summary refs log tree commit diff
path: root/crypto
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2022-06-24 14:18:43 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2022-06-24 14:18:43 +0700
commit54fd291cc1f3298abcb66ac67e5a595bc922f7d4 (patch)
treef90ac029ec7954d7165044ed40530d591aeb8cdc /crypto
parentUse generics instead of dynamic checks (diff)
downloadBouncyCastle.NET-ed25519-54fd291cc1f3298abcb66ac67e5a595bc922f7d4.tar.xz
Remove certpath from PkixCertPathValidatorException
Diffstat (limited to 'crypto')
-rw-r--r--crypto/src/pkix/PkixCertPathValidator.cs21
-rw-r--r--crypto/src/pkix/PkixCertPathValidatorException.cs195
-rw-r--r--crypto/src/pkix/Rfc3280CertPathUtilities.cs101
-rw-r--r--crypto/src/security/GeneralSecurityException.cs15
4 files changed, 93 insertions, 239 deletions
diff --git a/crypto/src/pkix/PkixCertPathValidator.cs b/crypto/src/pkix/PkixCertPathValidator.cs
index 64039f9f1..a45102894 100644
--- a/crypto/src/pkix/PkixCertPathValidator.cs
+++ b/crypto/src/pkix/PkixCertPathValidator.cs
@@ -61,7 +61,7 @@ namespace Org.BouncyCastle.Pkix
             int n = certs.Count;
 
             if (certs.Count == 0)
-                throw new PkixCertPathValidatorException("Certification path is empty.", null, certPath, 0);
+                throw new PkixCertPathValidatorException("Certification path is empty.", null, 0);
 
 			//
             // (b)
@@ -84,13 +84,13 @@ namespace Org.BouncyCastle.Pkix
 					paramsPkix.GetTrustAnchors());
 
                 if (trust == null)
-                    throw new PkixCertPathValidatorException("Trust anchor for certification path not found.", null, certPath, -1);
+                    throw new PkixCertPathValidatorException("Trust anchor for certification path not found.", null, -1);
 
                 CheckCertificate(trust.TrustedCert);
             }
             catch (Exception e)
             {
-                throw new PkixCertPathValidatorException(e.Message, e.InnerException, certPath, certs.Count - 1);
+                throw new PkixCertPathValidatorException(e.Message, e.InnerException, certs.Count - 1);
             }
 
             //
@@ -192,8 +192,7 @@ namespace Org.BouncyCastle.Pkix
             }
             catch (ArgumentException ex)
             {
-                throw new PkixCertPathValidatorException("Subject of trust anchor could not be (re)encoded.", ex, certPath,
-                        -1);
+                throw new PkixCertPathValidatorException("Subject of trust anchor could not be (re)encoded.", ex, -1);
             }
 
             AlgorithmIdentifier workingAlgId = null;
@@ -204,7 +203,7 @@ namespace Org.BouncyCastle.Pkix
             catch (PkixCertPathValidatorException e)
             {
                 throw new PkixCertPathValidatorException(
-                        "Algorithm identifier of public key of trust anchor could not be read.", e, certPath, -1);
+                        "Algorithm identifier of public key of trust anchor could not be read.", e, -1);
             }
 
 //			DerObjectIdentifier workingPublicKeyAlgorithm = workingAlgId.Algorithm;
@@ -223,7 +222,7 @@ namespace Org.BouncyCastle.Pkix
             if (certConstraints != null && !certConstraints.Match((X509Certificate)certs[0]))
             {
                 throw new PkixCertPathValidatorException(
-					"Target certificate in certification path does not match targetConstraints.", null, certPath, 0);
+					"Target certificate in certification path does not match targetConstraints.", null, 0);
             }
 
             //
@@ -262,7 +261,7 @@ namespace Org.BouncyCastle.Pkix
                 }
                 catch (Exception e)
                 {
-                    throw new PkixCertPathValidatorException(e.Message, e.InnerException, certPath, index);
+                    throw new PkixCertPathValidatorException(e.Message, e.InnerException, index);
                 }
 
                 //
@@ -294,7 +293,7 @@ namespace Org.BouncyCastle.Pkix
                             continue;
 
                         throw new PkixCertPathValidatorException(
-							"Version 1 certificates can't be used as CA ones.", null, certPath, index);
+							"Version 1 certificates can't be used as CA ones.", null, index);
                     }
 
                     Rfc3280CertPathUtilities.PrepareNextCertA(certPath, index);
@@ -369,7 +368,7 @@ namespace Org.BouncyCastle.Pkix
                     }
                     catch (PkixCertPathValidatorException e)
                     {
-                        throw new PkixCertPathValidatorException("Next working key could not be retrieved.", e, certPath, index);
+                        throw new PkixCertPathValidatorException("Next working key could not be retrieved.", e, index);
                     }
 
                     workingAlgId = PkixCertPathValidatorUtilities.GetAlgorithmIdentifier(workingPublicKey);
@@ -430,7 +429,7 @@ namespace Org.BouncyCastle.Pkix
 				return new PkixCertPathValidatorResult(trust, intersection, cert.GetPublicKey());
 			}
 
-			throw new PkixCertPathValidatorException("Path processing failed on policy.", null, certPath, index);
+			throw new PkixCertPathValidatorException("Path processing failed on policy.", null, index);
         }
 
         internal static void CheckCertificate(X509Certificate cert)
diff --git a/crypto/src/pkix/PkixCertPathValidatorException.cs b/crypto/src/pkix/PkixCertPathValidatorException.cs
index 143cdd832..f2152bcd3 100644
--- a/crypto/src/pkix/PkixCertPathValidatorException.cs
+++ b/crypto/src/pkix/PkixCertPathValidatorException.cs
@@ -1,4 +1,6 @@
 using System;
+using System.Runtime.Serialization;
+
 using Org.BouncyCastle.Security;
 
 namespace Org.BouncyCastle.Pkix
@@ -27,38 +29,25 @@ namespace Org.BouncyCastle.Pkix
 	 *
 	 * @see CertPathValidator
 	 **/
-#if !PORTABLE
     [Serializable]
-#endif
     public class PkixCertPathValidatorException
         : GeneralSecurityException
 	{
-		private Exception cause;
-		private PkixCertPath certPath;
-		private int index = -1;
+		private readonly int m_index = -1;
 
-		public PkixCertPathValidatorException() : base() { }
+		public PkixCertPathValidatorException()
+			: base()
+		{
+		}
 
-		/// <summary>
-		/// Creates a <code>PkixCertPathValidatorException</code> with the given detail
-		/// message. A detail message is a <code>String</code> that describes this
-		/// particular exception. 
-		/// </summary>
-		/// <param name="message">the detail message</param>
-		public PkixCertPathValidatorException(string message) : base(message) { }
+		public PkixCertPathValidatorException(string message)
+			: base(message)
+		{
+		}
 
-		/// <summary>
-		/// Creates a <code>PkixCertPathValidatorException</code> with the specified
-		/// detail message and cause.
-		/// </summary>
-		/// <param name="message">the detail message</param>
-		/// <param name="cause">the cause (which is saved for later retrieval by the
-		/// {@link #getCause getCause()} method). (A <code>null</code>
-		/// value is permitted, and indicates that the cause is
-		/// nonexistent or unknown.)</param>
-		public PkixCertPathValidatorException(string message, Exception cause) : base(message)
+		public PkixCertPathValidatorException(string message, Exception exception)
+			: base(message, exception)
 		{
-			this.cause = cause;
 		}
 
 		/// <summary>
@@ -66,156 +55,32 @@ namespace Org.BouncyCastle.Pkix
 		/// detail message, cause, certification path, and index.
 		/// </summary>
 		/// <param name="message">the detail message (or <code>null</code> if none)</param>
-		/// <param name="cause">the cause (or <code>null</code> if none)</param>
-		/// <param name="certPath">the certification path that was in the process of being
-		/// validated when the error was encountered</param>
+		/// <param name="exception">the cause (or <code>null</code> if none)</param>
 		/// <param name="index">the index of the certificate in the certification path that</param>																																																																																   * 
-		public PkixCertPathValidatorException(
-			string			message,
-			Exception		cause,
-			PkixCertPath	certPath,
-			int				index)
-			: base(message)
+		public PkixCertPathValidatorException(string message, Exception exception, int index)
+			: base(message, exception)
 		{
-			if (certPath == null && index != -1)
-			{
-				throw new ArgumentNullException(
-					"certPath = null and index != -1");
-			}
-			if (index < -1
-				|| (certPath != null && index >= certPath.Certificates.Count))
-			{
-				throw new IndexOutOfRangeException(
-					" index < -1 or out of bound of certPath.getCertificates()");
-			}
+			if (index < -1)
+				throw new ArgumentException("cannot be < -1", nameof(index));
 
-			this.cause = cause;
-			this.certPath = certPath;
-			this.index = index;
+			m_index = index;
 		}
 
-		//
-		// Prints a stack trace to a <code>PrintWriter</code>, including the
-		// backtrace of the cause, if any.
-		// 
-		// @param pw
-		//            the <code>PrintWriter</code> to use for output
-		//
-		//		public void printStackTrace(PrintWriter pw)
-		//		{
-		//			super.printStackTrace(pw);
-		//			if (getCause() != null)
-		//			{
-		//				getCause().printStackTrace(pw);
-		//			}
-		//	}
-		//}
-
-
-		//	/**
-		//	 * Creates a <code>CertPathValidatorException</code> that wraps the
-		//	 * specified throwable. This allows any exception to be converted into a
-		//	 * <code>CertPathValidatorException</code>, while retaining information
-		//	 * about the wrapped exception, which may be useful for debugging. The
-		//	 * detail message is set to (<code>cause==null ? null : cause.toString()
-		//	 * </code>)
-		//	 * (which typically contains the class and detail message of cause).
-		//	 * 
-		//	 * @param cause
-		//	 *            the cause (which is saved for later retrieval by the
-		//	 *            {@link #getCause getCause()} method). (A <code>null</code>
-		//	 *            value is permitted, and indicates that the cause is
-		//	 *            nonexistent or unknown.)
-		//	 */
-		//	public PkixCertPathValidatorException(Throwable cause)
-		//	{
-		//		this.cause = cause;
-		//	}
-		//
-
-		/// <summary>
-		/// Returns the detail message for this <code>CertPathValidatorException</code>.
-		/// </summary>
-		/// <returns>the detail message, or <code>null</code> if neither the message nor cause were specified</returns>
-		public override string Message
+		protected PkixCertPathValidatorException(SerializationInfo info, StreamingContext context)
+			: base(info, context)
 		{
-			get
-			{
-				string message = base.Message;
-
-				if (message != null)
-				{
-					return message;
-				}
-
-				if (cause != null)
-				{
-					return cause.Message;
-				}
-
-				return null;
-			}
 		}
 
-	/**
-	 * Returns the certification path that was being validated when the
-	 * exception was thrown.
-	 * 
-	 * @return the <code>CertPath</code> that was being validated when the
-	 *         exception was thrown (or <code>null</code> if not specified)
-	 */
-		public PkixCertPath CertPath
+		/// <summary> eturns the index of the certificate in the certification path that caused the exception to be
+		/// thrown.</summary>
+		/// <remarks>
+		/// Note that the list of certificates in a <see cref="PkixCertPath"/> is zero based. If no index has been set,
+		/// -1 is returned.
+		/// </remarks>
+		/// <returns>The index that has been set, or -1 if none has been set.</returns>
+		public int Index
 		{
-			get { return certPath; }
+			get { return m_index; }
 		}
-
-	/**
-	 * Returns the index of the certificate in the certification path that
-	 * caused the exception to be thrown. Note that the list of certificates in
-	 * a <code>CertPath</code> is zero based. If no index has been set, -1 is
-	 * returned.
-	 * 
-	 * @return the index that has been set, or -1 if none has been set
-	 */
-	public int Index
-	{
-        get { return index; }
-	}
-
-//	/**
-//	 * Returns the cause of this <code>CertPathValidatorException</code> or
-//	 * <code>null</code> if the cause is nonexistent or unknown.
-//	 * 
-//	 * @return the cause of this throwable or <code>null</code> if the cause
-//	 *         is nonexistent or unknown.
-//	 */
-//	public Throwable getCause()
-//	{
-//		return cause;
-//	}
-//
-//	/**
-//	 * Returns a string describing this exception, including a description of
-//	 * the internal (wrapped) cause if there is one.
-//	 * 
-//	 * @return a string representation of this
-//	 *         <code>CertPathValidatorException</code>
-//	 */
-//	public String toString()
-//	{
-//		StringBuffer sb = new StringBuffer();
-//		String s = getMessage();
-//		if (s != null)
-//		{
-//			sb.append(s);
-//		}
-//		if (getIndex() >= 0)
-//		{
-//			sb.append("index in certpath: ").append(getIndex()).append('\n');
-//			sb.append(getCertPath());
-//		}
-//		return sb.toString();
-//	}
-
 	}
 }
diff --git a/crypto/src/pkix/Rfc3280CertPathUtilities.cs b/crypto/src/pkix/Rfc3280CertPathUtilities.cs
index d6594f4ad..9001ba1d1 100644
--- a/crypto/src/pkix/Rfc3280CertPathUtilities.cs
+++ b/crypto/src/pkix/Rfc3280CertPathUtilities.cs
@@ -254,7 +254,7 @@ namespace Org.BouncyCastle.Pkix
 				catch (Exception e)
 				{
 					throw new PkixCertPathValidatorException(
-						"Exception extracting subject name when checking subtrees.", e, certPath, index);
+						"Exception extracting subject name when checking subtrees.", e, index);
 				}
 
 				try
@@ -265,7 +265,7 @@ namespace Org.BouncyCastle.Pkix
 				catch (PkixNameConstraintValidatorException e)
 				{
 					throw new PkixCertPathValidatorException(
-						"Subtree check for certificate subject failed.", e, certPath, index);
+						"Subtree check for certificate subject failed.", e, index);
 				}
 
 				GeneralNames altName = null;
@@ -277,7 +277,7 @@ namespace Org.BouncyCastle.Pkix
 				catch (Exception e)
 				{
 					throw new PkixCertPathValidatorException(
-						"Subject alternative name extension could not be decoded.", e, certPath, index);
+						"Subject alternative name extension could not be decoded.", e, index);
 				}
 
 				IList emails = X509Name.GetInstance(dns).GetValueList(X509Name.EmailAddress);
@@ -292,7 +292,7 @@ namespace Org.BouncyCastle.Pkix
 					catch (PkixNameConstraintValidatorException ex)
 					{
 						throw new PkixCertPathValidatorException(
-							"Subtree check for certificate subject alternative email failed.", ex, certPath, index);
+							"Subtree check for certificate subject alternative email failed.", ex, index);
 					}
 				}
 				if (altName != null)
@@ -305,7 +305,7 @@ namespace Org.BouncyCastle.Pkix
 					catch (Exception e)
 					{
 						throw new PkixCertPathValidatorException(
-							"Subject alternative name contents could not be decoded.", e, certPath, index);
+							"Subject alternative name contents could not be decoded.", e, index);
 					}
 					foreach (GeneralName genName in genNames)
 					{
@@ -317,7 +317,7 @@ namespace Org.BouncyCastle.Pkix
 						catch (PkixNameConstraintValidatorException e)
 						{
 							throw new PkixCertPathValidatorException(
-								"Subtree check for certificate subject alternative name failed.", e, certPath, index);
+								"Subtree check for certificate subject alternative name failed.", e, index);
 						}
 					}
 				}
@@ -344,7 +344,7 @@ namespace Org.BouncyCastle.Pkix
 			catch (Exception ex)
 			{
 				throw new PkixCertPathValidatorException(
-					"Policy mappings extension could not be decoded.", ex, certPath, index);
+					"Policy mappings extension could not be decoded.", ex, index);
 			}
 			if (pm != null)
 			{
@@ -364,16 +364,16 @@ namespace Org.BouncyCastle.Pkix
 					catch (Exception e)
 					{
 						throw new PkixCertPathValidatorException(
-							"Policy mappings extension contents could not be decoded.", e, certPath, index);
+							"Policy mappings extension contents could not be decoded.", e, index);
 					}
 
 					if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(issuerDomainPolicy.Id))
 						throw new PkixCertPathValidatorException(
-							"IssuerDomainPolicy is anyPolicy", null, certPath, index);
+							"IssuerDomainPolicy is anyPolicy", null, index);
 
 					if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(subjectDomainPolicy.Id))
 						throw new PkixCertPathValidatorException(
-							"SubjectDomainPolicy is anyPolicy,", null, certPath, index);
+							"SubjectDomainPolicy is anyPolicy,", null, index);
 				}
 			}
 		}
@@ -405,7 +405,7 @@ namespace Org.BouncyCastle.Pkix
 			catch (Exception e)
 			{
 				throw new PkixCertPathValidatorException(
-					"Could not read certificate policies extension from certificate.", e, certPath, index);
+					"Could not read certificate policies extension from certificate.", e, index);
 			}
 			if (certPolicies != null && validPolicyTree != null)
 			{
@@ -431,7 +431,7 @@ namespace Org.BouncyCastle.Pkix
 						catch (PkixCertPathValidatorException ex)
 						{
 							throw new PkixCertPathValidatorException(
-								"Policy qualifier info set could not be build.", ex, certPath, index);
+								"Policy qualifier info set could not be build.", ex, index);
 						}
 
 						bool match = PkixCertPathValidatorUtilities.ProcessCertD1i(i, policyNodes, pOid, pq);
@@ -1238,7 +1238,7 @@ namespace Org.BouncyCastle.Pkix
 			catch (Exception ex)
 			{
 				throw new PkixCertPathValidatorException(
-					"Policy mappings extension could not be decoded.", ex, certPath, index);
+					"Policy mappings extension could not be decoded.", ex, index);
 			}
 			PkixPolicyNode _validPolicyTree = validPolicyTree;
 			if (pm != null)
@@ -1310,7 +1310,7 @@ namespace Org.BouncyCastle.Pkix
 									catch (Exception e)
 									{
 										throw new PkixCertPathValidatorException(
-											"Certificate policies extension could not be decoded.", e, certPath, index);
+											"Certificate policies extension could not be decoded.", e, index);
 									}
 
 									foreach (Asn1Encodable ae in policies)
@@ -1323,7 +1323,7 @@ namespace Org.BouncyCastle.Pkix
 										catch (Exception ex)
 										{
 											throw new PkixCertPathValidatorException(
-												"Policy information could not be decoded.", ex, certPath, index);
+												"Policy information could not be decoded.", ex, index);
 										}
 										if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(pinfo.PolicyIdentifier.Id))
 										{
@@ -1335,8 +1335,7 @@ namespace Org.BouncyCastle.Pkix
 											catch (PkixCertPathValidatorException ex)
 											{
 												throw new PkixCertPathValidatorException(
-													"Policy qualifier info set could not be decoded.", ex, certPath,
-													index);
+													"Policy qualifier info set could not be decoded.", ex, index);
 											}
 											break;
 										}
@@ -1503,7 +1502,7 @@ namespace Org.BouncyCastle.Pkix
 			if (explicitPolicy <= 0 && validPolicyTree == null)
 			{
 				throw new PkixCertPathValidatorException(
-					"No valid policy tree found when one expected.", null, certPath, index);
+					"No valid policy tree found when one expected.", null, index);
 			}
 		}
 
@@ -1528,7 +1527,7 @@ namespace Org.BouncyCastle.Pkix
 			}
 			catch (GeneralSecurityException e)
 			{
-				throw new PkixCertPathValidatorException("Could not validate certificate signature.", e, certPath, index);
+				throw new PkixCertPathValidatorException("Could not validate certificate signature.", e, index);
 			}
 
 			try
@@ -1540,15 +1539,15 @@ namespace Org.BouncyCastle.Pkix
 			}
 			catch (CertificateExpiredException e)
 			{
-				throw new PkixCertPathValidatorException("Could not validate certificate: " + e.Message, e, certPath, index);
+				throw new PkixCertPathValidatorException("Could not validate certificate: " + e.Message, e, index);
 			}
 			catch (CertificateNotYetValidException e)
 			{
-				throw new PkixCertPathValidatorException("Could not validate certificate: " + e.Message, e, certPath, index);
+				throw new PkixCertPathValidatorException("Could not validate certificate: " + e.Message, e, index);
 			}
 			catch (Exception e)
 			{
-				throw new PkixCertPathValidatorException("Could not validate time of certificate.", e, certPath, index);
+				throw new PkixCertPathValidatorException("Could not validate time of certificate.", e, index);
 			}
 
 			//
@@ -1568,7 +1567,7 @@ namespace Org.BouncyCastle.Pkix
 					{
 						cause = e;
 					}
-					throw new PkixCertPathValidatorException(e.Message, cause, certPath, index);
+					throw new PkixCertPathValidatorException(e.Message, cause, index);
 				}
 			}
 
@@ -1579,8 +1578,7 @@ namespace Org.BouncyCastle.Pkix
 			if (!issuer.Equivalent(workingIssuerName, true))
 			{
 				throw new PkixCertPathValidatorException("IssuerName(" + issuer
-					+ ") does not match SubjectName(" + workingIssuerName + ") of signing certificate.", null,
-					certPath, index);
+					+ ") does not match SubjectName(" + workingIssuerName + ") of signing certificate.", null, index);
 			}
 		}
 
@@ -1603,7 +1601,7 @@ namespace Org.BouncyCastle.Pkix
 			catch (Exception e)
 			{
 				throw new PkixCertPathValidatorException(
-					"Policy constraints extension cannot be decoded.", e, certPath, index);
+					"Policy constraints extension cannot be decoded.", e, index);
 			}
 
 			int tmpInt;
@@ -1630,7 +1628,7 @@ namespace Org.BouncyCastle.Pkix
 					catch (ArgumentException e)
 					{
 						throw new PkixCertPathValidatorException(
-							"Policy constraints extension contents cannot be decoded.", e, certPath, index);
+							"Policy constraints extension contents cannot be decoded.", e, index);
 					}
 				}
 			}
@@ -1657,8 +1655,7 @@ namespace Org.BouncyCastle.Pkix
 			}
 			catch (Exception e)
 			{
-				throw new PkixCertPathValidatorException(
-					"Policy constraints extension cannot be decoded.", e, certPath, index);
+				throw new PkixCertPathValidatorException("Policy constraints extension cannot be decoded.", e, index);
 			}
 
 			int tmpInt;
@@ -1685,7 +1682,7 @@ namespace Org.BouncyCastle.Pkix
 					catch (ArgumentException e)
 					{
 						throw new PkixCertPathValidatorException(
-							"Policy constraints extension contents cannot be decoded.", e, certPath, index);
+							"Policy constraints extension contents cannot be decoded.", e, index);
 					}
 				}
 			}
@@ -1717,7 +1714,7 @@ namespace Org.BouncyCastle.Pkix
 			catch (Exception e)
 			{
 				throw new PkixCertPathValidatorException(
-					"Name constraints extension could not be decoded.", e, certPath, index);
+					"Name constraints extension could not be decoded.", e, index);
 			}
 			if (nc != null)
 			{
@@ -1734,7 +1731,7 @@ namespace Org.BouncyCastle.Pkix
 					catch (Exception ex)
 					{
 						throw new PkixCertPathValidatorException(
-							"Permitted subtrees cannot be build from name constraints extension.", ex, certPath, index);
+							"Permitted subtrees cannot be build from name constraints extension.", ex, index);
 					}
 				}
 
@@ -1756,7 +1753,7 @@ namespace Org.BouncyCastle.Pkix
 					catch (Exception ex)
 					{
 						throw new PkixCertPathValidatorException(
-							"Excluded subtrees cannot be build from name constraints extension.", ex, certPath, index);
+							"Excluded subtrees cannot be build from name constraints extension.", ex, index);
 					}
 				}
 			}
@@ -1782,8 +1779,7 @@ namespace Org.BouncyCastle.Pkix
 			}
 			catch (Exception e)
 			{
-				throw new PkixCertPathValidatorException(
-					"Inhibit any-policy extension cannot be decoded.", e, certPath, index);
+				throw new PkixCertPathValidatorException("Inhibit any-policy extension cannot be decoded.", e, index);
 			}
 
 			if (iap != null)
@@ -1814,8 +1810,7 @@ namespace Org.BouncyCastle.Pkix
 			}
 			catch (Exception e)
 			{
-				throw new PkixCertPathValidatorException("Basic constraints extension cannot be decoded.", e, certPath,
-					index);
+				throw new PkixCertPathValidatorException("Basic constraints extension cannot be decoded.", e, index);
 			}
 			if (bc != null)
 			{
@@ -1843,7 +1838,7 @@ namespace Org.BouncyCastle.Pkix
 			{
 				if (maxPathLength <= 0)
 				{
-					throw new PkixCertPathValidatorException("Max path length not greater than zero", null, certPath, index);
+					throw new PkixCertPathValidatorException("Max path length not greater than zero", null, index);
 				}
 
 				return maxPathLength - 1;
@@ -1871,8 +1866,7 @@ namespace Org.BouncyCastle.Pkix
 			}
 			catch (Exception e)
 			{
-				throw new PkixCertPathValidatorException("Basic constraints extension cannot be decoded.", e, certPath,
-					index);
+				throw new PkixCertPathValidatorException("Basic constraints extension cannot be decoded.", e, index);
 			}
 			if (bc != null)
 			{
@@ -1907,8 +1901,7 @@ namespace Org.BouncyCastle.Pkix
 			if ((_usage != null) && !_usage[Rfc3280CertPathUtilities.KEY_CERT_SIGN])
 			{
 				throw new PkixCertPathValidatorException(
-					"Issuer certificate keyusage extension is critical and does not permit key signing.", null,
-					certPath, index);
+					"Issuer certificate keyusage extension is critical and does not permit key signing.", null, index);
 			}
 		}
 
@@ -1934,13 +1927,12 @@ namespace Org.BouncyCastle.Pkix
 				}
 				catch (PkixCertPathValidatorException e)
 				{
-					throw new PkixCertPathValidatorException(e.Message, e.InnerException, certPath, index);
+					throw new PkixCertPathValidatorException(e.Message, e.InnerException, index);
 				}
 			}
 			if (!criticalExtensions.IsEmpty)
 			{
-				throw new PkixCertPathValidatorException("Certificate has unsupported critical extension.", null, certPath,
-					index);
+				throw new PkixCertPathValidatorException("Certificate has unsupported critical extension.", null, index);
 			}
 		}
 
@@ -2046,7 +2038,7 @@ namespace Org.BouncyCastle.Pkix
 			}
 			catch (Exception e)
 			{
-				throw new PkixCertPathValidatorException("Policy constraints could not be decoded.", e, certPath, index);
+				throw new PkixCertPathValidatorException("Policy constraints could not be decoded.", e, index);
 			}
 
 			if (pc != null)
@@ -2066,8 +2058,7 @@ namespace Org.BouncyCastle.Pkix
 							catch (Exception e)
 							{
 								throw new PkixCertPathValidatorException(
-									"Policy constraints requireExplicitPolicy field could not be decoded.", e, certPath,
-									index);
+									"Policy constraints requireExplicitPolicy field could not be decoded.", e, index);
 							}
 							if (tmpInt == 0)
 							{
@@ -2099,15 +2090,14 @@ namespace Org.BouncyCastle.Pkix
 				}
 				catch (PkixCertPathValidatorException e)
 				{
-					throw new PkixCertPathValidatorException("Additional certificate path checker failed.", e, certPath,
-						index);
+					throw new PkixCertPathValidatorException("Additional certificate path checker failed.", e, index);
 				}
 			}
 
 			if (!criticalExtensions.IsEmpty)
 			{
 				throw new PkixCertPathValidatorException("Certificate has unsupported critical extension",
-					null, certPath, index);
+					null, index);
 			}
 		}
 
@@ -2135,19 +2125,18 @@ namespace Org.BouncyCastle.Pkix
 				if (paramsPKIX.IsExplicitPolicyRequired)
 				{
 					throw new PkixCertPathValidatorException(
-						"Explicit policy requested but none available.", null, certPath, index);
+						"Explicit policy requested but none available.", null, index);
 				}
 				intersection = null;
 			}
-			else if (PkixCertPathValidatorUtilities.IsAnyPolicy(userInitialPolicySet)) // (g)
-				// (ii)
+			else if (PkixCertPathValidatorUtilities.IsAnyPolicy(userInitialPolicySet)) // (g) (ii)
 			{
 				if (paramsPKIX.IsExplicitPolicyRequired)
 				{
 					if (acceptablePolicies.IsEmpty)
 					{
 						throw new PkixCertPathValidatorException(
-							"Explicit policy requested but none available.", null, certPath, index);
+							"Explicit policy requested but none available.", null, index);
 					}
 					else
 					{
@@ -2420,7 +2409,7 @@ namespace Org.BouncyCastle.Pkix
 			catch (Exception e)
 			{
 				throw new PkixCertPathValidatorException("Could not read certificate policies extension from certificate.",
-					e, certPath, index);
+					e, index);
 			}
 			if (certPolicies == null)
 			{
diff --git a/crypto/src/security/GeneralSecurityException.cs b/crypto/src/security/GeneralSecurityException.cs
index c1131f04b..33fd2e543 100644
--- a/crypto/src/security/GeneralSecurityException.cs
+++ b/crypto/src/security/GeneralSecurityException.cs
@@ -1,10 +1,9 @@
 using System;
+using System.Runtime.Serialization;
 
 namespace Org.BouncyCastle.Security
 {
-#if !PORTABLE
     [Serializable]
-#endif
     public class GeneralSecurityException
 		: Exception
 	{
@@ -13,17 +12,19 @@ namespace Org.BouncyCastle.Security
 		{
 		}
 
-		public GeneralSecurityException(
-			string message)
+		public GeneralSecurityException(string message)
 			: base(message)
 		{
 		}
 
-		public GeneralSecurityException(
-			string		message,
-			Exception	exception)
+		public GeneralSecurityException(string message, Exception exception)
 			: base(message, exception)
 		{
 		}
+
+		protected GeneralSecurityException(SerializationInfo info, StreamingContext context)
+			: base(info, context)
+		{
+		}
 	}
 }