diff options
Diffstat (limited to 'crypto/src')
| -rw-r--r-- | crypto/src/tsp/TimeStampToken.cs | 6 | ||||
| -rw-r--r-- | crypto/src/x509/AttributeCertificateHolder.cs | 10 | ||||
| -rw-r--r-- | crypto/src/x509/AttributeCertificateIssuer.cs | 10 | ||||
| -rw-r--r-- | crypto/src/x509/X509Crl.cs | 5 |
4 files changed, 4 insertions, 27 deletions
diff --git a/crypto/src/tsp/TimeStampToken.cs b/crypto/src/tsp/TimeStampToken.cs index 1245589b4..9b2a7a40b 100644 --- a/crypto/src/tsp/TimeStampToken.cs +++ b/crypto/src/tsp/TimeStampToken.cs @@ -180,16 +180,12 @@ namespace Org.BouncyCastle.Tsp certID.GetHashAlgorithmName(), cert.GetEncoded()); if (!Arrays.ConstantTimeAreEqual(certID.GetCertHash(), hash)) - { throw new TspValidationException("certificate hash does not match certID hash."); - } if (certID.IssuerSerial != null) { - if (!certID.IssuerSerial.Serial.Value.Equals(cert.SerialNumber)) - { + if (!certID.IssuerSerial.Serial.HasValue(cert.SerialNumber)) throw new TspValidationException("certificate serial number does not match certID for signature."); - } GeneralName[] names = certID.IssuerSerial.Issuer.GetNames(); X509Name principal = PrincipalUtilities.GetIssuerX509Principal(cert); diff --git a/crypto/src/x509/AttributeCertificateHolder.cs b/crypto/src/x509/AttributeCertificateHolder.cs index 8ea90c24d..fdd4580db 100644 --- a/crypto/src/x509/AttributeCertificateHolder.cs +++ b/crypto/src/x509/AttributeCertificateHolder.cs @@ -327,21 +327,13 @@ namespace Org.BouncyCastle.X509 } public bool Match( -// Certificate cert) X509Certificate x509Cert) { -// if (!(cert is X509Certificate)) -// { -// return false; -// } -// -// X509Certificate x509Cert = (X509Certificate)cert; - try { if (holder.BaseCertificateID != null) { - return holder.BaseCertificateID.Serial.Value.Equals(x509Cert.SerialNumber) + return holder.BaseCertificateID.Serial.HasValue(x509Cert.SerialNumber) && MatchesDN(PrincipalUtilities.GetIssuerX509Principal(x509Cert), holder.BaseCertificateID.Issuer); } diff --git a/crypto/src/x509/AttributeCertificateIssuer.cs b/crypto/src/x509/AttributeCertificateIssuer.cs index 7df1416d3..39fc04f34 100644 --- a/crypto/src/x509/AttributeCertificateIssuer.cs +++ b/crypto/src/x509/AttributeCertificateIssuer.cs @@ -136,22 +136,14 @@ namespace Org.BouncyCastle.X509 } public bool Match( -// Certificate cert) X509Certificate x509Cert) { -// if (!(cert is X509Certificate)) -// { -// return false; -// } -// -// X509Certificate x509Cert = (X509Certificate)cert; - if (form is V2Form) { V2Form issuer = (V2Form) form; if (issuer.BaseCertificateID != null) { - return issuer.BaseCertificateID.Serial.Value.Equals(x509Cert.SerialNumber) + return issuer.BaseCertificateID.Serial.HasValue(x509Cert.SerialNumber) && MatchesDN(x509Cert.IssuerDN, issuer.BaseCertificateID.Issuer); } diff --git a/crypto/src/x509/X509Crl.cs b/crypto/src/x509/X509Crl.cs index 5cf4bd53c..a5aabf974 100644 --- a/crypto/src/x509/X509Crl.cs +++ b/crypto/src/x509/X509Crl.cs @@ -429,15 +429,12 @@ namespace Org.BouncyCastle.X509 if (certs != null) { -// BigInteger serial = ((X509Certificate)cert).SerialNumber; BigInteger serial = cert.SerialNumber; for (int i = 0; i < certs.Length; i++) { - if (certs[i].UserCertificate.Value.Equals(serial)) - { + if (certs[i].UserCertificate.HasValue(serial)) return true; - } } } |