summary refs log tree commit diff
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2023-02-02 19:22:45 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2023-02-02 19:22:45 +0700
commitae8d09df6e2fa33a138a200949a75b3c8750cc0f (patch)
treed7675a6c9e54b31688e00ceb0973b35f15b8eda5
parentSupport null 'otherInfo' (diff)
downloadBouncyCastle.NET-ed25519-ae8d09df6e2fa33a138a200949a75b3c8750cc0f.tar.xz
Misc. cleanup after bc-fips-csharp updates
-rw-r--r--crypto/src/bcpg/BcpgOutputStream.cs9
-rw-r--r--crypto/src/bcpg/sig/Features.cs11
-rw-r--r--crypto/src/cms/CMSTypedStream.cs1
-rw-r--r--crypto/src/crypto/IDerivationFunction.cs8
-rw-r--r--crypto/src/crypto/fpe/SP80038G.cs3
-rw-r--r--crypto/src/crypto/generators/HkdfBytesGenerator.cs1
-rw-r--r--crypto/src/crypto/generators/KDFCounterBytesGenerator.cs5
-rw-r--r--crypto/src/crypto/generators/KDFDoublePipelineIterationBytesGenerator.cs147
-rw-r--r--crypto/src/crypto/generators/KDFFeedbackBytesGenerator.cs4
-rw-r--r--crypto/src/crypto/parameters/KDFDoublePipelineIterationParameters.cs19
-rw-r--r--crypto/src/crypto/parameters/KdfParameters.cs3
-rw-r--r--crypto/src/crypto/parameters/KeyParameter.cs2
-rw-r--r--crypto/src/crypto/parameters/ParametersWithID.cs18
-rw-r--r--crypto/src/crypto/parameters/ParametersWithIV.cs21
-rw-r--r--crypto/src/crypto/parameters/ParametersWithSBox.cs23
-rw-r--r--crypto/src/crypto/parameters/ParametersWithSalt.cs20
-rw-r--r--crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs4
-rw-r--r--crypto/src/crypto/signers/X931Signer.cs76
-rw-r--r--crypto/src/openpgp/PgpPublicKey.cs1
-rw-r--r--crypto/src/util/encoders/HexEncoder.cs1
20 files changed, 190 insertions, 187 deletions
diff --git a/crypto/src/bcpg/BcpgOutputStream.cs b/crypto/src/bcpg/BcpgOutputStream.cs
index c6a9b8657..3bae7e383 100644
--- a/crypto/src/bcpg/BcpgOutputStream.cs
+++ b/crypto/src/bcpg/BcpgOutputStream.cs
@@ -10,13 +10,10 @@ namespace Org.BouncyCastle.Bcpg
     public class BcpgOutputStream
         : BaseOutputStream
     {
-		internal static BcpgOutputStream Wrap(
-			Stream outStr)
+		internal static BcpgOutputStream Wrap(Stream outStr)
 		{
-			if (outStr is BcpgOutputStream)
-			{
-				return (BcpgOutputStream) outStr;
-			}
+			if (outStr is BcpgOutputStream bcpgOutputStream)
+				return bcpgOutputStream;
 
 			return new BcpgOutputStream(outStr);
 		}
diff --git a/crypto/src/bcpg/sig/Features.cs b/crypto/src/bcpg/sig/Features.cs
index f6123d612..a04d2cf9d 100644
--- a/crypto/src/bcpg/sig/Features.cs
+++ b/crypto/src/bcpg/sig/Features.cs
@@ -24,19 +24,18 @@ namespace Org.BouncyCastle.Bcpg.Sig
             return new byte[1]{ feature };
         }
 
-        public Features(
-            bool critical,
-            bool isLongLength,
-            byte[] data)
+        public Features(bool critical, bool isLongLength, byte[] data)
             : base(SignatureSubpacketTag.Features, critical, isLongLength, data)
         {
         }
 
-        public Features(bool critical, byte features): this(critical, false, FeatureToByteArray(features))
+        public Features(bool critical, byte features)
+            : this(critical, false, FeatureToByteArray(features))
         {
         }
 
-        public Features(bool critical, int features):  this(critical, false, FeatureToByteArray((byte)features))
+        public Features(bool critical, int features)
+            : this(critical, false, FeatureToByteArray((byte)features))
         {
         }
 
diff --git a/crypto/src/cms/CMSTypedStream.cs b/crypto/src/cms/CMSTypedStream.cs
index 92e71a20e..624833848 100644
--- a/crypto/src/cms/CMSTypedStream.cs
+++ b/crypto/src/cms/CMSTypedStream.cs
@@ -2,7 +2,6 @@ using System;
 using System.IO;
 
 using Org.BouncyCastle.Asn1.Pkcs;
-using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.Utilities.IO;
 
 namespace Org.BouncyCastle.Cms
diff --git a/crypto/src/crypto/IDerivationFunction.cs b/crypto/src/crypto/IDerivationFunction.cs
index 9c0228ab0..35dea0a2e 100644
--- a/crypto/src/crypto/IDerivationFunction.cs
+++ b/crypto/src/crypto/IDerivationFunction.cs
@@ -2,16 +2,12 @@ using System;
 
 namespace Org.BouncyCastle.Crypto
 {
-    /**
-     * base interface for general purpose byte derivation functions.
-     */
+    /// <summary>Base interface for general purpose byte derivation functions.</summary>
     public interface IDerivationFunction
     {
         void Init(IDerivationParameters parameters);
 
-        /**
-         * return the message digest used as the basis for the function
-         */
+        /// <summary>The message digest used as the basis for the function.</summary>
         IDigest Digest { get; }
 
         int GenerateBytes(byte[] output, int outOff, int length);
diff --git a/crypto/src/crypto/fpe/SP80038G.cs b/crypto/src/crypto/fpe/SP80038G.cs
index 65dad0797..c1f5f23f4 100644
--- a/crypto/src/crypto/fpe/SP80038G.cs
+++ b/crypto/src/crypto/fpe/SP80038G.cs
@@ -303,7 +303,8 @@ namespace Org.BouncyCastle.Crypto.Fpe
             return tweak64;
         }
 
-        private static BigInteger CalculateY_FF1(IBlockCipher cipher, BigInteger bigRadix, byte[] T, int b, int d, int round, byte[] P, ushort[] AB)
+        private static BigInteger CalculateY_FF1(IBlockCipher cipher, BigInteger bigRadix, byte[] T, int b, int d,
+            int round, byte[] P, ushort[] AB)
         {
             int t = T.Length;
 
diff --git a/crypto/src/crypto/generators/HkdfBytesGenerator.cs b/crypto/src/crypto/generators/HkdfBytesGenerator.cs
index 43cd66525..c8bf333c2 100644
--- a/crypto/src/crypto/generators/HkdfBytesGenerator.cs
+++ b/crypto/src/crypto/generators/HkdfBytesGenerator.cs
@@ -2,7 +2,6 @@
 
 using Org.BouncyCastle.Crypto.Macs;
 using Org.BouncyCastle.Crypto.Parameters;
-using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Crypto.Generators
 {
diff --git a/crypto/src/crypto/generators/KDFCounterBytesGenerator.cs b/crypto/src/crypto/generators/KDFCounterBytesGenerator.cs
index 7fa50e2fa..7c08034c5 100644
--- a/crypto/src/crypto/generators/KDFCounterBytesGenerator.cs
+++ b/crypto/src/crypto/generators/KDFCounterBytesGenerator.cs
@@ -57,10 +57,7 @@ namespace Org.BouncyCastle.Crypto.Generators
 
         public IMac Mac => prf;
 
-        public IDigest Digest
-        {
-            get { return (prf as HMac)?.GetUnderlyingDigest(); }
-        }
+        public IDigest Digest => (prf as HMac)?.GetUnderlyingDigest();
 
         public int GenerateBytes(byte[] output, int outOff, int length)
         {
diff --git a/crypto/src/crypto/generators/KDFDoublePipelineIterationBytesGenerator.cs b/crypto/src/crypto/generators/KDFDoublePipelineIterationBytesGenerator.cs
index 01feda6f4..cffd99132 100644
--- a/crypto/src/crypto/generators/KDFDoublePipelineIterationBytesGenerator.cs
+++ b/crypto/src/crypto/generators/KDFDoublePipelineIterationBytesGenerator.cs
@@ -9,6 +9,9 @@ namespace Org.BouncyCastle.Crypto.Generators
     public sealed class KdfDoublePipelineIterationBytesGenerator
         : IMacDerivationFunction
     {
+        // please refer to the standard for the meaning of the variable names
+        // all field lengths are in bytes, not in bits as specified by the standard
+
         // fields set by the constructor       
         private readonly IMac prf;
         private readonly int h;
@@ -68,6 +71,78 @@ namespace Org.BouncyCastle.Crypto.Generators
             generatedBytes = 0;
         }
 
+        public IMac Mac => prf;
+
+        public IDigest Digest
+        {
+            get { return (prf as HMac)?.GetUnderlyingDigest(); }
+        }
+
+        public int GenerateBytes(byte[] output, int outOff, int length)
+        {
+#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+            return GenerateBytes(output.AsSpan(outOff, length));
+#else
+            if (generatedBytes >= maxSizeExcl - length)
+                throw new DataLengthException("Current KDFCTR may only be used for " + maxSizeExcl + " bytes");
+
+            int toGenerate = length;
+            int posInK = generatedBytes % h;
+            if (posInK != 0)
+            {
+                // copy what is left in the currentT (1..hash
+                int toCopy = System.Math.Min(h - posInK, toGenerate);
+                Array.Copy(k, posInK, output, outOff, toCopy);
+                generatedBytes += toCopy;
+                toGenerate -= toCopy;
+                outOff += toCopy;
+            }
+
+            while (toGenerate > 0)
+            {
+                GenerateNext();
+                int toCopy = System.Math.Min(h, toGenerate);
+                Array.Copy(k, 0, output, outOff, toCopy);
+                generatedBytes += toCopy;
+                toGenerate -= toCopy;
+                outOff += toCopy;
+            }
+
+            return length;
+#endif
+        }
+
+    #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+            public int GenerateBytes(Span<byte> output)
+            {
+                int length = output.Length;
+                if (generatedBytes >= maxSizeExcl - length)
+                    throw new DataLengthException("Current KDFCTR may only be used for " + maxSizeExcl + " bytes");
+
+                int posInK = generatedBytes % h;
+                if (posInK != 0)
+                {
+                    // copy what is left in the currentT (1..hash
+                    GenerateNext();
+                    int toCopy = System.Math.Min(h - posInK, output.Length);
+                    k.AsSpan(posInK, toCopy).CopyTo(output);
+                    generatedBytes += toCopy;
+                    output = output[toCopy..];
+                }
+
+                while (!output.IsEmpty)
+                {
+                    GenerateNext();
+                    int toCopy = System.Math.Min(h, output.Length);
+                    k.AsSpan(0, toCopy).CopyTo(output);
+                    generatedBytes += toCopy;
+                    output = output[toCopy..];
+                }
+
+                return length;
+            }
+    #endif
+
         private void GenerateNext()
         {
             if (generatedBytes == 0)
@@ -117,77 +192,5 @@ namespace Org.BouncyCastle.Crypto.Generators
             prf.BlockUpdate(fixedInputData, 0, fixedInputData.Length);
             prf.DoFinal(k, 0);
         }
-
-        public IDigest Digest
-        {
-            get { return (prf as HMac)?.GetUnderlyingDigest(); }
-        }
-
-        public int GenerateBytes(byte[] output, int outOff, int length)
-        {
-#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
-            return GenerateBytes(output.AsSpan(outOff, length));
-#else
-            if (generatedBytes >= maxSizeExcl - length)
-                throw new DataLengthException("Current KDFCTR may only be used for " + maxSizeExcl + " bytes");
-
-            int toGenerate = length;
-            int posInK = generatedBytes % h;
-            if (posInK != 0)
-            {
-                // copy what is left in the currentT (1..hash
-                int toCopy = System.Math.Min(h - posInK, toGenerate);
-                Array.Copy(k, posInK, output, outOff, toCopy);
-                generatedBytes += toCopy;
-                toGenerate -= toCopy;
-                outOff += toCopy;
-            }
-
-            while (toGenerate > 0)
-            {
-                GenerateNext();
-                int toCopy = System.Math.Min(h, toGenerate);
-                Array.Copy(k, 0, output, outOff, toCopy);
-                generatedBytes += toCopy;
-                toGenerate -= toCopy;
-                outOff += toCopy;
-            }
-
-            return length;
-#endif
-        }
-
-#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
-        public int GenerateBytes(Span<byte> output)
-        {
-            int length = output.Length;
-            if (generatedBytes >= maxSizeExcl - length)
-                throw new DataLengthException("Current KDFCTR may only be used for " + maxSizeExcl + " bytes");
-
-            int posInK = generatedBytes % h;
-            if (posInK != 0)
-            {
-                // copy what is left in the currentT (1..hash
-                GenerateNext();
-                int toCopy = System.Math.Min(h - posInK, output.Length);
-                k.AsSpan(posInK, toCopy).CopyTo(output);
-                generatedBytes += toCopy;
-                output = output[toCopy..];
-            }
-
-            while (!output.IsEmpty)
-            {
-                GenerateNext();
-                int toCopy = System.Math.Min(h, output.Length);
-                k.AsSpan(0, toCopy).CopyTo(output);
-                generatedBytes += toCopy;
-                output = output[toCopy..];
-            }
-
-            return length;
-        }
-#endif
-
-        public IMac Mac => prf;
     }
 }
diff --git a/crypto/src/crypto/generators/KDFFeedbackBytesGenerator.cs b/crypto/src/crypto/generators/KDFFeedbackBytesGenerator.cs
index 58a035ef6..c07e1de42 100644
--- a/crypto/src/crypto/generators/KDFFeedbackBytesGenerator.cs
+++ b/crypto/src/crypto/generators/KDFFeedbackBytesGenerator.cs
@@ -71,6 +71,8 @@ namespace Org.BouncyCastle.Crypto.Generators
             generatedBytes = 0;
         }
 
+        public IMac Mac => prf;
+
         public IDigest Digest
         {
             get { return (prf as HMac)?.GetUnderlyingDigest(); }
@@ -183,7 +185,5 @@ namespace Org.BouncyCastle.Crypto.Generators
             prf.BlockUpdate(fixedInputData, 0, fixedInputData.Length);
             prf.DoFinal(k, 0);
         }
-
-        public IMac Mac => prf;
     }
 }
diff --git a/crypto/src/crypto/parameters/KDFDoublePipelineIterationParameters.cs b/crypto/src/crypto/parameters/KDFDoublePipelineIterationParameters.cs
index 9e2a68b71..c63926fe3 100644
--- a/crypto/src/crypto/parameters/KDFDoublePipelineIterationParameters.cs
+++ b/crypto/src/crypto/parameters/KDFDoublePipelineIterationParameters.cs
@@ -4,7 +4,8 @@ using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Crypto.Parameters
 {
-    public class KdfDoublePipelineIterationParameters : IDerivationParameters
+    public class KdfDoublePipelineIterationParameters
+        : IDerivationParameters
     {
         // could be any valid value, using 32, don't know why
         private static readonly int UNUSED_R = 32;
@@ -17,9 +18,7 @@ namespace Org.BouncyCastle.Crypto.Parameters
         private KdfDoublePipelineIterationParameters(byte[] ki, byte[] fixedInputData, int r, bool useCounter)
         {
             if (ki == null)
-            {
-                throw new ArgumentException("A KDF requires Ki (a seed) as input");
-            }
+                throw new ArgumentNullException("A KDF requires Ki (a seed) as input", nameof(ki));
 
             this.ki = Arrays.Clone(ki);
 
@@ -33,9 +32,7 @@ namespace Org.BouncyCastle.Crypto.Parameters
             }
 
             if (r != 8 && r != 16 && r != 24 && r != 32)
-            {
                 throw new ArgumentException("Length of counter should be 8, 16, 24 or 32");
-            }
 
             this.r = r;
 
@@ -59,15 +56,9 @@ namespace Org.BouncyCastle.Crypto.Parameters
             get { return Arrays.Clone(ki); }
         }
 
-        public bool UseCounter
-        {
-            get { return useCounter; }
-        }
+        public bool UseCounter => useCounter;
 
-        public int R
-        {
-            get { return r; }
-        }
+        public int R => r;
 
         public byte[] FixedInputData
         {
diff --git a/crypto/src/crypto/parameters/KdfParameters.cs b/crypto/src/crypto/parameters/KdfParameters.cs
index 78cf81855..3e2ddc541 100644
--- a/crypto/src/crypto/parameters/KdfParameters.cs
+++ b/crypto/src/crypto/parameters/KdfParameters.cs
@@ -1,6 +1,3 @@
-using System;
-using Org.BouncyCastle.Crypto;
-
 namespace Org.BouncyCastle.Crypto.Parameters
 {
     /**
diff --git a/crypto/src/crypto/parameters/KeyParameter.cs b/crypto/src/crypto/parameters/KeyParameter.cs
index bc6c28368..8d35a19f1 100644
--- a/crypto/src/crypto/parameters/KeyParameter.cs
+++ b/crypto/src/crypto/parameters/KeyParameter.cs
@@ -1,7 +1,5 @@
 using System;
 
-using Org.BouncyCastle.Crypto;
-
 namespace Org.BouncyCastle.Crypto.Parameters
 {
     public class KeyParameter
diff --git a/crypto/src/crypto/parameters/ParametersWithID.cs b/crypto/src/crypto/parameters/ParametersWithID.cs
index 2bc4ac86c..2e88026e1 100644
--- a/crypto/src/crypto/parameters/ParametersWithID.cs
+++ b/crypto/src/crypto/parameters/ParametersWithID.cs
@@ -1,7 +1,5 @@
 using System;
 
-using Org.BouncyCastle.Utilities;
-
 namespace Org.BouncyCastle.Crypto.Parameters
 {
     public class ParametersWithID
@@ -13,17 +11,29 @@ namespace Org.BouncyCastle.Crypto.Parameters
         public ParametersWithID(ICipherParameters parameters, byte[] id)
             : this(parameters, id, 0, id.Length)
         {
+            // NOTE: 'parameters' may be null to imply key re-use
+            if (id == null)
+                throw new ArgumentNullException(nameof(id));
+
+            m_parameters = parameters;
+            m_id = (byte[])id.Clone();
         }
 
         public ParametersWithID(ICipherParameters parameters, byte[] id, int idOff, int idLen)
         {
+            // NOTE: 'parameters' may be null to imply key re-use
+            if (id == null)
+                throw new ArgumentNullException(nameof(id));
+
             m_parameters = parameters;
-            m_id = Arrays.CopyOfRange(id, idOff, idOff + idLen);
+            m_id = new byte[idLen];
+            Array.Copy(id, idOff, m_id, 0, idLen);
         }
 
 #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
         public ParametersWithID(ICipherParameters parameters, ReadOnlySpan<byte> id)
         {
+            // NOTE: 'parameters' may be null to imply key re-use
             m_parameters = parameters;
             m_id = id.ToArray();
         }
@@ -31,7 +41,7 @@ namespace Org.BouncyCastle.Crypto.Parameters
 
         public byte[] GetID()
         {
-            return m_id;
+            return (byte[])m_id.Clone();
         }
 
         public ICipherParameters Parameters => m_parameters;
diff --git a/crypto/src/crypto/parameters/ParametersWithIV.cs b/crypto/src/crypto/parameters/ParametersWithIV.cs
index ac55afc8d..ea1773d54 100644
--- a/crypto/src/crypto/parameters/ParametersWithIV.cs
+++ b/crypto/src/crypto/parameters/ParametersWithIV.cs
@@ -1,29 +1,44 @@
 using System;
 
-using Org.BouncyCastle.Utilities;
-
 namespace Org.BouncyCastle.Crypto.Parameters
 {
     public class ParametersWithIV
         : ICipherParameters
     {
+        internal static ICipherParameters ApplyOptionalIV(ICipherParameters parameters, byte[] iv)
+        {
+            return iv == null ? parameters : new ParametersWithIV(parameters, iv);
+        }
+
         private readonly ICipherParameters m_parameters;
         private readonly byte[] m_iv;
 
         public ParametersWithIV(ICipherParameters parameters, byte[] iv)
             : this(parameters, iv, 0, iv.Length)
         {
+            // NOTE: 'parameters' may be null to imply key re-use
+            if (iv == null)
+                throw new ArgumentNullException(nameof(iv));
+
+            m_parameters = parameters;
+            m_iv = (byte[])iv.Clone();
         }
 
         public ParametersWithIV(ICipherParameters parameters, byte[] iv, int ivOff, int ivLen)
         {
+            // NOTE: 'parameters' may be null to imply key re-use
+            if (iv == null)
+                throw new ArgumentNullException(nameof(iv));
+
             m_parameters = parameters;
-            m_iv = Arrays.CopyOfRange(iv, ivOff, ivOff + ivLen);
+            m_iv = new byte[ivLen];
+            Array.Copy(iv, ivOff, m_iv, 0, ivLen);
         }
 
 #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
         public ParametersWithIV(ICipherParameters parameters, ReadOnlySpan<byte> iv)
         {
+            // NOTE: 'parameters' may be null to imply key re-use
             m_parameters = parameters;
             m_iv = iv.ToArray();
         }
diff --git a/crypto/src/crypto/parameters/ParametersWithSBox.cs b/crypto/src/crypto/parameters/ParametersWithSBox.cs
index 6473796e3..f64ac5d08 100644
--- a/crypto/src/crypto/parameters/ParametersWithSBox.cs
+++ b/crypto/src/crypto/parameters/ParametersWithSBox.cs
@@ -1,24 +1,19 @@
-using System;
-
-using Org.BouncyCastle.Crypto;
-
 namespace Org.BouncyCastle.Crypto.Parameters
 {
-	public class ParametersWithSBox : ICipherParameters
+	public class ParametersWithSBox
+		: ICipherParameters
 	{
-		private ICipherParameters  parameters;
-		private byte[] sBox;
+		private readonly ICipherParameters m_parameters;
+		private readonly byte[] m_sBox;
 
-		public ParametersWithSBox(
-			ICipherParameters parameters,
-			byte[] sBox)
+		public ParametersWithSBox(ICipherParameters parameters, byte[] sBox)
 		{
-			this.parameters = parameters;
-			this.sBox = sBox;
+			this.m_parameters = parameters;
+			this.m_sBox = sBox;
 		}
 
-		public byte[] GetSBox() { return sBox; }
+		public byte[] GetSBox() => m_sBox;
 
-		public ICipherParameters Parameters { get { return parameters; } }
+		public ICipherParameters Parameters => m_parameters;
 	}
 }
diff --git a/crypto/src/crypto/parameters/ParametersWithSalt.cs b/crypto/src/crypto/parameters/ParametersWithSalt.cs
index 277cd213c..a78acf18a 100644
--- a/crypto/src/crypto/parameters/ParametersWithSalt.cs
+++ b/crypto/src/crypto/parameters/ParametersWithSalt.cs
@@ -1,8 +1,5 @@
 using System;
 
-using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Utilities;
-
 namespace Org.BouncyCastle.Crypto.Parameters
 {
 
@@ -14,19 +11,30 @@ namespace Org.BouncyCastle.Crypto.Parameters
         private readonly byte[] m_salt;
 
         public ParametersWithSalt(ICipherParameters parameters, byte[] salt)
-            : this(parameters, salt, 0, salt.Length)
         {
+            // NOTE: 'parameters' may be null to imply key re-use
+            if (salt == null)
+                throw new ArgumentNullException(nameof(salt));
+
+            m_parameters = parameters;
+            m_salt = (byte[])salt.Clone();
         }
 
         public ParametersWithSalt(ICipherParameters parameters, byte[] salt, int saltOff, int saltLen)
         {
+            // NOTE: 'parameters' may be null to imply key re-use
+            if (salt == null)
+                throw new ArgumentNullException(nameof(salt));
+
             m_parameters = parameters;
-            m_salt = Arrays.CopyOfRange(salt, saltOff, saltOff + saltLen);
+            m_salt = new byte[saltLen];
+            Array.Copy(salt, saltOff, m_salt, 0, saltLen);
         }
 
 #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
         public ParametersWithSalt(ICipherParameters parameters, ReadOnlySpan<byte> salt)
         {
+            // NOTE: 'parameters' may be null to imply key re-use
             m_parameters = parameters;
             m_salt = salt.ToArray();
         }
@@ -34,7 +42,7 @@ namespace Org.BouncyCastle.Crypto.Parameters
 
         public byte[] GetSalt()
         {
-            return m_salt;
+            return (byte[])m_salt.Clone();
         }
 
         public ICipherParameters Parameters => m_parameters;
diff --git a/crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs b/crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs
index cf566ff9c..fd7b107e0 100644
--- a/crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs
+++ b/crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs
@@ -60,10 +60,10 @@ namespace Org.BouncyCastle.Crypto.Prng.Drbg
 	        mSeedLength = keySizeInBits + engine.GetBlockSize() * 8;
 	        mIsTdea = IsTdea(engine);
 
-            CTR_DRBG_Instantiate_algorithm(nonce, personalizationString);
+            CTR_DRBG_Instantiate_algorithm(personalizationString, nonce);
 	    }
 
-        private void CTR_DRBG_Instantiate_algorithm(byte[] nonce, byte[] personalisationString)
+        private void CTR_DRBG_Instantiate_algorithm(byte[] personalisationString, byte[] nonce)
 	    {
             byte[] entropy = GetEntropy();  // Get_entropy_input
             byte[] seedMaterial = Arrays.ConcatenateAll(entropy, nonce, personalisationString);
diff --git a/crypto/src/crypto/signers/X931Signer.cs b/crypto/src/crypto/signers/X931Signer.cs
index c185eacfd..2b0854925 100644
--- a/crypto/src/crypto/signers/X931Signer.cs
+++ b/crypto/src/crypto/signers/X931Signer.cs
@@ -28,6 +28,17 @@ namespace Org.BouncyCastle.Crypto.Signers
         private byte[]      block;
 
         /**
+         * Constructor for a signer with an explicit digest trailer.
+         *
+         * @param cipher cipher to use.
+         * @param digest digest to sign with.
+         */
+        public X931Signer(IAsymmetricBlockCipher cipher, IDigest digest)
+            : this(cipher, digest, false)
+        {
+        }
+
+        /**
          * Generate a signer with either implicit or explicit trailers for X9.31.
          *
          * @param cipher base cipher to use for signature creation/verification
@@ -53,17 +64,6 @@ namespace Org.BouncyCastle.Crypto.Signers
             }
         }
 
-        /**
-         * Constructor for a signer with an explicit digest trailer.
-         *
-         * @param cipher cipher to use.
-         * @param digest digest to sign with.
-         */
-        public X931Signer(IAsymmetricBlockCipher cipher, IDigest digest)
-            :   this(cipher, digest, false)
-        {
-        }
-
         public virtual string AlgorithmName
         {
             get { return digest.AlgorithmName + "with" + cipher.AlgorithmName + "/X9.31"; }
@@ -121,33 +121,6 @@ namespace Org.BouncyCastle.Crypto.Signers
             return BigIntegers.AsUnsignedByteArray(size, t);
         }
 
-        private void CreateSignatureBlock()
-        {
-            int digSize = digest.GetDigestSize();
-
-            int delta;
-            if (trailer == IsoTrailers.TRAILER_IMPLICIT)
-            {
-                delta = block.Length - digSize - 1;
-                digest.DoFinal(block, delta);
-                block[block.Length - 1] = (byte)IsoTrailers.TRAILER_IMPLICIT;
-            }
-            else
-            {
-                delta = block.Length - digSize - 2;
-                digest.DoFinal(block, delta);
-                block[block.Length - 2] = (byte)(trailer >> 8);
-                block[block.Length - 1] = (byte)trailer;
-            }
-
-            block[0] = 0x6b;
-            for (int i = delta - 2; i != 0; i--)
-            {
-                block[i] = (byte)0xbb;
-            }
-            block[delta - 1] = (byte)0xba;
-        }
-
         public virtual bool VerifySignature(byte[] signature)
         {
             try
@@ -203,5 +176,32 @@ namespace Org.BouncyCastle.Crypto.Signers
         {
             digest.Reset();
         }
+
+        private void CreateSignatureBlock()
+        {
+            int digSize = digest.GetDigestSize();
+
+            int delta;
+            if (trailer == IsoTrailers.TRAILER_IMPLICIT)
+            {
+                delta = block.Length - digSize - 1;
+                digest.DoFinal(block, delta);
+                block[block.Length - 1] = (byte)IsoTrailers.TRAILER_IMPLICIT;
+            }
+            else
+            {
+                delta = block.Length - digSize - 2;
+                digest.DoFinal(block, delta);
+                block[block.Length - 2] = (byte)(trailer >> 8);
+                block[block.Length - 1] = (byte)trailer;
+            }
+
+            block[0] = 0x6b;
+            for (int i = delta - 2; i != 0; i--)
+            {
+                block[i] = (byte)0xbb;
+            }
+            block[delta - 1] = (byte)0xba;
+        }
     }
 }
diff --git a/crypto/src/openpgp/PgpPublicKey.cs b/crypto/src/openpgp/PgpPublicKey.cs
index 400cda071..6fa7cfae8 100644
--- a/crypto/src/openpgp/PgpPublicKey.cs
+++ b/crypto/src/openpgp/PgpPublicKey.cs
@@ -2,7 +2,6 @@ using System;
 using System.Collections.Generic;
 using System.IO;
 
-using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Cryptlib;
 using Org.BouncyCastle.Asn1.EdEC;
 using Org.BouncyCastle.Asn1.Gnu;
diff --git a/crypto/src/util/encoders/HexEncoder.cs b/crypto/src/util/encoders/HexEncoder.cs
index 6ccb184d9..a36f31dbd 100644
--- a/crypto/src/util/encoders/HexEncoder.cs
+++ b/crypto/src/util/encoders/HexEncoder.cs
@@ -1,4 +1,3 @@
-using Org.BouncyCastle.Crypto;
 using System;
 using System.IO;