diff options
| author | Peter Dettman <peter.dettman@gmail.com> | 2022-06-22 14:25:40 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@gmail.com> | 2022-06-22 14:25:40 +0700 |
| commit | d2c5b877bf9dad0ef9b393af2c17a6445780f0c4 (patch) | |
| tree | b95ffdebbb8dcfc175530d9281baa1b77b035e9b /crypto/test/src | |
| parent | ObsoleteAttribute cleanup (diff) | |
| download | BouncyCastle.NET-ed25519-d2c5b877bf9dad0ef9b393af2c17a6445780f0c4.tar.xz | |
ObsoleteAttribute cleanup
Diffstat (limited to 'crypto/test/src')
| -rw-r--r-- | crypto/test/src/cmp/test/ProtectedMessageTest.cs | 3 | ||||
| -rw-r--r-- | crypto/test/src/cms/test/CMSTestUtil.cs | 111 | ||||
| -rw-r--r-- | crypto/test/src/ocsp/test/OCSPTestUtil.cs | 9 | ||||
| -rw-r--r-- | crypto/test/src/pkcs/examples/PKCS12Example.cs | 23 | ||||
| -rw-r--r-- | crypto/test/src/pkcs/test/PKCS12StoreTest.cs | 7 | ||||
| -rw-r--r-- | crypto/test/src/security/test/TestDotNetUtil.cs | 6 | ||||
| -rw-r--r-- | crypto/test/src/test/AttrCertSelectorTest.cs | 4 | ||||
| -rw-r--r-- | crypto/test/src/test/AttrCertTest.cs | 15 | ||||
| -rw-r--r-- | crypto/test/src/test/CertTest.cs | 58 | ||||
| -rw-r--r-- | crypto/test/src/test/ECEncodingTest.cs | 5 | ||||
| -rw-r--r-- | crypto/test/src/test/GOST3410Test.cs | 13 | ||||
| -rw-r--r-- | crypto/test/src/test/PkixPolicyMappingTest.cs | 13 | ||||
| -rw-r--r-- | crypto/test/src/test/TestUtilities.cs | 45 | ||||
| -rw-r--r-- | crypto/test/src/tsp/test/TSPTestUtil.cs | 7 | ||||
| -rw-r--r-- | crypto/test/src/x509/test/TestCertificateGen.cs | 23 |
15 files changed, 137 insertions, 205 deletions
diff --git a/crypto/test/src/cmp/test/ProtectedMessageTest.cs b/crypto/test/src/cmp/test/ProtectedMessageTest.cs index 22e4b1c85..d28984af6 100644 --- a/crypto/test/src/cmp/test/ProtectedMessageTest.cs +++ b/crypto/test/src/cmp/test/ProtectedMessageTest.cs @@ -402,9 +402,8 @@ namespace Org.BouncyCastle.Cmp.Tests } certGen.SetPublicKey(PublicKey); - certGen.SetSignatureAlgorithm(SignatureAlgorithm); - return certGen.Generate(privateKey); + return certGen.Generate(new Asn1SignatureFactory(SignatureAlgorithm, privateKey, null)); } } } diff --git a/crypto/test/src/cms/test/CMSTestUtil.cs b/crypto/test/src/cms/test/CMSTestUtil.cs index ca94959d7..242d7e8cf 100644 --- a/crypto/test/src/cms/test/CMSTestUtil.cs +++ b/crypto/test/src/cms/test/CMSTestUtil.cs @@ -6,6 +6,7 @@ using System.Text; using Org.BouncyCastle.Asn1.CryptoPro; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; @@ -19,7 +20,8 @@ namespace Org.BouncyCastle.Cms.Tests { public class CmsTestUtil { - public static SecureRandom rand; + public static readonly SecureRandom Random = new SecureRandom(); + private static IAsymmetricCipherKeyPairGenerator kpg; private static IAsymmetricCipherKeyPairGenerator gostKpg; private static IAsymmetricCipherKeyPairGenerator dsaKpg; @@ -85,7 +87,7 @@ namespace Org.BouncyCastle.Cms.Tests { kpg = GeneratorUtilities.GetKeyPairGenerator("RSA"); kpg.Init(new RsaKeyGenerationParameters( - BigInteger.ValueOf(17), rand, 1024, 25)); + BigInteger.ValueOf(17), Random, 1024, 25)); } return kpg; @@ -101,7 +103,7 @@ namespace Org.BouncyCastle.Cms.Tests gostKpg = GeneratorUtilities.GetKeyPairGenerator("GOST3410"); gostKpg.Init( new Gost3410KeyGenerationParameters( - rand, + Random, CryptoProObjectIdentifiers.GostR3410x94CryptoProA)); } @@ -120,7 +122,7 @@ namespace Org.BouncyCastle.Cms.Tests new BigInteger("1138656671590261728308283492178581223478058193247"), new BigInteger("4182906737723181805517018315469082619513954319976782448649747742951189003482834321192692620856488639629011570381138542789803819092529658402611668375788410")); dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA"); - dsaKpg.Init(new DsaKeyGenerationParameters(rand, dsaSpec)); + dsaKpg.Init(new DsaKeyGenerationParameters(Random, dsaSpec)); } return dsaKpg; @@ -151,7 +153,7 @@ namespace Org.BouncyCastle.Cms.Tests if (ecDsaKpg == null) { ecDsaKpg = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); - ecDsaKpg.Init(new KeyGenerationParameters(rand, 239)); + ecDsaKpg.Init(new KeyGenerationParameters(Random, 239)); } return ecDsaKpg; @@ -162,25 +164,23 @@ namespace Org.BouncyCastle.Cms.Tests { try { - rand = new SecureRandom(); - aes192kg = GeneratorUtilities.GetKeyGenerator("AES"); - aes192kg.Init(new KeyGenerationParameters(rand, 192)); + aes192kg.Init(new KeyGenerationParameters(Random, 192)); desede128kg = GeneratorUtilities.GetKeyGenerator("DESEDE"); - desede128kg.Init(new KeyGenerationParameters(rand, 112)); + desede128kg.Init(new KeyGenerationParameters(Random, 112)); desede192kg = GeneratorUtilities.GetKeyGenerator("DESEDE"); - desede192kg.Init(new KeyGenerationParameters(rand, 168)); + desede192kg.Init(new KeyGenerationParameters(Random, 168)); rc240kg = GeneratorUtilities.GetKeyGenerator("RC2"); - rc240kg.Init(new KeyGenerationParameters(rand, 40)); + rc240kg.Init(new KeyGenerationParameters(Random, 40)); rc264kg = GeneratorUtilities.GetKeyGenerator("RC2"); - rc264kg.Init(new KeyGenerationParameters(rand, 64)); + rc264kg.Init(new KeyGenerationParameters(Random, 64)); rc2128kg = GeneratorUtilities.GetKeyGenerator("RC2"); - rc2128kg.Init(new KeyGenerationParameters(rand, 128)); + rc2128kg.Init(new KeyGenerationParameters(Random, 128)); aesKg = GeneratorUtilities.GetKeyGenerator("AES"); @@ -291,7 +291,7 @@ namespace Org.BouncyCastle.Cms.Tests public static KeyParameter MakeAesKey( int keySize) { - aesKg.Init(new KeyGenerationParameters(rand, keySize)); + aesKg.Init(new KeyGenerationParameters(Random, keySize)); return ParameterUtilities.CreateKeyParameter("AES", aesKg.GenerateKey()); } @@ -299,7 +299,7 @@ namespace Org.BouncyCastle.Cms.Tests public static KeyParameter MakeCamelliaKey( int keySize) { - camelliaKg.Init(new KeyGenerationParameters(rand, keySize)); + camelliaKg.Init(new KeyGenerationParameters(Random, keySize)); return ParameterUtilities.CreateKeyParameter("CAMELLIA", camelliaKg.GenerateKey()); } @@ -323,8 +323,10 @@ namespace Org.BouncyCastle.Cms.Tests AsymmetricKeyParameter issPriv = issKP.Private; AsymmetricKeyParameter issPub = issKP.Public; - X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator(); + string signatureAlgorithm = GetSignatureAlgorithm(issPub); + ISignatureFactory signatureFactory = new Asn1SignatureFactory(signatureAlgorithm, issPriv, Random); + X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator(); v1CertGen.Reset(); v1CertGen.SetSerialNumber(AllocateSerialNumber()); v1CertGen.SetIssuerDN(new X509Name(_issDN)); @@ -332,33 +334,7 @@ namespace Org.BouncyCastle.Cms.Tests v1CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100)); v1CertGen.SetSubjectDN(new X509Name(_subDN)); v1CertGen.SetPublicKey(subPub); - - if (issPub is RsaKeyParameters) - { - v1CertGen.SetSignatureAlgorithm("SHA1WithRSA"); - } - else if (issPub is DsaPublicKeyParameters) - { - v1CertGen.SetSignatureAlgorithm("SHA1withDSA"); - } - else if (issPub is ECPublicKeyParameters) - { - ECPublicKeyParameters ecPub = (ECPublicKeyParameters)issPub; - if (ecPub.AlgorithmName == "ECGOST3410") - { - v1CertGen.SetSignatureAlgorithm("GOST3411withECGOST3410"); - } - else - { - v1CertGen.SetSignatureAlgorithm("SHA1withECDSA"); - } - } - else - { - v1CertGen.SetSignatureAlgorithm("GOST3411WithGOST3410"); - } - - X509Certificate _cert = v1CertGen.Generate(issPriv); + X509Certificate _cert = v1CertGen.Generate(signatureFactory); _cert.CheckValidity(DateTime.UtcNow); _cert.Verify(issPub); @@ -374,8 +350,10 @@ namespace Org.BouncyCastle.Cms.Tests AsymmetricKeyParameter issPriv = issKP.Private; AsymmetricKeyParameter issPub = issKP.Public; - X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); + string signatureAlgorithm = GetSignatureAlgorithm(issPub); + ISignatureFactory signatureFactory = new Asn1SignatureFactory(signatureAlgorithm, issPriv, Random); + X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); v3CertGen.Reset(); v3CertGen.SetSerialNumber(AllocateSerialNumber()); v3CertGen.SetIssuerDN(new X509Name(_issDN)); @@ -384,27 +362,6 @@ namespace Org.BouncyCastle.Cms.Tests v3CertGen.SetSubjectDN(new X509Name(_subDN)); v3CertGen.SetPublicKey(subPub); - if (issPub is RsaKeyParameters) - { - v3CertGen.SetSignatureAlgorithm("SHA1WithRSA"); - } - else if (issPub is ECPublicKeyParameters) - { - ECPublicKeyParameters ecPub = (ECPublicKeyParameters) issPub; - if (ecPub.AlgorithmName == "ECGOST3410") - { - v3CertGen.SetSignatureAlgorithm("GOST3411withECGOST3410"); - } - else - { - v3CertGen.SetSignatureAlgorithm("SHA1withECDSA"); - } - } - else - { - v3CertGen.SetSignatureAlgorithm("GOST3411WithGOST3410"); - } - v3CertGen.AddExtension( X509Extensions.SubjectKeyIdentifier, false, @@ -420,7 +377,7 @@ namespace Org.BouncyCastle.Cms.Tests false, new BasicConstraints(_ca)); - X509Certificate _cert = v3CertGen.Generate(issPriv); + X509Certificate _cert = v3CertGen.Generate(signatureFactory); _cert.CheckValidity(); _cert.Verify(issPub); @@ -438,20 +395,36 @@ namespace Org.BouncyCastle.Cms.Tests crlGen.SetThisUpdate(now); crlGen.SetNextUpdate(now.AddSeconds(100)); - crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); crlGen.AddCrlEntry(BigInteger.One, now, CrlReason.PrivilegeWithdrawn); crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public)); - return crlGen.Generate(pair.Private); + return crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null)); } - /* + /* * * INTERNAL METHODS * */ + + internal static string GetSignatureAlgorithm(AsymmetricKeyParameter publicKey) + { + if (publicKey is RsaKeyParameters) + return "SHA1WithRSA"; + + if (publicKey is DsaPublicKeyParameters) + return "SHA1withDSA"; + + if (publicKey is ECPublicKeyParameters ecPub) + { + return ecPub.AlgorithmName == "ECGOST3410" ? "GOST3411withECGOST3410" : "SHA1withECDSA"; + } + + return "GOST3411WithGOST3410"; + } + internal static IX509Store MakeAttrCertStore(params IX509AttributeCertificate[] attrCerts) { IList attrCertList = new ArrayList(); diff --git a/crypto/test/src/ocsp/test/OCSPTestUtil.cs b/crypto/test/src/ocsp/test/OCSPTestUtil.cs index 53b8f5bb9..c36c3163f 100644 --- a/crypto/test/src/ocsp/test/OCSPTestUtil.cs +++ b/crypto/test/src/ocsp/test/OCSPTestUtil.cs @@ -1,10 +1,8 @@ using System; -using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Asn1.X9; using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; @@ -98,7 +96,6 @@ namespace Org.BouncyCastle.Ocsp.Tests _v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100)); _v3CertGen.SetSubjectDN(new X509Name(_subDN)); _v3CertGen.SetPublicKey(_subPub); - _v3CertGen.SetSignatureAlgorithm(algorithm); _v3CertGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, createSubjectKeyId(_subPub)); @@ -109,9 +106,9 @@ namespace Org.BouncyCastle.Ocsp.Tests _v3CertGen.AddExtension(X509Extensions.BasicConstraints, false, new BasicConstraints(_ca)); - X509Certificate _cert = _v3CertGen.Generate(_issPriv); + X509Certificate _cert = _v3CertGen.Generate(new Asn1SignatureFactory(algorithm, _issPriv, null)); - _cert.CheckValidity(DateTime.UtcNow); + _cert.CheckValidity(DateTime.UtcNow); _cert.Verify(_issPub); return _cert; diff --git a/crypto/test/src/pkcs/examples/PKCS12Example.cs b/crypto/test/src/pkcs/examples/PKCS12Example.cs index 002e14c38..06247bc3f 100644 --- a/crypto/test/src/pkcs/examples/PKCS12Example.cs +++ b/crypto/test/src/pkcs/examples/PKCS12Example.cs @@ -6,10 +6,10 @@ using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; -using Org.BouncyCastle.Utilities.Date; using Org.BouncyCastle.X509; using Org.BouncyCastle.X509.Extension; @@ -26,9 +26,6 @@ namespace Org.BouncyCastle.Pkcs.Examples { private static readonly char[] passwd = "hello world".ToCharArray(); - private static readonly X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator(); - private static readonly X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); - /** * we generate the CA's certificate */ @@ -49,16 +46,16 @@ namespace Org.BouncyCastle.Pkcs.Examples // // create the certificate - version 1 // + ISignatureFactory signatureFactory = new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null); + X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator(); v1CertGen.SetSerialNumber(BigInteger.One); v1CertGen.SetIssuerDN(new X509Name(issuer)); v1CertGen.SetNotBefore(DateTime.UtcNow.AddMonths(-1)); v1CertGen.SetNotAfter(DateTime.UtcNow.AddMonths(1)); v1CertGen.SetSubjectDN(new X509Name(subject)); v1CertGen.SetPublicKey(pubKey); - v1CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); - - X509Certificate cert = v1CertGen.Generate(privKey); + X509Certificate cert = v1CertGen.Generate(signatureFactory); cert.CheckValidity(DateTime.UtcNow); @@ -107,15 +104,13 @@ namespace Org.BouncyCastle.Pkcs.Examples // // create the certificate - version 3 // - v3CertGen.Reset(); - + X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); v3CertGen.SetSerialNumber(BigInteger.Two); v3CertGen.SetIssuerDN(PrincipalUtilities.GetSubjectX509Principal(caCert)); v3CertGen.SetNotBefore(DateTime.UtcNow.AddMonths(-1)); v3CertGen.SetNotAfter(DateTime.UtcNow.AddMonths(1)); v3CertGen.SetSubjectDN(new X509Name(order, attrs)); v3CertGen.SetPublicKey(pubKey); - v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); // // extensions @@ -135,7 +130,7 @@ namespace Org.BouncyCastle.Pkcs.Examples true, new BasicConstraints(0)); - X509Certificate cert = v3CertGen.Generate(caPrivKey); + X509Certificate cert = v3CertGen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", caPrivKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -202,15 +197,13 @@ namespace Org.BouncyCastle.Pkcs.Examples // // create the certificate - version 3 // - v3CertGen.Reset(); - + X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); v3CertGen.SetSerialNumber(BigInteger.Three); v3CertGen.SetIssuerDN(new X509Name(sOrder, sAttrs)); v3CertGen.SetNotBefore(DateTime.UtcNow.AddMonths(-1)); v3CertGen.SetNotAfter(DateTime.UtcNow.AddMonths(1)); v3CertGen.SetSubjectDN(new X509Name(order, attrs)); v3CertGen.SetPublicKey(pubKey); - v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); // // add the extensions @@ -225,7 +218,7 @@ namespace Org.BouncyCastle.Pkcs.Examples false, new AuthorityKeyIdentifierStructure(caPubKey)); - X509Certificate cert = v3CertGen.Generate(caPrivKey); + X509Certificate cert = v3CertGen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", caPrivKey, null)); cert.CheckValidity(DateTime.UtcNow); diff --git a/crypto/test/src/pkcs/test/PKCS12StoreTest.cs b/crypto/test/src/pkcs/test/PKCS12StoreTest.cs index 1b49a5d02..884fd7449 100644 --- a/crypto/test/src/pkcs/test/PKCS12StoreTest.cs +++ b/crypto/test/src/pkcs/test/PKCS12StoreTest.cs @@ -8,9 +8,9 @@ using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; -using Org.BouncyCastle.Pkcs; using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities.Encoders; using Org.BouncyCastle.Utilities.Test; @@ -897,9 +897,10 @@ namespace Org.BouncyCastle.Pkcs.Tests certGen.SetNotAfter(DateTime.UtcNow.AddDays(30)); certGen.SetSubjectDN(new X509Name(order, subjectAttrs)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); - return new X509CertificateEntry(certGen.Generate(privKey)); + ISignatureFactory signatureFactory = new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null); + X509Certificate cert = certGen.Generate(signatureFactory); + return new X509CertificateEntry(cert); } private void DoTestCertsOnly() diff --git a/crypto/test/src/security/test/TestDotNetUtil.cs b/crypto/test/src/security/test/TestDotNetUtil.cs index 062eada0e..899af016c 100644 --- a/crypto/test/src/security/test/TestDotNetUtil.cs +++ b/crypto/test/src/security/test/TestDotNetUtil.cs @@ -9,6 +9,7 @@ using NUnit.Framework; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Utilities.Encoders; @@ -66,11 +67,10 @@ namespace Org.BouncyCastle.Security.Tests certGen.SetNotAfter(DateTime.UtcNow.AddDays(1)); certGen.SetSubjectDN(new X509Name(ord, attrs)); certGen.SetPublicKey(dsaPub); - certGen.SetSignatureAlgorithm("SHA1WITHDSA"); - X509Certificate cert = certGen.Generate(dsaPriv); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA1WITHDSA", dsaPriv, null)); - cert.CheckValidity(); + cert.CheckValidity(); cert.Verify(dsaPub); SystemX509.X509Certificate dotNetCert = DotNetUtilities.ToX509Certificate(cert); diff --git a/crypto/test/src/test/AttrCertSelectorTest.cs b/crypto/test/src/test/AttrCertSelectorTest.cs index 37c1e66d2..dfd4295e2 100644 --- a/crypto/test/src/test/AttrCertSelectorTest.cs +++ b/crypto/test/src/test/AttrCertSelectorTest.cs @@ -5,6 +5,7 @@ using NUnit.Framework; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Utilities.Date; @@ -110,7 +111,6 @@ namespace Org.BouncyCastle.Tests gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); gen.SetSerialNumber(BigInteger.One); - gen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); Target targetName = new Target( Target.Choice.Name, @@ -125,7 +125,7 @@ namespace Org.BouncyCastle.Tests TargetInformation targetInformation = new TargetInformation(targets); gen.AddExtension(X509Extensions.TargetInformation.Id, true, targetInformation); - return gen.Generate(privKey); + return gen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null)); } [Test] diff --git a/crypto/test/src/test/AttrCertTest.cs b/crypto/test/src/test/AttrCertTest.cs index d701d007e..f57f67fad 100644 --- a/crypto/test/src/test/AttrCertTest.cs +++ b/crypto/test/src/test/AttrCertTest.cs @@ -6,9 +6,9 @@ using NUnit.Framework; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; -using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities.Collections; using Org.BouncyCastle.Utilities.Encoders; using Org.BouncyCastle.Utilities.Test; @@ -270,9 +270,9 @@ namespace Org.BouncyCastle.Tests gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); gen.SetSerialNumber(BigInteger.One); - gen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); - IX509AttributeCertificate aCert = gen.Generate(privKey); + IX509AttributeCertificate aCert = gen.Generate( + new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null)); aCert.CheckValidity(); @@ -378,9 +378,9 @@ namespace Org.BouncyCastle.Tests gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); gen.SetSerialNumber(BigInteger.One); - gen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); - IX509AttributeCertificate aCert = gen.Generate(privKey); + IX509AttributeCertificate aCert = gen.Generate( + new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null)); aCert.CheckValidity(); @@ -499,9 +499,8 @@ namespace Org.BouncyCastle.Tests gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); gen.SetSerialNumber(aCert.SerialNumber); - gen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); - aCert = gen.Generate(privKey); + aCert = gen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null)); aCert.CheckValidity(); @@ -575,7 +574,7 @@ namespace Org.BouncyCastle.Tests gen.AddExtension("2.2", false, new DerOctetString(new byte[20])); - aCert = gen.Generate(privKey); + aCert = gen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null)); ISet exts = aCert.GetCriticalExtensionOids(); diff --git a/crypto/test/src/test/CertTest.cs b/crypto/test/src/test/CertTest.cs index d83b67f8c..e0f97a61f 100644 --- a/crypto/test/src/test/CertTest.cs +++ b/crypto/test/src/test/CertTest.cs @@ -12,6 +12,7 @@ using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Asn1.X9; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Math.EC; @@ -1164,9 +1165,8 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(ord, values)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); - X509Certificate cert = certGen.Generate(privKey); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1194,7 +1194,6 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(ord, values)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); certGen.AddExtension("2.5.29.15", true, new X509KeyUsage(X509KeyUsage.EncipherOnly)); certGen.AddExtension("2.5.29.37", true, @@ -1202,7 +1201,7 @@ namespace Org.BouncyCastle.Tests certGen.AddExtension("2.5.29.17", true, new GeneralNames(new GeneralName(GeneralName.Rfc822Name, "test@test.test"))); - cert = certGen.Generate(privKey); + cert = certGen.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1242,9 +1241,7 @@ namespace Org.BouncyCastle.Tests certGen1.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen1.SetSubjectDN(new X509Name(ord, values)); certGen1.SetPublicKey(pubKey); - certGen1.SetSignatureAlgorithm("MD5WithRSAEncryption"); - - cert = certGen1.Generate(privKey); + cert = certGen1.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1322,11 +1319,10 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(ord, values)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("SHA1withDSA"); try { - X509Certificate cert = certGen.Generate(privKey); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA1withDSA", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1352,11 +1348,10 @@ namespace Org.BouncyCastle.Tests certGen1.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen1.SetSubjectDN(new X509Name(ord, values)); certGen1.SetPublicKey(pubKey); - certGen1.SetSignatureAlgorithm("SHA1withDSA"); try { - X509Certificate cert = certGen1.Generate(privKey); + X509Certificate cert = certGen1.Generate(new Asn1SignatureFactory("SHA1withDSA", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1465,11 +1460,10 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(order, attrs)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("SHA1withECDSA"); try { - X509Certificate cert = certGen.Generate(privKey); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA1withECDSA", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1490,7 +1484,7 @@ namespace Org.BouncyCastle.Tests certGen.SetPublicKey(pubKey); - cert = certGen.Generate(privKey); + cert = certGen.Generate(new Asn1SignatureFactory("SHA1withECDSA", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1583,10 +1577,8 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(order, attrs)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm(algorithm); - - X509Certificate cert = certGen.Generate(privKey); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory(algorithm, privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1607,7 +1599,7 @@ namespace Org.BouncyCastle.Tests certGen.SetPublicKey(pubKey); - cert = certGen.Generate(privKey); + cert = certGen.Generate(new Asn1SignatureFactory(algorithm, privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1673,14 +1665,13 @@ namespace Org.BouncyCastle.Tests crlGen.SetThisUpdate(now); crlGen.SetNextUpdate(now.AddSeconds(100)); - crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); crlGen.AddCrlEntry(BigInteger.One, now, CrlReason.PrivilegeWithdrawn); crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public)); - X509Crl crl = crlGen.Generate(pair.Private); + X509Crl crl = crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null)); if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true)) { @@ -1745,7 +1736,6 @@ namespace Org.BouncyCastle.Tests crlGen.SetThisUpdate(now); crlGen.SetNextUpdate(now.AddSeconds(100)); - crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); IList extOids = new ArrayList(); IList extValues = new ArrayList(); @@ -1768,7 +1758,7 @@ namespace Org.BouncyCastle.Tests crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public)); - X509Crl crl = crlGen.Generate(pair.Private); + X509Crl crl = crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null)); if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true)) { @@ -1833,7 +1823,6 @@ namespace Org.BouncyCastle.Tests crlGen.SetThisUpdate(now); crlGen.SetNextUpdate(now.AddSeconds(100)); - crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); IList extOids = new ArrayList(); IList extValues = new ArrayList(); @@ -1856,7 +1845,7 @@ namespace Org.BouncyCastle.Tests crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public)); - X509Crl crl = crlGen.Generate(pair.Private); + X509Crl crl = crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null)); if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true)) { @@ -1915,7 +1904,6 @@ namespace Org.BouncyCastle.Tests crlGen.SetThisUpdate(now); crlGen.SetNextUpdate(now.AddSeconds(100)); - crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); crlGen.AddCrl(crl); @@ -1923,7 +1911,7 @@ namespace Org.BouncyCastle.Tests crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public)); - X509Crl newCrl = crlGen.Generate(pair.Private); + X509Crl newCrl = crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null)); int count = 0; bool oneFound = false; @@ -2043,9 +2031,8 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(order, attrs)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("GOST3411withGOST3410"); - X509Certificate cert = certGen.Generate(privKey); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("GOST3411withGOST3410", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -2127,7 +2114,6 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(ord, values)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); certGen.AddExtension("2.5.29.15", true, new X509KeyUsage(X509KeyUsage.EncipherOnly)); certGen.AddExtension("2.5.29.37", true, @@ -2135,7 +2121,8 @@ namespace Org.BouncyCastle.Tests certGen.AddExtension("2.5.29.17", true, new GeneralNames(new GeneralName(GeneralName.Rfc822Name, "test@test.test"))); - X509Certificate baseCert = certGen.Generate(privKey); + X509Certificate baseCert = certGen.Generate( + new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null)); // // copy certificate @@ -2148,12 +2135,11 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(ord, values)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); certGen.CopyAndAddExtension(new DerObjectIdentifier("2.5.29.15"), true, baseCert); certGen.CopyAndAddExtension("2.5.29.37", false, baseCert); - X509Certificate cert = certGen.Generate(privKey); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -2189,7 +2175,7 @@ namespace Org.BouncyCastle.Tests { certGen.SetPublicKey(dudPublicKey); - certGen.Generate(privKey); + certGen.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null)); Fail("key without encoding not detected in v3"); } @@ -2390,7 +2376,6 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(ord, values)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm(algorithm); certGen.AddExtension("2.5.29.15", true, new X509KeyUsage(X509KeyUsage.EncipherOnly)); certGen.AddExtension("2.5.29.37", true, @@ -2398,7 +2383,7 @@ namespace Org.BouncyCastle.Tests certGen.AddExtension("2.5.29.17", true, new GeneralNames(new GeneralName(GeneralName.Rfc822Name, "test@test.test"))); - X509Certificate baseCert = certGen.Generate(privKey); + X509Certificate baseCert = certGen.Generate(new Asn1SignatureFactory(algorithm, privKey, null)); baseCert.Verify(pubKey); } @@ -2457,8 +2442,7 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name("CN=Test")); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); - X509Certificate cert = certGen.Generate(privKey); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null)); X509CertificateStructure certStruct = X509CertificateStructure.GetInstance( Asn1Object.FromByteArray(cert.GetEncoded())); diff --git a/crypto/test/src/test/ECEncodingTest.cs b/crypto/test/src/test/ECEncodingTest.cs index 8d993c15e..ff9fb7aa2 100644 --- a/crypto/test/src/test/ECEncodingTest.cs +++ b/crypto/test/src/test/ECEncodingTest.cs @@ -1,5 +1,4 @@ using System; -using System.IO; using NUnit.Framework; @@ -7,6 +6,7 @@ using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Asn1.X9; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Math.EC; @@ -204,7 +204,6 @@ namespace Org.BouncyCastle.Tests pubECKey = SetPublicUncompressed(pubECKey); } - certGen.SetSignatureAlgorithm("ECDSAwithSHA1"); certGen.SetSerialNumber(BigInteger.One); certGen.SetIssuerDN(new X509Name("CN=Software emul (EC Cert)")); certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); @@ -212,7 +211,7 @@ namespace Org.BouncyCastle.Tests certGen.SetSubjectDN(new X509Name("CN=Software emul (EC Cert)")); certGen.SetPublicKey(pubECKey); - return certGen.Generate(privECKey); + return certGen.Generate(new Asn1SignatureFactory("ECDSAwithSHA1", privECKey, null)); } private ECPublicKeyParameters SetPublicUncompressed( diff --git a/crypto/test/src/test/GOST3410Test.cs b/crypto/test/src/test/GOST3410Test.cs index 03dcf3144..fc439c4ee 100644 --- a/crypto/test/src/test/GOST3410Test.cs +++ b/crypto/test/src/test/GOST3410Test.cs @@ -6,6 +6,7 @@ using NUnit.Framework; using Org.BouncyCastle.Asn1.CryptoPro; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Math.EC; @@ -260,16 +261,14 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name("CN=Test")); certGen.SetPublicKey(vKey); - certGen.SetSignatureAlgorithm("GOST3411withGOST3410"); - - X509Certificate cert = certGen.Generate(sKey); + + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("GOST3411withGOST3410", sKey, null)); X509CertificateEntry certEntry = new X509CertificateEntry(cert); -// ks.SetKeyEntry("gost", sKey, "gost".ToCharArray(), new X509Certificate[] { cert }); - ks.SetKeyEntry("gost", new AsymmetricKeyEntry(sKey), new X509CertificateEntry[] { certEntry }); - + ks.SetKeyEntry("gost", new AsymmetricKeyEntry(sKey), new X509CertificateEntry[]{ certEntry }); + MemoryStream bOut = new MemoryStream(); - + ks.Save(bOut, "gost".ToCharArray(), new SecureRandom()); // ks = KeyStore.getInstance("JKS"); diff --git a/crypto/test/src/test/PkixPolicyMappingTest.cs b/crypto/test/src/test/PkixPolicyMappingTest.cs index 47e2c3120..24fe4e006 100644 --- a/crypto/test/src/test/PkixPolicyMappingTest.cs +++ b/crypto/test/src/test/PkixPolicyMappingTest.cs @@ -6,6 +6,7 @@ using NUnit.Framework; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Pkix; @@ -41,9 +42,7 @@ namespace Org.BouncyCastle.Tests v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(30)); v3CertGen.SetSubjectDN(new X509Name(subject)); v3CertGen.SetPublicKey(pubKey); - v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); - X509Certificate cert = v3CertGen.Generate(privKey); - return cert; + return v3CertGen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null)); } /** @@ -65,12 +64,10 @@ namespace Org.BouncyCastle.Tests v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(30)); v3CertGen.SetSubjectDN(new X509Name(subject)); v3CertGen.SetPublicKey(pubKey); - v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); v3CertGen.AddExtension(X509Extensions.CertificatePolicies, true, new DerSequence(policies)); v3CertGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(true)); v3CertGen.AddExtension(X509Extensions.PolicyMappings, true, new PolicyMappings(policyMap)); - X509Certificate cert = v3CertGen.Generate(caPrivKey); - return cert; + return v3CertGen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", caPrivKey, null)); } /** @@ -91,10 +88,8 @@ namespace Org.BouncyCastle.Tests v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(30)); v3CertGen.SetSubjectDN(new X509Name(subject)); v3CertGen.SetPublicKey(pubKey); - v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); v3CertGen.AddExtension(X509Extensions.CertificatePolicies, true, new DerSequence(policies)); - X509Certificate cert = v3CertGen.Generate(caPrivKey); - return cert; + return v3CertGen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", caPrivKey, null)); } private string TestPolicies( diff --git a/crypto/test/src/test/TestUtilities.cs b/crypto/test/src/test/TestUtilities.cs index a79421207..63ca87873 100644 --- a/crypto/test/src/test/TestUtilities.cs +++ b/crypto/test/src/test/TestUtilities.cs @@ -1,9 +1,9 @@ using System; -using System.Diagnostics; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; using Org.BouncyCastle.Security.Certificates; @@ -30,23 +30,22 @@ namespace Org.BouncyCastle.Tests return kpGen.GenerateKeyPair(); } - public static X509Certificate GenerateRootCert( - AsymmetricCipherKeyPair pair) - { - X509V1CertificateGenerator certGen = new X509V1CertificateGenerator(); - - certGen.SetSerialNumber(BigInteger.One); - certGen.SetIssuerDN(new X509Name("CN=Test CA Certificate")); - certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); - certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); - certGen.SetSubjectDN(new X509Name("CN=Test CA Certificate")); - certGen.SetPublicKey(pair.Public); - certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); - - return certGen.Generate(pair.Private); - } - - public static X509Certificate GenerateIntermediateCert( + public static X509Certificate GenerateRootCert( + AsymmetricCipherKeyPair pair) + { + Asn1SignatureFactory signatureFactory = new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null); + + X509V1CertificateGenerator certGen = new X509V1CertificateGenerator(); + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(new X509Name("CN=Test CA Certificate")); + certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen.SetSubjectDN(new X509Name("CN=Test CA Certificate")); + certGen.SetPublicKey(pair.Public); + return certGen.Generate(signatureFactory); + } + + public static X509Certificate GenerateIntermediateCert( AsymmetricKeyParameter intKey, AsymmetricKeyParameter caKey, X509Certificate caCert) @@ -59,14 +58,13 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name("CN=Test Intermediate Certificate")); certGen.SetPublicKey(intKey); - certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); certGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert)); certGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(intKey)); certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(0)); certGen.AddExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.DigitalSignature | KeyUsage.KeyCertSign | KeyUsage.CrlSign)); - return certGen.Generate(caKey); + return certGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", caKey, null)); } public static X509Certificate GenerateEndEntityCert( @@ -82,14 +80,13 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name("CN=Test End Certificate")); certGen.SetPublicKey(entityKey); - certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); certGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert)); certGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(entityKey)); certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false)); certGen.AddExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.DigitalSignature | KeyUsage.KeyEncipherment)); - return certGen.Generate(caKey); + return certGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", caKey, null)); } public static X509Crl CreateCrl( @@ -99,20 +96,18 @@ namespace Org.BouncyCastle.Tests { X509V2CrlGenerator crlGen = new X509V2CrlGenerator(); DateTime now = DateTime.UtcNow; -// BigInteger revokedSerialNumber = BigInteger.Two; crlGen.SetIssuerDN(PrincipalUtilities.GetSubjectX509Principal(caCert)); crlGen.SetThisUpdate(now); crlGen.SetNextUpdate(now.AddSeconds(100)); - crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); crlGen.AddCrlEntry(serialNumber, now, CrlReason.PrivilegeWithdrawn); crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert)); crlGen.AddExtension(X509Extensions.CrlNumber, false, new CrlNumber(BigInteger.One)); - return crlGen.Generate(caKey); + return crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", caKey, null)); } public static X509Certificate CreateExceptionCertificate( diff --git a/crypto/test/src/tsp/test/TSPTestUtil.cs b/crypto/test/src/tsp/test/TSPTestUtil.cs index c8c6a63c0..20eb7e228 100644 --- a/crypto/test/src/tsp/test/TSPTestUtil.cs +++ b/crypto/test/src/tsp/test/TSPTestUtil.cs @@ -12,6 +12,7 @@ using Org.BouncyCastle.Asn1.TeleTrust; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Asn1.X9; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; @@ -350,7 +351,6 @@ namespace Org.BouncyCastle.Tsp.Tests _v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100)); _v3CertGen.SetSubjectDN(new X509Name(_subDN)); _v3CertGen.SetPublicKey(_subPub); - _v3CertGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); _v3CertGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, createSubjectKeyId(_subPub)); @@ -369,9 +369,10 @@ namespace Org.BouncyCastle.Tsp.Tests ExtendedKeyUsage.GetInstance(new DerSequence(KeyPurposeID.IdKPTimeStamping))); } - X509Certificate _cert = _v3CertGen.Generate(_issPriv); + X509Certificate _cert = _v3CertGen.Generate( + new Asn1SignatureFactory("MD5WithRSAEncryption", _issPriv, null)); - _cert.CheckValidity(DateTime.UtcNow); + _cert.CheckValidity(DateTime.UtcNow); _cert.Verify(_issPub); return _cert; diff --git a/crypto/test/src/x509/test/TestCertificateGen.cs b/crypto/test/src/x509/test/TestCertificateGen.cs index 491f6d312..33ddc26c0 100644 --- a/crypto/test/src/x509/test/TestCertificateGen.cs +++ b/crypto/test/src/x509/test/TestCertificateGen.cs @@ -1,12 +1,12 @@ using System; using System.Collections; -using System.Text; using NUnit.Framework; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Asn1.X9; using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Crypto.Signers; using Org.BouncyCastle.Math; @@ -104,12 +104,11 @@ namespace Org.BouncyCastle.X509.Tests certGen.SetNotAfter(DateTime.UtcNow.AddDays(1)); certGen.SetSubjectDN(new X509Name(ord, attrs)); certGen.SetPublicKey(rsaPublic); - certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); - X509Certificate cert = certGen.Generate(rsaPrivate); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", rsaPrivate, null)); -// Assert.IsTrue((cert.IsValidNow && cert.Verify(rsaPublic)),"Certificate failed to be valid (RSA)"); - cert.CheckValidity(); + //Assert.IsTrue((cert.IsValidNow && cert.Verify(rsaPublic)),"Certificate failed to be valid (RSA)"); + cert.CheckValidity(); cert.Verify(rsaPublic); //Console.WriteLine(ASN1Dump.DumpAsString(cert.ToAsn1Object())); @@ -181,12 +180,11 @@ namespace Org.BouncyCastle.X509.Tests certGen.SetNotAfter(DateTime.UtcNow.AddDays(1)); certGen.SetSubjectDN(new X509Name(ord, attrs)); certGen.SetPublicKey(dsaPub); - certGen.SetSignatureAlgorithm("SHA1WITHDSA"); - X509Certificate cert = certGen.Generate(dsaPriv); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA1WITHDSA", dsaPriv, null)); -// Assert.IsTrue((cert.IsValidNow && cert.Verify(dsaPub)), "Certificate failed to be valid (DSA Test)"); - cert.CheckValidity(); + //Assert.IsTrue((cert.IsValidNow && cert.Verify(dsaPub)), "Certificate failed to be valid (DSA Test)"); + cert.CheckValidity(); cert.Verify(dsaPub); //ISet dummySet = cert.GetNonCriticalExtensionOids(); @@ -262,14 +260,13 @@ namespace Org.BouncyCastle.X509.Tests certGen.SetNotAfter(DateTime.UtcNow.AddDays(1)); certGen.SetSubjectDN(new X509Name(ord, attrs)); certGen.SetPublicKey(ecPub); - certGen.SetSignatureAlgorithm("SHA1WITHECDSA"); certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false)); - X509Certificate cert = certGen.Generate(ecPriv); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA1WITHECDSA", ecPriv, null)); -// Assert.IsTrue((cert.IsValidNow && cert.Verify(ecPub)), "Certificate failed to be valid (ECDSA)"); - cert.CheckValidity(); + //Assert.IsTrue((cert.IsValidNow && cert.Verify(ecPub)), "Certificate failed to be valid (ECDSA)"); + cert.CheckValidity(); cert.Verify(ecPub); ISet extOidSet = cert.GetCriticalExtensionOids(); |