diff --git a/crypto/src/cmp/ProtectedPkiMessageBuilder.cs b/crypto/src/cmp/ProtectedPkiMessageBuilder.cs
index 269910cc6..6440c3f4e 100644
--- a/crypto/src/cmp/ProtectedPkiMessageBuilder.cs
+++ b/crypto/src/cmp/ProtectedPkiMessageBuilder.cs
@@ -145,11 +145,7 @@ namespace Org.BouncyCastle.Cmp
private byte[] CalculateSignature(IStreamCalculator signer, PkiHeader header, PkiBody body)
{
- Asn1EncodableVector avec = new Asn1EncodableVector(2);
- avec.Add(header);
- avec.Add(body);
-
- new DerSequence(avec).EncodeTo(signer.Stream);
+ new DerSequence(header, body).EncodeTo(signer.Stream);
object result = signer.GetResult();
if (result is DefaultSignatureResult sigResult)
diff --git a/crypto/src/cms/CMSSignedDataGenerator.cs b/crypto/src/cms/CMSSignedDataGenerator.cs
index 596c6a130..3a612a635 100644
--- a/crypto/src/cms/CMSSignedDataGenerator.cs
+++ b/crypto/src/cms/CMSSignedDataGenerator.cs
@@ -131,39 +131,40 @@ namespace Org.BouncyCastle.Cms
outer.m_digests.Add(digestOID, (byte[])hash.Clone());
}
- IStreamCalculator calculator = sigCalc.CreateCalculator();
- Stream sigStr = new BufferedStream(calculator.Stream);
-
Asn1Set signedAttr = null;
- if (sAttr != null)
- {
- var parameters = outer.GetBaseParameters(contentType, digAlgId, hash);
-
-// Asn1.Cms.AttributeTable signed = sAttr.GetAttributes(Collections.unmodifiableMap(parameters));
- Asn1.Cms.AttributeTable signed = sAttr.GetAttributes(parameters);
-
- if (contentType == null) //counter signature
- {
- if (signed != null && signed[CmsAttributes.ContentType] != null)
- {
- signed = signed.Remove(CmsAttributes.ContentType);
- }
- }
- // TODO Validate proposed signed attributes
-
- signedAttr = outer.GetAttributeSet(signed);
-
- // sig must be composed from the DER encoding.
- signedAttr.EncodeTo(sigStr, Asn1Encodable.Der);
- }
- else if (content != null)
+ IStreamCalculator calculator = sigCalc.CreateCalculator();
+ using (Stream sigStr = calculator.Stream)
{
- // TODO Use raw signature of the hash value instead
- content.Write(sigStr);
- }
+ if (sAttr != null)
+ {
+ var parameters = outer.GetBaseParameters(contentType, digAlgId, hash);
+
+ //Asn1.Cms.AttributeTable signed = sAttr.GetAttributes(Collections.unmodifiableMap(parameters));
+ Asn1.Cms.AttributeTable signed = sAttr.GetAttributes(parameters);
+
+ if (contentType == null) //counter signature
+ {
+ if (signed != null && signed[CmsAttributes.ContentType] != null)
+ {
+ signed = signed.Remove(CmsAttributes.ContentType);
+ }
+ }
+
+ // TODO Validate proposed signed attributes
+
+ signedAttr = outer.GetAttributeSet(signed);
+
+ // sig must be composed from the DER encoding.
+ signedAttr.EncodeTo(sigStr, Asn1Encodable.Der);
+ }
+ else if (content != null)
+ {
+ // TODO Use raw signature of the hash value instead
+ content.Write(sigStr);
+ }
+ }
- Platform.Dispose(sigStr);
byte[] sigBytes = ((IBlockResult)calculator.GetResult()).Collect();
Asn1Set unsignedAttr = null;
diff --git a/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs b/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs
index b7a3ae01a..50c2ea65c 100644
--- a/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs
+++ b/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs
@@ -1,4 +1,5 @@
using System;
+using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Crmf;
@@ -58,32 +59,30 @@ namespace Org.BouncyCastle.Crmf
}
PopoSigningKeyInput popo;
- byte[] b;
- IStreamCalculator calc = signer.CreateCalculator();
- if (_certRequest != null)
- {
- popo = null;
- b = _certRequest.GetDerEncoded();
- calc.Stream.Write(b, 0, b.Length);
- }
- else if (_name != null)
- {
- popo = new PopoSigningKeyInput(_name, _pubKeyInfo);
- b = popo.GetDerEncoded();
- calc.Stream.Write(b, 0, b.Length);
- }
- else
+ IStreamCalculator calc = signer.CreateCalculator();
+ using (Stream sigStream = calc.Stream)
{
- popo = new PopoSigningKeyInput(_publicKeyMAC, _pubKeyInfo);
- b = popo.GetDerEncoded();
- calc.Stream.Write(b, 0, b.Length);
+ if (_certRequest != null)
+ {
+ popo = null;
+ _certRequest.EncodeTo(sigStream, Asn1Encodable.Der);
+ }
+ else if (_name != null)
+ {
+ popo = new PopoSigningKeyInput(_name, _pubKeyInfo);
+ popo.EncodeTo(sigStream, Asn1Encodable.Der);
+ }
+ else
+ {
+ popo = new PopoSigningKeyInput(_publicKeyMAC, _pubKeyInfo);
+ popo.EncodeTo(sigStream, Asn1Encodable.Der);
+ }
}
- calc.Stream.Flush();
- Platform.Dispose(calc.Stream);
- DefaultSignatureResult res = (DefaultSignatureResult)calc.GetResult();
- return new PopoSigningKey(popo, (AlgorithmIdentifier)signer.AlgorithmDetails, new DerBitString(res.Collect()));
+ var signature = ((IBlockResult)calc.GetResult()).Collect();
+
+ return new PopoSigningKey(popo, (AlgorithmIdentifier)signer.AlgorithmDetails, new DerBitString(signature));
}
}
}
diff --git a/crypto/src/ocsp/BasicOCSPRespGenerator.cs b/crypto/src/ocsp/BasicOCSPRespGenerator.cs
index 147bd7839..d4ec3df80 100644
--- a/crypto/src/ocsp/BasicOCSPRespGenerator.cs
+++ b/crypto/src/ocsp/BasicOCSPRespGenerator.cs
@@ -206,20 +206,19 @@ namespace Org.BouncyCastle.Ocsp
}
}
- ResponseData tbsResp = new ResponseData(responderID.ToAsn1Object(), new DerGeneralizedTime(producedAt), new DerSequence(responses), responseExtensions);
- DerBitString bitSig = null;
+ ResponseData tbsResp = new ResponseData(responderID.ToAsn1Object(), new DerGeneralizedTime(producedAt),
+ new DerSequence(responses), responseExtensions);
+ DerBitString bitSig;
try
{
IStreamCalculator streamCalculator = signatureCalculator.CreateCalculator();
+ using (Stream sigStream = streamCalculator.Stream)
+ {
+ tbsResp.EncodeTo(sigStream, Asn1Encodable.Der);
+ }
- byte[] encoded = tbsResp.GetDerEncoded();
-
- streamCalculator.Stream.Write(encoded, 0, encoded.Length);
-
- Platform.Dispose(streamCalculator.Stream);
-
- bitSig = new DerBitString(((IBlockResult)streamCalculator.GetResult()).Collect());
+ bitSig = new DerBitString(((IBlockResult)streamCalculator.GetResult()).Collect());
}
catch (Exception e)
{
@@ -236,9 +235,7 @@ namespace Org.BouncyCastle.Ocsp
{
for (int i = 0; i != chain.Length; i++)
{
- v.Add(
- X509CertificateStructure.GetInstance(
- Asn1Object.FromByteArray(chain[i].GetEncoded())));
+ v.Add(chain[i].CertificateStructure);
}
}
catch (IOException e)
diff --git a/crypto/src/ocsp/OCSPReqGenerator.cs b/crypto/src/ocsp/OCSPReqGenerator.cs
index 52890ae30..dda1625e5 100644
--- a/crypto/src/ocsp/OCSPReqGenerator.cs
+++ b/crypto/src/ocsp/OCSPReqGenerator.cs
@@ -165,9 +165,7 @@ namespace Org.BouncyCastle.Ocsp
{
for (int i = 0; i != chain.Length; i++)
{
- v.Add(
- X509CertificateStructure.GetInstance(
- Asn1Object.FromByteArray(chain[i].GetEncoded())));
+ v.Add(chain[i].CertificateStructure);
}
}
catch (IOException e)
diff --git a/crypto/src/pkcs/Pkcs10CertificationRequest.cs b/crypto/src/pkcs/Pkcs10CertificationRequest.cs
index d462fb4db..be4cbb570 100644
--- a/crypto/src/pkcs/Pkcs10CertificationRequest.cs
+++ b/crypto/src/pkcs/Pkcs10CertificationRequest.cs
@@ -282,12 +282,10 @@ namespace Org.BouncyCastle.Pkcs
this.reqInfo = new CertificationRequestInfo(subject, pubInfo, attributes);
IStreamCalculator streamCalculator = signatureFactory.CreateCalculator();
-
- byte[] reqInfoData = reqInfo.GetDerEncoded();
-
- streamCalculator.Stream.Write(reqInfoData, 0, reqInfoData.Length);
-
- Platform.Dispose(streamCalculator.Stream);
+ using (Stream sigStream = streamCalculator.Stream)
+ {
+ reqInfo.EncodeTo(sigStream, Der);
+ }
// Generate Signature.
sigBits = new DerBitString(((IBlockResult)streamCalculator.GetResult()).Collect());
diff --git a/crypto/src/x509/X509V1CertificateGenerator.cs b/crypto/src/x509/X509V1CertificateGenerator.cs
index aae263450..01c155b5d 100644
--- a/crypto/src/x509/X509V1CertificateGenerator.cs
+++ b/crypto/src/x509/X509V1CertificateGenerator.cs
@@ -1,5 +1,6 @@
using System;
using System.Collections.Generic;
+using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
@@ -110,35 +111,29 @@ namespace Org.BouncyCastle.X509
}
/// <summary>
- /// Generate a new X509Certificate using the passed in SignatureCalculator.
+ /// Generate a new <see cref="X509Certificate"/> using the provided <see cref="ISignatureFactory"/>.
/// </summary>
- /// <param name="signatureFactory">A signature calculator factory with the necessary algorithm details.</param>
- /// <returns>An X509Certificate.</returns>
+ /// <param name="signatureFactory">A <see cref="ISignatureFactory">signature factory</see> with the necessary
+ /// algorithm details.</param>
+ /// <returns>An <see cref="X509Certificate"/>.</returns>
public X509Certificate Generate(ISignatureFactory signatureFactory)
{
- tbsGen.SetSignature((AlgorithmIdentifier)signatureFactory.AlgorithmDetails);
+ var sigAlgID = (AlgorithmIdentifier)signatureFactory.AlgorithmDetails;
- TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate();
-
- IStreamCalculator streamCalculator = signatureFactory.CreateCalculator();
+ tbsGen.SetSignature(sigAlgID);
- byte[] encoded = tbsCert.GetDerEncoded();
-
- streamCalculator.Stream.Write(encoded, 0, encoded.Length);
+ TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate();
- Platform.Dispose(streamCalculator.Stream);
+ IStreamCalculator streamCalculator = signatureFactory.CreateCalculator();
+ using (Stream sigStream = streamCalculator.Stream)
+ {
+ tbsCert.EncodeTo(sigStream, Asn1Encodable.Der);
+ }
- return GenerateJcaObject(tbsCert, (AlgorithmIdentifier)signatureFactory.AlgorithmDetails,
- ((IBlockResult)streamCalculator.GetResult()).Collect());
- }
+ var signature = ((IBlockResult)streamCalculator.GetResult()).Collect();
- private X509Certificate GenerateJcaObject(
- TbsCertificateStructure tbsCert,
- AlgorithmIdentifier sigAlg,
- byte[] signature)
- {
return new X509Certificate(
- new X509CertificateStructure(tbsCert, sigAlg, new DerBitString(signature)));
+ new X509CertificateStructure(tbsCert, sigAlgID, new DerBitString(signature)));
}
/// <summary>
diff --git a/crypto/src/x509/X509V2AttributeCertificateGenerator.cs b/crypto/src/x509/X509V2AttributeCertificateGenerator.cs
index 2e5c9c863..3e1a58e49 100644
--- a/crypto/src/x509/X509V2AttributeCertificateGenerator.cs
+++ b/crypto/src/x509/X509V2AttributeCertificateGenerator.cs
@@ -1,5 +1,6 @@
using System;
using System.Collections.Generic;
+using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
@@ -99,44 +100,35 @@ namespace Org.BouncyCastle.X509
extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, extensionValue);
}
- /// <summary>
- /// Generate a new X.509 Attribute Certificate using the passed in SignatureCalculator.
- /// </summary>
- /// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param>
- /// <returns>An IX509AttributeCertificate.</returns>
- public X509V2AttributeCertificate Generate(ISignatureFactory signatureCalculatorFactory)
+ /// <summary>
+ /// Generate a new <see cref="X509V2AttributeCertificate"/> using the provided <see cref="ISignatureFactory"/>.
+ /// </summary>
+ /// <param name="signatureFactory">A <see cref="ISignatureFactory">signature factory</see> with the necessary
+ /// algorithm details.</param>
+ /// <returns>An <see cref="X509V2AttributeCertificate"/>.</returns>
+ public X509V2AttributeCertificate Generate(ISignatureFactory signatureFactory)
{
- if (!extGenerator.IsEmpty)
+ var sigAlgID = (AlgorithmIdentifier)signatureFactory.AlgorithmDetails;
+
+ acInfoGen.SetSignature(sigAlgID);
+
+ if (!extGenerator.IsEmpty)
{
acInfoGen.SetExtensions(extGenerator.Generate());
}
- AlgorithmIdentifier sigAlgID = (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails;
-
- acInfoGen.SetSignature(sigAlgID);
-
AttributeCertificateInfo acInfo = acInfoGen.GenerateAttributeCertificateInfo();
- byte[] encoded = acInfo.GetDerEncoded();
-
- IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator();
-
- streamCalculator.Stream.Write(encoded, 0, encoded.Length);
-
- Platform.Dispose(streamCalculator.Stream);
-
- try
+ IStreamCalculator streamCalculator = signatureFactory.CreateCalculator();
+ using (Stream sigStream = streamCalculator.Stream)
{
- DerBitString signatureValue = new DerBitString(((IBlockResult)streamCalculator.GetResult()).Collect());
-
- return new X509V2AttributeCertificate(new AttributeCertificate(acInfo, sigAlgID, signatureValue));
- }
- catch (Exception e)
- {
- // TODO
-// throw new ExtCertificateEncodingException("constructed invalid certificate", e);
- throw new CertificateEncodingException("constructed invalid certificate", e);
+ acInfo.EncodeTo(sigStream, Asn1Encodable.Der);
}
+
+ var signature = ((IBlockResult)streamCalculator.GetResult()).Collect();
+
+ return new X509V2AttributeCertificate(
+ new AttributeCertificate(acInfo, sigAlgID, new DerBitString(signature)));
}
/// <summary>
diff --git a/crypto/src/x509/X509V2CRLGenerator.cs b/crypto/src/x509/X509V2CRLGenerator.cs
index cb316f21b..e386ee8f2 100644
--- a/crypto/src/x509/X509V2CRLGenerator.cs
+++ b/crypto/src/x509/X509V2CRLGenerator.cs
@@ -167,46 +167,35 @@ namespace Org.BouncyCastle.X509
extGenerator.AddExtension(oid, critical, new DerOctetString(extensionValue));
}
- /// <summary>
- /// Generate a new X509Crl using the passed in SignatureCalculator.
- /// </summary>
- /// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param>
- /// <returns>An X509Crl.</returns>
- public X509Crl Generate(ISignatureFactory signatureCalculatorFactory)
+ /// <summary>
+ /// Generate a new <see cref="X509Crl"/> using the provided <see cref="ISignatureFactory"/>.
+ /// </summary>
+ /// <param name="signatureFactory">A <see cref="ISignatureFactory">signature factory</see> with the necessary
+ /// algorithm details.</param>
+ /// <returns>An <see cref="X509Crl"/>.</returns>
+ public X509Crl Generate(ISignatureFactory signatureFactory)
{
- tbsGen.SetSignature((AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails);
-
- TbsCertificateList tbsCertList = GenerateCertList();
-
- IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator();
-
- byte[] encoded = tbsCertList.GetDerEncoded();
-
- streamCalculator.Stream.Write(encoded, 0, encoded.Length);
-
- Platform.Dispose(streamCalculator.Stream);
+ var sigAlgID = (AlgorithmIdentifier)signatureFactory.AlgorithmDetails;
- return GenerateJcaObject(tbsCertList, (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails, ((IBlockResult)streamCalculator.GetResult()).Collect());
- }
+ tbsGen.SetSignature(sigAlgID);
- private TbsCertificateList GenerateCertList()
- {
if (!extGenerator.IsEmpty)
{
tbsGen.SetExtensions(extGenerator.Generate());
}
- return tbsGen.GenerateTbsCertList();
- }
+ TbsCertificateList tbsCertList = tbsGen.GenerateTbsCertList();
+
+ IStreamCalculator streamCalculator = signatureFactory.CreateCalculator();
+ using (Stream sigStream = streamCalculator.Stream)
+ {
+ tbsCertList.EncodeTo(sigStream, Asn1Encodable.Der);
+ }
+
+ var signature = ((IBlockResult)streamCalculator.GetResult()).Collect();
- private X509Crl GenerateJcaObject(
- TbsCertificateList tbsCrl,
- AlgorithmIdentifier algId,
- byte[] signature)
- {
return new X509Crl(
- CertificateList.GetInstance(
- new DerSequence(tbsCrl, algId, new DerBitString(signature))));
+ CertificateList.GetInstance(new DerSequence(tbsCertList, sigAlgID, new DerBitString(signature))));
}
/// <summary>
diff --git a/crypto/src/x509/X509V3CertificateGenerator.cs b/crypto/src/x509/X509V3CertificateGenerator.cs
index 7930ab23b..50e3fc689 100644
--- a/crypto/src/x509/X509V3CertificateGenerator.cs
+++ b/crypto/src/x509/X509V3CertificateGenerator.cs
@@ -241,13 +241,14 @@ namespace Org.BouncyCastle.X509
}
/// <summary>
- /// Generate a new X509Certificate using the passed in SignatureCalculator.
+ /// Generate a new <see cref="X509Certificate"/> using the provided <see cref="ISignatureFactory"/>.
/// </summary>
- /// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param>
- /// <returns>An X509Certificate.</returns>
- public X509Certificate Generate(ISignatureFactory signatureCalculatorFactory)
+ /// <param name="signatureFactory">A <see cref="ISignatureFactory">signature factory</see> with the necessary
+ /// algorithm details.</param>
+ /// <returns>An <see cref="X509Certificate"/>.</returns>
+ public X509Certificate Generate(ISignatureFactory signatureFactory)
{
- var sigAlgID = (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails;
+ var sigAlgID = (AlgorithmIdentifier)signatureFactory.AlgorithmDetails;
tbsGen.SetSignature(sigAlgID);
@@ -258,7 +259,7 @@ namespace Org.BouncyCastle.X509
TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate();
- IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator();
+ IStreamCalculator streamCalculator = signatureFactory.CreateCalculator();
using (Stream sigStream = streamCalculator.Stream)
{
tbsCert.EncodeTo(sigStream, Asn1Encodable.Der);
|
