diff options
Diffstat (limited to 'crypto/src/tls/CertificateRequest.cs')
-rw-r--r-- | crypto/src/tls/CertificateRequest.cs | 51 |
1 files changed, 26 insertions, 25 deletions
diff --git a/crypto/src/tls/CertificateRequest.cs b/crypto/src/tls/CertificateRequest.cs index 8005731f4..d2bbe57c1 100644 --- a/crypto/src/tls/CertificateRequest.cs +++ b/crypto/src/tls/CertificateRequest.cs @@ -1,5 +1,5 @@ using System; -using System.Collections; +using System.Collections.Generic; using System.IO; using Org.BouncyCastle.Asn1; @@ -37,8 +37,8 @@ namespace Org.BouncyCastle.Tls public sealed class CertificateRequest { /// <exception cref="IOException"/> - private static IList CheckSupportedSignatureAlgorithms(IList supportedSignatureAlgorithms, - short alertDescription) + private static IList<SignatureAndHashAlgorithm> CheckSupportedSignatureAlgorithms( + IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms, short alertDescription) { if (null == supportedSignatureAlgorithms) throw new TlsFatalAlert(alertDescription, "'signature_algorithms' is required"); @@ -48,25 +48,26 @@ namespace Org.BouncyCastle.Tls private readonly byte[] m_certificateRequestContext; private readonly short[] m_certificateTypes; - private readonly IList m_supportedSignatureAlgorithms; - private readonly IList m_supportedSignatureAlgorithmsCert; - private readonly IList m_certificateAuthorities; + private readonly IList<SignatureAndHashAlgorithm> m_supportedSignatureAlgorithms; + private readonly IList<SignatureAndHashAlgorithm> m_supportedSignatureAlgorithmsCert; + private readonly IList<X509Name> m_certificateAuthorities; /// <param name="certificateTypes">see <see cref="ClientCertificateType"/> for valid constants.</param> /// <param name="supportedSignatureAlgorithms"></param> /// <param name="certificateAuthorities">an <see cref="IList"/> of <see cref="X509Name"/>.</param> - public CertificateRequest(short[] certificateTypes, IList supportedSignatureAlgorithms, - IList certificateAuthorities) + public CertificateRequest(short[] certificateTypes, + IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms, IList<X509Name> certificateAuthorities) : this(null, certificateTypes, supportedSignatureAlgorithms, null, certificateAuthorities) { } // TODO[tls13] Prefer to manage the certificateRequestContext internally only? /// <exception cref="IOException"/> - public CertificateRequest(byte[] certificateRequestContext, IList supportedSignatureAlgorithms, - IList supportedSignatureAlgorithmsCert, IList certificateAuthorities) + public CertificateRequest(byte[] certificateRequestContext, + IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms, + IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithmsCert, IList<X509Name> certificateAuthorities) : this(certificateRequestContext, null, - CheckSupportedSignatureAlgorithms(supportedSignatureAlgorithms, AlertDescription.internal_error), + CheckSupportedSignatureAlgorithms(supportedSignatureAlgorithms, AlertDescription.internal_error), supportedSignatureAlgorithmsCert, certificateAuthorities) { /* @@ -77,7 +78,8 @@ namespace Org.BouncyCastle.Tls } private CertificateRequest(byte[] certificateRequestContext, short[] certificateTypes, - IList supportedSignatureAlgorithms, IList supportedSignatureAlgorithmsCert, IList certificateAuthorities) + IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms, + IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithmsCert, IList<X509Name> certificateAuthorities) { if (null != certificateRequestContext && !TlsUtilities.IsValidUint8(certificateRequestContext.Length)) throw new ArgumentException("cannot be longer than 255", "certificateRequestContext"); @@ -108,20 +110,20 @@ namespace Org.BouncyCastle.Tls /// <returns>an <see cref="IList"/> of <see cref="SignatureAndHashAlgorithm"/> (or null before TLS 1.2). /// </returns> - public IList SupportedSignatureAlgorithms + public IList<SignatureAndHashAlgorithm> SupportedSignatureAlgorithms { get { return m_supportedSignatureAlgorithms; } } /// <returns>an optional <see cref="IList"/> of <see cref="SignatureAndHashAlgorithm"/>. May be non-null from /// TLS 1.3 onwards.</returns> - public IList SupportedSignatureAlgorithmsCert + public IList<SignatureAndHashAlgorithm> SupportedSignatureAlgorithmsCert { get { return m_supportedSignatureAlgorithmsCert; } } /// <returns>an <see cref="IList"/> of <see cref="X509Name"/>.</returns> - public IList CertificateAuthorities + public IList<X509Name> CertificateAuthorities { get { return m_certificateAuthorities; } } @@ -153,7 +155,7 @@ namespace Org.BouncyCastle.Tls { TlsUtilities.WriteOpaque8(m_certificateRequestContext, output); - IDictionary extensions = Platform.CreateHashtable(); + var extensions = new Dictionary<int, byte[]>(); TlsExtensionsUtilities.AddSignatureAlgorithmsExtension(extensions, m_supportedSignatureAlgorithms); if (null != m_supportedSignatureAlgorithmsCert) @@ -187,7 +189,7 @@ namespace Org.BouncyCastle.Tls } else { - IList derEncodings = Platform.CreateArrayList(m_certificateAuthorities.Count); + var derEncodings = new List<byte[]>(m_certificateAuthorities.Count); int totalLength = 0; foreach (X509Name certificateAuthority in m_certificateAuthorities) @@ -229,15 +231,14 @@ namespace Org.BouncyCastle.Tls byte[] extEncoding = TlsUtilities.ReadOpaque16(input); - IDictionary extensions = TlsProtocol.ReadExtensionsData13(HandshakeType.certificate_request, - extEncoding); + var extensions = TlsProtocol.ReadExtensionsData13(HandshakeType.certificate_request, extEncoding); - IList supportedSignatureAlgorithms13 = CheckSupportedSignatureAlgorithms( + var supportedSignatureAlgorithms13 = CheckSupportedSignatureAlgorithms( TlsExtensionsUtilities.GetSignatureAlgorithmsExtension(extensions), AlertDescription.missing_extension); - IList supportedSignatureAlgorithmsCert13 = TlsExtensionsUtilities + var supportedSignatureAlgorithmsCert13 = TlsExtensionsUtilities .GetSignatureAlgorithmsCertExtension(extensions); - IList certificateAuthorities13 = TlsExtensionsUtilities.GetCertificateAuthoritiesExtension(extensions); + var certificateAuthorities13 = TlsExtensionsUtilities.GetCertificateAuthoritiesExtension(extensions); return new CertificateRequest(certificateRequestContext, supportedSignatureAlgorithms13, supportedSignatureAlgorithmsCert13, certificateAuthorities13); @@ -247,18 +248,18 @@ namespace Org.BouncyCastle.Tls short[] certificateTypes = TlsUtilities.ReadUint8ArrayWithUint8Length(input, 1); - IList supportedSignatureAlgorithms = null; + IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms = null; if (isTLSv12) { supportedSignatureAlgorithms = TlsUtilities.ParseSupportedSignatureAlgorithms(input); } - IList certificateAuthorities = null; + IList<X509Name> certificateAuthorities = null; { byte[] certAuthData = TlsUtilities.ReadOpaque16(input); if (certAuthData.Length > 0) { - certificateAuthorities = Platform.CreateArrayList(); + certificateAuthorities = new List<X509Name>(); MemoryStream bis = new MemoryStream(certAuthData, false); do { |