summary refs log tree commit diff
diff options
context:
space:
mode:
authorDavid Hook <dgh@cryptoworkshop.com>2023-10-17 10:34:35 +1100
committerDavid Hook <dgh@cryptoworkshop.com>2023-10-17 10:34:35 +1100
commitb3511ee0cf44defcc9544cdec0cd604ace4ffe07 (patch)
tree15fd082bef267f4a6faa100912d3767bdf457c82
parentUse GeneratePrivateKey in tests (diff)
downloadBouncyCastle.NET-ed25519-b3511ee0cf44defcc9544cdec0cd604ace4ffe07.tar.xz
added EC alg recognition
-rw-r--r--crypto/src/cms/CMSSignedHelper.cs373
1 files changed, 187 insertions, 186 deletions
diff --git a/crypto/src/cms/CMSSignedHelper.cs b/crypto/src/cms/CMSSignedHelper.cs
index 6ca764892..a1e894947 100644
--- a/crypto/src/cms/CMSSignedHelper.cs
+++ b/crypto/src/cms/CMSSignedHelper.cs
@@ -29,39 +29,39 @@ namespace Org.BouncyCastle.Cms
         private static readonly string EncryptionECDsaWithSha384 = X9ObjectIdentifiers.ECDsaWithSha384.Id;
         private static readonly string EncryptionECDsaWithSha512 = X9ObjectIdentifiers.ECDsaWithSha512.Id;
 
-		private static readonly IDictionary<string, string> m_encryptionAlgs = new Dictionary<string, string>();
-		private static readonly IDictionary<string, string> m_digestAlgs = new Dictionary<string, string>();
-		private static readonly IDictionary<string, string[]> m_digestAliases = new Dictionary<string, string[]>();
+        private static readonly IDictionary<string, string> m_encryptionAlgs = new Dictionary<string, string>();
+        private static readonly IDictionary<string, string> m_digestAlgs = new Dictionary<string, string>();
+        private static readonly IDictionary<string, string[]> m_digestAliases = new Dictionary<string, string[]>();
 
         private static readonly HashSet<string> m_noParams = new HashSet<string>();
-		private static readonly IDictionary<string, string> m_ecAlgorithms = new Dictionary<string, string>();
-
-		private static void AddEntries(DerObjectIdentifier oid, string digest, string encryption)
-		{
-			string alias = oid.Id;
-			m_digestAlgs.Add(alias, digest);
-			m_encryptionAlgs.Add(alias, encryption);
-		}
-
-		static CmsSignedHelper()
-		{
-			AddEntries(NistObjectIdentifiers.DsaWithSha224, "SHA224", "DSA");
-			AddEntries(NistObjectIdentifiers.DsaWithSha256, "SHA256", "DSA");
-			AddEntries(NistObjectIdentifiers.DsaWithSha384, "SHA384", "DSA");
-			AddEntries(NistObjectIdentifiers.DsaWithSha512, "SHA512", "DSA");
-			AddEntries(OiwObjectIdentifiers.DsaWithSha1, "SHA1", "DSA");
-			AddEntries(OiwObjectIdentifiers.MD4WithRsa, "MD4", "RSA");
-			AddEntries(OiwObjectIdentifiers.MD4WithRsaEncryption, "MD4", "RSA");
-			AddEntries(OiwObjectIdentifiers.MD5WithRsa, "MD5", "RSA");
-			AddEntries(OiwObjectIdentifiers.Sha1WithRsa, "SHA1", "RSA");
-			AddEntries(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2", "RSA");
-			AddEntries(PkcsObjectIdentifiers.MD4WithRsaEncryption, "MD4", "RSA");
-			AddEntries(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5", "RSA");
-			AddEntries(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1", "RSA");
-			AddEntries(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224", "RSA");
-			AddEntries(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256", "RSA");
-			AddEntries(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384", "RSA");
-			AddEntries(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512", "RSA");
+        private static readonly IDictionary<string, string> m_ecAlgorithms = new Dictionary<string, string>();
+
+        private static void AddEntries(DerObjectIdentifier oid, string digest, string encryption)
+        {
+            string alias = oid.Id;
+            m_digestAlgs.Add(alias, digest);
+            m_encryptionAlgs.Add(alias, encryption);
+        }
+
+        static CmsSignedHelper()
+        {
+            AddEntries(NistObjectIdentifiers.DsaWithSha224, "SHA224", "DSA");
+            AddEntries(NistObjectIdentifiers.DsaWithSha256, "SHA256", "DSA");
+            AddEntries(NistObjectIdentifiers.DsaWithSha384, "SHA384", "DSA");
+            AddEntries(NistObjectIdentifiers.DsaWithSha512, "SHA512", "DSA");
+            AddEntries(OiwObjectIdentifiers.DsaWithSha1, "SHA1", "DSA");
+            AddEntries(OiwObjectIdentifiers.MD4WithRsa, "MD4", "RSA");
+            AddEntries(OiwObjectIdentifiers.MD4WithRsaEncryption, "MD4", "RSA");
+            AddEntries(OiwObjectIdentifiers.MD5WithRsa, "MD5", "RSA");
+            AddEntries(OiwObjectIdentifiers.Sha1WithRsa, "SHA1", "RSA");
+            AddEntries(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2", "RSA");
+            AddEntries(PkcsObjectIdentifiers.MD4WithRsaEncryption, "MD4", "RSA");
+            AddEntries(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5", "RSA");
+            AddEntries(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1", "RSA");
+            AddEntries(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224", "RSA");
+            AddEntries(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256", "RSA");
+            AddEntries(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384", "RSA");
+            AddEntries(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512", "RSA");
             AddEntries(PkcsObjectIdentifiers.Sha512_224WithRSAEncryption, "SHA512(224)", "RSA");
             AddEntries(PkcsObjectIdentifiers.Sha512_256WithRSAEncryption, "SHA512(256)", "RSA");
             AddEntries(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224, "SHA3-224", "RSA");
@@ -69,64 +69,65 @@ namespace Org.BouncyCastle.Cms
             AddEntries(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384, "SHA3-384", "RSA");
             AddEntries(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512, "SHA3-512", "RSA");
             AddEntries(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1", "ECDSA");
-			AddEntries(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224", "ECDSA");
-			AddEntries(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256", "ECDSA");
-			AddEntries(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384", "ECDSA");
-			AddEntries(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512", "ECDSA");
-			AddEntries(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1", "DSA");
-			AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_1, "SHA1", "ECDSA");
-			AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224", "ECDSA");
-			AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256", "ECDSA");
-			AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384", "ECDSA");
-			AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512", "ECDSA");
-			AddEntries(EacObjectIdentifiers.id_TA_RSA_v1_5_SHA_1, "SHA1", "RSA");
-			AddEntries(EacObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, "SHA256", "RSA");
-			AddEntries(EacObjectIdentifiers.id_TA_RSA_PSS_SHA_1, "SHA1", "RSAandMGF1");
-			AddEntries(EacObjectIdentifiers.id_TA_RSA_PSS_SHA_256, "SHA256", "RSAandMGF1");
+            AddEntries(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224", "ECDSA");
+            AddEntries(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256", "ECDSA");
+            AddEntries(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384", "ECDSA");
+            AddEntries(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512", "ECDSA");
+            AddEntries(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1", "DSA");
+            AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_1, "SHA1", "ECDSA");
+            AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224", "ECDSA");
+            AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256", "ECDSA");
+            AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384", "ECDSA");
+            AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512", "ECDSA");
+            AddEntries(EacObjectIdentifiers.id_TA_RSA_v1_5_SHA_1, "SHA1", "RSA");
+            AddEntries(EacObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, "SHA256", "RSA");
+            AddEntries(EacObjectIdentifiers.id_TA_RSA_PSS_SHA_1, "SHA1", "RSAandMGF1");
+            AddEntries(EacObjectIdentifiers.id_TA_RSA_PSS_SHA_256, "SHA256", "RSAandMGF1");
             AddEntries(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, "GOST3411", "GOST3410");
             AddEntries(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001, "GOST3411", "ECGOST3410");
             AddEntries(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256, "GOST3411-2012-256", "ECGOST3410");
             AddEntries(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512, "GOST3411-2012-512", "ECGOST3410");
 
             m_encryptionAlgs.Add(X9ObjectIdentifiers.IdDsa.Id, "DSA");
-			m_encryptionAlgs.Add(PkcsObjectIdentifiers.RsaEncryption.Id, "RSA");
-			m_encryptionAlgs.Add(TeleTrusTObjectIdentifiers.TeleTrusTRsaSignatureAlgorithm.Id, "RSA");
-			m_encryptionAlgs.Add(X509ObjectIdentifiers.IdEARsa.Id, "RSA");
-			m_encryptionAlgs.Add(CmsSignedGenerator.EncryptionRsaPss, "RSAandMGF1");
-			m_encryptionAlgs.Add(CryptoProObjectIdentifiers.GostR3410x94.Id, "GOST3410");
-			m_encryptionAlgs.Add(CryptoProObjectIdentifiers.GostR3410x2001.Id, "ECGOST3410");
+            m_encryptionAlgs.Add(PkcsObjectIdentifiers.RsaEncryption.Id, "RSA");
+            m_encryptionAlgs.Add(TeleTrusTObjectIdentifiers.TeleTrusTRsaSignatureAlgorithm.Id, "RSA");
+            m_encryptionAlgs.Add(X509ObjectIdentifiers.IdEARsa.Id, "RSA");
+            m_encryptionAlgs.Add(CmsSignedGenerator.EncryptionRsaPss, "RSAandMGF1");
+            m_encryptionAlgs.Add(CryptoProObjectIdentifiers.GostR3410x94.Id, "GOST3410");
+            m_encryptionAlgs.Add(CryptoProObjectIdentifiers.GostR3410x2001.Id, "ECGOST3410");
             m_encryptionAlgs.Add(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256.Id, "ECGOST3410");
             m_encryptionAlgs.Add(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512.Id, "ECGOST3410");
             m_encryptionAlgs.Add("1.3.6.1.4.1.5849.1.6.2", "ECGOST3410");
-			m_encryptionAlgs.Add("1.3.6.1.4.1.5849.1.1.5", "GOST3410");
-
-			m_digestAlgs.Add(PkcsObjectIdentifiers.MD2.Id, "MD2");
-			m_digestAlgs.Add(PkcsObjectIdentifiers.MD4.Id, "MD4");
-			m_digestAlgs.Add(PkcsObjectIdentifiers.MD5.Id, "MD5");
-			m_digestAlgs.Add(OiwObjectIdentifiers.IdSha1.Id, "SHA1");
-			m_digestAlgs.Add(NistObjectIdentifiers.IdSha224.Id, "SHA224");
-			m_digestAlgs.Add(NistObjectIdentifiers.IdSha256.Id, "SHA256");
-			m_digestAlgs.Add(NistObjectIdentifiers.IdSha384.Id, "SHA384");
-			m_digestAlgs.Add(NistObjectIdentifiers.IdSha512.Id, "SHA512");
-			m_digestAlgs.Add(NistObjectIdentifiers.IdSha512_224.Id, "SHA512(224)");
-			m_digestAlgs.Add(NistObjectIdentifiers.IdSha512_256.Id, "SHA512(256)");
-			m_digestAlgs.Add(NistObjectIdentifiers.IdSha3_224.Id, "SHA3-224");
-			m_digestAlgs.Add(NistObjectIdentifiers.IdSha3_256.Id, "SHA3-256");
-			m_digestAlgs.Add(NistObjectIdentifiers.IdSha3_384.Id, "SHA3-384");
-			m_digestAlgs.Add(NistObjectIdentifiers.IdSha3_512.Id, "SHA3-512");
-			m_digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD128.Id, "RIPEMD128");
-			m_digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD160.Id, "RIPEMD160");
-			m_digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD256.Id, "RIPEMD256");
-			m_digestAlgs.Add(CryptoProObjectIdentifiers.GostR3411.Id,  "GOST3411");
-			m_digestAlgs.Add("1.3.6.1.4.1.5849.1.2.1",  "GOST3411");
+            m_encryptionAlgs.Add("1.3.6.1.4.1.5849.1.1.5", "GOST3410");
+            m_encryptionAlgs.Add(X9ObjectIdentifiers.IdECPublicKey.Id, "ECDSA");
+
+            m_digestAlgs.Add(PkcsObjectIdentifiers.MD2.Id, "MD2");
+            m_digestAlgs.Add(PkcsObjectIdentifiers.MD4.Id, "MD4");
+            m_digestAlgs.Add(PkcsObjectIdentifiers.MD5.Id, "MD5");
+            m_digestAlgs.Add(OiwObjectIdentifiers.IdSha1.Id, "SHA1");
+            m_digestAlgs.Add(NistObjectIdentifiers.IdSha224.Id, "SHA224");
+            m_digestAlgs.Add(NistObjectIdentifiers.IdSha256.Id, "SHA256");
+            m_digestAlgs.Add(NistObjectIdentifiers.IdSha384.Id, "SHA384");
+            m_digestAlgs.Add(NistObjectIdentifiers.IdSha512.Id, "SHA512");
+            m_digestAlgs.Add(NistObjectIdentifiers.IdSha512_224.Id, "SHA512(224)");
+            m_digestAlgs.Add(NistObjectIdentifiers.IdSha512_256.Id, "SHA512(256)");
+            m_digestAlgs.Add(NistObjectIdentifiers.IdSha3_224.Id, "SHA3-224");
+            m_digestAlgs.Add(NistObjectIdentifiers.IdSha3_256.Id, "SHA3-256");
+            m_digestAlgs.Add(NistObjectIdentifiers.IdSha3_384.Id, "SHA3-384");
+            m_digestAlgs.Add(NistObjectIdentifiers.IdSha3_512.Id, "SHA3-512");
+            m_digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD128.Id, "RIPEMD128");
+            m_digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD160.Id, "RIPEMD160");
+            m_digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD256.Id, "RIPEMD256");
+            m_digestAlgs.Add(CryptoProObjectIdentifiers.GostR3411.Id,  "GOST3411");
+            m_digestAlgs.Add("1.3.6.1.4.1.5849.1.2.1",  "GOST3411");
             m_digestAlgs.Add(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256.Id, "GOST3411-2012-256");
             m_digestAlgs.Add(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512.Id, "GOST3411-2012-512");
 
             m_digestAliases.Add("SHA1", new string[]{ "SHA-1" });
-			m_digestAliases.Add("SHA224", new string[]{ "SHA-224" });
-			m_digestAliases.Add("SHA256", new string[]{ "SHA-256" });
-			m_digestAliases.Add("SHA384", new string[]{ "SHA-384" });
-			m_digestAliases.Add("SHA512", new string[]{ "SHA-512" });
+            m_digestAliases.Add("SHA224", new string[]{ "SHA-224" });
+            m_digestAliases.Add("SHA256", new string[]{ "SHA-256" });
+            m_digestAliases.Add("SHA384", new string[]{ "SHA-384" });
+            m_digestAliases.Add("SHA512", new string[]{ "SHA-512" });
 
             m_noParams.Add(CmsSignedGenerator.EncryptionDsa);
             //m_noParams.Add(EncryptionECDsa);
@@ -136,39 +137,39 @@ namespace Org.BouncyCastle.Cms
             m_noParams.Add(EncryptionECDsaWithSha384);
             m_noParams.Add(EncryptionECDsaWithSha512);
 
-			m_ecAlgorithms.Add(CmsSignedGenerator.DigestSha1, EncryptionECDsaWithSha1);
-			m_ecAlgorithms.Add(CmsSignedGenerator.DigestSha224, EncryptionECDsaWithSha224);
-			m_ecAlgorithms.Add(CmsSignedGenerator.DigestSha256, EncryptionECDsaWithSha256);
-			m_ecAlgorithms.Add(CmsSignedGenerator.DigestSha384, EncryptionECDsaWithSha384);
-			m_ecAlgorithms.Add(CmsSignedGenerator.DigestSha512, EncryptionECDsaWithSha512);
-		}
+            m_ecAlgorithms.Add(CmsSignedGenerator.DigestSha1, EncryptionECDsaWithSha1);
+            m_ecAlgorithms.Add(CmsSignedGenerator.DigestSha224, EncryptionECDsaWithSha224);
+            m_ecAlgorithms.Add(CmsSignedGenerator.DigestSha256, EncryptionECDsaWithSha256);
+            m_ecAlgorithms.Add(CmsSignedGenerator.DigestSha384, EncryptionECDsaWithSha384);
+            m_ecAlgorithms.Add(CmsSignedGenerator.DigestSha512, EncryptionECDsaWithSha512);
+        }
 
-		/**
+        /**
         * Return the digest algorithm using one of the standard JCA string
         * representations rather than the algorithm identifier (if possible).
         */
-		internal static string GetDigestAlgName(string digestAlgOid)
+        internal static string GetDigestAlgName(string digestAlgOid)
         {
             return CollectionUtilities.GetValueOrKey(m_digestAlgs, digestAlgOid);
         }
 
         internal static AlgorithmIdentifier GetEncAlgorithmIdentifier(DerObjectIdentifier encOid,
-			Asn1Encodable sigX509Parameters)
-		{
-			if (m_noParams.Contains(encOid.Id))
-			{
-				return new AlgorithmIdentifier(encOid);
-			}
-
-			return new AlgorithmIdentifier(encOid, sigX509Parameters);
-		}
-
-		internal static string[] GetDigestAliases(string algName)
-		{
-			return m_digestAliases.TryGetValue(algName, out var aliases) ? (string[])aliases.Clone() : new string[0];
-		}
-
-		/**
+            Asn1Encodable sigX509Parameters)
+        {
+            if (m_noParams.Contains(encOid.Id))
+            {
+                return new AlgorithmIdentifier(encOid);
+            }
+
+            return new AlgorithmIdentifier(encOid, sigX509Parameters);
+        }
+
+        internal static string[] GetDigestAliases(string algName)
+        {
+            return m_digestAliases.TryGetValue(algName, out var aliases) ? (string[])aliases.Clone() : new string[0];
+        }
+
+        /**
         * Return the digest encryption algorithm using one of the standard
         * JCA string representations rather than the algorithm identifier (if
         * possible).
@@ -179,31 +180,31 @@ namespace Org.BouncyCastle.Cms
         }
 
         internal static IDigest GetDigestInstance(string algorithm)
-		{
-			try
-			{
-				return DigestUtilities.GetDigest(algorithm);
-			}
-			catch (SecurityUtilityException)
-			{
-				// This is probably superfluous on C#, since no provider infrastructure,
-				// assuming DigestUtilities already knows all the aliases
-				foreach (string alias in GetDigestAliases(algorithm))
-				{
-					try { return DigestUtilities.GetDigest(alias); }
-					catch (SecurityUtilityException) {}
-				}
-				throw;
-			}
-		}
-
-		internal static ISigner GetSignatureInstance(string algorithm)
-		{
-			return SignerUtilities.GetSigner(algorithm);
-		}
+        {
+            try
+            {
+                return DigestUtilities.GetDigest(algorithm);
+            }
+            catch (SecurityUtilityException)
+            {
+                // This is probably superfluous on C#, since no provider infrastructure,
+                // assuming DigestUtilities already knows all the aliases
+                foreach (string alias in GetDigestAliases(algorithm))
+                {
+                    try { return DigestUtilities.GetDigest(alias); }
+                    catch (SecurityUtilityException) {}
+                }
+                throw;
+            }
+        }
+
+        internal static ISigner GetSignatureInstance(string algorithm)
+        {
+            return SignerUtilities.GetSigner(algorithm);
+        }
 
         internal static AlgorithmIdentifier FixDigestAlgID(AlgorithmIdentifier algID,
-			IDigestAlgorithmFinder digestAlgorithmFinder)
+            IDigestAlgorithmFinder digestAlgorithmFinder)
         {
             var parameters = algID.Parameters;
             if (parameters == null || DerNull.Instance.Equals(parameters))
@@ -260,25 +261,25 @@ namespace Org.BouncyCastle.Cms
                 }
                 else if (ecPrivKey.Parameters is ECGost3410Parameters ecGost3410Parameters)
                 {
-					var digestParamSet = ecGost3410Parameters.DigestParamSet;
+                    var digestParamSet = ecGost3410Parameters.DigestParamSet;
                     if (digestParamSet.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256))
-					{
+                    {
                         encOID = CmsSignedGenerator.EncryptionECGost3410_2012_256;
                     }
                     else if (digestParamSet.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512))
-					{
+                    {
                         encOID = CmsSignedGenerator.EncryptionECGost3410_2012_512;
                     }
                     else
-					{
+                    {
                         throw new ArgumentException("can't determine GOST3410 algorithm");
                     }
                 }
                 else
-				{
-					// TODO Should we insist on algName being one of "EC" or "ECDSA", as Java does?
-					if (!m_ecAlgorithms.TryGetValue(digestOID, out encOID))
-						throw new ArgumentException("can't mix ECDSA with anything but SHA family digests");
+                {
+                    // TODO Should we insist on algName being one of "EC" or "ECDSA", as Java does?
+                    if (!m_ecAlgorithms.TryGetValue(digestOID, out encOID))
+                        throw new ArgumentException("can't mix ECDSA with anything but SHA family digests");
                 }
             }
             else if (key is Gost3410PrivateKeyParameters)
@@ -293,57 +294,57 @@ namespace Org.BouncyCastle.Cms
             return encOID;
         }
 
-		internal static IStore<X509V2AttributeCertificate> GetAttributeCertificates(Asn1Set attrCertSet)
-		{
-			var contents = new List<X509V2AttributeCertificate>();
-			if (attrCertSet != null)
-			{
-				foreach (Asn1Encodable ae in attrCertSet)
-				{
-					if (ae != null && ae.ToAsn1Object() is Asn1TaggedObject t)
-					{
-						if (t.HasContextTag(2))
-						{
-							Asn1Sequence s = Asn1Sequence.GetInstance(t, false);
-
-							contents.Add(new X509V2AttributeCertificate(AttributeCertificate.GetInstance(s)));
-						}
-					}
-				}
-			}
-			return CollectionUtilities.CreateStore(contents);
-		}
-
-		internal static IStore<X509Certificate> GetCertificates(Asn1Set certSet)
-		{
-			var contents = new List<X509Certificate>();
-			if (certSet != null)
+        internal static IStore<X509V2AttributeCertificate> GetAttributeCertificates(Asn1Set attrCertSet)
+        {
+            var contents = new List<X509V2AttributeCertificate>();
+            if (attrCertSet != null)
+            {
+                foreach (Asn1Encodable ae in attrCertSet)
+                {
+                    if (ae != null && ae.ToAsn1Object() is Asn1TaggedObject t)
+                    {
+                        if (t.HasContextTag(2))
+                        {
+                            Asn1Sequence s = Asn1Sequence.GetInstance(t, false);
+
+                            contents.Add(new X509V2AttributeCertificate(AttributeCertificate.GetInstance(s)));
+                        }
+                    }
+                }
+            }
+            return CollectionUtilities.CreateStore(contents);
+        }
+
+        internal static IStore<X509Certificate> GetCertificates(Asn1Set certSet)
+        {
+            var contents = new List<X509Certificate>();
+            if (certSet != null)
             {
-				foreach (Asn1Encodable ae in certSet)
-				{
-					if (ae == null)
-						continue;
+                foreach (Asn1Encodable ae in certSet)
+                {
+                    if (ae == null)
+                        continue;
 
-					if (ae is X509CertificateStructure c)
-					{
+                    if (ae is X509CertificateStructure c)
+                    {
                         contents.Add(new X509Certificate(c));
                     }
-					else if (ae.ToAsn1Object() is Asn1Sequence s)
-					{
+                    else if (ae.ToAsn1Object() is Asn1Sequence s)
+                    {
                         contents.Add(new X509Certificate(X509CertificateStructure.GetInstance(s)));
                     }
-				}
-			}
-			return CollectionUtilities.CreateStore(contents);
-		}
-
-		internal static IStore<X509Crl> GetCrls(Asn1Set crlSet)
-		{
-			var contents = new List<X509Crl>();
-			if (crlSet != null)
-			{
-				foreach (Asn1Encodable ae in crlSet)
-				{
+                }
+            }
+            return CollectionUtilities.CreateStore(contents);
+        }
+
+        internal static IStore<X509Crl> GetCrls(Asn1Set crlSet)
+        {
+            var contents = new List<X509Crl>();
+            if (crlSet != null)
+            {
+                foreach (Asn1Encodable ae in crlSet)
+                {
                     if (ae == null)
                         continue;
 
@@ -355,10 +356,10 @@ namespace Org.BouncyCastle.Cms
                     {
                         contents.Add(new X509Crl(CertificateList.GetInstance(s)));
                     }
-				}
-			}
-			return CollectionUtilities.CreateStore(contents);
-		}
+                }
+            }
+            return CollectionUtilities.CreateStore(contents);
+        }
 
         internal static IStore<Asn1Encodable> GetOtherRevInfos(Asn1Set crlSet, DerObjectIdentifier otherRevInfoFormat)
         {
@@ -369,14 +370,14 @@ namespace Org.BouncyCastle.Cms
                 {
                     if (ae != null && ae.ToAsn1Object() is Asn1TaggedObject taggedObject)
                     {
-						if (taggedObject.HasContextTag(1))
-						{
+                        if (taggedObject.HasContextTag(1))
+                        {
                             var otherRevocationInfo = OtherRevocationInfoFormat.GetInstance(taggedObject, false);
 
-							if (otherRevInfoFormat.Equals(otherRevocationInfo.InfoFormat))
-							{
-								contents.Add(otherRevocationInfo.Info);
-							}
+                            if (otherRevInfoFormat.Equals(otherRevocationInfo.InfoFormat))
+                            {
+                                contents.Add(otherRevocationInfo.Info);
+                            }
                         }
                     }
                 }