initial support for non-default PRF with PBKDF2

4 files changed, 18 insertions, 3 deletions

diff --git a/crypto/src/asn1/misc/MiscObjectIdentifiers.cs b/crypto/src/asn1/misc/MiscObjectIdentifiers.cs

index 1ff19e737..9a817f5c3 100644
--- a/crypto/src/asn1/misc/MiscObjectIdentifiers.cs
+++ b/crypto/src/asn1/misc/MiscObjectIdentifiers.cs
@@ -52,6 +52,8 @@ namespace Org.BouncyCastle.Asn1.Misc
 
         public static readonly DerObjectIdentifier cast5CBC = new DerObjectIdentifier(Entrust+ ".66.10");
 
+        public static readonly DerObjectIdentifier HMAC_SHA1 = new DerObjectIdentifier("1.3.6.1.5.5.8.1.2");
+
         //
         // Ascom
         //
diff --git a/crypto/src/security/DigestUtilities.cs b/crypto/src/security/DigestUtilities.cs

index a17a9abee..bf859b800 100644
--- a/crypto/src/security/DigestUtilities.cs
+++ b/crypto/src/security/DigestUtilities.cs
@@ -60,18 +60,25 @@ namespace Org.BouncyCastle.Security
 
             algorithms["SHA1"] = "SHA-1";
             algorithms[OiwObjectIdentifiers.IdSha1.Id] = "SHA-1";
+            algorithms[PkcsObjectIdentifiers.IdHmacWithSha1.Id] = "SHA-1";
+            algorithms[MiscObjectIdentifiers.HMAC_SHA1.Id] = "SHA-1";
             algorithms["SHA224"] = "SHA-224";
             algorithms[NistObjectIdentifiers.IdSha224.Id] = "SHA-224";
+            algorithms[PkcsObjectIdentifiers.IdHmacWithSha224.Id] = "SHA-224";
             algorithms["SHA256"] = "SHA-256";
             algorithms[NistObjectIdentifiers.IdSha256.Id] = "SHA-256";
+            algorithms[PkcsObjectIdentifiers.IdHmacWithSha256.Id] = "SHA-256";
             algorithms["SHA384"] = "SHA-384";
             algorithms[NistObjectIdentifiers.IdSha384.Id] = "SHA-384";
+            algorithms[PkcsObjectIdentifiers.IdHmacWithSha384.Id] = "SHA-384";
             algorithms["SHA512"] = "SHA-512";
             algorithms[NistObjectIdentifiers.IdSha512.Id] = "SHA-512";
+            algorithms[PkcsObjectIdentifiers.IdHmacWithSha512.Id] = "SHA-512";
             algorithms["SHA512/224"] = "SHA-512/224";
             algorithms[NistObjectIdentifiers.IdSha512_224.Id] = "SHA-512/224";
             algorithms["SHA512/256"] = "SHA-512/256";
             algorithms[NistObjectIdentifiers.IdSha512_256.Id] = "SHA-512/256";
+            algorithms[PkcsObjectIdentifiers.IdHmacWithSha1.Id] = "SHA-512/256";
 
             algorithms["RIPEMD-128"] = "RIPEMD128";
             algorithms[TeleTrusTObjectIdentifiers.RipeMD128.Id] = "RIPEMD128";
@@ -91,9 +98,13 @@ namespace Org.BouncyCastle.Security
             algorithms["KECCAK512"] = "KECCAK-512";
 
             algorithms[NistObjectIdentifiers.IdSha3_224.Id] = "SHA3-224";
+            algorithms[NistObjectIdentifiers.IdHMacWithSha3_224.Id] = "SHA3-224";
             algorithms[NistObjectIdentifiers.IdSha3_256.Id] = "SHA3-256";
+            algorithms[NistObjectIdentifiers.IdHMacWithSha3_256.Id] = "SHA3-256";
             algorithms[NistObjectIdentifiers.IdSha3_384.Id] = "SHA3-384";
+            algorithms[NistObjectIdentifiers.IdHMacWithSha3_384.Id] = "SHA3-384";
             algorithms[NistObjectIdentifiers.IdSha3_512.Id] = "SHA3-512";
+            algorithms[NistObjectIdentifiers.IdHMacWithSha3_512.Id] = "SHA3-512";
             algorithms[NistObjectIdentifiers.IdShake128.Id] = "SHAKE128";
             algorithms[NistObjectIdentifiers.IdShake256.Id] = "SHAKE256";
 
diff --git a/crypto/src/security/MacUtilities.cs b/crypto/src/security/MacUtilities.cs

index a3bf8809f..f36fc6ae4 100644
--- a/crypto/src/security/MacUtilities.cs
+++ b/crypto/src/security/MacUtilities.cs
@@ -4,6 +4,7 @@ using System.Globalization;
 
 using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Iana;
+using Org.BouncyCastle.Asn1.Misc;
 using Org.BouncyCastle.Asn1.Nist;
 using Org.BouncyCastle.Asn1.Pkcs;
 using Org.BouncyCastle.Asn1.Rosstandart;
@@ -35,6 +36,7 @@ namespace Org.BouncyCastle.Security
             algorithms[IanaObjectIdentifiers.HmacTiger.Id] = "HMAC-TIGER";
 
             algorithms[PkcsObjectIdentifiers.IdHmacWithSha1.Id] = "HMAC-SHA1";
+            algorithms[MiscObjectIdentifiers.HMAC_SHA1.Id] = "HMAC-SHA1";
             algorithms[PkcsObjectIdentifiers.IdHmacWithSha224.Id] = "HMAC-SHA224";
             algorithms[PkcsObjectIdentifiers.IdHmacWithSha256.Id] = "HMAC-SHA256";
             algorithms[PkcsObjectIdentifiers.IdHmacWithSha384.Id] = "HMAC-SHA384";
diff --git a/crypto/src/security/PbeUtilities.cs b/crypto/src/security/PbeUtilities.cs

index 33f31e5b4..ce47e38e5 100644
--- a/crypto/src/security/PbeUtilities.cs
+++ b/crypto/src/security/PbeUtilities.cs
@@ -217,7 +217,7 @@ namespace Org.BouncyCastle.Security
             }
             else if (type.Equals(Pkcs5S2))
             {
-                generator = new Pkcs5S2ParametersGenerator();
+                generator = new Pkcs5S2ParametersGenerator(digest);
             }
             else if (type.Equals(Pkcs12))
             {
@@ -404,8 +404,8 @@ namespace Org.BouncyCastle.Security
                 DerObjectIdentifier encOid = encScheme.Algorithm;
                 Asn1Object encParams = encScheme.Parameters.ToAsn1Object();
 
-                // TODO What about s2p.KeyDerivationFunc.Algorithm?
                 Pbkdf2Params pbeParams = Pbkdf2Params.GetInstance(s2p.KeyDerivationFunc.Parameters.ToAsn1Object());
+                IDigest digest = DigestUtilities.GetDigest(pbeParams.Prf.Algorithm);
 
                 byte[] iv;
                 if (encOid.Equals(PkcsObjectIdentifiers.RC2Cbc)) // PKCS5.B.2.3
@@ -427,7 +427,7 @@ namespace Org.BouncyCastle.Security
                     :	GeneratorUtilities.GetDefaultKeySize(encOid);
 
                 PbeParametersGenerator gen = MakePbeGenerator(
-                    (string)algorithmType[mechanism], null, keyBytes, salt, iterationCount);
+                    (string)algorithmType[mechanism], digest, keyBytes, salt, iterationCount);
 
                 parameters = gen.GenerateDerivedParameters(encOid.Id, keyLength);