completed copy constructor in SignerInformation, fixed mutable issue for SET in ASN1Encodable

author: David Hook <dgh@cryptoworkshop.com> 2021-10-08 17:02:10 +1100
committer: David Hook <dgh@cryptoworkshop.com> 2021-10-08 17:02:10 +1100
commit: 875bf434eceb99193d109d94ec16212b8ff0618e (patch)
tree: ae0a15d169a0a168a4bcb7e0d4c17a9f1e3a71ab
parent: added explicit sorting of DER encoded SET (diff)
download: BouncyCastle.NET-ed25519-875bf434eceb99193d109d94ec16212b8ff0618e.tar.xz
3 files changed, 32 insertions, 18 deletions
diff --git a/crypto/src/asn1/Asn1Encodable.cs b/crypto/src/asn1/Asn1Encodable.cs
index c7fde6e07..6314bf76f 100644
--- a/crypto/src/asn1/Asn1Encodable.cs
+++ b/crypto/src/asn1/Asn1Encodable.cs
@@ -28,10 +28,12 @@ namespace Org.BouncyCastle.Asn1
 
 				if (this is Asn1Set)
 				{
-					(this as Asn1Set).Sort();
+					dOut.WriteObject(new DerSet((this as Asn1Set).elements));
+				}
+				else
+				{
+					dOut.WriteObject(this);
 				}
-
-				dOut.WriteObject(this);
 
 				return bOut.ToArray();
 			}
diff --git a/crypto/src/cms/SignerInformation.cs b/crypto/src/cms/SignerInformation.cs
index 58bb312b3..3ab1c09f9 100644
--- a/crypto/src/cms/SignerInformation.cs
+++ b/crypto/src/cms/SignerInformation.cs
@@ -27,8 +27,8 @@ namespace Org.BouncyCastle.Cms
 		private CmsProcessable		content;
 		private byte[]				signature;
 		private DerObjectIdentifier	contentType;
-		private IDigestCalculator	digestCalculator;
-		private byte[]				resultDigest;
+		private byte[]	calculatedDigest;
+		private byte[]	resultDigest;
 
 		// Derived
 		private Asn1.Cms.AttributeTable	signedAttributeTable;
@@ -80,10 +80,10 @@ namespace Org.BouncyCastle.Cms
 			this.signedAttributeSet = info.AuthenticatedAttributes;
 			this.unsignedAttributeSet = info.UnauthenticatedAttributes;
 			this.encryptionAlgorithm = info.DigestEncryptionAlgorithm;
-			this.signature = info.EncryptedDigest.GetOctets();
+			this.signature = (byte[])info.EncryptedDigest.GetOctets().Clone();
 
 			this.content = content;
-			this.digestCalculator = digestCalculator;
+			this.calculatedDigest = (digestCalculator != null) ? digestCalculator.GetDigest() : null;
 		}
 
         /**
@@ -96,16 +96,17 @@ namespace Org.BouncyCastle.Cms
         protected SignerInformation(SignerInformation baseInfo)
         {
             this.info = baseInfo.info;
-            this.contentType = baseInfo.contentType;
+			this.content = baseInfo.content;
+			this.contentType = baseInfo.contentType;
             this.isCounterSignature = baseInfo.IsCounterSignature;
-            this.sid = baseInfo.SignerID;
-            this.digestAlgorithm = info.DigestAlgorithm;
+			this.sid = baseInfo.sid;
+			this.digestAlgorithm = info.DigestAlgorithm;
             this.signedAttributeSet = info.AuthenticatedAttributes;
             this.unsignedAttributeSet = info.UnauthenticatedAttributes;
             this.encryptionAlgorithm = info.DigestEncryptionAlgorithm;
-            this.signature = info.EncryptedDigest.GetOctets();
-            this.content = baseInfo.content;
-            this.resultDigest = baseInfo.resultDigest;
+			this.signature = (byte[])info.EncryptedDigest.GetOctets().Clone();
+			
+			this.calculatedDigest = baseInfo.calculatedDigest;
             this.signedAttributeTable = baseInfo.signedAttributeTable;
             this.unsignedAttributeTable = baseInfo.unsignedAttributeTable;
         }
@@ -364,7 +365,7 @@ namespace Org.BouncyCastle.Cms
 
 					IAsymmetricBlockCipher rsa = new RsaBlindedEngine();
 
-					if (signedAttributeSet == null && digestCalculator != null)
+					if (signedAttributeSet == null && calculatedDigest != null)
 					{
                         sig = PssSigner.CreateRawSigner(rsa, pssDigest, pssDigest, saltLength, PssSigner.TrailerImplicit);
                     }
@@ -394,9 +395,9 @@ namespace Org.BouncyCastle.Cms
 
 			try
 			{
-				if (digestCalculator != null)
+				if (calculatedDigest != null)
 				{
-					resultDigest = digestCalculator.GetDigest();
+					resultDigest = calculatedDigest;
 				}
 				else
 				{
@@ -493,7 +494,7 @@ namespace Org.BouncyCastle.Cms
 
 				if (signedAttributeSet == null)
 				{
-					if (digestCalculator != null)
+					if (calculatedDigest != null)
 					{
 						if (sig is PssSigner)
 						{
diff --git a/crypto/test/src/cms/test/SignedDataTest.cs b/crypto/test/src/cms/test/SignedDataTest.cs
index 68214c3c8..41af04874 100644
--- a/crypto/test/src/cms/test/SignedDataTest.cs
+++ b/crypto/test/src/cms/test/SignedDataTest.cs
@@ -1257,8 +1257,10 @@ namespace Org.BouncyCastle.Cms.Tests
 
 				certEnum.MoveNext();
 				X509Certificate cert = (X509Certificate) certEnum.Current;
+				SignerInformation sAsIs = new AsIsSignerInformation(signer);
 
-				Assert.IsTrue(new AsIsSignerInformation(signer).Verify(cert));
+				Assert.IsFalse(signer.Verify(cert));
+				Assert.IsTrue(sAsIs.Verify(cert));
 			}
 		}
 
@@ -1586,6 +1588,15 @@ namespace Org.BouncyCastle.Cms.Tests
 				X509Certificate cert = (X509Certificate)certEnum.Current;
 
 				Assert.IsTrue(signer.Verify(cert));
+				Assert.IsTrue(new MySignerInformation(signer).Verify(cert)); // test simple copy works
+			}
+		}
+
+		class MySignerInformation: SignerInformation
+		{
+			public MySignerInformation(SignerInformation sigInf): base(sigInf)
+			{
+
 			}
 		}
     }
author	David Hook <dgh@cryptoworkshop.com>	2021-10-08 17:02:10 +1100
committer	David Hook <dgh@cryptoworkshop.com>	2021-10-08 17:02:10 +1100
commit	875bf434eceb99193d109d94ec16212b8ff0618e (patch)
tree	ae0a15d169a0a168a4bcb7e0d4c17a9f1e3a71ab
parent	added explicit sorting of DER encoded SET (diff)
download	BouncyCastle.NET-ed25519-875bf434eceb99193d109d94ec16212b8ff0618e.tar.xz