Skip to content

Commit 6617892

Browse files
stephentoubstephentoub
authored
Remove a bunch of X509 PAL closures from FindCore
1 parent 00d4dd8 commit 6617892

File tree

2 files changed

+60
-39
lines changed

2 files changed

+60
-39
lines changed

src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/ManagedCertificateFinder.cs

Lines changed: 30 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -41,13 +41,14 @@ public string NormalizeOid(string maybeOid, OidGroup expectedGroup)
4141

4242
public void FindByThumbprint(byte[] thumbprint)
4343
{
44-
FindCore(cert => cert.GetCertHash().ContentsEqual(thumbprint));
44+
FindCore(thumbprint, static (thumbprint, cert) => cert.GetCertHash().ContentsEqual(thumbprint));
4545
}
4646

4747
public void FindBySubjectName(string subjectName)
4848
{
4949
FindCore(
50-
cert =>
50+
subjectName,
51+
static (subjectName, cert) =>
5152
{
5253
string formedSubject = X500NameEncoder.X500DistinguishedNameDecode(cert.SubjectName.RawData, false, X500DistinguishedNameFlags.None);
5354

@@ -57,13 +58,14 @@ public void FindBySubjectName(string subjectName)
5758

5859
public void FindBySubjectDistinguishedName(string subjectDistinguishedName)
5960
{
60-
FindCore(cert => StringComparer.OrdinalIgnoreCase.Equals(subjectDistinguishedName, cert.Subject));
61+
FindCore(subjectDistinguishedName, static (subjectDistinguishedName, cert) => StringComparer.OrdinalIgnoreCase.Equals(subjectDistinguishedName, cert.Subject));
6162
}
6263

6364
public void FindByIssuerName(string issuerName)
6465
{
6566
FindCore(
66-
cert =>
67+
issuerName,
68+
static (issuerName, cert) =>
6769
{
6870
string formedIssuer = X500NameEncoder.X500DistinguishedNameDecode(cert.IssuerName.RawData, false, X500DistinguishedNameFlags.None);
6971

@@ -73,17 +75,18 @@ public void FindByIssuerName(string issuerName)
7375

7476
public void FindByIssuerDistinguishedName(string issuerDistinguishedName)
7577
{
76-
FindCore(cert => StringComparer.OrdinalIgnoreCase.Equals(issuerDistinguishedName, cert.Issuer));
78+
FindCore(issuerDistinguishedName, static (issuerDistinguishedName, cert) => StringComparer.OrdinalIgnoreCase.Equals(issuerDistinguishedName, cert.Issuer));
7779
}
7880

7981
public void FindBySerialNumber(BigInteger hexValue, BigInteger decimalValue)
8082
{
8183
FindCore(
82-
cert =>
84+
(hexValue, decimalValue),
85+
static (state, cert) =>
8386
{
8487
byte[] serialBytes = cert.GetSerialNumber();
8588
BigInteger serialNumber = FindPal.PositiveBigIntegerFromByteArray(serialBytes);
86-
bool match = hexValue.Equals(serialNumber) || decimalValue.Equals(serialNumber);
89+
bool match = state.hexValue.Equals(serialNumber) || state.decimalValue.Equals(serialNumber);
8790

8891
return match;
8992
});
@@ -107,27 +110,28 @@ public void FindByTimeValid(DateTime dateTime)
107110
{
108111
DateTime normalized = NormalizeDateTime(dateTime);
109112

110-
FindCore(cert => cert.NotBefore <= normalized && normalized <= cert.NotAfter);
113+
FindCore(normalized, static (normalized, cert) => cert.NotBefore <= normalized && normalized <= cert.NotAfter);
111114
}
112115

113116
public void FindByTimeNotYetValid(DateTime dateTime)
114117
{
115118
DateTime normalized = NormalizeDateTime(dateTime);
116119

117-
FindCore(cert => cert.NotBefore > normalized);
120+
FindCore(normalized, static (normalized, cert) => cert.NotBefore > normalized);
118121
}
119122

120123
public void FindByTimeExpired(DateTime dateTime)
121124
{
122125
DateTime normalized = NormalizeDateTime(dateTime);
123126

124-
FindCore(cert => cert.NotAfter < normalized);
127+
FindCore(normalized, static (normalized, cert) => cert.NotAfter < normalized);
125128
}
126129

127130
public void FindByTemplateName(string templateName)
128131
{
129132
FindCore(
130-
cert =>
133+
templateName,
134+
static (templateName, cert) =>
131135
{
132136
X509Extension? ext = FindExtension(cert, Oids.EnrollCertTypeExtension);
133137

@@ -172,7 +176,8 @@ public void FindByTemplateName(string templateName)
172176
public void FindByApplicationPolicy(string oidValue)
173177
{
174178
FindCore(
175-
cert =>
179+
oidValue,
180+
static (oidValue, cert) =>
176181
{
177182
X509Extension? ext = FindExtension(cert, Oids.EnhancedKeyUsage);
178183

@@ -201,7 +206,8 @@ public void FindByApplicationPolicy(string oidValue)
201206
public void FindByCertificatePolicy(string oidValue)
202207
{
203208
FindCore(
204-
cert =>
209+
oidValue,
210+
static (oidValue, cert) =>
205211
{
206212
X509Extension? ext = FindExtension(cert, Oids.CertPolicies);
207213

@@ -218,13 +224,14 @@ public void FindByCertificatePolicy(string oidValue)
218224

219225
public void FindByExtension(string oidValue)
220226
{
221-
FindCore(cert => FindExtension(cert, oidValue) != null);
227+
FindCore(oidValue, static (oidValue, cert) => FindExtension(cert, oidValue) != null);
222228
}
223229

224230
public void FindByKeyUsage(X509KeyUsageFlags keyUsage)
225231
{
226232
FindCore(
227-
cert =>
233+
keyUsage,
234+
static (keyUsage, cert) =>
228235
{
229236
X509Extension? ext = FindExtension(cert, Oids.KeyUsage);
230237

@@ -246,7 +253,8 @@ public void FindByKeyUsage(X509KeyUsageFlags keyUsage)
246253
public void FindBySubjectKeyIdentifier(byte[] keyIdentifier)
247254
{
248255
FindCore(
249-
cert =>
256+
keyIdentifier,
257+
(keyIdentifier, cert) =>
250258
{
251259
X509Extension? ext = FindExtension(cert, Oids.SubjectKeyIdentifier);
252260
byte[] certKeyId;
@@ -305,11 +313,14 @@ protected virtual void Dispose(bool disposing)
305313

306314
protected abstract X509Certificate2 CloneCertificate(X509Certificate2 cert);
307315

308-
private void FindCore(Predicate<X509Certificate2> predicate)
316+
private void FindCore<TState>(TState state, Func<TState, X509Certificate2, bool> predicate)
309317
{
310-
foreach (X509Certificate2 cert in _findFrom)
318+
X509Certificate2Collection findFrom = _findFrom;
319+
int count = findFrom.Count;
320+
for (int i = 0; i < count; i++)
311321
{
312-
if (predicate(cert))
322+
X509Certificate2 cert = findFrom[i];
323+
if (predicate(state, cert))
313324
{
314325
if (!_validOnly || IsCertValid(cert))
315326
{

src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Windows/FindPal.cs

Lines changed: 30 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -50,22 +50,23 @@ public unsafe void FindByThumbprint(byte[] thumbPrint)
5050
fixed (byte* pThumbPrint = thumbPrint)
5151
{
5252
CRYPTOAPI_BLOB blob = new CRYPTOAPI_BLOB(thumbPrint.Length, pThumbPrint);
53-
FindCore(CertFindType.CERT_FIND_HASH, &blob);
53+
FindCore<object>(CertFindType.CERT_FIND_HASH, &blob);
5454
}
5555
}
5656

5757
public unsafe void FindBySubjectName(string subjectName)
5858
{
5959
fixed (char* pSubjectName = subjectName)
6060
{
61-
FindCore(CertFindType.CERT_FIND_SUBJECT_STR, pSubjectName);
61+
FindCore<object>(CertFindType.CERT_FIND_SUBJECT_STR, pSubjectName);
6262
}
6363
}
6464

6565
public void FindBySubjectDistinguishedName(string subjectDistinguishedName)
6666
{
6767
FindCore(
68-
delegate (SafeCertContextHandle pCertContext)
68+
subjectDistinguishedName,
69+
static (subjectDistinguishedName, pCertContext) =>
6970
{
7071
string actual = GetCertNameInfo(pCertContext, CertNameType.CERT_NAME_RDN_TYPE, CertNameFlags.None);
7172
return subjectDistinguishedName.Equals(actual, StringComparison.OrdinalIgnoreCase);
@@ -76,14 +77,15 @@ public unsafe void FindByIssuerName(string issuerName)
7677
{
7778
fixed (char* pIssuerName = issuerName)
7879
{
79-
FindCore(CertFindType.CERT_FIND_ISSUER_STR, pIssuerName);
80+
FindCore<object>(CertFindType.CERT_FIND_ISSUER_STR, pIssuerName);
8081
}
8182
}
8283

8384
public void FindByIssuerDistinguishedName(string issuerDistinguishedName)
8485
{
8586
FindCore(
86-
delegate (SafeCertContextHandle pCertContext)
87+
issuerDistinguishedName,
88+
static (issuerDistinguishedName, pCertContext) =>
8789
{
8890
string actual = GetCertNameInfo(pCertContext, CertNameType.CERT_NAME_RDN_TYPE, CertNameFlags.CERT_NAME_ISSUER_FLAG);
8991
return issuerDistinguishedName.Equals(actual, StringComparison.OrdinalIgnoreCase);
@@ -93,15 +95,16 @@ public void FindByIssuerDistinguishedName(string issuerDistinguishedName)
9395
public unsafe void FindBySerialNumber(BigInteger hexValue, BigInteger decimalValue)
9496
{
9597
FindCore(
96-
delegate (SafeCertContextHandle pCertContext)
98+
(hexValue, decimalValue),
99+
static (state, pCertContext) =>
97100
{
98101
byte[] actual = pCertContext.CertContext->pCertInfo->SerialNumber.ToByteArray();
99102
GC.KeepAlive(pCertContext);
100103

101104
// Convert to BigInteger as the comparison must not fail due to spurious leading zeros
102105
BigInteger actualAsBigInteger = PositiveBigIntegerFromByteArray(actual);
103106

104-
return hexValue.Equals(actualAsBigInteger) || decimalValue.Equals(actualAsBigInteger);
107+
return state.hexValue.Equals(actualAsBigInteger) || state.decimalValue.Equals(actualAsBigInteger);
105108
});
106109
}
107110

@@ -125,19 +128,21 @@ private unsafe void FindByTime(DateTime dateTime, int compareResult)
125128
FILETIME fileTime = FILETIME.FromDateTime(dateTime);
126129

127130
FindCore(
128-
delegate (SafeCertContextHandle pCertContext)
131+
(fileTime, compareResult),
132+
static (state, pCertContext) =>
129133
{
130-
int comparison = Interop.crypt32.CertVerifyTimeValidity(ref fileTime,
134+
int comparison = Interop.crypt32.CertVerifyTimeValidity(ref state.fileTime,
131135
pCertContext.CertContext->pCertInfo);
132136
GC.KeepAlive(pCertContext);
133-
return comparison == compareResult;
137+
return comparison == state.compareResult;
134138
});
135139
}
136140

137141
public unsafe void FindByTemplateName(string templateName)
138142
{
139143
FindCore(
140-
delegate (SafeCertContextHandle pCertContext)
144+
templateName,
145+
static (templateName, pCertContext) =>
141146
{
142147
// The template name can have 2 different formats: V1 format (<= Win2K) is just a string
143148
// V2 format (XP only) can be a friendly name or an OID.
@@ -203,7 +208,8 @@ public unsafe void FindByTemplateName(string templateName)
203208
public unsafe void FindByApplicationPolicy(string oidValue)
204209
{
205210
FindCore(
206-
delegate (SafeCertContextHandle pCertContext)
211+
oidValue,
212+
static (oidValue, pCertContext) =>
207213
{
208214
int numOids;
209215
int cbData = 0;
@@ -234,7 +240,8 @@ public unsafe void FindByApplicationPolicy(string oidValue)
234240
public unsafe void FindByCertificatePolicy(string oidValue)
235241
{
236242
FindCore(
237-
delegate (SafeCertContextHandle pCertContext)
243+
oidValue,
244+
static (oidValue, pCertContext) =>
238245
{
239246
CERT_INFO* pCertInfo = pCertContext.CertContext->pCertInfo;
240247
CERT_EXTENSION* pCertExtension = Interop.crypt32.CertFindExtension(Oids.CertPolicies,
@@ -274,7 +281,8 @@ public unsafe void FindByCertificatePolicy(string oidValue)
274281
public unsafe void FindByExtension(string oidValue)
275282
{
276283
FindCore(
277-
delegate (SafeCertContextHandle pCertContext)
284+
oidValue,
285+
static (oidValue, pCertContext) =>
278286
{
279287
CERT_INFO* pCertInfo = pCertContext.CertContext->pCertInfo;
280288
CERT_EXTENSION* pCertExtension = Interop.crypt32.CertFindExtension(oidValue, pCertInfo->cExtension, pCertInfo->rgExtension);
@@ -286,7 +294,8 @@ public unsafe void FindByExtension(string oidValue)
286294
public unsafe void FindByKeyUsage(X509KeyUsageFlags keyUsage)
287295
{
288296
FindCore(
289-
delegate (SafeCertContextHandle pCertContext)
297+
keyUsage,
298+
static (keyUsage, pCertContext) =>
290299
{
291300
CERT_INFO* pCertInfo = pCertContext.CertContext->pCertInfo;
292301
X509KeyUsageFlags actual;
@@ -300,7 +309,8 @@ public unsafe void FindByKeyUsage(X509KeyUsageFlags keyUsage)
300309
public void FindBySubjectKeyIdentifier(byte[] keyIdentifier)
301310
{
302311
FindCore(
303-
delegate (SafeCertContextHandle pCertContext)
312+
keyIdentifier,
313+
static (keyIdentifier, pCertContext) =>
304314
{
305315
int cbData = 0;
306316
if (!Interop.crypt32.CertGetCertificateContextProperty(pCertContext, CertContextPropId.CERT_KEY_IDENTIFIER_PROP_ID, null, ref cbData))
@@ -319,12 +329,12 @@ public void Dispose()
319329
_storePal.Dispose();
320330
}
321331

322-
private unsafe void FindCore(Func<SafeCertContextHandle, bool> filter)
332+
private unsafe void FindCore<TState>(TState state, Func<TState, SafeCertContextHandle, bool> filter)
323333
{
324-
FindCore(CertFindType.CERT_FIND_ANY, null, filter);
334+
FindCore(CertFindType.CERT_FIND_ANY, null, state, filter);
325335
}
326336

327-
private unsafe void FindCore(CertFindType dwFindType, void* pvFindPara, Func<SafeCertContextHandle, bool>? filter = null)
337+
private unsafe void FindCore<TState>(CertFindType dwFindType, void* pvFindPara, TState state = default!, Func<TState, SafeCertContextHandle, bool>? filter = null)
328338
{
329339
SafeCertStoreHandle findResults = Interop.crypt32.CertOpenStore(
330340
CertStoreProvider.CERT_STORE_PROV_MEMORY,
@@ -338,7 +348,7 @@ private unsafe void FindCore(CertFindType dwFindType, void* pvFindPara, Func<Saf
338348
SafeCertContextHandle? pCertContext = null;
339349
while (Interop.crypt32.CertFindCertificateInStore(_storePal.SafeCertStoreHandle, dwFindType, pvFindPara, ref pCertContext))
340350
{
341-
if (filter != null && !filter(pCertContext))
351+
if (filter != null && !filter(state, pCertContext))
342352
continue;
343353

344354
if (_validOnly)

0 commit comments

Comments
 (0)