diff --git a/crypto/src/cms/CMSSignedData.cs b/crypto/src/cms/CMSSignedData.cs
index d43cdc4f3..fdf1206a4 100644
--- a/crypto/src/cms/CMSSignedData.cs
+++ b/crypto/src/cms/CMSSignedData.cs
@@ -1,14 +1,13 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cms;
-using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Security.Certificates;
using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Cms
{
@@ -43,9 +42,6 @@ namespace Org.BouncyCastle.Cms
private SignedData signedData;
private ContentInfo contentInfo;
private SignerInformationStore signerInfoStore;
- private IX509Store attrCertStore;
- private IX509Store certificateStore;
- private IX509Store crlStore;
private IDictionary hashes;
private CmsSignedData(
@@ -150,11 +146,6 @@ namespace Org.BouncyCastle.Cms
get { return signedData.Version.IntValueExact; }
}
- internal IX509Store GetCertificates()
- {
- return Helper.GetCertificates(signedData.Certificates);
- }
-
/**
* return the collection of signers that are associated with the
* signatures for the message.
@@ -198,55 +189,33 @@ namespace Org.BouncyCastle.Cms
* @exception NoSuchStoreException if the store type isn't available.
* @exception CmsException if a general exception prevents creation of the X509Store
*/
- public IX509Store GetAttributeCertificates(
- string type)
+ public IStore<X509V2AttributeCertificate> GetAttributeCertificates()
{
- if (attrCertStore == null)
- {
- attrCertStore = Helper.CreateAttributeStore(type, signedData.Certificates);
- }
-
- return attrCertStore;
+ return Helper.GetAttributeCertificates(signedData.Certificates);
}
/**
- * return a X509Store containing the public key certificates, if any, contained
- * in this message.
+ * return a X509Store containing the public key certificates, if any, contained in this message.
*
- * @param type type of store to create
* @return a store of public key certificates
* @exception NoSuchStoreException if the store type isn't available.
* @exception CmsException if a general exception prevents creation of the X509Store
*/
- public IX509Store GetCertificates(
- string type)
+ public IStore<X509Certificate> GetCertificates()
{
- if (certificateStore == null)
- {
- certificateStore = Helper.CreateCertificateStore(type, signedData.Certificates);
- }
-
- return certificateStore;
+ return Helper.GetCertificates(signedData.Certificates);
}
/**
- * return a X509Store containing CRLs, if any, contained
- * in this message.
+ * return a X509Store containing CRLs, if any, contained in this message.
*
- * @param type type of store to create
* @return a store of CRLs
* @exception NoSuchStoreException if the store type isn't available.
* @exception CmsException if a general exception prevents creation of the X509Store
*/
- public IX509Store GetCrls(
- string type)
+ public IStore<X509Crl> GetCrls()
{
- if (crlStore == null)
- {
- crlStore = Helper.CreateCrlStore(type, signedData.CRLs);
- }
-
- return crlStore;
+ return Helper.GetCrls(signedData.CRLs);
}
/// <summary>
@@ -363,15 +332,9 @@ namespace Org.BouncyCastle.Cms
* @return a new signed data object.
* @exception CmsException if there is an error processing the stores
*/
- public static CmsSignedData ReplaceCertificatesAndCrls(
- CmsSignedData signedData,
- IX509Store x509Certs,
- IX509Store x509Crls,
- IX509Store x509AttrCerts)
+ public static CmsSignedData ReplaceCertificatesAndCrls(CmsSignedData signedData, IStore<X509Certificate> x509Certs,
+ IStore<X509Crl> x509Crls, IStore<X509V2AttributeCertificate> x509AttrCerts)
{
- if (x509AttrCerts != null)
- throw Platform.CreateNotImplementedException("Currently can't replace attribute certificates");
-
//
// copy
//
@@ -380,37 +343,39 @@ namespace Org.BouncyCastle.Cms
//
// replace the certs and crls in the SignedData object
//
- Asn1Set certs = null;
- try
+ Asn1Set certSet = null;
+ Asn1Set crlSet = null;
+
+ if (x509Certs != null || x509AttrCerts != null)
{
- Asn1Set asn1Set = CmsUtilities.CreateBerSetFromList(
- CmsUtilities.GetCertificatesFromStore(x509Certs));
+ var certs = new List<Asn1Encodable>();
- if (asn1Set.Count != 0)
+ if (x509Certs != null)
{
- certs = asn1Set;
+ certs.AddRange(CmsUtilities.GetCertificatesFromStore(x509Certs));
+ }
+ if (x509AttrCerts != null)
+ {
+ certs.AddRange(CmsUtilities.GetAttributeCertificatesFromStore(x509AttrCerts));
+ }
+
+ Asn1Set berSet = CmsUtilities.CreateBerSetFromList(certs);
+ if (berSet.Count > 0)
+ {
+ certSet = berSet;
}
- }
- catch (X509StoreException e)
- {
- throw new CmsException("error getting certificates from store", e);
}
- Asn1Set crls = null;
- try
+ if (x509Crls != null)
{
- Asn1Set asn1Set = CmsUtilities.CreateBerSetFromList(
- CmsUtilities.GetCrlsFromStore(x509Crls));
+ var crls = CmsUtilities.GetCrlsFromStore(x509Crls);
- if (asn1Set.Count != 0)
+ Asn1Set berSet = CmsUtilities.CreateBerSetFromList(crls);
+ if (berSet.Count > 0)
{
- crls = asn1Set;
+ crlSet = berSet;
}
}
- catch (X509StoreException e)
- {
- throw new CmsException("error getting CRLs from store", e);
- }
//
// replace the CMS structure.
@@ -419,8 +384,8 @@ namespace Org.BouncyCastle.Cms
cms.signedData = new SignedData(
old.DigestAlgorithms,
old.EncapContentInfo,
- certs,
- crls,
+ certSet,
+ crlSet,
old.SignerInfos);
//
diff --git a/crypto/src/cms/CMSSignedDataParser.cs b/crypto/src/cms/CMSSignedDataParser.cs
index c25f0aad0..5dffd0d26 100644
--- a/crypto/src/cms/CMSSignedDataParser.cs
+++ b/crypto/src/cms/CMSSignedDataParser.cs
@@ -8,12 +8,10 @@ using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.IO;
using Org.BouncyCastle.Security;
-using Org.BouncyCastle.Security.Certificates;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.Utilities.IO;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Cms
{
@@ -69,9 +67,6 @@ namespace Org.BouncyCastle.Cms
private SignerInformationStore _signerInfoStore;
private Asn1Set _certSet, _crlSet;
private bool _isCertCrlParsed;
- private IX509Store _attributeStore;
- private IX509Store _certificateStore;
- private IX509Store _crlStore;
public CmsSignedDataParser(
byte[] sigBlock)
@@ -243,17 +238,11 @@ namespace Org.BouncyCastle.Cms
* @exception org.bouncycastle.x509.NoSuchStoreException if the store type isn't available.
* @exception CmsException if a general exception prevents creation of the X509Store
*/
- public IX509Store GetAttributeCertificates(
- string type)
+ public IStore<X509V2AttributeCertificate> GetAttributeCertificates()
{
- if (_attributeStore == null)
- {
- PopulateCertCrlSets();
-
- _attributeStore = Helper.CreateAttributeStore(type, _certSet);
- }
+ PopulateCertCrlSets();
- return _attributeStore;
+ return Helper.GetAttributeCertificates(_certSet);
}
/**
@@ -265,17 +254,11 @@ namespace Org.BouncyCastle.Cms
* @exception NoSuchStoreException if the store type isn't available.
* @exception CmsException if a general exception prevents creation of the X509Store
*/
- public IX509Store GetCertificates(
- string type)
+ public IStore<X509Certificate> GetCertificates()
{
- if (_certificateStore == null)
- {
- PopulateCertCrlSets();
-
- _certificateStore = Helper.CreateCertificateStore(type, _certSet);
- }
+ PopulateCertCrlSets();
- return _certificateStore;
+ return Helper.GetCertificates(_certSet);
}
/**
@@ -287,17 +270,11 @@ namespace Org.BouncyCastle.Cms
* @exception NoSuchStoreException if the store type isn't available.
* @exception CmsException if a general exception prevents creation of the X509Store
*/
- public IX509Store GetCrls(
- string type)
+ public IStore<X509Crl> GetCrls()
{
- if (_crlStore == null)
- {
- PopulateCertCrlSets();
-
- _crlStore = Helper.CreateCrlStore(type, _crlSet);
- }
+ PopulateCertCrlSets();
- return _crlStore;
+ return Helper.GetCrls(_crlSet);
}
private void PopulateCertCrlSets()
@@ -378,9 +355,9 @@ namespace Org.BouncyCastle.Cms
Streams.PipeAll(signedContent.ContentStream, contentOut);
}
- gen.AddAttributeCertificates(parser.GetAttributeCertificates("Collection"));
- gen.AddCertificates(parser.GetCertificates("Collection"));
- gen.AddCrls(parser.GetCrls("Collection"));
+ gen.AddAttributeCertificates(parser.GetAttributeCertificates());
+ gen.AddCertificates(parser.GetCertificates());
+ gen.AddCrls(parser.GetCrls());
// gen.AddSigners(parser.GetSignerInfos());
@@ -401,12 +378,8 @@ namespace Org.BouncyCastle.Cms
* @return out.
* @exception CmsException if there is an error processing the CertStore
*/
- public static Stream ReplaceCertificatesAndCrls(
- Stream original,
- IX509Store x509Certs,
- IX509Store x509Crls,
- IX509Store x509AttrCerts,
- Stream outStr)
+ public static Stream ReplaceCertificatesAndCrls(Stream original, IStore<X509Certificate> x509Certs,
+ IStore<X509Crl> x509Crls, IStore<X509V2AttributeCertificate> x509AttrCerts, Stream outStr)
{
// NB: SecureRandom would be ignored since using existing signatures only
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
@@ -422,15 +395,18 @@ namespace Org.BouncyCastle.Cms
Streams.PipeAll(signedContent.ContentStream, contentOut);
}
-// gen.AddAttributeCertificates(parser.GetAttributeCertificates("Collection"));
-// gen.AddCertificates(parser.GetCertificates("Collection"));
-// gen.AddCrls(parser.GetCrls("Collection"));
if (x509AttrCerts != null)
+ {
gen.AddAttributeCertificates(x509AttrCerts);
+ }
if (x509Certs != null)
+ {
gen.AddCertificates(x509Certs);
+ }
if (x509Crls != null)
+ {
gen.AddCrls(x509Crls);
+ }
gen.AddSigners(parser.GetSignerInfos());
diff --git a/crypto/src/cms/CMSSignedDataStreamGenerator.cs b/crypto/src/cms/CMSSignedDataStreamGenerator.cs
index 8e8b996f4..c19852884 100644
--- a/crypto/src/cms/CMSSignedDataStreamGenerator.cs
+++ b/crypto/src/cms/CMSSignedDataStreamGenerator.cs
@@ -566,14 +566,10 @@ namespace Org.BouncyCastle.Cms
foreach (string digestOid in _messageDigestOids)
{
- digestAlgs.Add(
- new AlgorithmIdentifier(new DerObjectIdentifier(digestOid), DerNull.Instance));
+ digestAlgs.Add(new AlgorithmIdentifier(new DerObjectIdentifier(digestOid), DerNull.Instance));
}
- {
- byte[] tmp = new DerSet(digestAlgs).GetEncoded();
- sigGen.GetRawOutputStream().Write(tmp, 0, tmp.Length);
- }
+ new DerSet(digestAlgs).EncodeTo(sigGen.GetRawOutputStream());
BerSequenceGenerator eiGen = new BerSequenceGenerator(sigGen.GetRawOutputStream());
eiGen.AddObject(contentTypeOid);
@@ -917,12 +913,9 @@ namespace Org.BouncyCastle.Cms
_sGen.Close();
}
- private static void WriteToGenerator(
- Asn1Generator ag,
- Asn1Encodable ae)
+ private static void WriteToGenerator(Asn1Generator ag, Asn1Encodable ae)
{
- byte[] encoded = ae.GetEncoded();
- ag.GetRawOutputStream().Write(encoded, 0, encoded.Length);
+ ae.EncodeTo(ag.GetRawOutputStream());
}
}
}
diff --git a/crypto/src/cms/CMSSignedGenerator.cs b/crypto/src/cms/CMSSignedGenerator.cs
index 95d5ba65b..c1d4e0a46 100644
--- a/crypto/src/cms/CMSSignedGenerator.cs
+++ b/crypto/src/cms/CMSSignedGenerator.cs
@@ -1,6 +1,6 @@
using System;
using System.Collections;
-using System.IO;
+using System.Collections.Generic;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.BC;
@@ -16,13 +16,10 @@ using Org.BouncyCastle.Asn1.Rosstandart;
using Org.BouncyCastle.Asn1.TeleTrust;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Asn1.X9;
-using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Cms
{
@@ -514,8 +511,8 @@ namespace Org.BouncyCastle.Cms
public static readonly string EncryptionGost3410 = CryptoProObjectIdentifiers.GostR3410x94.Id;
public static readonly string EncryptionECGost3410 = CryptoProObjectIdentifiers.GostR3410x2001.Id;
- internal IList _certs = Platform.CreateArrayList();
- internal IList _crls = Platform.CreateArrayList();
+ internal List<Asn1Encodable> _certs = new List<Asn1Encodable>();
+ internal List<Asn1Encodable> _crls = new List<Asn1Encodable>();
internal IList _signers = Platform.CreateArrayList();
internal IDictionary _digests = Platform.CreateHashtable();
internal bool _useDerForCerts = false;
@@ -562,40 +559,34 @@ namespace Org.BouncyCastle.Cms
: new DerSet(attr.ToAsn1EncodableVector());
}
- public void AddCertificates(
- IX509Store certStore)
+ public void AddAttributeCertificate(X509V2AttributeCertificate attrCert)
{
- CollectionUtilities.AddRange(_certs, CmsUtilities.GetCertificatesFromStore(certStore));
+ _certs.Add(new DerTaggedObject(false, 2, attrCert.AttributeCertificate));
}
- public void AddCrls(
- IX509Store crlStore)
+ public void AddAttributeCertificates(IStore<X509V2AttributeCertificate> attrCertStore)
{
- CollectionUtilities.AddRange(_crls, CmsUtilities.GetCrlsFromStore(crlStore));
+ _certs.AddRange(CmsUtilities.GetAttributeCertificatesFromStore(attrCertStore));
}
- /**
- * Add the attribute certificates contained in the passed in store to the
- * generator.
- *
- * @param store a store of Version 2 attribute certificates
- * @throws CmsException if an error occurse processing the store.
- */
- public void AddAttributeCertificates(
- IX509Store store)
+ public void AddCertificate(X509Certificate cert)
{
- try
- {
- foreach (IX509AttributeCertificate attrCert in store.GetMatches(null))
- {
- _certs.Add(new DerTaggedObject(false, 2,
- AttributeCertificate.GetInstance(Asn1Object.FromByteArray(attrCert.GetEncoded()))));
- }
- }
- catch (Exception e)
- {
- throw new CmsException("error processing attribute certs", e);
- }
+ _certs.Add(cert.CertificateStructure);
+ }
+
+ public void AddCertificates(IStore<X509Certificate> certStore)
+ {
+ _certs.AddRange(CmsUtilities.GetCertificatesFromStore(certStore));
+ }
+
+ public void AddCrl(X509Crl crl)
+ {
+ _crls.Add(crl.CertificateList);
+ }
+
+ public void AddCrls(IStore<X509Crl> crlStore)
+ {
+ _crls.AddRange(CmsUtilities.GetCrlsFromStore(crlStore));
}
/**
@@ -603,8 +594,7 @@ namespace Org.BouncyCastle.Cms
*
* @param signerStore store of signers
*/
- public void AddSigners(
- SignerInformationStore signerStore)
+ public void AddSigners(SignerInformationStore signerStore)
{
foreach (SignerInformation o in signerStore.GetSigners())
{
diff --git a/crypto/src/cms/CMSSignedHelper.cs b/crypto/src/cms/CMSSignedHelper.cs
index 07a3a92d1..7c7d42ef8 100644
--- a/crypto/src/cms/CMSSignedHelper.cs
+++ b/crypto/src/cms/CMSSignedHelper.cs
@@ -1,5 +1,6 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.CryptoPro;
@@ -16,7 +17,6 @@ using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Cms
{
@@ -219,142 +219,6 @@ namespace Org.BouncyCastle.Cms
return SignerUtilities.GetSigner(algorithm);
}
- internal IX509Store CreateAttributeStore(
- string type,
- Asn1Set certSet)
- {
- IList certs = Platform.CreateArrayList();
-
- if (certSet != null)
- {
- foreach (Asn1Encodable ae in certSet)
- {
- try
- {
- Asn1Object obj = ae.ToAsn1Object();
-
- if (obj is Asn1TaggedObject)
- {
- Asn1TaggedObject tagged = (Asn1TaggedObject)obj;
-
- if (tagged.TagNo == 2)
- {
- certs.Add(
- new X509V2AttributeCertificate(
- Asn1Sequence.GetInstance(tagged, false).GetEncoded()));
- }
- }
- }
- catch (Exception ex)
- {
- throw new CmsException("can't re-encode attribute certificate!", ex);
- }
- }
- }
-
- try
- {
- return X509StoreFactory.Create(
- "AttributeCertificate/" + type,
- new X509CollectionStoreParameters(certs));
- }
- catch (ArgumentException e)
- {
- throw new CmsException("can't setup the X509Store", e);
- }
- }
-
- internal IX509Store CreateCertificateStore(
- string type,
- Asn1Set certSet)
- {
- IList certs = Platform.CreateArrayList();
-
- if (certSet != null)
- {
- AddCertsFromSet(certs, certSet);
- }
-
- try
- {
- return X509StoreFactory.Create(
- "Certificate/" + type,
- new X509CollectionStoreParameters(certs));
- }
- catch (ArgumentException e)
- {
- throw new CmsException("can't setup the X509Store", e);
- }
- }
-
- internal IX509Store CreateCrlStore(
- string type,
- Asn1Set crlSet)
- {
- IList crls = Platform.CreateArrayList();
-
- if (crlSet != null)
- {
- AddCrlsFromSet(crls, crlSet);
- }
-
- try
- {
- return X509StoreFactory.Create(
- "CRL/" + type,
- new X509CollectionStoreParameters(crls));
- }
- catch (ArgumentException e)
- {
- throw new CmsException("can't setup the X509Store", e);
- }
- }
-
- private void AddCertsFromSet(
- IList certs,
- Asn1Set certSet)
- {
- X509CertificateParser cf = new X509CertificateParser();
-
- foreach (Asn1Encodable ae in certSet)
- {
- try
- {
- Asn1Object obj = ae.ToAsn1Object();
-
- if (obj is Asn1Sequence)
- {
- // TODO Build certificate directly from sequence?
- certs.Add(cf.ReadCertificate(obj.GetEncoded()));
- }
- }
- catch (Exception ex)
- {
- throw new CmsException("can't re-encode certificate!", ex);
- }
- }
- }
-
- private void AddCrlsFromSet(
- IList crls,
- Asn1Set crlSet)
- {
- X509CrlParser cf = new X509CrlParser();
-
- foreach (Asn1Encodable ae in crlSet)
- {
- try
- {
- // TODO Build CRL directly from ae.ToAsn1Object()?
- crls.Add(cf.ReadCrl(ae.GetEncoded()));
- }
- catch (Exception ex)
- {
- throw new CmsException("can't re-encode CRL!", ex);
- }
- }
- }
-
internal AlgorithmIdentifier FixAlgID(
AlgorithmIdentifier algId)
{
@@ -434,17 +298,57 @@ namespace Org.BouncyCastle.Cms
return encOID;
}
- public IX509Store GetCertificates(Asn1Set certificates)
+ internal IStore<X509V2AttributeCertificate> GetAttributeCertificates(Asn1Set attrCertSet)
{
- IList certList = Platform.CreateArrayList();
- if (certificates != null)
- {
- foreach (Asn1Encodable enc in certificates)
- {
- certList.Add(X509CertificateStructure.GetInstance(enc));
- }
+ var contents = new List<X509V2AttributeCertificate>();
+ if (attrCertSet != null)
+ {
+ foreach (Asn1Encodable ae in attrCertSet)
+ {
+ if (ae != null && ae.ToAsn1Object() is Asn1TaggedObject t)
+ {
+ if (t.HasContextTag(2))
+ {
+ Asn1Sequence s = Asn1Sequence.GetInstance(t, false);
+
+ contents.Add(new X509V2AttributeCertificate(AttributeCertificate.GetInstance(s)));
+ }
+ }
+ }
}
- return new X509CollectionStore(certList);
+ return CollectionUtilities.CreateStore(contents);
}
- }
+
+ internal IStore<X509Certificate> GetCertificates(Asn1Set certSet)
+ {
+ var contents = new List<X509Certificate>();
+ if (certSet != null)
+ {
+ foreach (Asn1Encodable ae in certSet)
+ {
+ if (ae != null && ae.ToAsn1Object() is Asn1Sequence s)
+ {
+ contents.Add(new X509Certificate(X509CertificateStructure.GetInstance(s)));
+ }
+ }
+ }
+ return CollectionUtilities.CreateStore(contents);
+ }
+
+ internal IStore<X509Crl> GetCrls(Asn1Set crlSet)
+ {
+ var contents = new List<X509Crl>();
+ if (crlSet != null)
+ {
+ foreach (Asn1Encodable ae in crlSet)
+ {
+ if (ae != null && ae.ToAsn1Object() is Asn1Sequence s)
+ {
+ contents.Add(new X509Crl(CertificateList.GetInstance(s)));
+ }
+ }
+ }
+ return CollectionUtilities.CreateStore(contents);
+ }
+ }
}
diff --git a/crypto/src/cms/CMSUtils.cs b/crypto/src/cms/CMSUtils.cs
index 95d710607..e30ac0491 100644
--- a/crypto/src/cms/CMSUtils.cs
+++ b/crypto/src/cms/CMSUtils.cs
@@ -1,15 +1,14 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
+using System.Linq;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cms;
using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Security.Certificates;
-using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.Utilities.IO;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Cms
{
@@ -69,98 +68,72 @@ namespace Org.BouncyCastle.Cms
}
}
- public static byte[] StreamToByteArray(
- Stream inStream)
+ internal static byte[] StreamToByteArray(Stream inStream)
{
return Streams.ReadAll(inStream);
}
- public static byte[] StreamToByteArray(
- Stream inStream,
- int limit)
+ internal static byte[] StreamToByteArray(Stream inStream, int limit)
{
return Streams.ReadAllLimited(inStream, limit);
}
- public static IList GetCertificatesFromStore(
- IX509Store certStore)
+ internal static List<Asn1TaggedObject> GetAttributeCertificatesFromStore(
+ IStore<X509V2AttributeCertificate> attrCertStore)
{
- try
- {
- IList certs = Platform.CreateArrayList();
-
- if (certStore != null)
- {
- foreach (X509Certificate c in certStore.GetMatches(null))
- {
- certs.Add(
- X509CertificateStructure.GetInstance(
- Asn1Object.FromByteArray(c.GetEncoded())));
- }
- }
+ var result = new List<Asn1TaggedObject>();
+ if (attrCertStore != null)
+ {
+ result.AddRange(
+ attrCertStore.EnumerateMatches(null)
+ .Select(c => new DerTaggedObject(false, 2, c.AttributeCertificate)));
+ }
+ return result;
+ }
- return certs;
- }
- catch (CertificateEncodingException e)
- {
- throw new CmsException("error encoding certs", e);
- }
- catch (Exception e)
- {
- throw new CmsException("error processing certs", e);
+ internal static List<X509CertificateStructure> GetCertificatesFromStore(IStore<X509Certificate> certStore)
+ {
+ var result = new List<X509CertificateStructure>();
+ if (certStore != null)
+ {
+ result.AddRange(
+ certStore.EnumerateMatches(null)
+ .Select(c => c.CertificateStructure));
}
+ return result;
}
- public static IList GetCrlsFromStore(
- IX509Store crlStore)
+ internal static List<CertificateList> GetCrlsFromStore(IStore<X509Crl> crlStore)
{
- try
- {
- IList crls = Platform.CreateArrayList();
-
- if (crlStore != null)
- {
- foreach (X509Crl c in crlStore.GetMatches(null))
- {
- crls.Add(
- CertificateList.GetInstance(
- Asn1Object.FromByteArray(c.GetEncoded())));
- }
- }
-
- return crls;
- }
- catch (CrlException e)
- {
- throw new CmsException("error encoding crls", e);
- }
- catch (Exception e)
+ var result = new List<CertificateList>();
+ if (crlStore != null)
{
- throw new CmsException("error processing crls", e);
+ result.AddRange(
+ crlStore.EnumerateMatches(null)
+ .Select(c => c.CertificateList));
}
+ return result;
}
- public static Asn1Set CreateBerSetFromList(
- IList berObjects)
+ internal static Asn1Set CreateBerSetFromList(IEnumerable<Asn1Encodable> elements)
{
Asn1EncodableVector v = new Asn1EncodableVector();
- foreach (Asn1Encodable ae in berObjects)
+ foreach (Asn1Encodable element in elements)
{
- v.Add(ae);
+ v.Add(element);
}
return new BerSet(v);
}
- public static Asn1Set CreateDerSetFromList(
- IList derObjects)
+ internal static Asn1Set CreateDerSetFromList(IEnumerable<Asn1Encodable> elements)
{
Asn1EncodableVector v = new Asn1EncodableVector();
- foreach (Asn1Encodable ae in derObjects)
+ foreach (Asn1Encodable element in elements)
{
- v.Add(ae);
+ v.Add(element);
}
return new DerSet(v);
diff --git a/crypto/src/cms/OriginatorInfoGenerator.cs b/crypto/src/cms/OriginatorInfoGenerator.cs
index 6bf108799..d7d24dcc4 100644
--- a/crypto/src/cms/OriginatorInfoGenerator.cs
+++ b/crypto/src/cms/OriginatorInfoGenerator.cs
@@ -1,37 +1,37 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cms;
-using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Cms
{
public class OriginatorInfoGenerator
{
- private readonly IList origCerts;
- private readonly IList origCrls;
+ private readonly List<X509CertificateStructure> origCerts;
+ private readonly List<CertificateList> origCrls;
public OriginatorInfoGenerator(X509Certificate origCert)
{
- this.origCerts = Platform.CreateArrayList(1);
+ this.origCerts = new List<X509CertificateStructure>();
this.origCrls = null;
origCerts.Add(origCert.CertificateStructure);
}
- public OriginatorInfoGenerator(IX509Store origCerts)
+ public OriginatorInfoGenerator(IStore<X509Certificate> origCerts)
: this(origCerts, null)
{
}
- public OriginatorInfoGenerator(IX509Store origCerts, IX509Store origCrls)
+ public OriginatorInfoGenerator(IStore<X509Certificate> origCerts, IStore<X509Crl> origCrls)
{
this.origCerts = CmsUtilities.GetCertificatesFromStore(origCerts);
this.origCrls = origCrls == null ? null : CmsUtilities.GetCrlsFromStore(origCrls);
}
-
+
public virtual OriginatorInfo Generate()
{
Asn1Set certSet = CmsUtilities.CreateDerSetFromList(origCerts);
diff --git a/crypto/src/cms/OriginatorInformation.cs b/crypto/src/cms/OriginatorInformation.cs
index 618add6e0..7186fafc3 100644
--- a/crypto/src/cms/OriginatorInformation.cs
+++ b/crypto/src/cms/OriginatorInformation.cs
@@ -1,12 +1,8 @@
using System;
-using System.Collections;
-using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cms;
-using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Cms
{
@@ -24,31 +20,9 @@ namespace Org.BouncyCastle.Cms
*
* @return a Store of X509CertificateHolder objects.
*/
- public virtual IX509Store GetCertificates()
+ public virtual IStore<X509Certificate> GetCertificates()
{
- Asn1Set certSet = originatorInfo.Certificates;
-
- if (certSet != null)
- {
- IList certList = Platform.CreateArrayList(certSet.Count);
-
- foreach (Asn1Encodable enc in certSet)
- {
- Asn1Object obj = enc.ToAsn1Object();
- if (obj is Asn1Sequence)
- {
- certList.Add(new X509Certificate(X509CertificateStructure.GetInstance(obj)));
- }
- }
-
- return X509StoreFactory.Create(
- "Certificate/Collection",
- new X509CollectionStoreParameters(certList));
- }
-
- return X509StoreFactory.Create(
- "Certificate/Collection",
- new X509CollectionStoreParameters(Platform.CreateArrayList()));
+ return CmsSignedHelper.Instance.GetCertificates(originatorInfo.Certificates);
}
/**
@@ -56,31 +30,9 @@ namespace Org.BouncyCastle.Cms
*
* @return a Store of X509CRLHolder objects.
*/
- public virtual IX509Store GetCrls()
+ public virtual IStore<X509Crl> GetCrls()
{
- Asn1Set crlSet = originatorInfo.Certificates;
-
- if (crlSet != null)
- {
- IList crlList = Platform.CreateArrayList(crlSet.Count);
-
- foreach (Asn1Encodable enc in crlSet)
- {
- Asn1Object obj = enc.ToAsn1Object();
- if (obj is Asn1Sequence)
- {
- crlList.Add(new X509Crl(CertificateList.GetInstance(obj)));
- }
- }
-
- return X509StoreFactory.Create(
- "CRL/Collection",
- new X509CollectionStoreParameters(crlList));
- }
-
- return X509StoreFactory.Create(
- "CRL/Collection",
- new X509CollectionStoreParameters(Platform.CreateArrayList()));
+ return CmsSignedHelper.Instance.GetCrls(originatorInfo.Crls);
}
/**
diff --git a/crypto/src/ocsp/BasicOCSPResp.cs b/crypto/src/ocsp/BasicOCSPResp.cs
index 2f6d68b48..6c8ad9eee 100644
--- a/crypto/src/ocsp/BasicOCSPResp.cs
+++ b/crypto/src/ocsp/BasicOCSPResp.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Asn1;
@@ -7,10 +7,8 @@ using Org.BouncyCastle.Asn1.Ocsp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Security;
-using Org.BouncyCastle.Security.Certificates;
-using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Ocsp
{
@@ -108,61 +106,37 @@ namespace Org.BouncyCastle.Ocsp
return resp.GetSignatureOctets();
}
- private IList GetCertList()
+ private List<X509Certificate> GetCertList()
{
- // load the certificates and revocation lists if we have any
+ // load the certificates if we have any
- IList certs = Platform.CreateArrayList();
- Asn1Sequence s = resp.Certs;
+ var result = new List<X509Certificate>();
- if (s != null)
+ Asn1Sequence certs = resp.Certs;
+ if (certs != null)
{
- foreach (Asn1Encodable ae in s)
+ foreach (Asn1Encodable ae in certs)
{
- try
+ if (ae != null && ae.ToAsn1Object() is Asn1Sequence s)
{
- certs.Add(new X509CertificateParser().ReadCertificate(ae.GetEncoded()));
- }
- catch (IOException ex)
- {
- throw new OcspException("can't re-encode certificate!", ex);
- }
- catch (CertificateException ex)
- {
- throw new OcspException("can't re-encode certificate!", ex);
+ result.Add(new X509Certificate(X509CertificateStructure.GetInstance(s)));
}
}
}
- return certs;
+ return result;
}
public X509Certificate[] GetCerts()
{
- IList certs = GetCertList();
- X509Certificate[] result = new X509Certificate[certs.Count];
- for (int i = 0; i < certs.Count; ++i)
- {
- result[i] = (X509Certificate)certs[i];
- }
- return result;
+ return GetCertList().ToArray();
}
/// <returns>The certificates, if any, associated with the response.</returns>
/// <exception cref="OcspException">In the event of an encoding error.</exception>
- public IX509Store GetCertificates(
- string type)
+ public IStore<X509Certificate> GetCertificates()
{
- try
- {
- return X509StoreFactory.Create(
- "Certificate/" + type,
- new X509CollectionStoreParameters(this.GetCertList()));
- }
- catch (Exception e)
- {
- throw new OcspException("can't setup the CertStore", e);
- }
+ return CollectionUtilities.CreateStore(this.GetCertList());
}
/// <summary>
diff --git a/crypto/src/ocsp/OCSPReq.cs b/crypto/src/ocsp/OCSPReq.cs
index 5408f068f..b1718c0c0 100644
--- a/crypto/src/ocsp/OCSPReq.cs
+++ b/crypto/src/ocsp/OCSPReq.cs
@@ -1,5 +1,6 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Asn1;
@@ -7,10 +8,8 @@ using Org.BouncyCastle.Asn1.Ocsp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Security;
-using Org.BouncyCastle.Security.Certificates;
-using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Ocsp
{
@@ -156,29 +155,25 @@ namespace Org.BouncyCastle.Ocsp
return req.OptionalSignature.GetSignatureOctets();
}
- private IList GetCertList()
+ private List<X509Certificate> GetCertList()
{
// load the certificates if we have any
- IList certs = Platform.CreateArrayList();
- Asn1Sequence s = req.OptionalSignature.Certs;
+ var result = new List<X509Certificate>();
- if (s != null)
+ Asn1Sequence certs = req.OptionalSignature.Certs;
+ if (certs != null)
{
- foreach (Asn1Encodable ae in s)
+ foreach (Asn1Encodable ae in certs)
{
- try
- {
- certs.Add(new X509CertificateParser().ReadCertificate(ae.GetEncoded()));
- }
- catch (Exception e)
- {
- throw new OcspException("can't re-encode certificate!", e);
- }
- }
+ if (ae != null && ae.ToAsn1Object() is Asn1Sequence s)
+ {
+ result.Add(new X509Certificate(X509CertificateStructure.GetInstance(s)));
+ }
+ }
}
- return certs;
+ return result;
}
public X509Certificate[] GetCerts()
@@ -186,13 +181,7 @@ namespace Org.BouncyCastle.Ocsp
if (!this.IsSigned)
return null;
- IList certs = this.GetCertList();
- X509Certificate[] result = new X509Certificate[certs.Count];
- for (int i = 0; i < certs.Count; ++i)
- {
- result[i] = (X509Certificate)certs[i];
- }
- return result;
+ return this.GetCertList().ToArray();
}
/**
@@ -202,22 +191,12 @@ namespace Org.BouncyCastle.Ocsp
* @return null if not signed, a CertStore otherwise
* @throws OcspException
*/
- public IX509Store GetCertificates(
- string type)
+ public IStore<X509Certificate> GetCertificates()
{
if (!this.IsSigned)
return null;
- try
- {
- return X509StoreFactory.Create(
- "Certificate/" + type,
- new X509CollectionStoreParameters(this.GetCertList()));
- }
- catch (Exception e)
- {
- throw new OcspException("can't setup the CertStore", e);
- }
+ return CollectionUtilities.CreateStore(this.GetCertList());
}
/**
diff --git a/crypto/src/openssl/MiscPemGenerator.cs b/crypto/src/openssl/MiscPemGenerator.cs
index d875f49c1..3db299569 100644
--- a/crypto/src/openssl/MiscPemGenerator.cs
+++ b/crypto/src/openssl/MiscPemGenerator.cs
@@ -26,10 +26,10 @@ namespace Org.BouncyCastle.OpenSsl
public class MiscPemGenerator
: PemObjectGenerator
{
- private object obj;
- private string algorithm;
- private char[] password;
- private SecureRandom random;
+ private readonly object obj;
+ private readonly string algorithm;
+ private readonly char[] password;
+ private readonly SecureRandom random;
public MiscPemGenerator(object obj)
{
@@ -53,48 +53,47 @@ namespace Org.BouncyCastle.OpenSsl
if (obj == null)
throw new ArgumentNullException("obj");
- if (obj is AsymmetricCipherKeyPair)
+ if (obj is AsymmetricCipherKeyPair keyPair)
{
- return CreatePemObject(((AsymmetricCipherKeyPair)obj).Private);
+ return CreatePemObject(keyPair.Private);
}
string type;
byte[] encoding;
- if (obj is PemObject)
- return (PemObject)obj;
+ if (obj is PemObject pemObject)
+ return pemObject;
- if (obj is PemObjectGenerator)
- return ((PemObjectGenerator)obj).Generate();
+ if (obj is PemObjectGenerator pemObjectGenerator)
+ return pemObjectGenerator.Generate();
- if (obj is X509Certificate)
+ if (obj is X509Certificate certificate)
{
// TODO Should we prefer "X509 CERTIFICATE" here?
type = "CERTIFICATE";
try
{
- encoding = ((X509Certificate)obj).GetEncoded();
+ encoding = certificate.GetEncoded();
}
catch (CertificateEncodingException e)
{
throw new IOException("Cannot Encode object: " + e.ToString());
}
}
- else if (obj is X509Crl)
+ else if (obj is X509Crl crl)
{
type = "X509 CRL";
try
{
- encoding = ((X509Crl)obj).GetEncoded();
+ encoding = crl.GetEncoded();
}
catch (CrlException e)
{
throw new IOException("Cannot Encode object: " + e.ToString());
}
}
- else if (obj is AsymmetricKeyParameter)
+ else if (obj is AsymmetricKeyParameter akp)
{
- AsymmetricKeyParameter akp = (AsymmetricKeyParameter) obj;
if (akp.IsPrivate)
{
encoding = EncodePrivateKey(akp, out type);
@@ -106,20 +105,20 @@ namespace Org.BouncyCastle.OpenSsl
encoding = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(akp).GetDerEncoded();
}
}
- else if (obj is IX509AttributeCertificate)
+ else if (obj is X509V2AttributeCertificate attrCert)
{
type = "ATTRIBUTE CERTIFICATE";
- encoding = ((X509V2AttributeCertificate)obj).GetEncoded();
+ encoding = attrCert.GetEncoded();
}
- else if (obj is Pkcs10CertificationRequest)
+ else if (obj is Pkcs10CertificationRequest certReq)
{
type = "CERTIFICATE REQUEST";
- encoding = ((Pkcs10CertificationRequest)obj).GetEncoded();
+ encoding = certReq.GetEncoded();
}
- else if (obj is Asn1.Cms.ContentInfo)
+ else if (obj is Asn1.Cms.ContentInfo contentInfo)
{
type = "PKCS7";
- encoding = ((Asn1.Cms.ContentInfo)obj).GetEncoded();
+ encoding = contentInfo.GetEncoded();
}
else
{
@@ -158,17 +157,16 @@ namespace Org.BouncyCastle.OpenSsl
if (random == null)
throw new ArgumentNullException("random");
- if (obj is AsymmetricCipherKeyPair)
+ if (obj is AsymmetricCipherKeyPair keyPair)
{
- return CreatePemObject(((AsymmetricCipherKeyPair)obj).Private, algorithm, password, random);
+ return CreatePemObject(keyPair.Private, algorithm, password, random);
}
string type = null;
byte[] keyData = null;
- if (obj is AsymmetricKeyParameter)
+ if (obj is AsymmetricKeyParameter akp)
{
- AsymmetricKeyParameter akp = (AsymmetricKeyParameter) obj;
if (akp.IsPrivate)
{
keyData = EncodePrivateKey(akp, out type);
diff --git a/crypto/src/openssl/PEMReader.cs b/crypto/src/openssl/PEMReader.cs
index 65d3f5ad6..5b4e37035 100644
--- a/crypto/src/openssl/PEMReader.cs
+++ b/crypto/src/openssl/PEMReader.cs
@@ -199,7 +199,7 @@ namespace Org.BouncyCastle.OpenSsl
* @return the X509 Attribute Certificate
* @throws IOException if an I/O error occured
*/
- private IX509AttributeCertificate ReadAttributeCertificate(PemObject pemObject)
+ private X509V2AttributeCertificate ReadAttributeCertificate(PemObject pemObject)
{
return new X509V2AttributeCertificate(pemObject.Content);
}
diff --git a/crypto/src/pkix/PkixAttrCertChecker.cs b/crypto/src/pkix/PkixAttrCertChecker.cs
index a6eab8480..ca49bbd12 100644
--- a/crypto/src/pkix/PkixAttrCertChecker.cs
+++ b/crypto/src/pkix/PkixAttrCertChecker.cs
@@ -44,7 +44,7 @@ namespace Org.BouncyCastle.Pkix
* @throws CertPathValidatorException if the specified attribute certificate
* does not pass the check.
*/
- public abstract void Check(IX509AttributeCertificate attrCert, PkixCertPath certPath,
+ public abstract void Check(X509V2AttributeCertificate attrCert, PkixCertPath certPath,
PkixCertPath holderCertPath, ICollection unresolvedCritExts);
/**
diff --git a/crypto/src/pkix/PkixAttrCertPathBuilder.cs b/crypto/src/pkix/PkixAttrCertPathBuilder.cs
index a45f30bc9..1120003a8 100644
--- a/crypto/src/pkix/PkixAttrCertPathBuilder.cs
+++ b/crypto/src/pkix/PkixAttrCertPathBuilder.cs
@@ -1,5 +1,7 @@
using System;
using System.Collections;
+using System.Collections.Generic
+ ;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Security.Certificates;
@@ -18,13 +20,11 @@ namespace Org.BouncyCastle.Pkix
* @param params PKIXBuilderParameters object containing all information to
* build the CertPath
*/
- public virtual PkixCertPathBuilderResult Build(
- PkixBuilderParameters pkixParams)
+ public virtual PkixCertPathBuilderResult Build(PkixBuilderParameters pkixParams)
{
// search target certificates
- IX509Selector certSelect = pkixParams.GetTargetConstraints();
- if (!(certSelect is X509AttrCertStoreSelector))
+ if (!(pkixParams.GetTargetConstraintsAttrCert() is X509AttrCertStoreSelector attrCertSelector))
{
throw new PkixCertPathBuilderException(
"TargetConstraints must be an instance of "
@@ -33,11 +33,10 @@ namespace Org.BouncyCastle.Pkix
+ typeof(PkixAttrCertPathBuilder).FullName + " class.");
}
- ICollection targets;
+ HashSet<X509V2AttributeCertificate> targets;
try
{
- targets = PkixCertPathValidatorUtilities.FindCertificates(
- (X509AttrCertStoreSelector)certSelect, pkixParams.GetStores());
+ targets = FindAttributeCertificates(attrCertSelector, pkixParams.GetStoresAttrCert());
}
catch (Exception e)
{
@@ -53,18 +52,19 @@ namespace Org.BouncyCastle.Pkix
PkixCertPathBuilderResult result = null;
// check all potential target certificates
- foreach (IX509AttributeCertificate cert in targets)
+ foreach (var target in targets)
{
- X509CertStoreSelector selector = new X509CertStoreSelector();
- X509Name[] principals = cert.Issuer.GetPrincipals();
+ X509CertStoreSelector certSelector = new X509CertStoreSelector();
+ X509Name[] principals = target.Issuer.GetPrincipals();
ISet issuers = new HashSet();
for (int i = 0; i < principals.Length; i++)
{
try
{
- selector.Subject = principals[i];
+ certSelector.Subject = principals[i];
- issuers.AddAll(PkixCertPathValidatorUtilities.FindCertificates(selector, pkixParams.GetStores()));
+ issuers.AddAll(PkixCertPathValidatorUtilities.FindCertificates(certSelector,
+ pkixParams.GetStoresCert()));
}
catch (Exception e)
{
@@ -81,7 +81,7 @@ namespace Org.BouncyCastle.Pkix
foreach (X509Certificate issuer in issuers)
{
- result = Build(cert, issuer, pkixParams, certPathList);
+ result = Build(target, issuer, pkixParams, certPathList);
if (result != null)
break;
@@ -110,7 +110,7 @@ namespace Org.BouncyCastle.Pkix
private Exception certPathException;
private PkixCertPathBuilderResult Build(
- IX509AttributeCertificate attrCert,
+ X509V2AttributeCertificate attrCert,
X509Certificate tbvCert,
PkixBuilderParameters pkixParams,
IList tbvPath)
@@ -211,5 +211,26 @@ namespace Org.BouncyCastle.Pkix
return builderResult;
}
+
+ internal static HashSet<X509V2AttributeCertificate> FindAttributeCertificates(
+ ISelector<X509V2AttributeCertificate> attrCertSelector,
+ IList<IStore<X509V2AttributeCertificate>> attrCertStores)
+ {
+ var attrCerts = new HashSet<X509V2AttributeCertificate>();
+
+ foreach (var attrCertStore in attrCertStores)
+ {
+ try
+ {
+ attrCerts.UnionWith(attrCertStore.EnumerateMatches(attrCertSelector));
+ }
+ catch (Exception e)
+ {
+ throw new Exception("Problem while picking certificates from X.509 store.", e);
+ }
+ }
+
+ return attrCerts;
+ }
}
}
diff --git a/crypto/src/pkix/PkixAttrCertPathValidator.cs b/crypto/src/pkix/PkixAttrCertPathValidator.cs
index 5f53bcde6..0ce3e959d 100644
--- a/crypto/src/pkix/PkixAttrCertPathValidator.cs
+++ b/crypto/src/pkix/PkixAttrCertPathValidator.cs
@@ -37,19 +37,16 @@ namespace Org.BouncyCastle.Pkix
* inappropriate for this validator.
* @throws CertPathValidatorException if the verification fails.
*/
- public virtual PkixCertPathValidatorResult Validate(
- PkixCertPath certPath,
- PkixParameters pkixParams)
+ public virtual PkixCertPathValidatorResult Validate(PkixCertPath certPath, PkixParameters pkixParams)
{
- IX509Selector certSelect = pkixParams.GetTargetConstraints();
- if (!(certSelect is X509AttrCertStoreSelector))
+ if (!(pkixParams.GetTargetConstraintsAttrCert() is X509AttrCertStoreSelector attrCertSelector))
{
throw new ArgumentException(
"TargetConstraints must be an instance of " + typeof(X509AttrCertStoreSelector).FullName,
- "pkixParams");
+ nameof(pkixParams));
}
- IX509AttributeCertificate attrCert = ((X509AttrCertStoreSelector) certSelect).AttributeCert;
+ var attrCert = attrCertSelector.AttributeCert;
PkixCertPath holderCertPath = Rfc3281CertPathUtilities.ProcessAttrCert1(attrCert, pkixParams);
PkixCertPathValidatorResult result = Rfc3281CertPathUtilities.ProcessAttrCert2(certPath, pkixParams);
X509Certificate issuerCert = (X509Certificate)certPath.Certificates[0];
diff --git a/crypto/src/pkix/PkixBuilderParameters.cs b/crypto/src/pkix/PkixBuilderParameters.cs
index 9b8fb3dc3..1dcccb2f8 100644
--- a/crypto/src/pkix/PkixBuilderParameters.cs
+++ b/crypto/src/pkix/PkixBuilderParameters.cs
@@ -2,7 +2,7 @@ using System;
using System.Text;
using Org.BouncyCastle.Security;
-using Org.BouncyCastle.X509.Store;
+using Org.BouncyCastle.X509;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.Collections;
@@ -34,17 +34,23 @@ namespace Org.BouncyCastle.Pkix
{
PkixBuilderParameters parameters = new PkixBuilderParameters(
pkixParams.GetTrustAnchors(),
- new X509CertStoreSelector(pkixParams.GetTargetCertConstraints()));
+ pkixParams.GetTargetConstraintsCert(),
+ pkixParams.GetTargetConstraintsAttrCert());
parameters.SetParams(pkixParams);
return parameters;
}
- public PkixBuilderParameters(
- ISet trustAnchors,
- IX509Selector targetConstraints)
+ public PkixBuilderParameters(ISet trustAnchors, ISelector<X509Certificate> targetConstraintsCert)
+ : this(trustAnchors, targetConstraintsCert, null)
+ {
+ }
+
+ public PkixBuilderParameters(ISet trustAnchors, ISelector<X509Certificate> targetConstraintsCert,
+ ISelector<X509V2AttributeCertificate> targetConstraintsAttrCert)
: base(trustAnchors)
{
- SetTargetCertConstraints(targetConstraints);
+ SetTargetConstraintsCert(targetConstraintsCert);
+ SetTargetConstraintsAttrCert(targetConstraintsAttrCert);
}
public virtual int MaxPathLength
@@ -120,7 +126,9 @@ namespace Org.BouncyCastle.Pkix
public override object Clone()
{
PkixBuilderParameters parameters = new PkixBuilderParameters(
- GetTrustAnchors(), GetTargetCertConstraints());
+ GetTrustAnchors(),
+ GetTargetConstraintsCert(),
+ GetTargetConstraintsAttrCert());
parameters.SetParams(this);
return parameters;
}
diff --git a/crypto/src/pkix/PkixCertPath.cs b/crypto/src/pkix/PkixCertPath.cs
index 459c1612f..213b12eb4 100644
--- a/crypto/src/pkix/PkixCertPath.cs
+++ b/crypto/src/pkix/PkixCertPath.cs
@@ -94,11 +94,7 @@ namespace Org.BouncyCastle.Pkix
private readonly IList certificates;
- /**
- * @param certs
- */
- private static IList SortCerts(
- IList certs)
+ private static IList SortCerts(IList certs)
{
if (certs.Count < 2)
return certs;
diff --git a/crypto/src/pkix/PkixCertPathBuilder.cs b/crypto/src/pkix/PkixCertPathBuilder.cs
index 1bc7b8c9e..3ef66b1b9 100644
--- a/crypto/src/pkix/PkixCertPathBuilder.cs
+++ b/crypto/src/pkix/PkixCertPathBuilder.cs
@@ -36,20 +36,13 @@ namespace Org.BouncyCastle.Pkix
{
// search target certificates
- IX509Selector certSelect = pkixParams.GetTargetCertConstraints();
- if (!(certSelect is X509CertStoreSelector))
- {
- throw new PkixCertPathBuilderException(
- "TargetConstraints must be an instance of "
- + typeof(X509CertStoreSelector).FullName + " for "
- + Platform.GetTypeName(this) + " class.");
- }
+ var certSelector = pkixParams.GetTargetConstraintsCert();
ISet targets = new HashSet();
try
{
- targets.AddAll(PkixCertPathValidatorUtilities.FindCertificates((X509CertStoreSelector)certSelect, pkixParams.GetStores()));
- // TODO Should this include an entry for pkixParams.GetAdditionalStores() too?
+ targets.AddAll(
+ PkixCertPathValidatorUtilities.FindCertificates(certSelector, pkixParams.GetStoresCert()));
}
catch (Exception e)
{
@@ -122,23 +115,20 @@ namespace Org.BouncyCastle.Pkix
{
// exception message from possibly later tried certification
// chains
- PkixCertPath certPath = null;
+ PkixCertPath certPath;
try
{
certPath = new PkixCertPath(tbvPath);
}
catch (Exception e)
{
- throw new Exception(
- "Certification path could not be constructed from certificate list.",
- e);
+ throw new Exception("Certification path could not be constructed from certificate list.", e);
}
- PkixCertPathValidatorResult result = null;
+ PkixCertPathValidatorResult result;
try
{
- result = (PkixCertPathValidatorResult)validator.Validate(
- certPath, pkixParams);
+ result = validator.Validate(certPath, pkixParams);
}
catch (Exception e)
{
diff --git a/crypto/src/pkix/PkixCertPathValidator.cs b/crypto/src/pkix/PkixCertPathValidator.cs
index a45102894..95939e0bd 100644
--- a/crypto/src/pkix/PkixCertPathValidator.cs
+++ b/crypto/src/pkix/PkixCertPathValidator.cs
@@ -1,13 +1,13 @@
using System;
using System.Collections;
-using Org.BouncyCastle.Asn1;
+using System.Collections.Generic;
+
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Security.Certificates;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Pkix
{
@@ -96,7 +96,6 @@ namespace Org.BouncyCastle.Pkix
//
// (e), (f), (g) are part of the paramsPkix object.
//
- IEnumerator certIter;
int index = 0;
int i;
// Certificate for each interation of the validation loop
@@ -108,18 +107,18 @@ namespace Org.BouncyCastle.Pkix
//
// (a)
//
- IList[] policyNodes = new IList[n + 1];
+ var policyNodes = new List<PkixPolicyNode>[n + 1];
for (int j = 0; j < policyNodes.Length; j++)
{
- policyNodes[j] = Platform.CreateArrayList();
+ policyNodes[j] = new List<PkixPolicyNode>();
}
ISet policySet = new HashSet();
policySet.Add(Rfc3280CertPathUtilities.ANY_POLICY);
- PkixPolicyNode validPolicyTree = new PkixPolicyNode(Platform.CreateArrayList(), 0, policySet, null, new HashSet(),
- Rfc3280CertPathUtilities.ANY_POLICY, false);
+ var validPolicyTree = new PkixPolicyNode(new List<PkixPolicyNode>(), 0, policySet, null, new HashSet(),
+ Rfc3280CertPathUtilities.ANY_POLICY, false);
policyNodes[0].Add(validPolicyTree);
@@ -218,8 +217,8 @@ namespace Org.BouncyCastle.Pkix
// 6.1.3
//
- X509CertStoreSelector certConstraints = paramsPkix.GetTargetCertConstraints();
- if (certConstraints != null && !certConstraints.Match((X509Certificate)certs[0]))
+ var targetConstraints = paramsPkix.GetTargetConstraintsCert();
+ if (targetConstraints != null && !targetConstraints.Match((X509Certificate)certs[0]))
{
throw new PkixCertPathValidatorException(
"Target certificate in certification path does not match targetConstraints.", null, 0);
@@ -228,12 +227,10 @@ namespace Org.BouncyCastle.Pkix
//
// initialize CertPathChecker's
//
- IList pathCheckers = paramsPkix.GetCertPathCheckers();
- certIter = pathCheckers.GetEnumerator();
-
- while (certIter.MoveNext())
+ IList certPathCheckers = paramsPkix.GetCertPathCheckers();
+ foreach (PkixCertPathChecker certPathChecker in certPathCheckers)
{
- ((PkixCertPathChecker)certIter.Current).Init(false);
+ certPathChecker.Init(false);
}
X509Certificate cert = null;
@@ -353,7 +350,7 @@ namespace Org.BouncyCastle.Pkix
}
// (o)
- Rfc3280CertPathUtilities.PrepareNextCertO(certPath, index, criticalExtensions1, pathCheckers);
+ Rfc3280CertPathUtilities.PrepareNextCertO(certPath, index, criticalExtensions1, certPathCheckers);
// set signing certificate for next round
sign = cert;
@@ -419,7 +416,7 @@ namespace Org.BouncyCastle.Pkix
criticalExtensions = new HashSet();
}
- Rfc3280CertPathUtilities.WrapupCertF(certPath, index + 1, pathCheckers, criticalExtensions);
+ Rfc3280CertPathUtilities.WrapupCertF(certPath, index + 1, certPathCheckers, criticalExtensions);
PkixPolicyNode intersection = Rfc3280CertPathUtilities.WrapupCertG(certPath, paramsPkix, userInitialPolicySet,
index + 1, policyNodes, validPolicyTree, acceptablePolicies);
diff --git a/crypto/src/pkix/PkixCertPathValidatorUtilities.cs b/crypto/src/pkix/PkixCertPathValidatorUtilities.cs
index 86f9f4beb..731f8dfe0 100644
--- a/crypto/src/pkix/PkixCertPathValidatorUtilities.cs
+++ b/crypto/src/pkix/PkixCertPathValidatorUtilities.cs
@@ -1,7 +1,7 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using System.IO;
-using System.Text;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.IsisMtt;
@@ -22,7 +22,7 @@ namespace Org.BouncyCastle.Pkix
/// <summary>
/// Summary description for PkixCertPathValidatorUtilities.
/// </summary>
- public class PkixCertPathValidatorUtilities
+ internal static class PkixCertPathValidatorUtilities
{
private static readonly PkixCrlUtilities CrlUtilities = new PkixCrlUtilities();
@@ -36,20 +36,20 @@ namespace Org.BouncyCastle.Pkix
internal static readonly int KEY_CERT_SIGN = 5;
internal static readonly int CRL_SIGN = 6;
- internal static readonly string[] crlReasons = new string[]
- {
- "unspecified",
- "keyCompromise",
- "cACompromise",
- "affiliationChanged",
- "superseded",
- "cessationOfOperation",
- "certificateHold",
- "unknown",
- "removeFromCRL",
- "privilegeWithdrawn",
- "aACompromise"
- };
+ //internal static readonly string[] crlReasons = new string[]
+ //{
+ // "unspecified",
+ // "keyCompromise",
+ // "cACompromise",
+ // "affiliationChanged",
+ // "superseded",
+ // "cessationOfOperation",
+ // "certificateHold",
+ // "unknown",
+ // "removeFromCRL",
+ // "privilegeWithdrawn",
+ // "aACompromise"
+ //};
/// <summary>
/// Search the given Set of TrustAnchor's for one that is the
@@ -175,7 +175,7 @@ namespace Org.BouncyCastle.Pkix
{
// found
string temp = (string)list[1];
- PkixCertPathValidatorUtilities.AddAdditionalStoreFromLocation(temp, pkixParams);
+ AddAdditionalStoreFromLocation(temp, pkixParams);
}
}
}
@@ -194,19 +194,25 @@ namespace Org.BouncyCastle.Pkix
/// <summary>
/// Returns the issuer of an attribute certificate or certificate.
/// </summary>
- /// <param name="cert">The attribute certificate or certificate.</param>
+ /// <param name="obj">The attribute certificate or certificate.</param>
/// <returns>The issuer as <code>X500Principal</code>.</returns>
- internal static X509Name GetIssuerPrincipal(
- object cert)
+ internal static X509Name GetIssuerPrincipal(object obj)
{
- if (cert is X509Certificate)
- {
- return ((X509Certificate)cert).IssuerDN;
- }
- else
- {
- return ((IX509AttributeCertificate)cert).Issuer.GetPrincipals()[0];
- }
+ if (obj is X509Certificate cert)
+ return cert.IssuerDN;
+ if (obj is X509V2AttributeCertificate attrCert)
+ return attrCert.Issuer.GetPrincipals()[0];
+ throw new InvalidOperationException();
+ }
+
+ internal static X509Name GetIssuerPrincipal(X509V2AttributeCertificate attrCert)
+ {
+ return attrCert.Issuer.GetPrincipals()[0];
+ }
+
+ internal static X509Name GetIssuerPrincipal(X509Certificate cert)
+ {
+ return cert.IssuerDN;
}
internal static bool IsSelfIssued(
@@ -309,16 +315,14 @@ namespace Org.BouncyCastle.Pkix
ISet pq = new HashSet();
if (qualifiers == null)
- {
return pq;
- }
foreach (Asn1Encodable ae in qualifiers)
{
try
{
-// pq.Add(PolicyQualifierInfo.GetInstance(Asn1Object.FromByteArray(ae.GetEncoded())));
- pq.Add(PolicyQualifierInfo.GetInstance(ae.ToAsn1Object()));
+ pq.Add(PolicyQualifierInfo.GetInstance(Asn1Object.FromByteArray(ae.GetEncoded())));
+ //pq.Add(PolicyQualifierInfo.GetInstance(ae.ToAsn1Object()));
}
catch (IOException ex)
{
@@ -329,12 +333,10 @@ namespace Org.BouncyCastle.Pkix
return pq;
}
- internal static PkixPolicyNode RemovePolicyNode(
- PkixPolicyNode validPolicyTree,
- IList[] policyNodes,
- PkixPolicyNode _node)
+ internal static PkixPolicyNode RemovePolicyNode(PkixPolicyNode validPolicyTree,
+ IList<PkixPolicyNode>[] policyNodes, PkixPolicyNode _node)
{
- PkixPolicyNode _parent = (PkixPolicyNode)_node.Parent;
+ PkixPolicyNode _parent = _node.Parent;
if (validPolicyTree == null)
{
@@ -345,7 +347,7 @@ namespace Org.BouncyCastle.Pkix
{
for (int j = 0; j < policyNodes.Length; j++)
{
- policyNodes[j] = Platform.CreateArrayList();
+ policyNodes[j] = new List<PkixPolicyNode>();
}
return null;
@@ -359,7 +361,7 @@ namespace Org.BouncyCastle.Pkix
}
}
- private static void RemovePolicyNodeRecurse(IList[] policyNodes, PkixPolicyNode _node)
+ private static void RemovePolicyNodeRecurse(IList<PkixPolicyNode>[] policyNodes, PkixPolicyNode _node)
{
policyNodes[_node.Depth].Remove(_node);
@@ -446,12 +448,10 @@ namespace Org.BouncyCastle.Pkix
ci = critExtOids.Contains(X509Extensions.CertificatePolicies.Id);
}
- PkixPolicyNode p_node = (PkixPolicyNode)node.Parent;
+ PkixPolicyNode p_node = node.Parent;
if (ANY_POLICY.Equals(p_node.ValidPolicy))
{
- PkixPolicyNode c_node = new PkixPolicyNode(
- Platform.CreateArrayList(), i,
- (ISet)m_idp[id_p],
+ PkixPolicyNode c_node = new PkixPolicyNode(new List<PkixPolicyNode>(), i, (ISet)m_idp[id_p],
p_node, pq, id_p, ci);
p_node.AddChild(c_node);
policyNodes[i].Add(c_node);
@@ -462,45 +462,39 @@ namespace Org.BouncyCastle.Pkix
}
}
- internal static PkixPolicyNode PrepareNextCertB2(
- int i,
- IList[] policyNodes,
- string id_p,
- PkixPolicyNode validPolicyTree)
+ internal static PkixPolicyNode PrepareNextCertB2(int i, IList<PkixPolicyNode>[] policyNodes, string id_p,
+ PkixPolicyNode validPolicyTree)
{
int pos = 0;
// Copy to avoid RemoveAt calls interfering with enumeration
- foreach (PkixPolicyNode node in Platform.CreateArrayList(policyNodes[i]))
+ foreach (var node in new List<PkixPolicyNode>(policyNodes[i]))
{
- if (node.ValidPolicy.Equals(id_p))
- {
- PkixPolicyNode p_node = (PkixPolicyNode)node.Parent;
- p_node.RemoveChild(node);
+ if (!node.ValidPolicy.Equals(id_p))
+ {
+ ++pos;
+ continue;
+ }
+
+ node.Parent.RemoveChild(node);
- // Removal of element at current iterator position not supported in C#
- //nodes_i.remove();
- policyNodes[i].RemoveAt(pos);
+ policyNodes[i].RemoveAt(pos);
- for (int k = (i - 1); k >= 0; k--)
+ for (int k = i - 1; k >= 0; k--)
+ {
+ var nodes = policyNodes[k];
+
+ for (int l = 0; l < nodes.Count; l++)
{
- IList nodes = policyNodes[k];
- for (int l = 0; l < nodes.Count; l++)
+ var node2 = nodes[l];
+ if (!node2.HasChildren)
{
- PkixPolicyNode node2 = (PkixPolicyNode)nodes[l];
- if (!node2.HasChildren)
- {
- validPolicyTree = RemovePolicyNode(validPolicyTree, policyNodes, node2);
- if (validPolicyTree == null)
- break;
- }
+ validPolicyTree = RemovePolicyNode(validPolicyTree, policyNodes, node2);
+ if (validPolicyTree == null)
+ break;
}
}
}
- else
- {
- ++pos;
- }
}
return validPolicyTree;
}
@@ -511,7 +505,7 @@ namespace Org.BouncyCastle.Pkix
object cert,
CertStatus certStatus)
{
- X509Crl bcCRL = null;
+ X509Crl bcCRL;
try
{
@@ -519,7 +513,7 @@ namespace Org.BouncyCastle.Pkix
}
catch (Exception exception)
{
- throw new Exception("Bouncy Castle X509Crl could not be created.", exception);
+ throw new Exception("X509Crl could not be created.", exception);
}
X509CrlEntry crl_entry = (X509CrlEntry)bcCRL.GetRevokedCertificate(GetSerialNumber(cert));
@@ -656,7 +650,7 @@ namespace Org.BouncyCastle.Pkix
// if end cert use given signing/encryption/... time
if (index <= 0)
{
- return PkixCertPathValidatorUtilities.GetValidDate(paramsPkix);
+ return GetValidDate(paramsPkix);
// else use time when previous cert was created
}
@@ -694,40 +688,22 @@ namespace Org.BouncyCastle.Pkix
}
/// <summary>
- /// Return a Collection of all certificates or attribute certificates found
- /// in the X509Store's that are matching the certSelect criteriums.
+ /// Return a Collection of all certificates found
+ /// in the stores that are matching the certSelector criteria.
/// </summary>
- /// <param name="certSelect">a {@link Selector} object that will be used to select
- /// the certificates</param>
- /// <param name="certStores">a List containing only X509Store objects. These
+ /// <param name="certSelector">an <see cref="ISelector{T}"/> object that will be used to select
+ /// the certificates.</param>
+ /// <param name="certStores">a List containing only IStore objects. These
/// are used to search for certificates.</param>
- /// <returns>a Collection of all found <see cref="X509Certificate"/> or
- /// <see cref="Org.BouncyCastle.X509.IX509AttributeCertificate"/> objects.
+ /// <returns>a Collection of all found <see cref="X509Certificate"/> objects.
/// May be empty but never <code>null</code>.</returns>
/// <exception cref="Exception"></exception>
- internal static ICollection FindCertificates(
- X509CertStoreSelector certSelect,
- IList certStores)
+ internal static List<X509Certificate> FindCertificates(ISelector<X509Certificate> certSelector,
+ IList<IStore<X509Certificate>> certStores)
{
- ISet certs = new HashSet();
-
- foreach (IX509Store certStore in certStores)
- {
- try
- {
-// certs.AddAll(certStore.GetMatches(certSelect));
- foreach (X509Certificate c in certStore.GetMatches(certSelect))
- {
- certs.Add(c);
- }
- }
- catch (Exception e)
- {
- throw new Exception("Problem while picking certificates from X.509 store.", e);
- }
- }
-
- return certs;
+ var result = new List<X509Certificate>();
+ CollectionUtilities.CollectMatches(result, certSelector, certStores);
+ return result;
}
/**
@@ -859,60 +835,41 @@ namespace Org.BouncyCastle.Pkix
* @throws Exception if an exception occurs while picking the CRLs
* or no CRLs are found.
*/
- internal static ISet GetCompleteCrls(
- DistributionPoint dp,
- object cert,
- DateTime currentDate,
- PkixParameters paramsPKIX)
+ internal static ISet<X509Crl> GetCompleteCrls(DistributionPoint dp, object certObj, DateTime currentDate,
+ PkixParameters paramsPKIX)
{
+ var certObjIssuer = GetIssuerPrincipal(certObj);
+
X509CrlStoreSelector crlselect = new X509CrlStoreSelector();
try
{
ISet issuers = new HashSet();
- if (cert is X509V2AttributeCertificate)
- {
- issuers.Add(((X509V2AttributeCertificate)cert)
- .Issuer.GetPrincipals()[0]);
- }
- else
- {
- issuers.Add(GetIssuerPrincipal(cert));
- }
- PkixCertPathValidatorUtilities.GetCrlIssuersFromDistributionPoint(dp, issuers, crlselect, paramsPKIX);
+ issuers.Add(certObjIssuer);
+
+ GetCrlIssuersFromDistributionPoint(dp, issuers, crlselect, paramsPKIX);
}
catch (Exception e)
{
throw new Exception("Could not get issuer information from distribution point.", e);
}
- if (cert is X509Certificate)
- {
- crlselect.CertificateChecking = (X509Certificate)cert;
- }
- else if (cert is X509V2AttributeCertificate)
- {
- crlselect.AttrCertChecking = (IX509AttributeCertificate)cert;
- }
-
- crlselect.CompleteCrlEnabled = true;
- ISet crls = CrlUtilities.FindCrls(crlselect, paramsPKIX, currentDate);
-
- if (crls.IsEmpty)
- {
- if (cert is IX509AttributeCertificate)
+ {
+ if (certObj is X509Certificate cert)
{
- IX509AttributeCertificate aCert = (IX509AttributeCertificate)cert;
-
- throw new Exception("No CRLs found for issuer \"" + aCert.Issuer.GetPrincipals()[0] + "\"");
+ crlselect.CertificateChecking = cert;
}
- else
+ else if (certObj is X509V2AttributeCertificate attrCert)
{
- X509Certificate xCert = (X509Certificate)cert;
-
- throw new Exception("No CRLs found for issuer \"" + xCert.IssuerDN + "\"");
+ crlselect.AttrCertChecking = attrCert;
}
}
+ crlselect.CompleteCrlEnabled = true;
+
+ ISet<X509Crl> crls = CrlUtilities.FindCrls(crlselect, paramsPKIX, currentDate);
+ if (crls.Count < 1)
+ throw new Exception("No CRLs found for issuer \"" + certObjIssuer + "\"");
+
return crls;
}
@@ -926,7 +883,7 @@ namespace Org.BouncyCastle.Pkix
* @throws Exception if an exception occurs while picking the delta
* CRLs.
*/
- internal static ISet GetDeltaCrls(
+ internal static ISet<X509Crl> GetDeltaCrls(
DateTime currentDate,
PkixParameters paramsPKIX,
X509Crl completeCRL)
@@ -991,9 +948,9 @@ namespace Org.BouncyCastle.Pkix
deltaSelect.MaxBaseCrlNumber = completeCRLNumber;
// find delta CRLs
- ISet temp = CrlUtilities.FindCrls(deltaSelect, paramsPKIX, currentDate);
+ ISet<X509Crl> temp = CrlUtilities.FindCrls(deltaSelect, paramsPKIX, currentDate);
- ISet result = new HashSet();
+ var result = new HashSet<X509Crl>();
foreach (X509Crl crl in temp)
{
@@ -1014,32 +971,6 @@ namespace Org.BouncyCastle.Pkix
return critical.Contains(X509Extensions.DeltaCrlIndicator.Id);
}
- internal static ICollection FindCertificates(
- X509AttrCertStoreSelector certSelect,
- IList certStores)
- {
- ISet certs = new HashSet();
-
- foreach (IX509Store certStore in certStores)
- {
- try
- {
-// certs.AddAll(certStore.GetMatches(certSelect));
- foreach (X509V2AttributeCertificate ac in certStore.GetMatches(certSelect))
- {
- certs.Add(ac);
- }
- }
- catch (Exception e)
- {
- throw new Exception(
- "Problem while picking certificates from X.509 store.", e);
- }
- }
-
- return certs;
- }
-
internal static void AddAdditionalStoresFromCrlDistributionPoint(
CrlDistPoint crldp,
PkixParameters pkixParams)
@@ -1071,10 +1002,8 @@ namespace Org.BouncyCastle.Pkix
{
if (genNames[j].TagNo == GeneralName.UniformResourceIdentifier)
{
- string location = DerIA5String.GetInstance(
- genNames[j].Name).GetString();
- PkixCertPathValidatorUtilities.AddAdditionalStoreFromLocation(
- location, pkixParams);
+ string location = DerIA5String.GetInstance(genNames[j].Name).GetString();
+ AddAdditionalStoreFromLocation(location, pkixParams);
}
}
}
@@ -1083,31 +1012,18 @@ namespace Org.BouncyCastle.Pkix
}
}
- internal static bool ProcessCertD1i(
- int index,
- IList[] policyNodes,
- DerObjectIdentifier pOid,
- ISet pq)
+ internal static bool ProcessCertD1i(int index, IList<PkixPolicyNode>[] policyNodes, DerObjectIdentifier pOid,
+ ISet pq)
{
- IList policyNodeVec = policyNodes[index - 1];
-
- for (int j = 0; j < policyNodeVec.Count; j++)
+ foreach (var node in policyNodes[index - 1])
{
- PkixPolicyNode node = (PkixPolicyNode)policyNodeVec[j];
- ISet expectedPolicies = node.ExpectedPolicies;
-
- if (expectedPolicies.Contains(pOid.Id))
+ if (node.ExpectedPolicies.Contains(pOid.Id))
{
- ISet childExpectedPolicies = new HashSet();
+ var childExpectedPolicies = new HashSet();
childExpectedPolicies.Add(pOid.Id);
- PkixPolicyNode child = new PkixPolicyNode(Platform.CreateArrayList(),
- index,
- childExpectedPolicies,
- node,
- pq,
- pOid.Id,
- false);
+ var child = new PkixPolicyNode(new List<PkixPolicyNode>(), index, childExpectedPolicies, node, pq,
+ pOid.Id, false);
node.AddChild(child);
policyNodes[index].Add(child);
@@ -1118,32 +1034,21 @@ namespace Org.BouncyCastle.Pkix
return false;
}
- internal static void ProcessCertD1ii(
- int index,
- IList[] policyNodes,
- DerObjectIdentifier _poid,
- ISet _pq)
+ internal static void ProcessCertD1ii(int index, IList<PkixPolicyNode>[] policyNodes,
+ DerObjectIdentifier _poid, ISet _pq)
{
- IList policyNodeVec = policyNodes[index - 1];
-
- for (int j = 0; j < policyNodeVec.Count; j++)
+ foreach (var _node in policyNodes[index - 1])
{
- PkixPolicyNode _node = (PkixPolicyNode)policyNodeVec[j];
-
if (ANY_POLICY.Equals(_node.ValidPolicy))
{
ISet _childExpectedPolicies = new HashSet();
_childExpectedPolicies.Add(_poid.Id);
- PkixPolicyNode _child = new PkixPolicyNode(Platform.CreateArrayList(),
- index,
- _childExpectedPolicies,
- _node,
- _pq,
- _poid.Id,
- false);
+ var _child = new PkixPolicyNode(new List<PkixPolicyNode>(), index, _childExpectedPolicies, _node,
+ _pq, _poid.Id, false);
_node.AddChild(_child);
policyNodes[index].Add(_child);
+
return;
}
}
@@ -1161,15 +1066,14 @@ namespace Org.BouncyCastle.Pkix
* @exception Exception
* if an error occurs.
*/
- internal static ICollection FindIssuerCerts(
+ internal static HashSet<X509Certificate> FindIssuerCerts(
X509Certificate cert,
PkixBuilderParameters pkixParams)
{
- X509CertStoreSelector certSelect = new X509CertStoreSelector();
- ISet certs = new HashSet();
+ X509CertStoreSelector certSelector = new X509CertStoreSelector();
try
{
- certSelect.Subject = cert.IssuerDN;
+ certSelector.Subject = cert.IssuerDN;
}
catch (IOException ex)
{
@@ -1177,10 +1081,10 @@ namespace Org.BouncyCastle.Pkix
"Subject criteria for certificate selector to find issuer certificate could not be set.", ex);
}
+ var certs = new HashSet<X509Certificate>();
try
{
- certs.AddAll(PkixCertPathValidatorUtilities.FindCertificates(certSelect, pkixParams.GetStores()));
- certs.AddAll(PkixCertPathValidatorUtilities.FindCertificates(certSelect, pkixParams.GetAdditionalStores()));
+ CollectionUtilities.CollectMatches(certs, certSelector, pkixParams.GetStoresCert());
}
catch (Exception e)
{
diff --git a/crypto/src/pkix/PkixCrlUtilities.cs b/crypto/src/pkix/PkixCrlUtilities.cs
index 06a7caa2a..341c9a514 100644
--- a/crypto/src/pkix/PkixCrlUtilities.cs
+++ b/crypto/src/pkix/PkixCrlUtilities.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.Utilities.Date;
@@ -10,22 +10,22 @@ namespace Org.BouncyCastle.Pkix
{
public class PkixCrlUtilities
{
- public virtual ISet FindCrls(X509CrlStoreSelector crlselect, PkixParameters paramsPkix, DateTime currentDate)
+ public virtual ISet<X509Crl> FindCrls(X509CrlStoreSelector crlSelector, PkixParameters paramsPkix,
+ DateTime currentDate)
{
- ISet initialSet = new HashSet();
+ HashSet<X509Crl> initialSet;
// get complete CRL(s)
try
{
- initialSet.AddAll(FindCrls(crlselect, paramsPkix.GetAdditionalStores()));
- initialSet.AddAll(FindCrls(crlselect, paramsPkix.GetStores()));
+ initialSet = FindCrls(crlSelector, paramsPkix.GetStoresCrl());
}
catch (Exception e)
{
throw new Exception("Exception obtaining complete CRLs.", e);
}
- ISet finalSet = new HashSet();
+ var finalSet = new HashSet<X509Crl>();
DateTime validityDate = currentDate;
if (paramsPkix.Date != null)
@@ -40,7 +40,7 @@ namespace Org.BouncyCastle.Pkix
if (null == nextUpdate || nextUpdate.Value.CompareTo(validityDate) > 0)
{
- X509Certificate cert = crlselect.CertificateChecking;
+ X509Certificate cert = crlSelector.CertificateChecking;
if (null == cert || crl.ThisUpdate.CompareTo(cert.NotAfter) < 0)
{
@@ -52,14 +52,14 @@ namespace Org.BouncyCastle.Pkix
return finalSet;
}
- public virtual ISet FindCrls(X509CrlStoreSelector crlselect, PkixParameters paramsPkix)
+ public virtual ISet FindCrls(X509CrlStoreSelector crlSelector, PkixParameters paramsPkix)
{
ISet completeSet = new HashSet();
// get complete CRL(s)
try
{
- completeSet.AddAll(FindCrls(crlselect, paramsPkix.GetStores()));
+ completeSet.AddAll(FindCrls(crlSelector, paramsPkix.GetStoresCrl()));
}
catch (Exception e)
{
@@ -74,28 +74,28 @@ namespace Org.BouncyCastle.Pkix
/// Return a Collection of all CRLs found in the X509Store's that are
/// matching the crlSelect criteriums.
/// </summary>
- /// <param name="crlSelect">a {@link X509CRLStoreSelector} object that will be used
+ /// <param name="crlSelector">a {@link X509CRLStoreSelector} object that will be used
/// to select the CRLs</param>
/// <param name="crlStores">a List containing only {@link org.bouncycastle.x509.X509Store
/// X509Store} objects. These are used to search for CRLs</param>
/// <returns>a Collection of all found {@link X509CRL X509CRL} objects. May be
/// empty but never <code>null</code>.
/// </returns>
- private ICollection FindCrls(X509CrlStoreSelector crlSelect, IList crlStores)
+ private HashSet<X509Crl> FindCrls(ISelector<X509Crl> crlSelector, IList<IStore<X509Crl>> crlStores)
{
- ISet crls = new HashSet();
+ var crls = new HashSet<X509Crl>();
Exception lastException = null;
bool foundValidStore = false;
- foreach (IX509Store store in crlStores)
+ foreach (var crlStore in crlStores)
{
try
{
- crls.AddAll(store.GetMatches(crlSelect));
+ crls.UnionWith(crlStore.EnumerateMatches(crlSelector));
foundValidStore = true;
}
- catch (X509StoreException e)
+ catch (Exception e)
{
lastException = new Exception("Exception searching in X.509 CRL store.", e);
}
diff --git a/crypto/src/pkix/PkixParameters.cs b/crypto/src/pkix/PkixParameters.cs
index 54b077f29..32189acfb 100644
--- a/crypto/src/pkix/PkixParameters.cs
+++ b/crypto/src/pkix/PkixParameters.cs
@@ -1,9 +1,11 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.X509;
using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Pkix
@@ -49,11 +51,15 @@ namespace Org.BouncyCastle.Pkix
private bool anyPolicyInhibited = false;
private bool policyMappingInhibited = false;
private bool policyQualifiersRejected = true;
- private IX509Selector certSelector;
- private IList stores;
- private IX509Selector selector;
+
+ private List<IStore<X509V2AttributeCertificate>> m_storesAttrCert;
+ private List<IStore<X509Certificate>> m_storesCert;
+ private List<IStore<X509Crl>> m_storesCrl;
+
+ private ISelector<X509V2AttributeCertificate> m_targetConstraintsAttrCert;
+ private ISelector<X509Certificate> m_targetConstraintsCert;
+
private bool additionalLocationsEnabled;
- private IList additionalStores;
private ISet trustedACIssuers;
private ISet necessaryACAttributes;
private ISet prohibitedACAttributes;
@@ -86,8 +92,9 @@ namespace Org.BouncyCastle.Pkix
this.initialPolicies = new HashSet();
this.certPathCheckers = Platform.CreateArrayList();
- this.stores = Platform.CreateArrayList();
- this.additionalStores = Platform.CreateArrayList();
+ this.m_storesAttrCert = new List<IStore<X509V2AttributeCertificate>>();
+ this.m_storesCert = new List<IStore<X509Certificate>>();
+ this.m_storesCrl = new List<IStore<X509Crl>>();
this.trustedACIssuers = new HashSet();
this.necessaryACAttributes = new HashSet();
this.prohibitedACAttributes = new HashSet();
@@ -206,6 +213,55 @@ namespace Org.BouncyCastle.Pkix
}
/**
+ * Returns the required constraints on the target certificate or attribute
+ * certificate. The constraints are returned as an instance of
+ * <code>IX509Selector</code>. If <code>null</code>, no constraints are
+ * defined.
+ *
+ * <p>
+ * The target certificate in a PKIX path may be a certificate or an
+ * attribute certificate.
+ * </p><p>
+ * Note that the <code>IX509Selector</code> returned is cloned to protect
+ * against subsequent modifications.
+ * </p>
+ * @return a <code>IX509Selector</code> specifying the constraints on the
+ * target certificate or attribute certificate (or <code>null</code>)
+ * @see #setTargetConstraints
+ * @see X509CertStoreSelector
+ * @see X509AttributeCertStoreSelector
+ */
+ public virtual ISelector<X509V2AttributeCertificate> GetTargetConstraintsAttrCert()
+ {
+ return (ISelector<X509V2AttributeCertificate>)m_targetConstraintsAttrCert?.Clone();
+ }
+
+ /**
+ * Sets the required constraints on the target certificate or attribute
+ * certificate. The constraints are specified as an instance of
+ * <code>IX509Selector</code>. If <code>null</code>, no constraints are
+ * defined.
+ * <p>
+ * The target certificate in a PKIX path may be a certificate or an
+ * attribute certificate.
+ * </p><p>
+ * Note that the <code>IX509Selector</code> specified is cloned to protect
+ * against subsequent modifications.
+ * </p>
+ *
+ * @param selector a <code>IX509Selector</code> specifying the constraints on
+ * the target certificate or attribute certificate (or
+ * <code>null</code>)
+ * @see #getTargetConstraints
+ * @see X509CertStoreSelector
+ * @see X509AttributeCertStoreSelector
+ */
+ public virtual void SetTargetConstraintsAttrCert(ISelector<X509V2AttributeCertificate> targetConstraintsAttrCert)
+ {
+ this.m_targetConstraintsAttrCert = (ISelector<X509V2AttributeCertificate>)targetConstraintsAttrCert?.Clone();
+ }
+
+ /**
* Returns the required constraints on the target certificate. The
* constraints are returned as an instance of CertSelector. If
* <code>null</code>, no constraints are defined.<br />
@@ -218,14 +274,9 @@ namespace Org.BouncyCastle.Pkix
*
* @see #setTargetCertConstraints(CertSelector)
*/
- public virtual X509CertStoreSelector GetTargetCertConstraints()
+ public virtual ISelector<X509Certificate> GetTargetConstraintsCert()
{
- if (certSelector == null)
- {
- return null;
- }
-
- return (X509CertStoreSelector)certSelector.Clone();
+ return (ISelector<X509Certificate>)m_targetConstraintsCert?.Clone();
}
/**
@@ -242,17 +293,9 @@ namespace Org.BouncyCastle.Pkix
*
* @see #getTargetCertConstraints()
*/
- public virtual void SetTargetCertConstraints(
- IX509Selector selector)
+ public virtual void SetTargetConstraintsCert(ISelector<X509Certificate> targetConstraintsCert)
{
- if (selector == null)
- {
- certSelector = null;
- }
- else
- {
- certSelector = (IX509Selector)selector.Clone();
- }
+ m_targetConstraintsCert = (ISelector<X509Certificate>)targetConstraintsCert?.Clone();
}
/**
@@ -447,8 +490,7 @@ namespace Org.BouncyCastle.Pkix
* @param params Parameters to set. If this are
* <code>ExtendedPkixParameters</code> they are copied to.
*/
- protected virtual void SetParams(
- PkixParameters parameters)
+ protected virtual void SetParams(PkixParameters parameters)
{
Date = parameters.Date;
SetCertPathCheckers(parameters.GetCertPathCheckers());
@@ -458,16 +500,18 @@ namespace Org.BouncyCastle.Pkix
IsRevocationEnabled = parameters.IsRevocationEnabled;
SetInitialPolicies(parameters.GetInitialPolicies());
IsPolicyQualifiersRejected = parameters.IsPolicyQualifiersRejected;
- SetTargetCertConstraints(parameters.GetTargetCertConstraints());
SetTrustAnchors(parameters.GetTrustAnchors());
+ m_storesAttrCert = new List<IStore<X509V2AttributeCertificate>>(parameters.m_storesAttrCert);
+ m_storesCert = new List<IStore<X509Certificate>>(parameters.m_storesCert);
+ m_storesCrl = new List<IStore<X509Crl>>(parameters.m_storesCrl);
+
+ SetTargetConstraintsAttrCert(parameters.GetTargetConstraintsAttrCert());
+ SetTargetConstraintsCert(parameters.GetTargetConstraintsCert());
+
validityModel = parameters.validityModel;
useDeltas = parameters.useDeltas;
additionalLocationsEnabled = parameters.additionalLocationsEnabled;
- selector = parameters.selector == null ? null
- : (IX509Selector) parameters.selector.Clone();
- stores = Platform.CreateArrayList(parameters.stores);
- additionalStores = Platform.CreateArrayList(parameters.additionalStores);
trustedACIssuers = new HashSet(parameters.trustedACIssuers);
prohibitedACAttributes = new HashSet(parameters.prohibitedACAttributes);
necessaryACAttributes = new HashSet(parameters.necessaryACAttributes);
@@ -495,115 +539,79 @@ namespace Org.BouncyCastle.Pkix
set { validityModel = value; }
}
- /**
- * Sets the Bouncy Castle Stores for finding CRLs, certificates, attribute
- * certificates or cross certificates.
- * <p>
- * The <code>IList</code> is cloned.
- * </p>
- *
- * @param stores A list of stores to use.
- * @see #getStores
- * @throws ClassCastException if an element of <code>stores</code> is not
- * a {@link Store}.
- */
- public virtual void SetStores(
- IList stores)
+ public virtual IList<IStore<X509V2AttributeCertificate>> GetStoresAttrCert()
+ {
+ return new List<IStore<X509V2AttributeCertificate>>(m_storesAttrCert);
+ }
+
+ public virtual IList<IStore<X509Certificate>> GetStoresCert()
{
- if (stores == null)
+ return new List<IStore<X509Certificate>>(m_storesCert);
+ }
+
+ public virtual IList<IStore<X509Crl>> GetStoresCrl()
+ {
+ return new List<IStore<X509Crl>>(m_storesCrl);
+ }
+
+ public virtual void SetAttrStoresCert(IList<IStore<X509V2AttributeCertificate>> storesAttrCert)
+ {
+ if (storesAttrCert == null)
{
- this.stores = Platform.CreateArrayList();
+ m_storesAttrCert = new List<IStore<X509V2AttributeCertificate>>();
}
else
{
- foreach (object obj in stores)
- {
- if (!(obj is IX509Store))
- {
- throw new InvalidCastException(
- "All elements of list must be of type " + typeof(IX509Store).FullName);
- }
- }
- this.stores = Platform.CreateArrayList(stores);
+ m_storesAttrCert = new List<IStore<X509V2AttributeCertificate>>(storesAttrCert);
}
}
- /**
- * Adds a Bouncy Castle {@link Store} to find CRLs, certificates, attribute
- * certificates or cross certificates.
- * <p>
- * This method should be used to add local stores, like collection based
- * X.509 stores, if available. Local stores should be considered first,
- * before trying to use additional (remote) locations, because they do not
- * need possible additional network traffic.
- * </p><p>
- * If <code>store</code> is <code>null</code> it is ignored.
- * </p>
- *
- * @param store The store to add.
- * @see #getStores
- */
- public virtual void AddStore(
- IX509Store store)
+ public virtual void SetStoresCert(IList<IStore<X509Certificate>> storesCert)
{
- if (store != null)
+ if (storesCert == null)
{
- stores.Add(store);
+ m_storesCert = new List<IStore<X509Certificate>>();
+ }
+ else
+ {
+ m_storesCert = new List<IStore<X509Certificate>>(storesCert);
}
}
- /**
- * Adds an additional Bouncy Castle {@link Store} to find CRLs, certificates,
- * attribute certificates or cross certificates.
- * <p>
- * You should not use this method. This method is used for adding additional
- * X.509 stores, which are used to add (remote) locations, e.g. LDAP, found
- * during X.509 object processing, e.g. in certificates or CRLs. This method
- * is used in PKIX certification path processing.
- * </p><p>
- * If <code>store</code> is <code>null</code> it is ignored.
- * </p>
- *
- * @param store The store to add.
- * @see #getStores()
- */
- public virtual void AddAdditionalStore(
- IX509Store store)
+ public virtual void SetStoresCrl(IList<IStore<X509Crl>> storesCrl)
{
- if (store != null)
+ if (storesCrl == null)
+ {
+ m_storesCrl = new List<IStore<X509Crl>>();
+ }
+ else
{
- additionalStores.Add(store);
+ m_storesCrl = new List<IStore<X509Crl>>(storesCrl);
}
}
- /**
- * Returns an <code>IList</code> of additional Bouncy Castle
- * <code>Store</code>s used for finding CRLs, certificates, attribute
- * certificates or cross certificates.
- *
- * @return an immutable <code>IList</code> of additional Bouncy Castle
- * <code>Store</code>s. Never <code>null</code>.
- *
- * @see #addAddionalStore(Store)
- */
- public virtual IList GetAdditionalStores()
+ public virtual void AddStoreAttrCert(IStore<X509V2AttributeCertificate> storeAttrCert)
{
- return Platform.CreateArrayList(additionalStores);
+ if (storeAttrCert != null)
+ {
+ m_storesAttrCert.Add(storeAttrCert);
+ }
}
- /**
- * Returns an <code>IList</code> of Bouncy Castle
- * <code>Store</code>s used for finding CRLs, certificates, attribute
- * certificates or cross certificates.
- *
- * @return an immutable <code>IList</code> of Bouncy Castle
- * <code>Store</code>s. Never <code>null</code>.
- *
- * @see #setStores(IList)
- */
- public virtual IList GetStores()
+ public virtual void AddStoreCert(IStore<X509Certificate> storeCert)
{
- return Platform.CreateArrayList(stores);
+ if (storeCert != null)
+ {
+ m_storesCert.Add(storeCert);
+ }
+ }
+
+ public virtual void AddStoreCrl(IStore<X509Crl> storeCrl)
+ {
+ if (storeCrl != null)
+ {
+ m_storesCrl.Add(storeCrl);
+ }
}
/**
@@ -630,69 +638,6 @@ namespace Org.BouncyCastle.Pkix
}
/**
- * Returns the required constraints on the target certificate or attribute
- * certificate. The constraints are returned as an instance of
- * <code>IX509Selector</code>. If <code>null</code>, no constraints are
- * defined.
- *
- * <p>
- * The target certificate in a PKIX path may be a certificate or an
- * attribute certificate.
- * </p><p>
- * Note that the <code>IX509Selector</code> returned is cloned to protect
- * against subsequent modifications.
- * </p>
- * @return a <code>IX509Selector</code> specifying the constraints on the
- * target certificate or attribute certificate (or <code>null</code>)
- * @see #setTargetConstraints
- * @see X509CertStoreSelector
- * @see X509AttributeCertStoreSelector
- */
- public virtual IX509Selector GetTargetConstraints()
- {
- if (selector != null)
- {
- return (IX509Selector) selector.Clone();
- }
- else
- {
- return null;
- }
- }
-
- /**
- * Sets the required constraints on the target certificate or attribute
- * certificate. The constraints are specified as an instance of
- * <code>IX509Selector</code>. If <code>null</code>, no constraints are
- * defined.
- * <p>
- * The target certificate in a PKIX path may be a certificate or an
- * attribute certificate.
- * </p><p>
- * Note that the <code>IX509Selector</code> specified is cloned to protect
- * against subsequent modifications.
- * </p>
- *
- * @param selector a <code>IX509Selector</code> specifying the constraints on
- * the target certificate or attribute certificate (or
- * <code>null</code>)
- * @see #getTargetConstraints
- * @see X509CertStoreSelector
- * @see X509AttributeCertStoreSelector
- */
- public virtual void SetTargetConstraints(IX509Selector selector)
- {
- if (selector != null)
- {
- this.selector = (IX509Selector) selector.Clone();
- }
- else
- {
- this.selector = null;
- }
- }
-
- /**
* Returns the trusted attribute certificate issuers. If attribute
* certificates is verified the trusted AC issuers must be set.
* <p>
diff --git a/crypto/src/pkix/PkixPolicyNode.cs b/crypto/src/pkix/PkixPolicyNode.cs
index fc5b82f6f..2e2e39caf 100644
--- a/crypto/src/pkix/PkixPolicyNode.cs
+++ b/crypto/src/pkix/PkixPolicyNode.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.Text;
using Org.BouncyCastle.Utilities;
@@ -13,7 +13,7 @@ namespace Org.BouncyCastle.Pkix
public class PkixPolicyNode
// : IPolicyNode
{
- protected IList mChildren;
+ protected IList<PkixPolicyNode> mChildren;
protected int mDepth;
protected ISet mExpectedPolicies;
protected PkixPolicyNode mParent;
@@ -26,9 +26,9 @@ namespace Org.BouncyCastle.Pkix
get { return this.mDepth; }
}
- public virtual IEnumerable Children
+ public virtual IEnumerable<PkixPolicyNode> Children
{
- get { return new EnumerableProxy(mChildren); }
+ get { return CollectionUtilities.Proxy(mChildren); }
}
public virtual bool IsCritical
@@ -66,7 +66,7 @@ namespace Org.BouncyCastle.Pkix
/// Constructors
public PkixPolicyNode(
- IList children,
+ IEnumerable<PkixPolicyNode> children,
int depth,
ISet expectedPolicies,
PkixPolicyNode parent,
@@ -76,11 +76,11 @@ namespace Org.BouncyCastle.Pkix
{
if (children == null)
{
- this.mChildren = Platform.CreateArrayList();
+ this.mChildren = new List<PkixPolicyNode>();
}
else
{
- this.mChildren = Platform.CreateArrayList(children);
+ this.mChildren = new List<PkixPolicyNode>(children);
}
this.mDepth = depth;
@@ -137,7 +137,7 @@ namespace Org.BouncyCastle.Pkix
public virtual PkixPolicyNode Copy()
{
PkixPolicyNode node = new PkixPolicyNode(
- Platform.CreateArrayList(),
+ new List<PkixPolicyNode>(),
mDepth,
new HashSet(mExpectedPolicies),
null,
diff --git a/crypto/src/pkix/Rfc3280CertPathUtilities.cs b/crypto/src/pkix/Rfc3280CertPathUtilities.cs
index 9001ba1d1..7359d2568 100644
--- a/crypto/src/pkix/Rfc3280CertPathUtilities.cs
+++ b/crypto/src/pkix/Rfc3280CertPathUtilities.cs
@@ -1,6 +1,6 @@
using System;
using System.Collections;
-using System.Globalization;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Asn1;
@@ -11,13 +11,12 @@ using Org.BouncyCastle.Security;
using Org.BouncyCastle.Security.Certificates;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.Collections;
-using Org.BouncyCastle.Utilities.Date;
using Org.BouncyCastle.X509;
using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Pkix
{
- public class Rfc3280CertPathUtilities
+ internal static class Rfc3280CertPathUtilities
{
private static readonly PkixCrlUtilities CrlUtilities = new PkixCrlUtilities();
@@ -367,25 +366,20 @@ namespace Org.BouncyCastle.Pkix
"Policy mappings extension contents could not be decoded.", e, index);
}
- if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(issuerDomainPolicy.Id))
+ if (ANY_POLICY.Equals(issuerDomainPolicy.Id))
throw new PkixCertPathValidatorException(
"IssuerDomainPolicy is anyPolicy", null, index);
- if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(subjectDomainPolicy.Id))
+ if (ANY_POLICY.Equals(subjectDomainPolicy.Id))
throw new PkixCertPathValidatorException(
"SubjectDomainPolicy is anyPolicy,", null, index);
}
}
}
- internal static PkixPolicyNode ProcessCertD(
- PkixCertPath certPath,
- int index,
- ISet acceptablePolicies,
- PkixPolicyNode validPolicyTree,
- IList[] policyNodes,
- int inhibitAnyPolicy)
- //throws CertPathValidatorException
+ /// <exception cref="PkixCertPathValidatorException"/>
+ internal static PkixPolicyNode ProcessCertD(PkixCertPath certPath, int index, ISet acceptablePolicies,
+ PkixPolicyNode validPolicyTree, IList<PkixPolicyNode>[] policyNodes, int inhibitAnyPolicy)
{
IList certs = certPath.Certificates;
X509Certificate cert = (X509Certificate)certs[index];
@@ -396,7 +390,7 @@ namespace Org.BouncyCastle.Pkix
// (d) policy Information checking against initial policy and
// policy mapping
//
- Asn1Sequence certPolicies = null;
+ Asn1Sequence certPolicies;
try
{
certPolicies = Asn1Sequence.GetInstance(
@@ -421,7 +415,7 @@ namespace Org.BouncyCastle.Pkix
pols.Add(pOid.Id);
- if (!Rfc3280CertPathUtilities.ANY_POLICY.Equals(pOid.Id))
+ if (!ANY_POLICY.Equals(pOid.Id))
{
ISet pq = null;
try
@@ -443,7 +437,7 @@ namespace Org.BouncyCastle.Pkix
}
}
- if (acceptablePolicies.IsEmpty || acceptablePolicies.Contains(Rfc3280CertPathUtilities.ANY_POLICY))
+ if (acceptablePolicies.IsEmpty || acceptablePolicies.Contains(ANY_POLICY))
{
acceptablePolicies.Clear();
acceptablePolicies.AddAll(pols);
@@ -471,20 +465,14 @@ namespace Org.BouncyCastle.Pkix
foreach (Asn1Encodable ae in certPolicies)
{
PolicyInformation pInfo = PolicyInformation.GetInstance(ae.ToAsn1Object());
- if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(pInfo.PolicyIdentifier.Id))
+ if (ANY_POLICY.Equals(pInfo.PolicyIdentifier.Id))
{
ISet _apq = PkixCertPathValidatorUtilities.GetQualifierSet(pInfo.PolicyQualifiers);
- IList _nodes = policyNodes[i - 1];
- for (int k = 0; k < _nodes.Count; k++)
+ foreach (var _node in policyNodes[i - 1])
{
- PkixPolicyNode _node = (PkixPolicyNode)_nodes[k];
-
- IEnumerator _policySetIter = _node.ExpectedPolicies.GetEnumerator();
- while (_policySetIter.MoveNext())
+ foreach (var _tmp in _node.ExpectedPolicies)
{
- object _tmp = _policySetIter.Current;
-
string _policy;
if (_tmp is string)
{
@@ -511,10 +499,10 @@ namespace Org.BouncyCastle.Pkix
if (!_found)
{
- ISet _newChildExpectedPolicies = new HashSet();
+ var _newChildExpectedPolicies = new HashSet();
_newChildExpectedPolicies.Add(_policy);
- PkixPolicyNode _newChild = new PkixPolicyNode(Platform.CreateArrayList(), i,
+ var _newChild = new PkixPolicyNode(new List<PkixPolicyNode>(), i,
_newChildExpectedPolicies, _node, _apq, _policy, false);
_node.AddChild(_newChild);
policyNodes[i].Add(_newChild);
@@ -530,21 +518,19 @@ namespace Org.BouncyCastle.Pkix
//
// (d) (3)
//
- for (int j = (i - 1); j >= 0; j--)
+ for (int j = i - 1; j >= 0; j--)
{
- IList nodes = policyNodes[j];
+ var nodes = policyNodes[j];
for (int k = 0; k < nodes.Count; k++)
{
- PkixPolicyNode node = (PkixPolicyNode)nodes[k];
+ var node = nodes[k];
if (!node.HasChildren)
{
- _validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode(_validPolicyTree, policyNodes,
- node);
+ _validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode(_validPolicyTree,
+ policyNodes, node);
if (_validPolicyTree == null)
- {
break;
- }
}
}
}
@@ -558,10 +544,8 @@ namespace Org.BouncyCastle.Pkix
{
bool critical = criticalExtensionOids.Contains(X509Extensions.CertificatePolicies.Id);
- IList nodes = policyNodes[i];
- for (int j = 0; j < nodes.Count; j++)
+ foreach (var node in policyNodes[i])
{
- PkixPolicyNode node = (PkixPolicyNode)nodes[j];
node.IsCritical = critical;
}
}
@@ -730,10 +714,10 @@ namespace Org.BouncyCastle.Pkix
// (f)
// get issuer from CRL
- X509CertStoreSelector selector = new X509CertStoreSelector();
+ X509CertStoreSelector certSelector = new X509CertStoreSelector();
try
{
- selector.Subject = crl.IssuerDN;
+ certSelector.Subject = crl.IssuerDN;
}
catch (IOException e)
{
@@ -742,29 +726,25 @@ namespace Org.BouncyCastle.Pkix
}
// get CRL signing certs
- IList coll = Platform.CreateArrayList();
+ var signingCerts = new HashSet<X509Certificate>();
try
{
- CollectionUtilities.AddRange(coll, PkixCertPathValidatorUtilities.FindCertificates(selector, paramsPKIX.GetStores()));
- CollectionUtilities.AddRange(coll, PkixCertPathValidatorUtilities.FindCertificates(selector, paramsPKIX.GetAdditionalStores()));
+ CollectionUtilities.CollectMatches(signingCerts, certSelector, paramsPKIX.GetStoresCert());
}
catch (Exception e)
{
throw new Exception("Issuer certificate for CRL cannot be searched.", e);
}
- coll.Add(defaultCRLSignCert);
+ signingCerts.Add(defaultCRLSignCert);
- IEnumerator cert_it = coll.GetEnumerator();
IList validCerts = Platform.CreateArrayList();
IList validKeys = Platform.CreateArrayList();
- while (cert_it.MoveNext())
+ foreach (X509Certificate signingCert in signingCerts)
{
- X509Certificate signingCert = (X509Certificate)cert_it.Current;
-
/*
* CA of the certificate, for which this CRL is checked, has also
* signed CRL, so skip the path validation, because is already done
@@ -777,16 +757,13 @@ namespace Org.BouncyCastle.Pkix
}
try
{
-// CertPathBuilder builder = CertPathBuilder.GetInstance("PKIX");
PkixCertPathBuilder builder = new PkixCertPathBuilder();
- selector = new X509CertStoreSelector();
- selector.Certificate = signingCert;
- PkixParameters temp = (PkixParameters)paramsPKIX.Clone();
- temp.SetTargetCertConstraints(selector);
+ certSelector = new X509CertStoreSelector();
+ certSelector.Certificate = signingCert;
- PkixBuilderParameters parameters = (PkixBuilderParameters)
- PkixBuilderParameters.GetInstance(temp);
+ PkixBuilderParameters parameters = PkixBuilderParameters.GetInstance(paramsPKIX);
+ parameters.SetTargetConstraintsCert(certSelector);
/*
* if signingCert is placed not higher on the cert path a
@@ -817,10 +794,6 @@ namespace Org.BouncyCastle.Pkix
{
throw new Exception("Public key of issuer certificate of CRL could not be retrieved.", e);
}
- //catch (Exception e)
- //{
- // throw new Exception(e.Message);
- //}
}
ISet checkKeys = new HashSet();
@@ -874,9 +847,7 @@ namespace Org.BouncyCastle.Pkix
throw new Exception("Cannot verify CRL.", lastException);
}
- internal static X509Crl ProcessCrlH(
- ISet deltaCrls,
- AsymmetricKeyParameter key)
+ internal static X509Crl ProcessCrlH(ISet<X509Crl> deltaCrls, AsymmetricKeyParameter key)
{
Exception lastException = null;
foreach (X509Crl crl in deltaCrls)
@@ -943,7 +914,7 @@ namespace Org.BouncyCastle.Pkix
* getAdditionalStore()
*/
- ISet crls = PkixCertPathValidatorUtilities.GetCompleteCrls(dp, cert, currentDate, paramsPKIX);
+ ISet<X509Crl> crls = PkixCertPathValidatorUtilities.GetCompleteCrls(dp, cert, currentDate, paramsPKIX);
bool validCrlFound = false;
Exception lastException = null;
@@ -980,7 +951,7 @@ namespace Org.BouncyCastle.Pkix
if (paramsPKIX.IsUseDeltasEnabled)
{
// get delta CRLs
- ISet deltaCRLs = PkixCertPathValidatorUtilities.GetDeltaCrls(currentDate, paramsPKIX, crl);
+ ISet<X509Crl> deltaCRLs = PkixCertPathValidatorUtilities.GetDeltaCrls(currentDate, paramsPKIX, crl);
// we only want one valid delta CRL
// (h)
deltaCRL = Rfc3280CertPathUtilities.ProcessCrlH(deltaCRLs, key);
@@ -1087,7 +1058,7 @@ namespace Org.BouncyCastle.Pkix
* @throws AnnotatedException if the certificate is revoked or the status cannot be checked
* or some error occurs.
*/
- protected static void CheckCrls(
+ internal static void CheckCrls(
PkixParameters paramsPKIX,
X509Certificate cert,
DateTime validDate,
@@ -1096,7 +1067,7 @@ namespace Org.BouncyCastle.Pkix
IList certPathCerts)
{
Exception lastException = null;
- CrlDistPoint crldp = null;
+ CrlDistPoint crldp;
try
{
@@ -1215,13 +1186,9 @@ namespace Org.BouncyCastle.Pkix
}
}
- internal static PkixPolicyNode PrepareCertB(
- PkixCertPath certPath,
- int index,
- IList[] policyNodes,
- PkixPolicyNode validPolicyTree,
- int policyMapping)
- //throws CertPathValidatorException
+ /// <exception cref="PkixCertPathValidatorException"/>
+ internal static PkixPolicyNode PrepareCertB(PkixCertPath certPath, int index,
+ IList<PkixPolicyNode>[] policyNodes, PkixPolicyNode validPolicyTree, int policyMapping)
{
IList certs = certPath.Certificates;
X509Certificate cert = (X509Certificate)certs[index];
@@ -1233,7 +1200,8 @@ namespace Org.BouncyCastle.Pkix
Asn1Sequence pm = null;
try
{
- pm = (Asn1Sequence)Asn1Sequence.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.PolicyMappings));
+ pm = Asn1Sequence.GetInstance(
+ PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.PolicyMappings));
}
catch (Exception ex)
{
@@ -1279,11 +1247,9 @@ namespace Org.BouncyCastle.Pkix
if (policyMapping > 0)
{
bool idp_found = false;
- IEnumerator nodes_i = policyNodes[i].GetEnumerator();
- while (nodes_i.MoveNext())
+ foreach (PkixPolicyNode node in policyNodes[i])
{
- PkixPolicyNode node = (PkixPolicyNode)nodes_i.Current;
if (node.ValidPolicy.Equals(id_p))
{
idp_found = true;
@@ -1294,11 +1260,9 @@ namespace Org.BouncyCastle.Pkix
if (!idp_found)
{
- nodes_i = policyNodes[i].GetEnumerator();
- while (nodes_i.MoveNext())
+ foreach (PkixPolicyNode node in policyNodes[i])
{
- PkixPolicyNode node = (PkixPolicyNode)nodes_i.Current;
- if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(node.ValidPolicy))
+ if (ANY_POLICY.Equals(node.ValidPolicy))
{
ISet pq = null;
Asn1Sequence policies = null;
@@ -1325,7 +1289,7 @@ namespace Org.BouncyCastle.Pkix
throw new PkixCertPathValidatorException(
"Policy information could not be decoded.", ex, index);
}
- if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(pinfo.PolicyIdentifier.Id))
+ if (ANY_POLICY.Equals(pinfo.PolicyIdentifier.Id))
{
try
{
@@ -1347,10 +1311,10 @@ namespace Org.BouncyCastle.Pkix
ci = critExtOids.Contains(X509Extensions.CertificatePolicies.Id);
}
- PkixPolicyNode p_node = (PkixPolicyNode)node.Parent;
- if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(p_node.ValidPolicy))
+ PkixPolicyNode p_node = node.Parent;
+ if (ANY_POLICY.Equals(p_node.ValidPolicy))
{
- PkixPolicyNode c_node = new PkixPolicyNode(Platform.CreateArrayList(), i,
+ var c_node = new PkixPolicyNode(new List<PkixPolicyNode>(), i,
(ISet)m_idp[id_p], p_node, pq, id_p, ci);
p_node.AddChild(c_node);
policyNodes[i].Add(c_node);
@@ -1366,7 +1330,7 @@ namespace Org.BouncyCastle.Pkix
}
else if (policyMapping <= 0)
{
- foreach (PkixPolicyNode node in Platform.CreateArrayList(policyNodes[i]))
+ foreach (var node in new List<PkixPolicyNode>(policyNodes[i]))
{
if (node.ValidPolicy.Equals(id_p))
{
@@ -1374,7 +1338,7 @@ namespace Org.BouncyCastle.Pkix
for (int k = i - 1; k >= 0; k--)
{
- foreach (PkixPolicyNode node2 in Platform.CreateArrayList(policyNodes[k]))
+ foreach (var node2 in new List<PkixPolicyNode>(policyNodes[k]))
{
if (!node2.HasChildren)
{
@@ -1394,13 +1358,12 @@ namespace Org.BouncyCastle.Pkix
return _validPolicyTree;
}
- internal static ISet[] ProcessCrlA1ii(
+ internal static ISet<X509Crl>[] ProcessCrlA1ii(
DateTime currentDate,
PkixParameters paramsPKIX,
X509Certificate cert,
X509Crl crl)
{
- ISet deltaSet = new HashSet();
X509CrlStoreSelector crlselect = new X509CrlStoreSelector();
crlselect.CertificateChecking = cert;
@@ -1416,14 +1379,15 @@ namespace Org.BouncyCastle.Pkix
}
crlselect.CompleteCrlEnabled = true;
- ISet completeSet = CrlUtilities.FindCrls(crlselect, paramsPKIX, currentDate);
+ ISet<X509Crl> completeSet = CrlUtilities.FindCrls(crlselect, paramsPKIX, currentDate);
+ var deltaSet = new HashSet<X509Crl>();
if (paramsPKIX.IsUseDeltasEnabled)
{
// get delta CRL(s)
try
{
- deltaSet.AddAll(PkixCertPathValidatorUtilities.GetDeltaCrls(currentDate, paramsPKIX, crl));
+ deltaSet.UnionWith(PkixCertPathValidatorUtilities.GetDeltaCrls(currentDate, paramsPKIX, crl));
}
catch (Exception e)
{
@@ -1431,7 +1395,7 @@ namespace Org.BouncyCastle.Pkix
}
}
- return new ISet[]{ completeSet, deltaSet };
+ return new []{ completeSet, deltaSet };
}
internal static ISet ProcessCrlA1i(
@@ -2101,14 +2065,9 @@ namespace Org.BouncyCastle.Pkix
}
}
- internal static PkixPolicyNode WrapupCertG(
- PkixCertPath certPath,
- PkixParameters paramsPKIX,
- ISet userInitialPolicySet,
- int index,
- IList[] policyNodes,
- PkixPolicyNode validPolicyTree,
- ISet acceptablePolicies)
+ internal static PkixPolicyNode WrapupCertG(PkixCertPath certPath, PkixParameters paramsPKIX,
+ ISet userInitialPolicySet, int index, IList<PkixPolicyNode>[] policyNodes, PkixPolicyNode validPolicyTree,
+ ISet acceptablePolicies)
{
int n = certPath.Certificates.Count;
@@ -2140,19 +2099,15 @@ namespace Org.BouncyCastle.Pkix
}
else
{
- ISet _validPolicyNodeSet = new HashSet();
+ var _validPolicyNodeSet = new HashSet<PkixPolicyNode>();
- for (int j = 0; j < policyNodes.Length; j++)
+ foreach (var _nodeDepth in policyNodes)
{
- IList _nodeDepth = policyNodes[j];
-
- for (int k = 0; k < _nodeDepth.Count; k++)
- {
- PkixPolicyNode _node = (PkixPolicyNode)_nodeDepth[k];
-
- if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(_node.ValidPolicy))
+ foreach (var _node in _nodeDepth)
+ {
+ if (ANY_POLICY.Equals(_node.ValidPolicy))
{
- foreach (object o in _node.Children)
+ foreach (var o in _node.Children)
{
_validPolicyNodeSet.Add(o);
}
@@ -2160,11 +2115,9 @@ namespace Org.BouncyCastle.Pkix
}
}
- foreach (PkixPolicyNode _node in _validPolicyNodeSet)
+ foreach (var _node in _validPolicyNodeSet)
{
- string _validPolicy = _node.ValidPolicy;
-
- if (!acceptablePolicies.Contains(_validPolicy))
+ if (!acceptablePolicies.Contains(_node.ValidPolicy))
{
// TODO?
// validPolicyTree =
@@ -2174,17 +2127,17 @@ namespace Org.BouncyCastle.Pkix
}
if (validPolicyTree != null)
{
- for (int j = (n - 1); j >= 0; j--)
+ for (int j = n - 1; j >= 0; j--)
{
- IList nodes = policyNodes[j];
+ var nodes = policyNodes[j];
for (int k = 0; k < nodes.Count; k++)
{
- PkixPolicyNode node = (PkixPolicyNode)nodes[k];
+ var node = nodes[k];
if (!node.HasChildren)
{
- validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode(validPolicyTree,
- policyNodes, node);
+ validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode(
+ validPolicyTree, policyNodes, node);
}
}
}
@@ -2209,21 +2162,17 @@ namespace Org.BouncyCastle.Pkix
//
// (g) (iii) 1
//
- ISet _validPolicyNodeSet = new HashSet();
+ var _validPolicyNodeSet = new HashSet<PkixPolicyNode>();
- for (int j = 0; j < policyNodes.Length; j++)
+ foreach (var _nodeDepth in policyNodes)
{
- IList _nodeDepth = policyNodes[j];
-
- for (int k = 0; k < _nodeDepth.Count; k++)
+ foreach (var _node in _nodeDepth)
{
- PkixPolicyNode _node = (PkixPolicyNode)_nodeDepth[k];
-
- if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(_node.ValidPolicy))
+ if (ANY_POLICY.Equals(_node.ValidPolicy))
{
foreach (PkixPolicyNode _c_node in _node.Children)
{
- if (!Rfc3280CertPathUtilities.ANY_POLICY.Equals(_c_node.ValidPolicy))
+ if (!ANY_POLICY.Equals(_c_node.ValidPolicy))
{
_validPolicyNodeSet.Add(_c_node);
}
@@ -2235,15 +2184,12 @@ namespace Org.BouncyCastle.Pkix
//
// (g) (iii) 2
//
- IEnumerator _vpnsIter = _validPolicyNodeSet.GetEnumerator();
- while (_vpnsIter.MoveNext())
+ foreach (var _node in _validPolicyNodeSet)
{
- PkixPolicyNode _node = (PkixPolicyNode)_vpnsIter.Current;
- string _validPolicy = _node.ValidPolicy;
-
- if (!userInitialPolicySet.Contains(_validPolicy))
+ if (!userInitialPolicySet.Contains(_node.ValidPolicy))
{
- validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode(validPolicyTree, policyNodes, _node);
+ validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode(validPolicyTree, policyNodes,
+ _node);
}
}
@@ -2252,17 +2198,17 @@ namespace Org.BouncyCastle.Pkix
//
if (validPolicyTree != null)
{
- for (int j = (n - 1); j >= 0; j--)
+ for (int j = n - 1; j >= 0; j--)
{
- IList nodes = policyNodes[j];
+ var nodes = policyNodes[j];
for (int k = 0; k < nodes.Count; k++)
{
- PkixPolicyNode node = (PkixPolicyNode)nodes[k];
+ var node = nodes[k];
if (!node.HasChildren)
{
- validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode(validPolicyTree, policyNodes,
- node);
+ validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode(validPolicyTree,
+ policyNodes, node);
}
}
}
diff --git a/crypto/src/pkix/Rfc3281CertPathUtilities.cs b/crypto/src/pkix/Rfc3281CertPathUtilities.cs
index 66025f0fc..2e1ee3898 100644
--- a/crypto/src/pkix/Rfc3281CertPathUtilities.cs
+++ b/crypto/src/pkix/Rfc3281CertPathUtilities.cs
@@ -1,9 +1,7 @@
using System;
using System.Collections;
-using System.Globalization;
-using System.IO;
+using System.Collections.Generic;
-using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Security.Certificates;
@@ -13,10 +11,10 @@ using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Pkix
{
- internal class Rfc3281CertPathUtilities
+ internal static class Rfc3281CertPathUtilities
{
internal static void ProcessAttrCert7(
- IX509AttributeCertificate attrCert,
+ X509V2AttributeCertificate attrCert,
PkixCertPath certPath,
PkixCertPath holderCertPath,
PkixParameters pkixParams)
@@ -73,7 +71,7 @@ namespace Org.BouncyCastle.Pkix
* status cannot be checked or some error occurs.
*/
internal static void CheckCrls(
- IX509AttributeCertificate attrCert,
+ X509V2AttributeCertificate attrCert,
PkixParameters paramsPKIX,
X509Certificate issuerCert,
DateTime validDate,
@@ -230,7 +228,7 @@ namespace Org.BouncyCastle.Pkix
}
internal static void AdditionalChecks(
- IX509AttributeCertificate attrCert,
+ X509V2AttributeCertificate attrCert,
PkixParameters pkixParams)
{
// 1
@@ -255,7 +253,7 @@ namespace Org.BouncyCastle.Pkix
}
internal static void ProcessAttrCert5(
- IX509AttributeCertificate attrCert,
+ X509V2AttributeCertificate attrCert,
PkixParameters pkixParams)
{
try
@@ -349,7 +347,7 @@ namespace Org.BouncyCastle.Pkix
* </ul>
*/
internal static PkixCertPath ProcessAttrCert1(
- IX509AttributeCertificate attrCert,
+ X509V2AttributeCertificate attrCert,
PkixParameters pkixParams)
{
PkixCertPathBuilderResult result = null;
@@ -368,8 +366,8 @@ namespace Org.BouncyCastle.Pkix
{
selector.Issuer = principals[i];
}
- holderPKCs.AddAll(PkixCertPathValidatorUtilities
- .FindCertificates(selector, pkixParams.GetStores()));
+ holderPKCs.AddAll(
+ PkixCertPathValidatorUtilities.FindCertificates(selector, pkixParams.GetStoresCert()));
}
catch (Exception e)
{
@@ -396,8 +394,8 @@ namespace Org.BouncyCastle.Pkix
{
selector.Issuer = principals[i];
}
- holderPKCs.AddAll(PkixCertPathValidatorUtilities
- .FindCertificates(selector, pkixParams.GetStores()));
+ holderPKCs.AddAll(
+ PkixCertPathValidatorUtilities.FindCertificates(selector, pkixParams.GetStoresCert()));
}
catch (Exception e)
{
@@ -414,21 +412,21 @@ namespace Org.BouncyCastle.Pkix
}
// verify cert paths for PKCs
- PkixBuilderParameters parameters = (PkixBuilderParameters)
- PkixBuilderParameters.GetInstance(pkixParams);
+ PkixBuilderParameters parameters = PkixBuilderParameters.GetInstance(pkixParams);
PkixCertPathValidatorException lastException = null;
foreach (X509Certificate cert in holderPKCs)
{
- X509CertStoreSelector selector = new X509CertStoreSelector();
- selector.Certificate = cert;
- parameters.SetTargetConstraints(selector);
+ X509CertStoreSelector certSelector = new X509CertStoreSelector();
+ certSelector.Certificate = cert;
+
+ parameters.SetTargetConstraintsCert(certSelector);
PkixCertPathBuilder builder = new PkixCertPathBuilder();
try
{
- result = builder.Build(PkixBuilderParameters.GetInstance(parameters));
+ result = builder.Build(parameters);
}
catch (PkixCertPathBuilderException e)
{
@@ -463,7 +461,7 @@ namespace Org.BouncyCastle.Pkix
*/
private static void CheckCrl(
DistributionPoint dp,
- IX509AttributeCertificate attrCert,
+ X509V2AttributeCertificate attrCert,
PkixParameters paramsPKIX,
DateTime validDate,
X509Certificate issuerCert,
@@ -496,8 +494,7 @@ namespace Org.BouncyCastle.Pkix
* CRLs must be enabled in the ExtendedPkixParameters and are in
* getAdditionalStore()
*/
- ISet crls = PkixCertPathValidatorUtilities.GetCompleteCrls(dp, attrCert,
- currentDate, paramsPKIX);
+ ISet<X509Crl> crls = PkixCertPathValidatorUtilities.GetCompleteCrls(dp, attrCert, currentDate, paramsPKIX);
bool validCrlFound = false;
Exception lastException = null;
@@ -536,7 +533,7 @@ namespace Org.BouncyCastle.Pkix
if (paramsPKIX.IsUseDeltasEnabled)
{
// get delta CRLs
- ISet deltaCRLs = PkixCertPathValidatorUtilities.GetDeltaCrls(
+ ISet<X509Crl> deltaCRLs = PkixCertPathValidatorUtilities.GetDeltaCrls(
currentDate, paramsPKIX, crl);
// we only want one valid delta CRL
// (h)
diff --git a/crypto/src/tsp/TimeStampToken.cs b/crypto/src/tsp/TimeStampToken.cs
index 9b2a7a40b..258f14dfb 100644
--- a/crypto/src/tsp/TimeStampToken.cs
+++ b/crypto/src/tsp/TimeStampToken.cs
@@ -13,8 +13,8 @@ using Org.BouncyCastle.Cms;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Security.Certificates;
using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Tsp
{
@@ -134,28 +134,11 @@ namespace Org.BouncyCastle.Tsp
get { return tsaSignerInfo.UnsignedAttributes; }
}
- public IX509Store GetCertificates(
- string type)
- {
- return tsToken.GetCertificates(type);
- }
+ public IStore<X509V2AttributeCertificate> GetAttributeCertificates() => tsToken.GetAttributeCertificates();
- public IX509Store GetCrls(
- string type)
- {
- return tsToken.GetCrls(type);
- }
-
- public IX509Store GetCertificates()
- {
- return tsToken.GetCertificates();
- }
+ public IStore<X509Certificate> GetCertificates() => tsToken.GetCertificates();
- public IX509Store GetAttributeCertificates(
- string type)
- {
- return tsToken.GetAttributeCertificates(type);
- }
+ public IStore<X509Crl> GetCrls() => tsToken.GetCrls();
/**
* Validate the time stamp token.
diff --git a/crypto/src/tsp/TimeStampTokenGenerator.cs b/crypto/src/tsp/TimeStampTokenGenerator.cs
index ff85fe46e..afa1ef2e0 100644
--- a/crypto/src/tsp/TimeStampTokenGenerator.cs
+++ b/crypto/src/tsp/TimeStampTokenGenerator.cs
@@ -4,7 +4,6 @@ using System.IO;
using System.Text;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cmp;
-using Org.BouncyCastle.Asn1.Cms;
using Org.BouncyCastle.Asn1.Ess;
using Org.BouncyCastle.Asn1.Oiw;
using Org.BouncyCastle.Asn1.Pkcs;
@@ -15,8 +14,8 @@ using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Tsp
{
@@ -34,8 +33,11 @@ namespace Org.BouncyCastle.Tsp
private GeneralName tsa = null;
private DerObjectIdentifier tsaPolicyOID;
- private IX509Store x509Certs;
- private IX509Store x509Crls;
+ private IStore<X509Certificate> x509Certs;
+ private IStore<X509Crl> x509Crls;
+ private IStore<X509V2AttributeCertificate> x509AttrCerts;
+ // TODO Port changes from bc-java
+ //private IDictionary otherRevoc = Platform.CreateHashtable();
private SignerInfoGenerator signerInfoGenerator;
IDigestFactory digestCalculator;
@@ -204,15 +206,17 @@ namespace Org.BouncyCastle.Tsp
.Build(sigfact, cert);
}
+ public void SetAttributeCertificates(IStore<X509V2AttributeCertificate> attributeCertificates)
+ {
+ this.x509AttrCerts = attributeCertificates;
+ }
- public void SetCertificates(
- IX509Store certificates)
+ public void SetCertificates(IStore<X509Certificate> certificates)
{
this.x509Certs = certificates;
}
- public void SetCrls(
- IX509Store crls)
+ public void SetCrls(IStore<X509Crl> crls)
{
this.x509Crls = crls;
}
@@ -365,6 +369,7 @@ namespace Org.BouncyCastle.Tsp
if (request.CertReq)
{
signedDataGenerator.AddCertificates(x509Certs);
+ signedDataGenerator.AddAttributeCertificates(x509AttrCerts);
}
signedDataGenerator.AddCrls(x509Crls);
@@ -386,10 +391,6 @@ namespace Org.BouncyCastle.Tsp
{
throw new TspException("Exception encoding info", e);
}
- catch (X509StoreException e)
- {
- throw new TspException("Exception handling CertStore", e);
- }
// catch (InvalidAlgorithmParameterException e)
// {
// throw new TspException("Exception handling CertStore CRLs", e);
diff --git a/crypto/src/x509/AttributeCertificateHolder.cs b/crypto/src/x509/AttributeCertificateHolder.cs
index 7cd869b4b..b3cea1cfe 100644
--- a/crypto/src/x509/AttributeCertificateHolder.cs
+++ b/crypto/src/x509/AttributeCertificateHolder.cs
@@ -7,7 +7,7 @@ using Org.BouncyCastle.Math;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Security.Certificates;
using Org.BouncyCastle.Utilities;
-using Org.BouncyCastle.X509.Store;
+using Org.BouncyCastle.Utilities.Collections;
namespace Org.BouncyCastle.X509
{
@@ -28,7 +28,7 @@ namespace Org.BouncyCastle.X509
/// </remarks>
public class AttributeCertificateHolder
//: CertSelector, Selector
- : IX509Selector
+ : ISelector<X509Certificate>
{
internal readonly Holder holder;
@@ -325,9 +325,11 @@ namespace Org.BouncyCastle.X509
return new AttributeCertificateHolder((Asn1Sequence)holder.ToAsn1Object());
}
- public bool Match(
- X509Certificate x509Cert)
+ public bool Match(X509Certificate x509Cert)
{
+ if (x509Cert == null)
+ return false;
+
try
{
if (holder.BaseCertificateID != null)
@@ -417,17 +419,5 @@ namespace Org.BouncyCastle.X509
{
return this.holder.GetHashCode();
}
-
- public bool Match(
- object obj)
- {
- if (!(obj is X509Certificate))
- {
- return false;
- }
-
-// return Match((Certificate)obj);
- return Match((X509Certificate)obj);
- }
}
}
diff --git a/crypto/src/x509/AttributeCertificateIssuer.cs b/crypto/src/x509/AttributeCertificateIssuer.cs
index 32f16c23e..799a48877 100644
--- a/crypto/src/x509/AttributeCertificateIssuer.cs
+++ b/crypto/src/x509/AttributeCertificateIssuer.cs
@@ -2,7 +2,7 @@ using System;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.X509.Store;
+using Org.BouncyCastle.Utilities.Collections;
namespace Org.BouncyCastle.X509
{
@@ -11,7 +11,7 @@ namespace Org.BouncyCastle.X509
*/
public class AttributeCertificateIssuer
//: CertSelector, Selector
- : IX509Selector
+ : ISelector<X509Certificate>
{
internal readonly Asn1Encodable form;
@@ -132,9 +132,11 @@ namespace Org.BouncyCastle.X509
return new AttributeCertificateIssuer(AttCertIssuer.GetInstance(form));
}
- public bool Match(
- X509Certificate x509Cert)
+ public bool Match(X509Certificate x509Cert)
{
+ if (x509Cert == null)
+ return false;
+
if (form is V2Form)
{
V2Form issuer = (V2Form) form;
@@ -172,17 +174,5 @@ namespace Org.BouncyCastle.X509
{
return this.form.GetHashCode();
}
-
- public bool Match(
- object obj)
- {
- if (!(obj is X509Certificate))
- {
- return false;
- }
-
- //return Match((Certificate)obj);
- return Match((X509Certificate)obj);
- }
}
}
diff --git a/crypto/src/x509/IX509AttributeCertificate.cs b/crypto/src/x509/IX509AttributeCertificate.cs
deleted file mode 100644
index 9a3004e01..000000000
--- a/crypto/src/x509/IX509AttributeCertificate.cs
+++ /dev/null
@@ -1,57 +0,0 @@
-using System;
-using System.IO;
-
-using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Math;
-
-namespace Org.BouncyCastle.X509
-{
- /// <remarks>Interface for an X.509 Attribute Certificate.</remarks>
- public interface IX509AttributeCertificate
- : IX509Extension
- {
- /// <summary>The version number for the certificate.</summary>
- int Version { get; }
-
- /// <summary>The serial number for the certificate.</summary>
- BigInteger SerialNumber { get; }
-
- /// <summary>The UTC DateTime before which the certificate is not valid.</summary>
- DateTime NotBefore { get; }
-
- /// <summary>The UTC DateTime after which the certificate is not valid.</summary>
- DateTime NotAfter { get; }
-
- /// <summary>The holder of the certificate.</summary>
- AttributeCertificateHolder Holder { get; }
-
- /// <summary>The issuer details for the certificate.</summary>
- AttributeCertificateIssuer Issuer { get; }
-
- /// <summary>Return the attributes contained in the attribute block in the certificate.</summary>
- /// <returns>An array of attributes.</returns>
- X509Attribute[] GetAttributes();
-
- /// <summary>Return the attributes with the same type as the passed in oid.</summary>
- /// <param name="oid">The object identifier we wish to match.</param>
- /// <returns>An array of matched attributes, null if there is no match.</returns>
- X509Attribute[] GetAttributes(string oid);
-
- bool[] GetIssuerUniqueID();
-
- bool IsValidNow { get; }
- bool IsValid(DateTime date);
-
- void CheckValidity();
- void CheckValidity(DateTime date);
-
- byte[] GetSignature();
-
- void Verify(AsymmetricKeyParameter publicKey);
-
- /// <summary>Return an ASN.1 encoded byte array representing the attribute certificate.</summary>
- /// <returns>An ASN.1 encoded byte array.</returns>
- /// <exception cref="IOException">If the certificate cannot be encoded.</exception>
- byte[] GetEncoded();
- }
-}
diff --git a/crypto/src/x509/X509AttrCertParser.cs b/crypto/src/x509/X509AttrCertParser.cs
index ce708ed8d..f1dc09543 100644
--- a/crypto/src/x509/X509AttrCertParser.cs
+++ b/crypto/src/x509/X509AttrCertParser.cs
@@ -1,12 +1,11 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Pkcs;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Security.Certificates;
-using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.IO;
namespace Org.BouncyCastle.X509
@@ -19,7 +18,7 @@ namespace Org.BouncyCastle.X509
private int sDataObjectCount;
private Stream currentStream;
- private IX509AttributeCertificate ReadDerCertificate(
+ private X509V2AttributeCertificate ReadDerCertificate(
Asn1InputStream dIn)
{
Asn1Sequence seq = (Asn1Sequence)dIn.ReadObject();
@@ -35,25 +34,21 @@ namespace Org.BouncyCastle.X509
}
}
-// return new X509V2AttributeCertificate(seq.getEncoded());
return new X509V2AttributeCertificate(AttributeCertificate.GetInstance(seq));
}
- private IX509AttributeCertificate GetCertificate()
+ private X509V2AttributeCertificate GetCertificate()
{
if (sData != null)
{
while (sDataObjectCount < sData.Count)
{
- object obj = sData[sDataObjectCount++];
+ Asn1Encodable ae = sData[sDataObjectCount++];
- if (obj is Asn1TaggedObject && ((Asn1TaggedObject)obj).TagNo == 2)
+ if (ae.ToAsn1Object() is Asn1TaggedObject t && t.TagNo == 2)
{
- //return new X509V2AttributeCertificate(
- // Asn1Sequence.GetInstance((Asn1TaggedObject)obj, false).GetEncoded());
return new X509V2AttributeCertificate(
- AttributeCertificate.GetInstance(
- Asn1Sequence.GetInstance((Asn1TaggedObject)obj, false)));
+ AttributeCertificate.GetInstance(Asn1Sequence.GetInstance(t, false)));
}
}
}
@@ -61,14 +56,13 @@ namespace Org.BouncyCastle.X509
return null;
}
- private IX509AttributeCertificate ReadPemCertificate(
+ private X509V2AttributeCertificate ReadPemCertificate(
Stream inStream)
{
Asn1Sequence seq = PemAttrCertParser.ReadPemObject(inStream);
return seq == null
? null
- //: new X509V2AttributeCertificate(seq.getEncoded());
: new X509V2AttributeCertificate(AttributeCertificate.GetInstance(seq));
}
@@ -76,8 +70,7 @@ namespace Org.BouncyCastle.X509
/// Create loading data from byte array.
/// </summary>
/// <param name="input"></param>
- public IX509AttributeCertificate ReadAttrCert(
- byte[] input)
+ public X509V2AttributeCertificate ReadAttrCert(byte[] input)
{
return ReadAttrCert(new MemoryStream(input, false));
}
@@ -86,8 +79,7 @@ namespace Org.BouncyCastle.X509
/// Create loading data from byte array.
/// </summary>
/// <param name="input"></param>
- public ICollection ReadAttrCerts(
- byte[] input)
+ public IList<X509V2AttributeCertificate> ReadAttrCerts(byte[] input)
{
return ReadAttrCerts(new MemoryStream(input, false));
}
@@ -96,7 +88,7 @@ namespace Org.BouncyCastle.X509
* Generates a certificate object and initializes it with the data
* read from the input stream inStream.
*/
- public IX509AttributeCertificate ReadAttrCert(
+ public X509V2AttributeCertificate ReadAttrCert(
Stream inStream)
{
if (inStream == null)
@@ -163,12 +155,11 @@ namespace Org.BouncyCastle.X509
* Returns a (possibly empty) collection view of the certificates
* read from the given input stream inStream.
*/
- public ICollection ReadAttrCerts(
- Stream inStream)
+ public IList<X509V2AttributeCertificate> ReadAttrCerts(Stream inStream)
{
- IX509AttributeCertificate attrCert;
- IList attrCerts = Platform.CreateArrayList();
+ var attrCerts = new List<X509V2AttributeCertificate>();
+ X509V2AttributeCertificate attrCert;
while ((attrCert = ReadAttrCert(inStream)) != null)
{
attrCerts.Add(attrCert);
@@ -177,4 +168,4 @@ namespace Org.BouncyCastle.X509
return attrCerts;
}
}
-}
\ No newline at end of file
+}
diff --git a/crypto/src/x509/X509V2AttributeCertificate.cs b/crypto/src/x509/X509V2AttributeCertificate.cs
index 1ceba101e..61bb8c879 100644
--- a/crypto/src/x509/X509V2AttributeCertificate.cs
+++ b/crypto/src/x509/X509V2AttributeCertificate.cs
@@ -15,7 +15,7 @@ namespace Org.BouncyCastle.X509
{
/// <summary>An implementation of a version 2 X.509 Attribute Certificate.</summary>
public class X509V2AttributeCertificate
- : X509ExtensionBase, IX509AttributeCertificate
+ : X509ExtensionBase
{
private readonly AttributeCertificate cert;
private readonly DateTime notBefore;
@@ -49,8 +49,7 @@ namespace Org.BouncyCastle.X509
{
}
- internal X509V2AttributeCertificate(
- AttributeCertificate cert)
+ public X509V2AttributeCertificate(AttributeCertificate cert)
{
this.cert = cert;
@@ -65,6 +64,11 @@ namespace Org.BouncyCastle.X509
}
}
+ public virtual AttributeCertificate AttributeCertificate
+ {
+ get { return cert; }
+ }
+
public virtual int Version
{
get { return cert.ACInfo.Version.IntValueExact + 1; }
diff --git a/crypto/src/x509/X509V2AttributeCertificateGenerator.cs b/crypto/src/x509/X509V2AttributeCertificateGenerator.cs
index 643604181..2baf10c63 100644
--- a/crypto/src/x509/X509V2AttributeCertificateGenerator.cs
+++ b/crypto/src/x509/X509V2AttributeCertificateGenerator.cs
@@ -104,7 +104,7 @@ namespace Org.BouncyCastle.X509
/// </summary>
/// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param>
/// <returns>An IX509AttributeCertificate.</returns>
- public IX509AttributeCertificate Generate(ISignatureFactory signatureCalculatorFactory)
+ public X509V2AttributeCertificate Generate(ISignatureFactory signatureCalculatorFactory)
{
if (!extGenerator.IsEmpty)
{
diff --git a/crypto/src/x509/store/IX509Selector.cs b/crypto/src/x509/store/IX509Selector.cs
deleted file mode 100644
index 4459903e7..000000000
--- a/crypto/src/x509/store/IX509Selector.cs
+++ /dev/null
@@ -1,15 +0,0 @@
-using System;
-
-namespace Org.BouncyCastle.X509.Store
-{
- public interface IX509Selector
-#if !PORTABLE
- : ICloneable
-#endif
- {
-#if PORTABLE
- object Clone();
-#endif
- bool Match(object obj);
- }
-}
diff --git a/crypto/src/x509/store/IX509Store.cs b/crypto/src/x509/store/IX509Store.cs
deleted file mode 100644
index e5c3a462a..000000000
--- a/crypto/src/x509/store/IX509Store.cs
+++ /dev/null
@@ -1,11 +0,0 @@
-using System;
-using System.Collections;
-
-namespace Org.BouncyCastle.X509.Store
-{
- public interface IX509Store
- {
-// void Init(IX509StoreParameters parameters);
- ICollection GetMatches(IX509Selector selector);
- }
-}
diff --git a/crypto/src/x509/store/IX509StoreParameters.cs b/crypto/src/x509/store/IX509StoreParameters.cs
deleted file mode 100644
index aee3036c2..000000000
--- a/crypto/src/x509/store/IX509StoreParameters.cs
+++ /dev/null
@@ -1,8 +0,0 @@
-using System;
-
-namespace Org.BouncyCastle.X509.Store
-{
- public interface IX509StoreParameters
- {
- }
-}
diff --git a/crypto/src/x509/store/NoSuchStoreException.cs b/crypto/src/x509/store/NoSuchStoreException.cs
deleted file mode 100644
index 3acac536f..000000000
--- a/crypto/src/x509/store/NoSuchStoreException.cs
+++ /dev/null
@@ -1,30 +0,0 @@
-using System;
-using System.Runtime.Serialization;
-
-namespace Org.BouncyCastle.X509.Store
-{
- [Serializable]
- public class NoSuchStoreException
- : X509StoreException
- {
- public NoSuchStoreException()
- : base()
- {
- }
-
- public NoSuchStoreException(string message)
- : base(message)
- {
- }
-
- public NoSuchStoreException(string message, Exception innerException)
- : base(message, innerException)
- {
- }
-
- protected NoSuchStoreException(SerializationInfo info, StreamingContext context)
- : base(info, context)
- {
- }
- }
-}
diff --git a/crypto/src/x509/store/X509AttrCertStoreSelector.cs b/crypto/src/x509/store/X509AttrCertStoreSelector.cs
index d60a5f23c..b25d0de19 100644
--- a/crypto/src/x509/store/X509AttrCertStoreSelector.cs
+++ b/crypto/src/x509/store/X509AttrCertStoreSelector.cs
@@ -18,11 +18,11 @@ namespace Org.BouncyCastle.X509.Store
* @see org.bouncycastle.x509.X509Store
*/
public class X509AttrCertStoreSelector
- : IX509Selector
+ : ISelector<X509V2AttributeCertificate>
{
// TODO: name constraints???
- private IX509AttributeCertificate attributeCert;
+ private X509V2AttributeCertificate attributeCert;
private DateTimeObject attributeCertificateValid;
private AttributeCertificateHolder holder;
private AttributeCertificateIssuer issuer;
@@ -49,16 +49,10 @@ namespace Org.BouncyCastle.X509.Store
/// <summary>
/// Decides if the given attribute certificate should be selected.
/// </summary>
- /// <param name="obj">The attribute certificate to be checked.</param>
+ /// <param name="attrCert">The attribute certificate to be checked.</param>
/// <returns><code>true</code> if the object matches this selector.</returns>
- public bool Match(
- object obj)
+ public bool Match(X509V2AttributeCertificate attrCert)
{
- if (obj == null)
- throw new ArgumentNullException("obj");
-
- IX509AttributeCertificate attrCert = obj as IX509AttributeCertificate;
-
if (attrCert == null)
return false;
@@ -160,7 +154,7 @@ namespace Org.BouncyCastle.X509.Store
/// <summary>The attribute certificate which must be matched.</summary>
/// <remarks>If <c>null</c> is given, any will do.</remarks>
- public IX509AttributeCertificate AttributeCert
+ public X509V2AttributeCertificate AttributeCert
{
get { return attributeCert; }
set { this.attributeCert = value; }
diff --git a/crypto/src/x509/store/X509CertPairStoreSelector.cs b/crypto/src/x509/store/X509CertPairStoreSelector.cs
index 2796971c7..936da2e48 100644
--- a/crypto/src/x509/store/X509CertPairStoreSelector.cs
+++ b/crypto/src/x509/store/X509CertPairStoreSelector.cs
@@ -1,5 +1,7 @@
using System;
+using Org.BouncyCastle.Utilities.Collections;
+
namespace Org.BouncyCastle.X509.Store
{
/// <remarks>
@@ -9,7 +11,7 @@ namespace Org.BouncyCastle.X509.Store
/// each of which, if present, must match the respective component of a pair.
/// </remarks>
public class X509CertPairStoreSelector
- : IX509Selector
+ : ISelector<X509CertificatePair>
{
private static X509CertStoreSelector CloneSelector(
X509CertStoreSelector s)
@@ -59,16 +61,10 @@ namespace Org.BouncyCastle.X509.Store
/// <c>obj</c> is not a <code>X509CertificatePair</code>, this method
/// returns <code>false</code>.
/// </summary>
- /// <param name="obj">The <code>X509CertificatePair</code> to be tested.</param>
+ /// <param name="pair">The <code>X509CertificatePair</code> to be tested.</param>
/// <returns><code>true</code> if the object matches this selector.</returns>
- public bool Match(
- object obj)
+ public bool Match(X509CertificatePair pair)
{
- if (obj == null)
- throw new ArgumentNullException("obj");
-
- X509CertificatePair pair = obj as X509CertificatePair;
-
if (pair == null)
return false;
diff --git a/crypto/src/x509/store/X509CertStoreSelector.cs b/crypto/src/x509/store/X509CertStoreSelector.cs
index 8e22b862a..b351f1cf3 100644
--- a/crypto/src/x509/store/X509CertStoreSelector.cs
+++ b/crypto/src/x509/store/X509CertStoreSelector.cs
@@ -12,7 +12,7 @@ using Org.BouncyCastle.X509.Extension;
namespace Org.BouncyCastle.X509.Store
{
public class X509CertStoreSelector
- : IX509Selector
+ : ISelector<X509Certificate>
{
// TODO Missing criteria?
@@ -160,11 +160,8 @@ namespace Org.BouncyCastle.X509.Store
set { subjectPublicKeyAlgID = value; }
}
- public virtual bool Match(
- object obj)
+ public virtual bool Match(X509Certificate c)
{
- X509Certificate c = obj as X509Certificate;
-
if (c == null)
return false;
diff --git a/crypto/src/x509/store/X509CollectionStore.cs b/crypto/src/x509/store/X509CollectionStore.cs
deleted file mode 100644
index 92173140b..000000000
--- a/crypto/src/x509/store/X509CollectionStore.cs
+++ /dev/null
@@ -1,51 +0,0 @@
-using System;
-using System.Collections;
-
-using Org.BouncyCastle.Utilities;
-
-namespace Org.BouncyCastle.X509.Store
-{
- /**
- * A simple collection backed store.
- */
- internal class X509CollectionStore
- : IX509Store
- {
- private ICollection _local;
-
- /**
- * Basic constructor.
- *
- * @param collection - initial contents for the store, this is copied.
- */
- internal X509CollectionStore(
- ICollection collection)
- {
- _local = Platform.CreateArrayList(collection);
- }
-
- /**
- * Return the matches in the collection for the passed in selector.
- *
- * @param selector the selector to match against.
- * @return a possibly empty collection of matching objects.
- */
- public ICollection GetMatches(
- IX509Selector selector)
- {
- if (selector == null)
- {
- return Platform.CreateArrayList(_local);
- }
-
- IList result = Platform.CreateArrayList();
- foreach (object obj in _local)
- {
- if (selector.Match(obj))
- result.Add(obj);
- }
-
- return result;
- }
- }
-}
diff --git a/crypto/src/x509/store/X509CollectionStoreParameters.cs b/crypto/src/x509/store/X509CollectionStoreParameters.cs
deleted file mode 100644
index 7fd047a47..000000000
--- a/crypto/src/x509/store/X509CollectionStoreParameters.cs
+++ /dev/null
@@ -1,60 +0,0 @@
-using System;
-using System.Collections;
-using System.Text;
-
-using Org.BouncyCastle.Utilities;
-
-namespace Org.BouncyCastle.X509.Store
-{
- /// <remarks>This class contains a collection for collection based <code>X509Store</code>s.</remarks>
- public class X509CollectionStoreParameters
- : IX509StoreParameters
- {
- private readonly IList collection;
-
- /// <summary>
- /// Constructor.
- /// <p>
- /// The collection is copied.
- /// </p>
- /// </summary>
- /// <param name="collection">The collection containing X.509 object types.</param>
- /// <exception cref="ArgumentNullException">If collection is null.</exception>
- public X509CollectionStoreParameters(
- ICollection collection)
- {
- if (collection == null)
- throw new ArgumentNullException("collection");
-
- this.collection = Platform.CreateArrayList(collection);
- }
-
- // TODO Do we need to be able to Clone() these, and should it really be shallow?
-// /**
-// * Returns a shallow clone. The returned contents are not copied, so adding
-// * or removing objects will effect this.
-// *
-// * @return a shallow clone.
-// */
-// public object Clone()
-// {
-// return new X509CollectionStoreParameters(collection);
-// }
-
- /// <summary>Returns a copy of the <code>ICollection</code>.</summary>
- public ICollection GetCollection()
- {
- return Platform.CreateArrayList(collection);
- }
-
- /// <summary>Returns a formatted string describing the parameters.</summary>
- public override string ToString()
- {
- StringBuilder sb = new StringBuilder();
- sb.Append("X509CollectionStoreParameters: [\n");
- sb.Append(" collection: " + collection + "\n");
- sb.Append("]");
- return sb.ToString();
- }
- }
-}
diff --git a/crypto/src/x509/store/X509CrlStoreSelector.cs b/crypto/src/x509/store/X509CrlStoreSelector.cs
index 4be2a1ef0..dcf8f8876 100644
--- a/crypto/src/x509/store/X509CrlStoreSelector.cs
+++ b/crypto/src/x509/store/X509CrlStoreSelector.cs
@@ -5,13 +5,14 @@ using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.Utilities.Date;
using Org.BouncyCastle.X509.Extension;
namespace Org.BouncyCastle.X509.Store
{
public class X509CrlStoreSelector
- : IX509Selector
+ : ISelector<X509Crl>
{
// TODO Missing criteria?
@@ -21,7 +22,7 @@ namespace Org.BouncyCastle.X509.Store
private BigInteger maxCrlNumber;
private BigInteger minCrlNumber;
- private IX509AttributeCertificate attrCertChecking;
+ private X509V2AttributeCertificate attrCertChecking;
private bool completeCrlEnabled;
private bool deltaCrlIndicatorEnabled;
private byte[] issuingDistributionPoint;
@@ -98,7 +99,7 @@ namespace Org.BouncyCastle.X509.Store
* <code>null</code>)
* @see #getAttrCertificateChecking()
*/
- public IX509AttributeCertificate AttrCertChecking
+ public X509V2AttributeCertificate AttrCertChecking
{
get { return attrCertChecking; }
set { this.attrCertChecking = value; }
@@ -180,11 +181,8 @@ namespace Org.BouncyCastle.X509.Store
set { this.maxBaseCrlNumber = value; }
}
- public virtual bool Match(
- object obj)
+ public virtual bool Match(X509Crl c)
{
- X509Crl c = obj as X509Crl;
-
if (c == null)
return false;
diff --git a/crypto/src/x509/store/X509StoreException.cs b/crypto/src/x509/store/X509StoreException.cs
deleted file mode 100644
index 0ad32c2ef..000000000
--- a/crypto/src/x509/store/X509StoreException.cs
+++ /dev/null
@@ -1,30 +0,0 @@
-using System;
-using System.Runtime.Serialization;
-
-namespace Org.BouncyCastle.X509.Store
-{
- [Serializable]
- public class X509StoreException
- : Exception
- {
- public X509StoreException()
- : base()
- {
- }
-
- public X509StoreException(string message)
- : base(message)
- {
- }
-
- public X509StoreException(string message, Exception innerException)
- : base(message, innerException)
- {
- }
-
- protected X509StoreException(SerializationInfo info, StreamingContext context)
- : base(info, context)
- {
- }
- }
-}
diff --git a/crypto/src/x509/store/X509StoreFactory.cs b/crypto/src/x509/store/X509StoreFactory.cs
deleted file mode 100644
index 96f22be3f..000000000
--- a/crypto/src/x509/store/X509StoreFactory.cs
+++ /dev/null
@@ -1,62 +0,0 @@
-using System;
-using System.Collections;
-
-using Org.BouncyCastle.Utilities;
-
-namespace Org.BouncyCastle.X509.Store
-{
- public sealed class X509StoreFactory
- {
- private X509StoreFactory()
- {
- }
-
- public static IX509Store Create(
- string type,
- IX509StoreParameters parameters)
- {
- if (type == null)
- throw new ArgumentNullException("type");
-
- string[] parts = Platform.ToUpperInvariant(type).Split('/');
-
- if (parts.Length < 2)
- throw new ArgumentException("type");
-
- if (parts[1] != "COLLECTION")
- throw new NoSuchStoreException("X.509 store type '" + type + "' not available.");
-
- X509CollectionStoreParameters p = (X509CollectionStoreParameters) parameters;
- ICollection coll = p.GetCollection();
-
- switch (parts[0])
- {
- case "ATTRIBUTECERTIFICATE":
- checkCorrectType(coll, typeof(IX509AttributeCertificate));
- break;
- case "CERTIFICATE":
- checkCorrectType(coll, typeof(X509Certificate));
- break;
- case "CERTIFICATEPAIR":
- checkCorrectType(coll, typeof(X509CertificatePair));
- break;
- case "CRL":
- checkCorrectType(coll, typeof(X509Crl));
- break;
- default:
- throw new NoSuchStoreException("X.509 store type '" + type + "' not available.");
- }
-
- return new X509CollectionStore(coll);
- }
-
- private static void checkCorrectType(ICollection coll, Type t)
- {
- foreach (object o in coll)
- {
- if (!t.IsInstanceOfType(o))
- throw new InvalidCastException("Can't cast object to type: " + t.FullName);
- }
- }
- }
-}
diff --git a/crypto/test/src/cms/test/CMSTestUtil.cs b/crypto/test/src/cms/test/CMSTestUtil.cs
index 242d7e8cf..596072937 100644
--- a/crypto/test/src/cms/test/CMSTestUtil.cs
+++ b/crypto/test/src/cms/test/CMSTestUtil.cs
@@ -1,5 +1,6 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using System.IO;
using System.Text;
@@ -10,11 +11,11 @@ using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.Utilities.Encoders;
using Org.BouncyCastle.Utilities.IO;
using Org.BouncyCastle.X509;
using Org.BouncyCastle.X509.Extension;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Cms.Tests
{
@@ -219,12 +220,8 @@ namespace Org.BouncyCastle.Cms.Tests
return buf.ToString();
}
- public static IX509AttributeCertificate GetAttributeCertificate()
+ public static X509V2AttributeCertificate GetAttributeCertificate()
{
-// X509StreamParser parser = X509StreamParser.GetInstance("AttributeCertificate");
-// parser.Init(CmsTestUtil.attrCert);
-// return (X509AttributeCertificate) parser.Read();
-
return new X509AttrCertParser().ReadAttrCert(attrCert);
}
@@ -425,37 +422,38 @@ namespace Org.BouncyCastle.Cms.Tests
return "GOST3411WithGOST3410";
}
- internal static IX509Store MakeAttrCertStore(params IX509AttributeCertificate[] attrCerts)
+ internal static IStore<X509V2AttributeCertificate> MakeAttrCertStore(
+ params X509V2AttributeCertificate[] attrCerts)
{
- IList attrCertList = new ArrayList();
- foreach (IX509AttributeCertificate attrCert in attrCerts)
+ var attrCertList = new List<X509V2AttributeCertificate>();
+ foreach (var attrCert in attrCerts)
{
attrCertList.Add(attrCert);
}
- return X509StoreFactory.Create("AttributeCertificate/Collection", new X509CollectionStoreParameters(attrCertList));
+ return CollectionUtilities.CreateStore(attrCertList);
}
- internal static IX509Store MakeCertStore(params X509Certificate[] certs)
+ internal static IStore<X509Certificate> MakeCertStore(params X509Certificate[] certs)
{
- IList certList = new ArrayList();
- foreach (X509Certificate cert in certs)
+ var certList = new List<X509Certificate>();
+ foreach (var cert in certs)
{
certList.Add(cert);
}
- return X509StoreFactory.Create("Certificate/Collection", new X509CollectionStoreParameters(certList));
+ return CollectionUtilities.CreateStore(certList);
}
- internal static IX509Store MakeCrlStore(params X509Crl[] crls)
+ internal static IStore<X509Crl> MakeCrlStore(params X509Crl[] crls)
{
- IList crlList = new ArrayList();
- foreach (X509Crl crl in crls)
+ var crlList = new List<X509Crl>();
+ foreach (var crl in crls)
{
crlList.Add(crl);
}
- return X509StoreFactory.Create("CRL/Collection", new X509CollectionStoreParameters(crlList));
+ return CollectionUtilities.CreateStore(crlList);
}
private static AuthorityKeyIdentifier CreateAuthorityKeyId(
diff --git a/crypto/test/src/cms/test/MiscDataStreamTest.cs b/crypto/test/src/cms/test/MiscDataStreamTest.cs
index 4cb19884b..58259998b 100644
--- a/crypto/test/src/cms/test/MiscDataStreamTest.cs
+++ b/crypto/test/src/cms/test/MiscDataStreamTest.cs
@@ -1,22 +1,16 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using System.IO;
using System.Text;
using NUnit.Framework;
-using Org.BouncyCastle.Asn1;
-using Org.BouncyCastle.Asn1.Cms;
-using Org.BouncyCastle.Asn1.Oiw;
-using Org.BouncyCastle.Cms;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities;
-using Org.BouncyCastle.Utilities.Encoders;
-using Org.BouncyCastle.Utilities.IO;
-using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Cms.Tests
{
@@ -92,21 +86,19 @@ namespace Org.BouncyCastle.Cms.Tests
get { return origCrl == null ? (origCrl = CmsTestUtil.MakeCrl(OrigKP)) : origCrl; }
}
- private void VerifySignatures(
- CmsSignedDataParser sp,
- byte[] contentDigest)
+ private void VerifySignatures(CmsSignedDataParser sp, byte[] contentDigest)
{
- IX509Store certStore = sp.GetCertificates("Collection");
+ IStore<X509Certificate> certStore = sp.GetCertificates();
SignerInformationStore signers = sp.GetSignerInfos();
foreach (SignerInformation signer in signers.GetSigners())
{
- ICollection certCollection = certStore.GetMatches(signer.SignerID);
+ var certCollection = certStore.EnumerateMatches(signer.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate) certEnum.Current;
+ X509Certificate cert = certEnum.Current;
Assert.IsTrue(signer.Verify(cert));
@@ -144,9 +136,9 @@ namespace Org.BouncyCastle.Cms.Tests
{
sc.Drain();
}
- sp.GetAttributeCertificates("Collection");
- sp.GetCertificates("Collection");
- sp.GetCrls("Collection");
+ sp.GetAttributeCertificates();
+ sp.GetCertificates();
+ sp.GetCrls();
sp.GetSignerInfos();
sp.Close();
}
@@ -154,22 +146,16 @@ namespace Org.BouncyCastle.Cms.Tests
[Test]
public void TestSha1WithRsa()
{
- IList certList = new ArrayList();
- IList crlList = new ArrayList();
- MemoryStream bOut = new MemoryStream();
-
+ var certList = new List<X509Certificate>();
certList.Add(OrigCert);
certList.Add(SignCert);
+ var crlList = new List<X509Crl>();
crlList.Add(SignCrl);
crlList.Add(OrigCrl);
- IX509Store x509Certs = X509StoreFactory.Create(
- "Certificate/Collection",
- new X509CollectionStoreParameters(certList));
- IX509Store x509Crls = X509StoreFactory.Create(
- "CRL/Collection",
- new X509CollectionStoreParameters(crlList));
+ var x509Certs = CollectionUtilities.CreateStore(certList);
+ var x509Crls = CollectionUtilities.CreateStore(crlList);
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
@@ -178,6 +164,7 @@ namespace Org.BouncyCastle.Cms.Tests
gen.AddCertificates(x509Certs);
gen.AddCrls(x509Crls);
+ MemoryStream bOut = new MemoryStream();
Stream sigOut = gen.Open(bOut);
CmsCompressedDataStreamGenerator cGen = new CmsCompressedDataStreamGenerator();
diff --git a/crypto/test/src/cms/test/Rfc4134Test.cs b/crypto/test/src/cms/test/Rfc4134Test.cs
index 3bfbd1358..d47dd84ff 100644
--- a/crypto/test/src/cms/test/Rfc4134Test.cs
+++ b/crypto/test/src/cms/test/Rfc4134Test.cs
@@ -14,7 +14,6 @@ using Org.BouncyCastle.Utilities.Encoders;
using Org.BouncyCastle.Utilities.IO;
using Org.BouncyCastle.Utilities.Test;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Cms.Tests
{
@@ -249,18 +248,17 @@ namespace Org.BouncyCastle.Cms.Tests
private void VerifySignatures(CmsSignedData s, byte[] contentDigest)
{
- IX509Store x509Certs = s.GetCertificates("Collection");
- IX509Store x509Crls = s.GetCrls("Collection");
+ var x509Certs = s.GetCertificates();
SignerInformationStore signers = s.GetSignerInfos();
foreach (SignerInformation signer in signers.GetSigners())
{
- ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+ var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate) certEnum.Current;
+ X509Certificate cert = certEnum.Current;
VerifySigner(signer, cert);
@@ -269,12 +267,6 @@ namespace Org.BouncyCastle.Cms.Tests
Assert.IsTrue(Arrays.AreEqual(contentDigest, signer.GetContentDigest()));
}
}
-
- ICollection certColl = x509Certs.GetMatches(null);
- ICollection crlColl = x509Crls.GetMatches(null);
-
- Assert.AreEqual(certColl.Count, s.GetCertificates("Collection").GetMatches(null).Count);
- Assert.AreEqual(crlColl.Count, s.GetCrls("Collection").GetMatches(null).Count);
}
private void VerifySignatures(CmsSignedData s)
@@ -289,17 +281,17 @@ namespace Org.BouncyCastle.Cms.Tests
{
sc.Drain();
}
-
- IX509Store x509Certs = sp.GetCertificates("Collection");
+
+ var x509Certs = sp.GetCertificates();
SignerInformationStore signers = sp.GetSignerInfos();
foreach (SignerInformation signer in signers.GetSigners())
{
- ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+ var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate)certEnum.Current;
+ X509Certificate cert = certEnum.Current;
VerifySigner(signer, cert);
}
diff --git a/crypto/test/src/cms/test/SignedDataStreamTest.cs b/crypto/test/src/cms/test/SignedDataStreamTest.cs
index 2131938e7..4ef6d9441 100644
--- a/crypto/test/src/cms/test/SignedDataStreamTest.cs
+++ b/crypto/test/src/cms/test/SignedDataStreamTest.cs
@@ -1,5 +1,6 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using System.IO;
using System.Text;
@@ -7,16 +8,12 @@ using NUnit.Framework;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cms;
-using Org.BouncyCastle.Asn1.Oiw;
-using Org.BouncyCastle.Cms;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.Encoders;
using Org.BouncyCastle.Utilities.IO;
-using Org.BouncyCastle.Utilities.Test;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Cms.Tests
{
@@ -96,17 +93,17 @@ namespace Org.BouncyCastle.Cms.Tests
CmsSignedDataParser sp,
byte[] contentDigest)
{
- IX509Store certStore = sp.GetCertificates("Collection");
+ var certStore = sp.GetCertificates();
SignerInformationStore signers = sp.GetSignerInfos();
foreach (SignerInformation signer in signers.GetSigners())
{
- ICollection certCollection = certStore.GetMatches(signer.SignerID);
+ var certCollection = certStore.EnumerateMatches(signer.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate) certEnum.Current;
+ X509Certificate cert = certEnum.Current;
Assert.IsTrue(signer.Verify(cert));
@@ -144,9 +141,9 @@ namespace Org.BouncyCastle.Cms.Tests
{
sc.Drain();
}
- sp.GetAttributeCertificates("Collection");
- sp.GetCertificates("Collection");
- sp.GetCrls("Collection");
+ sp.GetAttributeCertificates();
+ sp.GetCertificates();
+ sp.GetCrls();
sp.GetSignerInfos();
sp.Close();
}
@@ -292,8 +289,8 @@ namespace Org.BouncyCastle.Cms.Tests
{
MemoryStream bOut = new MemoryStream();
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
- IX509Store x509Crls = CmsTestUtil.MakeCrlStore(SignCrl, OrigCrl);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Crls = CmsTestUtil.MakeCrlStore(SignCrl, OrigCrl);
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
@@ -324,8 +321,8 @@ namespace Org.BouncyCastle.Cms.Tests
//
gen = new CmsSignedDataStreamGenerator();
gen.AddSigners(sp.GetSignerInfos());
- gen.AddCertificates(sp.GetCertificates("Collection"));
- gen.AddCrls(sp.GetCrls("Collection"));
+ gen.AddCertificates(sp.GetCertificates());
+ gen.AddCrls(sp.GetCrls());
bOut.SetLength(0);
@@ -338,7 +335,7 @@ namespace Org.BouncyCastle.Cms.Tests
//
// look for the CRLs
//
- ArrayList col = new ArrayList(x509Crls.GetMatches(null));
+ var col = new List<X509Crl>(x509Crls.EnumerateMatches(null));
Assert.AreEqual(2, col.Count);
Assert.IsTrue(col.Contains(SignCrl));
@@ -350,8 +347,8 @@ namespace Org.BouncyCastle.Cms.Tests
{
MemoryStream bOut = new MemoryStream();
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
- IX509Store x509Crls = CmsTestUtil.MakeCrlStore(SignCrl, OrigCrl);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Crls = CmsTestUtil.MakeCrlStore(SignCrl, OrigCrl);
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
@@ -383,7 +380,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
MemoryStream bOut = new MemoryStream();
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
gen.AddDigests(CmsSignedDataStreamGenerator.DigestSha1,
@@ -415,7 +412,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
MemoryStream bOut = new MemoryStream();
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
//
// find unbuffered length
@@ -469,7 +466,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
MemoryStream bOut = new MemoryStream();
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
//
// find unbuffered length
@@ -524,7 +521,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
MemoryStream bOut = new MemoryStream();
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
@@ -556,8 +553,8 @@ namespace Org.BouncyCastle.Cms.Tests
//
gen = new CmsSignedDataStreamGenerator();
gen.AddSigners(sp.GetSignerInfos());
- gen.AddCertificates(sp.GetCertificates("Collection"));
- gen.AddCrls(sp.GetCrls("Collection"));
+ gen.AddCertificates(sp.GetCertificates());
+ gen.AddCrls(sp.GetCrls());
bOut.SetLength(0);
@@ -611,7 +608,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
MemoryStream bOut = new MemoryStream();
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
gen.AddSigner(OrigKP.Private,
@@ -645,8 +642,7 @@ namespace Org.BouncyCastle.Cms.Tests
//
gen = new CmsSignedDataStreamGenerator();
gen.AddSigners(sp.GetSignerInfos());
-// gen.AddCertificatesAndCRLs(sp.GetCertificatesAndCrls("Collection", "BC"));
- gen.AddCertificates(sp.GetCertificates("Collection"));
+ gen.AddCertificates(sp.GetCertificates());
bOut.SetLength(0);
@@ -666,7 +662,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
MemoryStream bOut = new MemoryStream();
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsAttributeTableGenerator signedGen = new SignedGenAttributeTableGenerator();
CmsAttributeTableGenerator unsignedGen = new UnsignedGenAttributeTableGenerator();
@@ -710,15 +706,15 @@ namespace Org.BouncyCastle.Cms.Tests
[Test]
public void TestWithAttributeCertificate()
{
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(SignCert);
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
gen.AddCertificates(x509Certs);
- IX509AttributeCertificate attrCert = CmsTestUtil.GetAttributeCertificate();
+ var attrCert = CmsTestUtil.GetAttributeCertificate();
- IX509Store store = CmsTestUtil.MakeAttrCertStore(attrCert);
+ var store = CmsTestUtil.MakeAttrCertStore(attrCert);
gen.AddAttributeCertificates(store);
@@ -736,9 +732,9 @@ namespace Org.BouncyCastle.Cms.Tests
Assert.AreEqual(4, sp.Version);
- store = sp.GetAttributeCertificates("Collection");
+ store = sp.GetAttributeCertificates();
- ArrayList coll = new ArrayList(store.GetMatches(null));
+ var coll = new List<X509V2AttributeCertificate>(store.EnumerateMatches(null));
Assert.AreEqual(1, coll.Count);
@@ -751,7 +747,7 @@ namespace Org.BouncyCastle.Cms.Tests
MemoryStream bOut = new MemoryStream();
byte[] data = Encoding.ASCII.GetBytes(TestMessage);
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
@@ -811,7 +807,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
MemoryStream bOut = new MemoryStream();
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
@@ -868,7 +864,7 @@ namespace Org.BouncyCastle.Cms.Tests
MemoryStream bOut = new MemoryStream();
byte[] data = Encoding.ASCII.GetBytes(TestMessage);
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigDsaCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigDsaCert);
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
@@ -905,7 +901,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
MemoryStream bOut = new MemoryStream();
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigDsaCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigDsaCert);
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
@@ -945,7 +941,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
MemoryStream bOut = new MemoryStream();
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
@@ -960,8 +956,8 @@ namespace Org.BouncyCastle.Cms.Tests
CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());
sp.GetSignedContent().Drain();
- x509Certs = sp.GetCertificates("Collection");
- ArrayList a = new ArrayList(x509Certs.GetMatches(null));
+ x509Certs = sp.GetCertificates();
+ var a = new List<X509Certificate>(x509Certs.EnumerateMatches(null));
Assert.AreEqual(2, a.Count);
Assert.AreEqual(OrigCert, a[0]);
@@ -973,7 +969,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
MemoryStream bOut = new MemoryStream();
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignCert, OrigCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(SignCert, OrigCert);
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
@@ -988,8 +984,8 @@ namespace Org.BouncyCastle.Cms.Tests
CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());
sp.GetSignedContent().Drain();
- x509Certs = sp.GetCertificates("Collection");
- ArrayList a = new ArrayList(x509Certs.GetMatches(null));
+ x509Certs = sp.GetCertificates();
+ var a = new List<X509Certificate>(x509Certs.EnumerateMatches(null));
Assert.AreEqual(2, a.Count);
Assert.AreEqual(SignCert, a[0]);
@@ -999,7 +995,7 @@ namespace Org.BouncyCastle.Cms.Tests
[Test]
public void TestCertsOnly()
{
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
MemoryStream bOut = new MemoryStream();
diff --git a/crypto/test/src/cms/test/SignedDataTest.cs b/crypto/test/src/cms/test/SignedDataTest.cs
index 41af04874..7147bc8da 100644
--- a/crypto/test/src/cms/test/SignedDataTest.cs
+++ b/crypto/test/src/cms/test/SignedDataTest.cs
@@ -1,5 +1,6 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using System.IO;
using System.Text;
@@ -8,6 +9,7 @@ using NUnit.Framework;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cms;
using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Pkcs;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities;
@@ -15,9 +17,6 @@ using Org.BouncyCastle.Utilities.Encoders;
using Org.BouncyCastle.Utilities.IO;
using Org.BouncyCastle.Utilities.Test;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
-using Org.BouncyCastle.Crypto.Operators;
-using Org.BouncyCastle.Asn1.Utilities;
namespace Org.BouncyCastle.Cms.Tests
{
@@ -379,19 +378,19 @@ namespace Org.BouncyCastle.Cms.Tests
CmsSignedData s,
byte[] contentDigest)
{
- IX509Store x509Certs = s.GetCertificates("Collection");
+ var x509Certs = s.GetCertificates();
SignerInformationStore signers = s.GetSignerInfos();
ICollection c = signers.GetSigners();
foreach (SignerInformation signer in c)
{
- ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+ var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate) certEnum.Current;
+ X509Certificate cert = certEnum.Current;
Assert.IsTrue(signer.Verify(cert));
@@ -406,19 +405,19 @@ namespace Org.BouncyCastle.Cms.Tests
CmsSignedData s,
byte[] contentDigest)
{
- IX509Store x509Certs = s.GetCertificates("Collection");
+ var x509Certs = s.GetCertificates();
SignerInformationStore signers = s.GetSignerInfos();
ICollection c = signers.GetSigners();
foreach (SignerInformation signer in c)
{
- ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+ var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate)certEnum.Current;
+ X509Certificate cert = certEnum.Current;
Assert.IsTrue(signer.Verify(cert));
Assert.IsTrue(null == signer.GetEncodedSignedAttributes());
@@ -442,7 +441,7 @@ namespace Org.BouncyCastle.Cms.Tests
byte[] data = Encoding.ASCII.GetBytes("Hello World!");
CmsProcessable msg = new CmsProcessableByteArray(data);
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
@@ -465,7 +464,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
@@ -476,7 +475,7 @@ namespace Org.BouncyCastle.Cms.Tests
s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
- x509Certs = s.GetCertificates("Collection");
+ x509Certs = s.GetCertificates();
SignerInformationStore signers = s.GetSignerInfos();
@@ -487,12 +486,12 @@ namespace Org.BouncyCastle.Cms.Tests
foreach (SignerInformation signer in c)
{
- ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+ var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate) certEnum.Current;
+ X509Certificate cert = certEnum.Current;
sid = signer.SignerID;
@@ -522,14 +521,14 @@ namespace Org.BouncyCastle.Cms.Tests
gen.AddSigners(s.GetSignerInfos());
- gen.AddCertificates(s.GetCertificates("Collection"));
- gen.AddCrls(s.GetCrls("Collection"));
+ gen.AddCertificates(s.GetCertificates());
+ gen.AddCrls(s.GetCrls());
s = gen.Generate(msg, true);
s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
- x509Certs = s.GetCertificates("Collection");
+ x509Certs = s.GetCertificates();
signers = s.GetSignerInfos();
c = signers.GetSigners();
@@ -538,12 +537,12 @@ namespace Org.BouncyCastle.Cms.Tests
foreach (SignerInformation signer in c)
{
- ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+ var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate) certEnum.Current;
+ X509Certificate cert = certEnum.Current;
Assert.AreEqual(true, signer.Verify(cert));
}
@@ -556,7 +555,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSignerInfoGenerator(new SignerInfoGeneratorBuilder().Build(
@@ -570,7 +569,7 @@ namespace Org.BouncyCastle.Cms.Tests
s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
- x509Certs = s.GetCertificates("Collection");
+ x509Certs = s.GetCertificates();
SignerInformationStore signers = s.GetSignerInfos();
@@ -581,12 +580,12 @@ namespace Org.BouncyCastle.Cms.Tests
foreach (SignerInformation signer in c)
{
- ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+ var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate)certEnum.Current;
+ X509Certificate cert = certEnum.Current;
sid = signer.SignerID;
@@ -616,14 +615,14 @@ namespace Org.BouncyCastle.Cms.Tests
gen.AddSigners(s.GetSignerInfos());
- gen.AddCertificates(s.GetCertificates("Collection"));
- gen.AddCrls(s.GetCrls("Collection"));
+ gen.AddCertificates(s.GetCertificates());
+ gen.AddCrls(s.GetCrls());
s = gen.Generate(msg, true);
s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
- x509Certs = s.GetCertificates("Collection");
+ x509Certs = s.GetCertificates();
signers = s.GetSignerInfos();
c = signers.GetSigners();
@@ -632,12 +631,12 @@ namespace Org.BouncyCastle.Cms.Tests
foreach (SignerInformation signer in c)
{
- ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+ var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate)certEnum.Current;
+ X509Certificate cert = certEnum.Current;
Assert.AreEqual(true, signer.Verify(cert));
}
@@ -673,7 +672,7 @@ namespace Org.BouncyCastle.Cms.Tests
byte[] testBytes = Encoding.ASCII.GetBytes("Hello world!");
CmsProcessable msg = new CmsProcessableByteArray(testBytes);
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
byte[] hash = DigestUtilities.CalculateDigest("SHA1", testBytes);
@@ -707,10 +706,10 @@ namespace Org.BouncyCastle.Cms.Tests
CmsSignedData s = new CmsSignedData(document);
- IX509Store certStore = s.GetCertificates("Collection");
+ var certStore = s.GetCertificates();
foreach (SignerInformation signerInformation in s.GetSignerInfos().GetSigners())
{
- ICollection certCollection = certStore.GetMatches(signerInformation.SignerID);
+ var certCollection = certStore.EnumerateMatches(signerInformation.SignerID);
foreach (X509Certificate cert in certCollection)
{
Assert.IsTrue(signerInformation.Verify(cert), "raw sig failed");
@@ -961,8 +960,8 @@ namespace Org.BouncyCastle.Cms.Tests
{
CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignCert, OrigCert);
- IX509Store x509Crls = CmsTestUtil.MakeCrlStore(SignCrl);
+ var x509Certs = CmsTestUtil.MakeCertStore(SignCert, OrigCert);
+ var x509Crls = CmsTestUtil.MakeCrlStore(SignCrl);
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSigner(SignKP.Private, SignCert, CmsSignedDataGenerator.DigestSha1);
@@ -983,12 +982,12 @@ namespace Org.BouncyCastle.Cms.Tests
foreach (SignerInformation cSigner in csSigners)
{
- ICollection certCollection = x509Certs.GetMatches(cSigner.SignerID);
+ var certCollection = x509Certs.EnumerateMatches(cSigner.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate) certEnum.Current;
+ X509Certificate cert = certEnum.Current;
Assert.IsNull(cSigner.SignedAttributes[Asn1.Pkcs.PkcsObjectIdentifiers.Pkcs9AtContentType]);
Assert.IsTrue(cSigner.Verify(cert));
@@ -1002,7 +1001,7 @@ namespace Org.BouncyCastle.Cms.Tests
byte[] msgBytes = Encoding.ASCII.GetBytes("Hello World!");
CmsProcessable msg = new CmsProcessableByteArray(msgBytes);
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.EncryptionRsaPss, digestOID);
@@ -1023,7 +1022,7 @@ namespace Org.BouncyCastle.Cms.Tests
byte[] msgBytes = Encoding.ASCII.GetBytes("Hello World!");
CmsProcessable msg = new CmsProcessableByteArray(msgBytes);
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSignerInfoGenerator(new SignerInfoGeneratorBuilder().SetDirectSignature(true).Build(
@@ -1045,8 +1044,8 @@ namespace Org.BouncyCastle.Cms.Tests
{
CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(signatureCert, OrigCert);
- IX509Store x509Crls = CmsTestUtil.MakeCrlStore(SignCrl);
+ var x509Certs = CmsTestUtil.MakeCertStore(signatureCert, OrigCert);
+ var x509Crls = CmsTestUtil.MakeCrlStore(SignCrl);
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSigner(signaturePair.Private,
@@ -1064,19 +1063,19 @@ namespace Org.BouncyCastle.Cms.Tests
s = new CmsSignedData(ContentInfo.GetInstance(aIn.ReadObject()));
- x509Certs = s.GetCertificates("Collection");
- x509Crls = s.GetCrls("Collection");
+ x509Certs = s.GetCertificates();
+ x509Crls = s.GetCrls();
SignerInformationStore signers = s.GetSignerInfos();
foreach (SignerInformation signer in signers.GetSigners())
{
- ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+ var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate) certEnum.Current;
+ X509Certificate cert = certEnum.Current;
Assert.IsTrue(signer.Verify(cert));
}
@@ -1084,7 +1083,7 @@ namespace Org.BouncyCastle.Cms.Tests
//
// check for CRLs
//
- ArrayList crls = new ArrayList(x509Crls.GetMatches(null));
+ var crls = new List<X509Crl>(x509Crls.EnumerateMatches(null));
Assert.AreEqual(1, crls.Count);
@@ -1098,8 +1097,8 @@ namespace Org.BouncyCastle.Cms.Tests
gen.AddSigners(s.GetSignerInfos());
- gen.AddCertificates(s.GetCertificates("Collection"));
- gen.AddCrls(s.GetCrls("Collection"));
+ gen.AddCertificates(s.GetCertificates());
+ gen.AddCrls(s.GetCrls());
s = gen.Generate(msg, true);
@@ -1108,19 +1107,19 @@ namespace Org.BouncyCastle.Cms.Tests
s = new CmsSignedData(ContentInfo.GetInstance(aIn.ReadObject()));
- x509Certs = s.GetCertificates("Collection");
- x509Crls = s.GetCrls("Collection");
+ x509Certs = s.GetCertificates();
+ x509Crls = s.GetCrls();
signers = s.GetSignerInfos();
foreach (SignerInformation signer in signers.GetSigners())
{
- ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+ var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate) certEnum.Current;
+ X509Certificate cert = certEnum.Current;
Assert.IsTrue(signer.Verify(cert));
}
@@ -1135,8 +1134,8 @@ namespace Org.BouncyCastle.Cms.Tests
{
CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(signatureCert, OrigCert);
- IX509Store x509Crls = CmsTestUtil.MakeCrlStore(SignCrl);
+ var x509Certs = CmsTestUtil.MakeCertStore(signatureCert, OrigCert);
+ var x509Crls = CmsTestUtil.MakeCrlStore(SignCrl);
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSigner(signaturePair.Private, signatureCert, digestAlgorithm);
@@ -1147,20 +1146,20 @@ namespace Org.BouncyCastle.Cms.Tests
s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
- x509Certs = s.GetCertificates("Collection");
- x509Crls = s.GetCrls("Collection");
+ x509Certs = s.GetCertificates();
+ x509Crls = s.GetCrls();
SignerInformationStore signers = s.GetSignerInfos();
ICollection c = signers.GetSigners();
foreach (SignerInformation signer in c)
{
- ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+ var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate) certEnum.Current;
+ X509Certificate cert = certEnum.Current;
Assert.AreEqual(digestAlgorithm, signer.DigestAlgOid);
@@ -1170,7 +1169,7 @@ namespace Org.BouncyCastle.Cms.Tests
//
// check for CRLs
//
- ArrayList crls = new ArrayList(x509Crls.GetMatches(null));
+ var crls = new List<X509Crl>(x509Crls.EnumerateMatches(null));
Assert.AreEqual(1, crls.Count);
@@ -1184,27 +1183,27 @@ namespace Org.BouncyCastle.Cms.Tests
gen.AddSigners(s.GetSignerInfos());
- gen.AddCertificates(s.GetCertificates("Collection"));
- gen.AddCrls(s.GetCrls("Collection"));
+ gen.AddCertificates(s.GetCertificates());
+ gen.AddCrls(s.GetCrls());
s = gen.Generate(msg, true);
s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
- x509Certs = s.GetCertificates("Collection");
- x509Crls = s.GetCrls("Collection");
+ x509Certs = s.GetCertificates();
+ x509Crls = s.GetCrls();
signers = s.GetSignerInfos();
c = signers.GetSigners();
foreach (SignerInformation signer in c)
{
- ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+ var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate) certEnum.Current;
+ X509Certificate cert = certEnum.Current;
Assert.IsTrue(signer.Verify(cert));
}
@@ -1221,19 +1220,19 @@ namespace Org.BouncyCastle.Cms.Tests
{
CmsSignedData s = CmsSignedData.ReplaceSigners(orig, signers);
- IX509Store x509Certs = s.GetCertificates("Collection");
+ var x509Certs = s.GetCertificates();
signers = s.GetSignerInfos();
ICollection c = signers.GetSigners();
foreach (SignerInformation signer in c)
{
- ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+ var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate) certEnum.Current;
+ X509Certificate cert = certEnum.Current;
Assert.IsTrue(signer.Verify(cert));
}
@@ -1244,19 +1243,19 @@ namespace Org.BouncyCastle.Cms.Tests
{
CmsSignedData s = new CmsSignedData(new CmsProcessableByteArray(disorderedMessage), disorderedSet);
- IX509Store x509Certs = s.GetCertificates("Collection");
+ var x509Certs = s.GetCertificates();
SignerInformationStore signers = s.GetSignerInfos();
ICollection c = signers.GetSigners();
foreach (SignerInformation signer in c)
{
- ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+ var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate) certEnum.Current;
+ X509Certificate cert = certEnum.Current;
SignerInformation sAsIs = new AsIsSignerInformation(signer);
Assert.IsFalse(signer.Verify(cert));
@@ -1282,7 +1281,7 @@ namespace Org.BouncyCastle.Cms.Tests
[Test]
public void TestNullContentWithSigner()
{
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
@@ -1300,15 +1299,15 @@ namespace Org.BouncyCastle.Cms.Tests
{
CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignDsaCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(SignDsaCert);
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
gen.AddCertificates(x509Certs);
- IX509AttributeCertificate attrCert = CmsTestUtil.GetAttributeCertificate();
+ var attrCert = CmsTestUtil.GetAttributeCertificate();
- IX509Store store = CmsTestUtil.MakeAttrCertStore(attrCert);
+ var store = CmsTestUtil.MakeAttrCertStore(attrCert);
gen.AddAttributeCertificates(store);
@@ -1316,9 +1315,9 @@ namespace Org.BouncyCastle.Cms.Tests
Assert.AreEqual(4, sd.Version);
- store = sd.GetAttributeCertificates("Collection");
+ store = sd.GetAttributeCertificates();
- ArrayList coll = new ArrayList(store.GetMatches(null));
+ var coll = new List<X509V2AttributeCertificate>(store.EnumerateMatches(null));
Assert.AreEqual(1, coll.Count);
@@ -1342,7 +1341,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignDsaCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(SignDsaCert);
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
@@ -1368,7 +1367,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignDsaCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(SignDsaCert);
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
@@ -1394,7 +1393,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert, SignDsaCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert, SignDsaCert);
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
@@ -1402,8 +1401,8 @@ namespace Org.BouncyCastle.Cms.Tests
CmsSignedData sd = gen.Generate(msg, true);
- x509Certs = sd.GetCertificates("Collection");
- ArrayList a = new ArrayList(x509Certs.GetMatches(null));
+ x509Certs = sd.GetCertificates();
+ var a = new List<X509Certificate>(x509Certs.EnumerateMatches(null));
Assert.AreEqual(3, a.Count);
Assert.AreEqual(OrigCert, a[0]);
@@ -1416,7 +1415,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignCert, SignDsaCert, OrigCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(SignCert, SignDsaCert, OrigCert);
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
@@ -1424,8 +1423,8 @@ namespace Org.BouncyCastle.Cms.Tests
CmsSignedData sd = gen.Generate(msg, true);
- x509Certs = sd.GetCertificates("Collection");
- ArrayList a = new ArrayList(x509Certs.GetMatches(null));
+ x509Certs = sd.GetCertificates();
+ var a = new List<X509Certificate>(x509Certs.EnumerateMatches(null));
Assert.AreEqual(3, a.Count);
Assert.AreEqual(SignCert, a[0]);
@@ -1438,7 +1437,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
@@ -1505,8 +1504,8 @@ namespace Org.BouncyCastle.Cms.Tests
foreach (SignerInformation cSigner in csSigners)
{
- ArrayList certCollection = new ArrayList(
- sig.GetCertificates("Collection").GetMatches(cSigner.SignerID));
+ var certCollection = new List<X509Certificate>(
+ sig.GetCertificates().EnumerateMatches(cSigner.SignerID));
X509Certificate cert = (X509Certificate)certCollection[0];
@@ -1556,7 +1555,7 @@ namespace Org.BouncyCastle.Cms.Tests
byte[] data = Encoding.ASCII.GetBytes("Hello World!");
CmsProcessable msg = new CmsProcessableByteArray(data);
- IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSignerInfoGenerator(new SignerInfoGeneratorBuilder().Build(
@@ -1576,16 +1575,16 @@ namespace Org.BouncyCastle.Cms.Tests
private void VerifySignatures(
CmsSignedDataParser sp)
{
- IX509Store x509Certs = sp.GetCertificates("Collection");
+ var x509Certs = sp.GetCertificates();
SignerInformationStore signers = sp.GetSignerInfos();
foreach (SignerInformation signer in signers.GetSigners())
{
- ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+ var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
- IEnumerator certEnum = certCollection.GetEnumerator();
+ var certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
- X509Certificate cert = (X509Certificate)certEnum.Current;
+ X509Certificate cert = certEnum.Current;
Assert.IsTrue(signer.Verify(cert));
Assert.IsTrue(new MySignerInformation(signer).Verify(cert)); // test simple copy works
diff --git a/crypto/test/src/test/AttrCertSelectorTest.cs b/crypto/test/src/test/AttrCertSelectorTest.cs
index 87cb049fc..cb5de3740 100644
--- a/crypto/test/src/test/AttrCertSelectorTest.cs
+++ b/crypto/test/src/test/AttrCertSelectorTest.cs
@@ -73,7 +73,7 @@ namespace Org.BouncyCastle.Tests
get { return "AttrCertSelector"; }
}
- private IX509AttributeCertificate CreateAttrCert()
+ private X509V2AttributeCertificate CreateAttrCert()
{
// CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
// X509Certificate iCert = (X509Certificate) fact
@@ -131,7 +131,7 @@ namespace Org.BouncyCastle.Tests
[Test]
public void TestSelector()
{
- IX509AttributeCertificate aCert = CreateAttrCert();
+ X509V2AttributeCertificate aCert = CreateAttrCert();
X509AttrCertStoreSelector sel = new X509AttrCertStoreSelector();
sel.AttributeCert = aCert;
bool match = sel.Match(aCert);
diff --git a/crypto/test/src/test/AttrCertTest.cs b/crypto/test/src/test/AttrCertTest.cs
index 3f80c3ddf..055a6b456 100644
--- a/crypto/test/src/test/AttrCertTest.cs
+++ b/crypto/test/src/test/AttrCertTest.cs
@@ -1,5 +1,6 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using NUnit.Framework;
@@ -14,7 +15,6 @@ using Org.BouncyCastle.Utilities.Encoders;
using Org.BouncyCastle.Utilities.Test;
using Org.BouncyCastle.X509;
using Org.BouncyCastle.X509.Extension;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Tests
{
@@ -139,7 +139,7 @@ namespace Org.BouncyCastle.Tests
private void doTestCertWithBaseCertificateID()
{
- IX509AttributeCertificate attrCert = new X509V2AttributeCertificate(certWithBaseCertificateID);
+ var attrCert = new X509V2AttributeCertificate(certWithBaseCertificateID);
X509CertificateParser fact = new X509CertificateParser();
X509Certificate cert = fact.ReadCertificate(holderCertWithBaseCertificateID);
@@ -179,7 +179,7 @@ namespace Org.BouncyCastle.Tests
}
private void equalityAndHashCodeTest(
- IX509AttributeCertificate attrCert,
+ X509V2AttributeCertificate attrCert,
byte[] encoding)
{
if (!attrCert.Equals(attrCert))
@@ -207,7 +207,7 @@ namespace Org.BouncyCastle.Tests
Fail("wrong issuer equal");
}
- IX509AttributeCertificate attrCert2 = new X509V2AttributeCertificate(encoding);
+ var attrCert2 = new X509V2AttributeCertificate(encoding);
if (attrCert2.Holder.GetHashCode() != attrCert.Holder.GetHashCode())
{
@@ -271,8 +271,7 @@ namespace Org.BouncyCastle.Tests
gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
gen.SetSerialNumber(BigInteger.One);
- IX509AttributeCertificate aCert = gen.Generate(
- new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null));
+ var aCert = gen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null));
aCert.CheckValidity();
@@ -379,8 +378,7 @@ namespace Org.BouncyCastle.Tests
gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
gen.SetSerialNumber(BigInteger.One);
- IX509AttributeCertificate aCert = gen.Generate(
- new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null));
+ var aCert = gen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null));
aCert.CheckValidity();
@@ -420,7 +418,7 @@ namespace Org.BouncyCastle.Tests
public override void PerformTest()
{
- IX509AttributeCertificate aCert = new X509V2AttributeCertificate(attrCert);
+ var aCert = new X509V2AttributeCertificate(attrCert);
X509CertificateParser fact = new X509CertificateParser();
X509Certificate sCert = fact.ReadCertificate(signCert);
@@ -429,19 +427,13 @@ namespace Org.BouncyCastle.Tests
//
// search test
//
- IList list = new ArrayList();
+ var list = new List<X509Certificate>();
list.Add(sCert);
-// CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-// CertStore store = CertStore.getInstance("Collection", ccsp);
- IX509Store store = X509StoreFactory.Create(
- "Certificate/Collection",
- new X509CollectionStoreParameters(list));
+ var store = CollectionUtilities.CreateStore(list);
- ArrayList certs = new ArrayList(
-// store.getCertificates(aCert.getIssuer()));
- store.GetMatches(aCert.Issuer));
+ var certs = new List<X509Certificate>(store.EnumerateMatches(aCert.Issuer));
if (certs.Count != 1 || !certs.Contains(sCert))
{
@@ -461,7 +453,7 @@ namespace Org.BouncyCastle.Tests
aCert.Verify(sCert.GetPublicKey());
- IX509AttributeCertificate saCert = new X509V2AttributeCertificate(aCert.GetEncoded());
+ var saCert = new X509V2AttributeCertificate(aCert.GetEncoded());
if (!aCert.NotAfter.Equals(saCert.NotAfter))
{
@@ -509,9 +501,7 @@ namespace Org.BouncyCastle.Tests
// as the issuer is the same this should still work (even though it is not
// technically correct
- certs = new ArrayList(
-// store.getCertificates(aCert.Issuer));
- store.GetMatches(aCert.Issuer));
+ certs = new List<X509Certificate>(store.EnumerateMatches(aCert.Issuer));
if (certs.Count != 1 || !certs.Contains(sCert))
{
diff --git a/crypto/test/src/test/CertPathBuilderTest.cs b/crypto/test/src/test/CertPathBuilderTest.cs
index 8541096f1..dac45748a 100644
--- a/crypto/test/src/test/CertPathBuilderTest.cs
+++ b/crypto/test/src/test/CertPathBuilderTest.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using NUnit.Framework;
@@ -31,23 +31,17 @@ namespace Org.BouncyCastle.Tests
X509Crl rootCrl = crlParser.ReadCrl(CertPathTest.rootCrlBin);
X509Crl interCrl = crlParser.ReadCrl(CertPathTest.interCrlBin);
- IList certList = new ArrayList();
+ var certList = new List<X509Certificate>();
certList.Add(rootCert);
certList.Add(interCert);
certList.Add(finalCert);
- IList crlList = new ArrayList();
+ var crlList = new List<X509Crl>();
crlList.Add(rootCrl);
crlList.Add(interCrl);
-// CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-// CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
- IX509Store x509CertStore = X509StoreFactory.Create(
- "Certificate/Collection",
- new X509CollectionStoreParameters(certList));
- IX509Store x509CrlStore = X509StoreFactory.Create(
- "CRL/Collection",
- new X509CollectionStoreParameters(crlList));
+ IStore<X509Certificate> x509CertStore = CollectionUtilities.CreateStore(certList);
+ IStore<X509Crl> x509CrlStore = CollectionUtilities.CreateStore(crlList);
// NB: Month is 1-based in .NET
//DateTime validDate = new DateTime(2008, 9, 4, 14, 49, 10).ToUniversalTime();
@@ -57,14 +51,12 @@ namespace Org.BouncyCastle.Tests
ISet trust = new HashSet();
trust.Add(new TrustAnchor(rootCert, null));
-// CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX","BC");
PkixCertPathBuilder cpb = new PkixCertPathBuilder();
X509CertStoreSelector targetConstraints = new X509CertStoreSelector();
targetConstraints.Subject = finalCert.SubjectDN;
PkixBuilderParameters parameters = new PkixBuilderParameters(trust, targetConstraints);
-// parameters.addCertStore(store);
- parameters.AddStore(x509CertStore);
- parameters.AddStore(x509CrlStore);
+ parameters.AddStoreCert(x509CertStore);
+ parameters.AddStoreCrl(x509CrlStore);
parameters.Date = new DateTimeObject(validDate);
PkixCertPathBuilderResult result = cpb.Build(parameters);
PkixCertPath path = result.CertPath;
@@ -91,38 +83,30 @@ namespace Org.BouncyCastle.Tests
X509Crl interCRL = TestUtilities.CreateCrl(interCert, interPair.Private, revokedSerialNumber);
// create CertStore to support path building
- IList certList = new ArrayList();
+ var certList = new List<X509Certificate>();
certList.Add(rootCert);
certList.Add(interCert);
certList.Add(endCert);
- IList crlList = new ArrayList();
+ var crlList = new List<X509Crl>();
crlList.Add(rootCRL);
crlList.Add(interCRL);
-// CollectionCertStoreParameters parameters = new CollectionCertStoreParameters(list);
-// CertStore store = CertStore.getInstance("Collection", parameters);
- IX509Store x509CertStore = X509StoreFactory.Create(
- "Certificate/Collection",
- new X509CollectionStoreParameters(certList));
- IX509Store x509CrlStore = X509StoreFactory.Create(
- "CRL/Collection",
- new X509CollectionStoreParameters(crlList));
+ IStore<X509Certificate> x509CertStore = CollectionUtilities.CreateStore(certList);
+ IStore<X509Crl> x509CrlStore = CollectionUtilities.CreateStore(crlList);
ISet trust = new HashSet();
trust.Add(new TrustAnchor(rootCert, null));
// build the path
-// CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "BC");
PkixCertPathBuilder builder = new PkixCertPathBuilder();
X509CertStoreSelector pathConstraints = new X509CertStoreSelector();
pathConstraints.Subject = endCert.SubjectDN;
PkixBuilderParameters buildParams = new PkixBuilderParameters(trust, pathConstraints);
-// buildParams.addCertStore(store);
- buildParams.AddStore(x509CertStore);
- buildParams.AddStore(x509CrlStore);
+ buildParams.AddStoreCert(x509CertStore);
+ buildParams.AddStoreCrl(x509CrlStore);
buildParams.Date = new DateTimeObject(DateTime.UtcNow);
diff --git a/crypto/test/src/test/CertPathTest.cs b/crypto/test/src/test/CertPathTest.cs
index 357014e15..a763e2dcc 100644
--- a/crypto/test/src/test/CertPathTest.cs
+++ b/crypto/test/src/test/CertPathTest.cs
@@ -1,11 +1,10 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using System.IO;
-using System.Text;
using NUnit.Framework;
-using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Pkix;
using Org.BouncyCastle.Security.Certificates;
using Org.BouncyCastle.Utilities.Collections;
@@ -132,7 +131,7 @@ namespace Org.BouncyCastle.Tests
// CertificateFactory cf = CertificateFactory.GetInstance("X.509");
X509CertificateParser cf = new X509CertificateParser();
- IList certCol = new ArrayList();
+ var certCol = new List<X509Certificate>();
certCol.Add(cf.ReadCertificate(certA));
certCol.Add(cf.ReadCertificate(certB));
@@ -148,12 +147,10 @@ namespace Org.BouncyCastle.Tests
trustanchors.Add(new TrustAnchor(cf.ReadCertificate(rootCertBin), null));
// CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certCol));
- IX509Store x509CertStore = X509StoreFactory.Create(
- "Certificate/Collection",
- new X509CollectionStoreParameters(certCol));
+ var x509CertStore = CollectionUtilities.CreateStore(certCol);
PkixBuilderParameters parameters = new PkixBuilderParameters(trustanchors, select);
- parameters.AddStore(x509CertStore);
+ parameters.AddStoreCert(x509CertStore);
try
{
diff --git a/crypto/test/src/test/CertPathValidatorTest.cs b/crypto/test/src/test/CertPathValidatorTest.cs
index 972de6b04..42625d1ec 100644
--- a/crypto/test/src/test/CertPathValidatorTest.cs
+++ b/crypto/test/src/test/CertPathValidatorTest.cs
@@ -1,5 +1,6 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using System.IO;
using NUnit.Framework;
@@ -11,7 +12,6 @@ using Org.BouncyCastle.Utilities.Date;
using Org.BouncyCastle.Utilities.Encoders;
using Org.BouncyCastle.Utilities.Test;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Tests
{
@@ -138,24 +138,17 @@ namespace Org.BouncyCastle.Tests
X509Crl rootCrl = crlParser.ReadCrl(CertPathTest.rootCrlBin);
X509Crl interCrl = crlParser.ReadCrl(CertPathTest.interCrlBin);
- IList x509Certs = new ArrayList();
+ var x509Certs = new List<X509Certificate>();
x509Certs.Add(rootCert);
x509Certs.Add(interCert);
x509Certs.Add(finalCert);
- IList x509Crls = new ArrayList();
+ var x509Crls = new List<X509Crl>();
x509Crls.Add(rootCrl);
x509Crls.Add(interCrl);
-// CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-// CertStore store = CertStore.GetInstance("Collection", ccsp);
-// X509CollectionStoreParameters ccsp = new X509CollectionStoreParameters(list);
- IX509Store x509CertStore = X509StoreFactory.Create(
- "Certificate/Collection",
- new X509CollectionStoreParameters(x509Certs));
- IX509Store x509CrlStore = X509StoreFactory.Create(
- "CRL/Collection",
- new X509CollectionStoreParameters(x509Crls));
+ var x509CertStore = CollectionUtilities.CreateStore(x509Certs);
+ var x509CrlStore = CollectionUtilities.CreateStore(x509Crls);
// NB: Month is 1-based in .NET
//DateTime validDate = new DateTime(2008,9,4,14,49,10).ToUniversalTime();
@@ -174,8 +167,8 @@ namespace Org.BouncyCastle.Tests
// CertPathValidator cpv = CertPathValidator.GetInstance("PKIX");
PkixCertPathValidator cpv = new PkixCertPathValidator();
PkixParameters param = new PkixParameters(trust);
- param.AddStore(x509CertStore);
- param.AddStore(x509CrlStore);
+ param.AddStoreCert(x509CertStore);
+ param.AddStoreCrl(x509CrlStore);
param.Date = new DateTimeObject(validDate);
MyChecker checker = new MyChecker();
param.AddCertPathChecker(checker);
@@ -206,13 +199,13 @@ namespace Org.BouncyCastle.Tests
cpv = new PkixCertPathValidator();
param = new PkixParameters(trust);
- param.AddStore(x509CertStore);
- param.AddStore(x509CrlStore);
+ param.AddStoreCert(x509CertStore);
+ param.AddStoreCrl(x509CrlStore);
param.Date = new DateTimeObject(validDate);
checker = new MyChecker();
param.AddCertPathChecker(checker);
- result = (PkixCertPathValidatorResult)cpv.Validate(cp, param);
+ result = cpv.Validate(cp, param);
IsTrue(result.TrustAnchor.TrustedCert.Equals(rootCert));
@@ -226,17 +219,12 @@ namespace Org.BouncyCastle.Tests
interCert = certParser.ReadCertificate(AC_PR);
finalCert = certParser.ReadCertificate(schefer);
- x509Certs = new ArrayList();
+ x509Certs = new List<X509Certificate>();
x509Certs.Add(rootCert);
x509Certs.Add(interCert);
x509Certs.Add(finalCert);
-// ccsp = new CollectionCertStoreParameters(list);
-// store = CertStore.GetInstance("Collection", ccsp);
-// ccsp = new X509CollectionStoreParameters(list);
- x509CertStore = X509StoreFactory.Create(
- "Certificate/Collection",
- new X509CollectionStoreParameters(x509Certs));
+ x509CertStore = CollectionUtilities.CreateStore(x509Certs);
// NB: Month is 1-based in .NET
//validDate = new DateTime(2004,3,21,2,21,10).ToUniversalTime();
@@ -255,7 +243,7 @@ namespace Org.BouncyCastle.Tests
// cpv = CertPathValidator.GetInstance("PKIX");
cpv = new PkixCertPathValidator();
param = new PkixParameters(trust);
- param.AddStore(x509CertStore);
+ param.AddStoreCert(x509CertStore);
param.IsRevocationEnabled = false;
param.Date = new DateTimeObject(validDate);
diff --git a/crypto/test/src/test/NistCertPathTest.cs b/crypto/test/src/test/NistCertPathTest.cs
index 5e68a0dea..f033f0b06 100644
--- a/crypto/test/src/test/NistCertPathTest.cs
+++ b/crypto/test/src/test/NistCertPathTest.cs
@@ -1,5 +1,6 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using System.IO;
using System.Text;
@@ -9,7 +10,6 @@ using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Pkix;
using Org.BouncyCastle.Utilities.Collections;
-using Org.BouncyCastle.Utilities.Date;
using Org.BouncyCastle.Utilities.Encoders;
using Org.BouncyCastle.Utilities.Test;
using Org.BouncyCastle.X509;
@@ -288,10 +288,10 @@ namespace Org.BouncyCastle.Tests
return crlParser.ReadCrl(Base64.Decode(_str));
}
- private void MakeCertStore(string[] _strs, out IX509Store certStore, out IX509Store crlStore)
+ private void MakeCertStore(string[] _strs, out IStore<X509Certificate> certStore, out IStore<X509Crl> crlStore)
{
- ArrayList certs = new ArrayList();
- ArrayList crls = new ArrayList();
+ var certs = new List<X509Certificate>();
+ var crls = new List<X509Crl>();
crls.Add(trustedCRL);
for (int i = 0; i < _strs.Length; i++)
@@ -319,10 +319,8 @@ namespace Org.BouncyCastle.Tests
certs.Reverse();
crls.Reverse();
- certStore = X509StoreFactory.Create("Certificate/Collection",
- new X509CollectionStoreParameters(certs));
- crlStore = X509StoreFactory.Create("CRL/Collection",
- new X509CollectionStoreParameters(crls));
+ certStore = CollectionUtilities.CreateStore(certs);
+ crlStore = CollectionUtilities.CreateStore(crls);
}
private void Test(string _name, string[] _data, bool _accept,
@@ -352,14 +350,14 @@ namespace Org.BouncyCastle.Tests
X509CertStoreSelector _select = new X509CertStoreSelector();
_select.Subject = _ee.SubjectDN;
- IX509Store certStore, crlStore;
+ IStore<X509Certificate> certStore;
+ IStore<X509Crl> crlStore;
MakeCertStore(_data, out certStore, out crlStore);
- PkixBuilderParameters _param = new PkixBuilderParameters(
- trustedSet, _select);
+ PkixBuilderParameters _param = new PkixBuilderParameters(trustedSet, _select);
_param.IsExplicitPolicyRequired = _explicit;
- _param.AddStore(certStore);
- _param.AddStore(crlStore);
+ _param.AddStoreCert(certStore);
+ _param.AddStoreCrl(crlStore);
_param.IsRevocationEnabled = true;
if (_ipolset != null)
diff --git a/crypto/test/src/test/PkixPolicyMappingTest.cs b/crypto/test/src/test/PkixPolicyMappingTest.cs
index 4ccc008cc..d67492b83 100644
--- a/crypto/test/src/test/PkixPolicyMappingTest.cs
+++ b/crypto/test/src/test/PkixPolicyMappingTest.cs
@@ -1,5 +1,6 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using NUnit.Framework;
@@ -102,18 +103,16 @@ namespace Org.BouncyCastle.Tests
{
ISet trust = new HashSet();
trust.Add(new TrustAnchor(trustCert, null));
- X509CertStoreSelector targetConstraints = new X509CertStoreSelector();
- targetConstraints.Subject = endCert.SubjectDN;
- PkixBuilderParameters pbParams = new PkixBuilderParameters(trust, targetConstraints);
+ X509CertStoreSelector targetConstraintsCert = new X509CertStoreSelector();
+ targetConstraintsCert.Subject = endCert.SubjectDN;
+ PkixBuilderParameters pbParams = new PkixBuilderParameters(trust, targetConstraintsCert);
- ISet certs = new HashSet();
+ var certs = new HashSet<X509Certificate>();
certs.Add(intCert);
certs.Add(endCert);
- IX509Store store = X509StoreFactory.Create(
- "CERTIFICATE/COLLECTION",
- new X509CollectionStoreParameters(certs));
- pbParams.AddStore(store);
+ var store = CollectionUtilities.CreateStore(certs);
+ pbParams.AddStoreCert(store);
pbParams.IsRevocationEnabled = false;
if (requirePolicies != null)
@@ -122,13 +121,12 @@ namespace Org.BouncyCastle.Tests
pbParams.SetInitialPolicies(requirePolicies);
}
-// CertPathBuilder cpb = CertPathBuilder.GetInstance("PKIX");
PkixCertPathBuilder cpb = new PkixCertPathBuilder();
- PkixCertPathBuilderResult result = null;
+ PkixCertPathBuilderResult result;
try
{
- result = (PkixCertPathBuilderResult)cpb.Build(pbParams);
+ result = cpb.Build(pbParams);
if (!okay)
{
diff --git a/crypto/test/src/test/X509StoreTest.cs b/crypto/test/src/test/X509StoreTest.cs
index 4fa3402ee..0a5fff6f1 100644
--- a/crypto/test/src/test/X509StoreTest.cs
+++ b/crypto/test/src/test/X509StoreTest.cs
@@ -1,11 +1,13 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using System.IO;
using NUnit.Framework;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.Utilities.Date;
using Org.BouncyCastle.Utilities.Test;
using Org.BouncyCastle.X509;
@@ -28,13 +30,11 @@ namespace Org.BouncyCastle.Tests
// Testing CollectionCertStore generation from List
X509CertificatePair pair1 = new X509CertificatePair(rootCert, interCert);
- IList certList = new ArrayList();
+ var certList = new List<X509CertificatePair>();
certList.Add(pair1);
certList.Add(new X509CertificatePair(interCert, finalCert));
- IX509Store certStore = X509StoreFactory.Create(
- "CertificatePair/Collection",
- new X509CollectionStoreParameters(certList));
+ var certStore = CollectionUtilities.CreateStore(certList);
X509CertPairStoreSelector selector = new X509CertPairStoreSelector();
X509CertStoreSelector fwSelector = new X509CertStoreSelector();
@@ -44,14 +44,14 @@ namespace Org.BouncyCastle.Tests
selector.ForwardSelector = fwSelector;
- IList col = new ArrayList(certStore.GetMatches(selector));
+ var col = new List<X509CertificatePair>(certStore.EnumerateMatches(selector));
if (col.Count != 1 || !col.Contains(pair1))
{
Fail("failed pair1 test");
}
- col = new ArrayList(certStore.GetMatches(null));
+ col = new List<X509CertificatePair>(certStore.EnumerateMatches(null));
if (col.Count != 2)
{
@@ -71,14 +71,12 @@ namespace Org.BouncyCastle.Tests
X509Crl interCrl = crlParser.ReadCrl(CertPathTest.interCrlBin);
// Testing CollectionCertStore generation from List
- IList certList = new ArrayList();
+ var certList = new List<X509Certificate>();
certList.Add(rootCert);
certList.Add(interCert);
certList.Add(finalCert);
- IX509Store certStore = X509StoreFactory.Create(
- "Certificate/Collection",
- new X509CollectionStoreParameters(certList));
+ var certStore = CollectionUtilities.CreateStore(certList);
// set default to be the same as for SUN X500 name
X509Name.DefaultReverse = true;
@@ -87,7 +85,7 @@ namespace Org.BouncyCastle.Tests
X509CertStoreSelector targetConstraints = new X509CertStoreSelector();
targetConstraints.Subject = PrincipalUtilities.GetSubjectX509Principal(rootCert);
- IList certs = new ArrayList(certStore.GetMatches(targetConstraints));
+ var certs = new List<X509Certificate>(certStore.EnumerateMatches(targetConstraints));
if (certs.Count != 1 || !certs.Contains(rootCert))
{
Fail("rootCert not found by subjectDN");
@@ -96,7 +94,7 @@ namespace Org.BouncyCastle.Tests
// Searching for rootCert by subjectDN encoded as byte
targetConstraints = new X509CertStoreSelector();
targetConstraints.Subject = PrincipalUtilities.GetSubjectX509Principal(rootCert);
- certs = new ArrayList(certStore.GetMatches(targetConstraints));
+ certs = new List<X509Certificate>(certStore.EnumerateMatches(targetConstraints));
if (certs.Count != 1 || !certs.Contains(rootCert))
{
Fail("rootCert not found by encoded subjectDN");
@@ -108,7 +106,7 @@ namespace Org.BouncyCastle.Tests
targetConstraints = new X509CertStoreSelector();
targetConstraints.SubjectPublicKey =
SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(rootCert.GetPublicKey());
- certs = new ArrayList(certStore.GetMatches(targetConstraints));
+ certs = new List<X509Certificate>(certStore.EnumerateMatches(targetConstraints));
if (certs.Count != 1 || !certs.Contains(rootCert))
{
Fail("rootCert not found by encoded public key");
@@ -117,7 +115,7 @@ namespace Org.BouncyCastle.Tests
// Searching for interCert by issuerDN
targetConstraints = new X509CertStoreSelector();
targetConstraints.Issuer = PrincipalUtilities.GetSubjectX509Principal(rootCert);
- certs = new ArrayList(certStore.GetMatches(targetConstraints));
+ certs = new List<X509Certificate>(certStore.EnumerateMatches(targetConstraints));
if (certs.Count != 2)
{
Fail("did not found 2 certs");
@@ -132,12 +130,10 @@ namespace Org.BouncyCastle.Tests
}
// Searching for rootCrl by issuerDN
- IList crlList = new ArrayList();
+ var crlList = new List<X509Crl>();
crlList.Add(rootCrl);
crlList.Add(interCrl);
- IX509Store store = X509StoreFactory.Create(
- "CRL/Collection",
- new X509CollectionStoreParameters(crlList));
+ var crlStore = CollectionUtilities.CreateStore(crlList);
X509CrlStoreSelector targetConstraintsCRL = new X509CrlStoreSelector();
@@ -145,32 +141,20 @@ namespace Org.BouncyCastle.Tests
issuers.Add(rootCrl.IssuerDN);
targetConstraintsCRL.Issuers = issuers;
- IList crls = new ArrayList(store.GetMatches(targetConstraintsCRL));
+ var crls = new List<X509Crl>(crlStore.EnumerateMatches(targetConstraintsCRL));
if (crls.Count != 1 || !crls.Contains(rootCrl))
{
Fail("rootCrl not found");
}
- crls = new ArrayList(certStore.GetMatches(targetConstraintsCRL));
- if (crls.Count != 0)
- {
- Fail("error using wrong selector (CRL)");
- }
- certs = new ArrayList(store.GetMatches(targetConstraints));
- if (certs.Count != 0)
- {
- Fail("error using wrong selector (certs)");
- }
// Searching for attribute certificates
X509V2AttributeCertificate attrCert = new X509V2AttributeCertificate(AttrCertTest.attrCert);
- IX509AttributeCertificate attrCert2 = new X509V2AttributeCertificate(AttrCertTest.certWithBaseCertificateID);
+ X509V2AttributeCertificate attrCert2 = new X509V2AttributeCertificate(AttrCertTest.certWithBaseCertificateID);
- IList attrList = new ArrayList();
+ var attrList = new List<X509V2AttributeCertificate>();
attrList.Add(attrCert);
attrList.Add(attrCert2);
- store = X509StoreFactory.Create(
- "AttributeCertificate/Collection",
- new X509CollectionStoreParameters(attrList));
+ var attrStore = CollectionUtilities.CreateStore(attrList);
X509AttrCertStoreSelector attrSelector = new X509AttrCertStoreSelector();
attrSelector.Holder = attrCert.Holder;
@@ -178,7 +162,7 @@ namespace Org.BouncyCastle.Tests
{
Fail("holder get not correct");
}
- IList attrs = new ArrayList(store.GetMatches(attrSelector));
+ var attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
if (attrs.Count != 1 || !attrs.Contains(attrCert))
{
Fail("attrCert not found on holder");
@@ -188,7 +172,7 @@ namespace Org.BouncyCastle.Tests
{
Fail("holder get not correct");
}
- attrs = new ArrayList(store.GetMatches(attrSelector));
+ attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
if (attrs.Count != 1 || !attrs.Contains(attrCert2))
{
Fail("attrCert2 not found on holder");
@@ -199,7 +183,7 @@ namespace Org.BouncyCastle.Tests
{
Fail("issuer get not correct");
}
- attrs = new ArrayList(store.GetMatches(attrSelector));
+ attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
if (attrs.Count != 1 || !attrs.Contains(attrCert))
{
Fail("attrCert not found on issuer");
@@ -209,7 +193,7 @@ namespace Org.BouncyCastle.Tests
{
Fail("issuer get not correct");
}
- attrs = new ArrayList(store.GetMatches(attrSelector));
+ attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
if (attrs.Count != 1 || !attrs.Contains(attrCert2))
{
Fail("attrCert2 not found on issuer");
@@ -220,7 +204,7 @@ namespace Org.BouncyCastle.Tests
{
Fail("attrCert get not correct");
}
- attrs = new ArrayList(store.GetMatches(attrSelector));
+ attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
if (attrs.Count != 1 || !attrs.Contains(attrCert))
{
Fail("attrCert not found on attrCert");
@@ -231,7 +215,7 @@ namespace Org.BouncyCastle.Tests
{
Fail("serial number get not correct");
}
- attrs = new ArrayList(store.GetMatches(attrSelector));
+ attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
if (attrs.Count != 1 || !attrs.Contains(attrCert))
{
Fail("attrCert not found on serial number");
@@ -241,7 +225,7 @@ namespace Org.BouncyCastle.Tests
{
Fail("serial number get not correct");
}
- attrs = new ArrayList(store.GetMatches(attrSelector));
+ attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
if (attrs.Count != 1 || !attrs.Contains(attrCert))
{
Fail("attrCert not found on serial number");
@@ -253,26 +237,26 @@ namespace Org.BouncyCastle.Tests
{
Fail("valid get not correct");
}
- attrs = new ArrayList(store.GetMatches(attrSelector));
+ attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
if (attrs.Count != 1 || !attrs.Contains(attrCert))
{
Fail("attrCert not found on valid");
}
attrSelector = new X509AttrCertStoreSelector();
attrSelector.AttributeCertificateValid = new DateTimeObject(attrCert.NotBefore.AddMilliseconds(-100));
- attrs = new ArrayList(store.GetMatches(attrSelector));
+ attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
if (attrs.Count != 0)
{
Fail("attrCert found on before");
}
attrSelector.AttributeCertificateValid = new DateTimeObject(attrCert.NotAfter.AddMilliseconds(100));
- attrs = new ArrayList(store.GetMatches(attrSelector));
+ attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
if (attrs.Count != 0)
{
Fail("attrCert found on after");
}
attrSelector.SerialNumber = BigInteger.ValueOf(10000);
- attrs = new ArrayList(store.GetMatches(attrSelector));
+ attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
if (attrs.Count != 0)
{
Fail("attrCert found on wrong serial number");
@@ -304,12 +288,6 @@ namespace Org.BouncyCastle.Tests
Fail("null attrCert serial");
}
- attrs = new ArrayList(certStore.GetMatches(attrSelector));
- if (attrs.Count != 0)
- {
- Fail("error using wrong selector (attrs)");
- }
-
certPairTest();
}
diff --git a/crypto/test/src/test/nist/NistCertPathTest.cs b/crypto/test/src/test/nist/NistCertPathTest.cs
index 13a85a980..1a6f75a43 100644
--- a/crypto/test/src/test/nist/NistCertPathTest.cs
+++ b/crypto/test/src/test/nist/NistCertPathTest.cs
@@ -1,7 +1,7 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using System.IO;
-using System.Reflection;
using NUnit.Framework;
@@ -648,8 +648,8 @@ namespace Org.BouncyCastle.Tests.Nist
ISet trustedSet = new HashSet();
trustedSet.Add(GetTrustAnchor(trustAnchor));
- IList x509Certs = new ArrayList();
- IList x509Crls = new ArrayList();
+ var x509Certs = new List<X509Certificate>();
+ var x509Crls = new List<X509Crl>();
X509Certificate endCert = LoadCert(certs[certs.Length - 1]);
for (int i = 0; i != certs.Length - 1; i++)
@@ -666,18 +666,14 @@ namespace Org.BouncyCastle.Tests.Nist
x509Crls.Add(LoadCrl(crls[i]));
}
- IX509Store x509CertStore = X509StoreFactory.Create(
- "Certificate/Collection",
- new X509CollectionStoreParameters(x509Certs));
- IX509Store x509CrlStore = X509StoreFactory.Create(
- "CRL/Collection",
- new X509CollectionStoreParameters(x509Crls));
+ var x509CertStore = CollectionUtilities.CreateStore(x509Certs);
+ var x509CrlStore = CollectionUtilities.CreateStore(x509Crls);
PkixCertPathValidator validator = new PkixCertPathValidator();
PkixParameters parameters = new PkixParameters(trustedSet);
- parameters.AddStore(x509CertStore);
- parameters.AddStore(x509CrlStore);
+ parameters.AddStoreCert(x509CertStore);
+ parameters.AddStoreCrl(x509CrlStore);
parameters.IsRevocationEnabled = true;
if (policies != null)
@@ -703,8 +699,8 @@ namespace Org.BouncyCastle.Tests.Nist
ISet trustedSet = new HashSet();
trustedSet.Add(GetTrustAnchor(trustAnchor));
- IList x509Certs = new ArrayList();
- IList x509Crls = new ArrayList();
+ var x509Certs = new List<X509Certificate>();
+ var x509Crls = new List<X509Crl>();
X509Certificate endCert = LoadCert(certs[certs.Length - 1]);
for (int i = 0; i != certs.Length - 1; i++)
@@ -719,12 +715,8 @@ namespace Org.BouncyCastle.Tests.Nist
x509Crls.Add(LoadCrl(crls[i]));
}
- IX509Store x509CertStore = X509StoreFactory.Create(
- "Certificate/Collection",
- new X509CollectionStoreParameters(x509Certs));
- IX509Store x509CrlStore = X509StoreFactory.Create(
- "CRL/Collection",
- new X509CollectionStoreParameters(x509Crls));
+ var x509CertStore = CollectionUtilities.CreateStore(x509Certs);
+ var x509CrlStore = CollectionUtilities.CreateStore(x509Crls);
PkixCertPathBuilder builder = new PkixCertPathBuilder();
@@ -748,8 +740,8 @@ namespace Org.BouncyCastle.Tests.Nist
builderParams.IsAnyPolicyInhibited = anyPolicyInhibited;
}
- builderParams.AddStore(x509CertStore);
- builderParams.AddStore(x509CrlStore);
+ builderParams.AddStoreCert(x509CertStore);
+ builderParams.AddStoreCrl(x509CrlStore);
// Perform validation as of this date since test certs expired
builderParams.Date = new DateTimeObject(DateTime.Parse("1/1/2011"));
diff --git a/crypto/test/src/test/nist/NistCertPathTest2.cs b/crypto/test/src/test/nist/NistCertPathTest2.cs
index e9dd7f959..ffdad62e3 100644
--- a/crypto/test/src/test/nist/NistCertPathTest2.cs
+++ b/crypto/test/src/test/nist/NistCertPathTest2.cs
@@ -1,7 +1,7 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using System.IO;
-using System.Reflection;
using NUnit.Framework;
@@ -315,8 +315,8 @@ namespace Org.BouncyCastle.Tests.Nist
ISet trustedSet = new HashSet();
trustedSet.Add(GetTrustAnchor(trustAnchor));
- IList x509Certs = new ArrayList();
- IList x509Crls = new ArrayList();
+ var x509Certs = new List<X509Certificate>();
+ var x509Crls = new List<X509Crl>();
X509Certificate endCert = LoadCert(certs[certs.Length - 1]);
for (int i = 0; i != certs.Length - 1; i++)
@@ -333,18 +333,14 @@ namespace Org.BouncyCastle.Tests.Nist
x509Crls.Add(LoadCrl(crls[i]));
}
- IX509Store x509CertStore = X509StoreFactory.Create(
- "Certificate/Collection",
- new X509CollectionStoreParameters(x509Certs));
- IX509Store x509CrlStore = X509StoreFactory.Create(
- "CRL/Collection",
- new X509CollectionStoreParameters(x509Crls));
+ var x509CertStore = CollectionUtilities.CreateStore(x509Certs);
+ var x509CrlStore = CollectionUtilities.CreateStore(x509Crls);
PkixCertPathValidator validator = new PkixCertPathValidator();
PkixParameters parameters = new PkixParameters(trustedSet);
- parameters.AddStore(x509CertStore);
- parameters.AddStore(x509CrlStore);
+ parameters.AddStoreCert(x509CertStore);
+ parameters.AddStoreCrl(x509CrlStore);
parameters.IsRevocationEnabled = true;
if (policies != null)
@@ -370,8 +366,8 @@ namespace Org.BouncyCastle.Tests.Nist
ISet trustedSet = new HashSet();
trustedSet.Add(GetTrustAnchor(trustAnchor));
- IList x509Certs = new ArrayList();
- IList x509Crls = new ArrayList();
+ var x509Certs = new List<X509Certificate>();
+ var x509Crls = new List<X509Crl>();
X509Certificate endCert = LoadCert(certs[certs.Length - 1]);
for (int i = 0; i != certs.Length - 1; i++)
@@ -386,12 +382,8 @@ namespace Org.BouncyCastle.Tests.Nist
x509Crls.Add(LoadCrl(crls[i]));
}
- IX509Store x509CertStore = X509StoreFactory.Create(
- "Certificate/Collection",
- new X509CollectionStoreParameters(x509Certs));
- IX509Store x509CrlStore = X509StoreFactory.Create(
- "CRL/Collection",
- new X509CollectionStoreParameters(x509Crls));
+ var x509CertStore = CollectionUtilities.CreateStore(x509Certs);
+ var x509CrlStore = CollectionUtilities.CreateStore(x509Crls);
PkixCertPathBuilder builder = new PkixCertPathBuilder();
@@ -415,8 +407,8 @@ namespace Org.BouncyCastle.Tests.Nist
builderParams.IsAnyPolicyInhibited = anyPolicyInhibited;
}
- builderParams.AddStore(x509CertStore);
- builderParams.AddStore(x509CrlStore);
+ builderParams.AddStoreCert(x509CertStore);
+ builderParams.AddStoreCrl(x509CrlStore);
// Perform validation as of this date since test certs expired
builderParams.Date = new DateTimeObject(DateTime.Parse("1/1/2011"));
diff --git a/crypto/test/src/tsp/test/NewTspTest.cs b/crypto/test/src/tsp/test/NewTspTest.cs
index a1e4934f3..3bcc73aa5 100644
--- a/crypto/test/src/tsp/test/NewTspTest.cs
+++ b/crypto/test/src/tsp/test/NewTspTest.cs
@@ -1,5 +1,6 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using System.IO;
using NUnit.Framework;
@@ -16,10 +17,10 @@ using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.Utilities.Date;
using Org.BouncyCastle.Utilities.Test;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Tsp.Tests
{
@@ -40,13 +41,11 @@ namespace Org.BouncyCastle.Tsp.Tests
X509Certificate cert = TspTestUtil.MakeCertificate(origKP, origDN, signKP, signDN);
- IList certList = new ArrayList();
+ var certList = new List<X509Certificate>();
certList.Add(cert);
certList.Add(signCert);
- IX509Store certs = X509StoreFactory.Create(
- "Certificate/Collection",
- new X509CollectionStoreParameters(certList));
+ var certs = CollectionUtilities.CreateStore(certList);
basicTest(origKP.Private, cert, certs);
resolutionTest(origKP.Private, cert, certs, Resolution.R_SECONDS, "19700101000009Z");
@@ -70,13 +69,14 @@ namespace Org.BouncyCastle.Tsp.Tests
additionalExtensionTest(origKP.Private, cert, certs);
}
- private void additionalExtensionTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+ private void additionalExtensionTest(AsymmetricKeyParameter privateKey, X509Certificate cert,
+ IStore<X509Certificate> certs)
{
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
privateKey, cert, TspAlgorithms.Sha1, "1.2");
tsTokenGen.SetCertificates(certs);
- tsTokenGen.SetTsa(new Asn1.X509.GeneralName(new X509Name("CN=Test")));
+ tsTokenGen.SetTsa(new GeneralName(new X509Name("CN=Test")));
TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100));
@@ -105,12 +105,9 @@ namespace Org.BouncyCastle.Tsp.Tests
X509Extension left = new X509Extension(DerBoolean.False, new DerOctetString( new DerUtf8String("Test").GetEncoded()));
Assert.True(left.Equals (ext.GetExtension(X509Extensions.AuditIdentity)));
-
-
-
}
- private void extensionTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+ private void extensionTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
{
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
privateKey, cert, TspAlgorithms.Sha1, "1.2");
@@ -190,7 +187,7 @@ namespace Org.BouncyCastle.Tsp.Tests
Assert.NotNull(table[PkcsObjectIdentifiers.IdAASigningCertificate], "no signingCertificate attribute found");
}
- private void testNoNonse(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+ private void testNoNonse(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
{
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
privateKey, cert, TspAlgorithms.MD5, "1.2.3");
@@ -237,16 +234,14 @@ namespace Org.BouncyCastle.Tsp.Tests
//
// test certReq
//
- IX509Store store = tsToken.GetCertificates();
+ IStore<X509Certificate> store = tsToken.GetCertificates();
- ICollection certificates = store.GetMatches(null);
+ var certificates = new List<X509Certificate>(store.EnumerateMatches(null));
Assert.IsTrue(0 == certificates.Count);
-
-
}
- private void testAccuracyWithCertsAndOrdering(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+ private void testAccuracyWithCertsAndOrdering(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
{
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
privateKey, cert, TspAlgorithms.MD5, "1.2.3");
@@ -293,15 +288,15 @@ namespace Org.BouncyCastle.Tsp.Tests
Assert.IsTrue("1.2.3" == tstInfo.Policy);
- IX509Store store = tsToken.GetCertificates();
+ IStore<X509Certificate> store = tsToken.GetCertificates();
- ICollection certificates = store.GetMatches(null);
+ var certificates = new List<X509Certificate>(store.EnumerateMatches(null));
Assert.IsTrue(2 == certificates.Count);
}
- private void testAccuracyZeroCerts(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+ private void testAccuracyZeroCerts(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
{
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
privateKey, cert, TspAlgorithms.MD5, "1.2");
@@ -338,14 +333,14 @@ namespace Org.BouncyCastle.Tsp.Tests
Assert.IsTrue("1.2" == tstInfo.Policy);
- IX509Store store = tsToken.GetCertificates();
+ IStore<X509Certificate> store = tsToken.GetCertificates();
- ICollection certificates = store.GetMatches(null);
+ var certificates = new List<X509Certificate>(store.EnumerateMatches(null));
Assert.IsTrue(0 == certificates.Count);
}
- private void certReqTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+ private void certReqTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
{
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
privateKey, cert, TspAlgorithms.MD5, "1.2");
@@ -379,8 +374,9 @@ namespace Org.BouncyCastle.Tsp.Tests
Assert.Fail("certReq(false) verification of token failed.");
}
- IX509Store store = tsToken.GetCertificates();
- ICollection certsColl = store.GetMatches(null);
+ IStore<X509Certificate> store = tsToken.GetCertificates();
+
+ var certsColl = new List<X509Certificate>(store.EnumerateMatches(null));
if (certsColl.Count > 0)
{
@@ -388,7 +384,7 @@ namespace Org.BouncyCastle.Tsp.Tests
}
}
- private void tokenEncodingTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+ private void tokenEncodingTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
{
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
privateKey, cert, TspAlgorithms.Sha1, "1.2.3.4.5.6");
@@ -415,7 +411,7 @@ namespace Org.BouncyCastle.Tsp.Tests
}
}
- private void badPolicyTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+ private void badPolicyTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
{
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
privateKey, cert, TspAlgorithms.Sha1, "1.2");
@@ -455,7 +451,7 @@ namespace Org.BouncyCastle.Tsp.Tests
}
- private void timeNotAvailableTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+ private void timeNotAvailableTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
{
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
privateKey, cert, TspAlgorithms.Sha1, "1.2");
@@ -500,7 +496,7 @@ namespace Org.BouncyCastle.Tsp.Tests
}
}
- private void badAlgorithmTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+ private void badAlgorithmTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
{
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
privateKey, cert, TspAlgorithms.Sha1, "1.2");
@@ -536,7 +532,7 @@ namespace Org.BouncyCastle.Tsp.Tests
}
}
- private void incorrectHashTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+ private void incorrectHashTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
{
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
privateKey, cert, TspAlgorithms.Sha1, "1.2");
@@ -569,7 +565,7 @@ namespace Org.BouncyCastle.Tsp.Tests
}
- private void responseValidationTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+ private void responseValidationTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
{
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
privateKey, cert, TspAlgorithms.MD5, "1.2");
@@ -632,7 +628,7 @@ namespace Org.BouncyCastle.Tsp.Tests
}
- private void overrideAttrsTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+ private void overrideAttrsTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
{
SignerInfoGeneratorBuilder signerInfoGenBuilder = new SignerInfoGeneratorBuilder();
@@ -721,13 +717,13 @@ namespace Org.BouncyCastle.Tsp.Tests
- private void basicTestWithTSA(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+ private void basicTestWithTSA(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
{
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
privateKey, cert, TspAlgorithms.Sha1, "1.2");
tsTokenGen.SetCertificates(certs);
- tsTokenGen.SetTsa(new Asn1.X509.GeneralName(new X509Name("CN=Test")));
+ tsTokenGen.SetTsa(new GeneralName(new X509Name("CN=Test")));
TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100));
@@ -748,7 +744,7 @@ namespace Org.BouncyCastle.Tsp.Tests
}
- private void basicSha256Test(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+ private void basicSha256Test(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
{
SignerInfoGenerator sInfoGenerator = makeInfoGenerator(privateKey, cert, TspAlgorithms.Sha256, null, null);
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
@@ -791,7 +787,8 @@ namespace Org.BouncyCastle.Tsp.Tests
Assert.IsTrue(Arrays.AreEqual(certHash, sigCertV2.GetCerts()[0].GetCertHash()));
}
- private void resolutionTest(AsymmetricKeyParameter privateKey, X509.X509Certificate cert, IX509Store certs, Resolution resoution, string timeString)
+ private void resolutionTest(AsymmetricKeyParameter privateKey, X509Certificate cert,
+ IStore<X509Certificate> certs, Resolution resoution, string timeString)
{
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
privateKey, cert, TspAlgorithms.Sha1, "1.2");
@@ -830,11 +827,9 @@ namespace Org.BouncyCastle.Tsp.Tests
tsToken = tsResp.TimeStampToken;
Assert.AreEqual("19700101000009.9Z", tsToken.TimeStampInfo.TstInfo.GenTime.TimeString);
}
-
-
}
- private void basicTest(AsymmetricKeyParameter privateKey, X509.X509Certificate cert, IX509Store certs)
+ private void basicTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
{
TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
privateKey, cert, TspAlgorithms.Sha1, "1.2");
diff --git a/crypto/test/src/tsp/test/ParseTest.cs b/crypto/test/src/tsp/test/ParseTest.cs
index e9489a278..f94beb90f 100644
--- a/crypto/test/src/tsp/test/ParseTest.cs
+++ b/crypto/test/src/tsp/test/ParseTest.cs
@@ -1,6 +1,5 @@
using System;
-using System.Collections;
-using System.IO;
+using System.Collections.Generic;
using NUnit.Framework;
@@ -8,7 +7,6 @@ using Org.BouncyCastle.Asn1.Cmp;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.Encoders;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Tsp.Tests
{
@@ -375,9 +373,8 @@ namespace Org.BouncyCastle.Tsp.Tests
{
TimeStampResponse response = new TimeStampResponse(encoded);
- IX509Store store = response.TimeStampToken.GetCertificates("Collection");
- X509Certificate cert = (X509Certificate)
- new ArrayList(store.GetMatches(response.TimeStampToken.SignerID))[0];
+ var store = response.TimeStampToken.GetCertificates();
+ var cert = new List<X509Certificate>(store.EnumerateMatches(response.TimeStampToken.SignerID))[0];
response.TimeStampToken.Validate(cert);
}
diff --git a/crypto/test/src/tsp/test/TSPTest.cs b/crypto/test/src/tsp/test/TSPTest.cs
index 4a4f2e28f..3f2eed10b 100644
--- a/crypto/test/src/tsp/test/TSPTest.cs
+++ b/crypto/test/src/tsp/test/TSPTest.cs
@@ -1,22 +1,22 @@
using System;
using System.Collections;
+using System.Collections.Generic;
using NUnit.Framework;
+
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cmp;
using Org.BouncyCastle.Asn1.Cms;
using Org.BouncyCastle.Asn1.Ess;
using Org.BouncyCastle.Asn1.Nist;
-using Org.BouncyCastle.Asn1.Oiw;
using Org.BouncyCastle.Asn1.Pkcs;
using Org.BouncyCastle.Cms;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Operators;
-using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Tsp.Tests
{
@@ -25,9 +25,7 @@ namespace Org.BouncyCastle.Tsp.Tests
{
private static AsymmetricKeyParameter privateKey;
private static X509Certificate cert;
- private static IX509Store certs;
-
-
+ private static IStore<X509Certificate> certs;
static TspTest()
{
@@ -44,13 +42,11 @@ namespace Org.BouncyCastle.Tsp.Tests
cert = TspTestUtil.MakeCertificate(origKP, origDN, signKP, signDN);
- IList certList = new ArrayList();
+ var certList = new List<X509Certificate>();
certList.Add(cert);
certList.Add(signCert);
- certs = X509StoreFactory.Create(
- "Certificate/Collection",
- new X509CollectionStoreParameters(certList));
+ certs = CollectionUtilities.CreateStore(certList);
}
[Test]
@@ -391,9 +387,9 @@ namespace Org.BouncyCastle.Tsp.Tests
Assert.Fail("certReq(false) verification of token failed.");
}
- IX509Store respCerts = tsToken.GetCertificates("Collection");
+ IStore<X509Certificate> respCerts = tsToken.GetCertificates();
- ICollection certsColl = respCerts.GetMatches(null);
+ var certsColl = new List<X509Certificate>(respCerts.EnumerateMatches(null));
if (certsColl.Count != 0)
{
@@ -477,9 +473,9 @@ namespace Org.BouncyCastle.Tsp.Tests
//
// test certReq
//
- IX509Store store = tsToken.GetCertificates("Collection");
+ IStore<X509Certificate> store = tsToken.GetCertificates();
- ICollection certificates = store.GetMatches(null);
+ var certificates = new List<X509Certificate>(store.EnumerateMatches(null));
Assert.AreEqual(0, certificates.Count);
}
@@ -546,9 +542,9 @@ namespace Org.BouncyCastle.Tsp.Tests
//
// test certReq
//
- IX509Store store = tsToken.GetCertificates("Collection");
+ IStore<X509Certificate> store = tsToken.GetCertificates();
- ICollection certificates = store.GetMatches(null);
+ var certificates = new List<X509Certificate>(store.EnumerateMatches(null));
Assert.AreEqual(2, certificates.Count);
}
@@ -604,9 +600,9 @@ namespace Org.BouncyCastle.Tsp.Tests
//
// test certReq
//
- IX509Store store = tsToken.GetCertificates("Collection");
+ IStore<X509Certificate> store = tsToken.GetCertificates();
- ICollection certificates = store.GetMatches(null);
+ var certificates = new List<X509Certificate>(store.EnumerateMatches(null));
Assert.AreEqual(0, certificates.Count);
}
|
