diff options
Diffstat (limited to 'crypto/src/ocsp/CertificateID.cs')
-rw-r--r-- | crypto/src/ocsp/CertificateID.cs | 97 |
1 files changed, 28 insertions, 69 deletions
diff --git a/crypto/src/ocsp/CertificateID.cs b/crypto/src/ocsp/CertificateID.cs index b972a0f66..72588b17f 100644 --- a/crypto/src/ocsp/CertificateID.cs +++ b/crypto/src/ocsp/CertificateID.cs @@ -3,26 +3,23 @@ using System; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Ocsp; using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Ocsp { - public class CertificateID + public class CertificateID + : IEquatable<CertificateID> { + // OiwObjectIdentifiers.IdSha1.Id public const string HashSha1 = "1.3.14.3.2.26"; - private readonly CertID id; + private readonly CertID m_id; - public CertificateID( - CertID id) + public CertificateID(CertID id) { - if (id == null) - throw new ArgumentNullException("id"); - - this.id = id; + m_id = id ?? throw new ArgumentNullException(nameof(id)); } /** @@ -30,71 +27,38 @@ namespace Org.BouncyCastle.Ocsp * certificate it signed. * @exception OcspException if any problems occur creating the id fields. */ - public CertificateID( - string hashAlgorithm, - X509Certificate issuerCert, - BigInteger serialNumber) + public CertificateID(string hashAlgorithm, X509Certificate issuerCert, BigInteger serialNumber) { AlgorithmIdentifier hashAlg = new AlgorithmIdentifier( new DerObjectIdentifier(hashAlgorithm), DerNull.Instance); - this.id = CreateCertID(hashAlg, issuerCert, new DerInteger(serialNumber)); + m_id = CreateCertID(hashAlg, issuerCert, new DerInteger(serialNumber)); } - public string HashAlgOid - { - get { return id.HashAlgorithm.Algorithm.Id; } - } + public string HashAlgOid => m_id.HashAlgorithm.Algorithm.Id; - public byte[] GetIssuerNameHash() - { - return id.IssuerNameHash.GetOctets(); - } + public byte[] GetIssuerNameHash() => m_id.IssuerNameHash.GetOctets(); - public byte[] GetIssuerKeyHash() - { - return id.IssuerKeyHash.GetOctets(); - } + public byte[] GetIssuerKeyHash() => m_id.IssuerKeyHash.GetOctets(); /** * return the serial number for the certificate associated * with this request. */ - public BigInteger SerialNumber - { - get { return id.SerialNumber.Value; } - } - - public bool MatchesIssuer( - X509Certificate issuerCert) - { - return CreateCertID(id.HashAlgorithm, issuerCert, id.SerialNumber).Equals(id); - } + public BigInteger SerialNumber => m_id.SerialNumber.Value; - public CertID ToAsn1Object() + public bool MatchesIssuer(X509Certificate issuerCert) { - return id; + return CreateCertID(m_id.HashAlgorithm, issuerCert, m_id.SerialNumber).Equals(m_id); } - public override bool Equals( - object obj) - { - if (obj == this) - return true; - - CertificateID other = obj as CertificateID; - - if (other == null) - return false; + public CertID ToAsn1Object() => m_id; - return id.ToAsn1Object().Equals(other.id.ToAsn1Object()); - } + public bool Equals(CertificateID other) => this == other || m_id.Equals(other?.m_id); - public override int GetHashCode() - { - return id.ToAsn1Object().GetHashCode(); - } + public override bool Equals(object obj) => Equals(obj as CertificateID); + public override int GetHashCode() => m_id.GetHashCode(); /** * Create a new CertificateID for a new serial number derived from a previous one @@ -107,29 +71,24 @@ namespace Org.BouncyCastle.Ocsp */ public static CertificateID DeriveCertificateID(CertificateID original, BigInteger newSerialNumber) { - return new CertificateID(new CertID(original.id.HashAlgorithm, original.id.IssuerNameHash, - original.id.IssuerKeyHash, new DerInteger(newSerialNumber))); + CertID originalID = original.ToAsn1Object(); + + return new CertificateID(new CertID(originalID.HashAlgorithm, originalID.IssuerNameHash, + originalID.IssuerKeyHash, new DerInteger(newSerialNumber))); } - private static CertID CreateCertID( - AlgorithmIdentifier hashAlg, - X509Certificate issuerCert, - DerInteger serialNumber) + private static CertID CreateCertID(AlgorithmIdentifier digestAlgorithm, X509Certificate issuerCert, + DerInteger serialNumber) { try { - string hashAlgorithm = hashAlg.Algorithm.Id; - X509Name issuerName = PrincipalUtilities.GetSubjectX509Principal(issuerCert); - byte[] issuerNameHash = DigestUtilities.CalculateDigest( - hashAlgorithm, issuerName.GetEncoded()); + byte[] issuerNameHash = X509Utilities.CalculateDigest(digestAlgorithm, issuerName); - AsymmetricKeyParameter issuerKey = issuerCert.GetPublicKey(); - SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(issuerKey); - byte[] issuerKeyHash = DigestUtilities.CalculateDigest( - hashAlgorithm, info.PublicKey.GetBytes()); + byte[] issuerKey = issuerCert.CertificateStructure.SubjectPublicKeyInfo.PublicKey.GetBytes(); + byte[] issuerKeyHash = DigestUtilities.CalculateDigest(digestAlgorithm.Algorithm, issuerKey); - return new CertID(hashAlg, new DerOctetString(issuerNameHash), + return new CertID(digestAlgorithm, new DerOctetString(issuerNameHash), new DerOctetString(issuerKeyHash), serialNumber); } catch (Exception e) |