summary refs log tree commit diff
path: root/crypto/src
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2015-11-12 22:57:06 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2015-11-12 22:57:06 +0700
commit809e86bbf8ed478e7aa7b9de8a3bfc3014289bd5 (patch)
tree9287ae725992c5972bed155ec4f4773fdace7b22 /crypto/src
parentRefactoring of "unused bits" changes (diff)
downloadBouncyCastle.NET-ed25519-809e86bbf8ed478e7aa7b9de8a3bfc3014289bd5.tar.xz
Review of culture-independent String comparison methods
Diffstat (limited to 'crypto/src')
-rw-r--r--crypto/src/asn1/DerGeneralizedTime.cs6
-rw-r--r--crypto/src/asn1/DerObjectIdentifier.cs2
-rw-r--r--crypto/src/asn1/anssi/ANSSINamedCurves.cs4
-rw-r--r--crypto/src/asn1/sec/SECNamedCurves.cs4
-rw-r--r--crypto/src/asn1/teletrust/TeleTrusTNamedCurves.cs4
-rw-r--r--crypto/src/asn1/x509/GeneralName.cs5
-rw-r--r--crypto/src/asn1/x509/X509Name.cs16
-rw-r--r--crypto/src/asn1/x9/X962NamedCurves.cs4
-rw-r--r--crypto/src/cms/KEKRecipientInfoGenerator.cs11
-rw-r--r--crypto/src/cms/PasswordRecipientInfoGenerator.cs3
-rw-r--r--crypto/src/crypto/ec/CustomNamedCurves.cs10
-rw-r--r--crypto/src/openpgp/PgpPublicKeyRingBundle.cs6
-rw-r--r--crypto/src/openpgp/PgpSecretKey.cs2
-rw-r--r--crypto/src/openpgp/PgpSecretKeyRingBundle.cs6
-rw-r--r--crypto/src/openssl/MiscPemGenerator.cs2
-rw-r--r--crypto/src/openssl/PEMReader.cs4
-rw-r--r--crypto/src/pkcs/Pkcs10CertificationRequest.cs2
-rw-r--r--crypto/src/pkcs/Pkcs12Store.cs16
-rw-r--r--crypto/src/pkix/PkixCertPath.cs6
-rw-r--r--crypto/src/pkix/PkixCertPathValidatorUtilities.cs2
-rw-r--r--crypto/src/pkix/PkixNameConstraintValidator.cs87
-rw-r--r--crypto/src/security/CipherUtilities.cs6
-rw-r--r--crypto/src/security/GeneratorUtilities.cs2
-rw-r--r--crypto/src/security/MacUtilities.cs6
-rw-r--r--crypto/src/security/PbeUtilities.cs32
-rw-r--r--crypto/src/security/SecureRandom.cs2
-rw-r--r--crypto/src/security/SignerUtilities.cs6
-rw-r--r--crypto/src/util/Platform.cs34
-rw-r--r--crypto/src/util/io/pem/PemReader.cs10
-rw-r--r--crypto/src/util/net/IPAddress.cs4
-rw-r--r--crypto/src/x509/PEMParser.cs5
-rw-r--r--crypto/src/x509/X509SignatureUtil.cs2
32 files changed, 165 insertions, 146 deletions
diff --git a/crypto/src/asn1/DerGeneralizedTime.cs b/crypto/src/asn1/DerGeneralizedTime.cs
index 17c42e7cf..79b008768 100644
--- a/crypto/src/asn1/DerGeneralizedTime.cs
+++ b/crypto/src/asn1/DerGeneralizedTime.cs
@@ -204,7 +204,7 @@ namespace Org.BouncyCastle.Asn1
             string d = time;
             bool makeUniversal = false;
 
-            if (d.EndsWith("Z"))
+            if (Platform.EndsWith(d, "Z"))
             {
                 if (HasFractionalSeconds)
                 {
@@ -223,7 +223,7 @@ namespace Org.BouncyCastle.Asn1
 
                 if (HasFractionalSeconds)
                 {
-                    int fCount = d.IndexOf("GMT") - 1 - d.IndexOf('.');
+                    int fCount = Platform.IndexOf(d, "GMT") - 1 - d.IndexOf('.');
                     formatStr = @"yyyyMMddHHmmss." + FString(fCount) + @"'GMT'zzz";
                 }
                 else
@@ -267,7 +267,7 @@ namespace Org.BouncyCastle.Asn1
              * NOTE: DateTime.Kind and DateTimeStyles.AssumeUniversal not available in .NET 1.1
              */
             DateTimeStyles style = DateTimeStyles.None;
-            if (format.EndsWith("Z"))
+            if (Platform.EndsWith(format, "Z"))
             {
                 try
                 {
diff --git a/crypto/src/asn1/DerObjectIdentifier.cs b/crypto/src/asn1/DerObjectIdentifier.cs
index f9f6a79d6..563c637e5 100644
--- a/crypto/src/asn1/DerObjectIdentifier.cs
+++ b/crypto/src/asn1/DerObjectIdentifier.cs
@@ -83,7 +83,7 @@ namespace Org.BouncyCastle.Asn1
         public virtual bool On(DerObjectIdentifier stem)
         {
             string id = Id, stemId = stem.Id;
-            return id.Length > stemId.Length && id[stemId.Length] == '.' && id.StartsWith(stemId);
+            return id.Length > stemId.Length && id[stemId.Length] == '.' && Platform.StartsWith(id, stemId);
         }
 
         internal DerObjectIdentifier(byte[] bytes)
diff --git a/crypto/src/asn1/anssi/ANSSINamedCurves.cs b/crypto/src/asn1/anssi/ANSSINamedCurves.cs
index c7f9545f2..d0c90ebf1 100644
--- a/crypto/src/asn1/anssi/ANSSINamedCurves.cs
+++ b/crypto/src/asn1/anssi/ANSSINamedCurves.cs
@@ -60,7 +60,7 @@ namespace Org.BouncyCastle.Asn1.Anssi
             DerObjectIdentifier		oid,
             X9ECParametersHolder	holder)
         {
-            objIds.Add(Platform.ToLowerInvariant(name), oid);
+            objIds.Add(Platform.ToUpperInvariant(name), oid);
             names.Add(oid, name);
             curves.Add(oid, holder);
         }
@@ -99,7 +99,7 @@ namespace Org.BouncyCastle.Asn1.Anssi
         public static DerObjectIdentifier GetOid(
             string name)
         {
-            return (DerObjectIdentifier)objIds[Platform.ToLowerInvariant(name)];
+            return (DerObjectIdentifier)objIds[Platform.ToUpperInvariant(name)];
         }
 
         /**
diff --git a/crypto/src/asn1/sec/SECNamedCurves.cs b/crypto/src/asn1/sec/SECNamedCurves.cs
index ca71a4e66..b753ac5d1 100644
--- a/crypto/src/asn1/sec/SECNamedCurves.cs
+++ b/crypto/src/asn1/sec/SECNamedCurves.cs
@@ -1088,7 +1088,7 @@ namespace Org.BouncyCastle.Asn1.Sec
             DerObjectIdentifier		oid,
             X9ECParametersHolder	holder)
         {
-            objIds.Add(Platform.ToLowerInvariant(name), oid);
+            objIds.Add(Platform.ToUpperInvariant(name), oid);
             names.Add(oid, name);
             curves.Add(oid, holder);
         }
@@ -1160,7 +1160,7 @@ namespace Org.BouncyCastle.Asn1.Sec
         public static DerObjectIdentifier GetOid(
             string name)
         {
-            return (DerObjectIdentifier)objIds[Platform.ToLowerInvariant(name)];
+            return (DerObjectIdentifier)objIds[Platform.ToUpperInvariant(name)];
         }
 
         /**
diff --git a/crypto/src/asn1/teletrust/TeleTrusTNamedCurves.cs b/crypto/src/asn1/teletrust/TeleTrusTNamedCurves.cs
index ba3eda620..9a82db319 100644
--- a/crypto/src/asn1/teletrust/TeleTrusTNamedCurves.cs
+++ b/crypto/src/asn1/teletrust/TeleTrusTNamedCurves.cs
@@ -387,7 +387,7 @@ namespace Org.BouncyCastle.Asn1.TeleTrust
             DerObjectIdentifier		oid,
             X9ECParametersHolder	holder)
         {
-            objIds.Add(Platform.ToLowerInvariant(name), oid);
+            objIds.Add(Platform.ToUpperInvariant(name), oid);
             names.Add(oid, name);
             curves.Add(oid, holder);
         }
@@ -439,7 +439,7 @@ namespace Org.BouncyCastle.Asn1.TeleTrust
         public static DerObjectIdentifier GetOid(
             string name)
         {
-            return (DerObjectIdentifier)objIds[Platform.ToLowerInvariant(name)];
+            return (DerObjectIdentifier)objIds[Platform.ToUpperInvariant(name)];
         }
 
         /**
diff --git a/crypto/src/asn1/x509/GeneralName.cs b/crypto/src/asn1/x509/GeneralName.cs
index 710ddc922..16096623c 100644
--- a/crypto/src/asn1/x509/GeneralName.cs
+++ b/crypto/src/asn1/x509/GeneralName.cs
@@ -4,6 +4,7 @@ using System.Globalization;
 using System.IO;
 using System.Text;
 
+using Org.BouncyCastle.Utilities;
 using NetUtils = Org.BouncyCastle.Utilities.Net;
 
 namespace Org.BouncyCastle.Asn1.X509
@@ -356,11 +357,11 @@ namespace Org.BouncyCastle.Asn1.X509
 
 		private int[] parseIPv6(string ip)
 		{
-			if (ip.StartsWith("::"))
+			if (Platform.StartsWith(ip, "::"))
 			{
 				ip = ip.Substring(1);
 			}
-			else if (ip.EndsWith("::"))
+			else if (Platform.EndsWith(ip, "::"))
 			{
 				ip = ip.Substring(0, ip.Length - 1);
 			}
diff --git a/crypto/src/asn1/x509/X509Name.cs b/crypto/src/asn1/x509/X509Name.cs
index fb404a3ec..01a7ec04a 100644
--- a/crypto/src/asn1/x509/X509Name.cs
+++ b/crypto/src/asn1/x509/X509Name.cs
@@ -399,7 +399,7 @@ namespace Org.BouncyCastle.Asn1.X509
                     if (derValue is IAsn1String && !(derValue is DerUniversalString))
                     {
                         string v = ((IAsn1String)derValue).GetString();
-                        if (v.StartsWith("#"))
+                        if (Platform.StartsWith(v, "#"))
                         {
                             v = "\\" + v;
                         }
@@ -499,12 +499,6 @@ namespace Org.BouncyCastle.Asn1.X509
             }
         }
 
-//		private static bool IsEncoded(
-//			string s)
-//		{
-//			return s.StartsWith("#");
-//		}
-
         /**
         * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
         * some such, converting it into an ordered set of name attributes.
@@ -581,7 +575,7 @@ namespace Org.BouncyCastle.Asn1.X509
             string		name,
             IDictionary lookUp)
         {
-            if (Platform.ToUpperInvariant(name).StartsWith("OID."))
+            if (Platform.StartsWith(Platform.ToUpperInvariant(name), "OID."))
             {
                 return new DerObjectIdentifier(name.Substring(4));
             }
@@ -724,7 +718,7 @@ namespace Org.BouncyCastle.Asn1.X509
                 {
                     string val = (string)values[i];
 
-                    if (val.StartsWith("\\#"))
+                    if (Platform.StartsWith(val, "\\#"))
                     {
                         val = val.Substring(1);
                     }
@@ -911,7 +905,7 @@ namespace Org.BouncyCastle.Asn1.X509
         {
             string v = Platform.ToLowerInvariant(s).Trim();
 
-            if (v.StartsWith("#"))
+            if (Platform.StartsWith(v, "#"))
             {
                 Asn1Object obj = decodeObject(v);
 
@@ -987,7 +981,7 @@ namespace Org.BouncyCastle.Asn1.X509
 
             int end = buf.Length;
 
-            if (val.StartsWith("\\#"))
+            if (Platform.StartsWith(val, "\\#"))
             {
                 index += 2;
             }
diff --git a/crypto/src/asn1/x9/X962NamedCurves.cs b/crypto/src/asn1/x9/X962NamedCurves.cs
index 6fa4e7c4b..14f7f818a 100644
--- a/crypto/src/asn1/x9/X962NamedCurves.cs
+++ b/crypto/src/asn1/x9/X962NamedCurves.cs
@@ -666,7 +666,7 @@ namespace Org.BouncyCastle.Asn1.X9
             DerObjectIdentifier		oid,
             X9ECParametersHolder	holder)
         {
-            objIds.Add(Platform.ToLowerInvariant(name), oid);
+            objIds.Add(Platform.ToUpperInvariant(name), oid);
             names.Add(oid, name);
             curves.Add(oid, holder);
         }
@@ -727,7 +727,7 @@ namespace Org.BouncyCastle.Asn1.X9
         public static DerObjectIdentifier GetOid(
             string name)
         {
-            return (DerObjectIdentifier)objIds[Platform.ToLowerInvariant(name)];
+            return (DerObjectIdentifier)objIds[Platform.ToUpperInvariant(name)];
         }
 
         /**
diff --git a/crypto/src/cms/KEKRecipientInfoGenerator.cs b/crypto/src/cms/KEKRecipientInfoGenerator.cs
index c66f27547..6f34fec43 100644
--- a/crypto/src/cms/KEKRecipientInfoGenerator.cs
+++ b/crypto/src/cms/KEKRecipientInfoGenerator.cs
@@ -10,6 +10,7 @@ using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Cms
 {
@@ -63,19 +64,19 @@ namespace Org.BouncyCastle.Cms
 		private static AlgorithmIdentifier DetermineKeyEncAlg(
 			string algorithm, KeyParameter key)
 		{
-			if (algorithm.StartsWith("DES"))
+			if (Platform.StartsWith(algorithm, "DES"))
 			{
 				return new AlgorithmIdentifier(
 					PkcsObjectIdentifiers.IdAlgCms3DesWrap,
 					DerNull.Instance);
 			}
-			else if (algorithm.StartsWith("RC2"))
+            else if (Platform.StartsWith(algorithm, "RC2"))
 			{
 				return new AlgorithmIdentifier(
 					PkcsObjectIdentifiers.IdAlgCmsRC2Wrap,
 					new DerInteger(58));
 			}
-			else if (algorithm.StartsWith("AES"))
+			else if (Platform.StartsWith(algorithm, "AES"))
 			{
 				int length = key.GetKey().Length * 8;
 				DerObjectIdentifier wrapOid;
@@ -99,12 +100,12 @@ namespace Org.BouncyCastle.Cms
 
 				return new AlgorithmIdentifier(wrapOid);  // parameters absent
 			}
-			else if (algorithm.StartsWith("SEED"))
+			else if (Platform.StartsWith(algorithm, "SEED"))
 			{
 				// parameters absent
 				return new AlgorithmIdentifier(KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap);
 			}
-			else if (algorithm.StartsWith("CAMELLIA"))
+			else if (Platform.StartsWith(algorithm, "CAMELLIA"))
 			{
 				int length = key.GetKey().Length * 8;
 				DerObjectIdentifier wrapOid;
diff --git a/crypto/src/cms/PasswordRecipientInfoGenerator.cs b/crypto/src/cms/PasswordRecipientInfoGenerator.cs
index 0a0b27b53..9916edfc4 100644
--- a/crypto/src/cms/PasswordRecipientInfoGenerator.cs
+++ b/crypto/src/cms/PasswordRecipientInfoGenerator.cs
@@ -7,6 +7,7 @@ using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Cms
 {
@@ -46,7 +47,7 @@ namespace Org.BouncyCastle.Cms
 			IWrapper keyWrapper = Helper.CreateWrapper(rfc3211WrapperName);
 
 			// Note: In Java build, the IV is automatically generated in JCE layer
-			int ivLength = rfc3211WrapperName.StartsWith("DESEDE") ? 8 : 16;
+			int ivLength = Platform.StartsWith(rfc3211WrapperName, "DESEDE") ? 8 : 16;
 			byte[] iv = new byte[ivLength];
 			random.NextBytes(iv);
 
diff --git a/crypto/src/crypto/ec/CustomNamedCurves.cs b/crypto/src/crypto/ec/CustomNamedCurves.cs
index 51bb1829a..8a0c50a47 100644
--- a/crypto/src/crypto/ec/CustomNamedCurves.cs
+++ b/crypto/src/crypto/ec/CustomNamedCurves.cs
@@ -756,7 +756,7 @@ namespace Org.BouncyCastle.Crypto.EC
         private static void DefineCurve(string name, X9ECParametersHolder holder)
         {
             names.Add(name);
-            name = Platform.ToLowerInvariant(name);
+            name = Platform.ToUpperInvariant(name);
             nameToCurve.Add(name, holder);
         }
 
@@ -765,7 +765,7 @@ namespace Org.BouncyCastle.Crypto.EC
             names.Add(name);
             oidToName.Add(oid, name);
             oidToCurve.Add(oid, holder);
-            name = Platform.ToLowerInvariant(name);
+            name = Platform.ToUpperInvariant(name);
             nameToOid.Add(name, oid);
             nameToCurve.Add(name, holder);
         }
@@ -776,7 +776,7 @@ namespace Org.BouncyCastle.Crypto.EC
             if (curve == null)
                 throw new InvalidOperationException();
 
-            name = Platform.ToLowerInvariant(name);
+            name = Platform.ToUpperInvariant(name);
             nameToOid.Add(name, oid);
             nameToCurve.Add(name, curve);
         }
@@ -841,7 +841,7 @@ namespace Org.BouncyCastle.Crypto.EC
 
         public static X9ECParameters GetByName(string name)
         {
-            X9ECParametersHolder holder = (X9ECParametersHolder)nameToCurve[Platform.ToLowerInvariant(name)];
+            X9ECParametersHolder holder = (X9ECParametersHolder)nameToCurve[Platform.ToUpperInvariant(name)];
             return holder == null ? null : holder.Parameters;
         }
 
@@ -865,7 +865,7 @@ namespace Org.BouncyCastle.Crypto.EC
          */
         public static DerObjectIdentifier GetOid(string name)
         {
-            return (DerObjectIdentifier)nameToOid[Platform.ToLowerInvariant(name)];
+            return (DerObjectIdentifier)nameToOid[Platform.ToUpperInvariant(name)];
         }
 
         /**
diff --git a/crypto/src/openpgp/PgpPublicKeyRingBundle.cs b/crypto/src/openpgp/PgpPublicKeyRingBundle.cs
index 519a2f884..e73848439 100644
--- a/crypto/src/openpgp/PgpPublicKeyRingBundle.cs
+++ b/crypto/src/openpgp/PgpPublicKeyRingBundle.cs
@@ -113,7 +113,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp
 
 			if (ignoreCase)
 			{
-                userId = Platform.ToLowerInvariant(userId);
+                userId = Platform.ToUpperInvariant(userId);
 			}
 
 			foreach (PgpPublicKeyRing pubRing in GetKeyRings())
@@ -123,12 +123,12 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp
 					string next = nextUserID;
 					if (ignoreCase)
 					{
-                        next = Platform.ToLowerInvariant(next);
+                        next = Platform.ToUpperInvariant(next);
                     }
 
 					if (matchPartial)
 					{
-						if (next.IndexOf(userId) > -1)
+                        if (Platform.IndexOf(next, userId) > -1)
 						{
 							rings.Add(pubRing);
 						}
diff --git a/crypto/src/openpgp/PgpSecretKey.cs b/crypto/src/openpgp/PgpSecretKey.cs
index d3811c44c..b3986073d 100644
--- a/crypto/src/openpgp/PgpSecretKey.cs
+++ b/crypto/src/openpgp/PgpSecretKey.cs
@@ -1204,7 +1204,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp
                     string curveID = SXprUtilities.ReadString(inputStream, inputStream.ReadByte());
                     curveName = SXprUtilities.ReadString(inputStream, inputStream.ReadByte());
 
-                    if (curveName.StartsWith("NIST "))
+                    if (Platform.StartsWith(curveName, "NIST "))
                     {
                         curveName = curveName.Substring("NIST ".Length);
                     }
diff --git a/crypto/src/openpgp/PgpSecretKeyRingBundle.cs b/crypto/src/openpgp/PgpSecretKeyRingBundle.cs
index 12c7c098c..b0df0ed3f 100644
--- a/crypto/src/openpgp/PgpSecretKeyRingBundle.cs
+++ b/crypto/src/openpgp/PgpSecretKeyRingBundle.cs
@@ -114,7 +114,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp
 
 			if (ignoreCase)
 			{
-                userId = Platform.ToLowerInvariant(userId);
+                userId = Platform.ToUpperInvariant(userId);
             }
 
 			foreach (PgpSecretKeyRing secRing in GetKeyRings())
@@ -124,12 +124,12 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp
 					string next = nextUserID;
 					if (ignoreCase)
 					{
-                        next = Platform.ToLowerInvariant(next);
+                        next = Platform.ToUpperInvariant(next);
                     }
 
 					if (matchPartial)
 					{
-						if (next.IndexOf(userId) > -1)
+                        if (Platform.IndexOf(next, userId) > -1)
 						{
 							rings.Add(secRing);
 						}
diff --git a/crypto/src/openssl/MiscPemGenerator.cs b/crypto/src/openssl/MiscPemGenerator.cs
index 568465fe4..443e446f7 100644
--- a/crypto/src/openssl/MiscPemGenerator.cs
+++ b/crypto/src/openssl/MiscPemGenerator.cs
@@ -197,7 +197,7 @@ namespace Org.BouncyCastle.OpenSsl
                 dekAlgName = "DES-EDE3-CBC";
             }
 
-            int ivLength = dekAlgName.StartsWith("AES-") ? 16 : 8;
+            int ivLength = Platform.StartsWith(dekAlgName, "AES-") ? 16 : 8;
 
             byte[] iv = new byte[ivLength];
             random.NextBytes(iv);
diff --git a/crypto/src/openssl/PEMReader.cs b/crypto/src/openssl/PEMReader.cs
index ec5d1b414..987f4471c 100644
--- a/crypto/src/openssl/PEMReader.cs
+++ b/crypto/src/openssl/PEMReader.cs
@@ -93,7 +93,7 @@ namespace Org.BouncyCastle.OpenSsl
 //			if (parsers.Contains(obj.Type))
 //				return ((PemObjectParser)parsers[obj.Type]).ParseObject(obj);
 
-            if (obj.Type.EndsWith("PRIVATE KEY"))
+            if (Platform.EndsWith(obj.Type, "PRIVATE KEY"))
                 return ReadPrivateKey(obj);
 
             switch (obj.Type)
@@ -233,7 +233,7 @@ namespace Org.BouncyCastle.OpenSsl
             //
             // extract the key
             //
-            Debug.Assert(pemObject.Type.EndsWith("PRIVATE KEY"));
+            Debug.Assert(Platform.EndsWith(pemObject.Type, "PRIVATE KEY"));
 
             string type = pemObject.Type.Substring(0, pemObject.Type.Length - "PRIVATE KEY".Length).Trim();
             byte[] keyBytes = pemObject.Content;
diff --git a/crypto/src/pkcs/Pkcs10CertificationRequest.cs b/crypto/src/pkcs/Pkcs10CertificationRequest.cs
index 0411d9190..c2504e6e5 100644
--- a/crypto/src/pkcs/Pkcs10CertificationRequest.cs
+++ b/crypto/src/pkcs/Pkcs10CertificationRequest.cs
@@ -379,7 +379,7 @@ namespace Org.BouncyCastle.Pkcs
 //					throw new SignatureException("IOException decoding parameters: " + e.Message);
 //				}
 
-				if (signature.AlgorithmName.EndsWith("MGF1"))
+				if (Platform.EndsWith(signature.AlgorithmName, "MGF1"))
 				{
 					throw Platform.CreateNotImplementedException("signature algorithm with MGF1");
 
diff --git a/crypto/src/pkcs/Pkcs12Store.cs b/crypto/src/pkcs/Pkcs12Store.cs
index b649a726e..e65788733 100644
--- a/crypto/src/pkcs/Pkcs12Store.cs
+++ b/crypto/src/pkcs/Pkcs12Store.cs
@@ -1052,13 +1052,13 @@ namespace Org.BouncyCastle.Pkcs
             public object Remove(
                 string alias)
             {
-                string lower = Platform.ToLowerInvariant(alias);
-                string k = (string) keys[lower];
+                string upper = Platform.ToUpperInvariant(alias);
+                string k = (string)keys[upper];
 
                 if (k == null)
                     return null;
 
-                keys.Remove(lower);
+                keys.Remove(upper);
 
                 object o = orig[k];
                 orig.Remove(k);
@@ -1070,8 +1070,8 @@ namespace Org.BouncyCastle.Pkcs
             {
                 get
                 {
-                    string lower = Platform.ToLowerInvariant(alias);
-                    string k = (string)keys[lower];
+                    string upper = Platform.ToUpperInvariant(alias);
+                    string k = (string)keys[upper];
 
                     if (k == null)
                         return null;
@@ -1080,13 +1080,13 @@ namespace Org.BouncyCastle.Pkcs
                 }
                 set
                 {
-                    string lower = Platform.ToLowerInvariant(alias);
-                    string k = (string)keys[lower];
+                    string upper = Platform.ToUpperInvariant(alias);
+                    string k = (string)keys[upper];
                     if (k != null)
                     {
                         orig.Remove(k);
                     }
-                    keys[lower] = alias;
+                    keys[upper] = alias;
                     orig[alias] = value;
                 }
             }
diff --git a/crypto/src/pkix/PkixCertPath.cs b/crypto/src/pkix/PkixCertPath.cs
index d03709167..3c428f6fb 100644
--- a/crypto/src/pkix/PkixCertPath.cs
+++ b/crypto/src/pkix/PkixCertPath.cs
@@ -357,7 +357,7 @@ namespace Org.BouncyCastle.Pkix
 		public virtual byte[] GetEncoded(
 			string encoding)
 		{
-			if (Platform.CompareIgnoreCase(encoding, "PkiPath") == 0)
+			if (Platform.EqualsIgnoreCase(encoding, "PkiPath"))
 			{
 				Asn1EncodableVector v = new Asn1EncodableVector();
 
@@ -368,7 +368,7 @@ namespace Org.BouncyCastle.Pkix
 
 				return ToDerEncoded(new DerSequence(v));
 			}
-            else if (Platform.CompareIgnoreCase(encoding, "PKCS7") == 0)
+            else if (Platform.EqualsIgnoreCase(encoding, "PKCS7"))
 			{
 				Asn1.Pkcs.ContentInfo encInfo = new Asn1.Pkcs.ContentInfo(
 					PkcsObjectIdentifiers.Data, null);
@@ -389,7 +389,7 @@ namespace Org.BouncyCastle.Pkix
 
 				return ToDerEncoded(new Asn1.Pkcs.ContentInfo(PkcsObjectIdentifiers.SignedData, sd));
 			}
-            else if (Platform.CompareIgnoreCase(encoding, "PEM") == 0)
+            else if (Platform.EqualsIgnoreCase(encoding, "PEM"))
 			{
 				MemoryStream bOut = new MemoryStream();
 				PemWriter pWrt = new PemWriter(new StreamWriter(bOut));
diff --git a/crypto/src/pkix/PkixCertPathValidatorUtilities.cs b/crypto/src/pkix/PkixCertPathValidatorUtilities.cs
index acea77856..a2704a746 100644
--- a/crypto/src/pkix/PkixCertPathValidatorUtilities.cs
+++ b/crypto/src/pkix/PkixCertPathValidatorUtilities.cs
@@ -230,7 +230,7 @@ namespace Org.BouncyCastle.Pkix
 			{
 				try
 				{
-					if (location.StartsWith("ldap://"))
+					if (Platform.StartsWith(location, "ldap://"))
 					{
 						// ldap://directory.d-trust.net/CN=D-TRUST
 						// Qualified CA 2003 1:PN,O=D-Trust GmbH,C=DE
diff --git a/crypto/src/pkix/PkixNameConstraintValidator.cs b/crypto/src/pkix/PkixNameConstraintValidator.cs
index cf944beae..f4ae73925 100644
--- a/crypto/src/pkix/PkixNameConstraintValidator.cs
+++ b/crypto/src/pkix/PkixNameConstraintValidator.cs
@@ -662,7 +662,7 @@ namespace Org.BouncyCastle.Pkix
         private bool WithinDomain(String testDomain, String domain)
         {
             String tempDomain = domain;
-            if (tempDomain.StartsWith("."))
+            if (Platform.StartsWith(tempDomain, "."))
             {
                 tempDomain = tempDomain.Substring(1);
             }
@@ -685,7 +685,7 @@ namespace Org.BouncyCastle.Pkix
                         return false;
                     }
                 }
-                else if (!(Platform.CompareIgnoreCase(testDomainParts[i + d], domainParts[i]) == 0))
+                else if (!Platform.EqualsIgnoreCase(testDomainParts[i + d], domainParts[i]))
                 {
                     return false;
                 }
@@ -737,7 +737,7 @@ namespace Org.BouncyCastle.Pkix
                 String str = ((String)it.Current);
 
                 // is sub domain or the same
-				if (WithinDomain(dns, str) || (Platform.CompareIgnoreCase(dns, str) == 0))
+				if (WithinDomain(dns, str) || Platform.EqualsIgnoreCase(dns, str))
                 {
                     throw new PkixNameConstraintValidatorException(
                         "DNS is from an excluded subtree.");
@@ -763,7 +763,7 @@ namespace Org.BouncyCastle.Pkix
                 // both are a particular mailbox
                 if (email2.IndexOf('@') != -1)
                 {
-                    if (Platform.CompareIgnoreCase(email1, email2) == 0)
+                    if (Platform.EqualsIgnoreCase(email1, email2))
                     {
                         union.Add(email1);
                     }
@@ -774,7 +774,7 @@ namespace Org.BouncyCastle.Pkix
                     }
                 }
                 // email2 specifies a domain
-                else if (email2.StartsWith("."))
+                else if (Platform.StartsWith(email2, "."))
                 {
                     if (WithinDomain(_sub, email2))
                     {
@@ -789,7 +789,7 @@ namespace Org.BouncyCastle.Pkix
                 // email2 specifies a particular host
                 else
                 {
-                    if (Platform.CompareIgnoreCase(_sub, email2) == 0)
+                    if (Platform.EqualsIgnoreCase(_sub, email2))
                     {
                         union.Add(email2);
                     }
@@ -801,7 +801,7 @@ namespace Org.BouncyCastle.Pkix
                 }
             }
             // email1 specifies a domain
-            else if (email1.StartsWith("."))
+            else if (Platform.StartsWith(email1, "."))
             {
                 if (email2.IndexOf('@') != -1)
                 {
@@ -817,9 +817,9 @@ namespace Org.BouncyCastle.Pkix
                     }
                 }
                 // email2 specifies a domain
-                else if (email2.StartsWith("."))
+                else if (Platform.StartsWith(email2, "."))
                 {
-                    if (WithinDomain(email1, email2) || Platform.CompareIgnoreCase(email1, email2) == 0)
+                    if (WithinDomain(email1, email2) || Platform.EqualsIgnoreCase(email1, email2))
                     {
                         union.Add(email2);
                     }
@@ -852,7 +852,7 @@ namespace Org.BouncyCastle.Pkix
                 if (email2.IndexOf('@') != -1)
                 {
                     String _sub = email2.Substring(email1.IndexOf('@') + 1);
-                    if (Platform.CompareIgnoreCase(_sub, email1) == 0)
+                    if (Platform.EqualsIgnoreCase(_sub, email1))
                     {
                         union.Add(email1);
                     }
@@ -863,7 +863,7 @@ namespace Org.BouncyCastle.Pkix
                     }
                 }
                 // email2 specifies a domain
-                else if (email2.StartsWith("."))
+                else if (Platform.StartsWith(email2, "."))
                 {
                     if (WithinDomain(email1, email2))
                     {
@@ -878,7 +878,7 @@ namespace Org.BouncyCastle.Pkix
                 // email2 specifies a particular host
                 else
                 {
-                    if (Platform.CompareIgnoreCase(email1, email2) == 0)
+                    if (Platform.EqualsIgnoreCase(email1, email2))
                     {
                         union.Add(email1);
                     }
@@ -900,7 +900,7 @@ namespace Org.BouncyCastle.Pkix
                 // both are a particular mailbox
                 if (email2.IndexOf('@') != -1)
                 {
-                    if (Platform.CompareIgnoreCase(email1, email2) == 0)
+                    if (Platform.EqualsIgnoreCase(email1, email2))
                     {
                         union.Add(email1);
                     }
@@ -911,7 +911,7 @@ namespace Org.BouncyCastle.Pkix
                     }
                 }
                 // email2 specifies a domain
-                else if (email2.StartsWith("."))
+                else if (Platform.StartsWith(email2, "."))
                 {
                     if (WithinDomain(_sub, email2))
                     {
@@ -926,7 +926,7 @@ namespace Org.BouncyCastle.Pkix
                 // email2 specifies a particular host
                 else
                 {
-                    if (Platform.CompareIgnoreCase(_sub, email2) == 0)
+                    if (Platform.EqualsIgnoreCase(_sub, email2))
                     {
                         union.Add(email2);
                     }
@@ -939,7 +939,7 @@ namespace Org.BouncyCastle.Pkix
                 }
             }
             // email1 specifies a domain
-            else if (email1.StartsWith("."))
+            else if (Platform.StartsWith(email1, "."))
             {
                 if (email2.IndexOf('@') != -1)
                 {
@@ -955,9 +955,9 @@ namespace Org.BouncyCastle.Pkix
                     }
                 }
                 // email2 specifies a domain
-                else if (email2.StartsWith("."))
+                else if (Platform.StartsWith(email2, "."))
                 {
-                    if (WithinDomain(email1, email2) || Platform.CompareIgnoreCase(email1, email2) == 0)
+                    if (WithinDomain(email1, email2) || Platform.EqualsIgnoreCase(email1, email2))
                     {
                         union.Add(email2);
                     }
@@ -990,7 +990,7 @@ namespace Org.BouncyCastle.Pkix
                 if (email2.IndexOf('@') != -1)
                 {
                     String _sub = email2.Substring(email1.IndexOf('@') + 1);
-                    if (Platform.CompareIgnoreCase(_sub, email1) == 0)
+                    if (Platform.EqualsIgnoreCase(_sub, email1))
                     {
                         union.Add(email1);
                     }
@@ -1001,7 +1001,7 @@ namespace Org.BouncyCastle.Pkix
                     }
                 }
                 // email2 specifies a domain
-                else if (email2.StartsWith("."))
+                else if (Platform.StartsWith(email2, "."))
                 {
                     if (WithinDomain(email1, email2))
                     {
@@ -1016,7 +1016,7 @@ namespace Org.BouncyCastle.Pkix
                 // email2 specifies a particular host
                 else
                 {
-                    if (Platform.CompareIgnoreCase(email1, email2) == 0)
+                    if (Platform.EqualsIgnoreCase(email1, email2))
                     {
                         union.Add(email1);
                     }
@@ -1122,13 +1122,13 @@ namespace Org.BouncyCastle.Pkix
                 // both are a particular mailbox
                 if (email2.IndexOf('@') != -1)
                 {
-                    if (Platform.CompareIgnoreCase(email1, email2) == 0)
+                    if (Platform.EqualsIgnoreCase(email1, email2))
                     {
                         intersect.Add(email1);
                     }
                 }
                 // email2 specifies a domain
-                else if (email2.StartsWith("."))
+                else if (Platform.StartsWith(email2, "."))
                 {
                     if (WithinDomain(_sub, email2))
                     {
@@ -1138,14 +1138,14 @@ namespace Org.BouncyCastle.Pkix
                 // email2 specifies a particular host
                 else
                 {
-                    if (Platform.CompareIgnoreCase(_sub, email2) == 0)
+                    if (Platform.EqualsIgnoreCase(_sub, email2))
                     {
                         intersect.Add(email1);
                     }
                 }
             }
             // email specifies a domain
-            else if (email1.StartsWith("."))
+            else if (Platform.StartsWith(email1, "."))
             {
                 if (email2.IndexOf('@') != -1)
                 {
@@ -1156,9 +1156,9 @@ namespace Org.BouncyCastle.Pkix
                     }
                 }
                 // email2 specifies a domain
-                else if (email2.StartsWith("."))
+                else if (Platform.StartsWith(email2, "."))
                 {
-                    if (WithinDomain(email1, email2) || (Platform.CompareIgnoreCase(email1, email2) == 0))
+                    if (WithinDomain(email1, email2) || Platform.EqualsIgnoreCase(email1, email2))
                     {
                         intersect.Add(email1);
                     }
@@ -1181,13 +1181,13 @@ namespace Org.BouncyCastle.Pkix
                 if (email2.IndexOf('@') != -1)
                 {
                     String _sub = email2.Substring(email2.IndexOf('@') + 1);
-                    if (Platform.CompareIgnoreCase(_sub, email1) == 0)
+                    if (Platform.EqualsIgnoreCase(_sub, email1))
                     {
                         intersect.Add(email2);
                     }
                 }
                 // email2 specifies a domain
-                else if (email2.StartsWith("."))
+                else if (Platform.StartsWith(email2, "."))
                 {
                     if (WithinDomain(email1, email2))
                     {
@@ -1197,7 +1197,7 @@ namespace Org.BouncyCastle.Pkix
                 // email2 specifies a particular host
                 else
                 {
-                    if (Platform.CompareIgnoreCase(email1, email2) == 0)
+                    if (Platform.EqualsIgnoreCase(email1, email2))
                     {
                         intersect.Add(email1);
                     }
@@ -1291,13 +1291,13 @@ namespace Org.BouncyCastle.Pkix
                 // both are a particular mailbox
                 if (email2.IndexOf('@') != -1)
                 {
-                    if (Platform.CompareIgnoreCase(email1, email2) == 0)
+                    if (Platform.EqualsIgnoreCase(email1, email2))
                     {
                         intersect.Add(email1);
                     }
                 }
                 // email2 specifies a domain
-                else if (email2.StartsWith("."))
+                else if (Platform.StartsWith(email2, "."))
                 {
                     if (WithinDomain(_sub, email2))
                     {
@@ -1307,14 +1307,14 @@ namespace Org.BouncyCastle.Pkix
                 // email2 specifies a particular host
                 else
                 {
-                    if (Platform.CompareIgnoreCase(_sub, email2) == 0)
+                    if (Platform.EqualsIgnoreCase(_sub, email2))
                     {
                         intersect.Add(email1);
                     }
                 }
             }
             // email specifies a domain
-            else if (email1.StartsWith("."))
+            else if (Platform.StartsWith(email1, "."))
             {
                 if (email2.IndexOf('@') != -1)
                 {
@@ -1325,9 +1325,9 @@ namespace Org.BouncyCastle.Pkix
                     }
                 }
                 // email2 specifies a domain
-                else if (email2.StartsWith("."))
+                else if (Platform.StartsWith(email2, "."))
                 {
-                    if (WithinDomain(email1, email2) || (Platform.CompareIgnoreCase(email1, email2) == 0))
+                    if (WithinDomain(email1, email2) || Platform.EqualsIgnoreCase(email1, email2))
                     {
                         intersect.Add(email1);
                     }
@@ -1350,13 +1350,13 @@ namespace Org.BouncyCastle.Pkix
                 if (email2.IndexOf('@') != -1)
                 {
                     String _sub = email2.Substring(email2.IndexOf('@') + 1);
-                    if (Platform.CompareIgnoreCase(_sub, email1) == 0)
+                    if (Platform.EqualsIgnoreCase(_sub, email1))
                     {
                         intersect.Add(email2);
                     }
                 }
                 // email2 specifies a domain
-                else if (email2.StartsWith("."))
+                else if (Platform.StartsWith(email2, "."))
                 {
                     if (WithinDomain(email1, email2))
                     {
@@ -1366,7 +1366,7 @@ namespace Org.BouncyCastle.Pkix
                 // email2 specifies a particular host
                 else
                 {
-                    if (Platform.CompareIgnoreCase(email1, email2) == 0)
+                    if (Platform.EqualsIgnoreCase(email1, email2))
                     {
                         intersect.Add(email1);
                     }
@@ -1405,9 +1405,9 @@ namespace Org.BouncyCastle.Pkix
         {
             String host = ExtractHostFromURL(uri);
             // a host
-            if (!constraint.StartsWith("."))
+            if (!Platform.StartsWith(constraint, "."))
             {
-                if (Platform.CompareIgnoreCase(host, constraint) == 0)
+                if (Platform.EqualsIgnoreCase(host, constraint))
                 {
                     return true;
                 }
@@ -1428,9 +1428,10 @@ namespace Org.BouncyCastle.Pkix
             // remove ':' after protocol, e.g. http:
             String sub = url.Substring(url.IndexOf(':') + 1);
             // extract host from Common Internet Scheme Syntax, e.g. http://
-            if (sub.IndexOf("//") != -1)
+            int idxOfSlashes = Platform.IndexOf(sub, "//");
+            if (idxOfSlashes != -1)
             {
-                sub = sub.Substring(sub.IndexOf("//") + 2);
+                sub = sub.Substring(idxOfSlashes + 2);
             }
             // first remove port, e.g. http://test.com:21
             if (sub.LastIndexOf(':') != -1)
diff --git a/crypto/src/security/CipherUtilities.cs b/crypto/src/security/CipherUtilities.cs
index cdb711f69..9ad4228ac 100644
--- a/crypto/src/security/CipherUtilities.cs
+++ b/crypto/src/security/CipherUtilities.cs
@@ -278,9 +278,9 @@ namespace Org.BouncyCastle.Security
 
 
 
-            if (algorithm.StartsWith("PBE"))
+            if (Platform.StartsWith(algorithm, "PBE"))
             {
-                if (algorithm.EndsWith("-CBC"))
+                if (Platform.EndsWith(algorithm, "-CBC"))
                 {
                     if (algorithm == "PBEWITHSHA1ANDDES-CBC")
                     {
@@ -305,7 +305,7 @@ namespace Org.BouncyCastle.Security
                             new CbcBlockCipher(new RC2Engine()));
                     }
                 }
-                else if (algorithm.EndsWith("-BC") || algorithm.EndsWith("-OPENSSL"))
+                else if (Platform.EndsWith(algorithm, "-BC") || Platform.EndsWith(algorithm, "-OPENSSL"))
                 {
                     if (Strings.IsOneOf(algorithm,
                         "PBEWITHSHAAND128BITAES-CBC-BC",
diff --git a/crypto/src/security/GeneratorUtilities.cs b/crypto/src/security/GeneratorUtilities.cs
index 45fbc9425..7562a76be 100644
--- a/crypto/src/security/GeneratorUtilities.cs
+++ b/crypto/src/security/GeneratorUtilities.cs
@@ -299,7 +299,7 @@ namespace Org.BouncyCastle.Security
                 return new DsaKeyPairGenerator();
 
             // "EC", "ECDH", "ECDHC", "ECDSA", "ECGOST3410", "ECMQV"
-            if (canonicalName.StartsWith("EC"))
+            if (Platform.StartsWith(canonicalName, "EC"))
                 return new ECKeyPairGenerator(canonicalName);
 
             if (canonicalName == "ELGAMAL")
diff --git a/crypto/src/security/MacUtilities.cs b/crypto/src/security/MacUtilities.cs
index 41cf5e9e2..fab9b1d41 100644
--- a/crypto/src/security/MacUtilities.cs
+++ b/crypto/src/security/MacUtilities.cs
@@ -114,15 +114,15 @@ namespace Org.BouncyCastle.Security
                 mechanism = upper;
             }
 
-            if (mechanism.StartsWith("PBEWITH"))
+            if (Platform.StartsWith(mechanism, "PBEWITH"))
             {
                 mechanism = mechanism.Substring("PBEWITH".Length);
             }
 
-            if (CultureInfo.InvariantCulture.CompareInfo.IsPrefix(mechanism, "HMAC", CompareOptions.Ordinal))
+            if (Platform.StartsWith(mechanism, "HMAC"))
             {
                 string digestName;
-                if (mechanism.StartsWith("HMAC-") || mechanism.StartsWith("HMAC/"))
+                if (Platform.StartsWith(mechanism, "HMAC-") || Platform.StartsWith(mechanism, "HMAC/"))
                 {
                     digestName = mechanism.Substring(5);
                 }
diff --git a/crypto/src/security/PbeUtilities.cs b/crypto/src/security/PbeUtilities.cs
index 0cb235ae6..33f31e5b4 100644
--- a/crypto/src/security/PbeUtilities.cs
+++ b/crypto/src/security/PbeUtilities.cs
@@ -444,7 +444,7 @@ namespace Org.BouncyCastle.Security
                     }
                 }
             }
-            else if (mechanism.StartsWith("PBEwithSHA-1"))
+            else if (Platform.StartsWith(mechanism, "PBEwithSHA-1"))
             {
                 PbeParametersGenerator generator = MakePbeGenerator(
                     (string) algorithmType[mechanism], new Sha1Digest(), keyBytes, salt, iterationCount);
@@ -494,7 +494,7 @@ namespace Org.BouncyCastle.Security
                     parameters = generator.GenerateDerivedParameters("RC2", 64, 64);
                 }
             }
-            else if (mechanism.StartsWith("PBEwithSHA-256"))
+            else if (Platform.StartsWith(mechanism, "PBEwithSHA-256"))
             {
                 PbeParametersGenerator generator = MakePbeGenerator(
                     (string) algorithmType[mechanism], new Sha256Digest(), keyBytes, salt, iterationCount);
@@ -512,7 +512,7 @@ namespace Org.BouncyCastle.Security
                     parameters = generator.GenerateDerivedParameters("AES", 256, 128);
                 }
             }
-            else if (mechanism.StartsWith("PBEwithMD5"))
+            else if (Platform.StartsWith(mechanism, "PBEwithMD5"))
             {
                 PbeParametersGenerator generator = MakePbeGenerator(
                     (string)algorithmType[mechanism], new MD5Digest(), keyBytes, salt, iterationCount);
@@ -538,7 +538,7 @@ namespace Org.BouncyCastle.Security
                     parameters = generator.GenerateDerivedParameters("AES", 256, 128);
                 }
             }
-            else if (mechanism.StartsWith("PBEwithMD2"))
+            else if (Platform.StartsWith(mechanism, "PBEwithMD2"))
             {
                 PbeParametersGenerator generator = MakePbeGenerator(
                     (string)algorithmType[mechanism], new MD2Digest(), keyBytes, salt, iterationCount);
@@ -551,7 +551,7 @@ namespace Org.BouncyCastle.Security
                     parameters = generator.GenerateDerivedParameters("RC2", 64, 64);
                 }
             }
-            else if (mechanism.StartsWith("PBEwithHmac"))
+            else if (Platform.StartsWith(mechanism, "PBEwithHmac"))
             {
                 string digestName = mechanism.Substring("PBEwithHmac".Length);
                 IDigest digest = DigestUtilities.GetDigest(digestName);
@@ -594,39 +594,39 @@ namespace Org.BouncyCastle.Security
         {
             string mechanism = (string)algorithms[Platform.ToUpperInvariant(algorithm)];
 
-            if (mechanism.StartsWith("PBEwithHmac"))
+            if (Platform.StartsWith(mechanism, "PBEwithHmac"))
             {
                 string digestName = mechanism.Substring("PBEwithHmac".Length);
 
                 return MacUtilities.GetMac("HMAC/" + digestName);
             }
 
-            if (mechanism.StartsWith("PBEwithMD2")
-                ||	mechanism.StartsWith("PBEwithMD5")
-                ||	mechanism.StartsWith("PBEwithSHA-1")
-                ||	mechanism.StartsWith("PBEwithSHA-256"))
+            if (Platform.StartsWith(mechanism, "PBEwithMD2")
+                ||	Platform.StartsWith(mechanism, "PBEwithMD5")
+                ||	Platform.StartsWith(mechanism, "PBEwithSHA-1")
+                ||	Platform.StartsWith(mechanism, "PBEwithSHA-256"))
             {
-                if (mechanism.EndsWith("AES-CBC-BC") || mechanism.EndsWith("AES-CBC-OPENSSL"))
+                if (Platform.EndsWith(mechanism, "AES-CBC-BC") || Platform.EndsWith(mechanism, "AES-CBC-OPENSSL"))
                 {
                     return CipherUtilities.GetCipher("AES/CBC");
                 }
 
-                if (mechanism.EndsWith("DES-CBC"))
+                if (Platform.EndsWith(mechanism, "DES-CBC"))
                 {
                     return CipherUtilities.GetCipher("DES/CBC");
                 }
 
-                if (mechanism.EndsWith("DESEDE-CBC"))
+                if (Platform.EndsWith(mechanism, "DESEDE-CBC"))
                 {
                     return CipherUtilities.GetCipher("DESEDE/CBC");
                 }
 
-                if (mechanism.EndsWith("RC2-CBC"))
+                if (Platform.EndsWith(mechanism, "RC2-CBC"))
                 {
                     return CipherUtilities.GetCipher("RC2/CBC");
                 }
 
-                if (mechanism.EndsWith("RC4"))
+                if (Platform.EndsWith(mechanism, "RC4"))
                 {
                     return CipherUtilities.GetCipher("RC4");
                 }
@@ -643,7 +643,7 @@ namespace Org.BouncyCastle.Security
 
         private static ICipherParameters FixDesParity(string mechanism, ICipherParameters parameters)
         {
-            if (!mechanism.EndsWith("DES-CBC") & !mechanism.EndsWith("DESEDE-CBC"))
+            if (!Platform.EndsWith(mechanism, "DES-CBC") && !Platform.EndsWith(mechanism, "DESEDE-CBC"))
             {
                 return parameters;
             }
diff --git a/crypto/src/security/SecureRandom.cs b/crypto/src/security/SecureRandom.cs
index 5bad57a14..4894a93e6 100644
--- a/crypto/src/security/SecureRandom.cs
+++ b/crypto/src/security/SecureRandom.cs
@@ -91,7 +91,7 @@ namespace Org.BouncyCastle.Security
         public static SecureRandom GetInstance(string algorithm, bool autoSeed)
         {
             string upper = Platform.ToUpperInvariant(algorithm);
-            if (upper.EndsWith("PRNG"))
+            if (Platform.EndsWith(upper, "PRNG"))
             {
                 string digestName = upper.Substring(0, upper.Length - "PRNG".Length);
                 DigestRandomGenerator prng = CreatePrng(digestName, autoSeed);
diff --git a/crypto/src/security/SignerUtilities.cs b/crypto/src/security/SignerUtilities.cs
index bd1515147..9a4915b46 100644
--- a/crypto/src/security/SignerUtilities.cs
+++ b/crypto/src/security/SignerUtilities.cs
@@ -312,7 +312,7 @@ namespace Org.BouncyCastle.Security
                 return GetPssX509Parameters("SHA-1");
             }
 
-            if (mechanism.EndsWith("withRSAandMGF1"))
+            if (Platform.EndsWith(mechanism, "withRSAandMGF1"))
             {
                 string digestName = mechanism.Substring(0, mechanism.Length - "withRSAandMGF1".Length);
                 return GetPssX509Parameters(digestName);
@@ -534,10 +534,10 @@ namespace Org.BouncyCastle.Security
                 return new Iso9796d2Signer(new RsaBlindedEngine(), new RipeMD160Digest(), true);
             }
 
-            if (mechanism.EndsWith("/X9.31"))
+            if (Platform.EndsWith(mechanism, "/X9.31"))
             {
                 string x931 = mechanism.Substring(0, mechanism.Length - "/X9.31".Length);
-                int withPos = x931.IndexOf("WITH");
+                int withPos = Platform.IndexOf(x931, "WITH");
                 if (withPos > 0)
                 {
                     int endPos = withPos + "WITH".Length;
diff --git a/crypto/src/util/Platform.cs b/crypto/src/util/Platform.cs
index d4b18f182..361fe7536 100644
--- a/crypto/src/util/Platform.cs
+++ b/crypto/src/util/Platform.cs
@@ -13,6 +13,8 @@ namespace Org.BouncyCastle.Utilities
 {
     internal abstract class Platform
     {
+        private static readonly CompareInfo InvariantCompareInfo = CultureInfo.InvariantCulture.CompareInfo;
+
 #if NETCF_1_0 || NETCF_2_0
         private static string GetNewLine()
         {
@@ -30,16 +32,12 @@ namespace Org.BouncyCastle.Utilities
         }
 #endif
 
-        internal static int CompareIgnoreCase(string a, string b)
+        internal static bool EqualsIgnoreCase(string a, string b)
         {
-#if SILVERLIGHT
-            return String.Compare(a, b, StringComparison.InvariantCultureIgnoreCase);
-#elif SYS_RUNTIME
-            return String.Compare(a, b, StringComparison.OrdinalIgnoreCase);
-#elif PORTABLE
-            return String.Compare(a, b, CultureInfo.InvariantCulture, CompareOptions.IgnoreCase);
+#if PORTABLE
+            return String.Equals(a, b, StringComparison.OrdinalIgnoreCase);
 #else
-            return String.Compare(a, b, true);
+            return ToUpperInvariant(a) == ToUpperInvariant(b);
 #endif
         }
 
@@ -202,5 +200,25 @@ namespace Org.BouncyCastle.Utilities
             t.Close();
         }
 #endif
+
+        internal static int IndexOf(string source, string value)
+        {
+            return InvariantCompareInfo.IndexOf(source, value, CompareOptions.Ordinal);
+        }
+
+        internal static int LastIndexOf(string source, string value)
+        {
+            return InvariantCompareInfo.LastIndexOf(source, value, CompareOptions.Ordinal);
+        }
+
+        internal static bool StartsWith(string source, string prefix)
+        {
+            return InvariantCompareInfo.IsPrefix(source, prefix, CompareOptions.Ordinal);
+        }
+
+        internal static bool EndsWith(string source, string suffix)
+        {
+            return InvariantCompareInfo.IsSuffix(source, suffix, CompareOptions.Ordinal);
+        }
     }
 }
diff --git a/crypto/src/util/io/pem/PemReader.cs b/crypto/src/util/io/pem/PemReader.cs
index b3284705d..bf712b6de 100644
--- a/crypto/src/util/io/pem/PemReader.cs
+++ b/crypto/src/util/io/pem/PemReader.cs
@@ -35,7 +35,7 @@ namespace Org.BouncyCastle.Utilities.IO.Pem
 		{
 			string line = reader.ReadLine();
 
-			if (line != null && line.StartsWith(BeginString))
+            if (line != null && Platform.StartsWith(line, BeginString))
 			{
 				line = line.Substring(BeginString.Length);
 				int index = line.IndexOf('-');
@@ -56,7 +56,7 @@ namespace Org.BouncyCastle.Utilities.IO.Pem
 
 			string line;
 			while ((line = reader.ReadLine()) != null
-				&& line.IndexOf(endMarker) == -1)
+                && Platform.IndexOf(line, endMarker) == -1)
 			{
 				int colonPos = line.IndexOf(':');
 
@@ -69,8 +69,10 @@ namespace Org.BouncyCastle.Utilities.IO.Pem
 					// Process field
 					string fieldName = line.Substring(0, colonPos).Trim();
 
-					if (fieldName.StartsWith("X-"))
-						fieldName = fieldName.Substring(2);
+                    if (Platform.StartsWith(fieldName, "X-"))
+                    {
+                        fieldName = fieldName.Substring(2);
+                    }
 
 					string fieldValue = line.Substring(colonPos + 1).Trim();
 
diff --git a/crypto/src/util/net/IPAddress.cs b/crypto/src/util/net/IPAddress.cs
index 2a30a15f0..38c124590 100644
--- a/crypto/src/util/net/IPAddress.cs
+++ b/crypto/src/util/net/IPAddress.cs
@@ -85,7 +85,7 @@ namespace Org.BouncyCastle.Utilities.Net
 		public static bool IsValidIPv4WithNetmask(
 			string address)
 		{
-			int index = address.IndexOf("/");
+			int index = address.IndexOf('/');
 			string mask = address.Substring(index + 1);
 
 			return (index > 0) && IsValidIPv4(address.Substring(0, index))
@@ -95,7 +95,7 @@ namespace Org.BouncyCastle.Utilities.Net
 		public static bool IsValidIPv6WithNetmask(
 			string address)
 		{
-			int index = address.IndexOf("/");
+			int index = address.IndexOf('/');
 			string mask = address.Substring(index + 1);
 
 			return (index > 0) && (IsValidIPv6(address.Substring(0, index))
diff --git a/crypto/src/x509/PEMParser.cs b/crypto/src/x509/PEMParser.cs
index 8c117f323..28f28ee0a 100644
--- a/crypto/src/x509/PEMParser.cs
+++ b/crypto/src/x509/PEMParser.cs
@@ -3,6 +3,7 @@ using System.IO;
 using System.Text;
 
 using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.Utilities.Encoders;
 
 namespace Org.BouncyCastle.X509
@@ -59,7 +60,7 @@ namespace Org.BouncyCastle.X509
 
 			while ((line = ReadLine(inStream)) != null)
 			{
-				if (line.StartsWith(_header1) || line.StartsWith(_header2))
+                if (Platform.StartsWith(line, _header1) || Platform.StartsWith(line, _header2))
 				{
 					break;
 				}
@@ -67,7 +68,7 @@ namespace Org.BouncyCastle.X509
 
 			while ((line = ReadLine(inStream)) != null)
 			{
-				if (line.StartsWith(_footer1) || line.StartsWith(_footer2))
+                if (Platform.StartsWith(line, _footer1) || Platform.StartsWith(line, _footer2))
 				{
 					break;
 				}
diff --git a/crypto/src/x509/X509SignatureUtil.cs b/crypto/src/x509/X509SignatureUtil.cs
index 858b8f446..83863aee1 100644
--- a/crypto/src/x509/X509SignatureUtil.cs
+++ b/crypto/src/x509/X509SignatureUtil.cs
@@ -34,7 +34,7 @@ namespace Org.BouncyCastle.X509
 //					throw new SignatureException("IOException decoding parameters: " + e.Message);
 //				}
 //
-//				if (signature.getAlgorithm().EndsWith("MGF1"))
+//				if (Platform.EndsWith(signature.getAlgorithm(), "MGF1"))
 //				{
 //					try
 //					{