summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--crypto/src/pkix/PkixCrlUtilities.cs29
-rw-r--r--crypto/src/x509/store/X509CrlStoreSelector.cs7
2 files changed, 28 insertions, 8 deletions
diff --git a/crypto/src/pkix/PkixCrlUtilities.cs b/crypto/src/pkix/PkixCrlUtilities.cs
index 3451b8ac0..ed347f841 100644
--- a/crypto/src/pkix/PkixCrlUtilities.cs
+++ b/crypto/src/pkix/PkixCrlUtilities.cs
@@ -7,10 +7,15 @@ using Org.BouncyCastle.X509.Store;
 
 namespace Org.BouncyCastle.Pkix
 {
-	public class PkixCrlUtilities
+    public class PkixCrlUtilities
 	{
-        // TODO bc-fips-csharp implements this for ISelector<X509Crl>, using optional ICheckingCertificate
-        public virtual ISet<X509Crl> FindCrls(X509CrlStoreSelector crlSelector, PkixParameters paramsPkix)
+		// TODO[api] Redundant
+		public virtual ISet<X509Crl> FindCrls(X509CrlStoreSelector crlSelector, PkixParameters paramsPkix)
+		{
+            return FindCrls((ISelector<X509Crl>)crlSelector, paramsPkix);
+        }
+
+        public virtual ISet<X509Crl> FindCrls(ISelector<X509Crl> crlSelector, PkixParameters paramsPkix)
         {
             // get complete CRL(s)
             try
@@ -23,10 +28,16 @@ namespace Org.BouncyCastle.Pkix
             }
         }
 
-        // TODO bc-fips-csharp implements this for ISelector<X509Crl>, using optional ICheckingCertificate
+        // TODO[api] Redundant
         public virtual ISet<X509Crl> FindCrls(X509CrlStoreSelector crlSelector, PkixParameters paramsPkix,
 			DateTime currentDate)
 		{
+            return FindCrls((ISelector<X509Crl>)crlSelector, paramsPkix, currentDate);
+        }
+
+        public virtual ISet<X509Crl> FindCrls(ISelector<X509Crl> crlSelector, PkixParameters paramsPkix,
+			DateTime currentDate)
+		{
             var initialSet = FindCrls(crlSelector, paramsPkix);
 
             var finalSet = new HashSet<X509Crl>();
@@ -37,7 +48,11 @@ namespace Org.BouncyCastle.Pkix
 				validityDate = paramsPkix.Date.Value;
 			}
 
-            X509Certificate cert = crlSelector.CertificateChecking;
+            X509Certificate cert = null;
+            if (crlSelector is ICheckingCertificate checkingCertificate)
+            {
+                cert = checkingCertificate.CertificateChecking;
+            }
 
             // based on RFC 5280 6.3.3
             foreach (X509Crl crl in initialSet)
@@ -84,12 +99,12 @@ namespace Org.BouncyCastle.Pkix
 				}
 				catch (Exception e)
 				{
-					lastException = new Exception("Exception searching in X.509 CRL store.", e);
+					lastException = e;
 				}
 			}
 
 	        if (!foundValidStore && lastException != null)
-	            throw lastException;
+                throw new Exception("Exception searching in X.509 CRL store.", lastException);
 
 			return crls;
 		}
diff --git a/crypto/src/x509/store/X509CrlStoreSelector.cs b/crypto/src/x509/store/X509CrlStoreSelector.cs
index 9e84b82ae..f3b574d27 100644
--- a/crypto/src/x509/store/X509CrlStoreSelector.cs
+++ b/crypto/src/x509/store/X509CrlStoreSelector.cs
@@ -11,7 +11,7 @@ using Org.BouncyCastle.X509.Extension;
 namespace Org.BouncyCastle.X509.Store
 {
 	public class X509CrlStoreSelector
-		: ISelector<X509Crl>
+		: ISelector<X509Crl>, ICheckingCertificate
 	{
 		// TODO Missing criteria?
 
@@ -276,4 +276,9 @@ namespace Org.BouncyCastle.X509.Store
 			return true;
 		}
 	}
+
+    public interface ICheckingCertificate
+    {
+        X509Certificate CertificateChecking { get; }
+    }
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-19 16:04:39 +0000