diff --git a/crypto/src/asn1/BERBitString.cs b/crypto/src/asn1/BERBitString.cs
new file mode 100644
index 000000000..d8cd00330
--- /dev/null
+++ b/crypto/src/asn1/BERBitString.cs
@@ -0,0 +1,43 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+ public class BerBitString
+ : DerBitString
+ {
+ public BerBitString(byte[] data, int padBits)
+ : base(data, padBits)
+ {
+ }
+
+ public BerBitString(byte[] data)
+ : base(data)
+ {
+ }
+
+ public BerBitString(int namedBits)
+ : base(namedBits)
+ {
+ }
+
+ public BerBitString(Asn1Encodable obj)
+ : base(obj)
+ {
+ }
+
+ internal override void Encode(
+ DerOutputStream derOut)
+ {
+ if (derOut is Asn1OutputStream || derOut is BerOutputStream)
+ {
+ derOut.WriteEncoded(Asn1Tags.BitString, (byte)mPadBits, mData);
+ }
+ else
+ {
+ base.Encode(derOut);
+ }
+ }
+ }
+}
diff --git a/crypto/src/asn1/DerBitString.cs b/crypto/src/asn1/DerBitString.cs
index d5cb872bc..ad7a7e349 100644
--- a/crypto/src/asn1/DerBitString.cs
+++ b/crypto/src/asn1/DerBitString.cs
@@ -1,6 +1,8 @@
using System;
+using System.Diagnostics;
using System.Text;
+using Org.BouncyCastle.Math;
using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Asn1
@@ -11,83 +13,10 @@ namespace Org.BouncyCastle.Asn1
private static readonly char[] table
= { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
- private readonly byte[] data;
- private readonly int padBits;
+ protected readonly byte[] mData;
+ protected readonly int mPadBits;
- /**
- * return the correct number of pad bits for a bit string defined in
- * a 32 bit constant
- */
- static internal int GetPadBits(
- int bitString)
- {
- int val = 0;
- for (int i = 3; i >= 0; i--)
- {
- //
- // this may look a little odd, but if it isn't done like this pre jdk1.2
- // JVM's break!
- //
- if (i != 0)
- {
- if ((bitString >> (i * 8)) != 0)
- {
- val = (bitString >> (i * 8)) & 0xFF;
- break;
- }
- }
- else
- {
- if (bitString != 0)
- {
- val = bitString & 0xFF;
- break;
- }
- }
- }
-
- if (val == 0)
- {
- return 7;
- }
-
- int bits = 1;
-
- while (((val <<= 1) & 0xFF) != 0)
- {
- bits++;
- }
-
- return 8 - bits;
- }
-
- /**
- * return the correct number of bytes for a bit string defined in
- * a 32 bit constant
- */
- static internal byte[] GetBytes(
- int bitString)
- {
- int bytes = 4;
- for (int i = 3; i >= 1; i--)
- {
- if ((bitString & (0xFF << (i * 8))) != 0)
- {
- break;
- }
- bytes--;
- }
-
- byte[] result = new byte[bytes];
- for (int i = 0; i < bytes; i++)
- {
- result[i] = (byte) ((bitString >> (i * 8)) & 0xFF);
- }
-
- return result;
- }
-
- /**
+ /**
* return a Bit string from the passed in object
*
* @exception ArgumentException if the object cannot be converted.
@@ -126,15 +55,7 @@ namespace Org.BouncyCastle.Asn1
return FromAsn1Octets(((Asn1OctetString)o).GetOctets());
}
- internal DerBitString(
- byte data,
- int padBits)
- {
- this.data = new byte[]{ data };
- this.padBits = padBits;
- }
-
- /**
+ /**
* @param data the octets making up the bit string.
* @param padBits the number of extra bits at the end of the string.
*/
@@ -142,67 +63,154 @@ namespace Org.BouncyCastle.Asn1
byte[] data,
int padBits)
{
- // TODO Deep copy?
- this.data = data;
- this.padBits = padBits;
+ if (data == null)
+ throw new ArgumentNullException("data");
+ if (padBits < 0 || padBits > 7)
+ throw new ArgumentException("must be in the range 0 to 7", "padBits");
+ if (data.Length == 0 && padBits != 0)
+ throw new ArgumentException("if 'data' is empty, 'padBits' must be 0");
+
+ this.mData = Arrays.Clone(data);
+ this.mPadBits = padBits;
}
public DerBitString(
byte[] data)
+ : this(data, 0)
{
- // TODO Deep copy?
- this.data = data;
}
- public DerBitString(
+ public DerBitString(
+ int namedBits)
+ {
+ if (namedBits == 0)
+ {
+ this.mData = new byte[0];
+ this.mPadBits = 0;
+ return;
+ }
+
+ int bits = BigInteger.BitLen(namedBits);
+ int bytes = (bits + 7) / 8;
+
+ Debug.Assert(0 < bytes && bytes <= 4);
+
+ byte[] result = new byte[bytes];
+ --bytes;
+
+ for (int i = 0; i < bytes; i++)
+ {
+ result[i] = (byte)namedBits;
+ namedBits >>= 8;
+ }
+
+ Debug.Assert((namedBits & 0xFF) != 0);
+
+ result[bytes] = (byte)namedBits;
+
+ int pad = 0;
+ while ((namedBits & (1 << pad)) == 0)
+ {
+ ++pad;
+ }
+
+ Debug.Assert(pad < 8);
+
+ this.mData = result;
+ this.mPadBits = pad;
+ }
+
+ public DerBitString(
Asn1Encodable obj)
+ : this(obj.GetDerEncoded())
{
- this.data = obj.GetDerEncoded();
- //this.padBits = 0;
}
- public byte[] GetBytes()
+ /**
+ * Return the octets contained in this BIT STRING, checking that this BIT STRING really
+ * does represent an octet aligned string. Only use this method when the standard you are
+ * following dictates that the BIT STRING will be octet aligned.
+ *
+ * @return a copy of the octet aligned data.
+ */
+ public virtual byte[] GetOctets()
+ {
+ if (mPadBits != 0)
+ throw new InvalidOperationException("attempt to get non-octet aligned data from BIT STRING");
+
+ return Arrays.Clone(mData);
+ }
+
+ public virtual byte[] GetBytes()
{
- return data;
+ byte[] data = Arrays.Clone(mData);
+
+ // DER requires pad bits be zero
+ if (mPadBits > 0)
+ {
+ data[data.Length - 1] &= (byte)(0xFF << mPadBits);
+ }
+
+ return data;
}
- public int PadBits
+ public virtual int PadBits
{
- get { return padBits; }
+ get { return mPadBits; }
}
/**
* @return the value of the bit string as an int (truncating if necessary)
*/
- public int IntValue
+ public virtual int IntValue
{
get
{
- int value = 0;
-
- for (int i = 0; i != data.Length && i != 4; i++)
- {
- value |= (data[i] & 0xff) << (8 * i);
- }
-
- return value;
+ int value = 0, length = System.Math.Min(4, mData.Length);
+ for (int i = 0; i < length; ++i)
+ {
+ value |= (int)mData[i] << (8 * i);
+ }
+ if (mPadBits > 0 && length == mData.Length)
+ {
+ int mask = (1 << mPadBits) - 1;
+ value &= ~(mask << (8 * (length - 1)));
+ }
+ return value;
}
}
- internal override void Encode(
+ internal override void Encode(
DerOutputStream derOut)
{
- byte[] bytes = new byte[GetBytes().Length + 1];
-
- bytes[0] = (byte) PadBits;
- Array.Copy(GetBytes(), 0, bytes, 1, bytes.Length - 1);
-
- derOut.WriteEncoded(Asn1Tags.BitString, bytes);
+ if (mPadBits > 0)
+ {
+ int last = mData[mData.Length - 1];
+ int mask = (1 << mPadBits) - 1;
+
+ if ((last & mask) != 0)
+ {
+ byte[] result = Arrays.Prepend(mData, (byte)mPadBits);
+
+ /*
+ * X.690-0207 11.2.1: Each unused bit in the final octet of the encoding of a bit string value shall be set to zero.
+ *
+ * NOTE: 'pad' is constrained to be 0 if 'bytes' are empty, in which case this is a no-op.
+ */
+ last ^= (last & mask);
+ result[result.Length - 1] &= (byte)last;
+
+ derOut.WriteEncoded(Asn1Tags.BitString, result);
+ return;
+ }
+ }
+
+ derOut.WriteEncoded(Asn1Tags.BitString, (byte)mPadBits, mData);
}
- protected override int Asn1GetHashCode()
+ protected override int Asn1GetHashCode()
{
- return padBits.GetHashCode() ^ Arrays.GetHashCode(data);
+ return mPadBits.GetHashCode() ^ Arrays.GetHashCode(mData);
}
protected override bool Asn1Equals(
@@ -213,8 +221,8 @@ namespace Org.BouncyCastle.Asn1
if (other == null)
return false;
- return this.padBits == other.padBits
- && Arrays.AreEqual(this.data, other.data);
+ return this.mPadBits == other.mPadBits
+ && Arrays.AreEqual(this.mData, other.mData);
}
public override string GetString()
@@ -236,12 +244,23 @@ namespace Org.BouncyCastle.Asn1
internal static DerBitString FromAsn1Octets(byte[] octets)
{
if (octets.Length < 1)
- throw new ArgumentException("truncated BIT STRING detected");
+ throw new ArgumentException("truncated BIT STRING detected", "octets");
+
+ int padBits = octets[0];
+ byte[] data = Arrays.CopyOfRange(octets, 1, octets.Length);
+
+ if (padBits > 0 && padBits < 8 && data.Length > 0)
+ {
+ int last = data[data.Length - 1];
+ int mask = (1 << padBits) - 1;
+
+ if ((last & mask) != 0)
+ {
+ return new BerBitString(data, padBits);
+ }
+ }
- int padBits = octets[0];
- byte[] data = new byte[octets.Length - 1];
- Array.Copy(octets, 1, data, 0, data.Length);
- return new DerBitString(data, padBits);
+ return new DerBitString(data, padBits);
}
}
}
diff --git a/crypto/src/asn1/DerOutputStream.cs b/crypto/src/asn1/DerOutputStream.cs
index c03d9dc11..69d5d5f28 100644
--- a/crypto/src/asn1/DerOutputStream.cs
+++ b/crypto/src/asn1/DerOutputStream.cs
@@ -19,7 +19,7 @@ namespace Org.BouncyCastle.Asn1
if (length > 127)
{
int size = 1;
- uint val = (uint) length;
+ uint val = (uint)length;
while ((val >>= 8) != 0)
{
@@ -43,18 +43,29 @@ namespace Org.BouncyCastle.Asn1
int tag,
byte[] bytes)
{
- WriteByte((byte) tag);
+ WriteByte((byte)tag);
WriteLength(bytes.Length);
Write(bytes, 0, bytes.Length);
}
- internal void WriteEncoded(
+ internal void WriteEncoded(
+ int tag,
+ byte first,
+ byte[] bytes)
+ {
+ WriteByte((byte)tag);
+ WriteLength(bytes.Length + 1);
+ WriteByte(first);
+ Write(bytes, 0, bytes.Length);
+ }
+
+ internal void WriteEncoded(
int tag,
byte[] bytes,
int offset,
int length)
{
- WriteByte((byte) tag);
+ WriteByte((byte)tag);
WriteLength(length);
Write(bytes, offset, length);
}
diff --git a/crypto/src/asn1/cmp/PKIFailureInfo.cs b/crypto/src/asn1/cmp/PKIFailureInfo.cs
index 1df0e0693..75a3ff0d7 100644
--- a/crypto/src/asn1/cmp/PKIFailureInfo.cs
+++ b/crypto/src/asn1/cmp/PKIFailureInfo.cs
@@ -2,66 +2,89 @@ using System;
namespace Org.BouncyCastle.Asn1.Cmp
{
- /**
- * <pre>
- * PKIFailureInfo ::= BIT STRING {
- * badAlg (0),
- * -- unrecognized or unsupported Algorithm Identifier
- * badMessageCheck (1), -- integrity check failed (e.g., signature did not verify)
- * badRequest (2),
- * -- transaction not permitted or supported
- * badTime (3), -- messageTime was not sufficiently close to the system time, as defined by local policy
- * badCertId (4), -- no certificate could be found matching the provided criteria
- * badDataFormat (5),
- * -- the data submitted has the wrong format
- * wrongAuthority (6), -- the authority indicated in the request is different from the one creating the response token
- * incorrectData (7), -- the requester's data is incorrect (for notary services)
- * missingTimeStamp (8), -- when the timestamp is missing but should be there (by policy)
- * badPOP (9) -- the proof-of-possession failed
- * timeNotAvailable (14),
- * -- the TSA's time source is not available
- * unacceptedPolicy (15),
- * -- the requested TSA policy is not supported by the TSA
- * unacceptedExtension (16),
- * -- the requested extension is not supported by the TSA
- * addInfoNotAvailable (17)
- * -- the additional information requested could not be understood
- * -- or is not available
- * systemFailure (25)
- * -- the request cannot be handled due to system failure
- * </pre>
- */
+ /**
+ * <pre>
+ * PKIFailureInfo ::= BIT STRING {
+ * badAlg (0),
+ * -- unrecognized or unsupported Algorithm Identifier
+ * badMessageCheck (1), -- integrity check failed (e.g., signature did not verify)
+ * badRequest (2),
+ * -- transaction not permitted or supported
+ * badTime (3), -- messageTime was not sufficiently close to the system time, as defined by local policy
+ * badCertId (4), -- no certificate could be found matching the provided criteria
+ * badDataFormat (5),
+ * -- the data submitted has the wrong format
+ * wrongAuthority (6), -- the authority indicated in the request is different from the one creating the response token
+ * incorrectData (7), -- the requester's data is incorrect (for notary services)
+ * missingTimeStamp (8), -- when the timestamp is missing but should be there (by policy)
+ * badPOP (9) -- the proof-of-possession failed
+ * certRevoked (10),
+ * certConfirmed (11),
+ * wrongIntegrity (12),
+ * badRecipientNonce (13),
+ * timeNotAvailable (14),
+ * -- the TSA's time source is not available
+ * unacceptedPolicy (15),
+ * -- the requested TSA policy is not supported by the TSA
+ * unacceptedExtension (16),
+ * -- the requested extension is not supported by the TSA
+ * addInfoNotAvailable (17)
+ * -- the additional information requested could not be understood
+ * -- or is not available
+ * badSenderNonce (18),
+ * badCertTemplate (19),
+ * signerNotTrusted (20),
+ * transactionIdInUse (21),
+ * unsupportedVersion (22),
+ * notAuthorized (23),
+ * systemUnavail (24),
+ * systemFailure (25),
+ * -- the request cannot be handled due to system failure
+ * duplicateCertReq (26)
+ * </pre>
+ */
public class PkiFailureInfo
: DerBitString
{
- public const int BadAlg = (1 << 7); // unrecognized or unsupported Algorithm Identifier
- public const int BadMessageCheck = (1 << 6); // integrity check failed (e.g., signature did not verify)
- public const int BadRequest = (1 << 5);
- public const int BadTime = (1 << 4); // -- messageTime was not sufficiently close to the system time, as defined by local policy
- public const int BadCertId = (1 << 3); // no certificate could be found matching the provided criteria
- public const int BadDataFormat = (1 << 2);
- public const int WrongAuthority = (1 << 1); // the authority indicated in the request is different from the one creating the response token
- public const int IncorrectData = 1; // the requester's data is incorrect (for notary services)
- public const int MissingTimeStamp = (1 << 15); // when the timestamp is missing but should be there (by policy)
- public const int BadPop = (1 << 14); // the proof-of-possession failed
- public const int TimeNotAvailable = (1 << 9); // the TSA's time source is not available
- public const int UnacceptedPolicy = (1 << 8); // the requested TSA policy is not supported by the TSA
- public const int UnacceptedExtension = (1 << 23); //the requested extension is not supported by the TSA
- public const int AddInfoNotAvailable = (1 << 22); //the additional information requested could not be understood or is not available
- public const int SystemFailure = (1 << 30); //the request cannot be handled due to system failure
+ public const int BadAlg = (1 << 7); // unrecognized or unsupported Algorithm Identifier
+ public const int BadMessageCheck = (1 << 6); // integrity check failed (e.g., signature did not verify)
+ public const int BadRequest = (1 << 5);
+ public const int BadTime = (1 << 4); // -- messageTime was not sufficiently close to the system time, as defined by local policy
+ public const int BadCertId = (1 << 3); // no certificate could be found matching the provided criteria
+ public const int BadDataFormat = (1 << 2);
+ public const int WrongAuthority = (1 << 1); // the authority indicated in the request is different from the one creating the response token
+ public const int IncorrectData = 1; // the requester's data is incorrect (for notary services)
+ public const int MissingTimeStamp = (1 << 15); // when the timestamp is missing but should be there (by policy)
+ public const int BadPop = (1 << 14); // the proof-of-possession failed
+ public const int CertRevoked = (1 << 13);
+ public const int CertConfirmed = (1 << 12);
+ public const int WrongIntegrity = (1 << 11);
+ public const int BadRecipientNonce = (1 << 10);
+ public const int TimeNotAvailable = (1 << 9); // the TSA's time source is not available
+ public const int UnacceptedPolicy = (1 << 8); // the requested TSA policy is not supported by the TSA
+ public const int UnacceptedExtension = (1 << 23); //the requested extension is not supported by the TSA
+ public const int AddInfoNotAvailable = (1 << 22); //the additional information requested could not be understood or is not available
+ public const int BadSenderNonce = (1 << 21);
+ public const int BadCertTemplate = (1 << 20);
+ public const int SignerNotTrusted = (1 << 19);
+ public const int TransactionIdInUse = (1 << 18);
+ public const int UnsupportedVersion = (1 << 17);
+ public const int NotAuthorized = (1 << 16);
+ public const int SystemUnavail = (1 << 31);
+ public const int SystemFailure = (1 << 30); //the request cannot be handled due to system failure
+ public const int DuplicateCertReq = (1 << 29);
- /**
+ /**
* Basic constructor.
*/
- public PkiFailureInfo(
- int info)
- : base(GetBytes(info), GetPadBits(info))
+ public PkiFailureInfo(int info)
+ : base(info)
{
}
public PkiFailureInfo(
DerBitString info)
- : base(info.GetBytes(), info.PadBits)
+ : base(info.GetBytes(), info.PadBits)
{
}
diff --git a/crypto/src/asn1/ess/OtherCertID.cs b/crypto/src/asn1/ess/OtherCertID.cs
index 972ef8c6b..3d221b0ec 100644
--- a/crypto/src/asn1/ess/OtherCertID.cs
+++ b/crypto/src/asn1/ess/OtherCertID.cs
@@ -1,5 +1,6 @@
using System;
+using Org.BouncyCastle.Asn1.Oiw;
using Org.BouncyCastle.Asn1.X509;
namespace Org.BouncyCastle.Asn1.Ess
@@ -78,7 +79,7 @@ namespace Org.BouncyCastle.Asn1.Ess
if (otherCertHash.ToAsn1Object() is Asn1OctetString)
{
// SHA-1
- return new AlgorithmIdentifier("1.3.14.3.2.26");
+ return new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1);
}
return DigestInfo.GetInstance(otherCertHash).AlgorithmID;
diff --git a/crypto/src/asn1/misc/NetscapeCertType.cs b/crypto/src/asn1/misc/NetscapeCertType.cs
index d5db6523d..d809eae66 100644
--- a/crypto/src/asn1/misc/NetscapeCertType.cs
+++ b/crypto/src/asn1/misc/NetscapeCertType.cs
@@ -36,7 +36,7 @@ namespace Org.BouncyCastle.Asn1.Misc
* e.g. (X509NetscapeCertType.sslCA | X509NetscapeCertType.smimeCA)
*/
public NetscapeCertType(int usage)
- : base(GetBytes(usage), GetPadBits(usage))
+ : base(usage)
{
}
diff --git a/crypto/src/asn1/ocsp/BasicOCSPResponse.cs b/crypto/src/asn1/ocsp/BasicOCSPResponse.cs
index dd666addf..064335ae8 100644
--- a/crypto/src/asn1/ocsp/BasicOCSPResponse.cs
+++ b/crypto/src/asn1/ocsp/BasicOCSPResponse.cs
@@ -94,7 +94,12 @@ namespace Org.BouncyCastle.Asn1.Ocsp
get { return signature; }
}
- [Obsolete("Use Certs property instead")]
+ public byte[] GetSignatureOctets()
+ {
+ return signature.GetOctets();
+ }
+
+ [Obsolete("Use Certs property instead")]
public Asn1Sequence GetCerts()
{
return certs;
diff --git a/crypto/src/asn1/ocsp/Signature.cs b/crypto/src/asn1/ocsp/Signature.cs
index a07e7a709..df6f43332 100644
--- a/crypto/src/asn1/ocsp/Signature.cs
+++ b/crypto/src/asn1/ocsp/Signature.cs
@@ -80,7 +80,12 @@ namespace Org.BouncyCastle.Asn1.Ocsp
get { return signatureValue; }
}
- public Asn1Sequence Certs
+ public byte[] GetSignatureOctets()
+ {
+ return signatureValue.GetOctets();
+ }
+
+ public Asn1Sequence Certs
{
get { return certs; }
}
diff --git a/crypto/src/asn1/pkcs/CertificationRequest.cs b/crypto/src/asn1/pkcs/CertificationRequest.cs
index 32b1612d2..35bdd56eb 100644
--- a/crypto/src/asn1/pkcs/CertificationRequest.cs
+++ b/crypto/src/asn1/pkcs/CertificationRequest.cs
@@ -73,7 +73,12 @@ namespace Org.BouncyCastle.Asn1.Pkcs
get { return sigBits; }
}
- public override Asn1Object ToAsn1Object()
+ public byte[] GetSignatureOctets()
+ {
+ return sigBits.GetOctets();
+ }
+
+ public override Asn1Object ToAsn1Object()
{
return new DerSequence(reqInfo, sigAlgId, sigBits);
}
diff --git a/crypto/src/asn1/pkcs/EncryptionScheme.cs b/crypto/src/asn1/pkcs/EncryptionScheme.cs
index 5b64d6f67..ff9103d12 100644
--- a/crypto/src/asn1/pkcs/EncryptionScheme.cs
+++ b/crypto/src/asn1/pkcs/EncryptionScheme.cs
@@ -43,7 +43,7 @@ namespace Org.BouncyCastle.Asn1.Pkcs
public override Asn1Object ToAsn1Object()
{
- return new DerSequence(ObjectID, Parameters);
+ return new DerSequence(Algorithm, Parameters);
}
}
}
diff --git a/crypto/src/asn1/x509/AttributeCertificate.cs b/crypto/src/asn1/x509/AttributeCertificate.cs
index 5f85910da..41893b6b4 100644
--- a/crypto/src/asn1/x509/AttributeCertificate.cs
+++ b/crypto/src/asn1/x509/AttributeCertificate.cs
@@ -63,7 +63,12 @@ namespace Org.BouncyCastle.Asn1.X509
get { return signatureValue; }
}
- /**
+ public byte[] GetSignatureOctets()
+ {
+ return signatureValue.GetOctets();
+ }
+
+ /**
* Produce an object suitable for an Asn1OutputStream.
* <pre>
* AttributeCertificate ::= Sequence {
diff --git a/crypto/src/asn1/x509/CertificateList.cs b/crypto/src/asn1/x509/CertificateList.cs
index 0412e0816..567cf132a 100644
--- a/crypto/src/asn1/x509/CertificateList.cs
+++ b/crypto/src/asn1/x509/CertificateList.cs
@@ -80,7 +80,12 @@ namespace Org.BouncyCastle.Asn1.X509
get { return sig; }
}
- public int Version
+ public byte[] GetSignatureOctets()
+ {
+ return sig.GetOctets();
+ }
+
+ public int Version
{
get { return tbsCertList.Version; }
}
diff --git a/crypto/src/asn1/x509/KeyUsage.cs b/crypto/src/asn1/x509/KeyUsage.cs
index fef04e8b9..aeaffb708 100644
--- a/crypto/src/asn1/x509/KeyUsage.cs
+++ b/crypto/src/asn1/x509/KeyUsage.cs
@@ -53,9 +53,8 @@ namespace Org.BouncyCastle.Asn1.X509
* allowed uses for the key.
* e.g. (KeyUsage.keyEncipherment | KeyUsage.dataEncipherment)
*/
- public KeyUsage(
- int usage)
- : base(GetBytes(usage), GetPadBits(usage))
+ public KeyUsage(int usage)
+ : base(usage)
{
}
diff --git a/crypto/src/asn1/x509/ReasonFlags.cs b/crypto/src/asn1/x509/ReasonFlags.cs
index f204c36aa..ad45e84ae 100644
--- a/crypto/src/asn1/x509/ReasonFlags.cs
+++ b/crypto/src/asn1/x509/ReasonFlags.cs
@@ -31,13 +31,12 @@ namespace Org.BouncyCastle.Asn1.X509
* @param reasons - the bitwise OR of the Key Reason flags giving the
* allowed uses for the key.
*/
- public ReasonFlags(
- int reasons)
- : base(GetBytes(reasons), GetPadBits(reasons))
+ public ReasonFlags(int reasons)
+ : base(reasons)
{
}
- public ReasonFlags(
+ public ReasonFlags(
DerBitString reasons)
: base(reasons.GetBytes(), reasons.PadBits)
{
diff --git a/crypto/src/asn1/x509/SubjectPublicKeyInfo.cs b/crypto/src/asn1/x509/SubjectPublicKeyInfo.cs
index 8ce4b2762..477329b7e 100644
--- a/crypto/src/asn1/x509/SubjectPublicKeyInfo.cs
+++ b/crypto/src/asn1/x509/SubjectPublicKeyInfo.cs
@@ -75,7 +75,7 @@ namespace Org.BouncyCastle.Asn1.X509
*/
public Asn1Object GetPublicKey()
{
- return Asn1Object.FromByteArray(keyData.GetBytes());
+ return Asn1Object.FromByteArray(keyData.GetOctets());
}
/**
diff --git a/crypto/src/asn1/x509/X509CertificateStructure.cs b/crypto/src/asn1/x509/X509CertificateStructure.cs
index c8558ae61..6e7c85de6 100644
--- a/crypto/src/asn1/x509/X509CertificateStructure.cs
+++ b/crypto/src/asn1/x509/X509CertificateStructure.cs
@@ -119,6 +119,11 @@ namespace Org.BouncyCastle.Asn1.X509
get { return sig; }
}
+ public byte[] GetSignatureOctets()
+ {
+ return sig.GetOctets();
+ }
+
public override Asn1Object ToAsn1Object()
{
return new DerSequence(tbsCert, sigAlgID, sig);
diff --git a/crypto/src/cms/CMSAuthenticatedData.cs b/crypto/src/cms/CMSAuthenticatedData.cs
index 5e234da2b..33b4cc22c 100644
--- a/crypto/src/cms/CMSAuthenticatedData.cs
+++ b/crypto/src/cms/CMSAuthenticatedData.cs
@@ -83,7 +83,7 @@ namespace Org.BouncyCastle.Cms
*/
public string MacAlgOid
{
- get { return macAlg.ObjectID.Id; }
+ get { return macAlg.Algorithm.Id; }
}
/**
diff --git a/crypto/src/cms/CMSAuthenticatedDataParser.cs b/crypto/src/cms/CMSAuthenticatedDataParser.cs
index c99aac61c..7defafc07 100644
--- a/crypto/src/cms/CMSAuthenticatedDataParser.cs
+++ b/crypto/src/cms/CMSAuthenticatedDataParser.cs
@@ -111,7 +111,7 @@ namespace Org.BouncyCastle.Cms
*/
public string MacAlgOid
{
- get { return macAlg.ObjectID.Id; }
+ get { return macAlg.Algorithm.Id; }
}
diff --git a/crypto/src/cms/CMSAuthenticatedDataStreamGenerator.cs b/crypto/src/cms/CMSAuthenticatedDataStreamGenerator.cs
index a135cdd11..4d18d10d4 100644
--- a/crypto/src/cms/CMSAuthenticatedDataStreamGenerator.cs
+++ b/crypto/src/cms/CMSAuthenticatedDataStreamGenerator.cs
@@ -165,7 +165,7 @@ namespace Org.BouncyCastle.Cms
Stream octetOutputStream = CmsUtilities.CreateBerOctetOutputStream(
eiGen.GetRawOutputStream(), 0, false, _bufferSize);
- IMac mac = MacUtilities.GetMac(macAlgId.ObjectID);
+ IMac mac = MacUtilities.GetMac(macAlgId.Algorithm);
// TODO Confirm no ParametersWithRandom needed
mac.Init(cipherParameters);
Stream mOut = new TeeOutputStream(octetOutputStream, new MacOutputStream(mac));
diff --git a/crypto/src/cms/CMSEnvelopedData.cs b/crypto/src/cms/CMSEnvelopedData.cs
index 0731c307e..223d0ca73 100644
--- a/crypto/src/cms/CMSEnvelopedData.cs
+++ b/crypto/src/cms/CMSEnvelopedData.cs
@@ -73,7 +73,7 @@ namespace Org.BouncyCastle.Cms
*/
public string EncryptionAlgOid
{
- get { return encAlg.ObjectID.Id; }
+ get { return encAlg.Algorithm.Id; }
}
/**
diff --git a/crypto/src/cms/CMSEnvelopedDataParser.cs b/crypto/src/cms/CMSEnvelopedDataParser.cs
index 01a949d47..d5dfaf53d 100644
--- a/crypto/src/cms/CMSEnvelopedDataParser.cs
+++ b/crypto/src/cms/CMSEnvelopedDataParser.cs
@@ -101,7 +101,7 @@ namespace Org.BouncyCastle.Cms
*/
public string EncryptionAlgOid
{
- get { return _encAlg.ObjectID.Id; }
+ get { return _encAlg.Algorithm.Id; }
}
/**
diff --git a/crypto/src/cms/CMSEnvelopedDataStreamGenerator.cs b/crypto/src/cms/CMSEnvelopedDataStreamGenerator.cs
index 0a9e5bece..e0822aa8b 100644
--- a/crypto/src/cms/CMSEnvelopedDataStreamGenerator.cs
+++ b/crypto/src/cms/CMSEnvelopedDataStreamGenerator.cs
@@ -166,7 +166,7 @@ namespace Org.BouncyCastle.Cms
Stream octetOutputStream = CmsUtilities.CreateBerOctetOutputStream(
eiGen.GetRawOutputStream(), 0, false, _bufferSize);
- IBufferedCipher cipher = CipherUtilities.GetCipher(encAlgID.ObjectID);
+ IBufferedCipher cipher = CipherUtilities.GetCipher(encAlgID.Algorithm);
cipher.Init(true, new ParametersWithRandom(cipherParameters, rand));
CipherStream cOut = new CipherStream(octetOutputStream, null, cipher);
diff --git a/crypto/src/cms/CMSEnvelopedHelper.cs b/crypto/src/cms/CMSEnvelopedHelper.cs
index fe2b14cd9..77d2da47a 100644
--- a/crypto/src/cms/CMSEnvelopedHelper.cs
+++ b/crypto/src/cms/CMSEnvelopedHelper.cs
@@ -160,7 +160,7 @@ namespace Org.BouncyCastle.Cms
public CmsReadable GetReadable(KeyParameter sKey)
{
- string macAlg = this.algorithm.ObjectID.Id;
+ string macAlg = this.algorithm.Algorithm.Id;
// Asn1Object sParams = this.algorithm.Parameters.ToAsn1Object();
try
@@ -190,11 +190,11 @@ namespace Org.BouncyCastle.Cms
// if (asn1Params != null && !(asn1Params is Asn1Null))
// {
// cipherParameters = ParameterUtilities.GetCipherParameters(
-// macAlg.ObjectID, cipherParameters, asn1Params);
+// macAlg.Algorithm, cipherParameters, asn1Params);
// }
// else
// {
-// string alg = macAlg.ObjectID.Id;
+// string alg = macAlg.Algorithm.Id;
// if (alg.Equals(CmsEnvelopedDataGenerator.DesEde3Cbc)
// || alg.Equals(CmsEnvelopedDataGenerator.IdeaCbc)
// || alg.Equals(CmsEnvelopedDataGenerator.Cast5Cbc))
@@ -258,7 +258,7 @@ namespace Org.BouncyCastle.Cms
{
try
{
- this.cipher = CipherUtilities.GetCipher(this.algorithm.ObjectID);
+ this.cipher = CipherUtilities.GetCipher(this.algorithm.Algorithm);
Asn1Encodable asn1Enc = this.algorithm.Parameters;
Asn1Object asn1Params = asn1Enc == null ? null : asn1Enc.ToAsn1Object();
@@ -268,11 +268,11 @@ namespace Org.BouncyCastle.Cms
if (asn1Params != null && !(asn1Params is Asn1Null))
{
cipherParameters = ParameterUtilities.GetCipherParameters(
- this.algorithm.ObjectID, cipherParameters, asn1Params);
+ this.algorithm.Algorithm, cipherParameters, asn1Params);
}
else
{
- string alg = this.algorithm.ObjectID.Id;
+ string alg = this.algorithm.Algorithm.Id;
if (alg.Equals(CmsEnvelopedDataGenerator.DesEde3Cbc)
|| alg.Equals(CmsEnvelopedDataGenerator.IdeaCbc)
|| alg.Equals(CmsEnvelopedDataGenerator.Cast5Cbc))
diff --git a/crypto/src/cms/CMSPBEKey.cs b/crypto/src/cms/CMSPBEKey.cs
index cb1e54c36..e03307e57 100644
--- a/crypto/src/cms/CMSPBEKey.cs
+++ b/crypto/src/cms/CMSPBEKey.cs
@@ -50,9 +50,9 @@ namespace Org.BouncyCastle.Cms
char[] password,
AlgorithmIdentifier keyDerivationAlgorithm)
{
- if (!keyDerivationAlgorithm.ObjectID.Equals(PkcsObjectIdentifiers.IdPbkdf2))
+ if (!keyDerivationAlgorithm.Algorithm.Equals(PkcsObjectIdentifiers.IdPbkdf2))
throw new ArgumentException("Unsupported key derivation algorithm: "
- + keyDerivationAlgorithm.ObjectID);
+ + keyDerivationAlgorithm.Algorithm);
Pbkdf2Params kdfParams = Pbkdf2Params.GetInstance(
keyDerivationAlgorithm.Parameters.ToAsn1Object());
diff --git a/crypto/src/cms/CMSSignedData.cs b/crypto/src/cms/CMSSignedData.cs
index 81c87a426..237c1528e 100644
--- a/crypto/src/cms/CMSSignedData.cs
+++ b/crypto/src/cms/CMSSignedData.cs
@@ -172,7 +172,7 @@ namespace Org.BouncyCastle.Cms
}
else
{
- byte[] hash = (byte[]) hashes[info.DigestAlgorithm.ObjectID.Id];
+ byte[] hash = (byte[])hashes[info.DigestAlgorithm.Algorithm.Id];
signerInfos.Add(new SignerInformation(info, contentType, null, new BaseDigestCalculator(hash)));
}
diff --git a/crypto/src/cms/CMSSignedDataParser.cs b/crypto/src/cms/CMSSignedDataParser.cs
index e5e6edc58..fb51ab119 100644
--- a/crypto/src/cms/CMSSignedDataParser.cs
+++ b/crypto/src/cms/CMSSignedDataParser.cs
@@ -122,7 +122,7 @@ namespace Org.BouncyCastle.Cms
try
{
- string digestOid = id.ObjectID.Id;
+ string digestOid = id.Algorithm.Id;
string digestName = Helper.GetDigestAlgName(digestOid);
if (!this._digests.Contains(digestName))
@@ -216,7 +216,7 @@ namespace Org.BouncyCastle.Cms
{
SignerInfo info = SignerInfo.GetInstance(o.ToAsn1Object());
string digestName = Helper.GetDigestAlgName(
- info.DigestAlgorithm.ObjectID.Id);
+ info.DigestAlgorithm.Algorithm.Id);
byte[] hash = (byte[]) hashes[digestName];
diff --git a/crypto/src/cms/CMSSignedDataStreamGenerator.cs b/crypto/src/cms/CMSSignedDataStreamGenerator.cs
index 59837e397..55fde90df 100644
--- a/crypto/src/cms/CMSSignedDataStreamGenerator.cs
+++ b/crypto/src/cms/CMSSignedDataStreamGenerator.cs
@@ -459,7 +459,7 @@ namespace Org.BouncyCastle.Cms
// NB: Would need to call FixAlgID on the DigestAlgorithmID
// For precalculated signers, just need to register the algorithm, not configure a digest
- RegisterDigestOid(si.DigestAlgorithmID.ObjectID.Id);
+ RegisterDigestOid(si.DigestAlgorithmID.Algorithm.Id);
}
/**
diff --git a/crypto/src/cms/CMSSignedHelper.cs b/crypto/src/cms/CMSSignedHelper.cs
index 23657ef86..5b6c93b6a 100644
--- a/crypto/src/cms/CMSSignedHelper.cs
+++ b/crypto/src/cms/CMSSignedHelper.cs
@@ -348,7 +348,7 @@ namespace Org.BouncyCastle.Cms
AlgorithmIdentifier algId)
{
if (algId.Parameters == null)
- return new AlgorithmIdentifier(algId.ObjectID, DerNull.Instance);
+ return new AlgorithmIdentifier(algId.Algorithm, DerNull.Instance);
return algId;
}
diff --git a/crypto/src/cms/KEKRecipientInfoGenerator.cs b/crypto/src/cms/KEKRecipientInfoGenerator.cs
index a9bedade6..c66f27547 100644
--- a/crypto/src/cms/KEKRecipientInfoGenerator.cs
+++ b/crypto/src/cms/KEKRecipientInfoGenerator.cs
@@ -52,7 +52,7 @@ namespace Org.BouncyCastle.Cms
{
byte[] keyBytes = contentEncryptionKey.GetKey();
- IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionAlgorithm.ObjectID.Id);
+ IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionAlgorithm.Algorithm.Id);
keyWrapper.Init(true, new ParametersWithRandom(keyEncryptionKey, random));
Asn1OctetString encryptedKey = new DerOctetString(
keyWrapper.Wrap(keyBytes, 0, keyBytes.Length));
diff --git a/crypto/src/cms/KEKRecipientInformation.cs b/crypto/src/cms/KEKRecipientInformation.cs
index f960197d6..871dc76d4 100644
--- a/crypto/src/cms/KEKRecipientInformation.cs
+++ b/crypto/src/cms/KEKRecipientInformation.cs
@@ -40,7 +40,7 @@ namespace Org.BouncyCastle.Cms
try
{
byte[] encryptedKey = info.EncryptedKey.GetOctets();
- IWrapper keyWrapper = WrapperUtilities.GetWrapper(keyEncAlg.ObjectID.Id);
+ IWrapper keyWrapper = WrapperUtilities.GetWrapper(keyEncAlg.Algorithm.Id);
keyWrapper.Init(false, key);
diff --git a/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs b/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs
index 4fafb7c6e..6bd2cea91 100644
--- a/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs
+++ b/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs
@@ -164,7 +164,7 @@ namespace Org.BouncyCastle.Cms
{
SubjectPublicKeyInfo spki = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
return new OriginatorPublicKey(
- new AlgorithmIdentifier(spki.AlgorithmID.ObjectID, DerNull.Instance),
+ new AlgorithmIdentifier(spki.AlgorithmID.Algorithm, DerNull.Instance),
spki.PublicKeyData.GetBytes());
}
}
diff --git a/crypto/src/cms/KeyAgreeRecipientInformation.cs b/crypto/src/cms/KeyAgreeRecipientInformation.cs
index 8e006e545..73e57a76a 100644
--- a/crypto/src/cms/KeyAgreeRecipientInformation.cs
+++ b/crypto/src/cms/KeyAgreeRecipientInformation.cs
@@ -130,7 +130,7 @@ namespace Org.BouncyCastle.Cms
AsymmetricKeyParameter senderPublicKey,
AsymmetricKeyParameter receiverPrivateKey)
{
- DerObjectIdentifier agreeAlgID = keyEncAlg.ObjectID;
+ DerObjectIdentifier agreeAlgID = keyEncAlg.Algorithm;
ICipherParameters senderPublicParams = senderPublicKey;
ICipherParameters receiverPrivateParams = receiverPrivateKey;
diff --git a/crypto/src/cms/KeyTransRecipientInfoGenerator.cs b/crypto/src/cms/KeyTransRecipientInfoGenerator.cs
index 0992e6da6..a1d8fbfa8 100644
--- a/crypto/src/cms/KeyTransRecipientInfoGenerator.cs
+++ b/crypto/src/cms/KeyTransRecipientInfoGenerator.cs
@@ -64,7 +64,7 @@ namespace Org.BouncyCastle.Cms
byte[] keyBytes = contentEncryptionKey.GetKey();
AlgorithmIdentifier keyEncryptionAlgorithm = info.AlgorithmID;
- IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionAlgorithm.ObjectID.Id);
+ IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionAlgorithm.Algorithm.Id);
keyWrapper.Init(true, new ParametersWithRandom(recipientPublicKey, random));
byte[] encryptedKeyBytes = keyWrapper.Wrap(keyBytes, 0, keyBytes.Length);
diff --git a/crypto/src/cms/KeyTransRecipientInformation.cs b/crypto/src/cms/KeyTransRecipientInformation.cs
index 24121cb2c..3b1ea7b5e 100644
--- a/crypto/src/cms/KeyTransRecipientInformation.cs
+++ b/crypto/src/cms/KeyTransRecipientInformation.cs
@@ -68,7 +68,7 @@ namespace Org.BouncyCastle.Cms
internal KeyParameter UnwrapKey(ICipherParameters key)
{
byte[] encryptedKey = info.EncryptedKey.GetOctets();
- string keyExchangeAlgorithm = GetExchangeEncryptionAlgorithmName(keyEncAlg.ObjectID);
+ string keyExchangeAlgorithm = GetExchangeEncryptionAlgorithmName(keyEncAlg.Algorithm);
try
{
diff --git a/crypto/src/cms/RecipientInformation.cs b/crypto/src/cms/RecipientInformation.cs
index 8b0316be4..272b841f2 100644
--- a/crypto/src/cms/RecipientInformation.cs
+++ b/crypto/src/cms/RecipientInformation.cs
@@ -33,8 +33,8 @@ namespace Org.BouncyCastle.Cms
internal string GetContentAlgorithmName()
{
AlgorithmIdentifier algorithm = secureReadable.Algorithm;
-// return CmsEnvelopedHelper.Instance.GetSymmetricCipherName(algorithm.ObjectID.Id);
- return algorithm.ObjectID.Id;
+// return CmsEnvelopedHelper.Instance.GetSymmetricCipherName(algorithm.Algorithm.Id);
+ return algorithm.Algorithm.Id;
}
public RecipientID RecipientID
@@ -54,7 +54,7 @@ namespace Org.BouncyCastle.Cms
*/
public string KeyEncryptionAlgOid
{
- get { return keyEncAlg.ObjectID.Id; }
+ get { return keyEncAlg.Algorithm.Id; }
}
/**
diff --git a/crypto/src/cms/SignerInformation.cs b/crypto/src/cms/SignerInformation.cs
index 581286a3f..dad128263 100644
--- a/crypto/src/cms/SignerInformation.cs
+++ b/crypto/src/cms/SignerInformation.cs
@@ -117,7 +117,7 @@ namespace Org.BouncyCastle.Cms
*/
public string DigestAlgOid
{
- get { return digestAlgorithm.ObjectID.Id; }
+ get { return digestAlgorithm.Algorithm.Id; }
}
/**
@@ -156,7 +156,7 @@ namespace Org.BouncyCastle.Cms
*/
public string EncryptionAlgOid
{
- get { return encryptionAlgorithm.ObjectID.Id; }
+ get { return encryptionAlgorithm.Algorithm.Id; }
}
/**
@@ -272,7 +272,7 @@ namespace Org.BouncyCastle.Cms
*/
SignerInfo si = SignerInfo.GetInstance(asn1Obj.ToAsn1Object());
- string digestName = CmsSignedHelper.Instance.GetDigestAlgName(si.DigestAlgorithm.ObjectID.Id);
+ string digestName = CmsSignedHelper.Instance.GetDigestAlgName(si.DigestAlgorithm.Algorithm.Id);
counterSignatures.Add(new SignerInformation(si, null, null, new CounterSignatureDigestCalculator(digestName, GetSignature())));
}
@@ -298,7 +298,7 @@ namespace Org.BouncyCastle.Cms
string digestName = Helper.GetDigestAlgName(this.DigestAlgOid);
IDigest digest = Helper.GetDigestInstance(digestName);
- DerObjectIdentifier sigAlgOid = this.encryptionAlgorithm.ObjectID;
+ DerObjectIdentifier sigAlgOid = this.encryptionAlgorithm.Algorithm;
Asn1Encodable sigParams = this.encryptionAlgorithm.Parameters;
ISigner sig;
@@ -318,12 +318,12 @@ namespace Org.BouncyCastle.Cms
Asn1.Pkcs.RsassaPssParameters pss = Asn1.Pkcs.RsassaPssParameters.GetInstance(
sigParams.ToAsn1Object());
- if (!pss.HashAlgorithm.ObjectID.Equals(this.digestAlgorithm.ObjectID))
+ if (!pss.HashAlgorithm.Algorithm.Equals(this.digestAlgorithm.Algorithm))
throw new CmsException("RSASSA-PSS signature parameters specified incorrect hash algorithm");
- if (!pss.MaskGenAlgorithm.ObjectID.Equals(Asn1.Pkcs.PkcsObjectIdentifiers.IdMgf1))
+ if (!pss.MaskGenAlgorithm.Algorithm.Equals(Asn1.Pkcs.PkcsObjectIdentifiers.IdMgf1))
throw new CmsException("RSASSA-PSS signature parameters specified unknown MGF");
- IDigest pssDigest = DigestUtilities.GetDigest(pss.HashAlgorithm.ObjectID);
+ IDigest pssDigest = DigestUtilities.GetDigest(pss.HashAlgorithm.Algorithm);
int saltLength = pss.SaltLength.Value.IntValue;
byte trailerField = (byte) pss.TrailerField.Value.IntValue;
@@ -532,7 +532,7 @@ namespace Org.BouncyCastle.Cms
DigestInfo digInfo = DerDecode(decrypt);
- if (!digInfo.AlgorithmID.ObjectID.Equals(digestAlgorithm.ObjectID))
+ if (!digInfo.AlgorithmID.Algorithm.Equals(digestAlgorithm.Algorithm))
{
return false;
}
diff --git a/crypto/src/crypto/modes/SicBlockCipher.cs b/crypto/src/crypto/modes/SicBlockCipher.cs
index 239f99478..0bea4a455 100644
--- a/crypto/src/crypto/modes/SicBlockCipher.cs
+++ b/crypto/src/crypto/modes/SicBlockCipher.cs
@@ -56,16 +56,18 @@ namespace Org.BouncyCastle.Crypto.Modes
if (blockSize < IV.Length)
throw new ArgumentException("CTR/SIC mode requires IV no greater than: " + blockSize + " bytes.");
- if (blockSize - IV.Length > 8)
- throw new ArgumentException("CTR/SIC mode requires IV of at least: " + (blockSize - 8) + " bytes.");
- Reset();
+ int maxCounterSize = System.Math.Min(8, blockSize / 2);
+ if (blockSize - IV.Length > maxCounterSize)
+ throw new ArgumentException("CTR/SIC mode requires IV of at least: " + (blockSize - maxCounterSize) + " bytes.");
// if null it's an IV changed only.
if (ivParam.Parameters != null)
{
cipher.Init(true, ivParam.Parameters);
}
+
+ Reset();
}
public virtual string AlgorithmName
diff --git a/crypto/src/crypto/operators/Asn1Signature.cs b/crypto/src/crypto/operators/Asn1Signature.cs
index 3a20e4bff..e023c1d18 100644
--- a/crypto/src/crypto/operators/Asn1Signature.cs
+++ b/crypto/src/crypto/operators/Asn1Signature.cs
@@ -170,13 +170,13 @@ namespace Org.BouncyCastle.Crypto.Operators
if (parameters != null && !derNull.Equals(parameters))
{
- if (sigAlgId.ObjectID.Equals(PkcsObjectIdentifiers.IdRsassaPss))
+ if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss))
{
RsassaPssParameters rsaParams = RsassaPssParameters.GetInstance(parameters);
- return GetDigestAlgName(rsaParams.HashAlgorithm.ObjectID) + "withRSAandMGF1";
+ return GetDigestAlgName(rsaParams.HashAlgorithm.Algorithm) + "withRSAandMGF1";
}
- if (sigAlgId.ObjectID.Equals(X9ObjectIdentifiers.ECDsaWithSha2))
+ if (sigAlgId.Algorithm.Equals(X9ObjectIdentifiers.ECDsaWithSha2))
{
Asn1Sequence ecDsaParams = Asn1Sequence.GetInstance(parameters);
@@ -184,7 +184,7 @@ namespace Org.BouncyCastle.Crypto.Operators
}
}
- return sigAlgId.ObjectID.Id;
+ return sigAlgId.Algorithm.Id;
}
private static RsassaPssParameters CreatePssParams(
diff --git a/crypto/src/math/BigInteger.cs b/crypto/src/math/BigInteger.cs
index 3d0509fe0..794f252e8 100644
--- a/crypto/src/math/BigInteger.cs
+++ b/crypto/src/math/BigInteger.cs
@@ -681,6 +681,7 @@ namespace Org.BouncyCastle.Math
int xBits = BitsPerByte * nBytes - bitLength;
byte mask = (byte)(255U >> xBits);
+ byte lead = (byte)(1 << (7 - xBits));
for (;;)
{
@@ -690,7 +691,7 @@ namespace Org.BouncyCastle.Math
b[0] &= mask;
// ensure the leading bit is 1 (to meet the strength requirement)
- b[0] |= (byte)(1 << (7 - xBits));
+ b[0] |= lead;
// ensure the trailing bit is 1 (i.e. must be odd)
b[nBytes - 1] |= 1;
@@ -705,18 +706,13 @@ namespace Org.BouncyCastle.Math
if (CheckProbablePrime(certainty, random, true))
break;
- if (bitLength > 32)
+ for (int j = 1; j < magnitude.Length; ++j)
{
- for (int rep = 0; rep < 10000; ++rep)
- {
- int n = 33 + random.Next(bitLength - 2);
- this.magnitude[this.magnitude.Length - (n >> 5)] ^= (1 << (n & 31));
- this.magnitude[this.magnitude.Length - 1] ^= ((random.Next() + 1) << 1);
- this.mQuote = 0;
+ this.magnitude[j] ^= (random.Next() << 1);
+ this.mQuote = 0;
- if (CheckProbablePrime(certainty, random, true))
- return;
- }
+ if (CheckProbablePrime(certainty, random, true))
+ return;
}
}
}
@@ -968,7 +964,7 @@ namespace Org.BouncyCastle.Math
//
// BitLen(value) is the number of bits in value.
//
- private static int BitLen(int w)
+ internal static int BitLen(int w)
{
uint v = (uint)w;
uint t = v >> 24;
diff --git a/crypto/src/ocsp/BasicOCSPResp.cs b/crypto/src/ocsp/BasicOCSPResp.cs
index 4253726bb..63ab8921e 100644
--- a/crypto/src/ocsp/BasicOCSPResp.cs
+++ b/crypto/src/ocsp/BasicOCSPResp.cs
@@ -95,12 +95,12 @@ namespace Org.BouncyCastle.Ocsp
public string SignatureAlgName
{
- get { return OcspUtilities.GetAlgorithmName(resp.SignatureAlgorithm.ObjectID); }
+ get { return OcspUtilities.GetAlgorithmName(resp.SignatureAlgorithm.Algorithm); }
}
public string SignatureAlgOid
{
- get { return resp.SignatureAlgorithm.ObjectID.Id; }
+ get { return resp.SignatureAlgorithm.Algorithm.Id; }
}
[Obsolete("RespData class is no longer required as all functionality is available on this class")]
@@ -111,7 +111,7 @@ namespace Org.BouncyCastle.Ocsp
public byte[] GetSignature()
{
- return resp.Signature.GetBytes();
+ return resp.GetSignatureOctets();
}
private IList GetCertList()
diff --git a/crypto/src/ocsp/CertificateID.cs b/crypto/src/ocsp/CertificateID.cs
index a8f035759..ec902d5c3 100644
--- a/crypto/src/ocsp/CertificateID.cs
+++ b/crypto/src/ocsp/CertificateID.cs
@@ -43,7 +43,7 @@ namespace Org.BouncyCastle.Ocsp
public string HashAlgOid
{
- get { return id.HashAlgorithm.ObjectID.Id; }
+ get { return id.HashAlgorithm.Algorithm.Id; }
}
public byte[] GetIssuerNameHash()
@@ -118,7 +118,7 @@ namespace Org.BouncyCastle.Ocsp
{
try
{
- String hashAlgorithm = hashAlg.ObjectID.Id;
+ String hashAlgorithm = hashAlg.Algorithm.Id;
X509Name issuerName = PrincipalUtilities.GetSubjectX509Principal(issuerCert);
byte[] issuerNameHash = DigestUtilities.CalculateDigest(
diff --git a/crypto/src/ocsp/OCSPReq.cs b/crypto/src/ocsp/OCSPReq.cs
index 84808e50a..0cd95c6d6 100644
--- a/crypto/src/ocsp/OCSPReq.cs
+++ b/crypto/src/ocsp/OCSPReq.cs
@@ -144,7 +144,7 @@ namespace Org.BouncyCastle.Ocsp
if (!this.IsSigned)
return null;
- return req.OptionalSignature.SignatureAlgorithm.ObjectID.Id;
+ return req.OptionalSignature.SignatureAlgorithm.Algorithm.Id;
}
}
@@ -153,10 +153,10 @@ namespace Org.BouncyCastle.Ocsp
if (!this.IsSigned)
return null;
- return req.OptionalSignature.SignatureValue.GetBytes();
+ return req.OptionalSignature.GetSignatureOctets();
}
- private IList GetCertList()
+ private IList GetCertList()
{
// load the certificates if we have any
diff --git a/crypto/src/openssl/MiscPemGenerator.cs b/crypto/src/openssl/MiscPemGenerator.cs
index 6b91e8b1c..568465fe4 100644
--- a/crypto/src/openssl/MiscPemGenerator.cs
+++ b/crypto/src/openssl/MiscPemGenerator.cs
@@ -218,7 +218,7 @@ namespace Org.BouncyCastle.OpenSsl
{
PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(akp);
AlgorithmIdentifier algID = info.PrivateKeyAlgorithm;
- DerObjectIdentifier oid = algID.ObjectID;
+ DerObjectIdentifier oid = algID.Algorithm;
if (oid.Equals(X9ObjectIdentifiers.IdDsa))
{
diff --git a/crypto/src/pkcs/Pkcs10CertificationRequest.cs b/crypto/src/pkcs/Pkcs10CertificationRequest.cs
index 1789f2a70..0411d9190 100644
--- a/crypto/src/pkcs/Pkcs10CertificationRequest.cs
+++ b/crypto/src/pkcs/Pkcs10CertificationRequest.cs
@@ -344,7 +344,7 @@ namespace Org.BouncyCastle.Pkcs
Platform.Dispose(streamCalculator.Stream);
- return ((IVerifier)streamCalculator.GetResult()).IsVerified(sigBits.GetBytes());
+ return ((IVerifier)streamCalculator.GetResult()).IsVerified(sigBits.GetOctets());
}
catch (Exception e)
{
@@ -402,14 +402,14 @@ namespace Org.BouncyCastle.Pkcs
if (asn1Params != null && !(asn1Params is Asn1Null))
{
- if (sigAlgId.ObjectID.Equals(PkcsObjectIdentifiers.IdRsassaPss))
+ if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss))
{
RsassaPssParameters rsaParams = RsassaPssParameters.GetInstance(asn1Params);
- return GetDigestAlgName(rsaParams.HashAlgorithm.ObjectID) + "withRSAandMGF1";
+ return GetDigestAlgName(rsaParams.HashAlgorithm.Algorithm) + "withRSAandMGF1";
}
}
- return sigAlgId.ObjectID.Id;
+ return sigAlgId.Algorithm.Id;
}
private static string GetDigestAlgName(
diff --git a/crypto/src/pkcs/Pkcs12Store.cs b/crypto/src/pkcs/Pkcs12Store.cs
index ba3c208e8..137c3d6a6 100644
--- a/crypto/src/pkcs/Pkcs12Store.cs
+++ b/crypto/src/pkcs/Pkcs12Store.cs
@@ -213,7 +213,7 @@ namespace Org.BouncyCastle.Pkcs
byte[] data = ((Asn1OctetString) info.Content).GetOctets();
- byte[] mac = CalculatePbeMac(algId.ObjectID, salt, itCount, password, false, data);
+ byte[] mac = CalculatePbeMac(algId.Algorithm, salt, itCount, password, false, data);
byte[] dig = dInfo.GetDigest();
if (!Arrays.ConstantTimeAreEqual(mac, dig))
@@ -222,7 +222,7 @@ namespace Org.BouncyCastle.Pkcs
throw new IOException("PKCS12 key store MAC invalid - wrong password or corrupted file.");
// Try with incorrect zero length password
- mac = CalculatePbeMac(algId.ObjectID, salt, itCount, password, true, data);
+ mac = CalculatePbeMac(algId.Algorithm, salt, itCount, password, true, data);
if (!Arrays.ConstantTimeAreEqual(mac, dig))
throw new IOException("PKCS12 key store MAC invalid - wrong password or corrupted file.");
@@ -1015,14 +1015,14 @@ namespace Org.BouncyCastle.Pkcs
bool wrongPkcs12Zero,
byte[] data)
{
- IBufferedCipher cipher = PbeUtilities.CreateEngine(algId.ObjectID) as IBufferedCipher;
+ IBufferedCipher cipher = PbeUtilities.CreateEngine(algId.Algorithm) as IBufferedCipher;
if (cipher == null)
- throw new Exception("Unknown encryption algorithm: " + algId.ObjectID);
+ throw new Exception("Unknown encryption algorithm: " + algId.Algorithm);
Pkcs12PbeParams pbeParameters = Pkcs12PbeParams.GetInstance(algId.Parameters);
ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters(
- algId.ObjectID, password, wrongPkcs12Zero, pbeParameters);
+ algId.Algorithm, password, wrongPkcs12Zero, pbeParameters);
cipher.Init(forEncryption, cipherParams);
return cipher.DoFinal(data);
}
diff --git a/crypto/src/pkcs/Pkcs12Utilities.cs b/crypto/src/pkcs/Pkcs12Utilities.cs
index d35c8b6a2..923eca5a5 100644
--- a/crypto/src/pkcs/Pkcs12Utilities.cs
+++ b/crypto/src/pkcs/Pkcs12Utilities.cs
@@ -56,10 +56,10 @@ namespace Org.BouncyCastle.Pkcs
int itCount = mData.IterationCount.IntValue;
byte[] data = Asn1OctetString.GetInstance(info.Content).GetOctets();
byte[] res = Pkcs12Store.CalculatePbeMac(
- mData.Mac.AlgorithmID.ObjectID, mData.GetSalt(), itCount, passwd, false, data);
+ mData.Mac.AlgorithmID.Algorithm, mData.GetSalt(), itCount, passwd, false, data);
AlgorithmIdentifier algId = new AlgorithmIdentifier(
- mData.Mac.AlgorithmID.ObjectID, DerNull.Instance);
+ mData.Mac.AlgorithmID.Algorithm, DerNull.Instance);
DigestInfo dInfo = new DigestInfo(algId, res);
mData = new MacData(dInfo, mData.GetSalt(), itCount);
diff --git a/crypto/src/pkcs/PrivateKeyInfoFactory.cs b/crypto/src/pkcs/PrivateKeyInfoFactory.cs
index 723d50f08..c6aab4884 100644
--- a/crypto/src/pkcs/PrivateKeyInfoFactory.cs
+++ b/crypto/src/pkcs/PrivateKeyInfoFactory.cs
@@ -195,7 +195,7 @@ namespace Org.BouncyCastle.Pkcs
IBufferedCipher cipher = PbeUtilities.CreateEngine(algID) as IBufferedCipher;
if (cipher == null)
- throw new Exception("Unknown encryption algorithm: " + algID.ObjectID);
+ throw new Exception("Unknown encryption algorithm: " + algID.Algorithm);
ICipherParameters cipherParameters = PbeUtilities.GenerateCipherParameters(
algID, passPhrase, wrongPkcs12Zero);
diff --git a/crypto/src/pkix/PkixCertPathValidator.cs b/crypto/src/pkix/PkixCertPathValidator.cs
index 7eb838886..fcfa63837 100644
--- a/crypto/src/pkix/PkixCertPathValidator.cs
+++ b/crypto/src/pkix/PkixCertPathValidator.cs
@@ -204,7 +204,7 @@ namespace Org.BouncyCastle.Pkix
"Algorithm identifier of public key of trust anchor could not be read.", e, certPath, -1);
}
-// DerObjectIdentifier workingPublicKeyAlgorithm = workingAlgId.ObjectID;
+// DerObjectIdentifier workingPublicKeyAlgorithm = workingAlgId.Algorithm;
// Asn1Encodable workingPublicKeyParameters = workingAlgId.Parameters;
//
@@ -358,7 +358,7 @@ namespace Org.BouncyCastle.Pkix
workingAlgId = PkixCertPathValidatorUtilities.GetAlgorithmIdentifier(workingPublicKey);
// (f)
-// workingPublicKeyAlgorithm = workingAlgId.ObjectID;
+// workingPublicKeyAlgorithm = workingAlgId.Algorithm;
// (e)
// workingPublicKeyParameters = workingAlgId.Parameters;
}
diff --git a/crypto/src/security/PbeUtilities.cs b/crypto/src/security/PbeUtilities.cs
index 56d68ba0a..0cb235ae6 100644
--- a/crypto/src/security/PbeUtilities.cs
+++ b/crypto/src/security/PbeUtilities.cs
@@ -345,7 +345,7 @@ namespace Org.BouncyCastle.Security
AlgorithmIdentifier algID,
char[] password)
{
- return GenerateCipherParameters(algID.ObjectID.Id, password, false, algID.Parameters);
+ return GenerateCipherParameters(algID.Algorithm.Id, password, false, algID.Parameters);
}
public static ICipherParameters GenerateCipherParameters(
@@ -353,7 +353,7 @@ namespace Org.BouncyCastle.Security
char[] password,
bool wrongPkcs12Zero)
{
- return GenerateCipherParameters(algID.ObjectID.Id, password, wrongPkcs12Zero, algID.Parameters);
+ return GenerateCipherParameters(algID.Algorithm.Id, password, wrongPkcs12Zero, algID.Parameters);
}
public static ICipherParameters GenerateCipherParameters(
@@ -401,10 +401,10 @@ namespace Org.BouncyCastle.Security
{
PbeS2Parameters s2p = PbeS2Parameters.GetInstance(pbeParameters.ToAsn1Object());
AlgorithmIdentifier encScheme = s2p.EncryptionScheme;
- DerObjectIdentifier encOid = encScheme.ObjectID;
+ DerObjectIdentifier encOid = encScheme.Algorithm;
Asn1Object encParams = encScheme.Parameters.ToAsn1Object();
- // TODO What about s2p.KeyDerivationFunc.ObjectID?
+ // TODO What about s2p.KeyDerivationFunc.Algorithm?
Pbkdf2Params pbeParams = Pbkdf2Params.GetInstance(s2p.KeyDerivationFunc.Parameters.ToAsn1Object());
byte[] iv;
@@ -577,13 +577,13 @@ namespace Org.BouncyCastle.Security
public static object CreateEngine(
AlgorithmIdentifier algID)
{
- string algorithm = algID.ObjectID.Id;
+ string algorithm = algID.Algorithm.Id;
if (IsPkcs5Scheme2(algorithm))
{
PbeS2Parameters s2p = PbeS2Parameters.GetInstance(algID.Parameters.ToAsn1Object());
AlgorithmIdentifier encScheme = s2p.EncryptionScheme;
- return CipherUtilities.GetCipher(encScheme.ObjectID);
+ return CipherUtilities.GetCipher(encScheme.Algorithm);
}
return CreateEngine(algorithm);
diff --git a/crypto/src/security/PrivateKeyFactory.cs b/crypto/src/security/PrivateKeyFactory.cs
index edc5ef85a..b9538b33d 100644
--- a/crypto/src/security/PrivateKeyFactory.cs
+++ b/crypto/src/security/PrivateKeyFactory.cs
@@ -45,7 +45,7 @@ namespace Org.BouncyCastle.Security
PrivateKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.PrivateKeyAlgorithm;
- DerObjectIdentifier algOid = algID.ObjectID;
+ DerObjectIdentifier algOid = algID.Algorithm;
// TODO See RSAUtil.isRsaOid in Java build
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption)
diff --git a/crypto/src/security/PublicKeyFactory.cs b/crypto/src/security/PublicKeyFactory.cs
index 8c0be4f70..f1b28b774 100644
--- a/crypto/src/security/PublicKeyFactory.cs
+++ b/crypto/src/security/PublicKeyFactory.cs
@@ -44,7 +44,7 @@ namespace Org.BouncyCastle.Security
SubjectPublicKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.AlgorithmID;
- DerObjectIdentifier algOid = algID.ObjectID;
+ DerObjectIdentifier algOid = algID.Algorithm;
// TODO See RSAUtil.isRsaOid in Java build
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption)
diff --git a/crypto/src/tsp/TimeStampRequest.cs b/crypto/src/tsp/TimeStampRequest.cs
index 6b9699379..f54d33e04 100644
--- a/crypto/src/tsp/TimeStampRequest.cs
+++ b/crypto/src/tsp/TimeStampRequest.cs
@@ -77,7 +77,7 @@ namespace Org.BouncyCastle.Tsp
public string MessageImprintAlgOid
{
- get { return req.MessageImprint.HashAlgorithm.ObjectID.Id; }
+ get { return req.MessageImprint.HashAlgorithm.Algorithm.Id; }
}
public byte[] GetMessageImprintDigest()
diff --git a/crypto/src/tsp/TimeStampResponseGenerator.cs b/crypto/src/tsp/TimeStampResponseGenerator.cs
index 8d798de67..b596f8d97 100644
--- a/crypto/src/tsp/TimeStampResponseGenerator.cs
+++ b/crypto/src/tsp/TimeStampResponseGenerator.cs
@@ -166,9 +166,8 @@ namespace Org.BouncyCastle.Tsp
class FailInfo
: DerBitString
{
- internal FailInfo(
- int failInfoValue)
- : base(GetBytes(failInfoValue), GetPadBits(failInfoValue))
+ internal FailInfo(int failInfoValue)
+ : base(failInfoValue)
{
}
}
diff --git a/crypto/src/tsp/TimeStampToken.cs b/crypto/src/tsp/TimeStampToken.cs
index 51a9592dc..105208a7d 100644
--- a/crypto/src/tsp/TimeStampToken.cs
+++ b/crypto/src/tsp/TimeStampToken.cs
@@ -271,10 +271,10 @@ namespace Org.BouncyCastle.Tsp
if (certID != null)
return "SHA-1";
- if (NistObjectIdentifiers.IdSha256.Equals(certIDv2.HashAlgorithm.ObjectID))
+ if (NistObjectIdentifiers.IdSha256.Equals(certIDv2.HashAlgorithm.Algorithm))
return "SHA-256";
- return certIDv2.HashAlgorithm.ObjectID.Id;
+ return certIDv2.HashAlgorithm.Algorithm.Id;
}
public AlgorithmIdentifier GetHashAlgorithm()
diff --git a/crypto/src/tsp/TimeStampTokenInfo.cs b/crypto/src/tsp/TimeStampTokenInfo.cs
index 5027a87c4..cdef826bc 100644
--- a/crypto/src/tsp/TimeStampTokenInfo.cs
+++ b/crypto/src/tsp/TimeStampTokenInfo.cs
@@ -86,7 +86,7 @@ namespace Org.BouncyCastle.Tsp
public string MessageImprintAlgOid
{
- get { return tstInfo.MessageImprint.HashAlgorithm.ObjectID.Id; }
+ get { return tstInfo.MessageImprint.HashAlgorithm.Algorithm.Id; }
}
public byte[] GetMessageImprintDigest()
diff --git a/crypto/src/x509/AttributeCertificateHolder.cs b/crypto/src/x509/AttributeCertificateHolder.cs
index 3a6af4c20..04460cd59 100644
--- a/crypto/src/x509/AttributeCertificateHolder.cs
+++ b/crypto/src/x509/AttributeCertificateHolder.cs
@@ -103,7 +103,7 @@ namespace Org.BouncyCastle.X509
// TODO Allow 'objectDigest' to be null?
holder = new Holder(new ObjectDigestInfo(digestedObjectType, otherObjectTypeID,
- new AlgorithmIdentifier(digestAlgorithm), Arrays.Clone(objectDigest)));
+ new AlgorithmIdentifier(new DerObjectIdentifier(digestAlgorithm)), Arrays.Clone(objectDigest)));
}
/**
@@ -147,7 +147,7 @@ namespace Org.BouncyCastle.X509
return odi == null
? null
- : odi.DigestAlgorithm.ObjectID.Id;
+ : odi.DigestAlgorithm.Algorithm.Id;
}
}
diff --git a/crypto/src/x509/X509Certificate.cs b/crypto/src/x509/X509Certificate.cs
index fc7f96aa9..6d7bd7a61 100644
--- a/crypto/src/x509/X509Certificate.cs
+++ b/crypto/src/x509/X509Certificate.cs
@@ -237,16 +237,16 @@ namespace Org.BouncyCastle.X509
/// <returns>A byte array containg the signature of the certificate.</returns>
public virtual byte[] GetSignature()
{
- return c.Signature.GetBytes();
+ return c.GetSignatureOctets();
}
- /// <summary>
+ /// <summary>
/// A meaningful version of the Signature Algorithm. (EG SHA1WITHRSA)
/// </summary>
/// <returns>A sting representing the signature algorithm.</returns>
public virtual string SigAlgName
{
- get { return SignerUtilities.GetEncodingName(c.SignatureAlgorithm.ObjectID); }
+ get { return SignerUtilities.GetEncodingName(c.SignatureAlgorithm.Algorithm); }
}
/// <summary>
@@ -255,7 +255,7 @@ namespace Org.BouncyCastle.X509
/// <returns>A string containg a '.' separated object id.</returns>
public virtual string SigAlgOid
{
- get { return c.SignatureAlgorithm.ObjectID.Id; }
+ get { return c.SignatureAlgorithm.Algorithm.Id; }
}
/// <summary>
@@ -586,7 +586,7 @@ namespace Org.BouncyCastle.X509
private static bool IsAlgIDEqual(AlgorithmIdentifier id1, AlgorithmIdentifier id2)
{
- if (!id1.ObjectID.Equals(id2.ObjectID))
+ if (!id1.Algorithm.Equals(id2.Algorithm))
return false;
Asn1Encodable p1 = id1.Parameters;
diff --git a/crypto/src/x509/X509Crl.cs b/crypto/src/x509/X509Crl.cs
index 53de3e91f..ecfb14132 100644
--- a/crypto/src/x509/X509Crl.cs
+++ b/crypto/src/x509/X509Crl.cs
@@ -211,7 +211,7 @@ namespace Org.BouncyCastle.X509
public virtual byte[] GetSignature()
{
- return c.Signature.GetBytes();
+ return c.GetSignatureOctets();
}
public virtual string SigAlgName
@@ -221,7 +221,7 @@ namespace Org.BouncyCastle.X509
public virtual string SigAlgOid
{
- get { return c.SignatureAlgorithm.ObjectID.Id; }
+ get { return c.SignatureAlgorithm.Algorithm.Id; }
}
public virtual byte[] GetSigAlgParams()
diff --git a/crypto/src/x509/X509SignatureUtil.cs b/crypto/src/x509/X509SignatureUtil.cs
index 7a4ab1448..858b8f446 100644
--- a/crypto/src/x509/X509SignatureUtil.cs
+++ b/crypto/src/x509/X509SignatureUtil.cs
@@ -55,13 +55,13 @@ namespace Org.BouncyCastle.X509
if (parameters != null && !derNull.Equals(parameters))
{
- if (sigAlgId.ObjectID.Equals(PkcsObjectIdentifiers.IdRsassaPss))
+ if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss))
{
RsassaPssParameters rsaParams = RsassaPssParameters.GetInstance(parameters);
- return GetDigestAlgName(rsaParams.HashAlgorithm.ObjectID) + "withRSAandMGF1";
+ return GetDigestAlgName(rsaParams.HashAlgorithm.Algorithm) + "withRSAandMGF1";
}
- if (sigAlgId.ObjectID.Equals(X9ObjectIdentifiers.ECDsaWithSha2))
+ if (sigAlgId.Algorithm.Equals(X9ObjectIdentifiers.ECDsaWithSha2))
{
Asn1Sequence ecDsaParams = Asn1Sequence.GetInstance(parameters);
@@ -69,7 +69,7 @@ namespace Org.BouncyCastle.X509
}
}
- return sigAlgId.ObjectID.Id;
+ return sigAlgId.Algorithm.Id;
}
/**
diff --git a/crypto/src/x509/X509V2AttributeCertificate.cs b/crypto/src/x509/X509V2AttributeCertificate.cs
index 9376538a1..c41b31239 100644
--- a/crypto/src/x509/X509V2AttributeCertificate.cs
+++ b/crypto/src/x509/X509V2AttributeCertificate.cs
@@ -147,9 +147,14 @@ namespace Org.BouncyCastle.X509
throw new CertificateNotYetValidException("certificate not valid until " + NotBefore);
}
+ public virtual AlgorithmIdentifier SignatureAlgorithm
+ {
+ get { return cert.SignatureAlgorithm; }
+ }
+
public virtual byte[] GetSignature()
{
- return cert.SignatureValue.GetBytes();
+ return cert.GetSignatureOctets();
}
public virtual void Verify(
|
