diff --git a/crypto/src/cms/KeyTransRecipientInfoGenerator.cs b/crypto/src/cms/KeyTransRecipientInfoGenerator.cs
index b18d18153..23b06d3b3 100644
--- a/crypto/src/cms/KeyTransRecipientInfoGenerator.cs
+++ b/crypto/src/cms/KeyTransRecipientInfoGenerator.cs
@@ -73,14 +73,11 @@ namespace Org.BouncyCastle.Cms
public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random)
{
- byte[] keyBytes = contentEncryptionKey.GetKey();
AlgorithmIdentifier keyEncryptionAlgorithm = this.AlgorithmDetails;
this.random = random;
- IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionAlgorithm.Algorithm.Id);
- keyWrapper.Init(true, new ParametersWithRandom(recipientPublicKey, random));
- byte[] encryptedKeyBytes = keyWrapper.Wrap(keyBytes, 0, keyBytes.Length);
+ byte[] encryptedKeyBytes = GenerateWrappedKey(contentEncryptionKey);
RecipientIdentifier recipId;
if (recipientTbsCert != null)
diff --git a/crypto/src/crmf/PKIArchiveControlBuilder.cs b/crypto/src/crmf/PKIArchiveControlBuilder.cs
index f43ecd4ec..2677e4e0d 100644
--- a/crypto/src/crmf/PKIArchiveControlBuilder.cs
+++ b/crypto/src/crmf/PKIArchiveControlBuilder.cs
@@ -9,7 +9,7 @@ using Org.BouncyCastle.Crypto;
namespace Org.BouncyCastle.Crmf
{
- public class PKIArchiveControlBuilder
+ public class PkiArchiveControlBuilder
{
private CmsEnvelopedDataGenerator envGen;
private CmsProcessableByteArray keyContent;
@@ -20,7 +20,7 @@ namespace Org.BouncyCastle.Crmf
/// <param name="privateKeyInfo">the private key to be archived.</param>
/// <param name="generalName">the general name to be associated with the private key.</param>
///
- public PKIArchiveControlBuilder(PrivateKeyInfo privateKeyInfo, GeneralName generalName)
+ public PkiArchiveControlBuilder(PrivateKeyInfo privateKeyInfo, GeneralName generalName)
{
EncKeyWithID encKeyWithID = new EncKeyWithID(privateKeyInfo, generalName);
@@ -35,14 +35,11 @@ namespace Org.BouncyCastle.Crmf
this.envGen = new CmsEnvelopedDataGenerator();
}
-
-
-
///<summary>Add a recipient generator to this control.</summary>
///<param name="recipientGen"> recipient generator created for a specific recipient.</param>
///<returns>this builder object.</returns>
- public PKIArchiveControlBuilder AddRecipientGenerator(RecipientInfoGenerator recipientGen)
+ public PkiArchiveControlBuilder AddRecipientGenerator(RecipientInfoGenerator recipientGen)
{
envGen.AddRecipientInfoGenerator(recipientGen);
return this;
@@ -56,6 +53,6 @@ namespace Org.BouncyCastle.Crmf
CmsEnvelopedData envContent = envGen.Generate(keyContent, contentEncryptor);
EnvelopedData envD = EnvelopedData.GetInstance(envContent.ContentInfo.Content);
return new PkiArchiveControl(new PkiArchiveOptions(new EncryptedKey(envD)));
+ }
}
-}
}
\ No newline at end of file
diff --git a/crypto/src/crypto/operators/Asn1KeyWrapper.cs b/crypto/src/crypto/operators/Asn1KeyWrapper.cs
index 38f287daa..6e608b94b 100644
--- a/crypto/src/crypto/operators/Asn1KeyWrapper.cs
+++ b/crypto/src/crypto/operators/Asn1KeyWrapper.cs
@@ -10,11 +10,36 @@ using Org.BouncyCastle.Crypto.Digests;
using Org.BouncyCastle.Crypto.Encodings;
using Org.BouncyCastle.Crypto.Engines;
using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Nist;
namespace Org.BouncyCastle.Crypto.Operators
{
+ public class Asn1KeyWrapper : IKeyWrapper
+ {
+ private X509Certificate cert;
+ private string algorithm;
+ private IKeyWrapper wrapper;
+
+ public Asn1KeyWrapper(string algorithm, X509Certificate cert)
+ {
+ this.algorithm = algorithm;
+ this.cert = cert;
+ wrapper = KeyWrapperUtil.WrapperForName(algorithm);
+ }
+
+ public object AlgorithmDetails
+ {
+ get { return wrapper.AlgorithmDetails; }
+ }
+
+ public IBlockResult Wrap(byte[] keyData)
+ {
+ return wrapper.Wrap(keyData);
+ }
+ }
- public class KeyWrapperUtil
+ internal class KeyWrapperUtil
{
//
// Provider
@@ -23,8 +48,11 @@ namespace Org.BouncyCastle.Crypto.Operators
static KeyWrapperUtil()
{
- providerMap["RSA/NONE/OAEPPADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_None_OaepPadding);
- providerMap["RSA/NONE/OAEPWITHSHA256ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_None_OaepWithSha256andMGF1Padding);
+ providerMap["RSA/NONE/OAEPWITHSHA1ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha1_Oaep);
+ providerMap["RSA/NONE/OAEPWITHSHA224ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha224_Oaep);
+ providerMap["RSA/NONE/OAEPWITHSHA256ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha256_Oaep);
+ providerMap["RSA/NONE/OAEPWITHSHA384ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha384_Oaep);
+ providerMap["RSA/NONE/OAEPWITHSHA512ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha512_Oaep);
}
public static IKeyWrapper WrapperForName(string algorithm)
@@ -39,45 +67,18 @@ namespace Org.BouncyCastle.Crypto.Operators
return (IKeyWrapper)provider.createWrapper();
}
- public static IKeyUnwrapper UnWrapperForName(string algorithm)
+ public static IKeyUnwrapper UnwrapperForName(string algorithm)
{
WrapperProvider provider = (WrapperProvider)providerMap[Strings.ToUpperCase(algorithm)];
if (provider == null)
{
- throw new ArgumentException("could not resolve " + algorithm + " to a KeyUnWrapper");
+ throw new ArgumentException("could not resolve " + algorithm + " to a KeyUnwrapper");
}
return (IKeyUnwrapper)provider.createWrapper();
}
}
-
- public class Asn1KeyWrapper : IKeyWrapper
- {
- private X509Certificate cert;
- private string algorithm;
- private IKeyWrapper wrapper;
-
-
-
- public Asn1KeyWrapper(string algorithm, X509Certificate cert)
- {
- this.algorithm = algorithm;
- this.cert = cert;
- wrapper = KeyWrapperUtil.WrapperForName(algorithm);
- }
-
- public object AlgorithmDetails
- {
- get { return wrapper.AlgorithmDetails; }
- }
-
- public IBlockResult Wrap(byte[] keyData)
- {
- return wrapper.Wrap(keyData);
- }
- }
-
internal delegate object WrapperCreatorDelegate();
/// <summary>
@@ -92,40 +93,48 @@ namespace Org.BouncyCastle.Crypto.Operators
this.creator = creator;
}
-
public object createWrapper()
{
return this.creator.Invoke();
}
}
-
-
internal interface WrapperProvider
{
object createWrapper();
}
-
-
internal class RsaOaepWrapper : IKeyWrapper, IKeyUnwrapper
{
+ internal static object Rsa_Sha1_Oaep()
+ {
+ return new RsaOaepWrapper(OiwObjectIdentifiers.IdSha1, new Sha1Digest());
+ }
- internal static object Rsa_None_OaepPadding()
+ internal static object Rsa_Sha224_Oaep()
{
- return new RsaOaepWrapper(new Sha1Digest(), PkcsObjectIdentifiers.IdRsaesOaep);
+ return new RsaOaepWrapper(NistObjectIdentifiers.IdSha224, new Sha224Digest());
}
- internal static object Rsa_None_OaepWithSha256andMGF1Padding()
+ internal static object Rsa_Sha256_Oaep()
{
- return new RsaOaepWrapper(new Sha256Digest(), PkcsObjectIdentifiers.IdRsaesOaep);
+ return new RsaOaepWrapper(NistObjectIdentifiers.IdSha256, new Sha256Digest());
}
+ internal static object Rsa_Sha384_Oaep()
+ {
+ return new RsaOaepWrapper(NistObjectIdentifiers.IdSha384, new Sha384Digest());
+ }
+
+ internal static object Rsa_Sha512_Oaep()
+ {
+ return new RsaOaepWrapper(NistObjectIdentifiers.IdSha512, new Sha512Digest());
+ }
private readonly AlgorithmIdentifier algId;
private readonly IAsymmetricBlockCipher engine;
- public RsaOaepWrapper(IDigest digest, DerObjectIdentifier digestOid)
+ public RsaOaepWrapper(DerObjectIdentifier digestOid, IDigest digest)
{
AlgorithmIdentifier digestAlgId = new AlgorithmIdentifier(digestOid, DerNull.Instance);
@@ -137,6 +146,7 @@ namespace Org.BouncyCastle.Crypto.Operators
RsaesOaepParameters.DefaultPSourceAlgorithm));
this.engine = new OaepEncoding(new RsaBlindedEngine());
}
+
public object AlgorithmDetails
{
get
|
