Replace IX509Store API with new store/selector API

- overhaul Cms, Pkix, X509 APIs

2 files changed, 30 insertions, 77 deletions

diff --git a/crypto/src/ocsp/BasicOCSPResp.cs b/crypto/src/ocsp/BasicOCSPResp.cs
index 2f6d68b48..6c8ad9eee 100644
--- a/crypto/src/ocsp/BasicOCSPResp.cs
+++ b/crypto/src/ocsp/BasicOCSPResp.cs
@@ -1,5 +1,5 @@
 using System;
-using System.Collections;
+using System.Collections.Generic;
 using System.IO;
 
 using Org.BouncyCastle.Asn1;
@@ -7,10 +7,8 @@ using Org.BouncyCastle.Asn1.Ocsp;
 using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Security;
-using Org.BouncyCastle.Security.Certificates;
-using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
 using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
 
 namespace Org.BouncyCastle.Ocsp
 {
@@ -108,61 +106,37 @@ namespace Org.BouncyCastle.Ocsp
 			return resp.GetSignatureOctets();
 		}
 
-		private IList GetCertList()
+		private List<X509Certificate> GetCertList()
 		{
-			// load the certificates and revocation lists if we have any
+			// load the certificates if we have any
 
-			IList certs = Platform.CreateArrayList();
-			Asn1Sequence s = resp.Certs;
+			var result = new List<X509Certificate>();
 
-			if (s != null)
+			Asn1Sequence certs = resp.Certs;
+			if (certs != null)
 			{
-				foreach (Asn1Encodable ae in s)
+				foreach (Asn1Encodable ae in certs)
 				{
-					try
+					if (ae != null && ae.ToAsn1Object() is Asn1Sequence s)
 					{
-						certs.Add(new X509CertificateParser().ReadCertificate(ae.GetEncoded()));
-					}
-					catch (IOException ex)
-					{
-						throw new OcspException("can't re-encode certificate!", ex);
-					}
-					catch (CertificateException ex)
-					{
-						throw new OcspException("can't re-encode certificate!", ex);
+						result.Add(new X509Certificate(X509CertificateStructure.GetInstance(s)));
 					}
 				}
 			}
 
-			return certs;
+			return result;
 		}
 
 		public X509Certificate[] GetCerts()
 		{
-			IList certs = GetCertList();
-            X509Certificate[] result = new X509Certificate[certs.Count];
-            for (int i = 0; i < certs.Count; ++i)
-            {
-                result[i] = (X509Certificate)certs[i];
-            }
-            return result;
+			return GetCertList().ToArray();
 		}
 
 		/// <returns>The certificates, if any, associated with the response.</returns>
 		/// <exception cref="OcspException">In the event of an encoding error.</exception>
-		public IX509Store GetCertificates(
-			string type)
+		public IStore<X509Certificate> GetCertificates()
 		{
-			try
-			{
-				return X509StoreFactory.Create(
-					"Certificate/" + type,
-					new X509CollectionStoreParameters(this.GetCertList()));
-			}
-			catch (Exception e)
-			{
-				throw new OcspException("can't setup the CertStore", e);
-			}
+			return CollectionUtilities.CreateStore(this.GetCertList());
 		}
 
 		/// <summary>
diff --git a/crypto/src/ocsp/OCSPReq.cs b/crypto/src/ocsp/OCSPReq.cs
index 5408f068f..b1718c0c0 100644
--- a/crypto/src/ocsp/OCSPReq.cs
+++ b/crypto/src/ocsp/OCSPReq.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Collections;
+using System.Collections.Generic;
 using System.IO;
 
 using Org.BouncyCastle.Asn1;
@@ -7,10 +8,8 @@ using Org.BouncyCastle.Asn1.Ocsp;
 using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Security;
-using Org.BouncyCastle.Security.Certificates;
-using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
 using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
 
 namespace Org.BouncyCastle.Ocsp
 {
@@ -156,29 +155,25 @@ namespace Org.BouncyCastle.Ocsp
 			return req.OptionalSignature.GetSignatureOctets();
 		}
 
-        private IList GetCertList()
+        private List<X509Certificate> GetCertList()
 		{
 			// load the certificates if we have any
 
-			IList certs = Platform.CreateArrayList();
-			Asn1Sequence s = req.OptionalSignature.Certs;
+			var result = new List<X509Certificate>();
 
-			if (s != null)
+			Asn1Sequence certs = req.OptionalSignature.Certs;
+			if (certs != null)
 			{
-				foreach (Asn1Encodable ae in s)
+				foreach (Asn1Encodable ae in certs)
 				{
-					try
-					{
-						certs.Add(new X509CertificateParser().ReadCertificate(ae.GetEncoded()));
-					}
-					catch (Exception e)
-					{
-						throw new OcspException("can't re-encode certificate!", e);
-					}
-				}
+                    if (ae != null && ae.ToAsn1Object() is Asn1Sequence s)
+                    {
+                        result.Add(new X509Certificate(X509CertificateStructure.GetInstance(s)));
+                    }
+                }
 			}
 
-			return certs;
+			return result;
 		}
 
 		public X509Certificate[] GetCerts()
@@ -186,13 +181,7 @@ namespace Org.BouncyCastle.Ocsp
 			if (!this.IsSigned)
 				return null;
 
-			IList certs = this.GetCertList();
-            X509Certificate[] result = new X509Certificate[certs.Count];
-            for (int i = 0; i < certs.Count; ++i)
-            {
-                result[i] = (X509Certificate)certs[i];
-            }
-            return result;
+			return this.GetCertList().ToArray();
 		}
 
 		/**
@@ -202,22 +191,12 @@ namespace Org.BouncyCastle.Ocsp
 		 * @return null if not signed, a CertStore otherwise
 		 * @throws OcspException
 		 */
-		public IX509Store GetCertificates(
-			string type)
+		public IStore<X509Certificate> GetCertificates()
 		{
 			if (!this.IsSigned)
 				return null;
 
-			try
-			{
-				return X509StoreFactory.Create(
-					"Certificate/" + type,
-					new X509CollectionStoreParameters(this.GetCertList()));
-			}
-			catch (Exception e)
-			{
-				throw new OcspException("can't setup the CertStore", e);
-			}
+			return CollectionUtilities.CreateStore(this.GetCertList());
 		}
 
 		/**