summary refs log tree commit diff
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2022-10-23 14:19:30 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2022-10-23 14:19:30 +0700
commit722367de08a4c0d8101845ab86681063e7a77be0 (patch)
treeae88a7822bf11f56d1c43d6cf0e88f1a8caaed1b
parentSecureRandom refactoring in Cms (diff)
downloadBouncyCastle.NET-ed25519-722367de08a4c0d8101845ab86681063e7a77be0.tar.xz
SecureRandom refactoring in Crypto
-rw-r--r--crypto/src/crypto/CipherKeyGenerator.cs2
-rw-r--r--crypto/src/crypto/agreement/DHAgreement.cs17
-rwxr-xr-xcrypto/src/crypto/agreement/jpake/JPakeParticipant.cs7
-rw-r--r--crypto/src/crypto/encodings/OaepEncoding.cs2
-rw-r--r--crypto/src/crypto/encodings/Pkcs1Encoding.cs2
-rw-r--r--crypto/src/crypto/engines/DesEdeWrapEngine.cs5
-rw-r--r--crypto/src/crypto/engines/ElGamalEngine.cs22
-rw-r--r--crypto/src/crypto/engines/RC2WrapEngine.cs13
-rw-r--r--crypto/src/crypto/engines/RFC3211WrapEngine.cs14
-rw-r--r--crypto/src/crypto/engines/RSABlindedEngine.cs10
-rw-r--r--crypto/src/crypto/generators/ECKeyPairGenerator.cs2
-rw-r--r--crypto/src/crypto/generators/RSABlindingFactorGenerator.cs9
-rw-r--r--crypto/src/crypto/operators/Asn1CipherBuilder.cs5
-rw-r--r--crypto/src/crypto/paddings/ISO10126d2Padding.cs2
-rw-r--r--crypto/src/crypto/parameters/ParametersWithRandom.cs2
-rw-r--r--crypto/src/crypto/prng/BasicEntropySourceProvider.cs6
-rw-r--r--crypto/src/crypto/prng/SP800SecureRandomBuilder.cs5
-rw-r--r--crypto/src/crypto/prng/X931SecureRandomBuilder.cs5
-rw-r--r--crypto/src/crypto/signers/DsaSigner.cs2
-rw-r--r--crypto/src/crypto/signers/ECDsaSigner.cs2
-rw-r--r--crypto/src/crypto/signers/ECGOST3410Signer.cs2
-rw-r--r--crypto/src/crypto/signers/ECNRSigner.cs10
-rw-r--r--crypto/src/crypto/signers/GOST3410Signer.cs10
-rw-r--r--crypto/src/crypto/signers/Iso9796d2PssSigner.cs26
-rw-r--r--crypto/src/crypto/signers/PssSigner.cs18
-rw-r--r--crypto/src/crypto/signers/SM2Signer.cs6
26 files changed, 83 insertions, 123 deletions
diff --git a/crypto/src/crypto/CipherKeyGenerator.cs b/crypto/src/crypto/CipherKeyGenerator.cs
index 80d4782db..2d5d8c2e0 100644
--- a/crypto/src/crypto/CipherKeyGenerator.cs
+++ b/crypto/src/crypto/CipherKeyGenerator.cs
@@ -67,7 +67,7 @@ namespace Org.BouncyCastle.Crypto
 
 				uninitialised = false;
 
-				EngineInit(new KeyGenerationParameters(new SecureRandom(), defaultStrength));
+				EngineInit(new KeyGenerationParameters(CryptoServicesRegistrar.GetSecureRandom(), defaultStrength));
 			}
 
 			return EngineGenerateKey();
diff --git a/crypto/src/crypto/agreement/DHAgreement.cs b/crypto/src/crypto/agreement/DHAgreement.cs
index e988c0d53..6032c237a 100644
--- a/crypto/src/crypto/agreement/DHAgreement.cs
+++ b/crypto/src/crypto/agreement/DHAgreement.cs
@@ -26,30 +26,25 @@ namespace Org.BouncyCastle.Crypto.Agreement
 		private BigInteger				privateValue;
 		private SecureRandom			random;
 
-		public void Init(
-			ICipherParameters parameters)
+		public void Init(ICipherParameters parameters)
 		{
 			AsymmetricKeyParameter kParam;
-			if (parameters is ParametersWithRandom)
+			if (parameters is ParametersWithRandom rParam)
 			{
-				ParametersWithRandom rParam = (ParametersWithRandom)parameters;
-
 				this.random = rParam.Random;
 				kParam = (AsymmetricKeyParameter)rParam.Parameters;
 			}
 			else
 			{
-				this.random = new SecureRandom();
+				this.random = CryptoServicesRegistrar.GetSecureRandom();
 				kParam = (AsymmetricKeyParameter)parameters;
 			}
 
-			if (!(kParam is DHPrivateKeyParameters))
-			{
+			if (!(kParam is DHPrivateKeyParameters dhPrivateKeyParameters))
 				throw new ArgumentException("DHEngine expects DHPrivateKeyParameters");
-			}
 
-			this.key = (DHPrivateKeyParameters)kParam;
-			this.dhParams = key.Parameters;
+			this.key = dhPrivateKeyParameters;
+			this.dhParams = dhPrivateKeyParameters.Parameters;
 		}
 
 		/**
diff --git a/crypto/src/crypto/agreement/jpake/JPakeParticipant.cs b/crypto/src/crypto/agreement/jpake/JPakeParticipant.cs
index 794284866..d6ed37032 100755
--- a/crypto/src/crypto/agreement/jpake/JPakeParticipant.cs
+++ b/crypto/src/crypto/agreement/jpake/JPakeParticipant.cs
@@ -142,7 +142,7 @@ namespace Org.BouncyCastle.Crypto.Agreement.JPake
         ///      Caller should clear the input password as soon as possible.</param>
         /// <param name="group">Prime order group. See JPakePrimeOrderGroups for standard groups.</param>
         public JPakeParticipant(string participantId, char[] password, JPakePrimeOrderGroup group)
-            : this(participantId, password, group, new Sha256Digest(), new SecureRandom()) { }
+            : this(participantId, password, group, new Sha256Digest(), CryptoServicesRegistrar.GetSecureRandom()) { }
 
 
         /// <summary>
@@ -162,7 +162,8 @@ namespace Org.BouncyCastle.Crypto.Agreement.JPake
         /// <param name="digest">Digest to use during zero knowledge proofs and key confirmation
         ///     (SHA-256 or stronger preferred).</param>
         /// <param name="random">Source of secure random data for x1 and x2, and for the zero knowledge proofs.</param>
-        public JPakeParticipant(string participantId, char[] password, JPakePrimeOrderGroup group, IDigest digest, SecureRandom random)
+        public JPakeParticipant(string participantId, char[] password, JPakePrimeOrderGroup group, IDigest digest,
+            SecureRandom random)
         {
             JPakeUtilities.ValidateNotNull(participantId, "participantId");
             JPakeUtilities.ValidateNotNull(password, "password");
@@ -171,9 +172,7 @@ namespace Org.BouncyCastle.Crypto.Agreement.JPake
             JPakeUtilities.ValidateNotNull(random, "random");
 
             if (password.Length == 0)
-            {
                 throw new ArgumentException("Password must not be empty.");
-            }
 
             this.participantId = participantId;
 
diff --git a/crypto/src/crypto/encodings/OaepEncoding.cs b/crypto/src/crypto/encodings/OaepEncoding.cs
index c151b7ac5..6871a039a 100644
--- a/crypto/src/crypto/encodings/OaepEncoding.cs
+++ b/crypto/src/crypto/encodings/OaepEncoding.cs
@@ -74,7 +74,7 @@ namespace Org.BouncyCastle.Crypto.Encodings
             }
             else
             {
-                this.random = new SecureRandom();
+                this.random = CryptoServicesRegistrar.GetSecureRandom();
             }
 
             engine.Init(forEncryption, parameters);
diff --git a/crypto/src/crypto/encodings/Pkcs1Encoding.cs b/crypto/src/crypto/encodings/Pkcs1Encoding.cs
index 5faf7f385..06e59d4f3 100644
--- a/crypto/src/crypto/encodings/Pkcs1Encoding.cs
+++ b/crypto/src/crypto/encodings/Pkcs1Encoding.cs
@@ -110,7 +110,7 @@ namespace Org.BouncyCastle.Crypto.Encodings
             }
             else
             {
-                this.random = new SecureRandom();
+                this.random = CryptoServicesRegistrar.GetSecureRandom();
                 kParam = (AsymmetricKeyParameter)parameters;
             }
 
diff --git a/crypto/src/crypto/engines/DesEdeWrapEngine.cs b/crypto/src/crypto/engines/DesEdeWrapEngine.cs
index 43100a9bd..e05f9f555 100644
--- a/crypto/src/crypto/engines/DesEdeWrapEngine.cs
+++ b/crypto/src/crypto/engines/DesEdeWrapEngine.cs
@@ -60,15 +60,14 @@ namespace Org.BouncyCastle.Crypto.Engines
             this.engine = new CbcBlockCipher(new DesEdeEngine());
 
 			SecureRandom sr;
-			if (parameters is ParametersWithRandom)
+			if (parameters is ParametersWithRandom pr)
 			{
-				ParametersWithRandom pr = (ParametersWithRandom) parameters;
 				parameters = pr.Parameters;
 				sr = pr.Random;
 			}
 			else
 			{
-				sr = new SecureRandom();
+				sr = CryptoServicesRegistrar.GetSecureRandom();
 			}
 
 			if (parameters is KeyParameter)
diff --git a/crypto/src/crypto/engines/ElGamalEngine.cs b/crypto/src/crypto/engines/ElGamalEngine.cs
index 197d7bc15..ea5e5bc30 100644
--- a/crypto/src/crypto/engines/ElGamalEngine.cs
+++ b/crypto/src/crypto/engines/ElGamalEngine.cs
@@ -28,22 +28,18 @@ namespace Org.BouncyCastle.Crypto.Engines
 		* @param forEncryption true if we are encrypting, false otherwise.
 		* @param param the necessary ElGamal key parameters.
 		*/
-        public virtual void Init(
-			bool				forEncryption,
-			ICipherParameters	parameters)
+        public virtual void Init(bool forEncryption, ICipherParameters parameters)
 		{
-			if (parameters is ParametersWithRandom)
+			if (parameters is ParametersWithRandom withRandom)
 			{
-				ParametersWithRandom p = (ParametersWithRandom) parameters;
-
-				this.key = (ElGamalKeyParameters) p.Parameters;
-				this.random = p.Random;
+				this.key = (ElGamalKeyParameters)withRandom.Parameters;
+				this.random = withRandom.Random;
 			}
 			else
 			{
-				this.key = (ElGamalKeyParameters) parameters;
-				this.random = new SecureRandom();
-			}
+				this.key = (ElGamalKeyParameters)parameters;
+				this.random = CryptoServicesRegistrar.GetSecureRandom();
+            }
 
 			this.forEncryption = forEncryption;
 			this.bitSize = key.Parameters.P.BitLength;
@@ -51,16 +47,12 @@ namespace Org.BouncyCastle.Crypto.Engines
 			if (forEncryption)
 			{
 				if (!(key is ElGamalPublicKeyParameters))
-				{
 					throw new ArgumentException("ElGamalPublicKeyParameters are required for encryption.");
-				}
 			}
 			else
 			{
 				if (!(key is ElGamalPrivateKeyParameters))
-				{
 					throw new ArgumentException("ElGamalPrivateKeyParameters are required for decryption.");
-				}
 			}
 		}
 
diff --git a/crypto/src/crypto/engines/RC2WrapEngine.cs b/crypto/src/crypto/engines/RC2WrapEngine.cs
index 5742aa8b7..91ac7ded2 100644
--- a/crypto/src/crypto/engines/RC2WrapEngine.cs
+++ b/crypto/src/crypto/engines/RC2WrapEngine.cs
@@ -42,8 +42,8 @@ namespace Org.BouncyCastle.Crypto.Engines
 		//
 		// checksum digest
 		//
-		IDigest sha1 = new Sha1Digest();
-		byte[] digest = new byte[20];
+		private readonly IDigest sha1 = new Sha1Digest();
+		private readonly byte[] digest = new byte[20];
 
 		/**
 			* Method init
@@ -51,22 +51,19 @@ namespace Org.BouncyCastle.Crypto.Engines
 			* @param forWrapping
 			* @param param
 			*/
-        public virtual void Init(
-			bool				forWrapping,
-			ICipherParameters	parameters)
+        public virtual void Init(bool forWrapping, ICipherParameters parameters)
 		{
 			this.forWrapping = forWrapping;
 			this.engine = new CbcBlockCipher(new RC2Engine());
 
-			if (parameters is ParametersWithRandom)
+			if (parameters is ParametersWithRandom pWithR)
 			{
-				ParametersWithRandom pWithR = (ParametersWithRandom)parameters;
 				sr = pWithR.Random;
 				parameters = pWithR.Parameters;
 			}
 			else
 			{
-				sr = new SecureRandom();
+				sr = CryptoServicesRegistrar.GetSecureRandom();
 			}
 
 			if (parameters is ParametersWithIV)
diff --git a/crypto/src/crypto/engines/RFC3211WrapEngine.cs b/crypto/src/crypto/engines/RFC3211WrapEngine.cs
index 3fc7b3191..42027cf25 100644
--- a/crypto/src/crypto/engines/RFC3211WrapEngine.cs
+++ b/crypto/src/crypto/engines/RFC3211WrapEngine.cs
@@ -24,24 +24,20 @@ namespace Org.BouncyCastle.Crypto.Engines
 			this.engine = new CbcBlockCipher(engine);
 		}
 
-        public virtual void Init(
-			bool				forWrapping,
-			ICipherParameters	param)
+        public virtual void Init(bool forWrapping, ICipherParameters param)
 		{
 			this.forWrapping = forWrapping;
 
-			if (param is ParametersWithRandom)
+			if (param is ParametersWithRandom withRandom)
 			{
-				ParametersWithRandom p = (ParametersWithRandom)param;
-
-                this.rand = p.Random;
-                this.param = p.Parameters as ParametersWithIV;
+                this.rand = withRandom.Random;
+                this.param = withRandom.Parameters as ParametersWithIV;
 			}
 			else
 			{
 				if (forWrapping)
 				{
-					rand = new SecureRandom();
+					rand = CryptoServicesRegistrar.GetSecureRandom();
 				}
 
                 this.param = param as ParametersWithIV;
diff --git a/crypto/src/crypto/engines/RSABlindedEngine.cs b/crypto/src/crypto/engines/RSABlindedEngine.cs
index 637bf3cc0..cdc0a7844 100644
--- a/crypto/src/crypto/engines/RSABlindedEngine.cs
+++ b/crypto/src/crypto/engines/RSABlindedEngine.cs
@@ -39,16 +39,12 @@ namespace Org.BouncyCastle.Crypto.Engines
          * @param forEncryption true if we are encrypting, false otherwise.
          * @param param the necessary RSA key parameters.
          */
-        public virtual void Init(
-            bool forEncryption,
-            ICipherParameters param)
+        public virtual void Init(bool forEncryption, ICipherParameters param)
         {
             core.Init(forEncryption, param);
 
-            if (param is ParametersWithRandom)
+            if (param is ParametersWithRandom rParam)
             {
-                ParametersWithRandom rParam = (ParametersWithRandom)param;
-
                 this.key = (RsaKeyParameters)rParam.Parameters;
 
                 if (key is RsaPrivateCrtKeyParameters)
@@ -66,7 +62,7 @@ namespace Org.BouncyCastle.Crypto.Engines
 
                 if (key is RsaPrivateCrtKeyParameters)
                 {
-                    this.random = new SecureRandom();
+                    this.random = CryptoServicesRegistrar.GetSecureRandom();
                 }
                 else
                 {
diff --git a/crypto/src/crypto/generators/ECKeyPairGenerator.cs b/crypto/src/crypto/generators/ECKeyPairGenerator.cs
index 7b6ee168b..6aba6921e 100644
--- a/crypto/src/crypto/generators/ECKeyPairGenerator.cs
+++ b/crypto/src/crypto/generators/ECKeyPairGenerator.cs
@@ -83,7 +83,7 @@ namespace Org.BouncyCastle.Crypto.Generators
 
             if (this.random == null)
             {
-                this.random = new SecureRandom();
+                this.random = CryptoServicesRegistrar.GetSecureRandom();
             }
         }
 
diff --git a/crypto/src/crypto/generators/RSABlindingFactorGenerator.cs b/crypto/src/crypto/generators/RSABlindingFactorGenerator.cs
index e2f63face..a9eeb46df 100644
--- a/crypto/src/crypto/generators/RSABlindingFactorGenerator.cs
+++ b/crypto/src/crypto/generators/RSABlindingFactorGenerator.cs
@@ -21,20 +21,17 @@ namespace Org.BouncyCastle.Crypto.Generators
 		*
 		* @param param the necessary RSA key parameters.
 		*/
-		public void Init(
-			ICipherParameters param)
+		public void Init(ICipherParameters param)
 		{
-			if (param is ParametersWithRandom)
+			if (param is ParametersWithRandom rParam)
 			{
-				ParametersWithRandom rParam = (ParametersWithRandom)param;
-
 				key = (RsaKeyParameters)rParam.Parameters;
 				random = rParam.Random;
 			}
 			else
 			{
 				key = (RsaKeyParameters)param;
-				random = new SecureRandom();
+				random = CryptoServicesRegistrar.GetSecureRandom();
 			}
 
 			if (key.IsPrivate)
diff --git a/crypto/src/crypto/operators/Asn1CipherBuilder.cs b/crypto/src/crypto/operators/Asn1CipherBuilder.cs
index 0561bee4f..b151dfcc2 100644
--- a/crypto/src/crypto/operators/Asn1CipherBuilder.cs
+++ b/crypto/src/crypto/operators/Asn1CipherBuilder.cs
@@ -18,10 +18,7 @@ namespace Org.BouncyCastle.Crypto.Operators
 
         public Asn1CipherBuilderWithKey(DerObjectIdentifier encryptionOID, int keySize, SecureRandom random)
         {
-            if (random == null)
-            {
-                random = new SecureRandom();
-            }
+            random = CryptoServicesRegistrar.GetSecureRandom(random);
 
             CipherKeyGenerator keyGen = CipherKeyGeneratorFactory.CreateKeyGenerator(encryptionOID, random);
 
diff --git a/crypto/src/crypto/paddings/ISO10126d2Padding.cs b/crypto/src/crypto/paddings/ISO10126d2Padding.cs
index 317b5db8c..21e007f1b 100644
--- a/crypto/src/crypto/paddings/ISO10126d2Padding.cs
+++ b/crypto/src/crypto/paddings/ISO10126d2Padding.cs
@@ -21,7 +21,7 @@ namespace Org.BouncyCastle.Crypto.Paddings
 			SecureRandom random)
             //throws ArgumentException
         {
-			this.random = (random != null) ? random : new SecureRandom();
+            this.random = CryptoServicesRegistrar.GetSecureRandom(random);
         }
 
 		/**
diff --git a/crypto/src/crypto/parameters/ParametersWithRandom.cs b/crypto/src/crypto/parameters/ParametersWithRandom.cs
index e20ddd7ce..2fe885a8a 100644
--- a/crypto/src/crypto/parameters/ParametersWithRandom.cs
+++ b/crypto/src/crypto/parameters/ParametersWithRandom.cs
@@ -11,7 +11,7 @@ namespace Org.BouncyCastle.Crypto.Parameters
 		private readonly SecureRandom m_random;
 
         public ParametersWithRandom(ICipherParameters parameters)
-            : this(parameters, new SecureRandom())
+            : this(parameters, CryptoServicesRegistrar.GetSecureRandom())
         {
         }
 
diff --git a/crypto/src/crypto/prng/BasicEntropySourceProvider.cs b/crypto/src/crypto/prng/BasicEntropySourceProvider.cs
index 485cf25ab..5de1e4e5e 100644
--- a/crypto/src/crypto/prng/BasicEntropySourceProvider.cs
+++ b/crypto/src/crypto/prng/BasicEntropySourceProvider.cs
@@ -21,6 +21,9 @@ namespace Org.BouncyCastle.Crypto.Prng
          */
         public BasicEntropySourceProvider(SecureRandom secureRandom, bool isPredictionResistant)
         {
+            if (secureRandom == null)
+                throw new ArgumentNullException(nameof(secureRandom));
+
             mSecureRandom = secureRandom;
             mPredictionResistant = isPredictionResistant;
         }
@@ -46,6 +49,9 @@ namespace Org.BouncyCastle.Crypto.Prng
 
             internal BasicEntropySource(SecureRandom secureRandom, bool predictionResistant, int entropySize)
             {
+                if (secureRandom == null)
+                    throw new ArgumentNullException(nameof(secureRandom));
+
                 this.mSecureRandom = secureRandom;
                 this.mPredictionResistant = predictionResistant;
                 this.mEntropySize = entropySize;
diff --git a/crypto/src/crypto/prng/SP800SecureRandomBuilder.cs b/crypto/src/crypto/prng/SP800SecureRandomBuilder.cs
index 7199f1ae7..8159f4822 100644
--- a/crypto/src/crypto/prng/SP800SecureRandomBuilder.cs
+++ b/crypto/src/crypto/prng/SP800SecureRandomBuilder.cs
@@ -26,7 +26,7 @@ namespace Org.BouncyCastle.Crypto.Prng
          * </p>
          */
         public SP800SecureRandomBuilder()
-            : this(new SecureRandom(), false)
+            : this(CryptoServicesRegistrar.GetSecureRandom(), false)
         {
         }
 
@@ -42,6 +42,9 @@ namespace Org.BouncyCastle.Crypto.Prng
          */
         public SP800SecureRandomBuilder(SecureRandom entropySource, bool predictionResistant)
         {
+            if (entropySource == null)
+                throw new ArgumentNullException(nameof(entropySource));
+
             this.mRandom = entropySource;
             this.mEntropySourceProvider = new BasicEntropySourceProvider(entropySource, predictionResistant);
         }
diff --git a/crypto/src/crypto/prng/X931SecureRandomBuilder.cs b/crypto/src/crypto/prng/X931SecureRandomBuilder.cs
index 31e94312e..025eac1bb 100644
--- a/crypto/src/crypto/prng/X931SecureRandomBuilder.cs
+++ b/crypto/src/crypto/prng/X931SecureRandomBuilder.cs
@@ -23,7 +23,7 @@ namespace Org.BouncyCastle.Crypto.Prng
          * </p>
          */
         public X931SecureRandomBuilder()
-            : this(new SecureRandom(), false)
+            : this(CryptoServicesRegistrar.GetSecureRandom(), false)
         {
         }
 
@@ -39,6 +39,9 @@ namespace Org.BouncyCastle.Crypto.Prng
          */
         public X931SecureRandomBuilder(SecureRandom entropySource, bool predictionResistant)
         {
+            if (entropySource == null)
+                throw new ArgumentNullException(nameof(entropySource));
+
             this.mRandom = entropySource;
             this.mEntropySourceProvider = new BasicEntropySourceProvider(mRandom, predictionResistant);
         }
diff --git a/crypto/src/crypto/signers/DsaSigner.cs b/crypto/src/crypto/signers/DsaSigner.cs
index 7799edc0e..318eeeb48 100644
--- a/crypto/src/crypto/signers/DsaSigner.cs
+++ b/crypto/src/crypto/signers/DsaSigner.cs
@@ -155,7 +155,7 @@ namespace Org.BouncyCastle.Crypto.Signers
 
         protected virtual SecureRandom InitSecureRandom(bool needed, SecureRandom provided)
         {
-            return !needed ? null : (provided != null) ? provided : new SecureRandom();
+            return !needed ? null : CryptoServicesRegistrar.GetSecureRandom(provided);
         }
     }
 }
diff --git a/crypto/src/crypto/signers/ECDsaSigner.cs b/crypto/src/crypto/signers/ECDsaSigner.cs
index 590c3236b..d78e92516 100644
--- a/crypto/src/crypto/signers/ECDsaSigner.cs
+++ b/crypto/src/crypto/signers/ECDsaSigner.cs
@@ -239,7 +239,7 @@ namespace Org.BouncyCastle.Crypto.Signers
 
         protected virtual SecureRandom InitSecureRandom(bool needed, SecureRandom provided)
         {
-            return !needed ? null : (provided != null) ? provided : new SecureRandom();
+            return !needed ? null : CryptoServicesRegistrar.GetSecureRandom(provided);
         }
     }
 }
diff --git a/crypto/src/crypto/signers/ECGOST3410Signer.cs b/crypto/src/crypto/signers/ECGOST3410Signer.cs
index 2defa943f..fd5fa4818 100644
--- a/crypto/src/crypto/signers/ECGOST3410Signer.cs
+++ b/crypto/src/crypto/signers/ECGOST3410Signer.cs
@@ -37,7 +37,7 @@ namespace Org.BouncyCastle.Crypto.Signers
                 }
                 else
                 {
-                    this.random = new SecureRandom();
+                    this.random = CryptoServicesRegistrar.GetSecureRandom();
                 }
 
                 if (!(parameters is ECPrivateKeyParameters ecPrivateKeyParameters))
diff --git a/crypto/src/crypto/signers/ECNRSigner.cs b/crypto/src/crypto/signers/ECNRSigner.cs
index b22d7a977..d7790386a 100644
--- a/crypto/src/crypto/signers/ECNRSigner.cs
+++ b/crypto/src/crypto/signers/ECNRSigner.cs
@@ -24,24 +24,20 @@ namespace Org.BouncyCastle.Crypto.Signers
             get { return "ECNR"; }
         }
 
-        public virtual void Init(
-            bool				forSigning,
-            ICipherParameters	parameters)
+        public virtual void Init(bool forSigning, ICipherParameters parameters)
         {
             this.forSigning = forSigning;
 
             if (forSigning)
             {
-                if (parameters is ParametersWithRandom)
+                if (parameters is ParametersWithRandom rParam)
                 {
-                    ParametersWithRandom rParam = (ParametersWithRandom) parameters;
-
                     this.random = rParam.Random;
                     parameters = rParam.Parameters;
                 }
                 else
                 {
-                    this.random = new SecureRandom();
+                    this.random = CryptoServicesRegistrar.GetSecureRandom();
                 }
 
                 if (!(parameters is ECPrivateKeyParameters))
diff --git a/crypto/src/crypto/signers/GOST3410Signer.cs b/crypto/src/crypto/signers/GOST3410Signer.cs
index a0d8f8a1f..03aab0b04 100644
--- a/crypto/src/crypto/signers/GOST3410Signer.cs
+++ b/crypto/src/crypto/signers/GOST3410Signer.cs
@@ -21,22 +21,18 @@ namespace Org.BouncyCastle.Crypto.Signers
 			get { return "GOST3410"; }
 		}
 
-        public virtual void Init(
-			bool				forSigning,
-			ICipherParameters	parameters)
+        public virtual void Init(bool forSigning, ICipherParameters parameters)
 		{
 			if (forSigning)
 			{
-				if (parameters is ParametersWithRandom)
+				if (parameters is ParametersWithRandom rParam)
 				{
-					ParametersWithRandom rParam = (ParametersWithRandom)parameters;
-
 					this.random = rParam.Random;
 					parameters = rParam.Parameters;
 				}
 				else
 				{
-					this.random = new SecureRandom();
+					this.random = CryptoServicesRegistrar.GetSecureRandom();
 				}
 
 				if (!(parameters is Gost3410PrivateKeyParameters))
diff --git a/crypto/src/crypto/signers/Iso9796d2PssSigner.cs b/crypto/src/crypto/signers/Iso9796d2PssSigner.cs
index 573765c1a..72afabf4c 100644
--- a/crypto/src/crypto/signers/Iso9796d2PssSigner.cs
+++ b/crypto/src/crypto/signers/Iso9796d2PssSigner.cs
@@ -109,42 +109,36 @@ namespace Org.BouncyCastle.Crypto.Signers
         /// <exception cref="ArgumentException">if wrong parameter type or a fixed
         /// salt is passed in which is the wrong length.
         /// </exception>
-        public virtual void Init(
-            bool				forSigning,
-            ICipherParameters	parameters)
+        public virtual void Init(bool forSigning, ICipherParameters parameters)
         {
             RsaKeyParameters kParam;
-            if (parameters is ParametersWithRandom)
+            if (parameters is ParametersWithRandom withRandom)
             {
-                ParametersWithRandom p = (ParametersWithRandom) parameters;
-
-                kParam = (RsaKeyParameters) p.Parameters;
+                kParam = (RsaKeyParameters)withRandom.Parameters;
 
                 if (forSigning)
                 {
-                    random = p.Random;
+                    random = withRandom.Random;
                 }
             }
-            else if (parameters is ParametersWithSalt)
+            else if (parameters is ParametersWithSalt withSalt)
             {
                 if (!forSigning)
-                    throw new ArgumentException("ParametersWithSalt only valid for signing", "parameters");
-
-                ParametersWithSalt p = (ParametersWithSalt) parameters;
+                    throw new ArgumentException("ParametersWithSalt only valid for signing", nameof(parameters));
 
-                kParam = (RsaKeyParameters) p.Parameters;
-                standardSalt = p.GetSalt();
+                kParam = (RsaKeyParameters)withSalt.Parameters;
+                standardSalt = withSalt.GetSalt();
 
                 if (standardSalt.Length != saltLength)
                     throw new ArgumentException("Fixed salt is of wrong length");
             }
             else
             {
-                kParam = (RsaKeyParameters) parameters;
+                kParam = (RsaKeyParameters)parameters;
 
                 if (forSigning)
                 {
-                    random = new SecureRandom();
+                    random = CryptoServicesRegistrar.GetSecureRandom();
                 }
             }
 
diff --git a/crypto/src/crypto/signers/PssSigner.cs b/crypto/src/crypto/signers/PssSigner.cs
index 6d34e6edd..df73a7472 100644
--- a/crypto/src/crypto/signers/PssSigner.cs
+++ b/crypto/src/crypto/signers/PssSigner.cs
@@ -152,22 +152,18 @@ namespace Org.BouncyCastle.Crypto.Signers
 			get { return mgfDigest.AlgorithmName + "withRSAandMGF1"; }
 		}
 
-		public virtual void Init(
-			bool				forSigning,
-			ICipherParameters	parameters)
+		public virtual void Init(bool forSigning, ICipherParameters parameters)
 		{
-			if (parameters is ParametersWithRandom)
+			if (parameters is ParametersWithRandom withRandom)
 			{
-				ParametersWithRandom p = (ParametersWithRandom) parameters;
-
-				parameters = p.Parameters;
-				random = p.Random;
+				parameters = withRandom.Parameters;
+				random = withRandom.Random;
 			}
 			else
 			{
 				if (forSigning)
 				{
-					random = new SecureRandom();
+					random = CryptoServicesRegistrar.GetSecureRandom();
 				}
 			}
 
@@ -176,11 +172,11 @@ namespace Org.BouncyCastle.Crypto.Signers
 			RsaKeyParameters kParam;
 			if (parameters is RsaBlindingParameters)
 			{
-				kParam = ((RsaBlindingParameters) parameters).PublicKey;
+				kParam = ((RsaBlindingParameters)parameters).PublicKey;
 			}
 			else
 			{
-				kParam = (RsaKeyParameters) parameters;
+				kParam = (RsaKeyParameters)parameters;
 			}
 
 			emBits = kParam.Modulus.BitLength - 1;
diff --git a/crypto/src/crypto/signers/SM2Signer.cs b/crypto/src/crypto/signers/SM2Signer.cs
index 24aedd970..07b41bd30 100644
--- a/crypto/src/crypto/signers/SM2Signer.cs
+++ b/crypto/src/crypto/signers/SM2Signer.cs
@@ -72,10 +72,8 @@ namespace Org.BouncyCastle.Crypto.Signers
 
             if (forSigning)
             {
-                if (baseParam is ParametersWithRandom)
+                if (baseParam is ParametersWithRandom rParam)
                 {
-                    ParametersWithRandom rParam = (ParametersWithRandom)baseParam;
-
                     ecKey = (ECKeyParameters)rParam.Parameters;
                     ecParams = ecKey.Parameters;
                     kCalculator.Init(ecParams.N, rParam.Random);
@@ -84,7 +82,7 @@ namespace Org.BouncyCastle.Crypto.Signers
                 {
                     ecKey = (ECKeyParameters)baseParam;
                     ecParams = ecKey.Parameters;
-                    kCalculator.Init(ecParams.N, new SecureRandom());
+                    kCalculator.Init(ecParams.N, CryptoServicesRegistrar.GetSecureRandom());
                 }
                 pubPoint = CreateBasePointMultiplier().Multiply(ecParams.G, ((ECPrivateKeyParameters)ecKey).D).Normalize();
             }