From 6b59dbbece3b1509b83b8479259a3c6059e9a60b Mon Sep 17 00:00:00 2001
From: Peter Dettman <peter.dettman@bouncycastle.org>
Date: Sun, 5 Mar 2023 14:45:49 +0700
Subject: Support 'leaveOpen' in Asn1 streams

---
 crypto/src/x509/X509CertPairParser.cs    | 11 +++++------
 crypto/src/x509/X509CertificateParser.cs |  5 ++++-
 crypto/src/x509/X509CrlParser.cs         | 11 +++++++----
 3 files changed, 16 insertions(+), 11 deletions(-)

(limited to 'crypto/src/x509')

diff --git a/crypto/src/x509/X509CertPairParser.cs b/crypto/src/x509/X509CertPairParser.cs
index 26b417898..95ba522c8 100644
--- a/crypto/src/x509/X509CertPairParser.cs
+++ b/crypto/src/x509/X509CertPairParser.cs
@@ -13,13 +13,12 @@ namespace Org.BouncyCastle.X509
 	{
 		private Stream currentStream;
 
-		private X509CertificatePair ReadDerCrossCertificatePair(
-			Stream inStream)
+		private X509CertificatePair ReadDerCrossCertificatePair(Stream inStream)
 		{
-			Asn1InputStream dIn = new Asn1InputStream(inStream);//, ProviderUtil.getReadLimit(in));
-			Asn1Sequence seq = (Asn1Sequence)dIn.ReadObject();
-			CertificatePair pair = CertificatePair.GetInstance(seq);
-			return new X509CertificatePair(pair);
+            using (var asn1In = new Asn1InputStream(inStream, int.MaxValue, leaveOpen: true))
+            {
+                return new X509CertificatePair(CertificatePair.GetInstance(asn1In.ReadObject()));
+            }
 		}
 
 		/// <summary>
diff --git a/crypto/src/x509/X509CertificateParser.cs b/crypto/src/x509/X509CertificateParser.cs
index ce50dc8ed..6fc1b3ff4 100644
--- a/crypto/src/x509/X509CertificateParser.cs
+++ b/crypto/src/x509/X509CertificateParser.cs
@@ -138,7 +138,10 @@ namespace Org.BouncyCastle.X509
                 if (tag != 0x30)  // assume ascii PEM encoded.
 					return ReadPemCertificate(inStream);
 
-				return ReadDerCertificate(new Asn1InputStream(inStream));
+				using (var asn1In = new Asn1InputStream(inStream, int.MaxValue, leaveOpen: true))
+				{
+					return ReadDerCertificate(asn1In);
+				}
 			}
 			catch (Exception e)
 			{
diff --git a/crypto/src/x509/X509CrlParser.cs b/crypto/src/x509/X509CrlParser.cs
index ad2b4f704..a60a591c4 100644
--- a/crypto/src/x509/X509CrlParser.cs
+++ b/crypto/src/x509/X509CrlParser.cs
@@ -131,11 +131,14 @@ namespace Org.BouncyCastle.X509
 					return ReadPemCrl(inStream);
 
 				Asn1InputStream asn1 = lazyAsn1
-					?	new LazyAsn1InputStream(inStream)
-					:	new Asn1InputStream(inStream);
+					?	new LazyAsn1InputStream(inStream, int.MaxValue, leaveOpen: true)
+					:	new Asn1InputStream(inStream, int.MaxValue, leaveOpen: true);
 
-				return ReadDerCrl(asn1);
-			}
+                using (asn1)
+                {
+                    return ReadDerCrl(asn1);
+                }
+            }
 			catch (CrlException e)
 			{
 				throw e;
-- 
cgit 1.4.1