diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2019-01-31 19:26:09 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2019-01-31 19:26:09 +0700 |
| commit | 65b588a45feb07f27716288ff15f784b5bf73812 (patch) | |
| tree | 41d4d9e5d939e32008460cee18d6fc3dd6857ce0 /crypto/src | |
| parent | removed unnecessary extra ECGOST3410 class (diff) | |
| download | BouncyCastle.NET-ed25519-65b588a45feb07f27716288ff15f784b5bf73812.tar.xz | |
Fixes and tidying up for release
Diffstat (limited to 'crypto/src')
66 files changed, 861 insertions, 1026 deletions
diff --git a/crypto/src/asn1/DerObjectIdentifier.cs b/crypto/src/asn1/DerObjectIdentifier.cs index 495260a68..1c8032f45 100644 --- a/crypto/src/asn1/DerObjectIdentifier.cs +++ b/crypto/src/asn1/DerObjectIdentifier.cs @@ -211,7 +211,7 @@ namespace Org.BouncyCastle.Asn1 } private static bool IsValidBranchID( - String branchID, int start) + string branchID, int start) { bool periodAllowed = false; diff --git a/crypto/src/asn1/bc/BCObjectIdentifiers.cs b/crypto/src/asn1/bc/BCObjectIdentifiers.cs index 4f23c101a..1e2448853 100644 --- a/crypto/src/asn1/bc/BCObjectIdentifiers.cs +++ b/crypto/src/asn1/bc/BCObjectIdentifiers.cs @@ -5,23 +5,20 @@ namespace Org.BouncyCastle.Asn1.BC public abstract class BCObjectIdentifiers { /** - * iso.org.dod.internet.private.enterprise.legion-of-the-bouncy-castle - *<p> - * 1.3.6.1.4.1.22554 + * iso.org.dod.internet.private.enterprise.legion-of-the-bouncy-castle + * <p>1.3.6.1.4.1.22554</p> */ public static readonly DerObjectIdentifier bc = new DerObjectIdentifier("1.3.6.1.4.1.22554"); /** * pbe(1) algorithms - * <p> - * 1.3.6.1.4.1.22554.1 + * <p>1.3.6.1.4.1.22554.1</p> */ public static readonly DerObjectIdentifier bc_pbe = bc.Branch("1"); /** * SHA-1(1) - * <p> - * 1.3.6.1.4.1.22554.1.1 + * <p>1.3.6.1.4.1.22554.1.1</p> */ public static readonly DerObjectIdentifier bc_pbe_sha1 = bc_pbe.Branch("1"); diff --git a/crypto/src/asn1/bsi/BsiObjectIdentifiers.cs b/crypto/src/asn1/bsi/BsiObjectIdentifiers.cs index 95a0d7b52..50ada2e02 100644 --- a/crypto/src/asn1/bsi/BsiObjectIdentifiers.cs +++ b/crypto/src/asn1/bsi/BsiObjectIdentifiers.cs @@ -79,23 +79,22 @@ namespace Org.BouncyCastle.Asn1.Bsi public static readonly DerObjectIdentifier ecka_eg_SessionKDF_AES192 = ecka_eg_SessionKDF.Branch("3"); public static readonly DerObjectIdentifier ecka_eg_SessionKDF_AES256 = ecka_eg_SessionKDF.Branch("4"); - /** AES encryption (CBC) and authentication (CMAC) + /* AES encryption (CBC) and authentication (CMAC) * OID: 0.4.0.127.0.7.1.x */ //TODO: replace "1" with correct OID //public static readonly DerObjectIdentifier aes_cbc_cmac = algorithm.Branch("1"); - /** AES encryption (CBC) and authentication (CMAC) with 128 bit + /* AES encryption (CBC) and authentication (CMAC) with 128 bit * OID: 0.4.0.127.0.7.1.x.y1 */ //TODO: replace "1" with correct OID //public static readonly DerObjectIdentifier id_aes128_CBC_CMAC = aes_cbc_cmac.Branch("1"); - - /** AES encryption (CBC) and authentication (CMAC) with 192 bit + /* AES encryption (CBC) and authentication (CMAC) with 192 bit * OID: 0.4.0.127.0.7.1.x.y2 */ //TODO: replace "1" with correct OID //public static readonly DerObjectIdentifier id_aes192_CBC_CMAC = aes_cbc_cmac.Branch("1"); - /** AES encryption (CBC) and authentication (CMAC) with 256 bit + /* AES encryption (CBC) and authentication (CMAC) with 256 bit * OID: 0.4.0.127.0.7.1.x.y3 */ //TODO: replace "1" with correct OID //public static readonly DerObjectIdentifier id_aes256_CBC_CMAC = aes_cbc_cmac.Branch("1"); diff --git a/crypto/src/asn1/crmf/AttributeTypeAndValue.cs b/crypto/src/asn1/crmf/AttributeTypeAndValue.cs index 0a4b5bdbe..e7587896a 100644 --- a/crypto/src/asn1/crmf/AttributeTypeAndValue.cs +++ b/crypto/src/asn1/crmf/AttributeTypeAndValue.cs @@ -28,7 +28,7 @@ namespace Org.BouncyCastle.Asn1.Crmf } public AttributeTypeAndValue( - String oid, + string oid, Asn1Encodable value) : this(new DerObjectIdentifier(oid), value) { diff --git a/crypto/src/asn1/crmf/Controls.cs b/crypto/src/asn1/crmf/Controls.cs index 5f132155a..70b48a959 100644 --- a/crypto/src/asn1/crmf/Controls.cs +++ b/crypto/src/asn1/crmf/Controls.cs @@ -1,8 +1,8 @@ -using Org.BouncyCastle.Utilities; -using System; -using System.Collections.Generic; +using System; using System.Text; +using Org.BouncyCastle.Utilities; + namespace Org.BouncyCastle.Asn1.Crmf { public class Controls diff --git a/crypto/src/cmp/CertificateConfirmationContent.cs b/crypto/src/cmp/CertificateConfirmationContent.cs index 13d1dab8e..ad46ca039 100644 --- a/crypto/src/cmp/CertificateConfirmationContent.cs +++ b/crypto/src/cmp/CertificateConfirmationContent.cs @@ -1,15 +1,14 @@ - -using Org.BouncyCastle.Cms; -using Org.BouncyCastle.Asn1.Cmp; +using System; +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Cms; namespace Org.BouncyCastle.Cmp { public class CertificateConfirmationContent { - private DefaultDigestAlgorithmIdentifierFinder digestAlgFinder; - private CertConfirmContent content; - + private readonly DefaultDigestAlgorithmIdentifierFinder digestAlgFinder; + private readonly CertConfirmContent content; public CertificateConfirmationContent(CertConfirmContent content) { @@ -38,6 +37,6 @@ namespace Org.BouncyCastle.Cmp } return ret; - } + } } } diff --git a/crypto/src/cmp/CertificateConfirmationContentBuilder.cs b/crypto/src/cmp/CertificateConfirmationContentBuilder.cs index 56f5d5ccb..611fa4449 100644 --- a/crypto/src/cmp/CertificateConfirmationContentBuilder.cs +++ b/crypto/src/cmp/CertificateConfirmationContentBuilder.cs @@ -1,4 +1,6 @@ -using System.Collections; +using System; +using System.Collections; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.X509; @@ -6,22 +8,24 @@ using Org.BouncyCastle.Cms; using Org.BouncyCastle.Crypto.IO; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Cmp { public class CertificateConfirmationContentBuilder { - DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder(); - private DefaultDigestAlgorithmIdentifierFinder digestAlgFinder; - private ArrayList acceptedCerts = new ArrayList(); - private ArrayList acceptedReqIds = new ArrayList(); + private static readonly DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder(); - public CertificateConfirmationContentBuilder() : this(new DefaultDigestAlgorithmIdentifierFinder()) - { + private readonly DefaultDigestAlgorithmIdentifierFinder digestAlgFinder; + private readonly IList acceptedCerts = Platform.CreateArrayList(); + private readonly IList acceptedReqIds = Platform.CreateArrayList(); + public CertificateConfirmationContentBuilder() + : this(new DefaultDigestAlgorithmIdentifierFinder()) + { } - + public CertificateConfirmationContentBuilder(DefaultDigestAlgorithmIdentifierFinder digestAlgFinder) { this.digestAlgFinder = digestAlgFinder; @@ -40,27 +44,19 @@ namespace Org.BouncyCastle.Cmp Asn1EncodableVector v = new Asn1EncodableVector(); for (int i = 0; i != acceptedCerts.Count; i++) { - X509Certificate cert = (X509Certificate) acceptedCerts[i]; - BigInteger reqId = (BigInteger) acceptedReqIds[i]; + X509Certificate cert = (X509Certificate)acceptedCerts[i]; + BigInteger reqId = (BigInteger)acceptedReqIds[i]; - - AlgorithmIdentifier algorithmIdentifier = sigAlgFinder.Find(cert.SigAlgName); + AlgorithmIdentifier algorithmIdentifier = sigAlgFinder.Find(cert.SigAlgName); AlgorithmIdentifier digAlg = digestAlgFinder.find(algorithmIdentifier); - if (digAlg == null) - { + if (null == digAlg) throw new CmpException("cannot find algorithm for digest from signature"); - } - - DigestSink sink = new DigestSink(DigestUtilities.GetDigest(digAlg.Algorithm)); - - sink.Write(cert.GetEncoded()); - byte[] dig = new byte[sink.Digest.GetDigestSize()]; - sink.Digest.DoFinal(dig, 0); + byte[] digest = DigestUtilities.CalculateDigest(digAlg.Algorithm, cert.GetEncoded()); - v.Add(new CertStatus(dig,reqId)); + v.Add(new CertStatus(digest, reqId)); } return new CertificateConfirmationContent(CertConfirmContent.GetInstance(new DerSequence(v)), diff --git a/crypto/src/cmp/CertificateStatus.cs b/crypto/src/cmp/CertificateStatus.cs index 92a94ea05..0f1d9af9b 100644 --- a/crypto/src/cmp/CertificateStatus.cs +++ b/crypto/src/cmp/CertificateStatus.cs @@ -1,4 +1,6 @@ -using Org.BouncyCastle.Asn1.Cmp; +using System; + +using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Cms; using Org.BouncyCastle.Crypto.IO; @@ -11,9 +13,10 @@ namespace Org.BouncyCastle.Cmp { public class CertificateStatus { - private DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder(); - private DefaultDigestAlgorithmIdentifierFinder digestAlgFinder; - private CertStatus certStatus; + private static readonly DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder(); + + private readonly DefaultDigestAlgorithmIdentifierFinder digestAlgFinder; + private readonly CertStatus certStatus; public CertificateStatus(DefaultDigestAlgorithmIdentifierFinder digestAlgFinder, CertStatus certStatus) { @@ -21,10 +24,10 @@ namespace Org.BouncyCastle.Cmp this.certStatus = certStatus; } - public PkiStatusInfo PkiStatusInfo - { - get { return certStatus.StatusInfo; } - } + public PkiStatusInfo PkiStatusInfo + { + get { return certStatus.StatusInfo; } + } public BigInteger CertRequestId { @@ -33,19 +36,12 @@ namespace Org.BouncyCastle.Cmp public bool IsVerified(X509Certificate cert) { + AlgorithmIdentifier digAlg = digestAlgFinder.find(sigAlgFinder.Find(cert.SigAlgName)); + if (null == digAlg) + throw new CmpException("cannot find algorithm for digest from signature " + cert.SigAlgName); - AlgorithmIdentifier digAlg = digestAlgFinder.find( sigAlgFinder.Find(cert.SigAlgName)); - if (digAlg == null) - { - throw new CmpException("cannot find algorithm for digest from signature "+cert.SigAlgName); - } - - DigestSink digestSink = new DigestSink(DigestUtilities.GetDigest(digAlg.Algorithm)); - - digestSink.Write(cert.GetEncoded()); + byte[] digest = DigestUtilities.CalculateDigest(digAlg.Algorithm, cert.GetEncoded()); - byte[] digest = new byte[digestSink.Digest.GetDigestSize()]; - digestSink.Digest.DoFinal(digest, 0); return Arrays.ConstantTimeAreEqual(certStatus.CertHash.GetOctets(), digest); } } diff --git a/crypto/src/cmp/CmpException.cs b/crypto/src/cmp/CmpException.cs index 2f50f7780..6594e8f2a 100644 --- a/crypto/src/cmp/CmpException.cs +++ b/crypto/src/cmp/CmpException.cs @@ -1,24 +1,21 @@ using System; -using System.Runtime.Serialization; - namespace Org.BouncyCastle.Cmp { - public class CmpException : Exception + public class CmpException + : Exception { public CmpException() { } - public CmpException(string message) : base(message) - { - } - - public CmpException(string message, Exception innerException) : base(message, innerException) + public CmpException(string message) + : base(message) { } - protected CmpException(SerializationInfo info, StreamingContext context) : base(info, context) + public CmpException(string message, Exception innerException) + : base(message, innerException) { } } diff --git a/crypto/src/cmp/GeneralPkiMessage.cs b/crypto/src/cmp/GeneralPkiMessage.cs index ad55a8005..9b12ee77b 100644 --- a/crypto/src/cmp/GeneralPkiMessage.cs +++ b/crypto/src/cmp/GeneralPkiMessage.cs @@ -1,20 +1,24 @@ -namespace Org.BouncyCastle.Asn1.Cmp +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cmp; + +namespace Org.BouncyCastle.Cmp { - public class GeneralPKIMessage + public class GeneralPkiMessage { private readonly PkiMessage pkiMessage; - private static PkiMessage parseBytes(byte[] encoding) + private static PkiMessage ParseBytes(byte[] encoding) { return PkiMessage.GetInstance(Asn1Object.FromByteArray(encoding)); } - /// <summary> /// Wrap a PKIMessage ASN.1 structure. /// </summary> /// <param name="pkiMessage">PKI message.</param> - public GeneralPKIMessage(PkiMessage pkiMessage) + public GeneralPkiMessage(PkiMessage pkiMessage) { this.pkiMessage = pkiMessage; } @@ -23,24 +27,19 @@ /// Create a PKIMessage from the passed in bytes. /// </summary> /// <param name="encoding">BER/DER encoding of the PKIMessage</param> - public GeneralPKIMessage(byte[] encoding) : this(parseBytes(encoding)) + public GeneralPkiMessage(byte[] encoding) + : this(ParseBytes(encoding)) { } public PkiHeader Header { - get - { - return pkiMessage.Header; - } + get { return pkiMessage.Header; } } public PkiBody Body { - get - { - return pkiMessage.Body; - } + get { return pkiMessage.Body; } } /// <summary> diff --git a/crypto/src/cmp/ProtectedPkiMessage.cs b/crypto/src/cmp/ProtectedPkiMessage.cs index d3cf4a524..bb5b5dc14 100644 --- a/crypto/src/cmp/ProtectedPkiMessage.cs +++ b/crypto/src/cmp/ProtectedPkiMessage.cs @@ -1,12 +1,12 @@ -using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.X509; -using System; +using System; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crmf; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Utilities; - -using Org.BouncyCastle.Crmf; +using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Cmp { @@ -15,20 +15,17 @@ namespace Org.BouncyCastle.Cmp /// </summary> public class ProtectedPkiMessage { - private PkiMessage pkiMessage; + private readonly PkiMessage pkiMessage; /// <summary> /// Wrap a general message. /// </summary> /// <exception cref="ArgumentException">If the general message does not have protection.</exception> /// <param name="pkiMessage">The General message</param> - public ProtectedPkiMessage(GeneralPKIMessage pkiMessage) + public ProtectedPkiMessage(GeneralPkiMessage pkiMessage) { - if (!pkiMessage.HasProtection) - { throw new ArgumentException("pki message not protected"); - } this.pkiMessage = pkiMessage.ToAsn1Structure(); } @@ -40,10 +37,8 @@ namespace Org.BouncyCastle.Cmp /// <param name="pkiMessage">The PKI message</param> public ProtectedPkiMessage(PkiMessage pkiMessage) { - if (pkiMessage.Header.ProtectionAlg == null) - { + if (null == pkiMessage.Header.ProtectionAlg) throw new ArgumentException("pki message not protected"); - } this.pkiMessage = pkiMessage; } @@ -51,25 +46,37 @@ namespace Org.BouncyCastle.Cmp /// <summary> /// Message header /// </summary> - public PkiHeader Header { get { return pkiMessage.Header; } } + public PkiHeader Header + { + get { return pkiMessage.Header; } + } /// <summary> /// Message Body /// </summary> - public PkiBody Body { get { return pkiMessage.Body; } } + public PkiBody Body + { + get { return pkiMessage.Body; } + } /// <summary> /// Return the underlying ASN.1 structure contained in this object. /// </summary> /// <returns>PKI Message structure</returns> - public PkiMessage ToAsn1Message() { return pkiMessage; } + public PkiMessage ToAsn1Message() + { + return pkiMessage; + } /// <summary> /// Determine whether the message is protected by a password based MAC. Use verify(PKMACBuilder, char[]) /// to verify the message if this method returns true. /// </summary> /// <returns>true if protection MAC PBE based, false otherwise.</returns> - public bool HasPasswordBasedMacProtected { get { return Header.ProtectionAlg.Algorithm.Equals(CmpObjectIdentifiers.passwordBasedMac); } } + public bool HasPasswordBasedMacProtected + { + get { return Header.ProtectionAlg.Algorithm.Equals(CmpObjectIdentifiers.passwordBasedMac); } + } /// <summary> /// Return the extra certificates associated with this message. @@ -78,11 +85,8 @@ namespace Org.BouncyCastle.Cmp public X509Certificate[] GetCertificates() { CmpCertificate[] certs = pkiMessage.GetExtraCerts(); - - if (certs == null) - { + if (null == certs) return new X509Certificate[0]; - } X509Certificate[] res = new X509Certificate[certs.Length]; for (int t = 0; t < certs.Length; t++) @@ -107,7 +111,7 @@ namespace Org.BouncyCastle.Cmp return result.IsVerified(pkiMessage.Protection.GetBytes()); } - private Object Process(IStreamCalculator streamCalculator) + private object Process(IStreamCalculator streamCalculator) { Asn1EncodableVector avec = new Asn1EncodableVector(); avec.Add(pkiMessage.Header); @@ -131,9 +135,7 @@ namespace Org.BouncyCastle.Cmp public bool Verify(PKMacBuilder pkMacBuilder, char[] password) { if (!CmpObjectIdentifiers.passwordBasedMac.Equals(pkiMessage.Header.ProtectionAlg.Algorithm)) - { throw new InvalidOperationException("protection algorithm is not mac based"); - } PbmParameter parameter = PbmParameter.GetInstance(pkiMessage.Header.ProtectionAlg.Parameters); diff --git a/crypto/src/cmp/ProtectedPkiMessageBuilder.cs b/crypto/src/cmp/ProtectedPkiMessageBuilder.cs index 3ee223ba8..8ce0d48dc 100644 --- a/crypto/src/cmp/ProtectedPkiMessageBuilder.cs +++ b/crypto/src/cmp/ProtectedPkiMessageBuilder.cs @@ -1,10 +1,12 @@ using System; using System.Collections; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Utilities; using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Cmp @@ -13,15 +15,14 @@ namespace Org.BouncyCastle.Cmp { private PkiHeaderBuilder hdrBuilBuilder; private PkiBody body; - private ArrayList generalInfos = new ArrayList(); - private ArrayList extraCerts = new ArrayList(); + private IList generalInfos = Platform.CreateArrayList(); + private IList extraCerts = Platform.CreateArrayList(); - public ProtectedPkiMessageBuilder(GeneralName sender, GeneralName recipient) : this(PkiHeader.CMP_2000, sender, - recipient) + public ProtectedPkiMessageBuilder(GeneralName sender, GeneralName recipient) + : this(PkiHeader.CMP_2000, sender, recipient) { } - public ProtectedPkiMessageBuilder(int pvno, GeneralName sender, GeneralName recipient) { hdrBuilBuilder = new PkiHeaderBuilder(pvno, sender, recipient); @@ -96,22 +97,21 @@ namespace Org.BouncyCastle.Cmp throw new ArgumentException("AlgorithmDetails is not AlgorithmIdentifier"); } - FinalizeHeader((AlgorithmIdentifier) signatureFactory.AlgorithmDetails); + FinalizeHeader((AlgorithmIdentifier)signatureFactory.AlgorithmDetails); PkiHeader header = hdrBuilBuilder.Build(); DerBitString protection = new DerBitString(CalculateSignature(calculator, header, body)); return FinalizeMessage(header, protection); } public ProtectedPkiMessage Build(IMacFactory factory) - { - IStreamCalculator calculator = factory.CreateCalculator(); - FinalizeHeader((AlgorithmIdentifier)factory.AlgorithmDetails); - PkiHeader header = hdrBuilBuilder.Build(); - DerBitString protection = new DerBitString(CalculateSignature(calculator, header, body)); - return FinalizeMessage(header, protection); + { + IStreamCalculator calculator = factory.CreateCalculator(); + FinalizeHeader((AlgorithmIdentifier)factory.AlgorithmDetails); + PkiHeader header = hdrBuilBuilder.Build(); + DerBitString protection = new DerBitString(CalculateSignature(calculator, header, body)); + return FinalizeMessage(header, protection); } - private void FinalizeHeader(AlgorithmIdentifier algorithmIdentifier) { hdrBuilBuilder.SetProtectionAlg(algorithmIdentifier); @@ -120,7 +120,7 @@ namespace Org.BouncyCastle.Cmp InfoTypeAndValue[] genInfos = new InfoTypeAndValue[generalInfos.Count]; for (int t = 0; t < genInfos.Length; t++) { - genInfos[t] = (InfoTypeAndValue) generalInfos[t]; + genInfos[t] = (InfoTypeAndValue)generalInfos[t]; } hdrBuilBuilder.SetGeneralInfo(genInfos); @@ -134,7 +134,7 @@ namespace Org.BouncyCastle.Cmp CmpCertificate[] cmpCertificates = new CmpCertificate[extraCerts.Count]; for (int i = 0; i < cmpCertificates.Length; i++) { - byte[] cert = ((X509Certificate) extraCerts[i]).GetEncoded(); + byte[] cert = ((X509Certificate)extraCerts[i]).GetEncoded(); cmpCertificates[i] = CmpCertificate.GetInstance((Asn1Sequence.FromByteArray(cert))); } @@ -151,7 +151,7 @@ namespace Org.BouncyCastle.Cmp avec.Add(body); byte[] encoded = new DerSequence(avec).GetEncoded(); signer.Stream.Write(encoded, 0, encoded.Length); - Object result = signer.GetResult(); + object result = signer.GetResult(); if (result is DefaultSignatureResult) { @@ -163,10 +163,10 @@ namespace Org.BouncyCastle.Cmp } else if (result is byte[]) { - return (byte[]) result; + return (byte[])result; } throw new InvalidOperationException("result is not byte[] or DefaultSignatureResult"); } } -} \ No newline at end of file +} diff --git a/crypto/src/cmp/RevocationDetails.cs b/crypto/src/cmp/RevocationDetails.cs index 6e1cb34c3..2d3f9a5eb 100644 --- a/crypto/src/cmp/RevocationDetails.cs +++ b/crypto/src/cmp/RevocationDetails.cs @@ -1,4 +1,6 @@ -using Org.BouncyCastle.Asn1.Cmp; +using System; + +using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Math; @@ -6,7 +8,7 @@ namespace Org.BouncyCastle.Cmp { public class RevocationDetails { - private RevDetails revDetails; + private readonly RevDetails revDetails; public RevocationDetails(RevDetails revDetails) { @@ -25,10 +27,7 @@ namespace Org.BouncyCastle.Cmp public BigInteger SerialNumber { - get - { - return revDetails.CertDetails.SerialNumber.Value; // getCertDetails().getSerialNumber().getValue(); - } + get { return revDetails.CertDetails.SerialNumber.Value; } } public RevDetails ToASN1Structure() @@ -36,4 +35,4 @@ namespace Org.BouncyCastle.Cmp return revDetails; } } -} \ No newline at end of file +} diff --git a/crypto/src/cmp/RevocationDetailsBuilder.cs b/crypto/src/cmp/RevocationDetailsBuilder.cs index 464c0bb13..b3be01242 100644 --- a/crypto/src/cmp/RevocationDetailsBuilder.cs +++ b/crypto/src/cmp/RevocationDetailsBuilder.cs @@ -1,4 +1,6 @@ -using Org.BouncyCastle.Asn1; +using System; + +using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.Crmf; using Org.BouncyCastle.Asn1.X509; @@ -50,7 +52,7 @@ namespace Org.BouncyCastle.Cmp return this; } - public RevocationDetails build() + public RevocationDetails Build() { return new RevocationDetails(new RevDetails(_templateBuilder.Build())); } diff --git a/crypto/src/cms/CMSEnvelopedDataGenerator.cs b/crypto/src/cms/CMSEnvelopedDataGenerator.cs index 8ba41161e..c844ca6fa 100644 --- a/crypto/src/cms/CMSEnvelopedDataGenerator.cs +++ b/crypto/src/cms/CMSEnvelopedDataGenerator.cs @@ -158,7 +158,7 @@ namespace Org.BouncyCastle.Cms public CmsEnvelopedData Generate(CmsProcessable content, ICipherBuilderWithKey cipherBuilder) { - AlgorithmIdentifier encAlgId = null; + //AlgorithmIdentifier encAlgId = null; KeyParameter encKey; Asn1OctetString encContent; diff --git a/crypto/src/cms/CMSSignedGenerator.cs b/crypto/src/cms/CMSSignedGenerator.cs index 1ac9f39b7..c7bc4ea43 100644 --- a/crypto/src/cms/CMSSignedGenerator.cs +++ b/crypto/src/cms/CMSSignedGenerator.cs @@ -26,337 +26,328 @@ using Org.BouncyCastle.X509.Store; namespace Org.BouncyCastle.Cms { + public class DefaultSignatureAlgorithmIdentifierFinder + { + private static readonly IDictionary algorithms = Platform.CreateHashtable(); + private static readonly ISet noParams = new HashSet(); + private static readonly IDictionary _params = Platform.CreateHashtable(); + private static readonly ISet pkcs15RsaEncryption = new HashSet(); + private static readonly IDictionary digestOids = Platform.CreateHashtable(); + + private static readonly IDictionary digestBuilders = Platform.CreateHashtable(); - public class DefaultSignatureAlgorithmIdentifierFinder + private static readonly DerObjectIdentifier ENCRYPTION_RSA = PkcsObjectIdentifiers.RsaEncryption; + private static readonly DerObjectIdentifier ENCRYPTION_DSA = X9ObjectIdentifiers.IdDsaWithSha1; + private static readonly DerObjectIdentifier ENCRYPTION_ECDSA = X9ObjectIdentifiers.ECDsaWithSha1; + private static readonly DerObjectIdentifier ENCRYPTION_RSA_PSS = PkcsObjectIdentifiers.IdRsassaPss; + private static readonly DerObjectIdentifier ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.GostR3410x94; + private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.GostR3410x2001; + private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410_2012_256 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256; + private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410_2012_512 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512; + + static DefaultSignatureAlgorithmIdentifierFinder() { - private static readonly IDictionary algorithms = Platform.CreateHashtable(); - private static readonly ISet noParams = new HashSet(); - private static readonly IDictionary _params = Platform.CreateHashtable(); - private static readonly ISet pkcs15RsaEncryption = new HashSet(); - private static readonly IDictionary digestOids = Platform.CreateHashtable(); + algorithms["MD2WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.MD2WithRsaEncryption; + algorithms["MD2WITHRSA"] = PkcsObjectIdentifiers.MD2WithRsaEncryption; + algorithms["MD5WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.MD5WithRsaEncryption; + algorithms["MD5WITHRSA"] = PkcsObjectIdentifiers.MD5WithRsaEncryption; + algorithms["SHA1WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption; + algorithms["SHA1WITHRSA"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption; + algorithms["SHA-1WITHRSA"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption; + algorithms["SHA224WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption; + algorithms["SHA224WITHRSA"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption; + algorithms["SHA256WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption; + algorithms["SHA256WITHRSA"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption; + algorithms["SHA384WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption; + algorithms["SHA384WITHRSA"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption; + algorithms["SHA512WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption; + algorithms["SHA512WITHRSA"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption; + algorithms["SHA1WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA224WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA256WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA384WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA512WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA3-224WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA3-256WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA3-384WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA3-512WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["RIPEMD160WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160; + algorithms["RIPEMD160WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160; + algorithms["RIPEMD128WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128; + algorithms["RIPEMD128WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128; + algorithms["RIPEMD256WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256; + algorithms["RIPEMD256WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256; + algorithms["SHA1WITHDSA"] = X9ObjectIdentifiers.IdDsaWithSha1; + algorithms["SHA-1WITHDSA"] = X9ObjectIdentifiers.IdDsaWithSha1; + algorithms["DSAWITHSHA1"] = X9ObjectIdentifiers.IdDsaWithSha1; + algorithms["SHA224WITHDSA"] = NistObjectIdentifiers.DsaWithSha224; + algorithms["SHA256WITHDSA"] = NistObjectIdentifiers.DsaWithSha256; + algorithms["SHA384WITHDSA"] = NistObjectIdentifiers.DsaWithSha384; + algorithms["SHA512WITHDSA"] = NistObjectIdentifiers.DsaWithSha512; + algorithms["SHA3-224WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_224; // id_dsa_with_sha3_224; + algorithms["SHA3-256WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_256; //id_dsa_with_sha3_256; + algorithms["SHA3-384WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_384; //id_dsa_with_sha3_384; + algorithms["SHA3-512WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_512; //id_dsa_with_sha3_512; + algorithms["SHA3-224WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_224;// id_ecdsa_with_sha3_224; + algorithms["SHA3-256WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_256;//id_ecdsa_with_sha3_256; + algorithms["SHA3-384WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_384;//id_ecdsa_with_sha3_384; + algorithms["SHA3-512WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_512;//id_ecdsa_with_sha3_512; + algorithms["SHA3-224WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224;// id_rsassa_pkcs1_v1_5_with_sha3_224; + algorithms["SHA3-256WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256;// id_rsassa_pkcs1_v1_5_with_sha3_256; + algorithms["SHA3-384WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384;// id_rsassa_pkcs1_v1_5_with_sha3_384; + algorithms["SHA3-512WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512;// id_rsassa_pkcs1_v1_5_with_sha3_512; + algorithms["SHA3-224WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224;// id_rsassa_pkcs1_v1_5_with_sha3_224; + algorithms["SHA3-256WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256;// id_rsassa_pkcs1_v1_5_with_sha3_256; + algorithms["SHA3-384WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384; //id_rsassa_pkcs1_v1_5_with_sha3_384; + algorithms["SHA3-512WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512; // id_rsassa_pkcs1_v1_5_with_sha3_512; + algorithms["SHA1WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha1; + algorithms["ECDSAWITHSHA1"] = X9ObjectIdentifiers.ECDsaWithSha1; + algorithms["SHA224WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha224; + algorithms["SHA256WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha224; + algorithms["SHA384WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha384; + algorithms["SHA512WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha256; + + + algorithms["GOST3411WITHGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94; + algorithms["GOST3411WITHGOST3410-94"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94; + algorithms["GOST3411WITHECGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; + algorithms["GOST3411WITHECGOST3410-2001"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; + algorithms["GOST3411WITHGOST3410-2001"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; + algorithms["GOST3411WITHECGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; + algorithms["GOST3411WITHECGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; + algorithms["GOST3411WITHGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; + algorithms["GOST3411WITHGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; + algorithms["GOST3411-2012-256WITHECGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; + algorithms["GOST3411-2012-512WITHECGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; + algorithms["GOST3411-2012-256WITHGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; + algorithms["GOST3411-2012-512WITHGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; + algorithms["SHA1WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA1; + algorithms["SHA224WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA224; + algorithms["SHA256WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA256; + algorithms["SHA384WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA384; + algorithms["SHA512WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA512; + algorithms["RIPEMD160WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_RIPEMD160; + algorithms["SHA1WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_1; + algorithms["SHA224WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_224; + algorithms["SHA256WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_256; + algorithms["SHA384WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_384; + algorithms["SHA512WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_512; + algorithms["SHA3-512WITHSPHINCS256"] = BCObjectIdentifiers.sphincs256_with_SHA3_512; + algorithms["SHA512WITHSPHINCS256"] = BCObjectIdentifiers.sphincs256_with_SHA512; + algorithms["SM3WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sm3; + + algorithms["SHA256WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHA256; + algorithms["SHA512WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHA512; + algorithms["SHAKE128WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHAKE128; + algorithms["SHAKE256WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHAKE256; + + algorithms["SHA256WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHA256; + algorithms["SHA512WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHA512; + algorithms["SHAKE128WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHAKE128; + algorithms["SHAKE256WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHAKE256; - private static readonly IDictionary digestBuilders = Platform.CreateHashtable(); + // + // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. + // The parameters field SHALL be NULL for RSA based signature algorithms. + // + noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha1); + noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha224); + noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha256); + noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha384); + noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha512); + noParams.Add((object)X9ObjectIdentifiers.IdDsaWithSha1); + noParams.Add((object)NistObjectIdentifiers.DsaWithSha224); + noParams.Add((object)NistObjectIdentifiers.DsaWithSha256); + noParams.Add((object)NistObjectIdentifiers.DsaWithSha384); + noParams.Add((object)NistObjectIdentifiers.DsaWithSha512); + noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_224); + noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_256); + noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_384); + noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_512); + noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_224); + noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_256); + noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_384); + noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_512); - private static readonly DerObjectIdentifier ENCRYPTION_RSA = PkcsObjectIdentifiers.RsaEncryption; - private static readonly DerObjectIdentifier ENCRYPTION_DSA = X9ObjectIdentifiers.IdDsaWithSha1; - private static readonly DerObjectIdentifier ENCRYPTION_ECDSA = X9ObjectIdentifiers.ECDsaWithSha1; - private static readonly DerObjectIdentifier ENCRYPTION_RSA_PSS = PkcsObjectIdentifiers.IdRsassaPss; - private static readonly DerObjectIdentifier ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.GostR3410x94; - private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.GostR3410x2001; - private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410_2012_256 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256; - private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410_2012_512 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512; + // + // RFC 4491 + // + noParams.Add((object)CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); + noParams.Add((object)CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); + noParams.Add((object)RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256); + noParams.Add((object)RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512); - static DefaultSignatureAlgorithmIdentifierFinder() - { - algorithms["MD2WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.MD2WithRsaEncryption; - algorithms["MD2WITHRSA"] = PkcsObjectIdentifiers.MD2WithRsaEncryption; - algorithms["MD5WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.MD5WithRsaEncryption; - algorithms["MD5WITHRSA"] = PkcsObjectIdentifiers.MD5WithRsaEncryption; - algorithms["SHA1WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption; - algorithms["SHA1WITHRSA"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption; - algorithms["SHA-1WITHRSA"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption; - algorithms["SHA224WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption; - algorithms["SHA224WITHRSA"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption; - algorithms["SHA256WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption; - algorithms["SHA256WITHRSA"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption; - algorithms["SHA384WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption; - algorithms["SHA384WITHRSA"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption; - algorithms["SHA512WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption; - algorithms["SHA512WITHRSA"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption; - algorithms["SHA1WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["SHA224WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["SHA256WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["SHA384WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["SHA512WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["SHA3-224WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["SHA3-256WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["SHA3-384WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["SHA3-512WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["RIPEMD160WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160; - algorithms["RIPEMD160WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160; - algorithms["RIPEMD128WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128; - algorithms["RIPEMD128WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128; - algorithms["RIPEMD256WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256; - algorithms["RIPEMD256WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256; - algorithms["SHA1WITHDSA"] = X9ObjectIdentifiers.IdDsaWithSha1; - algorithms["SHA-1WITHDSA"] = X9ObjectIdentifiers.IdDsaWithSha1; - algorithms["DSAWITHSHA1"] = X9ObjectIdentifiers.IdDsaWithSha1; - algorithms["SHA224WITHDSA"] = NistObjectIdentifiers.DsaWithSha224; - algorithms["SHA256WITHDSA"] = NistObjectIdentifiers.DsaWithSha256; - algorithms["SHA384WITHDSA"] = NistObjectIdentifiers.DsaWithSha384; - algorithms["SHA512WITHDSA"] = NistObjectIdentifiers.DsaWithSha512; - algorithms["SHA3-224WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_224; // id_dsa_with_sha3_224; - algorithms["SHA3-256WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_256; //id_dsa_with_sha3_256; - algorithms["SHA3-384WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_384; //id_dsa_with_sha3_384; - algorithms["SHA3-512WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_512; //id_dsa_with_sha3_512; - algorithms["SHA3-224WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_224;// id_ecdsa_with_sha3_224; - algorithms["SHA3-256WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_256;//id_ecdsa_with_sha3_256; - algorithms["SHA3-384WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_384;//id_ecdsa_with_sha3_384; - algorithms["SHA3-512WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_512;//id_ecdsa_with_sha3_512; - algorithms["SHA3-224WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224;// id_rsassa_pkcs1_v1_5_with_sha3_224; - algorithms["SHA3-256WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256;// id_rsassa_pkcs1_v1_5_with_sha3_256; - algorithms["SHA3-384WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384;// id_rsassa_pkcs1_v1_5_with_sha3_384; - algorithms["SHA3-512WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512;// id_rsassa_pkcs1_v1_5_with_sha3_512; - algorithms["SHA3-224WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224;// id_rsassa_pkcs1_v1_5_with_sha3_224; - algorithms["SHA3-256WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256;// id_rsassa_pkcs1_v1_5_with_sha3_256; - algorithms["SHA3-384WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384; //id_rsassa_pkcs1_v1_5_with_sha3_384; - algorithms["SHA3-512WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512; // id_rsassa_pkcs1_v1_5_with_sha3_512; - algorithms["SHA1WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha1; - algorithms["ECDSAWITHSHA1"] = X9ObjectIdentifiers.ECDsaWithSha1; - algorithms["SHA224WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha224; - algorithms["SHA256WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha224; - algorithms["SHA384WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha384; - algorithms["SHA512WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha256; - - - algorithms["GOST3411WITHGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94; - algorithms["GOST3411WITHGOST3410-94"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94; - algorithms["GOST3411WITHECGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; - algorithms["GOST3411WITHECGOST3410-2001"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; - algorithms["GOST3411WITHGOST3410-2001"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; - algorithms["GOST3411WITHECGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; - algorithms["GOST3411WITHECGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; - algorithms["GOST3411WITHGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; - algorithms["GOST3411WITHGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; - algorithms["GOST3411-2012-256WITHECGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; - algorithms["GOST3411-2012-512WITHECGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; - algorithms["GOST3411-2012-256WITHGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; - algorithms["GOST3411-2012-512WITHGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; - algorithms["SHA1WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA1; - algorithms["SHA224WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA224; - algorithms["SHA256WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA256; - algorithms["SHA384WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA384; - algorithms["SHA512WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA512; - algorithms["RIPEMD160WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_RIPEMD160; - algorithms["SHA1WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_1; - algorithms["SHA224WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_224; - algorithms["SHA256WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_256; - algorithms["SHA384WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_384; - algorithms["SHA512WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_512; - algorithms["SHA3-512WITHSPHINCS256"] = BCObjectIdentifiers.sphincs256_with_SHA3_512; - algorithms["SHA512WITHSPHINCS256"] = BCObjectIdentifiers.sphincs256_with_SHA512; - algorithms["SM3WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sm3; - - algorithms["SHA256WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHA256; - algorithms["SHA512WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHA512; - algorithms["SHAKE128WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHAKE128; - algorithms["SHAKE256WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHAKE256; - - algorithms["SHA256WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHA256; - algorithms["SHA512WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHA512; - algorithms["SHAKE128WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHAKE128; - algorithms["SHAKE256WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHAKE256; - - - // - // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. - // The parameters field SHALL be NULL for RSA based signature algorithms. - // - noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha1); - noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha224); - noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha256); - noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha384); - noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha512); - noParams.Add((object)X9ObjectIdentifiers.IdDsaWithSha1); - noParams.Add((object)NistObjectIdentifiers.DsaWithSha224); - noParams.Add((object)NistObjectIdentifiers.DsaWithSha256); - noParams.Add((object)NistObjectIdentifiers.DsaWithSha384); - noParams.Add((object)NistObjectIdentifiers.DsaWithSha512); - noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_224); - noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_256); - noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_384); - noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_512); - noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_224); - noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_256); - noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_384); - noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_512); - - - // - // RFC 4491 - // - noParams.Add((object)CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); - noParams.Add((object)CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); - noParams.Add((object)RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256); - noParams.Add((object)RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512); - - // - // SPHINCS-256 - // - noParams.Add((object)BCObjectIdentifiers.sphincs256_with_SHA512); - noParams.Add((object)BCObjectIdentifiers.sphincs256_with_SHA3_512); - - // - // XMSS - // - noParams.Add((object)BCObjectIdentifiers.xmss_with_SHA256); - noParams.Add((object)BCObjectIdentifiers.xmss_with_SHA512); - noParams.Add((object)BCObjectIdentifiers.xmss_with_SHAKE128); - noParams.Add((object)BCObjectIdentifiers.xmss_with_SHAKE256); - noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHA256); - noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHA512); - noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHAKE128); - noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHAKE256); - - // - // SM2 - // - noParams.Add((object)GMObjectIdentifiers.sm2sign_with_sm3); - - // - // PKCS 1.5 encrypted algorithms - // - pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha1WithRsaEncryption); - pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha224WithRsaEncryption); - pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha256WithRsaEncryption); - pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha384WithRsaEncryption); - pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha512WithRsaEncryption); - pkcs15RsaEncryption.Add((object)TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128); - pkcs15RsaEncryption.Add((object)TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160); - pkcs15RsaEncryption.Add((object)TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256); - pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224); - pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256); - pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384); - pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512); - - // - // explicit params - // - AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance); - _params["SHA1WITHRSAANDMGF1"] = CreatePssParams(sha1AlgId, 20); - - AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance); - _params["SHA224WITHRSAANDMGF1"] = CreatePssParams(sha224AlgId, 28); - - AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance); - _params["SHA256WITHRSAANDMGF1"] = CreatePssParams(sha256AlgId, 32); - - AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance); - _params["SHA384WITHRSAANDMGF1"] = CreatePssParams(sha384AlgId, 48); - - AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance); - _params["SHA512WITHRSAANDMGF1"] = CreatePssParams(sha512AlgId, 64); - - AlgorithmIdentifier sha3_224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_224, DerNull.Instance); - _params["SHA3-224WITHRSAANDMGF1"] = CreatePssParams(sha3_224AlgId, 28); - - AlgorithmIdentifier sha3_256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_256, DerNull.Instance); - _params["SHA3-256WITHRSAANDMGF1"] = CreatePssParams(sha3_256AlgId, 32); - - AlgorithmIdentifier sha3_384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_384, DerNull.Instance); - _params["SHA3-384WITHRSAANDMGF1"] = CreatePssParams(sha3_384AlgId, 48); - - AlgorithmIdentifier sha3_512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_512, DerNull.Instance); - _params["SHA3-512WITHRSAANDMGF1"] = CreatePssParams(sha3_512AlgId, 64); - - // - // digests - // - digestOids[PkcsObjectIdentifiers.Sha224WithRsaEncryption] = NistObjectIdentifiers.IdSha224; - digestOids[PkcsObjectIdentifiers.Sha256WithRsaEncryption] = NistObjectIdentifiers.IdSha256; - digestOids[PkcsObjectIdentifiers.Sha384WithRsaEncryption] = NistObjectIdentifiers.IdSha384; - digestOids[PkcsObjectIdentifiers.Sha512WithRsaEncryption] = NistObjectIdentifiers.IdSha512; - digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha224; - digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha256; - digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha384; - digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha512; - digestOids[NistObjectIdentifiers.IdDsaWithSha3_224] = NistObjectIdentifiers.IdSha3_224; - digestOids[NistObjectIdentifiers.IdDsaWithSha3_256] = NistObjectIdentifiers.IdSha3_256; - digestOids[NistObjectIdentifiers.IdDsaWithSha3_384] = NistObjectIdentifiers.IdSha3_384; - digestOids[NistObjectIdentifiers.IdDsaWithSha3_512] = NistObjectIdentifiers.IdSha3_512; - digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_224] = NistObjectIdentifiers.IdSha3_224; - digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_256] = NistObjectIdentifiers.IdSha3_256; - digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_384] = NistObjectIdentifiers.IdSha3_384; - digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_512] = NistObjectIdentifiers.IdSha3_512; - digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224] = NistObjectIdentifiers.IdSha3_224; - digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256] = NistObjectIdentifiers.IdSha3_256; - digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384] = NistObjectIdentifiers.IdSha3_384; - digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512] = NistObjectIdentifiers.IdSha3_512; - - digestOids[PkcsObjectIdentifiers.MD2WithRsaEncryption] = PkcsObjectIdentifiers.MD2; - digestOids[PkcsObjectIdentifiers.MD4WithRsaEncryption] = PkcsObjectIdentifiers.MD4; - digestOids[PkcsObjectIdentifiers.MD5WithRsaEncryption] = PkcsObjectIdentifiers.MD5; - digestOids[PkcsObjectIdentifiers.Sha1WithRsaEncryption] = OiwObjectIdentifiers.IdSha1; - digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128] = TeleTrusTObjectIdentifiers.RipeMD128; - digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160] = TeleTrusTObjectIdentifiers.RipeMD160; - digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256] = TeleTrusTObjectIdentifiers.RipeMD256; - digestOids[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94] = CryptoProObjectIdentifiers.GostR3411; - digestOids[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001] = CryptoProObjectIdentifiers.GostR3411; - digestOids[RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256; - digestOids[RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512; - digestOids[GMObjectIdentifiers.sm2sign_with_sm3] = GMObjectIdentifiers.sm3; + // + // SPHINCS-256 + // + noParams.Add((object)BCObjectIdentifiers.sphincs256_with_SHA512); + noParams.Add((object)BCObjectIdentifiers.sphincs256_with_SHA3_512); - } + // + // XMSS + // + noParams.Add((object)BCObjectIdentifiers.xmss_with_SHA256); + noParams.Add((object)BCObjectIdentifiers.xmss_with_SHA512); + noParams.Add((object)BCObjectIdentifiers.xmss_with_SHAKE128); + noParams.Add((object)BCObjectIdentifiers.xmss_with_SHAKE256); + noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHA256); + noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHA512); + noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHAKE128); + noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHAKE256); - private static AlgorithmIdentifier Generate(string signatureAlgorithm) - { - AlgorithmIdentifier sigAlgId; - AlgorithmIdentifier encAlgId; - AlgorithmIdentifier digAlgId; + // + // SM2 + // + noParams.Add((object)GMObjectIdentifiers.sm2sign_with_sm3); - string algorithmName = Strings.ToUpperCase(signatureAlgorithm); - DerObjectIdentifier sigOID = (DerObjectIdentifier)algorithms[algorithmName]; - if (sigOID == null) - { - throw new ArgumentException("Unknown signature type requested: " + algorithmName); - } + // + // PKCS 1.5 encrypted algorithms + // + pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha1WithRsaEncryption); + pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha224WithRsaEncryption); + pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha256WithRsaEncryption); + pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha384WithRsaEncryption); + pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha512WithRsaEncryption); + pkcs15RsaEncryption.Add((object)TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128); + pkcs15RsaEncryption.Add((object)TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160); + pkcs15RsaEncryption.Add((object)TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256); + pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224); + pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256); + pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384); + pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512); - if (noParams.Contains(sigOID)) - { - sigAlgId = new AlgorithmIdentifier(sigOID); - } - else if (_params.Contains(algorithmName)) - { - sigAlgId = new AlgorithmIdentifier(sigOID, (Asn1Encodable)_params[algorithmName]); - } - else - { - sigAlgId = new AlgorithmIdentifier(sigOID, DerNull.Instance); - } + // + // explicit params + // + AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance); + _params["SHA1WITHRSAANDMGF1"] = CreatePssParams(sha1AlgId, 20); - if (pkcs15RsaEncryption.Contains(sigOID)) - { - encAlgId = new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance); - } - else - { - encAlgId = sigAlgId; - } + AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance); + _params["SHA224WITHRSAANDMGF1"] = CreatePssParams(sha224AlgId, 28); - if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss)) - { - digAlgId = ((RsassaPssParameters)sigAlgId.Parameters).HashAlgorithm; - } - else - { - digAlgId = new AlgorithmIdentifier((DerObjectIdentifier)digestOids[sigOID], DerNull.Instance); - } + AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance); + _params["SHA256WITHRSAANDMGF1"] = CreatePssParams(sha256AlgId, 32); - return sigAlgId; + AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance); + _params["SHA384WITHRSAANDMGF1"] = CreatePssParams(sha384AlgId, 48); + + AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance); + _params["SHA512WITHRSAANDMGF1"] = CreatePssParams(sha512AlgId, 64); + + AlgorithmIdentifier sha3_224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_224, DerNull.Instance); + _params["SHA3-224WITHRSAANDMGF1"] = CreatePssParams(sha3_224AlgId, 28); + + AlgorithmIdentifier sha3_256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_256, DerNull.Instance); + _params["SHA3-256WITHRSAANDMGF1"] = CreatePssParams(sha3_256AlgId, 32); + + AlgorithmIdentifier sha3_384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_384, DerNull.Instance); + _params["SHA3-384WITHRSAANDMGF1"] = CreatePssParams(sha3_384AlgId, 48); + + AlgorithmIdentifier sha3_512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_512, DerNull.Instance); + _params["SHA3-512WITHRSAANDMGF1"] = CreatePssParams(sha3_512AlgId, 64); + + // + // digests + // + digestOids[PkcsObjectIdentifiers.Sha224WithRsaEncryption] = NistObjectIdentifiers.IdSha224; + digestOids[PkcsObjectIdentifiers.Sha256WithRsaEncryption] = NistObjectIdentifiers.IdSha256; + digestOids[PkcsObjectIdentifiers.Sha384WithRsaEncryption] = NistObjectIdentifiers.IdSha384; + digestOids[PkcsObjectIdentifiers.Sha512WithRsaEncryption] = NistObjectIdentifiers.IdSha512; + digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha224; + digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha256; + digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha384; + digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha512; + digestOids[NistObjectIdentifiers.IdDsaWithSha3_224] = NistObjectIdentifiers.IdSha3_224; + digestOids[NistObjectIdentifiers.IdDsaWithSha3_256] = NistObjectIdentifiers.IdSha3_256; + digestOids[NistObjectIdentifiers.IdDsaWithSha3_384] = NistObjectIdentifiers.IdSha3_384; + digestOids[NistObjectIdentifiers.IdDsaWithSha3_512] = NistObjectIdentifiers.IdSha3_512; + digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_224] = NistObjectIdentifiers.IdSha3_224; + digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_256] = NistObjectIdentifiers.IdSha3_256; + digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_384] = NistObjectIdentifiers.IdSha3_384; + digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_512] = NistObjectIdentifiers.IdSha3_512; + digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224] = NistObjectIdentifiers.IdSha3_224; + digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256] = NistObjectIdentifiers.IdSha3_256; + digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384] = NistObjectIdentifiers.IdSha3_384; + digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512] = NistObjectIdentifiers.IdSha3_512; + + digestOids[PkcsObjectIdentifiers.MD2WithRsaEncryption] = PkcsObjectIdentifiers.MD2; + digestOids[PkcsObjectIdentifiers.MD4WithRsaEncryption] = PkcsObjectIdentifiers.MD4; + digestOids[PkcsObjectIdentifiers.MD5WithRsaEncryption] = PkcsObjectIdentifiers.MD5; + digestOids[PkcsObjectIdentifiers.Sha1WithRsaEncryption] = OiwObjectIdentifiers.IdSha1; + digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128] = TeleTrusTObjectIdentifiers.RipeMD128; + digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160] = TeleTrusTObjectIdentifiers.RipeMD160; + digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256] = TeleTrusTObjectIdentifiers.RipeMD256; + digestOids[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94] = CryptoProObjectIdentifiers.GostR3411; + digestOids[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001] = CryptoProObjectIdentifiers.GostR3411; + digestOids[RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256; + digestOids[RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512; + digestOids[GMObjectIdentifiers.sm2sign_with_sm3] = GMObjectIdentifiers.sm3; + + } + + private static AlgorithmIdentifier Generate(string signatureAlgorithm) + { + AlgorithmIdentifier sigAlgId; + AlgorithmIdentifier encAlgId; + AlgorithmIdentifier digAlgId; + + string algorithmName = Strings.ToUpperCase(signatureAlgorithm); + DerObjectIdentifier sigOID = (DerObjectIdentifier)algorithms[algorithmName]; + if (sigOID == null) + { + throw new ArgumentException("Unknown signature type requested: " + algorithmName); } - private static RsassaPssParameters CreatePssParams(AlgorithmIdentifier hashAlgId, int saltSize) + if (noParams.Contains(sigOID)) + { + sigAlgId = new AlgorithmIdentifier(sigOID); + } + else if (_params.Contains(algorithmName)) { - return new RsassaPssParameters( - hashAlgId, - new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, hashAlgId), - new DerInteger(saltSize), - new DerInteger(1)); + sigAlgId = new AlgorithmIdentifier(sigOID, (Asn1Encodable)_params[algorithmName]); + } + else + { + sigAlgId = new AlgorithmIdentifier(sigOID, DerNull.Instance); } - public AlgorithmIdentifier Find(string sigAlgName) + if (pkcs15RsaEncryption.Contains(sigOID)) { - - return Generate(sigAlgName); + encAlgId = new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance); + } + else + { + encAlgId = sigAlgId; } - } - + if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss)) + { + digAlgId = ((RsassaPssParameters)sigAlgId.Parameters).HashAlgorithm; + } + else + { + digAlgId = new AlgorithmIdentifier((DerObjectIdentifier)digestOids[sigOID], DerNull.Instance); + } + return sigAlgId; + } + private static RsassaPssParameters CreatePssParams(AlgorithmIdentifier hashAlgId, int saltSize) + { + return new RsassaPssParameters( + hashAlgId, + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, hashAlgId), + new DerInteger(saltSize), + new DerInteger(1)); + } + public AlgorithmIdentifier Find(string sigAlgName) + { + return Generate(sigAlgName); + } + } public class DefaultDigestAlgorithmIdentifierFinder { @@ -449,7 +440,7 @@ namespace Org.BouncyCastle.Cms return digAlgId; } - public AlgorithmIdentifier find(String digAlgName) + public AlgorithmIdentifier find(string digAlgName) { return new AlgorithmIdentifier((DerObjectIdentifier)digestNameToOids[digAlgName], DerNull.Instance); } @@ -583,7 +574,7 @@ namespace Org.BouncyCastle.Cms * Return a map of oids and byte arrays representing the digests calculated on the content during * the last generate. * - * @return a map of oids (as String objects) and byte[] representing digests. + * @return a map of oids (as string objects) and byte[] representing digests. */ public IDictionary GetGeneratedDigests() { diff --git a/crypto/src/cms/CMSSignedHelper.cs b/crypto/src/cms/CMSSignedHelper.cs index 5b6c93b6a..3fb3cee26 100644 --- a/crypto/src/cms/CMSSignedHelper.cs +++ b/crypto/src/cms/CMSSignedHelper.cs @@ -161,7 +161,7 @@ namespace Org.BouncyCastle.Cms { string[] aliases = (string[]) digestAliases[algName]; - return aliases == null ? new String[0] : (string[]) aliases.Clone(); + return aliases == null ? new string[0] : (string[]) aliases.Clone(); } /** diff --git a/crypto/src/cms/EnvelopedDataHelper.cs b/crypto/src/cms/EnvelopedDataHelper.cs index fe5bc2a97..6d1c7bb3a 100644 --- a/crypto/src/cms/EnvelopedDataHelper.cs +++ b/crypto/src/cms/EnvelopedDataHelper.cs @@ -1,4 +1,6 @@ -using System.Collections; +using System; +using System.Collections; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Oiw; @@ -12,7 +14,6 @@ using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Crypto.Utilities; using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities; -using Org.BouncyCastle.Crypto.Utilites; namespace Org.BouncyCastle.Cms { @@ -20,20 +21,15 @@ namespace Org.BouncyCastle.Cms { private static readonly IDictionary BaseCipherNames = Platform.CreateHashtable(); private static readonly IDictionary MacAlgNames = Platform.CreateHashtable(); - - private static readonly IDictionary prfs = Platform.CreateHashtable(); - - - public delegate IDigest DigestCreator(); + //private static readonly IDictionary PrfDigests = Platform.CreateHashtable(); static EnvelopedDataHelper() { - prfs.Add(PkcsObjectIdentifiers.IdHmacWithSha1, new DigestProvider(delegate () { return new Sha1Digest(); })); - prfs.Add(PkcsObjectIdentifiers.IdHmacWithSha224, new DigestProvider(delegate () { return new Sha224Digest(); })); - prfs.Add(PkcsObjectIdentifiers.IdHmacWithSha256, new DigestProvider(delegate () { return new Sha256Digest(); })); - prfs.Add(PkcsObjectIdentifiers.IdHmacWithSha384, new DigestProvider(delegate () { return new Sha384Digest(); })); - prfs.Add(PkcsObjectIdentifiers.IdHmacWithSha512, new DigestProvider(delegate () { return new Sha512Digest(); })); - + //PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha1, "SHA-1"); + //PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha224, "SHA-224"); + //PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha256, "SHA-256"); + //PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha384, "SHA-384"); + //PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha512, "SHA-512"); BaseCipherNames.Add(PkcsObjectIdentifiers.DesEde3Cbc, "DESEDE"); BaseCipherNames.Add(NistObjectIdentifiers.IdAes128Cbc, "AES"); @@ -47,77 +43,53 @@ namespace Org.BouncyCastle.Cms MacAlgNames.Add(PkcsObjectIdentifiers.RC2Cbc, "RC2Mac"); } - static IDigest GetPrf(AlgorithmIdentifier algID) - { - return ((DigestCreator)prfs[algID]).Invoke(); - } - - - static IWrapper CreateRFC3211Wrapper(DerObjectIdentifier algorithm) - - { - if (NistObjectIdentifiers.IdAes128Cbc.Equals(algorithm) - || NistObjectIdentifiers.IdAes192Cbc.Equals(algorithm) - || NistObjectIdentifiers.IdAes256Cbc.Equals(algorithm)) - { - return new Rfc3211WrapEngine(new AesEngine()); - } - else if (PkcsObjectIdentifiers.DesEde3Cbc.Equals(algorithm)) - { - return new Rfc3211WrapEngine(new DesEdeEngine()); - } - else if (OiwObjectIdentifiers.DesCbc.Equals(algorithm)) - { - return new Rfc3211WrapEngine(new DesEngine()); - } - else if (PkcsObjectIdentifiers.RC2Cbc.Equals(algorithm)) - { - return new Rfc3211WrapEngine(new RC2Engine()); - } - else - { - throw new CmsException("cannot recognise wrapper: " + algorithm); - } - } - - - - public static object CreateContentCipher(bool forEncryption, ICipherParameters encKey, - AlgorithmIdentifier encryptionAlgID) - + //internal static IDigest GetPrf(AlgorithmIdentifier algID) + //{ + // string digestName = (string)PrfDigests[algID]; + + // return DigestUtilities.GetDigest(digestName); + //} + + //internal static IWrapper CreateRfc3211Wrapper(DerObjectIdentifier algorithm) + //{ + // if (NistObjectIdentifiers.IdAes128Cbc.Equals(algorithm) + // || NistObjectIdentifiers.IdAes192Cbc.Equals(algorithm) + // || NistObjectIdentifiers.IdAes256Cbc.Equals(algorithm)) + // { + // return new Rfc3211WrapEngine(new AesEngine()); + // } + // else if (PkcsObjectIdentifiers.DesEde3Cbc.Equals(algorithm)) + // { + // return new Rfc3211WrapEngine(new DesEdeEngine()); + // } + // else if (OiwObjectIdentifiers.DesCbc.Equals(algorithm)) + // { + // return new Rfc3211WrapEngine(new DesEngine()); + // } + // else if (PkcsObjectIdentifiers.RC2Cbc.Equals(algorithm)) + // { + // return new Rfc3211WrapEngine(new RC2Engine()); + // } + // else + // { + // throw new CmsException("cannot recognise wrapper: " + algorithm); + // } + //} + + public static object CreateContentCipher(bool forEncryption, ICipherParameters encKey, + AlgorithmIdentifier encryptionAlgID) { return CipherFactory.CreateContentCipher(forEncryption, encKey, encryptionAlgID); } - public AlgorithmIdentifier GenerateEncryptionAlgID(DerObjectIdentifier encryptionOID, KeyParameter encKey, SecureRandom random) { return AlgorithmIdentifierFactory.GenerateEncryptionAlgID(encryptionOID, encKey.GetKey().Length * 8, random); } - public CipherKeyGenerator CreateKeyGenerator(DerObjectIdentifier algorithm, SecureRandom random) - + public CipherKeyGenerator CreateKeyGenerator(DerObjectIdentifier algorithm, SecureRandom random) { return CipherKeyGeneratorFactory.CreateKeyGenerator(algorithm, random); } - - - } - - // This exists because we can't directly put a delegate in a map as it is - // not an object. - internal class DigestProvider - { - private readonly EnvelopedDataHelper.DigestCreator creator; - - public DigestProvider(EnvelopedDataHelper.DigestCreator creator) - { - this.creator = creator; - } - - public IDigest Create() - { - return creator.Invoke(); - } } } diff --git a/crypto/src/crmf/AuthenticatorControl.cs b/crypto/src/crmf/AuthenticatorControl.cs index 976135ed8..fc546ede5 100644 --- a/crypto/src/crmf/AuthenticatorControl.cs +++ b/crypto/src/crmf/AuthenticatorControl.cs @@ -1,4 +1,5 @@ using System; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Crmf; @@ -7,9 +8,9 @@ namespace Org.BouncyCastle.Crmf /// <summary> /// Carrier for an authenticator control. /// </summary> - public class AuthenticatorControl:IControl + public class AuthenticatorControl + : IControl { - private static readonly DerObjectIdentifier type = CrmfObjectIdentifiers.id_regCtrl_authenticator; private readonly DerUtf8String token; @@ -27,7 +28,7 @@ namespace Org.BouncyCastle.Crmf /// Basic constructor - build from a string representing the token. /// </summary> /// <param name="token">string representing the token.</param> - public AuthenticatorControl(String token) + public AuthenticatorControl(string token) { this.token = new DerUtf8String(token); } @@ -43,7 +44,8 @@ namespace Org.BouncyCastle.Crmf /// <summary> /// Return the token associated with this control (a UTF8String). /// </summary> - public Asn1Encodable Value { + public Asn1Encodable Value + { get { return token; } } } diff --git a/crypto/src/crmf/CertificateRequestMessage.cs b/crypto/src/crmf/CertificateRequestMessage.cs index 5b5d37c9e..c733eecbb 100644 --- a/crypto/src/crmf/CertificateRequestMessage.cs +++ b/crypto/src/crmf/CertificateRequestMessage.cs @@ -1,4 +1,5 @@ using System; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Crmf; using Org.BouncyCastle.Crypto; @@ -16,18 +17,18 @@ namespace Org.BouncyCastle.Crmf private readonly CertReqMsg certReqMsg; private readonly Controls controls; - private static CertReqMsg ParseBytes(byte[] encoding) - { - return CertReqMsg.GetInstance(encoding); + private static CertReqMsg ParseBytes(byte[] encoding) + { + return CertReqMsg.GetInstance(encoding); } /// <summary> /// Create a CertificateRequestMessage from the passed in bytes. /// </summary> /// <param name="encoded">BER/DER encoding of the CertReqMsg structure.</param> - public CertificateRequestMessage(byte[] encoded):this(CertReqMsg.GetInstance(encoded)) + public CertificateRequestMessage(byte[] encoded) + : this(CertReqMsg.GetInstance(encoded)) { - } public CertificateRequestMessage(CertReqMsg certReqMsg) @@ -42,7 +43,7 @@ namespace Org.BouncyCastle.Crmf /// <returns>A CertReqMsg</returns> public CertReqMsg ToAsn1Structure() { - return certReqMsg; + return certReqMsg; } /// <summary> @@ -70,7 +71,7 @@ namespace Org.BouncyCastle.Crmf /// <returns>true if a control value of type is present, false otherwise.</returns> public bool HasControl(DerObjectIdentifier objectIdentifier) { - return findControl(objectIdentifier) != null; + return FindControl(objectIdentifier) != null; } /// <summary> @@ -80,7 +81,7 @@ namespace Org.BouncyCastle.Crmf /// <returns>the control value if present, null otherwise.</returns> public IControl GetControl(DerObjectIdentifier type) { - AttributeTypeAndValue found = findControl(type); + AttributeTypeAndValue found = FindControl(type); if (found != null) { if (found.Type.Equals(CrmfObjectIdentifiers.id_regCtrl_pkiArchiveOptions)) @@ -97,14 +98,11 @@ namespace Org.BouncyCastle.Crmf { return new AuthenticatorControl(DerUtf8String.GetInstance(found.Value)); } - } + } return null; } - - - - public AttributeTypeAndValue findControl(DerObjectIdentifier type) + public AttributeTypeAndValue FindControl(DerObjectIdentifier type) { if (controls == null) { @@ -163,9 +161,9 @@ namespace Org.BouncyCastle.Crmf } return false; - } } + /// <summary> /// Return whether or not a signing key proof-of-possession (POP) is valid. /// </summary> @@ -189,8 +187,6 @@ namespace Org.BouncyCastle.Crmf throw new InvalidOperationException("not Signing Key type of proof of possession"); } - - private bool verifySignature(IVerifierFactoryProvider verifierFactoryProvider, PopoSigningKey signKey) { IVerifierFactory verifer; @@ -202,22 +198,22 @@ namespace Org.BouncyCastle.Crmf } catch (Exception ex) { - throw new CrmfException("unable to create verifier: "+ex.Message, ex); + throw new CrmfException("unable to create verifier: " + ex.Message, ex); } if (signKey.PoposkInput != null) { byte[] b = signKey.GetDerEncoded(); - calculator.Stream.Write(b,0,b.Length); + calculator.Stream.Write(b, 0, b.Length); } else - { + { byte[] b = certReqMsg.CertReq.GetDerEncoded(); - calculator.Stream.Write(b,0,b.Length); + calculator.Stream.Write(b, 0, b.Length); } - DefaultVerifierResult result = (DefaultVerifierResult) calculator.GetResult(); - + DefaultVerifierResult result = (DefaultVerifierResult)calculator.GetResult(); + return result.IsVerified(signKey.Signature.GetBytes()); } diff --git a/crypto/src/crmf/CertificateRequestMessageBuilder.cs b/crypto/src/crmf/CertificateRequestMessageBuilder.cs index 9c3cf954d..88d1d87bd 100644 --- a/crypto/src/crmf/CertificateRequestMessageBuilder.cs +++ b/crypto/src/crmf/CertificateRequestMessageBuilder.cs @@ -1,14 +1,13 @@ using System; using System.Collections; -using System.Collections.Generic; -using System.Security.Cryptography.X509Certificates; -using System.Text; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Crmf; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Crmf { @@ -17,7 +16,7 @@ namespace Org.BouncyCastle.Crmf private readonly BigInteger _certReqId; private X509ExtensionsGenerator _extGenerator; private CertTemplateBuilder _templateBuilder; - private ArrayList _controls= new ArrayList(); + private IList _controls = Platform.CreateArrayList(); private ISignatureFactory _popSigner; private PKMacBuilder _pkMacBuilder; private char[] _password; @@ -44,7 +43,6 @@ namespace Org.BouncyCastle.Crmf return this; } - public CertificateRequestMessageBuilder SetIssuer(X509Name issuer) { if (issuer != null) @@ -78,13 +76,13 @@ namespace Org.BouncyCastle.Crmf public CertificateRequestMessageBuilder SetValidity(Time notBefore, Time notAfter) { _templateBuilder.SetValidity(new OptionalValidity(notBefore, notAfter)); - return this; + return this; } public CertificateRequestMessageBuilder AddExtension(DerObjectIdentifier oid, bool critical, Asn1Encodable value) { - _extGenerator.AddExtension(oid,critical, value); + _extGenerator.AddExtension(oid, critical, value); return this; } @@ -109,7 +107,7 @@ namespace Org.BouncyCastle.Crmf } this._popSigner = popoSignatureFactory; - + return this; } @@ -123,7 +121,6 @@ namespace Org.BouncyCastle.Crmf this._popoType = ProofOfPossession.TYPE_KEY_ENCIPHERMENT; this._popoPrivKey = new PopoPrivKey(msg); - return this; } @@ -142,7 +139,7 @@ namespace Org.BouncyCastle.Crmf this._popoType = type; this._popoPrivKey = new PopoPrivKey(msg); - return this; + return this; } public CertificateRequestMessageBuilder SetProofOfPossessionAgreeMac(PKMacValue macValue) @@ -152,7 +149,7 @@ namespace Org.BouncyCastle.Crmf throw new InvalidOperationException("only one proof of possession allowed"); } - this._agreeMac = macValue; + this._agreeMac = macValue; return this; } @@ -189,35 +186,31 @@ namespace Org.BouncyCastle.Crmf public CertificateRequestMessage Build() { - Asn1EncodableVector v = new Asn1EncodableVector(); - - v.Add(new DerInteger(this._certReqId)); + Asn1EncodableVector v = new Asn1EncodableVector(new DerInteger(this._certReqId)); if (!this._extGenerator.IsEmpty) { - this._templateBuilder.SetExtensions(_extGenerator.Generate()); + this._templateBuilder.SetExtensions(_extGenerator.Generate()); } v.Add(_templateBuilder.Build()); - if (_controls.Count>0) + if (_controls.Count > 0) { Asn1EncodableVector controlV = new Asn1EncodableVector(); - foreach (Object item in _controls) + foreach (object item in _controls) { - IControl control = (IControl) item; + IControl control = (IControl)item; controlV.Add(new AttributeTypeAndValue(control.Type, control.Value)); } - + v.Add(new DerSequence(controlV)); } CertRequest request = CertRequest.GetInstance(new DerSequence(v)); - v = new Asn1EncodableVector(); - - v.Add(request); + v = new Asn1EncodableVector(request); if (_popSigner != null) { @@ -226,27 +219,27 @@ namespace Org.BouncyCastle.Crmf if (template.Subject == null || template.PublicKey == null) { SubjectPublicKeyInfo pubKeyInfo = request.CertTemplate.PublicKey; - + ProofOfPossessionSigningKeyBuilder builder = new ProofOfPossessionSigningKeyBuilder(pubKeyInfo); if (_sender != null) { - builder.setSender(_sender); + builder.SetSender(_sender); } else { - // PkMa pkmacGenerator = new PKMACValueGenerator(_pkmacBuilder); + //PKMACValueGenerator pkmacGenerator = new PKMACValueGenerator(_pkmacBuilder); - builder.setPublicKeyMac(_pkMacBuilder, _password); + builder.SetPublicKeyMac(_pkMacBuilder, _password); } - v.Add(new ProofOfPossession(builder.build(_popSigner))); + v.Add(new ProofOfPossession(builder.Build(_popSigner))); } else { ProofOfPossessionSigningKeyBuilder builder = new ProofOfPossessionSigningKeyBuilder(request); - v.Add(new ProofOfPossession(builder.build(_popSigner))); + v.Add(new ProofOfPossession(builder.Build(_popSigner))); } } else if (_popoPrivKey != null) @@ -256,7 +249,7 @@ namespace Org.BouncyCastle.Crmf else if (_agreeMac != null) { v.Add(new ProofOfPossession(ProofOfPossession.TYPE_KEY_AGREEMENT, - PopoPrivKey.GetInstance(new DerTaggedObject(false, PopoPrivKey.agreeMAC, _agreeMac),true ))); + PopoPrivKey.GetInstance(new DerTaggedObject(false, PopoPrivKey.agreeMAC, _agreeMac), true))); } else if (_popRaVerified != null) diff --git a/crypto/src/crmf/CrmfException.cs b/crypto/src/crmf/CrmfException.cs index c80f480b7..5ae13a0eb 100644 --- a/crypto/src/crmf/CrmfException.cs +++ b/crypto/src/crmf/CrmfException.cs @@ -1,25 +1,21 @@ using System; -using System.Collections.Generic; -using System.Runtime.Serialization; -using System.Text; namespace Org.BouncyCastle.Crmf { - public class CrmfException : Exception + public class CrmfException + : Exception { public CrmfException() { } - public CrmfException(string message) : base(message) + public CrmfException(string message) + : base(message) { } - public CrmfException(string message, Exception innerException) : base(message, innerException) - { - } - - protected CrmfException(SerializationInfo info, StreamingContext context) : base(info, context) + public CrmfException(string message, Exception innerException) + : base(message, innerException) { } } diff --git a/crypto/src/crmf/DefaultPKMacPrimitivesProvider.cs b/crypto/src/crmf/DefaultPKMacPrimitivesProvider.cs index 1757d6a92..01e196ef4 100644 --- a/crypto/src/crmf/DefaultPKMacPrimitivesProvider.cs +++ b/crypto/src/crmf/DefaultPKMacPrimitivesProvider.cs @@ -1,14 +1,13 @@ using System; -using System.Collections.Generic; -using System.Text; + using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Security; -using Org.BouncyCastle.Crypto.Parameters; namespace Org.BouncyCastle.Crmf { - public class DefaultPKMacPrimitivesProvider : IPKMacPrimitivesProvider + public class DefaultPKMacPrimitivesProvider + : IPKMacPrimitivesProvider { public IDigest CreateDigest(AlgorithmIdentifier digestAlg) { diff --git a/crypto/src/crmf/EncryptedValueBuilder.cs b/crypto/src/crmf/EncryptedValueBuilder.cs index b8076c0e9..8f220330e 100644 --- a/crypto/src/crmf/EncryptedValueBuilder.cs +++ b/crypto/src/crmf/EncryptedValueBuilder.cs @@ -1,28 +1,28 @@ using System; using System.Collections; -using System.Collections.Generic; +using System.IO; using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Crmf; using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Engines; using Org.BouncyCastle.Crypto.Parameters; -using Org.BouncyCastle.Utilities; -using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Asn1; -using Org.BouncyCastle.Asn1.Crmf; -using System.IO; using Org.BouncyCastle.Pkcs; -using Org.BouncyCastle.Asn1.Pkcs; -using Org.BouncyCastle.X509; +using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Crmf { public class EncryptedValueBuilder { - private IKeyWrapper wrapper; - private ICipherBuilderWithKey encryptor; - private EncryptedValuePadder padder; + private readonly IKeyWrapper wrapper; + private readonly ICipherBuilderWithKey encryptor; + private readonly IEncryptedValuePadder padder; /// /// Create a builder that makes EncryptedValue structures. @@ -30,7 +30,8 @@ namespace Org.BouncyCastle.Crmf /// <param name="wrapper">wrapper a wrapper for key used to encrypt the actual data contained in the EncryptedValue.</param> /// <param name="encryptor">encryptor an output encryptor to encrypt the actual data contained in the EncryptedValue. </param> /// - public EncryptedValueBuilder(IKeyWrapper wrapper, ICipherBuilderWithKey encryptor) : this(wrapper, encryptor, null) + public EncryptedValueBuilder(IKeyWrapper wrapper, ICipherBuilderWithKey encryptor) + : this(wrapper, encryptor, null) { } @@ -41,7 +42,7 @@ namespace Org.BouncyCastle.Crmf /// <param name="encryptor">encryptor an output encryptor to encrypt the actual data contained in the EncryptedValue.</param> /// <param name="padder">padder a padder to ensure that the EncryptedValue created will always be a constant length.</param> /// - public EncryptedValueBuilder(IKeyWrapper wrapper, ICipherBuilderWithKey encryptor, EncryptedValuePadder padder) + public EncryptedValueBuilder(IKeyWrapper wrapper, ICipherBuilderWithKey encryptor, IEncryptedValuePadder padder) { this.wrapper = wrapper; this.encryptor = encryptor; @@ -56,7 +57,7 @@ namespace Org.BouncyCastle.Crmf /// public EncryptedValue Build(char[] revocationPassphrase) { - return encryptData(padData(Strings.ToUtf8ByteArray(revocationPassphrase))); + return EncryptData(PadData(Strings.ToUtf8ByteArray(revocationPassphrase))); } ///<summary> @@ -71,7 +72,7 @@ namespace Org.BouncyCastle.Crmf { try { - return encryptData(padData(holder.GetEncoded())); + return EncryptData(PadData(holder.GetEncoded())); } catch (IOException e) { @@ -110,19 +111,16 @@ namespace Org.BouncyCastle.Crmf { throw new CrmfException("cannot wrap key: " + e.Message, e); } - } - private EncryptedValue encryptData(byte[] data) + private EncryptedValue EncryptData(byte[] data) { MemoryOutputStream bOut = new MemoryOutputStream(); - Stream eOut = encryptor.BuildCipher(bOut).Stream; try { eOut.Write(data, 0, data.Length); - eOut.Close(); } catch (IOException e) @@ -132,8 +130,8 @@ namespace Org.BouncyCastle.Crmf AlgorithmIdentifier intendedAlg = null; AlgorithmIdentifier symmAlg = (AlgorithmIdentifier)encryptor.AlgorithmDetails; - DerBitString encSymmKey; + DerBitString encSymmKey; try { encSymmKey = new DerBitString(wrapper.Wrap(((KeyParameter)encryptor.Key).GetKey()).Collect()); @@ -150,7 +148,7 @@ namespace Org.BouncyCastle.Crmf return new EncryptedValue(intendedAlg, symmAlg, encSymmKey, keyAlg, valueHint, encValue); } - private byte[] padData(byte[] data) + private byte[] PadData(byte[] data) { if (padder != null) { diff --git a/crypto/src/crmf/IControl.cs b/crypto/src/crmf/IControl.cs index 14fcc2cd3..9a29ac12a 100644 --- a/crypto/src/crmf/IControl.cs +++ b/crypto/src/crmf/IControl.cs @@ -1,8 +1,6 @@ using System; using Org.BouncyCastle.Asn1; -using Org.BouncyCastle.Asn1.Crmf; -using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Crmf { diff --git a/crypto/src/crmf/IEncryptedValuePadder.cs b/crypto/src/crmf/IEncryptedValuePadder.cs index b12993e1f..b8986144e 100644 --- a/crypto/src/crmf/IEncryptedValuePadder.cs +++ b/crypto/src/crmf/IEncryptedValuePadder.cs @@ -1,15 +1,12 @@ using System; -using System.Collections.Generic; -using System.Text; namespace Org.BouncyCastle.Crmf { - /// <summary> /// An encrypted value padder is used to make sure that prior to a value been /// encrypted the data is padded to a standard length. /// </summary> - public interface EncryptedValuePadder + public interface IEncryptedValuePadder { /// /// <summary>Return a byte array of padded data.</summary> diff --git a/crypto/src/crmf/IPKMacPrimitivesProvider.cs b/crypto/src/crmf/IPKMacPrimitivesProvider.cs index 8b90be515..08f6a624a 100644 --- a/crypto/src/crmf/IPKMacPrimitivesProvider.cs +++ b/crypto/src/crmf/IPKMacPrimitivesProvider.cs @@ -1,20 +1,6 @@ using System; -using System.Collections.Generic; -using System.IO; -using System.Text; -using Org.BouncyCastle.Asn1; -using Org.BouncyCastle.Asn1.Cmp; -using Org.BouncyCastle.Asn1.Iana; -using Org.BouncyCastle.Asn1.Nist; -using Org.BouncyCastle.Asn1.Oiw; -using Org.BouncyCastle.Asn1.Pkcs; + using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Cms; -using Org.BouncyCastle.Crypto.IO; -using Org.BouncyCastle.Crypto.Parameters; -using Org.BouncyCastle.Security; -using Org.BouncyCastle.Utilities; -using Org.BouncyCastle.Utilities.Encoders; using Org.BouncyCastle.Crypto; namespace Org.BouncyCastle.Crmf diff --git a/crypto/src/crmf/PKMacBuilder.cs b/crypto/src/crmf/PKMacBuilder.cs index 00bec9f8b..6741177da 100644 --- a/crypto/src/crmf/PKMacBuilder.cs +++ b/crypto/src/crmf/PKMacBuilder.cs @@ -1,30 +1,24 @@ using System; -using System.Collections.Generic; using System.IO; -using System.Text; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.Iana; -using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Oiw; -using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Cms; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.IO; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities; -using Org.BouncyCastle.Utilities.Encoders; - namespace Org.BouncyCastle.Crmf { - - class PKMacStreamCalculator : IStreamCalculator + internal class PKMacStreamCalculator + : IStreamCalculator { private readonly MacSink _stream; - + public PKMacStreamCalculator(IMac mac) { _stream = new MacSink(mac); @@ -41,17 +35,16 @@ namespace Org.BouncyCastle.Crmf } } - class PKMacFactory : IMacFactory + internal class PKMacFactory + : IMacFactory { protected readonly PbmParameter parameters; - private byte[] key; - - + private readonly byte[] key; + public PKMacFactory(byte[] key, PbmParameter parameters) { this.key = Arrays.Clone(key); - - this.parameters = parameters; + this.parameters = parameters; } public virtual object AlgorithmDetails @@ -62,14 +55,13 @@ namespace Org.BouncyCastle.Crmf public virtual IStreamCalculator CreateCalculator() { IMac mac = MacUtilities.GetMac(parameters.Mac.Algorithm); - mac.Init(new KeyParameter(key)); - return new PKMacStreamCalculator(mac); } } - class DefaultPKMacResult: IBlockResult + internal class DefaultPKMacResult + : IBlockResult { private readonly IMac mac; @@ -81,9 +73,7 @@ namespace Org.BouncyCastle.Crmf public byte[] Collect() { byte[] res = new byte[mac.GetMacSize()]; - mac.DoFinal(res, 0); - return res; } @@ -121,7 +111,7 @@ namespace Org.BouncyCastle.Crmf /// <param name="provider"></param> public PKMacBuilder(IPKMacPrimitivesProvider provider) : this(new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1), 1000, new AlgorithmIdentifier(IanaObjectIdentifiers.HmacSha1, DerNull.Instance), provider) - { + { } /// <summary> @@ -146,7 +136,6 @@ namespace Org.BouncyCastle.Crmf this.maxIterations = maxIterations; } - private PKMacBuilder(AlgorithmIdentifier digestAlgorithmIdentifier, int iterationCount, AlgorithmIdentifier macAlgorithmIdentifier, IPKMacPrimitivesProvider provider) { this.iterationCount = iterationCount; @@ -164,9 +153,7 @@ namespace Org.BouncyCastle.Crmf public PKMacBuilder SetSaltLength(int saltLength) { if (saltLength < 8) - { throw new ArgumentException("salt length must be at least 8 bytes"); - } this.saltLength = saltLength; @@ -182,10 +169,9 @@ namespace Org.BouncyCastle.Crmf public PKMacBuilder SetIterationCount(int iterationCount) { if (iterationCount < 100) - { throw new ArgumentException("iteration count must be at least 100"); - } - checkIterationCountCeiling(iterationCount); + + CheckIterationCountCeiling(iterationCount); this.iterationCount = iterationCount; @@ -199,7 +185,7 @@ namespace Org.BouncyCastle.Crmf /// <returns>this</returns> public PKMacBuilder SetParameters(PbmParameter parameters) { - checkIterationCountCeiling(parameters.IterationCount.Value.IntValue); + CheckIterationCountCeiling(parameters.IterationCount.Value.IntValue); this.parameters = parameters; @@ -215,7 +201,7 @@ namespace Org.BouncyCastle.Crmf { this.random = random; - return this; + return this; } /// <summary> @@ -226,33 +212,27 @@ namespace Org.BouncyCastle.Crmf public IMacFactory Build(char[] password) { if (parameters != null) + return GenCalculator(parameters, password); + + byte[] salt = new byte[saltLength]; + + if (random == null) { - return genCalculator(parameters, password); + this.random = new SecureRandom(); } - else - { - byte[] salt = new byte[saltLength]; - - if (random == null) - { - this.random = new SecureRandom(); - } - random.NextBytes(salt); + random.NextBytes(salt); - return genCalculator(new PbmParameter(salt, owf, iterationCount, mac), password); - } + return GenCalculator(new PbmParameter(salt, owf, iterationCount, mac), password); } - private void checkIterationCountCeiling(int iterationCount) + private void CheckIterationCountCeiling(int iterationCount) { if (maxIterations > 0 && iterationCount > maxIterations) - { throw new ArgumentException("iteration count exceeds limit (" + iterationCount + " > " + maxIterations + ")"); - } } - private IMacFactory genCalculator(PbmParameter parameters, char[] password) + private IMacFactory GenCalculator(PbmParameter parameters, char[] password) { // From RFC 4211 // @@ -273,8 +253,8 @@ namespace Org.BouncyCastle.Crmf byte[] salt = parameters.Salt.GetOctets(); byte[] K = new byte[pw.Length + salt.Length]; - System.Array.Copy(pw, 0, K, 0, pw.Length); - System.Array.Copy(salt, 0, K, pw.Length, salt.Length); + Array.Copy(pw, 0, K, 0, pw.Length); + Array.Copy(salt, 0, K, pw.Length, salt.Length); IDigest digest = provider.CreateDigest(parameters.Owf); diff --git a/crypto/src/crmf/PkiArchiveControl.cs b/crypto/src/crmf/PkiArchiveControl.cs index d533e6c52..251b8db96 100644 --- a/crypto/src/crmf/PkiArchiveControl.cs +++ b/crypto/src/crmf/PkiArchiveControl.cs @@ -1,6 +1,5 @@ using System; -using System.Collections.Generic; -using System.Text; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cms; using Org.BouncyCastle.Asn1.Crmf; @@ -8,7 +7,8 @@ using Org.BouncyCastle.Cms; namespace Org.BouncyCastle.Crmf { - public class PkiArchiveControl:IControl + public class PkiArchiveControl + : IControl { public static readonly int encryptedPrivKey = PkiArchiveOptions.encryptedPrivKey; public static readonly int keyGenParameters = PkiArchiveOptions.keyGenParameters; @@ -33,7 +33,7 @@ namespace Org.BouncyCastle.Crmf /// <returns>CRMFObjectIdentifiers.id_regCtrl_pkiArchiveOptions</returns> public DerObjectIdentifier Type { - + get { return type; } } @@ -87,9 +87,8 @@ namespace Org.BouncyCastle.Crmf } catch (Exception e) { - throw new CrmfException("CRMF parsing error: "+e.Message, e); + throw new CrmfException("CRMF parsing error: " + e.Message, e); } } - } } diff --git a/crypto/src/crmf/PkiArchiveControlBuilder.cs b/crypto/src/crmf/PkiArchiveControlBuilder.cs index 2677e4e0d..d79f3b5ed 100644 --- a/crypto/src/crmf/PkiArchiveControlBuilder.cs +++ b/crypto/src/crmf/PkiArchiveControlBuilder.cs @@ -1,5 +1,6 @@ using System; using System.IO; + using Org.BouncyCastle.Asn1.Cms; using Org.BouncyCastle.Asn1.Crmf; using Org.BouncyCastle.Asn1.Pkcs; @@ -30,7 +31,7 @@ namespace Org.BouncyCastle.Crmf } catch (IOException e) { - throw new InvalidOperationException("unable to encode key and general name info"); + throw new InvalidOperationException("unable to encode key and general name info", e); } this.envGen = new CmsEnvelopedDataGenerator(); @@ -55,4 +56,4 @@ namespace Org.BouncyCastle.Crmf return new PkiArchiveControl(new PkiArchiveOptions(new EncryptedKey(envD))); } } -} \ No newline at end of file +} diff --git a/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs b/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs index 8457585ff..49d10a6bf 100644 --- a/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs +++ b/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs @@ -1,12 +1,10 @@ using System; -using System.Collections.Generic; -using System.Text; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Crmf; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Operators; -using Org.BouncyCastle.Crypto.Paddings; namespace Org.BouncyCastle.Crmf { @@ -27,14 +25,14 @@ namespace Org.BouncyCastle.Crmf this._pubKeyInfo = pubKeyInfo; } - public ProofOfPossessionSigningKeyBuilder setSender(GeneralName name) + public ProofOfPossessionSigningKeyBuilder SetSender(GeneralName name) { this._name = name; return this; } - public ProofOfPossessionSigningKeyBuilder setPublicKeyMac(PKMacBuilder generator, char[] password) + public ProofOfPossessionSigningKeyBuilder SetPublicKeyMac(PKMacBuilder generator, char[] password) { IMacFactory fact = generator.Build(password); @@ -51,7 +49,7 @@ namespace Org.BouncyCastle.Crmf return this; } - public PopoSigningKey build(ISignatureFactory signer) + public PopoSigningKey Build(ISignatureFactory signer) { if (_name != null && _publicKeyMAC != null) { diff --git a/crypto/src/crmf/RegTokenControl.cs b/crypto/src/crmf/RegTokenControl.cs index 90e956f67..43484097c 100644 --- a/crypto/src/crmf/RegTokenControl.cs +++ b/crypto/src/crmf/RegTokenControl.cs @@ -1,17 +1,15 @@ using System; -using System.Collections.Generic; -using System.Text; -using Org.BouncyCastle.Crmf; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Crmf; namespace Org.BouncyCastle.Crmf { - public class RegTokenControl:IControl + public class RegTokenControl + : IControl { private static readonly DerObjectIdentifier type = CrmfObjectIdentifiers.id_regCtrl_regToken; - + private readonly DerUtf8String token; /// <summary> @@ -22,11 +20,12 @@ namespace Org.BouncyCastle.Crmf { this.token = token; } + /// <summary> /// Basic constructor - build from a string representing the token. /// </summary> /// <param name="token">string representing the token.</param> - public RegTokenControl(String token) + public RegTokenControl(string token) { this.token = new DerUtf8String(token); } diff --git a/crypto/src/crypto/ICipher.cs b/crypto/src/crypto/ICipher.cs index 9041e61ad..3768ee0e3 100644 --- a/crypto/src/crypto/ICipher.cs +++ b/crypto/src/crypto/ICipher.cs @@ -1,7 +1,5 @@ using System; -using System.Collections.Generic; using System.IO; -using System.Text; namespace Org.BouncyCastle.Crypto { diff --git a/crypto/src/crypto/ICipherBuilder.cs b/crypto/src/crypto/ICipherBuilder.cs index 5d4d1279c..9b0e2b343 100644 --- a/crypto/src/crypto/ICipherBuilder.cs +++ b/crypto/src/crypto/ICipherBuilder.cs @@ -6,19 +6,19 @@ namespace Org.BouncyCastle.Crypto /// <summary> /// Base interface for cipher builders. /// </summary> - public interface ICipherBuilder - { + public interface ICipherBuilder + { /// <summary> /// Return the algorithm and parameter details associated with any cipher built. /// </summary> - Object AlgorithmDetails { get ; } + object AlgorithmDetails { get; } /// <summary> /// Return the maximum output size that a given input will produce. /// </summary> /// <param name="inputLen">the length of the expected input.</param> /// <returns>The maximum possible output size that can produced for the expected input length.</returns> - int GetMaxOutputSize (int inputLen); + int GetMaxOutputSize(int inputLen); /// <summary> /// Build a cipher that operates on the passed in stream. @@ -26,6 +26,5 @@ namespace Org.BouncyCastle.Crypto /// <param name="stream">The stream to write/read any encrypted/decrypted data.</param> /// <returns>A cipher based around the given stream.</returns> ICipher BuildCipher(Stream stream); - } + } } - diff --git a/crypto/src/crypto/ICipherBuilderWithKey.cs b/crypto/src/crypto/ICipherBuilderWithKey.cs index 01a7a2caf..8e79a5e0e 100644 --- a/crypto/src/crypto/ICipherBuilderWithKey.cs +++ b/crypto/src/crypto/ICipherBuilderWithKey.cs @@ -1,10 +1,12 @@ - +using System; + namespace Org.BouncyCastle.Crypto { /// <summary> /// A cipher builder that can also return the key it was initialized with. /// </summary> - public interface ICipherBuilderWithKey: ICipherBuilder + public interface ICipherBuilderWithKey + : ICipherBuilder { /// <summary> /// Return the key we were initialized with. diff --git a/crypto/src/crypto/IDecryptorBuilderProvider.cs b/crypto/src/crypto/IDecryptorBuilderProvider.cs index 7f151e3ae..42ef2be18 100644 --- a/crypto/src/crypto/IDecryptorBuilderProvider.cs +++ b/crypto/src/crypto/IDecryptorBuilderProvider.cs @@ -12,7 +12,6 @@ namespace Org.BouncyCastle.Crypto /// </summary> /// <param name="algorithmDetails">The algorithm details/parameters to use to create the final cipher.</param> /// <returns>A new cipher builder.</returns> - ICipherBuilder CreateDecryptorBuilder (Object algorithmDetails); + ICipherBuilder CreateDecryptorBuilder(object algorithmDetails); } } - diff --git a/crypto/src/crypto/IKeyUnwrapper.cs b/crypto/src/crypto/IKeyUnwrapper.cs index 2e280d912..18d5a8d9f 100644 --- a/crypto/src/crypto/IKeyUnwrapper.cs +++ b/crypto/src/crypto/IKeyUnwrapper.cs @@ -6,11 +6,11 @@ namespace Org.BouncyCastle.Crypto /// Base interface for a key unwrapper. /// </summary> public interface IKeyUnwrapper - { + { /// <summary> /// The parameter set used to configure this key unwrapper. /// </summary> - Object AlgorithmDetails { get; } + object AlgorithmDetails { get; } /// <summary> /// Unwrap the passed in data. @@ -20,6 +20,5 @@ namespace Org.BouncyCastle.Crypto /// <param name="length">The length of the data to be unwrapped.</param> /// <returns>an IBlockResult containing the unwrapped key data.</returns> IBlockResult Unwrap(byte[] cipherText, int offset, int length); - } + } } - diff --git a/crypto/src/crypto/IKeyWrapper.cs b/crypto/src/crypto/IKeyWrapper.cs index d3ece2de2..27f338420 100644 --- a/crypto/src/crypto/IKeyWrapper.cs +++ b/crypto/src/crypto/IKeyWrapper.cs @@ -1,6 +1,4 @@ using System; -using System.Collections.Generic; -using System.Text; namespace Org.BouncyCastle.Crypto { @@ -12,7 +10,7 @@ namespace Org.BouncyCastle.Crypto /// <summary> /// The parameter set used to configure this key wrapper. /// </summary> - Object AlgorithmDetails { get; } + object AlgorithmDetails { get; } /// <summary> /// Wrap the passed in key data. diff --git a/crypto/src/crypto/IMacFactory.cs b/crypto/src/crypto/IMacFactory.cs index d6b7ddfa7..9180ef1ea 100644 --- a/crypto/src/crypto/IMacFactory.cs +++ b/crypto/src/crypto/IMacFactory.cs @@ -1,13 +1,11 @@ using System; -using System.Collections.Generic; -using System.Text; namespace Org.BouncyCastle.Crypto { public interface IMacFactory { /// <summary>The algorithm details object for this calculator.</summary> - Object AlgorithmDetails { get; } + object AlgorithmDetails { get; } /// <summary> /// Create a stream calculator for this signature calculator. The stream diff --git a/crypto/src/crypto/Security.cs b/crypto/src/crypto/Security.cs index 716679044..f6f6924a0 100644 --- a/crypto/src/crypto/Security.cs +++ b/crypto/src/crypto/Security.cs @@ -1,4 +1,7 @@ -using Org.BouncyCastle.Crypto; +using System; +using System.Text; + +using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Digests; using Org.BouncyCastle.Crypto.Engines; using Org.BouncyCastle.Crypto.Generators; @@ -6,23 +9,17 @@ using Org.BouncyCastle.Crypto.Modes; using Org.BouncyCastle.Crypto.Paddings; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Security; -using System; -using System.Text; +using Org.BouncyCastle.Utilities.Encoders; namespace crypto { public class Security { // USAGE - //var key = Security.GenerateText(32); - //var iv = Security.GenerateText(16); - //var encrypted = Security.Encrypt("MY SECRET", key, iv); - - //var dencrypted = Security.Decrypt(encrypted, key, iv); - + //var decrypted = Security.Decrypt(encrypted, key, iv); /// <summary> /// Return a salted hash based on PBKDF2 for the UTF-8 encoding of the argument text. @@ -30,79 +27,50 @@ namespace crypto /// <param name="text">Provided key text</param> /// <param name="salt">Base64 encoded string representing the salt</param> /// <returns></returns> - public static String ComputeHash(string text, string salt) + public static string ComputeHash(string text, string salt) { - var data = Encoding.UTF8.GetBytes(text); - var sha = new Sha512Digest(); - var gen = new Pkcs5S2ParametersGenerator(sha); + byte[] data = Encoding.UTF8.GetBytes(text); + Sha512Digest sha = new Sha512Digest(); + Pkcs5S2ParametersGenerator gen = new Pkcs5S2ParametersGenerator(sha); - gen.Init(data, Convert.FromBase64String(salt), 2048); + gen.Init(data, Base64.Decode(salt), 2048); - return Convert.ToBase64String(((KeyParameter)gen.GenerateDerivedParameters(sha.GetDigestSize() * 8)).GetKey()); + return Base64.ToBase64String(((KeyParameter)gen.GenerateDerivedParameters(sha.GetDigestSize() * 8)).GetKey()); } - public static String Decrypt(String cipherText, String key, String iv) - + public static string Decrypt(string cipherText, string key, string iv) { - - var cipher = CreateCipher(false, key, iv); - - var textAsBytes = cipher.DoFinal(Convert.FromBase64String(cipherText)); - - + IBufferedCipher cipher = CreateCipher(false, key, iv); + byte[] textAsBytes = cipher.DoFinal(Base64.Decode(cipherText)); return Encoding.UTF8.GetString(textAsBytes, 0, textAsBytes.Length); - } - - - public static String Encrypt(String plainText, String key, String iv) - + public static string Encrypt(string plainText, string key, string iv) { + IBufferedCipher cipher = CreateCipher(true, key, iv); - var cipher = CreateCipher(true, key, iv); - - - - return Convert.ToBase64String(cipher.DoFinal(Encoding.UTF8.GetBytes(plainText))); - + return Base64.ToBase64String(cipher.DoFinal(Encoding.UTF8.GetBytes(plainText))); } - - - public static String GenerateText(int size) - + public static string GenerateText(int size) { - - var textAsBytes = new Byte[size]; - - var secureRandom = SecureRandom.GetInstance("SHA256PRNG", true); - - + byte[] textAsBytes = new byte[size]; + SecureRandom secureRandom = SecureRandom.GetInstance("SHA256PRNG", true); secureRandom.NextBytes(textAsBytes); - - return Convert.ToBase64String(textAsBytes); - + return Base64.ToBase64String(textAsBytes); } - - - private static PaddedBufferedBlockCipher CreateCipher(Boolean isEncryption, String key, String iv) - + private static IBufferedCipher CreateCipher(bool isEncryption, string key, string iv) { - - var cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new RijndaelEngine()), new ISO10126d2Padding()); - - var keyParam = new KeyParameter(Convert.FromBase64String(key)); - - ICipherParameters cipherParams = String.IsNullOrEmpty(iv) ? (ICipherParameters)keyParam : new ParametersWithIV(keyParam, Convert.FromBase64String(iv)); - + IBufferedCipher cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new RijndaelEngine()), new ISO10126d2Padding()); + KeyParameter keyParam = new KeyParameter(Base64.Decode(key)); + ICipherParameters cipherParams = (null == iv || iv.Length < 1) + ? (ICipherParameters)keyParam + : new ParametersWithIV(keyParam, Base64.Decode(iv)); cipher.Init(isEncryption, cipherParams); - return cipher; - } } } diff --git a/crypto/src/crypto/SimpleBlockResult.cs b/crypto/src/crypto/SimpleBlockResult.cs index 01a6c4e01..6cacda63f 100644 --- a/crypto/src/crypto/SimpleBlockResult.cs +++ b/crypto/src/crypto/SimpleBlockResult.cs @@ -2,50 +2,52 @@ namespace Org.BouncyCastle.Crypto { - /// <summary> - /// A simple block result object which just carries a byte array. - /// </summary> - public class SimpleBlockResult: IBlockResult - { - private readonly bool approvedOnlyMode; - private readonly byte[] result; + /// <summary> + /// A simple block result object which just carries a byte array. + /// </summary> + public class SimpleBlockResult + : IBlockResult + { + private readonly byte[] result; /// <summary> /// Base constructor - a wrapper for the passed in byte array. /// </summary> /// <param name="result">The byte array to be wrapped.</param> - public SimpleBlockResult (byte[] result) - { - this.result = result; - } + public SimpleBlockResult(byte[] result) + { + this.result = result; + } - /// <summary> - /// Return the number of bytes in the result - /// </summary> - /// <value>The length of the result in bytes.</value> - public int Length { get { return result.Length; } } + /// <summary> + /// Return the number of bytes in the result + /// </summary> + /// <value>The length of the result in bytes.</value> + public int Length + { + get { return result.Length; } + } - /// <summary> - /// Return the final result of the operation. - /// </summary> - /// <returns>A block of bytes, representing the result of an operation.</returns> - public byte[] Collect() - { + /// <summary> + /// Return the final result of the operation. + /// </summary> + /// <returns>A block of bytes, representing the result of an operation.</returns> + public byte[] Collect() + { return result; - } + } - /// <summary> - /// Store the final result of the operation by copying it into the destination array. - /// </summary> - /// <returns>The number of bytes copied into destination.</returns> - /// <param name="destination">The byte array to copy the result into.</param> - /// <param name="offset">The offset into destination to start copying the result at.</param> - public int Collect(byte[] destination, int offset) - { - Array.Copy (result, 0, destination, offset, result.Length); + /// <summary> + /// Store the final result of the operation by copying it into the destination array. + /// </summary> + /// <returns>The number of bytes copied into destination.</returns> + /// <param name="destination">The byte array to copy the result into.</param> + /// <param name="offset">The offset into destination to start copying the result at.</param> + public int Collect(byte[] destination, int offset) + { + Array.Copy(result, 0, destination, offset, result.Length); - return result.Length; - } - } + return result.Length; + } + } } - diff --git a/crypto/src/crypto/operators/Asn1CipherBuilder.cs b/crypto/src/crypto/operators/Asn1CipherBuilder.cs index adb4507a3..d5840746f 100644 --- a/crypto/src/crypto/operators/Asn1CipherBuilder.cs +++ b/crypto/src/crypto/operators/Asn1CipherBuilder.cs @@ -1,5 +1,7 @@ -using System.Collections; +using System; +using System.Collections; using System.IO; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Ntt; @@ -7,44 +9,42 @@ using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Cms; using Org.BouncyCastle.Crypto.IO; using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities; -using Org.BouncyCastle.Crypto.Utilities; namespace Org.BouncyCastle.Crypto.Operators { - public class Asn1CipherBuilderWithKey:ICipherBuilderWithKey + public class Asn1CipherBuilderWithKey : ICipherBuilderWithKey { - private readonly KeyParameter encKey; private AlgorithmIdentifier algorithmIdentifier; - - + public Asn1CipherBuilderWithKey(DerObjectIdentifier encryptionOID, int keySize, SecureRandom random) { if (random == null) { - random= new SecureRandom(); + random = new SecureRandom(); } + CipherKeyGenerator keyGen = CipherKeyGeneratorFactory.CreateKeyGenerator(encryptionOID, random); - + encKey = new KeyParameter(keyGen.GenerateKey()); algorithmIdentifier = AlgorithmIdentifierFactory.GenerateEncryptionAlgID(encryptionOID, encKey.GetKey().Length * 8, random); } - public object AlgorithmDetails { get { return algorithmIdentifier; } } + public int GetMaxOutputSize(int inputLen) { - throw new System.NotImplementedException(); + throw new NotImplementedException(); } public ICipher BuildCipher(Stream stream) { - object cipher = EnvelopedDataHelper.CreateContentCipher(true, encKey, algorithmIdentifier); // @@ -54,7 +54,7 @@ namespace Org.BouncyCastle.Crypto.Operators if (cipher is IStreamCipher) { - cipher = new BufferedStreamCipher((IStreamCipher)cipher); + cipher = new BufferedStreamCipher((IStreamCipher)cipher); } if (stream == null) @@ -62,7 +62,7 @@ namespace Org.BouncyCastle.Crypto.Operators stream = new MemoryStream(); } - return new BufferedCipherWrapper((IBufferedCipher)cipher,stream); + return new BufferedCipherWrapper((IBufferedCipher)cipher, stream); } public ICipherParameters Key diff --git a/crypto/src/crypto/operators/Asn1KeyWrapper.cs b/crypto/src/crypto/operators/Asn1KeyWrapper.cs index ffce7f63a..e2b2f8a37 100644 --- a/crypto/src/crypto/operators/Asn1KeyWrapper.cs +++ b/crypto/src/crypto/operators/Asn1KeyWrapper.cs @@ -1,22 +1,21 @@ using System; using System.Collections; -using System.Collections.Generic; -using System.Text; -using Org.BouncyCastle.X509; + using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Crypto.Digests; using Org.BouncyCastle.Crypto.Encodings; using Org.BouncyCastle.Crypto.Engines; -using Org.BouncyCastle.Utilities; -using Org.BouncyCastle.Asn1.Oiw; -using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Crypto.Operators { - public class Asn1KeyWrapper : IKeyWrapper + public class Asn1KeyWrapper + : IKeyWrapper { private string algorithm; private IKeyWrapper wrapper; @@ -47,11 +46,11 @@ namespace Org.BouncyCastle.Crypto.Operators static KeyWrapperUtil() { - providerMap["RSA/NONE/OAEPWITHSHA1ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha1_Oaep); - providerMap["RSA/NONE/OAEPWITHSHA224ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha224_Oaep); - providerMap["RSA/NONE/OAEPWITHSHA256ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha256_Oaep); - providerMap["RSA/NONE/OAEPWITHSHA384ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha384_Oaep); - providerMap["RSA/NONE/OAEPWITHSHA512ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha512_Oaep); + providerMap.Add("RSA/NONE/OAEPWITHSHA1ANDMGF1PADDING", new RsaOaepWrapperProvider(OiwObjectIdentifiers.IdSha1)); + providerMap.Add("RSA/NONE/OAEPWITHSHA224ANDMGF1PADDING", new RsaOaepWrapperProvider(NistObjectIdentifiers.IdSha224)); + providerMap.Add("RSA/NONE/OAEPWITHSHA256ANDMGF1PADDING", new RsaOaepWrapperProvider(NistObjectIdentifiers.IdSha256)); + providerMap.Add("RSA/NONE/OAEPWITHSHA384ANDMGF1PADDING", new RsaOaepWrapperProvider(NistObjectIdentifiers.IdSha384)); + providerMap.Add("RSA/NONE/OAEPWITHSHA512ANDMGF1PADDING", new RsaOaepWrapperProvider(NistObjectIdentifiers.IdSha512)); } public static IKeyWrapper WrapperForName(string algorithm, ICipherParameters parameters) @@ -59,77 +58,28 @@ namespace Org.BouncyCastle.Crypto.Operators WrapperProvider provider = (WrapperProvider)providerMap[Strings.ToUpperCase(algorithm)]; if (provider == null) - { throw new ArgumentException("could not resolve " + algorithm + " to a KeyWrapper"); - } - return (IKeyWrapper)provider.createWrapper(true, parameters); + return (IKeyWrapper)provider.CreateWrapper(true, parameters); } public static IKeyUnwrapper UnwrapperForName(string algorithm, ICipherParameters parameters) { WrapperProvider provider = (WrapperProvider)providerMap[Strings.ToUpperCase(algorithm)]; if (provider == null) - { throw new ArgumentException("could not resolve " + algorithm + " to a KeyUnwrapper"); - } - - return (IKeyUnwrapper)provider.createWrapper(false, parameters); - } - } - - internal delegate object WrapperCreatorDelegate(bool forWrapping, ICipherParameters parameters); - - /// <summary> - /// Wraps delegate and implements the WrapperProvider Interface. - /// </summary> - internal class WrapperCreator : WrapperProvider - { - private readonly WrapperCreatorDelegate creator; - public WrapperCreator(WrapperCreatorDelegate creator) - { - this.creator = creator; - } - - public object createWrapper(bool forWrapping, ICipherParameters parameters) - { - return this.creator.Invoke(forWrapping, parameters); + return (IKeyUnwrapper)provider.CreateWrapper(false, parameters); } } internal interface WrapperProvider { - object createWrapper(bool forWrapping, ICipherParameters parameters); + object CreateWrapper(bool forWrapping, ICipherParameters parameters); } internal class RsaOaepWrapper : IKeyWrapper, IKeyUnwrapper { - internal static object Rsa_Sha1_Oaep(bool forWrapping, ICipherParameters parameters) - { - return new RsaOaepWrapper(forWrapping, parameters, OiwObjectIdentifiers.IdSha1); - } - - internal static object Rsa_Sha224_Oaep(bool forWrapping, ICipherParameters parameters) - { - return new RsaOaepWrapper(forWrapping, parameters, NistObjectIdentifiers.IdSha224); - } - - internal static object Rsa_Sha256_Oaep(bool forWrapping, ICipherParameters parameters) - { - return new RsaOaepWrapper(forWrapping, parameters, NistObjectIdentifiers.IdSha256); - } - - internal static object Rsa_Sha384_Oaep(bool forWrapping, ICipherParameters parameters) - { - return new RsaOaepWrapper(forWrapping, parameters, NistObjectIdentifiers.IdSha384); - } - - internal static object Rsa_Sha512_Oaep(bool forWrapping, ICipherParameters parameters) - { - return new RsaOaepWrapper(forWrapping, parameters, NistObjectIdentifiers.IdSha512); - } - private readonly AlgorithmIdentifier algId; private readonly IAsymmetricBlockCipher engine; @@ -149,10 +99,7 @@ namespace Org.BouncyCastle.Crypto.Operators public object AlgorithmDetails { - get - { - return algId; - } + get { return algId; } } public IBlockResult Unwrap(byte[] cipherText, int offset, int length) @@ -165,4 +112,20 @@ namespace Org.BouncyCastle.Crypto.Operators return new SimpleBlockResult(engine.ProcessBlock(keyData, 0, keyData.Length)); } } + + internal class RsaOaepWrapperProvider + : WrapperProvider + { + private readonly DerObjectIdentifier digestOid; + + internal RsaOaepWrapperProvider(DerObjectIdentifier digestOid) + { + this.digestOid = digestOid; + } + + object WrapperProvider.CreateWrapper(bool forWrapping, ICipherParameters parameters) + { + return new RsaOaepWrapper(forWrapping, parameters, digestOid); + } + } } diff --git a/crypto/src/crypto/operators/CmsContentEncryptorBuilder.cs b/crypto/src/crypto/operators/CmsContentEncryptorBuilder.cs index da9e32f9e..690e970cb 100644 --- a/crypto/src/crypto/operators/CmsContentEncryptorBuilder.cs +++ b/crypto/src/crypto/operators/CmsContentEncryptorBuilder.cs @@ -1,5 +1,7 @@ -using System.Collections; +using System; +using System.Collections; using System.IO; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Ntt; @@ -16,25 +18,24 @@ namespace Org.BouncyCastle.Operators { public class CmsContentEncryptorBuilder { - private static readonly IDictionary keySizes = Platform.CreateHashtable(); + private static readonly IDictionary KeySizes = Platform.CreateHashtable(); static CmsContentEncryptorBuilder() { - keySizes[NistObjectIdentifiers.IdAes128Cbc] = 128; - keySizes[NistObjectIdentifiers.IdAes192Cbc] =192; - keySizes[NistObjectIdentifiers.IdAes256Cbc] =256; + KeySizes[NistObjectIdentifiers.IdAes128Cbc] = 128; + KeySizes[NistObjectIdentifiers.IdAes192Cbc] = 192; + KeySizes[NistObjectIdentifiers.IdAes256Cbc] = 256; - - keySizes[NttObjectIdentifiers.IdCamellia128Cbc] =128; - keySizes[NttObjectIdentifiers.IdCamellia192Cbc] =192; - keySizes[NttObjectIdentifiers.IdCamellia256Cbc] =256; + KeySizes[NttObjectIdentifiers.IdCamellia128Cbc] = 128; + KeySizes[NttObjectIdentifiers.IdCamellia192Cbc] = 192; + KeySizes[NttObjectIdentifiers.IdCamellia256Cbc] = 256; } - private static int getKeySize(DerObjectIdentifier oid) + private static int GetKeySize(DerObjectIdentifier oid) { - if (keySizes.Contains(oid)) + if (KeySizes.Contains(oid)) { - return (int)keySizes[oid]; + return (int)KeySizes[oid]; } return -1; @@ -43,11 +44,12 @@ namespace Org.BouncyCastle.Operators private readonly DerObjectIdentifier encryptionOID; private readonly int keySize; - - private EnvelopedDataHelper helper = new EnvelopedDataHelper(); - private SecureRandom random; + private readonly EnvelopedDataHelper helper = new EnvelopedDataHelper(); + //private SecureRandom random; - public CmsContentEncryptorBuilder(DerObjectIdentifier encryptionOID):this(encryptionOID, getKeySize(encryptionOID)) { + public CmsContentEncryptorBuilder(DerObjectIdentifier encryptionOID) + : this(encryptionOID, GetKeySize(encryptionOID)) + { } public CmsContentEncryptorBuilder(DerObjectIdentifier encryptionOID, int keySize) @@ -58,7 +60,8 @@ namespace Org.BouncyCastle.Operators public ICipherBuilderWithKey Build() { - return new Asn1CipherBuilderWithKey(encryptionOID,keySize,random); + //return new Asn1CipherBuilderWithKey(encryptionOID, keySize, random); + return new Asn1CipherBuilderWithKey(encryptionOID, keySize, null); } } } diff --git a/crypto/src/crypto/operators/CmsKeyTransRecipientInfoGenerator.cs b/crypto/src/crypto/operators/CmsKeyTransRecipientInfoGenerator.cs index 997231b6e..b73c41dbd 100644 --- a/crypto/src/crypto/operators/CmsKeyTransRecipientInfoGenerator.cs +++ b/crypto/src/crypto/operators/CmsKeyTransRecipientInfoGenerator.cs @@ -1,16 +1,20 @@ -using Org.BouncyCastle.Asn1.X509; +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Cms; using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Asn1; using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Operators { - public class CmsKeyTransRecipientInfoGenerator: KeyTransRecipientInfoGenerator + public class CmsKeyTransRecipientInfoGenerator + : KeyTransRecipientInfoGenerator { - private IKeyWrapper keyWrapper; + private readonly IKeyWrapper keyWrapper; - public CmsKeyTransRecipientInfoGenerator(X509Certificate recipCert, IKeyWrapper keyWrapper): base(new Asn1.Cms.IssuerAndSerialNumber(recipCert.IssuerDN, new DerInteger(recipCert.SerialNumber))) + public CmsKeyTransRecipientInfoGenerator(X509Certificate recipCert, IKeyWrapper keyWrapper) + : base(new Asn1.Cms.IssuerAndSerialNumber(recipCert.IssuerDN, new DerInteger(recipCert.SerialNumber))) { this.keyWrapper = keyWrapper; this.RecipientCert = recipCert; @@ -24,10 +28,7 @@ namespace Org.BouncyCastle.Operators protected override AlgorithmIdentifier AlgorithmDetails { - get - { - return (AlgorithmIdentifier)keyWrapper.AlgorithmDetails; - } + get { return (AlgorithmIdentifier)keyWrapper.AlgorithmDetails; } } protected override byte[] GenerateWrappedKey(Crypto.Parameters.KeyParameter contentKey) diff --git a/crypto/src/crypto/operators/GenericKey.cs b/crypto/src/crypto/operators/GenericKey.cs index b2df74661..89512c7b0 100644 --- a/crypto/src/crypto/operators/GenericKey.cs +++ b/crypto/src/crypto/operators/GenericKey.cs @@ -1,18 +1,17 @@ using System; -using System.Collections.Generic; -using System.Text; + using Org.BouncyCastle.Asn1.X509; namespace Org.BouncyCastle.Crypto.Operators { public class GenericKey { - private AlgorithmIdentifier algorithmIdentifier; - private object representation; + private readonly AlgorithmIdentifier algorithmIdentifier; + private readonly object representation; public GenericKey(object representation) { - algorithmIdentifier = null; + this.algorithmIdentifier = null; this.representation = representation; } diff --git a/crypto/src/crypto/parameters/ECGOST3410Parameters.cs b/crypto/src/crypto/parameters/ECGOST3410Parameters.cs index a3aa1953c..6abcb1647 100644 --- a/crypto/src/crypto/parameters/ECGOST3410Parameters.cs +++ b/crypto/src/crypto/parameters/ECGOST3410Parameters.cs @@ -1,12 +1,14 @@ -using Org.BouncyCastle.Asn1; +using System; + +using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Math; using Org.BouncyCastle.Math.EC; namespace Org.BouncyCastle.Crypto.Parameters { - public class ECGost3410Parameters : ECNamedDomainParameters + public class ECGost3410Parameters + : ECNamedDomainParameters { - private readonly DerObjectIdentifier _publicKeyParamSet; private readonly DerObjectIdentifier _digestParamSet; private readonly DerObjectIdentifier _encryptionParamSet; @@ -30,22 +32,22 @@ namespace Org.BouncyCastle.Crypto.Parameters ECNamedDomainParameters dp, DerObjectIdentifier publicKeyParamSet, DerObjectIdentifier digestParamSet, - DerObjectIdentifier encryptionParamSet) : base(dp.Name, dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed()) + DerObjectIdentifier encryptionParamSet) + : base(dp.Name, dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed()) { this._publicKeyParamSet = publicKeyParamSet; this._digestParamSet = digestParamSet; this._encryptionParamSet = encryptionParamSet; } - public ECGost3410Parameters(ECDomainParameters dp, DerObjectIdentifier publicKeyParamSet, DerObjectIdentifier digestParamSet, - DerObjectIdentifier encryptionParamSet) : base(publicKeyParamSet, dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed()) + DerObjectIdentifier encryptionParamSet) + : base(publicKeyParamSet, dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed()) { this._publicKeyParamSet = publicKeyParamSet; this._digestParamSet = digestParamSet; this._encryptionParamSet = encryptionParamSet; } - } -} \ No newline at end of file +} diff --git a/crypto/src/crypto/parameters/ECNamedDomainParameters.cs b/crypto/src/crypto/parameters/ECNamedDomainParameters.cs index 34e390a8f..4b8e2558f 100644 --- a/crypto/src/crypto/parameters/ECNamedDomainParameters.cs +++ b/crypto/src/crypto/parameters/ECNamedDomainParameters.cs @@ -1,35 +1,42 @@ -using Org.BouncyCastle.Asn1; +using System; + +using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Math; using Org.BouncyCastle.Math.EC; namespace Org.BouncyCastle.Crypto.Parameters { - public class ECNamedDomainParameters : ECDomainParameters + public class ECNamedDomainParameters + : ECDomainParameters { - private DerObjectIdentifier name; + private readonly DerObjectIdentifier name; public DerObjectIdentifier Name { get { return name; } } - public ECNamedDomainParameters(DerObjectIdentifier name, ECDomainParameters dp) : this(name, dp.curve, dp.g, dp.n, dp.h, dp.seed) - { } - + public ECNamedDomainParameters(DerObjectIdentifier name, ECDomainParameters dp) + : this(name, dp.curve, dp.g, dp.n, dp.h, dp.seed) + { + } - public ECNamedDomainParameters(DerObjectIdentifier name, ECCurve curve, ECPoint g, BigInteger n) : base(curve, g, n) + public ECNamedDomainParameters(DerObjectIdentifier name, ECCurve curve, ECPoint g, BigInteger n) + : base(curve, g, n) { this.name = name; } - public ECNamedDomainParameters(DerObjectIdentifier name, ECCurve curve, ECPoint g, BigInteger n, BigInteger h) : base(curve, g, n, h) + public ECNamedDomainParameters(DerObjectIdentifier name, ECCurve curve, ECPoint g, BigInteger n, BigInteger h) + : base(curve, g, n, h) { this.name = name; } - public ECNamedDomainParameters(DerObjectIdentifier name, ECCurve curve, ECPoint g, BigInteger n, BigInteger h, byte[] seed) : base(curve, g, n, h, seed) + public ECNamedDomainParameters(DerObjectIdentifier name, ECCurve curve, ECPoint g, BigInteger n, BigInteger h, byte[] seed) + : base(curve, g, n, h, seed) { this.name = name; } } -} \ No newline at end of file +} diff --git a/crypto/src/crypto/signers/DsaDigestSigner.cs b/crypto/src/crypto/signers/DsaDigestSigner.cs index 7fd8f535f..15444a0f7 100644 --- a/crypto/src/crypto/signers/DsaDigestSigner.cs +++ b/crypto/src/crypto/signers/DsaDigestSigner.cs @@ -126,7 +126,7 @@ namespace Org.BouncyCastle.Crypto.Signers return dsa.VerifySignature(hash, sig[0], sig[1]); } - catch (Exception e) + catch (Exception) { return false; } diff --git a/crypto/src/crypto/tls/AbstractTlsClient.cs b/crypto/src/crypto/tls/AbstractTlsClient.cs index bddbab87f..356aab8d2 100644 --- a/crypto/src/crypto/tls/AbstractTlsClient.cs +++ b/crypto/src/crypto/tls/AbstractTlsClient.cs @@ -34,7 +34,7 @@ namespace Org.BouncyCastle.Crypto.Tls { switch (extensionType) { - case ExtensionType.elliptic_curves: + case ExtensionType.supported_groups: /* * Exception added based on field reports that some servers do send this, although the * Supported Elliptic Curves Extension is clearly intended to be client-only. If @@ -198,7 +198,7 @@ namespace Org.BouncyCastle.Crypto.Tls */ CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.signature_algorithms); - CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.elliptic_curves); + CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.supported_groups); if (TlsEccUtilities.IsEccCipherSuite(this.mSelectedCipherSuite)) { diff --git a/crypto/src/crypto/tls/DtlsReliableHandshake.cs b/crypto/src/crypto/tls/DtlsReliableHandshake.cs index 396ea7483..8715cd799 100644 --- a/crypto/src/crypto/tls/DtlsReliableHandshake.cs +++ b/crypto/src/crypto/tls/DtlsReliableHandshake.cs @@ -114,7 +114,7 @@ namespace Org.BouncyCastle.Crypto.Tls } } } - catch (IOException e) + catch (IOException) { // NOTE: Assume this is a timeout for the moment } diff --git a/crypto/src/crypto/tls/TlsEccUtilities.cs b/crypto/src/crypto/tls/TlsEccUtilities.cs index fb31e1b07..7b7e89f84 100644 --- a/crypto/src/crypto/tls/TlsEccUtilities.cs +++ b/crypto/src/crypto/tls/TlsEccUtilities.cs @@ -26,7 +26,7 @@ namespace Org.BouncyCastle.Crypto.Tls public static void AddSupportedEllipticCurvesExtension(IDictionary extensions, int[] namedCurves) { - extensions[ExtensionType.elliptic_curves] = CreateSupportedEllipticCurvesExtension(namedCurves); + extensions[ExtensionType.supported_groups] = CreateSupportedEllipticCurvesExtension(namedCurves); } public static void AddSupportedPointFormatsExtension(IDictionary extensions, byte[] ecPointFormats) @@ -36,7 +36,7 @@ namespace Org.BouncyCastle.Crypto.Tls public static int[] GetSupportedEllipticCurvesExtension(IDictionary extensions) { - byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.elliptic_curves); + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.supported_groups); return extensionData == null ? null : ReadSupportedEllipticCurvesExtension(extensionData); } diff --git a/crypto/src/crypto/tls/TlsUtilities.cs b/crypto/src/crypto/tls/TlsUtilities.cs index e6bd253aa..9f4aac651 100644 --- a/crypto/src/crypto/tls/TlsUtilities.cs +++ b/crypto/src/crypto/tls/TlsUtilities.cs @@ -2341,7 +2341,7 @@ namespace Org.BouncyCastle.Crypto.Tls { keyExchangeAlgorithm = GetKeyExchangeAlgorithm(cipherSuite); } - catch (IOException e) + catch (IOException) { return true; } diff --git a/crypto/src/crypto/util/AlgorithmIdentifierFactory.cs b/crypto/src/crypto/util/AlgorithmIdentifierFactory.cs index 20eac84ce..ad4d31ede 100644 --- a/crypto/src/crypto/util/AlgorithmIdentifierFactory.cs +++ b/crypto/src/crypto/util/AlgorithmIdentifierFactory.cs @@ -1,4 +1,5 @@ using System; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Kisa; using Org.BouncyCastle.Asn1.Misc; diff --git a/crypto/src/crypto/util/CipherFactory.cs b/crypto/src/crypto/util/CipherFactory.cs index 0a4010b42..f5998267d 100644 --- a/crypto/src/crypto/util/CipherFactory.cs +++ b/crypto/src/crypto/util/CipherFactory.cs @@ -1,4 +1,5 @@ using System; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Kisa; using Org.BouncyCastle.Asn1.Misc; @@ -11,15 +12,13 @@ using Org.BouncyCastle.Crypto.Engines; using Org.BouncyCastle.Crypto.Modes; using Org.BouncyCastle.Crypto.Paddings; using Org.BouncyCastle.Crypto.Parameters; -using Org.BouncyCastle.Crypto.Utilities; -namespace Org.BouncyCastle.Crypto.Utilites +namespace Org.BouncyCastle.Crypto.Utilities { public class CipherFactory { private CipherFactory() { - } private static readonly short[] rc2Ekb = @@ -50,15 +49,12 @@ namespace Org.BouncyCastle.Crypto.Utilites if (encAlg.Equals(PkcsObjectIdentifiers.rc4)) { IStreamCipher cipher = new RC4Engine(); - cipher.Init(forEncryption, encKey); - return cipher; } else { BufferedBlockCipher cipher = CreateCipher(encryptionAlgID.Algorithm); - Asn1Object sParams = encryptionAlgID.Parameters.ToAsn1Object(); if (sParams != null && !(sParams is DerNull)) @@ -110,7 +106,6 @@ namespace Org.BouncyCastle.Crypto.Utilites return cipher; } - } private static BufferedBlockCipher CreateCipher(DerObjectIdentifier algorithm) @@ -118,8 +113,8 @@ namespace Org.BouncyCastle.Crypto.Utilites IBlockCipher cipher; if (NistObjectIdentifiers.IdAes128Cbc.Equals(algorithm) - || NistObjectIdentifiers.IdAes192Cbc.Equals(algorithm) - || NistObjectIdentifiers.IdAes256Cbc.Equals(algorithm)) + || NistObjectIdentifiers.IdAes192Cbc.Equals(algorithm) + || NistObjectIdentifiers.IdAes256Cbc.Equals(algorithm)) { cipher = new CbcBlockCipher(new AesEngine()); } @@ -146,6 +141,5 @@ namespace Org.BouncyCastle.Crypto.Utilites return new PaddedBufferedBlockCipher(cipher, new Pkcs7Padding()); } - } } diff --git a/crypto/src/crypto/util/CipherKeyGeneratorFactory.cs b/crypto/src/crypto/util/CipherKeyGeneratorFactory.cs index f714c40fd..efaad138c 100644 --- a/crypto/src/crypto/util/CipherKeyGeneratorFactory.cs +++ b/crypto/src/crypto/util/CipherKeyGeneratorFactory.cs @@ -1,4 +1,5 @@ using System; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Kisa; using Org.BouncyCastle.Asn1.Nist; @@ -14,74 +15,69 @@ namespace Org.BouncyCastle.Crypto.Utilities { private CipherKeyGeneratorFactory() { - } /** - * Create a key generator for the passed in Object Identifier. - * - * @param algorithm the Object Identifier indicating the algorithn the generator is for. - * @param random a source of random to initialise the generator with. - * @return an initialised CipherKeyGenerator. - * @throws IllegalArgumentException if the algorithm cannot be identified. - */ + * Create a key generator for the passed in Object Identifier. + * + * @param algorithm the Object Identifier indicating the algorithn the generator is for. + * @param random a source of random to initialise the generator with. + * @return an initialised CipherKeyGenerator. + * @throws IllegalArgumentException if the algorithm cannot be identified. + */ public static CipherKeyGenerator CreateKeyGenerator(DerObjectIdentifier algorithm, SecureRandom random) { if (NistObjectIdentifiers.IdAes128Cbc.Equals(algorithm)) { - return createCipherKeyGenerator(random, 128); + return CreateCipherKeyGenerator(random, 128); } else if (NistObjectIdentifiers.IdAes192Cbc.Equals(algorithm)) { - return createCipherKeyGenerator(random, 192); + return CreateCipherKeyGenerator(random, 192); } else if (NistObjectIdentifiers.IdAes256Cbc.Equals(algorithm)) { - return createCipherKeyGenerator(random, 256); + return CreateCipherKeyGenerator(random, 256); } else if (PkcsObjectIdentifiers.DesEde3Cbc.Equals(algorithm)) { DesEdeKeyGenerator keyGen = new DesEdeKeyGenerator(); - keyGen.Init(new KeyGenerationParameters(random, 192)); - return keyGen; } else if (NttObjectIdentifiers.IdCamellia128Cbc.Equals(algorithm)) { - return createCipherKeyGenerator(random, 128); + return CreateCipherKeyGenerator(random, 128); } else if (NttObjectIdentifiers.IdCamellia192Cbc.Equals(algorithm)) { - return createCipherKeyGenerator(random, 192); + return CreateCipherKeyGenerator(random, 192); } else if (NttObjectIdentifiers.IdCamellia256Cbc.Equals(algorithm)) { - return createCipherKeyGenerator(random, 256); + return CreateCipherKeyGenerator(random, 256); } else if (KisaObjectIdentifiers.IdSeedCbc.Equals(algorithm)) { - return createCipherKeyGenerator(random, 128); + return CreateCipherKeyGenerator(random, 128); } else if (AlgorithmIdentifierFactory.CAST5_CBC.Equals(algorithm)) { - return createCipherKeyGenerator(random, 128); + return CreateCipherKeyGenerator(random, 128); } else if (OiwObjectIdentifiers.DesCbc.Equals(algorithm)) { DesKeyGenerator keyGen = new DesKeyGenerator(); - keyGen.Init(new KeyGenerationParameters(random, 64)); - return keyGen; } else if (PkcsObjectIdentifiers.rc4.Equals(algorithm)) { - return createCipherKeyGenerator(random, 128); + return CreateCipherKeyGenerator(random, 128); } else if (PkcsObjectIdentifiers.RC2Cbc.Equals(algorithm)) { - return createCipherKeyGenerator(random, 128); + return CreateCipherKeyGenerator(random, 128); } else { @@ -89,12 +85,10 @@ namespace Org.BouncyCastle.Crypto.Utilities } } - private static CipherKeyGenerator createCipherKeyGenerator(SecureRandom random, int keySize) + private static CipherKeyGenerator CreateCipherKeyGenerator(SecureRandom random, int keySize) { CipherKeyGenerator keyGen = new CipherKeyGenerator(); - keyGen.Init(new KeyGenerationParameters(random, keySize)); - return keyGen; } } diff --git a/crypto/src/math/ec/rfc8032/Ed25519.cs b/crypto/src/math/ec/rfc8032/Ed25519.cs index 6dc52a865..702c48dd3 100644 --- a/crypto/src/math/ec/rfc8032/Ed25519.cs +++ b/crypto/src/math/ec/rfc8032/Ed25519.cs @@ -959,7 +959,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 PointSetNeutral(r); int bit = 255; - while (bit > 0 && (ws_b[bit] | ws_p[bit]) == 0) + while (bit > 0 && ((byte)ws_b[bit] | (byte)ws_p[bit]) == 0) { --bit; } diff --git a/crypto/src/math/ec/rfc8032/Ed448.cs b/crypto/src/math/ec/rfc8032/Ed448.cs index 774052082..597062269 100644 --- a/crypto/src/math/ec/rfc8032/Ed448.cs +++ b/crypto/src/math/ec/rfc8032/Ed448.cs @@ -1046,7 +1046,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 PointSetNeutral(r); int bit = 447; - while (bit > 0 && (ws_b[bit] | ws_p[bit]) == 0) + while (bit > 0 && ((byte)ws_b[bit] | (byte)ws_p[bit]) == 0) { --bit; } diff --git a/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfo.cs b/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfo.cs index 4c4ae83eb..5882dee38 100644 --- a/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfo.cs +++ b/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfo.cs @@ -1,10 +1,11 @@ - +using System; +using System.IO; + using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.IO; -using System; -using System.IO; namespace Org.BouncyCastle.Pkcs { @@ -90,12 +91,11 @@ namespace Org.BouncyCastle.Pkcs ICipher encIn = decryptorBuilder.BuildCipher(new MemoryInputStream(encryptedPrivateKeyInfo.GetEncryptedData())); - using (Stream strm = encIn.Stream) - { - byte[] data = Streams.ReadAll(encIn.Stream); - - return PrivateKeyInfo.GetInstance(data); - } + Stream strm = encIn.Stream; + byte[] data = Streams.ReadAll(encIn.Stream); + Platform.Dispose(strm); + + return PrivateKeyInfo.GetInstance(data); } catch (Exception e) { diff --git a/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfoBuilder.cs b/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfoBuilder.cs index 3b05deea7..8f751492f 100644 --- a/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfoBuilder.cs +++ b/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfoBuilder.cs @@ -1,11 +1,11 @@ -using Org.BouncyCastle.Asn1.Pkcs; +using System; +using System.IO; + +using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.IO; -using System; -using System.Collections.Generic; -using System.IO; -using System.Text; namespace Org.BouncyCastle.Pkcs { @@ -36,10 +36,9 @@ namespace Org.BouncyCastle.Pkcs ICipher cOut = encryptor.BuildCipher(bOut); byte[] keyData = privateKeyInfo.GetEncoded(); - using (var str = cOut.Stream) - { - str.Write(keyData, 0, keyData.Length); - } + Stream str = cOut.Stream; + str.Write(keyData, 0, keyData.Length); + Platform.Dispose(str); return new Pkcs8EncryptedPrivateKeyInfo(new EncryptedPrivateKeyInfo((AlgorithmIdentifier)encryptor.AlgorithmDetails, bOut.ToArray())); } diff --git a/crypto/src/pkcs/PkcsException.cs b/crypto/src/pkcs/PkcsException.cs index f82d36724..7a69ff736 100644 --- a/crypto/src/pkcs/PkcsException.cs +++ b/crypto/src/pkcs/PkcsException.cs @@ -5,13 +5,16 @@ namespace Org.BouncyCastle.Pkcs /// <summary> /// Base exception for PKCS related issues. /// </summary> - public class PkcsException : Exception + public class PkcsException + : Exception { - public PkcsException(String message) : base(message) + public PkcsException(string message) + : base(message) { } - public PkcsException(String message, Exception underlying) : base(message, underlying) + public PkcsException(string message, Exception underlying) + : base(message, underlying) { } } diff --git a/crypto/src/pkix/PkixCertPathValidatorUtilities.cs b/crypto/src/pkix/PkixCertPathValidatorUtilities.cs index 2ccaa32ce..55f4afb19 100644 --- a/crypto/src/pkix/PkixCertPathValidatorUtilities.cs +++ b/crypto/src/pkix/PkixCertPathValidatorUtilities.cs @@ -151,7 +151,7 @@ namespace Org.BouncyCastle.Pkix { return FindTrustAnchor(cert, trustAnchors) != null; } - catch (Exception e) + catch (Exception) { return false; } diff --git a/crypto/src/security/DigestUtilities.cs b/crypto/src/security/DigestUtilities.cs index 7685e3384..a17a9abee 100644 --- a/crypto/src/security/DigestUtilities.cs +++ b/crypto/src/security/DigestUtilities.cs @@ -259,6 +259,11 @@ namespace Org.BouncyCastle.Security return (string) algorithms[oid.Id]; } + public static byte[] CalculateDigest(DerObjectIdentifier id, byte[] input) + { + return CalculateDigest(id.Id, input); + } + public static byte[] CalculateDigest(string algorithm, byte[] input) { IDigest digest = GetDigest(algorithm); diff --git a/crypto/src/util/io/MemoryInputStream.cs b/crypto/src/util/io/MemoryInputStream.cs index d353314ee..cdc5aafb3 100644 --- a/crypto/src/util/io/MemoryInputStream.cs +++ b/crypto/src/util/io/MemoryInputStream.cs @@ -1,13 +1,19 @@ -using System.IO; +using System; +using System.IO; namespace Org.BouncyCastle.Utilities.IO { - public class MemoryInputStream : MemoryStream + public class MemoryInputStream + : MemoryStream { - public MemoryInputStream(byte[] buffer) : base(buffer, false) + public MemoryInputStream(byte[] buffer) + : base(buffer, false) { } - public sealed override bool CanWrite { get { return false; } } + public sealed override bool CanWrite + { + get { return false; } + } } } diff --git a/crypto/src/util/io/MemoryOutputStream.cs b/crypto/src/util/io/MemoryOutputStream.cs index a6de64680..828f23b4a 100644 --- a/crypto/src/util/io/MemoryOutputStream.cs +++ b/crypto/src/util/io/MemoryOutputStream.cs @@ -1,10 +1,14 @@ - +using System; using System.IO; namespace Org.BouncyCastle.Utilities.IO { - public class MemoryOutputStream: MemoryStream + public class MemoryOutputStream + : MemoryStream { - public sealed override bool CanRead { get { return false; } } + public sealed override bool CanRead + { + get { return false; } + } } } diff --git a/crypto/src/x509/X509Certificate.cs b/crypto/src/x509/X509Certificate.cs index 6d7bd7a61..6f2f40411 100644 --- a/crypto/src/x509/X509Certificate.cs +++ b/crypto/src/x509/X509Certificate.cs @@ -8,13 +8,13 @@ using Org.BouncyCastle.Asn1.Misc; using Org.BouncyCastle.Asn1.Utilities; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; using Org.BouncyCastle.Security.Certificates; using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.Encoders; using Org.BouncyCastle.X509.Extension; -using Org.BouncyCastle.Crypto.Operators; namespace Org.BouncyCastle.X509 { @@ -27,8 +27,8 @@ namespace Org.BouncyCastle.X509 // , PKCS12BagAttributeCarrier { private readonly X509CertificateStructure c; -// private Hashtable pkcs12Attributes = new Hashtable(); -// private ArrayList pkcs12Ordering = new ArrayList(); + //private Hashtable pkcs12Attributes = Platform.CreateHashtable(); + //private ArrayList pkcs12Ordering = Platform.CreateArrayList(); private readonly BasicConstraints basicConstraints; private readonly bool[] keyUsage; |