diff options
-rw-r--r-- | crypto/src/cms/CMSUtils.cs | 2 | ||||
-rw-r--r-- | crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs | 16 | ||||
-rw-r--r-- | crypto/src/pkix/PkixCertPathValidator.cs | 1 | ||||
-rw-r--r-- | crypto/src/x509/PrincipalUtil.cs | 62 |
4 files changed, 19 insertions, 62 deletions
diff --git a/crypto/src/cms/CMSUtils.cs b/crypto/src/cms/CMSUtils.cs index 99258c995..aa25870e6 100644 --- a/crypto/src/cms/CMSUtils.cs +++ b/crypto/src/cms/CMSUtils.cs @@ -178,7 +178,7 @@ namespace Org.BouncyCastle.Cms internal static TbsCertificateStructure GetTbsCertificateStructure(X509Certificate cert) { - return TbsCertificateStructure.GetInstance(Asn1Object.FromByteArray(cert.GetTbsCertificate())); + return cert.CertificateStructure.TbsCertificate; } internal static IssuerAndSerialNumber GetIssuerAndSerialNumber(X509Certificate cert) diff --git a/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs b/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs index 7686ee422..c7c7f563f 100644 --- a/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs +++ b/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs @@ -109,21 +109,9 @@ namespace Org.BouncyCastle.Cms Asn1EncodableVector recipientEncryptedKeys = new Asn1EncodableVector(); foreach (X509Certificate recipientCert in recipientCerts) { - TbsCertificateStructure tbsCert; - try - { - tbsCert = TbsCertificateStructure.GetInstance( - Asn1Object.FromByteArray(recipientCert.GetTbsCertificate())); - } - catch (Exception) - { - throw new ArgumentException("can't extract TBS structure from certificate"); - } - // TODO Should there be a SubjectKeyIdentifier-based alternative? - IssuerAndSerialNumber issuerSerial = new IssuerAndSerialNumber( - tbsCert.Issuer, tbsCert.SerialNumber.Value); - KeyAgreeRecipientIdentifier karid = new KeyAgreeRecipientIdentifier(issuerSerial); + KeyAgreeRecipientIdentifier karid = new KeyAgreeRecipientIdentifier( + CmsUtilities.GetIssuerAndSerialNumber(recipientCert)); ICipherParameters recipientPublicParams = recipientCert.GetPublicKey(); if (keyAgreementOID.Id.Equals(CmsEnvelopedGenerator.ECMqvSha1Kdf)) diff --git a/crypto/src/pkix/PkixCertPathValidator.cs b/crypto/src/pkix/PkixCertPathValidator.cs index 0c585f520..431ed8c6d 100644 --- a/crypto/src/pkix/PkixCertPathValidator.cs +++ b/crypto/src/pkix/PkixCertPathValidator.cs @@ -425,6 +425,7 @@ namespace Org.BouncyCastle.Pkix internal static void CheckCertificate(X509Certificate cert) { + // TODO What check is this method trying to achieve? try { TbsCertificateStructure.GetInstance(cert.CertificateStructure.TbsCertificate); diff --git a/crypto/src/x509/PrincipalUtil.cs b/crypto/src/x509/PrincipalUtil.cs index 0edc4a395..733da1dca 100644 --- a/crypto/src/x509/PrincipalUtil.cs +++ b/crypto/src/x509/PrincipalUtil.cs @@ -7,64 +7,32 @@ using Org.BouncyCastle.Security.Certificates; namespace Org.BouncyCastle.X509 { - /// <remarks> - /// A utility class that will extract X509Principal objects from X.509 certificates. - /// <p> - /// Use this in preference to trying to recreate a principal from a string, not all - /// DNs are what they should be, so it's best to leave them encoded where they - /// can be.</p> - /// </remarks> - public class PrincipalUtilities + /// <remarks> + /// A utility class that will extract X509Principal objects from X.509 certificates. + /// <p> + /// Use this in preference to trying to recreate a principal from a string, not all + /// DNs are what they should be, so it's best to leave them encoded where they + /// can be.</p> + /// </remarks> + // TODO[api] Make static + public class PrincipalUtilities { /// <summary>Return the issuer of the given cert as an X509Principal.</summary> - public static X509Name GetIssuerX509Principal( - X509Certificate cert) + public static X509Name GetIssuerX509Principal(X509Certificate cert) { - try - { - TbsCertificateStructure tbsCert = TbsCertificateStructure.GetInstance( - Asn1Object.FromByteArray(cert.GetTbsCertificate())); - - return tbsCert.Issuer; - } - catch (Exception e) - { - throw new CertificateEncodingException("Could not extract issuer", e); - } + return cert.CertificateStructure.TbsCertificate.Issuer; } /// <summary>Return the subject of the given cert as an X509Principal.</summary> - public static X509Name GetSubjectX509Principal( - X509Certificate cert) + public static X509Name GetSubjectX509Principal(X509Certificate cert) { - try - { - TbsCertificateStructure tbsCert = TbsCertificateStructure.GetInstance( - Asn1Object.FromByteArray(cert.GetTbsCertificate())); - - return tbsCert.Subject; - } - catch (Exception e) - { - throw new CertificateEncodingException("Could not extract subject", e); - } + return cert.CertificateStructure.TbsCertificate.Subject; } /// <summary>Return the issuer of the given CRL as an X509Principal.</summary> - public static X509Name GetIssuerX509Principal( - X509Crl crl) + public static X509Name GetIssuerX509Principal(X509Crl crl) { - try - { - TbsCertificateList tbsCertList = TbsCertificateList.GetInstance( - Asn1Object.FromByteArray(crl.GetTbsCertList())); - - return tbsCertList.Issuer; - } - catch (Exception e) - { - throw new CrlException("Could not extract issuer", e); - } + return crl.CertificateList.TbsCertList.Issuer; } } } |