diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2023-02-14 20:25:34 +0700 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2023-02-14 20:25:34 +0700 |
commit | ee97cb9053cced3ccfedd7ddf210579827859b6a (patch) | |
tree | 6c2c429ef86ff67a1926242e2bb15ac845fdf3bd | |
parent | Avoid unnecessary recoding (diff) | |
download | BouncyCastle.NET-ed25519-ee97cb9053cced3ccfedd7ddf210579827859b6a.tar.xz |
Refactoring in Cms
-rw-r--r-- | crypto/src/cms/CMSEnvelopedGenerator.cs | 10 | ||||
-rw-r--r-- | crypto/src/cms/CMSEnvelopedHelper.cs | 123 | ||||
-rw-r--r-- | crypto/src/cms/KEKRecipientInfoGenerator.cs | 2 | ||||
-rw-r--r-- | crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs | 2 | ||||
-rw-r--r-- | crypto/src/cms/PasswordRecipientInfoGenerator.cs | 4 | ||||
-rw-r--r-- | crypto/src/cms/SignerInformation.cs | 2 | ||||
-rw-r--r-- | crypto/src/util/Platform.cs | 5 |
7 files changed, 64 insertions, 84 deletions
diff --git a/crypto/src/cms/CMSEnvelopedGenerator.cs b/crypto/src/cms/CMSEnvelopedGenerator.cs index eef572878..22a999766 100644 --- a/crypto/src/cms/CMSEnvelopedGenerator.cs +++ b/crypto/src/cms/CMSEnvelopedGenerator.cs @@ -6,6 +6,7 @@ using Org.BouncyCastle.Asn1.Cms; using Org.BouncyCastle.Asn1.Kisa; using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Ntt; +using Org.BouncyCastle.Asn1.Oiw; using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Asn1.X9; @@ -74,14 +75,21 @@ namespace Org.BouncyCastle.Cms // }; - // TODO Create named constants for all of these + public static readonly string DesCbc = OiwObjectIdentifiers.DesCbc.Id; public static readonly string DesEde3Cbc = PkcsObjectIdentifiers.DesEde3Cbc.Id; public static readonly string RC2Cbc = PkcsObjectIdentifiers.RC2Cbc.Id; + // TODO[api] Change these to static readonly (and ideally find actual OIDs) public const string IdeaCbc = "1.3.6.1.4.1.188.7.1.1.2"; public const string Cast5Cbc = "1.2.840.113533.7.66.10"; public static readonly string Aes128Cbc = NistObjectIdentifiers.IdAes128Cbc.Id; public static readonly string Aes192Cbc = NistObjectIdentifiers.IdAes192Cbc.Id; public static readonly string Aes256Cbc = NistObjectIdentifiers.IdAes256Cbc.Id; + public static readonly string Aes128Ccm = NistObjectIdentifiers.IdAes128Ccm.Id; + public static readonly string Aes192Ccm = NistObjectIdentifiers.IdAes192Ccm.Id; + public static readonly string Aes256Ccm = NistObjectIdentifiers.IdAes256Ccm.Id; + public static readonly string Aes128Gcm = NistObjectIdentifiers.IdAes128Gcm.Id; + public static readonly string Aes192Gcm = NistObjectIdentifiers.IdAes192Gcm.Id; + public static readonly string Aes256Gcm = NistObjectIdentifiers.IdAes256Gcm.Id; public static readonly string Camellia128Cbc = NttObjectIdentifiers.IdCamellia128Cbc.Id; public static readonly string Camellia192Cbc = NttObjectIdentifiers.IdCamellia192Cbc.Id; public static readonly string Camellia256Cbc = NttObjectIdentifiers.IdCamellia256Cbc.Id; diff --git a/crypto/src/cms/CMSEnvelopedHelper.cs b/crypto/src/cms/CMSEnvelopedHelper.cs index 888aba817..40c5e6868 100644 --- a/crypto/src/cms/CMSEnvelopedHelper.cs +++ b/crypto/src/cms/CMSEnvelopedHelper.cs @@ -13,91 +13,36 @@ using Org.BouncyCastle.Utilities.IO; namespace Org.BouncyCastle.Cms { - class CmsEnvelopedHelper + // TODO[api] Make static + internal class CmsEnvelopedHelper { internal static readonly CmsEnvelopedHelper Instance = new CmsEnvelopedHelper(); - private static readonly IDictionary<string, int> KeySizes = new Dictionary<string, int>(); - private static readonly IDictionary<string, string> BaseCipherNames = new Dictionary<string, string>(); + private static readonly Dictionary<string, int> KeySizes = new Dictionary<string, int>(); + private static readonly Dictionary<string, string> Rfc3211WrapperNames = new Dictionary<string, string>(); static CmsEnvelopedHelper() { - KeySizes.Add(CmsEnvelopedGenerator.DesEde3Cbc, 192); KeySizes.Add(CmsEnvelopedGenerator.Aes128Cbc, 128); KeySizes.Add(CmsEnvelopedGenerator.Aes192Cbc, 192); KeySizes.Add(CmsEnvelopedGenerator.Aes256Cbc, 256); - - BaseCipherNames.Add(CmsEnvelopedGenerator.DesEde3Cbc, "DESEDE"); - BaseCipherNames.Add(CmsEnvelopedGenerator.Aes128Cbc, "AES"); - BaseCipherNames.Add(CmsEnvelopedGenerator.Aes192Cbc, "AES"); - BaseCipherNames.Add(CmsEnvelopedGenerator.Aes256Cbc, "AES"); - } - - private string GetAsymmetricEncryptionAlgName( - string encryptionAlgOid) - { - if (Asn1.Pkcs.PkcsObjectIdentifiers.RsaEncryption.Id.Equals(encryptionAlgOid)) - { - return "RSA/ECB/PKCS1Padding"; - } - - return encryptionAlgOid; - } - - internal IBufferedCipher CreateAsymmetricCipher( - string encryptionOid) - { - string asymName = GetAsymmetricEncryptionAlgName(encryptionOid); - if (!asymName.Equals(encryptionOid)) - { - try - { - return CipherUtilities.GetCipher(asymName); - } - catch (SecurityUtilityException) - { - // Ignore - } - } - return CipherUtilities.GetCipher(encryptionOid); - } - - internal IWrapper CreateWrapper( - string encryptionOid) - { - try - { - return WrapperUtilities.GetWrapper(encryptionOid); - } - catch (SecurityUtilityException) - { - return WrapperUtilities.GetWrapper(GetAsymmetricEncryptionAlgName(encryptionOid)); - } - } - - internal string GetRfc3211WrapperName(string oid) - { - if (oid == null) - throw new ArgumentNullException(nameof(oid)); - - if (!BaseCipherNames.TryGetValue(oid, out var alg)) - throw new ArgumentException("no name for " + oid, nameof(oid)); - - return alg + "RFC3211Wrap"; - } - - internal int GetKeySize(string oid) - { - if (oid == null) - throw new ArgumentNullException(nameof(oid)); - - if (!KeySizes.TryGetValue(oid, out var keySize)) - throw new ArgumentException("no keysize for " + oid, "oid"); - - return keySize; - } - - internal static RecipientInformationStore BuildRecipientInformationStore( + KeySizes.Add(CmsEnvelopedGenerator.Camellia128Cbc, 128); + KeySizes.Add(CmsEnvelopedGenerator.Camellia192Cbc, 192); + KeySizes.Add(CmsEnvelopedGenerator.Camellia256Cbc, 256); + KeySizes.Add(CmsEnvelopedGenerator.DesCbc, 64); + KeySizes.Add(CmsEnvelopedGenerator.DesEde3Cbc, 192); + + Rfc3211WrapperNames.Add(CmsEnvelopedGenerator.Aes128Cbc, "AESRFC3211WRAP"); + Rfc3211WrapperNames.Add(CmsEnvelopedGenerator.Aes192Cbc, "AESRFC3211WRAP"); + Rfc3211WrapperNames.Add(CmsEnvelopedGenerator.Aes256Cbc, "AESRFC3211WRAP"); + Rfc3211WrapperNames.Add(CmsEnvelopedGenerator.Camellia128Cbc, "CAMELLIARFC3211WRAP"); + Rfc3211WrapperNames.Add(CmsEnvelopedGenerator.Camellia192Cbc, "CAMELLIARFC3211WRAP"); + Rfc3211WrapperNames.Add(CmsEnvelopedGenerator.Camellia256Cbc, "CAMELLIARFC3211WRAP"); + Rfc3211WrapperNames.Add(CmsEnvelopedGenerator.DesCbc, "DESRFC3211WRAP"); + Rfc3211WrapperNames.Add(CmsEnvelopedGenerator.DesEde3Cbc, "DESEDERFC3211WRAP"); + } + + internal static RecipientInformationStore BuildRecipientInformationStore( Asn1Set recipientInfos, CmsSecureReadable secureReadable) { var infos = new List<RecipientInformation>(); @@ -110,7 +55,29 @@ namespace Org.BouncyCastle.Cms return new RecipientInformationStore(infos); } - private static void ReadRecipientInfo(IList<RecipientInformation> infos, RecipientInfo info, + internal int GetKeySize(string oid) + { + if (oid == null) + throw new ArgumentNullException(nameof(oid)); + + if (!KeySizes.TryGetValue(oid, out var keySize)) + throw new ArgumentException("no key size for " + oid, nameof(oid)); + + return keySize; + } + + internal string GetRfc3211WrapperName(string oid) + { + if (oid == null) + throw new ArgumentNullException(nameof(oid)); + + if (!Rfc3211WrapperNames.TryGetValue(oid, out var name)) + throw new ArgumentException("no name for " + oid, nameof(oid)); + + return name; + } + + private static void ReadRecipientInfo(IList<RecipientInformation> infos, RecipientInfo info, CmsSecureReadable secureReadable) { Asn1Encodable recipInfo = info.Info; @@ -304,4 +271,4 @@ namespace Org.BouncyCastle.Cms } } } -} \ No newline at end of file +} diff --git a/crypto/src/cms/KEKRecipientInfoGenerator.cs b/crypto/src/cms/KEKRecipientInfoGenerator.cs index 6f34fec43..d8075d450 100644 --- a/crypto/src/cms/KEKRecipientInfoGenerator.cs +++ b/crypto/src/cms/KEKRecipientInfoGenerator.cs @@ -53,7 +53,7 @@ namespace Org.BouncyCastle.Cms { byte[] keyBytes = contentEncryptionKey.GetKey(); - IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionAlgorithm.Algorithm.Id); + IWrapper keyWrapper = WrapperUtilities.GetWrapper(keyEncryptionAlgorithm.Algorithm.Id); keyWrapper.Init(true, new ParametersWithRandom(keyEncryptionKey, random)); Asn1OctetString encryptedKey = new DerOctetString( keyWrapper.Wrap(keyBytes, 0, keyBytes.Length)); diff --git a/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs b/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs index c7c7f563f..f74365571 100644 --- a/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs +++ b/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs @@ -133,7 +133,7 @@ namespace Org.BouncyCastle.Cms keyEncryptionOID, keyEncryptionKeyBytes); // Wrap the content encryption key with the agreement key - IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionOID.Id); + IWrapper keyWrapper = WrapperUtilities.GetWrapper(keyEncryptionOID.Id); keyWrapper.Init(true, new ParametersWithRandom(keyEncryptionKey, random)); byte[] encryptedKeyBytes = keyWrapper.Wrap(keyBytes, 0, keyBytes.Length); diff --git a/crypto/src/cms/PasswordRecipientInfoGenerator.cs b/crypto/src/cms/PasswordRecipientInfoGenerator.cs index 9916edfc4..5bbf8f727 100644 --- a/crypto/src/cms/PasswordRecipientInfoGenerator.cs +++ b/crypto/src/cms/PasswordRecipientInfoGenerator.cs @@ -44,10 +44,10 @@ namespace Org.BouncyCastle.Cms byte[] keyBytes = contentEncryptionKey.GetKey(); string rfc3211WrapperName = Helper.GetRfc3211WrapperName(keyEncryptionKeyOID); - IWrapper keyWrapper = Helper.CreateWrapper(rfc3211WrapperName); + IWrapper keyWrapper = WrapperUtilities.GetWrapper(rfc3211WrapperName); // Note: In Java build, the IV is automatically generated in JCE layer - int ivLength = Platform.StartsWith(rfc3211WrapperName, "DESEDE") ? 8 : 16; + int ivLength = Platform.StartsWithIgnoreCase(rfc3211WrapperName, "DES") ? 8 : 16; byte[] iv = new byte[ivLength]; random.NextBytes(iv); diff --git a/crypto/src/cms/SignerInformation.cs b/crypto/src/cms/SignerInformation.cs index 84256d9f8..4e21b1246 100644 --- a/crypto/src/cms/SignerInformation.cs +++ b/crypto/src/cms/SignerInformation.cs @@ -575,7 +575,7 @@ namespace Org.BouncyCastle.Cms { if (algorithm.Equals("RSA")) { - IBufferedCipher c = CmsEnvelopedHelper.Instance.CreateAsymmetricCipher("RSA/ECB/PKCS1Padding"); + IBufferedCipher c = CipherUtilities.GetCipher(Asn1.Pkcs.PkcsObjectIdentifiers.RsaEncryption); c.Init(false, key); diff --git a/crypto/src/util/Platform.cs b/crypto/src/util/Platform.cs index e43714181..25f2c62d9 100644 --- a/crypto/src/util/Platform.cs +++ b/crypto/src/util/Platform.cs @@ -56,6 +56,11 @@ namespace Org.BouncyCastle.Utilities return InvariantCompareInfo.IsPrefix(source, prefix, CompareOptions.Ordinal); } + internal static bool StartsWithIgnoreCase(string source, string prefix) + { + return InvariantCompareInfo.IsPrefix(source, prefix, CompareOptions.OrdinalIgnoreCase); + } + internal static bool EndsWith(string source, string suffix) { return InvariantCompareInfo.IsSuffix(source, suffix, CompareOptions.Ordinal); |