diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-06-26 20:47:24 +0700 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-06-26 20:47:24 +0700 |
commit | eed964522f8e198a33267387942b1764018dfe1e (patch) | |
tree | c6bcead7e5e54c88845287d10bca6a1235e655e8 /crypto/src/x509 | |
parent | Cleanup in PQC code (diff) | |
download | BouncyCastle.NET-ed25519-eed964522f8e198a33267387942b1764018dfe1e.tar.xz |
Replace IX509Store API with new store/selector API
- overhaul Cms, Pkix, X509 APIs
Diffstat (limited to 'crypto/src/x509')
18 files changed, 51 insertions, 415 deletions
diff --git a/crypto/src/x509/AttributeCertificateHolder.cs b/crypto/src/x509/AttributeCertificateHolder.cs index 7cd869b4b..b3cea1cfe 100644 --- a/crypto/src/x509/AttributeCertificateHolder.cs +++ b/crypto/src/x509/AttributeCertificateHolder.cs @@ -7,7 +7,7 @@ using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; using Org.BouncyCastle.Security.Certificates; using Org.BouncyCastle.Utilities; -using Org.BouncyCastle.X509.Store; +using Org.BouncyCastle.Utilities.Collections; namespace Org.BouncyCastle.X509 { @@ -28,7 +28,7 @@ namespace Org.BouncyCastle.X509 /// </remarks> public class AttributeCertificateHolder //: CertSelector, Selector - : IX509Selector + : ISelector<X509Certificate> { internal readonly Holder holder; @@ -325,9 +325,11 @@ namespace Org.BouncyCastle.X509 return new AttributeCertificateHolder((Asn1Sequence)holder.ToAsn1Object()); } - public bool Match( - X509Certificate x509Cert) + public bool Match(X509Certificate x509Cert) { + if (x509Cert == null) + return false; + try { if (holder.BaseCertificateID != null) @@ -417,17 +419,5 @@ namespace Org.BouncyCastle.X509 { return this.holder.GetHashCode(); } - - public bool Match( - object obj) - { - if (!(obj is X509Certificate)) - { - return false; - } - -// return Match((Certificate)obj); - return Match((X509Certificate)obj); - } } } diff --git a/crypto/src/x509/AttributeCertificateIssuer.cs b/crypto/src/x509/AttributeCertificateIssuer.cs index 32f16c23e..799a48877 100644 --- a/crypto/src/x509/AttributeCertificateIssuer.cs +++ b/crypto/src/x509/AttributeCertificateIssuer.cs @@ -2,7 +2,7 @@ using System; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.X509.Store; +using Org.BouncyCastle.Utilities.Collections; namespace Org.BouncyCastle.X509 { @@ -11,7 +11,7 @@ namespace Org.BouncyCastle.X509 */ public class AttributeCertificateIssuer //: CertSelector, Selector - : IX509Selector + : ISelector<X509Certificate> { internal readonly Asn1Encodable form; @@ -132,9 +132,11 @@ namespace Org.BouncyCastle.X509 return new AttributeCertificateIssuer(AttCertIssuer.GetInstance(form)); } - public bool Match( - X509Certificate x509Cert) + public bool Match(X509Certificate x509Cert) { + if (x509Cert == null) + return false; + if (form is V2Form) { V2Form issuer = (V2Form) form; @@ -172,17 +174,5 @@ namespace Org.BouncyCastle.X509 { return this.form.GetHashCode(); } - - public bool Match( - object obj) - { - if (!(obj is X509Certificate)) - { - return false; - } - - //return Match((Certificate)obj); - return Match((X509Certificate)obj); - } } } diff --git a/crypto/src/x509/IX509AttributeCertificate.cs b/crypto/src/x509/IX509AttributeCertificate.cs deleted file mode 100644 index 9a3004e01..000000000 --- a/crypto/src/x509/IX509AttributeCertificate.cs +++ /dev/null @@ -1,57 +0,0 @@ -using System; -using System.IO; - -using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Math; - -namespace Org.BouncyCastle.X509 -{ - /// <remarks>Interface for an X.509 Attribute Certificate.</remarks> - public interface IX509AttributeCertificate - : IX509Extension - { - /// <summary>The version number for the certificate.</summary> - int Version { get; } - - /// <summary>The serial number for the certificate.</summary> - BigInteger SerialNumber { get; } - - /// <summary>The UTC DateTime before which the certificate is not valid.</summary> - DateTime NotBefore { get; } - - /// <summary>The UTC DateTime after which the certificate is not valid.</summary> - DateTime NotAfter { get; } - - /// <summary>The holder of the certificate.</summary> - AttributeCertificateHolder Holder { get; } - - /// <summary>The issuer details for the certificate.</summary> - AttributeCertificateIssuer Issuer { get; } - - /// <summary>Return the attributes contained in the attribute block in the certificate.</summary> - /// <returns>An array of attributes.</returns> - X509Attribute[] GetAttributes(); - - /// <summary>Return the attributes with the same type as the passed in oid.</summary> - /// <param name="oid">The object identifier we wish to match.</param> - /// <returns>An array of matched attributes, null if there is no match.</returns> - X509Attribute[] GetAttributes(string oid); - - bool[] GetIssuerUniqueID(); - - bool IsValidNow { get; } - bool IsValid(DateTime date); - - void CheckValidity(); - void CheckValidity(DateTime date); - - byte[] GetSignature(); - - void Verify(AsymmetricKeyParameter publicKey); - - /// <summary>Return an ASN.1 encoded byte array representing the attribute certificate.</summary> - /// <returns>An ASN.1 encoded byte array.</returns> - /// <exception cref="IOException">If the certificate cannot be encoded.</exception> - byte[] GetEncoded(); - } -} diff --git a/crypto/src/x509/X509AttrCertParser.cs b/crypto/src/x509/X509AttrCertParser.cs index ce708ed8d..f1dc09543 100644 --- a/crypto/src/x509/X509AttrCertParser.cs +++ b/crypto/src/x509/X509AttrCertParser.cs @@ -1,12 +1,11 @@ using System; -using System.Collections; +using System.Collections.Generic; using System.IO; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Security.Certificates; -using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.IO; namespace Org.BouncyCastle.X509 @@ -19,7 +18,7 @@ namespace Org.BouncyCastle.X509 private int sDataObjectCount; private Stream currentStream; - private IX509AttributeCertificate ReadDerCertificate( + private X509V2AttributeCertificate ReadDerCertificate( Asn1InputStream dIn) { Asn1Sequence seq = (Asn1Sequence)dIn.ReadObject(); @@ -35,25 +34,21 @@ namespace Org.BouncyCastle.X509 } } -// return new X509V2AttributeCertificate(seq.getEncoded()); return new X509V2AttributeCertificate(AttributeCertificate.GetInstance(seq)); } - private IX509AttributeCertificate GetCertificate() + private X509V2AttributeCertificate GetCertificate() { if (sData != null) { while (sDataObjectCount < sData.Count) { - object obj = sData[sDataObjectCount++]; + Asn1Encodable ae = sData[sDataObjectCount++]; - if (obj is Asn1TaggedObject && ((Asn1TaggedObject)obj).TagNo == 2) + if (ae.ToAsn1Object() is Asn1TaggedObject t && t.TagNo == 2) { - //return new X509V2AttributeCertificate( - // Asn1Sequence.GetInstance((Asn1TaggedObject)obj, false).GetEncoded()); return new X509V2AttributeCertificate( - AttributeCertificate.GetInstance( - Asn1Sequence.GetInstance((Asn1TaggedObject)obj, false))); + AttributeCertificate.GetInstance(Asn1Sequence.GetInstance(t, false))); } } } @@ -61,14 +56,13 @@ namespace Org.BouncyCastle.X509 return null; } - private IX509AttributeCertificate ReadPemCertificate( + private X509V2AttributeCertificate ReadPemCertificate( Stream inStream) { Asn1Sequence seq = PemAttrCertParser.ReadPemObject(inStream); return seq == null ? null - //: new X509V2AttributeCertificate(seq.getEncoded()); : new X509V2AttributeCertificate(AttributeCertificate.GetInstance(seq)); } @@ -76,8 +70,7 @@ namespace Org.BouncyCastle.X509 /// Create loading data from byte array. /// </summary> /// <param name="input"></param> - public IX509AttributeCertificate ReadAttrCert( - byte[] input) + public X509V2AttributeCertificate ReadAttrCert(byte[] input) { return ReadAttrCert(new MemoryStream(input, false)); } @@ -86,8 +79,7 @@ namespace Org.BouncyCastle.X509 /// Create loading data from byte array. /// </summary> /// <param name="input"></param> - public ICollection ReadAttrCerts( - byte[] input) + public IList<X509V2AttributeCertificate> ReadAttrCerts(byte[] input) { return ReadAttrCerts(new MemoryStream(input, false)); } @@ -96,7 +88,7 @@ namespace Org.BouncyCastle.X509 * Generates a certificate object and initializes it with the data * read from the input stream inStream. */ - public IX509AttributeCertificate ReadAttrCert( + public X509V2AttributeCertificate ReadAttrCert( Stream inStream) { if (inStream == null) @@ -163,12 +155,11 @@ namespace Org.BouncyCastle.X509 * Returns a (possibly empty) collection view of the certificates * read from the given input stream inStream. */ - public ICollection ReadAttrCerts( - Stream inStream) + public IList<X509V2AttributeCertificate> ReadAttrCerts(Stream inStream) { - IX509AttributeCertificate attrCert; - IList attrCerts = Platform.CreateArrayList(); + var attrCerts = new List<X509V2AttributeCertificate>(); + X509V2AttributeCertificate attrCert; while ((attrCert = ReadAttrCert(inStream)) != null) { attrCerts.Add(attrCert); @@ -177,4 +168,4 @@ namespace Org.BouncyCastle.X509 return attrCerts; } } -} \ No newline at end of file +} diff --git a/crypto/src/x509/X509V2AttributeCertificate.cs b/crypto/src/x509/X509V2AttributeCertificate.cs index 1ceba101e..61bb8c879 100644 --- a/crypto/src/x509/X509V2AttributeCertificate.cs +++ b/crypto/src/x509/X509V2AttributeCertificate.cs @@ -15,7 +15,7 @@ namespace Org.BouncyCastle.X509 { /// <summary>An implementation of a version 2 X.509 Attribute Certificate.</summary> public class X509V2AttributeCertificate - : X509ExtensionBase, IX509AttributeCertificate + : X509ExtensionBase { private readonly AttributeCertificate cert; private readonly DateTime notBefore; @@ -49,8 +49,7 @@ namespace Org.BouncyCastle.X509 { } - internal X509V2AttributeCertificate( - AttributeCertificate cert) + public X509V2AttributeCertificate(AttributeCertificate cert) { this.cert = cert; @@ -65,6 +64,11 @@ namespace Org.BouncyCastle.X509 } } + public virtual AttributeCertificate AttributeCertificate + { + get { return cert; } + } + public virtual int Version { get { return cert.ACInfo.Version.IntValueExact + 1; } diff --git a/crypto/src/x509/X509V2AttributeCertificateGenerator.cs b/crypto/src/x509/X509V2AttributeCertificateGenerator.cs index 643604181..2baf10c63 100644 --- a/crypto/src/x509/X509V2AttributeCertificateGenerator.cs +++ b/crypto/src/x509/X509V2AttributeCertificateGenerator.cs @@ -104,7 +104,7 @@ namespace Org.BouncyCastle.X509 /// </summary> /// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param> /// <returns>An IX509AttributeCertificate.</returns> - public IX509AttributeCertificate Generate(ISignatureFactory signatureCalculatorFactory) + public X509V2AttributeCertificate Generate(ISignatureFactory signatureCalculatorFactory) { if (!extGenerator.IsEmpty) { diff --git a/crypto/src/x509/store/IX509Selector.cs b/crypto/src/x509/store/IX509Selector.cs deleted file mode 100644 index 4459903e7..000000000 --- a/crypto/src/x509/store/IX509Selector.cs +++ /dev/null @@ -1,15 +0,0 @@ -using System; - -namespace Org.BouncyCastle.X509.Store -{ - public interface IX509Selector -#if !PORTABLE - : ICloneable -#endif - { -#if PORTABLE - object Clone(); -#endif - bool Match(object obj); - } -} diff --git a/crypto/src/x509/store/IX509Store.cs b/crypto/src/x509/store/IX509Store.cs deleted file mode 100644 index e5c3a462a..000000000 --- a/crypto/src/x509/store/IX509Store.cs +++ /dev/null @@ -1,11 +0,0 @@ -using System; -using System.Collections; - -namespace Org.BouncyCastle.X509.Store -{ - public interface IX509Store - { -// void Init(IX509StoreParameters parameters); - ICollection GetMatches(IX509Selector selector); - } -} diff --git a/crypto/src/x509/store/IX509StoreParameters.cs b/crypto/src/x509/store/IX509StoreParameters.cs deleted file mode 100644 index aee3036c2..000000000 --- a/crypto/src/x509/store/IX509StoreParameters.cs +++ /dev/null @@ -1,8 +0,0 @@ -using System; - -namespace Org.BouncyCastle.X509.Store -{ - public interface IX509StoreParameters - { - } -} diff --git a/crypto/src/x509/store/NoSuchStoreException.cs b/crypto/src/x509/store/NoSuchStoreException.cs deleted file mode 100644 index 3acac536f..000000000 --- a/crypto/src/x509/store/NoSuchStoreException.cs +++ /dev/null @@ -1,30 +0,0 @@ -using System; -using System.Runtime.Serialization; - -namespace Org.BouncyCastle.X509.Store -{ - [Serializable] - public class NoSuchStoreException - : X509StoreException - { - public NoSuchStoreException() - : base() - { - } - - public NoSuchStoreException(string message) - : base(message) - { - } - - public NoSuchStoreException(string message, Exception innerException) - : base(message, innerException) - { - } - - protected NoSuchStoreException(SerializationInfo info, StreamingContext context) - : base(info, context) - { - } - } -} diff --git a/crypto/src/x509/store/X509AttrCertStoreSelector.cs b/crypto/src/x509/store/X509AttrCertStoreSelector.cs index d60a5f23c..b25d0de19 100644 --- a/crypto/src/x509/store/X509AttrCertStoreSelector.cs +++ b/crypto/src/x509/store/X509AttrCertStoreSelector.cs @@ -18,11 +18,11 @@ namespace Org.BouncyCastle.X509.Store * @see org.bouncycastle.x509.X509Store */ public class X509AttrCertStoreSelector - : IX509Selector + : ISelector<X509V2AttributeCertificate> { // TODO: name constraints??? - private IX509AttributeCertificate attributeCert; + private X509V2AttributeCertificate attributeCert; private DateTimeObject attributeCertificateValid; private AttributeCertificateHolder holder; private AttributeCertificateIssuer issuer; @@ -49,16 +49,10 @@ namespace Org.BouncyCastle.X509.Store /// <summary> /// Decides if the given attribute certificate should be selected. /// </summary> - /// <param name="obj">The attribute certificate to be checked.</param> + /// <param name="attrCert">The attribute certificate to be checked.</param> /// <returns><code>true</code> if the object matches this selector.</returns> - public bool Match( - object obj) + public bool Match(X509V2AttributeCertificate attrCert) { - if (obj == null) - throw new ArgumentNullException("obj"); - - IX509AttributeCertificate attrCert = obj as IX509AttributeCertificate; - if (attrCert == null) return false; @@ -160,7 +154,7 @@ namespace Org.BouncyCastle.X509.Store /// <summary>The attribute certificate which must be matched.</summary> /// <remarks>If <c>null</c> is given, any will do.</remarks> - public IX509AttributeCertificate AttributeCert + public X509V2AttributeCertificate AttributeCert { get { return attributeCert; } set { this.attributeCert = value; } diff --git a/crypto/src/x509/store/X509CertPairStoreSelector.cs b/crypto/src/x509/store/X509CertPairStoreSelector.cs index 2796971c7..936da2e48 100644 --- a/crypto/src/x509/store/X509CertPairStoreSelector.cs +++ b/crypto/src/x509/store/X509CertPairStoreSelector.cs @@ -1,5 +1,7 @@ using System; +using Org.BouncyCastle.Utilities.Collections; + namespace Org.BouncyCastle.X509.Store { /// <remarks> @@ -9,7 +11,7 @@ namespace Org.BouncyCastle.X509.Store /// each of which, if present, must match the respective component of a pair. /// </remarks> public class X509CertPairStoreSelector - : IX509Selector + : ISelector<X509CertificatePair> { private static X509CertStoreSelector CloneSelector( X509CertStoreSelector s) @@ -59,16 +61,10 @@ namespace Org.BouncyCastle.X509.Store /// <c>obj</c> is not a <code>X509CertificatePair</code>, this method /// returns <code>false</code>. /// </summary> - /// <param name="obj">The <code>X509CertificatePair</code> to be tested.</param> + /// <param name="pair">The <code>X509CertificatePair</code> to be tested.</param> /// <returns><code>true</code> if the object matches this selector.</returns> - public bool Match( - object obj) + public bool Match(X509CertificatePair pair) { - if (obj == null) - throw new ArgumentNullException("obj"); - - X509CertificatePair pair = obj as X509CertificatePair; - if (pair == null) return false; diff --git a/crypto/src/x509/store/X509CertStoreSelector.cs b/crypto/src/x509/store/X509CertStoreSelector.cs index 8e22b862a..b351f1cf3 100644 --- a/crypto/src/x509/store/X509CertStoreSelector.cs +++ b/crypto/src/x509/store/X509CertStoreSelector.cs @@ -12,7 +12,7 @@ using Org.BouncyCastle.X509.Extension; namespace Org.BouncyCastle.X509.Store { public class X509CertStoreSelector - : IX509Selector + : ISelector<X509Certificate> { // TODO Missing criteria? @@ -160,11 +160,8 @@ namespace Org.BouncyCastle.X509.Store set { subjectPublicKeyAlgID = value; } } - public virtual bool Match( - object obj) + public virtual bool Match(X509Certificate c) { - X509Certificate c = obj as X509Certificate; - if (c == null) return false; diff --git a/crypto/src/x509/store/X509CollectionStore.cs b/crypto/src/x509/store/X509CollectionStore.cs deleted file mode 100644 index 92173140b..000000000 --- a/crypto/src/x509/store/X509CollectionStore.cs +++ /dev/null @@ -1,51 +0,0 @@ -using System; -using System.Collections; - -using Org.BouncyCastle.Utilities; - -namespace Org.BouncyCastle.X509.Store -{ - /** - * A simple collection backed store. - */ - internal class X509CollectionStore - : IX509Store - { - private ICollection _local; - - /** - * Basic constructor. - * - * @param collection - initial contents for the store, this is copied. - */ - internal X509CollectionStore( - ICollection collection) - { - _local = Platform.CreateArrayList(collection); - } - - /** - * Return the matches in the collection for the passed in selector. - * - * @param selector the selector to match against. - * @return a possibly empty collection of matching objects. - */ - public ICollection GetMatches( - IX509Selector selector) - { - if (selector == null) - { - return Platform.CreateArrayList(_local); - } - - IList result = Platform.CreateArrayList(); - foreach (object obj in _local) - { - if (selector.Match(obj)) - result.Add(obj); - } - - return result; - } - } -} diff --git a/crypto/src/x509/store/X509CollectionStoreParameters.cs b/crypto/src/x509/store/X509CollectionStoreParameters.cs deleted file mode 100644 index 7fd047a47..000000000 --- a/crypto/src/x509/store/X509CollectionStoreParameters.cs +++ /dev/null @@ -1,60 +0,0 @@ -using System; -using System.Collections; -using System.Text; - -using Org.BouncyCastle.Utilities; - -namespace Org.BouncyCastle.X509.Store -{ - /// <remarks>This class contains a collection for collection based <code>X509Store</code>s.</remarks> - public class X509CollectionStoreParameters - : IX509StoreParameters - { - private readonly IList collection; - - /// <summary> - /// Constructor. - /// <p> - /// The collection is copied. - /// </p> - /// </summary> - /// <param name="collection">The collection containing X.509 object types.</param> - /// <exception cref="ArgumentNullException">If collection is null.</exception> - public X509CollectionStoreParameters( - ICollection collection) - { - if (collection == null) - throw new ArgumentNullException("collection"); - - this.collection = Platform.CreateArrayList(collection); - } - - // TODO Do we need to be able to Clone() these, and should it really be shallow? -// /** -// * Returns a shallow clone. The returned contents are not copied, so adding -// * or removing objects will effect this. -// * -// * @return a shallow clone. -// */ -// public object Clone() -// { -// return new X509CollectionStoreParameters(collection); -// } - - /// <summary>Returns a copy of the <code>ICollection</code>.</summary> - public ICollection GetCollection() - { - return Platform.CreateArrayList(collection); - } - - /// <summary>Returns a formatted string describing the parameters.</summary> - public override string ToString() - { - StringBuilder sb = new StringBuilder(); - sb.Append("X509CollectionStoreParameters: [\n"); - sb.Append(" collection: " + collection + "\n"); - sb.Append("]"); - return sb.ToString(); - } - } -} diff --git a/crypto/src/x509/store/X509CrlStoreSelector.cs b/crypto/src/x509/store/X509CrlStoreSelector.cs index 4be2a1ef0..dcf8f8876 100644 --- a/crypto/src/x509/store/X509CrlStoreSelector.cs +++ b/crypto/src/x509/store/X509CrlStoreSelector.cs @@ -5,13 +5,14 @@ using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Math; using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; using Org.BouncyCastle.Utilities.Date; using Org.BouncyCastle.X509.Extension; namespace Org.BouncyCastle.X509.Store { public class X509CrlStoreSelector - : IX509Selector + : ISelector<X509Crl> { // TODO Missing criteria? @@ -21,7 +22,7 @@ namespace Org.BouncyCastle.X509.Store private BigInteger maxCrlNumber; private BigInteger minCrlNumber; - private IX509AttributeCertificate attrCertChecking; + private X509V2AttributeCertificate attrCertChecking; private bool completeCrlEnabled; private bool deltaCrlIndicatorEnabled; private byte[] issuingDistributionPoint; @@ -98,7 +99,7 @@ namespace Org.BouncyCastle.X509.Store * <code>null</code>) * @see #getAttrCertificateChecking() */ - public IX509AttributeCertificate AttrCertChecking + public X509V2AttributeCertificate AttrCertChecking { get { return attrCertChecking; } set { this.attrCertChecking = value; } @@ -180,11 +181,8 @@ namespace Org.BouncyCastle.X509.Store set { this.maxBaseCrlNumber = value; } } - public virtual bool Match( - object obj) + public virtual bool Match(X509Crl c) { - X509Crl c = obj as X509Crl; - if (c == null) return false; diff --git a/crypto/src/x509/store/X509StoreException.cs b/crypto/src/x509/store/X509StoreException.cs deleted file mode 100644 index 0ad32c2ef..000000000 --- a/crypto/src/x509/store/X509StoreException.cs +++ /dev/null @@ -1,30 +0,0 @@ -using System; -using System.Runtime.Serialization; - -namespace Org.BouncyCastle.X509.Store -{ - [Serializable] - public class X509StoreException - : Exception - { - public X509StoreException() - : base() - { - } - - public X509StoreException(string message) - : base(message) - { - } - - public X509StoreException(string message, Exception innerException) - : base(message, innerException) - { - } - - protected X509StoreException(SerializationInfo info, StreamingContext context) - : base(info, context) - { - } - } -} diff --git a/crypto/src/x509/store/X509StoreFactory.cs b/crypto/src/x509/store/X509StoreFactory.cs deleted file mode 100644 index 96f22be3f..000000000 --- a/crypto/src/x509/store/X509StoreFactory.cs +++ /dev/null @@ -1,62 +0,0 @@ -using System; -using System.Collections; - -using Org.BouncyCastle.Utilities; - -namespace Org.BouncyCastle.X509.Store -{ - public sealed class X509StoreFactory - { - private X509StoreFactory() - { - } - - public static IX509Store Create( - string type, - IX509StoreParameters parameters) - { - if (type == null) - throw new ArgumentNullException("type"); - - string[] parts = Platform.ToUpperInvariant(type).Split('/'); - - if (parts.Length < 2) - throw new ArgumentException("type"); - - if (parts[1] != "COLLECTION") - throw new NoSuchStoreException("X.509 store type '" + type + "' not available."); - - X509CollectionStoreParameters p = (X509CollectionStoreParameters) parameters; - ICollection coll = p.GetCollection(); - - switch (parts[0]) - { - case "ATTRIBUTECERTIFICATE": - checkCorrectType(coll, typeof(IX509AttributeCertificate)); - break; - case "CERTIFICATE": - checkCorrectType(coll, typeof(X509Certificate)); - break; - case "CERTIFICATEPAIR": - checkCorrectType(coll, typeof(X509CertificatePair)); - break; - case "CRL": - checkCorrectType(coll, typeof(X509Crl)); - break; - default: - throw new NoSuchStoreException("X.509 store type '" + type + "' not available."); - } - - return new X509CollectionStore(coll); - } - - private static void checkCorrectType(ICollection coll, Type t) - { - foreach (object o in coll) - { - if (!t.IsInstanceOfType(o)) - throw new InvalidCastException("Can't cast object to type: " + t.FullName); - } - } - } -} |