summary refs log tree commit diff
path: root/crypto/src/pkix/PkixCrlUtilities.cs
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/src/pkix/PkixCrlUtilities.cs')
-rw-r--r--crypto/src/pkix/PkixCrlUtilities.cs54
1 files changed, 23 insertions, 31 deletions
diff --git a/crypto/src/pkix/PkixCrlUtilities.cs b/crypto/src/pkix/PkixCrlUtilities.cs
index facbf56c2..3451b8ac0 100644
--- a/crypto/src/pkix/PkixCrlUtilities.cs
+++ b/crypto/src/pkix/PkixCrlUtilities.cs
@@ -9,22 +9,27 @@ namespace Org.BouncyCastle.Pkix
 {
 	public class PkixCrlUtilities
 	{
-		public virtual ISet<X509Crl> FindCrls(X509CrlStoreSelector crlSelector, PkixParameters paramsPkix,
+        // TODO bc-fips-csharp implements this for ISelector<X509Crl>, using optional ICheckingCertificate
+        public virtual ISet<X509Crl> FindCrls(X509CrlStoreSelector crlSelector, PkixParameters paramsPkix)
+        {
+            // get complete CRL(s)
+            try
+            {
+                return FindCrls(crlSelector, paramsPkix.GetStoresCrl());
+            }
+            catch (Exception e)
+            {
+                throw new Exception("Exception obtaining complete CRLs.", e);
+            }
+        }
+
+        // TODO bc-fips-csharp implements this for ISelector<X509Crl>, using optional ICheckingCertificate
+        public virtual ISet<X509Crl> FindCrls(X509CrlStoreSelector crlSelector, PkixParameters paramsPkix,
 			DateTime currentDate)
 		{
-			HashSet<X509Crl> initialSet;
-
-			// get complete CRL(s)
-			try
-			{
-				initialSet = FindCrls(crlSelector, paramsPkix.GetStoresCrl());
-			}
-			catch (Exception e)
-			{
-				throw new Exception("Exception obtaining complete CRLs.", e);
-			}
+            var initialSet = FindCrls(crlSelector, paramsPkix);
 
-			var finalSet = new HashSet<X509Crl>();
+            var finalSet = new HashSet<X509Crl>();
 			DateTime validityDate = currentDate;
 
 			if (paramsPkix.Date != null)
@@ -32,15 +37,15 @@ namespace Org.BouncyCastle.Pkix
 				validityDate = paramsPkix.Date.Value;
 			}
 
-			// based on RFC 5280 6.3.3
-			foreach (X509Crl crl in initialSet)
+            X509Certificate cert = crlSelector.CertificateChecking;
+
+            // based on RFC 5280 6.3.3
+            foreach (X509Crl crl in initialSet)
 			{
                 DateTime? nextUpdate = crl.NextUpdate;
 
                 if (null == nextUpdate || nextUpdate.Value.CompareTo(validityDate) > 0)
 				{
-					X509Certificate cert = crlSelector.CertificateChecking;
-
                     if (null == cert || crl.ThisUpdate.CompareTo(cert.NotAfter) < 0)
                     {
                         finalSet.Add(crl);
@@ -51,19 +56,6 @@ namespace Org.BouncyCastle.Pkix
 			return finalSet;
 		}
 
-		public virtual ISet<X509Crl> FindCrls(X509CrlStoreSelector crlSelector, PkixParameters paramsPkix)
-		{
-			// get complete CRL(s)
-			try
-			{
-				return FindCrls(crlSelector, paramsPkix.GetStoresCrl());
-			}
-			catch (Exception e)
-			{
-				throw new Exception("Exception obtaining complete CRLs.", e);
-			}
-		}
-
 		/// <summary>
 		/// crl checking
 		/// Return a Collection of all CRLs found in the X509Store's that are
@@ -76,7 +68,7 @@ namespace Org.BouncyCastle.Pkix
 		/// <returns>a Collection of all found {@link X509CRL X509CRL} objects. May be
 		/// empty but never <code>null</code>.
 		/// </returns>
-		private HashSet<X509Crl> FindCrls(ISelector<X509Crl> crlSelector, IList<IStore<X509Crl>> crlStores)
+		private HashSet<X509Crl> FindCrls(ISelector<X509Crl> crlSelector, IEnumerable<IStore<X509Crl>> crlStores)
 		{
             var crls = new HashSet<X509Crl>();
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-09 17:05:39 +0000