector.cs
+++ b/crypto/src/x509/store/X509CrlStoreSelector.cs
@@ -11,7 +11,7 @@ using Org.BouncyCastle.X509.Extension;
namespace Org.BouncyCastle.X509.Store
{
public class X509CrlStoreSelector
- : ISelector<X509Crl>
+ : ISelector<X509Crl>, ICheckingCertificate
{
// TODO Missing criteria?
@@ -276,4 +276,9 @@ namespace Org.BouncyCastle.X509.Store
return true;
}
}
+
+ public interface ICheckingCertificate
+ {
+ X509Certificate CertificateChecking { get; }
+ }
}
|
