summary refs log tree commit diff
path: root/crypto/src/ocsp/CertificateID.cs
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/src/ocsp/CertificateID.cs')
-rw-r--r--crypto/src/ocsp/CertificateID.cs97
1 files changed, 28 insertions, 69 deletions
diff --git a/crypto/src/ocsp/CertificateID.cs b/crypto/src/ocsp/CertificateID.cs
index b972a0f66..72588b17f 100644
--- a/crypto/src/ocsp/CertificateID.cs
+++ b/crypto/src/ocsp/CertificateID.cs
@@ -3,26 +3,23 @@ using System;
 using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Ocsp;
 using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Math;
 using Org.BouncyCastle.Security;
 using Org.BouncyCastle.X509;
 
 namespace Org.BouncyCastle.Ocsp
 {
-	public class CertificateID
+    public class CertificateID
+		: IEquatable<CertificateID>
 	{
+        // OiwObjectIdentifiers.IdSha1.Id
 		public const string HashSha1 = "1.3.14.3.2.26";
 
-		private readonly CertID id;
+		private readonly CertID m_id;
 
-		public CertificateID(
-			CertID id)
+		public CertificateID(CertID id)
 		{
-			if (id == null)
-				throw new ArgumentNullException("id");
-
-			this.id = id;
+			m_id = id ?? throw new ArgumentNullException(nameof(id));
 		}
 
 		/**
@@ -30,71 +27,38 @@ namespace Org.BouncyCastle.Ocsp
 		 * certificate it signed.
 		 * @exception OcspException if any problems occur creating the id fields.
 		 */
-		public CertificateID(
-			string			hashAlgorithm,
-			X509Certificate	issuerCert,
-			BigInteger		serialNumber)
+		public CertificateID(string hashAlgorithm, X509Certificate issuerCert, BigInteger serialNumber)
 		{
 			AlgorithmIdentifier hashAlg = new AlgorithmIdentifier(
 				new DerObjectIdentifier(hashAlgorithm), DerNull.Instance);
 
-			this.id = CreateCertID(hashAlg, issuerCert, new DerInteger(serialNumber));
+			m_id = CreateCertID(hashAlg, issuerCert, new DerInteger(serialNumber));
 		}
 
-		public string HashAlgOid
-		{
-            get { return id.HashAlgorithm.Algorithm.Id; }
-		}
+		public string HashAlgOid => m_id.HashAlgorithm.Algorithm.Id;
 
-		public byte[] GetIssuerNameHash()
-		{
-			return id.IssuerNameHash.GetOctets();
-		}
+		public byte[] GetIssuerNameHash() => m_id.IssuerNameHash.GetOctets();
 
-		public byte[] GetIssuerKeyHash()
-		{
-			return id.IssuerKeyHash.GetOctets();
-		}
+		public byte[] GetIssuerKeyHash() => m_id.IssuerKeyHash.GetOctets();
 
 		/**
 		 * return the serial number for the certificate associated
 		 * with this request.
 		 */
-		public BigInteger SerialNumber
-		{
-			get { return id.SerialNumber.Value; }
-		}
-
-		public bool MatchesIssuer(
-			X509Certificate	issuerCert)
-		{
-			return CreateCertID(id.HashAlgorithm, issuerCert, id.SerialNumber).Equals(id);
-		}
+		public BigInteger SerialNumber => m_id.SerialNumber.Value;
 
-		public CertID ToAsn1Object()
+		public bool MatchesIssuer(X509Certificate issuerCert)
 		{
-			return id;
+			return CreateCertID(m_id.HashAlgorithm, issuerCert, m_id.SerialNumber).Equals(m_id);
 		}
 
-		public override bool Equals(
-			object obj)
-		{
-			if (obj == this)
-				return true;
-
-			CertificateID other = obj as CertificateID;
-
-			if (other == null)
-				return false;
+        public CertID ToAsn1Object() => m_id;
 
-			return id.ToAsn1Object().Equals(other.id.ToAsn1Object());
-		}
+        public bool Equals(CertificateID other) => this == other || m_id.Equals(other?.m_id);
 
-		public override int GetHashCode()
-		{
-			return id.ToAsn1Object().GetHashCode();
-		}
+        public override bool Equals(object obj) => Equals(obj as CertificateID);
 
+        public override int GetHashCode() => m_id.GetHashCode();
 
 		/**
 		 * Create a new CertificateID for a new serial number derived from a previous one
@@ -107,29 +71,24 @@ namespace Org.BouncyCastle.Ocsp
 		 */
 		public static CertificateID DeriveCertificateID(CertificateID original, BigInteger newSerialNumber)
 		{
-			return new CertificateID(new CertID(original.id.HashAlgorithm, original.id.IssuerNameHash,
-				original.id.IssuerKeyHash, new DerInteger(newSerialNumber)));
+            CertID originalID = original.ToAsn1Object();
+
+            return new CertificateID(new CertID(originalID.HashAlgorithm, originalID.IssuerNameHash,
+                originalID.IssuerKeyHash, new DerInteger(newSerialNumber)));
 		}
 
-        private static CertID CreateCertID(
-			AlgorithmIdentifier	hashAlg,
-			X509Certificate		issuerCert,
-			DerInteger			serialNumber)
+        private static CertID CreateCertID(AlgorithmIdentifier digestAlgorithm, X509Certificate issuerCert,
+			DerInteger serialNumber)
 		{
 			try
 			{
-                string hashAlgorithm = hashAlg.Algorithm.Id;
-
 				X509Name issuerName = PrincipalUtilities.GetSubjectX509Principal(issuerCert);
-				byte[] issuerNameHash = DigestUtilities.CalculateDigest(
-					hashAlgorithm, issuerName.GetEncoded());
+				byte[] issuerNameHash = X509Utilities.CalculateDigest(digestAlgorithm, issuerName);
 
-				AsymmetricKeyParameter issuerKey = issuerCert.GetPublicKey();
-				SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(issuerKey);
-				byte[] issuerKeyHash = DigestUtilities.CalculateDigest(
-					hashAlgorithm, info.PublicKey.GetBytes());
+				byte[] issuerKey = issuerCert.CertificateStructure.SubjectPublicKeyInfo.PublicKey.GetBytes();
+				byte[] issuerKeyHash = DigestUtilities.CalculateDigest(digestAlgorithm.Algorithm, issuerKey);
 
-				return new CertID(hashAlg, new DerOctetString(issuerNameHash),
+                return new CertID(digestAlgorithm, new DerOctetString(issuerNameHash),
 					new DerOctetString(issuerKeyHash), serialNumber);
 			}
 			catch (Exception e)
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-19 16:34:00 +0000