diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-06-29 20:55:57 +0700 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-06-29 20:55:57 +0700 |
commit | e049cab36e9e68adff298acc24acdaa2551f72ef (patch) | |
tree | e772d623791461cba50b1eba3bbd4f833f893ae9 /crypto/src/x509 | |
parent | Add Objects class (diff) | |
download | BouncyCastle.NET-ed25519-e049cab36e9e68adff298acc24acdaa2551f72ef.tar.xz |
Refactoring around Stream signers
Diffstat (limited to 'crypto/src/x509')
-rw-r--r-- | crypto/src/x509/X509V1CertificateGenerator.cs | 35 | ||||
-rw-r--r-- | crypto/src/x509/X509V2AttributeCertificateGenerator.cs | 50 | ||||
-rw-r--r-- | crypto/src/x509/X509V2CRLGenerator.cs | 49 | ||||
-rw-r--r-- | crypto/src/x509/X509V3CertificateGenerator.cs | 13 |
4 files changed, 62 insertions, 85 deletions
diff --git a/crypto/src/x509/X509V1CertificateGenerator.cs b/crypto/src/x509/X509V1CertificateGenerator.cs index aae263450..01c155b5d 100644 --- a/crypto/src/x509/X509V1CertificateGenerator.cs +++ b/crypto/src/x509/X509V1CertificateGenerator.cs @@ -1,5 +1,6 @@ using System; using System.Collections.Generic; +using System.IO; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; @@ -110,35 +111,29 @@ namespace Org.BouncyCastle.X509 } /// <summary> - /// Generate a new X509Certificate using the passed in SignatureCalculator. + /// Generate a new <see cref="X509Certificate"/> using the provided <see cref="ISignatureFactory"/>. /// </summary> - /// <param name="signatureFactory">A signature calculator factory with the necessary algorithm details.</param> - /// <returns>An X509Certificate.</returns> + /// <param name="signatureFactory">A <see cref="ISignatureFactory">signature factory</see> with the necessary + /// algorithm details.</param> + /// <returns>An <see cref="X509Certificate"/>.</returns> public X509Certificate Generate(ISignatureFactory signatureFactory) { - tbsGen.SetSignature((AlgorithmIdentifier)signatureFactory.AlgorithmDetails); + var sigAlgID = (AlgorithmIdentifier)signatureFactory.AlgorithmDetails; - TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate(); - - IStreamCalculator streamCalculator = signatureFactory.CreateCalculator(); + tbsGen.SetSignature(sigAlgID); - byte[] encoded = tbsCert.GetDerEncoded(); - - streamCalculator.Stream.Write(encoded, 0, encoded.Length); + TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate(); - Platform.Dispose(streamCalculator.Stream); + IStreamCalculator streamCalculator = signatureFactory.CreateCalculator(); + using (Stream sigStream = streamCalculator.Stream) + { + tbsCert.EncodeTo(sigStream, Asn1Encodable.Der); + } - return GenerateJcaObject(tbsCert, (AlgorithmIdentifier)signatureFactory.AlgorithmDetails, - ((IBlockResult)streamCalculator.GetResult()).Collect()); - } + var signature = ((IBlockResult)streamCalculator.GetResult()).Collect(); - private X509Certificate GenerateJcaObject( - TbsCertificateStructure tbsCert, - AlgorithmIdentifier sigAlg, - byte[] signature) - { return new X509Certificate( - new X509CertificateStructure(tbsCert, sigAlg, new DerBitString(signature))); + new X509CertificateStructure(tbsCert, sigAlgID, new DerBitString(signature))); } /// <summary> diff --git a/crypto/src/x509/X509V2AttributeCertificateGenerator.cs b/crypto/src/x509/X509V2AttributeCertificateGenerator.cs index 2e5c9c863..3e1a58e49 100644 --- a/crypto/src/x509/X509V2AttributeCertificateGenerator.cs +++ b/crypto/src/x509/X509V2AttributeCertificateGenerator.cs @@ -1,5 +1,6 @@ using System; using System.Collections.Generic; +using System.IO; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; @@ -99,44 +100,35 @@ namespace Org.BouncyCastle.X509 extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, extensionValue); } - /// <summary> - /// Generate a new X.509 Attribute Certificate using the passed in SignatureCalculator. - /// </summary> - /// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param> - /// <returns>An IX509AttributeCertificate.</returns> - public X509V2AttributeCertificate Generate(ISignatureFactory signatureCalculatorFactory) + /// <summary> + /// Generate a new <see cref="X509V2AttributeCertificate"/> using the provided <see cref="ISignatureFactory"/>. + /// </summary> + /// <param name="signatureFactory">A <see cref="ISignatureFactory">signature factory</see> with the necessary + /// algorithm details.</param> + /// <returns>An <see cref="X509V2AttributeCertificate"/>.</returns> + public X509V2AttributeCertificate Generate(ISignatureFactory signatureFactory) { - if (!extGenerator.IsEmpty) + var sigAlgID = (AlgorithmIdentifier)signatureFactory.AlgorithmDetails; + + acInfoGen.SetSignature(sigAlgID); + + if (!extGenerator.IsEmpty) { acInfoGen.SetExtensions(extGenerator.Generate()); } - AlgorithmIdentifier sigAlgID = (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails; - - acInfoGen.SetSignature(sigAlgID); - AttributeCertificateInfo acInfo = acInfoGen.GenerateAttributeCertificateInfo(); - byte[] encoded = acInfo.GetDerEncoded(); - - IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator(); - - streamCalculator.Stream.Write(encoded, 0, encoded.Length); - - Platform.Dispose(streamCalculator.Stream); - - try + IStreamCalculator streamCalculator = signatureFactory.CreateCalculator(); + using (Stream sigStream = streamCalculator.Stream) { - DerBitString signatureValue = new DerBitString(((IBlockResult)streamCalculator.GetResult()).Collect()); - - return new X509V2AttributeCertificate(new AttributeCertificate(acInfo, sigAlgID, signatureValue)); - } - catch (Exception e) - { - // TODO -// throw new ExtCertificateEncodingException("constructed invalid certificate", e); - throw new CertificateEncodingException("constructed invalid certificate", e); + acInfo.EncodeTo(sigStream, Asn1Encodable.Der); } + + var signature = ((IBlockResult)streamCalculator.GetResult()).Collect(); + + return new X509V2AttributeCertificate( + new AttributeCertificate(acInfo, sigAlgID, new DerBitString(signature))); } /// <summary> diff --git a/crypto/src/x509/X509V2CRLGenerator.cs b/crypto/src/x509/X509V2CRLGenerator.cs index cb316f21b..e386ee8f2 100644 --- a/crypto/src/x509/X509V2CRLGenerator.cs +++ b/crypto/src/x509/X509V2CRLGenerator.cs @@ -167,46 +167,35 @@ namespace Org.BouncyCastle.X509 extGenerator.AddExtension(oid, critical, new DerOctetString(extensionValue)); } - /// <summary> - /// Generate a new X509Crl using the passed in SignatureCalculator. - /// </summary> - /// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param> - /// <returns>An X509Crl.</returns> - public X509Crl Generate(ISignatureFactory signatureCalculatorFactory) + /// <summary> + /// Generate a new <see cref="X509Crl"/> using the provided <see cref="ISignatureFactory"/>. + /// </summary> + /// <param name="signatureFactory">A <see cref="ISignatureFactory">signature factory</see> with the necessary + /// algorithm details.</param> + /// <returns>An <see cref="X509Crl"/>.</returns> + public X509Crl Generate(ISignatureFactory signatureFactory) { - tbsGen.SetSignature((AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails); - - TbsCertificateList tbsCertList = GenerateCertList(); - - IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator(); - - byte[] encoded = tbsCertList.GetDerEncoded(); - - streamCalculator.Stream.Write(encoded, 0, encoded.Length); - - Platform.Dispose(streamCalculator.Stream); + var sigAlgID = (AlgorithmIdentifier)signatureFactory.AlgorithmDetails; - return GenerateJcaObject(tbsCertList, (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails, ((IBlockResult)streamCalculator.GetResult()).Collect()); - } + tbsGen.SetSignature(sigAlgID); - private TbsCertificateList GenerateCertList() - { if (!extGenerator.IsEmpty) { tbsGen.SetExtensions(extGenerator.Generate()); } - return tbsGen.GenerateTbsCertList(); - } + TbsCertificateList tbsCertList = tbsGen.GenerateTbsCertList(); + + IStreamCalculator streamCalculator = signatureFactory.CreateCalculator(); + using (Stream sigStream = streamCalculator.Stream) + { + tbsCertList.EncodeTo(sigStream, Asn1Encodable.Der); + } + + var signature = ((IBlockResult)streamCalculator.GetResult()).Collect(); - private X509Crl GenerateJcaObject( - TbsCertificateList tbsCrl, - AlgorithmIdentifier algId, - byte[] signature) - { return new X509Crl( - CertificateList.GetInstance( - new DerSequence(tbsCrl, algId, new DerBitString(signature)))); + CertificateList.GetInstance(new DerSequence(tbsCertList, sigAlgID, new DerBitString(signature)))); } /// <summary> diff --git a/crypto/src/x509/X509V3CertificateGenerator.cs b/crypto/src/x509/X509V3CertificateGenerator.cs index 7930ab23b..50e3fc689 100644 --- a/crypto/src/x509/X509V3CertificateGenerator.cs +++ b/crypto/src/x509/X509V3CertificateGenerator.cs @@ -241,13 +241,14 @@ namespace Org.BouncyCastle.X509 } /// <summary> - /// Generate a new X509Certificate using the passed in SignatureCalculator. + /// Generate a new <see cref="X509Certificate"/> using the provided <see cref="ISignatureFactory"/>. /// </summary> - /// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param> - /// <returns>An X509Certificate.</returns> - public X509Certificate Generate(ISignatureFactory signatureCalculatorFactory) + /// <param name="signatureFactory">A <see cref="ISignatureFactory">signature factory</see> with the necessary + /// algorithm details.</param> + /// <returns>An <see cref="X509Certificate"/>.</returns> + public X509Certificate Generate(ISignatureFactory signatureFactory) { - var sigAlgID = (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails; + var sigAlgID = (AlgorithmIdentifier)signatureFactory.AlgorithmDetails; tbsGen.SetSignature(sigAlgID); @@ -258,7 +259,7 @@ namespace Org.BouncyCastle.X509 TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate(); - IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator(); + IStreamCalculator streamCalculator = signatureFactory.CreateCalculator(); using (Stream sigStream = streamCalculator.Stream) { tbsCert.EncodeTo(sigStream, Asn1Encodable.Der); |