summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--crypto/src/x509/store/X509CertStoreSelector.cs15
1 files changed, 12 insertions, 3 deletions
diff --git a/crypto/src/x509/store/X509CertStoreSelector.cs b/crypto/src/x509/store/X509CertStoreSelector.cs
index 3874edf1d..f92a4ac03 100644
--- a/crypto/src/x509/store/X509CertStoreSelector.cs
+++ b/crypto/src/x509/store/X509CertStoreSelector.cs
@@ -21,6 +21,7 @@ namespace Org.BouncyCastle.X509.Store
 		private X509Certificate certificate;
 		private DateTimeObject certificateValid;
 		private ISet extendedKeyUsage;
+        private bool ignoreX509NameOrdering;
 		private X509Name issuer;
 		private bool[] keyUsage;
 		private ISet policy;
@@ -43,6 +44,7 @@ namespace Org.BouncyCastle.X509.Store
 			this.certificate = o.Certificate;
 			this.certificateValid = o.CertificateValid;
 			this.extendedKeyUsage = o.ExtendedKeyUsage;
+            this.ignoreX509NameOrdering = o.IgnoreX509NameOrdering;
 			this.issuer = o.Issuer;
 			this.keyUsage = o.KeyUsage;
 			this.policy = o.Policy;
@@ -95,6 +97,12 @@ namespace Org.BouncyCastle.X509.Store
 			set { extendedKeyUsage = CopySet(value); }
 		}
 
+        public bool IgnoreX509NameOrdering
+        {
+            get { return ignoreX509NameOrdering; }
+            set { this.ignoreX509NameOrdering = value; }
+        }
+
 		public X509Name Issuer
 		{
 			get { return issuer; }
@@ -140,7 +148,8 @@ namespace Org.BouncyCastle.X509.Store
 			set { subject = value; }
 		}
 
-		public string SubjectAsString
+        [Obsolete("Avoid working with X509Name objects in string form")]
+        public string SubjectAsString
 		{
 			get { return subject != null ? subject.ToString() : null; }
 		}
@@ -212,7 +221,7 @@ namespace Org.BouncyCastle.X509.Store
 				}
 			}
 
-			if (issuer != null && !issuer.Equivalent(c.IssuerDN, true))
+			if (issuer != null && !issuer.Equivalent(c.IssuerDN, !ignoreX509NameOrdering))
 				return false;
 
 			if (keyUsage != null)
@@ -277,7 +286,7 @@ namespace Org.BouncyCastle.X509.Store
 			if (serialNumber != null && !serialNumber.Equals(c.SerialNumber))
 				return false;
 
-			if (subject != null && !subject.Equivalent(c.SubjectDN, true))
+            if (subject != null && !subject.Equivalent(c.SubjectDN, !ignoreX509NameOrdering))
 				return false;
 
 			if (!MatchExtension(subjectKeyIdentifier, c, X509Extensions.SubjectKeyIdentifier))