diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-06-26 20:47:24 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-06-26 20:47:24 +0700 |
| commit | eed964522f8e198a33267387942b1764018dfe1e (patch) | |
| tree | c6bcead7e5e54c88845287d10bca6a1235e655e8 /crypto/src/cms | |
| parent | Cleanup in PQC code (diff) | |
| download | BouncyCastle.NET-ed25519-eed964522f8e198a33267387942b1764018dfe1e.tar.xz | |
Replace IX509Store API with new store/selector API
- overhaul Cms, Pkix, X509 APIs
Diffstat (limited to 'crypto/src/cms')
| -rw-r--r-- | crypto/src/cms/CMSSignedData.cs | 107 | ||||
| -rw-r--r-- | crypto/src/cms/CMSSignedDataParser.cs | 64 | ||||
| -rw-r--r-- | crypto/src/cms/CMSSignedDataStreamGenerator.cs | 15 | ||||
| -rw-r--r-- | crypto/src/cms/CMSSignedGenerator.cs | 60 | ||||
| -rw-r--r-- | crypto/src/cms/CMSSignedHelper.cs | 198 | ||||
| -rw-r--r-- | crypto/src/cms/CMSUtils.cs | 103 | ||||
| -rw-r--r-- | crypto/src/cms/OriginatorInfoGenerator.cs | 18 | ||||
| -rw-r--r-- | crypto/src/cms/OriginatorInformation.cs | 58 |
8 files changed, 188 insertions, 435 deletions
diff --git a/crypto/src/cms/CMSSignedData.cs b/crypto/src/cms/CMSSignedData.cs index d43cdc4f3..fdf1206a4 100644 --- a/crypto/src/cms/CMSSignedData.cs +++ b/crypto/src/cms/CMSSignedData.cs @@ -1,14 +1,13 @@ using System; using System.Collections; +using System.Collections.Generic; using System.IO; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cms; -using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Security.Certificates; using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; using Org.BouncyCastle.X509; -using Org.BouncyCastle.X509.Store; namespace Org.BouncyCastle.Cms { @@ -43,9 +42,6 @@ namespace Org.BouncyCastle.Cms private SignedData signedData; private ContentInfo contentInfo; private SignerInformationStore signerInfoStore; - private IX509Store attrCertStore; - private IX509Store certificateStore; - private IX509Store crlStore; private IDictionary hashes; private CmsSignedData( @@ -150,11 +146,6 @@ namespace Org.BouncyCastle.Cms get { return signedData.Version.IntValueExact; } } - internal IX509Store GetCertificates() - { - return Helper.GetCertificates(signedData.Certificates); - } - /** * return the collection of signers that are associated with the * signatures for the message. @@ -198,55 +189,33 @@ namespace Org.BouncyCastle.Cms * @exception NoSuchStoreException if the store type isn't available. * @exception CmsException if a general exception prevents creation of the X509Store */ - public IX509Store GetAttributeCertificates( - string type) + public IStore<X509V2AttributeCertificate> GetAttributeCertificates() { - if (attrCertStore == null) - { - attrCertStore = Helper.CreateAttributeStore(type, signedData.Certificates); - } - - return attrCertStore; + return Helper.GetAttributeCertificates(signedData.Certificates); } /** - * return a X509Store containing the public key certificates, if any, contained - * in this message. + * return a X509Store containing the public key certificates, if any, contained in this message. * - * @param type type of store to create * @return a store of public key certificates * @exception NoSuchStoreException if the store type isn't available. * @exception CmsException if a general exception prevents creation of the X509Store */ - public IX509Store GetCertificates( - string type) + public IStore<X509Certificate> GetCertificates() { - if (certificateStore == null) - { - certificateStore = Helper.CreateCertificateStore(type, signedData.Certificates); - } - - return certificateStore; + return Helper.GetCertificates(signedData.Certificates); } /** - * return a X509Store containing CRLs, if any, contained - * in this message. + * return a X509Store containing CRLs, if any, contained in this message. * - * @param type type of store to create * @return a store of CRLs * @exception NoSuchStoreException if the store type isn't available. * @exception CmsException if a general exception prevents creation of the X509Store */ - public IX509Store GetCrls( - string type) + public IStore<X509Crl> GetCrls() { - if (crlStore == null) - { - crlStore = Helper.CreateCrlStore(type, signedData.CRLs); - } - - return crlStore; + return Helper.GetCrls(signedData.CRLs); } /// <summary> @@ -363,15 +332,9 @@ namespace Org.BouncyCastle.Cms * @return a new signed data object. * @exception CmsException if there is an error processing the stores */ - public static CmsSignedData ReplaceCertificatesAndCrls( - CmsSignedData signedData, - IX509Store x509Certs, - IX509Store x509Crls, - IX509Store x509AttrCerts) + public static CmsSignedData ReplaceCertificatesAndCrls(CmsSignedData signedData, IStore<X509Certificate> x509Certs, + IStore<X509Crl> x509Crls, IStore<X509V2AttributeCertificate> x509AttrCerts) { - if (x509AttrCerts != null) - throw Platform.CreateNotImplementedException("Currently can't replace attribute certificates"); - // // copy // @@ -380,37 +343,39 @@ namespace Org.BouncyCastle.Cms // // replace the certs and crls in the SignedData object // - Asn1Set certs = null; - try + Asn1Set certSet = null; + Asn1Set crlSet = null; + + if (x509Certs != null || x509AttrCerts != null) { - Asn1Set asn1Set = CmsUtilities.CreateBerSetFromList( - CmsUtilities.GetCertificatesFromStore(x509Certs)); + var certs = new List<Asn1Encodable>(); - if (asn1Set.Count != 0) + if (x509Certs != null) { - certs = asn1Set; + certs.AddRange(CmsUtilities.GetCertificatesFromStore(x509Certs)); + } + if (x509AttrCerts != null) + { + certs.AddRange(CmsUtilities.GetAttributeCertificatesFromStore(x509AttrCerts)); + } + + Asn1Set berSet = CmsUtilities.CreateBerSetFromList(certs); + if (berSet.Count > 0) + { + certSet = berSet; } - } - catch (X509StoreException e) - { - throw new CmsException("error getting certificates from store", e); } - Asn1Set crls = null; - try + if (x509Crls != null) { - Asn1Set asn1Set = CmsUtilities.CreateBerSetFromList( - CmsUtilities.GetCrlsFromStore(x509Crls)); + var crls = CmsUtilities.GetCrlsFromStore(x509Crls); - if (asn1Set.Count != 0) + Asn1Set berSet = CmsUtilities.CreateBerSetFromList(crls); + if (berSet.Count > 0) { - crls = asn1Set; + crlSet = berSet; } } - catch (X509StoreException e) - { - throw new CmsException("error getting CRLs from store", e); - } // // replace the CMS structure. @@ -419,8 +384,8 @@ namespace Org.BouncyCastle.Cms cms.signedData = new SignedData( old.DigestAlgorithms, old.EncapContentInfo, - certs, - crls, + certSet, + crlSet, old.SignerInfos); // diff --git a/crypto/src/cms/CMSSignedDataParser.cs b/crypto/src/cms/CMSSignedDataParser.cs index c25f0aad0..5dffd0d26 100644 --- a/crypto/src/cms/CMSSignedDataParser.cs +++ b/crypto/src/cms/CMSSignedDataParser.cs @@ -8,12 +8,10 @@ using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.IO; using Org.BouncyCastle.Security; -using Org.BouncyCastle.Security.Certificates; using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.Collections; using Org.BouncyCastle.Utilities.IO; using Org.BouncyCastle.X509; -using Org.BouncyCastle.X509.Store; namespace Org.BouncyCastle.Cms { @@ -69,9 +67,6 @@ namespace Org.BouncyCastle.Cms private SignerInformationStore _signerInfoStore; private Asn1Set _certSet, _crlSet; private bool _isCertCrlParsed; - private IX509Store _attributeStore; - private IX509Store _certificateStore; - private IX509Store _crlStore; public CmsSignedDataParser( byte[] sigBlock) @@ -243,17 +238,11 @@ namespace Org.BouncyCastle.Cms * @exception org.bouncycastle.x509.NoSuchStoreException if the store type isn't available. * @exception CmsException if a general exception prevents creation of the X509Store */ - public IX509Store GetAttributeCertificates( - string type) + public IStore<X509V2AttributeCertificate> GetAttributeCertificates() { - if (_attributeStore == null) - { - PopulateCertCrlSets(); - - _attributeStore = Helper.CreateAttributeStore(type, _certSet); - } + PopulateCertCrlSets(); - return _attributeStore; + return Helper.GetAttributeCertificates(_certSet); } /** @@ -265,17 +254,11 @@ namespace Org.BouncyCastle.Cms * @exception NoSuchStoreException if the store type isn't available. * @exception CmsException if a general exception prevents creation of the X509Store */ - public IX509Store GetCertificates( - string type) + public IStore<X509Certificate> GetCertificates() { - if (_certificateStore == null) - { - PopulateCertCrlSets(); - - _certificateStore = Helper.CreateCertificateStore(type, _certSet); - } + PopulateCertCrlSets(); - return _certificateStore; + return Helper.GetCertificates(_certSet); } /** @@ -287,17 +270,11 @@ namespace Org.BouncyCastle.Cms * @exception NoSuchStoreException if the store type isn't available. * @exception CmsException if a general exception prevents creation of the X509Store */ - public IX509Store GetCrls( - string type) + public IStore<X509Crl> GetCrls() { - if (_crlStore == null) - { - PopulateCertCrlSets(); - - _crlStore = Helper.CreateCrlStore(type, _crlSet); - } + PopulateCertCrlSets(); - return _crlStore; + return Helper.GetCrls(_crlSet); } private void PopulateCertCrlSets() @@ -378,9 +355,9 @@ namespace Org.BouncyCastle.Cms Streams.PipeAll(signedContent.ContentStream, contentOut); } - gen.AddAttributeCertificates(parser.GetAttributeCertificates("Collection")); - gen.AddCertificates(parser.GetCertificates("Collection")); - gen.AddCrls(parser.GetCrls("Collection")); + gen.AddAttributeCertificates(parser.GetAttributeCertificates()); + gen.AddCertificates(parser.GetCertificates()); + gen.AddCrls(parser.GetCrls()); // gen.AddSigners(parser.GetSignerInfos()); @@ -401,12 +378,8 @@ namespace Org.BouncyCastle.Cms * @return out. * @exception CmsException if there is an error processing the CertStore */ - public static Stream ReplaceCertificatesAndCrls( - Stream original, - IX509Store x509Certs, - IX509Store x509Crls, - IX509Store x509AttrCerts, - Stream outStr) + public static Stream ReplaceCertificatesAndCrls(Stream original, IStore<X509Certificate> x509Certs, + IStore<X509Crl> x509Crls, IStore<X509V2AttributeCertificate> x509AttrCerts, Stream outStr) { // NB: SecureRandom would be ignored since using existing signatures only CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); @@ -422,15 +395,18 @@ namespace Org.BouncyCastle.Cms Streams.PipeAll(signedContent.ContentStream, contentOut); } -// gen.AddAttributeCertificates(parser.GetAttributeCertificates("Collection")); -// gen.AddCertificates(parser.GetCertificates("Collection")); -// gen.AddCrls(parser.GetCrls("Collection")); if (x509AttrCerts != null) + { gen.AddAttributeCertificates(x509AttrCerts); + } if (x509Certs != null) + { gen.AddCertificates(x509Certs); + } if (x509Crls != null) + { gen.AddCrls(x509Crls); + } gen.AddSigners(parser.GetSignerInfos()); diff --git a/crypto/src/cms/CMSSignedDataStreamGenerator.cs b/crypto/src/cms/CMSSignedDataStreamGenerator.cs index 8e8b996f4..c19852884 100644 --- a/crypto/src/cms/CMSSignedDataStreamGenerator.cs +++ b/crypto/src/cms/CMSSignedDataStreamGenerator.cs @@ -566,14 +566,10 @@ namespace Org.BouncyCastle.Cms foreach (string digestOid in _messageDigestOids) { - digestAlgs.Add( - new AlgorithmIdentifier(new DerObjectIdentifier(digestOid), DerNull.Instance)); + digestAlgs.Add(new AlgorithmIdentifier(new DerObjectIdentifier(digestOid), DerNull.Instance)); } - { - byte[] tmp = new DerSet(digestAlgs).GetEncoded(); - sigGen.GetRawOutputStream().Write(tmp, 0, tmp.Length); - } + new DerSet(digestAlgs).EncodeTo(sigGen.GetRawOutputStream()); BerSequenceGenerator eiGen = new BerSequenceGenerator(sigGen.GetRawOutputStream()); eiGen.AddObject(contentTypeOid); @@ -917,12 +913,9 @@ namespace Org.BouncyCastle.Cms _sGen.Close(); } - private static void WriteToGenerator( - Asn1Generator ag, - Asn1Encodable ae) + private static void WriteToGenerator(Asn1Generator ag, Asn1Encodable ae) { - byte[] encoded = ae.GetEncoded(); - ag.GetRawOutputStream().Write(encoded, 0, encoded.Length); + ae.EncodeTo(ag.GetRawOutputStream()); } } } diff --git a/crypto/src/cms/CMSSignedGenerator.cs b/crypto/src/cms/CMSSignedGenerator.cs index 95d5ba65b..c1d4e0a46 100644 --- a/crypto/src/cms/CMSSignedGenerator.cs +++ b/crypto/src/cms/CMSSignedGenerator.cs @@ -1,6 +1,6 @@ using System; using System.Collections; -using System.IO; +using System.Collections.Generic; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.BC; @@ -16,13 +16,10 @@ using Org.BouncyCastle.Asn1.Rosstandart; using Org.BouncyCastle.Asn1.TeleTrust; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Asn1.X9; -using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.Collections; using Org.BouncyCastle.X509; -using Org.BouncyCastle.X509.Store; namespace Org.BouncyCastle.Cms { @@ -514,8 +511,8 @@ namespace Org.BouncyCastle.Cms public static readonly string EncryptionGost3410 = CryptoProObjectIdentifiers.GostR3410x94.Id; public static readonly string EncryptionECGost3410 = CryptoProObjectIdentifiers.GostR3410x2001.Id; - internal IList _certs = Platform.CreateArrayList(); - internal IList _crls = Platform.CreateArrayList(); + internal List<Asn1Encodable> _certs = new List<Asn1Encodable>(); + internal List<Asn1Encodable> _crls = new List<Asn1Encodable>(); internal IList _signers = Platform.CreateArrayList(); internal IDictionary _digests = Platform.CreateHashtable(); internal bool _useDerForCerts = false; @@ -562,40 +559,34 @@ namespace Org.BouncyCastle.Cms : new DerSet(attr.ToAsn1EncodableVector()); } - public void AddCertificates( - IX509Store certStore) + public void AddAttributeCertificate(X509V2AttributeCertificate attrCert) { - CollectionUtilities.AddRange(_certs, CmsUtilities.GetCertificatesFromStore(certStore)); + _certs.Add(new DerTaggedObject(false, 2, attrCert.AttributeCertificate)); } - public void AddCrls( - IX509Store crlStore) + public void AddAttributeCertificates(IStore<X509V2AttributeCertificate> attrCertStore) { - CollectionUtilities.AddRange(_crls, CmsUtilities.GetCrlsFromStore(crlStore)); + _certs.AddRange(CmsUtilities.GetAttributeCertificatesFromStore(attrCertStore)); } - /** - * Add the attribute certificates contained in the passed in store to the - * generator. - * - * @param store a store of Version 2 attribute certificates - * @throws CmsException if an error occurse processing the store. - */ - public void AddAttributeCertificates( - IX509Store store) + public void AddCertificate(X509Certificate cert) { - try - { - foreach (IX509AttributeCertificate attrCert in store.GetMatches(null)) - { - _certs.Add(new DerTaggedObject(false, 2, - AttributeCertificate.GetInstance(Asn1Object.FromByteArray(attrCert.GetEncoded())))); - } - } - catch (Exception e) - { - throw new CmsException("error processing attribute certs", e); - } + _certs.Add(cert.CertificateStructure); + } + + public void AddCertificates(IStore<X509Certificate> certStore) + { + _certs.AddRange(CmsUtilities.GetCertificatesFromStore(certStore)); + } + + public void AddCrl(X509Crl crl) + { + _crls.Add(crl.CertificateList); + } + + public void AddCrls(IStore<X509Crl> crlStore) + { + _crls.AddRange(CmsUtilities.GetCrlsFromStore(crlStore)); } /** @@ -603,8 +594,7 @@ namespace Org.BouncyCastle.Cms * * @param signerStore store of signers */ - public void AddSigners( - SignerInformationStore signerStore) + public void AddSigners(SignerInformationStore signerStore) { foreach (SignerInformation o in signerStore.GetSigners()) { diff --git a/crypto/src/cms/CMSSignedHelper.cs b/crypto/src/cms/CMSSignedHelper.cs index 07a3a92d1..7c7d42ef8 100644 --- a/crypto/src/cms/CMSSignedHelper.cs +++ b/crypto/src/cms/CMSSignedHelper.cs @@ -1,5 +1,6 @@ using System; using System.Collections; +using System.Collections.Generic; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.CryptoPro; @@ -16,7 +17,6 @@ using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.Collections; using Org.BouncyCastle.X509; -using Org.BouncyCastle.X509.Store; namespace Org.BouncyCastle.Cms { @@ -219,142 +219,6 @@ namespace Org.BouncyCastle.Cms return SignerUtilities.GetSigner(algorithm); } - internal IX509Store CreateAttributeStore( - string type, - Asn1Set certSet) - { - IList certs = Platform.CreateArrayList(); - - if (certSet != null) - { - foreach (Asn1Encodable ae in certSet) - { - try - { - Asn1Object obj = ae.ToAsn1Object(); - - if (obj is Asn1TaggedObject) - { - Asn1TaggedObject tagged = (Asn1TaggedObject)obj; - - if (tagged.TagNo == 2) - { - certs.Add( - new X509V2AttributeCertificate( - Asn1Sequence.GetInstance(tagged, false).GetEncoded())); - } - } - } - catch (Exception ex) - { - throw new CmsException("can't re-encode attribute certificate!", ex); - } - } - } - - try - { - return X509StoreFactory.Create( - "AttributeCertificate/" + type, - new X509CollectionStoreParameters(certs)); - } - catch (ArgumentException e) - { - throw new CmsException("can't setup the X509Store", e); - } - } - - internal IX509Store CreateCertificateStore( - string type, - Asn1Set certSet) - { - IList certs = Platform.CreateArrayList(); - - if (certSet != null) - { - AddCertsFromSet(certs, certSet); - } - - try - { - return X509StoreFactory.Create( - "Certificate/" + type, - new X509CollectionStoreParameters(certs)); - } - catch (ArgumentException e) - { - throw new CmsException("can't setup the X509Store", e); - } - } - - internal IX509Store CreateCrlStore( - string type, - Asn1Set crlSet) - { - IList crls = Platform.CreateArrayList(); - - if (crlSet != null) - { - AddCrlsFromSet(crls, crlSet); - } - - try - { - return X509StoreFactory.Create( - "CRL/" + type, - new X509CollectionStoreParameters(crls)); - } - catch (ArgumentException e) - { - throw new CmsException("can't setup the X509Store", e); - } - } - - private void AddCertsFromSet( - IList certs, - Asn1Set certSet) - { - X509CertificateParser cf = new X509CertificateParser(); - - foreach (Asn1Encodable ae in certSet) - { - try - { - Asn1Object obj = ae.ToAsn1Object(); - - if (obj is Asn1Sequence) - { - // TODO Build certificate directly from sequence? - certs.Add(cf.ReadCertificate(obj.GetEncoded())); - } - } - catch (Exception ex) - { - throw new CmsException("can't re-encode certificate!", ex); - } - } - } - - private void AddCrlsFromSet( - IList crls, - Asn1Set crlSet) - { - X509CrlParser cf = new X509CrlParser(); - - foreach (Asn1Encodable ae in crlSet) - { - try - { - // TODO Build CRL directly from ae.ToAsn1Object()? - crls.Add(cf.ReadCrl(ae.GetEncoded())); - } - catch (Exception ex) - { - throw new CmsException("can't re-encode CRL!", ex); - } - } - } - internal AlgorithmIdentifier FixAlgID( AlgorithmIdentifier algId) { @@ -434,17 +298,57 @@ namespace Org.BouncyCastle.Cms return encOID; } - public IX509Store GetCertificates(Asn1Set certificates) + internal IStore<X509V2AttributeCertificate> GetAttributeCertificates(Asn1Set attrCertSet) { - IList certList = Platform.CreateArrayList(); - if (certificates != null) - { - foreach (Asn1Encodable enc in certificates) - { - certList.Add(X509CertificateStructure.GetInstance(enc)); - } + var contents = new List<X509V2AttributeCertificate>(); + if (attrCertSet != null) + { + foreach (Asn1Encodable ae in attrCertSet) + { + if (ae != null && ae.ToAsn1Object() is Asn1TaggedObject t) + { + if (t.HasContextTag(2)) + { + Asn1Sequence s = Asn1Sequence.GetInstance(t, false); + + contents.Add(new X509V2AttributeCertificate(AttributeCertificate.GetInstance(s))); + } + } + } } - return new X509CollectionStore(certList); + return CollectionUtilities.CreateStore(contents); } - } + + internal IStore<X509Certificate> GetCertificates(Asn1Set certSet) + { + var contents = new List<X509Certificate>(); + if (certSet != null) + { + foreach (Asn1Encodable ae in certSet) + { + if (ae != null && ae.ToAsn1Object() is Asn1Sequence s) + { + contents.Add(new X509Certificate(X509CertificateStructure.GetInstance(s))); + } + } + } + return CollectionUtilities.CreateStore(contents); + } + + internal IStore<X509Crl> GetCrls(Asn1Set crlSet) + { + var contents = new List<X509Crl>(); + if (crlSet != null) + { + foreach (Asn1Encodable ae in crlSet) + { + if (ae != null && ae.ToAsn1Object() is Asn1Sequence s) + { + contents.Add(new X509Crl(CertificateList.GetInstance(s))); + } + } + } + return CollectionUtilities.CreateStore(contents); + } + } } diff --git a/crypto/src/cms/CMSUtils.cs b/crypto/src/cms/CMSUtils.cs index 95d710607..e30ac0491 100644 --- a/crypto/src/cms/CMSUtils.cs +++ b/crypto/src/cms/CMSUtils.cs @@ -1,15 +1,14 @@ using System; -using System.Collections; +using System.Collections.Generic; using System.IO; +using System.Linq; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cms; using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Security.Certificates; -using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; using Org.BouncyCastle.Utilities.IO; using Org.BouncyCastle.X509; -using Org.BouncyCastle.X509.Store; namespace Org.BouncyCastle.Cms { @@ -69,98 +68,72 @@ namespace Org.BouncyCastle.Cms } } - public static byte[] StreamToByteArray( - Stream inStream) + internal static byte[] StreamToByteArray(Stream inStream) { return Streams.ReadAll(inStream); } - public static byte[] StreamToByteArray( - Stream inStream, - int limit) + internal static byte[] StreamToByteArray(Stream inStream, int limit) { return Streams.ReadAllLimited(inStream, limit); } - public static IList GetCertificatesFromStore( - IX509Store certStore) + internal static List<Asn1TaggedObject> GetAttributeCertificatesFromStore( + IStore<X509V2AttributeCertificate> attrCertStore) { - try - { - IList certs = Platform.CreateArrayList(); - - if (certStore != null) - { - foreach (X509Certificate c in certStore.GetMatches(null)) - { - certs.Add( - X509CertificateStructure.GetInstance( - Asn1Object.FromByteArray(c.GetEncoded()))); - } - } + var result = new List<Asn1TaggedObject>(); + if (attrCertStore != null) + { + result.AddRange( + attrCertStore.EnumerateMatches(null) + .Select(c => new DerTaggedObject(false, 2, c.AttributeCertificate))); + } + return result; + } - return certs; - } - catch (CertificateEncodingException e) - { - throw new CmsException("error encoding certs", e); - } - catch (Exception e) - { - throw new CmsException("error processing certs", e); + internal static List<X509CertificateStructure> GetCertificatesFromStore(IStore<X509Certificate> certStore) + { + var result = new List<X509CertificateStructure>(); + if (certStore != null) + { + result.AddRange( + certStore.EnumerateMatches(null) + .Select(c => c.CertificateStructure)); } + return result; } - public static IList GetCrlsFromStore( - IX509Store crlStore) + internal static List<CertificateList> GetCrlsFromStore(IStore<X509Crl> crlStore) { - try - { - IList crls = Platform.CreateArrayList(); - - if (crlStore != null) - { - foreach (X509Crl c in crlStore.GetMatches(null)) - { - crls.Add( - CertificateList.GetInstance( - Asn1Object.FromByteArray(c.GetEncoded()))); - } - } - - return crls; - } - catch (CrlException e) - { - throw new CmsException("error encoding crls", e); - } - catch (Exception e) + var result = new List<CertificateList>(); + if (crlStore != null) { - throw new CmsException("error processing crls", e); + result.AddRange( + crlStore.EnumerateMatches(null) + .Select(c => c.CertificateList)); } + return result; } - public static Asn1Set CreateBerSetFromList( - IList berObjects) + internal static Asn1Set CreateBerSetFromList(IEnumerable<Asn1Encodable> elements) { Asn1EncodableVector v = new Asn1EncodableVector(); - foreach (Asn1Encodable ae in berObjects) + foreach (Asn1Encodable element in elements) { - v.Add(ae); + v.Add(element); } return new BerSet(v); } - public static Asn1Set CreateDerSetFromList( - IList derObjects) + internal static Asn1Set CreateDerSetFromList(IEnumerable<Asn1Encodable> elements) { Asn1EncodableVector v = new Asn1EncodableVector(); - foreach (Asn1Encodable ae in derObjects) + foreach (Asn1Encodable element in elements) { - v.Add(ae); + v.Add(element); } return new DerSet(v); diff --git a/crypto/src/cms/OriginatorInfoGenerator.cs b/crypto/src/cms/OriginatorInfoGenerator.cs index 6bf108799..d7d24dcc4 100644 --- a/crypto/src/cms/OriginatorInfoGenerator.cs +++ b/crypto/src/cms/OriginatorInfoGenerator.cs @@ -1,37 +1,37 @@ using System; -using System.Collections; +using System.Collections.Generic; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cms; -using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities.Collections; using Org.BouncyCastle.X509; -using Org.BouncyCastle.X509.Store; namespace Org.BouncyCastle.Cms { public class OriginatorInfoGenerator { - private readonly IList origCerts; - private readonly IList origCrls; + private readonly List<X509CertificateStructure> origCerts; + private readonly List<CertificateList> origCrls; public OriginatorInfoGenerator(X509Certificate origCert) { - this.origCerts = Platform.CreateArrayList(1); + this.origCerts = new List<X509CertificateStructure>(); this.origCrls = null; origCerts.Add(origCert.CertificateStructure); } - public OriginatorInfoGenerator(IX509Store origCerts) + public OriginatorInfoGenerator(IStore<X509Certificate> origCerts) : this(origCerts, null) { } - public OriginatorInfoGenerator(IX509Store origCerts, IX509Store origCrls) + public OriginatorInfoGenerator(IStore<X509Certificate> origCerts, IStore<X509Crl> origCrls) { this.origCerts = CmsUtilities.GetCertificatesFromStore(origCerts); this.origCrls = origCrls == null ? null : CmsUtilities.GetCrlsFromStore(origCrls); } - + public virtual OriginatorInfo Generate() { Asn1Set certSet = CmsUtilities.CreateDerSetFromList(origCerts); diff --git a/crypto/src/cms/OriginatorInformation.cs b/crypto/src/cms/OriginatorInformation.cs index 618add6e0..7186fafc3 100644 --- a/crypto/src/cms/OriginatorInformation.cs +++ b/crypto/src/cms/OriginatorInformation.cs @@ -1,12 +1,8 @@ using System; -using System.Collections; -using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cms; -using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; using Org.BouncyCastle.X509; -using Org.BouncyCastle.X509.Store; namespace Org.BouncyCastle.Cms { @@ -24,31 +20,9 @@ namespace Org.BouncyCastle.Cms * * @return a Store of X509CertificateHolder objects. */ - public virtual IX509Store GetCertificates() + public virtual IStore<X509Certificate> GetCertificates() { - Asn1Set certSet = originatorInfo.Certificates; - - if (certSet != null) - { - IList certList = Platform.CreateArrayList(certSet.Count); - - foreach (Asn1Encodable enc in certSet) - { - Asn1Object obj = enc.ToAsn1Object(); - if (obj is Asn1Sequence) - { - certList.Add(new X509Certificate(X509CertificateStructure.GetInstance(obj))); - } - } - - return X509StoreFactory.Create( - "Certificate/Collection", - new X509CollectionStoreParameters(certList)); - } - - return X509StoreFactory.Create( - "Certificate/Collection", - new X509CollectionStoreParameters(Platform.CreateArrayList())); + return CmsSignedHelper.Instance.GetCertificates(originatorInfo.Certificates); } /** @@ -56,31 +30,9 @@ namespace Org.BouncyCastle.Cms * * @return a Store of X509CRLHolder objects. */ - public virtual IX509Store GetCrls() + public virtual IStore<X509Crl> GetCrls() { - Asn1Set crlSet = originatorInfo.Certificates; - - if (crlSet != null) - { - IList crlList = Platform.CreateArrayList(crlSet.Count); - - foreach (Asn1Encodable enc in crlSet) - { - Asn1Object obj = enc.ToAsn1Object(); - if (obj is Asn1Sequence) - { - crlList.Add(new X509Crl(CertificateList.GetInstance(obj))); - } - } - - return X509StoreFactory.Create( - "CRL/Collection", - new X509CollectionStoreParameters(crlList)); - } - - return X509StoreFactory.Create( - "CRL/Collection", - new X509CollectionStoreParameters(Platform.CreateArrayList())); + return CmsSignedHelper.Instance.GetCrls(originatorInfo.Crls); } /** |