Cleanup after recent changes

3 files changed, 255 insertions, 59 deletions

diff --git a/crypto/test/src/tsp/test/NewTspTest.cs b/crypto/test/src/tsp/test/NewTspTest.cs
index dd2f084f2..74b3222ce 100644
--- a/crypto/test/src/tsp/test/NewTspTest.cs
+++ b/crypto/test/src/tsp/test/NewTspTest.cs
@@ -1,7 +1,11 @@
-using NUnit.Framework;
+using System;
+using System.Collections;
+using System.IO;
+
+using NUnit.Framework;
+
 using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Cmp;
-using Org.BouncyCastle.Asn1.Cms;
 using Org.BouncyCastle.Asn1.Ess;
 using Org.BouncyCastle.Asn1.Nist;
 using Org.BouncyCastle.Asn1.Oiw;
@@ -15,20 +19,13 @@ using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.Utilities.Date;
 using Org.BouncyCastle.X509;
 using Org.BouncyCastle.X509.Store;
-using System;
-using System.Collections;
-using System.IO;
-
 
 namespace Org.BouncyCastle.Tsp.Tests
 {
-
-
 	public class NewTspTest
 	{
 		private static DateTime UnixEpoch = new DateTime(1970, 1, 1, 0, 0, 0);
 
-
 		[Test]
 		public void TestGeneral()
 		{
@@ -38,19 +35,18 @@ namespace Org.BouncyCastle.Tsp.Tests
 
 			string origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU";
 			AsymmetricCipherKeyPair origKP = TspTestUtil.MakeKeyPair();
-			var privateKey = origKP.Private;
+			AsymmetricKeyParameter privateKey = origKP.Private;
 
-			var cert = TspTestUtil.MakeCertificate(origKP, origDN, signKP, signDN);
+			X509Certificate cert = TspTestUtil.MakeCertificate(origKP, origDN, signKP, signDN);
 
 			IList certList = new ArrayList();
 			certList.Add(cert);
 			certList.Add(signCert);
 
-			var certs = X509StoreFactory.Create(
+			IX509Store certs = X509StoreFactory.Create(
 				"Certificate/Collection",
 				new X509CollectionStoreParameters(certList));
 
-
 			basicTest(origKP.Private, cert, certs);
 			resolutionTest(origKP.Private, cert, certs, Resolution.R_SECONDS, "19700101000009Z");
 			resolutionTest(origKP.Private, cert, certs, Resolution.R_TENTHS_OF_SECONDS, "19700101000009.9Z");
@@ -71,7 +67,6 @@ namespace Org.BouncyCastle.Tsp.Tests
 			testNoNonse(origKP.Private, cert, certs);
 			extensionTest(origKP.Private, cert, certs);
 			additionalExtensionTest(origKP.Private, cert, certs);
-
 		}
 
         private void additionalExtensionTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
@@ -378,15 +373,15 @@ namespace Org.BouncyCastle.Tsp.Tests
 			{
 				tsToken.Validate(cert);
 			}
-			catch (TspValidationException e)
+			catch (TspValidationException)
 			{
 				Assert.Fail("certReq(false) verification of token failed.");
 			}
 
-			var store = tsToken.GetCertificates();
-			var certsColl = store.GetMatches(null);
+			IX509Store store = tsToken.GetCertificates();
+			ICollection certsColl = store.GetMatches(null);
 
-			if (certsColl.Count >0)
+			if (certsColl.Count > 0)
 			{
 				Assert.Fail("certReq(false) found certificates in response.");
 			}
@@ -654,7 +649,7 @@ namespace Org.BouncyCastle.Tsp.Tests
 				IStreamCalculator calc = digCalc.CreateCalculator();
 				using (Stream s = calc.Stream)
 				{
-					var crt = cert.GetEncoded();
+					byte[] crt = cert.GetEncoded();
 					s.Write(crt, 0, crt.Length);
 				}
 
@@ -667,7 +662,7 @@ namespace Org.BouncyCastle.Tsp.Tests
 				IStreamCalculator calc = digCalc.CreateCalculator();
 				using (Stream s = calc.Stream)
 				{
-					var crt = cert.GetEncoded();
+					byte[] crt = cert.GetEncoded();
 					s.Write(crt, 0, crt.Length);
 				}
 
@@ -761,13 +756,12 @@ namespace Org.BouncyCastle.Tsp.Tests
 
 		private void basicSha256Test(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs)
 		{
-			var sInfoGenerator = makeInfoGenerator(privateKey, cert, TspAlgorithms.Sha256, null, null);
-			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
-				sInfoGenerator,
-				Asn1DigestFactory.Get(NistObjectIdentifiers.IdSha256), new DerObjectIdentifier("1.2"), true);
-
+			SignerInfoGenerator sInfoGenerator = makeInfoGenerator(privateKey, cert, TspAlgorithms.Sha256, null, null);
+            TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
+                sInfoGenerator,
+                Asn1DigestFactory.Get(NistObjectIdentifiers.IdSha256), new DerObjectIdentifier("1.2"), true);
 
-			tsTokenGen.SetCertificates(certs);
+            tsTokenGen.SetCertificates(certs);
 
 			TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
 			TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha256, new byte[32], BigInteger.ValueOf(100));
@@ -792,7 +786,7 @@ namespace Org.BouncyCastle.Tsp.Tests
 			IStreamCalculator calc = digCalc.CreateCalculator();
 			using (Stream s = calc.Stream)
 			{
-				var crt = cert.GetEncoded();
+				byte[] crt = cert.GetEncoded();
 				s.Write(crt, 0, crt.Length);
 			}
 
@@ -803,7 +797,6 @@ namespace Org.BouncyCastle.Tsp.Tests
 			Assert.IsTrue(Arrays.AreEqual(certHash, sigCertV2.GetCerts()[0].GetCertHash()));
 		}
 
-
 		private void resolutionTest(AsymmetricKeyParameter privateKey, X509.X509Certificate cert, IX509Store certs, Resolution resoution, string timeString)
 		{
 			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
@@ -882,8 +875,6 @@ namespace Org.BouncyCastle.Tsp.Tests
 		 Asn1.Cms.AttributeTable signedAttr,
 		 Asn1.Cms.AttributeTable unsignedAttr)
 		{
-
-
 			TspUtil.ValidateCertificate(cert);
 
 			//
@@ -896,13 +887,12 @@ namespace Org.BouncyCastle.Tsp.Tests
 			}
 			else
 			{
-				signedAttrs = Platform.CreateHashtable();
+				signedAttrs = new Hashtable();
 			}
 
-
-
-			string digestName = CmsSignedHelper.Instance.GetDigestAlgName(digestOID);
-			string signatureName = digestName + "with" + CmsSignedHelper.Instance.GetEncryptionAlgName(CmsSignedHelper.Instance.GetEncOid(key, digestOID));
+            string digestName = TspTestUtil.GetDigestAlgName(digestOID);
+            string signatureName = digestName + "with" + TspTestUtil.GetEncryptionAlgName(
+				TspTestUtil.GetEncOid(key, digestOID));
 
 			Asn1SignatureFactory sigfact = new Asn1SignatureFactory(signatureName, key);
 			return new SignerInfoGeneratorBuilder()
diff --git a/crypto/test/src/tsp/test/TSPTest.cs b/crypto/test/src/tsp/test/TSPTest.cs
index cb72f967b..968929b6d 100644
--- a/crypto/test/src/tsp/test/TSPTest.cs
+++ b/crypto/test/src/tsp/test/TSPTest.cs
@@ -558,8 +558,7 @@ namespace Org.BouncyCastle.Tsp.Tests
 		[Test]
 		public void TestBasicSha256()
         {
-
-			var sInfoGenerator = makeInfoGenerator(privateKey, cert, TspAlgorithms.Sha256, null, null);
+			SignerInfoGenerator sInfoGenerator = MakeInfoGenerator(privateKey, cert, TspAlgorithms.Sha256, null, null);
 			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
 				sInfoGenerator,
 				Asn1DigestFactory.Get(NistObjectIdentifiers.IdSha256),new DerObjectIdentifier("1.2"),true);
@@ -586,29 +585,21 @@ namespace Org.BouncyCastle.Tsp.Tests
 
 			AttributeTable table = tsToken.SignedAttributes;
 
-			var r = table.Get(PkcsObjectIdentifiers.IdAASigningCertificateV2);
+			Asn1.Cms.Attribute r = table[PkcsObjectIdentifiers.IdAASigningCertificateV2];
 			Assert.NotNull(r);
 			Assert.AreEqual(PkcsObjectIdentifiers.IdAASigningCertificateV2, r.AttrType);
-			var set = r.AttrValues;
+			Asn1Set set = r.AttrValues;
 			SigningCertificateV2 sCert = SigningCertificateV2.GetInstance(set[0]);
 
-			var issSerNum = sCert.GetCerts()[0].IssuerSerial;
+			Asn1.X509.IssuerSerial issSerNum = sCert.GetCerts()[0].IssuerSerial;
 
 			Assert.AreEqual(cert.SerialNumber, issSerNum.Serial.Value);	
-
 		}
 
-		internal static SignerInfoGenerator makeInfoGenerator(
-		 AsymmetricKeyParameter key,
-		 X509Certificate cert,
-		 string digestOID,
-
-		 Asn1.Cms.AttributeTable signedAttr,
-		 Asn1.Cms.AttributeTable unsignedAttr)
-		{
-
-
-			TspUtil.ValidateCertificate(cert);
+        internal static SignerInfoGenerator MakeInfoGenerator(AsymmetricKeyParameter key, X509Certificate cert,
+			string digestOID, Asn1.Cms.AttributeTable signedAttr, Asn1.Cms.AttributeTable unsignedAttr)
+        {
+            TspUtil.ValidateCertificate(cert);
 
 			//
 			// Add the ESSCertID attribute
@@ -620,13 +611,12 @@ namespace Org.BouncyCastle.Tsp.Tests
 			}
 			else
 			{
-				signedAttrs = Platform.CreateHashtable();
+				signedAttrs = new Hashtable();
 			}
 
-	
-
-			string digestName = CmsSignedHelper.Instance.GetDigestAlgName(digestOID);
-			string signatureName = digestName + "with" + CmsSignedHelper.Instance.GetEncryptionAlgName(CmsSignedHelper.Instance.GetEncOid(key, digestOID));
+			string digestName = TspTestUtil.GetDigestAlgName(digestOID);
+			string signatureName = digestName + "with" + TspTestUtil.GetEncryptionAlgName(
+				TspTestUtil.GetEncOid(key, digestOID));
 
 			Asn1SignatureFactory sigfact = new Asn1SignatureFactory(signatureName, key);
 			return new SignerInfoGeneratorBuilder()
@@ -637,6 +627,5 @@ namespace Org.BouncyCastle.Tsp.Tests
 				new SimpleAttributeTableGenerator(unsignedAttr))
 				.Build(sigfact, cert);
 		}
-
 	}
 }
diff --git a/crypto/test/src/tsp/test/TSPTestUtil.cs b/crypto/test/src/tsp/test/TSPTestUtil.cs
index f7b0c833a..c8c6a63c0 100644
--- a/crypto/test/src/tsp/test/TSPTestUtil.cs
+++ b/crypto/test/src/tsp/test/TSPTestUtil.cs
@@ -1,13 +1,21 @@
 using System;
+using System.Collections;
 using System.Text;
 
 using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Eac;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.TeleTrust;
 using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
 using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Crypto.Generators;
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Math;
 using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Collections;
 using Org.BouncyCastle.Utilities.Encoders;
 using Org.BouncyCastle.X509;
 
@@ -26,6 +34,44 @@ namespace Org.BouncyCastle.Tsp.Tests
 		public static readonly bool Debug = true;
 		public static DerObjectIdentifier EuroPkiTsaTestPolicy = new DerObjectIdentifier("1.3.6.1.4.1.5255.5.1");
 
+		private static readonly string EncryptionECDsaWithSha1 = X9ObjectIdentifiers.ECDsaWithSha1.Id;
+		private static readonly string EncryptionECDsaWithSha224 = X9ObjectIdentifiers.ECDsaWithSha224.Id;
+		private static readonly string EncryptionECDsaWithSha256 = X9ObjectIdentifiers.ECDsaWithSha256.Id;
+		private static readonly string EncryptionECDsaWithSha384 = X9ObjectIdentifiers.ECDsaWithSha384.Id;
+		private static readonly string EncryptionECDsaWithSha512 = X9ObjectIdentifiers.ECDsaWithSha512.Id;
+
+		public static readonly string DigestSha1 = OiwObjectIdentifiers.IdSha1.Id;
+		public static readonly string DigestSha224 = NistObjectIdentifiers.IdSha224.Id;
+		public static readonly string DigestSha256 = NistObjectIdentifiers.IdSha256.Id;
+		public static readonly string DigestSha384 = NistObjectIdentifiers.IdSha384.Id;
+		public static readonly string DigestSha512 = NistObjectIdentifiers.IdSha512.Id;
+		public static readonly string DigestMD5 = PkcsObjectIdentifiers.MD5.Id;
+		public static readonly string DigestGost3411 = CryptoProObjectIdentifiers.GostR3411.Id;
+		public static readonly string DigestRipeMD128 = TeleTrusTObjectIdentifiers.RipeMD128.Id;
+		public static readonly string DigestRipeMD160 = TeleTrusTObjectIdentifiers.RipeMD160.Id;
+		public static readonly string DigestRipeMD256 = TeleTrusTObjectIdentifiers.RipeMD256.Id;
+
+		public static readonly string EncryptionRsa = PkcsObjectIdentifiers.RsaEncryption.Id;
+		public static readonly string EncryptionDsa = X9ObjectIdentifiers.IdDsaWithSha1.Id;
+		public static readonly string EncryptionECDsa = X9ObjectIdentifiers.ECDsaWithSha1.Id;
+		public static readonly string EncryptionRsaPss = PkcsObjectIdentifiers.IdRsassaPss.Id;
+		public static readonly string EncryptionGost3410 = CryptoProObjectIdentifiers.GostR3410x94.Id;
+		public static readonly string EncryptionECGost3410 = CryptoProObjectIdentifiers.GostR3410x2001.Id;
+
+		private static readonly IDictionary encryptionAlgs = new Hashtable();
+		private static readonly IDictionary digestAlgs = new Hashtable();
+		private static readonly IDictionary digestAliases = new Hashtable();
+
+		private static readonly ISet noParams = new HashSet();
+		private static readonly IDictionary ecAlgorithms = new Hashtable();
+
+		private static void AddEntries(DerObjectIdentifier oid, string digest, string encryption)
+		{
+			string alias = oid.Id;
+			digestAlgs.Add(alias, digest);
+			encryptionAlgs.Add(alias, encryption);
+		}
+
 		static TspTestUtil()
 		{
 			rand = new SecureRandom();
@@ -50,6 +96,83 @@ namespace Org.BouncyCastle.Tsp.Tests
 			rc2128kg.Init(new KeyGenerationParameters(rand, 128));
 
 			serialNumber = BigInteger.One;
+
+			AddEntries(NistObjectIdentifiers.DsaWithSha224, "SHA224", "DSA");
+			AddEntries(NistObjectIdentifiers.DsaWithSha256, "SHA256", "DSA");
+			AddEntries(NistObjectIdentifiers.DsaWithSha384, "SHA384", "DSA");
+			AddEntries(NistObjectIdentifiers.DsaWithSha512, "SHA512", "DSA");
+			AddEntries(OiwObjectIdentifiers.DsaWithSha1, "SHA1", "DSA");
+			AddEntries(OiwObjectIdentifiers.MD4WithRsa, "MD4", "RSA");
+			AddEntries(OiwObjectIdentifiers.MD4WithRsaEncryption, "MD4", "RSA");
+			AddEntries(OiwObjectIdentifiers.MD5WithRsa, "MD5", "RSA");
+			AddEntries(OiwObjectIdentifiers.Sha1WithRsa, "SHA1", "RSA");
+			AddEntries(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2", "RSA");
+			AddEntries(PkcsObjectIdentifiers.MD4WithRsaEncryption, "MD4", "RSA");
+			AddEntries(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5", "RSA");
+			AddEntries(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1", "RSA");
+			AddEntries(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224", "RSA");
+			AddEntries(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256", "RSA");
+			AddEntries(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384", "RSA");
+			AddEntries(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512", "RSA");
+			AddEntries(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1", "ECDSA");
+			AddEntries(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224", "ECDSA");
+			AddEntries(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256", "ECDSA");
+			AddEntries(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384", "ECDSA");
+			AddEntries(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512", "ECDSA");
+			AddEntries(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1", "DSA");
+			AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_1, "SHA1", "ECDSA");
+			AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224", "ECDSA");
+			AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256", "ECDSA");
+			AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384", "ECDSA");
+			AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512", "ECDSA");
+			AddEntries(EacObjectIdentifiers.id_TA_RSA_v1_5_SHA_1, "SHA1", "RSA");
+			AddEntries(EacObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, "SHA256", "RSA");
+			AddEntries(EacObjectIdentifiers.id_TA_RSA_PSS_SHA_1, "SHA1", "RSAandMGF1");
+			AddEntries(EacObjectIdentifiers.id_TA_RSA_PSS_SHA_256, "SHA256", "RSAandMGF1");
+
+			encryptionAlgs.Add(X9ObjectIdentifiers.IdDsa.Id, "DSA");
+			encryptionAlgs.Add(PkcsObjectIdentifiers.RsaEncryption.Id, "RSA");
+			encryptionAlgs.Add(TeleTrusTObjectIdentifiers.TeleTrusTRsaSignatureAlgorithm.Id, "RSA");
+			encryptionAlgs.Add(X509ObjectIdentifiers.IdEARsa.Id, "RSA");
+			encryptionAlgs.Add(EncryptionRsaPss, "RSAandMGF1");
+			encryptionAlgs.Add(CryptoProObjectIdentifiers.GostR3410x94.Id, "GOST3410");
+			encryptionAlgs.Add(CryptoProObjectIdentifiers.GostR3410x2001.Id, "ECGOST3410");
+			encryptionAlgs.Add("1.3.6.1.4.1.5849.1.6.2", "ECGOST3410");
+			encryptionAlgs.Add("1.3.6.1.4.1.5849.1.1.5", "GOST3410");
+
+			digestAlgs.Add(PkcsObjectIdentifiers.MD2.Id, "MD2");
+			digestAlgs.Add(PkcsObjectIdentifiers.MD4.Id, "MD4");
+			digestAlgs.Add(PkcsObjectIdentifiers.MD5.Id, "MD5");
+			digestAlgs.Add(OiwObjectIdentifiers.IdSha1.Id, "SHA1");
+			digestAlgs.Add(NistObjectIdentifiers.IdSha224.Id, "SHA224");
+			digestAlgs.Add(NistObjectIdentifiers.IdSha256.Id, "SHA256");
+			digestAlgs.Add(NistObjectIdentifiers.IdSha384.Id, "SHA384");
+			digestAlgs.Add(NistObjectIdentifiers.IdSha512.Id, "SHA512");
+			digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD128.Id, "RIPEMD128");
+			digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD160.Id, "RIPEMD160");
+			digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD256.Id, "RIPEMD256");
+			digestAlgs.Add(CryptoProObjectIdentifiers.GostR3411.Id, "GOST3411");
+			digestAlgs.Add("1.3.6.1.4.1.5849.1.2.1", "GOST3411");
+
+			digestAliases.Add("SHA1", new string[] { "SHA-1" });
+			digestAliases.Add("SHA224", new string[] { "SHA-224" });
+			digestAliases.Add("SHA256", new string[] { "SHA-256" });
+			digestAliases.Add("SHA384", new string[] { "SHA-384" });
+			digestAliases.Add("SHA512", new string[] { "SHA-512" });
+
+			noParams.Add(EncryptionDsa);
+			//noParams.Add(EncryptionECDsa);
+			noParams.Add(EncryptionECDsaWithSha1);
+			noParams.Add(EncryptionECDsaWithSha224);
+			noParams.Add(EncryptionECDsaWithSha256);
+			noParams.Add(EncryptionECDsaWithSha384);
+			noParams.Add(EncryptionECDsaWithSha512);
+
+			ecAlgorithms.Add(DigestSha1, EncryptionECDsaWithSha1);
+			ecAlgorithms.Add(DigestSha224, EncryptionECDsaWithSha224);
+			ecAlgorithms.Add(DigestSha256, EncryptionECDsaWithSha256);
+			ecAlgorithms.Add(DigestSha384, EncryptionECDsaWithSha384);
+			ecAlgorithms.Add(DigestSha512, EncryptionECDsaWithSha512);
 		}
 
 		public static string DumpBase64(
@@ -75,6 +198,100 @@ namespace Org.BouncyCastle.Tsp.Tests
 			return buf.ToString();
 		}
 
+		public static string GetDigestAlgName(string digestAlgOid)
+		{
+			string algName = (string)digestAlgs[digestAlgOid];
+
+			if (algName != null)
+			{
+				return algName;
+			}
+
+			return digestAlgOid;
+		}
+
+		public static string GetEncryptionAlgName(string encryptionAlgOid)
+		{
+			string algName = (string)encryptionAlgs[encryptionAlgOid];
+
+			if (algName != null)
+			{
+				return algName;
+			}
+
+			return encryptionAlgOid;
+		}
+
+		internal static string GetEncOid(
+			AsymmetricKeyParameter key,
+			string digestOID)
+		{
+			string encOID = null;
+
+			if (key is RsaKeyParameters)
+			{
+				if (!((RsaKeyParameters)key).IsPrivate)
+					throw new ArgumentException("Expected RSA private key");
+
+				encOID = EncryptionRsa;
+			}
+			else if (key is DsaPrivateKeyParameters)
+			{
+				if (digestOID.Equals(DigestSha1))
+				{
+					encOID = EncryptionDsa;
+				}
+				else if (digestOID.Equals(DigestSha224))
+				{
+					encOID = NistObjectIdentifiers.DsaWithSha224.Id;
+				}
+				else if (digestOID.Equals(DigestSha256))
+				{
+					encOID = NistObjectIdentifiers.DsaWithSha256.Id;
+				}
+				else if (digestOID.Equals(DigestSha384))
+				{
+					encOID = NistObjectIdentifiers.DsaWithSha384.Id;
+				}
+				else if (digestOID.Equals(DigestSha512))
+				{
+					encOID = NistObjectIdentifiers.DsaWithSha512.Id;
+				}
+				else
+				{
+					throw new ArgumentException("can't mix DSA with anything but SHA1/SHA2");
+				}
+			}
+			else if (key is ECPrivateKeyParameters)
+			{
+				ECPrivateKeyParameters ecPrivKey = (ECPrivateKeyParameters)key;
+				string algName = ecPrivKey.AlgorithmName;
+
+				if (algName == "ECGOST3410")
+				{
+					encOID = EncryptionECGost3410;
+				}
+				else
+				{
+					// TODO Should we insist on algName being one of "EC" or "ECDSA", as Java does?
+					encOID = (string)ecAlgorithms[digestOID];
+
+					if (encOID == null)
+						throw new ArgumentException("can't mix ECDSA with anything but SHA family digests");
+				}
+			}
+			else if (key is Gost3410PrivateKeyParameters)
+			{
+				encOID = EncryptionGost3410;
+			}
+			else
+			{
+				throw new ArgumentException("Unknown algorithm in CmsSignedGenerator.GetEncOid");
+			}
+
+			return encOID;
+		}
+
 		public static AsymmetricCipherKeyPair MakeKeyPair()
 		{
 			return kpg.GenerateKeyPair();