diff --git a/crypto/src/pkcs/AsymmetricKeyEntry.cs b/crypto/src/pkcs/AsymmetricKeyEntry.cs
index 8158bc9fc..4d9a63ce1 100644
--- a/crypto/src/pkcs/AsymmetricKeyEntry.cs
+++ b/crypto/src/pkcs/AsymmetricKeyEntry.cs
@@ -1,8 +1,7 @@
-using System;
-using System.Collections;
+using System.Collections.Generic;
+using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Pkcs
{
@@ -11,16 +10,14 @@ namespace Org.BouncyCastle.Pkcs
{
private readonly AsymmetricKeyParameter key;
- public AsymmetricKeyEntry(
- AsymmetricKeyParameter key)
- : base(Platform.CreateHashtable())
+ public AsymmetricKeyEntry(AsymmetricKeyParameter key)
+ : base(new Dictionary<DerObjectIdentifier, Asn1Encodable>())
{
this.key = key;
}
- public AsymmetricKeyEntry(
- AsymmetricKeyParameter key,
- IDictionary attributes)
+ public AsymmetricKeyEntry(AsymmetricKeyParameter key,
+ IDictionary<DerObjectIdentifier, Asn1Encodable> attributes)
: base(attributes)
{
this.key = key;
diff --git a/crypto/src/pkcs/Pkcs10CertificationRequest.cs b/crypto/src/pkcs/Pkcs10CertificationRequest.cs
index be956c6cd..b4afceed9 100644
--- a/crypto/src/pkcs/Pkcs10CertificationRequest.cs
+++ b/crypto/src/pkcs/Pkcs10CertificationRequest.cs
@@ -1,5 +1,4 @@
using System;
-using System.Collections;
using System.Collections.Generic;
using System.IO;
@@ -47,147 +46,151 @@ namespace Org.BouncyCastle.Pkcs
public class Pkcs10CertificationRequest
: CertificationRequest
{
- protected static readonly IDictionary algorithms = Platform.CreateHashtable();
- protected static readonly IDictionary exParams = Platform.CreateHashtable();
- protected static readonly IDictionary keyAlgorithms = Platform.CreateHashtable();
- protected static readonly IDictionary oids = Platform.CreateHashtable();
- protected static readonly HashSet<DerObjectIdentifier> noParams = new HashSet<DerObjectIdentifier>();
+ internal static readonly Dictionary<string, DerObjectIdentifier> m_algorithms =
+ new Dictionary<string, DerObjectIdentifier>(StringComparer.OrdinalIgnoreCase);
+ internal static readonly Dictionary<string, Asn1Encodable> m_exParams =
+ new Dictionary<string, Asn1Encodable>(StringComparer.OrdinalIgnoreCase);
+ internal static readonly Dictionary<DerObjectIdentifier, string> m_keyAlgorithms =
+ new Dictionary<DerObjectIdentifier, string>();
+ internal static readonly Dictionary<DerObjectIdentifier, string> m_oids =
+ new Dictionary<DerObjectIdentifier, string>();
+ internal static readonly HashSet<DerObjectIdentifier> m_noParams = new HashSet<DerObjectIdentifier>();
static Pkcs10CertificationRequest()
{
- algorithms.Add("MD2WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD2WithRsaEncryption);
- algorithms.Add("MD2WITHRSA", PkcsObjectIdentifiers.MD2WithRsaEncryption);
- algorithms.Add("MD5WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD5WithRsaEncryption);
- algorithms.Add("MD5WITHRSA", PkcsObjectIdentifiers.MD5WithRsaEncryption);
- algorithms.Add("RSAWITHMD5", PkcsObjectIdentifiers.MD5WithRsaEncryption);
- algorithms.Add("SHA1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
- algorithms.Add("SHA-1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
- algorithms.Add("SHA1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
- algorithms.Add("SHA-1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
- algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
- algorithms.Add("SHA-224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
- algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
- algorithms.Add("SHA-224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
- algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
- algorithms.Add("SHA-256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
- algorithms.Add("SHA256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
- algorithms.Add("SHA-256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
- algorithms.Add("SHA384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
- algorithms.Add("SHA-384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
- algorithms.Add("SHA384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
- algorithms.Add("SHA-384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
- algorithms.Add("SHA512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
- algorithms.Add("SHA-512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
- algorithms.Add("SHA512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
- algorithms.Add("SHA-512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
- algorithms.Add("SHA512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
- algorithms.Add("SHA-512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
- algorithms.Add("SHA512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
- algorithms.Add("SHA-512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
- algorithms.Add("SHA512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
- algorithms.Add("SHA-512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
- algorithms.Add("SHA512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
- algorithms.Add("SHA-512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
- algorithms.Add("SHA1WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
- algorithms.Add("SHA224WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
- algorithms.Add("SHA256WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
- algorithms.Add("SHA384WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
- algorithms.Add("SHA512WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
- algorithms.Add("RSAWITHSHA1", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
- algorithms.Add("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
- algorithms.Add("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
- algorithms.Add("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
- algorithms.Add("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
- algorithms.Add("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
- algorithms.Add("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
- algorithms.Add("SHA1WITHDSA", X9ObjectIdentifiers.IdDsaWithSha1);
- algorithms.Add("DSAWITHSHA1", X9ObjectIdentifiers.IdDsaWithSha1);
- algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224);
- algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256);
- algorithms.Add("SHA384WITHDSA", NistObjectIdentifiers.DsaWithSha384);
- algorithms.Add("SHA512WITHDSA", NistObjectIdentifiers.DsaWithSha512);
- algorithms.Add("SHA1WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha1);
- algorithms.Add("SHA224WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha224);
- algorithms.Add("SHA256WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha256);
- algorithms.Add("SHA384WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha384);
- algorithms.Add("SHA512WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha512);
- algorithms.Add("ECDSAWITHSHA1", X9ObjectIdentifiers.ECDsaWithSha1);
- algorithms.Add("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
- algorithms.Add("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
- algorithms.Add("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
- algorithms.Add("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
- algorithms.Add("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+ m_algorithms.Add("MD2WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD2WithRsaEncryption);
+ m_algorithms.Add("MD2WITHRSA", PkcsObjectIdentifiers.MD2WithRsaEncryption);
+ m_algorithms.Add("MD5WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD5WithRsaEncryption);
+ m_algorithms.Add("MD5WITHRSA", PkcsObjectIdentifiers.MD5WithRsaEncryption);
+ m_algorithms.Add("RSAWITHMD5", PkcsObjectIdentifiers.MD5WithRsaEncryption);
+ m_algorithms.Add("SHA1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+ m_algorithms.Add("SHA-1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+ m_algorithms.Add("SHA1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+ m_algorithms.Add("SHA-1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+ m_algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+ m_algorithms.Add("SHA-224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+ m_algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+ m_algorithms.Add("SHA-224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+ m_algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+ m_algorithms.Add("SHA-256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+ m_algorithms.Add("SHA256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+ m_algorithms.Add("SHA-256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+ m_algorithms.Add("SHA384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+ m_algorithms.Add("SHA-384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+ m_algorithms.Add("SHA384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+ m_algorithms.Add("SHA-384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+ m_algorithms.Add("SHA512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+ m_algorithms.Add("SHA-512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+ m_algorithms.Add("SHA512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+ m_algorithms.Add("SHA-512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+ m_algorithms.Add("SHA512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
+ m_algorithms.Add("SHA-512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
+ m_algorithms.Add("SHA512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
+ m_algorithms.Add("SHA-512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
+ m_algorithms.Add("SHA512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
+ m_algorithms.Add("SHA-512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
+ m_algorithms.Add("SHA512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
+ m_algorithms.Add("SHA-512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
+ m_algorithms.Add("SHA1WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+ m_algorithms.Add("SHA224WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+ m_algorithms.Add("SHA256WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+ m_algorithms.Add("SHA384WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+ m_algorithms.Add("SHA512WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+ m_algorithms.Add("RSAWITHSHA1", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+ m_algorithms.Add("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
+ m_algorithms.Add("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
+ m_algorithms.Add("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
+ m_algorithms.Add("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
+ m_algorithms.Add("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
+ m_algorithms.Add("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
+ m_algorithms.Add("SHA1WITHDSA", X9ObjectIdentifiers.IdDsaWithSha1);
+ m_algorithms.Add("DSAWITHSHA1", X9ObjectIdentifiers.IdDsaWithSha1);
+ m_algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224);
+ m_algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256);
+ m_algorithms.Add("SHA384WITHDSA", NistObjectIdentifiers.DsaWithSha384);
+ m_algorithms.Add("SHA512WITHDSA", NistObjectIdentifiers.DsaWithSha512);
+ m_algorithms.Add("SHA1WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha1);
+ m_algorithms.Add("SHA224WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha224);
+ m_algorithms.Add("SHA256WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha256);
+ m_algorithms.Add("SHA384WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha384);
+ m_algorithms.Add("SHA512WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha512);
+ m_algorithms.Add("ECDSAWITHSHA1", X9ObjectIdentifiers.ECDsaWithSha1);
+ m_algorithms.Add("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+ m_algorithms.Add("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+ m_algorithms.Add("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+ m_algorithms.Add("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+ m_algorithms.Add("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
//
// reverse mappings
//
- oids.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1WITHRSA");
- oids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224WITHRSA");
- oids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256WITHRSA");
- oids.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384WITHRSA");
- oids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512WITHRSA");
- oids.Add(PkcsObjectIdentifiers.Sha512_224WithRSAEncryption, "SHA512(224)WITHRSA");
- oids.Add(PkcsObjectIdentifiers.Sha512_256WithRSAEncryption, "SHA512(256)WITHRSA");
- oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, "GOST3411WITHGOST3410");
- oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001, "GOST3411WITHECGOST3410");
-
- oids.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5WITHRSA");
- oids.Add(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2WITHRSA");
- oids.Add(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1WITHDSA");
- oids.Add(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1WITHECDSA");
- oids.Add(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224WITHECDSA");
- oids.Add(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256WITHECDSA");
- oids.Add(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384WITHECDSA");
- oids.Add(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512WITHECDSA");
- oids.Add(OiwObjectIdentifiers.MD5WithRsa, "MD5WITHRSA");
- oids.Add(OiwObjectIdentifiers.Sha1WithRsa, "SHA1WITHRSA");
- oids.Add(OiwObjectIdentifiers.DsaWithSha1, "SHA1WITHDSA");
- oids.Add(NistObjectIdentifiers.DsaWithSha224, "SHA224WITHDSA");
- oids.Add(NistObjectIdentifiers.DsaWithSha256, "SHA256WITHDSA");
+ m_oids.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1WITHRSA");
+ m_oids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224WITHRSA");
+ m_oids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256WITHRSA");
+ m_oids.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384WITHRSA");
+ m_oids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512WITHRSA");
+ m_oids.Add(PkcsObjectIdentifiers.Sha512_224WithRSAEncryption, "SHA512(224)WITHRSA");
+ m_oids.Add(PkcsObjectIdentifiers.Sha512_256WithRSAEncryption, "SHA512(256)WITHRSA");
+ m_oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, "GOST3411WITHGOST3410");
+ m_oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001, "GOST3411WITHECGOST3410");
+
+ m_oids.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5WITHRSA");
+ m_oids.Add(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2WITHRSA");
+ m_oids.Add(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1WITHDSA");
+ m_oids.Add(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1WITHECDSA");
+ m_oids.Add(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224WITHECDSA");
+ m_oids.Add(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256WITHECDSA");
+ m_oids.Add(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384WITHECDSA");
+ m_oids.Add(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512WITHECDSA");
+ m_oids.Add(OiwObjectIdentifiers.MD5WithRsa, "MD5WITHRSA");
+ m_oids.Add(OiwObjectIdentifiers.Sha1WithRsa, "SHA1WITHRSA");
+ m_oids.Add(OiwObjectIdentifiers.DsaWithSha1, "SHA1WITHDSA");
+ m_oids.Add(NistObjectIdentifiers.DsaWithSha224, "SHA224WITHDSA");
+ m_oids.Add(NistObjectIdentifiers.DsaWithSha256, "SHA256WITHDSA");
//
// key types
//
- keyAlgorithms.Add(PkcsObjectIdentifiers.RsaEncryption, "RSA");
- keyAlgorithms.Add(X9ObjectIdentifiers.IdDsa, "DSA");
+ m_keyAlgorithms.Add(PkcsObjectIdentifiers.RsaEncryption, "RSA");
+ m_keyAlgorithms.Add(X9ObjectIdentifiers.IdDsa, "DSA");
//
// According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
// The parameters field SHALL be NULL for RSA based signature algorithms.
//
- noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1);
- noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224);
- noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256);
- noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384);
- noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512);
- noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1);
- noParams.Add(OiwObjectIdentifiers.DsaWithSha1);
- noParams.Add(NistObjectIdentifiers.DsaWithSha224);
- noParams.Add(NistObjectIdentifiers.DsaWithSha256);
+ m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1);
+ m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224);
+ m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256);
+ m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384);
+ m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512);
+ m_noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1);
+ m_noParams.Add(OiwObjectIdentifiers.DsaWithSha1);
+ m_noParams.Add(NistObjectIdentifiers.DsaWithSha224);
+ m_noParams.Add(NistObjectIdentifiers.DsaWithSha256);
//
// RFC 4491
//
- noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
- noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+ m_noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+ m_noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
//
// explicit params
//
AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance);
- exParams.Add("SHA1WITHRSAANDMGF1", CreatePssParams(sha1AlgId, 20));
+ m_exParams.Add("SHA1WITHRSAANDMGF1", CreatePssParams(sha1AlgId, 20));
AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance);
- exParams.Add("SHA224WITHRSAANDMGF1", CreatePssParams(sha224AlgId, 28));
+ m_exParams.Add("SHA224WITHRSAANDMGF1", CreatePssParams(sha224AlgId, 28));
AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance);
- exParams.Add("SHA256WITHRSAANDMGF1", CreatePssParams(sha256AlgId, 32));
+ m_exParams.Add("SHA256WITHRSAANDMGF1", CreatePssParams(sha256AlgId, 32));
AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance);
- exParams.Add("SHA384WITHRSAANDMGF1", CreatePssParams(sha384AlgId, 48));
+ m_exParams.Add("SHA384WITHRSAANDMGF1", CreatePssParams(sha384AlgId, 48));
AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance);
- exParams.Add("SHA512WITHRSAANDMGF1", CreatePssParams(sha512AlgId, 64));
+ m_exParams.Add("SHA512WITHRSAANDMGF1", CreatePssParams(sha512AlgId, 64));
}
private static RsassaPssParameters CreatePssParams(
diff --git a/crypto/src/pkcs/Pkcs10CertificationRequestDelaySigned.cs b/crypto/src/pkcs/Pkcs10CertificationRequestDelaySigned.cs
index ecbb4ab62..e3a710f37 100644
--- a/crypto/src/pkcs/Pkcs10CertificationRequestDelaySigned.cs
+++ b/crypto/src/pkcs/Pkcs10CertificationRequestDelaySigned.cs
@@ -1,19 +1,10 @@
using System;
-using System.Collections;
-using System.Globalization;
using System.IO;
using Org.BouncyCastle.Asn1;
-using Org.BouncyCastle.Asn1.CryptoPro;
-using Org.BouncyCastle.Asn1.Nist;
-using Org.BouncyCastle.Asn1.Oiw;
using Org.BouncyCastle.Asn1.Pkcs;
-using Org.BouncyCastle.Asn1.TeleTrust;
using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Asn1.X9;
using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Security;
-using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.X509;
@@ -103,27 +94,26 @@ namespace Org.BouncyCastle.Pkcs
throw new ArgumentNullException("publicKey");
if (publicKey.IsPrivate)
throw new ArgumentException("expected public key", "publicKey");
-// DerObjectIdentifier sigOid = SignerUtilities.GetObjectIdentifier(signatureAlgorithm);
- string algorithmName = Platform.ToUpperInvariant(signatureAlgorithm);
- DerObjectIdentifier sigOid = (DerObjectIdentifier) algorithms[algorithmName];
+
+ DerObjectIdentifier sigOid = CollectionUtilities.GetValueOrNull(m_algorithms, signatureAlgorithm);
if (sigOid == null)
{
try
{
- sigOid = new DerObjectIdentifier(algorithmName);
+ sigOid = new DerObjectIdentifier(signatureAlgorithm);
}
catch (Exception e)
{
throw new ArgumentException("Unknown signature type requested", e);
}
}
- if (noParams.Contains(sigOid))
+ if (m_noParams.Contains(sigOid))
{
this.sigAlgId = new AlgorithmIdentifier(sigOid);
}
- else if (exParams.Contains(algorithmName))
+ else if (m_exParams.TryGetValue(signatureAlgorithm, out var explicitParameters))
{
- this.sigAlgId = new AlgorithmIdentifier(sigOid, (Asn1Encodable) exParams[algorithmName]);
+ this.sigAlgId = new AlgorithmIdentifier(sigOid, explicitParameters);
}
else
{
@@ -132,6 +122,7 @@ namespace Org.BouncyCastle.Pkcs
SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
this.reqInfo = new CertificationRequestInfo(subject, pubInfo, attributes);
}
+
public byte[] GetDataToSign()
{
return reqInfo.GetDerEncoded();
diff --git a/crypto/src/pkcs/Pkcs12Entry.cs b/crypto/src/pkcs/Pkcs12Entry.cs
index 6546f9eee..2d3cfd4e5 100644
--- a/crypto/src/pkcs/Pkcs12Entry.cs
+++ b/crypto/src/pkcs/Pkcs12Entry.cs
@@ -1,5 +1,4 @@
-using System;
-using System.Collections;
+using System.Collections.Generic;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Utilities.Collections;
@@ -8,37 +7,21 @@ namespace Org.BouncyCastle.Pkcs
{
public abstract class Pkcs12Entry
{
- private readonly IDictionary attributes;
+ private readonly IDictionary<DerObjectIdentifier, Asn1Encodable> m_attributes;
- protected internal Pkcs12Entry(
- IDictionary attributes)
+ protected internal Pkcs12Entry(IDictionary<DerObjectIdentifier, Asn1Encodable> attributes)
{
- this.attributes = attributes;
-
- foreach (DictionaryEntry entry in attributes)
- {
- if (!(entry.Key is string))
- throw new ArgumentException("Attribute keys must be of type: " + typeof(string).FullName, "attributes");
- if (!(entry.Value is Asn1Encodable))
- throw new ArgumentException("Attribute values must be of type: " + typeof(Asn1Encodable).FullName, "attributes");
- }
+ m_attributes = attributes;
}
- public Asn1Encodable this[
- DerObjectIdentifier oid]
- {
- get { return (Asn1Encodable) this.attributes[oid.Id]; }
- }
-
- public Asn1Encodable this[
- string oid]
+ public Asn1Encodable this[DerObjectIdentifier oid]
{
- get { return (Asn1Encodable) this.attributes[oid]; }
+ get { return CollectionUtilities.GetValueOrNull(m_attributes, oid); }
}
- public IEnumerable BagAttributeKeys
+ public IEnumerable<DerObjectIdentifier> BagAttributeKeys
{
- get { return new EnumerableProxy(this.attributes.Keys); }
+ get { return CollectionUtilities.Proxy(m_attributes.Keys); }
}
}
}
diff --git a/crypto/src/pkcs/Pkcs12Store.cs b/crypto/src/pkcs/Pkcs12Store.cs
index 7553088a2..f6e5c32e5 100644
--- a/crypto/src/pkcs/Pkcs12Store.cs
+++ b/crypto/src/pkcs/Pkcs12Store.cs
@@ -1,13 +1,11 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
-using System.Text;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Oiw;
using Org.BouncyCastle.Asn1.Pkcs;
using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Asn1.Utilities;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities;
@@ -21,23 +19,26 @@ namespace Org.BouncyCastle.Pkcs
{
public const string IgnoreUselessPasswordProperty = "Org.BouncyCastle.Pkcs12.IgnoreUselessPassword";
- private readonly IgnoresCaseHashtable keys = new IgnoresCaseHashtable();
- private readonly IDictionary localIds = Platform.CreateHashtable();
- private readonly IgnoresCaseHashtable certs = new IgnoresCaseHashtable();
- private readonly IDictionary chainCerts = Platform.CreateHashtable();
- private readonly IDictionary keyCerts = Platform.CreateHashtable();
- private readonly DerObjectIdentifier keyAlgorithm;
- private readonly DerObjectIdentifier keyPrfAlgorithm;
- private readonly DerObjectIdentifier certAlgorithm;
- private readonly bool useDerEncoding;
+ private readonly Dictionary<string, AsymmetricKeyEntry> m_keys =
+ new Dictionary<string, AsymmetricKeyEntry>(StringComparer.OrdinalIgnoreCase);
+ private readonly Dictionary<string, string> m_localIds = new Dictionary<string, string>();
+ private readonly Dictionary<string, X509CertificateEntry> m_certs =
+ new Dictionary<string, X509CertificateEntry>(StringComparer.OrdinalIgnoreCase);
+ private readonly Dictionary<CertId, X509CertificateEntry> m_chainCerts =
+ new Dictionary<CertId, X509CertificateEntry>();
+ private readonly Dictionary<string, X509CertificateEntry> m_keyCerts =
+ new Dictionary<string, X509CertificateEntry>();
+ private readonly DerObjectIdentifier keyAlgorithm;
+ private readonly DerObjectIdentifier keyPrfAlgorithm;
+ private readonly DerObjectIdentifier certAlgorithm;
+ private readonly bool useDerEncoding;
private AsymmetricKeyEntry unmarkedKeyEntry = null;
private const int MinIterations = 1024;
private const int SaltSize = 20;
- private static SubjectKeyIdentifier CreateSubjectKeyID(
- AsymmetricKeyParameter pubKey)
+ private static SubjectKeyIdentifier CreateSubjectKeyID(AsymmetricKeyParameter pubKey)
{
return new SubjectKeyIdentifier(
SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pubKey));
@@ -97,7 +98,7 @@ namespace Org.BouncyCastle.Pkcs
{
AsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(privKeyInfo);
- IDictionary attributes = Platform.CreateHashtable();
+ var attributes = new Dictionary<DerObjectIdentifier, Asn1Encodable>();
AsymmetricKeyEntry keyEntry = new AsymmetricKeyEntry(privKey, attributes);
string alias = null;
@@ -118,22 +119,22 @@ namespace Org.BouncyCastle.Pkcs
// TODO We might want to "merge" attribute sets with
// the same OID - currently, differing values give an error
- if (attributes.Contains(aOid.Id))
+ if (attributes.TryGetValue(aOid, out var attributeValue))
{
// OK, but the value has to be the same
- if (!attributes[aOid.Id].Equals(attr))
+ if (!attributeValue.Equals(attr))
throw new IOException("attempt to add existing attribute with different value");
}
else
{
- attributes.Add(aOid.Id, attr);
+ attributes[aOid] = attr;
}
if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName))
{
alias = ((DerBmpString)attr).GetString();
// TODO Do these in a separate loop, just collect aliases here
- keys[alias] = keyEntry;
+ m_keys[alias] = keyEntry;
}
else if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID))
{
@@ -149,12 +150,12 @@ namespace Org.BouncyCastle.Pkcs
if (alias == null)
{
- keys[name] = keyEntry;
+ m_keys[name] = keyEntry;
}
else
{
// TODO There may have been more than one alias
- localIds[alias] = name;
+ m_localIds[alias] = name;
}
}
else
@@ -175,9 +176,7 @@ namespace Org.BouncyCastle.Pkcs
}
}
- public void Load(
- Stream input,
- char[] password)
+ public void Load(Stream input, char[] password)
{
if (input == null)
throw new ArgumentNullException("input");
@@ -227,11 +226,11 @@ namespace Org.BouncyCastle.Pkcs
}
}
- keys.Clear();
- localIds.Clear();
+ m_keys.Clear();
+ m_localIds.Clear();
unmarkedKeyEntry = null;
- IList certBags = Platform.CreateArrayList();
+ var certBags = new List<SafeBag>();
if (info.ContentType.Equals(PkcsObjectIdentifiers.Data))
{
@@ -292,9 +291,9 @@ namespace Org.BouncyCastle.Pkcs
}
}
- certs.Clear();
- chainCerts.Clear();
- keyCerts.Clear();
+ m_certs.Clear();
+ m_chainCerts.Clear();
+ m_keyCerts.Clear();
foreach (SafeBag b in certBags)
{
@@ -305,7 +304,7 @@ namespace Org.BouncyCastle.Pkcs
//
// set the attributes
//
- IDictionary attributes = Platform.CreateHashtable();
+ var attributes = new Dictionary<DerObjectIdentifier, Asn1Encodable>();
Asn1OctetString localId = null;
string alias = null;
@@ -323,27 +322,25 @@ namespace Org.BouncyCastle.Pkcs
// TODO We might want to "merge" attribute sets with
// the same OID - currently, differing values give an error
- if (attributes.Contains(aOid.Id))
+ if (attributes.TryGetValue(aOid, out var attributeValue))
{
// we've found more than one - one might be incorrect
- if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID))
+ if (PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Equals(aOid))
{
string id = Hex.ToHexString(Asn1OctetString.GetInstance(attr).GetOctets());
- if (!(keys[id] != null || localIds[id] != null))
- {
+ if (!m_keys.ContainsKey(id) && !m_localIds.ContainsKey(id))
continue; // ignore this one - it's not valid
- }
}
// OK, but the value has to be the same
- if (!attributes[aOid.Id].Equals(attr))
+ if (!attributeValue.Equals(attr))
{
throw new IOException("attempt to add existing attribute with different value");
}
}
else
{
- attributes.Add(aOid.Id, attr);
+ attributes[aOid] = attr;
}
if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName))
@@ -361,20 +358,20 @@ namespace Org.BouncyCastle.Pkcs
CertId certId = new CertId(cert.GetPublicKey());
X509CertificateEntry certEntry = new X509CertificateEntry(cert, attributes);
- chainCerts[certId] = certEntry;
+ m_chainCerts[certId] = certEntry;
if (unmarkedKeyEntry != null)
{
- if (keyCerts.Count == 0)
+ if (m_keyCerts.Count == 0)
{
string name = Hex.ToHexString(certId.Id);
- keyCerts[name] = certEntry;
- keys[name] = unmarkedKeyEntry;
+ m_keyCerts[name] = certEntry;
+ m_keys[name] = unmarkedKeyEntry;
}
else
{
- keys["unmarked"] = unmarkedKeyEntry;
+ m_keys["unmarked"] = unmarkedKeyEntry;
}
}
else
@@ -383,309 +380,236 @@ namespace Org.BouncyCastle.Pkcs
{
string name = Hex.ToHexString(localId.GetOctets());
- keyCerts[name] = certEntry;
+ m_keyCerts[name] = certEntry;
}
if (alias != null)
{
// TODO There may have been more than one alias
- certs[alias] = certEntry;
+ m_certs[alias] = certEntry;
}
}
}
}
- public AsymmetricKeyEntry GetKey(
- string alias)
+ public AsymmetricKeyEntry GetKey(string alias)
{
if (alias == null)
- throw new ArgumentNullException("alias");
+ throw new ArgumentNullException(nameof(alias));
- return (AsymmetricKeyEntry)keys[alias];
+ return CollectionUtilities.GetValueOrNull(m_keys, alias);
}
- public bool IsCertificateEntry(
- string alias)
+ public bool IsCertificateEntry(string alias)
{
if (alias == null)
- throw new ArgumentNullException("alias");
+ throw new ArgumentNullException(nameof(alias));
- return (certs[alias] != null && keys[alias] == null);
+ return m_certs.ContainsKey(alias) && !m_keys.ContainsKey(alias);
}
- public bool IsKeyEntry(
- string alias)
+ public bool IsKeyEntry(string alias)
{
if (alias == null)
- throw new ArgumentNullException("alias");
+ throw new ArgumentNullException(nameof(alias));
- return (keys[alias] != null);
+ return m_keys.ContainsKey(alias);
}
- private IDictionary GetAliasesTable()
+ public IEnumerable<string> Aliases
{
- IDictionary tab = Platform.CreateHashtable();
-
- foreach (string key in certs.Keys)
+ get
{
- tab[key] = "cert";
+ var aliases = new HashSet<string>(m_certs.Keys);
+ aliases.UnionWith(m_keys.Keys);
+ return CollectionUtilities.Proxy(aliases);
}
-
- foreach (string a in keys.Keys)
- {
- if (tab[a] == null)
- {
- tab[a] = "key";
- }
- }
-
- return tab;
}
- public IEnumerable Aliases
+ public bool ContainsAlias(string alias)
{
- get { return new EnumerableProxy(GetAliasesTable().Keys); }
- }
+ if (alias == null)
+ throw new ArgumentNullException(nameof(alias));
- public bool ContainsAlias(
- string alias)
- {
- return certs[alias] != null || keys[alias] != null;
+ return m_certs.ContainsKey(alias) || m_keys.ContainsKey(alias);
}
/**
* simply return the cert entry for the private key
*/
- public X509CertificateEntry GetCertificate(
- string alias)
+ public X509CertificateEntry GetCertificate(string alias)
{
if (alias == null)
- throw new ArgumentNullException("alias");
+ throw new ArgumentNullException(nameof(alias));
- X509CertificateEntry c = (X509CertificateEntry) certs[alias];
+ if (m_certs.TryGetValue(alias, out var cert))
+ return cert;
- //
- // look up the key table - and try the local key id
- //
- if (c == null)
+ var keyCertKey = alias;
+ if (m_localIds.TryGetValue(alias, out var localId))
{
- string id = (string)localIds[alias];
- if (id != null)
- {
- c = (X509CertificateEntry)keyCerts[id];
- }
- else
- {
- c = (X509CertificateEntry)keyCerts[alias];
- }
+ keyCertKey = localId;
}
- return c;
+ return CollectionUtilities.GetValueOrNull(m_keyCerts, keyCertKey);
}
- public string GetCertificateAlias(
- X509Certificate cert)
+ public string GetCertificateAlias(X509Certificate cert)
{
if (cert == null)
- throw new ArgumentNullException("cert");
+ throw new ArgumentNullException(nameof(cert));
- foreach (DictionaryEntry entry in certs)
+ foreach (var entry in m_certs)
{
- X509CertificateEntry entryValue = (X509CertificateEntry) entry.Value;
- if (entryValue.Certificate.Equals(cert))
- {
- return (string) entry.Key;
- }
+ if (entry.Value.Certificate.Equals(cert))
+ return entry.Key;
}
- foreach (DictionaryEntry entry in keyCerts)
+ foreach (var entry in m_keyCerts)
{
- X509CertificateEntry entryValue = (X509CertificateEntry) entry.Value;
- if (entryValue.Certificate.Equals(cert))
- {
- return (string) entry.Key;
- }
+ if (entry.Value.Certificate.Equals(cert))
+ return entry.Key;
}
return null;
}
- public X509CertificateEntry[] GetCertificateChain(
- string alias)
+ public X509CertificateEntry[] GetCertificateChain(string alias)
{
if (alias == null)
- throw new ArgumentNullException("alias");
+ throw new ArgumentNullException(nameof(alias));
if (!IsKeyEntry(alias))
- {
return null;
- }
X509CertificateEntry c = GetCertificate(alias);
+ if (c == null)
+ return null;
+
+ var cs = new List<X509CertificateEntry>();
- if (c != null)
+ while (c != null)
{
- IList cs = Platform.CreateArrayList();
+ X509Certificate x509c = c.Certificate;
+ X509CertificateEntry nextC = null;
- while (c != null)
+ Asn1OctetString akiValue = x509c.GetExtensionValue(X509Extensions.AuthorityKeyIdentifier);
+ if (akiValue != null)
{
- X509Certificate x509c = c.Certificate;
- X509CertificateEntry nextC = null;
+ AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.GetInstance(akiValue.GetOctets());
- Asn1OctetString akiValue = x509c.GetExtensionValue(X509Extensions.AuthorityKeyIdentifier);
- if (akiValue != null)
+ byte[] keyID = aki.GetKeyIdentifier();
+ if (keyID != null)
{
- AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.GetInstance(akiValue.GetOctets());
-
- byte[] keyID = aki.GetKeyIdentifier();
- if (keyID != null)
- {
- nextC = (X509CertificateEntry)chainCerts[new CertId(keyID)];
- }
+ nextC = CollectionUtilities.GetValueOrNull(m_chainCerts, new CertId(keyID));
}
+ }
- if (nextC == null)
- {
- //
- // no authority key id, try the Issuer DN
- //
- X509Name i = x509c.IssuerDN;
- X509Name s = x509c.SubjectDN;
+ if (nextC == null)
+ {
+ //
+ // no authority key id, try the Issuer DN
+ //
+ X509Name i = x509c.IssuerDN;
+ X509Name s = x509c.SubjectDN;
- if (!i.Equivalent(s))
+ if (!i.Equivalent(s))
+ {
+ foreach (var entry in m_chainCerts)
{
- foreach (CertId certId in chainCerts.Keys)
- {
- X509CertificateEntry x509CertEntry = (X509CertificateEntry) chainCerts[certId];
+ X509Certificate cert = entry.Value.Certificate;
- X509Certificate crt = x509CertEntry.Certificate;
+ if (cert.SubjectDN.Equivalent(i))
+ {
+ try
+ {
+ x509c.Verify(cert.GetPublicKey());
- X509Name sub = crt.SubjectDN;
- if (sub.Equivalent(i))
+ nextC = entry.Value;
+ break;
+ }
+ catch (InvalidKeyException)
{
- try
- {
- x509c.Verify(crt.GetPublicKey());
-
- nextC = x509CertEntry;
- break;
- }
- catch (InvalidKeyException)
- {
- // TODO What if it doesn't verify?
- }
+ // TODO What if it doesn't verify?
}
}
}
}
-
- cs.Add(c);
- if (nextC != c) // self signed - end of the chain
- {
- c = nextC;
- }
- else
- {
- c = null;
- }
}
- X509CertificateEntry[] result = new X509CertificateEntry[cs.Count];
- for (int i = 0; i < cs.Count; ++i)
+ cs.Add(c);
+ if (nextC != c) // self signed - end of the chain
+ {
+ c = nextC;
+ }
+ else
{
- result[i] = (X509CertificateEntry)cs[i];
+ c = null;
}
- return result;
}
- return null;
+ return cs.ToArray();
}
- public void SetCertificateEntry(
- string alias,
- X509CertificateEntry certEntry)
+ public void SetCertificateEntry(string alias, X509CertificateEntry certEntry)
{
if (alias == null)
- throw new ArgumentNullException("alias");
+ throw new ArgumentNullException(nameof(alias));
if (certEntry == null)
- throw new ArgumentNullException("certEntry");
- if (keys[alias] != null)
+ throw new ArgumentNullException(nameof(certEntry));
+ if (m_keys.ContainsKey(alias))
throw new ArgumentException("There is a key entry with the name " + alias + ".");
- certs[alias] = certEntry;
- chainCerts[new CertId(certEntry.Certificate.GetPublicKey())] = certEntry;
+ m_certs[alias] = certEntry;
+ m_chainCerts[new CertId(certEntry.Certificate.GetPublicKey())] = certEntry;
}
- public void SetKeyEntry(
- string alias,
- AsymmetricKeyEntry keyEntry,
- X509CertificateEntry[] chain)
+ public void SetKeyEntry(string alias, AsymmetricKeyEntry keyEntry, X509CertificateEntry[] chain)
{
if (alias == null)
- throw new ArgumentNullException("alias");
+ throw new ArgumentNullException(nameof(alias));
if (keyEntry == null)
- throw new ArgumentNullException("keyEntry");
- if (keyEntry.Key.IsPrivate && (chain == null))
+ throw new ArgumentNullException(nameof(keyEntry));
+ if (keyEntry.Key.IsPrivate && chain == null)
throw new ArgumentException("No certificate chain for private key");
- if (keys[alias] != null)
+ if (m_keys.ContainsKey(alias))
{
DeleteEntry(alias);
}
- keys[alias] = keyEntry;
- certs[alias] = chain[0];
+ m_keys[alias] = keyEntry;
+ m_certs[alias] = chain[0];
for (int i = 0; i != chain.Length; i++)
{
- chainCerts[new CertId(chain[i].Certificate.GetPublicKey())] = chain[i];
+ m_chainCerts[new CertId(chain[i].Certificate.GetPublicKey())] = chain[i];
}
}
- public void DeleteEntry(
- string alias)
+ public void DeleteEntry(string alias)
{
if (alias == null)
- throw new ArgumentNullException("alias");
-
- AsymmetricKeyEntry k = (AsymmetricKeyEntry)keys[alias];
- if (k != null)
- {
- keys.Remove(alias);
- }
+ throw new ArgumentNullException(nameof(alias));
- X509CertificateEntry c = (X509CertificateEntry)certs[alias];
-
- if (c != null)
+ if (CollectionUtilities.Remove(m_certs, alias, out var cert))
{
- certs.Remove(alias);
- chainCerts.Remove(new CertId(c.Certificate.GetPublicKey()));
+ m_chainCerts.Remove(new CertId(cert.Certificate.GetPublicKey()));
}
- if (k != null)
+ if (m_keys.Remove(alias))
{
- string id = (string)localIds[alias];
- if (id != null)
- {
- localIds.Remove(alias);
- c = (X509CertificateEntry)keyCerts[id];
- }
- if (c != null)
+ if (CollectionUtilities.Remove(m_localIds, alias, out var id))
{
- keyCerts.Remove(id);
- chainCerts.Remove(new CertId(c.Certificate.GetPublicKey()));
+ if (CollectionUtilities.Remove(m_keyCerts, id, out var keyCert))
+ {
+ m_chainCerts.Remove(new CertId(keyCert.Certificate.GetPublicKey()));
+ }
}
}
-
- if (c == null && k == null)
- {
- throw new ArgumentException("no such entry as " + alias);
- }
}
- public bool IsEntryOfType(
- string alias,
- Type entryType)
+ public bool IsEntryOfType(string alias, Type entryType)
{
if (entryType == typeof(X509CertificateEntry))
return IsCertificateEntry(alias);
@@ -698,31 +622,41 @@ namespace Org.BouncyCastle.Pkcs
public int Count
{
- // TODO Seems a little inefficient
- get { return GetAliasesTable().Count; }
+ get
+ {
+ int count = m_certs.Count;
+
+ foreach (var key in m_keys.Keys)
+ {
+ if (!m_certs.ContainsKey(key))
+ {
+ ++count;
+ }
+ }
+
+ return count;
+ }
}
- public void Save(
- Stream stream,
- char[] password,
- SecureRandom random)
+ public void Save(Stream stream, char[] password, SecureRandom random)
{
if (stream == null)
- throw new ArgumentNullException("stream");
+ throw new ArgumentNullException(nameof(stream));
if (random == null)
- throw new ArgumentNullException("random");
+ throw new ArgumentNullException(nameof(random));
//
// handle the keys
//
Asn1EncodableVector keyBags = new Asn1EncodableVector();
- foreach (string name in keys.Keys)
+ foreach (var keyEntry in m_keys)
{
+ var name = keyEntry.Key;
+ var privKey = keyEntry.Value;
+
byte[] kSalt = new byte[SaltSize];
random.NextBytes(kSalt);
- AsymmetricKeyEntry privKey = (AsymmetricKeyEntry)keys[name];
-
DerObjectIdentifier bagOid;
Asn1Encodable bagData;
@@ -736,30 +670,25 @@ namespace Org.BouncyCastle.Pkcs
bagOid = PkcsObjectIdentifiers.Pkcs8ShroudedKeyBag;
if (keyPrfAlgorithm != null)
{
- bagData = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(
- keyAlgorithm, keyPrfAlgorithm, password, kSalt, MinIterations, random, privKey.Key);
+ bagData = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(keyAlgorithm,
+ keyPrfAlgorithm, password, kSalt, MinIterations, random, privKey.Key);
}
else
{
- bagData = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(
- keyAlgorithm, password, kSalt, MinIterations, privKey.Key);
+ bagData = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(keyAlgorithm, password,
+ kSalt, MinIterations, privKey.Key);
}
}
Asn1EncodableVector kName = new Asn1EncodableVector();
- foreach (string oid in privKey.BagAttributeKeys)
+ foreach (var oid in privKey.BagAttributeKeys)
{
- Asn1Encodable entry = privKey[oid];
-
// NB: Ignore any existing FriendlyName
- if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id))
- continue;
-
- kName.Add(
- new DerSequence(
- new DerObjectIdentifier(oid),
- new DerSet(entry)));
+ if (!PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Equals(oid))
+ {
+ kName.Add(new DerSequence(oid, new DerSet(privKey[oid])));
+ }
}
//
@@ -805,9 +734,9 @@ namespace Org.BouncyCastle.Pkcs
Asn1EncodableVector certBags = new Asn1EncodableVector();
Pkcs12PbeParams cParams = new Pkcs12PbeParams(cSalt, MinIterations);
AlgorithmIdentifier cAlgId = new AlgorithmIdentifier(certAlgorithm, cParams.ToAsn1Object());
- ISet doneCerts = new HashSet();
+ var doneCerts = new HashSet<X509Certificate>();
- foreach (string name in keys.Keys)
+ foreach (string name in m_keys.Keys)
{
X509CertificateEntry certEntry = GetCertificate(name);
CertBag cBag = new CertBag(
@@ -816,18 +745,13 @@ namespace Org.BouncyCastle.Pkcs
Asn1EncodableVector fName = new Asn1EncodableVector();
- foreach (string oid in certEntry.BagAttributeKeys)
+ foreach (var oid in certEntry.BagAttributeKeys)
{
- Asn1Encodable entry = certEntry[oid];
-
// NB: Ignore any existing FriendlyName
- if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id))
- continue;
-
- fName.Add(
- new DerSequence(
- new DerObjectIdentifier(oid),
- new DerSet(entry)));
+ if (!PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Equals(oid))
+ {
+ fName.Add(new DerSequence(oid, new DerSet(certEntry[oid])));
+ }
}
//
@@ -861,11 +785,12 @@ namespace Org.BouncyCastle.Pkcs
doneCerts.Add(certEntry.Certificate);
}
- foreach (string certId in certs.Keys)
+ foreach (var certEntry in m_certs)
{
- X509CertificateEntry cert = (X509CertificateEntry)certs[certId];
+ var certId = certEntry.Key;
+ var cert = certEntry.Value;
- if (keys[certId] != null)
+ if (m_keys.ContainsKey(certId))
continue;
CertBag cBag = new CertBag(
@@ -874,25 +799,20 @@ namespace Org.BouncyCastle.Pkcs
Asn1EncodableVector fName = new Asn1EncodableVector();
- foreach (string oid in cert.BagAttributeKeys)
+ foreach (var oid in cert.BagAttributeKeys)
{
// a certificate not immediately linked to a key doesn't require
// a localKeyID and will confuse some PKCS12 implementations.
//
// If we find one, we'll prune it out.
- if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id))
+ if (PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Equals(oid))
continue;
- Asn1Encodable entry = cert[oid];
-
// NB: Ignore any existing FriendlyName
- if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id))
- continue;
-
- fName.Add(
- new DerSequence(
- new DerObjectIdentifier(oid),
- new DerSet(entry)));
+ if (!PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Equals(oid))
+ {
+ fName.Add(new DerSequence(oid, new DerSet(cert[oid])));
+ }
}
//
@@ -912,9 +832,10 @@ namespace Org.BouncyCastle.Pkcs
doneCerts.Add(cert.Certificate);
}
- foreach (CertId certId in chainCerts.Keys)
+ foreach (var chainCertEntry in m_chainCerts)
{
- X509CertificateEntry cert = (X509CertificateEntry)chainCerts[certId];
+ var certId = chainCertEntry.Key;
+ var cert = chainCertEntry.Value;
if (doneCerts.Contains(cert.Certificate))
continue;
@@ -925,19 +846,16 @@ namespace Org.BouncyCastle.Pkcs
Asn1EncodableVector fName = new Asn1EncodableVector();
- foreach (string oid in cert.BagAttributeKeys)
+ foreach (var oid in cert.BagAttributeKeys)
{
// a certificate not immediately linked to a key doesn't require
// a localKeyID and will confuse some PKCS12 implementations.
//
// If we find one, we'll prune it out.
- if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id))
+ if (PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Equals(oid))
continue;
- fName.Add(
- new DerSequence(
- new DerObjectIdentifier(oid),
- new DerSet(cert[oid])));
+ fName.Add(new DerSequence(oid, new DerSet(cert[oid])));
}
certBags.Add(new SafeBag(PkcsObjectIdentifiers.CertBag, cBag.ToAsn1Object(), new DerSet(fName)));
@@ -1038,80 +956,5 @@ namespace Org.BouncyCastle.Pkcs
return cipher.DoFinal(data);
}
}
-
- private class IgnoresCaseHashtable
- : IEnumerable
- {
- private readonly IDictionary orig = Platform.CreateHashtable();
- private readonly IDictionary keys = Platform.CreateHashtable();
-
- public void Clear()
- {
- orig.Clear();
- keys.Clear();
- }
-
- public IEnumerator GetEnumerator()
- {
- return orig.GetEnumerator();
- }
-
- public ICollection Keys
- {
- get { return orig.Keys; }
- }
-
- public object Remove(
- string alias)
- {
- string upper = Platform.ToUpperInvariant(alias);
- string k = (string)keys[upper];
-
- if (k == null)
- return null;
-
- keys.Remove(upper);
-
- object o = orig[k];
- orig.Remove(k);
- return o;
- }
-
- public object this[
- string alias]
- {
- get
- {
- string upper = Platform.ToUpperInvariant(alias);
- string k = (string)keys[upper];
-
- if (k == null)
- return null;
-
- return orig[k];
- }
- set
- {
- string upper = Platform.ToUpperInvariant(alias);
- string k = (string)keys[upper];
- if (k != null)
- {
- orig.Remove(k);
- }
- keys[upper] = alias;
- orig[alias] = value;
- }
- }
-
- public ICollection Values
- {
- get { return orig.Values; }
- }
-
- public int Count
- {
- get { return orig.Count; }
- }
- }
}
}
diff --git a/crypto/src/pkcs/X509CertificateEntry.cs b/crypto/src/pkcs/X509CertificateEntry.cs
index 9d850f885..43aa5b304 100644
--- a/crypto/src/pkcs/X509CertificateEntry.cs
+++ b/crypto/src/pkcs/X509CertificateEntry.cs
@@ -1,7 +1,6 @@
-using System;
-using System.Collections;
+using System.Collections.Generic;
-using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.X509;
namespace Org.BouncyCastle.Pkcs
@@ -11,16 +10,13 @@ namespace Org.BouncyCastle.Pkcs
{
private readonly X509Certificate cert;
- public X509CertificateEntry(
- X509Certificate cert)
- : base(Platform.CreateHashtable())
+ public X509CertificateEntry(X509Certificate cert)
+ : base(new Dictionary<DerObjectIdentifier, Asn1Encodable>())
{
this.cert = cert;
}
- public X509CertificateEntry(
- X509Certificate cert,
- IDictionary attributes)
+ public X509CertificateEntry(X509Certificate cert, IDictionary<DerObjectIdentifier, Asn1Encodable> attributes)
: base(attributes)
{
this.cert = cert;
diff --git a/crypto/src/util/collections/CollectionUtilities.cs b/crypto/src/util/collections/CollectionUtilities.cs
index 97bc374e1..f1d2bac21 100644
--- a/crypto/src/util/collections/CollectionUtilities.cs
+++ b/crypto/src/util/collections/CollectionUtilities.cs
@@ -71,6 +71,15 @@ namespace Org.BouncyCastle.Utilities.Collections
return new UnmodifiableSetProxy(s);
}
+ public static bool Remove<K, V>(IDictionary<K, V> d, K k, out V v)
+ {
+ if (!d.TryGetValue(k, out v))
+ return false;
+
+ d.Remove(k);
+ return true;
+ }
+
public static object RequireNext(IEnumerator e)
{
if (!e.MoveNext())
|
