From b0e306a328fa8815867ad3a7520b360cf83a2e5d Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Tue, 11 Apr 2023 14:46:43 +0700 Subject: Reduce internal usage of ISet --- crypto/src/asn1/x509/ExtendedKeyUsage.cs | 2 +- crypto/src/asn1/x509/X509ExtensionsGenerator.cs | 2 +- crypto/src/pkix/PkixBuilderParameters.cs | 2 +- crypto/src/pkix/PkixCertPathValidatorUtilities.cs | 10 +- crypto/src/pkix/PkixNameConstraintValidator.cs | 116 +++++++++++----------- crypto/src/pkix/Rfc3280CertPathUtilities.cs | 18 ++-- crypto/src/tsp/TSPUtil.cs | 4 +- 7 files changed, 78 insertions(+), 76 deletions(-) diff --git a/crypto/src/asn1/x509/ExtendedKeyUsage.cs b/crypto/src/asn1/x509/ExtendedKeyUsage.cs index 08962ab72..4e4c3c212 100644 --- a/crypto/src/asn1/x509/ExtendedKeyUsage.cs +++ b/crypto/src/asn1/x509/ExtendedKeyUsage.cs @@ -38,7 +38,7 @@ namespace Org.BouncyCastle.Asn1.X509 return GetInstance(X509Extensions.GetExtensionParsedValue(extensions, X509Extensions.ExtendedKeyUsage)); } - internal readonly ISet m_usageTable = new HashSet(); + internal readonly HashSet m_usageTable = new HashSet(); internal readonly Asn1Sequence seq; private ExtendedKeyUsage(Asn1Sequence seq) diff --git a/crypto/src/asn1/x509/X509ExtensionsGenerator.cs b/crypto/src/asn1/x509/X509ExtensionsGenerator.cs index 7ea6084af..02c5f6996 100644 --- a/crypto/src/asn1/x509/X509ExtensionsGenerator.cs +++ b/crypto/src/asn1/x509/X509ExtensionsGenerator.cs @@ -10,7 +10,7 @@ namespace Org.BouncyCastle.Asn1.X509 new Dictionary(); private List m_ordering = new List(); - private static readonly ISet m_dupsAllowed = new HashSet() + private static readonly HashSet m_dupsAllowed = new HashSet() { X509Extensions.SubjectAlternativeName, X509Extensions.IssuerAlternativeName, diff --git a/crypto/src/pkix/PkixBuilderParameters.cs b/crypto/src/pkix/PkixBuilderParameters.cs index 998b9550c..70d6aa479 100644 --- a/crypto/src/pkix/PkixBuilderParameters.cs +++ b/crypto/src/pkix/PkixBuilderParameters.cs @@ -17,7 +17,7 @@ namespace Org.BouncyCastle.Pkix { private int maxPathLength = 5; - private ISet excludedCerts = new HashSet(); + private HashSet excludedCerts = new HashSet(); /** * Returns an instance of PkixBuilderParameters. diff --git a/crypto/src/pkix/PkixCertPathValidatorUtilities.cs b/crypto/src/pkix/PkixCertPathValidatorUtilities.cs index 7128ab833..8d615b488 100644 --- a/crypto/src/pkix/PkixCertPathValidatorUtilities.cs +++ b/crypto/src/pkix/PkixCertPathValidatorUtilities.cs @@ -298,7 +298,7 @@ namespace Org.BouncyCastle.Pkix // policy checking // - internal static ISet GetQualifierSet(Asn1Sequence qualifiers) + internal static HashSet GetQualifierSet(Asn1Sequence qualifiers) { var pq = new HashSet(); @@ -362,7 +362,7 @@ namespace Org.BouncyCastle.Pkix } internal static void PrepareNextCertB1(int i, IList[] policyNodes, string id_p, - IDictionary> m_idp, X509Certificate cert) + IDictionary> m_idp, X509Certificate cert) { foreach (var node in policyNodes[i]) { @@ -825,7 +825,7 @@ namespace Org.BouncyCastle.Pkix * @throws Exception if an exception occurs while picking the delta * CRLs. */ - internal static ISet GetDeltaCrls(DateTime currentDate, PkixParameters pkixParameters, + internal static HashSet GetDeltaCrls(DateTime currentDate, PkixParameters pkixParameters, X509Crl completeCRL) { X509CrlStoreSelector deltaSelect = new X509CrlStoreSelector(); @@ -952,7 +952,7 @@ namespace Org.BouncyCastle.Pkix } internal static bool ProcessCertD1i(int index, IList[] policyNodes, DerObjectIdentifier pOid, - ISet pq) + HashSet pq) { foreach (var node in policyNodes[index - 1]) { @@ -974,7 +974,7 @@ namespace Org.BouncyCastle.Pkix } internal static void ProcessCertD1ii(int index, IList[] policyNodes, DerObjectIdentifier _poid, - ISet _pq) + HashSet _pq) { foreach (var _node in policyNodes[index - 1]) { diff --git a/crypto/src/pkix/PkixNameConstraintValidator.cs b/crypto/src/pkix/PkixNameConstraintValidator.cs index 0b9e30f19..027eeca82 100644 --- a/crypto/src/pkix/PkixNameConstraintValidator.cs +++ b/crypto/src/pkix/PkixNameConstraintValidator.cs @@ -15,29 +15,29 @@ namespace Org.BouncyCastle.Pkix { private static readonly DerObjectIdentifier SerialNumberOid = X509Name.SerialNumber; - private ISet excludedSubtreesDN = new HashSet(); + private HashSet excludedSubtreesDN = new HashSet(); - private ISet excludedSubtreesDns = new HashSet(); + private HashSet excludedSubtreesDns = new HashSet(); - private ISet excludedSubtreesEmail = new HashSet(); + private HashSet excludedSubtreesEmail = new HashSet(); - private ISet excludedSubtreesUri = new HashSet(); + private HashSet excludedSubtreesUri = new HashSet(); - private ISet excludedSubtreesIP = new HashSet(); + private HashSet excludedSubtreesIP = new HashSet(); - private ISet excludedSubtreesOtherName = new HashSet(); + private HashSet excludedSubtreesOtherName = new HashSet(); - private ISet permittedSubtreesDN; + private HashSet permittedSubtreesDN; - private ISet permittedSubtreesDns; + private HashSet permittedSubtreesDns; - private ISet permittedSubtreesEmail; + private HashSet permittedSubtreesEmail; - private ISet permittedSubtreesUri; + private HashSet permittedSubtreesUri; - private ISet permittedSubtreesIP; + private HashSet permittedSubtreesIP; - private ISet permittedSubtreesOtherName; + private HashSet permittedSubtreesOtherName; public PkixNameConstraintValidator() { @@ -106,7 +106,7 @@ namespace Org.BouncyCastle.Pkix CheckPermittedDN(permittedSubtreesDN, dn); } - private void CheckExcludedDN(ISet excluded, Asn1Sequence directory) + private void CheckExcludedDN(HashSet excluded, Asn1Sequence directory) { if (IsDNConstrained(excluded, directory)) { @@ -115,7 +115,7 @@ namespace Org.BouncyCastle.Pkix } } - private void CheckPermittedDN(ISet permitted, Asn1Sequence directory) + private void CheckPermittedDN(HashSet permitted, Asn1Sequence directory) { if (permitted != null && !(directory.Count == 0 && permitted.Count < 1) @@ -126,7 +126,7 @@ namespace Org.BouncyCastle.Pkix } } - private bool IsDNConstrained(ISet constraints, Asn1Sequence directory) + private bool IsDNConstrained(HashSet constraints, Asn1Sequence directory) { foreach (var constraint in constraints) { @@ -137,7 +137,7 @@ namespace Org.BouncyCastle.Pkix return false; } - private ISet IntersectDN(ISet permitted, ISet dns) + private HashSet IntersectDN(HashSet permitted, HashSet dns) { var intersect = new HashSet(); foreach (GeneralSubtree subtree1 in dns) @@ -168,7 +168,7 @@ namespace Org.BouncyCastle.Pkix return intersect; } - private ISet UnionDN(ISet excluded, Asn1Sequence dn) + private HashSet UnionDN(HashSet excluded, Asn1Sequence dn) { if (excluded.Count < 1) { @@ -205,19 +205,19 @@ namespace Org.BouncyCastle.Pkix #region OtherName - private void CheckExcludedOtherName(ISet excluded, OtherName name) + private void CheckExcludedOtherName(HashSet excluded, OtherName name) { if (IsOtherNameConstrained(excluded, name)) throw new PkixNameConstraintValidatorException("OtherName is from an excluded subtree."); } - private void CheckPermittedOtherName(ISet permitted, OtherName name) + private void CheckPermittedOtherName(HashSet permitted, OtherName name) { if (permitted != null && !IsOtherNameConstrained(permitted, name)) throw new PkixNameConstraintValidatorException("Subject OtherName is not from a permitted subtree."); } - private bool IsOtherNameConstrained(ISet constraints, OtherName otherName) + private bool IsOtherNameConstrained(HashSet constraints, OtherName otherName) { foreach (OtherName constraint in constraints) { @@ -233,7 +233,7 @@ namespace Org.BouncyCastle.Pkix return constraint.Equals(otherName); } - private ISet IntersectOtherName(ISet permitted, ISet otherNames) + private HashSet IntersectOtherName(HashSet permitted, HashSet otherNames) { var intersect = new HashSet(); foreach (GeneralSubtree subtree1 in otherNames) @@ -257,7 +257,7 @@ namespace Org.BouncyCastle.Pkix return intersect; } - private void IntersectOtherName(OtherName otherName1, OtherName otherName2, ISet intersect) + private void IntersectOtherName(OtherName otherName1, OtherName otherName2, HashSet intersect) { if (otherName1.Equals(otherName2)) { @@ -265,7 +265,7 @@ namespace Org.BouncyCastle.Pkix } } - private ISet UnionOtherName(ISet permitted, OtherName otherName) + private HashSet UnionOtherName(HashSet permitted, OtherName otherName) { var union = permitted != null ? new HashSet(permitted) : new HashSet(); union.Add(otherName); @@ -276,13 +276,13 @@ namespace Org.BouncyCastle.Pkix #region Email - private void CheckExcludedEmail(ISet excluded, string email) + private void CheckExcludedEmail(HashSet excluded, string email) { if (IsEmailConstrained(excluded, email)) throw new PkixNameConstraintValidatorException("Email address is from an excluded subtree."); } - private void CheckPermittedEmail(ISet permitted, string email) + private void CheckPermittedEmail(HashSet permitted, string email) { if (permitted != null && !(email.Length == 0 && permitted.Count < 1) @@ -293,7 +293,7 @@ namespace Org.BouncyCastle.Pkix } } - private bool IsEmailConstrained(ISet constraints, string email) + private bool IsEmailConstrained(HashSet constraints, string email) { foreach (string constraint in constraints) { @@ -327,7 +327,7 @@ namespace Org.BouncyCastle.Pkix return false; } - private ISet IntersectEmail(ISet permitted, ISet emails) + private HashSet IntersectEmail(HashSet permitted, HashSet emails) { var intersect = new HashSet(); foreach (GeneralSubtree subtree1 in emails) @@ -360,7 +360,7 @@ namespace Org.BouncyCastle.Pkix * @param email2 Email address constraint 2. * @param intersect The intersection. */ - private void IntersectEmail(string email1, string email2, ISet intersect) + private void IntersectEmail(string email1, string email2, HashSet intersect) { // email1 is a particular address if (email1.IndexOf('@') != -1) @@ -452,7 +452,7 @@ namespace Org.BouncyCastle.Pkix } } - private ISet UnionEmail(ISet excluded, string email) + private HashSet UnionEmail(HashSet excluded, string email) { if (excluded.Count < 1) { @@ -480,7 +480,7 @@ namespace Org.BouncyCastle.Pkix * @param email2 Email address constraint 2. * @param union The union. */ - private void UnionEmail(string email1, string email2, ISet union) + private void UnionEmail(string email1, string email2, HashSet union) { // email1 is a particular address if (email1.IndexOf('@') != -1) @@ -631,7 +631,7 @@ namespace Org.BouncyCastle.Pkix * @throws PkixNameConstraintValidatorException * if the IP is excluded. */ - private void CheckExcludedIP(ISet excluded, byte[] ip) + private void CheckExcludedIP(HashSet excluded, byte[] ip) { if (IsIPConstrained(excluded, ip)) throw new PkixNameConstraintValidatorException("IP is from an excluded subtree."); @@ -647,7 +647,7 @@ namespace Org.BouncyCastle.Pkix * @throws PkixNameConstraintValidatorException * if the IP is not permitted. */ - private void CheckPermittedIP(ISet permitted, byte[] ip) + private void CheckPermittedIP(HashSet permitted, byte[] ip) { if (permitted != null && !(ip.Length == 0 && permitted.Count < 1) @@ -657,7 +657,7 @@ namespace Org.BouncyCastle.Pkix } } - private bool IsIPConstrained(ISet constraints, byte[] ip) + private bool IsIPConstrained(HashSet constraints, byte[] ip) { foreach (byte[] constraint in constraints) { @@ -711,7 +711,7 @@ namespace Org.BouncyCastle.Pkix * @return The Set of permitted IP ranges intersected with * ip. */ - private ISet IntersectIP(ISet permitted, ISet ips) + private HashSet IntersectIP(HashSet permitted, HashSet ips) { var intersect = new HashSet(); foreach (GeneralSubtree subtree in ips) @@ -743,7 +743,7 @@ namespace Org.BouncyCastle.Pkix * @return A Set with the single IP address with its subnet * mask as a byte array or an empty Set. */ - private ISet IntersectIPRange(byte[] ipWithSubmask1, byte[] ipWithSubmask2) + private HashSet IntersectIPRange(byte[] ipWithSubmask1, byte[] ipWithSubmask2) { if (ipWithSubmask1.Length != ipWithSubmask2.Length) return new HashSet(); @@ -787,7 +787,7 @@ namespace Org.BouncyCastle.Pkix * @return The Set of excluded IP ranges unified with * ip as byte arrays. */ - private ISet UnionIP(ISet excluded, byte[] ip) + private HashSet UnionIP(HashSet excluded, byte[] ip) { if (excluded.Count < 1) { @@ -813,7 +813,7 @@ namespace Org.BouncyCastle.Pkix * @param ipWithSubmask2 The second IP address with its subnet mask. * @return A Set with the union of both addresses. */ - private ISet UnionIPRange(byte[] ipWithSubmask1, byte[] ipWithSubmask2) + private HashSet UnionIPRange(byte[] ipWithSubmask1, byte[] ipWithSubmask2) { var set = new HashSet(); // difficult, adding always all IPs is not wrong @@ -982,13 +982,13 @@ namespace Org.BouncyCastle.Pkix #region Dns - private void CheckExcludedDns(ISet excluded, string dns) + private void CheckExcludedDns(HashSet excluded, string dns) { if (IsDnsConstrained(excluded, dns)) throw new PkixNameConstraintValidatorException("DNS is from an excluded subtree."); } - private void CheckPermittedDns(ISet permitted, string dns) + private void CheckPermittedDns(HashSet permitted, string dns) { if (permitted != null && !(dns.Length == 0 && permitted.Count < 1) @@ -998,7 +998,7 @@ namespace Org.BouncyCastle.Pkix } } - private bool IsDnsConstrained(ISet constraints, string dns) + private bool IsDnsConstrained(HashSet constraints, string dns) { foreach (var constraint in constraints) { @@ -1014,7 +1014,7 @@ namespace Org.BouncyCastle.Pkix return WithinDomain(dns, constraint) || Platform.EqualsIgnoreCase(dns, constraint); } - private ISet IntersectDns(ISet permitted, ISet dnss) + private HashSet IntersectDns(HashSet permitted, HashSet dnss) { var intersect = new HashSet(); foreach (GeneralSubtree subtree in dnss) @@ -1045,7 +1045,7 @@ namespace Org.BouncyCastle.Pkix return intersect; } - private ISet UnionDns(ISet excluded, string dns) + private HashSet UnionDns(HashSet excluded, string dns) { if (excluded.Count < 1) { @@ -1080,13 +1080,13 @@ namespace Org.BouncyCastle.Pkix #region Uri - private void CheckExcludedUri(ISet excluded, string uri) + private void CheckExcludedUri(HashSet excluded, string uri) { if (IsUriConstrained(excluded, uri)) throw new PkixNameConstraintValidatorException("URI is from an excluded subtree."); } - private void CheckPermittedUri(ISet permitted, string uri) + private void CheckPermittedUri(HashSet permitted, string uri) { if (permitted != null && !(uri.Length == 0 && permitted.Count < 1) @@ -1096,7 +1096,7 @@ namespace Org.BouncyCastle.Pkix } } - private bool IsUriConstrained(ISet constraints, string uri) + private bool IsUriConstrained(HashSet constraints, string uri) { foreach (string constraint in constraints) { @@ -1121,7 +1121,7 @@ namespace Org.BouncyCastle.Pkix return Platform.EqualsIgnoreCase(host, constraint); } - private ISet IntersectUri(ISet permitted, ISet uris) + private HashSet IntersectUri(HashSet permitted, HashSet uris) { var intersect = new HashSet(); foreach (GeneralSubtree subtree in uris) @@ -1145,7 +1145,7 @@ namespace Org.BouncyCastle.Pkix return intersect; } - private void IntersectUri(string email1, string email2, ISet intersect) + private void IntersectUri(string email1, string email2, HashSet intersect) { // email1 is a particular address if (email1.IndexOf('@') != -1) @@ -1237,7 +1237,7 @@ namespace Org.BouncyCastle.Pkix } } - private ISet UnionUri(ISet excluded, string uri) + private HashSet UnionUri(HashSet excluded, string uri) { if (excluded.Count < 1) { @@ -1256,7 +1256,7 @@ namespace Org.BouncyCastle.Pkix return union; } - private void UnionUri(string email1, string email2, ISet union) + private void UnionUri(string email1, string email2, HashSet union) { // email1 is a particular address if (email1.IndexOf('@') != -1) @@ -1544,7 +1544,7 @@ namespace Org.BouncyCastle.Pkix public void IntersectPermittedSubtree(Asn1Sequence permitted) { - var subtreesMap = new Dictionary>(); + var subtreesMap = new Dictionary>(); // group in ISets in a map ordered by tag no. foreach (var element in permitted) @@ -1553,7 +1553,7 @@ namespace Org.BouncyCastle.Pkix int tagNo = subtree.Base.TagNo; - ISet subtrees; + HashSet subtrees; if (!subtreesMap.TryGetValue(tagNo, out subtrees)) { subtrees = new HashSet(); @@ -1674,7 +1674,7 @@ namespace Org.BouncyCastle.Pkix + HashCollection(permittedSubtreesOtherName); } - private int HashCollection(IEnumerable c) + private int HashCollection(HashSet c) { int hash = 0; if (c != null) @@ -1687,12 +1687,12 @@ namespace Org.BouncyCastle.Pkix return hash; } - private int HashCollection(IEnumerable c) + private int HashCollection(HashSet c) { int hash = 0; if (c != null) { - foreach (object o in c) + foreach (T o in c) { hash += o.GetHashCode(); } @@ -1719,7 +1719,7 @@ namespace Org.BouncyCastle.Pkix && AreEqualSets(that.permittedSubtreesOtherName, permittedSubtreesOtherName); } - private bool AreEqualSets(ISet set1, ISet set2) + private bool AreEqualSets(HashSet set1, HashSet set2) { if (set1 == set2) return true; @@ -1744,7 +1744,7 @@ namespace Org.BouncyCastle.Pkix return true; } - private bool AreEqualSets(ISet set1, ISet set2) + private bool AreEqualSets(HashSet set1, HashSet set2) { if (set1 == set2) return true; @@ -1782,7 +1782,7 @@ namespace Org.BouncyCastle.Pkix return temp; } - private string StringifyIPCollection(ISet ips) + private string StringifyIPCollection(HashSet ips) { string temp = ""; temp += "["; @@ -1798,7 +1798,7 @@ namespace Org.BouncyCastle.Pkix return temp; } - private string StringifyOtherNameCollection(ISet otherNames) + private string StringifyOtherNameCollection(HashSet otherNames) { StringBuilder sb = new StringBuilder('['); foreach (OtherName name in otherNames) diff --git a/crypto/src/pkix/Rfc3280CertPathUtilities.cs b/crypto/src/pkix/Rfc3280CertPathUtilities.cs index b2d47c0f1..1d912264e 100644 --- a/crypto/src/pkix/Rfc3280CertPathUtilities.cs +++ b/crypto/src/pkix/Rfc3280CertPathUtilities.cs @@ -369,8 +369,9 @@ namespace Org.BouncyCastle.Pkix } /// - internal static PkixPolicyNode ProcessCertD(PkixCertPath certPath, int index, ISet acceptablePolicies, - PkixPolicyNode validPolicyTree, IList[] policyNodes, int inhibitAnyPolicy) + internal static PkixPolicyNode ProcessCertD(PkixCertPath certPath, int index, + HashSet acceptablePolicies, PkixPolicyNode validPolicyTree, IList[] policyNodes, + int inhibitAnyPolicy) { var certs = certPath.Certificates; X509Certificate cert = certs[index]; @@ -408,7 +409,7 @@ namespace Org.BouncyCastle.Pkix if (!ANY_POLICY.Equals(pOid.Id)) { - ISet pq; + HashSet pq; try { pq = PkixCertPathValidatorUtilities.GetQualifierSet(pInfo.PolicyQualifiers); @@ -674,7 +675,7 @@ namespace Org.BouncyCastle.Pkix * @throws AnnotatedException if the CRL is not valid or the status cannot be checked or * some error occurs. */ - internal static ISet ProcessCrlF( + internal static HashSet ProcessCrlF( X509Crl crl, object cert, X509Certificate defaultCRLSignCert, @@ -798,7 +799,7 @@ namespace Org.BouncyCastle.Pkix return checkKeys; } - internal static AsymmetricKeyParameter ProcessCrlG(X509Crl crl, ISet keys) + internal static AsymmetricKeyParameter ProcessCrlG(X509Crl crl, HashSet keys) { Exception lastException = null; foreach (AsymmetricKeyParameter key in keys) @@ -816,7 +817,7 @@ namespace Org.BouncyCastle.Pkix throw new Exception("Cannot verify CRL.", lastException); } - internal static X509Crl ProcessCrlH(ISet deltaCrls, AsymmetricKeyParameter key) + internal static X509Crl ProcessCrlH(HashSet deltaCrls, AsymmetricKeyParameter key) { Exception lastException = null; foreach (X509Crl crl in deltaCrls) @@ -918,7 +919,8 @@ namespace Org.BouncyCastle.Pkix if (paramsPKIX.IsUseDeltasEnabled) { // get delta CRLs - ISet deltaCRLs = PkixCertPathValidatorUtilities.GetDeltaCrls(currentDate, paramsPKIX, crl); + HashSet deltaCRLs = PkixCertPathValidatorUtilities.GetDeltaCrls(currentDate, + paramsPKIX, crl); // we only want one valid delta CRL // (h) deltaCRL = ProcessCrlH(deltaCRLs, key); @@ -1996,7 +1998,7 @@ namespace Org.BouncyCastle.Pkix internal static PkixPolicyNode WrapupCertG(PkixCertPath certPath, PkixParameters paramsPKIX, ISet userInitialPolicySet, int index, IList[] policyNodes, - PkixPolicyNode validPolicyTree, ISet acceptablePolicies) + PkixPolicyNode validPolicyTree, HashSet acceptablePolicies) { int n = certPath.Certificates.Count; diff --git a/crypto/src/tsp/TSPUtil.cs b/crypto/src/tsp/TSPUtil.cs index 6f1d07b0a..daf6cf047 100644 --- a/crypto/src/tsp/TSPUtil.cs +++ b/crypto/src/tsp/TSPUtil.cs @@ -178,14 +178,14 @@ namespace Org.BouncyCastle.Tsp return DigestUtilities.GetDigest(digestName); } - internal static ISet GetCriticalExtensionOids(X509Extensions extensions) + internal static HashSet GetCriticalExtensionOids(X509Extensions extensions) { return extensions == null ? new HashSet() : new HashSet(extensions.GetCriticalExtensionOids()); } - internal static ISet GetNonCriticalExtensionOids(X509Extensions extensions) + internal static HashSet GetNonCriticalExtensionOids(X509Extensions extensions) { return extensions == null ? new HashSet() -- cgit 1.4.1