From 558aef70537b3882e5616e9d0e7b40d971e2dd42 Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Sat, 28 Jan 2023 18:57:30 +0700 Subject: Misc. cleanup after bc-fips-csharp updates --- crypto/src/asn1/cmp/PKIFreeText.cs | 10 ++-- crypto/src/asn1/x509/CertificateList.cs | 23 ++++----- crypto/src/asn1/x509/X509CertificateStructure.cs | 11 ++--- crypto/src/bcpg/ArmoredInputStream.cs | 6 +-- crypto/src/cmp/ProtectedPkiMessage.cs | 9 +--- crypto/src/cmp/ProtectedPkiMessageBuilder.cs | 11 +++-- crypto/src/cms/CMSSignedHelper.cs | 54 ++++++++++++++-------- crypto/src/cms/SignerInformationStore.cs | 19 ++++---- crypto/src/pkix/CertStatus.cs | 2 +- crypto/src/pkix/PkixCertPathBuilderResult.cs | 24 +++------- crypto/src/pkix/PkixCertPathValidatorResult.cs | 17 ++----- crypto/src/pkix/PkixNameConstraintValidator.cs | 5 +- crypto/src/pkix/PkixParameters.cs | 9 ++-- crypto/src/tls/TlsClientProtocol.cs | 3 +- crypto/src/tls/TlsExtensionsUtilities.cs | 5 +- crypto/src/tls/TlsUtilities.cs | 4 +- crypto/src/tls/crypto/impl/AbstractTlsCrypto.cs | 10 ++-- .../impl/bc/BcDefaultTlsCredentialedAgreement.cs | 2 +- .../impl/bc/BcDefaultTlsCredentialedDecryptor.cs | 2 +- .../impl/bc/BcDefaultTlsCredentialedSigner.cs | 2 +- crypto/src/tls/crypto/impl/bc/BcTlsSecret.cs | 12 ++--- crypto/src/x509/AttributeCertificateHolder.cs | 36 +++++++-------- crypto/src/x509/AttributeCertificateIssuer.cs | 15 ++---- crypto/src/x509/X509Certificate.cs | 7 ++- crypto/src/x509/X509Crl.cs | 6 +-- crypto/src/x509/X509CrlEntry.cs | 2 +- crypto/src/x509/X509V2CRLGenerator.cs | 1 - 27 files changed, 137 insertions(+), 170 deletions(-) diff --git a/crypto/src/asn1/cmp/PKIFreeText.cs b/crypto/src/asn1/cmp/PKIFreeText.cs index f3a4b8a81..f4d7e0967 100644 --- a/crypto/src/asn1/cmp/PKIFreeText.cs +++ b/crypto/src/asn1/cmp/PKIFreeText.cs @@ -7,13 +7,11 @@ namespace Org.BouncyCastle.Asn1.Cmp { public static PkiFreeText GetInstance(object obj) { + if (obj == null) + return null; if (obj is PkiFreeText pkiFreeText) return pkiFreeText; - - if (obj != null) - return new PkiFreeText(Asn1Sequence.GetInstance(obj)); - - return null; + return new PkiFreeText(Asn1Sequence.GetInstance(obj)); } public static PkiFreeText GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) @@ -21,7 +19,7 @@ namespace Org.BouncyCastle.Asn1.Cmp return GetInstance(Asn1Sequence.GetInstance(taggedObject, declaredExplicit)); } - internal Asn1Sequence m_strings; + private readonly Asn1Sequence m_strings; internal PkiFreeText(Asn1Sequence seq) { diff --git a/crypto/src/asn1/x509/CertificateList.cs b/crypto/src/asn1/x509/CertificateList.cs index 3d5d2e557..5d73cf411 100644 --- a/crypto/src/asn1/x509/CertificateList.cs +++ b/crypto/src/asn1/x509/CertificateList.cs @@ -23,26 +23,21 @@ namespace Org.BouncyCastle.Asn1.X509 private readonly AlgorithmIdentifier sigAlgID; private readonly DerBitString sig; - public static CertificateList GetInstance( - Asn1TaggedObject obj, - bool explicitly) + public static CertificateList GetInstance(Asn1TaggedObject obj, bool explicitly) { return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); } - public static CertificateList GetInstance( - object obj) + public static CertificateList GetInstance(object obj) { - if (obj is CertificateList) - return (CertificateList) obj; - - if (obj != null) - return new CertificateList(Asn1Sequence.GetInstance(obj)); - - return null; - } + if (obj == null) + return null; + if (obj is CertificateList certificateList) + return certificateList; + return new CertificateList(Asn1Sequence.GetInstance(obj)); + } - private CertificateList( + private CertificateList( Asn1Sequence seq) { if (seq.Count != 3) diff --git a/crypto/src/asn1/x509/X509CertificateStructure.cs b/crypto/src/asn1/x509/X509CertificateStructure.cs index 6e7c85de6..5394b2be3 100644 --- a/crypto/src/asn1/x509/X509CertificateStructure.cs +++ b/crypto/src/asn1/x509/X509CertificateStructure.cs @@ -21,20 +21,17 @@ namespace Org.BouncyCastle.Asn1.X509 private readonly AlgorithmIdentifier sigAlgID; private readonly DerBitString sig; - public static X509CertificateStructure GetInstance( - Asn1TaggedObject obj, - bool explicitly) + public static X509CertificateStructure GetInstance(Asn1TaggedObject obj, bool explicitly) { return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); } - public static X509CertificateStructure GetInstance( - object obj) + public static X509CertificateStructure GetInstance(object obj) { - if (obj is X509CertificateStructure) - return (X509CertificateStructure)obj; if (obj == null) return null; + if (obj is X509CertificateStructure x509CertificateStructure) + return x509CertificateStructure; return new X509CertificateStructure(Asn1Sequence.GetInstance(obj)); } diff --git a/crypto/src/bcpg/ArmoredInputStream.cs b/crypto/src/bcpg/ArmoredInputStream.cs index 7bd7b5c04..348f0bc32 100644 --- a/crypto/src/bcpg/ArmoredInputStream.cs +++ b/crypto/src/bcpg/ArmoredInputStream.cs @@ -243,7 +243,7 @@ namespace Org.BouncyCastle.Bcpg if (headerList.Count > 0) { - header = (string)headerList[0]; + header = headerList[0]; } clearText = "-----BEGIN PGP SIGNED MESSAGE-----".Equals(header); @@ -290,7 +290,7 @@ namespace Org.BouncyCastle.Bcpg string[] hdrs = new string[headerList.Count - 1]; for (int i = 0; i != hdrs.Length; i++) { - hdrs[i] = (string)headerList[i + 1]; + hdrs[i] = headerList[i + 1]; } return hdrs; @@ -303,7 +303,7 @@ namespace Org.BouncyCastle.Bcpg { c = input.ReadByte(); } - while (c == ' ' || c == '\t' || c == '\f' || c == '\u000B') ; // \u000B ~ \v + while (c == ' ' || c == '\t' || c == '\f' || c == '\u000B'); // \u000B ~ \v if (c >= 128) throw new IOException("invalid armor"); diff --git a/crypto/src/cmp/ProtectedPkiMessage.cs b/crypto/src/cmp/ProtectedPkiMessage.cs index df4c45143..8bc9e4f4d 100644 --- a/crypto/src/cmp/ProtectedPkiMessage.cs +++ b/crypto/src/cmp/ProtectedPkiMessage.cs @@ -137,14 +137,9 @@ namespace Org.BouncyCastle.Cmp private TResult Process(IStreamCalculator streamCalculator) { - Asn1EncodableVector avec = new Asn1EncodableVector(); - avec.Add(m_pkiMessage.Header); - avec.Add(m_pkiMessage.Body); - byte[] enc = new DerSequence(avec).GetDerEncoded(); - - using (var stream = streamCalculator.Stream) + using (var s = streamCalculator.Stream) { - stream.Write(enc, 0, enc.Length); + new DerSequence(m_pkiMessage.Header, m_pkiMessage.Body).EncodeTo(s, Asn1Encodable.Der); } return streamCalculator.GetResult(); diff --git a/crypto/src/cmp/ProtectedPkiMessageBuilder.cs b/crypto/src/cmp/ProtectedPkiMessageBuilder.cs index 505747960..508b00ff5 100644 --- a/crypto/src/cmp/ProtectedPkiMessageBuilder.cs +++ b/crypto/src/cmp/ProtectedPkiMessageBuilder.cs @@ -3,7 +3,6 @@ using System.Collections.Generic; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cmp; -using Org.BouncyCastle.Asn1.Cms; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.X509; @@ -98,7 +97,7 @@ namespace Org.BouncyCastle.Cmp if (null == body) throw new InvalidOperationException("body must be set before building"); - IStreamCalculator calculator = signatureFactory.CreateCalculator(); + var calculator = signatureFactory.CreateCalculator(); if (!(signatureFactory.AlgorithmDetails is AlgorithmIdentifier algorithmDetails)) throw new ArgumentException("AlgorithmDetails is not AlgorithmIdentifier"); @@ -114,7 +113,7 @@ namespace Org.BouncyCastle.Cmp if (null == body) throw new InvalidOperationException("body must be set before building"); - IStreamCalculator calculator = macFactory.CreateCalculator(); + var calculator = macFactory.CreateCalculator(); if (!(macFactory.AlgorithmDetails is AlgorithmIdentifier algorithmDetails)) throw new ArgumentException("AlgorithmDetails is not AlgorithmIdentifier"); @@ -150,7 +149,11 @@ namespace Org.BouncyCastle.Cmp private byte[] CalculateSignature(IStreamCalculator signer, PkiHeader header, PkiBody body) { - new DerSequence(header, body).EncodeTo(signer.Stream); + using (var s = signer.Stream) + { + new DerSequence(header, body).EncodeTo(s); + } + return signer.GetResult().Collect(); } } diff --git a/crypto/src/cms/CMSSignedHelper.cs b/crypto/src/cms/CMSSignedHelper.cs index 9db39549b..37fefe140 100644 --- a/crypto/src/cms/CMSSignedHelper.cs +++ b/crypto/src/cms/CMSSignedHelper.cs @@ -35,7 +35,7 @@ namespace Org.BouncyCastle.Cms private static readonly IDictionary m_digestAlgs = new Dictionary(); private static readonly IDictionary m_digestAliases = new Dictionary(); - private static readonly HashSet noParams = new HashSet(); + private static readonly HashSet m_noParams = new HashSet(); private static readonly IDictionary m_ecAlgorithms = new Dictionary(); private static void AddEntries(DerObjectIdentifier oid, string digest, string encryption) @@ -130,13 +130,13 @@ namespace Org.BouncyCastle.Cms m_digestAliases.Add("SHA384", new string[]{ "SHA-384" }); m_digestAliases.Add("SHA512", new string[]{ "SHA-512" }); - noParams.Add(CmsSignedGenerator.EncryptionDsa); - //noParams.Add(EncryptionECDsa); - noParams.Add(EncryptionECDsaWithSha1); - noParams.Add(EncryptionECDsaWithSha224); - noParams.Add(EncryptionECDsaWithSha256); - noParams.Add(EncryptionECDsaWithSha384); - noParams.Add(EncryptionECDsaWithSha512); + m_noParams.Add(CmsSignedGenerator.EncryptionDsa); + //m_noParams.Add(EncryptionECDsa); + m_noParams.Add(EncryptionECDsaWithSha1); + m_noParams.Add(EncryptionECDsaWithSha224); + m_noParams.Add(EncryptionECDsaWithSha256); + m_noParams.Add(EncryptionECDsaWithSha384); + m_noParams.Add(EncryptionECDsaWithSha512); m_ecAlgorithms.Add(CmsSignedGenerator.DigestSha1, EncryptionECDsaWithSha1); m_ecAlgorithms.Add(CmsSignedGenerator.DigestSha224, EncryptionECDsaWithSha224); @@ -151,13 +151,13 @@ namespace Org.BouncyCastle.Cms */ internal string GetDigestAlgName(string digestAlgOid) { - return m_digestAlgs.TryGetValue(digestAlgOid, out var algName) ? algName : digestAlgOid; + return CollectionUtilities.GetValueOrKey(m_digestAlgs, digestAlgOid); } - internal AlgorithmIdentifier GetEncAlgorithmIdentifier(DerObjectIdentifier encOid, + internal AlgorithmIdentifier GetEncAlgorithmIdentifier(DerObjectIdentifier encOid, Asn1Encodable sigX509Parameters) { - if (noParams.Contains(encOid.Id)) + if (m_noParams.Contains(encOid.Id)) { return new AlgorithmIdentifier(encOid); } @@ -177,10 +177,10 @@ namespace Org.BouncyCastle.Cms */ internal string GetEncryptionAlgName(string encryptionAlgOid) { - return m_encryptionAlgs.TryGetValue(encryptionAlgOid, out var algName) ? algName : encryptionAlgOid; + return CollectionUtilities.GetValueOrKey(m_encryptionAlgs, encryptionAlgOid); } - internal IDigest GetDigestInstance( + internal IDigest GetDigestInstance( string algorithm) { try @@ -326,10 +326,17 @@ namespace Org.BouncyCastle.Cms { foreach (Asn1Encodable ae in certSet) { - if (ae != null && ae.ToAsn1Object() is Asn1Sequence s) + if (ae == null) + continue; + + if (ae is X509CertificateStructure c) { - contents.Add(new X509Certificate(X509CertificateStructure.GetInstance(s))); - } + contents.Add(new X509Certificate(c)); + } + else if (ae.ToAsn1Object() is Asn1Sequence s) + { + contents.Add(new X509Certificate(X509CertificateStructure.GetInstance(s))); + } } } return CollectionUtilities.CreateStore(contents); @@ -342,10 +349,17 @@ namespace Org.BouncyCastle.Cms { foreach (Asn1Encodable ae in crlSet) { - if (ae != null && ae.ToAsn1Object() is Asn1Sequence s) - { - contents.Add(new X509Crl(CertificateList.GetInstance(s))); - } + if (ae == null) + continue; + + if (ae is CertificateList c) + { + contents.Add(new X509Crl(c)); + } + else if (ae.ToAsn1Object() is Asn1Sequence s) + { + contents.Add(new X509Crl(CertificateList.GetInstance(s))); + } } } return CollectionUtilities.CreateStore(contents); diff --git a/crypto/src/cms/SignerInformationStore.cs b/crypto/src/cms/SignerInformationStore.cs index 7fa3ef678..bc21f9d39 100644 --- a/crypto/src/cms/SignerInformationStore.cs +++ b/crypto/src/cms/SignerInformationStore.cs @@ -5,7 +5,7 @@ namespace Org.BouncyCastle.Cms { public class SignerInformationStore { - private readonly IList all; + private readonly IList m_all; private readonly IDictionary> m_table = new Dictionary>(); @@ -16,12 +16,12 @@ namespace Org.BouncyCastle.Cms */ public SignerInformationStore(SignerInformation signerInfo) { - this.all = new List(1); - this.all.Add(signerInfo); + m_all = new List(1); + m_all.Add(signerInfo); SignerID sid = signerInfo.SignerID; - m_table[sid] = all; + m_table[sid] = m_all; } /** @@ -31,19 +31,20 @@ namespace Org.BouncyCastle.Cms */ public SignerInformationStore(IEnumerable signerInfos) { + m_all = new List(signerInfos); + foreach (SignerInformation signer in signerInfos) { SignerID sid = signer.SignerID; if (!m_table.TryGetValue(sid, out var list)) { - m_table[sid] = list = new List(1); + list = new List(1); + m_table[sid] = list; } list.Add(signer); } - - this.all = new List(signerInfos); } /** @@ -64,13 +65,13 @@ namespace Org.BouncyCastle.Cms /// The number of signers in the collection. public int Count { - get { return all.Count; } + get { return m_all.Count; } } /// An ICollection of all signers in the collection public IList GetSigners() { - return new List(all); + return new List(m_all); } /** diff --git a/crypto/src/pkix/CertStatus.cs b/crypto/src/pkix/CertStatus.cs index aff1b1857..4fe98998c 100644 --- a/crypto/src/pkix/CertStatus.cs +++ b/crypto/src/pkix/CertStatus.cs @@ -15,7 +15,7 @@ namespace Org.BouncyCastle.Pkix /// /// Returns the revocationDate. /// - public DateTime? RevocationDate + public DateTime? RevocationDate { get { return revocationDate; } set { this.revocationDate = value; } diff --git a/crypto/src/pkix/PkixCertPathBuilderResult.cs b/crypto/src/pkix/PkixCertPathBuilderResult.cs index a9dfc6722..6494f9b7b 100644 --- a/crypto/src/pkix/PkixCertPathBuilderResult.cs +++ b/crypto/src/pkix/PkixCertPathBuilderResult.cs @@ -2,32 +2,22 @@ using System; using System.Text; using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Pkix; namespace Org.BouncyCastle.Pkix { - /// - /// Summary description for PkixCertPathBuilderResult. - /// public class PkixCertPathBuilderResult : PkixCertPathValidatorResult//, ICertPathBuilderResult { private PkixCertPath certPath; - - public PkixCertPathBuilderResult( - PkixCertPath certPath, - TrustAnchor trustAnchor, - PkixPolicyNode policyTree, - AsymmetricKeyParameter subjectPublicKey) - : base(trustAnchor, policyTree, subjectPublicKey) - { - if (certPath == null) - throw new ArgumentNullException("certPath"); - this.certPath = certPath; - } + public PkixCertPathBuilderResult(PkixCertPath certPath, TrustAnchor trustAnchor, PkixPolicyNode policyTree, + AsymmetricKeyParameter subjectPublicKey) + : base(trustAnchor, policyTree, subjectPublicKey) + { + this.certPath = certPath ?? throw new ArgumentNullException(nameof(certPath)); + } - public PkixCertPath CertPath + public PkixCertPath CertPath { get { return certPath; } } diff --git a/crypto/src/pkix/PkixCertPathValidatorResult.cs b/crypto/src/pkix/PkixCertPathValidatorResult.cs index 07cb350c1..b89ec9d53 100644 --- a/crypto/src/pkix/PkixCertPathValidatorResult.cs +++ b/crypto/src/pkix/PkixCertPathValidatorResult.cs @@ -2,13 +2,9 @@ using System; using System.Text; using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Security; namespace Org.BouncyCastle.Pkix { - /// - /// Summary description for PkixCertPathValidatorResult. - /// public class PkixCertPathValidatorResult //: ICertPathValidatorResult { @@ -34,15 +30,10 @@ namespace Org.BouncyCastle.Pkix public PkixCertPathValidatorResult(TrustAnchor trustAnchor, PkixPolicyNode policyTree, AsymmetricKeyParameter subjectPublicKey) { - if (trustAnchor == null) - throw new ArgumentNullException(nameof(trustAnchor)); - if (subjectPublicKey == null) - throw new ArgumentNullException(nameof(subjectPublicKey)); - - this.trustAnchor = trustAnchor; - this.policyTree = policyTree; - this.subjectPublicKey = subjectPublicKey; - } + this.trustAnchor = trustAnchor ?? throw new ArgumentNullException(nameof(trustAnchor)); + this.policyTree = policyTree; + this.subjectPublicKey = subjectPublicKey ?? throw new ArgumentNullException(nameof(subjectPublicKey)); + } public object Clone() { diff --git a/crypto/src/pkix/PkixNameConstraintValidator.cs b/crypto/src/pkix/PkixNameConstraintValidator.cs index 840755060..879054c7f 100644 --- a/crypto/src/pkix/PkixNameConstraintValidator.cs +++ b/crypto/src/pkix/PkixNameConstraintValidator.cs @@ -1806,7 +1806,8 @@ namespace Org.BouncyCastle.Pkix public override string ToString() { - StringBuilder sb = new StringBuilder("permitted:\n"); + StringBuilder sb = new StringBuilder("permitted:"); + sb.AppendLine(); if (permittedSubtreesDN != null) { Append(sb, "DN", permittedSubtreesDN); @@ -1831,7 +1832,7 @@ namespace Org.BouncyCastle.Pkix { Append(sb, "OtherName", StringifyOtherNameCollection(permittedSubtreesOtherName)); } - sb.Append("excluded:\n"); + sb.AppendLine("excluded:"); if (excludedSubtreesDN.Count > 0) { Append(sb, "DN", excludedSubtreesDN); diff --git a/crypto/src/pkix/PkixParameters.cs b/crypto/src/pkix/PkixParameters.cs index 0eb43c000..192a78780 100644 --- a/crypto/src/pkix/PkixParameters.cs +++ b/crypto/src/pkix/PkixParameters.cs @@ -249,9 +249,11 @@ namespace Org.BouncyCastle.Pkix * @see X509CertStoreSelector * @see X509AttributeCertStoreSelector */ - public virtual void SetTargetConstraintsAttrCert(ISelector targetConstraintsAttrCert) + public virtual void SetTargetConstraintsAttrCert( + ISelector targetConstraintsAttrCert) { - this.m_targetConstraintsAttrCert = (ISelector)targetConstraintsAttrCert?.Clone(); + this.m_targetConstraintsAttrCert = (ISelector) + targetConstraintsAttrCert?.Clone(); } /** @@ -625,8 +627,7 @@ namespace Org.BouncyCastle.Pkix * * @param enabled true if additional stores are used. */ - public virtual void SetAdditionalLocationsEnabled( - bool enabled) + public virtual void SetAdditionalLocationsEnabled(bool enabled) { additionalLocationsEnabled = enabled; } diff --git a/crypto/src/tls/TlsClientProtocol.cs b/crypto/src/tls/TlsClientProtocol.cs index ec1cd28d5..6aa1acf2f 100644 --- a/crypto/src/tls/TlsClientProtocol.cs +++ b/crypto/src/tls/TlsClientProtocol.cs @@ -1001,8 +1001,7 @@ namespace Org.BouncyCastle.Tls throw new TlsFatalAlert(AlertDescription.illegal_parameter); } - TlsAgreement agreement = (TlsAgreement)m_clientAgreements[keyShareEntry.NamedGroup]; - if (null == agreement) + if (!m_clientAgreements.TryGetValue(keyShareEntry.NamedGroup, out var agreement)) throw new TlsFatalAlert(AlertDescription.illegal_parameter); agreement.ReceivePeerValue(keyShareEntry.KeyExchange); diff --git a/crypto/src/tls/TlsExtensionsUtilities.cs b/crypto/src/tls/TlsExtensionsUtilities.cs index 46d42417c..836c1b506 100644 --- a/crypto/src/tls/TlsExtensionsUtilities.cs +++ b/crypto/src/tls/TlsExtensionsUtilities.cs @@ -592,7 +592,7 @@ namespace Org.BouncyCastle.Tls // Placeholder for length TlsUtilities.WriteUint16(0, buf); - foreach (X509Name authority in authorities) + foreach (var authority in authorities) { byte[] derEncoding = authority.GetEncoded(Asn1Encodable.Der); TlsUtilities.WriteOpaque16(derEncoding, buf); @@ -736,7 +736,6 @@ namespace Org.BouncyCastle.Tls if (null != filters) { - //foreach (DerObjectIdentifier certificateExtensionOid in filters.Keys) foreach (var filter in filters) { var certificateExtensionOid = filter.Key; @@ -1020,7 +1019,7 @@ namespace Org.BouncyCastle.Tls { byte[] derEncoding = TlsUtilities.ReadOpaque16(buf, 1); Asn1Object asn1 = TlsUtilities.ReadAsn1Object(derEncoding); - X509Name ca = X509Name.GetInstance(asn1); + var ca = X509Name.GetInstance(asn1); TlsUtilities.RequireDerEncoding(ca, derEncoding); authorities.Add(ca); } diff --git a/crypto/src/tls/TlsUtilities.cs b/crypto/src/tls/TlsUtilities.cs index 4a89d6708..e2c3e3094 100644 --- a/crypto/src/tls/TlsUtilities.cs +++ b/crypto/src/tls/TlsUtilities.cs @@ -5010,7 +5010,7 @@ namespace Org.BouncyCastle.Tls { if (null != clientShares && 1 == clientShares.Count) { - KeyShareEntry clientShare = (KeyShareEntry)clientShares[0]; + KeyShareEntry clientShare = clientShares[0]; if (null != clientShare && clientShare.NamedGroup == keyShareGroup) { return clientShare; @@ -5602,7 +5602,7 @@ namespace Org.BouncyCastle.Tls int index = offeredPsks.GetIndexOfIdentity(new PskIdentity(psk.Identity, 0L)); if (index >= 0) { - byte[] binder = (byte[])offeredPsks.Binders[index]; + byte[] binder = offeredPsks.Binders[index]; TlsCrypto crypto = serverContext.Crypto; TlsSecret earlySecret = GetPskEarlySecret(crypto, psk); diff --git a/crypto/src/tls/crypto/impl/AbstractTlsCrypto.cs b/crypto/src/tls/crypto/impl/AbstractTlsCrypto.cs index a8fb26697..e29993c92 100644 --- a/crypto/src/tls/crypto/impl/AbstractTlsCrypto.cs +++ b/crypto/src/tls/crypto/impl/AbstractTlsCrypto.cs @@ -64,14 +64,10 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl public virtual TlsSecret AdoptSecret(TlsSecret secret) { // TODO[tls] Need an alternative that doesn't require AbstractTlsSecret (which holds literal data) - if (secret is AbstractTlsSecret) - { - AbstractTlsSecret sec = (AbstractTlsSecret)secret; + if (secret is AbstractTlsSecret abstractTlsSecret) + return CreateSecret(abstractTlsSecret.CopyData()); - return CreateSecret(sec.CopyData()); - } - - throw new ArgumentException("unrecognized TlsSecret - cannot copy data: " + Platform.GetTypeName(secret)); + throw new ArgumentException("unrecognized TlsSecret - cannot copy data: " + secret.GetType().FullName); } public abstract TlsHash CreateHash(int cryptoHashAlgorithm); diff --git a/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedAgreement.cs b/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedAgreement.cs index 863b96634..bca415dcf 100644 --- a/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedAgreement.cs +++ b/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedAgreement.cs @@ -39,7 +39,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC } else { - throw new ArgumentException("'privateKey' type not supported: " + Platform.GetTypeName(privateKey)); + throw new ArgumentException("'privateKey' type not supported: " + privateKey.GetType().FullName); } } diff --git a/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedDecryptor.cs b/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedDecryptor.cs index b0e9f125e..bbe9af4e6 100644 --- a/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedDecryptor.cs +++ b/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedDecryptor.cs @@ -37,7 +37,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC } else { - throw new ArgumentException("'privateKey' type not supported: " + Platform.GetTypeName(privateKey)); + throw new ArgumentException("'privateKey' type not supported: " + privateKey.GetType().FullName); } this.m_crypto = crypto; diff --git a/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedSigner.cs b/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedSigner.cs index 6db84cdd8..82bc58f96 100644 --- a/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedSigner.cs +++ b/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedSigner.cs @@ -68,7 +68,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC } else { - throw new ArgumentException("'privateKey' type not supported: " + Platform.GetTypeName(privateKey)); + throw new ArgumentException("'privateKey' type not supported: " + privateKey.GetType().FullName); } return signer; diff --git a/crypto/src/tls/crypto/impl/bc/BcTlsSecret.cs b/crypto/src/tls/crypto/impl/bc/BcTlsSecret.cs index 683806347..fdd67fc71 100644 --- a/crypto/src/tls/crypto/impl/bc/BcTlsSecret.cs +++ b/crypto/src/tls/crypto/impl/bc/BcTlsSecret.cs @@ -14,17 +14,13 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC { public static BcTlsSecret Convert(BcTlsCrypto crypto, TlsSecret secret) { - if (secret is BcTlsSecret) - return (BcTlsSecret)secret; - - if (secret is AbstractTlsSecret) - { - AbstractTlsSecret abstractTlsSecret = (AbstractTlsSecret)secret; + if (secret is BcTlsSecret bcTlsSecret) + return bcTlsSecret; + if (secret is AbstractTlsSecret abstractTlsSecret) return crypto.AdoptLocalSecret(CopyData(abstractTlsSecret)); - } - throw new ArgumentException("unrecognized TlsSecret - cannot copy data: " + Platform.GetTypeName(secret)); + throw new ArgumentException("unrecognized TlsSecret - cannot copy data: " + secret.GetType().FullName); } // SSL3 magic mix constants ("A", "BB", "CCC", ...) diff --git a/crypto/src/x509/AttributeCertificateHolder.cs b/crypto/src/x509/AttributeCertificateHolder.cs index b3cea1cfe..903886085 100644 --- a/crypto/src/x509/AttributeCertificateHolder.cs +++ b/crypto/src/x509/AttributeCertificateHolder.cs @@ -360,26 +360,26 @@ namespace Org.BouncyCastle.X509 switch (DigestedObjectType) { - case ObjectDigestInfo.PublicKey: - { - // TODO: DSA Dss-parms - - //byte[] b = x509Cert.GetPublicKey().getEncoded(); - // TODO Is this the right way to encode? - byte[] b = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo( - x509Cert.GetPublicKey()).GetEncoded(); - md.BlockUpdate(b, 0, b.Length); - break; - } + case ObjectDigestInfo.PublicKey: + { + // TODO: DSA Dss-parms + + //byte[] b = x509Cert.GetPublicKey().getEncoded(); + // TODO Is this the right way to encode? + byte[] b = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo( + x509Cert.GetPublicKey()).GetEncoded(); + md.BlockUpdate(b, 0, b.Length); + break; + } - case ObjectDigestInfo.PublicKeyCert: - { - byte[] b = x509Cert.GetEncoded(); - md.BlockUpdate(b, 0, b.Length); - break; - } + case ObjectDigestInfo.PublicKeyCert: + { + byte[] b = x509Cert.GetEncoded(); + md.BlockUpdate(b, 0, b.Length); + break; + } - // TODO Default handler? + // TODO Default handler? } // TODO Shouldn't this be the other way around? diff --git a/crypto/src/x509/AttributeCertificateIssuer.cs b/crypto/src/x509/AttributeCertificateIssuer.cs index 799a48877..b0eb65cc8 100644 --- a/crypto/src/x509/AttributeCertificateIssuer.cs +++ b/crypto/src/x509/AttributeCertificateIssuer.cs @@ -149,25 +149,18 @@ namespace Org.BouncyCastle.X509 return MatchesDN(x509Cert.SubjectDN, issuer.IssuerName); } - return MatchesDN(x509Cert.SubjectDN, (GeneralNames) form); + return MatchesDN(x509Cert.SubjectDN, (GeneralNames)form); } - public override bool Equals( - object obj) + public override bool Equals(object obj) { if (obj == this) - { return true; - } - if (!(obj is AttributeCertificateIssuer)) - { + if (!(obj is AttributeCertificateIssuer that)) return false; - } - - AttributeCertificateIssuer other = (AttributeCertificateIssuer)obj; - return this.form.Equals(other.form); + return this.form.Equals(that.form); } public override int GetHashCode() diff --git a/crypto/src/x509/X509Certificate.cs b/crypto/src/x509/X509Certificate.cs index db6966a0f..e69aca1ce 100644 --- a/crypto/src/x509/X509Certificate.cs +++ b/crypto/src/x509/X509Certificate.cs @@ -339,7 +339,6 @@ namespace Org.BouncyCastle.X509 return Arrays.Clone(keyUsage); } - // TODO Replace with something that returns a list of DerObjectIdentifier public virtual IList GetExtendedKeyUsage() { Asn1OctetString str = GetExtensionValue(X509Extensions.ExtendedKeyUsage); @@ -576,12 +575,12 @@ namespace Org.BouncyCastle.X509 buf.Append(" Signature Algorithm: ").Append(this.SigAlgName).AppendLine(); byte[] sig = this.GetSignature(); - buf.Append(" Signature: ").Append(Hex.ToHexString(sig, 0, 20)).AppendLine(); + buf.Append(" Signature: ").AppendLine(Hex.ToHexString(sig, 0, 20)); for (int i = 20; i < sig.Length; i += 20) { int len = System.Math.Min(20, sig.Length - i); - buf.Append(" ").Append(Hex.ToHexString(sig, i, len)).AppendLine(); + buf.Append(" ").AppendLine(Hex.ToHexString(sig, i, len)); } X509Extensions extensions = c.TbsCertificate.Extensions; @@ -592,7 +591,7 @@ namespace Org.BouncyCastle.X509 if (e.MoveNext()) { - buf.Append(" Extensions: \n"); + buf.AppendLine(" Extensions:"); } do diff --git a/crypto/src/x509/X509Crl.cs b/crypto/src/x509/X509Crl.cs index 027813562..a3f08a0ed 100644 --- a/crypto/src/x509/X509Crl.cs +++ b/crypto/src/x509/X509Crl.cs @@ -306,13 +306,13 @@ namespace Org.BouncyCastle.X509 byte[] sig = this.GetSignature(); buf.Append(" Signature: "); - buf.Append(Hex.ToHexString(sig, 0, 20)).AppendLine(); + buf.AppendLine(Hex.ToHexString(sig, 0, 20)); for (int i = 20; i < sig.Length; i += 20) { int count = System.Math.Min(20, sig.Length - i); buf.Append(" "); - buf.Append(Hex.ToHexString(sig, i, count)).AppendLine(); + buf.AppendLine(Hex.ToHexString(sig, i, count)); } X509Extensions extensions = c.TbsCertList.Extensions; @@ -323,7 +323,7 @@ namespace Org.BouncyCastle.X509 if (e.MoveNext()) { - buf.Append(" Extensions: ").AppendLine(); + buf.AppendLine(" Extensions:"); } do diff --git a/crypto/src/x509/X509CrlEntry.cs b/crypto/src/x509/X509CrlEntry.cs index 87fc2e37a..0c45c857d 100644 --- a/crypto/src/x509/X509CrlEntry.cs +++ b/crypto/src/x509/X509CrlEntry.cs @@ -177,7 +177,7 @@ namespace Org.BouncyCastle.X509 var e = extensions.ExtensionOids.GetEnumerator(); if (e.MoveNext()) { - buf.Append(" crlEntryExtensions:").AppendLine(); + buf.AppendLine(" crlEntryExtensions:"); do { diff --git a/crypto/src/x509/X509V2CRLGenerator.cs b/crypto/src/x509/X509V2CRLGenerator.cs index 3d8b96ad2..01d7aee4a 100644 --- a/crypto/src/x509/X509V2CRLGenerator.cs +++ b/crypto/src/x509/X509V2CRLGenerator.cs @@ -7,7 +7,6 @@ using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security.Certificates; -using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.X509 { -- cgit 1.4.1