diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2018-10-14 19:40:02 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2018-10-14 19:40:02 +0700 |
| commit | 94173c7f8b2d87b28353b7e9ee8d0f2514f02875 (patch) | |
| tree | bee9c940b4ada80b23e316386e64a945290d8306 /crypto/src/security | |
| parent | Move XDH/EdDSA key generation into low-level (diff) | |
| download | BouncyCastle.NET-ed25519-94173c7f8b2d87b28353b7e9ee8d0f2514f02875.tar.xz | |
Port of CVC-ECDSA and PLAIN-ECDSA from Java
Diffstat (limited to 'crypto/src/security')
| -rw-r--r-- | crypto/src/security/DigestUtilities.cs | 2 | ||||
| -rw-r--r-- | crypto/src/security/SignerUtilities.cs | 269 |
2 files changed, 147 insertions, 124 deletions
diff --git a/crypto/src/security/DigestUtilities.cs b/crypto/src/security/DigestUtilities.cs index 445304196..24a68f63d 100644 --- a/crypto/src/security/DigestUtilities.cs +++ b/crypto/src/security/DigestUtilities.cs @@ -31,6 +31,7 @@ namespace Org.BouncyCastle.Security GOST3411_2012_256, GOST3411_2012_512, KECCAK_224, KECCAK_256, KECCAK_288, KECCAK_384, KECCAK_512, MD2, MD4, MD5, + NONE, RIPEMD128, RIPEMD160, RIPEMD256, RIPEMD320, SHA_1, SHA_224, SHA_256, SHA_384, SHA_512, SHA_512_224, SHA_512_256, @@ -222,6 +223,7 @@ namespace Org.BouncyCastle.Security case DigestAlgorithm.MD2: return new MD2Digest(); case DigestAlgorithm.MD4: return new MD4Digest(); case DigestAlgorithm.MD5: return new MD5Digest(); + case DigestAlgorithm.NONE: return new NullDigest(); case DigestAlgorithm.RIPEMD128: return new RipeMD128Digest(); case DigestAlgorithm.RIPEMD160: return new RipeMD160Digest(); case DigestAlgorithm.RIPEMD256: return new RipeMD256Digest(); diff --git a/crypto/src/security/SignerUtilities.cs b/crypto/src/security/SignerUtilities.cs index 6107bf878..dc31ae464 100644 --- a/crypto/src/security/SignerUtilities.cs +++ b/crypto/src/security/SignerUtilities.cs @@ -3,7 +3,9 @@ using System.Collections; using System.IO; using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Bsi; using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Eac; using Org.BouncyCastle.Asn1.EdEC; using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Oiw; @@ -222,6 +224,108 @@ namespace Org.BouncyCastle.Security algorithms["RIPEMD160WITHECDSA"] = "RIPEMD160withECDSA"; algorithms[TeleTrusTObjectIdentifiers.ECSignWithRipeMD160.Id] = "RIPEMD160withECDSA"; + algorithms["NONEWITHCVC-ECDSA"] = "NONEwithCVC-ECDSA"; + algorithms["CVC-ECDSAWITHNONE"] = "NONEwithCVC-ECDSA"; + + algorithms["SHA1/CVC-ECDSA"] = "SHA-1withCVC-ECDSA"; + algorithms["SHA-1/CVC-ECDSA"] = "SHA-1withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA1"] = "SHA-1withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA-1"] = "SHA-1withCVC-ECDSA"; + algorithms["SHA1WITHCVC-ECDSA"] = "SHA-1withCVC-ECDSA"; + algorithms["SHA-1WITHCVC-ECDSA"] = "SHA-1withCVC-ECDSA"; + algorithms[EacObjectIdentifiers.id_TA_ECDSA_SHA_1.Id] = "SHA-1withCVC-ECDSA"; + + algorithms["SHA224/CVC-ECDSA"] = "SHA-224withCVC-ECDSA"; + algorithms["SHA-224/CVC-ECDSA"] = "SHA-224withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA224"] = "SHA-224withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA-224"] = "SHA-224withCVC-ECDSA"; + algorithms["SHA224WITHCVC-ECDSA"] = "SHA-224withCVC-ECDSA"; + algorithms["SHA-224WITHCVC-ECDSA"] = "SHA-224withCVC-ECDSA"; + algorithms[EacObjectIdentifiers.id_TA_ECDSA_SHA_224.Id] = "SHA-224withCVC-ECDSA"; + + algorithms["SHA256/CVC-ECDSA"] = "SHA-256withCVC-ECDSA"; + algorithms["SHA-256/CVC-ECDSA"] = "SHA-256withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA256"] = "SHA-256withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA-256"] = "SHA-256withCVC-ECDSA"; + algorithms["SHA256WITHCVC-ECDSA"] = "SHA-256withCVC-ECDSA"; + algorithms["SHA-256WITHCVC-ECDSA"] = "SHA-256withCVC-ECDSA"; + algorithms[EacObjectIdentifiers.id_TA_ECDSA_SHA_256.Id] = "SHA-256withCVC-ECDSA"; + + algorithms["SHA384/CVC-ECDSA"] = "SHA-384withCVC-ECDSA"; + algorithms["SHA-384/CVC-ECDSA"] = "SHA-384withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA384"] = "SHA-384withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA-384"] = "SHA-384withCVC-ECDSA"; + algorithms["SHA384WITHCVC-ECDSA"] = "SHA-384withCVC-ECDSA"; + algorithms["SHA-384WITHCVC-ECDSA"] = "SHA-384withCVC-ECDSA"; + algorithms[EacObjectIdentifiers.id_TA_ECDSA_SHA_384.Id] = "SHA-384withCVC-ECDSA"; + + algorithms["SHA512/CVC-ECDSA"] = "SHA-512withCVC-ECDSA"; + algorithms["SHA-512/CVC-ECDSA"] = "SHA-512withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA512"] = "SHA-512withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA-512"] = "SHA-512withCVC-ECDSA"; + algorithms["SHA512WITHCVC-ECDSA"] = "SHA-512withCVC-ECDSA"; + algorithms["SHA-512WITHCVC-ECDSA"] = "SHA-512withCVC-ECDSA"; + algorithms[EacObjectIdentifiers.id_TA_ECDSA_SHA_512.Id] = "SHA-512withCVC-ECDSA"; + + algorithms["NONEWITHPLAIN-ECDSA"] = "NONEwithPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHNONE"] = "NONEwithPLAIN-ECDSA"; + + algorithms["SHA1/PLAIN-ECDSA"] = "SHA-1withPLAIN-ECDSA"; + algorithms["SHA-1/PLAIN-ECDSA"] = "SHA-1withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA1"] = "SHA-1withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA-1"] = "SHA-1withPLAIN-ECDSA"; + algorithms["SHA1WITHPLAIN-ECDSA"] = "SHA-1withPLAIN-ECDSA"; + algorithms["SHA-1WITHPLAIN-ECDSA"] = "SHA-1withPLAIN-ECDSA"; + algorithms[BsiObjectIdentifiers.ecdsa_plain_SHA1.Id] = "SHA-1withPLAIN-ECDSA"; + + algorithms["SHA224/PLAIN-ECDSA"] = "SHA-224withPLAIN-ECDSA"; + algorithms["SHA-224/PLAIN-ECDSA"] = "SHA-224withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA224"] = "SHA-224withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA-224"] = "SHA-224withPLAIN-ECDSA"; + algorithms["SHA224WITHPLAIN-ECDSA"] = "SHA-224withPLAIN-ECDSA"; + algorithms["SHA-224WITHPLAIN-ECDSA"] = "SHA-224withPLAIN-ECDSA"; + algorithms[BsiObjectIdentifiers.ecdsa_plain_SHA224.Id] = "SHA-224withPLAIN-ECDSA"; + + algorithms["SHA256/PLAIN-ECDSA"] = "SHA-256withPLAIN-ECDSA"; + algorithms["SHA-256/PLAIN-ECDSA"] = "SHA-256withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA256"] = "SHA-256withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA-256"] = "SHA-256withPLAIN-ECDSA"; + algorithms["SHA256WITHPLAIN-ECDSA"] = "SHA-256withPLAIN-ECDSA"; + algorithms["SHA-256WITHPLAIN-ECDSA"] = "SHA-256withPLAIN-ECDSA"; + algorithms[BsiObjectIdentifiers.ecdsa_plain_SHA256.Id] = "SHA-256withPLAIN-ECDSA"; + + algorithms["SHA384/PLAIN-ECDSA"] = "SHA-384withPLAIN-ECDSA"; + algorithms["SHA-384/PLAIN-ECDSA"] = "SHA-384withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA384"] = "SHA-384withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA-384"] = "SHA-384withPLAIN-ECDSA"; + algorithms["SHA384WITHPLAIN-ECDSA"] = "SHA-384withPLAIN-ECDSA"; + algorithms["SHA-384WITHPLAIN-ECDSA"] = "SHA-384withPLAIN-ECDSA"; + algorithms[BsiObjectIdentifiers.ecdsa_plain_SHA384.Id] = "SHA-384withPLAIN-ECDSA"; + + algorithms["SHA512/PLAIN-ECDSA"] = "SHA-512withPLAIN-ECDSA"; + algorithms["SHA-512/PLAIN-ECDSA"] = "SHA-512withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA512"] = "SHA-512withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA-512"] = "SHA-512withPLAIN-ECDSA"; + algorithms["SHA512WITHPLAIN-ECDSA"] = "SHA-512withPLAIN-ECDSA"; + algorithms["SHA-512WITHPLAIN-ECDSA"] = "SHA-512withPLAIN-ECDSA"; + algorithms[BsiObjectIdentifiers.ecdsa_plain_SHA512.Id] = "SHA-512withPLAIN-ECDSA"; + + algorithms["RIPEMD160/PLAIN-ECDSA"] = "RIPEMD160withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHRIPEMD160"] = "RIPEMD160withPLAIN-ECDSA"; + algorithms["RIPEMD160WITHPLAIN-ECDSA"] = "RIPEMD160withPLAIN-ECDSA"; + algorithms[BsiObjectIdentifiers.ecdsa_plain_RIPEMD160.Id] = "RIPEMD160withPLAIN-ECDSA"; + + algorithms["SHA1WITHECNR"] = "SHA-1withECNR"; + algorithms["SHA-1WITHECNR"] = "SHA-1withECNR"; + algorithms["SHA224WITHECNR"] = "SHA-224withECNR"; + algorithms["SHA-224WITHECNR"] = "SHA-224withECNR"; + algorithms["SHA256WITHECNR"] = "SHA-256withECNR"; + algorithms["SHA-256WITHECNR"] = "SHA-256withECNR"; + algorithms["SHA384WITHECNR"] = "SHA-384withECNR"; + algorithms["SHA-384WITHECNR"] = "SHA-384withECNR"; + algorithms["SHA512WITHECNR"] = "SHA-512withECNR"; + algorithms["SHA-512WITHECNR"] = "SHA-512withECNR"; + algorithms["GOST-3410"] = "GOST3410"; algorithms["GOST-3410-94"] = "GOST3410"; algorithms["GOST3411WITHGOST3410"] = "GOST3410"; @@ -268,6 +372,20 @@ namespace Org.BouncyCastle.Security oids["SHA-256withECDSA"] = X9ObjectIdentifiers.ECDsaWithSha256; oids["SHA-384withECDSA"] = X9ObjectIdentifiers.ECDsaWithSha384; oids["SHA-512withECDSA"] = X9ObjectIdentifiers.ECDsaWithSha512; + oids["RIPEMD160withECDSA"] = TeleTrusTObjectIdentifiers.ECSignWithRipeMD160; + + oids["SHA-1withCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_1; + oids["SHA-224withCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_224; + oids["SHA-256withCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_256; + oids["SHA-384withCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_384; + oids["SHA-512withCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_512; + + oids["SHA-1withPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA1; + oids["SHA-224withPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA224; + oids["SHA-256withPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA256; + oids["SHA-384withPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA384; + oids["SHA-512withPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA512; + oids["RIPEMD160withPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_RIPEMD160; oids["GOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94; oids["ECGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; @@ -399,49 +517,12 @@ namespace Org.BouncyCastle.Security { return (new RsaDigestSigner(new NullDigest(), (AlgorithmIdentifier)null)); } - if (mechanism.Equals("MD2withRSA")) - { - return (new RsaDigestSigner(new MD2Digest())); - } - if (mechanism.Equals("MD4withRSA")) - { - return (new RsaDigestSigner(new MD4Digest())); - } - if (mechanism.Equals("MD5withRSA")) - { - return (new RsaDigestSigner(new MD5Digest())); - } - if (mechanism.Equals("SHA-1withRSA")) - { - return (new RsaDigestSigner(new Sha1Digest())); - } - if (mechanism.Equals("SHA-224withRSA")) - { - return (new RsaDigestSigner(new Sha224Digest())); - } - if (mechanism.Equals("SHA-256withRSA")) - { - return (new RsaDigestSigner(new Sha256Digest())); - } - if (mechanism.Equals("SHA-384withRSA")) - { - return (new RsaDigestSigner(new Sha384Digest())); - } - if (mechanism.Equals("SHA-512withRSA")) - { - return (new RsaDigestSigner(new Sha512Digest())); - } - if (mechanism.Equals("RIPEMD128withRSA")) - { - return (new RsaDigestSigner(new RipeMD128Digest())); - } - if (mechanism.Equals("RIPEMD160withRSA")) - { - return (new RsaDigestSigner(new RipeMD160Digest())); - } - if (mechanism.Equals("RIPEMD256withRSA")) + + if (Platform.EndsWith(mechanism, "withRSA")) { - return (new RsaDigestSigner(new RipeMD256Digest())); + string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); + IDigest digest = DigestUtilities.GetDigest(digestName); + return new RsaDigestSigner(digest); } if (mechanism.Equals("RAWRSASSA-PSS")) @@ -455,101 +536,41 @@ namespace Org.BouncyCastle.Security // to be used can be overridden by subsequent parameter settings. return (new PssSigner(new RsaBlindedEngine(), new Sha1Digest())); } - if (mechanism.Equals("SHA-1withRSAandMGF1")) - { - return (new PssSigner(new RsaBlindedEngine(), new Sha1Digest())); - } - if (mechanism.Equals("SHA-224withRSAandMGF1")) - { - return (new PssSigner(new RsaBlindedEngine(), new Sha224Digest())); - } - if (mechanism.Equals("SHA-256withRSAandMGF1")) - { - return (new PssSigner(new RsaBlindedEngine(), new Sha256Digest())); - } - if (mechanism.Equals("SHA-384withRSAandMGF1")) - { - return (new PssSigner(new RsaBlindedEngine(), new Sha384Digest())); - } - if (mechanism.Equals("SHA-512withRSAandMGF1")) - { - return (new PssSigner(new RsaBlindedEngine(), new Sha512Digest())); - } - if (mechanism.Equals("NONEwithDSA")) - { - return (new DsaDigestSigner(new DsaSigner(), new NullDigest())); - } - if (mechanism.Equals("SHA-1withDSA")) - { - return (new DsaDigestSigner(new DsaSigner(), new Sha1Digest())); - } - if (mechanism.Equals("SHA-224withDSA")) - { - return (new DsaDigestSigner(new DsaSigner(), new Sha224Digest())); - } - if (mechanism.Equals("SHA-256withDSA")) - { - return (new DsaDigestSigner(new DsaSigner(), new Sha256Digest())); - } - if (mechanism.Equals("SHA-384withDSA")) - { - return (new DsaDigestSigner(new DsaSigner(), new Sha384Digest())); - } - if (mechanism.Equals("SHA-512withDSA")) + if (Platform.EndsWith(mechanism, "withRSAandMGF1")) { - return (new DsaDigestSigner(new DsaSigner(), new Sha512Digest())); + string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); + IDigest digest = DigestUtilities.GetDigest(digestName); + return new PssSigner(new RsaBlindedEngine(), digest); } - if (mechanism.Equals("NONEwithECDSA")) - { - return (new DsaDigestSigner(new ECDsaSigner(), new NullDigest())); - } - if (mechanism.Equals("SHA-1withECDSA")) + if (Platform.EndsWith(mechanism, "withDSA")) { - return (new DsaDigestSigner(new ECDsaSigner(), new Sha1Digest())); - } - if (mechanism.Equals("SHA-224withECDSA")) - { - return (new DsaDigestSigner(new ECDsaSigner(), new Sha224Digest())); - } - if (mechanism.Equals("SHA-256withECDSA")) - { - return (new DsaDigestSigner(new ECDsaSigner(), new Sha256Digest())); - } - if (mechanism.Equals("SHA-384withECDSA")) - { - return (new DsaDigestSigner(new ECDsaSigner(), new Sha384Digest())); - } - if (mechanism.Equals("SHA-512withECDSA")) - { - return (new DsaDigestSigner(new ECDsaSigner(), new Sha512Digest())); + string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); + IDigest digest = DigestUtilities.GetDigest(digestName); + return new DsaDigestSigner(new DsaSigner(), digest); } - if (mechanism.Equals("RIPEMD160withECDSA")) + if (Platform.EndsWith(mechanism, "withECDSA")) { - return (new DsaDigestSigner(new ECDsaSigner(), new RipeMD160Digest())); + string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); + IDigest digest = DigestUtilities.GetDigest(digestName); + return new DsaDigestSigner(new ECDsaSigner(), digest); } - if (mechanism.Equals("SHA1WITHECNR")) + if (Platform.EndsWith(mechanism, "withCVC-ECDSA") + || Platform.EndsWith(mechanism, "withPLAIN-ECDSA")) { - return (new DsaDigestSigner(new ECNRSigner(), new Sha1Digest())); + string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); + IDigest digest = DigestUtilities.GetDigest(digestName); + return new DsaDigestSigner(new ECDsaSigner(), digest, PlainDsaEncoding.Instance); } - if (mechanism.Equals("SHA224WITHECNR")) - { - return (new DsaDigestSigner(new ECNRSigner(), new Sha224Digest())); - } - if (mechanism.Equals("SHA256WITHECNR")) - { - return (new DsaDigestSigner(new ECNRSigner(), new Sha256Digest())); - } - if (mechanism.Equals("SHA384WITHECNR")) - { - return (new DsaDigestSigner(new ECNRSigner(), new Sha384Digest())); - } - if (mechanism.Equals("SHA512WITHECNR")) + + if (Platform.EndsWith(mechanism, "withECNR")) { - return (new DsaDigestSigner(new ECNRSigner(), new Sha512Digest())); + string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); + IDigest digest = DigestUtilities.GetDigest(digestName); + return new DsaDigestSigner(new ECNRSigner(), digest); } if (mechanism.Equals("GOST3410")) |