diff options
| author | David Hook <dgh@cryptoworkshop.com> | 2020-04-18 18:31:37 +1000 |
|---|---|---|
| committer | David Hook <dgh@cryptoworkshop.com> | 2020-04-18 18:31:37 +1000 |
| commit | 8448146a59473218d8c2c96dd9e659ce7f15bc20 (patch) | |
| tree | cc51fda98f715c655e276e8f86ae283e3ac20710 | |
| parent | added extra key store (diff) | |
| download | BouncyCastle.NET-ed25519-8448146a59473218d8c2c96dd9e659ce7f15bc20.tar.xz | |
initial support for non-default PRF with PBKDF2
| -rw-r--r-- | crypto/src/asn1/misc/MiscObjectIdentifiers.cs | 2 | ||||
| -rw-r--r-- | crypto/src/security/DigestUtilities.cs | 11 | ||||
| -rw-r--r-- | crypto/src/security/MacUtilities.cs | 2 | ||||
| -rw-r--r-- | crypto/src/security/PbeUtilities.cs | 6 |
4 files changed, 18 insertions, 3 deletions
diff --git a/crypto/src/asn1/misc/MiscObjectIdentifiers.cs b/crypto/src/asn1/misc/MiscObjectIdentifiers.cs index 1ff19e737..9a817f5c3 100644 --- a/crypto/src/asn1/misc/MiscObjectIdentifiers.cs +++ b/crypto/src/asn1/misc/MiscObjectIdentifiers.cs @@ -52,6 +52,8 @@ namespace Org.BouncyCastle.Asn1.Misc public static readonly DerObjectIdentifier cast5CBC = new DerObjectIdentifier(Entrust+ ".66.10"); + public static readonly DerObjectIdentifier HMAC_SHA1 = new DerObjectIdentifier("1.3.6.1.5.5.8.1.2"); + // // Ascom // diff --git a/crypto/src/security/DigestUtilities.cs b/crypto/src/security/DigestUtilities.cs index a17a9abee..bf859b800 100644 --- a/crypto/src/security/DigestUtilities.cs +++ b/crypto/src/security/DigestUtilities.cs @@ -60,18 +60,25 @@ namespace Org.BouncyCastle.Security algorithms["SHA1"] = "SHA-1"; algorithms[OiwObjectIdentifiers.IdSha1.Id] = "SHA-1"; + algorithms[PkcsObjectIdentifiers.IdHmacWithSha1.Id] = "SHA-1"; + algorithms[MiscObjectIdentifiers.HMAC_SHA1.Id] = "SHA-1"; algorithms["SHA224"] = "SHA-224"; algorithms[NistObjectIdentifiers.IdSha224.Id] = "SHA-224"; + algorithms[PkcsObjectIdentifiers.IdHmacWithSha224.Id] = "SHA-224"; algorithms["SHA256"] = "SHA-256"; algorithms[NistObjectIdentifiers.IdSha256.Id] = "SHA-256"; + algorithms[PkcsObjectIdentifiers.IdHmacWithSha256.Id] = "SHA-256"; algorithms["SHA384"] = "SHA-384"; algorithms[NistObjectIdentifiers.IdSha384.Id] = "SHA-384"; + algorithms[PkcsObjectIdentifiers.IdHmacWithSha384.Id] = "SHA-384"; algorithms["SHA512"] = "SHA-512"; algorithms[NistObjectIdentifiers.IdSha512.Id] = "SHA-512"; + algorithms[PkcsObjectIdentifiers.IdHmacWithSha512.Id] = "SHA-512"; algorithms["SHA512/224"] = "SHA-512/224"; algorithms[NistObjectIdentifiers.IdSha512_224.Id] = "SHA-512/224"; algorithms["SHA512/256"] = "SHA-512/256"; algorithms[NistObjectIdentifiers.IdSha512_256.Id] = "SHA-512/256"; + algorithms[PkcsObjectIdentifiers.IdHmacWithSha1.Id] = "SHA-512/256"; algorithms["RIPEMD-128"] = "RIPEMD128"; algorithms[TeleTrusTObjectIdentifiers.RipeMD128.Id] = "RIPEMD128"; @@ -91,9 +98,13 @@ namespace Org.BouncyCastle.Security algorithms["KECCAK512"] = "KECCAK-512"; algorithms[NistObjectIdentifiers.IdSha3_224.Id] = "SHA3-224"; + algorithms[NistObjectIdentifiers.IdHMacWithSha3_224.Id] = "SHA3-224"; algorithms[NistObjectIdentifiers.IdSha3_256.Id] = "SHA3-256"; + algorithms[NistObjectIdentifiers.IdHMacWithSha3_256.Id] = "SHA3-256"; algorithms[NistObjectIdentifiers.IdSha3_384.Id] = "SHA3-384"; + algorithms[NistObjectIdentifiers.IdHMacWithSha3_384.Id] = "SHA3-384"; algorithms[NistObjectIdentifiers.IdSha3_512.Id] = "SHA3-512"; + algorithms[NistObjectIdentifiers.IdHMacWithSha3_512.Id] = "SHA3-512"; algorithms[NistObjectIdentifiers.IdShake128.Id] = "SHAKE128"; algorithms[NistObjectIdentifiers.IdShake256.Id] = "SHAKE256"; diff --git a/crypto/src/security/MacUtilities.cs b/crypto/src/security/MacUtilities.cs index a3bf8809f..f36fc6ae4 100644 --- a/crypto/src/security/MacUtilities.cs +++ b/crypto/src/security/MacUtilities.cs @@ -4,6 +4,7 @@ using System.Globalization; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Iana; +using Org.BouncyCastle.Asn1.Misc; using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.Rosstandart; @@ -35,6 +36,7 @@ namespace Org.BouncyCastle.Security algorithms[IanaObjectIdentifiers.HmacTiger.Id] = "HMAC-TIGER"; algorithms[PkcsObjectIdentifiers.IdHmacWithSha1.Id] = "HMAC-SHA1"; + algorithms[MiscObjectIdentifiers.HMAC_SHA1.Id] = "HMAC-SHA1"; algorithms[PkcsObjectIdentifiers.IdHmacWithSha224.Id] = "HMAC-SHA224"; algorithms[PkcsObjectIdentifiers.IdHmacWithSha256.Id] = "HMAC-SHA256"; algorithms[PkcsObjectIdentifiers.IdHmacWithSha384.Id] = "HMAC-SHA384"; diff --git a/crypto/src/security/PbeUtilities.cs b/crypto/src/security/PbeUtilities.cs index 33f31e5b4..ce47e38e5 100644 --- a/crypto/src/security/PbeUtilities.cs +++ b/crypto/src/security/PbeUtilities.cs @@ -217,7 +217,7 @@ namespace Org.BouncyCastle.Security } else if (type.Equals(Pkcs5S2)) { - generator = new Pkcs5S2ParametersGenerator(); + generator = new Pkcs5S2ParametersGenerator(digest); } else if (type.Equals(Pkcs12)) { @@ -404,8 +404,8 @@ namespace Org.BouncyCastle.Security DerObjectIdentifier encOid = encScheme.Algorithm; Asn1Object encParams = encScheme.Parameters.ToAsn1Object(); - // TODO What about s2p.KeyDerivationFunc.Algorithm? Pbkdf2Params pbeParams = Pbkdf2Params.GetInstance(s2p.KeyDerivationFunc.Parameters.ToAsn1Object()); + IDigest digest = DigestUtilities.GetDigest(pbeParams.Prf.Algorithm); byte[] iv; if (encOid.Equals(PkcsObjectIdentifiers.RC2Cbc)) // PKCS5.B.2.3 @@ -427,7 +427,7 @@ namespace Org.BouncyCastle.Security : GeneratorUtilities.GetDefaultKeySize(encOid); PbeParametersGenerator gen = MakePbeGenerator( - (string)algorithmType[mechanism], null, keyBytes, salt, iterationCount); + (string)algorithmType[mechanism], digest, keyBytes, salt, iterationCount); parameters = gen.GenerateDerivedParameters(encOid.Id, keyLength); |