diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-06-26 20:47:24 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-06-26 20:47:24 +0700 |
| commit | eed964522f8e198a33267387942b1764018dfe1e (patch) | |
| tree | c6bcead7e5e54c88845287d10bca6a1235e655e8 /crypto/src/ocsp | |
| parent | Cleanup in PQC code (diff) | |
| download | BouncyCastle.NET-ed25519-eed964522f8e198a33267387942b1764018dfe1e.tar.xz | |
Replace IX509Store API with new store/selector API
- overhaul Cms, Pkix, X509 APIs
Diffstat (limited to 'crypto/src/ocsp')
| -rw-r--r-- | crypto/src/ocsp/BasicOCSPResp.cs | 54 | ||||
| -rw-r--r-- | crypto/src/ocsp/OCSPReq.cs | 53 |
2 files changed, 30 insertions, 77 deletions
diff --git a/crypto/src/ocsp/BasicOCSPResp.cs b/crypto/src/ocsp/BasicOCSPResp.cs index 2f6d68b48..6c8ad9eee 100644 --- a/crypto/src/ocsp/BasicOCSPResp.cs +++ b/crypto/src/ocsp/BasicOCSPResp.cs @@ -1,5 +1,5 @@ using System; -using System.Collections; +using System.Collections.Generic; using System.IO; using Org.BouncyCastle.Asn1; @@ -7,10 +7,8 @@ using Org.BouncyCastle.Asn1.Ocsp; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Security; -using Org.BouncyCastle.Security.Certificates; -using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; using Org.BouncyCastle.X509; -using Org.BouncyCastle.X509.Store; namespace Org.BouncyCastle.Ocsp { @@ -108,61 +106,37 @@ namespace Org.BouncyCastle.Ocsp return resp.GetSignatureOctets(); } - private IList GetCertList() + private List<X509Certificate> GetCertList() { - // load the certificates and revocation lists if we have any + // load the certificates if we have any - IList certs = Platform.CreateArrayList(); - Asn1Sequence s = resp.Certs; + var result = new List<X509Certificate>(); - if (s != null) + Asn1Sequence certs = resp.Certs; + if (certs != null) { - foreach (Asn1Encodable ae in s) + foreach (Asn1Encodable ae in certs) { - try + if (ae != null && ae.ToAsn1Object() is Asn1Sequence s) { - certs.Add(new X509CertificateParser().ReadCertificate(ae.GetEncoded())); - } - catch (IOException ex) - { - throw new OcspException("can't re-encode certificate!", ex); - } - catch (CertificateException ex) - { - throw new OcspException("can't re-encode certificate!", ex); + result.Add(new X509Certificate(X509CertificateStructure.GetInstance(s))); } } } - return certs; + return result; } public X509Certificate[] GetCerts() { - IList certs = GetCertList(); - X509Certificate[] result = new X509Certificate[certs.Count]; - for (int i = 0; i < certs.Count; ++i) - { - result[i] = (X509Certificate)certs[i]; - } - return result; + return GetCertList().ToArray(); } /// <returns>The certificates, if any, associated with the response.</returns> /// <exception cref="OcspException">In the event of an encoding error.</exception> - public IX509Store GetCertificates( - string type) + public IStore<X509Certificate> GetCertificates() { - try - { - return X509StoreFactory.Create( - "Certificate/" + type, - new X509CollectionStoreParameters(this.GetCertList())); - } - catch (Exception e) - { - throw new OcspException("can't setup the CertStore", e); - } + return CollectionUtilities.CreateStore(this.GetCertList()); } /// <summary> diff --git a/crypto/src/ocsp/OCSPReq.cs b/crypto/src/ocsp/OCSPReq.cs index 5408f068f..b1718c0c0 100644 --- a/crypto/src/ocsp/OCSPReq.cs +++ b/crypto/src/ocsp/OCSPReq.cs @@ -1,5 +1,6 @@ using System; using System.Collections; +using System.Collections.Generic; using System.IO; using Org.BouncyCastle.Asn1; @@ -7,10 +8,8 @@ using Org.BouncyCastle.Asn1.Ocsp; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Security; -using Org.BouncyCastle.Security.Certificates; -using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; using Org.BouncyCastle.X509; -using Org.BouncyCastle.X509.Store; namespace Org.BouncyCastle.Ocsp { @@ -156,29 +155,25 @@ namespace Org.BouncyCastle.Ocsp return req.OptionalSignature.GetSignatureOctets(); } - private IList GetCertList() + private List<X509Certificate> GetCertList() { // load the certificates if we have any - IList certs = Platform.CreateArrayList(); - Asn1Sequence s = req.OptionalSignature.Certs; + var result = new List<X509Certificate>(); - if (s != null) + Asn1Sequence certs = req.OptionalSignature.Certs; + if (certs != null) { - foreach (Asn1Encodable ae in s) + foreach (Asn1Encodable ae in certs) { - try - { - certs.Add(new X509CertificateParser().ReadCertificate(ae.GetEncoded())); - } - catch (Exception e) - { - throw new OcspException("can't re-encode certificate!", e); - } - } + if (ae != null && ae.ToAsn1Object() is Asn1Sequence s) + { + result.Add(new X509Certificate(X509CertificateStructure.GetInstance(s))); + } + } } - return certs; + return result; } public X509Certificate[] GetCerts() @@ -186,13 +181,7 @@ namespace Org.BouncyCastle.Ocsp if (!this.IsSigned) return null; - IList certs = this.GetCertList(); - X509Certificate[] result = new X509Certificate[certs.Count]; - for (int i = 0; i < certs.Count; ++i) - { - result[i] = (X509Certificate)certs[i]; - } - return result; + return this.GetCertList().ToArray(); } /** @@ -202,22 +191,12 @@ namespace Org.BouncyCastle.Ocsp * @return null if not signed, a CertStore otherwise * @throws OcspException */ - public IX509Store GetCertificates( - string type) + public IStore<X509Certificate> GetCertificates() { if (!this.IsSigned) return null; - try - { - return X509StoreFactory.Create( - "Certificate/" + type, - new X509CollectionStoreParameters(this.GetCertList())); - } - catch (Exception e) - { - throw new OcspException("can't setup the CertStore", e); - } + return CollectionUtilities.CreateStore(this.GetCertList()); } /** |