diff --git a/crypto/src/asn1/cms/CcmParameters.cs b/crypto/src/asn1/cms/CcmParameters.cs
new file mode 100644
index 000000000..c9588adca
--- /dev/null
+++ b/crypto/src/asn1/cms/CcmParameters.cs
@@ -0,0 +1,66 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+ public class CcmParameters
+ : Asn1Encodable
+ {
+ private const int DefaultIcvLen = 12;
+
+ private readonly byte[] m_nonce;
+ private readonly int m_icvLen;
+
+ public static CcmParameters GetInstance(object obj)
+ {
+ if (obj == null)
+ return null;
+ if (obj is CcmParameters ccmParameters)
+ return ccmParameters;
+ return new CcmParameters(Asn1Sequence.GetInstance(obj));
+ }
+
+ public static CcmParameters GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit)
+ {
+ return GetInstance(Asn1Sequence.GetInstance(taggedObject, declaredExplicit));
+ }
+
+ private CcmParameters(Asn1Sequence seq)
+ {
+ int count = seq.Count;
+ if (count < 1 || count > 2)
+ throw new ArgumentException("Bad sequence size: " + count, nameof(seq));
+
+ m_nonce = Asn1OctetString.GetInstance(seq[0]).GetOctets();
+
+ if (count > 1)
+ {
+ m_icvLen = DerInteger.GetInstance(seq[1]).IntValueExact;
+ }
+ else
+ {
+ m_icvLen = DefaultIcvLen;
+ }
+ }
+
+ public CcmParameters(byte[] nonce, int icvLen)
+ {
+ m_nonce = Arrays.Clone(nonce);
+ m_icvLen = icvLen;
+ }
+
+ public byte[] GetNonce() => Arrays.Clone(m_nonce);
+
+ public int IcvLen => m_icvLen;
+
+ public override Asn1Object ToAsn1Object()
+ {
+ var nonce = new DerOctetString(m_nonce);
+
+ return m_icvLen == DefaultIcvLen
+ ? new DerSequence(nonce)
+ : new DerSequence(nonce, new DerInteger(m_icvLen));
+ }
+ }
+}
diff --git a/crypto/src/asn1/cms/GcmParameters.cs b/crypto/src/asn1/cms/GcmParameters.cs
new file mode 100644
index 000000000..bc86d27fa
--- /dev/null
+++ b/crypto/src/asn1/cms/GcmParameters.cs
@@ -0,0 +1,66 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+ public class GcmParameters
+ : Asn1Encodable
+ {
+ private const int DefaultIcvLen = 12;
+
+ private readonly byte[] m_nonce;
+ private readonly int m_icvLen;
+
+ public static GcmParameters GetInstance(object obj)
+ {
+ if (obj == null)
+ return null;
+ if (obj is GcmParameters gcmParameters)
+ return gcmParameters;
+ return new GcmParameters(Asn1Sequence.GetInstance(obj));
+ }
+
+ public static GcmParameters GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit)
+ {
+ return GetInstance(Asn1Sequence.GetInstance(taggedObject, declaredExplicit));
+ }
+
+ private GcmParameters(Asn1Sequence seq)
+ {
+ int count = seq.Count;
+ if (count < 1 || count > 2)
+ throw new ArgumentException("Bad sequence size: " + count, nameof(seq));
+
+ m_nonce = Asn1OctetString.GetInstance(seq[0]).GetOctets();
+
+ if (count > 1)
+ {
+ m_icvLen = DerInteger.GetInstance(seq[1]).IntValueExact;
+ }
+ else
+ {
+ m_icvLen = DefaultIcvLen;
+ }
+ }
+
+ public GcmParameters(byte[] nonce, int icvLen)
+ {
+ m_nonce = Arrays.Clone(nonce);
+ m_icvLen = icvLen;
+ }
+
+ public byte[] GetNonce() => Arrays.Clone(m_nonce);
+
+ public int IcvLen => m_icvLen;
+
+ public override Asn1Object ToAsn1Object()
+ {
+ var nonce = new DerOctetString(m_nonce);
+
+ return m_icvLen == DefaultIcvLen
+ ? new DerSequence(nonce)
+ : new DerSequence(nonce, new DerInteger(m_icvLen));
+ }
+ }
+}
diff --git a/crypto/src/security/ParameterUtilities.cs b/crypto/src/security/ParameterUtilities.cs
index d79f15359..d393e3d36 100644
--- a/crypto/src/security/ParameterUtilities.cs
+++ b/crypto/src/security/ParameterUtilities.cs
@@ -2,6 +2,7 @@ using System;
using System.Collections.Generic;
using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
using Org.BouncyCastle.Asn1.CryptoPro;
using Org.BouncyCastle.Asn1.Kisa;
using Org.BouncyCastle.Asn1.Misc;
@@ -246,6 +247,30 @@ namespace Org.BouncyCastle.Security
if (algorithm == null)
throw new ArgumentNullException("algorithm");
+ if (NistObjectIdentifiers.IdAes128Gcm.Id.Equals(algorithm) ||
+ NistObjectIdentifiers.IdAes192Gcm.Id.Equals(algorithm) ||
+ NistObjectIdentifiers.IdAes256Gcm.Id.Equals(algorithm))
+ {
+ if (!(key is KeyParameter keyParameter))
+ throw new ArgumentException("key data must be accessible for GCM operation");
+
+ var gcmParameters = GcmParameters.GetInstance(asn1Params);
+
+ return new AeadParameters(keyParameter, gcmParameters.IcvLen * 8, gcmParameters.GetNonce());
+ }
+
+ if (NistObjectIdentifiers.IdAes128Ccm.Id.Equals(algorithm) ||
+ NistObjectIdentifiers.IdAes192Ccm.Id.Equals(algorithm) ||
+ NistObjectIdentifiers.IdAes256Ccm.Id.Equals(algorithm))
+ {
+ if (!(key is KeyParameter keyParameter))
+ throw new ArgumentException("key data must be accessible for CCM operation");
+
+ var ccmParameters = CcmParameters.GetInstance(asn1Params);
+
+ return new AeadParameters(keyParameter, ccmParameters.IcvLen * 8, ccmParameters.GetNonce());
+ }
+
string canonical = GetCanonicalAlgorithmName(algorithm);
if (canonical == null)
|
