summary refs log tree commit diff
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2023-07-26 13:47:16 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2023-07-26 13:47:16 +0700
commit8ce8a4d09d8e6cfb29e8ecbb96a354a3eed9c321 (patch)
treec367281f28b5a082f32f1e0d77d6a22d6b7cd779
parentCreate new API for algorithm finders (diff)
downloadBouncyCastle.NET-ed25519-8ce8a4d09d8e6cfb29e8ecbb96a354a3eed9c321.tar.xz
Refactor CMS helpers
-rw-r--r--crypto/src/cms/CMSEnvelopedHelper.cs9
-rw-r--r--crypto/src/cms/CMSSignedData.cs14
-rw-r--r--crypto/src/cms/CMSSignedDataGenerator.cs26
-rw-r--r--crypto/src/cms/CMSSignedDataParser.cs16
-rw-r--r--crypto/src/cms/CMSSignedDataStreamGenerator.cs20
-rw-r--r--crypto/src/cms/CMSSignedHelper.cs31
-rw-r--r--crypto/src/cms/CMSUtils.cs10
-rw-r--r--crypto/src/cms/EnvelopedDataHelper.cs90
-rw-r--r--crypto/src/cms/KEKRecipientInfoGenerator.cs5
-rw-r--r--crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs4
-rw-r--r--crypto/src/cms/OriginatorInformation.cs4
-rw-r--r--crypto/src/cms/PKCS5Scheme2PBEKey.cs2
-rw-r--r--crypto/src/cms/PKCS5Scheme2UTF8PBEKey.cs2
-rw-r--r--crypto/src/cms/PasswordRecipientInfoGenerator.cs7
-rw-r--r--crypto/src/cms/PasswordRecipientInformation.cs2
-rw-r--r--crypto/src/cms/SignerInformation.cs32
-rw-r--r--crypto/src/crypto/operators/Asn1CipherBuilder.cs3
-rw-r--r--crypto/src/crypto/operators/CmsContentEncryptorBuilder.cs5
-rw-r--r--crypto/src/tsp/TimeStampTokenGenerator.cs5
19 files changed, 85 insertions, 202 deletions
diff --git a/crypto/src/cms/CMSEnvelopedHelper.cs b/crypto/src/cms/CMSEnvelopedHelper.cs
index c623ec677..0cd7c208c 100644
--- a/crypto/src/cms/CMSEnvelopedHelper.cs
+++ b/crypto/src/cms/CMSEnvelopedHelper.cs
@@ -16,11 +16,8 @@ using Org.BouncyCastle.Utilities.IO;
 
 namespace Org.BouncyCastle.Cms
 {
-	// TODO[api] Make static
-	internal class CmsEnvelopedHelper
+    internal class CmsEnvelopedHelper
 	{
-		internal static readonly CmsEnvelopedHelper Instance = new CmsEnvelopedHelper();
-
 		private static readonly Dictionary<string, int> KeySizes = new Dictionary<string, int>();
 		private static readonly Dictionary<string, string> Rfc3211WrapperNames = new Dictionary<string, string>();
 
@@ -58,7 +55,7 @@ namespace Org.BouncyCastle.Cms
 			return new RecipientInformationStore(infos);
 		}
 
-        internal int GetKeySize(string oid)
+        internal static int GetKeySize(string oid)
         {
             if (oid == null)
                 throw new ArgumentNullException(nameof(oid));
@@ -69,7 +66,7 @@ namespace Org.BouncyCastle.Cms
             return keySize;
         }
 
-        internal string GetRfc3211WrapperName(string oid)
+        internal static string GetRfc3211WrapperName(string oid)
         {
             if (oid == null)
                 throw new ArgumentNullException(nameof(oid));
diff --git a/crypto/src/cms/CMSSignedData.cs b/crypto/src/cms/CMSSignedData.cs
index a14a4dadb..a19fe27ab 100644
--- a/crypto/src/cms/CMSSignedData.cs
+++ b/crypto/src/cms/CMSSignedData.cs
@@ -36,8 +36,6 @@ namespace Org.BouncyCastle.Cms
 	*/
 	public class CmsSignedData
 	{
-		private static readonly CmsSignedHelper Helper = CmsSignedHelper.Instance;
-
 		private readonly CmsProcessable	signedContent;
 		private SignedData				signedData;
 		private ContentInfo				contentInfo;
@@ -179,7 +177,7 @@ namespace Org.BouncyCastle.Cms
 		 */
 		public IStore<X509V2AttributeCertificate> GetAttributeCertificates()
 		{
-			return Helper.GetAttributeCertificates(signedData.Certificates);
+			return CmsSignedHelper.GetAttributeCertificates(signedData.Certificates);
 		}
 
 		/**
@@ -191,7 +189,7 @@ namespace Org.BouncyCastle.Cms
 		 */
 		public IStore<X509Certificate> GetCertificates()
 		{
-			return Helper.GetCertificates(signedData.Certificates);
+			return CmsSignedHelper.GetCertificates(signedData.Certificates);
 		}
 
 		/**
@@ -203,12 +201,12 @@ namespace Org.BouncyCastle.Cms
 		*/
 		public IStore<X509Crl> GetCrls()
 		{
-			return Helper.GetCrls(signedData.CRLs);
+			return CmsSignedHelper.GetCrls(signedData.CRLs);
 		}
 
         public IStore<Asn1Encodable> GetOtherRevInfos(DerObjectIdentifier otherRevInfoFormat)
 		{
-			return Helper.GetOtherRevInfos(signedData.CRLs, otherRevInfoFormat);
+			return CmsSignedHelper.GetOtherRevInfos(signedData.CRLs, otherRevInfoFormat);
 		}
 
         /**
@@ -294,7 +292,7 @@ namespace Org.BouncyCastle.Cms
 			IDigestAlgorithmFinder digestAlgorithmFinder)
 		{
 			ISet<AlgorithmIdentifier> digestAlgorithms = signedData.GetDigestAlgorithmIDs();
-			AlgorithmIdentifier digestAlg = Helper.FixDigestAlgID(digestAlgorithm, digestAlgorithmFinder);
+			AlgorithmIdentifier digestAlg = CmsSignedHelper.FixDigestAlgID(digestAlgorithm, digestAlgorithmFinder);
 
 			//
 			// if the algorithm is already present there is no need to add it.
@@ -314,7 +312,7 @@ namespace Org.BouncyCastle.Cms
 
             foreach (var entry in digestAlgs)
 			{
-				digestAlgs.Add(Helper.FixDigestAlgID(entry, digestAlgorithmFinder));
+				digestAlgs.Add(CmsSignedHelper.FixDigestAlgID(entry, digestAlgorithmFinder));
 			}
 			digestAlgs.Add(digestAlg);
 
diff --git a/crypto/src/cms/CMSSignedDataGenerator.cs b/crypto/src/cms/CMSSignedDataGenerator.cs
index 5a0d4a192..97b8526d5 100644
--- a/crypto/src/cms/CMSSignedDataGenerator.cs
+++ b/crypto/src/cms/CMSSignedDataGenerator.cs
@@ -37,8 +37,6 @@ namespace Org.BouncyCastle.Cms
     public class CmsSignedDataGenerator
         : CmsSignedGenerator
     {
-		private static readonly CmsSignedHelper Helper = CmsSignedHelper.Instance;
-
 		private readonly IList<SignerInf> signerInfs = new List<SignerInf>();
 
 		private class SignerInf
@@ -64,9 +62,9 @@ namespace Org.BouncyCastle.Cms
 	            CmsAttributeTableGenerator	unsAttr,
 	            Asn1.Cms.AttributeTable		baseSignedTable)
 	        {
-                string digestName = Helper.GetDigestAlgName(digestOid);
+                string digestName = CmsSignedHelper.GetDigestAlgName(digestOid);
 
-                string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOid);
+                string signatureName = digestName + "with" + CmsSignedHelper.GetEncryptionAlgName(encOid);
 
                 this.outer = outer;
                 this.sigCalc = new Asn1SignatureFactory(signatureName, key, random);
@@ -115,13 +113,13 @@ namespace Org.BouncyCastle.Cms
 			internal SignerInfo ToSignerInfo(DerObjectIdentifier contentType, CmsProcessable content)
             {
                 AlgorithmIdentifier digAlgId = DigestAlgorithmID;
-				string digestName = Helper.GetDigestAlgName(digestOid);
+				string digestName = CmsSignedHelper.GetDigestAlgName(digestOid);
 
-				string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOid);
+				string signatureName = digestName + "with" + CmsSignedHelper.GetEncryptionAlgName(encOid);
 
 				if (!outer.m_digests.TryGetValue(digestOid, out var hash))
                 {
-                    IDigest dig = Helper.GetDigestInstance(digestName);
+                    IDigest dig = CmsSignedHelper.GetDigestInstance(digestName);
                     if (content != null)
                     {
                         content.Write(new DigestSink(dig));
@@ -182,7 +180,7 @@ namespace Org.BouncyCastle.Cms
 
 				// TODO[RSAPSS] Need the ability to specify non-default parameters
 				Asn1Encodable sigX509Parameters = SignerUtilities.GetDefaultX509Parameters(signatureName);
-				AlgorithmIdentifier encAlgId = Helper.GetEncAlgorithmIdentifier(
+				AlgorithmIdentifier encAlgId = CmsSignedHelper.GetEncAlgorithmIdentifier(
 					new DerObjectIdentifier(encOid), sigX509Parameters);
 				
                 return new SignerInfo(signerIdentifier, digAlgId,
@@ -214,7 +212,7 @@ namespace Org.BouncyCastle.Cms
             X509Certificate			cert,
             string					digestOID)
         {
-        	AddSigner(privateKey, cert, Helper.GetEncOid(privateKey, digestOID), digestOID);
+        	AddSigner(privateKey, cert, CmsSignedHelper.GetEncOid(privateKey, digestOID), digestOID);
 		}
 
 		/**
@@ -245,7 +243,7 @@ namespace Org.BouncyCastle.Cms
 	        byte[]					subjectKeyID,
             string					digestOID)
 	    {
-			AddSigner(privateKey, subjectKeyID, Helper.GetEncOid(privateKey, digestOID), digestOID);
+			AddSigner(privateKey, subjectKeyID, CmsSignedHelper.GetEncOid(privateKey, digestOID), digestOID);
 	    }
 
 		/**
@@ -278,7 +276,7 @@ namespace Org.BouncyCastle.Cms
             Asn1.Cms.AttributeTable	signedAttr,
             Asn1.Cms.AttributeTable	unsignedAttr)
         {
-			AddSigner(privateKey, cert, Helper.GetEncOid(privateKey, digestOID), digestOID,
+			AddSigner(privateKey, cert, CmsSignedHelper.GetEncOid(privateKey, digestOID), digestOID,
 				signedAttr, unsignedAttr);
 		}
 
@@ -322,7 +320,7 @@ namespace Org.BouncyCastle.Cms
 			Asn1.Cms.AttributeTable	signedAttr,
 			Asn1.Cms.AttributeTable	unsignedAttr)
 		{
-			AddSigner(privateKey, subjectKeyID, Helper.GetEncOid(privateKey, digestOID), digestOID,
+			AddSigner(privateKey, subjectKeyID, CmsSignedHelper.GetEncOid(privateKey, digestOID), digestOID,
 				signedAttr, unsignedAttr); 
 		}
 
@@ -360,7 +358,7 @@ namespace Org.BouncyCastle.Cms
 			CmsAttributeTableGenerator	signedAttrGen,
 			CmsAttributeTableGenerator	unsignedAttrGen)
 		{
-			AddSigner(privateKey, cert, Helper.GetEncOid(privateKey, digestOID), digestOID,
+			AddSigner(privateKey, cert, CmsSignedHelper.GetEncOid(privateKey, digestOID), digestOID,
 				signedAttrGen, unsignedAttrGen);
 		}
 
@@ -389,7 +387,7 @@ namespace Org.BouncyCastle.Cms
 	        CmsAttributeTableGenerator	signedAttrGen,
 	        CmsAttributeTableGenerator	unsignedAttrGen)
 	    {
-			AddSigner(privateKey, subjectKeyID, Helper.GetEncOid(privateKey, digestOID), digestOID,
+			AddSigner(privateKey, subjectKeyID, CmsSignedHelper.GetEncOid(privateKey, digestOID), digestOID,
 				signedAttrGen, unsignedAttrGen);
 	    }
 
diff --git a/crypto/src/cms/CMSSignedDataParser.cs b/crypto/src/cms/CMSSignedDataParser.cs
index 8b02770d6..e8dd29686 100644
--- a/crypto/src/cms/CMSSignedDataParser.cs
+++ b/crypto/src/cms/CMSSignedDataParser.cs
@@ -55,8 +55,6 @@ namespace Org.BouncyCastle.Cms
 	public class CmsSignedDataParser
 		: CmsContentInfoParser
 	{
-		private static readonly CmsSignedHelper Helper = CmsSignedHelper.Instance;
-
 		private SignedDataParser        _signedData;
 		private DerObjectIdentifier		_signedContentType;
 		private CmsTypedStream          _signedContent;
@@ -117,11 +115,11 @@ namespace Org.BouncyCastle.Cms
 					try
 					{
                         string digestOid = id.Algorithm.Id;
-						string digestName = Helper.GetDigestAlgName(digestOid);
+						string digestName = CmsSignedHelper.GetDigestAlgName(digestOid);
 
 						if (!this.m_digests.ContainsKey(digestName))
 						{
-							this.m_digests[digestName] = Helper.GetDigestInstance(digestName);
+							this.m_digests[digestName] = CmsSignedHelper.GetDigestInstance(digestName);
 							this._digestOids.Add(digestOid);
 						}
 					}
@@ -208,7 +206,7 @@ namespace Org.BouncyCastle.Cms
 					while ((o = s.ReadObject()) != null)
 					{
 						SignerInfo info = SignerInfo.GetInstance(o.ToAsn1Object());
-						string digestName = Helper.GetDigestAlgName(info.DigestAlgorithm.Algorithm.Id);
+						string digestName = CmsSignedHelper.GetDigestAlgName(info.DigestAlgorithm.Algorithm.Id);
 
 						byte[] hash = hashes[digestName];
 
@@ -239,7 +237,7 @@ namespace Org.BouncyCastle.Cms
 		{
 			PopulateCertCrlSets();
 
-			return Helper.GetAttributeCertificates(_certSet);
+			return CmsSignedHelper.GetAttributeCertificates(_certSet);
 		}
 
 		/**
@@ -255,7 +253,7 @@ namespace Org.BouncyCastle.Cms
 		{
 			PopulateCertCrlSets();
 
-			return Helper.GetCertificates(_certSet);
+			return CmsSignedHelper.GetCertificates(_certSet);
 		}
 
 		/**
@@ -271,14 +269,14 @@ namespace Org.BouncyCastle.Cms
 		{
 			PopulateCertCrlSets();
 
-			return Helper.GetCrls(_crlSet);
+			return CmsSignedHelper.GetCrls(_crlSet);
 		}
 
         public IStore<Asn1Encodable> GetOtherRevInfos(DerObjectIdentifier otherRevInfoFormat)
         {
             PopulateCertCrlSets();
 
-            return Helper.GetOtherRevInfos(_crlSet, otherRevInfoFormat);
+            return CmsSignedHelper.GetOtherRevInfos(_crlSet, otherRevInfoFormat);
         }
 
         private void PopulateCertCrlSets()
diff --git a/crypto/src/cms/CMSSignedDataStreamGenerator.cs b/crypto/src/cms/CMSSignedDataStreamGenerator.cs
index ad82540eb..959bde10f 100644
--- a/crypto/src/cms/CMSSignedDataStreamGenerator.cs
+++ b/crypto/src/cms/CMSSignedDataStreamGenerator.cs
@@ -38,8 +38,6 @@ namespace Org.BouncyCastle.Cms
     public class CmsSignedDataStreamGenerator
         : CmsSignedGenerator
     {
-		private static readonly CmsSignedHelper Helper = CmsSignedHelper.Instance;
-
 		private readonly IList<DigestAndSignerInfoGeneratorHolder> _signerInfs =
 			new List<DigestAndSignerInfoGeneratorHolder>();
 		private readonly HashSet<string> _messageDigestOids = new HashSet<string>();
@@ -95,9 +93,9 @@ namespace Org.BouncyCastle.Cms
 				_encOID = encOID;
 				_sAttr = sAttr;
 				_unsAttr = unsAttr;
-				_encName = Helper.GetEncryptionAlgName(_encOID);
+				_encName = CmsSignedHelper.GetEncryptionAlgName(_encOID);
 
-				string digestName = Helper.GetDigestAlgName(_digestOID);
+				string digestName = CmsSignedHelper.GetDigestAlgName(_digestOID);
 				string signatureName = digestName + "with" + _encName;
 
 				if (_sAttr != null)
@@ -143,7 +141,7 @@ namespace Org.BouncyCastle.Cms
 			{
 				try
 				{
-					string digestName = Helper.GetDigestAlgName(_digestOID);
+					string digestName = CmsSignedHelper.GetDigestAlgName(_digestOID);
 					string signatureName = digestName + "with" + _encName;
 
 //					AlgorithmIdentifier digAlgId = DigestAlgorithmID;
@@ -210,7 +208,7 @@ namespace Org.BouncyCastle.Cms
 
 					// TODO[RSAPSS] Need the ability to specify non-default parameters
 					Asn1Encodable sigX509Parameters = SignerUtilities.GetDefaultX509Parameters(signatureName);
-					AlgorithmIdentifier digestEncryptionAlgorithm = Helper.GetEncAlgorithmIdentifier(
+					AlgorithmIdentifier digestEncryptionAlgorithm = CmsSignedHelper.GetEncAlgorithmIdentifier(
 						new DerObjectIdentifier(_encOID), sigX509Parameters);
 
 					return new SignerInfo(_signerIdentifier, digestAlgorithm,
@@ -341,7 +339,7 @@ namespace Org.BouncyCastle.Cms
 			CmsAttributeTableGenerator  signedAttrGenerator,
 			CmsAttributeTableGenerator  unsignedAttrGenerator)
 		{
-			AddSigner(privateKey, cert, Helper.GetEncOid(privateKey, digestOid), digestOid,
+			AddSigner(privateKey, cert, CmsSignedHelper.GetEncOid(privateKey, digestOid), digestOid,
 				signedAttrGenerator, unsignedAttrGenerator);
         }
 
@@ -414,7 +412,7 @@ namespace Org.BouncyCastle.Cms
 			CmsAttributeTableGenerator	signedAttrGenerator,
 			CmsAttributeTableGenerator	unsignedAttrGenerator)
 		{
-			AddSigner(privateKey, subjectKeyID, Helper.GetEncOid(privateKey, digestOid),
+			AddSigner(privateKey, subjectKeyID, CmsSignedHelper.GetEncOid(privateKey, digestOid),
 				digestOid, signedAttrGenerator, unsignedAttrGenerator);
 		}
 
@@ -605,14 +603,14 @@ namespace Org.BouncyCastle.Cms
 		{
        		RegisterDigestOid(digestOid);
 
-       		string digestName = Helper.GetDigestAlgName(digestOid);
+       		string digestName = CmsSignedHelper.GetDigestAlgName(digestOid);
 
 			if (!m_messageDigests.ContainsKey(digestName))
 			{
 				if (_messageDigestsLocked)
 					throw new InvalidOperationException("Cannot configure new digests after the data stream is opened");
 
-            	m_messageDigests[digestName] = Helper.GetDigestInstance(digestName);
+            	m_messageDigests[digestName] = CmsSignedHelper.GetDigestInstance(digestName);
             }
 		}
 
@@ -867,7 +865,7 @@ namespace Org.BouncyCastle.Cms
                         AlgorithmIdentifier digestAlgorithm = holder.DigestAlgorithm;
 
                         byte[] calculatedDigest = outer.m_messageHashes[
-                            Helper.GetDigestAlgName(holder.digestOID)];
+                            CmsSignedHelper.GetDigestAlgName(holder.digestOID)];
                         outer.m_digests[holder.digestOID] = (byte[])calculatedDigest.Clone();
 
                         signerInfos.Add(holder.signerInf.Generate(_contentOID, digestAlgorithm, calculatedDigest));
diff --git a/crypto/src/cms/CMSSignedHelper.cs b/crypto/src/cms/CMSSignedHelper.cs
index 00b16dbc7..6ca764892 100644
--- a/crypto/src/cms/CMSSignedHelper.cs
+++ b/crypto/src/cms/CMSSignedHelper.cs
@@ -21,10 +21,8 @@ using Org.BouncyCastle.X509;
 
 namespace Org.BouncyCastle.Cms
 {
-    internal class CmsSignedHelper
+    internal static class CmsSignedHelper
     {
-        internal static readonly CmsSignedHelper Instance = new CmsSignedHelper();
-
         private static readonly string EncryptionECDsaWithSha1 = X9ObjectIdentifiers.ECDsaWithSha1.Id;
         private static readonly string EncryptionECDsaWithSha224 = X9ObjectIdentifiers.ECDsaWithSha224.Id;
         private static readonly string EncryptionECDsaWithSha256 = X9ObjectIdentifiers.ECDsaWithSha256.Id;
@@ -149,12 +147,12 @@ namespace Org.BouncyCastle.Cms
         * Return the digest algorithm using one of the standard JCA string
         * representations rather than the algorithm identifier (if possible).
         */
-		internal string GetDigestAlgName(string digestAlgOid)
+		internal static string GetDigestAlgName(string digestAlgOid)
         {
             return CollectionUtilities.GetValueOrKey(m_digestAlgs, digestAlgOid);
         }
 
-        internal AlgorithmIdentifier GetEncAlgorithmIdentifier(DerObjectIdentifier encOid,
+        internal static AlgorithmIdentifier GetEncAlgorithmIdentifier(DerObjectIdentifier encOid,
 			Asn1Encodable sigX509Parameters)
 		{
 			if (m_noParams.Contains(encOid.Id))
@@ -165,7 +163,7 @@ namespace Org.BouncyCastle.Cms
 			return new AlgorithmIdentifier(encOid, sigX509Parameters);
 		}
 
-		internal string[] GetDigestAliases(string algName)
+		internal static string[] GetDigestAliases(string algName)
 		{
 			return m_digestAliases.TryGetValue(algName, out var aliases) ? (string[])aliases.Clone() : new string[0];
 		}
@@ -175,13 +173,12 @@ namespace Org.BouncyCastle.Cms
         * JCA string representations rather than the algorithm identifier (if
         * possible).
         */
-        internal string GetEncryptionAlgName(string encryptionAlgOid)
+        internal static string GetEncryptionAlgName(string encryptionAlgOid)
         {
             return CollectionUtilities.GetValueOrKey(m_encryptionAlgs, encryptionAlgOid);
         }
 
-        internal IDigest GetDigestInstance(
-			string algorithm)
+        internal static IDigest GetDigestInstance(string algorithm)
 		{
 			try
 			{
@@ -200,12 +197,12 @@ namespace Org.BouncyCastle.Cms
 			}
 		}
 
-		internal ISigner GetSignatureInstance(string algorithm)
+		internal static ISigner GetSignatureInstance(string algorithm)
 		{
 			return SignerUtilities.GetSigner(algorithm);
 		}
 
-        internal AlgorithmIdentifier FixDigestAlgID(AlgorithmIdentifier algID,
+        internal static AlgorithmIdentifier FixDigestAlgID(AlgorithmIdentifier algID,
 			IDigestAlgorithmFinder digestAlgorithmFinder)
         {
             var parameters = algID.Parameters;
@@ -215,9 +212,7 @@ namespace Org.BouncyCastle.Cms
             return algID;
         }
 
-        internal string GetEncOid(
-            AsymmetricKeyParameter key,
-            string digestOID)
+        internal static string GetEncOid(AsymmetricKeyParameter key, string digestOID)
         {
             string encOID = null;
 
@@ -298,7 +293,7 @@ namespace Org.BouncyCastle.Cms
             return encOID;
         }
 
-		internal IStore<X509V2AttributeCertificate> GetAttributeCertificates(Asn1Set attrCertSet)
+		internal static IStore<X509V2AttributeCertificate> GetAttributeCertificates(Asn1Set attrCertSet)
 		{
 			var contents = new List<X509V2AttributeCertificate>();
 			if (attrCertSet != null)
@@ -319,7 +314,7 @@ namespace Org.BouncyCastle.Cms
 			return CollectionUtilities.CreateStore(contents);
 		}
 
-		internal IStore<X509Certificate> GetCertificates(Asn1Set certSet)
+		internal static IStore<X509Certificate> GetCertificates(Asn1Set certSet)
 		{
 			var contents = new List<X509Certificate>();
 			if (certSet != null)
@@ -342,7 +337,7 @@ namespace Org.BouncyCastle.Cms
 			return CollectionUtilities.CreateStore(contents);
 		}
 
-		internal IStore<X509Crl> GetCrls(Asn1Set crlSet)
+		internal static IStore<X509Crl> GetCrls(Asn1Set crlSet)
 		{
 			var contents = new List<X509Crl>();
 			if (crlSet != null)
@@ -365,7 +360,7 @@ namespace Org.BouncyCastle.Cms
 			return CollectionUtilities.CreateStore(contents);
 		}
 
-        internal IStore<Asn1Encodable> GetOtherRevInfos(Asn1Set crlSet, DerObjectIdentifier otherRevInfoFormat)
+        internal static IStore<Asn1Encodable> GetOtherRevInfos(Asn1Set crlSet, DerObjectIdentifier otherRevInfoFormat)
         {
             var contents = new List<Asn1Encodable>();
             if (crlSet != null && otherRevInfoFormat != null)
diff --git a/crypto/src/cms/CMSUtils.cs b/crypto/src/cms/CMSUtils.cs
index 15681a318..06d191d6e 100644
--- a/crypto/src/cms/CMSUtils.cs
+++ b/crypto/src/cms/CMSUtils.cs
@@ -154,24 +154,22 @@ namespace Org.BouncyCastle.Cms
         internal static void AddDigestAlgs(Asn1EncodableVector digestAlgs, SignerInformation signer,
             IDigestAlgorithmFinder digestAlgorithmFinder)
         {
-            var helper = CmsSignedHelper.Instance;
-            digestAlgs.Add(helper.FixDigestAlgID(signer.DigestAlgorithmID, digestAlgorithmFinder));
+            digestAlgs.Add(CmsSignedHelper.FixDigestAlgID(signer.DigestAlgorithmID, digestAlgorithmFinder));
             SignerInformationStore counterSignaturesStore = signer.GetCounterSignatures();
             foreach (var counterSigner in counterSignaturesStore)
             {
-                digestAlgs.Add(helper.FixDigestAlgID(counterSigner.DigestAlgorithmID, digestAlgorithmFinder));
+                digestAlgs.Add(CmsSignedHelper.FixDigestAlgID(counterSigner.DigestAlgorithmID, digestAlgorithmFinder));
             }
         }
 
         internal static void AddDigestAlgs(ISet<AlgorithmIdentifier> digestAlgs, SignerInformation signer,
             IDigestAlgorithmFinder digestAlgorithmFinder)
         {
-			var helper = CmsSignedHelper.Instance;
-            digestAlgs.Add(helper.FixDigestAlgID(signer.DigestAlgorithmID, digestAlgorithmFinder));
+            digestAlgs.Add(CmsSignedHelper.FixDigestAlgID(signer.DigestAlgorithmID, digestAlgorithmFinder));
             SignerInformationStore counterSignaturesStore = signer.GetCounterSignatures();
 			foreach (var counterSigner in counterSignaturesStore)
 			{
-                digestAlgs.Add(helper.FixDigestAlgID(counterSigner.DigestAlgorithmID, digestAlgorithmFinder));
+                digestAlgs.Add(CmsSignedHelper.FixDigestAlgID(counterSigner.DigestAlgorithmID, digestAlgorithmFinder));
             }
         }
 
diff --git a/crypto/src/cms/EnvelopedDataHelper.cs b/crypto/src/cms/EnvelopedDataHelper.cs
deleted file mode 100644
index 9dcfe033b..000000000
--- a/crypto/src/cms/EnvelopedDataHelper.cs
+++ /dev/null
@@ -1,90 +0,0 @@
-
-using Org.BouncyCastle.Asn1;
-using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Crypto.Parameters;
-using Org.BouncyCastle.Crypto.Utilities;
-using Org.BouncyCastle.Security;
-
-namespace Org.BouncyCastle.Cms
-{
-    internal class EnvelopedDataHelper
-    {
-        //private static readonly IDictionary<DerObjectIdentifier, string> BaseCipherNames =
-        //    new Dictionary<DerObjectIdentifier, string>();
-        //private static readonly IDictionary<DerObjectIdentifier, string> MacAlgNames =
-        //    new Dictionary<DerObjectIdentifier, string>();
-        //private static readonly IDictionary<DerObjectIdentifier, string> PrfDigests =
-        //    new Dictionary<DerObjectIdentifier, string>();
-
-        //static EnvelopedDataHelper()
-        //{
-        //    PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha1, "SHA-1");
-        //    PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha224, "SHA-224");
-        //    PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha256, "SHA-256");
-        //    PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha384, "SHA-384");
-        //    PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha512, "SHA-512");
-
-        //    BaseCipherNames.Add(PkcsObjectIdentifiers.DesEde3Cbc, "DESEDE");
-        //    BaseCipherNames.Add(NistObjectIdentifiers.IdAes128Cbc, "AES");
-        //    BaseCipherNames.Add(NistObjectIdentifiers.IdAes192Cbc, "AES");
-        //    BaseCipherNames.Add(NistObjectIdentifiers.IdAes256Cbc, "AES");
-
-        //    MacAlgNames.Add(PkcsObjectIdentifiers.DesEde3Cbc, "DESEDEMac");
-        //    MacAlgNames.Add(NistObjectIdentifiers.IdAes128Cbc, "AESMac");
-        //    MacAlgNames.Add(NistObjectIdentifiers.IdAes192Cbc, "AESMac");
-        //    MacAlgNames.Add(NistObjectIdentifiers.IdAes256Cbc, "AESMac");
-        //    MacAlgNames.Add(PkcsObjectIdentifiers.RC2Cbc, "RC2Mac");
-        //}
-
-        //internal static IDigest GetPrf(AlgorithmIdentifier algID)
-        //{
-        //    string digestName = (string)PrfDigests[algID];
-
-        //    return DigestUtilities.GetDigest(digestName);
-        //}
-
-        //internal static IWrapper CreateRfc3211Wrapper(DerObjectIdentifier algorithm)
-        //{
-        //    if (NistObjectIdentifiers.IdAes128Cbc.Equals(algorithm)
-        //        || NistObjectIdentifiers.IdAes192Cbc.Equals(algorithm)
-        //        || NistObjectIdentifiers.IdAes256Cbc.Equals(algorithm))
-        //    {
-        //        return new Rfc3211WrapEngine(AesUtilities.CreateEngine());
-        //    }
-        //    else if (PkcsObjectIdentifiers.DesEde3Cbc.Equals(algorithm))
-        //    {
-        //        return new Rfc3211WrapEngine(new DesEdeEngine());
-        //    }
-        //    else if (OiwObjectIdentifiers.DesCbc.Equals(algorithm))
-        //    {
-        //        return new Rfc3211WrapEngine(new DesEngine());
-        //    }
-        //    else if (PkcsObjectIdentifiers.RC2Cbc.Equals(algorithm))
-        //    {
-        //        return new Rfc3211WrapEngine(new RC2Engine());
-        //    }
-        //    else
-        //    {
-        //        throw new CmsException("cannot recognise wrapper: " + algorithm);
-        //    }
-        //}
-
-        public static object CreateContentCipher(bool forEncryption, ICipherParameters encKey,
-             AlgorithmIdentifier encryptionAlgID)
-        {
-            return CipherFactory.CreateContentCipher(forEncryption, encKey, encryptionAlgID);
-        }
-
-        public AlgorithmIdentifier GenerateEncryptionAlgID(DerObjectIdentifier encryptionOID, KeyParameter encKey,
-            SecureRandom random)
-        {
-            return AlgorithmIdentifierFactory.GenerateEncryptionAlgID(encryptionOID, encKey.KeyLength * 8, random);
-        }
-
-        public CipherKeyGenerator CreateKeyGenerator(DerObjectIdentifier algorithm, SecureRandom random)
-        {
-            return CipherKeyGeneratorFactory.CreateKeyGenerator(algorithm, random);
-        }
-    }
-}
diff --git a/crypto/src/cms/KEKRecipientInfoGenerator.cs b/crypto/src/cms/KEKRecipientInfoGenerator.cs
index 2b8524dc6..8acf0c248 100644
--- a/crypto/src/cms/KEKRecipientInfoGenerator.cs
+++ b/crypto/src/cms/KEKRecipientInfoGenerator.cs
@@ -14,10 +14,9 @@ using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Cms
 {
-	internal class KekRecipientInfoGenerator : RecipientInfoGenerator
+    internal class KekRecipientInfoGenerator
+		: RecipientInfoGenerator
 	{
-		private static readonly CmsEnvelopedHelper Helper = CmsEnvelopedHelper.Instance;
-
 		private KeyParameter	keyEncryptionKey;
 		// TODO Can get this from keyEncryptionKey?		
 		private string			keyEncryptionKeyOID;
diff --git a/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs b/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs
index fc1554205..37bd1f770 100644
--- a/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs
+++ b/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs
@@ -14,11 +14,9 @@ using Org.BouncyCastle.X509;
 
 namespace Org.BouncyCastle.Cms
 {
-	internal class KeyAgreeRecipientInfoGenerator
+    internal class KeyAgreeRecipientInfoGenerator
 		: RecipientInfoGenerator
 	{
-		private static readonly CmsEnvelopedHelper Helper = CmsEnvelopedHelper.Instance;
-
         private readonly List<KeyAgreeRecipientIdentifier> m_recipientIDs = new List<KeyAgreeRecipientIdentifier>();
         private readonly List<AsymmetricKeyParameter> m_recipientKeys = new List<AsymmetricKeyParameter>();
 
diff --git a/crypto/src/cms/OriginatorInformation.cs b/crypto/src/cms/OriginatorInformation.cs
index 6307cbc1f..44dd63a47 100644
--- a/crypto/src/cms/OriginatorInformation.cs
+++ b/crypto/src/cms/OriginatorInformation.cs
@@ -22,7 +22,7 @@ namespace Org.BouncyCastle.Cms
 		*/
 		public virtual IStore<X509Certificate> GetCertificates()
 		{
-			return CmsSignedHelper.Instance.GetCertificates(originatorInfo.Certificates);
+			return CmsSignedHelper.GetCertificates(originatorInfo.Certificates);
 		}
 
 		/**
@@ -32,7 +32,7 @@ namespace Org.BouncyCastle.Cms
 		*/
 		public virtual IStore<X509Crl> GetCrls()
 		{
-			return CmsSignedHelper.Instance.GetCrls(originatorInfo.Crls);
+			return CmsSignedHelper.GetCrls(originatorInfo.Crls);
 		}
 
 		/**
diff --git a/crypto/src/cms/PKCS5Scheme2PBEKey.cs b/crypto/src/cms/PKCS5Scheme2PBEKey.cs
index 78238292d..df6323d84 100644
--- a/crypto/src/cms/PKCS5Scheme2PBEKey.cs
+++ b/crypto/src/cms/PKCS5Scheme2PBEKey.cs
@@ -53,7 +53,7 @@ namespace Org.BouncyCastle.Cms
 
 			return (KeyParameter) gen.GenerateDerivedParameters(
 				algorithmOid,
-				CmsEnvelopedHelper.Instance.GetKeySize(algorithmOid));
+				CmsEnvelopedHelper.GetKeySize(algorithmOid));
 		}
 	}
 }
diff --git a/crypto/src/cms/PKCS5Scheme2UTF8PBEKey.cs b/crypto/src/cms/PKCS5Scheme2UTF8PBEKey.cs
index 68eff7b44..bde3e5a73 100644
--- a/crypto/src/cms/PKCS5Scheme2UTF8PBEKey.cs
+++ b/crypto/src/cms/PKCS5Scheme2UTF8PBEKey.cs
@@ -53,7 +53,7 @@ namespace Org.BouncyCastle.Cms
 
 			return (KeyParameter) gen.GenerateDerivedParameters(
 				algorithmOid,
-				CmsEnvelopedHelper.Instance.GetKeySize(algorithmOid));
+				CmsEnvelopedHelper.GetKeySize(algorithmOid));
 		}
 	}
 }
diff --git a/crypto/src/cms/PasswordRecipientInfoGenerator.cs b/crypto/src/cms/PasswordRecipientInfoGenerator.cs
index 1243bea9f..d3faa1bf0 100644
--- a/crypto/src/cms/PasswordRecipientInfoGenerator.cs
+++ b/crypto/src/cms/PasswordRecipientInfoGenerator.cs
@@ -11,10 +11,9 @@ using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Cms
 {
-	internal class PasswordRecipientInfoGenerator : RecipientInfoGenerator
+	internal class PasswordRecipientInfoGenerator
+		: RecipientInfoGenerator
 	{
-		private static readonly CmsEnvelopedHelper Helper = CmsEnvelopedHelper.Instance;
-
 		private AlgorithmIdentifier	keyDerivationAlgorithm;
 		private KeyParameter		keyEncryptionKey;
 		// TODO Can get this from keyEncryptionKey?		
@@ -43,7 +42,7 @@ namespace Org.BouncyCastle.Cms
 		{
 			byte[] keyBytes = contentEncryptionKey.GetKey();
 
-			string rfc3211WrapperName = Helper.GetRfc3211WrapperName(keyEncryptionKeyOID);
+			string rfc3211WrapperName = CmsEnvelopedHelper.GetRfc3211WrapperName(keyEncryptionKeyOID);
 			IWrapper keyWrapper = WrapperUtilities.GetWrapper(rfc3211WrapperName);
 
 			// Note: In Java build, the IV is automatically generated in JCE layer
diff --git a/crypto/src/cms/PasswordRecipientInformation.cs b/crypto/src/cms/PasswordRecipientInformation.cs
index ff4a20d68..23447a25e 100644
--- a/crypto/src/cms/PasswordRecipientInformation.cs
+++ b/crypto/src/cms/PasswordRecipientInformation.cs
@@ -51,7 +51,7 @@ namespace Org.BouncyCastle.Cms
 				Asn1Sequence        kekAlgParams = (Asn1Sequence)kekAlg.Parameters;
 				byte[]              encryptedKey = info.EncryptedKey.GetOctets();
 				string              kekAlgName = DerObjectIdentifier.GetInstance(kekAlgParams[0]).Id;
-				string				cName = CmsEnvelopedHelper.Instance.GetRfc3211WrapperName(kekAlgName);
+				string				cName = CmsEnvelopedHelper.GetRfc3211WrapperName(kekAlgName);
 				IWrapper			keyWrapper = WrapperUtilities.GetWrapper(cName);
 
                 var iv = Asn1OctetString.GetInstance(kekAlgParams[1]);
diff --git a/crypto/src/cms/SignerInformation.cs b/crypto/src/cms/SignerInformation.cs
index 488e3e425..44594451d 100644
--- a/crypto/src/cms/SignerInformation.cs
+++ b/crypto/src/cms/SignerInformation.cs
@@ -15,13 +15,11 @@ using Org.BouncyCastle.X509;
 
 namespace Org.BouncyCastle.Cms
 {
-	/**
+    /**
 	* an expanded SignerInfo block from a CMS Signed message
 	*/
-	public class SignerInformation
+    public class SignerInformation
 	{
-		private static readonly CmsSignedHelper Helper = CmsSignedHelper.Instance;
-
 		private SignerID			sid;
 
 		private CmsProcessable		content;
@@ -300,8 +298,8 @@ namespace Org.BouncyCastle.Cms
 					*/
 					SignerInfo si = SignerInfo.GetInstance(asn1Obj.ToAsn1Object());
 
-                    string digestName = CmsSignedHelper.Instance.GetDigestAlgName(si.DigestAlgorithm.Algorithm.Id);
-                    IDigest digest = CmsSignedHelper.Instance.GetDigestInstance(digestName);
+                    string digestName = CmsSignedHelper.GetDigestAlgName(si.DigestAlgorithm.Algorithm.Id);
+                    IDigest digest = CmsSignedHelper.GetDigestInstance(digestName);
                     byte[] hash = DigestUtilities.DoFinal(digest, GetSignature());
 
 					counterSignatures.Add(new SignerInformation(si, null, null, hash));
@@ -327,14 +325,14 @@ namespace Org.BouncyCastle.Cms
 		{
 			DerObjectIdentifier sigAlgOid = this.encryptionAlgorithm.Algorithm;
 			Asn1Encodable sigParams = this.encryptionAlgorithm.Parameters;
-			string digestName = Helper.GetDigestAlgName(this.EncryptionAlgOid);
+			string digestName = CmsSignedHelper.GetDigestAlgName(this.EncryptionAlgOid);
 
 			if (digestName.Equals(sigAlgOid.Id))
 			{
-				digestName = Helper.GetDigestAlgName(this.DigestAlgOid);
+				digestName = CmsSignedHelper.GetDigestAlgName(this.DigestAlgOid);
 			}
 			
-			IDigest digest = Helper.GetDigestInstance(digestName);
+			IDigest digest = CmsSignedHelper.GetDigestInstance(digestName);
 			ISigner sig;
 
 			if (sigAlgOid.Equals(Asn1.Pkcs.PkcsObjectIdentifiers.IdRsassaPss))
@@ -388,15 +386,15 @@ namespace Org.BouncyCastle.Cms
 				//				if (sigParams != null)
 				//					throw new CmsException("unrecognised signature parameters provided");
 
-				string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(this.EncryptionAlgOid);
+				string signatureName = digestName + "with" + CmsSignedHelper.GetEncryptionAlgName(this.EncryptionAlgOid);
 
-                sig = Helper.GetSignatureInstance(signatureName);
+                sig = CmsSignedHelper.GetSignatureInstance(signatureName);
 
-                //sig = Helper.GetSignatureInstance(this.EncryptionAlgOid);
-                //sig = Helper.GetSignatureInstance(sigAlgOid);
-			}
+                //sig = CmsSignedHelper.GetSignatureInstance(this.EncryptionAlgOid);
+                //sig = CmsSignedHelper.GetSignatureInstance(sigAlgOid);
+            }
 
-			try
+            try
 			{
 				if (calculatedDigest != null)
 				{
@@ -569,7 +567,7 @@ namespace Org.BouncyCastle.Cms
 			AsymmetricKeyParameter	key,
 			byte[]					signature)
 		{
-			string algorithm = Helper.GetEncryptionAlgName(this.EncryptionAlgOid);
+			string algorithm = CmsSignedHelper.GetEncryptionAlgName(this.EncryptionAlgOid);
 
 			try
 			{
@@ -599,7 +597,7 @@ namespace Org.BouncyCastle.Cms
 				}
 				else if (algorithm.Equals("DSA"))
 				{
-					ISigner sig = Helper.GetSignatureInstance("NONEwithDSA");
+					ISigner sig = CmsSignedHelper.GetSignatureInstance("NONEwithDSA");
 
 					sig.Init(false, key);
 
diff --git a/crypto/src/crypto/operators/Asn1CipherBuilder.cs b/crypto/src/crypto/operators/Asn1CipherBuilder.cs
index 9baca94c2..af8f854d0 100644
--- a/crypto/src/crypto/operators/Asn1CipherBuilder.cs
+++ b/crypto/src/crypto/operators/Asn1CipherBuilder.cs
@@ -3,7 +3,6 @@ using System.IO;
 
 using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Cms;
 using Org.BouncyCastle.Crypto.IO;
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Crypto.Utilities;
@@ -38,7 +37,7 @@ namespace Org.BouncyCastle.Crypto.Operators
 
         public ICipher BuildCipher(Stream stream)
         {
-            object cipher = EnvelopedDataHelper.CreateContentCipher(true, encKey, algorithmIdentifier);
+            object cipher = CipherFactory.CreateContentCipher(true, encKey, algorithmIdentifier);
 
             //
             // BufferedBlockCipher
diff --git a/crypto/src/crypto/operators/CmsContentEncryptorBuilder.cs b/crypto/src/crypto/operators/CmsContentEncryptorBuilder.cs
index 1dd9edf1c..7b0c8b378 100644
--- a/crypto/src/crypto/operators/CmsContentEncryptorBuilder.cs
+++ b/crypto/src/crypto/operators/CmsContentEncryptorBuilder.cs
@@ -1,10 +1,8 @@
-using System;
-using System.Collections.Generic;
+using System.Collections.Generic;
 
 using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Nist;
 using Org.BouncyCastle.Asn1.Ntt;
-using Org.BouncyCastle.Cms;
 using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Crypto.Operators;
 
@@ -34,7 +32,6 @@ namespace Org.BouncyCastle.Operators
         private readonly DerObjectIdentifier encryptionOID;
         private readonly int keySize;
 
-        private readonly EnvelopedDataHelper helper = new EnvelopedDataHelper();
         //private SecureRandom random;
 
         public CmsContentEncryptorBuilder(DerObjectIdentifier encryptionOID)
diff --git a/crypto/src/tsp/TimeStampTokenGenerator.cs b/crypto/src/tsp/TimeStampTokenGenerator.cs
index c2aae37e2..986ae33dd 100644
--- a/crypto/src/tsp/TimeStampTokenGenerator.cs
+++ b/crypto/src/tsp/TimeStampTokenGenerator.cs
@@ -187,8 +187,9 @@ namespace Org.BouncyCastle.Tsp
             //    throw new TspException("Can't find a SHA-1 implementation.", e);
             //}
 
-            string digestName = CmsSignedHelper.Instance.GetDigestAlgName(digestOID);
-            string signatureName = digestName + "with" + CmsSignedHelper.Instance.GetEncryptionAlgName(CmsSignedHelper.Instance.GetEncOid(key, digestOID));
+            string digestName = CmsSignedHelper.GetDigestAlgName(digestOID);
+            string signatureName = digestName + "with"
+                + CmsSignedHelper.GetEncryptionAlgName(CmsSignedHelper.GetEncOid(key, digestOID));
 
             Asn1SignatureFactory sigfact = new Asn1SignatureFactory(signatureName, key);
             return new SignerInfoGeneratorBuilder()