summary refs log tree commit diff
path: root/crypto/test/src
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/test/src')
-rw-r--r--crypto/test/src/cms/test/CMSTestUtil.cs34
-rw-r--r--crypto/test/src/cms/test/MiscDataStreamTest.cs43
-rw-r--r--crypto/test/src/cms/test/Rfc4134Test.cs26
-rw-r--r--crypto/test/src/cms/test/SignedDataStreamTest.cs84
-rw-r--r--crypto/test/src/cms/test/SignedDataTest.cs207
-rw-r--r--crypto/test/src/test/AttrCertSelectorTest.cs4
-rw-r--r--crypto/test/src/test/AttrCertTest.cs34
-rw-r--r--crypto/test/src/test/CertPathBuilderTest.cs42
-rw-r--r--crypto/test/src/test/CertPathTest.cs11
-rw-r--r--crypto/test/src/test/CertPathValidatorTest.cs38
-rw-r--r--crypto/test/src/test/NistCertPathTest.cs24
-rw-r--r--crypto/test/src/test/PkixPolicyMappingTest.cs20
-rw-r--r--crypto/test/src/test/X509StoreTest.cs80
-rw-r--r--crypto/test/src/test/nist/NistCertPathTest.cs34
-rw-r--r--crypto/test/src/test/nist/NistCertPathTest2.cs34
-rw-r--r--crypto/test/src/tsp/test/NewTspTest.cs73
-rw-r--r--crypto/test/src/tsp/test/ParseTest.cs9
-rw-r--r--crypto/test/src/tsp/test/TSPTest.cs32
18 files changed, 353 insertions, 476 deletions
diff --git a/crypto/test/src/cms/test/CMSTestUtil.cs b/crypto/test/src/cms/test/CMSTestUtil.cs
index 242d7e8cf..596072937 100644
--- a/crypto/test/src/cms/test/CMSTestUtil.cs
+++ b/crypto/test/src/cms/test/CMSTestUtil.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Collections;
+using System.Collections.Generic;
 using System.IO;
 using System.Text;
 
@@ -10,11 +11,11 @@ using Org.BouncyCastle.Crypto.Operators;
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Math;
 using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Collections;
 using Org.BouncyCastle.Utilities.Encoders;
 using Org.BouncyCastle.Utilities.IO;
 using Org.BouncyCastle.X509;
 using Org.BouncyCastle.X509.Extension;
-using Org.BouncyCastle.X509.Store;
 
 namespace Org.BouncyCastle.Cms.Tests
 {
@@ -219,12 +220,8 @@ namespace Org.BouncyCastle.Cms.Tests
 			return buf.ToString();
 		}
 
-		public static IX509AttributeCertificate GetAttributeCertificate()
+		public static X509V2AttributeCertificate GetAttributeCertificate()
 		{
-//			X509StreamParser parser = X509StreamParser.GetInstance("AttributeCertificate");
-//			parser.Init(CmsTestUtil.attrCert);
-//			return (X509AttributeCertificate) parser.Read();
-
 			return new X509AttrCertParser().ReadAttrCert(attrCert);
 		}
 
@@ -425,37 +422,38 @@ namespace Org.BouncyCastle.Cms.Tests
             return "GOST3411WithGOST3410";
         }
 
-        internal static IX509Store MakeAttrCertStore(params IX509AttributeCertificate[] attrCerts)
+        internal static IStore<X509V2AttributeCertificate> MakeAttrCertStore(
+			params X509V2AttributeCertificate[] attrCerts)
         {
-            IList attrCertList = new ArrayList();
-            foreach (IX509AttributeCertificate attrCert in attrCerts)
+			var attrCertList = new List<X509V2AttributeCertificate>();
+			foreach (var attrCert in attrCerts)
             {
                 attrCertList.Add(attrCert);
             }
 
-            return X509StoreFactory.Create("AttributeCertificate/Collection", new X509CollectionStoreParameters(attrCertList));
+			return CollectionUtilities.CreateStore(attrCertList);
         }
 
-        internal static IX509Store MakeCertStore(params X509Certificate[] certs)
+        internal static IStore<X509Certificate> MakeCertStore(params X509Certificate[] certs)
         {
-            IList certList = new ArrayList();
-            foreach (X509Certificate cert in certs)
+            var certList = new List<X509Certificate>();
+            foreach (var cert in certs)
             {
                 certList.Add(cert);
             }
 
-            return X509StoreFactory.Create("Certificate/Collection", new X509CollectionStoreParameters(certList));
+			return CollectionUtilities.CreateStore(certList);
         }
 
-        internal static IX509Store MakeCrlStore(params X509Crl[] crls)
+        internal static IStore<X509Crl> MakeCrlStore(params X509Crl[] crls)
         {
-            IList crlList = new ArrayList();
-            foreach (X509Crl crl in crls)
+            var crlList = new List<X509Crl>();
+            foreach (var crl in crls)
             {
                 crlList.Add(crl);
             }
 
-            return X509StoreFactory.Create("CRL/Collection", new X509CollectionStoreParameters(crlList));
+			return CollectionUtilities.CreateStore(crlList);
         }
 
         private static AuthorityKeyIdentifier CreateAuthorityKeyId(
diff --git a/crypto/test/src/cms/test/MiscDataStreamTest.cs b/crypto/test/src/cms/test/MiscDataStreamTest.cs
index 4cb19884b..58259998b 100644
--- a/crypto/test/src/cms/test/MiscDataStreamTest.cs
+++ b/crypto/test/src/cms/test/MiscDataStreamTest.cs
@@ -1,22 +1,16 @@
 using System;
 using System.Collections;
+using System.Collections.Generic;
 using System.IO;
 using System.Text;
 
 using NUnit.Framework;
 
-using Org.BouncyCastle.Asn1;
-using Org.BouncyCastle.Asn1.Cms;
-using Org.BouncyCastle.Asn1.Oiw;
-using Org.BouncyCastle.Cms;
 using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Security;
 using Org.BouncyCastle.Utilities;
-using Org.BouncyCastle.Utilities.Encoders;
-using Org.BouncyCastle.Utilities.IO;
-using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.Utilities.Collections;
 using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
 
 namespace Org.BouncyCastle.Cms.Tests
 {
@@ -92,21 +86,19 @@ namespace Org.BouncyCastle.Cms.Tests
 			get { return origCrl == null ? (origCrl = CmsTestUtil.MakeCrl(OrigKP)) : origCrl; }
 		}
 
-		private void VerifySignatures(
-			CmsSignedDataParser	sp,
-			byte[]				contentDigest)
+		private void VerifySignatures(CmsSignedDataParser sp, byte[] contentDigest)
 		{
-			IX509Store certStore = sp.GetCertificates("Collection");
+			IStore<X509Certificate> certStore = sp.GetCertificates();
 			SignerInformationStore signers = sp.GetSignerInfos();
 
 			foreach (SignerInformation signer in signers.GetSigners())
 			{
-				ICollection certCollection = certStore.GetMatches(signer.SignerID);
+				var certCollection = certStore.EnumerateMatches(signer.SignerID);
 
-				IEnumerator certEnum = certCollection.GetEnumerator();
+				var certEnum = certCollection.GetEnumerator();
 
 				certEnum.MoveNext();
-				X509Certificate	cert = (X509Certificate) certEnum.Current;
+				X509Certificate	cert = certEnum.Current;
 
 				Assert.IsTrue(signer.Verify(cert));
 
@@ -144,9 +136,9 @@ namespace Org.BouncyCastle.Cms.Tests
 			{
 				sc.Drain();
 			}
-			sp.GetAttributeCertificates("Collection");
-			sp.GetCertificates("Collection");
-			sp.GetCrls("Collection");
+			sp.GetAttributeCertificates();
+			sp.GetCertificates();
+			sp.GetCrls();
 			sp.GetSignerInfos();
 			sp.Close();
 		}
@@ -154,22 +146,16 @@ namespace Org.BouncyCastle.Cms.Tests
 		[Test]
 		public void TestSha1WithRsa()
 		{
-			IList certList = new ArrayList();
-			IList crlList = new ArrayList();
-			MemoryStream bOut = new MemoryStream();
-
+			var certList = new List<X509Certificate>();
 			certList.Add(OrigCert);
 			certList.Add(SignCert);
 
+			var crlList = new List<X509Crl>();
 			crlList.Add(SignCrl);
 			crlList.Add(OrigCrl);
 
-			IX509Store x509Certs = X509StoreFactory.Create(
-				"Certificate/Collection",
-				new X509CollectionStoreParameters(certList));
-			IX509Store x509Crls = X509StoreFactory.Create(
-				"CRL/Collection",
-				new X509CollectionStoreParameters(crlList));
+			var x509Certs = CollectionUtilities.CreateStore(certList);
+			var x509Crls = CollectionUtilities.CreateStore(crlList);
 
 			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
 
@@ -178,6 +164,7 @@ namespace Org.BouncyCastle.Cms.Tests
 			gen.AddCertificates(x509Certs);
 			gen.AddCrls(x509Crls);
 
+			MemoryStream bOut = new MemoryStream();
 			Stream sigOut = gen.Open(bOut);
 
 			CmsCompressedDataStreamGenerator cGen = new CmsCompressedDataStreamGenerator();
diff --git a/crypto/test/src/cms/test/Rfc4134Test.cs b/crypto/test/src/cms/test/Rfc4134Test.cs
index 3bfbd1358..d47dd84ff 100644
--- a/crypto/test/src/cms/test/Rfc4134Test.cs
+++ b/crypto/test/src/cms/test/Rfc4134Test.cs
@@ -14,7 +14,6 @@ using Org.BouncyCastle.Utilities.Encoders;
 using Org.BouncyCastle.Utilities.IO;
 using Org.BouncyCastle.Utilities.Test;
 using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
 
 namespace Org.BouncyCastle.Cms.Tests
 {
@@ -249,18 +248,17 @@ namespace Org.BouncyCastle.Cms.Tests
 
 		private void VerifySignatures(CmsSignedData s, byte[] contentDigest)
 		{
-			IX509Store x509Certs = s.GetCertificates("Collection");
-			IX509Store x509Crls = s.GetCrls("Collection");
+			var x509Certs = s.GetCertificates();
 			SignerInformationStore signers = s.GetSignerInfos();
 
 			foreach (SignerInformation signer in signers.GetSigners())
 			{
-				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+				var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
 
-				IEnumerator certEnum = certCollection.GetEnumerator();
+				var certEnum = certCollection.GetEnumerator();
 
 				certEnum.MoveNext();
-				X509Certificate cert = (X509Certificate) certEnum.Current;
+				X509Certificate cert = certEnum.Current;
 
 				VerifySigner(signer, cert);
 
@@ -269,12 +267,6 @@ namespace Org.BouncyCastle.Cms.Tests
 					Assert.IsTrue(Arrays.AreEqual(contentDigest, signer.GetContentDigest()));
 				}
 			}
-
-			ICollection certColl = x509Certs.GetMatches(null);
-			ICollection crlColl = x509Crls.GetMatches(null);
-
-			Assert.AreEqual(certColl.Count, s.GetCertificates("Collection").GetMatches(null).Count);
-			Assert.AreEqual(crlColl.Count, s.GetCrls("Collection").GetMatches(null).Count);
 		}
 
 		private void VerifySignatures(CmsSignedData s)
@@ -289,17 +281,17 @@ namespace Org.BouncyCastle.Cms.Tests
 	        {
 	            sc.Drain();
 	        }
-			
-			IX509Store x509Certs = sp.GetCertificates("Collection");
+
+			var x509Certs = sp.GetCertificates();
 			SignerInformationStore signers = sp.GetSignerInfos();
 
 			foreach (SignerInformation signer in signers.GetSigners())
 			{
-				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+				var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
 
-				IEnumerator certEnum = certCollection.GetEnumerator();
+				var certEnum = certCollection.GetEnumerator();
 				certEnum.MoveNext();
-				X509Certificate cert = (X509Certificate)certEnum.Current;
+				X509Certificate cert = certEnum.Current;
 
 				VerifySigner(signer, cert);
 			}
diff --git a/crypto/test/src/cms/test/SignedDataStreamTest.cs b/crypto/test/src/cms/test/SignedDataStreamTest.cs
index 2131938e7..4ef6d9441 100644
--- a/crypto/test/src/cms/test/SignedDataStreamTest.cs
+++ b/crypto/test/src/cms/test/SignedDataStreamTest.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Collections;
+using System.Collections.Generic;
 using System.IO;
 using System.Text;
 
@@ -7,16 +8,12 @@ using NUnit.Framework;
 
 using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Cms;
-using Org.BouncyCastle.Asn1.Oiw;
-using Org.BouncyCastle.Cms;
 using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Security;
 using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.Utilities.Encoders;
 using Org.BouncyCastle.Utilities.IO;
-using Org.BouncyCastle.Utilities.Test;
 using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
 
 namespace Org.BouncyCastle.Cms.Tests
 {
@@ -96,17 +93,17 @@ namespace Org.BouncyCastle.Cms.Tests
 			CmsSignedDataParser	sp,
 			byte[]				contentDigest)
 		{
-			IX509Store certStore = sp.GetCertificates("Collection");
+			var certStore = sp.GetCertificates();
 			SignerInformationStore signers = sp.GetSignerInfos();
 
 			foreach (SignerInformation signer in signers.GetSigners())
 			{
-				ICollection certCollection = certStore.GetMatches(signer.SignerID);
+				var certCollection = certStore.EnumerateMatches(signer.SignerID);
 
-				IEnumerator certEnum = certCollection.GetEnumerator();
+				var certEnum = certCollection.GetEnumerator();
 
 				certEnum.MoveNext();
-				X509Certificate	cert = (X509Certificate) certEnum.Current;
+				X509Certificate	cert = certEnum.Current;
 
 				Assert.IsTrue(signer.Verify(cert));
 
@@ -144,9 +141,9 @@ namespace Org.BouncyCastle.Cms.Tests
 	        {
 	            sc.Drain();
 	        }
-	        sp.GetAttributeCertificates("Collection");
-	        sp.GetCertificates("Collection");
-	        sp.GetCrls("Collection");
+	        sp.GetAttributeCertificates();
+	        sp.GetCertificates();
+	        sp.GetCrls();
 	        sp.GetSignerInfos();
 	        sp.Close();
 	    }
@@ -292,8 +289,8 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			MemoryStream bOut = new MemoryStream();
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
-            IX509Store x509Crls = CmsTestUtil.MakeCrlStore(SignCrl, OrigCrl);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Crls = CmsTestUtil.MakeCrlStore(SignCrl, OrigCrl);
 
             CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
@@ -324,8 +321,8 @@ namespace Org.BouncyCastle.Cms.Tests
 			//
 			gen = new CmsSignedDataStreamGenerator();
 			gen.AddSigners(sp.GetSignerInfos());
-			gen.AddCertificates(sp.GetCertificates("Collection"));
-			gen.AddCrls(sp.GetCrls("Collection"));
+			gen.AddCertificates(sp.GetCertificates());
+			gen.AddCrls(sp.GetCrls());
 
             bOut.SetLength(0);
 
@@ -338,7 +335,7 @@ namespace Org.BouncyCastle.Cms.Tests
             //
 			// look for the CRLs
 			//
-			ArrayList col = new ArrayList(x509Crls.GetMatches(null));
+			var col = new List<X509Crl>(x509Crls.EnumerateMatches(null));
 
             Assert.AreEqual(2, col.Count);
 			Assert.IsTrue(col.Contains(SignCrl));
@@ -350,8 +347,8 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			MemoryStream bOut = new MemoryStream();
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
-            IX509Store x509Crls = CmsTestUtil.MakeCrlStore(SignCrl, OrigCrl);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Crls = CmsTestUtil.MakeCrlStore(SignCrl, OrigCrl);
 
             CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
@@ -383,7 +380,7 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			MemoryStream bOut = new MemoryStream();
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
             CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
 			gen.AddDigests(CmsSignedDataStreamGenerator.DigestSha1,
@@ -415,7 +412,7 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			MemoryStream bOut = new MemoryStream();
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
             //
 			// find unbuffered length
@@ -469,7 +466,7 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			MemoryStream bOut = new MemoryStream();
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
 			//
 			// find unbuffered length
@@ -524,7 +521,7 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			MemoryStream bOut = new MemoryStream();
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
             CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
@@ -556,8 +553,8 @@ namespace Org.BouncyCastle.Cms.Tests
 			//
 			gen = new CmsSignedDataStreamGenerator();
 			gen.AddSigners(sp.GetSignerInfos());
-			gen.AddCertificates(sp.GetCertificates("Collection"));
-			gen.AddCrls(sp.GetCrls("Collection"));
+			gen.AddCertificates(sp.GetCertificates());
+			gen.AddCrls(sp.GetCrls());
 
             bOut.SetLength(0);
 
@@ -611,7 +608,7 @@ namespace Org.BouncyCastle.Cms.Tests
 	    {
 	        MemoryStream bOut = new MemoryStream();
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
             CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
 	        gen.AddSigner(OrigKP.Private,
@@ -645,8 +642,7 @@ namespace Org.BouncyCastle.Cms.Tests
 			//
 			gen = new CmsSignedDataStreamGenerator();
 			gen.AddSigners(sp.GetSignerInfos());
-//			gen.AddCertificatesAndCRLs(sp.GetCertificatesAndCrls("Collection", "BC"));
-			gen.AddCertificates(sp.GetCertificates("Collection"));
+			gen.AddCertificates(sp.GetCertificates());
 
             bOut.SetLength(0);
 
@@ -666,7 +662,7 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			MemoryStream bOut = new MemoryStream();
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
 			CmsAttributeTableGenerator signedGen = new SignedGenAttributeTableGenerator();
 			CmsAttributeTableGenerator unsignedGen = new UnsignedGenAttributeTableGenerator();
@@ -710,15 +706,15 @@ namespace Org.BouncyCastle.Cms.Tests
         [Test]
 		public void TestWithAttributeCertificate()
 		{
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(SignCert);
 
             CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
 			gen.AddCertificates(x509Certs);
 
-            IX509AttributeCertificate attrCert = CmsTestUtil.GetAttributeCertificate();
+            var attrCert = CmsTestUtil.GetAttributeCertificate();
 
-            IX509Store store = CmsTestUtil.MakeAttrCertStore(attrCert);
+            var store = CmsTestUtil.MakeAttrCertStore(attrCert);
 
             gen.AddAttributeCertificates(store);
 
@@ -736,9 +732,9 @@ namespace Org.BouncyCastle.Cms.Tests
 
 			Assert.AreEqual(4, sp.Version);
 
-			store = sp.GetAttributeCertificates("Collection");
+			store = sp.GetAttributeCertificates();
 
-			ArrayList coll = new ArrayList(store.GetMatches(null));
+			var coll = new List<X509V2AttributeCertificate>(store.EnumerateMatches(null));
 
 			Assert.AreEqual(1, coll.Count);
 
@@ -751,7 +747,7 @@ namespace Org.BouncyCastle.Cms.Tests
 			MemoryStream bOut = new MemoryStream();
 			byte[] data = Encoding.ASCII.GetBytes(TestMessage);
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
 			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
@@ -811,7 +807,7 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			MemoryStream bOut = new MemoryStream();
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
             CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
@@ -868,7 +864,7 @@ namespace Org.BouncyCastle.Cms.Tests
 			MemoryStream bOut = new MemoryStream();
 			byte[] data = Encoding.ASCII.GetBytes(TestMessage);
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigDsaCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigDsaCert);
 
             CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
@@ -905,7 +901,7 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			MemoryStream bOut = new MemoryStream();
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigDsaCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigDsaCert);
 
 			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
 
@@ -945,7 +941,7 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			MemoryStream bOut = new MemoryStream();
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
             CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
@@ -960,8 +956,8 @@ namespace Org.BouncyCastle.Cms.Tests
             CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());
 
 			sp.GetSignedContent().Drain();
-			x509Certs = sp.GetCertificates("Collection");
-			ArrayList a = new ArrayList(x509Certs.GetMatches(null));
+			x509Certs = sp.GetCertificates();
+			var a = new List<X509Certificate>(x509Certs.EnumerateMatches(null));
 
 			Assert.AreEqual(2, a.Count);
 			Assert.AreEqual(OrigCert, a[0]);
@@ -973,7 +969,7 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			MemoryStream bOut = new MemoryStream();
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignCert, OrigCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(SignCert, OrigCert);
 
             CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
@@ -988,8 +984,8 @@ namespace Org.BouncyCastle.Cms.Tests
             CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());
 
             sp.GetSignedContent().Drain();
-			x509Certs = sp.GetCertificates("Collection");
-			ArrayList a = new ArrayList(x509Certs.GetMatches(null));
+			x509Certs = sp.GetCertificates();
+			var a = new List<X509Certificate>(x509Certs.EnumerateMatches(null));
 
 			Assert.AreEqual(2, a.Count);
 			Assert.AreEqual(SignCert, a[0]);
@@ -999,7 +995,7 @@ namespace Org.BouncyCastle.Cms.Tests
         [Test]
         public void TestCertsOnly()
         {
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
             MemoryStream bOut = new MemoryStream();
 
diff --git a/crypto/test/src/cms/test/SignedDataTest.cs b/crypto/test/src/cms/test/SignedDataTest.cs
index 41af04874..7147bc8da 100644
--- a/crypto/test/src/cms/test/SignedDataTest.cs
+++ b/crypto/test/src/cms/test/SignedDataTest.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Collections;
+using System.Collections.Generic;
 using System.IO;
 using System.Text;
 
@@ -8,6 +9,7 @@ using NUnit.Framework;
 using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Cms;
 using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
 using Org.BouncyCastle.Pkcs;
 using Org.BouncyCastle.Security;
 using Org.BouncyCastle.Utilities;
@@ -15,9 +17,6 @@ using Org.BouncyCastle.Utilities.Encoders;
 using Org.BouncyCastle.Utilities.IO;
 using Org.BouncyCastle.Utilities.Test;
 using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
-using Org.BouncyCastle.Crypto.Operators;
-using Org.BouncyCastle.Asn1.Utilities;
 
 namespace Org.BouncyCastle.Cms.Tests
 {
@@ -379,19 +378,19 @@ namespace Org.BouncyCastle.Cms.Tests
 			CmsSignedData	s,
 			byte[]			contentDigest)
 		{
-			IX509Store x509Certs = s.GetCertificates("Collection");
+			var x509Certs = s.GetCertificates();
 
 			SignerInformationStore signers = s.GetSignerInfos();
 			ICollection c = signers.GetSigners();
 
 			foreach (SignerInformation signer in c)
 			{
-				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+				var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
 
-				IEnumerator certEnum = certCollection.GetEnumerator();
+				var certEnum = certCollection.GetEnumerator();
 
 				certEnum.MoveNext();
-				X509Certificate cert = (X509Certificate) certEnum.Current;
+				X509Certificate cert = certEnum.Current;
 
 				Assert.IsTrue(signer.Verify(cert));
 		
@@ -406,19 +405,19 @@ namespace Org.BouncyCastle.Cms.Tests
 			CmsSignedData s,
 			byte[] contentDigest)
 		{
-			IX509Store x509Certs = s.GetCertificates("Collection");
+			var x509Certs = s.GetCertificates();
 
 			SignerInformationStore signers = s.GetSignerInfos();
 			ICollection c = signers.GetSigners();
 
 			foreach (SignerInformation signer in c)
 			{
-				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+				var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
 
-				IEnumerator certEnum = certCollection.GetEnumerator();
+				var certEnum = certCollection.GetEnumerator();
 
 				certEnum.MoveNext();
-				X509Certificate cert = (X509Certificate)certEnum.Current;
+				X509Certificate cert = certEnum.Current;
 
 				Assert.IsTrue(signer.Verify(cert));
 				Assert.IsTrue(null == signer.GetEncodedSignedAttributes());
@@ -442,7 +441,7 @@ namespace Org.BouncyCastle.Cms.Tests
 			byte[] data = Encoding.ASCII.GetBytes("Hello World!");
 			CmsProcessable msg = new CmsProcessableByteArray(data);
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
             CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
@@ -465,7 +464,7 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
 			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
@@ -476,7 +475,7 @@ namespace Org.BouncyCastle.Cms.Tests
 
 			s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
 
-			x509Certs = s.GetCertificates("Collection");
+			x509Certs = s.GetCertificates();
 
 			SignerInformationStore signers = s.GetSignerInfos();
 
@@ -487,12 +486,12 @@ namespace Org.BouncyCastle.Cms.Tests
 
 			foreach (SignerInformation signer in c)
 			{
-				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+				var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
 
-				IEnumerator certEnum = certCollection.GetEnumerator();
+				var certEnum = certCollection.GetEnumerator();
 
 				certEnum.MoveNext();
-				X509Certificate cert = (X509Certificate) certEnum.Current;
+				X509Certificate cert = certEnum.Current;
 
 				sid = signer.SignerID;
 
@@ -522,14 +521,14 @@ namespace Org.BouncyCastle.Cms.Tests
 
 			gen.AddSigners(s.GetSignerInfos());
 
-			gen.AddCertificates(s.GetCertificates("Collection"));
-			gen.AddCrls(s.GetCrls("Collection"));
+			gen.AddCertificates(s.GetCertificates());
+			gen.AddCrls(s.GetCrls());
 
 			s = gen.Generate(msg, true);
 
 			s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
 
-			x509Certs = s.GetCertificates("Collection");
+			x509Certs = s.GetCertificates();
 
 			signers = s.GetSignerInfos();
 			c = signers.GetSigners();
@@ -538,12 +537,12 @@ namespace Org.BouncyCastle.Cms.Tests
 
 			foreach (SignerInformation signer in c)
 			{
-				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+				var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
 
-				IEnumerator certEnum = certCollection.GetEnumerator();
+				var certEnum = certCollection.GetEnumerator();
 
 				certEnum.MoveNext();
-				X509Certificate cert = (X509Certificate) certEnum.Current;
+				X509Certificate cert = certEnum.Current;
 
 				Assert.AreEqual(true, signer.Verify(cert));
 			}
@@ -556,7 +555,7 @@ namespace Org.BouncyCastle.Cms.Tests
         {
             CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
             CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
             gen.AddSignerInfoGenerator(new SignerInfoGeneratorBuilder().Build(
@@ -570,7 +569,7 @@ namespace Org.BouncyCastle.Cms.Tests
 
             s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
 
-            x509Certs = s.GetCertificates("Collection");
+            x509Certs = s.GetCertificates();
 
             SignerInformationStore signers = s.GetSignerInfos();
 
@@ -581,12 +580,12 @@ namespace Org.BouncyCastle.Cms.Tests
 
             foreach (SignerInformation signer in c)
             {
-                ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+                var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
 
-                IEnumerator certEnum = certCollection.GetEnumerator();
+                var certEnum = certCollection.GetEnumerator();
 
                 certEnum.MoveNext();
-                X509Certificate cert = (X509Certificate)certEnum.Current;
+                X509Certificate cert = certEnum.Current;
 
                 sid = signer.SignerID;
 
@@ -616,14 +615,14 @@ namespace Org.BouncyCastle.Cms.Tests
 
             gen.AddSigners(s.GetSignerInfos());
 
-            gen.AddCertificates(s.GetCertificates("Collection"));
-            gen.AddCrls(s.GetCrls("Collection"));
+            gen.AddCertificates(s.GetCertificates());
+            gen.AddCrls(s.GetCrls());
 
             s = gen.Generate(msg, true);
 
             s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
 
-            x509Certs = s.GetCertificates("Collection");
+            x509Certs = s.GetCertificates();
 
             signers = s.GetSignerInfos();
             c = signers.GetSigners();
@@ -632,12 +631,12 @@ namespace Org.BouncyCastle.Cms.Tests
 
             foreach (SignerInformation signer in c)
             {
-                ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+                var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
 
-                IEnumerator certEnum = certCollection.GetEnumerator();
+                var certEnum = certCollection.GetEnumerator();
 
                 certEnum.MoveNext();
-                X509Certificate cert = (X509Certificate)certEnum.Current;
+                X509Certificate cert = certEnum.Current;
 
                 Assert.AreEqual(true, signer.Verify(cert));
             }
@@ -673,7 +672,7 @@ namespace Org.BouncyCastle.Cms.Tests
 			byte[] testBytes = Encoding.ASCII.GetBytes("Hello world!");
 			CmsProcessable msg = new CmsProcessableByteArray(testBytes);
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
             byte[] hash = DigestUtilities.CalculateDigest("SHA1", testBytes);
 
@@ -707,10 +706,10 @@ namespace Org.BouncyCastle.Cms.Tests
 
             CmsSignedData s = new CmsSignedData(document);
 
-            IX509Store certStore = s.GetCertificates("Collection");
+            var certStore = s.GetCertificates();
             foreach (SignerInformation signerInformation in s.GetSignerInfos().GetSigners())
             {
-                ICollection certCollection = certStore.GetMatches(signerInformation.SignerID);
+                var certCollection = certStore.EnumerateMatches(signerInformation.SignerID);
                 foreach (X509Certificate cert in certCollection)
                 {
                     Assert.IsTrue(signerInformation.Verify(cert), "raw sig failed");
@@ -961,8 +960,8 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignCert, OrigCert);
-            IX509Store x509Crls = CmsTestUtil.MakeCrlStore(SignCrl);
+            var x509Certs = CmsTestUtil.MakeCertStore(SignCert, OrigCert);
+            var x509Crls = CmsTestUtil.MakeCrlStore(SignCrl);
 
             CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
 			gen.AddSigner(SignKP.Private, SignCert, CmsSignedDataGenerator.DigestSha1);
@@ -983,12 +982,12 @@ namespace Org.BouncyCastle.Cms.Tests
 
 			foreach (SignerInformation cSigner in csSigners)
 			{
-				ICollection certCollection = x509Certs.GetMatches(cSigner.SignerID);
+				var certCollection = x509Certs.EnumerateMatches(cSigner.SignerID);
 
-				IEnumerator certEnum = certCollection.GetEnumerator();
+				var certEnum = certCollection.GetEnumerator();
 
 				certEnum.MoveNext();
-				X509Certificate cert = (X509Certificate) certEnum.Current;
+				X509Certificate cert = certEnum.Current;
 
 				Assert.IsNull(cSigner.SignedAttributes[Asn1.Pkcs.PkcsObjectIdentifiers.Pkcs9AtContentType]);
 				Assert.IsTrue(cSigner.Verify(cert));
@@ -1002,7 +1001,7 @@ namespace Org.BouncyCastle.Cms.Tests
 			byte[] msgBytes = Encoding.ASCII.GetBytes("Hello World!");
 			CmsProcessable msg = new CmsProcessableByteArray(msgBytes);
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
             CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.EncryptionRsaPss, digestOID);
@@ -1023,7 +1022,7 @@ namespace Org.BouncyCastle.Cms.Tests
 			byte[] msgBytes = Encoding.ASCII.GetBytes("Hello World!");
 			CmsProcessable msg = new CmsProcessableByteArray(msgBytes);
 
-			IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+			var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
 			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
 			gen.AddSignerInfoGenerator(new SignerInfoGeneratorBuilder().SetDirectSignature(true).Build(
@@ -1045,8 +1044,8 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(signatureCert, OrigCert);
-            IX509Store x509Crls = CmsTestUtil.MakeCrlStore(SignCrl);
+            var x509Certs = CmsTestUtil.MakeCertStore(signatureCert, OrigCert);
+            var x509Crls = CmsTestUtil.MakeCrlStore(SignCrl);
 
             CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
 			gen.AddSigner(signaturePair.Private,
@@ -1064,19 +1063,19 @@ namespace Org.BouncyCastle.Cms.Tests
 
 			s = new CmsSignedData(ContentInfo.GetInstance(aIn.ReadObject()));
 
-			x509Certs = s.GetCertificates("Collection");
-			x509Crls = s.GetCrls("Collection");
+			x509Certs = s.GetCertificates();
+			x509Crls = s.GetCrls();
 
 			SignerInformationStore signers = s.GetSignerInfos();
 
 			foreach (SignerInformation signer in signers.GetSigners())
 			{
-				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+				var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
 
-				IEnumerator certEnum = certCollection.GetEnumerator();
+				var certEnum = certCollection.GetEnumerator();
 
 				certEnum.MoveNext();
-				X509Certificate cert = (X509Certificate) certEnum.Current;
+				X509Certificate cert = certEnum.Current;
 
 				Assert.IsTrue(signer.Verify(cert));
 			}
@@ -1084,7 +1083,7 @@ namespace Org.BouncyCastle.Cms.Tests
 			//
 			// check for CRLs
 			//
-			ArrayList crls = new ArrayList(x509Crls.GetMatches(null));
+			var crls = new List<X509Crl>(x509Crls.EnumerateMatches(null));
 
 			Assert.AreEqual(1, crls.Count);
 
@@ -1098,8 +1097,8 @@ namespace Org.BouncyCastle.Cms.Tests
 
 			gen.AddSigners(s.GetSignerInfos());
 
-			gen.AddCertificates(s.GetCertificates("Collection"));
-			gen.AddCrls(s.GetCrls("Collection"));
+			gen.AddCertificates(s.GetCertificates());
+			gen.AddCrls(s.GetCrls());
 
 			s = gen.Generate(msg, true);
 
@@ -1108,19 +1107,19 @@ namespace Org.BouncyCastle.Cms.Tests
 
 			s = new CmsSignedData(ContentInfo.GetInstance(aIn.ReadObject()));
 
-			x509Certs = s.GetCertificates("Collection");
-			x509Crls = s.GetCrls("Collection");
+			x509Certs = s.GetCertificates();
+			x509Crls = s.GetCrls();
 
 			signers = s.GetSignerInfos();
 
 			foreach (SignerInformation signer in signers.GetSigners())
 			{
-				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+				var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
 
-				IEnumerator certEnum = certCollection.GetEnumerator();
+				var certEnum = certCollection.GetEnumerator();
 
 				certEnum.MoveNext();
-				X509Certificate cert = (X509Certificate) certEnum.Current;
+				X509Certificate cert = certEnum.Current;
 
 				Assert.IsTrue(signer.Verify(cert));
 			}
@@ -1135,8 +1134,8 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(signatureCert, OrigCert);
-            IX509Store x509Crls = CmsTestUtil.MakeCrlStore(SignCrl);
+            var x509Certs = CmsTestUtil.MakeCertStore(signatureCert, OrigCert);
+            var x509Crls = CmsTestUtil.MakeCrlStore(SignCrl);
 
             CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
 			gen.AddSigner(signaturePair.Private, signatureCert, digestAlgorithm);
@@ -1147,20 +1146,20 @@ namespace Org.BouncyCastle.Cms.Tests
 
 			s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
 
-			x509Certs = s.GetCertificates("Collection");
-			x509Crls = s.GetCrls("Collection");
+			x509Certs = s.GetCertificates();
+			x509Crls = s.GetCrls();
 
 			SignerInformationStore signers = s.GetSignerInfos();
 			ICollection c = signers.GetSigners();
 
 			foreach (SignerInformation signer in c)
 			{
-				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+				var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
 
-				IEnumerator certEnum = certCollection.GetEnumerator();
+				var certEnum = certCollection.GetEnumerator();
 
 				certEnum.MoveNext();
-				X509Certificate cert = (X509Certificate) certEnum.Current;
+				X509Certificate cert = certEnum.Current;
 
                 Assert.AreEqual(digestAlgorithm, signer.DigestAlgOid);
 
@@ -1170,7 +1169,7 @@ namespace Org.BouncyCastle.Cms.Tests
 			//
 			// check for CRLs
 			//
-			ArrayList crls = new ArrayList(x509Crls.GetMatches(null));
+			var crls = new List<X509Crl>(x509Crls.EnumerateMatches(null));
 
 			Assert.AreEqual(1, crls.Count);
 
@@ -1184,27 +1183,27 @@ namespace Org.BouncyCastle.Cms.Tests
 
 			gen.AddSigners(s.GetSignerInfos());
 
-			gen.AddCertificates(s.GetCertificates("Collection"));
-			gen.AddCrls(s.GetCrls("Collection"));
+			gen.AddCertificates(s.GetCertificates());
+			gen.AddCrls(s.GetCrls());
 
 			s = gen.Generate(msg, true);
 
 			s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
 
-			x509Certs = s.GetCertificates("Collection");
-			x509Crls = s.GetCrls("Collection");
+			x509Certs = s.GetCertificates();
+			x509Crls = s.GetCrls();
 
 			signers = s.GetSignerInfos();
 			c = signers.GetSigners();
 
 			foreach (SignerInformation signer in c)
 			{
-				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+				var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
 
-				IEnumerator certEnum = certCollection.GetEnumerator();
+				var certEnum = certCollection.GetEnumerator();
 
 				certEnum.MoveNext();
-				X509Certificate cert = (X509Certificate) certEnum.Current;
+				X509Certificate cert = certEnum.Current;
 
 				Assert.IsTrue(signer.Verify(cert));
 			}
@@ -1221,19 +1220,19 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			CmsSignedData s = CmsSignedData.ReplaceSigners(orig, signers);
 
-			IX509Store x509Certs = s.GetCertificates("Collection");
+			var x509Certs = s.GetCertificates();
 
 			signers = s.GetSignerInfos();
 			ICollection c = signers.GetSigners();
 
 			foreach (SignerInformation signer in c)
 			{
-				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+				var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
 
-				IEnumerator certEnum = certCollection.GetEnumerator();
+				var certEnum = certCollection.GetEnumerator();
 
 				certEnum.MoveNext();
-				X509Certificate cert = (X509Certificate) certEnum.Current;
+				X509Certificate cert = certEnum.Current;
 
 				Assert.IsTrue(signer.Verify(cert));
 			}
@@ -1244,19 +1243,19 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			CmsSignedData s = new CmsSignedData(new CmsProcessableByteArray(disorderedMessage), disorderedSet);
 
-			IX509Store x509Certs = s.GetCertificates("Collection");
+			var x509Certs = s.GetCertificates();
 
 			SignerInformationStore	signers = s.GetSignerInfos();
 			ICollection				c = signers.GetSigners();
 
 			foreach (SignerInformation signer in c)
 			{
-				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+				var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
 
-				IEnumerator certEnum = certCollection.GetEnumerator();
+				var certEnum = certCollection.GetEnumerator();
 
 				certEnum.MoveNext();
-				X509Certificate cert = (X509Certificate) certEnum.Current;
+				X509Certificate cert = certEnum.Current;
 				SignerInformation sAsIs = new AsIsSignerInformation(signer);
 
 				Assert.IsFalse(signer.Verify(cert));
@@ -1282,7 +1281,7 @@ namespace Org.BouncyCastle.Cms.Tests
 		[Test]
 		public void TestNullContentWithSigner()
 		{
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
             CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
@@ -1300,15 +1299,15 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignDsaCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(SignDsaCert);
 
             CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
 			gen.AddCertificates(x509Certs);
 
-            IX509AttributeCertificate attrCert = CmsTestUtil.GetAttributeCertificate();
+            var attrCert = CmsTestUtil.GetAttributeCertificate();
 
-            IX509Store store = CmsTestUtil.MakeAttrCertStore(attrCert);
+            var store = CmsTestUtil.MakeAttrCertStore(attrCert);
 
 			gen.AddAttributeCertificates(store);
 
@@ -1316,9 +1315,9 @@ namespace Org.BouncyCastle.Cms.Tests
 
 			Assert.AreEqual(4, sd.Version);
 
-			store = sd.GetAttributeCertificates("Collection");
+			store = sd.GetAttributeCertificates();
 
-			ArrayList coll = new ArrayList(store.GetMatches(null));
+			var coll = new List<X509V2AttributeCertificate>(store.EnumerateMatches(null));
 
 			Assert.AreEqual(1, coll.Count);
 
@@ -1342,7 +1341,7 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignDsaCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(SignDsaCert);
 
             CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
@@ -1368,7 +1367,7 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignDsaCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(SignDsaCert);
 
             CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
@@ -1394,7 +1393,7 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert, SignDsaCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert, SignDsaCert);
 
             CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
@@ -1402,8 +1401,8 @@ namespace Org.BouncyCastle.Cms.Tests
 
             CmsSignedData sd = gen.Generate(msg, true);
 
-			x509Certs = sd.GetCertificates("Collection");
-			ArrayList a = new ArrayList(x509Certs.GetMatches(null));
+			x509Certs = sd.GetCertificates();
+			var a = new List<X509Certificate>(x509Certs.EnumerateMatches(null));
 
 			Assert.AreEqual(3, a.Count);
 			Assert.AreEqual(OrigCert, a[0]);
@@ -1416,7 +1415,7 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignCert, SignDsaCert, OrigCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(SignCert, SignDsaCert, OrigCert);
 
             CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
@@ -1424,8 +1423,8 @@ namespace Org.BouncyCastle.Cms.Tests
 
 			CmsSignedData sd = gen.Generate(msg, true);
 
-            x509Certs = sd.GetCertificates("Collection");
-            ArrayList a = new ArrayList(x509Certs.GetMatches(null));
+            x509Certs = sd.GetCertificates();
+            var a = new List<X509Certificate>(x509Certs.EnumerateMatches(null));
 
             Assert.AreEqual(3, a.Count);
 			Assert.AreEqual(SignCert, a[0]);
@@ -1438,7 +1437,7 @@ namespace Org.BouncyCastle.Cms.Tests
 		{
 			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
             CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
 			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
@@ -1505,8 +1504,8 @@ namespace Org.BouncyCastle.Cms.Tests
 
 			foreach (SignerInformation cSigner in csSigners)
 			{
-				ArrayList certCollection = new ArrayList(
-					sig.GetCertificates("Collection").GetMatches(cSigner.SignerID));
+				var certCollection = new List<X509Certificate>(
+					sig.GetCertificates().EnumerateMatches(cSigner.SignerID));
 
 				X509Certificate cert = (X509Certificate)certCollection[0];
 
@@ -1556,7 +1555,7 @@ namespace Org.BouncyCastle.Cms.Tests
             byte[] data = Encoding.ASCII.GetBytes("Hello World!");
             CmsProcessable msg = new CmsProcessableByteArray(data);
 
-            IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+            var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
 
             CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
             gen.AddSignerInfoGenerator(new SignerInfoGeneratorBuilder().Build(
@@ -1576,16 +1575,16 @@ namespace Org.BouncyCastle.Cms.Tests
         private void VerifySignatures(
 			CmsSignedDataParser sp)
 		{
-			IX509Store x509Certs = sp.GetCertificates("Collection");
+			var x509Certs = sp.GetCertificates();
 			SignerInformationStore signers = sp.GetSignerInfos();
 
 			foreach (SignerInformation signer in signers.GetSigners())
 			{
-				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+				var certCollection = x509Certs.EnumerateMatches(signer.SignerID);
 
-				IEnumerator certEnum = certCollection.GetEnumerator();
+				var certEnum = certCollection.GetEnumerator();
 				certEnum.MoveNext();
-				X509Certificate cert = (X509Certificate)certEnum.Current;
+				X509Certificate cert = certEnum.Current;
 
 				Assert.IsTrue(signer.Verify(cert));
 				Assert.IsTrue(new MySignerInformation(signer).Verify(cert)); // test simple copy works
diff --git a/crypto/test/src/test/AttrCertSelectorTest.cs b/crypto/test/src/test/AttrCertSelectorTest.cs
index 87cb049fc..cb5de3740 100644
--- a/crypto/test/src/test/AttrCertSelectorTest.cs
+++ b/crypto/test/src/test/AttrCertSelectorTest.cs
@@ -73,7 +73,7 @@ namespace Org.BouncyCastle.Tests
 			get { return "AttrCertSelector"; }
 		}
 
-		private IX509AttributeCertificate CreateAttrCert()
+		private X509V2AttributeCertificate CreateAttrCert()
 		{
 //			CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
 //			X509Certificate iCert = (X509Certificate) fact
@@ -131,7 +131,7 @@ namespace Org.BouncyCastle.Tests
 		[Test]
 		public void TestSelector()
 		{
-			IX509AttributeCertificate aCert = CreateAttrCert();
+			X509V2AttributeCertificate aCert = CreateAttrCert();
 			X509AttrCertStoreSelector sel = new X509AttrCertStoreSelector();
 			sel.AttributeCert = aCert;
 			bool match = sel.Match(aCert);
diff --git a/crypto/test/src/test/AttrCertTest.cs b/crypto/test/src/test/AttrCertTest.cs
index 3f80c3ddf..055a6b456 100644
--- a/crypto/test/src/test/AttrCertTest.cs
+++ b/crypto/test/src/test/AttrCertTest.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Collections;
+using System.Collections.Generic;
 
 using NUnit.Framework;
 
@@ -14,7 +15,6 @@ using Org.BouncyCastle.Utilities.Encoders;
 using Org.BouncyCastle.Utilities.Test;
 using Org.BouncyCastle.X509;
 using Org.BouncyCastle.X509.Extension;
-using Org.BouncyCastle.X509.Store;
 
 namespace Org.BouncyCastle.Tests
 {
@@ -139,7 +139,7 @@ namespace Org.BouncyCastle.Tests
 
 		private void doTestCertWithBaseCertificateID()
 		{
-			IX509AttributeCertificate attrCert = new X509V2AttributeCertificate(certWithBaseCertificateID);
+			var attrCert = new X509V2AttributeCertificate(certWithBaseCertificateID);
 			X509CertificateParser fact = new X509CertificateParser();
 			X509Certificate cert = fact.ReadCertificate(holderCertWithBaseCertificateID);
 
@@ -179,7 +179,7 @@ namespace Org.BouncyCastle.Tests
 		}
 
 		private void equalityAndHashCodeTest(
-			IX509AttributeCertificate	attrCert,
+			X509V2AttributeCertificate  attrCert,
 			byte[]						encoding)
 		{
 			if (!attrCert.Equals(attrCert))
@@ -207,7 +207,7 @@ namespace Org.BouncyCastle.Tests
 				Fail("wrong issuer equal");
 			}
 
-			IX509AttributeCertificate attrCert2 = new X509V2AttributeCertificate(encoding);
+			var attrCert2 = new X509V2AttributeCertificate(encoding);
 
 			if (attrCert2.Holder.GetHashCode() != attrCert.Holder.GetHashCode())
 			{
@@ -271,8 +271,7 @@ namespace Org.BouncyCastle.Tests
 			gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
 			gen.SetSerialNumber(BigInteger.One);
 
-			IX509AttributeCertificate aCert = gen.Generate(
-				new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null));
+			var aCert = gen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null));
 
 			aCert.CheckValidity();
 
@@ -379,8 +378,7 @@ namespace Org.BouncyCastle.Tests
 			gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
 			gen.SetSerialNumber(BigInteger.One);
 
-			IX509AttributeCertificate aCert = gen.Generate(
-				new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null));
+			var aCert = gen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null));
 
 			aCert.CheckValidity();
 
@@ -420,7 +418,7 @@ namespace Org.BouncyCastle.Tests
 
 		public override void PerformTest()
 		{
-			IX509AttributeCertificate aCert = new X509V2AttributeCertificate(attrCert);
+			var aCert = new X509V2AttributeCertificate(attrCert);
 			X509CertificateParser fact = new X509CertificateParser();
 			X509Certificate sCert = fact.ReadCertificate(signCert);
 
@@ -429,19 +427,13 @@ namespace Org.BouncyCastle.Tests
 			//
 			// search test
 			//
-			IList list = new ArrayList();
+			var list = new List<X509Certificate>();
 
 			list.Add(sCert);
 
-//			CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-//			CertStore store = CertStore.getInstance("Collection", ccsp);
-			IX509Store store = X509StoreFactory.Create(
-				"Certificate/Collection",
-				new X509CollectionStoreParameters(list));
+			var store = CollectionUtilities.CreateStore(list);
 
-			ArrayList certs = new ArrayList(
-//				store.getCertificates(aCert.getIssuer()));
-				store.GetMatches(aCert.Issuer));
+			var certs = new List<X509Certificate>(store.EnumerateMatches(aCert.Issuer));
 
 			if (certs.Count != 1 || !certs.Contains(sCert))
 			{
@@ -461,7 +453,7 @@ namespace Org.BouncyCastle.Tests
 
 			aCert.Verify(sCert.GetPublicKey());
 
-			IX509AttributeCertificate saCert = new X509V2AttributeCertificate(aCert.GetEncoded());
+			var saCert = new X509V2AttributeCertificate(aCert.GetEncoded());
 
 			if (!aCert.NotAfter.Equals(saCert.NotAfter))
 			{
@@ -509,9 +501,7 @@ namespace Org.BouncyCastle.Tests
 			// as the issuer is the same this should still work (even though it is not
 			// technically correct
 
-			certs = new ArrayList(
-//				store.getCertificates(aCert.Issuer));
-				store.GetMatches(aCert.Issuer));
+			certs = new List<X509Certificate>(store.EnumerateMatches(aCert.Issuer));
 
 			if (certs.Count != 1 || !certs.Contains(sCert))
 			{
diff --git a/crypto/test/src/test/CertPathBuilderTest.cs b/crypto/test/src/test/CertPathBuilderTest.cs
index 8541096f1..dac45748a 100644
--- a/crypto/test/src/test/CertPathBuilderTest.cs
+++ b/crypto/test/src/test/CertPathBuilderTest.cs
@@ -1,5 +1,5 @@
 using System;
-using System.Collections;
+using System.Collections.Generic;
 
 using NUnit.Framework;
 
@@ -31,23 +31,17 @@ namespace Org.BouncyCastle.Tests
             X509Crl rootCrl = crlParser.ReadCrl(CertPathTest.rootCrlBin);
             X509Crl interCrl = crlParser.ReadCrl(CertPathTest.interCrlBin);
 
-            IList certList = new ArrayList();
+            var certList =  new List<X509Certificate>();
             certList.Add(rootCert);
             certList.Add(interCert);
             certList.Add(finalCert);
 
-            IList crlList = new ArrayList();
+            var crlList = new List<X509Crl>();
             crlList.Add(rootCrl);
             crlList.Add(interCrl);
 
-//			CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-//			CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
-            IX509Store x509CertStore = X509StoreFactory.Create(
-                "Certificate/Collection",
-                new X509CollectionStoreParameters(certList));
-            IX509Store x509CrlStore = X509StoreFactory.Create(
-                "CRL/Collection",
-                new X509CollectionStoreParameters(crlList));
+            IStore<X509Certificate> x509CertStore = CollectionUtilities.CreateStore(certList);
+            IStore<X509Crl> x509CrlStore = CollectionUtilities.CreateStore(crlList);
 
             // NB: Month is 1-based in .NET
             //DateTime validDate = new DateTime(2008, 9, 4, 14, 49, 10).ToUniversalTime();
@@ -57,14 +51,12 @@ namespace Org.BouncyCastle.Tests
             ISet trust = new HashSet();
             trust.Add(new TrustAnchor(rootCert, null));
 
-//			CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX","BC");
             PkixCertPathBuilder cpb = new PkixCertPathBuilder();
             X509CertStoreSelector targetConstraints = new X509CertStoreSelector();
             targetConstraints.Subject = finalCert.SubjectDN;
             PkixBuilderParameters parameters = new PkixBuilderParameters(trust, targetConstraints);
-//			parameters.addCertStore(store);
-            parameters.AddStore(x509CertStore);
-            parameters.AddStore(x509CrlStore);
+            parameters.AddStoreCert(x509CertStore);
+            parameters.AddStoreCrl(x509CrlStore);
             parameters.Date = new DateTimeObject(validDate);
             PkixCertPathBuilderResult result = cpb.Build(parameters);
             PkixCertPath path = result.CertPath;
@@ -91,38 +83,30 @@ namespace Org.BouncyCastle.Tests
             X509Crl interCRL = TestUtilities.CreateCrl(interCert, interPair.Private, revokedSerialNumber);
 
             // create CertStore to support path building
-            IList certList = new ArrayList();
+            var certList = new List<X509Certificate>();
             certList.Add(rootCert);
             certList.Add(interCert);
             certList.Add(endCert);
 
-            IList crlList = new ArrayList();
+            var crlList = new List<X509Crl>();
             crlList.Add(rootCRL);
             crlList.Add(interCRL);
 
-//			CollectionCertStoreParameters parameters = new CollectionCertStoreParameters(list);
-//			CertStore                     store = CertStore.getInstance("Collection", parameters);
-            IX509Store x509CertStore = X509StoreFactory.Create(
-                "Certificate/Collection",
-                new X509CollectionStoreParameters(certList));
-            IX509Store x509CrlStore = X509StoreFactory.Create(
-                "CRL/Collection",
-                new X509CollectionStoreParameters(crlList));
+            IStore<X509Certificate> x509CertStore = CollectionUtilities.CreateStore(certList);
+            IStore<X509Crl> x509CrlStore = CollectionUtilities.CreateStore(crlList);
 
             ISet trust = new HashSet();
             trust.Add(new TrustAnchor(rootCert, null));
 
             // build the path
-//			CertPathBuilder  builder = CertPathBuilder.getInstance("PKIX", "BC");
             PkixCertPathBuilder builder = new PkixCertPathBuilder();
             X509CertStoreSelector pathConstraints = new X509CertStoreSelector();
 
             pathConstraints.Subject = endCert.SubjectDN;
 
             PkixBuilderParameters buildParams = new PkixBuilderParameters(trust, pathConstraints);
-//			buildParams.addCertStore(store);
-            buildParams.AddStore(x509CertStore);
-            buildParams.AddStore(x509CrlStore);
+            buildParams.AddStoreCert(x509CertStore);
+            buildParams.AddStoreCrl(x509CrlStore);
 
             buildParams.Date = new DateTimeObject(DateTime.UtcNow);
 
diff --git a/crypto/test/src/test/CertPathTest.cs b/crypto/test/src/test/CertPathTest.cs
index 357014e15..a763e2dcc 100644
--- a/crypto/test/src/test/CertPathTest.cs
+++ b/crypto/test/src/test/CertPathTest.cs
@@ -1,11 +1,10 @@
 using System;
 using System.Collections;
+using System.Collections.Generic;
 using System.IO;
-using System.Text;
 
 using NUnit.Framework;
 
-using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Pkix;
 using Org.BouncyCastle.Security.Certificates;
 using Org.BouncyCastle.Utilities.Collections;
@@ -132,7 +131,7 @@ namespace Org.BouncyCastle.Tests
 
 //			CertificateFactory cf = CertificateFactory.GetInstance("X.509");
 			X509CertificateParser cf = new X509CertificateParser();
-			IList certCol = new ArrayList();
+			var certCol = new List<X509Certificate>();
 
 			certCol.Add(cf.ReadCertificate(certA));
 			certCol.Add(cf.ReadCertificate(certB));
@@ -148,12 +147,10 @@ namespace Org.BouncyCastle.Tests
 			trustanchors.Add(new TrustAnchor(cf.ReadCertificate(rootCertBin), null));
 
 //			CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certCol));
-			IX509Store x509CertStore = X509StoreFactory.Create(
-				"Certificate/Collection",
-				new X509CollectionStoreParameters(certCol));
+			var x509CertStore = CollectionUtilities.CreateStore(certCol);
 
 			PkixBuilderParameters parameters = new PkixBuilderParameters(trustanchors, select);
-			parameters.AddStore(x509CertStore);
+			parameters.AddStoreCert(x509CertStore);
 
 			try
 			{
diff --git a/crypto/test/src/test/CertPathValidatorTest.cs b/crypto/test/src/test/CertPathValidatorTest.cs
index 972de6b04..42625d1ec 100644
--- a/crypto/test/src/test/CertPathValidatorTest.cs
+++ b/crypto/test/src/test/CertPathValidatorTest.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Collections;
+using System.Collections.Generic;
 using System.IO;
 
 using NUnit.Framework;
@@ -11,7 +12,6 @@ using Org.BouncyCastle.Utilities.Date;
 using Org.BouncyCastle.Utilities.Encoders;
 using Org.BouncyCastle.Utilities.Test;
 using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
 
 namespace Org.BouncyCastle.Tests
 {
@@ -138,24 +138,17 @@ namespace Org.BouncyCastle.Tests
             X509Crl rootCrl = crlParser.ReadCrl(CertPathTest.rootCrlBin);
             X509Crl interCrl = crlParser.ReadCrl(CertPathTest.interCrlBin);
 
-            IList x509Certs = new ArrayList();
+            var x509Certs = new List<X509Certificate>();
             x509Certs.Add(rootCert);
             x509Certs.Add(interCert);
             x509Certs.Add(finalCert);
 
-            IList x509Crls = new ArrayList();
+            var x509Crls = new List<X509Crl>();
             x509Crls.Add(rootCrl);
             x509Crls.Add(interCrl);
 
-//			CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-//			CertStore store = CertStore.GetInstance("Collection", ccsp);
-//			X509CollectionStoreParameters ccsp = new X509CollectionStoreParameters(list);
-            IX509Store x509CertStore = X509StoreFactory.Create(
-                "Certificate/Collection",
-                new X509CollectionStoreParameters(x509Certs));
-            IX509Store x509CrlStore = X509StoreFactory.Create(
-                "CRL/Collection",
-                new X509CollectionStoreParameters(x509Crls));
+            var x509CertStore = CollectionUtilities.CreateStore(x509Certs);
+            var x509CrlStore = CollectionUtilities.CreateStore(x509Crls);
 
             // NB: Month is 1-based in .NET
             //DateTime validDate = new DateTime(2008,9,4,14,49,10).ToUniversalTime();
@@ -174,8 +167,8 @@ namespace Org.BouncyCastle.Tests
 //			CertPathValidator cpv = CertPathValidator.GetInstance("PKIX");
             PkixCertPathValidator cpv = new PkixCertPathValidator();
             PkixParameters param = new PkixParameters(trust);
-            param.AddStore(x509CertStore);
-            param.AddStore(x509CrlStore);
+            param.AddStoreCert(x509CertStore);
+            param.AddStoreCrl(x509CrlStore);
             param.Date = new DateTimeObject(validDate);
             MyChecker checker = new MyChecker();
             param.AddCertPathChecker(checker);
@@ -206,13 +199,13 @@ namespace Org.BouncyCastle.Tests
 
             cpv = new PkixCertPathValidator();
             param = new PkixParameters(trust);
-            param.AddStore(x509CertStore);
-            param.AddStore(x509CrlStore);
+            param.AddStoreCert(x509CertStore);
+            param.AddStoreCrl(x509CrlStore);
             param.Date = new DateTimeObject(validDate);
             checker = new MyChecker();
             param.AddCertPathChecker(checker);
 
-            result = (PkixCertPathValidatorResult)cpv.Validate(cp, param);
+            result = cpv.Validate(cp, param);
 
             IsTrue(result.TrustAnchor.TrustedCert.Equals(rootCert));
 
@@ -226,17 +219,12 @@ namespace Org.BouncyCastle.Tests
                 interCert = certParser.ReadCertificate(AC_PR);
                 finalCert = certParser.ReadCertificate(schefer);
 
-                x509Certs = new ArrayList();
+                x509Certs = new List<X509Certificate>();
                 x509Certs.Add(rootCert);
                 x509Certs.Add(interCert);
                 x509Certs.Add(finalCert);
 
-//				ccsp = new CollectionCertStoreParameters(list);
-//				store = CertStore.GetInstance("Collection", ccsp);
-//				ccsp = new X509CollectionStoreParameters(list);
-                x509CertStore = X509StoreFactory.Create(
-                    "Certificate/Collection",
-                    new X509CollectionStoreParameters(x509Certs));
+                x509CertStore = CollectionUtilities.CreateStore(x509Certs);
 
                 // NB: Month is 1-based in .NET
                 //validDate = new DateTime(2004,3,21,2,21,10).ToUniversalTime();
@@ -255,7 +243,7 @@ namespace Org.BouncyCastle.Tests
 //				cpv = CertPathValidator.GetInstance("PKIX");
                 cpv = new PkixCertPathValidator();
                 param = new PkixParameters(trust);
-                param.AddStore(x509CertStore);
+                param.AddStoreCert(x509CertStore);
                 param.IsRevocationEnabled = false;
                 param.Date = new DateTimeObject(validDate);
 
diff --git a/crypto/test/src/test/NistCertPathTest.cs b/crypto/test/src/test/NistCertPathTest.cs
index 5e68a0dea..f033f0b06 100644
--- a/crypto/test/src/test/NistCertPathTest.cs
+++ b/crypto/test/src/test/NistCertPathTest.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Collections;
+using System.Collections.Generic;
 using System.IO;
 using System.Text;
 
@@ -9,7 +10,6 @@ using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Pkix;
 using Org.BouncyCastle.Utilities.Collections;
-using Org.BouncyCastle.Utilities.Date;
 using Org.BouncyCastle.Utilities.Encoders;
 using Org.BouncyCastle.Utilities.Test;
 using Org.BouncyCastle.X509;
@@ -288,10 +288,10 @@ namespace Org.BouncyCastle.Tests
 			return crlParser.ReadCrl(Base64.Decode(_str));
 		}
 
-		private void MakeCertStore(string[] _strs, out IX509Store certStore, out IX509Store crlStore)
+		private void MakeCertStore(string[] _strs, out IStore<X509Certificate> certStore, out IStore<X509Crl> crlStore)
 		{
-			ArrayList certs = new ArrayList();
-			ArrayList crls = new ArrayList();
+			var certs = new List<X509Certificate>();
+			var crls = new List<X509Crl>();
 			crls.Add(trustedCRL);
 
 			for (int i = 0; i < _strs.Length; i++)
@@ -319,10 +319,8 @@ namespace Org.BouncyCastle.Tests
 			certs.Reverse();
 			crls.Reverse();
 
-			certStore = X509StoreFactory.Create("Certificate/Collection",
-				new X509CollectionStoreParameters(certs));
-			crlStore = X509StoreFactory.Create("CRL/Collection",
-				new X509CollectionStoreParameters(crls));
+			certStore = CollectionUtilities.CreateStore(certs);
+			crlStore = CollectionUtilities.CreateStore(crls);
 		}
 
 		private void Test(string _name, string[] _data, bool _accept,
@@ -352,14 +350,14 @@ namespace Org.BouncyCastle.Tests
 				X509CertStoreSelector _select = new X509CertStoreSelector();
 				_select.Subject = _ee.SubjectDN;
 
-				IX509Store certStore, crlStore;
+				IStore<X509Certificate> certStore;
+				IStore<X509Crl> crlStore;
 				MakeCertStore(_data, out certStore, out crlStore);
 
-				PkixBuilderParameters _param = new PkixBuilderParameters(
-					trustedSet, _select);
+				PkixBuilderParameters _param = new PkixBuilderParameters(trustedSet, _select);
 				_param.IsExplicitPolicyRequired = _explicit;
-				_param.AddStore(certStore);
-				_param.AddStore(crlStore);
+				_param.AddStoreCert(certStore);
+				_param.AddStoreCrl(crlStore);
 				_param.IsRevocationEnabled = true;
 
 				if (_ipolset != null)
diff --git a/crypto/test/src/test/PkixPolicyMappingTest.cs b/crypto/test/src/test/PkixPolicyMappingTest.cs
index 4ccc008cc..d67492b83 100644
--- a/crypto/test/src/test/PkixPolicyMappingTest.cs
+++ b/crypto/test/src/test/PkixPolicyMappingTest.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Collections;
+using System.Collections.Generic;
 
 using NUnit.Framework;
 
@@ -102,18 +103,16 @@ namespace Org.BouncyCastle.Tests
 		{
 			ISet trust = new HashSet();
 			trust.Add(new TrustAnchor(trustCert, null));
-			X509CertStoreSelector targetConstraints = new X509CertStoreSelector();
-			targetConstraints.Subject = endCert.SubjectDN;
-			PkixBuilderParameters pbParams = new PkixBuilderParameters(trust, targetConstraints);
+			X509CertStoreSelector targetConstraintsCert = new X509CertStoreSelector();
+			targetConstraintsCert.Subject = endCert.SubjectDN;
+			PkixBuilderParameters pbParams = new PkixBuilderParameters(trust, targetConstraintsCert);
 
-			ISet certs = new HashSet();
+			var certs = new HashSet<X509Certificate>();
 			certs.Add(intCert);
 			certs.Add(endCert);
 
-			IX509Store store = X509StoreFactory.Create(
-				"CERTIFICATE/COLLECTION",
-				new X509CollectionStoreParameters(certs));
-			pbParams.AddStore(store);
+			var store = CollectionUtilities.CreateStore(certs);
+			pbParams.AddStoreCert(store);
 
 			pbParams.IsRevocationEnabled = false;
 			if (requirePolicies != null)
@@ -122,13 +121,12 @@ namespace Org.BouncyCastle.Tests
 				pbParams.SetInitialPolicies(requirePolicies);
 			}
 
-//			CertPathBuilder cpb = CertPathBuilder.GetInstance("PKIX");
 			PkixCertPathBuilder cpb = new PkixCertPathBuilder();
-			PkixCertPathBuilderResult result = null;
+			PkixCertPathBuilderResult result;
 
 			try
 			{
-				result = (PkixCertPathBuilderResult)cpb.Build(pbParams);
+				result = cpb.Build(pbParams);
 
 				if (!okay)
 				{
diff --git a/crypto/test/src/test/X509StoreTest.cs b/crypto/test/src/test/X509StoreTest.cs
index 4fa3402ee..0a5fff6f1 100644
--- a/crypto/test/src/test/X509StoreTest.cs
+++ b/crypto/test/src/test/X509StoreTest.cs
@@ -1,11 +1,13 @@
 using System;
 using System.Collections;
+using System.Collections.Generic;
 using System.IO;
 
 using NUnit.Framework;
 
 using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities.Collections;
 using Org.BouncyCastle.Utilities.Date;
 using Org.BouncyCastle.Utilities.Test;
 using Org.BouncyCastle.X509;
@@ -28,13 +30,11 @@ namespace Org.BouncyCastle.Tests
 			// Testing CollectionCertStore generation from List
 			X509CertificatePair pair1 = new X509CertificatePair(rootCert, interCert);
 
-			IList certList = new ArrayList();
+			var certList = new List<X509CertificatePair>();
 			certList.Add(pair1);
 			certList.Add(new X509CertificatePair(interCert, finalCert));
 
-			IX509Store certStore = X509StoreFactory.Create(
-				"CertificatePair/Collection",
-				new X509CollectionStoreParameters(certList));
+			var certStore = CollectionUtilities.CreateStore(certList);
 
 			X509CertPairStoreSelector selector = new X509CertPairStoreSelector();
 			X509CertStoreSelector fwSelector = new X509CertStoreSelector();
@@ -44,14 +44,14 @@ namespace Org.BouncyCastle.Tests
 
 			selector.ForwardSelector = fwSelector;
 
-			IList col = new ArrayList(certStore.GetMatches(selector));
+			var col = new List<X509CertificatePair>(certStore.EnumerateMatches(selector));
 
 			if (col.Count != 1 || !col.Contains(pair1))
 			{
 				Fail("failed pair1 test");
 			}
 
-			col = new ArrayList(certStore.GetMatches(null));
+			col = new List<X509CertificatePair>(certStore.EnumerateMatches(null));
 
 			if (col.Count != 2)
 			{
@@ -71,14 +71,12 @@ namespace Org.BouncyCastle.Tests
 			X509Crl interCrl = crlParser.ReadCrl(CertPathTest.interCrlBin);
 
 			// Testing CollectionCertStore generation from List
-			IList certList = new ArrayList();
+			var certList = new List<X509Certificate>();
 			certList.Add(rootCert);
 			certList.Add(interCert);
 			certList.Add(finalCert);
 
-			IX509Store certStore = X509StoreFactory.Create(
-				"Certificate/Collection",
-				new X509CollectionStoreParameters(certList));
+			var certStore = CollectionUtilities.CreateStore(certList);
 
 			// set default to be the same as for SUN X500 name
 			X509Name.DefaultReverse = true;
@@ -87,7 +85,7 @@ namespace Org.BouncyCastle.Tests
 
 			X509CertStoreSelector targetConstraints = new X509CertStoreSelector();
 			targetConstraints.Subject = PrincipalUtilities.GetSubjectX509Principal(rootCert);
-			IList certs = new ArrayList(certStore.GetMatches(targetConstraints));
+			var certs = new List<X509Certificate>(certStore.EnumerateMatches(targetConstraints));
 			if (certs.Count != 1 || !certs.Contains(rootCert))
 			{
 				Fail("rootCert not found by subjectDN");
@@ -96,7 +94,7 @@ namespace Org.BouncyCastle.Tests
 			// Searching for rootCert by subjectDN encoded as byte
 			targetConstraints = new X509CertStoreSelector();
 			targetConstraints.Subject = PrincipalUtilities.GetSubjectX509Principal(rootCert);
-			certs = new ArrayList(certStore.GetMatches(targetConstraints));
+			certs = new List<X509Certificate>(certStore.EnumerateMatches(targetConstraints));
 			if (certs.Count != 1 || !certs.Contains(rootCert))
 			{
 				Fail("rootCert not found by encoded subjectDN");
@@ -108,7 +106,7 @@ namespace Org.BouncyCastle.Tests
 			targetConstraints = new X509CertStoreSelector();
 			targetConstraints.SubjectPublicKey =
 				SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(rootCert.GetPublicKey());
-			certs = new ArrayList(certStore.GetMatches(targetConstraints));
+			certs = new List<X509Certificate>(certStore.EnumerateMatches(targetConstraints));
 			if (certs.Count != 1 || !certs.Contains(rootCert))
 			{
 				Fail("rootCert not found by encoded public key");
@@ -117,7 +115,7 @@ namespace Org.BouncyCastle.Tests
 			// Searching for interCert by issuerDN
 			targetConstraints = new X509CertStoreSelector();
 			targetConstraints.Issuer = PrincipalUtilities.GetSubjectX509Principal(rootCert);
-			certs = new ArrayList(certStore.GetMatches(targetConstraints));
+			certs = new List<X509Certificate>(certStore.EnumerateMatches(targetConstraints));
 			if (certs.Count != 2)
 			{
 				Fail("did not found 2 certs");
@@ -132,12 +130,10 @@ namespace Org.BouncyCastle.Tests
 			}
 
 			// Searching for rootCrl by issuerDN
-			IList crlList = new ArrayList();
+			var crlList = new List<X509Crl>();
 			crlList.Add(rootCrl);
 			crlList.Add(interCrl);
-			IX509Store store = X509StoreFactory.Create(
-				"CRL/Collection",
-				new X509CollectionStoreParameters(crlList));
+			var crlStore = CollectionUtilities.CreateStore(crlList);
 
 			X509CrlStoreSelector targetConstraintsCRL = new X509CrlStoreSelector();
 
@@ -145,32 +141,20 @@ namespace Org.BouncyCastle.Tests
 			issuers.Add(rootCrl.IssuerDN);
 			targetConstraintsCRL.Issuers = issuers;
 
-			IList crls = new ArrayList(store.GetMatches(targetConstraintsCRL));
+			var crls = new List<X509Crl>(crlStore.EnumerateMatches(targetConstraintsCRL));
 			if (crls.Count != 1 || !crls.Contains(rootCrl))
 			{
 				Fail("rootCrl not found");
 			}
 
-			crls = new ArrayList(certStore.GetMatches(targetConstraintsCRL));
-			if (crls.Count != 0)
-			{
-				Fail("error using wrong selector (CRL)");
-			}
-			certs = new ArrayList(store.GetMatches(targetConstraints));
-			if (certs.Count != 0)
-			{
-				Fail("error using wrong selector (certs)");
-			}
 			// Searching for attribute certificates
 			X509V2AttributeCertificate attrCert = new X509V2AttributeCertificate(AttrCertTest.attrCert);
-			IX509AttributeCertificate attrCert2 = new X509V2AttributeCertificate(AttrCertTest.certWithBaseCertificateID);
+			X509V2AttributeCertificate attrCert2 = new X509V2AttributeCertificate(AttrCertTest.certWithBaseCertificateID);
 
-			IList attrList = new ArrayList();
+			var attrList = new List<X509V2AttributeCertificate>();
 			attrList.Add(attrCert);
 			attrList.Add(attrCert2);
-			store = X509StoreFactory.Create(
-				"AttributeCertificate/Collection",
-				new X509CollectionStoreParameters(attrList));
+			var attrStore = CollectionUtilities.CreateStore(attrList);
 
 			X509AttrCertStoreSelector attrSelector = new X509AttrCertStoreSelector();
 			attrSelector.Holder = attrCert.Holder;
@@ -178,7 +162,7 @@ namespace Org.BouncyCastle.Tests
 			{
 				Fail("holder get not correct");
 			}
-			IList attrs = new ArrayList(store.GetMatches(attrSelector));
+			var attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
 			if (attrs.Count != 1 || !attrs.Contains(attrCert))
 			{
 				Fail("attrCert not found on holder");
@@ -188,7 +172,7 @@ namespace Org.BouncyCastle.Tests
 			{
 				Fail("holder get not correct");
 			}
-			attrs = new ArrayList(store.GetMatches(attrSelector));
+			attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
 			if (attrs.Count != 1 || !attrs.Contains(attrCert2))
 			{
 				Fail("attrCert2 not found on holder");
@@ -199,7 +183,7 @@ namespace Org.BouncyCastle.Tests
 			{
 				Fail("issuer get not correct");
 			}
-			attrs = new ArrayList(store.GetMatches(attrSelector));
+			attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
 			if (attrs.Count != 1 || !attrs.Contains(attrCert))
 			{
 				Fail("attrCert not found on issuer");
@@ -209,7 +193,7 @@ namespace Org.BouncyCastle.Tests
 			{
 				Fail("issuer get not correct");
 			}
-			attrs = new ArrayList(store.GetMatches(attrSelector));
+			attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
 			if (attrs.Count != 1 || !attrs.Contains(attrCert2))
 			{
 				Fail("attrCert2 not found on issuer");
@@ -220,7 +204,7 @@ namespace Org.BouncyCastle.Tests
 			{
 				Fail("attrCert get not correct");
 			}
-			attrs = new ArrayList(store.GetMatches(attrSelector));
+			attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
 			if (attrs.Count != 1 || !attrs.Contains(attrCert))
 			{
 				Fail("attrCert not found on attrCert");
@@ -231,7 +215,7 @@ namespace Org.BouncyCastle.Tests
 			{
 				Fail("serial number get not correct");
 			}
-			attrs = new ArrayList(store.GetMatches(attrSelector));
+			attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
 			if (attrs.Count != 1 || !attrs.Contains(attrCert))
 			{
 				Fail("attrCert not found on serial number");
@@ -241,7 +225,7 @@ namespace Org.BouncyCastle.Tests
 			{
 				Fail("serial number get not correct");
 			}
-			attrs = new ArrayList(store.GetMatches(attrSelector));
+			attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
 			if (attrs.Count != 1 || !attrs.Contains(attrCert))
 			{
 				Fail("attrCert not found on serial number");
@@ -253,26 +237,26 @@ namespace Org.BouncyCastle.Tests
 			{
 				Fail("valid get not correct");
 			}
-			attrs = new ArrayList(store.GetMatches(attrSelector));
+			attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
 			if (attrs.Count != 1 || !attrs.Contains(attrCert))
 			{
 				Fail("attrCert not found on valid");
 			}
 			attrSelector = new X509AttrCertStoreSelector();
 			attrSelector.AttributeCertificateValid = new DateTimeObject(attrCert.NotBefore.AddMilliseconds(-100));
-			attrs = new ArrayList(store.GetMatches(attrSelector));
+			attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
 			if (attrs.Count != 0)
 			{
 				Fail("attrCert found on before");
 			}
 			attrSelector.AttributeCertificateValid = new DateTimeObject(attrCert.NotAfter.AddMilliseconds(100));
-			attrs = new ArrayList(store.GetMatches(attrSelector));
+			attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
 			if (attrs.Count != 0)
 			{
 				Fail("attrCert found on after");
 			}
 			attrSelector.SerialNumber = BigInteger.ValueOf(10000);
-			attrs = new ArrayList(store.GetMatches(attrSelector));
+			attrs = new List<X509V2AttributeCertificate>(attrStore.EnumerateMatches(attrSelector));
 			if (attrs.Count != 0)
 			{
 				Fail("attrCert found on wrong serial number");
@@ -304,12 +288,6 @@ namespace Org.BouncyCastle.Tests
 				Fail("null attrCert serial");
 			}
 
-			attrs = new ArrayList(certStore.GetMatches(attrSelector));
-			if (attrs.Count != 0)
-			{
-				Fail("error using wrong selector (attrs)");
-			}
-
 			certPairTest();
 		}
 
diff --git a/crypto/test/src/test/nist/NistCertPathTest.cs b/crypto/test/src/test/nist/NistCertPathTest.cs
index 13a85a980..1a6f75a43 100644
--- a/crypto/test/src/test/nist/NistCertPathTest.cs
+++ b/crypto/test/src/test/nist/NistCertPathTest.cs
@@ -1,7 +1,7 @@
 using System;
 using System.Collections;
+using System.Collections.Generic;
 using System.IO;
-using System.Reflection;
 
 using NUnit.Framework;
 
@@ -648,8 +648,8 @@ namespace Org.BouncyCastle.Tests.Nist
 			ISet trustedSet = new HashSet();
 			trustedSet.Add(GetTrustAnchor(trustAnchor));
 
-			IList x509Certs = new ArrayList();
-			IList x509Crls = new ArrayList();
+			var x509Certs = new List<X509Certificate>();
+			var x509Crls = new List<X509Crl>();
 			X509Certificate endCert = LoadCert(certs[certs.Length - 1]);
 
 			for (int i = 0; i != certs.Length - 1; i++)
@@ -666,18 +666,14 @@ namespace Org.BouncyCastle.Tests.Nist
 				x509Crls.Add(LoadCrl(crls[i]));
 			}
 
-			IX509Store x509CertStore = X509StoreFactory.Create(
-				"Certificate/Collection",
-				new X509CollectionStoreParameters(x509Certs));
-			IX509Store x509CrlStore = X509StoreFactory.Create(
-				"CRL/Collection",
-				new X509CollectionStoreParameters(x509Crls));
+			var x509CertStore = CollectionUtilities.CreateStore(x509Certs);
+			var x509CrlStore = CollectionUtilities.CreateStore(x509Crls);
 
 			PkixCertPathValidator validator = new PkixCertPathValidator();
 			PkixParameters parameters = new PkixParameters(trustedSet);
 
-			parameters.AddStore(x509CertStore);
-			parameters.AddStore(x509CrlStore);
+			parameters.AddStoreCert(x509CertStore);
+			parameters.AddStoreCrl(x509CrlStore);
 			parameters.IsRevocationEnabled = true;
 
 			if (policies != null)
@@ -703,8 +699,8 @@ namespace Org.BouncyCastle.Tests.Nist
 			ISet trustedSet = new HashSet();
 			trustedSet.Add(GetTrustAnchor(trustAnchor));
 
-			IList x509Certs = new ArrayList();
-			IList x509Crls = new ArrayList();
+			var x509Certs = new List<X509Certificate>();
+			var x509Crls = new List<X509Crl>();
 			X509Certificate endCert = LoadCert(certs[certs.Length - 1]);
 
 			for (int i = 0; i != certs.Length - 1; i++)
@@ -719,12 +715,8 @@ namespace Org.BouncyCastle.Tests.Nist
 				x509Crls.Add(LoadCrl(crls[i]));
 			}
 
-			IX509Store x509CertStore = X509StoreFactory.Create(
-				"Certificate/Collection",
-				new X509CollectionStoreParameters(x509Certs));
-			IX509Store x509CrlStore = X509StoreFactory.Create(
-				"CRL/Collection",
-				new X509CollectionStoreParameters(x509Crls));
+			var x509CertStore = CollectionUtilities.CreateStore(x509Certs);
+			var x509CrlStore = CollectionUtilities.CreateStore(x509Crls);
 
 			PkixCertPathBuilder builder = new PkixCertPathBuilder();
 
@@ -748,8 +740,8 @@ namespace Org.BouncyCastle.Tests.Nist
 				builderParams.IsAnyPolicyInhibited = anyPolicyInhibited;
 			}
 
-			builderParams.AddStore(x509CertStore);
-			builderParams.AddStore(x509CrlStore);
+			builderParams.AddStoreCert(x509CertStore);
+			builderParams.AddStoreCrl(x509CrlStore);
 
 			// Perform validation as of this date since test certs expired
 			builderParams.Date = new DateTimeObject(DateTime.Parse("1/1/2011"));
diff --git a/crypto/test/src/test/nist/NistCertPathTest2.cs b/crypto/test/src/test/nist/NistCertPathTest2.cs
index e9dd7f959..ffdad62e3 100644
--- a/crypto/test/src/test/nist/NistCertPathTest2.cs
+++ b/crypto/test/src/test/nist/NistCertPathTest2.cs
@@ -1,7 +1,7 @@
 using System;
 using System.Collections;
+using System.Collections.Generic;
 using System.IO;
-using System.Reflection;
 
 using NUnit.Framework;
 
@@ -315,8 +315,8 @@ namespace Org.BouncyCastle.Tests.Nist
 			ISet trustedSet = new HashSet();
 			trustedSet.Add(GetTrustAnchor(trustAnchor));
 
-			IList x509Certs = new ArrayList();
-			IList x509Crls = new ArrayList();
+			var x509Certs = new List<X509Certificate>();
+			var x509Crls = new List<X509Crl>();
 			X509Certificate endCert = LoadCert(certs[certs.Length - 1]);
 
 			for (int i = 0; i != certs.Length - 1; i++)
@@ -333,18 +333,14 @@ namespace Org.BouncyCastle.Tests.Nist
 				x509Crls.Add(LoadCrl(crls[i]));
 			}
 
-			IX509Store x509CertStore = X509StoreFactory.Create(
-				"Certificate/Collection",
-				new X509CollectionStoreParameters(x509Certs));
-			IX509Store x509CrlStore = X509StoreFactory.Create(
-				"CRL/Collection",
-				new X509CollectionStoreParameters(x509Crls));
+            var x509CertStore = CollectionUtilities.CreateStore(x509Certs);
+			var x509CrlStore = CollectionUtilities.CreateStore(x509Crls);
 
             PkixCertPathValidator validator = new PkixCertPathValidator();
 			PkixParameters parameters = new PkixParameters(trustedSet);
 
-			parameters.AddStore(x509CertStore);
-			parameters.AddStore(x509CrlStore);
+			parameters.AddStoreCert(x509CertStore);
+			parameters.AddStoreCrl(x509CrlStore);
 			parameters.IsRevocationEnabled = true;
 
 			if (policies != null)
@@ -370,8 +366,8 @@ namespace Org.BouncyCastle.Tests.Nist
             ISet trustedSet = new HashSet();
             trustedSet.Add(GetTrustAnchor(trustAnchor));
 
-            IList x509Certs = new ArrayList();
-            IList x509Crls = new ArrayList();
+            var x509Certs = new List<X509Certificate>();
+            var x509Crls = new List<X509Crl>();
             X509Certificate endCert = LoadCert(certs[certs.Length - 1]);
 
             for (int i = 0; i != certs.Length - 1; i++)
@@ -386,12 +382,8 @@ namespace Org.BouncyCastle.Tests.Nist
                 x509Crls.Add(LoadCrl(crls[i]));
             }
 
-            IX509Store x509CertStore = X509StoreFactory.Create(
-                "Certificate/Collection",
-                new X509CollectionStoreParameters(x509Certs));
-            IX509Store x509CrlStore = X509StoreFactory.Create(
-                "CRL/Collection",
-                new X509CollectionStoreParameters(x509Crls));
+            var x509CertStore = CollectionUtilities.CreateStore(x509Certs);
+            var x509CrlStore = CollectionUtilities.CreateStore(x509Crls);
 
             PkixCertPathBuilder builder = new PkixCertPathBuilder();
 
@@ -415,8 +407,8 @@ namespace Org.BouncyCastle.Tests.Nist
                 builderParams.IsAnyPolicyInhibited = anyPolicyInhibited;
             }
 
-            builderParams.AddStore(x509CertStore);
-            builderParams.AddStore(x509CrlStore);
+            builderParams.AddStoreCert(x509CertStore);
+            builderParams.AddStoreCrl(x509CrlStore);
 
             // Perform validation as of this date since test certs expired
             builderParams.Date = new DateTimeObject(DateTime.Parse("1/1/2011"));
diff --git a/crypto/test/src/tsp/test/NewTspTest.cs b/crypto/test/src/tsp/test/NewTspTest.cs
index a1e4934f3..3bcc73aa5 100644
--- a/crypto/test/src/tsp/test/NewTspTest.cs
+++ b/crypto/test/src/tsp/test/NewTspTest.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Collections;
+using System.Collections.Generic;
 using System.IO;
 
 using NUnit.Framework;
@@ -16,10 +17,10 @@ using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Crypto.Operators;
 using Org.BouncyCastle.Math;
 using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
 using Org.BouncyCastle.Utilities.Date;
 using Org.BouncyCastle.Utilities.Test;
 using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
 
 namespace Org.BouncyCastle.Tsp.Tests
 {
@@ -40,13 +41,11 @@ namespace Org.BouncyCastle.Tsp.Tests
 
 			X509Certificate cert = TspTestUtil.MakeCertificate(origKP, origDN, signKP, signDN);
 
-			IList certList = new ArrayList();
+			var certList = new List<X509Certificate>();
 			certList.Add(cert);
 			certList.Add(signCert);
 
-			IX509Store certs = X509StoreFactory.Create(
-				"Certificate/Collection",
-				new X509CollectionStoreParameters(certList));
+			var certs = CollectionUtilities.CreateStore(certList);
 
 			basicTest(origKP.Private, cert, certs);
 			resolutionTest(origKP.Private, cert, certs, Resolution.R_SECONDS, "19700101000009Z");
@@ -70,13 +69,14 @@ namespace Org.BouncyCastle.Tsp.Tests
 			additionalExtensionTest(origKP.Private, cert, certs);
 		}
 
-        private void additionalExtensionTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+        private void additionalExtensionTest(AsymmetricKeyParameter privateKey, X509Certificate cert,
+			IStore<X509Certificate> certs)
         {
 			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
 				 privateKey, cert, TspAlgorithms.Sha1, "1.2");
 
 			tsTokenGen.SetCertificates(certs);
-			tsTokenGen.SetTsa(new Asn1.X509.GeneralName(new X509Name("CN=Test")));
+			tsTokenGen.SetTsa(new GeneralName(new X509Name("CN=Test")));
 
 			TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
 			TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100));
@@ -105,12 +105,9 @@ namespace Org.BouncyCastle.Tsp.Tests
 
 			X509Extension left = new X509Extension(DerBoolean.False, new DerOctetString( new DerUtf8String("Test").GetEncoded()));
 			Assert.True(left.Equals (ext.GetExtension(X509Extensions.AuditIdentity)));
-
-
-
 		}
 
-		private void extensionTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+		private void extensionTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
         {
 			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
 				 privateKey, cert, TspAlgorithms.Sha1, "1.2");
@@ -190,7 +187,7 @@ namespace Org.BouncyCastle.Tsp.Tests
 			Assert.NotNull(table[PkcsObjectIdentifiers.IdAASigningCertificate], "no signingCertificate attribute found");
 		}
 
-		private void testNoNonse(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+		private void testNoNonse(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
         {
 			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
 				privateKey, cert, TspAlgorithms.MD5, "1.2.3");
@@ -237,16 +234,14 @@ namespace Org.BouncyCastle.Tsp.Tests
 			//
 			// test certReq
 			//
-			IX509Store store = tsToken.GetCertificates();
+			IStore<X509Certificate> store = tsToken.GetCertificates();
 
-			ICollection certificates = store.GetMatches(null);
+			var certificates = new List<X509Certificate>(store.EnumerateMatches(null));
 
 			Assert.IsTrue(0 == certificates.Count);
-
-
 		}
 
-		private void testAccuracyWithCertsAndOrdering(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+		private void testAccuracyWithCertsAndOrdering(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
         {
 			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
 				privateKey, cert, TspAlgorithms.MD5, "1.2.3");
@@ -293,15 +288,15 @@ namespace Org.BouncyCastle.Tsp.Tests
 
 			Assert.IsTrue("1.2.3" == tstInfo.Policy);
 
-			IX509Store store = tsToken.GetCertificates();
+			IStore<X509Certificate> store = tsToken.GetCertificates();
 
-			ICollection certificates = store.GetMatches(null);
+			var certificates = new List<X509Certificate>(store.EnumerateMatches(null));
 
 			Assert.IsTrue(2 == certificates.Count);
 
 		}
 
-		private void testAccuracyZeroCerts(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+		private void testAccuracyZeroCerts(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
         {
 			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
 			  privateKey, cert, TspAlgorithms.MD5, "1.2");
@@ -338,14 +333,14 @@ namespace Org.BouncyCastle.Tsp.Tests
 
 			Assert.IsTrue("1.2" == tstInfo.Policy);
 
-			IX509Store store = tsToken.GetCertificates();
+			IStore<X509Certificate> store = tsToken.GetCertificates();
 
-			ICollection certificates = store.GetMatches(null);
+			var certificates = new List<X509Certificate>(store.EnumerateMatches(null));
 
 			Assert.IsTrue(0 == certificates.Count);
 		}
 
-        private void certReqTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+        private void certReqTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
         {
 			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
 			  privateKey, cert, TspAlgorithms.MD5, "1.2");
@@ -379,8 +374,9 @@ namespace Org.BouncyCastle.Tsp.Tests
 				Assert.Fail("certReq(false) verification of token failed.");
 			}
 
-			IX509Store store = tsToken.GetCertificates();
-			ICollection certsColl = store.GetMatches(null);
+			IStore<X509Certificate> store = tsToken.GetCertificates();
+
+			var certsColl = new List<X509Certificate>(store.EnumerateMatches(null));
 
 			if (certsColl.Count > 0)
 			{
@@ -388,7 +384,7 @@ namespace Org.BouncyCastle.Tsp.Tests
 			}
 		}
 
-		private void tokenEncodingTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+		private void tokenEncodingTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
         {
 			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
 				 privateKey, cert, TspAlgorithms.Sha1, "1.2.3.4.5.6");
@@ -415,7 +411,7 @@ namespace Org.BouncyCastle.Tsp.Tests
 			}
 		}
 
-		private void badPolicyTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+		private void badPolicyTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
         {
 			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
 				  privateKey, cert, TspAlgorithms.Sha1, "1.2");
@@ -455,7 +451,7 @@ namespace Org.BouncyCastle.Tsp.Tests
 
 		}
 
-		private void timeNotAvailableTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+		private void timeNotAvailableTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
         {
 			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
 				   privateKey, cert, TspAlgorithms.Sha1, "1.2");
@@ -500,7 +496,7 @@ namespace Org.BouncyCastle.Tsp.Tests
 			}
 		}
 
-        private void badAlgorithmTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+        private void badAlgorithmTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
         {
 			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
 				   privateKey, cert, TspAlgorithms.Sha1, "1.2");
@@ -536,7 +532,7 @@ namespace Org.BouncyCastle.Tsp.Tests
 			}
 		}
 
-		private void incorrectHashTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+		private void incorrectHashTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
         {
 			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
 				  privateKey, cert, TspAlgorithms.Sha1, "1.2");
@@ -569,7 +565,7 @@ namespace Org.BouncyCastle.Tsp.Tests
 
 		}
 
-        private void responseValidationTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+        private void responseValidationTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
         {
 			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
 				 privateKey, cert, TspAlgorithms.MD5, "1.2");
@@ -632,7 +628,7 @@ namespace Org.BouncyCastle.Tsp.Tests
 
 		}
 
-		private void overrideAttrsTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+		private void overrideAttrsTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
 		{
 			SignerInfoGeneratorBuilder signerInfoGenBuilder = new SignerInfoGeneratorBuilder();
 
@@ -721,13 +717,13 @@ namespace Org.BouncyCastle.Tsp.Tests
 
 
 
-		private void basicTestWithTSA(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+		private void basicTestWithTSA(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
 		{
 			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
 				 privateKey, cert, TspAlgorithms.Sha1, "1.2");
 
 			tsTokenGen.SetCertificates(certs);
-			tsTokenGen.SetTsa(new Asn1.X509.GeneralName(new X509Name("CN=Test")));
+			tsTokenGen.SetTsa(new GeneralName(new X509Name("CN=Test")));
 
 			TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
 			TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100));
@@ -748,7 +744,7 @@ namespace Org.BouncyCastle.Tsp.Tests
 
 		}
 
-		private void basicSha256Test(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
+		private void basicSha256Test(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
 		{
 			SignerInfoGenerator sInfoGenerator = makeInfoGenerator(privateKey, cert, TspAlgorithms.Sha256, null, null);
             TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
@@ -791,7 +787,8 @@ namespace Org.BouncyCastle.Tsp.Tests
 			Assert.IsTrue(Arrays.AreEqual(certHash, sigCertV2.GetCerts()[0].GetCertHash()));
 		}
 
-		private void resolutionTest(AsymmetricKeyParameter privateKey, X509.X509Certificate cert, IX509Store certs, Resolution resoution, string timeString)
+		private void resolutionTest(AsymmetricKeyParameter privateKey, X509Certificate cert,
+			IStore<X509Certificate> certs, Resolution resoution, string timeString)
 		{
 			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
 			 privateKey, cert, TspAlgorithms.Sha1, "1.2");
@@ -830,11 +827,9 @@ namespace Org.BouncyCastle.Tsp.Tests
 				tsToken = tsResp.TimeStampToken;
 				Assert.AreEqual("19700101000009.9Z", tsToken.TimeStampInfo.TstInfo.GenTime.TimeString);
 			}
-
-
 		}
 
-		private void basicTest(AsymmetricKeyParameter privateKey, X509.X509Certificate cert, IX509Store certs)
+		private void basicTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IStore<X509Certificate> certs)
 		{
 			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
 				 privateKey, cert, TspAlgorithms.Sha1, "1.2");
diff --git a/crypto/test/src/tsp/test/ParseTest.cs b/crypto/test/src/tsp/test/ParseTest.cs
index e9489a278..f94beb90f 100644
--- a/crypto/test/src/tsp/test/ParseTest.cs
+++ b/crypto/test/src/tsp/test/ParseTest.cs
@@ -1,6 +1,5 @@
 using System;
-using System.Collections;
-using System.IO;
+using System.Collections.Generic;
 
 using NUnit.Framework;
 
@@ -8,7 +7,6 @@ using Org.BouncyCastle.Asn1.Cmp;
 using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.Utilities.Encoders;
 using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
 
 namespace Org.BouncyCastle.Tsp.Tests
 {
@@ -375,9 +373,8 @@ namespace Org.BouncyCastle.Tsp.Tests
 		{
 			TimeStampResponse response = new TimeStampResponse(encoded);
 
-			IX509Store store = response.TimeStampToken.GetCertificates("Collection");
-			X509Certificate cert = (X509Certificate)
-				new ArrayList(store.GetMatches(response.TimeStampToken.SignerID))[0];
+			var store = response.TimeStampToken.GetCertificates();
+			var cert = new List<X509Certificate>(store.EnumerateMatches(response.TimeStampToken.SignerID))[0];
 
 			response.TimeStampToken.Validate(cert);
 		}
diff --git a/crypto/test/src/tsp/test/TSPTest.cs b/crypto/test/src/tsp/test/TSPTest.cs
index 4a4f2e28f..3f2eed10b 100644
--- a/crypto/test/src/tsp/test/TSPTest.cs
+++ b/crypto/test/src/tsp/test/TSPTest.cs
@@ -1,22 +1,22 @@
 using System;
 using System.Collections;
+using System.Collections.Generic;
 
 using NUnit.Framework;
+
 using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Cmp;
 using Org.BouncyCastle.Asn1.Cms;
 using Org.BouncyCastle.Asn1.Ess;
 using Org.BouncyCastle.Asn1.Nist;
-using Org.BouncyCastle.Asn1.Oiw;
 using Org.BouncyCastle.Asn1.Pkcs;
 using Org.BouncyCastle.Cms;
 using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Crypto.Operators;
-using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Math;
 using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
 using Org.BouncyCastle.X509;
-using Org.BouncyCastle.X509.Store;
 
 namespace Org.BouncyCastle.Tsp.Tests
 {
@@ -25,9 +25,7 @@ namespace Org.BouncyCastle.Tsp.Tests
 	{
 		private static AsymmetricKeyParameter privateKey;
 		private static X509Certificate cert;
-		private static IX509Store certs;
-		
-		
+		private static IStore<X509Certificate> certs;
 
 		static TspTest()
 		{
@@ -44,13 +42,11 @@ namespace Org.BouncyCastle.Tsp.Tests
 
 			cert = TspTestUtil.MakeCertificate(origKP, origDN, signKP, signDN);
 
-			IList certList = new ArrayList();
+			var certList = new List<X509Certificate>();
 			certList.Add(cert);
 			certList.Add(signCert);
 
-			certs = X509StoreFactory.Create(
-				"Certificate/Collection",
-				new X509CollectionStoreParameters(certList));
+			certs = CollectionUtilities.CreateStore(certList);
 		}
 
 		[Test]
@@ -391,9 +387,9 @@ namespace Org.BouncyCastle.Tsp.Tests
 				Assert.Fail("certReq(false) verification of token failed.");
 			}
 
-			IX509Store respCerts = tsToken.GetCertificates("Collection");
+			IStore<X509Certificate> respCerts = tsToken.GetCertificates();
 
-			ICollection certsColl = respCerts.GetMatches(null);
+			var certsColl = new List<X509Certificate>(respCerts.EnumerateMatches(null));
 
 			if (certsColl.Count != 0)
 			{
@@ -477,9 +473,9 @@ namespace Org.BouncyCastle.Tsp.Tests
 			//
 			// test certReq
 			//
-			IX509Store store = tsToken.GetCertificates("Collection");
+			IStore<X509Certificate> store = tsToken.GetCertificates();
 
-			ICollection certificates = store.GetMatches(null);
+			var certificates = new List<X509Certificate>(store.EnumerateMatches(null));
 
 			Assert.AreEqual(0, certificates.Count);
 		}
@@ -546,9 +542,9 @@ namespace Org.BouncyCastle.Tsp.Tests
 			//
 			// test certReq
 			//
-			IX509Store store = tsToken.GetCertificates("Collection");
+			IStore<X509Certificate> store = tsToken.GetCertificates();
 
-			ICollection certificates = store.GetMatches(null);
+			var certificates = new List<X509Certificate>(store.EnumerateMatches(null));
 
 			Assert.AreEqual(2, certificates.Count);
 		}
@@ -604,9 +600,9 @@ namespace Org.BouncyCastle.Tsp.Tests
 			//
 			// test certReq
 			//
-			IX509Store store = tsToken.GetCertificates("Collection");
+			IStore<X509Certificate> store = tsToken.GetCertificates();
 
-			ICollection certificates = store.GetMatches(null);
+			var certificates = new List<X509Certificate>(store.EnumerateMatches(null));
 
 			Assert.AreEqual(0, certificates.Count);
 		}