Initial import of old CVS repository

author: Peter Dettman <peter.dettman@bouncycastle.org> 2013-06-28 15:26:06 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2013-06-28 15:26:06 +0700
commit: 44288db4414158ac9b98a507b15e81d0d3c66ca6 (patch)
tree: aa5ef88948ebb68ed6c8df81eb5da889641a9b50 /crypto/test/src
parent: Set up text/binary handling for existing file types (diff)
download: BouncyCastle.NET-ed25519-44288db4414158ac9b98a507b15e81d0d3c66ca6.tar.xz
310 files changed, 79235 insertions, 0 deletions
diff --git a/crypto/test/src/asn1/test/ASN1SequenceParserTest.cs b/crypto/test/src/asn1/test/ASN1SequenceParserTest.cs
new file mode 100644
index 000000000..030da04cb
--- /dev/null
+++ b/crypto/test/src/asn1/test/ASN1SequenceParserTest.cs
@@ -0,0 +1,359 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class Asn1SequenceParserTest
+    {
+        private static readonly byte[] seqData = Hex.Decode("3006020100060129");
+        private static readonly byte[] nestedSeqData = Hex.Decode("300b0201000601293003020101");
+        private static readonly byte[] expTagSeqData = Hex.Decode("a1083006020100060129");
+        private static readonly byte[] implTagSeqData = Hex.Decode("a106020100060129");
+        private static readonly byte[] nestedSeqExpTagData = Hex.Decode("300d020100060129a1053003020101");
+        private static readonly byte[] nestedSeqImpTagData = Hex.Decode("300b020100060129a103020101");
+
+		private static readonly byte[] berSeqData = Hex.Decode("30800201000601290000");
+        private static readonly byte[] berDerNestedSeqData = Hex.Decode("308002010006012930030201010000");
+        private static readonly byte[] berNestedSeqData = Hex.Decode("3080020100060129308002010100000000");
+        private static readonly byte[] berExpTagSeqData = Hex.Decode("a180308002010006012900000000");
+		private static readonly byte[] berSeqWithDERNullData = Hex.Decode("308005000201000601290000");
+
+		[Test]
+		public void TestDerWriting()
+        {
+            MemoryStream bOut = new MemoryStream();
+            DerSequenceGenerator seqGen = new DerSequenceGenerator(bOut);
+
+			seqGen.AddObject(new DerInteger(BigInteger.Zero));
+
+			seqGen.AddObject(new DerObjectIdentifier("1.1"));
+
+			seqGen.Close();
+
+			Assert.IsTrue(Arrays.AreEqual(seqData, bOut.ToArray()), "basic DER writing test failed.");
+        }
+
+		[Test]
+		public void TestNestedDerWriting()
+        {
+            MemoryStream bOut = new MemoryStream();
+            DerSequenceGenerator seqGen1 = new DerSequenceGenerator(bOut);
+
+			seqGen1.AddObject(new DerInteger(BigInteger.Zero));
+
+			seqGen1.AddObject(new DerObjectIdentifier("1.1"));
+
+			DerSequenceGenerator seqGen2 = new DerSequenceGenerator(seqGen1.GetRawOutputStream());
+
+			seqGen2.AddObject(new DerInteger(BigInteger.One));
+
+			seqGen2.Close();
+
+			seqGen1.Close();
+
+			Assert.IsTrue(Arrays.AreEqual(nestedSeqData, bOut.ToArray()), "nested DER writing test failed.");
+        }
+
+		[Test]
+		public void TestDerExplicitTaggedSequenceWriting()
+        {
+            MemoryStream bOut = new MemoryStream();
+            DerSequenceGenerator seqGen = new DerSequenceGenerator(bOut, 1, true);
+
+            seqGen.AddObject(new DerInteger(BigInteger.Zero));
+
+            seqGen.AddObject(new DerObjectIdentifier("1.1"));
+
+            seqGen.Close();
+
+            Assert.IsTrue(Arrays.AreEqual(expTagSeqData, bOut.ToArray()), "explicit tag writing test failed.");
+        }
+
+		[Test]
+		public void TestDerImplicitTaggedSequenceWriting()
+        {
+            MemoryStream bOut = new MemoryStream();
+            DerSequenceGenerator seqGen = new DerSequenceGenerator(bOut, 1, false);
+
+			seqGen.AddObject(new DerInteger(BigInteger.Zero));
+
+			seqGen.AddObject(new DerObjectIdentifier("1.1"));
+
+			seqGen.Close();
+
+			Assert.IsTrue(Arrays.AreEqual(implTagSeqData, bOut.ToArray()), "implicit tag writing test failed.");
+        }
+
+		[Test]
+		public void TestNestedExplicitTagDerWriting()
+        {
+            MemoryStream bOut = new MemoryStream();
+            DerSequenceGenerator  seqGen1 = new DerSequenceGenerator(bOut);
+
+            seqGen1.AddObject(new DerInteger(BigInteger.Zero));
+
+            seqGen1.AddObject(new DerObjectIdentifier("1.1"));
+
+            DerSequenceGenerator seqGen2 = new DerSequenceGenerator(seqGen1.GetRawOutputStream(), 1, true);
+
+            seqGen2.AddObject(new DerInteger(BigInteger.ValueOf(1)));
+
+            seqGen2.Close();
+
+            seqGen1.Close();
+
+            Assert.IsTrue(Arrays.AreEqual(nestedSeqExpTagData, bOut.ToArray()), "nested explicit tagged DER writing test failed.");
+        }
+
+		[Test]
+		public void TestNestedImplicitTagDerWriting()
+        {
+            MemoryStream bOut = new MemoryStream();
+            DerSequenceGenerator seqGen1 = new DerSequenceGenerator(bOut);
+
+			seqGen1.AddObject(new DerInteger(BigInteger.Zero));
+
+			seqGen1.AddObject(new DerObjectIdentifier("1.1"));
+
+			DerSequenceGenerator seqGen2 = new DerSequenceGenerator(seqGen1.GetRawOutputStream(), 1, false);
+
+			seqGen2.AddObject(new DerInteger(BigInteger.ValueOf(1)));
+
+			seqGen2.Close();
+
+			seqGen1.Close();
+
+			Assert.IsTrue(Arrays.AreEqual(nestedSeqImpTagData, bOut.ToArray()), "nested implicit tagged DER writing test failed.");
+        }
+
+		[Test]
+		public void TestBerWriting()
+        {
+            MemoryStream bOut = new MemoryStream();
+            BerSequenceGenerator seqGen = new BerSequenceGenerator(bOut);
+
+			seqGen.AddObject(new DerInteger(BigInteger.Zero));
+
+			seqGen.AddObject(new DerObjectIdentifier("1.1"));
+
+			seqGen.Close();
+
+			Assert.IsTrue(Arrays.AreEqual(berSeqData, bOut.ToArray()), "basic BER writing test failed.");
+        }
+
+		[Test]
+		public void TestNestedBerDerWriting()
+        {
+            MemoryStream bOut = new MemoryStream();
+            BerSequenceGenerator seqGen1 = new BerSequenceGenerator(bOut);
+
+			seqGen1.AddObject(new DerInteger(BigInteger.Zero));
+
+			seqGen1.AddObject(new DerObjectIdentifier("1.1"));
+
+			DerSequenceGenerator seqGen2 = new DerSequenceGenerator(seqGen1.GetRawOutputStream());
+
+			seqGen2.AddObject(new DerInteger(BigInteger.ValueOf(1)));
+
+			seqGen2.Close();
+
+			seqGen1.Close();
+
+			Assert.IsTrue(Arrays.AreEqual(berDerNestedSeqData, bOut.ToArray()), "nested BER/DER writing test failed.");
+        }
+
+		[Test]
+		public void TestNestedBerWriting()
+        {
+            MemoryStream bOut = new MemoryStream();
+            BerSequenceGenerator seqGen1 = new BerSequenceGenerator(bOut);
+
+			seqGen1.AddObject(new DerInteger(BigInteger.Zero));
+
+			seqGen1.AddObject(new DerObjectIdentifier("1.1"));
+
+			BerSequenceGenerator seqGen2 = new BerSequenceGenerator(seqGen1.GetRawOutputStream());
+
+			seqGen2.AddObject(new DerInteger(BigInteger.ValueOf(1)));
+
+			seqGen2.Close();
+
+			seqGen1.Close();
+
+			Assert.IsTrue(Arrays.AreEqual(berNestedSeqData, bOut.ToArray()), "nested BER writing test failed.");
+        }
+
+		[Test]
+		public void TestDerReading()
+        {
+            Asn1StreamParser aIn = new Asn1StreamParser(seqData);
+
+			Asn1SequenceParser seq = (Asn1SequenceParser)aIn.ReadObject();
+            int count = 0;
+
+			Assert.IsNotNull(seq, "null sequence returned");
+
+			object o;
+			while ((o = seq.ReadObject()) != null)
+            {
+                switch (count)
+                {
+                    case 0:
+                        Assert.IsTrue(o is DerInteger);
+                        break;
+                    case 1:
+                        Assert.IsTrue(o is DerObjectIdentifier);
+                        break;
+                }
+                count++;
+            }
+
+			Assert.AreEqual(2, count, "wrong number of objects in sequence");
+        }
+
+		private void doTestNestedReading(
+            byte[] data)
+        {
+            Asn1StreamParser aIn = new Asn1StreamParser(data);
+
+			Asn1SequenceParser seq = (Asn1SequenceParser) aIn.ReadObject();
+            object o = null;
+            int count = 0;
+
+			Assert.IsNotNull(seq, "null sequence returned");
+
+			while ((o = seq.ReadObject()) != null)
+            {
+                switch (count)
+                {
+                    case 0:
+                        Assert.IsTrue(o is DerInteger);
+                        break;
+                    case 1:
+                        Assert.IsTrue(o is DerObjectIdentifier);
+                        break;
+                    case 2:
+                        Assert.IsTrue(o is Asn1SequenceParser);
+
+						Asn1SequenceParser s = (Asn1SequenceParser)o;
+
+						// NB: Must exhaust the nested parser
+						while (s.ReadObject() != null)
+						{
+							// Ignore
+						}
+
+						break;
+                }
+                count++;
+            }
+
+			Assert.AreEqual(3, count, "wrong number of objects in sequence");
+        }
+
+		[Test]
+		public void TestNestedDerReading()
+        {
+            doTestNestedReading(nestedSeqData);
+        }
+
+		[Test]
+		public void TestBerReading()
+        {
+            Asn1StreamParser aIn = new Asn1StreamParser(berSeqData);
+
+			Asn1SequenceParser seq = (Asn1SequenceParser) aIn.ReadObject();
+            object o = null;
+            int count = 0;
+
+			Assert.IsNotNull(seq, "null sequence returned");
+
+			while ((o = seq.ReadObject()) != null)
+            {
+                switch (count)
+                {
+                    case 0:
+                        Assert.IsTrue(o is DerInteger);
+                        break;
+                    case 1:
+                        Assert.IsTrue(o is DerObjectIdentifier);
+                        break;
+                }
+                count++;
+            }
+
+			Assert.AreEqual(2, count, "wrong number of objects in sequence");
+        }
+
+		[Test]
+		public void TestNestedBerDerReading()
+        {
+            doTestNestedReading(berDerNestedSeqData);
+        }
+
+		[Test]
+		public void TestNestedBerReading()
+        {
+            doTestNestedReading(berNestedSeqData);
+        }
+
+		[Test]
+		public void TestBerExplicitTaggedSequenceWriting()
+        {
+            MemoryStream bOut = new MemoryStream();
+            BerSequenceGenerator seqGen = new BerSequenceGenerator(bOut, 1, true);
+
+			seqGen.AddObject(new DerInteger(BigInteger.Zero));
+
+			seqGen.AddObject(new DerObjectIdentifier("1.1"));
+
+			seqGen.Close();
+
+			Assert.IsTrue(Arrays.AreEqual(berExpTagSeqData, bOut.ToArray()), "explicit BER tag writing test failed.");
+        }
+
+		[Test]
+		public void TestSequenceWithDerNullReading()
+		{
+			doTestParseWithNull(berSeqWithDERNullData);
+		}
+
+		private void doTestParseWithNull(
+			byte[] data)
+		{
+			Asn1StreamParser aIn = new Asn1StreamParser(data);
+			Asn1SequenceParser seq = (Asn1SequenceParser) aIn.ReadObject();
+			object o;
+			int count = 0;
+
+			Assert.IsNotNull(seq, "null sequence returned");
+
+			while ((o = seq.ReadObject()) != null)
+			{
+				switch (count)
+				{
+					case 0:
+						Assert.IsTrue(o is Asn1Null);
+						break;
+					case 1:
+						Assert.IsTrue(o is DerInteger);
+						break;
+					case 2:
+						Assert.IsTrue(o is DerObjectIdentifier);
+						break;
+				}
+				count++;
+			}
+
+			Assert.AreEqual(3, count, "wrong number of objects in sequence");
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/ASN1UnitTest.cs b/crypto/test/src/asn1/test/ASN1UnitTest.cs
new file mode 100644
index 000000000..88492bede
--- /dev/null
+++ b/crypto/test/src/asn1/test/ASN1UnitTest.cs
@@ -0,0 +1,88 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	public abstract class Asn1UnitTest
+		: SimpleTest
+	{
+		protected void checkMandatoryField(string name, Asn1Encodable expected, Asn1Encodable present)
+		{
+			if (!expected.Equals(present))
+			{
+				Fail(name + " field doesn't match.");
+			}
+		}
+
+		protected void checkMandatoryField(string name, string expected, string present)
+		{
+			if (!expected.Equals(present))
+			{
+				Fail(name + " field doesn't match.");
+			}
+		}
+
+		protected void checkMandatoryField(string name, byte[] expected, byte[] present)
+		{
+			if (!AreEqual(expected, present))
+			{
+				Fail(name + " field doesn't match.");
+			}
+		}
+
+		protected void checkMandatoryField(string name, int expected, int present)
+		{
+			if (expected != present)
+			{
+				Fail(name + " field doesn't match.");
+			}
+		}
+
+		protected void checkOptionalField(string name, Asn1Encodable expected, Asn1Encodable present)
+		{
+			if (expected != null)
+			{
+				if (!expected.Equals(present))
+				{
+					Fail(name + " field doesn't match.");
+				}
+			}
+			else if (present != null)
+			{
+				Fail(name + " field found when none expected.");
+			}
+		}
+
+		protected void checkOptionalField(string name, string expected, string present)
+		{
+			if (expected != null)
+			{
+				if (!expected.Equals(present))
+				{
+					Fail(name + " field doesn't match.");
+				}
+			}
+			else if (present != null)
+			{
+				Fail(name + " field found when none expected.");
+			}
+		}
+
+		protected void checkOptionalField(string name, BigInteger expected, BigInteger present)
+		{
+			if (expected != null)
+			{
+				if (!expected.Equals(present))
+				{
+					Fail(name + " field doesn't match.");
+				}
+			}
+			else if (present != null)
+			{
+				Fail(name + " field found when none expected.");
+			}
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/AdditionalInformationSyntaxUnitTest.cs b/crypto/test/src/asn1/test/AdditionalInformationSyntaxUnitTest.cs
new file mode 100644
index 000000000..ac4ff9809
--- /dev/null
+++ b/crypto/test/src/asn1/test/AdditionalInformationSyntaxUnitTest.cs
@@ -0,0 +1,77 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.IsisMtt.X509;
+using Org.BouncyCastle.Asn1.X500;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class AdditionalInformationSyntaxUnitTest
+		: Asn1UnitTest
+	{
+		public override string Name
+		{
+			get { return "AdditionalInformationSyntax"; }
+		}
+
+		public override void PerformTest()
+		{
+			AdditionalInformationSyntax syntax = new AdditionalInformationSyntax("hello world");
+
+			checkConstruction(syntax, new DirectoryString("hello world"));
+
+			try
+			{
+				AdditionalInformationSyntax.GetInstance(new Object());
+
+				Fail("GetInstance() failed to detect bad object.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkConstruction(
+			AdditionalInformationSyntax syntax,
+			DirectoryString information)
+		{
+			checkValues(syntax, information);
+
+			syntax = AdditionalInformationSyntax.GetInstance(syntax);
+
+			checkValues(syntax, information);
+
+			Asn1InputStream aIn = new Asn1InputStream(syntax.ToAsn1Object().GetEncoded());
+
+			IAsn1String info = (IAsn1String) aIn.ReadObject();
+
+			syntax = AdditionalInformationSyntax.GetInstance(info);
+
+			checkValues(syntax, information);
+		}
+
+		private void checkValues(
+			AdditionalInformationSyntax syntax,
+			DirectoryString information)
+		{
+			checkMandatoryField("information", information, syntax.Information);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new AdditionalInformationSyntaxUnitTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/AdmissionSyntaxUnitTest.cs b/crypto/test/src/asn1/test/AdmissionSyntaxUnitTest.cs
new file mode 100644
index 000000000..59464d212
--- /dev/null
+++ b/crypto/test/src/asn1/test/AdmissionSyntaxUnitTest.cs
@@ -0,0 +1,99 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.IsisMtt.X509;
+using Org.BouncyCastle.Asn1.X500;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class AdmissionSyntaxUnitTest
+		: Asn1UnitTest
+	{
+		public override string Name
+		{
+			get { return "AdmissionSyntax"; }
+		}
+
+		public override void PerformTest()
+		{
+			GeneralName name = new GeneralName(new X509Name("CN=hello world"));
+			Asn1Sequence admissions = new DerSequence(
+				new Admissions(name,
+				new NamingAuthority(new DerObjectIdentifier("1.2.3"), "url", new DirectoryString("fred")),
+				new ProfessionInfo[0]));
+			AdmissionSyntax syntax = new AdmissionSyntax(name, admissions);
+
+			checkConstruction(syntax, name, admissions);
+
+			syntax = AdmissionSyntax.GetInstance(null);
+
+			if (syntax != null)
+			{
+				Fail("null GetInstance() failed.");
+			}
+
+			try
+			{
+				AdmissionSyntax.GetInstance(new Object());
+
+				Fail("GetInstance() failed to detect bad object.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkConstruction(
+			AdmissionSyntax	syntax,
+			GeneralName		authority,
+			Asn1Sequence	admissions)
+		{
+			checkValues(syntax, authority, admissions);
+
+			syntax = AdmissionSyntax.GetInstance(syntax);
+
+			checkValues(syntax, authority, admissions);
+
+			Asn1InputStream aIn = new Asn1InputStream(syntax.ToAsn1Object().GetEncoded());
+
+			Asn1Sequence info = (Asn1Sequence) aIn.ReadObject();
+
+			syntax = AdmissionSyntax.GetInstance(info);
+
+			checkValues(syntax, authority, admissions);
+		}
+
+		private void checkValues(
+			AdmissionSyntax syntax,
+			GeneralName     authority,
+			Asn1Sequence    admissions)
+		{
+			checkMandatoryField("admissionAuthority", authority, syntax.AdmissionAuthority);
+
+			Admissions[] adm = syntax.GetContentsOfAdmissions();
+
+			if (adm.Length != 1 || !adm[0].Equals(admissions[0]))
+			{
+				Fail("admissions check failed");
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new AdmissionSyntaxUnitTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/AdmissionsUnitTest.cs b/crypto/test/src/asn1/test/AdmissionsUnitTest.cs
new file mode 100644
index 000000000..edefeb830
--- /dev/null
+++ b/crypto/test/src/asn1/test/AdmissionsUnitTest.cs
@@ -0,0 +1,90 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.IsisMtt.X509;
+using Org.BouncyCastle.Asn1.X500;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class AdmissionsUnitTest
+		: Asn1UnitTest
+	{
+		public override string Name
+		{
+			get { return "Admissions"; }
+		}
+
+		public override void PerformTest()
+		{
+			GeneralName name = new GeneralName(new X509Name("CN=hello world"));
+			NamingAuthority auth = new NamingAuthority(new DerObjectIdentifier("1.2.3"), "url", new DirectoryString("fred"));
+			Admissions admissions = new Admissions(name, auth, new ProfessionInfo[0]);
+
+			checkConstruction(admissions, name, auth);
+
+			admissions = Admissions.GetInstance(null);
+
+			if (admissions != null)
+			{
+				Fail("null GetInstance() failed.");
+			}
+
+			try
+			{
+				Admissions.GetInstance(new Object());
+
+				Fail("GetInstance() failed to detect bad object.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkConstruction(
+			Admissions      admissions,
+			GeneralName     name,
+			NamingAuthority auth)
+		{
+			checkValues(admissions, name, auth);
+
+			admissions = Admissions.GetInstance(admissions);
+
+			checkValues(admissions, name, auth);
+
+			Asn1InputStream aIn = new Asn1InputStream(admissions.ToAsn1Object().GetEncoded());
+
+			Asn1Sequence info = (Asn1Sequence)aIn.ReadObject();
+
+			admissions = Admissions.GetInstance(info);
+
+			checkValues(admissions, name, auth);
+		}
+
+		private void checkValues(
+			Admissions		admissions,
+			GeneralName		name,
+			NamingAuthority	auth)
+		{
+			checkMandatoryField("admissionAuthority", name, admissions.AdmissionAuthority);
+			checkMandatoryField("namingAuthority", auth, admissions.NamingAuthority);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new AdmissionsUnitTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/AllTests.cs b/crypto/test/src/asn1/test/AllTests.cs
new file mode 100644
index 000000000..a1ae8fd48
--- /dev/null
+++ b/crypto/test/src/asn1/test/AllTests.cs
@@ -0,0 +1,32 @@
+using System;
+
+using NUnit.Core;
+using NUnit.Framework;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    public class AllTests
+    {
+        public static void Main(string[] args)
+        {
+//            junit.textui.TestRunner.run(suite());
+            EventListener el = new NullListener();
+            suite().Run(el);
+        }
+
+		public static TestSuite suite()
+        {
+            TestSuite suite = new TestSuite("ASN.1 tests");
+
+			suite.Add(new AllTests());
+
+			// TODO Add these tests to RegressionTest list
+			suite.Add(new Asn1SequenceParserTest());
+			suite.Add(new OctetStringTest());
+			suite.Add(new ParseTest());
+			suite.Add(new TimeTest());
+
+			return suite;
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/AttributeTableUnitTest.cs b/crypto/test/src/asn1/test/AttributeTableUnitTest.cs
new file mode 100644
index 000000000..5dcf349cc
--- /dev/null
+++ b/crypto/test/src/asn1/test/AttributeTableUnitTest.cs
@@ -0,0 +1,151 @@
+using System;
+using System.Collections;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Asn1Cms = Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class AttributeTableUnitTest
+        : SimpleTest
+    {
+        private static readonly DerObjectIdentifier type1 = new DerObjectIdentifier("1.1.1");
+        private static readonly DerObjectIdentifier type2 = new DerObjectIdentifier("1.1.2");
+        private static readonly DerObjectIdentifier type3 = new DerObjectIdentifier("1.1.3");
+
+		public override string Name
+		{
+			get { return "AttributeTable"; }
+		}
+
+		public override void PerformTest()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+				new Asn1Cms.Attribute(type1, new DerSet(type1)),
+				new Asn1Cms.Attribute(type2, new DerSet(type2)));
+
+			Asn1Cms.AttributeTable table = new Asn1Cms.AttributeTable(v);
+
+			Asn1Cms.Attribute a = table[type1];
+            if (a == null)
+            {
+                Fail("type1 attribute not found.");
+            }
+            if (!a.AttrValues.Equals(new DerSet(type1)))
+            {
+                Fail("wrong value retrieved for type1!");
+            }
+
+			a = table[type2];
+            if (a == null)
+            {
+                Fail("type2 attribute not found.");
+            }
+            if (!a.AttrValues.Equals(new DerSet(type2)))
+            {
+                Fail("wrong value retrieved for type2!");
+            }
+
+			a = table[type3];
+            if (a != null)
+            {
+                Fail("type3 attribute found when none expected.");
+            }
+
+			Asn1EncodableVector vec = table.GetAll(type1);
+            if (vec.Count != 1)
+            {
+                Fail("wrong vector size for type1.");
+            }
+
+			vec = table.GetAll(type3);
+            if (vec.Count != 0)
+            {
+                Fail("wrong vector size for type3.");
+            }
+
+			vec = table.ToAsn1EncodableVector();
+            if (vec.Count != 2)
+            {
+                Fail("wrong vector size for single.");
+            }
+
+            IDictionary t = table.ToDictionary();
+
+			if (t.Count != 2)
+            {
+                Fail("hashtable wrong size.");
+            }
+
+            // multiple
+
+			v = new Asn1EncodableVector(
+				new Asn1Cms.Attribute(type1, new DerSet(type1)),
+				new Asn1Cms.Attribute(type1, new DerSet(type2)),
+				new Asn1Cms.Attribute(type1, new DerSet(type3)),
+				new Asn1Cms.Attribute(type2, new DerSet(type2)));
+
+			table = new Asn1Cms.AttributeTable(v);
+
+			a = table[type1];
+            if (!a.AttrValues.Equals(new DerSet(type1)))
+            {
+                Fail("wrong value retrieved for type1 multi Get!");
+            }
+
+			vec = table.GetAll(type1);
+            if (vec.Count != 3)
+            {
+                Fail("wrong vector size for multiple type1.");
+            }
+
+			a = (Asn1Cms.Attribute)vec[0];
+            if (!a.AttrValues.Equals(new DerSet(type1)))
+            {
+                Fail("wrong value retrieved for type1(0)!");
+            }
+
+            a = (Asn1Cms.Attribute)vec[1];
+            if (!a.AttrValues.Equals(new DerSet(type2)))
+            {
+                Fail("wrong value retrieved for type1(1)!");
+            }
+
+            a = (Asn1Cms.Attribute)vec[2];
+            if (!a.AttrValues.Equals(new DerSet(type3)))
+            {
+                Fail("wrong value retrieved for type1(2)!");
+            }
+
+            vec = table.GetAll(type2);
+            if (vec.Count != 1)
+            {
+                Fail("wrong vector size for multiple type2.");
+            }
+
+            vec = table.ToAsn1EncodableVector();
+            if (vec.Count != 4)
+            {
+                Fail("wrong vector size for multiple.");
+            }
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new AttributeTableUnitTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/BiometricDataUnitTest.cs b/crypto/test/src/asn1/test/BiometricDataUnitTest.cs
new file mode 100644
index 000000000..a542f71af
--- /dev/null
+++ b/crypto/test/src/asn1/test/BiometricDataUnitTest.cs
@@ -0,0 +1,133 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X509.Qualified;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class BiometricDataUnitTest
+        : SimpleTest
+    {
+        public override string Name
+        {
+			get { return "BiometricData"; }
+        }
+
+		private byte[] GenerateHash()
+        {
+            Random rand = new Random();
+            byte[] bytes = new byte[20];
+            rand.NextBytes(bytes);
+            return bytes;
+        }
+
+		public override void PerformTest()
+        {
+            TypeOfBiometricData dataType = new TypeOfBiometricData(TypeOfBiometricData.HandwrittenSignature);
+            AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance);
+            Asn1OctetString     dataHash = new DerOctetString(GenerateHash());
+            BiometricData       bd = new BiometricData(dataType, hashAlgorithm, dataHash);
+
+            CheckConstruction(bd, dataType, hashAlgorithm, dataHash, null);
+
+            DerIA5String dataUri = new DerIA5String("http://test");
+
+            bd = new BiometricData(dataType, hashAlgorithm, dataHash, dataUri);
+
+            CheckConstruction(bd, dataType, hashAlgorithm, dataHash, dataUri);
+
+            bd = BiometricData.GetInstance(null);
+
+            if (bd != null)
+            {
+                Fail("null GetInstance() failed.");
+            }
+
+            try
+            {
+                BiometricData.GetInstance(new object());
+
+                Fail("GetInstance() failed to detect bad object.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+        }
+
+        private void CheckConstruction(
+            BiometricData bd,
+            TypeOfBiometricData dataType,
+            AlgorithmIdentifier hashAlgorithm,
+            Asn1OctetString dataHash,
+            DerIA5String dataUri)
+        {
+            CheckValues(bd, dataType, hashAlgorithm, dataHash, dataUri);
+
+            bd = BiometricData.GetInstance(bd);
+
+            CheckValues(bd, dataType, hashAlgorithm, dataHash, dataUri);
+
+			Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray(bd.ToAsn1Object().GetEncoded());
+
+			bd = BiometricData.GetInstance(seq);
+
+			CheckValues(bd, dataType, hashAlgorithm, dataHash, dataUri);
+        }
+
+        private void CheckValues(
+            BiometricData       bd,
+            TypeOfBiometricData dataType,
+            AlgorithmIdentifier algID,
+            Asn1OctetString     dataHash,
+            DerIA5String        sourceDataURI)
+        {
+            if (!bd.TypeOfBiometricData.Equals(dataType))
+            {
+                Fail("types don't match.");
+            }
+
+            if (!bd.HashAlgorithm.Equals(algID))
+            {
+                Fail("hash algorithms don't match.");
+            }
+
+            if (!bd.BiometricDataHash.Equals(dataHash))
+            {
+                Fail("hash algorithms don't match.");
+            }
+
+            if (sourceDataURI != null)
+            {
+                if (!bd.SourceDataUri.Equals(sourceDataURI))
+                {
+                    Fail("data uris don't match.");
+                }
+            }
+            else if (bd.SourceDataUri != null)
+            {
+                Fail("data uri found when none expected.");
+            }
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            RunTest(new BiometricDataUnitTest());
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/BitStringConstantTester.cs b/crypto/test/src/asn1/test/BitStringConstantTester.cs
new file mode 100644
index 000000000..bb966d3e4
--- /dev/null
+++ b/crypto/test/src/asn1/test/BitStringConstantTester.cs
@@ -0,0 +1,25 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	public class BitStringConstantTester
+	{
+		private static readonly int[] bits =
+		{
+			1 << 7, 1 << 6, 1 << 5, 1 << 4, 1 << 3, 1 << 2, 1 << 1, 1 << 0,
+			1 << 15, 1 << 14, 1 << 13, 1 << 12, 1 << 11, 1 << 10, 1 << 9, 1 << 8,
+			1 << 23, 1 << 22, 1 << 21, 1 << 20, 1 << 19, 1 << 18, 1 << 17, 1 << 16,
+			1 << 31, 1 << 30, 1 << 29, 1 << 28, 1 << 27, 1 << 26, 1 << 25, 1 << 24
+		};
+
+		public static void testFlagValueCorrect(
+			int bitNo,
+			int value)
+		{
+			if (bits[bitNo] != value)
+			{
+				throw new ArgumentException("bit value " + bitNo + " wrong");
+			}
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/BitStringTest.cs b/crypto/test/src/asn1/test/BitStringTest.cs
new file mode 100644
index 000000000..3a2dc3156
--- /dev/null
+++ b/crypto/test/src/asn1/test/BitStringTest.cs
@@ -0,0 +1,82 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class BitStringTest
+        : ITest
+    {
+        public ITestResult Perform()
+        {
+            KeyUsage k = new KeyUsage(KeyUsage.DigitalSignature);
+            if ((k.GetBytes()[0] != (byte)KeyUsage.DigitalSignature) || (k.PadBits != 7))
+            {
+                return new SimpleTestResult(false, Name + ": failed digitalSignature");
+            }
+
+            k = new KeyUsage(KeyUsage.NonRepudiation);
+            if ((k.GetBytes()[0] != (byte)KeyUsage.NonRepudiation) || (k.PadBits != 6))
+            {
+                return new SimpleTestResult(false, Name + ": failed nonRepudiation");
+            }
+
+            k = new KeyUsage(KeyUsage.KeyEncipherment);
+            if ((k.GetBytes()[0] != (byte)KeyUsage.KeyEncipherment) || (k.PadBits != 5))
+            {
+                return new SimpleTestResult(false, Name + ": failed keyEncipherment");
+            }
+
+            k = new KeyUsage(KeyUsage.CrlSign);
+            if ((k.GetBytes()[0] != (byte)KeyUsage.CrlSign)  || (k.PadBits != 1))
+            {
+                return new SimpleTestResult(false, Name + ": failed cRLSign");
+            }
+
+            k = new KeyUsage(KeyUsage.DecipherOnly);
+            if ((k.GetBytes()[1] != (byte)(KeyUsage.DecipherOnly >> 8))  || (k.PadBits != 7))
+            {
+                return new SimpleTestResult(false, Name + ": failed decipherOnly");
+            }
+
+			// test for zero length bit string
+			try
+			{
+				Asn1Object.FromByteArray(new DerBitString(new byte[0], 0).GetEncoded());
+			}
+			catch (IOException e)
+			{
+				return new SimpleTestResult(false, Name + ": " + e);
+			}
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public string Name
+        {
+			get { return "BitString"; }
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            ITest test = new BitStringTest();
+            ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/CMSTest.cs b/crypto/test/src/asn1/test/CMSTest.cs
new file mode 100644
index 000000000..1afb363af
--- /dev/null
+++ b/crypto/test/src/asn1/test/CMSTest.cs
@@ -0,0 +1,306 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class CmsTest
+		: ITest
+	{
+		//
+		// compressed data object
+		//
+		private static readonly byte[] compData = Base64.Decode(
+			"MIAGCyqGSIb3DQEJEAEJoIAwgAIBADANBgsqhkiG9w0BCRADCDCABgkqhkiG9w0BBwGggCSABIIC"
+			+ "Hnic7ZRdb9owFIbvK/k/5PqVYPFXGK12YYyboVFASSp1vQtZGiLRACZE49/XHoUW7S/0tXP8Efux"
+			+ "fU5ivWnasml72XFb3gb5druui7ytN803M570nii7C5r8tfwR281hy/p/KSM3+jzH5s3+pbQ90xSb"
+			+ "P3VT3QbLusnt8WPIuN5vN/vaA2+DulnXTXkXvNTr8j8ouZmkCmGI/UW+ZS/C8zP0bz2dz0zwLt+1"
+			+ "UEk2M8mlaxjRMByAhZTj0RGYg4TvogiRASROsZgjpVcJCb1KV6QzQeDJ1XkoQ5Jm+C5PbOHZZGRi"
+			+ "v+ORAcshOGeCcdFJyfgFxdtCdEcmOrbinc/+BBMzRThEYpwl+jEBpciSGWQkI0TSlREmD/eOHb2D"
+			+ "SGLuESm/iKUFt1y4XHBO2a5oq0IKJKWLS9kUZTA7vC5LSxYmgVL46SIWxIfWBQd6AdrnjLmH94UT"
+			+ "vGxVibLqRCtIpp4g2qpdtqK1LiOeolpVK5wVQ5P7+QjZAlrh0cePYTx/gNZuB9Vhndtgujl9T/tg"
+			+ "W9ogK+3rnmg3YWygnTuF5GDS+Q/jIVLnCcYZFc6Kk/+c80wKwZjwdZIqDYWRH68MuBQSXLgXYXj2"
+			+ "3CAaYOBNJMliTl0X7eV5DnoKIFSKYdj3cRpD/cK/JWTHJRe76MUXnfBW8m7Hd5zhQ4ri2NrVF/WL"
+			+ "+kV1/3AGSlJ32bFPd2BsQD8uSzIx6lObkjdz95c0AAAAAAAAAAAAAAAA");
+
+		//
+		// enveloped data
+		//
+		private static readonly byte[] envDataKeyTrns = Base64.Decode(
+			  "MIAGCSqGSIb3DQEHA6CAMIACAQAxgcQwgcECAQAwKjAlMRYwFAYDVQQKEw1Cb3Vu"
+			+ "Y3kgQ2FzdGxlMQswCQYDVQQGEwJBVQIBCjANBgkqhkiG9w0BAQEFAASBgC5vdGrB"
+			+ "itQSGwifLf3KwPILjaB4WEXgT/IIO1KDzrsbItCJsMA0Smq2y0zptxT0pSRL6JRg"
+			+ "NMxLk1ySnrIrvGiEPLMR1zjxlT8yQ6VLX+kEoK43ztd1aaLw0oBfrcXcLN7BEpZ1"
+			+ "TIdjlBfXIOx1S88WY1MiYqJJFc3LMwRUaTEDMIAGCSqGSIb3DQEHATAdBglghkgB"
+			+ "ZQMEARYEEAfxLMWeaBOTTZQwUq0Y5FuggAQgwOJhL04rjSZCBCSOv5i5XpFfGsOd"
+			+ "YSHSqwntGpFqCx4AAAAAAAAAAAAA");
+
+		private static readonly byte[] envDataKEK = Base64.Decode(
+			  "MIAGCSqGSIb3DQEHA6CAMIACAQIxUqJQAgEEMAcEBQECAwQFMBAGCyqGSIb3DQEJE"
+			+ "AMHAgE6BDC7G/HyUPilIrin2Yeajqmj795VoLWETRnZAAFcAiQdoQWyz+oCh6WY/H"
+			+ "jHHi+0y+cwgAYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAiY3eDBBbF6naCABBiNdzJb"
+			+ "/v6+UZB3XXKipxFDUpz9GyjzB+gAAAAAAAAAAAAA");
+
+		private static readonly byte[] envDataNestedNDEF = Base64.Decode(
+			  "MIAGCSqGSIb3DQEHA6CAMIACAQAxge8wgewCAQAwgZUwgY8xKDAmBgNVBAoMH1RoZSBMZWdpb24g"
+			+ "b2YgdGhlIEJvdW5jeSBDYXN0bGUxLzAtBgkqhkiG9w0BCQEWIGZlZWRiYWNrLWNyeXB0b0Bib3Vu"
+			+ "Y3ljYXN0bGUub3JnMREwDwYDVQQIDAhWaWN0b3JpYTESMBAGA1UEBwwJTWVsYm91cm5lMQswCQYD"
+			+ "VQQGEwJBVQIBATANBgkqhkiG9w0BAQEFAARABIXMd8xiTyWDKO/LQfvdGYTPW3I9oSQWwtm4OIaN"
+			+ "VINpfY2lfwTvbmE6VXiLKeALC0dMBV8z7DEM9hE0HVmvLDCABgkqhkiG9w0BBwEwHQYJYIZIAWUD"
+			+ "BAECBBB32ko6WrVxDTqwUYEpV6IUoIAEggKgS6RowrhNlmWWI13zxD/lryxkZ5oWXPUfNiUxYX/P"
+			+ "r5iscW3s8VKJKUpJ4W5SNA7JGL4l/5LmSnJ4Qu/xzxcoH4r4vmt75EDE9p2Ob2Xi1NuSFAZubJFc"
+			+ "Zlnp4e05UHKikmoaz0PbiAi277sLQlK2FcVsntTYVT00y8+IwuuQu0ATVqkXC+VhfjV/sK6vQZnw"
+			+ "2rQKedZhLB7B4dUkmxCujb/UAq4lgSpLMXg2P6wMimTczXyQxRiZxPeI4ByCENjkafXbfcJft2eD"
+			+ "gv1DEDdYM5WrW9Z75b4lmJiOJ/xxDniHCvum7KGXzpK1d1mqTlpzPC2xoz08/MO4lRf5Mb0bYdq6"
+			+ "CjMaYqVwGsYryp/2ayX+d8H+JphEG+V9Eg8uPcDoibwhDI4KkoyGHstPw5bxcy7vVFt7LXUdNjJc"
+			+ "K1wxaUKEXDGKt9Vj93FnBTLMX0Pc9HpueV5o1ipX34dn/P3HZB9XK8ScbrE38B1VnIgylStnhVFO"
+			+ "Cj9s7qSVqI2L+xYHJRHsxaMumIRnmRuOqdXDfIo28EZAnFtQ/b9BziMGVvAW5+A8h8s2oazhSmK2"
+			+ "23ftV7uv98ScgE8fCd3PwT1kKJM83ThTYyBzokvMfPYCCvsonMV+kTWXhWcwjYTS4ukrpR452ZdW"
+			+ "l3aJqDnzobt5FK4T8OGciOj+1PxYFZyRmCuafm2Dx6o7Et2Tu/T5HYvhdY9jHyqtDl2PXH4CTnVi"
+			+ "gA1YOAArjPVmsZVwAM3Ml46uyXXhcsXwQ1X0Tv4D+PSa/id4UQ2cObOw8Cj1eW2GB8iJIZVqkZaU"
+			+ "XBexqgWYOIoxjqODSeoZKiBsTK3c+oOUBqBDueY1i55swE2o6dDt95FluX6iyr/q4w2wLt3upY1J"
+			+ "YL+TuvZxAKviuAczMS1bAAAAAAAAAAAAAA==");
+
+		//
+		// signed data
+		//
+		private static readonly byte[] signedData = Base64.Decode(
+			  "MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAaCA"
+			+ "JIAEDEhlbGxvIFdvcmxkIQAAAAAAAKCCBGIwggINMIIBdqADAgECAgEBMA0GCSqG"
+			+ "SIb3DQEBBAUAMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJBgNVBAYTAkFV"
+			+ "MB4XDTA0MTAyNDA0MzA1OFoXDTA1MDIwMTA0MzA1OFowJTEWMBQGA1UEChMNQm91"
+			+ "bmN5IENhc3RsZTELMAkGA1UEBhMCQVUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ"
+			+ "AoGBAJj3OAshAOgDmPcYZ1jdNSuhOHRH9VhC/PG17FdiInVGc2ulJhEifEQga/uq"
+			+ "ZCpSd1nHsJUZKm9k1bVneWzC0941i9Znfxgb2jnXXsa5kwB2KEVESrOWsRjSRtnY"
+			+ "iLgqBG0rzpaMn5A5ntu7N0406EesBhe19cjZAageEHGZDbufAgMBAAGjTTBLMB0G"
+			+ "A1UdDgQWBBR/iHNKOo6f4ByWFFywRNZ65XSr1jAfBgNVHSMEGDAWgBR/iHNKOo6f"
+			+ "4ByWFFywRNZ65XSr1jAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBAUAA4GBAFMJJ7QO"
+			+ "pHo30bnlQ4Ny3PCnK+Se+Gw3TpaYGp84+a8fGD9Dme78G6NEsgvpFGTyoLxvJ4CB"
+			+ "84Kzys+1p2HdXzoZiyXAer5S4IwptE3TxxFwKyj28cRrM6dK47DDyXUkV0qwBAMN"
+			+ "luwnk/no4K7ilzN2MZk5l7wXyNa9yJ6CHW6dMIICTTCCAbagAwIBAgIBAjANBgkq"
+			+ "hkiG9w0BAQQFADAlMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJB"
+			+ "VTAeFw0wNDEwMjQwNDMwNTlaFw0wNTAyMDEwNDMwNTlaMGUxGDAWBgNVBAMTD0Vy"
+			+ "aWMgSC4gRWNoaWRuYTEkMCIGCSqGSIb3DQEJARYVZXJpY0Bib3VuY3ljYXN0bGUu"
+			+ "b3JnMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVTCBnzANBgkq"
+			+ "hkiG9w0BAQEFAAOBjQAwgYkCgYEAm+5CnGU6W45iUpCsaGkn5gDruZv3j/o7N6ag"
+			+ "mRZhikaLG2JF6ECaX13iioVJfmzBsPKxAACWwuTXCoSSXG8viK/qpSHwJpfQHYEh"
+			+ "tcC0CxIqlnltv3KQAGwh/PdwpSPvSNnkQBGvtFq++9gnXDBbynfP8b2L2Eis0X9U"
+			+ "2y6gFiMCAwEAAaNNMEswHQYDVR0OBBYEFEAmOksnF66FoQm6IQBVN66vJo1TMB8G"
+			+ "A1UdIwQYMBaAFH+Ic0o6jp/gHJYUXLBE1nrldKvWMAkGA1UdEwQCMAAwDQYJKoZI"
+			+ "hvcNAQEEBQADgYEAEeIjvNkKMPU/ZYCu1TqjGZPEqi+glntg2hC/CF0oGyHFpMuG"
+			+ "tMepF3puW+uzKM1s61ar3ahidp3XFhr/GEU/XxK24AolI3yFgxP8PRgUWmQizTQX"
+			+ "pWUmhlsBe1uIKVEfNAzCgtYfJQ8HJIKsUCcdWeCKVKs4jRionsek1rozkPExggEv"
+			+ "MIIBKwIBATAqMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJBgNVBAYTAkFV"
+			+ "AgECMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqG"
+			+ "SIb3DQEJBTEPFw0wNDEwMjQwNDMwNTlaMCMGCSqGSIb3DQEJBDEWBBQu973mCM5U"
+			+ "BOl9XwQvlfifHCMocTANBgkqhkiG9w0BAQEFAASBgGHbe3/jcZu6b/erRhc3PEji"
+			+ "MUO8mEIRiNYBr5/vFNhkry8TrGfOpI45m7gu1MS0/vdas7ykvidl/sNZfO0GphEI"
+			+ "UaIjMRT3U6yuTWF4aLpatJbbRsIepJO/B2kdIAbV5SCbZgVDJIPOR2qnruHN2wLF"
+			+ "a+fEv4J8wQ8Xwvk0C8iMAAAAAAAA");
+
+		private static void Touch(object o)
+		{
+		}
+
+		private ITestResult CompressionTest()
+		{
+			try
+			{
+				ContentInfo info = ContentInfo.GetInstance(
+					Asn1Object.FromByteArray(compData));
+				CompressedData data = CompressedData.GetInstance(info.Content);
+
+				data = new CompressedData(data.CompressionAlgorithmIdentifier, data.EncapContentInfo);
+				info = new ContentInfo(CmsObjectIdentifiers.CompressedData, data);
+
+				if (!Arrays.AreEqual(info.GetEncoded(), compData))
+				{
+					return new SimpleTestResult(false, Name + ": CMS compression failed to re-encode");
+				}
+
+				return new SimpleTestResult(true, Name + ": Okay");
+			}
+			catch (Exception e)
+			{
+				return new SimpleTestResult(false, Name + ": CMS compression failed - " + e.ToString(), e);
+			}
+		}
+
+		private ITestResult EnvelopedTest()
+		{
+			try
+			{
+				// Key trans
+				ContentInfo info = ContentInfo.GetInstance(
+					Asn1Object.FromByteArray(envDataKeyTrns));
+				EnvelopedData envData = EnvelopedData.GetInstance(info.Content);
+				Asn1Set s = envData.RecipientInfos;
+
+				if (s.Count != 1)
+				{
+					return new SimpleTestResult(false, Name + ": CMS KeyTrans enveloped, wrong number of recipients");
+				}
+
+				RecipientInfo recip = RecipientInfo.GetInstance(s[0]);
+
+				if (recip.Info is KeyTransRecipientInfo)
+				{
+					KeyTransRecipientInfo inf = KeyTransRecipientInfo.GetInstance(recip.Info);
+
+					inf = new KeyTransRecipientInfo(inf.RecipientIdentifier, inf.KeyEncryptionAlgorithm, inf.EncryptedKey);
+
+					s = new DerSet(new RecipientInfo(inf));
+				}
+				else
+				{
+					return new SimpleTestResult(false, Name + ": CMS KeyTrans enveloped, wrong recipient type");
+				}
+
+				envData = new EnvelopedData(envData.OriginatorInfo, s, envData.EncryptedContentInfo, envData.UnprotectedAttrs);
+				info = new ContentInfo(CmsObjectIdentifiers.EnvelopedData, envData);
+
+				if (!Arrays.AreEqual(info.GetEncoded(), envDataKeyTrns))
+				{
+					return new SimpleTestResult(false, Name + ": CMS KeyTrans enveloped failed to re-encode");
+				}
+
+
+				// KEK
+				info = ContentInfo.GetInstance(
+					Asn1Object.FromByteArray(envDataKEK));
+				envData = EnvelopedData.GetInstance(info.Content);
+				s = envData.RecipientInfos;
+
+				if (s.Count != 1)
+				{
+					return new SimpleTestResult(false, Name + ": CMS KEK enveloped, wrong number of recipients");
+				}
+
+				recip = RecipientInfo.GetInstance(s[0]);
+
+				if (recip.Info is KekRecipientInfo)
+				{
+					KekRecipientInfo inf = KekRecipientInfo.GetInstance(recip.Info);
+
+					inf = new KekRecipientInfo(inf.KekID, inf.KeyEncryptionAlgorithm, inf.EncryptedKey);
+
+					s = new DerSet(new RecipientInfo(inf));
+				}
+				else
+				{
+					return new SimpleTestResult(false, Name + ": CMS KEK enveloped, wrong recipient type");
+				}
+
+				envData = new EnvelopedData(envData.OriginatorInfo, s, envData.EncryptedContentInfo, envData.UnprotectedAttrs);
+				info = new ContentInfo(CmsObjectIdentifiers.EnvelopedData, envData);
+
+				if (!Arrays.AreEqual(info.GetEncoded(), envDataKEK))
+				{
+					return new SimpleTestResult(false, Name + ": CMS KEK enveloped failed to re-encode");
+				}
+
+				// Nested NDEF problem
+				Asn1StreamParser asn1In = new Asn1StreamParser(new MemoryStream(envDataNestedNDEF, false));
+				ContentInfoParser ci = new ContentInfoParser((Asn1SequenceParser)asn1In.ReadObject());
+				EnvelopedDataParser ed = new EnvelopedDataParser((Asn1SequenceParser)ci
+					.GetContent(Asn1Tags.Sequence));
+				Touch(ed.Version);
+				ed.GetOriginatorInfo();
+				ed.GetRecipientInfos().ToAsn1Object();
+				EncryptedContentInfoParser eci = ed.GetEncryptedContentInfo();
+				Touch(eci.ContentType);
+				Touch(eci.ContentEncryptionAlgorithm);
+
+				Stream dataIn = ((Asn1OctetStringParser)eci.GetEncryptedContent(Asn1Tags.OctetString))
+					.GetOctetStream();
+				Streams.Drain(dataIn);
+				dataIn.Close();
+
+				// Test data doesn't have unprotected attrs, bug was being thrown by this call
+				Asn1SetParser upa = ed.GetUnprotectedAttrs();
+				if (upa != null)
+				{
+					upa.ToAsn1Object();
+				}
+
+				return new SimpleTestResult(true, Name + ": Okay");
+			}
+			catch (Exception e)
+			{
+				return new SimpleTestResult(false, Name + ": CMS enveloped failed - " + e.ToString(), e);
+			}
+		}
+
+		private ITestResult SignedTest()
+		{
+			try
+			{
+				ContentInfo info = ContentInfo.GetInstance(
+					Asn1Object.FromByteArray(signedData));
+				SignedData sData = SignedData.GetInstance(info.Content);
+
+				sData = new SignedData(sData.DigestAlgorithms, sData.EncapContentInfo, sData.Certificates, sData.CRLs, sData.SignerInfos);
+				info = new ContentInfo(CmsObjectIdentifiers.SignedData, sData);
+
+				if (!Arrays.AreEqual(info.GetEncoded(), signedData))
+				{
+					return new SimpleTestResult(false, Name + ": CMS signed failed to re-encode");
+				}
+
+				return new SimpleTestResult(true, Name + ": Okay");
+			}
+			catch (Exception e)
+			{
+				return new SimpleTestResult(false, Name + ": CMS signed failed - " + e.ToString(), e);
+			}
+		}
+
+		public ITestResult Perform()
+		{
+			ITestResult res = CompressionTest();
+
+			if (!res.IsSuccessful())
+			{
+				return res;
+			}
+
+			res = EnvelopedTest();
+			if (!res.IsSuccessful())
+			{
+				return res;
+			}
+
+			return SignedTest();
+		}
+
+		public string Name
+		{
+			get { return "CMS"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new CmsTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/CertHashUnitTest.cs b/crypto/test/src/asn1/test/CertHashUnitTest.cs
new file mode 100644
index 000000000..1e271a9c0
--- /dev/null
+++ b/crypto/test/src/asn1/test/CertHashUnitTest.cs
@@ -0,0 +1,93 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.IsisMtt.Ocsp;
+using Org.BouncyCastle.Asn1.IsisMtt.X509;
+using Org.BouncyCastle.Asn1.X500;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class CertHashUnitTest
+		: Asn1UnitTest
+	{
+		public override string Name
+		{
+			get { return "CertHash"; }
+		}
+
+		public override void PerformTest()
+		{
+			AlgorithmIdentifier algId = new AlgorithmIdentifier(new DerObjectIdentifier("1.2.2.3"));
+			byte[] digest = new byte[20];
+
+			CertHash certID = new CertHash(algId, digest);
+
+			checkConstruction(certID, algId, digest);
+
+			certID = CertHash.GetInstance(null);
+
+			if (certID != null)
+			{
+				Fail("null GetInstance() failed.");
+			}
+
+			try
+			{
+				CertHash.GetInstance(new Object());
+
+				Fail("GetInstance() failed to detect bad object.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkConstruction(
+			CertHash			certHash,
+			AlgorithmIdentifier	algId,
+			byte[]				digest)
+		{
+			checkValues(certHash, algId, digest);
+
+			certHash = CertHash.GetInstance(certHash);
+
+			checkValues(certHash, algId, digest);
+
+			Asn1InputStream aIn = new Asn1InputStream(certHash.ToAsn1Object().GetEncoded());
+
+			Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject();
+
+			certHash = CertHash.GetInstance(seq);
+
+			checkValues(certHash, algId, digest);
+		}
+
+		private void checkValues(
+			CertHash certHash,
+			AlgorithmIdentifier algId,
+			byte[] digest)
+		{
+			checkMandatoryField("algorithmHash", algId, certHash.HashAlgorithm);
+
+			checkMandatoryField("certificateHash", digest, certHash.CertificateHash);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new CertHashUnitTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/CertificateTest.cs b/crypto/test/src/asn1/test/CertificateTest.cs
new file mode 100644
index 000000000..532e81aba
--- /dev/null
+++ b/crypto/test/src/asn1/test/CertificateTest.cs
@@ -0,0 +1,395 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Utilities;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class CertificateTest
+		: SimpleTest
+	{
+		//
+		// server.crt
+		//
+		private static readonly byte[] cert1 = Base64.Decode(
+			"MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx"
+			+ "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY"
+			+ "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB"
+			+ "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ"
+			+ "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2"
+			+ "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW"
+			+ "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM"
+			+ "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l"
+			+ "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv"
+			+ "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re"
+			+ "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO"
+			+ "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE"
+			+ "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy"
+			+ "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0"
+			+ "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw"
+			+ "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL"
+			+ "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4"
+			+ "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF"
+			+ "5/8=");
+
+		//
+		// ca.crt
+		//
+		private static readonly byte[] cert2 = Base64.Decode(
+			"MIIDbDCCAtWgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx"
+			+ "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY"
+			+ "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB"
+			+ "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ"
+			+ "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU1MzNaFw0wMTA2"
+			+ "MDIwNzU1MzNaMIG3MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW"
+			+ "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM"
+			+ "dGQxHjAcBgNVBAsTFUNlcnRpZmljYXRlIEF1dGhvcml0eTEVMBMGA1UEAxMMQ29u"
+			+ "bmVjdCA0IENBMSgwJgYJKoZIhvcNAQkBFhl3ZWJtYXN0ZXJAY29ubmVjdDQuY29t"
+			+ "LmF1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgs5ptNG6Qv1ZpCDuUNGmv"
+			+ "rhjqMDPd3ri8JzZNRiiFlBA4e6/ReaO1U8ASewDeQMH6i9R6degFdQRLngbuJP0s"
+			+ "xcEE+SksEWNvygfzLwV9J/q+TQDyJYK52utb++lS0b48A1KPLwEsyL6kOAgelbur"
+			+ "ukwxowprKUIV7Knf1ajetQIDAQABo4GFMIGCMCQGA1UdEQQdMBuBGXdlYm1hc3Rl"
+			+ "ckBjb25uZWN0NC5jb20uYXUwDwYDVR0TBAgwBgEB/wIBADA2BglghkgBhvhCAQ0E"
+			+ "KRYnbW9kX3NzbCBnZW5lcmF0ZWQgY3VzdG9tIENBIGNlcnRpZmljYXRlMBEGCWCG"
+			+ "SAGG+EIBAQQEAwICBDANBgkqhkiG9w0BAQQFAAOBgQCsGvfdghH8pPhlwm1r3pQk"
+			+ "msnLAVIBb01EhbXm2861iXZfWqGQjrGAaA0ZpXNk9oo110yxoqEoSJSzniZa7Xtz"
+			+ "soTwNUpE0SLHvWf/SlKdFWlzXA+vOZbzEv4UmjeelekTm7lc01EEa5QRVzOxHFtQ"
+			+ "DhkaJ8VqOMajkQFma2r9iA==");
+
+		//
+		// testx509.pem
+		//
+		private static readonly byte[] cert3 = Base64.Decode(
+			"MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV"
+			+ "BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz"
+			+ "MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM"
+			+ "RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF"
+			+ "AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO"
+			+ "/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE"
+			+ "Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ"
+			+ "zl9HYIMxATFyqSiD9jsx");
+
+		//
+		// v3-cert1.pem
+		//
+		private static readonly byte[] cert4 = Base64.Decode(
+			"MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx"
+			+ "NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz"
+			+ "dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw"
+			+ "ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu"
+			+ "ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2"
+			+ "ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp"
+			+ "miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C"
+			+ "AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK"
+			+ "Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x"
+			+ "DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR"
+			+ "MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB"
+			+ "AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21"
+			+ "X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3"
+			+ "WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO");
+
+		//
+		// v3-cert2.pem
+		//
+		private static readonly byte[] cert5 = Base64.Decode(
+			"MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD"
+			+ "YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0"
+			+ "ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu"
+			+ "dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1"
+			+ "WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV"
+			+ "BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx"
+			+ "FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA"
+			+ "6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT"
+			+ "G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ"
+			+ "YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm"
+			+ "b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc"
+			+ "F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz"
+			+ "lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap"
+			+ "jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=");
+
+		private static readonly byte[] cert6 = Base64.Decode(
+			"MIIEDjCCAvagAwIBAgIEFAAq2jANBgkqhkiG9w0BAQUFADBLMSowKAYDVQQDEyFT"
+			+ "dW4gTWljcm9zeXN0ZW1zIEluYyBDQSAoQ2xhc3MgQikxHTAbBgNVBAoTFFN1biBN"
+			+ "aWNyb3N5c3RlbXMgSW5jMB4XDTA0MDIyOTAwNDMzNFoXDTA5MDMwMTAwNDMzNFow"
+			+ "NzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxFjAUBgNVBAMTDXN0b3Jl"
+			+ "LnN1bi5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAP9ErzFT7MPg2bVV"
+			+ "LNmHTgN4kmiRNlPpuLGWS7EDIXYBbLeSSOCp/e1ANcOGnsuf0WIq9ejd/CPyEfh4"
+			+ "sWoVvQzpOfHZ/Jyei29PEuxzWT+4kQmCx3+sLK25lAnDFsz1KiFmB6Y3GJ/JSjpp"
+			+ "L0Yy1R9YlIc82I8gSw44y5JDABW5AgMBAAGjggGQMIIBjDAOBgNVHQ8BAf8EBAMC"
+			+ "BaAwHQYDVR0OBBYEFG1WB3PApZM7OPPVWJ31UrERaoKWMEcGA1UdIARAMD4wPAYL"
+			+ "YIZIAYb3AIN9k18wLTArBggrBgEFBQcCARYfaHR0cDovL3d3dy5zdW4uY29tL3Br"
+			+ "aS9jcHMuaHRtbDCBhQYDVR0fBH4wfDB6oCegJYYjaHR0cDovL3d3dy5zdW4uY29t"
+			+ "L3BraS9wa2lzbWljYS5jcmyiT6RNMEsxKjAoBgNVBAMTIVN1biBNaWNyb3N5c3Rl"
+			+ "bXMgSW5jIENBIChDbGFzcyBCKTEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJ"
+			+ "bmMwHwYDVR0jBBgwFoAUT7ZnqR/EEBSgG6h1wdYMI5RiiWswVAYIKwYBBQUHAQEE"
+			+ "SDBGMB0GCCsGAQUFBzABhhFodHRwOi8vdmEuc3VuLmNvbTAlBggrBgEFBQcwAYYZ"
+			+ "aHR0cDovL3ZhLmNlbnRyYWwuc3VuLmNvbTATBgNVHSUEDDAKBggrBgEFBQcDATAN"
+			+ "BgkqhkiG9w0BAQUFAAOCAQEAq3byQgyU24tBpR07iQK7agm1zQyzDQ6itdbji0ln"
+			+ "T7fOd5Pnp99iig8ovwWliNtXKAmgtJY60jWz7nEuk38AioZJhS+RPWIWX/+2PRV7"
+			+ "s2aWTzM3n43BypD+jU2qF9c9kDWP/NW9K9IcrS7SfU/2MZVmiCMD/9FEL+CWndwE"
+			+ "JJQ/oenXm44BFISI/NjV7fMckN8EayPvgtzQkD5KnEiggOD6HOrwTDFR+tmAEJ0K"
+			+ "ZttQNwOzCOcEdxXTg6qBHUbONdL7bjTT5NzV+JR/bnfiCqHzdnGwfbHzhmrnXw8j"
+			+ "QCVXcfBfL9++nmpNNRlnJMRdYGeCY6OAfh/PRo8/fXak1Q==");
+
+		private static readonly byte[] cert7 = Base64.Decode(
+			"MIIFJDCCBAygAwIBAgIKEcJZuwAAAAAABzANBgkqhkiG9w0BAQUFADAPMQ0wCwYD"
+			+ "VQQDEwRNU0NBMB4XDTA0MDUyMjE2MTM1OFoXDTA1MDUyMjE2MjM1OFowaTEbMBkG"
+			+ "CSqGSIb3DQEJCBMMMTkyLjE2OC4xLjMzMScwJQYJKoZIhvcNAQkCExhwaXhmaXJl"
+			+ "d2FsbC5jaXNjb3BpeC5jb20xITAfBgNVBAMTGHBpeGZpcmV3YWxsLmNpc2NvcGl4"
+			+ "LmNvbTB8MA0GCSqGSIb3DQEBAQUAA2sAMGgCYQCbcsY7vrjweXZiFQdhUafEjJV+"
+			+ "HRy5UKmuCy0237ffmYrN+XNLw0h90cdCSK6KPZebd2E2Bc2UmTikc/FY8meBT3/E"
+			+ "O/Osmywzi++Ur8/IrDvtuR1zd0c/xEPnV1ZRezkCAwEAAaOCAs4wggLKMAsGA1Ud"
+			+ "DwQEAwIFoDAdBgNVHQ4EFgQUzJBSxkQiN9TKvhTMQ1/Aq4gZnHswHwYDVR0jBBgw"
+			+ "FoAUMsxzXVh+5UKMNpwNHmqSfcRYfJ4wgfcGA1UdHwSB7zCB7DCB6aCB5qCB44aB"
+			+ "r2xkYXA6Ly8vQ049TVNDQSxDTj1NQVVELENOPUNEUCxDTj1QdWJsaWMlMjBLZXkl"
+			+ "MjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPWludCxE"
+			+ "Qz1wcmltZWtleSxEQz1zZT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/"
+			+ "b2JqZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnSGL2h0dHA6Ly9tYXVkLmlu"
+			+ "dC5wcmltZWtleS5zZS9DZXJ0RW5yb2xsL01TQ0EuY3JsMIIBEAYIKwYBBQUHAQEE"
+			+ "ggECMIH/MIGqBggrBgEFBQcwAoaBnWxkYXA6Ly8vQ049TVNDQSxDTj1BSUEsQ049"
+			+ "UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJh"
+			+ "dGlvbixEQz1pbnQsREM9cHJpbWVrZXksREM9c2U/Y0FDZXJ0aWZpY2F0ZT9iYXNl"
+			+ "P29iamVjdENsYXNzPWNlcnRpZmljYXRpb25BdXRob3JpdHkwUAYIKwYBBQUHMAKG"
+			+ "RGh0dHA6Ly9tYXVkLmludC5wcmltZWtleS5zZS9DZXJ0RW5yb2xsL01BVUQuaW50"
+			+ "LnByaW1la2V5LnNlX01TQ0EuY3J0MCwGA1UdEQEB/wQiMCCCGHBpeGZpcmV3YWxs"
+			+ "LmNpc2NvcGl4LmNvbYcEwKgBITA/BgkrBgEEAYI3FAIEMh4wAEkAUABTAEUAQwBJ"
+			+ "AG4AdABlAHIAbQBlAGQAaQBhAHQAZQBPAGYAZgBsAGkAbgBlMA0GCSqGSIb3DQEB"
+			+ "BQUAA4IBAQCa0asiPbObLJjpSz6ndJ7y4KOWMiuuBc/VQBnLr7RBCF3ZlZ6z1+e6"
+			+ "dmv8se/z11NgateKfxw69IhLCriA960HEgX9Z61MiVG+DrCFpbQyp8+hPFHoqCZN"
+			+ "b7upc8k2OtJW6KPaP9k0DW52YQDIky4Vb2rZeC4AMCorWN+KlndHhr1HFA14HxwA"
+			+ "4Mka0FM6HNWnBV2UmTjBZMDr/OrGH1jLYIceAaZK0X2R+/DWXeeqIga8jwP5empq"
+			+ "JetYnkXdtTbEh3xL0BX+mZl8vDI+/PGcwox/7YjFmyFWphRMxk9CZ3rF2/FQWMJP"
+			+ "YqQpKiQOmQg5NAhcwffLAuVjVVibPYqi");
+
+		private static readonly byte[] cert8 = Base64.Decode(
+			"MIIB0zCCATwCAQEwbqBsMGekZTBjMQswCQYDVQQGEwJERTELMAkGA1UECBMCQlkx"
+			+ "EzARBgNVBAcTClJlZ2Vuc2J1cmcxEDAOBgNVBAoTB0FDIFRlc3QxCzAJBgNVBAsT"
+			+ "AkNBMRMwEQYDVQQDEwpBQyBUZXN0IENBAgEBoHYwdKRyMHAxCzAJBgNVBAYTAkRF"
+			+ "MQswCQYDVQQIEwJCWTETMBEGA1UEBxMKUmVnZW5zYnVyZzESMBAGA1UEChMJQUMg"
+			+ "SXNzdWVyMRowGAYDVQQLExFBQyBJc3N1ZXIgc2VjdGlvbjEPMA0GA1UEAxMGQUMg"
+			+ "TWFuMA0GCSqGSIb3DQEBBQUAAgEBMCIYDzIwMDQxMTI2MTI1MjUxWhgPMjAwNDEy"
+			+ "MzEyMzAwMDBaMBkwFwYDVRhIMRAwDoEMREFVMTIzNDU2Nzg5MA0GCSqGSIb3DQEB"
+			+ "BQUAA4GBABd4Odx3yEMGL/BvItuT1RafNR2uuWuZbajg0pD6bshUsl+WCIfRiEkq"
+			+ "lHMkpI7WqAZikdnAEQ5jQsVWEuVejWxR6gjejKxc0fb9qpIui7/GoI5Eh6dmG20e"
+			+ "xbwJL3+6YYFrZwxR8cC5rPvWrblUR5XKJy+Zp/H5+t9iANnL1L8J");
+
+		private static readonly string[] subjects =
+		{
+			"C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Webserver Team,CN=www2.connect4.com.au,E=webmaster@connect4.com.au",
+			"C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Certificate Authority,CN=Connect 4 CA,E=webmaster@connect4.com.au",
+			"C=AU,ST=QLD,CN=SSLeay/rsa test cert",
+			"C=US,O=National Aeronautics and Space Administration,SERIALNUMBER=16+CN=Steve Schoch",
+			"E=cooke@issl.atl.hp.com,C=US,OU=Hewlett Packard Company (ISSL),CN=Paul A. Cooke",
+			"O=Sun Microsystems Inc,CN=store.sun.com",
+			"unstructuredAddress=192.168.1.33,unstructuredName=pixfirewall.ciscopix.com,CN=pixfirewall.ciscopix.com"
+		};
+
+		public override string Name
+		{
+			get { return "Certificate"; }
+		}
+
+		public void CheckCertificate(
+			int		id,
+			byte[]	cert)
+		{
+			Asn1Object seq = Asn1Object.FromByteArray(cert);
+			string dump = Asn1Dump.DumpAsString(seq);
+
+			X509CertificateStructure obj = X509CertificateStructure.GetInstance(seq);
+			TbsCertificateStructure tbsCert = obj.TbsCertificate;
+
+			if (!tbsCert.Subject.ToString().Equals(subjects[id - 1]))
+			{
+				Fail("failed subject test for certificate id " + id
+					+ " got " + tbsCert.Subject.ToString());
+			}
+
+			if (tbsCert.Version == 3)
+			{
+				X509Extensions ext = tbsCert.Extensions;
+				if (ext != null)
+				{
+					foreach (DerObjectIdentifier oid in ext.ExtensionOids)
+					{
+						X509Extension extVal = ext.GetExtension(oid);
+						Asn1Object extObj = Asn1Object.FromByteArray(extVal.Value.GetOctets());
+
+						if (oid.Equals(X509Extensions.SubjectKeyIdentifier))
+						{
+							SubjectKeyIdentifier.GetInstance(extObj);
+						}
+						else if (oid.Equals(X509Extensions.KeyUsage))
+						{
+							KeyUsage.GetInstance(extObj);
+						}
+						else if (oid.Equals(X509Extensions.ExtendedKeyUsage))
+						{
+							ExtendedKeyUsage ku = ExtendedKeyUsage.GetInstance(extObj);
+
+							Asn1Sequence sq = (Asn1Sequence)ku.ToAsn1Object();
+							for (int i = 0; i != sq.Count; i++)
+							{
+								KeyPurposeID.GetInstance(sq[i]);
+							}
+						}
+						else if (oid.Equals(X509Extensions.SubjectAlternativeName))
+						{
+							GeneralNames gn = GeneralNames.GetInstance(extObj);
+
+							Asn1Sequence sq = (Asn1Sequence)gn.ToAsn1Object();
+							for (int i = 0; i != sq.Count; i++)
+							{
+								GeneralName.GetInstance(sq[i]);
+							}
+						}
+						else if (oid.Equals(X509Extensions.IssuerAlternativeName))
+						{
+							GeneralNames gn = GeneralNames.GetInstance(extObj);
+
+							Asn1Sequence sq = (Asn1Sequence)gn.ToAsn1Object();
+							for (int i = 0; i != sq.Count; i++)
+							{
+								GeneralName.GetInstance(sq[i]);
+							}
+						}
+						else if (oid.Equals(X509Extensions.CrlDistributionPoints))
+						{
+							CrlDistPoint p = CrlDistPoint.GetInstance(extObj);
+
+							DistributionPoint[] points = p.GetDistributionPoints();
+							for (int i = 0; i != points.Length; i++)
+							{
+								// do nothing
+							}
+						}
+						else if (oid.Equals(X509Extensions.CertificatePolicies))
+						{
+							Asn1Sequence cp = (Asn1Sequence) extObj;
+
+							for (int i = 0; i != cp.Count; i++)
+							{
+								PolicyInformation.GetInstance(cp[i]);
+							}
+						}
+						else if (oid.Equals(X509Extensions.AuthorityKeyIdentifier))
+						{
+							AuthorityKeyIdentifier.GetInstance(extObj);
+						}
+						else if (oid.Equals(X509Extensions.BasicConstraints))
+						{
+							BasicConstraints.GetInstance(extObj);
+						}
+						else
+						{
+							//Console.WriteLine(oid.Id);
+						}
+					}
+				}
+			}
+		}
+
+		public void CheckAttributeCertificate(
+			int		id,
+			byte[]	cert)
+		{
+			Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray(cert);
+			string dump = Asn1Dump.DumpAsString(seq);
+
+			AttributeCertificate obj = AttributeCertificate.GetInstance(seq);
+			AttributeCertificateInfo acInfo = obj.ACInfo;
+
+			// Version
+			if (!(acInfo.Version.Equals(new DerInteger(1)))
+				&& (!(acInfo.Version.Equals(new DerInteger(2)))))
+			{
+				Fail("failed AC Version test for id " + id);
+			}
+
+			// Holder
+			Holder h = acInfo.Holder;
+			if (h == null)
+			{
+				Fail("failed AC Holder test, it's null, for id " + id);
+			}
+
+			// Issuer
+			AttCertIssuer aci = acInfo.Issuer;
+			if (aci == null)
+			{
+				Fail("failed AC Issuer test, it's null, for id " + id);
+			}
+
+			// Signature
+			AlgorithmIdentifier sig = acInfo.Signature;
+			if (sig == null)
+			{
+				Fail("failed AC Signature test for id " + id);
+			}
+
+			// Serial
+			DerInteger serial = acInfo.SerialNumber;
+
+			// Validity
+			AttCertValidityPeriod validity = acInfo.AttrCertValidityPeriod;
+			if (validity == null)
+			{
+				Fail("failed AC AttCertValidityPeriod test for id " + id);
+			}
+
+			// Attributes
+			Asn1Sequence attribSeq = acInfo.Attributes;
+			AttributeX509[] att = new AttributeX509[attribSeq.Count];
+			for (int i = 0; i < attribSeq.Count; i++)
+			{
+				att[i] = AttributeX509.GetInstance(attribSeq[i]);
+			}
+
+			// IssuerUniqueId
+			// TODO, how to best test?
+
+			// X509 Extensions
+			X509Extensions ext = acInfo.Extensions;
+			if (ext != null)
+			{
+				foreach (DerObjectIdentifier oid in ext.ExtensionOids)
+				{
+					X509Extension extVal = ext.GetExtension(oid);
+				}
+			}
+		}
+
+		public override void PerformTest()
+		{
+			CheckCertificate(1, cert1);
+			CheckCertificate(2, cert2);
+			CheckCertificate(3, cert3);
+			CheckCertificate(4, cert4);
+			CheckCertificate(5, cert5);
+			CheckCertificate(6, cert6);
+			CheckCertificate(7, cert7);
+			CheckAttributeCertificate(8, cert8);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new CertificateTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/CommitmentTypeIndicationUnitTest.cs b/crypto/test/src/asn1/test/CommitmentTypeIndicationUnitTest.cs
new file mode 100644
index 000000000..20c2d18e3
--- /dev/null
+++ b/crypto/test/src/asn1/test/CommitmentTypeIndicationUnitTest.cs
@@ -0,0 +1,107 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Esf;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class CommitmentTypeIndicationUnitTest
+        : SimpleTest
+    {
+        public override string Name
+        {
+			get { return "CommitmentTypeIndication"; }
+        }
+
+		public override void PerformTest()
+        {
+            CommitmentTypeIndication cti = new CommitmentTypeIndication(CommitmentTypeIdentifier.ProofOfOrigin);
+
+            CheckConstruction(cti, CommitmentTypeIdentifier.ProofOfOrigin, null);
+
+            Asn1Sequence qualifier = new DerSequence(new DerObjectIdentifier("1.2"));
+
+            cti = new CommitmentTypeIndication(CommitmentTypeIdentifier.ProofOfOrigin, qualifier);
+
+            CheckConstruction(cti, CommitmentTypeIdentifier.ProofOfOrigin, qualifier);
+
+            cti = CommitmentTypeIndication.GetInstance(null);
+
+            if (cti != null)
+            {
+                Fail("null GetInstance() failed.");
+            }
+
+            try
+            {
+                CommitmentTypeIndication.GetInstance(new object());
+
+                Fail("GetInstance() failed to detect bad object.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+        }
+
+        private void CheckConstruction(
+            CommitmentTypeIndication mv,
+            DerObjectIdentifier commitmenttTypeId,
+            Asn1Encodable qualifier)
+        {
+            CheckStatement(mv, commitmenttTypeId, qualifier);
+
+			mv = CommitmentTypeIndication.GetInstance(mv);
+
+			CheckStatement(mv, commitmenttTypeId, qualifier);
+
+			Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray(
+				mv.ToAsn1Object().GetEncoded());
+
+			mv = CommitmentTypeIndication.GetInstance(seq);
+
+			CheckStatement(mv, commitmenttTypeId, qualifier);
+        }
+
+		private void CheckStatement(
+            CommitmentTypeIndication cti,
+            DerObjectIdentifier     commitmentTypeId,
+            Asn1Encodable           qualifier)
+        {
+            if (!cti.CommitmentTypeID.Equals(commitmentTypeId))
+            {
+                Fail("commitmentTypeIds don't match.");
+            }
+
+            if (qualifier != null)
+            {
+                if (!cti.CommitmentTypeQualifier.Equals(qualifier))
+                {
+                    Fail("qualifiers don't match.");
+                }
+            }
+            else if (cti.CommitmentTypeQualifier != null)
+            {
+                Fail("qualifier found when none expected.");
+            }
+        }
+
+        public static void Main(
+            string[]    args)
+        {
+            RunTest(new CommitmentTypeIndicationUnitTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/CommitmentTypeQualifierUnitTest.cs b/crypto/test/src/asn1/test/CommitmentTypeQualifierUnitTest.cs
new file mode 100644
index 000000000..192ac52f6
--- /dev/null
+++ b/crypto/test/src/asn1/test/CommitmentTypeQualifierUnitTest.cs
@@ -0,0 +1,107 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Esf;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class CommitmentTypeQualifierUnitTest
+        : SimpleTest
+    {
+        public override string Name
+        {
+			get { return "CommitmentTypeQualifier"; }
+        }
+
+		public override void PerformTest()
+        {
+            CommitmentTypeQualifier ctq = new CommitmentTypeQualifier(CommitmentTypeIdentifier.ProofOfOrigin);
+
+            CheckConstruction(ctq, CommitmentTypeIdentifier.ProofOfOrigin, null);
+
+            Asn1Encodable info = new DerObjectIdentifier("1.2");
+
+            ctq = new CommitmentTypeQualifier(CommitmentTypeIdentifier.ProofOfOrigin, info);
+
+            CheckConstruction(ctq, CommitmentTypeIdentifier.ProofOfOrigin, info);
+
+            ctq = CommitmentTypeQualifier.GetInstance(null);
+
+            if (ctq != null)
+            {
+                Fail("null GetInstance() failed.");
+            }
+
+            try
+            {
+                CommitmentTypeQualifier.GetInstance(new object());
+
+                Fail("GetInstance() failed to detect bad object.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+        }
+
+        private void CheckConstruction(
+            CommitmentTypeQualifier mv,
+            DerObjectIdentifier commitmenttTypeId,
+            Asn1Encodable qualifier)
+        {
+            CheckStatement(mv, commitmenttTypeId, qualifier);
+
+			mv = CommitmentTypeQualifier.GetInstance(mv);
+
+			CheckStatement(mv, commitmenttTypeId, qualifier);
+
+			Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray(
+				mv.ToAsn1Object().GetEncoded());
+
+			mv = CommitmentTypeQualifier.GetInstance(seq);
+
+			CheckStatement(mv, commitmenttTypeId, qualifier);
+        }
+
+		private void CheckStatement(
+            CommitmentTypeQualifier ctq,
+            DerObjectIdentifier     commitmentTypeId,
+            Asn1Encodable           qualifier)
+        {
+            if (!ctq.CommitmentTypeIdentifier.Equals(commitmentTypeId))
+            {
+                Fail("commitmentTypeIds don't match.");
+            }
+
+            if (qualifier != null)
+            {
+                if (!ctq.Qualifier.Equals(qualifier))
+                {
+                    Fail("qualifiers don't match.");
+                }
+            }
+            else if (ctq.Qualifier != null)
+            {
+                Fail("qualifier found when none expected.");
+            }
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new CommitmentTypeQualifierUnitTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/ContentHintsUnitTest.cs b/crypto/test/src/asn1/test/ContentHintsUnitTest.cs
new file mode 100644
index 000000000..d7453c27e
--- /dev/null
+++ b/crypto/test/src/asn1/test/ContentHintsUnitTest.cs
@@ -0,0 +1,93 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Ess;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class ContentHintsUnitTest
+		: Asn1UnitTest
+	{
+		public override string Name
+		{
+			get { return "ContentHints"; }
+		}
+
+		public override void PerformTest()
+		{
+			DerUtf8String contentDescription = new DerUtf8String("Description");
+			DerObjectIdentifier contentType = new DerObjectIdentifier("1.2.2.3");
+
+			ContentHints hints = new ContentHints(contentType);
+
+			checkConstruction(hints, contentType, null);
+
+			hints = new ContentHints(contentType, contentDescription);
+
+			checkConstruction(hints, contentType, contentDescription);
+
+			hints = ContentHints.GetInstance(null);
+
+			if (hints != null)
+			{
+				Fail("null GetInstance() failed.");
+			}
+
+			try
+			{
+				ContentHints.GetInstance(new Object());
+
+				Fail("GetInstance() failed to detect bad object.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkConstruction(
+			ContentHints		hints,
+			DerObjectIdentifier	contentType,
+			DerUtf8String		description)
+		{
+			checkValues(hints, contentType, description);
+
+			hints = ContentHints.GetInstance(hints);
+
+			checkValues(hints, contentType, description);
+
+			Asn1InputStream aIn = new Asn1InputStream(hints.ToAsn1Object().GetEncoded());
+
+			Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject();
+
+			hints = ContentHints.GetInstance(seq);
+
+			checkValues(hints, contentType, description);
+		}
+
+		private void checkValues(
+			ContentHints		hints,
+			DerObjectIdentifier	contentType,
+			DerUtf8String		description)
+		{
+			checkMandatoryField("contentType", contentType, hints.ContentType);
+			checkOptionalField("description", description, hints.ContentDescription);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new ContentHintsUnitTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/CscaMasterListTest.cs b/crypto/test/src/asn1/test/CscaMasterListTest.cs
new file mode 100644
index 000000000..814e98b2a
--- /dev/null
+++ b/crypto/test/src/asn1/test/CscaMasterListTest.cs
@@ -0,0 +1,57 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Icao;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class CscaMasterListTest
+        : SimpleTest
+    {
+		public override string Name
+		{
+			get { return "CscaMasterList"; }
+		}
+
+		public override void PerformTest() 
+		{
+			byte[] input = GetInput("masterlist-content.data");
+			CscaMasterList parsedList = CscaMasterList.GetInstance(Asn1Object.FromByteArray(input));
+
+			if (parsedList.GetCertStructs().Length != 3)
+			{
+				Fail("Cert structure parsing failed: incorrect length");
+			}
+
+			byte[] output = parsedList.GetEncoded();
+			if (!AreEqual(input, output))
+			{
+				Fail("Encoding failed after parse");
+			}
+		}
+
+		private byte[] GetInput(string name)
+		{
+			return Streams.ReadAll(SimpleTest.GetTestDataAsStream("asn1." + name));
+		}
+
+		public static void Main(
+            string[] args)
+        {
+            RunTest(new CscaMasterListTest());
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+        }
+	}
+}
diff --git a/crypto/test/src/asn1/test/DERApplicationSpecificTest.cs b/crypto/test/src/asn1/test/DERApplicationSpecificTest.cs
new file mode 100644
index 000000000..a61ae87e8
--- /dev/null
+++ b/crypto/test/src/asn1/test/DERApplicationSpecificTest.cs
@@ -0,0 +1,88 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class DerApplicationSpecificTest
+		: SimpleTest
+	{
+		private static readonly byte[] impData = Hex.Decode("430109");
+
+		private static readonly byte[] certData = Hex.Decode(
+			  "7F218201897F4E8201495F290100420E44454356434145504153533030317F49"
+			+ "81FD060A04007F00070202020202811CD7C134AA264366862A18302575D1D787"
+			+ "B09F075797DA89F57EC8C0FF821C68A5E62CA9CE6C1C299803A6C1530B514E18"
+			+ "2AD8B0042A59CAD29F43831C2580F63CCFE44138870713B1A92369E33E2135D2"
+			+ "66DBB372386C400B8439040D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C"
+			+ "1E6EFDEE12C07D58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D376"
+			+ "1402CD851CD7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A793"
+			+ "9F863904393EE8E06DB6C7F528F8B4260B49AA93309824D92CDB1807E5437EE2"
+			+ "E26E29B73A7111530FA86B350037CB9415E153704394463797139E148701015F"
+			+ "200E44454356434145504153533030317F4C0E060904007F0007030102015301"
+			+ "C15F25060007000400015F24060009000400015F37384CCF25C59F3612EEE188"
+			+ "75F6C5F2E2D21F0395683B532A26E4C189B71EFE659C3F26E0EB9AEAE9986310"
+			+ "7F9B0DADA16414FFA204516AEE2B");
+
+		public override string Name
+		{
+			get { return "DerApplicationSpecific"; }
+		}
+
+		public override void PerformTest()
+		{
+			DerInteger val = new DerInteger(9);
+
+			DerApplicationSpecific tagged = new DerApplicationSpecific(false, 3, val);
+
+			if (!AreEqual(impData, tagged.GetEncoded()))
+			{
+				Fail("implicit encoding failed");
+			}
+
+			DerInteger recVal = (DerInteger) tagged.GetObject(Asn1Tags.Integer);
+
+			if (!val.Equals(recVal))
+			{
+				Fail("implicit read back failed");
+			}
+
+			DerApplicationSpecific certObj = (DerApplicationSpecific)
+				Asn1Object.FromByteArray(certData);
+
+			if (!certObj.IsConstructed() || certObj.ApplicationTag != 33)
+			{
+				Fail("parsing of certificate data failed");
+			}
+
+			byte[] encoded = certObj.GetDerEncoded();
+
+			if (!Arrays.AreEqual(certData, encoded))
+			{
+				Console.WriteLine(Encoding.ASCII.GetString(certData, 0, certData.Length).Substring(0, 20));
+				Console.WriteLine(Encoding.ASCII.GetString(encoded, 0, encoded.Length).Substring(0, 20));
+				Fail("re-encoding of certificate data failed");
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new DerApplicationSpecificTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/DERUTF8StringTest.cs b/crypto/test/src/asn1/test/DERUTF8StringTest.cs
new file mode 100644
index 000000000..be4dace79
--- /dev/null
+++ b/crypto/test/src/asn1/test/DERUTF8StringTest.cs
@@ -0,0 +1,113 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class DerUtf8StringTest
+		: ITest
+	{
+		/**
+			* Unicode code point U+10400 coded as surrogate in two native Java UTF-16
+			* code units
+			*/
+		private readonly static char[] glyph1_utf16 = { (char)0xd801, (char)0xdc00 };
+
+		/**
+		 * U+10400 coded in UTF-8
+		 */
+		private readonly static byte[] glyph1_utf8 = { (byte)0xF0, (byte)0x90, (byte)0x90, (byte)0x80 };
+
+		/**
+		 * Unicode code point U+6771 in native Java UTF-16
+		 */
+		private readonly static char[] glyph2_utf16 = { (char)0x6771 };
+
+		/**
+		 * U+6771 coded in UTF-8
+		 */
+		private readonly static byte[] glyph2_utf8 = { (byte)0xE6, (byte)0x9D, (byte)0xB1 };
+
+		/**
+		 * Unicode code point U+00DF in native Java UTF-16
+		 */
+		private readonly static char[] glyph3_utf16 = { (char)0x00DF };
+
+		/**
+		 * U+00DF coded in UTF-8
+		 */
+		private readonly static byte[] glyph3_utf8 = { (byte)0xC3, (byte)0x9f };
+
+		/**
+		 * Unicode code point U+0041 in native Java UTF-16
+		 */
+		private readonly static char[] glyph4_utf16 = { (char)0x0041 };
+
+		/**
+		 * U+0041 coded in UTF-8
+		 */
+		private readonly static byte[] glyph4_utf8 = { 0x41 };
+
+		private readonly static byte[][] glyphs_utf8 = { glyph1_utf8, glyph2_utf8, glyph3_utf8, glyph4_utf8 };
+
+		private readonly static char[][] glyphs_utf16 = { glyph1_utf16, glyph2_utf16, glyph3_utf16, glyph4_utf16 };
+
+		public ITestResult Perform()
+		{
+			try
+			{
+				for (int i = 0; i < glyphs_utf16.Length; i++)
+				{
+					string s = new string(glyphs_utf16[i]);
+					byte[] b1 = new DerUtf8String(s).GetEncoded();
+					byte[] temp = new byte[b1.Length - 2];
+					Array.Copy(b1, 2, temp, 0, b1.Length - 2);
+					byte[] b2 = new DerUtf8String(new DerOctetString(temp).GetOctets()).GetEncoded();
+					if (!Arrays.AreEqual(b1, b2))
+					{
+						return new SimpleTestResult(false, Name + ": failed UTF-8 encoding and decoding");
+					}
+					if (!Arrays.AreEqual(temp, glyphs_utf8[i]))
+					{
+						return new SimpleTestResult(false, Name + ": failed UTF-8 encoding and decoding");
+					}
+				}
+			}
+			catch (Exception e)
+			{
+				return new SimpleTestResult(false, Name + ": failed with Exception " + e.Message);
+			}
+
+			return new SimpleTestResult(true, Name + ": Okay");
+		}
+
+		public string Name
+		{
+			get
+			{
+				return "DERUTF8String";
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			DerUtf8StringTest test = new DerUtf8StringTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/DataGroupHashUnitTest.cs b/crypto/test/src/asn1/test/DataGroupHashUnitTest.cs
new file mode 100644
index 000000000..dcebf4670
--- /dev/null
+++ b/crypto/test/src/asn1/test/DataGroupHashUnitTest.cs
@@ -0,0 +1,106 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Icao;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class DataGroupHashUnitTest
+        : SimpleTest
+    {
+        public override string Name
+        {
+			get { return "DataGroupHash"; }
+        }
+
+		private byte[] GenerateHash()
+        {
+            Random rand = new Random();
+            byte[] bytes = new byte[20];
+			rand.NextBytes(bytes);
+			return bytes;
+        }
+
+		public override void PerformTest()
+        {
+            int dataGroupNumber = 1;
+            Asn1OctetString dataHash = new DerOctetString(GenerateHash());
+            DataGroupHash dg = new DataGroupHash(dataGroupNumber, dataHash);
+
+            CheckConstruction(dg, dataGroupNumber, dataHash);
+
+			try
+			{
+				DataGroupHash.GetInstance(null);
+			}
+			catch (Exception)
+			{
+				Fail("GetInstance() failed to handle null.");
+			}
+
+			try
+            {
+                DataGroupHash.GetInstance(new object());
+
+				Fail("GetInstance() failed to detect bad object.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+        }
+
+		private void CheckConstruction(
+            DataGroupHash dg,
+            int dataGroupNumber,
+            Asn1OctetString     dataGroupHashValue)
+        {
+            CheckValues(dg, dataGroupNumber, dataGroupHashValue);
+
+			dg = DataGroupHash.GetInstance(dg);
+
+			CheckValues(dg, dataGroupNumber, dataGroupHashValue);
+
+			Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray(
+				dg.ToAsn1Object().GetEncoded());
+
+			dg = DataGroupHash.GetInstance(seq);
+
+			CheckValues(dg, dataGroupNumber, dataGroupHashValue);
+        }
+
+		private void CheckValues(
+            DataGroupHash	dg,
+            int				dataGroupNumber,
+            Asn1OctetString	dataGroupHashValue)
+        {
+            if (dg.DataGroupNumber != dataGroupNumber)
+            {
+                Fail("group number don't match.");
+            }
+
+			if (!dg.DataGroupHashValue.Equals(dataGroupHashValue))
+            {
+                Fail("hash value don't match.");
+            }
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            RunTest(new DataGroupHashUnitTest());
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/DeclarationOfMajorityUnitTest.cs b/crypto/test/src/asn1/test/DeclarationOfMajorityUnitTest.cs
new file mode 100644
index 000000000..bd1fb5a9e
--- /dev/null
+++ b/crypto/test/src/asn1/test/DeclarationOfMajorityUnitTest.cs
@@ -0,0 +1,97 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.IsisMtt.X509;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class DeclarationOfMajorityUnitTest
+		: Asn1UnitTest
+	{
+		public override string Name
+		{
+			get { return "DeclarationOfMajority"; }
+		}
+
+		public override void PerformTest()
+		{
+			DerGeneralizedTime dateOfBirth = new DerGeneralizedTime("20070315173729Z");
+			DeclarationOfMajority decl = new DeclarationOfMajority(dateOfBirth);
+
+			checkConstruction(decl, DeclarationOfMajority.Choice.DateOfBirth, dateOfBirth, -1);
+
+			decl = new DeclarationOfMajority(6);
+
+			checkConstruction(decl, DeclarationOfMajority.Choice.NotYoungerThan, null, 6);
+
+			decl = DeclarationOfMajority.GetInstance(null);
+
+			if (decl != null)
+			{
+				Fail("null GetInstance() failed.");
+			}
+
+			try
+			{
+				DeclarationOfMajority.GetInstance(new Object());
+
+				Fail("GetInstance() failed to detect bad object.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkConstruction(
+			DeclarationOfMajority			decl,
+			DeclarationOfMajority.Choice	type,
+			DerGeneralizedTime				dateOfBirth,
+			int								notYoungerThan)
+		{
+			checkValues(decl, type, dateOfBirth, notYoungerThan);
+
+			decl = DeclarationOfMajority.GetInstance(decl);
+
+			checkValues(decl, type, dateOfBirth, notYoungerThan);
+
+			Asn1InputStream aIn = new Asn1InputStream(decl.ToAsn1Object().GetEncoded());
+
+			DerTaggedObject info = (DerTaggedObject) aIn.ReadObject();
+
+			decl = DeclarationOfMajority.GetInstance(info);
+
+			checkValues(decl, type, dateOfBirth, notYoungerThan);
+		}
+
+		private void checkValues(
+			DeclarationOfMajority			decl,
+			DeclarationOfMajority.Choice	type,
+			DerGeneralizedTime				dateOfBirth,
+			int								notYoungerThan)
+		{
+			checkMandatoryField("type", (int) type, (int) decl.Type);
+			checkOptionalField("dateOfBirth", dateOfBirth, decl.DateOfBirth);
+			if (notYoungerThan != -1 && notYoungerThan != decl.NotYoungerThan)
+			{
+				Fail("notYoungerThan mismatch");
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new DeclarationOfMajorityUnitTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/EncryptedPrivateKeyInfoTest.cs b/crypto/test/src/asn1/test/EncryptedPrivateKeyInfoTest.cs
new file mode 100644
index 000000000..a84df59cc
--- /dev/null
+++ b/crypto/test/src/asn1/test/EncryptedPrivateKeyInfoTest.cs
@@ -0,0 +1,152 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.Utilities;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    /**
+     * Test the reading and writing of EncryptedPrivateKeyInfo objects using
+     * the test vectors provided at
+     * <a href="http://www.rsasecurity.com/rsalabs/pkcs/pkcs-5/index.html">
+     * RSA's Pkcs5 Page</a>.
+     * <br/>
+     * The vectors are Base 64 encoded and encrypted using the password "password"
+     * (without quotes). They should all yield the same PrivateKeyInfo object.
+     */
+    [TestFixture]
+    public class EncryptedPrivateKeyInfoTest
+        : ITest
+    {
+		static byte[] sample1 = Base64.Decode(
+			  "MIIBozA9BgkqhkiG9w0BBQ0wMDAbBgkqhkiG9w0BBQwwDgQIfWBDXwLp4K4CAggA"
+			+ "MBEGBSsOAwIHBAiaCF/AvOgQ6QSCAWDWX4BdAzCRNSQSANSuNsT5X8mWYO27mr3Y"
+			+ "9c9LoBVXGNmYWKA77MI4967f7SmjNcgXj3xNE/jmnVz6hhsjS8E5VPT3kfyVkpdZ"
+			+ "0lr5e9Yk2m3JWpPU7++v5zBkZmC4V/MwV/XuIs6U+vykgzMgpxQg0oZKS9zgmiZo"
+			+ "f/4dOCL0UtCDnyOSvqT7mCVIcMDIEKu8QbVlgZYBop08l60EuEU3gARUo8WsYQmO"
+			+ "Dz/ldx0Z+znIT0SXVuOwc+RVItC5T/Qx+aijmmpt+9l14nmaGBrEkmuhmtdvU/4v"
+			+ "aptewGRgmjOfD6cqK+zs0O5NrrJ3P/6ZSxXj91CQgrThGfOv72bUncXEMNtc8pks"
+			+ "2jpHFjGMdKufnadAD7XuMgzkkaklEXZ4f5tU6heIIwr51g0GBEGF96gYPFnjnSQM"
+			+ "75JE02Clo+DfcfXpcybPTwwFg2jd6JTTOfkdf6OdSlA/1XNK43FA");
+
+		static byte[] sample2 = Base64.Decode(
+			  "MIIBpjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIeFeOWl1jywYCAggA"
+			+ "MBQGCCqGSIb3DQMHBAjUJ5eGBhQGtQSCAWBrHrRgqO8UUMLcWzZEtpk1l3mjxiF/"
+			+ "koCMkHsFwowgyWhEbgIkTgbSViK54LVK8PskekcGNLph+rB6bGZ7pPbL5pbXASJ8"
+			+ "+MkQcG3FZdlS4Ek9tTJDApj3O1UubZGFG4uvTlJJFbF1BOJ3MkY3XQ9Gl1qwv7j5"
+			+ "6e103Da7Cq9+oIDKmznza78XXQYrUsPo8mJGjUxPskEYlzwvHjKubRnYm/K6RKhi"
+			+ "5f4zX4BQ/Dt3H812ZjRXrsjAJP0KrD/jyD/jCT7zNBVPH1izBds+RwizyQAHwfNJ"
+			+ "BFR78TH4cgzB619X47FDVOnT0LqQNVd0O3cSwnPrXE9XR3tPayE+iOB15llFSmi8"
+			+ "z0ByOXldEpkezCn92Umk++suzIVj1qfsK+bv2phZWJPbLEIWPDRHUbYf76q5ArAr"
+			+ "u4xtxT/hoK3krEs/IN3d70qjlUJ36SEw1UaZ82PWhakQbdtu39ZraMJB");
+
+		static byte[] sample3 = Base64.Decode(
+			  "MIIBrjBIBgkqhkiG9w0BBQ0wOzAeBgkqhkiG9w0BBQwwEQQIrHyQPBZqWLUCAggA"
+			+ "AgEQMBkGCCqGSIb3DQMCMA0CAToECEhbh7YZKiPSBIIBYCT1zp6o5jpFlIkgwPop"
+			+ "7bW1+8ACr4exqzkeb3WflQ8cWJ4cURxzVdvxUnXeW1VJdaQZtjS/QHs5GhPTG/0f"
+			+ "wtvnaPfwrIJ3FeGaZfcg2CrYhalOFmEb4xrE4KyoEQmUN8tb/Cg94uzd16BOPw21"
+			+ "RDnE8bnPdIGY7TyL95kbkqH23mK53pi7h+xWIgduW+atIqDyyt55f7WMZcvDvlj6"
+			+ "VpN/V0h+qxBHL274WA4dj6GYgeyUFpi60HdGCK7By2TBy8h1ZvKGjmB9h8jZvkx1"
+			+ "MkbRumXxyFsowTZawyYvO8Um6lbfEDP9zIEUq0IV8RqH2MRyblsPNSikyYhxX/cz"
+			+ "tdDxRKhilySbSBg5Kr8OfcwKp9bpinN96nmG4xr3Tch1bnVvqJzOQ5+Vva2WwVvH"
+			+ "2JkWvYm5WaANg4Q6bRxu9vz7DuhbJjQdZbxFezIAgrJdSe92B00jO/0Kny1WjiVO"
+			+ "6DA=");
+
+		public string Name
+		{
+			get { return "EncryptedPrivateKeyInfoTest"; }
+		}
+
+        private ITestResult DoTest(
+            int		id,
+            byte[]	sample)
+        {
+            EncryptedPrivateKeyInfo info;
+            try
+            {
+				info = EncryptedPrivateKeyInfo.GetInstance(Asn1Object.FromByteArray(sample));
+            }
+            catch (Exception e)
+            {
+                return new SimpleTestResult(false, Name + ": test " + id + " failed construction - exception "
+                    + e.ToString());
+            }
+
+			byte[] bytes;
+            try
+            {
+            	bytes = info.GetDerEncoded();
+            }
+            catch (Exception e)
+            {
+                return new SimpleTestResult(false,
+                    Name + ": test " + id + " failed writing - exception " + e.ToString());
+            }
+
+            if (!Arrays.AreEqual(bytes, sample))
+            {
+                try
+                {
+                    Asn1Object obj = Asn1Object.FromByteArray(bytes);
+
+                    return new SimpleTestResult(false, Name + ": test " + id
+                        + " length mismatch - expected " + sample.Length + SimpleTest.NewLine
+                        + Asn1Dump.DumpAsString(info) + " got " + bytes.Length + SimpleTest.NewLine
+                        + Asn1Dump.DumpAsString(obj));
+                }
+                catch (Exception e)
+                {
+                    return new SimpleTestResult(false, Name + ": test " + id + " data mismatch - exception " + e.ToString());
+                }
+            }
+
+            return new SimpleTestResult(true, Name + ": test " + id + " Okay");
+        }
+
+        public ITestResult Perform()
+        {
+            ITestResult  result = DoTest(0, sample1);
+            if (!result.IsSuccessful())
+            {
+                return result;
+            }
+
+            result = DoTest(1, sample2);
+            if (!result.IsSuccessful())
+            {
+                return result;
+            }
+
+            result = DoTest(2, sample3);
+            if (!result.IsSuccessful())
+            {
+                return result;
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new EncryptedPrivateKeyInfoTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/EqualsAndHashCodeTest.cs b/crypto/test/src/asn1/test/EqualsAndHashCodeTest.cs
new file mode 100644
index 000000000..21172f816
--- /dev/null
+++ b/crypto/test/src/asn1/test/EqualsAndHashCodeTest.cs
@@ -0,0 +1,94 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class EqualsAndHashCodeTest
+        : SimpleTest
+    {
+        public override void PerformTest()
+        {
+            byte[] data = { 0, 1, 0, 1, 0, 0, 1 };
+
+			Asn1Object[] values =
+			{
+                new BerOctetString(data),
+                new BerSequence(new DerPrintableString("hello world")),
+                new BerSet(new DerPrintableString("hello world")),
+                new BerTaggedObject(0, new DerPrintableString("hello world")),
+				new DerApplicationSpecific(0, data),
+                new DerBitString(data),
+                new DerBmpString("hello world"),
+                DerBoolean.True,
+                DerBoolean.False,
+                new DerEnumerated(100),
+				new DerGeneralizedTime("20070315173729Z"),
+				new DerGeneralString("hello world"),
+                new DerIA5String("hello"),
+                new DerInteger(1000),
+                DerNull.Instance,
+                new DerNumericString("123456"),
+                new DerObjectIdentifier("1.1.1.10000.1"),
+                new DerOctetString(data),
+                new DerPrintableString("hello world"),
+                new DerSequence(new DerPrintableString("hello world")),
+                new DerSet(new DerPrintableString("hello world")),
+                new DerT61String("hello world"),
+                new DerTaggedObject(0, new DerPrintableString("hello world")),
+                new DerUniversalString(data),
+                new DerUnknownTag(true, 500, data),
+                new DerUtcTime(new DateTime()),
+                new DerUtf8String("hello world"),
+                new DerVisibleString("hello world")
+            };
+
+			MemoryStream bOut = new MemoryStream();
+            Asn1OutputStream aOut = new Asn1OutputStream(bOut);
+
+            for (int i = 0; i != values.Length; i++)
+            {
+                aOut.WriteObject(values[i]);
+            }
+
+			Asn1InputStream aIn = new Asn1InputStream(bOut.ToArray());
+
+			for (int i = 0; i != values.Length; i++)
+            {
+                Asn1Object o = aIn.ReadObject();
+                if (!o.Equals(values[i]))
+                {
+                    Fail("Failed equality test for " + o.GetType().Name);
+                }
+
+                if (o.GetHashCode() != values[i].GetHashCode())
+                {
+                    Fail("Failed hashCode test for " + o.GetType().Name);
+                }
+            }
+        }
+
+		public override string Name
+		{
+			get { return "EqualsAndHashCode"; }
+		}
+
+        public static void Main(
+            string[] args)
+        {
+			RunTest(new EqualsAndHashCodeTest());
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/EssCertIDv2UnitTest.cs b/crypto/test/src/asn1/test/EssCertIDv2UnitTest.cs
new file mode 100644
index 000000000..9aac777e1
--- /dev/null
+++ b/crypto/test/src/asn1/test/EssCertIDv2UnitTest.cs
@@ -0,0 +1,46 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ess;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+	public class EssCertIDv2UnitTest
+	: Asn1UnitTest
+	{
+		public override string Name
+		{
+			get { return "ESSCertIDv2"; }
+		}
+
+		public override void PerformTest()
+		{
+			// check GetInstance on default algorithm.
+			byte[] digest = new byte[32];
+			EssCertIDv2 essCertIdv2 = new EssCertIDv2(
+				new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256), digest);
+			Asn1Object asn1Object = essCertIdv2.ToAsn1Object();
+
+			EssCertIDv2.GetInstance(asn1Object);
+		}
+	
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new EssCertIDv2UnitTest());
+		}
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+	}
+}
diff --git a/crypto/test/src/asn1/test/GeneralNameTest.cs b/crypto/test/src/asn1/test/GeneralNameTest.cs
new file mode 100644
index 000000000..e9c3b5861
--- /dev/null
+++ b/crypto/test/src/asn1/test/GeneralNameTest.cs
@@ -0,0 +1,116 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class GeneralNameTest
+		: SimpleTest
+	{
+		private static readonly byte[] ipv4 = Hex.Decode("87040a090800");
+		private static readonly byte[] ipv4WithMask = Hex.Decode("87080a090800ffffff00");
+
+		private static readonly byte[] ipv6a = Hex.Decode("871020010db885a308d313198a2e03707334");
+		private static readonly byte[] ipv6b = Hex.Decode("871020010db885a3000013198a2e03707334");
+		private static readonly byte[] ipv6c = Hex.Decode("871000000000000000000000000000000001");
+		private static readonly byte[] ipv6d = Hex.Decode("871020010db885a3000000008a2e03707334");
+		private static readonly byte[] ipv6e = Hex.Decode("871020010db885a3000000008a2e0a090800");
+		private static readonly byte[] ipv6f = Hex.Decode("872020010db885a3000000008a2e0a090800ffffffffffff00000000000000000000");
+		private static readonly byte[] ipv6g = Hex.Decode("872020010db885a3000000008a2e0a090800ffffffffffffffffffffffffffffffff");
+		private static readonly byte[] ipv6h = Hex.Decode("872020010db885a300000000000000000000ffffffffffff00000000000000000000");
+	    
+		public override string Name
+		{
+			get { return "GeneralName"; }
+		}
+
+		public override void PerformTest()
+		{
+			GeneralName nm = new GeneralName(GeneralName.IPAddress, "10.9.8.0");
+			if (!Arrays.AreEqual(nm.GetEncoded(), ipv4))
+			{
+				Fail("ipv4 encoding failed");
+			}
+
+			nm = new GeneralName(GeneralName.IPAddress, "10.9.8.0/255.255.255.0");
+			if (!Arrays.AreEqual(nm.GetEncoded(), ipv4WithMask))
+			{
+				Fail("ipv4 with netmask 1 encoding failed");
+			}
+
+			nm = new GeneralName(GeneralName.IPAddress, "10.9.8.0/24");
+			if (!Arrays.AreEqual(nm.GetEncoded(), ipv4WithMask))
+			{
+				Fail("ipv4 with netmask 2 encoding failed");
+			}
+
+			nm = new GeneralName(GeneralName.IPAddress, "2001:0db8:85a3:08d3:1319:8a2e:0370:7334");
+			if (!Arrays.AreEqual(nm.GetEncoded(), ipv6a))
+			{
+				Fail("ipv6 with netmask encoding failed");
+			}
+
+			nm = new GeneralName(GeneralName.IPAddress, "2001:0db8:85a3::1319:8a2e:0370:7334");
+			if (!Arrays.AreEqual(nm.GetEncoded(), ipv6b))
+			{
+				Fail("ipv6b encoding failed");
+			}
+
+			nm = new GeneralName(GeneralName.IPAddress, "::1");
+			if (!Arrays.AreEqual(nm.GetEncoded(), ipv6c))
+			{
+				Fail("ipv6c failed");
+			}
+
+			nm = new GeneralName(GeneralName.IPAddress, "2001:0db8:85a3::8a2e:0370:7334");
+			if (!Arrays.AreEqual(nm.GetEncoded(), ipv6d))
+			{
+				Fail("ipv6d failed");
+			}
+
+			nm = new GeneralName(GeneralName.IPAddress, "2001:0db8:85a3::8a2e:10.9.8.0");
+			if (!Arrays.AreEqual(nm.GetEncoded(), ipv6e))
+			{
+				Fail("ipv6e failed");
+			}
+
+			nm = new GeneralName(GeneralName.IPAddress, "2001:0db8:85a3::8a2e:10.9.8.0/ffff:ffff:ffff::0000");
+			if (!Arrays.AreEqual(nm.GetEncoded(), ipv6f))
+			{
+				Fail("ipv6f failed");
+			}
+
+			nm = new GeneralName(GeneralName.IPAddress, "2001:0db8:85a3::8a2e:10.9.8.0/128");
+			if (!Arrays.AreEqual(nm.GetEncoded(), ipv6g))
+			{
+				Fail("ipv6g failed");
+			}
+
+			nm = new GeneralName(GeneralName.IPAddress, "2001:0db8:85a3::/48");
+			if (!Arrays.AreEqual(nm.GetEncoded(), ipv6h))
+			{
+				Fail("ipv6h failed");
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new GeneralNameTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(resultText, Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/GeneralizedTimeTest.cs b/crypto/test/src/asn1/test/GeneralizedTimeTest.cs
new file mode 100644
index 000000000..b169cfea8
--- /dev/null
+++ b/crypto/test/src/asn1/test/GeneralizedTimeTest.cs
@@ -0,0 +1,193 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	/**
+	 * X.690 test example
+	 */
+	public class GeneralizedTimeTest
+		: SimpleTest
+	{
+		private static readonly string[] input =
+		{
+			"20020122122220",
+			"20020122122220Z",
+			"20020122122220-1000",
+			"20020122122220+00",
+			"20020122122220.1",
+			"20020122122220.1Z",
+			"20020122122220.1-1000",
+			"20020122122220.1+00",
+			"20020122122220.01",
+			"20020122122220.01Z",
+			"20020122122220.01-1000",
+			"20020122122220.01+00",
+			"20020122122220.001",
+			"20020122122220.001Z",
+			"20020122122220.001-1000",
+			"20020122122220.001+00",
+			"20020122122220.0001",
+			"20020122122220.0001Z",
+			"20020122122220.0001-1000",
+			"20020122122220.0001+00",
+			"20020122122220.0001+1000"
+		};
+
+		private static readonly string[] output =
+		{
+			"20020122122220",
+			"20020122122220GMT+00:00",
+			"20020122122220GMT-10:00",
+			"20020122122220GMT+00:00",
+			"20020122122220.1",
+			"20020122122220.1GMT+00:00",
+			"20020122122220.1GMT-10:00",
+			"20020122122220.1GMT+00:00",
+			"20020122122220.01",
+			"20020122122220.01GMT+00:00",
+			"20020122122220.01GMT-10:00",
+			"20020122122220.01GMT+00:00",
+			"20020122122220.001",
+			"20020122122220.001GMT+00:00",
+			"20020122122220.001GMT-10:00",
+			"20020122122220.001GMT+00:00",
+			"20020122122220.0001",
+			"20020122122220.0001GMT+00:00",
+			"20020122122220.0001GMT-10:00",
+			"20020122122220.0001GMT+00:00",
+			"20020122122220.0001GMT+10:00"
+		};
+
+		private static readonly string[] zOutput =
+		{
+			"20020122122220Z",
+			"20020122122220Z",
+			"20020122222220Z",
+			"20020122122220Z",
+			"20020122122220Z",
+			"20020122122220Z",
+			"20020122222220Z",
+			"20020122122220Z",
+			"20020122122220Z",
+			"20020122122220Z",
+			"20020122222220Z",
+			"20020122122220Z",
+			"20020122122220Z",
+			"20020122122220Z",
+			"20020122222220Z",
+			"20020122122220Z",
+			"20020122122220Z",
+			"20020122122220Z",
+			"20020122222220Z",
+			"20020122122220Z",
+			"20020122022220Z"
+		};
+		
+		private static readonly string[] mzOutput =
+		{
+			"20020122122220.000Z",
+			"20020122122220.000Z",
+			"20020122222220.000Z",
+			"20020122122220.000Z",
+			"20020122122220.100Z",
+			"20020122122220.100Z",
+			"20020122222220.100Z",
+			"20020122122220.100Z",
+			"20020122122220.010Z",
+			"20020122122220.010Z",
+			"20020122222220.010Z",
+			"20020122122220.010Z",
+			"20020122122220.001Z",
+			"20020122122220.001Z",
+			"20020122222220.001Z",
+			"20020122122220.001Z",
+			"20020122122220.000Z",
+			"20020122122220.000Z",
+			"20020122222220.000Z",
+			"20020122122220.000Z",
+			"20020122022220.000Z"
+		};
+
+		public override string Name
+		{
+			get { return "GeneralizedTime"; }
+		}
+
+		public override void PerformTest()
+		{
+			for (int i = 0; i != input.Length; i++)
+			{
+				DerGeneralizedTime t = new DerGeneralizedTime(input[i]);
+
+				if (output[i].IndexOf('G') > 0)   // don't check local time the same way
+				{
+					if (!t.GetTime().Equals(output[i]))
+					{
+						Fail("failed conversion test");
+					}
+
+					if (!t.ToDateTime().ToString(@"yyyyMMddHHmmss\Z").Equals(zOutput[i]))
+					{
+						Fail("failed date conversion test");
+					}
+				}
+				else
+				{
+					string offset = CalculateGmtOffset(t.ToDateTime());
+					if (!t.GetTime().Equals(output[i] + offset))
+					{
+						Fail("failed conversion test");
+					}
+				}
+			}
+
+			for (int i = 0; i != input.Length; i++)
+			{
+				DerGeneralizedTime t = new DerGeneralizedTime(input[i]);
+
+				if (!t.ToDateTime().ToString(@"yyyyMMddHHmmss.fff\Z").Equals(mzOutput[i]))
+				{
+					Console.WriteLine("{0} != {1}", t.ToDateTime().ToString(@"yyyyMMddHHmmss.SSS\Z"), mzOutput[i]);
+
+					Fail("failed long date conversion test");
+				}
+			}
+		}
+
+		private string CalculateGmtOffset(
+			DateTime date)
+		{
+			char sign = '+';
+
+            // Note: GetUtcOffset incorporates Daylight Savings offset
+			TimeSpan offset =  TimeZone.CurrentTimeZone.GetUtcOffset(date);
+			if (offset.CompareTo(TimeSpan.Zero) < 0)
+			{
+				sign = '-';
+				offset = offset.Duration();
+			}
+			int hours = offset.Hours;
+			int minutes = offset.Minutes;
+
+			return "GMT" + sign + Convert(hours) + ":" + Convert(minutes);
+		}
+
+		private string Convert(int time)
+		{
+			if (time < 10)
+			{
+				return "0" + time;
+			}
+
+			return time.ToString();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new GeneralizedTimeTest());
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/GenerationTest.cs b/crypto/test/src/asn1/test/GenerationTest.cs
new file mode 100644
index 000000000..5acf8e149
--- /dev/null
+++ b/crypto/test/src/asn1/test/GenerationTest.cs
@@ -0,0 +1,325 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class GenerationTest
+        :	SimpleTest
+    {
+        private static readonly byte[] v1Cert = Base64.Decode(
+			"MIGtAgEBMA0GCSqGSIb3DQEBBAUAMCUxCzAJBgNVBAMMAkFVMRYwFAYDVQQKDA1Cb"
+			+ "3VuY3kgQ2FzdGxlMB4XDTcwMDEwMTAwMDAwMVoXDTcwMDEwMTAwMDAxMlowNjELMA"
+			+ "kGA1UEAwwCQVUxFjAUBgNVBAoMDUJvdW5jeSBDYXN0bGUxDzANBgNVBAsMBlRlc3Q"
+			+ "gMTAaMA0GCSqGSIb3DQEBAQUAAwkAMAYCAQECAQI=");
+
+		private static readonly byte[] v3Cert = Base64.Decode(
+			"MIIBSKADAgECAgECMA0GCSqGSIb3DQEBBAUAMCUxCzAJBgNVBAMMAkFVMRYwFAYD"
+			+ "VQQKDA1Cb3VuY3kgQ2FzdGxlMB4XDTcwMDEwMTAwMDAwMVoXDTcwMDEwMTAwMDAw"
+			+ "MlowNjELMAkGA1UEAwwCQVUxFjAUBgNVBAoMDUJvdW5jeSBDYXN0bGUxDzANBgNV"
+			+ "BAsMBlRlc3QgMjAYMBAGBisOBwIBATAGAgEBAgECAwQAAgEDo4GVMIGSMGEGA1Ud"
+			+ "IwEB/wRXMFWAFDZPdpHPzKi7o8EJokkQU2uqCHRRoTqkODA2MQswCQYDVQQDDAJB"
+			+ "VTEWMBQGA1UECgwNQm91bmN5IENhc3RsZTEPMA0GA1UECwwGVGVzdCAyggECMCAG"
+			+ "A1UdDgEB/wQWBBQ2T3aRz8you6PBCaJJEFNrqgh0UTALBgNVHQ8EBAMCBBA=");
+
+		private static readonly byte[] v3CertNullSubject = Base64.Decode(
+			"MIHGoAMCAQICAQIwDQYJKoZIhvcNAQEEBQAwJTELMAkGA1UEAwwCQVUxFjAUBgNVB"
+			+ "AoMDUJvdW5jeSBDYXN0bGUwHhcNNzAwMTAxMDAwMDAxWhcNNzAwMTAxMDAwMDAyWj"
+			+ "AAMBgwEAYGKw4HAgEBMAYCAQECAQIDBAACAQOjSjBIMEYGA1UdEQEB/wQ8MDqkODA"
+			+ "2MQswCQYDVQQDDAJBVTEWMBQGA1UECgwNQm91bmN5IENhc3RsZTEPMA0GA1UECwwG"
+			+ "VGVzdCAy");
+
+		private static readonly byte[] v2CertList = Base64.Decode(
+			"MIIBRQIBATANBgkqhkiG9w0BAQUFADAlMQswCQYDVQQDDAJBVTEWMBQGA1UECgwN"
+			+ "Qm91bmN5IENhc3RsZRcNNzAwMTAxMDAwMDAwWhcNNzAwMTAxMDAwMDAyWjAkMCIC"
+			+ "AQEXDTcwMDEwMTAwMDAwMVowDjAMBgNVHRUEBQoDAIAAoIHFMIHCMGEGA1UdIwEB"
+			+ "/wRXMFWAFDZPdpHPzKi7o8EJokkQU2uqCHRRoTqkODA2MQswCQYDVQQDDAJBVTEW"
+			+ "MBQGA1UECgwNQm91bmN5IENhc3RsZTEPMA0GA1UECwwGVGVzdCAyggECMEMGA1Ud"
+			+ "EgQ8MDqkODA2MQswCQYDVQQDDAJBVTEWMBQGA1UECgwNQm91bmN5IENhc3RsZTEP"
+			+ "MA0GA1UECwwGVGVzdCAzMAoGA1UdFAQDAgEBMAwGA1UdHAEB/wQCMAA=");
+
+        private void TbsV1CertGenerate()
+        {
+			V1TbsCertificateGenerator gen = new V1TbsCertificateGenerator();
+            DateTime startDate = new DateTime(1970, 1, 1, 0, 0, 1);
+            DateTime endDate = new DateTime(1970, 1, 1, 0, 0, 12);
+
+            gen.SetSerialNumber(new DerInteger(1));
+
+            gen.SetStartDate(new Time(startDate));
+            gen.SetEndDate(new Time(endDate));
+
+            gen.SetIssuer(new X509Name("CN=AU,O=Bouncy Castle"));
+            gen.SetSubject(new X509Name("CN=AU,O=Bouncy Castle,OU=Test 1"));
+
+            gen.SetSignature(new AlgorithmIdentifier(PkcsObjectIdentifiers.MD5WithRsaEncryption, DerNull.Instance));
+
+            SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance),
+                new RsaPublicKeyStructure(BigInteger.One, BigInteger.Two));
+
+            gen.SetSubjectPublicKeyInfo(info);
+
+            TbsCertificateStructure tbs = gen.GenerateTbsCertificate();
+
+			if (!Arrays.AreEqual(tbs.GetEncoded(), v1Cert))
+            {
+                Fail("failed v1 cert generation");
+            }
+
+            //
+            // read back test
+            //
+            Asn1InputStream aIn = new Asn1InputStream(v1Cert);
+            Asn1Object o = aIn.ReadObject();
+
+            if (!Arrays.AreEqual(o.GetEncoded(), v1Cert))
+            {
+                Fail("failed v1 cert read back test");
+            }
+        }
+
+		private AuthorityKeyIdentifier CreateAuthorityKeyId(
+            SubjectPublicKeyInfo	info,
+            X509Name				name,
+            int						sNumber)
+        {
+            GeneralName genName = new GeneralName(name);
+
+			return new AuthorityKeyIdentifier(
+				info,
+				GeneralNames.GetInstance(new DerSequence(genName)),
+				BigInteger.ValueOf(sNumber));
+        }
+
+		private void TbsV3CertGenerate()
+        {
+			V3TbsCertificateGenerator gen = new V3TbsCertificateGenerator();
+			DateTime startDate = new DateTime(1970, 1, 1, 0, 0, 1);
+			DateTime endDate = new DateTime(1970, 1, 1, 0, 0, 2);
+
+			gen.SetSerialNumber(new DerInteger(2));
+
+			gen.SetStartDate(new Time(startDate));
+			gen.SetEndDate(new Time(endDate));
+
+			gen.SetIssuer(new X509Name("CN=AU,O=Bouncy Castle"));
+			gen.SetSubject(new X509Name("CN=AU,O=Bouncy Castle,OU=Test 2"));
+
+			gen.SetSignature(new AlgorithmIdentifier(PkcsObjectIdentifiers.MD5WithRsaEncryption, DerNull.Instance));
+
+			SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
+				new AlgorithmIdentifier(
+					OiwObjectIdentifiers.ElGamalAlgorithm,
+					new ElGamalParameter(BigInteger.One, BigInteger.Two)),
+				new DerInteger(3));
+
+			gen.SetSubjectPublicKeyInfo(info);
+
+			//
+			// add extensions
+			//
+			IList order = new ArrayList();
+			IDictionary extensions = new Hashtable();
+
+			order.Add(X509Extensions.AuthorityKeyIdentifier);
+			order.Add(X509Extensions.SubjectKeyIdentifier);
+			order.Add(X509Extensions.KeyUsage);
+
+			extensions.Add(X509Extensions.AuthorityKeyIdentifier, new X509Extension(true, new DerOctetString(CreateAuthorityKeyId(info, new X509Name("CN=AU,O=Bouncy Castle,OU=Test 2"), 2))));
+			extensions.Add(X509Extensions.SubjectKeyIdentifier, new X509Extension(true, new DerOctetString(new SubjectKeyIdentifier(info))));
+			extensions.Add(X509Extensions.KeyUsage, new X509Extension(false, new DerOctetString(new KeyUsage(KeyUsage.DataEncipherment))));
+
+			X509Extensions ex = new X509Extensions(order, extensions);
+
+			gen.SetExtensions(ex);
+
+			TbsCertificateStructure tbs = gen.GenerateTbsCertificate();
+
+			if (!Arrays.AreEqual(tbs.GetEncoded(), v3Cert))
+			{
+				Fail("failed v3 cert generation");
+			}
+
+			//
+			// read back test
+			//
+			Asn1Object o = Asn1Object.FromByteArray(v3Cert);
+
+			if (!Arrays.AreEqual(o.GetEncoded(), v3Cert))
+			{
+				Fail("failed v3 cert read back test");
+			}
+        }
+
+		private void TbsV3CertGenWithNullSubject()
+		{
+			V3TbsCertificateGenerator gen = new V3TbsCertificateGenerator();
+			DateTime startDate = new DateTime(1970, 1, 1, 0, 0, 1);
+			DateTime endDate = new DateTime(1970, 1, 1, 0, 0, 2);
+
+			gen.SetSerialNumber(new DerInteger(2));
+
+			gen.SetStartDate(new Time(startDate));
+			gen.SetEndDate(new Time(endDate));
+
+			gen.SetIssuer(new X509Name("CN=AU,O=Bouncy Castle"));
+
+			gen.SetSignature(new AlgorithmIdentifier(PkcsObjectIdentifiers.MD5WithRsaEncryption, DerNull.Instance));
+
+			SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
+				new AlgorithmIdentifier(OiwObjectIdentifiers.ElGamalAlgorithm,
+					new ElGamalParameter(BigInteger.One, BigInteger.Two)),
+				new DerInteger(3));
+
+			gen.SetSubjectPublicKeyInfo(info);
+
+			try
+			{
+				gen.GenerateTbsCertificate();
+				Fail("null subject not caught!");
+			}
+			catch (InvalidOperationException e)
+			{
+				if (!e.Message.Equals("not all mandatory fields set in V3 TBScertificate generator"))
+				{
+					Fail("unexpected exception", e);
+				}
+			}
+
+			//
+			// add extensions
+			//
+			IList order = new ArrayList();
+			IDictionary extensions = new Hashtable();
+
+			order.Add(X509Extensions.SubjectAlternativeName);
+
+			extensions.Add(
+				X509Extensions.SubjectAlternativeName,
+				new X509Extension(
+					true,
+					new DerOctetString(
+						new GeneralNames(
+							new GeneralName(
+								new X509Name("CN=AU,O=Bouncy Castle,OU=Test 2"))))));
+
+			X509Extensions ex = new X509Extensions(order, extensions);
+
+			gen.SetExtensions(ex);
+
+			TbsCertificateStructure tbs = gen.GenerateTbsCertificate();
+
+			if (!Arrays.AreEqual(tbs.GetEncoded(), v3CertNullSubject))
+			{
+				Fail("failed v3 null sub cert generation");
+			}
+
+			//
+			// read back test
+			//
+			Asn1Object o = Asn1Object.FromByteArray(v3CertNullSubject);
+
+			if (!Arrays.AreEqual(o.GetEncoded(), v3CertNullSubject))
+			{
+				Fail("failed v3 null sub cert read back test");
+			}
+		}
+
+		private void TbsV2CertListGenerate()
+        {
+            V2TbsCertListGenerator gen = new V2TbsCertListGenerator();
+
+            gen.SetIssuer(new X509Name("CN=AU,O=Bouncy Castle"));
+
+            gen.AddCrlEntry(new DerInteger(1), new Time(new DateTime(1970, 1, 1, 0, 0, 1)), ReasonFlags.AACompromise);
+
+            gen.SetNextUpdate(new Time(new DateTime(1970, 1, 1, 0, 0, 2)));
+
+            gen.SetThisUpdate(new Time(new DateTime(1970, 1, 1, 0, 0, 0, 500)));
+
+            gen.SetSignature(new AlgorithmIdentifier(PkcsObjectIdentifiers.Sha1WithRsaEncryption, DerNull.Instance));
+
+            //
+            // extensions
+            //
+            IList order = new ArrayList();
+            IDictionary extensions = new Hashtable();
+            SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
+				new AlgorithmIdentifier(
+					OiwObjectIdentifiers.ElGamalAlgorithm,
+					new ElGamalParameter(BigInteger.One, BigInteger.Two)),
+				new DerInteger(3));
+
+			order.Add(X509Extensions.AuthorityKeyIdentifier);
+            order.Add(X509Extensions.IssuerAlternativeName);
+            order.Add(X509Extensions.CrlNumber);
+            order.Add(X509Extensions.IssuingDistributionPoint);
+
+            extensions.Add(X509Extensions.AuthorityKeyIdentifier, new X509Extension(true, new DerOctetString(CreateAuthorityKeyId(info, new X509Name("CN=AU,O=Bouncy Castle,OU=Test 2"), 2))));
+            extensions.Add(X509Extensions.IssuerAlternativeName, new X509Extension(false, new DerOctetString(GeneralNames.GetInstance(new DerSequence(new GeneralName(new X509Name("CN=AU,O=Bouncy Castle,OU=Test 3")))))));
+            extensions.Add(X509Extensions.CrlNumber, new X509Extension(false, new DerOctetString(new DerInteger(1))));
+            extensions.Add(X509Extensions.IssuingDistributionPoint, new X509Extension(true, new DerOctetString(IssuingDistributionPoint.GetInstance(DerSequence.Empty))));
+
+            X509Extensions ex = new X509Extensions(order, extensions);
+
+            gen.SetExtensions(ex);
+
+            TbsCertificateList tbs = gen.GenerateTbsCertList();
+
+            if (!Arrays.AreEqual(tbs.GetEncoded(), v2CertList))
+            {
+                Fail("failed v2 cert list generation");
+            }
+
+            //
+            // read back test
+            //
+            Asn1InputStream aIn = new Asn1InputStream(v2CertList);
+            Asn1Object o = aIn.ReadObject();
+
+            if (!Arrays.AreEqual(o.GetEncoded(), v2CertList))
+            {
+                Fail("failed v2 cert list read back test");
+            }
+        }
+
+		public override void PerformTest()
+        {
+            TbsV1CertGenerate();
+            TbsV3CertGenerate();
+			TbsV3CertGenWithNullSubject();
+            TbsV2CertListGenerate();
+        }
+
+		public override string Name
+		{
+			get { return "Generation"; }
+		}
+
+        public static void Main(
+            string[] args)
+        {
+			RunTest(new GenerationTest());
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+			Assert.AreEqual(resultText, Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/InputStreamTest.cs b/crypto/test/src/asn1/test/InputStreamTest.cs
new file mode 100644
index 000000000..1d92759e0
--- /dev/null
+++ b/crypto/test/src/asn1/test/InputStreamTest.cs
@@ -0,0 +1,85 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class InputStreamTest
+		: SimpleTest
+	{
+		private static readonly byte[] outOfBoundsLength = new byte[] { (byte)0x30, (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff };
+		private static readonly byte[] negativeLength = new byte[] { (byte)0x30, (byte)0x84, (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff };
+		private static readonly byte[] outsideLimitLength = new byte[] { (byte)0x30, (byte)0x83, (byte)0x0f, (byte)0xff, (byte)0xff };
+
+		public override string Name
+		{
+			get { return "InputStream"; }
+		}
+
+		public override void PerformTest()
+		{
+			Asn1InputStream aIn = new Asn1InputStream(outOfBoundsLength);
+
+			try
+			{
+				aIn.ReadObject();
+				Fail("out of bounds length not detected.");
+			}
+			catch (IOException e)
+			{
+				if (!e.Message.StartsWith("DER length more than 4 bytes"))
+				{
+					Fail("wrong exception: " + e.Message);
+				}
+			}
+
+			aIn = new Asn1InputStream(negativeLength);
+
+			try
+			{
+				aIn.ReadObject();
+				Fail("negative length not detected.");
+			}
+			catch (IOException e)
+			{
+				if (!e.Message.Equals("Corrupted stream - negative length found"))
+				{
+					Fail("wrong exception: " + e.Message);
+				}
+			}
+
+			aIn = new Asn1InputStream(outsideLimitLength);
+
+			try
+			{
+				aIn.ReadObject();
+				Fail("outside limit length not detected.");
+			}
+			catch (IOException e)
+			{
+				if (!e.Message.Equals("Corrupted stream - out of bounds length found"))
+				{
+					Fail("wrong exception: " + e.Message);
+				}
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new InputStreamTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/Iso4217CurrencyCodeUnitTest.cs b/crypto/test/src/asn1/test/Iso4217CurrencyCodeUnitTest.cs
new file mode 100644
index 000000000..bb6076a93
--- /dev/null
+++ b/crypto/test/src/asn1/test/Iso4217CurrencyCodeUnitTest.cs
@@ -0,0 +1,156 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X509.Qualified;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class Iso4217CurrencyCodeUnitTest
+        : SimpleTest
+    {
+        private const string AlphabeticCurrencyCode = "AUD";
+        private const int NUMERIC_CurrencyCode = 1;
+
+		public override string Name
+        {
+			get { return "Iso4217CurrencyCode"; }
+        }
+
+		public override void PerformTest()
+        {
+            //
+            // alphabetic
+            //
+            Iso4217CurrencyCode cc = new Iso4217CurrencyCode(AlphabeticCurrencyCode);
+
+            CheckNumeric(cc, AlphabeticCurrencyCode);
+
+            cc = Iso4217CurrencyCode.GetInstance(cc);
+
+            CheckNumeric(cc, AlphabeticCurrencyCode);
+
+            Asn1Object obj = cc.ToAsn1Object();
+
+            cc = Iso4217CurrencyCode.GetInstance(obj);
+
+            CheckNumeric(cc, AlphabeticCurrencyCode);
+
+            //
+            // numeric
+            //
+            cc = new Iso4217CurrencyCode(NUMERIC_CurrencyCode);
+
+            CheckNumeric(cc, NUMERIC_CurrencyCode);
+
+            cc = Iso4217CurrencyCode.GetInstance(cc);
+
+            CheckNumeric(cc, NUMERIC_CurrencyCode);
+
+            obj = cc.ToAsn1Object();
+
+            cc = Iso4217CurrencyCode.GetInstance(obj);
+
+            CheckNumeric(cc, NUMERIC_CurrencyCode);
+
+            cc = Iso4217CurrencyCode.GetInstance(null);
+
+            if (cc != null)
+            {
+                Fail("null GetInstance() failed.");
+            }
+
+            try
+            {
+                Iso4217CurrencyCode.GetInstance(new object());
+
+                Fail("GetInstance() failed to detect bad object.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+
+            try
+            {
+                new Iso4217CurrencyCode("ABCD");
+
+                Fail("constructor failed to detect out of range currencycode.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+
+            try
+            {
+                new Iso4217CurrencyCode(0);
+
+                Fail("constructor failed to detect out of range small numeric code.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+
+            try
+            {
+                new Iso4217CurrencyCode(1000);
+
+                Fail("constructor failed to detect out of range large numeric code.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+        }
+
+        private void CheckNumeric(
+            Iso4217CurrencyCode cc,
+            string              code)
+        {
+            if (!cc.IsAlphabetic)
+            {
+                Fail("non-alphabetic code found when one expected.");
+            }
+
+            if (!cc.Alphabetic.Equals(code))
+            {
+                Fail("string codes don't match.");
+            }
+        }
+
+        private void CheckNumeric(
+            Iso4217CurrencyCode cc,
+            int                 code)
+        {
+            if (cc.IsAlphabetic)
+            {
+                Fail("alphabetic code found when one not expected.");
+            }
+
+            if (cc.Numeric != code)
+            {
+                Fail("numeric codes don't match.");
+            }
+        }
+
+        public static void Main(
+            string[]    args)
+        {
+            RunTest(new Iso4217CurrencyCodeUnitTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/IssuingDistributionPointTest.cs b/crypto/test/src/asn1/test/IssuingDistributionPointTest.cs
new file mode 100644
index 000000000..b5f5c88bb
--- /dev/null
+++ b/crypto/test/src/asn1/test/IssuingDistributionPointTest.cs
@@ -0,0 +1,133 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class IssuingDistributionPointUnitTest 
+		: SimpleTest
+	{
+		public override string Name
+		{
+			get { return "IssuingDistributionPoint"; }
+		}
+
+		public override void PerformTest()
+		{
+			DistributionPointName name = new DistributionPointName(
+				new GeneralNames(new GeneralName(new X509Name("cn=test"))));
+			ReasonFlags reasonFlags = new ReasonFlags(ReasonFlags.CACompromise);
+
+			checkPoint(6, name, true, true, reasonFlags, true, true);
+
+			checkPoint(2, name, false, false, reasonFlags, false, false);
+
+			checkPoint(0, null, false, false, null, false, false);
+
+			try
+			{
+				IssuingDistributionPoint.GetInstance(new object());
+
+				Fail("GetInstance() failed to detect bad object.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkPoint(
+			int						size,
+			DistributionPointName	distributionPoint,
+			bool					onlyContainsUserCerts,
+			bool					onlyContainsCACerts,
+			ReasonFlags				onlySomeReasons,
+			bool					indirectCRL,
+			bool					onlyContainsAttributeCerts)
+		{
+			IssuingDistributionPoint point = new IssuingDistributionPoint(distributionPoint, onlyContainsUserCerts, onlyContainsCACerts, onlySomeReasons, indirectCRL, onlyContainsAttributeCerts);
+
+			checkValues(point, distributionPoint, onlyContainsUserCerts, onlyContainsCACerts, onlySomeReasons, indirectCRL, onlyContainsAttributeCerts);
+
+			Asn1Sequence seq = Asn1Sequence.GetInstance(Asn1Object.FromByteArray(point.GetEncoded()));
+
+			if (seq.Count != size)
+			{
+				Fail("size mismatch");
+			}
+
+			point = IssuingDistributionPoint.GetInstance(seq);
+
+			checkValues(point, distributionPoint, onlyContainsUserCerts, onlyContainsCACerts, onlySomeReasons, indirectCRL, onlyContainsAttributeCerts);
+		}
+
+		private void checkValues(
+			IssuingDistributionPoint	point,
+			DistributionPointName		distributionPoint,
+			bool						onlyContainsUserCerts,
+			bool						onlyContainsCACerts,
+			ReasonFlags					onlySomeReasons,
+			bool						indirectCRL,
+			bool						onlyContainsAttributeCerts)
+		{
+			if (point.OnlyContainsUserCerts != onlyContainsUserCerts)
+			{
+				Fail("mismatch on onlyContainsUserCerts");
+			}
+
+			if (point.OnlyContainsCACerts != onlyContainsCACerts)
+			{
+				Fail("mismatch on onlyContainsCACerts");
+			}
+
+			if (point.IsIndirectCrl != indirectCRL)
+			{
+				Fail("mismatch on indirectCRL");
+			}
+
+			if (point.OnlyContainsAttributeCerts != onlyContainsAttributeCerts)
+			{
+				Fail("mismatch on onlyContainsAttributeCerts");
+			}
+
+			if (!isEquiv(onlySomeReasons, point.OnlySomeReasons))
+			{
+				Fail("mismatch on onlySomeReasons");
+			}
+
+			if (!isEquiv(distributionPoint, point.DistributionPoint))
+			{
+				Fail("mismatch on distributionPoint");
+			}
+		}
+
+		private bool isEquiv(object o1, object o2)
+		{
+			if (o1 == null)
+			{
+				return o2 == null;
+			}
+
+			return o1.Equals(o2);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new IssuingDistributionPointUnitTest());
+		}
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+	}
+}
diff --git a/crypto/test/src/asn1/test/KeyUsageTest.cs b/crypto/test/src/asn1/test/KeyUsageTest.cs
new file mode 100644
index 000000000..d7ed3655d
--- /dev/null
+++ b/crypto/test/src/asn1/test/KeyUsageTest.cs
@@ -0,0 +1,49 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class KeyUsageTest
+		: SimpleTest
+	{
+		public override string Name
+		{
+			get
+			{
+				return "KeyUsage";
+			}
+		}
+
+		public override void PerformTest()
+		{
+			BitStringConstantTester.testFlagValueCorrect(0, KeyUsage.DigitalSignature);
+			BitStringConstantTester.testFlagValueCorrect(1, KeyUsage.NonRepudiation);
+			BitStringConstantTester.testFlagValueCorrect(2, KeyUsage.KeyEncipherment);
+			BitStringConstantTester.testFlagValueCorrect(3, KeyUsage.DataEncipherment);
+			BitStringConstantTester.testFlagValueCorrect(4, KeyUsage.KeyAgreement);
+			BitStringConstantTester.testFlagValueCorrect(5, KeyUsage.KeyCertSign);
+			BitStringConstantTester.testFlagValueCorrect(6, KeyUsage.CrlSign);
+			BitStringConstantTester.testFlagValueCorrect(7, KeyUsage.EncipherOnly);
+			BitStringConstantTester.testFlagValueCorrect(8, KeyUsage.DecipherOnly);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new KeyUsageTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/LDSSecurityObjectUnitTest.cs b/crypto/test/src/asn1/test/LDSSecurityObjectUnitTest.cs
new file mode 100644
index 000000000..042781632
--- /dev/null
+++ b/crypto/test/src/asn1/test/LDSSecurityObjectUnitTest.cs
@@ -0,0 +1,208 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Icao;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class LDSSecurityObjectUnitTest
+        : SimpleTest
+    {
+        public override string Name
+        {
+			get { return "LDSSecurityObject"; }
+        }
+
+		private byte[] GenerateHash()
+        {
+            Random rand = new Random();
+            byte[] bytes = new byte[20];
+            rand.NextBytes(bytes);
+            return bytes;
+        }
+
+        public override void PerformTest()
+        {
+            AlgorithmIdentifier  algoId = new AlgorithmIdentifier("1.3.14.3.2.26");
+            DataGroupHash[] datas = new DataGroupHash[2];
+
+            datas[0] = new DataGroupHash(1, new DerOctetString(GenerateHash()));
+            datas[1] = new DataGroupHash(2, new DerOctetString(GenerateHash()));
+
+            LdsSecurityObject so = new LdsSecurityObject(algoId, datas);
+
+			CheckConstruction(so, algoId, datas);
+
+			LdsVersionInfo versionInfo = new LdsVersionInfo("Hello", "world");
+
+			so = new LdsSecurityObject(algoId, datas, versionInfo);
+
+			CheckConstruction(so, algoId, datas, versionInfo);
+
+			try
+			{
+				LdsSecurityObject.GetInstance(null);
+			}
+			catch (Exception)
+			{
+				Fail("GetInstance() failed to handle null.");
+			}
+
+			try
+            {
+                LdsSecurityObject.GetInstance(new object());
+
+                Fail("GetInstance() failed to detect bad object.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+
+			try
+            {
+				LdsSecurityObject.GetInstance(DerSequence.Empty);
+
+				Fail("constructor failed to detect empty sequence.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+
+			try
+            {
+                new LdsSecurityObject(algoId, new DataGroupHash[1]);
+
+				Fail("constructor failed to detect small DataGroupHash array.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+
+			try
+            {
+                new LdsSecurityObject(algoId, new DataGroupHash[LdsSecurityObject.UBDataGroups + 1]);
+
+				Fail("constructor failed to out of bounds DataGroupHash array.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+        }
+
+		private void CheckConstruction(
+            LdsSecurityObject	so,
+            AlgorithmIdentifier	digestAlgorithmIdentifier,
+            DataGroupHash[]		datagroupHash)
+        {
+            CheckStatement(so, digestAlgorithmIdentifier, datagroupHash, null);
+
+			so = LdsSecurityObject.GetInstance(so);
+
+			CheckStatement(so, digestAlgorithmIdentifier, datagroupHash, null);
+
+			Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray(
+				so.ToAsn1Object().GetEncoded());
+
+			so = LdsSecurityObject.GetInstance(seq);
+
+			CheckStatement(so, digestAlgorithmIdentifier, datagroupHash, null);
+        }
+		
+		private void CheckConstruction(
+			LdsSecurityObject	so,
+			AlgorithmIdentifier	digestAlgorithmIdentifier,
+			DataGroupHash[]		datagroupHash,
+			LdsVersionInfo		versionInfo)
+		{
+			if (!so.Version.Equals(BigInteger.One))
+			{
+				Fail("version number not 1");
+			}
+
+			CheckStatement(so, digestAlgorithmIdentifier, datagroupHash, versionInfo);
+
+			so = LdsSecurityObject.GetInstance(so);
+
+			CheckStatement(so, digestAlgorithmIdentifier, datagroupHash, versionInfo);
+
+			Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray(
+				so.ToAsn1Object().GetEncoded());
+
+			so = LdsSecurityObject.GetInstance(seq);
+
+			CheckStatement(so, digestAlgorithmIdentifier, datagroupHash, versionInfo);
+		}
+
+		private void CheckStatement(
+            LdsSecurityObject	so,
+            AlgorithmIdentifier	digestAlgorithmIdentifier,
+            DataGroupHash[]		datagroupHash,
+			LdsVersionInfo		versionInfo)
+        {
+            if (digestAlgorithmIdentifier != null)
+            {
+                if (!so.DigestAlgorithmIdentifier.Equals(digestAlgorithmIdentifier))
+                {
+                    Fail("ids don't match.");
+                }
+            }
+            else if (so.DigestAlgorithmIdentifier != null)
+            {
+                Fail("digest algorithm Id found when none expected.");
+            }
+
+			if (datagroupHash != null)
+            {
+                DataGroupHash[] datas = so.GetDatagroupHash();
+
+                for (int i = 0; i != datas.Length; i++)
+                {
+                    if (!datagroupHash[i].Equals(datas[i]))
+                    {
+                        Fail("name registration authorities don't match.");
+                    }
+                }
+            }
+            else if (so.GetDatagroupHash() != null)
+            {
+                Fail("data hash groups found when none expected.");
+            }
+
+			if (versionInfo != null)
+			{
+				if (!versionInfo.Equals(so.VersionInfo))
+				{
+					Fail("versionInfo doesn't match");
+				}
+			}
+			else if (so.VersionInfo != null)
+			{
+				Fail("version info found when none expected.");
+			}
+        }
+
+		public static void Main(
+            string[]    args)
+        {
+            RunTest(new LDSSecurityObjectUnitTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/MiscTest.cs b/crypto/test/src/asn1/test/MiscTest.cs
new file mode 100644
index 000000000..44213c71d
--- /dev/null
+++ b/crypto/test/src/asn1/test/MiscTest.cs
@@ -0,0 +1,100 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Misc;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class MiscTest
+		: ITest
+	{
+		public ITestResult Perform()
+		{
+			byte[] testIv = { 1, 2, 3, 4, 5, 6, 7, 8 };
+
+			Asn1Encodable[] values =
+			{
+				new Cast5CbcParameters(testIv, 128),
+				new NetscapeCertType(NetscapeCertType.Smime),
+				new VerisignCzagExtension(new DerIA5String("hello")),
+#if INCLUDE_IDEA
+				new IdeaCbcPar(testIv),
+#endif
+				new NetscapeRevocationUrl(new DerIA5String("http://test"))
+			};
+
+#if INCLUDE_IDEA
+			byte[] data = Base64.Decode("MA4ECAECAwQFBgcIAgIAgAMCBSAWBWhlbGxvMAoECAECAwQFBgcIFgtodHRwOi8vdGVzdA==");
+#else
+			byte[] data = Base64.Decode("MA4ECAECAwQFBgcIAgIAgAMCBSAWBWhlbGxvFgtodHRwOi8vdGVzdA==");
+#endif
+
+			try
+			{
+				MemoryStream bOut = new MemoryStream();
+				Asn1OutputStream aOut = new Asn1OutputStream(bOut);
+
+				for (int i = 0; i != values.Length; i++)
+				{
+					aOut.WriteObject(values[i]);
+				}
+
+				if (!Arrays.AreEqual(bOut.ToArray(), data))
+				{
+					return new SimpleTestResult(false, Name + ": Failed data check");
+				}
+
+				Asn1InputStream aIn = new Asn1InputStream(bOut.ToArray());
+
+				for (int i = 0; i != values.Length; i++)
+				{
+					Asn1Object o = aIn.ReadObject();
+
+					if (!values[i].Equals(o))
+					{
+						return new SimpleTestResult(false, Name + ": Failed equality test for " + o);
+					}
+
+					if (o.GetHashCode() != values[i].GetHashCode())
+					{
+						return new SimpleTestResult(false, Name + ": Failed hashCode test for " + o);
+					}
+				}
+
+				return new SimpleTestResult(true, Name + ": Okay");
+			}
+			catch (Exception e)
+			{
+				return new SimpleTestResult(false, Name + ": Failed - exception " + e.ToString(), e);
+			}
+		}
+
+		public string Name
+		{
+			get { return "Misc"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new MiscTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/MonetaryLimitUnitTest.cs b/crypto/test/src/asn1/test/MonetaryLimitUnitTest.cs
new file mode 100644
index 000000000..cdeb2eca5
--- /dev/null
+++ b/crypto/test/src/asn1/test/MonetaryLimitUnitTest.cs
@@ -0,0 +1,93 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.IsisMtt.X509;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class MonetaryLimitUnitTest
+		: Asn1UnitTest
+	{
+		public override string Name
+		{
+			get { return "MonetaryLimit"; }
+		}
+
+		public override void PerformTest()
+		{
+			string currency = "AUD";
+			int    amount = 1;
+			int    exponent = 2;
+
+			MonetaryLimit limit = new MonetaryLimit(currency, amount, exponent);
+
+			checkConstruction(limit, currency, amount, exponent);
+
+			limit = MonetaryLimit.GetInstance(null);
+
+			if (limit != null)
+			{
+				Fail("null GetInstance() failed.");
+			}
+
+			try
+			{
+				MonetaryLimit.GetInstance(new Object());
+
+				Fail("GetInstance() failed to detect bad object.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkConstruction(
+			MonetaryLimit	limit,
+			string			currency,
+			int				amount,
+			int				exponent)
+		{
+			checkValues(limit, currency, amount, exponent);
+
+			limit = MonetaryLimit.GetInstance(limit);
+
+			checkValues(limit, currency, amount, exponent);
+
+			Asn1InputStream aIn = new Asn1InputStream(limit.ToAsn1Object().GetEncoded());
+
+			Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject();
+
+			limit = MonetaryLimit.GetInstance(seq);
+
+			checkValues(limit, currency, amount, exponent);
+		}
+
+		private void checkValues(
+			MonetaryLimit	limit,
+			string			currency,
+			int				amount,
+			int				exponent)
+		{
+			checkMandatoryField("currency", currency, limit.Currency);
+			checkMandatoryField("amount", amount, limit.Amount.IntValue);
+			checkMandatoryField("exponent", exponent, limit.Exponent.IntValue);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new MonetaryLimitUnitTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/MonetaryValueUnitTest.cs b/crypto/test/src/asn1/test/MonetaryValueUnitTest.cs
new file mode 100644
index 000000000..c75d74505
--- /dev/null
+++ b/crypto/test/src/asn1/test/MonetaryValueUnitTest.cs
@@ -0,0 +1,99 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X509.Qualified;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class MonetaryValueUnitTest
+        : SimpleTest
+    {
+        private const int TestAmount = 100;
+        private const int ZeroExponent = 0;
+
+        private const string CurrencyCode = "AUD";
+
+        public override string Name
+        {
+			get { return "MonetaryValue"; }
+        }
+
+		public override void PerformTest()
+        {
+            MonetaryValue mv = new MonetaryValue(new Iso4217CurrencyCode(CurrencyCode), TestAmount, ZeroExponent);
+
+			CheckValues(mv, TestAmount, ZeroExponent);
+
+			mv = MonetaryValue.GetInstance(mv);
+
+			CheckValues(mv, TestAmount, ZeroExponent);
+
+			Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray(
+				mv.ToAsn1Object().GetEncoded());
+
+			mv = MonetaryValue.GetInstance(seq);
+
+			CheckValues(mv, TestAmount, ZeroExponent);
+
+			mv = MonetaryValue.GetInstance(null);
+
+			if (mv != null)
+            {
+                Fail("null GetInstance() failed.");
+            }
+
+			try
+            {
+                MonetaryValue.GetInstance(new object());
+
+				Fail("GetInstance() failed to detect bad object.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+        }
+
+		private void CheckValues(
+            MonetaryValue mv,
+            int           amount,
+            int           exponent)
+        {
+            if (mv.Amount.IntValue != amount)
+            {
+                Fail("amounts don't match.");
+            }
+
+            if (mv.Exponent.IntValue != exponent)
+            {
+                Fail("exponents don't match.");
+            }
+
+            Iso4217CurrencyCode cc = mv.Currency;
+
+            if (!cc.Alphabetic.Equals(CurrencyCode))
+            {
+                Fail("currency code wrong");
+            }
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new MonetaryValueUnitTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/NameOrPseudonymUnitTest.cs b/crypto/test/src/asn1/test/NameOrPseudonymUnitTest.cs
new file mode 100644
index 000000000..45f66613b
--- /dev/null
+++ b/crypto/test/src/asn1/test/NameOrPseudonymUnitTest.cs
@@ -0,0 +1,114 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.X500;
+using Org.BouncyCastle.Asn1.X509.SigI;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class NameOrPseudonymUnitTest
+		: Asn1UnitTest
+	{
+		public override string Name
+		{
+			get { return "NameOrPseudonym"; }
+		}
+
+		public override void PerformTest()
+		{
+			string pseudonym = "pseudonym";
+			DirectoryString surname = new DirectoryString("surname");
+			Asn1Sequence givenName = new DerSequence(new DirectoryString("givenName"));
+
+			NameOrPseudonym id = new NameOrPseudonym(pseudonym);
+
+			checkConstruction(id, pseudonym, null, null);
+
+			id = new NameOrPseudonym(surname, givenName);
+
+			checkConstruction(id, null, surname, givenName);
+
+			id = NameOrPseudonym.GetInstance(null);
+
+			if (id != null)
+			{
+				Fail("null GetInstance() failed.");
+			}
+
+			try
+			{
+				NameOrPseudonym.GetInstance(new Object());
+
+				Fail("GetInstance() failed to detect bad object.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkConstruction(
+			NameOrPseudonym	id,
+			string			pseudonym,
+			DirectoryString	surname,
+			Asn1Sequence	givenName)
+		{
+			checkValues(id, pseudonym, surname, givenName);
+
+			id = NameOrPseudonym.GetInstance(id);
+
+			checkValues(id, pseudonym, surname, givenName);
+
+			Asn1InputStream aIn = new Asn1InputStream(id.ToAsn1Object().GetEncoded());
+
+			if (surname != null)
+			{
+				Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject();
+
+				id = NameOrPseudonym.GetInstance(seq);
+			}
+			else
+			{
+				IAsn1String s = (IAsn1String) aIn.ReadObject();
+
+				id = NameOrPseudonym.GetInstance(s);
+			}
+
+			checkValues(id, pseudonym, surname, givenName);
+		}
+
+		private void checkValues(
+			NameOrPseudonym	id,
+			string			pseudonym,
+			DirectoryString	surname,
+			Asn1Sequence	givenName)
+		{
+
+			if (surname != null)
+			{
+				checkMandatoryField("surname", surname, id.Surname);
+				checkMandatoryField("givenName", givenName, new DerSequence(id.GetGivenName()[0]));
+			}
+			else
+			{
+				checkOptionalField("pseudonym", new DirectoryString(pseudonym), id.Pseudonym);
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new NameOrPseudonymUnitTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/NamingAuthorityUnitTest.cs b/crypto/test/src/asn1/test/NamingAuthorityUnitTest.cs
new file mode 100644
index 000000000..787b2c32d
--- /dev/null
+++ b/crypto/test/src/asn1/test/NamingAuthorityUnitTest.cs
@@ -0,0 +1,106 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.IsisMtt.X509;
+using Org.BouncyCastle.Asn1.X500;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class NamingAuthorityUnitTest
+		: Asn1UnitTest
+	{
+		public override string Name
+		{
+			get { return "NamingAuthority"; }
+		}
+
+		public override void PerformTest()
+		{
+			DerObjectIdentifier namingAuthorityID = new DerObjectIdentifier("1.2.3");
+			string namingAuthorityURL = "url";
+			DirectoryString namingAuthorityText = new DirectoryString("text");
+
+			NamingAuthority auth =  new NamingAuthority(namingAuthorityID, namingAuthorityURL, namingAuthorityText);
+
+			checkConstruction(auth, namingAuthorityID, namingAuthorityURL, namingAuthorityText);
+
+			auth =  new NamingAuthority(null, namingAuthorityURL, namingAuthorityText);
+
+			checkConstruction(auth, null, namingAuthorityURL, namingAuthorityText);
+
+			auth =  new NamingAuthority(namingAuthorityID, null, namingAuthorityText);
+
+			checkConstruction(auth, namingAuthorityID, null, namingAuthorityText);
+
+			auth =  new NamingAuthority(namingAuthorityID, namingAuthorityURL, null);
+
+			checkConstruction(auth, namingAuthorityID, namingAuthorityURL, null);
+
+			auth = NamingAuthority.GetInstance(null);
+
+			if (auth != null)
+			{
+				Fail("null GetInstance() failed.");
+			}
+
+			try
+			{
+				NamingAuthority.GetInstance(new Object());
+
+				Fail("GetInstance() failed to detect bad object.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkConstruction(
+			NamingAuthority		auth,
+			DerObjectIdentifier	namingAuthorityID,
+			string				namingAuthorityURL,
+			DirectoryString		namingAuthorityText)
+		{
+			checkValues(auth, namingAuthorityID, namingAuthorityURL, namingAuthorityText);
+
+			auth = NamingAuthority.GetInstance(auth);
+
+			checkValues(auth, namingAuthorityID, namingAuthorityURL, namingAuthorityText);
+
+			Asn1InputStream aIn = new Asn1InputStream(auth.ToAsn1Object().GetEncoded());
+
+			Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject();
+
+			auth = NamingAuthority.GetInstance(seq);
+
+			checkValues(auth, namingAuthorityID, namingAuthorityURL, namingAuthorityText);
+		}
+
+		private void checkValues(
+			NamingAuthority		auth,
+			DerObjectIdentifier	namingAuthorityId,
+			string				namingAuthorityURL,
+			DirectoryString		namingAuthorityText)
+		{
+			checkOptionalField("namingAuthorityId", namingAuthorityId, auth.NamingAuthorityID);
+			checkOptionalField("namingAuthorityURL", namingAuthorityURL, auth.NamingAuthorityUrl);
+			checkOptionalField("namingAuthorityText", namingAuthorityText, auth.NamingAuthorityText);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new NamingAuthorityUnitTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/NetscapeCertTypeTest.cs b/crypto/test/src/asn1/test/NetscapeCertTypeTest.cs
new file mode 100644
index 000000000..8db5d990c
--- /dev/null
+++ b/crypto/test/src/asn1/test/NetscapeCertTypeTest.cs
@@ -0,0 +1,45 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Misc;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class NetscapeCertTypeTest
+		: SimpleTest
+	{
+		public override string Name
+		{
+			get { return "NetscapeCertType"; }
+		}
+
+		public override void PerformTest()
+		{
+			BitStringConstantTester.testFlagValueCorrect(0, NetscapeCertType.SslClient);
+			BitStringConstantTester.testFlagValueCorrect(1, NetscapeCertType.SslServer);
+			BitStringConstantTester.testFlagValueCorrect(2, NetscapeCertType.Smime);
+			BitStringConstantTester.testFlagValueCorrect(3, NetscapeCertType.ObjectSigning);
+			BitStringConstantTester.testFlagValueCorrect(4, NetscapeCertType.Reserved);
+			BitStringConstantTester.testFlagValueCorrect(5, NetscapeCertType.SslCA);
+			BitStringConstantTester.testFlagValueCorrect(6, NetscapeCertType.SmimeCA);
+			BitStringConstantTester.testFlagValueCorrect(7, NetscapeCertType.ObjectSigningCA);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new NetscapeCertTypeTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/OCSPTest.cs b/crypto/test/src/asn1/test/OCSPTest.cs
new file mode 100644
index 000000000..13f59d3d1
--- /dev/null
+++ b/crypto/test/src/asn1/test/OCSPTest.cs
@@ -0,0 +1,183 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Ocsp;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class OcspTest
+		: ITest
+	{
+		private static byte[] unsignedReq = Base64.Decode(
+			"MEIwQDA+MDwwOjAJBgUrDgMCGgUABBRDb9GODnq7lRhSkEqw4XX24huERwQUkY4j"
+			+ "a6eKuDlkVP9hRgkEvIWqHPECAQE=");
+
+		private static byte[] signedReq = Base64.Decode(
+			"MIIC9jBAMD4wPDA6MAkGBSsOAwIaBQAEFENv0Y4OeruVGFKQSrDhdfbiG4RHBBTc"
+			+ "Mr1fP+mZAxbF2ZdehWxn6mtAngIBAaCCArAwggKsMA0GCSqGSIb3DQEBBQUAA4GB"
+			+ "AAzHBm4nL5AcRQB3Jkz7ScNeZF+GbRZ0p4kBDTnqi3IeESuso12yJhpqqyijdnj5"
+			+ "gd4/GsSAgdluLHyYZ6wgozV7G9MDXCnFnG4PBUW05HaVX81JYAp+amVyU0NOgNrG"
+			+ "90npVBsHb0o+UlkxNgMiEbSkp/TeGb6YURsYKhmwp7BgoIICFTCCAhEwggINMIIB"
+			+ "dqADAgECAgEBMA0GCSqGSIb3DQEBBAUAMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0"
+			+ "bGUxCzAJBgNVBAYTAkFVMB4XDTA0MTAyNDEzNDc0M1oXDTA1MDIwMTEzNDc0M1ow"
+			+ "JTEWMBQGA1UEChMNQm91bmN5IENhc3RsZTELMAkGA1UEBhMCQVUwgZ8wDQYJKoZI"
+			+ "hvcNAQEBBQADgY0AMIGJAoGBAJBmLeIzthMHUeTkOeJ76iBxcMHY31o/i3a9VT12"
+			+ "y2FcS/ejJmeUCMTdtwl5alOwXY66vF4DyT1VU/nJG3mHpSoqq7qrMXOIFGcXg1Wf"
+			+ "oJRrQgTOLdQ6bod7i9ME/EjEJy70orh0nVS7NGcu0R5TjcbLde2J5zxjb/W9wqfy"
+			+ "RovJAgMBAAGjTTBLMB0GA1UdDgQWBBTcMr1fP+mZAxbF2ZdehWxn6mtAnjAfBgNV"
+			+ "HSMEGDAWgBTcMr1fP+mZAxbF2ZdehWxn6mtAnjAJBgNVHRMEAjAAMA0GCSqGSIb3"
+			+ "DQEBBAUAA4GBAF/4EH1KkNrNxocJPIp7lThmG1KIVYESIadowMowrbok46ESofRF"
+			+ "OIPku07W+e1Y1Y1KXLIiPMG3IGwrBrn04iLsbbBUiN37BcC/VyT4xKJ2MYscGjKL"
+			+ "ua/9bU0lOyeTRAwqb8towWRd5lLYAI3RQ7dhStUTFp3Vqd803PJ/cpR6");
+
+		private static byte[] _response = Base64.Decode(
+			"MIIFnAoBAKCCBZUwggWRBgkrBgEFBQcwAQEEggWCMIIFfjCCARehgZ8wgZwx"
+			+ "CzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEgcHJhZGVzaDESMBAGA1UE"
+			+ "BxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAKBgNVBAsTA0FUQzEeMBwG"
+			+ "A1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQwIgYJKoZIhvcNAQkBFhVv"
+			+ "Y3NwQHRjcy1jYS50Y3MuY28uaW4YDzIwMDMwNDAyMTIzNDU4WjBiMGAwOjAJ"
+			+ "BgUrDgMCGgUABBRs07IuoCWNmcEl1oHwIak1BPnX8QQUtGyl/iL9WJ1VxjxF"
+			+ "j0hAwJ/s1AcCAQKhERgPMjAwMjA4MjkwNzA5MjZaGA8yMDAzMDQwMjEyMzQ1"
+			+ "OFowDQYJKoZIhvcNAQEFBQADgYEAfbN0TCRFKdhsmvOdUoiJ+qvygGBzDxD/"
+			+ "VWhXYA+16AphHLIWNABR3CgHB3zWtdy2j7DJmQ/R7qKj7dUhWLSqclAiPgFt"
+			+ "QQ1YvSJAYfEIdyHkxv4NP0LSogxrumANcDyC9yt/W9yHjD2ICPBIqCsZLuLk"
+			+ "OHYi5DlwWe9Zm9VFwCGgggPMMIIDyDCCA8QwggKsoAMCAQICAQYwDQYJKoZI"
+			+ "hvcNAQEFBQAwgZQxFDASBgNVBAMTC1RDUy1DQSBPQ1NQMSYwJAYJKoZIhvcN"
+			+ "AQkBFhd0Y3MtY2FAdGNzLWNhLnRjcy5jby5pbjEMMAoGA1UEChMDVENTMQww"
+			+ "CgYDVQQLEwNBVEMxEjAQBgNVBAcTCUh5ZGVyYWJhZDEXMBUGA1UECBMOQW5k"
+			+ "aHJhIHByYWRlc2gxCzAJBgNVBAYTAklOMB4XDTAyMDgyOTA3MTE0M1oXDTAz"
+			+ "MDgyOTA3MTE0M1owgZwxCzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEg"
+			+ "cHJhZGVzaDESMBAGA1UEBxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAK"
+			+ "BgNVBAsTA0FUQzEeMBwGA1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQw"
+			+ "IgYJKoZIhvcNAQkBFhVvY3NwQHRjcy1jYS50Y3MuY28uaW4wgZ8wDQYJKoZI"
+			+ "hvcNAQEBBQADgY0AMIGJAoGBAM+XWW4caMRv46D7L6Bv8iwtKgmQu0SAybmF"
+			+ "RJiz12qXzdvTLt8C75OdgmUomxp0+gW/4XlTPUqOMQWv463aZRv9Ust4f8MH"
+			+ "EJh4ekP/NS9+d8vEO3P40ntQkmSMcFmtA9E1koUtQ3MSJlcs441JjbgUaVnm"
+			+ "jDmmniQnZY4bU3tVAgMBAAGjgZowgZcwDAYDVR0TAQH/BAIwADALBgNVHQ8E"
+			+ "BAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwkwNgYIKwYBBQUHAQEEKjAoMCYG"
+			+ "CCsGAQUFBzABhhpodHRwOi8vMTcyLjE5LjQwLjExMDo3NzAwLzAtBgNVHR8E"
+			+ "JjAkMCKgIKAehhxodHRwOi8vMTcyLjE5LjQwLjExMC9jcmwuY3JsMA0GCSqG"
+			+ "SIb3DQEBBQUAA4IBAQB6FovM3B4VDDZ15o12gnADZsIk9fTAczLlcrmXLNN4"
+			+ "PgmqgnwF0Ymj3bD5SavDOXxbA65AZJ7rBNAguLUo+xVkgxmoBH7R2sBxjTCc"
+			+ "r07NEadxM3HQkt0aX5XYEl8eRoifwqYAI9h0ziZfTNes8elNfb3DoPPjqq6V"
+			+ "mMg0f0iMS4W8LjNPorjRB+kIosa1deAGPhq0eJ8yr0/s2QR2/WFD5P4aXc8I"
+			+ "KWleklnIImS3zqiPrq6tl2Bm8DZj7vXlTOwmraSQxUwzCKwYob1yGvNOUQTq"
+			+ "pG6jxn7jgDawHU1+WjWQe4Q34/pWeGLysxTraMa+Ug9kPe+jy/qRX2xwvKBZ");
+
+		private ITestResult unSignedRequest()
+		{
+			try
+			{
+				OcspRequest req = OcspRequest.GetInstance(
+					Asn1Object.FromByteArray(unsignedReq));
+
+				if (!Arrays.AreEqual(req.GetEncoded(), unsignedReq))
+				{
+					return new SimpleTestResult(false, Name + ": Ocsp unsigned request failed to re-encode");
+				}
+
+				return new SimpleTestResult(true, Name + ": Okay");
+			}
+			catch (Exception e)
+			{
+				return new SimpleTestResult(false, Name + ": failed unsigned exception - " + e.ToString(), e);
+			}
+		}
+
+		private ITestResult SignedRequest()
+		{
+			try
+			{
+				OcspRequest req = OcspRequest.GetInstance(
+					Asn1Object.FromByteArray(signedReq));
+
+				if (!Arrays.AreEqual(req.GetEncoded(), signedReq))
+				{
+					return new SimpleTestResult(false, Name + ": Ocsp signed request failed to re-encode");
+				}
+
+				return new SimpleTestResult(true, Name + ": Okay");
+			}
+			catch (Exception e)
+			{
+				return new SimpleTestResult(false, Name + ": failed signed exception - " + e.ToString(), e);
+			}
+		}
+
+		private ITestResult Response()
+		{
+			try
+			{
+				OcspResponse resp = OcspResponse.GetInstance(
+					Asn1Object.FromByteArray(_response));
+				ResponseBytes rBytes = ResponseBytes.GetInstance(resp.ResponseBytes);
+
+				BasicOcspResponse bResp = BasicOcspResponse.GetInstance(
+					Asn1Object.FromByteArray(rBytes.Response.GetOctets()));
+
+				resp = new OcspResponse(
+					resp.ResponseStatus,
+					new ResponseBytes(
+						rBytes.ResponseType,
+						new DerOctetString(bResp.GetEncoded())));
+
+				if (!Arrays.AreEqual(resp.GetEncoded(), _response))
+				{
+					return new SimpleTestResult(false, Name + ": Ocsp response failed to re-encode");
+				}
+
+				return new SimpleTestResult(true, Name + ": Okay");
+			}
+			catch (Exception e)
+			{
+				return new SimpleTestResult(false, Name + ": failed response exception - " + e.ToString(), e);
+			}
+		}
+
+		public ITestResult Perform()
+		{
+			ITestResult res = unSignedRequest();
+
+			if (!res.IsSuccessful())
+			{
+				return res;
+			}
+
+			res = SignedRequest();
+			if (!res.IsSuccessful())
+			{
+				return res;
+			}
+
+			return Response();
+		}
+
+		public string Name
+		{
+			get { return "Ocsp"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new OcspTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/OIDTest.cs b/crypto/test/src/asn1/test/OIDTest.cs
new file mode 100644
index 000000000..b0782db04
--- /dev/null
+++ b/crypto/test/src/asn1/test/OIDTest.cs
@@ -0,0 +1,149 @@
+using System;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	/**
+	 * X.690 test example
+	 */
+	[TestFixture]
+	public class OidTest
+		: SimpleTest
+	{
+		byte[] req1 = Hex.Decode("0603813403");
+		byte[] req2 = Hex.Decode("06082A36FFFFFFDD6311");
+
+		public override string Name
+		{
+			get { return "OID"; }
+		}
+
+		private void recodeCheck(
+			string	oid,
+			byte[]	enc)
+		{
+			DerObjectIdentifier o = new DerObjectIdentifier(oid);
+			DerObjectIdentifier encO = (DerObjectIdentifier) Asn1Object.FromByteArray(enc);
+
+			if (!o.Equals(encO))
+			{
+				Fail("oid ID didn't match", o, encO);
+			}
+
+			byte[] bytes = o.GetDerEncoded();
+
+			if (!Arrays.AreEqual(bytes, enc))
+			{
+				Fail("failed comparison test", Hex.ToHexString(enc), Hex.ToHexString(bytes));
+			}
+		}
+
+		private void validOidCheck(
+			string oid)
+		{
+			DerObjectIdentifier o = new DerObjectIdentifier(oid);
+			o = (DerObjectIdentifier) Asn1Object.FromByteArray(o.GetEncoded());
+
+			if (!o.Id.Equals(oid))
+			{
+				Fail("failed oid check: " + oid);
+			}
+		}
+
+		private void invalidOidCheck(
+			string oid)
+		{
+			try
+			{
+				new DerObjectIdentifier(oid);
+				Fail("failed to catch bad oid: " + oid);
+			}
+			catch (FormatException)
+			{
+				// expected
+			}
+		}
+
+		private void branchCheck(string stem, string branch)
+		{
+			string expected = stem + "." + branch;
+			string actual = new DerObjectIdentifier(stem).Branch(branch).Id;
+
+			if (expected != actual)
+			{
+				Fail("failed 'branch' check for " + stem + "/" + branch);
+			}
+		}
+
+		private void onCheck(String stem, String test, bool expected)
+		{
+			if (expected != new DerObjectIdentifier(test).On(new DerObjectIdentifier(stem)))
+			{
+				Fail("failed 'on' check for " + stem + "/" + test);
+			}
+		}
+
+		public override void PerformTest()
+		{
+			recodeCheck("2.100.3", req1);
+			recodeCheck("1.2.54.34359733987.17", req2);
+
+			validOidCheck(PkcsObjectIdentifiers.Pkcs9AtContentType.Id);
+			validOidCheck("0.1");
+			validOidCheck("1.1.127.32512.8323072.2130706432.545460846592.139637976727552.35747322042253312.9151314442816847872");
+			validOidCheck("1.2.123.12345678901.1.1.1");
+			validOidCheck("2.25.196556539987194312349856245628873852187.1");
+
+			invalidOidCheck("0");
+			invalidOidCheck("1");
+			invalidOidCheck("2");
+			invalidOidCheck("3.1");
+			invalidOidCheck("..1");
+			invalidOidCheck("192.168.1.1");
+			invalidOidCheck(".123452");
+			invalidOidCheck("1.");
+			invalidOidCheck("1.345.23.34..234");
+			invalidOidCheck("1.345.23.34.234.");
+			invalidOidCheck(".12.345.77.234");
+			invalidOidCheck(".12.345.77.234.");
+			invalidOidCheck("1.2.3.4.A.5");
+			invalidOidCheck("1,2");
+
+			branchCheck("1.1", "2.2");
+
+			onCheck("1.1", "1.1", false);
+			onCheck("1.1", "1.2", false);
+			onCheck("1.1", "1.2.1", false);
+			onCheck("1.1", "2.1", false);
+			onCheck("1.1", "1.11", false);
+			onCheck("1.12", "1.1.2", false);
+			onCheck("1.1", "1.1.1", true);
+			onCheck("1.1", "1.1.2", true);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new OidTest();
+			ITestResult	result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/OctetStringTest.cs b/crypto/test/src/asn1/test/OctetStringTest.cs
new file mode 100644
index 000000000..8bae1b057
--- /dev/null
+++ b/crypto/test/src/asn1/test/OctetStringTest.cs
@@ -0,0 +1,186 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Cms;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class OctetStringTest
+	{
+		[Test]
+		public void TestReadingWriting()
+		{
+			MemoryStream bOut = new MemoryStream();
+			BerOctetStringGenerator octGen = new BerOctetStringGenerator(bOut);
+
+			Stream outStream = octGen.GetOctetOutputStream();
+
+			outStream.Write(new byte[] { 1, 2, 3, 4 }, 0, 4);
+			outStream.Write(new byte[4], 0, 4);
+
+			outStream.Close();
+
+			Asn1StreamParser aIn = new Asn1StreamParser(bOut.ToArray());
+
+			BerOctetStringParser s = (BerOctetStringParser)aIn.ReadObject();
+
+			Stream inStream = s.GetOctetStream();
+			int count = 0;
+
+			while (inStream.ReadByte() >= 0)
+			{
+				count++;
+			}
+
+			Assert.AreEqual(8, count);
+		}
+
+		[Test]
+		public void TestReadingWritingZeroInLength()
+		{
+			MemoryStream bOut = new MemoryStream();
+			BerOctetStringGenerator octGen = new BerOctetStringGenerator(bOut);
+
+			Stream outStream = octGen.GetOctetOutputStream();
+
+			outStream.Write(new byte[] { 1, 2, 3, 4 }, 0, 4);
+			outStream.Write(new byte[512], 0, 512);  // forces a zero to appear in length
+
+			outStream.Close();
+
+			Asn1StreamParser aIn = new Asn1StreamParser(bOut.ToArray());
+
+			BerOctetStringParser s = (BerOctetStringParser)aIn.ReadObject();
+
+			Stream inStream = s.GetOctetStream();
+			int         count = 0;
+
+			while (inStream.ReadByte() >= 0)
+			{
+				count++;
+			}
+
+			Assert.AreEqual(516, count);
+		}
+
+		[Test]
+		public void TestReadingWritingNested()
+		{
+			MemoryStream bOut = new MemoryStream();
+			BerSequenceGenerator sGen = new BerSequenceGenerator(bOut);
+			BerOctetStringGenerator octGen = new BerOctetStringGenerator(sGen.GetRawOutputStream());
+
+			Stream outStream = octGen.GetOctetOutputStream();
+
+			BerSequenceGenerator inSGen = new BerSequenceGenerator(outStream);
+
+			BerOctetStringGenerator inOctGen = new BerOctetStringGenerator(inSGen.GetRawOutputStream());
+
+			Stream inOut = inOctGen.GetOctetOutputStream();
+
+			inOut.Write(new byte[] { 1, 2, 3, 4 }, 0, 4);
+			inOut.Write(new byte[10], 0, 10);
+
+			inOut.Close();
+
+			inSGen.Close();
+
+			outStream.Close();
+
+			sGen.Close();
+
+			Asn1StreamParser aIn = new Asn1StreamParser(bOut.ToArray());
+
+			BerSequenceParser sq = (BerSequenceParser)aIn.ReadObject();
+
+			BerOctetStringParser s = (BerOctetStringParser)sq.ReadObject();
+
+			Asn1StreamParser aIn2 = new Asn1StreamParser(s.GetOctetStream());
+
+			BerSequenceParser sq2 = (BerSequenceParser)aIn2.ReadObject();
+
+			BerOctetStringParser inS = (BerOctetStringParser)sq2.ReadObject();
+
+			Stream inStream = inS.GetOctetStream();
+			int         count = 0;
+
+			while (inStream.ReadByte() >= 0)
+			{
+				count++;
+			}
+
+			Assert.AreEqual(14, count);
+		}
+
+		[Test]
+		public void TestNestedStructure()
+		{
+			MemoryStream bOut = new MemoryStream();
+
+			BerSequenceGenerator sGen = new BerSequenceGenerator(bOut);
+
+			sGen.AddObject(new DerObjectIdentifier(CmsObjectIdentifiers.CompressedData.Id));
+
+			BerSequenceGenerator cGen = new BerSequenceGenerator(sGen.GetRawOutputStream(), 0, true);
+
+			cGen.AddObject(new DerInteger(0));
+
+			//
+			// AlgorithmIdentifier
+			//
+			DerSequenceGenerator algGen = new DerSequenceGenerator(cGen.GetRawOutputStream());
+
+			algGen.AddObject(new DerObjectIdentifier("1.2"));
+
+			algGen.Close();
+
+			//
+			// Encapsulated ContentInfo
+			//
+			BerSequenceGenerator eiGen = new BerSequenceGenerator(cGen.GetRawOutputStream());
+
+			eiGen.AddObject(new DerObjectIdentifier("1.1"));
+
+			BerOctetStringGenerator octGen = new BerOctetStringGenerator(eiGen.GetRawOutputStream(), 0, true);
+
+			//
+			// output containing zeroes
+			//
+			Stream outStream = octGen.GetOctetOutputStream();
+
+			outStream.Write(new byte[] { 1, 2, 3, 4 }, 0, 4);
+			outStream.Write(new byte[4], 0, 4);
+			outStream.Write(new byte[20], 0, 20);
+
+			outStream.Close();
+			eiGen.Close();
+			cGen.Close();
+			sGen.Close();
+
+			//
+			// reading back
+			//
+			Asn1StreamParser aIn = new Asn1StreamParser(bOut.ToArray());
+
+			ContentInfoParser cp = new ContentInfoParser((Asn1SequenceParser)aIn.ReadObject());
+
+			CompressedDataParser comData = new CompressedDataParser((Asn1SequenceParser)cp.GetContent(Asn1Tags.Sequence));
+			ContentInfoParser content = comData.GetEncapContentInfo();
+
+			Asn1OctetStringParser bytes = (Asn1OctetStringParser)content.GetContent(Asn1Tags.OctetString);
+
+			Stream inStream = bytes.GetOctetStream();
+			int count = 0;
+
+			while (inStream.ReadByte() >= 0)
+			{
+				count++;
+			}
+
+			Assert.AreEqual(28, count);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/OtherCertIDUnitTest.cs b/crypto/test/src/asn1/test/OtherCertIDUnitTest.cs
new file mode 100644
index 000000000..a09c18e8a
--- /dev/null
+++ b/crypto/test/src/asn1/test/OtherCertIDUnitTest.cs
@@ -0,0 +1,100 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Esf;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class OtherCertIDUnitTest
+		: Asn1UnitTest
+	{
+		public override string Name
+		{
+			get { return "OtherCertID"; }
+		}
+
+		public override void PerformTest()
+		{
+			AlgorithmIdentifier algId = new AlgorithmIdentifier(new DerObjectIdentifier("1.2.2.3"));
+			byte[] digest = new byte[20];
+			OtherHash otherHash = new OtherHash(new OtherHashAlgAndValue(algId, digest));
+			IssuerSerial issuerSerial = new IssuerSerial(new GeneralNames(new GeneralName(new X509Name("CN=test"))), new DerInteger(1));
+
+			OtherCertID certID = new OtherCertID(otherHash);
+
+			checkConstruction(certID, algId, digest, null);
+
+			certID = new OtherCertID(otherHash, issuerSerial);
+
+			checkConstruction(certID, algId, digest, issuerSerial);
+
+			certID = OtherCertID.GetInstance(null);
+
+			if (certID != null)
+			{
+				Fail("null GetInstance() failed.");
+			}
+
+			try
+			{
+				OtherCertID.GetInstance(new Object());
+
+				Fail("GetInstance() failed to detect bad object.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkConstruction(
+			OtherCertID			certID,
+			AlgorithmIdentifier	algId,
+			byte[]				digest,
+			IssuerSerial		issuerSerial)
+		{
+			checkValues(certID, algId, digest, issuerSerial);
+
+			certID = OtherCertID.GetInstance(certID);
+
+			checkValues(certID, algId, digest, issuerSerial);
+
+			Asn1InputStream aIn = new Asn1InputStream(certID.ToAsn1Object().GetEncoded());
+
+			Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject();
+
+			certID = OtherCertID.GetInstance(seq);
+
+			checkValues(certID, algId, digest, issuerSerial);
+		}
+
+		private void checkValues(
+			OtherCertID			certID,
+			AlgorithmIdentifier	algId,
+			byte[]				digest,
+			IssuerSerial		issuerSerial)
+		{
+			checkMandatoryField("hashAlgorithm", algId, certID.OtherCertHash.HashAlgorithm);
+			checkMandatoryField("hashValue", digest, certID.OtherCertHash.GetHashValue());
+
+			checkOptionalField("issuerSerial", issuerSerial, certID.IssuerSerial);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new OtherCertIDUnitTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/OtherSigningCertificateUnitTest.cs b/crypto/test/src/asn1/test/OtherSigningCertificateUnitTest.cs
new file mode 100644
index 000000000..4410d8e4c
--- /dev/null
+++ b/crypto/test/src/asn1/test/OtherSigningCertificateUnitTest.cs
@@ -0,0 +1,94 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Esf;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class OtherSigningCertificateUnitTest
+		: Asn1UnitTest
+	{
+		public override string Name
+		{
+			get { return "OtherSigningCertificate"; }
+		}
+
+		public override void PerformTest()
+		{
+			AlgorithmIdentifier algId = new AlgorithmIdentifier(new DerObjectIdentifier("1.2.2.3"));
+			byte[] digest = new byte[20];
+			OtherHash otherHash = new OtherHash(
+				new OtherHashAlgAndValue(algId, digest));
+			OtherCertID otherCertID = new OtherCertID(otherHash);
+
+			OtherSigningCertificate otherCert = new OtherSigningCertificate(otherCertID);
+
+			checkConstruction(otherCert, otherCertID);
+
+			otherCert = OtherSigningCertificate.GetInstance(null);
+
+			if (otherCert != null)
+			{
+				Fail("null GetInstance() failed.");
+			}
+
+			try
+			{
+				OtherCertID.GetInstance(new Object());
+
+				Fail("GetInstance() failed to detect bad object.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkConstruction(
+			OtherSigningCertificate	otherCert,
+			OtherCertID				otherCertID)
+		{
+			checkValues(otherCert, otherCertID);
+
+			otherCert = OtherSigningCertificate.GetInstance(otherCert);
+
+			checkValues(otherCert, otherCertID);
+
+			Asn1InputStream aIn = new Asn1InputStream(otherCert.ToAsn1Object().GetEncoded());
+
+			Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject();
+
+			otherCert = OtherSigningCertificate.GetInstance(seq);
+
+			checkValues(otherCert, otherCertID);
+		}
+
+		private void checkValues(
+			OtherSigningCertificate	otherCert,
+			OtherCertID				otherCertID)
+		{
+			if (otherCert.GetCerts().Length != 1)
+			{
+				Fail("GetCerts() length wrong");
+			}
+			checkMandatoryField("GetCerts()[0]", otherCertID, otherCert.GetCerts()[0]);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new OtherSigningCertificateUnitTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/PKCS10Test.cs b/crypto/test/src/asn1/test/PKCS10Test.cs
new file mode 100644
index 000000000..28736b816
--- /dev/null
+++ b/crypto/test/src/asn1/test/PKCS10Test.cs
@@ -0,0 +1,95 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class Pkcs10Test
+        : ITest
+    {
+        byte[]    req1 = Base64.Decode(
+                    "MIHoMIGTAgEAMC4xDjAMBgNVBAMTBVRlc3QyMQ8wDQYDVQQKEwZBbmFUb20xCzAJBgNVBAYTAlNF"
+                +   "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALlEt31Tzt2MlcOljvacJgzQVhmlMoqAOgqJ9Pgd3Gux"
+                +   "Z7/WcIlgW4QCB7WZT21O1YoghwBhPDMcNGrHei9kHQkCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA0EA"
+                +   "NDEI4ecNtJ3uHwGGlitNFq9WxcoZ0djbQJ5hABMotav6gtqlrwKXY2evaIrsNwkJtNdwwH18aQDU"
+                +   "KCjOuBL38Q==");
+
+        byte[]    req2 = Base64.Decode(
+                   "MIIB6TCCAVICAQAwgagxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRQwEgYDVQQH"
+                +  "EwtTYW50YSBDbGFyYTEMMAoGA1UEChMDQUJCMVEwTwYDVQQLHEhQAAAAAAAAAG8AAAAAAAAAdwAA"
+                +  "AAAAAABlAAAAAAAAAHIAAAAAAAAAIAAAAAAAAABUAAAAAAAAABxIAAAAAAAARAAAAAAAAAAxDTAL"
+                +  "BgNVBAMTBGJsdWUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANETRZ+6occCOrFxNhfKIp4C"
+                +  "mMkxwhBNb7TnnahpbM9O0r4hrBPcfYuL7u9YX/jN0YNUP+/CiT39HhSe/bikaBPDEyNsl988I8vX"
+                +  "piEdgxYq/+LTgGHbjRsRYCkPtmzwBbuBldNF8bV7pu0v4UScSsExmGqqDlX1TbPU8KkPU1iTAgMB"
+                +  "AAGgADANBgkqhkiG9w0BAQQFAAOBgQAFbrs9qUwh93CtETk7DeUD5HcdCnxauo1bck44snSV6MZV"
+                +  "OCIGaYu1501kmhEvAtVVRr6SEHwimfQDDIjnrWwYsEr/DT6tkTZAbfRd3qUu3iKjT0H0vlUZp0hJ"
+                +  "66mINtBM84uZFBfoXiWY8M3FuAnGmvy6ah/dYtJorTxLKiGkew==");
+
+        public string Name
+        {
+			get
+			{
+				return "Pkcs10";
+			}
+        }
+
+        public ITestResult BasicPkcs10Test(
+            string  testName,
+            byte[]  req)
+        {
+            try
+            {
+				CertificationRequest r = new CertificationRequest(
+					(Asn1Sequence)Asn1Object.FromByteArray(req));
+				byte[] bytes = r.GetDerEncoded();
+
+				if (!Arrays.AreEqual(bytes, req))
+				{
+					return new SimpleTestResult(false, Name + ": " + testName + " failed comparison test");
+				}
+			}
+            catch (Exception e)
+            {
+                return new SimpleTestResult(false, Name + ": Exception - " + testName + " " + e.ToString());
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public ITestResult Perform()
+        {
+            ITestResult res = BasicPkcs10Test("basic CR", req1);
+
+            if (!res.IsSuccessful())
+            {
+                return res;
+            }
+
+            return BasicPkcs10Test("Universal CR", req2);
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            ITest test = new Pkcs10Test();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/PKCS12Test.cs b/crypto/test/src/asn1/test/PKCS12Test.cs
new file mode 100644
index 000000000..c20fa8cc6
--- /dev/null
+++ b/crypto/test/src/asn1/test/PKCS12Test.cs
@@ -0,0 +1,210 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class Pkcs12Test
+		: SimpleTest
+	{
+		private static byte[] pkcs12 = Base64.Decode(
+			  "MIACAQMwgAYJKoZIhvcNAQcBoIAkgASCA+gwgDCABgkqhkiG9w0BBwGggCSA"
+			+ "BIIDRDCCA0AwggM8BgsqhkiG9w0BDAoBAqCCArEwggKtMCcGCiqGSIb3DQEM"
+			+ "AQMwGQQUFlnNVpQoEHc+J3UEGxARipkHu5kCAWQEggKAAH9tmy40lly6QDoc"
+			+ "1TfmY9y2qysD+lrgk+dnxP04RfoJfycTRDeaz2sPLImZtio9nsqCFqtzU/sl"
+			+ "eWigbH34BpKU1sC0Gq1cyik0GO65sW95S6YjKtGcGOBfQCPk1oQjfiqnfU3G"
+			+ "oeOaG3COQJukMFj8unv55u0xbX1hwO8SsZmr9RjPzLrVaeY6BP5+CCzOKBaj"
+			+ "GxneIDqnQW7/kBIVWK7M+JXGdgQyiKhD6NvXL/zD8oKEne0nIX7IokQuWEn6"
+			+ "8Sglv5OSclsSdvHTk57bCuV5lVzoIzczA4J/LZWdrtITeVefBLQSalBzpRde"
+			+ "rSTMj485z2x5ChizhjE627/KQ5vkKQkQVqXYYXVyeTvKZRpL7vz13C4DUCwN"
+			+ "im1XvNSCNebXS1yHJRtcONDhGJN3UsrVjHr+2kCfE5SCEeSU/dqgNLuLa1tk"
+			+ "5+jwZFNj/HjO88wlOwPCol1uuJjDpaEW7dxu5qsVSfZhEXWHs8rZAMttFMzi"
+			+ "yxsEkZe8kqngRbNJOY6KpppYedsMWDusUJGfIHo+8zymiw3gv/z+lmFOlDGt"
+			+ "CKMk9Es/MgfjpbfhbTVYHOBKS6Qyrz7LdTuBMI8XdsZMuN+Uf73690ggLmKW"
+			+ "IELUg8h1RX0ra2n6jOc/1rnebAifMhiMkL1ABQvqOobfOrG/9h9XcXoi64Qr"
+			+ "htc3T7yMAHafBX5KUcNkbcn6kssYhpvd8bPADoLBnbx3GxGh/uziB0zKQEI0"
+			+ "GnaY4SL7aR4C5xNNi41lYtsR6ohKyfPEGslhrhd4axx0cKxC2sHgVl0k+r8B"
+			+ "8Vu44XHbW8LqdspjOHN9qg2erES1Dvgj05SfHDup+V6a3ogJo2YKXOiu3DF4"
+			+ "MFEGCSqGSIb3DQEJFDFEHkIARABhAHYAaQBkACAARwAuACAASABvAG8AawAn"
+			+ "AHMAIABWAGUAcgBpAFMAaQBnAG4ALAAgAEkAbgBjAC4AIABJAEQwIwYJKoZI"
+			+ "hvcNAQkVMRYEFKEcMJ798oZLFkH0OnpbUBnrTLgWAAAAAAAAMIAGCSqGSIb3"
+			+ "DQEHBqCAMIACAQAwgAYJKoZIhvcNAQcBMCcGCiqGSIb3DQEMAQYwGQQUTErH"
+			+ "kWZ8nBXZYWO53FH4yqRZZsECAWSggASCDGCreuCr6/azcOv5w04bN3jkg4G2"
+			+ "dsvTPAjL8bichaEOQCykhuNPt1dv3FsjUsdFC550K0+Y48RyBIID6JTiN9Gj"
+			+ "K+a5aLPaXgTRdY74Toof1hYtZ4DIcVyq25LezVQHoe/++pAgEpWjqHTxVDIv"
+			+ "YFAgT2oDB+2vkeXM61XnNWOjwCY3pXpk/VGjyN4USkD7Q/Y6tPjQOywvQE7c"
+			+ "Ab1z62k9iMia7Yk/qmh+zJu4SSneo0/RLLdMZOlGZv89MResVG038TC8MTA9"
+			+ "Uf+wDRcS20d7XDbTaBAgju8TpFIw5/lbDi0feUVlk6L+jkT1ktaTc1Pwtxn7"
+			+ "psXMFW6HAWB4exOi09297R9BCOQX6vcetK/iA/3jIC6NuTdizYof0DWetdGy"
+			+ "haIkMiEnERYE3unJocH4fq585Rw6mE+BYssPVPkVWZZInF3l69bKduuxsQt+"
+			+ "pcApgBVsTjsU+1FOiUxuW2wWKi70RcQprPv5Ef1A5FRNxPFp+7IzLNlE4qCo"
+			+ "wvC6NTpeuRw3aGsXSfqHmSddrHugNPmghNgG5lv1Ef7A8MUuyp8fyjAgxCDk"
+			+ "4Hpb8PCHGj5t//Fr6Cd0MygJMIFQmv4kUd2LVHxQ9A9WFNCqTz/nBe+ZRLJL"
+			+ "NghTv6gGpjGJiBnXYv6Sod2fs+5J2GIvex4qbdh6gzZIU2YTAwpj6Aca3SjA"
+			+ "X8+m8AXt2SC3Z6T5+m8SxyiNp2P511paV/TZKtLWXQGKeEX1JXhQkaM6Q5W/"
+			+ "IhSgC8/gppk1gbIraBqrW8bEnGBnC03wi0OnMz3ohM4CVHyaW3dQquT2+u6F"
+			+ "8VeGXAYHU022NkrpPl/VlfNNEAyisU2+oJqpPZkqL6FsDWF3k6Fq2jXBLL+/"
+			+ "a0WA82jIpgjNeXze/cgoHtU023V9E9Qcu+5nPBYdCTR4sRxvHLANii0W8lPv"
+			+ "tvU5XO1UsEjHDfKL4E1bhGzGpb/OU5yg/98EN95r/xdFL5G+XVyHeR0UtkcB"
+			+ "IuvyBdhkwoprCjkcgLZe8FPIBNw84HRe7Ye6f2gDW/F5uej6rBehJS1VFvCh"
+			+ "DXzkajGmK40Gc2APS1/1vZqPu68polgw9dT84rem36PLEOq4KuU7n4QE0g7T"
+			+ "YR2G8+4FNgQTjjg/qw3lX+sj6yLn1lYt1dOVvkiM8i8tdZg/3pCKKAW1uV7a"
+			+ "astlBxVSkFfn1BrFTc2oFGkTrlUg90a+parOfGHTfDiaHX8ouEg63fk0+Xdi"
+			+ "FCarXsqHNPDbpmWLKw8TAmdeneGipyScntJJk4ajy+jROQBgGew3ofOmfkqm"
+			+ "oJFNwUvKOXN2ucViLZgsdK/7YgV1OR7oiTh8knQNPk3d5fRYSMFf9GJTjQRV"
+			+ "y2CLdICAVzvrUXf9k7miWYkjIp2/HGD7pOH018sX9MrpfJKqvdPFOssZiFd0"
+			+ "I2FUbgcEggPotvnT0XoabEiurTm8EPPpw66NKmK/H1kQL0hEtdIazPxfLmm/"
+			+ "ZUDokwa7d4bE3BwFh0weQfEvMzJu6Y5E7ir2MqD33XaGMOGys1nst1SPPyDB"
+			+ "WpOWD9w7Ng3yU1JVzqFWuVXaXDYbfnlG7AGevKF5PYNZj/RIQBBf5Xle9hTd"
+			+ "c9CtxPkrsJwA8DeAwKl2WIfbXGzAYLSnXoYUcoTkWn/O81BlUFgAXv80gLe8"
+			+ "NUrH7bhsnyGaPY953NyDk8IWUYrsn/sXvxTy5B0/7/WGMh3CSZrLX3p7TcFY"
+			+ "yBrL6SRas4q9rrcwuhBq0tUUbbgWi92nhZl4bOGmx7ehHnwuUId2HWXyVGoB"
+			+ "qToee/2E4PZFxSZwKCY6dahswFq5QGDrQKN2/qpOLZcJib6SvSGyEZl2pqr0"
+			+ "lqk7tVPzBkN/4uP0qrcbZCDbGW6IXwu3RGMRehqj/HEJcs92lZKfVrk/U07X"
+			+ "MBAiQHqV+kLw7kStECR/MGJG1c0xhqqBrf0W74+LpJiv/Q9iFNdWbXvE/cAk"
+			+ "G7+OTUABd2kI88uA43T0UoRuPOi5KnLuD3AG+7IuyGyP69Xncd4u0srMg2fn"
+			+ "DiLLZUy6vWmxwRFsSMCEfQNLtZaggukoPIihQvbX3mQS9izwLs6D89WtEcZ5"
+			+ "6DVbIlUqUinnNKsT8vW1DZo5FMJkUxB666YIPVmkQbbJOEUU89dZg5Gw0og6"
+			+ "rn4irEr4xHFdx+S7iqJXhzs9THg/9e4/k8KQ136z7LALOqDookcSdBzW6H8c"
+			+ "STjs4qKQyNimsLB90mEuIEApzhseAaLFl+kgORGJv/2a+uoukZchMsJ98MVo"
+			+ "sEPS1oBXJl2m9AshkWfON2GDeJatgcw6CyC1mSx++Gg602ZKUZZUaWxkz1Sw"
+			+ "zTj3nhiJe+SZsdfxhsojNq7zfxqgY/Rq7BwvphU3StjnxvkB4rTkbmbiGOBO"
+			+ "cvTFg4yOtQGRcifk2/XH/bgYiPqQrYSXpO3WRASV005RaSGufcpTtj3YlHGe"
+			+ "8FUgZfDtfiGezhNET9KO3/Q0i34bGEpoIb/9uOWH4ZHULIlfdSm1ynV50nE4"
+			+ "mJTXccrF6BE80KZI5GWGhqXdfPFaHTK1S20+XCw7bRJCGeiwVxvGfB+C0SZ4"
+			+ "ndtqx165dKG5JwFukcygiIZN6foh0/PhwzmFxmPtZuPQt9dtuIQ35Y7PSDsy"
+			+ "IH2Ot0Hh0YIN99lHJ6n9HomSjpwcgDXGssEuevbpz27u/MI/Uhq4Gfx0k5RF"
+			+ "0pcRYtk1dYSx44a+8WgqZLF8DUNtyjSE/H8P5iGa6tqOl7kNyeeEkfoTtKst"
+			+ "asGFwL4Qxxus4GC7repyVi7IJgSCA+iopiqKQJ2IqUHvoIEuD//sZooDx0Je"
+			+ "oFRO5VakkTO6WHd8JpOOEU2f6Zjg++HdIl0QK7xcUaRH075LzEfqgn1vyw6J"
+			+ "N6ex8D76sf/nAy01NvDPij48Z50XDwXu4kJGJvv0AJwId8BpjziBF0j3K/DI"
+			+ "YOOpd6nW4EvdivCgaCnxqlIU/u1OP4BwpO+AUjJh6RKlKviGihQpi103DFhR"
+			+ "yXNDhh55pqgCCCuNeEB+ovRt7UxzlGAVRSxJh1Zbjp/+iQun0E32RlSR4Diz"
+			+ "p5vDk8NBZpIiKRqI+8GWZc3G1igp7dvViTLw4OdWMKwhccV5+3Ll/W72aNVm"
+			+ "azYUoYOVn+OYS1NJkER0tjFOCozRGm5hfkxGlP+02wbH5uu/AQoJMqWIxT6l"
+			+ "46IWC24lmAnDCXuM+gWmwUvyXLwuBdejVK8iG1Lnfg1qztoLpYRbBROgRdpt"
+			+ "2cbPRm+9seqrth3eJbtmxCvuh3bZ3pR2e0/r5Tob/fDcOc5Kp+j4ndXWkwpa"
+			+ "OuH1yxam7zNJR+mcYp1Wiujia5qIeY1QCAEY5QgAWaSHtjlEprwUuootA2Xm"
+			+ "V7D8Vsr9BValhm9zMKj6IzsPmM+HZJWlhHcoucuAmPK6Lnys3Kv/mbkSgNOq"
+			+ "fJDY901veFfKeqiCbAm6hZjNWoQDNJKFhjXUALrcOv9VCFPA3bMW3Xul/sB4"
+			+ "Mq595e+x/1HkNOgZorBv97C6X7ENVDaAFcyZvrRU/ZeDnvFhisfxS4EJhzxl"
+			+ "cWWnQhzD+ur1FTTlkmUFzgoB/rW+i3XigiHOuRRnkcoMy1uV17rwH8eELHJu"
+			+ "Yni5vu2QUaD4jNEhliE2XCsn8Sm6bcXnfzBa7FXC39QvAcdJHzqcD6iIwjIz"
+			+ "hKLu+/XoWFMFFNsgV78AwzPAn6TRya8LLCYPoIZkEP4qBoeZtUZ8PIS/Y7M9"
+			+ "QStMwa/NI9SPswb3iScTGvor/obUEQS4QM6mVxFMpQWfwJfyU6jingX4EHRE"
+			+ "mqvZ3ehzU8ZLOdKzRKuk022YDT7hwEQ+VL0Fg0Ld9oexqT96nQpUTHZtDRMV"
+			+ "iTuJoUYTneDs2c9tsY4mWBqamZQSfTegj4sLMZagkuSUp/SpPM2zSGuD3nY6"
+			+ "u3553gIM9jYhvLBEXwjGudVCwMd3bqo/4EhnKb2PcwUzdaMkipQlNteHZjBT"
+			+ "1ici63xjJva+di0qTV+W9cyYyHwg1927X2qcMh06BhbHlcXQKbgmbL18KJEt"
+			+ "K+GGhGNkP7mtPyHHgBb6vref/z8p7oxT2CG+oBuN/z+xQoYfe9c4IC3e/kNN"
+			+ "DIoyYvPyEzAdfMS2aL8qDxzc5GH9UE9kcusJ/2dNEFTzBH2GK1CItL3IACv/"
+			+ "LwX1SkI0w7oIQTL127CSnuTrUUkvJ/+rOYScQTMD/ntZPdLdu2ffszg3SzhN"
+			+ "ELgojK8ss1OBlruWRHw/fP736Nx8MNsuOvXMnO8lruz+uyuEhF3BLv96oTcg"
+			+ "XVHdWhPmOoqNdBQdRgAAAAAAAAAAAAAAAAAAAAAAADA8MCEwCQYFKw4DAhoF"
+			+ "AAQUJMZn7MEKv4vW/+voCVyHBa6B0EMEFJOzH/BEjRtNNsZWlo/4L840aE5r"
+			+ "AgFkAAA=");
+
+		public override void PerformTest()
+		{
+			Asn1Sequence obj = (Asn1Sequence) Asn1Object.FromByteArray(pkcs12);
+
+			Pfx                 bag = new Pfx(obj);
+			ContentInfo         info = bag.AuthSafe;
+			MacData             mData = bag.MacData;
+			DigestInfo          dInfo = mData.Mac;
+			AlgorithmIdentifier algId = dInfo.AlgorithmID;
+			byte[]              salt = mData.GetSalt();
+			int                 itCount = mData.IterationCount.IntValue;
+
+			byte[] octets = ((Asn1OctetString) info.Content).GetOctets();
+			AuthenticatedSafe authSafe = new AuthenticatedSafe(
+				(Asn1Sequence) Asn1Object.FromByteArray(octets));
+			ContentInfo[] c = authSafe.GetContentInfo();
+
+			//
+			// private key section
+			//
+			if (!c[0].ContentType.Equals(PkcsObjectIdentifiers.Data))
+			{
+				Fail("Failed comparison data test");
+			}
+
+			octets = ((Asn1OctetString)c[0].Content).GetOctets();
+			Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray(octets);
+
+			SafeBag b = new SafeBag((Asn1Sequence)seq[0]);
+			if (!b.BagID.Equals(PkcsObjectIdentifiers.Pkcs8ShroudedKeyBag))
+			{
+				Fail("Failed comparison shroudedKeyBag test");
+			}
+
+			EncryptedPrivateKeyInfo encInfo = EncryptedPrivateKeyInfo.GetInstance(b.BagValue);
+
+			encInfo = new EncryptedPrivateKeyInfo(encInfo.EncryptionAlgorithm, encInfo.GetEncryptedData());
+
+			b = new SafeBag(PkcsObjectIdentifiers.Pkcs8ShroudedKeyBag, encInfo.ToAsn1Object(), b.BagAttributes);
+
+			byte[] encodedBytes = new DerSequence(b).GetEncoded();
+
+			c[0] = new ContentInfo(PkcsObjectIdentifiers.Data, new BerOctetString(encodedBytes));
+
+			//
+			// certificates
+			//
+			if (!c[1].ContentType.Equals(PkcsObjectIdentifiers.EncryptedData))
+			{
+				Fail("Failed comparison encryptedData test");
+			}
+
+			EncryptedData eData = EncryptedData.GetInstance(c[1].Content);
+
+			c[1] = new ContentInfo(PkcsObjectIdentifiers.EncryptedData, eData);
+
+			//
+			// create an octet stream to represent the BER encoding of authSafe
+			//
+			authSafe = new AuthenticatedSafe(c);
+
+			info = new ContentInfo(PkcsObjectIdentifiers.Data, new BerOctetString(authSafe.GetEncoded()));
+
+			mData = new MacData(new DigestInfo(algId, dInfo.GetDigest()), salt, itCount);
+
+			bag = new Pfx(info, mData);
+
+			//
+			// comparison test
+			//
+			if (!Arrays.AreEqual(bag.GetEncoded(), pkcs12))
+			{
+				Fail("Failed comparison test");
+			}
+		}
+
+		public override string Name
+		{
+			get { return "Pkcs12"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new Pkcs12Test());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/PKIFailureInfoTest.cs b/crypto/test/src/asn1/test/PKIFailureInfoTest.cs
new file mode 100644
index 000000000..734dbbc14
--- /dev/null
+++ b/crypto/test/src/asn1/test/PKIFailureInfoTest.cs
@@ -0,0 +1,76 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cmp;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	/**
+	* PKIFailureInfoTest
+	*/
+	[TestFixture]
+	public class PkiFailureInfoTest
+		: SimpleTest
+	{
+		// A correct hex encoded BAD_DATA_FORMAT PkiFailureInfo
+		private static readonly byte[] CORRECT_FAILURE_INFO = Base64.Decode("AwIANQ==");
+
+		public override string Name
+		{
+			get { return "PkiFailureInfo"; }
+		}
+
+		private void doTestEncoding()
+		{
+			DerBitString bitString = (DerBitString) Asn1Object.FromByteArray(CORRECT_FAILURE_INFO);
+			PkiFailureInfo correct = new PkiFailureInfo(bitString);
+
+			PkiFailureInfo bug = new PkiFailureInfo(PkiFailureInfo.BadRequest | PkiFailureInfo.BadTime | PkiFailureInfo.BadDataFormat | PkiFailureInfo.IncorrectData);
+
+			if (!Arrays.AreEqual(correct.GetDerEncoded(), bug.GetDerEncoded()))
+			{
+				Fail("encoding doesn't match");
+			}
+		}
+
+		public override void PerformTest()
+		{
+			BitStringConstantTester.testFlagValueCorrect(0, PkiFailureInfo.BadAlg);
+			BitStringConstantTester.testFlagValueCorrect(1, PkiFailureInfo.BadMessageCheck);
+			BitStringConstantTester.testFlagValueCorrect(2, PkiFailureInfo.BadRequest);
+			BitStringConstantTester.testFlagValueCorrect(3, PkiFailureInfo.BadTime);
+			BitStringConstantTester.testFlagValueCorrect(4, PkiFailureInfo.BadCertId);
+			BitStringConstantTester.testFlagValueCorrect(5, PkiFailureInfo.BadDataFormat);
+			BitStringConstantTester.testFlagValueCorrect(6, PkiFailureInfo.WrongAuthority);
+			BitStringConstantTester.testFlagValueCorrect(7, PkiFailureInfo.IncorrectData);
+			BitStringConstantTester.testFlagValueCorrect(8, PkiFailureInfo.MissingTimeStamp);
+			BitStringConstantTester.testFlagValueCorrect(9, PkiFailureInfo.BadPop);
+			BitStringConstantTester.testFlagValueCorrect(14, PkiFailureInfo.TimeNotAvailable);
+			BitStringConstantTester.testFlagValueCorrect(15, PkiFailureInfo.UnacceptedPolicy);
+			BitStringConstantTester.testFlagValueCorrect(16, PkiFailureInfo.UnacceptedExtension);
+			BitStringConstantTester.testFlagValueCorrect(17, PkiFailureInfo.AddInfoNotAvailable);
+			BitStringConstantTester.testFlagValueCorrect(25, PkiFailureInfo.SystemFailure);
+
+			doTestEncoding();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new PkiFailureInfoTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/ParseTest.cs b/crypto/test/src/asn1/test/ParseTest.cs
new file mode 100644
index 000000000..c649fdb8d
--- /dev/null
+++ b/crypto/test/src/asn1/test/ParseTest.cs
@@ -0,0 +1,303 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class ParseTest
+    {
+        private static readonly byte[] classCastTest = Base64.Decode(
+            "MIIXqAYJKoZIhvcNAQcDoIIXmTCCF5UCAQAxggG1MIIBsQIBADCBmDCBkDEL"
+            + "MAkGA1UEBhMCVVMxETAPBgNVBAgTCE1pY2hpZ2FuMQ0wCwYDVQQHEwRUcm95"
+            + "MQwwCgYDVQQKEwNFRFMxGTAXBgNVBAsTEEVMSVQgRW5naW5lZXJpbmcxJDAi"
+            + "BgkqhkiG9w0BCQEWFUVsaXQuU2VydmljZXNAZWRzLmNvbTEQMA4GA1UEAxMH"
+            + "RURTRUxJVAIDD6FBMA0GCSqGSIb3DQEBAQUABIIBAGh04C2SyEnH9J2Va18w"
+            + "3vdp5L7immD5h5CDZFgdgHln5QBzT7hodXMVHmyGnycsWnAjYqpsil96H3xQ"
+            + "A6+9a7yB6TYSLTNv8zhL2qU3IrfdmUJyxxfsFJlWFO1MlRmu9xEAW5CeauXs"
+            + "RurQCT+C5tLc5uytbvw0Jqbz+Qp1+eaRbfvyhWFGkO/BYZ89hVL9Yl1sg/Ls"
+            + "mA5jwTj2AvHkAwis+F33ZhYlto2QDvbPsUa0cldnX8+1Pz4QzKMHmfUbFD2D"
+            + "ngaYN1tDlmezCsYFQmNx1th1SaQtTefvPr+qaqRsm8KEXlWbJQXmIfdyi0zY"
+            + "qiwztEtO81hXZYkKqc5fKMMwghXVBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcE"
+            + "CEq3cLLWVds9gIIVsAAik3al6Nn5pr7r0mSy9Ki3vEeCBcV9EzEG44BvNHNA"
+            + "WyEsqQsdSxuF7h1/DJAMuZFwCbGflaRGx/1L94zrmtpeuH501lzPMvvZCmpj"
+            + "KrOF8e1B4MVQ5TfQTdUVyRnbcDa6E4V1ZZIdAI7BgDeJttS4+L6btquXfxUg"
+            + "ttPYQkevF7MdShYNnfLkY4vUMDOp3+iVzrOlq0elM95dfSA7OdBavgDJbz/7"
+            + "mro3AFTytnWjGz8TUos+oUujTk9/kHOn4cEAIm0hHrNhPS5qoj3QnNduNrad"
+            + "rLpGtcYyNlHIsYCsvPMxwoHmIw+r9xQQRjjzmVYzidn+cNOt0FmLs6YE8ds4"
+            + "wvHRO9S69TgKPHRgk2bihgHqII9lF9qIzfG40YwJLHzGoEwVO1O0+wn8j2EP"
+            + "O9I/Q3vreCH+5VbpUD2NGTwsMwZ3YlUesurLwse/YICxmgdN5Ro4DeQJSa9M"
+            + "iJnRFYWRq+58cKgr+L11mNc9nApZBShlpPP7pdNqWOafStIEjo+dsY/J+iyS"
+            + "6WLlUvNt/12qF4NAgZMb3FvRQ9PrMe87lqSRnHcpLWHcFjuKbMKCBvcdWGWI"
+            + "R7JR8UNzUvoLGGAUI9Ck+yTq4QtfgtL5MLmdBGxSKzgs44Mmek+LnrFx+e9n"
+            + "pkrdDf2gM/m7E50FnLYqzUjctKYGLNYpXQorq9MJx6TB20CHXcqOOoQqesXa"
+            + "9jL9PIOtBQy1Ow5Bh4SP07nTFWFSMI/Wt4ZvNvWJj3ecA9KjMOA9EXWUDS/H"
+            + "k9iCb2EEMo7fe5mhoyxMxPO+EIa1sEC9A1+rDACKPQCHOLI0uPmsdo0AEECC"
+            + "QLgOQkcwQlkHexOyHiOOtBxehtGZ1eBQQZ+31DF+RRU6WvS6grg58eS4gGOQ"
+            + "bd7CS9yYebvAQkz61J8KprWdtZuG1gBGma12wKMuQuC6RuWlKsj+rPMvaQCt"
+            + "8mucGbkElPGZVhdyD8/BvpSCNbgRwb6iSiw4EECovu4P4GFJaMGUYEuCA711"
+            + "itEieYc1QqS6ULjb3LFL/RcwSw0fGdjnt6B2nHckC2VsYKU1NwU7j0R1Omb4"
+            + "y5AvSgpuWjTXWnHnE9Ey0B+KP5ERZA+jJGiwYz48ynYlvQFSbBm4I6nh/DuI"
+            + "dWB2dLNxWuhdfzafBGtEHhLHzjW3WQwwRZsKesgHLrrj9hBUObodl1uvqvZN"
+            + "AjMOj8DrqbGOhAClj1t4S1Zk1ZekuMjsuoxEL+/lgtbT+056ES0k3A/LnpRb"
+            + "uxA1ZBr26Im+GVFzEcsV0hB4vNujSwStTTZH5jX5rMyi085yJfnikcLYUn9N"
+            + "apl+srhpIZlDJPw7IHaw8tsqXKDxF7MozIXo8B45CKv5Am+BMrIemCMX/ehu"
+            + "PODICl98Ur8tNAn1L+m0nj7H3c8HW2vNuBLEI3SEHHgm2Ij3IY5pyyeVUaWC"
+            + "pumhy8Ru5dj3fZcfKgYuJBQxWMf+UqPsf4iUK3923pouJ1cQ8XU8gOXIRrtX"
+            + "e41d/yR+UAZXSig6SITLw+wLtvitSvtxvjcUSUOI9CYTovKyuz1PQKiaLsV5"
+            + "4CoJhMQ5uRlVFS3H829I2d2gLRpSp6pNWeIZO2NMBxPYf2qcSHyHqQjR7xP2"
+            + "ZTg7U3OO6dZHORfXxzAnW2ExavBIYQmZh1gLn5jSS4wXFPXyvnJAsF4s5wed"
+            + "YHsyAqM/ek0n2Oo/zAh7UcP2vcb9FOoeRK8qC9HjTciS6WbjskRN0ft4T69G"
+            + "+1RsH8/edBxo2LZeA48BSCXDXOlBZJBsOptzYJD8HSZONPnef0jn23lk0fkU"
+            + "C3BjJu2ubFChctRvJniTko4klpidkHwuJgrTnL4er8rG3RfiiEHn/d5era15"
+            + "E1cekdVYWqwQOObOd4v+0gZSJgI48TBc5Qdy8F6wIU38DR2pn/5uNthNDgXk"
+            + "NcV9a2gOE3DoLe8CEIPMihqYMPY8NuSp97eHB2YhKpjP7qX9TUMoOdE2Iat2"
+            + "klNxadJt6JTFeiBPL6R9RHAD5sVBrkrl0S+oYtgF92f9WHVwAXU7zP6IgM4x"
+            + "hhzeJT07yyIp44mKd//F+7ntbgQjZ/iLbHh0mtOlUmzkFsDR0UNSXEQoourZ"
+            + "EY4A62HXj0DMqEQbik6QwEF7FKuwZX2opdOyVKH9MzJxNfDLd5dc8wAc8bCX"
+            + "jcCx5/GzHx2S5DndWQEVhp2hOQYuoJS3r6QCYFaHtDPKnFHS2PBFyFWL+2UK"
+            + "c0WsvVaHYqYKnksmxse9I9oU75kx5O05DZCThPX6h8J8MHRuxU9tcuuleIUQ"
+            + "XY8On+JeEtLSUZgp+Z7ITLuagf6yuKQpaR396MlDii/449/dvBiXAXeduyO1"
+            + "QzSkQCh37fdasqGL3mP0ssMcxM/qpOwQsx3gMtwiHQRi1oQE1QHb8qZHDE4m"
+            + "I5afQJ9O/H/m/EVlGUSn2yYOsPlZrWuI3BBZKoRzRq1lZOQDtOh18BE3tWmX"
+            + "viGIAxajam0i2Ce3h2U7vNwtiePRNEgPmQ7RwTTv0U6X8qqkjeYskiF4Cv9G"
+            + "nrB0WreC19ih5psEWLIkCYKTr+OhQuRrtv7RcyUi9QSneh7BjcvRjlGB6joA"
+            + "F6J4Y6ENAA/nzOZJ699VkljTi59bbNJYlONpQhOeRTu8M/wExkIJz7yR9DTY"
+            + "bY4/JdbdHNFf5DSDmYAHaFLmdnnfuRy+tC9CGGJvlcLVv5LMFJQGt2Wi15p8"
+            + "lctx7sL6yNCi7OakWbEOCvGPOxY7ejnvOjVK/Krx1T+dAXNUqrsDZmvmakOP"
+            + "We+P4Di1GqcyLVOTP8wNCkuAUoN0JFoBHy336/Xnae91KlY4DciPMpEOIpPN"
+            + "oB+3h6CozV7IWX5Wh3rhfC25nyGJshIBUS6cMXAsswQI8rOylMlGaekNcSU4"
+            + "gNKNDZAK5jNkS0Z/ziIrElSvMNTfYbnx3gCkY0pV18uadmchXihVT11Bt77O"
+            + "8KCKHycR39WYFIRO09wvGv6P42CRBFTdQbWFtkSwRiH8l6x39Z7pIkDFxokT"
+            + "Dp6Htkj3ywfQXNbFgRXZUXqgD1gZVFDFx920hcJnuu65CKz6pEL6X0XUwNPg"
+            + "vtraA2nj4wjVB/y+Cxc+1FgzeELB4CAmWO1OfRVLjYe7WEe/X5DPT6p8HBkB"
+            + "5mWuv+iQ3e37e1Lrsjt2frRYQWoOSP5Lv7c8tZiNfuIp07IYnJKBWZLTqNf9"
+            + "60uiY93ssE0gr3mfYOj+fSbbjy6NgAenT7NRZmFCjFwAfmapIV0hJoqnquaN"
+            + "jj5KKOP72hp+Zr9l8cEcvIhG/BbkY3kYbx3JJ9lnujBVr69PphHQTdw67CNB"
+            + "mDkH7y3bvZ+YaDY0vdKOJif9YwW2qoALXKgVBu1T2BONbCTIUTOzrKhWEvW8"
+            + "D6x03JsWrMMqOKeoyomf1iMt4dIOjp7yGl/lQ3iserzzLsAzR699W2+PWrAT"
+            + "5vLgklJPX/Fb3Tojbsc074lBq669WZe3xzlj85hFcBmoLPPyBE91BLhEwlGC"
+            + "+lWmwFOENLFGZE0mGoRN+KYxwqfA2N6H8TWoz6m0oPUW4uQvy9sGtYTSyQO9"
+            + "6ZwVNT3ndlFrP5p2atdEFVc5aO5FsK8/Fenwez06B2wv9cE9QTVpFrnJkKtF"
+            + "SaPCZkignj64XN7cHbk7Ys6nC3WIrTCcj1UOyp5ihuMS9eL9vosYADsmrR6M"
+            + "uqqeqHsf2+6U1sO1JBkDYtLzoaILTJoqg9/eH7cTA0T0mEfxVos9kAzk5nVN"
+            + "nVOKFrCGVIbOStpYlWP6wyykIKVkssfO6D42D5Im0zmgUwgNEkB+Vxvs8bEs"
+            + "l1wPuB2YPRDCEvwM3A5d5vTKhPtKMECIcDxpdwkD5RmLt+iaYN6oSFzyeeU0"
+            + "YvXBQzq8gfpqJu/lP8cFsjEJ0qCKdDHVTAAeWE6s5XpIzXt5cEWa5JK7Us+I"
+            + "VbSmri4z0sVwSpuopXmhLqLlNWLGXRDyTjZSGGJbguczXCq5XJ2E3E4WGYd6"
+            + "mUWhnP5H7gfW7ILOUN8HLbwOWon8A6xZlMQssL/1PaP3nL8ukvOqzbIBCZQY"
+            + "nrIYGowGKDU83zhO6IOgO8RIVQBJsdjXbN0FyV/sFCs5Sf5WyPlXw/dUAXIA"
+            + "cQiVKM3GiVeAg/q8f5nfrr8+OD4TGMVtUVYujfJocDEtdjxBuyFz3aUaKj0F"
+            + "r9DM3ozAxgWcEvl2CUqJLPHH+AWn5kM7bDyQ2sTIUf5M6hdeick09hwrmXRF"
+            + "NdIoUpn7rZORh0h2VX3XytLj2ERmvv/jPVC97VKU916n1QeMJLprjIsp7GsH"
+            + "KieC1RCKEfg4i9uHoIyHo/VgnKrnTOGX/ksj2ArMhviUJ0yjDDx5jo/k5wLn"
+            + "Rew2+bhiQdghRSriUMkubFh7TN901yl1kF2BBP5PHbpgfTP6R7qfl8ZEwzzO"
+            + "elHe7t7SvI7ff5LkwDvUXSEIrHPGajYvBNZsgro+4Sx5rmaE0QSXACG228OQ"
+            + "Qaju8qWqA2UaPhcHSPHO/u7ad/r8kHceu0dYnSFNe1p5v9Tjux0Yn6y1c+xf"
+            + "V1cu3plCwzW3Byw14PH9ATmi8KJpZQaJOqTxn+zD9TvOa93blK/9b5KDY1QM"
+            + "1s70+VOq0lEMI6Ch3QhFbXaslpgMUJLgvEa5fz3GhmD6+BRHkqjjwlLdwmyR"
+            + "qbr4v6o+vnJKucoUmzvDT8ZH9nH2WCtiiEtQaLNU2vsJ4kZvEy0CEajOrqUF"
+            + "d8qgEAHgh9it5oiyGBB2X/52notXWOi6OMKgWlxxKHPTJDvEVcQ4zZUverII"
+            + "4vYrveRXdiDodggfrafziDrA/0eEKWpcZj7fDBYjUBazwjrsn5VIWfwP2AUE"
+            + "wNn+xR81/so8Nl7EDBeoRXttyH7stbZYdRnkPK025CQug9RLzfhEAgjdgQYw"
+            + "uG+z0IuyctJW1Q1E8YSOpWEFcOK5okQkLFUfB63sO1M2LS0dDHzmdZriCfIE"
+            + "F+9aPMzojaHg3OQmZD7MiIjioV6w43bzVmtMRG22weZIYH/Sh3lDRZn13AS9"
+            + "YV6L7hbFtKKYrie79SldtYazYT8FTSNml/+Qv2TvYTjVwYwHpm7t479u+MLh"
+            + "LxMRVsVeJeSxjgufHmiLk7yYJajNyS2j9Kx/fmXmJbWZNcerrfLP+q+b594Y"
+            + "1TGWr8E6ZTh9I1gU2JR7WYl/hB2/eT6sgSYHTPyGSxTEvEHP242lmjkiHY94"
+            + "CfiTMDu281gIsnAskl05aeCBkj2M5S0BWCxy7bpVAVFf5nhf74EFIBOtHaJl"
+            + "/8psz1kGVF3TzgYHkZXpUjVX/mJX8FG0R8HN7g/xK73HSvqeamr4qVz3Kmm/"
+            + "kMtYRbZre7E1D10qh/ksNYnOkYBcG4P2JyjZ5q+8CQNungz2/b0Glg5LztNz"
+            + "hUgG27xDOUraJXjkkZl/GOh0eTqhfLHXC/TfyoEAQOPcA59MKqvroFC5Js0Q"
+            + "sTgqm2lWzaLNz+PEXpJHuSifHFXaYIkLUJs+8X5711+0M03y8iP4jZeEOrjI"
+            + "l9t3ZYbazwsI3hBIke2hGprw4m3ZmSvQ22g+N6+hnitnDALMsZThesjb6aJd"
+            + "XOwhjLkWRD4nQN594o6ZRrfv4bFEPTp4ev8l6diouKlXSFFnVqz7AZw3Pe53"
+            + "BvIsoh66zHBpZhauPV/s/uLb5x6Z8sU2OK6AoJ7b8R9V/AT7zvonBi/XQNw3"
+            + "nwkwGnTS9Mh7PFnGHLJWTKKlYXrSpNviR1vPxqHMO6b+Lki10d/YMY0vHQrY"
+            + "P6oSVkA6RIKsepHWo11+rV838+2NRrdedCe91foUmOs+eoWQnwmTy2CTZmQ5"
+            + "b7/TTcau9ewimZAqI+MtDWcmWoZfgibZmnIITGcduNOJDRn+aLt9dz+zr1qA"
+            + "HxlLXCOyBPdtfx6eo4Jon+fVte37i3HmxHk+8ZGMMSS9hJbLQEkA59b4E+7L"
+            + "GI3JZjvEkhizB4n/aFeG7KT7K3x072DMbHLZ7VgsXQ1VDDmcZmizFwgyNqKy"
+            + "hKCKxU+I2O10IMtiZUpEzV1Pw7hD5Kv/eFCsJFPXOJ2j3KP6qPtX5IYki1qH"
+            + "Juo5C5uGKtqNc6OzkXsvNUfBz5sJkEYl0WfitSSo4ARyshFUNh2hGxNxUVKM"
+            + "2opOcuHSxBgwUSmVprym50C305zdHulBXv3mLzGjvRstE9qfkQ8qVJYLQEkL"
+            + "1Yn7E92ex71YsC8JhNNMy0/YZwMkiFrqyaFd/LrblWpBbGumhe4reCJ4K3mk"
+            + "lFGEsICcMoe+zU1+QuLlz/bQ+UtvClHUe8hTyIjfY04Fwo2vbdSc1U/SHho5"
+            + "thQy+lOZ/HijzCmfWK3aTqYMdwCUTCsoxri2N8vyD/K2kbMLQWUfUlBQfDOK"
+            + "VrksBoSfcluNVaO56uEUw3enPhhJghfNlJnpr5gUcrAMES53DfkjNr0dCsfM"
+            + "JOY2ZfQEwwYey1c4W1MNNMoegSTg4aXzjVc0xDgKa7RGbtRmVNbOxIhUNAVi"
+            + "thQV3Qujoz1ehDt2GyLpjGjHSpQo3WlIU4OUqJaQfF6EH+3khFqUmp1LT7Iq"
+            + "zH3ydYsoCDjvdXSSEY3hLcZVijUJqoaNWBLb/LF8OG5qTjsM2gLgy2vgO/lM"
+            + "NsqkHnWTtDimoaRRjZBlYLhdzf6QlfLi7RPmmRriiAOM0nXmylF5xBPHQLoz"
+            + "LO9lXYIfNbVJVqQsV43z52MvEQCqPNpGqjB+Au/PZalYHbosiVOQLgTB9hTI"
+            + "sGutSXXeLnf5rftCFvWyL3n5DgURzDFLibrbyVGGKAk166bK1RyVP9XZJonr"
+            + "hPYELk4KawCysJJSmC0E8sSsuXpfd6PPDru6nCV1EdXKR7DybS7NVHCktiPR"
+            + "4B4y8O/AgfJX8sb6LuxmjaINtUKEJ1+O88Gb69uy6b/Kpu2ri/SUBaNNw4Sn"
+            + "/tuaD+jxroL7RlZmt9ME/saNKn9OmLuggd6IUKAL4Ifsx9i7+JKcYuP8Cjdf"
+            + "Rx6U6H4qkEwwYGXnZYqF3jxplyOfqA2Vpvp4rnf8mST6dRLKk49IhKGTzwZr"
+            + "4za/RZhyl6lyoRAFDrVs1b+tj6RYZk0QnK3dLiN1MFYojLyz5Uvi5KlSyFw9"
+            + "trsvXyfyWdyRmJqo1fT7OUe0ImJW2RN3v/qs1k+EXizgb7DW4Rc2goDsCGrZ"
+            + "ZdMwuAdpRnyg9WNtmWwp4XXeb66u3hJHr4RwMd5oyKFB1GsmzZF7aOhSIb2B"
+            + "t3coNXo/Y+WpEj9fD7/snq7I1lS2+3Jrnna1048O7N4b5S4b5TtEcCBILP1C"
+            + "SRvaHyZhBtJpoH6UyimKfabXi08ksrcHmbs1+HRvn+3pl0bHcdeBIQS/wjk1"
+            + "TVEDtaP+K9zkJxaExtoa45QvqowxtcKtMftNoznF45LvwriXEDV9jCXvKMcO"
+            + "nxG5aQ//fbnn4j4q1wsKXxn61wuLUW5Nrg9fIhX7nTNAAooETO7bMUeOWjig"
+            + "2S1nscmtwaV+Sumyz/XUhvWynwE0AXveLrA8Gxfx");
+
+        private static readonly byte[] derExpTest = Base64.Decode(
+            "MIIS6AYJKoZIhvcNAQcDoIIS2TCCEtUCAQAxggG1MIIBsQIBADCBmDCBkDEL"
+            + "MAkGA1UEBhMCVVMxETAPBgNVBAgTCE1pY2hpZ2FuMQ0wCwYDVQQHEwRUcm95"
+            + "MQwwCgYDVQQKEwNFRFMxGTAXBgNVBAsTEEVMSVQgRW5naW5lZXJpbmcxJDAi"
+            + "BgkqhkiG9w0BCQEWFUVsaXQuU2VydmljZXNAZWRzLmNvbTEQMA4GA1UEAxMH"
+            + "RURTRUxJVAIDD6FBMA0GCSqGSIb3DQEBAQUABIIBAGsRYK/jP1YujirddAMl"
+            + "ATysfLCwd0eZhENohVqLiMleH25Dnwf+tBaH4a9hyW+7VrWw/LC6ILPVbKpo"
+            + "oLBAOical40cw6C3zulajc4gM3AlE2KEeAWtI+bgPMXhumqiWDb4byX/APYk"
+            + "53Gk7WXF6Xs4hj3tmrHSJxCUOsTdHKUJYvOqjwKGARPQDjP0EUbVJezeAwBA"
+            + "RMlJ/qBVLBj2UW28n5oJZm3oaSaU93Uc6GPVIk43IWrmEUcWVPiMfUtUCwcX"
+            + "tRNtHuQ9os++rmdNBiuB5p+vtUeA45KWnTUtkwJXvrzE6Sf9AUH/p8uOvvZJ"
+            + "3yt9LhPxcZukGIVvcQnBxLswghEVBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcE"
+            + "CGObmTycubs2gIIQ8AKUC8ciGPxa3sFJ1EPeX/nRwYGNAarlpVnG+07NITL2"
+            + "pUzqZSgsYh5JiKd8TptQBZNdebzNmCvjrVv5s9PaescGcypL7FNVPEubh0w/"
+            + "8h9rTACqUpF5yRgfcgpAGeK29F1hyZ1WaIH43avUCaDnrZcOKB7wc1ats1aQ"
+            + "TSDLImyFn4KjSo5k0Ec/xSoWnfg391vebp8eOsyHZhFMffFtKQMaayZNHJ7Q"
+            + "BzG3r/ysUbkgI5x+0bX0QfZjEIs7yuV5Wt8DxMTueCm3RQ+HkR4lNdTBkM4V"
+            + "qozCqC1SjcAF5YHB0WFkGouEPGgTlmyvLqR2xerEXVZn9YwSnT48kOde3oGt"
+            + "EAYyg0yHbNbL0sp6LDM7upRmrgWwxf0BR6lP4wyWdv/XSLatEB7twSNiPBJ4"
+            + "PJ+QagK08yQJ84UB7YpMTudKsaUs7zW76eA7KkW3TndfDYGdhbmZ5wxNl+5x"
+            + "yPZc/jcQHW7vplMfWglUVxnzibNW12th0QXSB57Mzk8v1Rvc/HLGvAOJZG/S"
+            + "N12FZOxbUrMIHGi3kXsmfWznVyq92X4P9tuDDD7sxkSGsyUAm/UJIZ3KsXhV"
+            + "QeaRHVTVDxtJtnbYxBupy1FDBO6AhVrp16Blvnip9cPn/aLfxDoFHzmsZmEg"
+            + "IcOFqpT1fW+KN6i/JxLD3mn3gKzzdL1/8F36A2GxhCbefQFp0MfIovlnMLFv"
+            + "mrINwMP8a9VnP8gIV5oW5CxmmMUPHuGkXrfg+69iVACaC2sTq6KGebhtg9OC"
+            + "8vZhmu7+Eescst694pYa3b8Sbr5bTFXV68mMMjuRnhvF2NZgF+O0jzU+sFps"
+            + "o7s1rUloCBk1clJUJ/r+j9vbhVahCeJQw62JAqjZu4R1JYAzON3S7jWU5zJ7"
+            + "pWYPSAQkLYUz3FmRRS2Yv65mXDNHqR9vqkHTIphwA9CLMKC2rIONxSVB57q1"
+            + "Npa/TFkVdXnw+cmYjyFWiWeDP7Mw0Kwy7tO008UrBY0rKQU466RI5ezDqYPc"
+            + "Lm73dUH2EjUYmKUi8zCtXpzgfTYVa/DmkbVUL9ThHMVRq1OpT2nctE7kpXZk"
+            + "OsZjEZHZX4MCrSOlc10ZW7MJIRreWMs70n7JX7MISU+8fK6JKOuaQNG8XcQp"
+            + "5IrCTIH8vmN2rVt4UT8zgm640FtO3jWUxScvxCtUJJ49hGCwK+HwDDpO6fLw"
+            + "LFuybey+6hnAbtaDyqgsgDh2KN8GSkQT9wixqwQPWsMQ4h0xQixf4IMdFOjP"
+            + "ciwp3ul8KAp/q70i0xldWGqcDjUasx6WHKc++rFjVJjoVvijKgEhlod5wJIw"
+            + "BqQVMKRsXle07NS1MOB+CRTVW6mwBEhDDERL+ym2GT2Q4uSDzoolmLq2y5vL"
+            + "+RfDHuh3W0UeC3Q5D2bJclgMsVjgfQUN19iD+lPFp2xvLTaNWi5fYDn4uuJL"
+            + "lgVDXIMmM8I+Z2hlTXTM1Pldz2/UFe3QXTbYnjP6kfd7Bo2Webhhgs/YmSR2"
+            + "XPuA42tWNAAjlK77lETWodxi3UC7XELjZ9xoGPRbxjOklXXvev9v5Vo+vcmN"
+            + "0KrLXhLdkyHRSm81SRsWoadCTSyT8ibv66P00GOt+OlIUOt0YKSUkULQfPvC"
+            + "EgMpeTm1/9l8n9bJ6td5fpJFDqLDm+FpJX6T2sWevV/Tyt6aoDPuET5iHBHW"
+            + "PoHxKl8YPRHBf+nRWoh45QMGQWNSrJRDlO8oYOhdznh4wxLn3DXEfDr0Z7Kd"
+            + "gEg6xr1XCobBn6Gi7wWXp5FDTaRF41t7fH8VxPwwDa8Yfu3vsgB6q426kjAj"
+            + "Q77wx1QFIg8gOYopTOgqze1i4h1U8ehP9btznDD6OR8+hPsVKoXYGp8Ukkc7"
+            + "JBA0o8l9O2DSGh0StsD94UhdYzn+ri7ozkXFy2SHFT2/saC34NHLoIF0v/aw"
+            + "L9G506Dtz6xXOACZ4brCG+NNnPLIcGblXIrYTy4+sm0KSdsl6BGzYh9uc8tu"
+            + "tfCh+iDuhT0n+nfnvdCmPwonONFb53Is1+dz5sisILfjB7OPRW4ngyfjgfHm"
+            + "oxxHDC/N01uoJIdmQRIisLi2nLhG+si8+Puz0SyPaB820VuV2mp77Y2osTAB"
+            + "0hTDv/sU0DQjqcuepYPUMvMs3SlkEmaEzNSiu7xOOBQYB8FoK4PeOXDIW6n2"
+            + "0hv6iS17hcZ+8GdhwC4x2Swkxt99ikRM0AxWrh1lCk5BagVN5xG79c/ZQ1M7"
+            + "a0k3WTzYF1Y4d6QPNOYeOBP9+G7/a2o3hGXDRRXnFpO7gQtlXy9A15RfvsWH"
+            + "O+UuFsOTtuiiZk1qRgWW5nkSCPCl2rP1Z7bwr3VD7o6VYhNCSdjuFfxwgNbW"
+            + "x8t35dBn6xLkc6QcBs2SZaRxvPTSAfjON++Ke0iK5w3mec0Br4QSNB1B0Aza"
+            + "w3t3AleqPyJC6IP1OQl5bi+PA+h3YZthwQmcwgXgW9bWxNDqUjUPZfsnNNDX"
+            + "MU9ANDLjITxvwr3F3ZSfJyeeDdbhr3EJUTtnzzWC6157EL9dt0jdPO35V0w4"
+            + "iUyZIW1FcYlCJp6t6Sy9n3TmxeLbq2xML4hncJBClaDMOp2QfabJ0XEYrD8F"
+            + "jq+aDM0NEUHng+Gt9WNqnjc8GzNlhxTNm3eQ6gyM/9Ip154GhH6c9hsmkMy5"
+            + "DlMjGFpFnsSTNFka2+DOzumWUiXLGbe4M3RePl1N4MLwXrkR2llguQynyoqF"
+            + "Ptat2Ky5yW2q9+IQHY49NJTlsCpunE5HFkAK9rY/4lM4/Q7hVunP6U4a0Kbu"
+            + "beFuOQMKQlBZvcplnYBefXD79uarY/q7ui6nFHlqND5mlXMknMrsQk3papfp"
+            + "OpMS4T07rCTLek0ODtb5KsHdIF76NZXevko4+d/xbv7HLCUYd8xuOuqf+y4I"
+            + "VJiT1FmYtZd9w+ubfHrOfHxY+SBtN6fs02WAccZqBXUYzZEijRbN2YUv1OnG"
+            + "rfYe4EcfOu/Sa+wLbB7msYpLfvUfEO3iseKf4LXZkgtF5P610PBZR8edeSgr"
+            + "YZW+J0K78PRAl5nEi1mvzBxi9DyNf6iQ9mWLyyCmr9p9HGE+aCMKVCn9jfZH"
+            + "WeBDAJNYDcUh5NEckqJtbEc2S1FJM7yZBWLQUt3NCQvj+nvQT45osZ3BJvFg"
+            + "IcGJ0CysoblVz4fCLybrYxby9HP89WMLHqdqsIeVX8IJ3x84SqLPuzrqf9FT"
+            + "ZVYLo0F2oBjAzjT7obt9+NJc/psOMCg+OGQkAfwj3VNvaqkkQsVxSiozgxrC"
+            + "7KaTXuAL6eKKspman96kz4QVk9P0usUPii+LFnW4XYc0RNfgJVO6BgJT7pLX"
+            + "NWwv/izMIMNAqSiWfzHHRVkhq4f1TMSF91auXOSICpJb3QQ4XFh52Mgl8+zs"
+            + "fobsb0geyb49WqFrZhUu+X+8LfQztppGmiUpFL+8EW0aPHbfaf4y9J1/Wthy"
+            + "c28Yqu62j/ljXq4Qa21uaEkoxzH1wPKCoKM9TXJtZJ39Yl9cf119Qy4M6QsB"
+            + "6oMXExlMjqIMCCWaLXLRiqbc2Y7rZHgEr08msibdoYHbSkEl8U+Kii2p6Vdx"
+            + "zyiEIz4CadrFbrAzxmrR/+3u8JuBdq0K3KNR0WWx73BU+G0rgBX56GnP7Ixy"
+            + "fuvkRb4YfJUF4PkDa50BGVhybPrIhoFteT6bSh6LQtBm9c4Kop8Svx3ZbqOT"
+            + "kgQDa0n+O0iR7x3fvNZ0Wz4YJrKGnVOPCqJSlSsnX6v2JScmaNdrSwkMTnUf"
+            + "F9450Hasd88+skC4jVAv3WAB03Gz1MtiGDhdUKFnHnU9HeHUnh38peCFEfnK"
+            + "WihakVQNfc72YoFVZHeJI5fJAW8P7xGTZ95ysyirtirxt2zkRVJa5p7semOw"
+            + "bL/lBC1bp4J6xHF/NHY8NQjvuhqkDyNlh3dRpIBVBu6Z04hRhLFW6IBxcCCv"
+            + "pjfoxJoox9yxKQKpr3J6MiZKBlndZRbSogO/wYwFeh7HhUzMNM1xIy3jWVVC"
+            + "CrzWp+Q1uxnL74SwrMP/EcZh+jZO4CYWk6guUMhTo1kbW03BZfyAqbPM+X+e"
+            + "ZqMZljydH8AWgl0MZd2IAfajDxI03/6XZSgzq24n+J7wKMYWS3WzB98OIwr+"
+            + "oKoQ7aKwaaT/KtR8ggUVYsCLs4ScFY24MnjUvMm+gQcVyeX74UlqR30Aipnf"
+            + "qzDRVcAUMMNcs0fuqePcrZ/yxPo+P135YClPDo9J8bwNpioUY8g+BQxjEQTj"
+            + "py3i2rAoX+Z5fcGjnZQVPMog0niIvLPRJ1Xl7yzPW0SevhlnMo6uDYDjWgQ2"
+            + "TLeTehRCiSd3z7ZunYR3kvJIw1Kzo4YjdO3l3WNf3RQvxPmJcSKzeqKVxWxU"
+            + "QBMIC/dIzmRDcY787qjAlKDZOdDp7qBKIqnfodWolxBA0KhvE61eYabZqUCT"
+            + "G2HJaQE1SvOdL9KM4ORFlxE3/dqv8ttBJ6N1qKk423CJjajZHYTwf1dCfj8T"
+            + "VAE/A3INTc6vg02tfkig+7ebmbeXJRH93KveEo2Wi1xQDsWNA+3DVzsMyTqV"
+            + "+AgfSjjwKouXAznhpgNc5QjmD2I6RyTf+hngftve18ZmVhtlW5+K6qi62M7o"
+            + "aM83KweH1QgCS12/p2tMEAfz//pPbod2NrFDxnmozhp2ZnD04wC+6HGz6bX/"
+            + "h8x2PDaXrpuqnZREFEYzUDKQqxdglXj5oE/chBR8+eBfYSS4JW3TBkW6RfwM"
+            + "KOBBOOv8pe3Sfq/bg7OLq5bn0jKwulqP50bysZJNlQUG/KqJagKRx60fnTqB"
+            + "7gZRebvtqgn3JQU3fRCm8ikmGz9XHruoPlrUQJitWIt4AWFxjyl3oj+suLJn"
+            + "7sK62KwsqAztLV7ztoC9dxldJF34ykok1XQ2cMT+uSrD6ghYZrmrG5QDkiKW"
+            + "tOQCUvVh/CorZNlON2rt67UvueMoW+ua25K4pLKDW316c2hGZRf/jmCpRSdb"
+            + "Xr3RDaRFIK6JpmEiFMMOEnk9yf4rChnS6MHrun7vPkf82w6Q0VxoR8NRdFyW"
+            + "3mETtm2mmG5zPFMMD8uM0BYJ/mlJ2zUcD4P3hWZ8NRiU5y1kazvrC6v7NijV"
+            + "o459AKOasZUj1rDMlXDLPloTHT2ViURHh/8GKqFHi2PDhIjPYUlLR5IrPRAl"
+            + "3m6DLZ7/tvZ1hHEu9lUMMcjrt7EJ3ujS/RRkuxhrM9BFlwzpa2VK8eckuCHm"
+            + "j89UH5Nn7TvH964K67hp3TeV5DKV6WTJmtIoZKCxSi6FFzMlky73gHZM4Vur"
+            + "eccwycFHu+8o+tQqbIAVXaJvdDstHpluUCMtb2SzVmI0bxABXp5XrkOOCg8g"
+            + "EDZz1I7rKLFcyERSifhsnXaC5E99BY0DJ/7v668ZR3bE5cU7Pmo/YmJctK3n"
+            + "m8cThrYDXJNbUi0c5vrAs36ZQECn7BY/bdDDk2NPgi36UfePI8XsbezcyrUR"
+            + "ZZwT+uQ5LOB931NjD5GOMEb96cjmECONcRjB0uD7DoTiVeS3QoWmf7Yz4g0p"
+            + "v9894YWQgOl+CvmTERO4dxd7X5wJsM3Y0acGPwneDF+HtQrIpJlslm2DivEv"
+            + "sikc6DtAQrnVRSNDr67HPPeIpgzThbxH3bm5UjvnP/zcGV1W8Nzk/OBQWi0l"
+            + "fQM9DccS6P/DW3XPSD1+fDtUK5dfH8DFf8wwgnxeVwi/1hCBq9+33XPwiVpz"
+            + "489DnjGhHqq7BdHjTIqAZvNm8UPQfXRpeexbkFZx1mJvS7so54Cs58/hHgQN"
+            + "GHJh4AUCLEt0v7Hc3CMy38ovLr3Q8eZsyNGKO5GvGNa7EffGjzOKxgqtMwT2"
+            + "yv8TOTFCWnZEUTtVA9+2CpwfmuEjD2UQ4vxoM+o=");
+
+		private static readonly byte[] longTagged = Hex.Decode("9f1f023330");
+
+		[Test]
+		public void TestClassCast()
+        {
+            ParseEnveloped(classCastTest);
+        }
+
+		[Test]
+		public void TestDerExp()
+        {
+            ParseEnveloped(derExpTest);
+        }
+
+        [Test]
+		public void TestLongTag()
+		{
+			Asn1StreamParser aIn = new Asn1StreamParser(longTagged);
+			Asn1TaggedObjectParser tagged = (Asn1TaggedObjectParser)aIn.ReadObject();
+
+			Assert.AreEqual(31, tagged.TagNo);
+		}
+
+		private void ParseEnveloped(
+			byte[] data)
+        {
+            Asn1StreamParser aIn = new Asn1StreamParser(data);
+
+			ContentInfoParser cP = new ContentInfoParser((Asn1SequenceParser)aIn.ReadObject());
+
+			EnvelopedDataParser eP = new EnvelopedDataParser((Asn1SequenceParser)cP.GetContent(Asn1Tags.Sequence));
+
+			eP.GetRecipientInfos().ToAsn1Object(); // Must drain the parser!
+
+			EncryptedContentInfoParser ecP = eP.GetEncryptedContentInfo();
+
+			Asn1OctetStringParser content = (Asn1OctetStringParser)ecP.GetEncryptedContent(Asn1Tags.OctetString);
+
+			Streams.Drain(content.GetOctetStream());
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/ParsingTest.cs b/crypto/test/src/asn1/test/ParsingTest.cs
new file mode 100644
index 000000000..bb219e2fc
--- /dev/null
+++ b/crypto/test/src/asn1/test/ParsingTest.cs
@@ -0,0 +1,104 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	public class ParsingTest
+		: SimpleTest
+	{
+		private static readonly string[] streams = {
+			"oRNphCO0F+jcMQKC1uMO8qFBPikDDYmtfVGeB45xvbfj1qu696YGjdW2igRnePYM/KkQtADG7gMHIhqBRcl7dBtkejNeolOklPNA3NgsACTiVN9JFUsYq0a5842+TU+U2/6Kt/D0kvz0WmwWFRPHWEWVM9PYOWabGsh28Iucc6s7eEqmr8NEzWUx/jM3dmjpFYVpSpxt2KbbT+yUO0EqFQyy8hQ7JvKRgv1AoWQfPjMsfjkKgxnA8DjenmwXaZnDaKEvQIKQl46L1Yyu3boN082SQliSJMJVgNuNNLFIt5QSUdG1ant5O6f9Yr0niAkAoqGzmqz+LZE1S7RrGHWiQ3DowE9NzviBuaAoI4WdCn1ClMwb9fdEmBMU4C7DJSgs3qaJzPUuaAT9vU3GhZqZ0wcTV5DHxSRzGLqg9JEJRi4qyeuG3Qkg3YBtathl+FiLJ7mVoO3dFIccRuuqp2MpMhfuP1DxHLNLNiUZEhLMQ0CLTGabUISBuyQudVFlKBZIpcLD0k7fKpMPuywrYiDrTinMc2ZP3fOGevoR5fnZ6kZAE5oMTtMNokzBuctGqVapblXNrVMLYbriT538oYz5",
+			"KEKVhHxtyUR9D3v5K4IJbVQLAMiVKoK9z7wFWUjzvLFNLg9C/r8zKfBa3YgZrt0Nq64+MxBePMbiNLCnfditc2qUcQZUHnvNnhwT6uGK37JmXg7MvQiKwvi31EIYt6ghqBZVs1iaqc0ep7wuQ16uwSQMlaDdXc9Qf1L0dGO/6eLyREz+p4UR4NOXK+GooQLfMxYL40zJlYcwNyR0rigvIr84WP2IMS2hZjqXtyS6HMM4yUv70hkIorjr7+JC4GtU1MyWuPuNSAGen0AZTaEEXd5sMbqXMqWg3jeM4mzRH1Kb3WdAChO5vMJZPBj9jZZKgXzmxkUh5GlIhUdYgztoNceBzQ3PIc7slCDUw9I2PjB87xsfy7jA5tFtFADs2EUyxUTMCuhilP664jSHgwbrr80k9Xc4sU+MCwCq2nQmcZYcPgKb4M31VJMlKwnZF3JUU2Jtqgg4gbErw58YoBwSkEcMJ2Juhiyx9U36MzxHs9OcTURfpsilMy+mDL8arCDx1knM1KkAHCLjWuJI+p1PvuIypgCwVc+MtGfd7wW8iR1JPJLBiuoZyNJ+xx9htd/HVB+rLtB57H8Gz8W+R00f",
+			"Ol9I/rXMwbLpxTY97v70B+HCl2+cojz2574x/cC56A7KGVF13La8RdzOOvSkl338ct9T/blEFa6QwNz3GmF+MoPdH9lncwz+tqixIqGU02Bp5swH0qjbp/Yjaeq91eR6B+9fl+KKrpglBr8S1BrI4Ey5v3AxxJdCWP8Gd+6Sp15/HMYanwlHBpCsW4+Kq8sGJoJXUXpQ/GBUJKs+WjX1zE6PsvF7/B8cByuqE3NJt7x4Oa+qZtF8qNc0CFDNj31Yhdt7JkAoD30IAd+ue9OhImQMCWwFwySRIRJXU3865K2dBR+VhLuI2aKzLh7MlgVKJk6b2P/ZIkc86ksR1sOUiHrs9EdoYuIssAgMc8QGzn4VN8lxopdzQYVG6pbXGS/VQlHkGdyLd+OHt4srz/NTUWiOquVTRxa6GgtlBFfIXikPTb+iT2pZKyKUlBvpgo0BY9vVUadsteHAI5qrFZBrL5ecK/Qtl9hf/M8qEjyjt2aCXe9B96Hg2QR5A53qW2PJW5VzS0AeB3g+zJSPCTpygrBs20q5Xrna0ux2l17r6HT9Q/AXIOkwPZUXXn0d02igS4D6Hxrg3Fhdp+OTXL8G",
+			"o3eXWpwAGmUkxHEKm/pGkDb1ZQQctCQ06lltZjeMXDp9AkowmA0KXjPQCQwyWE/nqEvk2g/58AxNU0TWSujo5uU0h4/hdMZ7Mrj33NSskWvDpKe7lE5tUjPi74Rmc5RRS+1T/EQobpNxoic3+tTO7NBbZfJtcUYeZ3jqxL+3YQL3PrGe/Zpno9TnQW8mWbbhKhDRtKY4p3Pgk9hPSpJCM9xYo3EMAOAIiH2P6RKH6uX/gSaUY2b6DE/TT0V6v/jdSmYM4+cnYiTyJCi5txI35jfCqIlVCXJd7klirvUMg9SXBhGR25AgQ5Z8yjd7lbB8FvD8JQAXZrp6xiHxbLIW7G11fWEo7RGLFtALI6H38Ud0vKjsEN7N5AibJcxS2A/CWk9R00sTHRBHFUP8o5mz8nE7FeCiwJPs/+tCt04nGb9wxBFMsmWcPEDfIzphCaO6U/D/tQHlA846gbKoikv/6LI0ussSR/i85XBclNcvzTctxylSbCR02lZ+go6fe5rmMouiel/0Tndz8t1YpQGilVeOQ3mqAFyAJk3dgfTNKZuOhNzVIZ5GWScKQ5ZtNcWrg6siR+6YwKvLiRb/TJZk",
+			"PwRUnW4yU8PI7ggbI1BIO9fcTup8optkqCirodyHCiqsPOMZ4g28bJ2+kpfQRujWGlKFYQzA1ZT32s9hdci+fvXPX0KAjcUgcxsGzMABFbEm04BwDF2WLgg9s4/x71r5JrgME1S08I3mCo4N0eFHWDeLJL1b5YNNo6tfO5V2WpIE867N9zdAgvp1gijVjUNWqEB3A/NLb3reLMu2hYgqRFTCVBfcFclD46k0XEfUJqwWdQhOz92WNl/3g53bjKX1hDZgjLIzK6m+SU6+J/h4NidrS7E0gOBevZW8gRYdKMVqNWxzUfxv6kgG+kIeF9JqMcO6jdh/Zu/0tpZoHFeCweZ1jT1eEtltFu1FcTTPc1UT0pT+ZNVgefrBONoGnvn8+dBjPese6F2TmRCExJq9taKlIh/kHdkbpaa7vwrBpYRgVGfARPyM9SSCaE7pVBDuwkFeYiGU4tamm5Gq10ojRQgetJ3UOg/PGTJcxo97GBiG5zAST9NdHdgK3eI4FAbWpGwmWxNpPWOst0a7zuGKAzYU+1IQh8XA3IgJ2vy3+w0JihU6G+12LUzsL2aQtpG7d1PqLhwOqHq3Qqv3SDsB",
+			"ZIAKizvGzbvqvqOlxOeVgHGHV9TfKNjjqyzbCj8tggv2yp7kkq1D3yRlC349tuul3zN9g4u83Ctio9Gg3HiLzMULxoOImF/hKRDhJpPLbLm0jSq1fyF+N7/YvyLeFhGoPhYEBUihDcxo1NIcWy66aBt3EuOlTyDQWrDe0Za3mrTrrl10uLHVKcQMgeD+UMgjQqmHzQJR8wdNjHPKHWVvZEdiwI031nV2giHJHXv08Jvf4vmw4dAlH2drCl6cBgg33jy7ohK8IiXz6eCw6iY9Ri8YaMzxOhgE2BOHzEz5ZC2hilL4xO/ambTER4bhb4+9VTUIehHP18FcXm8TKPQRMqyKP2fMlzWW3/uelYfPP5SHlyLAULa1KjDCkLIDunEKZDpv2ljGB6JPrTlNwFsvlZcihfOAwjbr2jW3MwP704OA8xzd/dynBU47unIZEu0LAvQ3TUz3PLga0GGO1LZGtg0Foo9zFG2wuVCdgYHmozOQ+8I3gRguW1CjGy7ZCTBuN1GZ510ERhae+bRQtldHsLeiHTghnkU1xEX1+W0iEf3csDYrgpuq3NaBYRGirovDiPBYFHmru0AMclhFnpcX",
+			"uG0wQ55kMlfZtJFAqTl0bnYW/oy9NFOi0e4FqAYwsvMxGO4JtGzXgkVwEUAC0AUDItRUjxBl+TkoPTYaprgn0M/NQvKPpXJ+yzI7Ssi+F2alLR0T6eF/4rQ32AVjnANJaghXZm0ZKduckbhSxk5lilJVJRuzXKchZRtlPluvlj448bq+iThktsEQoNP8NMpi7n/EVxovp+dow4Q6t7msSRP4cGXtyYoWKbf/7e5XzBKOZZ1/f3s86uJke4dcKIaljpJfBrtuFxZC6NYXzX6PkoDoBgqQ8RBrxsX54S9cBDAPxxmkq8zviAOW3oqPMULGGmQzHBiRwE8oeDFoMnzF5aR/lkbNuTLOxhbIkosgLWlDNVEFYx9bVhdLzO7VwaAK829dimlPOo5loKB7Pd2G7ekRKXwu7wNvJBq8KRkhtLKbKoS8D6TaRWUMb9VBJ1CMy4mrw+YwTmAKURQ6Dko9J/RgzRg5Y/sUlwdMYS9HOnvKiTVu5I/ha35wwkhIPVm+FCn05tstntZaXXXu4xExHeugAKNBhkcc/SQt+GFdxXDd+R4C2LfKxGDSyZKVTFYojHTdZUo8Gx6SZLY6b2SZ",
+			"sH0kIwIq1THAfTLfqUKJfG1YauCQKPc9/mk3l39yK6zgxSpCH2IjZIwhhJtGm3F+8PTneT725OuyR617nxqrgqMGkkZkyY4DA5CjsikpBo5mo8TspX1g+vtXXtxymJMTMo8JwX3nSH4gSb3vPia+gwOW2TcJmxVdp3ITPA4gJpMfqoMBqRM+eDWO6QXW5ijVL4+wnp40u5bU4fQLVzpg25+QGLqBHD6PZTQaN6F9Vy5XpsAGDlncCklVuX3Lkp3Xb9cTiNa/4ii04uwZqx0juszjwFAMPPb6u56crvN1x4FXfXzabWECHbdQLlKazowvU9bEnqG2i4H44Ae+v8Iw8HK5mbZ6ercLTD9oPgs7Ogal037l2WwLApUz/fmD5fV8SxHh+vKDpfOzv6xcQxynS82jAJw9AdUwE/4ndGzzHPIu2M81gbAgZQ02EurMMU62hYgiXeridrtyh+H5R+CiwQdEyX7/op6WVihsYj2O3O/1hgjhGQRFD6sGwnko50jgWRxaMMfJGNlyGoT8WT5k931jU7547u7Ovr7XP/t8r3G7ceCiCcYjQgdwXdvIStzPvvV7Yy02isZjiJF8TLJQ",
+			"tycxf1mOz1yLE6cT/ZlCxMeTxlEEHFeIdw0+nF/40Tsw4vLco+4kR2A6cVml611CSpN6l/RMKk2LnAkprrbJ/Uam902WBnQ+I6Vsl6GkFFq7362bdixojqMFVKYytXLCT8I78f6s8M6a3jSALQloD6Ftvn+cc+cctO3weaaaPgAlrz+f2MFs8bqpnLQYbbY/JS9IAYJFH+yVtLz7eKcedEp9JMlJ3/43szU2fDN9ZMxBoQnxEmF3WZv6GF0WRc8VhTblXRgk4mlz6Fu3IXvwW/rbn+VCYYIk/XaVLrxFAnnw6mBozAF7vmV0OrIYBlSDU8rMb+F7AvE7pwErO9TJtCE8IUvQf8TsJYRoYv21/X57pzcBedtqVeU3DnTlmESHxG6H1uJbadSFLWSxKS4svfp8T9FWqX5815yD/UplAKEIeorLTAlPIC2ASKDU6SQW260biNAfY8FYQCWa8btaTwFuY8NMwSHzyqgU0aoPKnagi/4hOIWNO5rZ8Xcnzx+ELtEl33hQnzc4OUlT5eeVYQWkz2IWVQ6Re4JWF3L4OXzNZWgefKGMzZU6IHoBeCgfi+popLRJpaOx0dcvwGjk",
+			"oDsoFvUA+sGOoMyZY6w1UhY3NBkeoozzjEkDSRN1golyXJ1dC5CtYNEjvAJYKj+sqNwg9mBlYyybYpnI3GSP125zMeBHPCoy5CoNOkJW4OH/oLyjVeQbFNic/b2Jcz6lTguYhep8hq9EM2XuFV8T1rm5+4ucI7fH1UiOqRZyuHBAJ0Cna5kv6D3efsa9rd+swybiMIUjmPWpyxzNOOihCYuf4JqRh/D5eZKm6x0Zj2uRhTAYYxI7Q3czd0R9490ufG8VbF8ASBMireMONNNAA/OZCpxJh6xnIANBqV6YDeysws3NBWY2QuNumvg5Kr3/g+VMzJHi4wGuJjraKWi9+ylMfelHF5h/h+pAQVxCotq8JU3OTnMUW4rQp2a8BR5S+mZqPSPlb87tDG9r0+yqb1uO4UIo71C7Xxwoq4M0tXjk6mSmtP/sm+Lh14qfUzKRhTHVdz91TK104mbTJNXbK+jGPD/2BJO9fiaXY8IYanpfDLBfJo06VYbm6HehRZTwnDHnN50j7ki4aMS3COZvffjRInXD8dS5h9zmtKNpoqg//lPg4gpS+4Th2sJ3SGtBV0Ne89r7AfZMAVa26PMK",
+			"MIDLuZTrtZnEBOB6l14iSEyokAg5Wf5JviumhfPeL7WSFTHfOodU2hrvhyvM6oAlRHY1blTj7mw+Tcf9Tmc+/FHT6PGu0NT5UAqaqChX0gS9jizgAE2Yfhd4X/DoeQySMAixKuhu8TbvDxb54jeW9+7LVkmlntJ/0SkMgsT+WQ31OfpwDmEGDczYc+Ol14aJS+EW+rnGv9d38bo/cy+EnpNh8iV2rGGoC8fDzFHKU4gqGFSZF/tnD2OfCne0Vjr/GD6kyp2MVcHig19DBg2toGRkHnuY5kLkwOanztXA80IaAmv8e6s62U8CE8ozUZeDBcvBigEkSGx79Vsyiks8+9Kq9xLHLeS5kRT6zSl8whe8U1fIfrgic34KPlozcQVahwCru1XWyQ+9uevih8x4zMftkJ3JBZhPrnlgtx9McntH/Ss9fdUEkNwWpDnq8Xby8/5gMMMwQ13XDB73vqqteDiltMq8i7LRez4iIHfSBBfIkZIzMZAblQXaSm029iBcAAUes7wcGHUl7KOpRy18jNtI3+h7e1Ri6sT2vJYQaove0nzZ5xAjpBKnbJX+lpGVlI00fC2YSTfyNqFA0jkL",
+			"MG4QbKLbQR3enPn6Z/kEUtHrzWBIqYKR7Gvs5QHLPF6417p1O58suZq38Bb8dO5udtgOqNEVAPGmOuidYygWWfWOP5ReggTUk5XlrkvRxCU0MHWbkSKkJ+T4nLjozreqTJ0io41sFVrpxuOugAvXJ6QtMmixSABUaNgU9SkkWf9pOEiJI8dfND51HxJCbXHwsMCMBp5FbaMZmlWPwirRdAox4wbLk9ZLmoWUcorUjdaWhKvT/LnjMgPmwnwwKpN/4MOnRDdAPdzXX3aWHdkzpfsQnqt3UJsTsSaJlzeUja5C5L4CXGyt99qmfcwB8OB9TL4EYTIl3maD/gUWBfckOsji8x2E2c2iuKKrcmMmcChYr4wCjtTjEeVKOAZ2m9mU2MKc2z2hDw3AuZxsY6aOtdAjnrwl5QXGRg9I5LVl5SI5RwnLwk90pJzDGuSSCtSmzh9DUZ4WpfN+1393aTGRqCMOsB4KxbXjspUbVMFJbnXXlsSNWaoFTpHjK6b6Ghi2/re7KJpoKElM3nGs3qvxdvGTKu7LKr/sgKDL6uQLRKoyk8AHSIGX9c8ZUTk7Sq9jV9p4QfV1WFVpaBxSsEmw",
+			"MR0BACgWKis9/AKwG9/ARgGWJn1aM3nU8YXzWG+b7aeRUkVCjl4WxeL38E3FAMLW4UcyLzxeb+CskOqhPPTglmxhK7jQcrNILsWcZvdZfApYIvk5uKqA5FKuUuL48uvD0aKGRENe/VEUFlkQru5YX4Xnp+ZThrJJlgn7ANat/qAdP6ULEcLaOQlLYcGRh5ttsJTRT4+cZQggTJjWt+9idUQ66HfC6zQ1qHcMuochy7GHiUmNXAs0AgwOF9Jwet/Qh74KGMtmppJ9gkEqiYECFQA2gVgKc1AufHJS6S6Re72FfH/UkL41L2hvlwktkD5/hZrUZ1R+RG12Eip2zKgus4g/aGl0V8B/JvkcnFUsZJ6uxs24arOBDJOuzzxky5F5B/hwVGPEdcfHunqndUcx26/KCK72hOljlqTXl8yEbXlcMqVFNByZLr7TnGzGGUlO7kuHPW/ItZUJvrHokpsLLrb3ZhEZ8pTQd75gFcf0Ve8CYzEtk2ISHtNJQV6Iz4AZHWssU6F6YWM/OlJz5JGTtPHfGMJXgl4oxbBjeenS3JQ0X7vWXYMwPe3U1dat6m5hrRC1KzI6e6w+gPDtF8GQ",
+			"DH2WX6XoIseX6lHIey3seUr3DAz82fyk0jL7xc5IDTrDfqS64QBhHDpqHETF/81MrPXsM3IANBfjDOl9g/gua8wWPpPNxuWZMNh0GLcAr6PJ939TCbjE3soZHF2wiA82nZEO8jIZosDVRWFUfJS6Y3nrJz63SExqB6OUdBfvSfz1Y1M/90ofBxkfeuS85deMdn+1rZdsnZJYwz2Z6lCDvYjUTfrSwfVFJBP8Y2BXr8WClUYkfGG4eNG7IPNBRuMmhrhHj5y9z+5Jor+EbbTi5F5Jvdu2/bDM7s32XsaMNLYuVtNYONrbQ+3QZ746/yKZM4hDREvxyGLgDx3Apz7pyvwKm0//iTCY3yJLxZifGLh2uc28cFBln7IH1x8oui4Xq9vF+Z2EH4Ow48Ln5pzggBKMGy4dsfW6266TNYd/Z3SZUi28sxondqhGCSGUo7ZVPAOoYDcYKvjdI/cJ688PHliyZSYBYVmR5HBxZ57sqWwgZQ7zVvwv4CHHysvb92sPrXijHxBIkwpNuK56UMyQCcywlTRLDCMAMNAEGi4fWbDQIoPfn+NixMhEieg3Zh7GXPwHxW8morlgBW5aF76P",
+			"AwClK6Tq9R2DYGf8RAHu9dEttLeOfUVmS4WPwX0NehsnyM7y7n2sgGnXsiva3yFqK1hKZICkVukvHF7/bpgEEm/jRwcAhQUoG+c1qVde38eHJXj58YOBGTveruc+021or9/tHBtenmYPO6+arLQtONi43NKm7+I6ugkgQlp6iBr4haa0XMDTzMX9c8Qm/O+MrVo3qESYKkVtoSSK7SGZTBaRWNF/dOM0NQxeMP+XTVOuroqE23ZNsubBTEZnd4vUilFb/iKnhyT9XnIo7gM/Yz7HLVU5yc3yIj2sFUE+DcwpvcNO5EnPhj3bHsJvf3N4r72+5my2KjoR3KAJE1Imabd54o4xZ/9UaR93qLkVuXMkLRCCU/zlZDtfbJDsRR0C5rSYd2k6IPlNcl7PgmUpsNPUyoDYqvhuRUZxgoUAfKbogzJX8FU/QpllsKVtt68ucBi0bqC5pVKu23j79nDvYQsSlYY3JwJQaM5M558J5qpP1yEF2p4kSRphnB9UR29wWgch5eWZ4a02LlHVM5Msl6W5PdmHt+eFARBRv6edIyYDFzxm4WZroH5F/GxBhM0KObgawkxa5VWsYm0VhhXb",
+			"KACwq8rZuOLHuNnZJA07WzI7kppCwptbcYU2B7t86QcZrnadCtxoM5QNcl9rsbMA26iWCPV3VlDAmLSWcxtMoSKWuo4edJpk8K915xkFU5U6I/901vx5hqAECQDy/Q+QDWmWTXDoVHqFV9wvIj3wCJPpJL/Ewpl0NZd+68jjOjUhjIdNebLrWNK2nhTPiIjFjkcVqEgashpOmnbHT+2MV/CHoixmUEiuRI1B0dvSf7FHGRgbXGBubisuu60g8XTens5zyRo4Qn/LTxIu2aj4LTtyLonV3sXr+y35A1zq5mCrE1f1nOINVzwYYY76iJGIaBkZuMU3366FPIbYkmXwla6RQU1FA0Y7n05qczw7Ie5TveRTByKFtUqW8OAb9vH+H2ezJ4CXE3AGbu/nTj64KClO/zL499GA+97g+X6tTN6xOJdNknlqw6ZnFNtCL8+A3hL4OyOgWD0IGC+xFvcKjDUaaJenCtQvprCJaFrvoOS+yYmixnFqglnPYL/64/Lca8NmDVpPzlHI8HNwUDzKiXTw3q7GnQZWmUYzu1vLIEi6/hyqrULRN1vLdd/8HCMNQFj4ot61UftHtOG8MCKa",
+			"rUABPQ3SEWE5rY16pM+o+7EObLNM1jEa5YCMQM/aen0PWajWNax3Pyo6TZL8aGDXZF0yWqDM3b2m6UHOr6yqsUSrD+0jXPT48QN1VdBmh+AFRK+UcaYO383a0nvtv0c9uHt4yfceXLPGWrNjW+uTnS/lKpCdpE4GfLF1SFHIUcMxT+3At7hwDHNkLXllEXqbgDP8LyQSlYwT5jQUDCOzwc8CSxAryUOj6fN+iLKAiw4haPV/WZDG+JOmDMG2azo8SoBMi3y6Z2Le2fz2dMuvn5DUvCUvazrUmWYx4NEdSzc9GfBc6cXkduMqCs+lT2Ik2GHO0WjhrEB6j5NULOaCtbrislM85P6QutN4Pj9l18pcD6vZCcDTOwMj/BznclH342jeMn7rBgpW1YSzbNGP6KC4NeNW1H2xqNtuyhcJvasx4dwhzO18A36H6HtkiQyJNnfnVHh1oviO6mi3atmnh9B/55ugXM1Wf/6Kv8kJyaKtK8cWo+jCAR0/P/EsPtzToJM9Yk2+qxaPFd3k7T2KXvCQ9D1jLeECxL59L+WDvdBtxOEBD7W0a/Mn/9LuQPOiwARKJSTU+blJ6ezTeo83",
+			"poA1hF4zRh7HF0xVglYoLFqkUR7Pru/qYFnfMKBPuEOOGdgO3MMcAvIZ+w+Ug4THr/6+Vux0TN3wdOB+beObOboLgNE2zaD65lyMFbaulzrEnWjUgIg63CdpQJ2ESaimHGg/GmsipUCndRJ37TbUtn8W112SehsAgrsjiBcuJhw61i4bVfAZEcycq4Y/FlEDxtzoH8WzDoESNbl+r5agLcHGr37BFi81IXS8TLihC1T8b7d6tLb6lpXT+9IR4xAyZTw1IFMDZZEzVmHgYE/Et20/WhkX/oGghkWSpCxR0kynDplk+BEK2oyGKnl+rf4vymhsse2iQ/C99PhaodZjDfuGVSwPLoU0AYyAKaEwmgHPOFbDlrAmNk4iBp+IZYm9guZM2hcQ4GeA5WQyZzw4C1yMywWbdjtL9ZhpClmmPZ28nmwNORAat7tXPJoBBdXFB0gNT/wU7UYIKU5GnAiDIFJ0o8ijnuAMat3AsBki2vxwdypuBq5M6OF9DVA0HRUjOA0l4JHjK8Y282mz3U34PDPQvwCT342uD9cO3uXoSr3T2FnDmsVHz4Q9zYpSjioLmZk9ZTnQWgN5V5Oyat6m"
+		};
+
+		public override string Name
+		{
+			get { return "ParsingTest"; }
+		}
+
+		public override void PerformTest()
+		{
+			inputStreamTest();
+			parserTest();
+		}
+
+		private void parserTest()
+		{
+			foreach (string stream in streams)
+			{
+				Asn1StreamParser aIn = new Asn1StreamParser(Base64.Decode(stream));
+
+				try
+				{
+					Object obj;
+					while ((obj = aIn.ReadObject()) != null)
+					{
+					}
+
+					Fail("bad stream parsed successfully!");
+				}
+				catch (IOException)
+				{
+					// ignore
+				}
+				// Note: C# may throw these instead, since no InMemoryRepresentable support
+				catch (Asn1ParsingException)
+				{
+					// ignore
+				}
+			}
+		}
+
+		private void inputStreamTest()
+		{
+			foreach (string stream in streams)
+			{
+				Asn1InputStream aIn = new Asn1InputStream(Base64.Decode(stream));
+
+				try
+				{
+					Object obj;
+					while ((obj = aIn.ReadObject()) != null)
+					{
+					}
+
+					Fail("bad stream parsed successfully!");
+				}
+				catch (IOException)
+				{
+					// ignore
+				}
+				// Note: C# may throw these instead, since no InMemoryRepresentable support
+				catch (Asn1ParsingException)
+				{
+					// ignore
+				}
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new ParsingTest());
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/PersonalDataUnitTest.cs b/crypto/test/src/asn1/test/PersonalDataUnitTest.cs
new file mode 100644
index 000000000..f92e619cf
--- /dev/null
+++ b/crypto/test/src/asn1/test/PersonalDataUnitTest.cs
@@ -0,0 +1,127 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.X500;
+using Org.BouncyCastle.Asn1.X509.SigI;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class PersonalDataUnitTest
+		: Asn1UnitTest
+	{
+		public override string Name
+		{
+			get { return "PersonalData"; }
+		}
+
+		public override void PerformTest()
+		{
+			NameOrPseudonym nameOrPseudonym = new NameOrPseudonym("pseudonym");
+			BigInteger nameDistinguisher = BigInteger.ValueOf(10);
+			DerGeneralizedTime dateOfBirth= new DerGeneralizedTime("20070315173729Z");
+			DirectoryString placeOfBirth = new DirectoryString("placeOfBirth");
+			string gender = "M";
+			DirectoryString postalAddress = new DirectoryString("address");
+
+			PersonalData data = new PersonalData(nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress);
+
+			checkConstruction(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress);
+
+			data = new PersonalData(nameOrPseudonym, null, dateOfBirth, placeOfBirth, gender, postalAddress);
+
+			checkConstruction(data, nameOrPseudonym, null, dateOfBirth, placeOfBirth, gender, postalAddress);
+
+			data = new PersonalData(nameOrPseudonym, nameDistinguisher, null, placeOfBirth, gender, postalAddress);
+
+			checkConstruction(data, nameOrPseudonym, nameDistinguisher, null, placeOfBirth, gender, postalAddress);
+
+			data = new PersonalData(nameOrPseudonym, nameDistinguisher, dateOfBirth, null, gender, postalAddress);
+
+			checkConstruction(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, null, gender, postalAddress);
+
+			data = new PersonalData(nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, null, postalAddress);
+
+			checkConstruction(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, null, postalAddress);
+
+			data = new PersonalData(nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, null);
+
+			checkConstruction(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, null);
+
+			data = PersonalData.GetInstance(null);
+
+			if (data != null)
+			{
+				Fail("null GetInstance() failed.");
+			}
+
+			try
+			{
+				PersonalData.GetInstance(new Object());
+
+				Fail("GetInstance() failed to detect bad object.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkConstruction(
+			PersonalData		data,
+			NameOrPseudonym		nameOrPseudonym,
+			BigInteger			nameDistinguisher,
+			DerGeneralizedTime	dateOfBirth,
+			DirectoryString		placeOfBirth,
+			string				gender,
+			DirectoryString		postalAddress)
+		{
+			checkValues(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress);
+
+			data = PersonalData.GetInstance(data);
+
+			checkValues(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress);
+
+			Asn1InputStream aIn = new Asn1InputStream(data.ToAsn1Object().GetEncoded());
+
+			Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject();
+
+			data = PersonalData.GetInstance(seq);
+
+			checkValues(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress);
+		}
+
+		private void checkValues(
+			PersonalData		data,
+			NameOrPseudonym		nameOrPseudonym,
+			BigInteger			nameDistinguisher,
+			DerGeneralizedTime	dateOfBirth,
+			DirectoryString		placeOfBirth,
+			string				gender,
+			DirectoryString		postalAddress)
+		{
+			checkMandatoryField("nameOrPseudonym", nameOrPseudonym, data.NameOrPseudonym);
+			checkOptionalField("nameDistinguisher", nameDistinguisher, data.NameDistinguisher);
+			checkOptionalField("dateOfBirth", dateOfBirth, data.DateOfBirth);
+			checkOptionalField("placeOfBirth", placeOfBirth, data.PlaceOfBirth);
+			checkOptionalField("gender", gender, data.Gender);
+			checkOptionalField("postalAddress", postalAddress, data.PostalAddress);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new PersonalDataUnitTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/ProcurationSyntaxUnitTest.cs b/crypto/test/src/asn1/test/ProcurationSyntaxUnitTest.cs
new file mode 100644
index 000000000..97d0e3eee
--- /dev/null
+++ b/crypto/test/src/asn1/test/ProcurationSyntaxUnitTest.cs
@@ -0,0 +1,111 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.IsisMtt.X509;
+using Org.BouncyCastle.Asn1.X500;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class ProcurationSyntaxUnitTest
+		: Asn1UnitTest
+	{
+		public override string Name
+		{
+			get { return "ProcurationSyntax"; }
+		}
+
+		public override void PerformTest()
+		{
+			string country = "AU";
+			DirectoryString typeOfSubstitution = new DirectoryString("substitution");
+			GeneralName thirdPerson = new GeneralName(new X509Name("CN=thirdPerson"));
+			IssuerSerial certRef = new IssuerSerial(new GeneralNames(new GeneralName(new X509Name("CN=test"))), new DerInteger(1));
+
+			ProcurationSyntax procuration = new ProcurationSyntax(country, typeOfSubstitution, thirdPerson);
+
+			checkConstruction(procuration, country, typeOfSubstitution, thirdPerson, null);
+
+			procuration = new ProcurationSyntax(country, typeOfSubstitution, certRef);
+
+			checkConstruction(procuration, country, typeOfSubstitution, null, certRef);
+
+			procuration = new ProcurationSyntax(null, typeOfSubstitution, certRef);
+
+			checkConstruction(procuration, null, typeOfSubstitution, null, certRef);
+
+			procuration = new ProcurationSyntax(country, null, certRef);
+
+			checkConstruction(procuration, country, null, null, certRef);
+
+			procuration = ProcurationSyntax.GetInstance(null);
+
+			if (procuration != null)
+			{
+				Fail("null GetInstance() failed.");
+			}
+
+			try
+			{
+				ProcurationSyntax.GetInstance(new Object());
+
+				Fail("GetInstance() failed to detect bad object.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkConstruction(
+			ProcurationSyntax	procuration,
+			string				country,
+			DirectoryString		typeOfSubstitution,
+			GeneralName			thirdPerson,
+			IssuerSerial		certRef)
+		{
+			checkValues(procuration, country, typeOfSubstitution, thirdPerson, certRef);
+
+			procuration = ProcurationSyntax.GetInstance(procuration);
+
+			checkValues(procuration, country, typeOfSubstitution, thirdPerson, certRef);
+
+			Asn1InputStream aIn = new Asn1InputStream(procuration.ToAsn1Object().GetEncoded());
+
+			Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject();
+
+			procuration = ProcurationSyntax.GetInstance(seq);
+
+			checkValues(procuration, country, typeOfSubstitution, thirdPerson, certRef);
+		}
+
+		private void checkValues(
+			ProcurationSyntax procuration,
+			string country,
+			DirectoryString  typeOfSubstitution,
+			GeneralName thirdPerson,
+			IssuerSerial certRef)
+		{
+			checkOptionalField("country", country, procuration.Country);
+			checkOptionalField("typeOfSubstitution", typeOfSubstitution, procuration.TypeOfSubstitution);
+			checkOptionalField("thirdPerson", thirdPerson, procuration.ThirdPerson);
+			checkOptionalField("certRef", certRef, procuration.CertRef);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new ProcurationSyntaxUnitTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/ProfessionInfoUnitTest.cs b/crypto/test/src/asn1/test/ProfessionInfoUnitTest.cs
new file mode 100644
index 000000000..6af2658ef
--- /dev/null
+++ b/crypto/test/src/asn1/test/ProfessionInfoUnitTest.cs
@@ -0,0 +1,121 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.IsisMtt.X509;
+using Org.BouncyCastle.Asn1.X500;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class ProfessionInfoUnitTest
+		: Asn1UnitTest
+	{
+		public override string Name
+		{
+			get { return "ProfessionInfo"; }
+		}
+
+		public override void PerformTest()
+		{
+			NamingAuthority auth =  new NamingAuthority(new DerObjectIdentifier("1.2.3"), "url", new DirectoryString("fred"));
+			DirectoryString[] professionItems = { new DirectoryString("substitution") };
+			DerObjectIdentifier[] professionOids = { new DerObjectIdentifier("1.2.3") };
+			string registrationNumber = "12345";
+			DerOctetString addProfInfo = new DerOctetString(new byte[20]);
+
+			ProfessionInfo info = new ProfessionInfo(auth, professionItems, professionOids, registrationNumber, addProfInfo);
+
+			checkConstruction(info, auth, professionItems, professionOids, registrationNumber, addProfInfo);
+
+			info = new ProfessionInfo(null, professionItems, professionOids, registrationNumber, addProfInfo);
+
+			checkConstruction(info, null, professionItems, professionOids, registrationNumber, addProfInfo);
+
+			info = new ProfessionInfo(auth, professionItems, null, registrationNumber, addProfInfo);
+
+			checkConstruction(info, auth, professionItems, null, registrationNumber, addProfInfo);
+
+			info = new ProfessionInfo(auth, professionItems, professionOids, null, addProfInfo);
+
+			checkConstruction(info, auth, professionItems, professionOids, null, addProfInfo);
+
+			info = new ProfessionInfo(auth, professionItems, professionOids, registrationNumber, null);
+
+			checkConstruction(info, auth, professionItems, professionOids, registrationNumber, null);
+
+			info = ProfessionInfo.GetInstance(null);
+
+			if (info != null)
+			{
+				Fail("null GetInstance() failed.");
+			}
+
+			try
+			{
+				ProcurationSyntax.GetInstance(new Object());
+
+				Fail("GetInstance() failed to detect bad object.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkConstruction(
+			ProfessionInfo			profInfo,
+			NamingAuthority			auth,
+			DirectoryString[]		professionItems,
+			DerObjectIdentifier[]	professionOids,
+			string					registrationNumber,
+			DerOctetString			addProfInfo)
+		{
+			checkValues(profInfo, auth, professionItems, professionOids, registrationNumber, addProfInfo);
+
+			profInfo = ProfessionInfo.GetInstance(profInfo);
+
+			checkValues(profInfo, auth, professionItems, professionOids, registrationNumber, addProfInfo);
+
+			Asn1InputStream aIn = new Asn1InputStream(profInfo.ToAsn1Object().GetEncoded());
+
+			Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject();
+
+			profInfo = ProfessionInfo.GetInstance(seq);
+
+			checkValues(profInfo, auth, professionItems, professionOids, registrationNumber, addProfInfo);
+		}
+
+		private void checkValues(
+			ProfessionInfo			profInfo,
+			NamingAuthority			auth,
+			DirectoryString[]		professionItems,
+			DerObjectIdentifier[]	professionOids,
+			string					registrationNumber,
+			DerOctetString			addProfInfo)
+		{
+			checkOptionalField("auth", auth, profInfo.NamingAuthority);
+			checkMandatoryField("professionItems", professionItems[0], profInfo.GetProfessionItems()[0]);
+			if (professionOids != null)
+			{
+				checkOptionalField("professionOids", professionOids[0], profInfo.GetProfessionOids()[0]);
+			}
+			checkOptionalField("registrationNumber", registrationNumber, profInfo.RegistrationNumber);
+			checkOptionalField("addProfessionInfo", addProfInfo, profInfo.AddProfessionInfo);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new ProfessionInfoUnitTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/QCStatementUnitTest.cs b/crypto/test/src/asn1/test/QCStatementUnitTest.cs
new file mode 100644
index 000000000..8d8ec9ec7
--- /dev/null
+++ b/crypto/test/src/asn1/test/QCStatementUnitTest.cs
@@ -0,0 +1,108 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X509.Qualified;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class QCStatementUnitTest
+        : SimpleTest
+    {
+        public override string Name
+        {
+			get { return "QCStatement"; }
+        }
+
+		public override void PerformTest()
+        {
+            QCStatement mv = new QCStatement(Rfc3739QCObjectIdentifiers.IdQcsPkixQCSyntaxV1);
+
+            CheckConstruction(mv, Rfc3739QCObjectIdentifiers.IdQcsPkixQCSyntaxV1, null);
+
+			Asn1Encodable info = new SemanticsInformation(new DerObjectIdentifier("1.2"));
+
+            mv = new QCStatement(Rfc3739QCObjectIdentifiers.IdQcsPkixQCSyntaxV1, info);
+
+            CheckConstruction(mv, Rfc3739QCObjectIdentifiers.IdQcsPkixQCSyntaxV1, info);
+
+            mv = QCStatement.GetInstance(null);
+
+			if (mv != null)
+            {
+                Fail("null GetInstance() failed.");
+            }
+
+			try
+            {
+                QCStatement.GetInstance(new object());
+
+				Fail("GetInstance() failed to detect bad object.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+        }
+
+		private void CheckConstruction(
+            QCStatement mv,
+            DerObjectIdentifier statementId,
+            Asn1Encodable statementInfo)
+        {
+            CheckStatement(mv, statementId, statementInfo);
+
+			mv = QCStatement.GetInstance(mv);
+
+			CheckStatement(mv, statementId, statementInfo);
+
+			Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray(
+				mv.ToAsn1Object().GetEncoded());
+
+			mv = QCStatement.GetInstance(seq);
+
+			CheckStatement(mv, statementId, statementInfo);
+        }
+
+		private void CheckStatement(
+            QCStatement         qcs,
+            DerObjectIdentifier statementId,
+            Asn1Encodable       statementInfo)
+        {
+            if (!qcs.StatementId.Equals(statementId))
+            {
+                Fail("statementIds don't match.");
+            }
+
+			if (statementInfo != null)
+            {
+                if (!qcs.StatementInfo.Equals(statementInfo))
+                {
+                    Fail("statementInfos don't match.");
+                }
+            }
+            else if (qcs.StatementInfo != null)
+            {
+                Fail("statementInfo found when none expected.");
+            }
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            RunTest(new QCStatementUnitTest());
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/ReasonFlagsTest.cs b/crypto/test/src/asn1/test/ReasonFlagsTest.cs
new file mode 100644
index 000000000..ef404b3e1
--- /dev/null
+++ b/crypto/test/src/asn1/test/ReasonFlagsTest.cs
@@ -0,0 +1,46 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class ReasonFlagsTest
+		: SimpleTest
+	{
+		public override string Name
+		{
+			get { return "ReasonFlags"; }
+		}
+
+		public override void PerformTest()
+		{
+			BitStringConstantTester.testFlagValueCorrect(0, ReasonFlags.Unused);
+			BitStringConstantTester.testFlagValueCorrect(1, ReasonFlags.KeyCompromise);
+			BitStringConstantTester.testFlagValueCorrect(2, ReasonFlags.CACompromise);
+			BitStringConstantTester.testFlagValueCorrect(3, ReasonFlags.AffiliationChanged);
+			BitStringConstantTester.testFlagValueCorrect(4, ReasonFlags.Superseded);
+			BitStringConstantTester.testFlagValueCorrect(5, ReasonFlags.CessationOfOperation);
+			BitStringConstantTester.testFlagValueCorrect(6, ReasonFlags.CertificateHold);
+			BitStringConstantTester.testFlagValueCorrect(7, ReasonFlags.PrivilegeWithdrawn);
+			BitStringConstantTester.testFlagValueCorrect(8, ReasonFlags.AACompromise);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new ReasonFlagsTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/RegressionTest.cs b/crypto/test/src/asn1/test/RegressionTest.cs
new file mode 100644
index 000000000..873ab4396
--- /dev/null
+++ b/crypto/test/src/asn1/test/RegressionTest.cs
@@ -0,0 +1,85 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    public class RegressionTest
+    {
+        public static readonly ITest[] tests =
+        {
+			new AdditionalInformationSyntaxUnitTest(),
+			new AdmissionSyntaxUnitTest(),
+			new AdmissionsUnitTest(),
+			new AttributeTableUnitTest(),
+            new BiometricDataUnitTest(),
+            new BitStringTest(),
+			new CertHashUnitTest(),
+			new CertificateTest(),
+            new CmsTest(),
+            new CommitmentTypeIndicationUnitTest(),
+            new CommitmentTypeQualifierUnitTest(),
+			new ContentHintsUnitTest(),
+			new CscaMasterListTest(),
+			new DataGroupHashUnitTest(),
+			new DeclarationOfMajorityUnitTest(),
+			new DerApplicationSpecificTest(),
+			new DerUtf8StringTest(),
+			new EncryptedPrivateKeyInfoTest(),
+            new EqualsAndHashCodeTest(),
+			new EssCertIDv2UnitTest(),
+            new GeneralizedTimeTest(),
+			new GeneralNameTest(),
+			new GenerationTest(),
+			new InputStreamTest(),
+            new Iso4217CurrencyCodeUnitTest(),
+			new IssuingDistributionPointUnitTest(),
+			new KeyUsageTest(),
+            new LDSSecurityObjectUnitTest(),
+            new MiscTest(),
+			new MonetaryLimitUnitTest(),
+			new MonetaryValueUnitTest(),
+			new NameOrPseudonymUnitTest(),
+			new NamingAuthorityUnitTest(),
+			new NetscapeCertTypeTest(),
+            new OcspTest(),
+            new OidTest(),
+			new OtherCertIDUnitTest(),
+			new OtherSigningCertificateUnitTest(),
+			new ParsingTest(),
+			new PersonalDataUnitTest(),
+			new Pkcs10Test(),
+            new Pkcs12Test(),
+			new PkiFailureInfoTest(),
+			new ProcurationSyntaxUnitTest(),
+			new ProfessionInfoUnitTest(),
+			new QCStatementUnitTest(),
+			new ReasonFlagsTest(),
+			new RequestedCertificateUnitTest(),
+			new RestrictionUnitTest(),
+			new SemanticsInformationUnitTest(),
+            new SetTest(),
+            new SignerLocationUnitTest(),
+            new SmimeTest(),
+			new StringTest(),
+			new SubjectKeyIdentifierTest(),
+			new TagTest(),
+			new TargetInformationTest(),
+			new TypeOfBiometricDataUnitTest(),
+			new UtcTimeTest(),
+			new X509ExtensionsTest(),
+			new X509NameTest(),
+            new X9Test(),
+        };
+
+        public static void Main(
+            string[] args)
+        {
+            for (int i = 0; i != tests.Length; i++)
+            {
+                ITestResult  result = tests[i].Perform();
+                Console.WriteLine(result);
+            }
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/RequestedCertificateUnitTest.cs b/crypto/test/src/asn1/test/RequestedCertificateUnitTest.cs
new file mode 100644
index 000000000..767504173
--- /dev/null
+++ b/crypto/test/src/asn1/test/RequestedCertificateUnitTest.cs
@@ -0,0 +1,117 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.IsisMtt.Ocsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class RequestedCertificateUnitTest
+		: Asn1UnitTest
+	{
+		private static readonly byte[] certBytes = Base64.Decode(
+			"MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV"
+			+ "BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz"
+			+ "MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM"
+			+ "RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF"
+			+ "AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO"
+			+ "/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE"
+			+ "Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ"
+			+ "zl9HYIMxATFyqSiD9jsx");
+
+		public override string Name
+		{
+			get { return "RequestedCertificate"; }
+		}
+
+		public override void PerformTest()
+		{
+			RequestedCertificate.Choice type = RequestedCertificate.Choice.AttributeCertificate;
+			X509CertificateStructure cert = X509CertificateStructure.GetInstance(
+				Asn1Object.FromByteArray(certBytes));
+
+			byte[] certOctets = new byte[20];
+			RequestedCertificate requested = new RequestedCertificate(type, certOctets);
+
+			checkConstruction(requested, type, certOctets, null);
+
+			requested = new RequestedCertificate(cert);
+
+			checkConstruction(requested, RequestedCertificate.Choice.Certificate, null, cert);
+
+			requested = RequestedCertificate.GetInstance(null);
+
+			if (requested != null)
+			{
+				Fail("null GetInstance() failed.");
+			}
+
+			try
+			{
+				RequestedCertificate.GetInstance(new object());
+
+				Fail("GetInstance() failed to detect bad object.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkConstruction(
+			RequestedCertificate		requested,
+			RequestedCertificate.Choice	type,
+			byte[]						certOctets,
+			X509CertificateStructure	cert)
+		{
+			checkValues(requested, type, certOctets, cert);
+
+			requested = RequestedCertificate.GetInstance(requested);
+
+			checkValues(requested, type, certOctets, cert);
+
+			Asn1InputStream aIn = new Asn1InputStream(requested.ToAsn1Object().GetEncoded());
+
+			object obj = aIn.ReadObject();
+
+			requested = RequestedCertificate.GetInstance(obj);
+
+			checkValues(requested, type, certOctets, cert);
+		}
+
+		private void checkValues(
+			RequestedCertificate		requested,
+			RequestedCertificate.Choice	type,
+			byte[]						certOctets,
+			X509CertificateStructure	cert)
+		{
+			checkMandatoryField("certType", (int) type, (int) requested.Type);
+
+			if (requested.Type == RequestedCertificate.Choice.Certificate)
+			{
+				checkMandatoryField("certificate", cert.GetEncoded(), requested.GetCertificateBytes());
+			}
+			else
+			{
+				checkMandatoryField("certificateOctets", certOctets, requested.GetCertificateBytes());
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new RequestedCertificateUnitTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/RestrictionUnitTest.cs b/crypto/test/src/asn1/test/RestrictionUnitTest.cs
new file mode 100644
index 000000000..5dd6438cb
--- /dev/null
+++ b/crypto/test/src/asn1/test/RestrictionUnitTest.cs
@@ -0,0 +1,78 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.IsisMtt.X509;
+using Org.BouncyCastle.Asn1.X500;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class RestrictionUnitTest
+		: Asn1UnitTest
+	{
+		public override string Name
+		{
+			get { return "Restriction"; }
+		}
+
+		public override void PerformTest()
+		{
+			DirectoryString res = new DirectoryString("test");
+			Restriction restriction = new Restriction(res.GetString());
+
+			checkConstruction(restriction, res);
+
+			try
+			{
+				Restriction.GetInstance(new Object());
+
+				Fail("GetInstance() failed to detect bad object.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkConstruction(
+			Restriction		restriction,
+			DirectoryString	res)
+		{
+			checkValues(restriction, res);
+
+			restriction = Restriction.GetInstance(restriction);
+
+			checkValues(restriction, res);
+
+			Asn1InputStream aIn = new Asn1InputStream(restriction.ToAsn1Object().GetEncoded());
+
+			IAsn1String str = (IAsn1String) aIn.ReadObject();
+
+			restriction = Restriction.GetInstance(str);
+
+			checkValues(restriction, res);
+		}
+
+		private void checkValues(
+			Restriction		restriction,
+			DirectoryString	res)
+		{
+			checkMandatoryField("restriction", res, restriction.RestrictionString);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new RestrictionUnitTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/SMIMETest.cs b/crypto/test/src/asn1/test/SMIMETest.cs
new file mode 100644
index 000000000..adb90e093
--- /dev/null
+++ b/crypto/test/src/asn1/test/SMIMETest.cs
@@ -0,0 +1,90 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.Smime;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class SmimeTest
+		: ITest
+	{
+		private static byte[] attrBytes = Base64.Decode("MDQGCSqGSIb3DQEJDzEnMCUwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMAcGBSsOAwIH");
+		private static byte[] prefBytes = Base64.Decode("MCwGCyqGSIb3DQEJEAILMR2hGwQIAAAAAAAAAAAYDzIwMDcwMzE1MTczNzI5Wg==");
+
+		public ITestResult Perform()
+		{
+			SmimeCapabilityVector caps = new SmimeCapabilityVector();
+
+			caps.AddCapability(SmimeCapability.DesEde3Cbc);
+			caps.AddCapability(SmimeCapability.RC2Cbc, 128);
+			caps.AddCapability(SmimeCapability.DesCbc);
+
+			SmimeCapabilitiesAttribute attr = new SmimeCapabilitiesAttribute(caps);
+
+			SmimeEncryptionKeyPreferenceAttribute pref = new SmimeEncryptionKeyPreferenceAttribute(
+				new RecipientKeyIdentifier(new DerOctetString(new byte[8]),
+				new DerGeneralizedTime("20070315173729Z"),
+				null));
+
+			try
+			{
+				if (!Arrays.AreEqual(attr.GetEncoded(), attrBytes))
+				{
+					return new SimpleTestResult(false, Name + ": Failed attr data check");
+				}
+
+				Asn1Object o = Asn1Object.FromByteArray(attrBytes);
+				if (!attr.Equals(o))
+				{
+					return new SimpleTestResult(false, Name + ": Failed equality test for attr");
+				}
+
+				if (!Arrays.AreEqual(pref.GetEncoded(), prefBytes))
+				{
+					return new SimpleTestResult(false, Name + ": Failed attr data check");
+				}
+
+				o = Asn1Object.FromByteArray(prefBytes);
+				if (!pref.Equals(o))
+				{
+					return new SimpleTestResult(false, Name + ": Failed equality test for pref");
+				}
+
+				return new SimpleTestResult(true, Name + ": Okay");
+			}
+			catch (Exception e)
+			{
+				return new SimpleTestResult(false, Name + ": Failed - exception " + e.ToString(), e);
+			}
+		}
+
+		public string Name
+		{
+			get { return "SMIME"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new SmimeTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/SemanticsInformationUnitTest.cs b/crypto/test/src/asn1/test/SemanticsInformationUnitTest.cs
new file mode 100644
index 000000000..8f1f85f19
--- /dev/null
+++ b/crypto/test/src/asn1/test/SemanticsInformationUnitTest.cs
@@ -0,0 +1,138 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X509.Qualified;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class SemanticsInformationUnitTest
+        : SimpleTest
+    {
+        public override string Name
+        {
+			get { return "SemanticsInformation"; }
+        }
+
+		public override void PerformTest()
+        {
+            DerObjectIdentifier statementId = new DerObjectIdentifier("1.1");
+            SemanticsInformation mv = new SemanticsInformation(statementId);
+
+			CheckConstruction(mv, statementId, null);
+
+            GeneralName[] names = new GeneralName[2];
+
+            names[0] = new GeneralName(GeneralName.Rfc822Name, "test@test.org");
+            names[1] = new GeneralName(new X509Name("cn=test"));
+
+            mv = new SemanticsInformation(statementId, names);
+
+			CheckConstruction(mv, statementId, names);
+
+			mv = new SemanticsInformation(names);
+
+			CheckConstruction(mv, null, names);
+
+			mv = SemanticsInformation.GetInstance(null);
+
+			if (mv != null)
+            {
+                Fail("null GetInstance() failed.");
+            }
+
+			try
+            {
+                SemanticsInformation.GetInstance(new object());
+
+                Fail("GetInstance() failed to detect bad object.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+
+			try
+            {
+                new SemanticsInformation(DerSequence.Empty);
+
+				Fail("constructor failed to detect empty sequence.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+        }
+
+		private void CheckConstruction(
+            SemanticsInformation	mv,
+            DerObjectIdentifier		semanticsIdentifier,
+            GeneralName[]			names)
+        {
+            CheckStatement(mv, semanticsIdentifier, names);
+
+			mv = SemanticsInformation.GetInstance(mv);
+
+			CheckStatement(mv, semanticsIdentifier, names);
+
+			Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray(mv.ToAsn1Object().GetEncoded());
+
+			mv = SemanticsInformation.GetInstance(seq);
+
+			CheckStatement(mv, semanticsIdentifier, names);
+        }
+
+		private void CheckStatement(
+            SemanticsInformation si,
+            DerObjectIdentifier  id,
+            GeneralName[]        names)
+        {
+            if (id != null)
+            {
+                if (!si.SemanticsIdentifier.Equals(id))
+                {
+                    Fail("ids don't match.");
+                }
+            }
+            else if (si.SemanticsIdentifier != null)
+            {
+                Fail("statementId found when none expected.");
+            }
+
+            if (names != null)
+            {
+                GeneralName[] siNames = si.GetNameRegistrationAuthorities();
+
+                for (int i = 0; i != siNames.Length; i++)
+                {
+                    if (!names[i].Equals(siNames[i]))
+                    {
+                        Fail("name registration authorities don't match.");
+                    }
+                }
+            }
+            else if (si.GetNameRegistrationAuthorities() != null)
+            {
+                Fail("name registration authorities found when none expected.");
+            }
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            RunTest(new SemanticsInformationUnitTest());
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/SetTest.cs b/crypto/test/src/asn1/test/SetTest.cs
new file mode 100644
index 000000000..57c46603d
--- /dev/null
+++ b/crypto/test/src/asn1/test/SetTest.cs
@@ -0,0 +1,117 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	/// <remarks>Set sorting test example.</remarks>
+	[TestFixture]
+	public class SetTest
+		: SimpleTest
+	{
+		public override string Name
+		{
+			get { return "Set"; }
+		}
+
+		private void checkSortedSet(
+			int		attempt,
+			Asn1Set	s)
+		{
+			if (s[0] is DerBoolean
+				&& s[1] is DerInteger
+				&& s[2] is DerBitString
+				&& s[3] is DerOctetString)
+			{
+				return;
+			}
+
+			Fail("sorting failed on attempt: " + attempt);
+		}
+
+		public override void PerformTest()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+			byte[] data = new byte[10];
+
+			v.Add(new DerOctetString(data));
+			v.Add(new DerBitString(data));
+			v.Add(new DerInteger(100));
+			v.Add(DerBoolean.True);
+
+			checkSortedSet(0, new DerSet(v));
+
+			v = new Asn1EncodableVector();
+			v.Add(new DerInteger(100));
+			v.Add(DerBoolean.True);
+			v.Add(new DerOctetString(data));
+			v.Add(new DerBitString(data));
+
+			checkSortedSet(1, new DerSet(v));
+
+			v = new Asn1EncodableVector();
+			v.Add(DerBoolean.True);
+			v.Add(new DerOctetString(data));
+			v.Add(new DerBitString(data));
+			v.Add(new DerInteger(100));
+
+
+			checkSortedSet(2, new DerSet(v));
+
+			v = new Asn1EncodableVector();
+			v.Add(new DerBitString(data));
+			v.Add(new DerOctetString(data));
+			v.Add(new DerInteger(100));
+			v.Add(DerBoolean.True);
+
+			checkSortedSet(3, new DerSet(v));
+
+			v = new Asn1EncodableVector();
+			v.Add(new DerOctetString(data));
+			v.Add(new DerBitString(data));
+			v.Add(new DerInteger(100));
+			v.Add(DerBoolean.True);
+
+			Asn1Set s = new BerSet(v);
+
+			if (!(s[0] is DerOctetString))
+			{
+				Fail("BER set sort order changed.");
+			}
+
+			// create an implicitly tagged "set" without sorting
+			Asn1TaggedObject tag = new DerTaggedObject(false, 1, new DerSequence(v));
+			s = Asn1Set.GetInstance(tag, false);
+
+			if (s[0] is DerBoolean)
+			{
+				Fail("sorted when shouldn't be.");
+			}
+
+			// equality test
+			v = new Asn1EncodableVector();
+
+			v.Add(DerBoolean.True);
+			v.Add(DerBoolean.True);
+			v.Add(DerBoolean.True);
+
+			s = new DerSet(v);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new SetTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+		    string resultText = Perform().ToString();
+
+		    Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/SignerLocationUnitTest.cs b/crypto/test/src/asn1/test/SignerLocationUnitTest.cs
new file mode 100644
index 000000000..bf20f1fda
--- /dev/null
+++ b/crypto/test/src/asn1/test/SignerLocationUnitTest.cs
@@ -0,0 +1,195 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Esf;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class SignerLocationUnitTest
+        : SimpleTest
+    {
+        public override string Name
+        {
+			get { return "SignerLocation"; }
+        }
+
+		public override void PerformTest()
+        {
+            DerUtf8String countryName = new DerUtf8String("Australia");
+
+            SignerLocation sl = new SignerLocation(countryName, null, null);
+
+            CheckConstruction(sl, countryName, null, null);
+
+            DerUtf8String localityName = new DerUtf8String("Melbourne");
+
+            sl = new SignerLocation(null, localityName, null);
+
+			CheckConstruction(sl, null, localityName, null);
+
+			sl = new SignerLocation(countryName, localityName, null);
+
+			CheckConstruction(sl, countryName, localityName, null);
+
+			Asn1Sequence postalAddress = new DerSequence(
+				new DerUtf8String("line 1"),
+				new DerUtf8String("line 2"));
+
+            sl = new SignerLocation(null, null, postalAddress);
+
+            CheckConstruction(sl, null, null, postalAddress);
+
+            sl = new SignerLocation(countryName, null, postalAddress);
+
+            CheckConstruction(sl, countryName, null, postalAddress);
+
+            sl = new SignerLocation(countryName, localityName, postalAddress);
+
+            CheckConstruction(sl, countryName, localityName, postalAddress);
+
+            sl = SignerLocation.GetInstance(null);
+
+            if (sl != null)
+            {
+                Fail("null GetInstance() failed.");
+            }
+
+            try
+            {
+                SignerLocation.GetInstance(new object());
+
+                Fail("GetInstance() failed to detect bad object.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+
+            //
+            // out of range postal address
+            //
+			postalAddress = new DerSequence(
+				new DerUtf8String("line 1"),
+				new DerUtf8String("line 2"),
+				new DerUtf8String("line 3"),
+				new DerUtf8String("line 4"),
+				new DerUtf8String("line 5"),
+				new DerUtf8String("line 6"),
+				new DerUtf8String("line 7"));
+
+			try
+            {
+                new SignerLocation(null, null, postalAddress);
+
+                Fail("constructor failed to detect bad postalAddress.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+
+            try
+            {
+                new SignerLocation(new DerSequence(new DerTaggedObject(2, postalAddress)));
+
+                Fail("sequence constructor failed to detect bad postalAddress.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+
+            try
+            {
+                new SignerLocation(new DerSequence(new DerTaggedObject(5, postalAddress)));
+
+                Fail("sequence constructor failed to detect bad tag.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+        }
+
+		private void CheckConstruction(
+            SignerLocation sl,
+            DerUtf8String  countryName,
+            DerUtf8String  localityName,
+            Asn1Sequence   postalAddress)
+        {
+            CheckValues(sl, countryName, localityName, postalAddress);
+
+			sl = SignerLocation.GetInstance(sl);
+
+			CheckValues(sl, countryName, localityName, postalAddress);
+
+			Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray(
+				sl.ToAsn1Object().GetEncoded());
+
+			sl = SignerLocation.GetInstance(seq);
+
+			CheckValues(sl, countryName, localityName, postalAddress);
+        }
+
+		private void CheckValues(
+            SignerLocation sl,
+            DerUtf8String  countryName,
+            DerUtf8String  localityName,
+            Asn1Sequence   postalAddress)
+        {
+            if (countryName != null)
+            {
+                if (!countryName.Equals(sl.CountryName))
+                {
+                    Fail("countryNames don't match.");
+                }
+            }
+            else if (sl.CountryName != null)
+            {
+                Fail("countryName found when none expected.");
+            }
+
+            if (localityName != null)
+            {
+                if (!localityName.Equals(sl.LocalityName))
+                {
+                    Fail("localityNames don't match.");
+                }
+            }
+            else if (sl.LocalityName != null)
+            {
+                Fail("localityName found when none expected.");
+            }
+
+            if (postalAddress != null)
+            {
+                if (!postalAddress.Equals(sl.PostalAddress))
+                {
+                    Fail("postalAddresses don't match.");
+                }
+            }
+            else if (sl.PostalAddress != null)
+            {
+                Fail("postalAddress found when none expected.");
+            }
+        }
+
+		public static void Main(
+			string[] args)
+        {
+            RunTest(new SignerLocationUnitTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/StringTest.cs b/crypto/test/src/asn1/test/StringTest.cs
new file mode 100644
index 000000000..acfd380b2
--- /dev/null
+++ b/crypto/test/src/asn1/test/StringTest.cs
@@ -0,0 +1,105 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	/**
+	* X.690 test example
+	*/
+	[TestFixture]
+	public class StringTest
+		: SimpleTest
+	{
+		public override string Name
+		{
+			get { return "String"; }
+		}
+
+		public override void PerformTest()
+		{
+			DerBitString bs = new DerBitString(
+				new byte[] { (byte)0x01,(byte)0x23,(byte)0x45,(byte)0x67,(byte)0x89,(byte)0xab,(byte)0xcd,(byte)0xef });
+
+			if (!bs.GetString().Equals("#0309000123456789ABCDEF"))
+			{
+				Fail("DerBitString.GetString() result incorrect");
+			}
+
+			if (!bs.ToString().Equals("#0309000123456789ABCDEF"))
+			{
+				Fail("DerBitString.ToString() result incorrect");
+			}
+
+			bs = new DerBitString(
+				new byte[] { (byte)0xfe,(byte)0xdc,(byte)0xba,(byte)0x98,(byte)0x76,(byte)0x54,(byte)0x32,(byte)0x10 });
+
+			if (!bs.GetString().Equals("#030900FEDCBA9876543210"))
+			{
+				Fail("DerBitString.GetString() result incorrect");
+			}
+
+			if (!bs.ToString().Equals("#030900FEDCBA9876543210"))
+			{
+				Fail("DerBitString.ToString() result incorrect");
+			}
+
+			DerUniversalString us = new DerUniversalString(
+				new byte[] { (byte)0x01,(byte)0x23,(byte)0x45,(byte)0x67,(byte)0x89,(byte)0xab,(byte)0xcd,(byte)0xef });
+
+			if (!us.GetString().Equals("#1C080123456789ABCDEF"))
+			{
+				Fail("DerUniversalString.GetString() result incorrect");
+			}
+
+			if (!us.ToString().Equals("#1C080123456789ABCDEF"))
+			{
+				Fail("DerUniversalString.ToString() result incorrect");
+			}
+
+			us = new DerUniversalString(
+				new byte[] { (byte)0xfe,(byte)0xdc,(byte)0xba,(byte)0x98,(byte)0x76,(byte)0x54,(byte)0x32,(byte)0x10 });
+
+			if (!us.GetString().Equals("#1C08FEDCBA9876543210"))
+			{
+				Fail("DerUniversalString.GetString() result incorrect");
+			}
+
+			if (!us.ToString().Equals("#1C08FEDCBA9876543210"))
+			{
+				Fail("DerUniversalString.ToString() result incorrect");
+			}
+
+			byte[] t61Bytes = new byte[] { 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8 };
+			string t61String = Encoding.GetEncoding("iso-8859-1").GetString(t61Bytes, 0, t61Bytes.Length);
+			DerT61String t61 = new DerT61String(t61Bytes);
+
+			if (!t61.GetString().Equals(t61String))
+			{
+				Fail("DerT61String.GetString() result incorrect");
+			}
+
+			if (!t61.ToString().Equals(t61String))
+			{
+				Fail("DerT61String.ToString() result incorrect");
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new StringTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/SubjectKeyIdentifierTest.cs b/crypto/test/src/asn1/test/SubjectKeyIdentifierTest.cs
new file mode 100644
index 000000000..127c47a3a
--- /dev/null
+++ b/crypto/test/src/asn1/test/SubjectKeyIdentifierTest.cs
@@ -0,0 +1,61 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class SubjectKeyIdentifierTest
+		: SimpleTest
+	{
+		private static byte[] pubKeyInfo = Base64.Decode(
+			"MFgwCwYJKoZIhvcNAQEBA0kAMEYCQQC6wMMmHYMZszT/7bNFMn+gaZoiWJLVP8ODRuu1C2jeAe" +
+			"QpxM+5Oe7PaN2GNy3nBE4EOYkB5pMJWA0y9n04FX8NAgED");
+
+		private static byte[] shaID = Hex.Decode("d8128a06d6c2feb0865994a2936e7b75b836a021");
+		private static byte[] shaTruncID = Hex.Decode("436e7b75b836a021");
+
+		public override string Name
+		{
+			get { return "SubjectKeyIdentifier"; }
+		}
+
+		public override void PerformTest()
+		{
+			SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfo.GetInstance(
+				Asn1Object.FromByteArray(pubKeyInfo));
+			SubjectKeyIdentifier ski = SubjectKeyIdentifier.CreateSha1KeyIdentifier(pubInfo);
+
+			if (!Arrays.AreEqual(shaID, ski.GetKeyIdentifier()))
+			{
+				Fail("SHA-1 ID does not match");
+			}
+
+			ski = SubjectKeyIdentifier.CreateTruncatedSha1KeyIdentifier(pubInfo);
+
+			if (!Arrays.AreEqual(shaTruncID, ski.GetKeyIdentifier()))
+			{
+				Fail("truncated SHA-1 ID does not match");
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new SubjectKeyIdentifierTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/TagTest.cs b/crypto/test/src/asn1/test/TagTest.cs
new file mode 100644
index 000000000..c5fce6dbc
--- /dev/null
+++ b/crypto/test/src/asn1/test/TagTest.cs
@@ -0,0 +1,115 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	/**
+	* X.690 test example
+	*/
+	[TestFixture]
+	public class TagTest
+		: SimpleTest
+	{
+		private static readonly byte[] longTagged = Base64.Decode(
+			  "ZSRzIp8gEEZFRENCQTk4NzY1NDMyMTCfIQwyMDA2MDQwMTEyMzSUCCAFERVz"
+			+ "A4kCAHEXGBkalAggBRcYGRqUCCAFZS6QAkRFkQlURUNITklLRVKSBQECAwQF"
+			+ "kxAREhMUFRYXGBkalAggBREVcwOJAgBxFxgZGpQIIAUXGBkalAggBWUukAJE"
+			+ "RZEJVEVDSE5JS0VSkgUBAgMEBZMQERITFBUWFxgZGpQIIAURFXMDiQIAcRcY"
+			+ "GRqUCCAFFxgZGpQIIAVlLpACREWRCVRFQ0hOSUtFUpIFAQIDBAWTEBESExQV"
+			+ "FhcYGRqUCCAFERVzA4kCAHEXGBkalAggBRcYGRqUCCAFFxgZGpQIIAUXGBka"
+			+ "lAg=");
+
+		private static readonly byte[] longAppSpecificTag = Hex.Decode("5F610101");
+
+		public override string Name
+		{
+			get { return "Tag"; }
+		}
+
+		public override void PerformTest()
+		{
+			DerApplicationSpecific app = (DerApplicationSpecific)
+				Asn1Object.FromByteArray(longTagged);
+
+			app = (DerApplicationSpecific) Asn1Object.FromByteArray(app.GetContents());
+
+			Asn1InputStream aIn = new Asn1InputStream(app.GetContents());
+
+			Asn1TaggedObject tagged = (Asn1TaggedObject) aIn.ReadObject();
+
+			if (tagged.TagNo != 32)
+			{
+				Fail("unexpected tag value found - not 32");
+			}
+
+			tagged = (Asn1TaggedObject) Asn1Object.FromByteArray(tagged.GetEncoded());
+
+			if (tagged.TagNo != 32)
+			{
+				Fail("unexpected tag value found on recode - not 32");
+			}
+
+			tagged = (Asn1TaggedObject) aIn.ReadObject();
+
+			if (tagged.TagNo != 33)
+			{
+				Fail("unexpected tag value found - not 33");
+			}
+
+			tagged = (Asn1TaggedObject) Asn1Object.FromByteArray(tagged.GetEncoded());
+
+			if (tagged.TagNo != 33)
+			{
+				Fail("unexpected tag value found on recode - not 33");
+			}
+
+			aIn = new Asn1InputStream(longAppSpecificTag);
+
+			app = (DerApplicationSpecific)aIn.ReadObject();
+
+			if (app.ApplicationTag != 97)
+			{
+				Fail("incorrect tag number read");
+			}
+
+			app = (DerApplicationSpecific)Asn1Object.FromByteArray(app.GetEncoded());
+
+			if (app.ApplicationTag != 97)
+			{
+				Fail("incorrect tag number read on recode");
+			}
+
+			SecureRandom sr = new SecureRandom();
+			for (int i = 0; i < 100; ++i)
+			{
+				int testTag = (sr.NextInt() & int.MaxValue) >> sr.Next(26);
+				app = new DerApplicationSpecific(testTag, new byte[]{ 1 });
+				app = (DerApplicationSpecific)Asn1Object.FromByteArray(app.GetEncoded());
+
+				if (app.ApplicationTag != testTag)
+				{
+					Fail("incorrect tag number read on recode (random test value: " + testTag + ")");
+				}
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new TagTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/TargetInformationTest.cs b/crypto/test/src/asn1/test/TargetInformationTest.cs
new file mode 100644
index 000000000..7fa04cd01
--- /dev/null
+++ b/crypto/test/src/asn1/test/TargetInformationTest.cs
@@ -0,0 +1,58 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class TargetInformationTest
+		: SimpleTest
+	{
+		public override string Name
+		{
+			get { return "TargetInformation"; }
+		}
+
+		public override void PerformTest()
+		{
+			Target[] targets = new Target[2];
+			Target targetName = new Target(Target.Choice.Name, new GeneralName(GeneralName.DnsName, "www.test.com"));
+			Target targetGroup = new Target(Target.Choice.Group, new GeneralName(GeneralName.DirectoryName, "o=Test, ou=Test"));
+			targets[0] = targetName;
+			targets[1] = targetGroup;
+			Targets targetss = new Targets(targets);
+			TargetInformation targetInformation1 = new TargetInformation(targetss);
+			// use an Target array
+			TargetInformation targetInformation2 = new TargetInformation(targets);
+			// targetInformation1 and targetInformation2 must have same
+			// encoding.
+			if (!targetInformation1.Equals(targetInformation2))
+			{
+				Fail("targetInformation1 and targetInformation2 should have the same encoding.");
+			}
+			TargetInformation targetInformation3 = TargetInformation.GetInstance(targetInformation1.ToAsn1Object());
+			TargetInformation targetInformation4 = TargetInformation.GetInstance(targetInformation2.ToAsn1Object());
+			if (!targetInformation3.Equals(targetInformation4))
+			{
+				Fail("targetInformation3 and targetInformation4 should have the same encoding.");
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new TargetInformationTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/TimeTest.cs b/crypto/test/src/asn1/test/TimeTest.cs
new file mode 100644
index 000000000..6f6bd6f2c
--- /dev/null
+++ b/crypto/test/src/asn1/test/TimeTest.cs
@@ -0,0 +1,28 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class TimeTest
+	{
+		[Test]
+		public void CheckCmsTimeVsX509Time()
+		{
+			DateTime now = DateTime.UtcNow;
+
+			// Time classes only have a resolution of seconds
+			now = new DateTime(now.Year, now.Month, now.Day, now.Hour, now.Minute, now.Second);
+
+			Org.BouncyCastle.Asn1.Cms.Time cmsTime = new Org.BouncyCastle.Asn1.Cms.Time(now);
+			Org.BouncyCastle.Asn1.X509.Time x509Time = new Org.BouncyCastle.Asn1.X509.Time(now);
+
+//			Assert.AreEqual(cmsTime.Date, x509Time.ToDateTime());
+			Assert.AreEqual(now, cmsTime.Date);
+			Assert.AreEqual(now, x509Time.ToDateTime());
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/TypeOfBiometricDataUnitTest.cs b/crypto/test/src/asn1/test/TypeOfBiometricDataUnitTest.cs
new file mode 100644
index 000000000..a59415c31
--- /dev/null
+++ b/crypto/test/src/asn1/test/TypeOfBiometricDataUnitTest.cs
@@ -0,0 +1,152 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509.Qualified;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+    [TestFixture]
+    public class TypeOfBiometricDataUnitTest
+        : SimpleTest
+    {
+        public override string Name
+        {
+			get { return "TypeOfBiometricData"; }
+        }
+
+		public override void PerformTest()
+        {
+            //
+            // predefined
+            //
+            CheckPredefinedType(TypeOfBiometricData.Picture);
+
+            CheckPredefinedType(TypeOfBiometricData.HandwrittenSignature);
+
+			//
+            // non-predefined
+            //
+            DerObjectIdentifier localType = new DerObjectIdentifier("1.1");
+
+			TypeOfBiometricData type = new TypeOfBiometricData(localType);
+
+			CheckNonPredefined(type, localType);
+
+            type = TypeOfBiometricData.GetInstance(type);
+
+            CheckNonPredefined(type, localType);
+
+            Asn1Object obj = type.ToAsn1Object();
+
+            type = TypeOfBiometricData.GetInstance(obj);
+
+            CheckNonPredefined(type, localType);
+
+            type = TypeOfBiometricData.GetInstance(null);
+
+            if (type != null)
+            {
+                Fail("null GetInstance() failed.");
+            }
+
+            try
+            {
+                TypeOfBiometricData.GetInstance(new object());
+
+                Fail("GetInstance() failed to detect bad object.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+
+            try
+            {
+                new TypeOfBiometricData(100);
+
+                Fail("constructor failed to detect bad predefined type.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+
+			// Call Equals to avoid unreachable code warning
+            if (!Equals(TypeOfBiometricData.Picture, 0))
+            {
+                Fail("predefined picture should be 0");
+            }
+
+			// Call Equals to avoid unreachable code warning
+			if (!Equals(TypeOfBiometricData.HandwrittenSignature, 1))
+			{
+                Fail("predefined handwritten signature should be 1");
+            }
+        }
+
+		private void CheckPredefinedType(
+            int predefinedType)
+        {
+            TypeOfBiometricData type = new TypeOfBiometricData(predefinedType);
+
+            CheckPredefined(type, predefinedType);
+
+            type = TypeOfBiometricData.GetInstance(type);
+
+			CheckPredefined(type, predefinedType);
+
+			Asn1Object obj = Asn1Object.FromByteArray(type.ToAsn1Object().GetEncoded());
+
+			type = TypeOfBiometricData.GetInstance(obj);
+
+			CheckPredefined(type, predefinedType);
+        }
+
+		private void CheckPredefined(
+            TypeOfBiometricData	type,
+            int					val)
+        {
+            if (!type.IsPredefined)
+            {
+                Fail("predefined type expected but not found.");
+            }
+
+			if (type.PredefinedBiometricType != val)
+            {
+                Fail("predefined type does not match.");
+            }
+        }
+
+		private void CheckNonPredefined(
+            TypeOfBiometricData type,
+            DerObjectIdentifier val)
+        {
+            if (type.IsPredefined)
+            {
+                Fail("predefined type found when not expected.");
+            }
+
+			if (!type.BiometricDataOid.Equals(val))
+            {
+                Fail("data oid does not match.");
+            }
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            RunTest(new TypeOfBiometricDataUnitTest());
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/asn1/test/UTCTimeTest.cs b/crypto/test/src/asn1/test/UTCTimeTest.cs
new file mode 100644
index 000000000..07abbc911
--- /dev/null
+++ b/crypto/test/src/asn1/test/UTCTimeTest.cs
@@ -0,0 +1,122 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	/**
+	* X.690 test example
+	*/
+	[TestFixture]
+	public class UtcTimeTest
+		: SimpleTest
+	{
+		private static readonly string[] input =
+		{
+			"020122122220Z",
+			"020122122220-1000",
+			"020122122220+1000",
+			"020122122220+00",
+			"0201221222Z",
+			"0201221222-1000",
+			"0201221222+1000",
+			"0201221222+00",
+			"550122122220Z",
+			"5501221222Z"
+		};
+
+		private static readonly string[] output =
+		{
+			"20020122122220GMT+00:00",
+			"20020122122220GMT-10:00",
+			"20020122122220GMT+10:00",
+			"20020122122220GMT+00:00",
+			"20020122122200GMT+00:00",
+			"20020122122200GMT-10:00",
+			"20020122122200GMT+10:00",
+			"20020122122200GMT+00:00",
+			"19550122122220GMT+00:00",
+			"19550122122200GMT+00:00"
+		};
+
+		private static readonly string[] zOutput1 =
+		{
+			"20020122122220Z",
+			"20020122222220Z",
+			"20020122022220Z",
+			"20020122122220Z",
+			"20020122122200Z",
+			"20020122222200Z",
+			"20020122022200Z",
+			"20020122122200Z",
+			"19550122122220Z",
+			"19550122122200Z"
+		};
+
+		private static readonly string[] zOutput2 =
+		{
+			"20020122122220Z",
+			"20020122222220Z",
+			"20020122022220Z",
+			"20020122122220Z",
+			"20020122122200Z",
+			"20020122222200Z",
+			"20020122022200Z",
+			"20020122122200Z",
+			"19550122122220Z",
+			"19550122122200Z"
+		};
+
+		public override string Name
+		{
+			get { return "UTCTime"; }
+		}
+
+		public override void PerformTest()
+		{
+//			SimpleDateFormat yyyyF = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
+//			SimpleDateFormat yyF = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
+
+//			yyyyF.setTimeZone(new SimpleTimeZone(0,"Z"));
+//			yyF.setTimeZone(new SimpleTimeZone(0,"Z"));
+
+			for (int i = 0; i != input.Length; i++)
+			{
+				DerUtcTime t = new DerUtcTime(input[i]);
+
+				if (!t.AdjustedTimeString.Equals(output[i]))
+				{
+					Fail("failed conversion test " + i);
+				}
+
+//				if (!yyyyF.format(t.getAdjustedDate()).Equals(zOutput1[i]))
+				if (!t.ToAdjustedDateTime().ToString(@"yyyyMMddHHmmss\Z").Equals(zOutput1[i]))
+				{
+					Fail("failed date conversion test " + i);
+				}
+
+//				if (!yyF.format(t.getDate()).Equals(zOutput2[i]))
+				if (!t.ToDateTime().ToString(@"yyyyMMddHHmmss\Z").Equals(zOutput2[i]))
+				{
+					Fail("failed date shortened conversion test " + i);
+				}
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new UtcTimeTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/X509ExtensionsTest.cs b/crypto/test/src/asn1/test/X509ExtensionsTest.cs
new file mode 100644
index 000000000..f1efd3a9b
--- /dev/null
+++ b/crypto/test/src/asn1/test/X509ExtensionsTest.cs
@@ -0,0 +1,117 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class X509ExtensionsTest
+		: SimpleTest
+	{
+		private static readonly DerObjectIdentifier Oid1 = new DerObjectIdentifier("1.2.1");
+		private static readonly DerObjectIdentifier Oid2 = new DerObjectIdentifier("1.2.2");
+		private static readonly DerObjectIdentifier Oid3 = new DerObjectIdentifier("1.2.3");
+
+		public override string Name
+		{
+			get { return "X509Extensions"; }
+		}
+
+		public override void PerformTest()
+		{
+			X509ExtensionsGenerator gen = new X509ExtensionsGenerator();
+
+			gen.AddExtension(Oid1, true, new byte[20]);
+			gen.AddExtension(Oid2, true, new byte[20]);
+
+			X509Extensions ext1 = gen.Generate();
+			X509Extensions ext2 = gen.Generate();
+
+			if (!ext1.Equals(ext2))
+			{
+				Fail("Equals test failed");
+			}
+
+			gen.Reset();
+
+			gen.AddExtension(Oid2, true, new byte[20]);
+			gen.AddExtension(Oid1, true, new byte[20]);
+
+			ext2 = gen.Generate();
+
+			if (ext1.Equals(ext2))
+			{
+				Fail("inequality test failed");
+			}
+
+			if (!ext1.Equivalent(ext2))
+			{
+				Fail("equivalence true failed");
+			}
+
+			gen.Reset();
+
+			gen.AddExtension(Oid1, true, new byte[22]);
+			gen.AddExtension(Oid2, true, new byte[20]);
+
+			ext2 = gen.Generate();
+
+			if (ext1.Equals(ext2))
+			{
+				Fail("inequality 1 failed");
+			}
+
+			if (ext1.Equivalent(ext2))
+			{
+				Fail("non-equivalence 1 failed");
+			}
+
+			gen.Reset();
+
+			gen.AddExtension(Oid3, true, new byte[20]);
+			gen.AddExtension(Oid2, true, new byte[20]);
+
+			ext2 = gen.Generate();
+
+			if (ext1.Equals(ext2))
+			{
+				Fail("inequality 2 failed");
+			}
+
+			if (ext1.Equivalent(ext2))
+			{
+				Fail("non-equivalence 2 failed");
+			}
+
+			try
+			{
+				gen.AddExtension(Oid2, true, new byte[20]);
+				Fail("repeated oid");
+			}
+			catch (ArgumentException e)
+			{
+				if (!e.Message.Equals("extension 1.2.2 already added"))
+				{
+					Fail("wrong exception on repeated oid: " + e.Message);
+				}
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new X509ExtensionsTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/X509NameTest.cs b/crypto/test/src/asn1/test/X509NameTest.cs
new file mode 100644
index 000000000..7a0832c3e
--- /dev/null
+++ b/crypto/test/src/asn1/test/X509NameTest.cs
@@ -0,0 +1,674 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class X509NameTest
+		: SimpleTest
+	{
+		private static readonly string[] subjects =
+		{
+			"C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Webserver Team,CN=www2.connect4.com.au,E=webmaster@connect4.com.au",
+			"C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Certificate Authority,CN=Connect 4 CA,E=webmaster@connect4.com.au",
+			"C=AU,ST=QLD,CN=SSLeay/rsa test cert",
+			"C=US,O=National Aeronautics and Space Administration,SERIALNUMBER=16+CN=Steve Schoch",
+			"E=cooke@issl.atl.hp.com,C=US,OU=Hewlett Packard Company (ISSL),CN=Paul A. Cooke",
+			"O=Sun Microsystems Inc,CN=store.sun.com",
+			"unstructuredAddress=192.168.1.33,unstructuredName=pixfirewall.ciscopix.com,CN=pixfirewall.ciscopix.com"
+		};
+
+		public override string Name
+		{
+			get { return "X509Name"; }
+		}
+
+		private static X509Name FromBytes(
+			byte[] bytes)
+		{
+			return X509Name.GetInstance(Asn1Object.FromByteArray(bytes));
+		}
+
+		private IAsn1Convertible createEntryValue(
+			DerObjectIdentifier	oid,
+			string				value)
+		{
+			IDictionary attrs = new Hashtable();
+			attrs.Add(oid, value);
+
+			IList ord = new ArrayList();
+			ord.Add(oid);
+
+			X509Name name = new X509Name(ord, attrs);
+
+			Asn1Sequence seq = (Asn1Sequence)name.ToAsn1Object();
+			Asn1Set set = (Asn1Set)seq[0];
+			seq = (Asn1Sequence)set[0];
+
+			return seq[1];
+		}
+
+		private IAsn1Convertible createEntryValueFromString(
+			DerObjectIdentifier	oid,
+			string				val)
+		{
+			IDictionary attrs = new Hashtable();
+			attrs.Add(oid, val);
+
+			IList ord = new ArrayList(attrs.Keys);
+
+			X509Name name = new X509Name(new X509Name(ord, attrs).ToString());
+
+			Asn1Sequence seq = (Asn1Sequence) name.ToAsn1Object();
+			Asn1Set asn1Set = (Asn1Set) seq[0];
+			seq = (Asn1Sequence) asn1Set[0];
+
+			return seq[1];
+		}
+
+		private void doTestEncodingPrintableString(
+			DerObjectIdentifier	oid,
+			string				value)
+		{
+			IAsn1Convertible converted = createEntryValue(oid, value);
+			if (!(converted is DerPrintableString))
+			{
+				Fail("encoding for " + oid + " not printable string");
+			}
+		}
+
+		private void doTestEncodingIA5String(
+			DerObjectIdentifier oid,
+			string				value)
+		{
+			IAsn1Convertible converted = createEntryValue(oid, value);
+			if (!(converted is DerIA5String))
+			{
+				Fail("encoding for " + oid + " not IA5String");
+			}
+		}
+
+		private void doTestEncodingGeneralizedTime(
+			DerObjectIdentifier	oid,
+			string				val)
+		{
+			IAsn1Convertible converted = createEntryValue(oid, val);
+			if (!(converted is DerGeneralizedTime))
+			{
+				Fail("encoding for " + oid + " not GeneralizedTime");
+			}
+			converted = createEntryValueFromString(oid, val);
+			if (!(converted is DerGeneralizedTime))
+			{
+				Fail("encoding for " + oid + " not GeneralizedTime");
+			}
+		}
+
+		public override void PerformTest()
+		{
+			doTestEncodingPrintableString(X509Name.C, "AU");
+			doTestEncodingPrintableString(X509Name.SerialNumber, "123456");
+			doTestEncodingPrintableString(X509Name.DnQualifier, "123456");
+			doTestEncodingIA5String(X509Name.EmailAddress, "test@test.com");
+			doTestEncodingIA5String(X509Name.DC, "test");
+			// correct encoding
+			doTestEncodingGeneralizedTime(X509Name.DateOfBirth, "#180F32303032303132323132323232305A");
+			// compatability encoding
+			doTestEncodingGeneralizedTime(X509Name.DateOfBirth, "20020122122220Z");
+
+			//
+			// composite
+			//
+			IDictionary attrs = new Hashtable();
+			attrs.Add(X509Name.C, "AU");
+			attrs.Add(X509Name.O, "The Legion of the Bouncy Castle");
+			attrs.Add(X509Name.L, "Melbourne");
+			attrs.Add(X509Name.ST, "Victoria");
+			attrs.Add(X509Name.E, "feedback-crypto@bouncycastle.org");
+
+			IList order = new ArrayList();
+			order.Add(X509Name.C);
+			order.Add(X509Name.O);
+			order.Add(X509Name.L);
+			order.Add(X509Name.ST);
+			order.Add(X509Name.E);
+
+			X509Name name1 = new X509Name(order, attrs);
+
+			if (!name1.Equivalent(name1))
+			{
+				Fail("Failed same object test");
+			}
+
+			if (!name1.Equivalent(name1, true))
+			{
+				Fail("Failed same object test - in Order");
+			}
+
+			X509Name name2 = new X509Name(order, attrs);
+
+			if (!name1.Equivalent(name2))
+			{
+				Fail("Failed same name test");
+			}
+
+			if (!name1.Equivalent(name2, true))
+			{
+				Fail("Failed same name test - in Order");
+			}
+
+			if (name1.GetHashCode() != name2.GetHashCode())
+			{
+				Fail("Failed same name test - in Order");
+			}
+
+			IList ord1 = new ArrayList();
+
+			ord1.Add(X509Name.C);
+			ord1.Add(X509Name.O);
+			ord1.Add(X509Name.L);
+			ord1.Add(X509Name.ST);
+			ord1.Add(X509Name.E);
+
+			IList ord2 = new ArrayList();
+
+			ord2.Add(X509Name.E);
+			ord2.Add(X509Name.ST);
+			ord2.Add(X509Name.L);
+			ord2.Add(X509Name.O);
+			ord2.Add(X509Name.C);
+
+			name1 = new X509Name(ord1, attrs);
+			name2 = new X509Name(ord2, attrs);
+
+			if (!name1.Equivalent(name2))
+			{
+				Fail("Failed reverse name test");
+			}
+
+			// FIXME Sort out X509Name hashcode problem
+//			if (name1.GetHashCode() != name2.GetHashCode())
+//			{
+//				Fail("Failed reverse name test GetHashCode");
+//			}
+
+			if (name1.Equivalent(name2, true))
+			{
+				Fail("Failed reverse name test - in Order");
+			}
+
+			if (!name1.Equivalent(name2, false))
+			{
+				Fail("Failed reverse name test - in Order false");
+			}
+
+			IList oids = name1.GetOidList();
+			if (!CompareVectors(oids, ord1))
+			{
+				Fail("oid comparison test");
+			}
+
+			IList val1 = new ArrayList();
+
+			val1.Add("AU");
+			val1.Add("The Legion of the Bouncy Castle");
+			val1.Add("Melbourne");
+			val1.Add("Victoria");
+			val1.Add("feedback-crypto@bouncycastle.org");
+
+			name1 = new X509Name(ord1, val1);
+
+			IList values = name1.GetValueList();
+			if (!CompareVectors(values, val1))
+			{
+				Fail("value comparison test");
+			}
+
+			ord2 = new ArrayList();
+
+			ord2.Add(X509Name.ST);
+			ord2.Add(X509Name.ST);
+			ord2.Add(X509Name.L);
+			ord2.Add(X509Name.O);
+			ord2.Add(X509Name.C);
+
+			name1 = new X509Name(ord1, attrs);
+			name2 = new X509Name(ord2, attrs);
+
+			if (name1.Equivalent(name2))
+			{
+				Fail("Failed different name test");
+			}
+
+			ord2 = new ArrayList();
+
+			ord2.Add(X509Name.ST);
+			ord2.Add(X509Name.L);
+			ord2.Add(X509Name.O);
+			ord2.Add(X509Name.C);
+
+			name1 = new X509Name(ord1, attrs);
+			name2 = new X509Name(ord2, attrs);
+
+			if (name1.Equivalent(name2))
+			{
+				Fail("Failed subset name test");
+			}
+
+
+			compositeTest();
+
+
+			//
+			// getValues test
+			//
+			ArrayList v1 = name1.GetValues(X509Name.O);
+
+			if (v1.Count != 1 || !v1[0].Equals("The Legion of the Bouncy Castle"))
+			{
+				Fail("O test failed");
+			}
+
+			ArrayList v2 = name1.GetValues(X509Name.L);
+
+			if (v2.Count != 1 || !v2[0].Equals("Melbourne"))
+			{
+				Fail("L test failed");
+			}
+
+			//
+			// general subjects test
+			//
+			for (int i = 0; i != subjects.Length; i++)
+			{
+				X509Name name = new X509Name(subjects[i]);
+				byte[] encodedName = name.GetEncoded();
+				name = X509Name.GetInstance(Asn1Object.FromByteArray(encodedName));
+
+				if (!name.ToString().Equals(subjects[i]))
+				{
+					Fail("Failed regeneration test " + i);
+				}
+			}
+
+			//
+			// sort test
+			//
+			X509Name unsorted = new X509Name("SERIALNUMBER=BBB + CN=AA");
+
+			if (!FromBytes(unsorted.GetEncoded()).ToString().Equals("CN=AA+SERIALNUMBER=BBB"))
+			{
+				Fail("Failed sort test 1");
+			}
+
+			unsorted = new X509Name("CN=AA + SERIALNUMBER=BBB");
+
+			if (!FromBytes(unsorted.GetEncoded()).ToString().Equals("CN=AA+SERIALNUMBER=BBB"))
+			{
+				Fail("Failed sort test 2");
+			}
+
+			unsorted = new X509Name("SERIALNUMBER=B + CN=AA");
+
+			if (!FromBytes(unsorted.GetEncoded()).ToString().Equals("SERIALNUMBER=B+CN=AA"))
+			{
+				Fail("Failed sort test 3");
+			}
+
+			unsorted = new X509Name("CN=AA + SERIALNUMBER=B");
+
+			if (!FromBytes(unsorted.GetEncoded()).ToString().Equals("SERIALNUMBER=B+CN=AA"))
+			{
+				Fail("Failed sort test 4");
+			}
+
+			//
+			// equality tests
+			//
+			equalityTest(new X509Name("CN=The     Legion"), new X509Name("CN=The Legion"));
+			equalityTest(new X509Name("CN=   The Legion"), new X509Name("CN=The Legion"));
+			equalityTest(new X509Name("CN=The Legion   "), new X509Name("CN=The Legion"));
+			equalityTest(new X509Name("CN=  The     Legion "), new X509Name("CN=The Legion"));
+			equalityTest(new X509Name("CN=  the     legion "), new X509Name("CN=The Legion"));
+
+			// # test
+
+			X509Name n1 = new X509Name("SERIALNUMBER=8,O=ABC,CN=ABC Class 3 CA,C=LT");
+			X509Name n2 = new X509Name("2.5.4.5=8,O=ABC,CN=ABC Class 3 CA,C=LT");
+			X509Name n3 = new X509Name("2.5.4.5=#130138,O=ABC,CN=ABC Class 3 CA,C=LT");
+
+			equalityTest(n1, n2);
+			equalityTest(n2, n3);
+			equalityTest(n3, n1);
+
+			n1 = new X509Name(true, "2.5.4.5=#130138,CN=SSC Class 3 CA,O=UAB Skaitmeninio sertifikavimo centras,C=LT");
+			n2 = new X509Name(true, "SERIALNUMBER=#130138,CN=SSC Class 3 CA,O=UAB Skaitmeninio sertifikavimo centras,C=LT");
+			n3 = X509Name.GetInstance(Asn1Object.FromByteArray(Hex.Decode("3063310b3009060355040613024c54312f302d060355040a1326"
+				+ "55414220536b6169746d656e696e696f20736572746966696b6176696d6f2063656e74726173311730150603550403130e53534320436c6173732033204341310a30080603550405130138")));
+
+			equalityTest(n1, n2);
+			equalityTest(n2, n3);
+			equalityTest(n3, n1);
+
+			n1 = new X509Name("SERIALNUMBER=8,O=XX,CN=ABC Class 3 CA,C=LT");
+			n2 = new X509Name("2.5.4.5=8,O=,CN=ABC Class 3 CA,C=LT");
+
+			if (n1.Equivalent(n2))
+			{
+				Fail("empty inequality check failed");
+			}
+
+			n1 = new X509Name("SERIALNUMBER=8,O=,CN=ABC Class 3 CA,C=LT");
+			n2 = new X509Name("2.5.4.5=8,O=,CN=ABC Class 3 CA,C=LT");
+
+			equalityTest(n1, n2);
+
+			//
+			// inequality to sequences
+			//
+			name1 = new X509Name("CN=The Legion");
+
+			if (name1.Equals(DerSequence.Empty))
+			{
+				Fail("inequality test with sequence");
+			}
+
+			if (name1.Equals(new DerSequence(DerSet.Empty)))
+			{
+				Fail("inequality test with sequence and set");
+			}
+
+			Asn1EncodableVector v = new Asn1EncodableVector(
+				new DerObjectIdentifier("1.1"),
+				new DerObjectIdentifier("1.1"));
+
+			if (name1.Equals(new DerSequence(new DerSet(new DerSet(v)))))
+			{
+				Fail("inequality test with sequence and bad set");
+			}
+
+//			if (name1.Equals(new DerSequence(new DerSet(new DerSet(v))), true))
+//			{
+//				Fail("inequality test with sequence and bad set");
+//			}
+			try
+			{
+				X509Name.GetInstance(new DerSequence(new DerSet(new DerSet(v))));
+				Fail("GetInstance should reject bad sequence");
+			}
+			catch (ArgumentException)
+			{
+				//expected
+			}
+
+			if (name1.Equals(new DerSequence(new DerSet(DerSequence.Empty))))
+			{
+				Fail("inequality test with sequence and short sequence");
+			}
+
+//			if (name1.Equals(new DerSequence(new DerSet(DerSequence.Empty)), true))
+//			{
+//				Fail("inequality test with sequence and short sequence");
+//			}
+			try
+			{
+				X509Name.GetInstance(new DerSequence(new DerSet(DerSequence.Empty)));
+				Fail("GetInstance should reject short sequence");
+			}
+			catch (ArgumentException)
+			{
+				//expected
+			}
+
+			v = new Asn1EncodableVector(
+				new DerObjectIdentifier("1.1"),
+				DerSequence.Empty);
+
+			if (name1.Equals(new DerSequence(new DerSet(new DerSequence(v)))))
+			{
+				Fail("inequality test with sequence and bad sequence");
+			}
+
+			if (name1.Equivalent(null))
+			{
+				Fail("inequality test with null");
+			}
+
+			if (name1.Equivalent(null, true))
+			{
+				Fail("inequality test with null");
+			}
+
+			//
+			// this is contrived but it checks sorting of sets with equal elements
+			//
+			unsorted = new X509Name("CN=AA + CN=AA + CN=AA");
+
+			//
+			// tagging test - only works if CHOICE implemented
+			//
+			/*
+			ASN1TaggedObject tag = new DERTaggedObject(false, 1, new X509Name("CN=AA"));
+
+			if (!tag.isExplicit())
+			{
+				Fail("failed to explicitly tag CHOICE object");
+			}
+
+			X509Name name = X509Name.getInstance(tag, false);
+
+			if (!name.equals(new X509Name("CN=AA")))
+			{
+				Fail("failed to recover tagged name");
+			}
+			*/
+
+			DerUtf8String testString = new DerUtf8String("The Legion of the Bouncy Castle");
+			byte[] encodedBytes = testString.GetEncoded();
+			string hexEncodedString = "#" + Hex.ToHexString(encodedBytes);
+
+			DerUtf8String converted = (DerUtf8String)
+				new X509DefaultEntryConverter().GetConvertedValue(
+				X509Name.L , hexEncodedString);
+
+			if (!converted.Equals(testString))
+			{
+				Fail("Failed X509DefaultEntryConverter test");
+			}
+
+			//
+			// try escaped.
+			//
+			converted = (DerUtf8String) new X509DefaultEntryConverter().GetConvertedValue(
+				X509Name.L , "\\" + hexEncodedString);
+
+			if (!converted.Equals(new DerUtf8String(hexEncodedString)))
+			{
+				Fail("Failed X509DefaultEntryConverter test got " + converted + " expected: " + hexEncodedString);
+			}
+
+			//
+			// try a weird value
+			//
+			X509Name n = new X509Name("CN=\\#nothex#string");
+
+			if (!n.ToString().Equals("CN=\\#nothex#string"))
+			{
+				Fail("# string not properly escaped.");
+			}
+
+			ArrayList vls = n.GetValues(X509Name.CN);
+			if (vls.Count != 1 || !vls[0].Equals("#nothex#string"))
+			{
+				Fail("Escaped # not reduced properly");
+			}
+
+			n = new X509Name("CN=\"a+b\"");
+
+			vls = n.GetValues(X509Name.CN);
+			if (vls.Count != 1 || !vls[0].Equals("a+b"))
+			{
+				Fail("Escaped + not reduced properly");
+			}
+
+			n = new X509Name("CN=a\\+b");
+
+			vls = n.GetValues(X509Name.CN);
+			if (vls.Count != 1 || !vls[0].Equals("a+b"))
+			{
+				Fail("Escaped + not reduced properly");
+			}
+
+			if (!n.ToString().Equals("CN=a\\+b"))
+			{
+				Fail("+ in string not properly escaped.");
+			}
+
+			n = new X509Name("CN=a\\=b");
+
+			vls = n.GetValues(X509Name.CN);
+			if (vls.Count != 1 || !vls[0].Equals("a=b"))
+			{
+				Fail("Escaped = not reduced properly");
+			}
+
+			if (!n.ToString().Equals("CN=a\\=b"))
+			{
+				Fail("= in string not properly escaped.");
+			}
+
+	        n = new X509Name("TELEPHONENUMBER=\"+61999999999\"");
+
+	        vls = n.GetValues(X509Name.TelephoneNumber);
+	        if (vls.Count != 1 || !vls[0].Equals("+61999999999"))
+	        {
+	            Fail("telephonenumber escaped + not reduced properly");
+	        }
+
+	        n = new X509Name("TELEPHONENUMBER=\\+61999999999");
+
+	        vls = n.GetValues(X509Name.TelephoneNumber);
+	        if (vls.Count != 1 || !vls[0].Equals("+61999999999"))
+	        {
+	            Fail("telephonenumber escaped + not reduced properly");
+	        }
+
+	        n = new X509Name(@"TELEPHONENUMBER=\+61999999999");
+
+	        vls = n.GetValues(X509Name.TelephoneNumber);
+	        if (vls.Count != 1 || !vls[0].Equals("+61999999999"))
+	        {
+	            Fail("telephonenumber escaped + not reduced properly");
+	        }
+		}
+
+		private void compositeTest()
+		{
+			//
+			// composite test
+			//
+			byte[] enc = Hex.Decode("305e310b300906035504061302415531283026060355040a0c1f546865204c6567696f6e206f662074686520426f756e637920436173746c653125301006035504070c094d656c626f75726e653011060355040b0c0a4173636f742056616c65");
+			X509Name n = X509Name.GetInstance(Asn1Object.FromByteArray(enc));
+
+			if (!n.ToString().Equals("C=AU,O=The Legion of the Bouncy Castle,L=Melbourne+OU=Ascot Vale"))
+			{
+				Fail("Failed composite to string test got: " + n.ToString());
+			}
+
+            IDictionary symbols = X509Name.DefaultSymbols;
+			if (!n.ToString(true, symbols).Equals("L=Melbourne+OU=Ascot Vale,O=The Legion of the Bouncy Castle,C=AU"))
+			{
+                Fail("Failed composite to string test got: " + n.ToString(true, symbols));
+			}
+
+			n = new X509Name(true, "L=Melbourne+OU=Ascot Vale,O=The Legion of the Bouncy Castle,C=AU");
+			if (!n.ToString().Equals("C=AU,O=The Legion of the Bouncy Castle,L=Melbourne+OU=Ascot Vale"))
+			{
+				Fail("Failed composite to string reversal test got: " + n.ToString());
+			}
+
+			n = new X509Name("C=AU, O=The Legion of the Bouncy Castle, L=Melbourne + OU=Ascot Vale");
+
+			MemoryStream bOut = new MemoryStream();
+			Asn1OutputStream aOut = new Asn1OutputStream(bOut);
+
+			aOut.WriteObject(n);
+
+			byte[] enc2 = bOut.ToArray();
+
+			if (!Arrays.AreEqual(enc, enc2))
+			{
+				Fail("Failed composite string to encoding test");
+			}
+
+			//
+			// dud name test - handle empty DN without barfing.
+			//
+			n = new X509Name("C=CH,O=,OU=dummy,CN=mail@dummy.com");
+
+			n = X509Name.GetInstance(Asn1Object.FromByteArray(n.GetEncoded()));
+		}
+
+		private void equalityTest(
+			X509Name	x509Name,
+			X509Name	x509Name1)
+		{
+			if (!x509Name.Equivalent(x509Name1))
+			{
+				Fail("equality test failed for " + x509Name + " : " + x509Name1);
+			}
+
+			// FIXME Sort out X509Name hashcode problem
+//			if (x509Name.GetHashCode() != x509Name1.GetHashCode())
+//			{
+//				Fail("GetHashCode test failed for " + x509Name + " : " + x509Name1);
+//			}
+
+			if (!x509Name.Equivalent(x509Name1, true))
+			{
+				Fail("equality test failed for " + x509Name + " : " + x509Name1);
+			}
+		}
+
+		private bool CompareVectors(
+			IList	one,
+			IList	two)
+		{
+			if (one.Count != two.Count)
+				return false;
+
+			for (int i = 0; i < one.Count; ++i)
+			{
+				if (!one[i].Equals(two[i]))
+					return false;
+			}
+
+			return true;
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new X509NameTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/asn1/test/X9Test.cs b/crypto/test/src/asn1/test/X9Test.cs
new file mode 100644
index 000000000..540cddb47
--- /dev/null
+++ b/crypto/test/src/asn1/test/X9Test.cs
@@ -0,0 +1,181 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Asn1.Tests
+{
+	[TestFixture]
+	public class X9Test
+		: SimpleTest
+	{
+		private static readonly byte[] namedPub = Base64.Decode("MBowEwYHKoZIzj0CAQYIKoZIzj0DAQEDAwADAQ==");
+		private static readonly byte[] expPub = Base64.Decode(
+			  "MIHfMIHXBgcqhkjOPQIBMIHLAgEBMCkGByqGSM49AQECHn///////////////3///////4AAAA"
+			+ "AAAH///////zBXBB5///////////////9///////+AAAAAAAB///////wEHiVXBfoqMGZUsfTL"
+			+ "A9anUKMMJQEC1JiHF9m6FattPgMVAH1zdBaP/jRxtgqFdoahlHXTv6L/BB8DZ2iujhi7ks/PAF"
+			+ "yUmqLG2UhT0OZgu/hUsclQX+laAh5///////////////9///+XXetBs6YFfDxDIUZSZVECAQED"
+			+ "AwADAQ==");
+
+		private static readonly byte[] namedPriv = Base64.Decode("MCICAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEECDAGAgEBBAEK");
+		private static readonly byte[] expPriv = Base64.Decode(
+			  "MIHnAgEAMIHXBgcqhkjOPQIBMIHLAgEBMCkGByqGSM49AQECHn///////////////3///////4"
+			+ "AAAAAAAH///////zBXBB5///////////////9///////+AAAAAAAB///////wEHiVXBfoqMGZU"
+			+ "sfTLA9anUKMMJQEC1JiHF9m6FattPgMVAH1zdBaP/jRxtgqFdoahlHXTv6L/BB8DZ2iujhi7ks"
+			+ "/PAFyUmqLG2UhT0OZgu/hUsclQX+laAh5///////////////9///+XXetBs6YFfDxDIUZSZVEC"
+			+ "AQEECDAGAgEBBAEU");
+
+		private void EncodePublicKey()
+		{
+			X9ECParameters ecP = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime239v3);
+
+			if (X9IntegerConverter.GetByteLength(ecP.Curve) != 30)
+			{
+				Fail("wrong byte length reported for curve");
+			}
+
+			if (ecP.Curve.FieldSize != 239)
+			{
+				Fail("wrong field size reported for curve");
+			}
+
+			//
+			// named curve
+			//
+			X962Parameters _params = new X962Parameters(X9ObjectIdentifiers.Prime192v1);
+
+			X9ECPoint pPoint = new X9ECPoint(
+				new FpPoint(ecP.Curve, new FpFieldElement(BigInteger.Two, BigInteger.One),
+				new FpFieldElement(BigInteger.ValueOf(4), BigInteger.ValueOf(3)),
+				true));
+
+			Asn1OctetString p = (Asn1OctetString) pPoint.ToAsn1Object();
+
+			if (p == null)
+			{
+				Fail("failed to convert to ASN.1");
+			}
+
+			SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), p.GetOctets());
+
+			if (!Arrays.AreEqual(info.GetEncoded(), namedPub))
+			{
+				Fail("failed public named generation");
+			}
+
+			Asn1Object o = Asn1Object.FromByteArray(namedPub);
+
+			if (!info.Equals(o))
+			{
+				Fail("failed public named equality");
+			}
+
+			//
+			// explicit curve parameters
+			//
+			_params = new X962Parameters(ecP);
+
+			info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), p.GetOctets());
+
+			if (!Arrays.AreEqual(info.GetEncoded(), expPub))
+			{
+				Fail("failed public explicit generation");
+			}
+
+			o = Asn1Object.FromByteArray(expPub);
+
+			if (!info.Equals(o))
+			{
+				Fail("failed public explicit equality");
+			}
+		}
+
+		private void EncodePrivateKey()
+		{
+			X9ECParameters ecP = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime239v3);
+
+			//
+			// named curve
+			//
+			X962Parameters _params = new X962Parameters(X9ObjectIdentifiers.Prime192v1);
+
+			X9ECPoint pPoint = new X9ECPoint(
+				new FpPoint(ecP.Curve, new FpFieldElement(BigInteger.Two, BigInteger.One),
+				new FpFieldElement(BigInteger.ValueOf(4), BigInteger.ValueOf(3)),
+				true));
+
+			Asn1OctetString p = (Asn1OctetString) pPoint.ToAsn1Object();
+
+			if (p == null)
+				Fail("failed to convert to ASN.1");
+
+			PrivateKeyInfo info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), new ECPrivateKeyStructure(BigInteger.Ten).ToAsn1Object());
+
+			if (!Arrays.AreEqual(info.GetEncoded(), namedPriv))
+			{
+				Fail("failed private named generation");
+			}
+
+			Asn1Object o = Asn1Object.FromByteArray(namedPriv);
+
+			if (!info.Equals(o))
+			{
+				Fail("failed private named equality");
+			}
+
+			//
+			// explicit curve parameters
+			//
+			_params = new X962Parameters(ecP);
+
+			info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), new ECPrivateKeyStructure(BigInteger.ValueOf(20)).ToAsn1Object());
+
+			if (!Arrays.AreEqual(info.GetEncoded(), expPriv))
+			{
+				Fail("failed private explicit generation");
+			}
+
+			o = Asn1Object.FromByteArray(expPriv);
+
+			if (!info.Equals(o))
+			{
+				Fail("failed private explicit equality");
+			}
+		}
+
+		public override void PerformTest()
+		{
+			EncodePublicKey();
+			EncodePrivateKey();
+		}
+
+		public override string Name
+		{
+			get { return "X9"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new X9Test());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/cms/test/AllTests.cs b/crypto/test/src/cms/test/AllTests.cs
new file mode 100644
index 000000000..1ce3b7c8d
--- /dev/null
+++ b/crypto/test/src/cms/test/AllTests.cs
@@ -0,0 +1,35 @@
+using System;
+
+using NUnit.Core;
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Cms.Tests
+{
+    public class AllTests
+    {
+        public static void Main(
+			string[] args)
+        {
+            //junit.textui.TestRunner.run(suite());
+            EventListener el = new NullListener();
+            suite().Run(el);
+        }
+
+		public static TestSuite suite()
+        {
+            TestSuite suite = new TestSuite("CMS Tests");
+
+			suite.Add(new CompressedDataTest());
+            suite.Add(new CompressedDataStreamTest());
+			suite.Add(new EnvelopedDataTest());
+			suite.Add(new EnvelopedDataStreamTest());
+			suite.Add(new Rfc4134Test());
+			suite.Add(new SignedDataTest());
+			suite.Add(new SignedDataStreamTest());
+
+			return suite;
+        }
+    }
+}
diff --git a/crypto/test/src/cms/test/AuthenticatedDataStreamTest.cs b/crypto/test/src/cms/test/AuthenticatedDataStreamTest.cs
new file mode 100644
index 000000000..89a2174b7
--- /dev/null
+++ b/crypto/test/src/cms/test/AuthenticatedDataStreamTest.cs
@@ -0,0 +1,113 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Cms.Tests
+{
+	[TestFixture]
+	public class AuthenticatedDataStreamTest
+	{
+		private const string SignDN = "O=Bouncy Castle, C=AU";
+
+		private static AsymmetricCipherKeyPair signKP;
+//		private static X509Certificate signCert;
+		//signCert = CmsTestUtil.MakeCertificate(_signKP, SignDN, _signKP, SignDN);
+
+//		private const string OrigDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
+
+//		private static AsymmetricCipherKeyPair origKP;
+		//origKP = CmsTestUtil.MakeKeyPair();
+//		private static X509Certificate origCert;
+		//origCert = CmsTestUtil.MakeCertificate(_origKP, OrigDN, _signKP, SignDN);
+
+		private const string ReciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
+
+		private static AsymmetricCipherKeyPair reciKP;
+		private static X509Certificate reciCert;
+
+		private static AsymmetricCipherKeyPair origECKP;
+		private static AsymmetricCipherKeyPair reciECKP;
+		private static X509Certificate reciECCert;
+
+		private static AsymmetricCipherKeyPair SignKP
+		{
+			get { return signKP == null ? (signKP = CmsTestUtil.MakeKeyPair()) : signKP; }
+		}
+
+		private static AsymmetricCipherKeyPair ReciKP
+		{
+			get { return reciKP == null ? (reciKP = CmsTestUtil.MakeKeyPair()) : reciKP; }
+		}
+
+		private static X509Certificate ReciCert
+		{
+			get { return reciCert == null ? (reciCert = CmsTestUtil.MakeCertificate(ReciKP, ReciDN, SignKP, SignDN)) : reciCert; }
+		}
+
+		private static AsymmetricCipherKeyPair OrigECKP
+		{
+			get { return origECKP == null ? (origECKP = CmsTestUtil.MakeECDsaKeyPair()) : origECKP; }
+		}
+
+		private static AsymmetricCipherKeyPair ReciECKP
+		{
+			get { return reciECKP == null ? (reciECKP = CmsTestUtil.MakeECDsaKeyPair()) : reciECKP; }
+		}
+
+		private static X509Certificate ReciECCert
+		{
+			get { return reciECCert == null ? (reciECCert = CmsTestUtil.MakeCertificate(ReciECKP, ReciDN, SignKP, SignDN)) : reciECCert; }
+		}
+
+		[Test]
+		public void TestKeyTransDESede()
+		{
+			tryKeyTrans(CmsAuthenticatedDataGenerator.DesEde3Cbc);
+		}
+
+		private void tryKeyTrans(
+			string macAlg)
+		{
+			byte[] data = Encoding.ASCII.GetBytes("Eric H. Echidna");
+
+			CmsAuthenticatedDataStreamGenerator adGen = new CmsAuthenticatedDataStreamGenerator();
+
+			adGen.AddKeyTransRecipient(ReciCert);
+
+			MemoryStream bOut = new MemoryStream();
+			Stream aOut = adGen.Open(bOut, macAlg);
+			aOut.Write(data, 0, data.Length);
+			aOut.Close();
+
+			CmsAuthenticatedDataParser ad = new CmsAuthenticatedDataParser(bOut.ToArray());
+
+			RecipientInformationStore recipients = ad.GetRecipientInfos();
+
+			Assert.AreEqual(ad.MacAlgOid, macAlg);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id);
+
+				byte[] recData = recipient.GetContent(ReciKP.Private);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+				Assert.IsTrue(Arrays.AreEqual(ad.GetMac(), recipient.GetMac()));
+			}
+		}
+	}
+}
\ No newline at end of file
diff --git a/crypto/test/src/cms/test/AuthenticatedDataTest.cs b/crypto/test/src/cms/test/AuthenticatedDataTest.cs
new file mode 100644
index 000000000..0ad34a95b
--- /dev/null
+++ b/crypto/test/src/cms/test/AuthenticatedDataTest.cs
@@ -0,0 +1,320 @@
+using System;
+using System.Collections;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Cms.Tests
+{
+	[TestFixture]
+	public class AuthenticatedDataTest
+	{
+		private const string SignDN = "O=Bouncy Castle, C=AU";
+
+		private static AsymmetricCipherKeyPair signKP;
+//		private static X509Certificate signCert;
+		//signCert = CmsTestUtil.MakeCertificate(_signKP, SignDN, _signKP, SignDN);
+
+//		private const string OrigDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
+
+//		private static AsymmetricCipherKeyPair origKP;
+		//origKP = CmsTestUtil.MakeKeyPair();
+//		private static X509Certificate origCert;
+		//origCert = CmsTestUtil.MakeCertificate(_origKP, OrigDN, _signKP, SignDN);
+
+		private const string ReciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
+
+		private static AsymmetricCipherKeyPair reciKP;
+		private static X509Certificate reciCert;
+
+		private static AsymmetricCipherKeyPair origECKP;
+		private static AsymmetricCipherKeyPair reciECKP;
+		private static X509Certificate reciECCert;
+
+		private static AsymmetricCipherKeyPair SignKP
+		{
+			get { return signKP == null ? (signKP = CmsTestUtil.MakeKeyPair()) : signKP; }
+		}
+
+		private static AsymmetricCipherKeyPair ReciKP
+		{
+			get { return reciKP == null ? (reciKP = CmsTestUtil.MakeKeyPair()) : reciKP; }
+		}
+
+		private static X509Certificate ReciCert
+		{
+			get { return reciCert == null ? (reciCert = CmsTestUtil.MakeCertificate(ReciKP, ReciDN, SignKP, SignDN)) : reciCert; }
+		}
+
+		private static AsymmetricCipherKeyPair OrigECKP
+		{
+			get { return origECKP == null ? (origECKP = CmsTestUtil.MakeECDsaKeyPair()) : origECKP; }
+		}
+
+		private static AsymmetricCipherKeyPair ReciECKP
+		{
+			get { return reciECKP == null ? (reciECKP = CmsTestUtil.MakeECDsaKeyPair()) : reciECKP; }
+		}
+
+		private static X509Certificate ReciECCert
+		{
+			get { return reciECCert == null ? (reciECCert = CmsTestUtil.MakeCertificate(ReciECKP, ReciDN, SignKP, SignDN)) : reciECCert; }
+		}
+		
+//		private static string          _signDN;
+//		private static KeyPair _signKP;
+//		private static X509Certificate _signCert;
+//	
+//		private static string          _origDN;
+//		private static KeyPair         _origKP;
+//		private static X509Certificate _origCert;
+//	
+//		private static string          _reciDN;
+//		private static KeyPair         _reciKP;
+//		private static X509Certificate _reciCert;
+//	
+//		private static KeyPair         _origEcKP;
+//		private static KeyPair         _reciEcKP;
+//		private static X509Certificate _reciEcCert;
+//	
+//		private static bool         _initialised = false;
+//	
+//		public bool DEBUG = true;
+//	
+//		private static void init()
+//		{
+//			if (!_initialised)
+//			{
+//			_initialised = true;
+//			
+//			_signDN   = "O=Bouncy Castle, C=AU";
+//			_signKP   = CmsTestUtil.makeKeyPair();
+//			_signCert = CmsTestUtil.makeCertificate(_signKP, _signDN, _signKP, _signDN);
+//			
+//			_origDN   = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
+//			_origKP   = CmsTestUtil.makeKeyPair();
+//			_origCert = CmsTestUtil.makeCertificate(_origKP, _origDN, _signKP, _signDN);
+//			
+//			_reciDN   = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
+//			_reciKP   = CmsTestUtil.makeKeyPair();
+//			_reciCert = CmsTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN);
+//			
+//			_origEcKP = CmsTestUtil.makeEcDsaKeyPair();
+//			_reciEcKP = CmsTestUtil.makeEcDsaKeyPair();
+//			_reciEcCert = CmsTestUtil.makeCertificate(_reciEcKP, _reciDN, _signKP, _signDN);
+//			}
+//		}
+//	
+//		public void setUp()
+//		{
+//			init();
+//		}
+//		
+//		public AuthenticatedDataTest(string name)
+//		{
+//		super(name);
+//		}
+//		
+//		public static void main(string args[])
+//		{
+//		junit.textui.TestRunner.run(AuthenticatedDataTest.class);
+//		}
+//		
+//		public static Test suite()
+//		throws Exception
+//		{
+//		init();
+//		
+//		return new CMSTestSetup(new TestSuite(AuthenticatedDataTest.class));
+//		}
+
+		[Test]
+		public void TestKeyTransDESede()
+		{
+			tryKeyTrans(CmsAuthenticatedDataGenerator.DesEde3Cbc);
+		}
+		
+		[Test]
+		public void TestKEKDESede()
+		{
+			tryKekAlgorithm(CmsTestUtil.MakeDesEde192Key(), new DerObjectIdentifier("1.2.840.113549.1.9.16.3.6"));
+		}
+		
+		[Test]
+		public void TestPasswordAES256()
+		{
+			passwordTest(CmsAuthenticatedDataGenerator.Aes256Cbc);
+		}
+		
+		[Test]
+		public void TestECKeyAgree()
+		{
+			byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
+
+			CmsAuthenticatedDataGenerator adGen = new CmsAuthenticatedDataGenerator();
+
+			adGen.AddKeyAgreementRecipient(CmsAuthenticatedDataGenerator.ECDHSha1Kdf, OrigECKP.Private, OrigECKP.Public, ReciECCert, CmsAuthenticatedDataGenerator.Aes128Wrap);
+
+			CmsAuthenticatedData ad = adGen.Generate(
+				new CmsProcessableByteArray(data),
+				CmsAuthenticatedDataGenerator.DesEde3Cbc);
+
+			RecipientInformationStore recipients = ad.GetRecipientInfos();
+
+			Assert.AreEqual(CmsAuthenticatedDataGenerator.DesEde3Cbc, ad.MacAlgOid);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				byte[] recData = recipient.GetContent(ReciECKP.Private);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+				Assert.IsTrue(Arrays.AreEqual(ad.GetMac(), recipient.GetMac()));
+			}
+		}
+		
+		[Test]
+		public void TestEncoding()
+		{
+			byte[] data = Encoding.ASCII.GetBytes("Eric H. Echidna");
+
+			CmsAuthenticatedDataGenerator adGen = new CmsAuthenticatedDataGenerator();
+
+			adGen.AddKeyTransRecipient(ReciCert);
+
+			CmsAuthenticatedData ad = adGen.Generate(
+				new CmsProcessableByteArray(data),
+				CmsAuthenticatedDataGenerator.DesEde3Cbc);
+
+			ad = new CmsAuthenticatedData(ad.GetEncoded());
+
+			RecipientInformationStore recipients = ad.GetRecipientInfos();
+
+			Assert.AreEqual(CmsAuthenticatedDataGenerator.DesEde3Cbc, ad.MacAlgOid);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id);
+
+				byte[] recData = recipient.GetContent(ReciKP.Private);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+				Assert.IsTrue(Arrays.AreEqual(ad.GetMac(), recipient.GetMac()));
+			}
+		}
+
+		private void tryKeyTrans(string macAlg)
+		{
+			byte[] data = Encoding.ASCII.GetBytes("Eric H. Echidna");
+
+			CmsAuthenticatedDataGenerator adGen = new CmsAuthenticatedDataGenerator();
+
+			adGen.AddKeyTransRecipient(ReciCert);
+
+			CmsAuthenticatedData ad = adGen.Generate(
+				new CmsProcessableByteArray(data),
+				macAlg);
+
+			RecipientInformationStore recipients = ad.GetRecipientInfos();
+
+			Assert.AreEqual(ad.MacAlgOid, macAlg);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id);
+
+				byte[] recData = recipient.GetContent(ReciKP.Private);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+				Assert.IsTrue(Arrays.AreEqual(ad.GetMac(), recipient.GetMac()));
+			}
+		}
+		
+		private void tryKekAlgorithm(KeyParameter kek, DerObjectIdentifier algOid)
+		{
+			byte[] data = Encoding.ASCII.GetBytes("Eric H. Echidna");
+
+			CmsAuthenticatedDataGenerator adGen = new CmsAuthenticatedDataGenerator();
+
+			byte[] kekId = new byte[] { 1, 2, 3, 4, 5 };
+
+			// FIXME Will this work for macs?
+			string keyAlgorithm = ParameterUtilities.GetCanonicalAlgorithmName(algOid.Id);
+
+			adGen.AddKekRecipient(keyAlgorithm, kek, kekId);
+
+			CmsAuthenticatedData ad = adGen.Generate(
+				new CmsProcessableByteArray(data),
+				CmsAuthenticatedDataGenerator.DesEde3Cbc);
+
+			RecipientInformationStore recipients = ad.GetRecipientInfos();
+
+			Assert.AreEqual(CmsAuthenticatedDataGenerator.DesEde3Cbc, ad.MacAlgOid);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				Assert.AreEqual(recipient.KeyEncryptionAlgOid, algOid.Id);
+
+				byte[] recData = recipient.GetContent(kek);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+				Assert.IsTrue(Arrays.AreEqual(ad.GetMac(), recipient.GetMac()));
+			}
+		}
+		
+		private void passwordTest(string algorithm)
+		{
+			byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
+
+			CmsAuthenticatedDataGenerator adGen = new CmsAuthenticatedDataGenerator();
+
+			adGen.AddPasswordRecipient(new Pkcs5Scheme2PbeKey("password".ToCharArray(), new byte[20], 5), algorithm);
+		
+			CmsAuthenticatedData ad = adGen.Generate(
+				new CmsProcessableByteArray(data),
+				CmsAuthenticatedDataGenerator.DesEde3Cbc);
+
+			RecipientInformationStore recipients = ad.GetRecipientInfos();
+
+			Assert.AreEqual(CmsAuthenticatedDataGenerator.DesEde3Cbc, ad.MacAlgOid);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (PasswordRecipientInformation recipient in c)
+			{
+				CmsPbeKey key = new Pkcs5Scheme2PbeKey("password".ToCharArray(), recipient.KeyDerivationAlgorithm);
+
+				byte[] recData = recipient.GetContent(key);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+				Assert.IsTrue(Arrays.AreEqual(ad.GetMac(), recipient.GetMac()));
+			}
+		}
+	}
+}
diff --git a/crypto/test/src/cms/test/CMSSampleMessages.cs b/crypto/test/src/cms/test/CMSSampleMessages.cs
new file mode 100644
index 000000000..ae4f60fd1
--- /dev/null
+++ b/crypto/test/src/cms/test/CMSSampleMessages.cs
@@ -0,0 +1,147 @@
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Cms.Tests
+{
+	internal class CmsSampleMessages
+	{
+		internal static readonly byte[] originatorMessage = Base64.Decode(
+			  "MIIYGgYJKoZIhvcNAQcDoIIYCzCCGAcCAQKgggRJoIIERTCCBEEwggIpAgkA"
+			+ "xS/+IvjTL8YwDQYJKoZIhvcNAQEFBQAwaTELMAkGA1UEBhMCVVMxGDAWBgNV"
+			+ "BAoTD1UuUy4gR292ZXJubWVudDESMBAGA1UECxMJSFNQRDEyTGFiMQ8wDQYD"
+			+ "VQQLEwZBZ2VudHMxGzAZBgNVBAMTEkhTUEQxMiBMYWIgQ0EgUm9vdDAeFw0w"
+			+ "NzA1MTQxNzEzMzRaFw0wODA1MTMxNzEzMzRaMFwxCzAJBgNVBAYTAlVTMRgw"
+			+ "FgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxEjAQBgNVBAsTCUhTUEQxMkxhYjEP"
+			+ "MA0GA1UECxMGQWdlbnRzMQ4wDAYDVQQDEwV1c2VyMTCCASIwDQYJKoZIhvcN"
+			+ "AQEBBQADggEPADCCAQoCggEBALC54HvfpSE3yq/EkpNCkUEV6a6Df3q4k8EM"
+			+ "dlg0nQSf2FgYh1GMiztw8SVjrF80l4+Hg5/FW2XN2kpVQBap/H5ziPYXenbi"
+			+ "VLJHCF9LVyYDOS7xGfRtQ+ZhFUcECtaCLJsR7HIiFyKZWGg0c3bFZvFkdZqT"
+			+ "8MMwjhcIVE1BptMqcGriqqMQAUKYmOguAOzMCTGAOxqBXYFmR68WtggVNMMc"
+			+ "5qU6S/4OxeCmaNSPG5p7pA1o4Cnv4aJF1mAPedVPQpAS4Lu2K9nNhRkug0yd"
+			+ "6nPaxgQudk5YxlreNOPKiAHApk9RhGVepGchJCFP2aIPu9tkIiSe3omezSZu"
+			+ "Sy/3F5UCAwEAATANBgkqhkiG9w0BAQUFAAOCAgEAGDxqVI4aR4XNfbk2MtXF"
+			+ "agNYZOswn85X84um9gG323qjYhroW0QDuy3CwtUwhH866mpnJyhJvKx3b8UE"
+			+ "7pZInoNEz1UVn+wgJVXMmaG5mfp3X6z0xDAEaKmDMJXl66wlFGG1iveGgcEi"
+			+ "oMkrxFJKvu/FXywzPvz2pXD9LQapogOQpVsvg/hed//wijDG94UBkhbHTZ53"
+			+ "6ODKuHGmooO6bgqJxKcVyLwQAq/lXGtLqODK9BDicfUzuhLWA0si7Y1daehj"
+			+ "fjgAqFGirqRtPDdk1jywoMJdDCQqocNqNGuu/+9ZoRNtY7XFbiN7h4s4KTkw"
+			+ "YqCph8g+RZYJVZJDw/+qc5ymYZiufbImA08D7x7IzqX9eeuAqKCebkxcK0Dz"
+			+ "eh/wT7Ff8csw0xqkkEbi5sTORogPexKGo9T1P4j/UbOyCHaIwFQVE67kYJqZ"
+			+ "U3BB7mGNE/dKru7jC7Aadorpj7P/EQ8sfoq5wC9r3wfFB1f5znN9ZfXd3zSU"
+			+ "Gxne2PGl3Ry4DhrhWGy/HqB+StPSkLPJL1RNtKkywtaJG1QBnrMnLNsV7T0R"
+			+ "mIDn69NkDkc59LAuB7yxwBmhYA7c7cHckdX3bE7zgN6yYdiyLyXr+ZQl+3J8"
+			+ "bBPN/IVSs5Wr1kK9RDrFX8MdP95LZxHlgMATwAqoEPe5r2tvvGBoajoIA2Tw"
+			+ "71QxggGSMIIBjgIBADB2MGkxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMu"
+			+ "IEdvdmVybm1lbnQxEjAQBgNVBAsTCUhTUEQxMkxhYjEPMA0GA1UECxMGQWdl"
+			+ "bnRzMRswGQYDVQQDExJIU1BEMTIgTGFiIENBIFJvb3QCCQDFL/4i+NMvyTAN"
+			+ "BgkqhkiG9w0BAQEFAASCAQCGpoi8DBLf6I2fwqVp9MPA5M0QNRnC34AMoc7N"
+			+ "/JGKM5dWcGNpN83yL9QmOfjgyxzwJ3L3e3hYdoXp9MNelzG5ssyyKw4NxRgM"
+			+ "C1aRPWx1R1aKee/NAgvBjN3FyDN3Pl4ACz2EMrDMmilR0zmSJkDBVbGjxNzs"
+			+ "ZPxtsBlHeLRky/K/ZrTy5jIheFcKt/0dNJiMsFh+677OlRhDihdLzYeV4RK1"
+			+ "5Iy1j18ls5rJMYh1fmZOx9T6wvlpw84IjFHzUcIxIBg8t1cUkncXbg1r+rxm"
+			+ "zIaalAKdYp58oMpjy9wV6E1mxgAM/lvE/jwiYP4/a6TsXTLDPNIxe9RZVdhA"
+			+ "GCPvMIISHQYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAgQBLQIaeQQMYCCEfgv"
+			+ "FBzVKLnlRNCjs2JE/G8jBI8aduv6YQTYTt0ePh9JEHTmSi7ISbCDdAf5baKN"
+			+ "mzVGQJj87Srz3YyEmUcozxscWnWgVWpUbx0GJkjz6LqyGLQ3VnqUDG80xnXo"
+			+ "nQY5q4ko6avyMIDZ+zzI2fs9ChAlBjZ41Qb0FnwDPZBH3N43q+puVWesE4wj"
+			+ "LGftt63T4k2D/qMdg7fVfHkAsXPJIxkvR4vUrGEvxTl9e24146wYgCXe+66T"
+			+ "UcAMViNCMr8UiFQFQYSmuPcSTHgQHqEaBwYys6X+fe61yE16mUazs32yVH2v"
+			+ "Cyf1mG4/GAaSmqR/BIU7y7trGd+g/KaT1Kp76e+Rys9G/oakoeIH3Hkgdhmc"
+			+ "pFBPklIlgA57EocK5n84tFRv9n9cmsbOfy0EjEa6vU4ImMPZQS4iyhLCWD1u"
+			+ "tQziu5FyHSb9COveUPuGY2iTrOWG34rHIagNndXi1OuAIGQrLjbntHmogqxb"
+			+ "zkB+yojr+WBwY1efb8X+WQ2L+us9v31qNGA0wyfg4AC5FZur90rBxBq59UPz"
+			+ "JAVRD6NP5FRPdxuvHclDoGBoiMr9NXO3Uv0tJuYADHlWMQnUGoPEL7UxzuPJ"
+			+ "VAWuHpGiywzOcWMiFEiDSIZrv4RViIVIRhEtm2bO7Ta/AGTfvJcyb6ySexc1"
+			+ "aR5TWYOjqv1NaGAVQ1vPyqazH+g17y5wnBRj2c3nSMwksn/nC60e4ax+/yaE"
+			+ "Ls9Qou9a0L2IyQgDlvhBA4CcRGcHklhlzAovGBX2gWG31CK05doZhH7bRIrj"
+			+ "8h1XOF2izffrfWb6LcDcZptw5BQWT5XeyoKD4eNZfJ4ww+dMw4+0MkXPZEn6"
+			+ "Fqg+jam9ZioqXiw5Y6bdzxawefe6gvxeca3f53KDXEm4qFaVuDgyjNZhEmyB"
+			+ "gmsWRKokQ5DDlj1PfVlO4g2Uee4zbvmr7Yx6tGnnxm6o5i/COwvvRSXp8Oj7"
+			+ "Zej0ZA+1zenNRAGXwuTKrbQ9ZZYRi4LCXluuVmy8vocGm8bnuqulMyz5hsUi"
+			+ "QMAl1knunhaT+/kQOLRwEdJUgfq8ME14XsTNiVq26W8n+9AsYHoFzJhFoCfe"
+			+ "i2wngAs1MMnw1erfnhWibkFZDlG9/5OPBZ3ZzJfgMEdT5Fs+hJxrw7UqNMkb"
+			+ "EoH+3HpzEXfcGqCL6RfdbS0hu85v1CrZv0veK8qI+rQnoqXp+xmBRiSCyWNR"
+			+ "ITepXcJsi6vWYX0nvNNbBjTsFqi78BSVRpg/zOFRvw1gX1TtTXQLcEdalKgf"
+			+ "tEo+An3f3GugB3CFw38IM4JwCB06vXTRQAoK4PM4uNYVXEgSPq4vg9UuHZ3n"
+			+ "V5l96emGLK55N5FO6FvlHFft/7elEFglbnSzSQnzVyj36Z6P7x/Q3td5SY4J"
+			+ "VAJWvR/X4Fe2G6ebIZdNSJef9UyuNPee0Fi1iJUL8L4qO61ijkjYdE3bBcGm"
+			+ "61eWj8NgxtELVgRyXq1vNgMOFlVAwkf2ZNDgNRUM49UnIFTNKnTaeAVB9pW2"
+			+ "DGrZER8LA8ABctAdElECceoMVRUG1uFdAicrEbBHcWJkTdjBPjumE4bE6HUm"
+			+ "vbpNBC4wyoPS6CSvNut/re7I4wgZwho6C6GRUuwraxJZlS+jwEvC+F4Bzlf5"
+			+ "aPygECgVaNmSGP1E/vyN2aF8CLo4NL/5o9GG8DWg9O5GdNSislr4r6ciEjCr"
+			+ "0a6rk47QDn4rDQy8iu/YkZz9u8/GJCAinWQzAvV8byhZxc81CfKj9xYTclDX"
+			+ "AB75blJvUQIP4U7gpWxLB/1sdN2V5f9jw+xTLSpoJ7r/tIeBygF6rFe402Sd"
+			+ "840SLi8ZSufAVeHUoNNDYkA/c1b6k5FaxDtN22tYQi4y3Hs7k03mGhvvLC0l"
+			+ "05fMmvtasFaW5Bupqw8E2a7wHSLmRAXrPvnrblSL/wajptKPJWDJ+oH/9d9k"
+			+ "NkC4EFBpcMEfIDky4PoCtfKQBFa5LT1WDQGfcCnrC9SDfUfhfRLBOpoFmUaT"
+			+ "O0xc0vI/jmDRsoBy9d42ebyGMg5uD6tTOIvszEirpMy5SYPPa64zhHcN+Pzs"
+			+ "db+J6fthc3aVIoob9jdv/aRUH3gDwltSnaLUIc7CWcuHSCGyM/zQPiAzkw0z"
+			+ "x6ii5fdKXsmnQn88E+YqiJTPH0fG+kkhokAGU76bQMn7fJyBeVHhF2hqSr/0"
+			+ "4zCIjgq1Zb+d9sEuRZWF+/XsGl2gwk4vgHTwM+XfU7edQssUR6kyD6wkw7EU"
+			+ "6HaRrflymAHTEvdAB+PaREQbyej7/2lY41qmA9df2I5Izb60NxmMFj9F4M4V"
+			+ "bLJOVNX5fuc8vaIhPG82hIiqe05cnBfRhtmcUUb1WDHVH3klRkti+fHrnbAW"
+			+ "TpWd5m6Wi3VssopaUozWgYVgW9M+Zr5ZUAN9H0Kb4CatxG5YFkD0MCZShGl/"
+			+ "lSc1SUxho6YakBB+5HxCI853/sQ3RMgSrMk+8ftalM2+BrT+V9wMK2O+wM5W"
+			+ "ujrAcM85sQ4OqSZfJ7MmKT8+pcIsRRocmlM/cxUf5hKXfXrmCR5mkf9jxF8B"
+			+ "J1JOwhkD8zQP7sPUcOWEcT8ctOKPygtz6tWWQDW8ciiYULYyJA6ydGrrn6T+"
+			+ "fQj8M2VsM1y4YK9dMfJUeaiP+m4BeoOjs0vqz6pBI6J3lrNz31DaNO6SApUL"
+			+ "4cOx8EZMg498TG0zmQ87yVw4mGmL3JpWBZH89HiNEY5eJ0zEIS3lMaOADRMf"
+			+ "kX8B5YHadeTuAEjXsGtFIlSf1xo45kwCxIfUcikdfu2rb+Bh251Im0oq/XTj"
+			+ "XPeviXasfas6VsMHsmTrqynFdP8THnrmHLCoeAMvgpjirXfIdR7tULJcFJtr"
+			+ "0lZLZfdZgbTsbn9GMQKwMkAAjJLfJq42usvzf4ShC7IRtvOEVAMrebaaK1YF"
+			+ "rtV5z1WNo3VRFonakKj85nXLOAdCNe6T3zESebexJKFn8e/6+shp9IDIRmWr"
+			+ "hiWut6KPFiSgAgfqpeIt9fuHiYeIK8DqISA7QUdAZrgPe8GlctvKkQLvjNW0"
+			+ "srglx9CQuDqZC6C1BLaIs3sE//yLvEd06vDFjDa0WGKWjM/Uo29af/tlL1kC"
+			+ "vDQtDPi8OPIebK8OwI2uNDZ+cnHhv3gZXCdbKkRZc1W+mrU7rUk1Fa0ViVmc"
+			+ "zhVGX22fDXbIrs9zJ+sA+3Towrx2XmMZ+PDkVBxHFE2bk+GABM62BW9YZoX4"
+			+ "R4U+n7E8Ec0sI8srcxEZYX8LWHh1XSU0yEHYjkIWDQUUSGpsbgqnjXJcnTdk"
+			+ "KK5PLk4sthLYwT4o1Gg4lRpc4dn26bIQcpGdY5PEknItDt6IBSc6bYYYoQrl"
+			+ "PIufY67haoc//d5y1LpCi5vc0wTcvbdoVepLrxVAn4MPsejbfIFJ01N0qKgv"
+			+ "fGWVxmRGtGXHe3iNLsMrvSE2FkORSc4sgjC42hfxHTEVmhTnzOplxTsN/MzE"
+			+ "S7ESv/c0rIen+zwXgtiFnTg1VPHcaT4z0DtLBMNjqYNoyDrIHUrWguFeV7/i"
+			+ "RSP7SiztMmlfKhrxlQpaNNm/XvKa1OpKbVStHMgOdpMaaCp8WaX++wb9lG6V"
+			+ "3PqBeVSCuFm1xq6KAERLUdF4XsdXNM/uUhYZX7cGIqRS3vSDJB1EfrZTpUY5"
+			+ "xGllybE/P2gufnG5EMpC2FHx4iW4pWMkYhIpzKv1Tkxe3K6ISs4wEs4n/AtL"
+			+ "hupMGZE9hDJ0LV0nRvRbY8YCRXoBaj6/qF1QED7CG4hx16yrkLAR7Th5rbH7"
+			+ "GFEzNSq1HI0IssDIimD2ZN9Cf++uH6ZpP2JZeJ/gEqGi17ovtnuklx6dtu0l"
+			+ "KL0pQjCyAoQFEFSaVJ1m4oOQJyb58lsG4gOPaPvOw1ruiJ2obt4228VR1pA8"
+			+ "Vm9A41E4pk/vA+VFJ/tSmkB5s2gmBBVcA8mU8iIyzMmliTNHeg53EYAytF5M"
+			+ "X2rA7Ct8ApqbrYSSBTUPC+MEBV7UajamWB6UaSUj575MhEnzm0xl/lFqU6ZF"
+			+ "6w0rdey/KvTiotErOS1q8RcY2dcs9Mz8Dm/8IMBcGfny0i/KLtz0OUOLFg3P"
+			+ "/VrPBt7f+YfDqLVc8AujhrxAH/hwYauJ+Q6HSVTSJI7aXB9xtdsijzMZCmnE"
+			+ "1oKRBkACSWD9BGvS3hpv/VqaHWU4B2dnv2oyrIkdkgQu2OtlFxpcOkqwexIj"
+			+ "ssxxOCmT6dpB8JNehjLDU8WXhtFJVFuR84V7KlyeG/s8TaZgCW6uLLVmpteE"
+			+ "J15bnM9jRTW/FZiHwsjy9kVbvaAT+bbIjn5u7qdGsgAQHdeKy191ONvHIttZ"
+			+ "l/qnvrygLImaTOcuMMzU/0ECNlk0QiU0YbfS/RGH2LtRzk8x3FLFVXRiNtrD"
+			+ "uJuwzlP4RufuoZfJsi0rFOuxNFQ/cZEq1q7TCzqP+saRoSLFK1iRE/Ei06pS"
+			+ "JH+cwHMxk3u7k4+HxF72uK9XHIgY6G6WfZTklH2w2VrsLLZLmJ9SO6Zpyt48"
+			+ "KcwvEcxYoZxp1gfPYDCMHeb7oi/gRj9FjnBaNf2dW3a1RqVo5y0QeSfSH4k8"
+			+ "YWX6k+Yh803ZmoIb//TEbfkbXe8XOIffbMSUuIozCQY/Rt9wAHesMWfgTuB5"
+			+ "LSoa8R+mR5lIS/P1ANHdgNrh+XRFrNFeD0dCw6bdYWUXMVaZbCE8Z8pXQ0LO"
+			+ "ItiPuI+w/izD/lXdKXWJJmN/bq2RJRo4WFEDe6sJH9G2Poe/T4xwTm4kX2uA"
+			+ "IZkYy7bZcez8a0bFJzcsJxUbBPRq93J0fXzpvQsszbVZh94VSc9nkH4FnAxT"
+			+ "Kk2bLcsXANJlw3cFO9jOygrXh6R2fyHX0E8WExb2Q7lG68wU1BJVupT8rZ0Y"
+			+ "oRY6WBYG0LuZb+4VAQuI0/Are3BznsgkqudCjf+JUhu1Yefh2hblWuMPNEWb"
+			+ "mOorerNiIzkrt5tjXyBj0g8w/pL//BIlkW5JerMtKTPMfZSroHw9wuAuqHqF"
+			+ "2sMjsW/Lbr5b8SIdIgo3vrS6EM9MGkATfSZz4z+ZWG3EB6QqcMXCZ4N2/WWl"
+			+ "EPKsIqY/509NZRzqOavcMXkOryRJ7GQpmotNbbalI6r6swRoEQ2IzK5XPCC1"
+			+ "iv52YpcRaV9BDpNNByk4l3ddOiEc4dsOkHjaLNvj6Vo1pG/C1Z8VXRRY909D"
+			+ "nH2+PfUL684WZ6kIPeLfqr7N3ZbNxZAVozVG+WXwBlLFT7L+axeGHOhHdH/g"
+			+ "SVMSmWdRX4eNuofmpsU8f3A9aCnPGDxPnB4WKnAGw34TYZrtZ9mHcjYPsq1q"
+			+ "zY6brfZD4T7tktjAlRL2PYZ15MfWVXVH1xoyjeWImTi0o4nyuy/M0HukDfwY"
+			+ "l6nW77TMRiH54wdQqIZUxa32dNNhjcNslRlpOf6td3FbELqhTiaptRSuKjs9"
+			+ "8evbDFK7rb7n6RSSzAwb3oU8pwr4dM8ArTVc0EqnvdSCs1tx46ckIK3AFgcd"
+			+ "opmNq+Qa7qhN5Zgds3cLPIQiyDThhYGPaIgyn4j/dZb1Qwa2U7urijJrBqeS"
+			+ "/kJ2rEXV9v+OX9yTYKypM05A2gOK/ESPbx24C/HmmGm/yBXBx3pABvKt41Dh"
+			+ "b0syB4hYrsq0RriovGemBrNgy4tiJB5BDI9VpWFC/7LR0quFFOrxxm7YvH2h"
+			+ "GkR0oUc/socA80WZx9TegdiBg9TVPbe0gZmoeQc6XLfscBol0QdZWSmLqFxf"
+			+ "TFN7ksaVAUPXA9phBg/k51YmrwNvx4D/A1bBQRtQmq2N4R0j3uMkynubBEfb"
+			+ "9qvQNXpdygouzKUyrN/w+7clilaq2P+R9i7rriZ1waHyjfvAdeBzQQ/pVmgh"
+			+ "o8EiL/TZpIZ71sTYv28scY+V7yYgBA5S/Y4bdmvzSSoMoK8yH/LcBFJOZLQd"
+			+ "YPt7uKWSwQN8iVDA6ZcsYoKuAUw3ziiRaf+GN58ihLB/y/sGmAmX2XwLsPSZ"
+			+ "uQIF/gT8yXjxoyWDLXl3MUgfx+pGg5vBwAtk9a2elEQR9C3a8PPsOy3N9Jh3"
+			+ "xY/A1gJ/rjuubwrb0Sd2LinzPg5uVuKR1jeMSCEebgoyBj8/t8HvknBqJkpl"
+			+ "tjZ6AxGiQ8+v5jRBzYSyiTQfPMxWzdBKqUePdJcLPITf/XitegQnikgAN6bh"
+			+ "kYMS2G9kXJH2CgDm9z3svmu/0Oz2XWEpVHlOjknghPlTaLRqgWoQbK5dkuiV"
+			+ "k9HhGwwsgiR+");
+	}
+}
diff --git a/crypto/test/src/cms/test/CMSTestUtil.cs b/crypto/test/src/cms/test/CMSTestUtil.cs
new file mode 100644
index 000000000..ef7f9169f
--- /dev/null
+++ b/crypto/test/src/cms/test/CMSTestUtil.cs
@@ -0,0 +1,480 @@
+using System;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Extension;
+
+namespace Org.BouncyCastle.Cms.Tests
+{
+	public class CmsTestUtil
+	{
+		public static SecureRandom rand;
+		private static IAsymmetricCipherKeyPairGenerator kpg;
+		private static IAsymmetricCipherKeyPairGenerator gostKpg;
+		private static IAsymmetricCipherKeyPairGenerator dsaKpg;
+		private static IAsymmetricCipherKeyPairGenerator ecGostKpg;
+		private static IAsymmetricCipherKeyPairGenerator ecDsaKpg;
+		public static CipherKeyGenerator aes192kg;
+		public static CipherKeyGenerator desede128kg;
+		public static CipherKeyGenerator desede192kg;
+		public static CipherKeyGenerator rc240kg;
+		public static CipherKeyGenerator rc264kg;
+		public static CipherKeyGenerator rc2128kg;
+		public static CipherKeyGenerator aesKg;
+		public static CipherKeyGenerator seedKg;
+		public static CipherKeyGenerator camelliaKg;
+		public static BigInteger serialNumber;
+
+		private static readonly byte[] attrCert = Base64.Decode(
+			  "MIIHQDCCBqkCAQEwgZChgY2kgYowgYcxHDAaBgkqhkiG9w0BCQEWDW1sb3JjaEB2"
+			+ "dC5lZHUxHjAcBgNVBAMTFU1hcmt1cyBMb3JjaCAobWxvcmNoKTEbMBkGA1UECxMS"
+			+ "VmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAyMQswCQYDVQQKEwJ2"
+			+ "dDELMAkGA1UEBhMCVVMwgYmkgYYwgYMxGzAZBgkqhkiG9w0BCQEWDHNzaGFoQHZ0"
+			+ "LmVkdTEbMBkGA1UEAxMSU3VtaXQgU2hhaCAoc3NoYWgpMRswGQYDVQQLExJWaXJn"
+			+ "aW5pYSBUZWNoIFVzZXIxEDAOBgNVBAsTB0NsYXNzIDExCzAJBgNVBAoTAnZ0MQsw"
+			+ "CQYDVQQGEwJVUzANBgkqhkiG9w0BAQQFAAIBBTAiGA8yMDAzMDcxODE2MDgwMloY"
+			+ "DzIwMDMwNzI1MTYwODAyWjCCBU0wggVJBgorBgEEAbRoCAEBMYIFORaCBTU8UnVs"
+			+ "ZSBSdWxlSWQ9IkZpbGUtUHJpdmlsZWdlLVJ1bGUiIEVmZmVjdD0iUGVybWl0Ij4K"
+			+ "IDxUYXJnZXQ+CiAgPFN1YmplY3RzPgogICA8U3ViamVjdD4KICAgIDxTdWJqZWN0"
+			+ "TWF0Y2ggTWF0Y2hJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5j"
+			+ "dGlvbjpzdHJpbmctZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlw"
+			+ "ZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjc3RyaW5nIj4KICAg"
+			+ "ICAgIENOPU1hcmt1cyBMb3JjaDwvQXR0cmlidXRlVmFsdWU+CiAgICAgPFN1Ympl"
+			+ "Y3RBdHRyaWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFt"
+			+ "ZXM6dGM6eGFjbWw6MS4wOnN1YmplY3Q6c3ViamVjdC1pZCIgRGF0YVR5cGU9Imh0"
+			+ "dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hI3N0cmluZyIgLz4gCiAgICA8"
+			+ "L1N1YmplY3RNYXRjaD4KICAgPC9TdWJqZWN0PgogIDwvU3ViamVjdHM+CiAgPFJl"
+			+ "c291cmNlcz4KICAgPFJlc291cmNlPgogICAgPFJlc291cmNlTWF0Y2ggTWF0Y2hJ"
+			+ "ZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5jdGlvbjpzdHJpbmct"
+			+ "ZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlwZT0iaHR0cDovL3d3"
+			+ "dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIj4KICAgICAgaHR0cDovL3p1"
+			+ "bmkuY3MudnQuZWR1PC9BdHRyaWJ1dGVWYWx1ZT4KICAgICA8UmVzb3VyY2VBdHRy"
+			+ "aWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6"
+			+ "eGFjbWw6MS4wOnJlc291cmNlOnJlc291cmNlLWlkIiBEYXRhVHlwZT0iaHR0cDov"
+			+ "L3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIiAvPiAKICAgIDwvUmVz"
+			+ "b3VyY2VNYXRjaD4KICAgPC9SZXNvdXJjZT4KICA8L1Jlc291cmNlcz4KICA8QWN0"
+			+ "aW9ucz4KICAgPEFjdGlvbj4KICAgIDxBY3Rpb25NYXRjaCBNYXRjaElkPSJ1cm46"
+			+ "b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmZ1bmN0aW9uOnN0cmluZy1lcXVhbCI+"
+			+ "CiAgICAgPEF0dHJpYnV0ZVZhbHVlIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9y"
+			+ "Zy8yMDAxL1hNTFNjaGVtYSNzdHJpbmciPgpEZWxlZ2F0ZSBBY2Nlc3MgICAgIDwv"
+			+ "QXR0cmlidXRlVmFsdWU+CgkgIDxBY3Rpb25BdHRyaWJ1dGVEZXNpZ25hdG9yIEF0"
+			+ "dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmFjdGlvbjph"
+			+ "Y3Rpb24taWQiIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNj"
+			+ "aGVtYSNzdHJpbmciIC8+IAogICAgPC9BY3Rpb25NYXRjaD4KICAgPC9BY3Rpb24+"
+			+ "CiAgPC9BY3Rpb25zPgogPC9UYXJnZXQ+CjwvUnVsZT4KMA0GCSqGSIb3DQEBBAUA"
+			+ "A4GBAGiJSM48XsY90HlYxGmGVSmNR6ZW2As+bot3KAfiCIkUIOAqhcphBS23egTr"
+			+ "6asYwy151HshbPNYz+Cgeqs45KkVzh7bL/0e1r8sDVIaaGIkjHK3CqBABnfSayr3"
+			+ "Rd1yBoDdEv8Qb+3eEPH6ab9021AsLEnJ6LWTmybbOpMNZ3tv");
+
+		private static IAsymmetricCipherKeyPairGenerator Kpg
+		{
+			get
+			{
+				if (kpg == null)
+				{
+					kpg = GeneratorUtilities.GetKeyPairGenerator("RSA");
+					kpg.Init(new RsaKeyGenerationParameters(
+						BigInteger.ValueOf(17), rand, 1024, 25));
+				}
+
+				return kpg;
+			}
+		}
+
+		private static IAsymmetricCipherKeyPairGenerator GostKpg
+		{
+			get
+			{
+				if (gostKpg == null)
+				{
+					gostKpg = GeneratorUtilities.GetKeyPairGenerator("GOST3410");
+					gostKpg.Init(
+						new Gost3410KeyGenerationParameters(
+							rand,
+							CryptoProObjectIdentifiers.GostR3410x94CryptoProA));
+				}
+
+				return gostKpg;
+			}
+		}
+
+		private static IAsymmetricCipherKeyPairGenerator DsaKpg
+		{
+			get
+			{
+				if (dsaKpg == null)
+				{
+					DsaParameters dsaSpec = new DsaParameters(
+						new BigInteger("7434410770759874867539421675728577177024889699586189000788950934679315164676852047058354758883833299702695428196962057871264685291775577130504050839126673"),
+						new BigInteger("1138656671590261728308283492178581223478058193247"),
+						new BigInteger("4182906737723181805517018315469082619513954319976782448649747742951189003482834321192692620856488639629011570381138542789803819092529658402611668375788410"));
+					dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA");
+					dsaKpg.Init(new DsaKeyGenerationParameters(rand, dsaSpec));
+				}
+
+				return dsaKpg;
+			}
+		}
+
+		private static IAsymmetricCipherKeyPairGenerator ECGostKpg
+		{
+			get
+			{
+				if (ecGostKpg == null)
+				{
+					ecGostKpg = GeneratorUtilities.GetKeyPairGenerator("ECGOST3410");
+					ecGostKpg.Init(
+						new ECKeyGenerationParameters(
+							CryptoProObjectIdentifiers.GostR3410x2001CryptoProA,
+							new SecureRandom()));
+				}
+
+				return ecGostKpg;
+			}
+		}
+
+		private static IAsymmetricCipherKeyPairGenerator ECDsaKpg
+		{
+			get
+			{
+				if (ecDsaKpg == null)
+				{
+					ecDsaKpg = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
+					ecDsaKpg.Init(new KeyGenerationParameters(rand, 239));
+				}
+
+				return ecDsaKpg;
+			}
+		}
+
+		static CmsTestUtil()
+		{
+		    try
+		    {
+		        rand = new SecureRandom();
+
+				aes192kg = GeneratorUtilities.GetKeyGenerator("AES");
+				aes192kg.Init(new KeyGenerationParameters(rand, 192));
+
+		        desede128kg = GeneratorUtilities.GetKeyGenerator("DESEDE");
+				desede128kg.Init(new KeyGenerationParameters(rand, 112));
+
+				desede192kg = GeneratorUtilities.GetKeyGenerator("DESEDE");
+				desede192kg.Init(new KeyGenerationParameters(rand, 168));
+
+				rc240kg = GeneratorUtilities.GetKeyGenerator("RC2");
+				rc240kg.Init(new KeyGenerationParameters(rand, 40));
+
+				rc264kg = GeneratorUtilities.GetKeyGenerator("RC2");
+				rc264kg.Init(new KeyGenerationParameters(rand, 64));
+
+				rc2128kg = GeneratorUtilities.GetKeyGenerator("RC2");
+				rc2128kg.Init(new KeyGenerationParameters(rand, 128));
+
+				aesKg = GeneratorUtilities.GetKeyGenerator("AES");
+
+				seedKg = GeneratorUtilities.GetKeyGenerator("SEED");
+
+				camelliaKg = GeneratorUtilities.GetKeyGenerator("Camellia");
+
+				serialNumber = BigInteger.One;
+		    }
+		    catch (Exception ex)
+		    {
+		        throw new Exception(ex.ToString());
+		    }
+		}
+
+		public static string DumpBase64(
+			byte[] data)
+		{
+			StringBuilder buf = new StringBuilder();
+
+			data = Base64.Encode(data);
+
+			for (int i = 0; i < data.Length; i += 64)
+			{
+				if (i + 64 < data.Length)
+				{
+					buf.Append(Encoding.Default.GetString(data, i, 64));
+				}
+				else
+				{
+					buf.Append(Encoding.Default.GetString(data, i, data.Length - i));
+				}
+				buf.Append('\n');
+			}
+
+			return buf.ToString();
+		}
+
+		public static IX509AttributeCertificate GetAttributeCertificate()
+		{
+//			X509StreamParser parser = X509StreamParser.GetInstance("AttributeCertificate");
+//			parser.Init(CmsTestUtil.attrCert);
+//			return (X509AttributeCertificate) parser.Read();
+
+			return new X509AttrCertParser().ReadAttrCert(attrCert);
+		}
+
+		public static AsymmetricCipherKeyPair MakeKeyPair()
+		{
+			return Kpg.GenerateKeyPair();
+		}
+
+		public static AsymmetricCipherKeyPair MakeGostKeyPair()
+		{
+			return GostKpg.GenerateKeyPair();
+		}
+
+		public static AsymmetricCipherKeyPair MakeDsaKeyPair()
+		{
+			return DsaKpg.GenerateKeyPair();
+		}
+
+		public static AsymmetricCipherKeyPair MakeECGostKeyPair()
+		{
+			return ECGostKpg.GenerateKeyPair();
+		}
+
+		public static AsymmetricCipherKeyPair MakeECDsaKeyPair()
+		{
+			return ECDsaKpg.GenerateKeyPair();
+		}
+
+		public static KeyParameter MakeDesEde128Key()
+		{
+			return ParameterUtilities.CreateKeyParameter("DESEDE", desede128kg.GenerateKey());
+		}
+
+		public static KeyParameter MakeAes192Key()
+		{
+			return ParameterUtilities.CreateKeyParameter("AES", aes192kg.GenerateKey());
+		}
+
+		public static KeyParameter MakeDesEde192Key()
+		{
+			return ParameterUtilities.CreateKeyParameter("DESEDE", desede192kg.GenerateKey());
+		}
+
+		public static KeyParameter MakeRC240Key()
+		{
+			return ParameterUtilities.CreateKeyParameter("RC2", rc240kg.GenerateKey());
+		}
+
+		public static KeyParameter MakeRC264Key()
+		{
+			return ParameterUtilities.CreateKeyParameter("RC2", rc264kg.GenerateKey());
+		}
+
+		public static KeyParameter MakeRC2128Key()
+		{
+			return ParameterUtilities.CreateKeyParameter("RC2", rc2128kg.GenerateKey());
+		}
+
+		public static KeyParameter MakeSeedKey()
+		{
+			return ParameterUtilities.CreateKeyParameter("SEED", seedKg.GenerateKey());
+		}
+
+		public static KeyParameter MakeAesKey(
+			int keySize)
+		{
+			aesKg.Init(new KeyGenerationParameters(rand, keySize));
+
+			return ParameterUtilities.CreateKeyParameter("AES", aesKg.GenerateKey());
+		}
+
+		public static KeyParameter MakeCamelliaKey(
+			int keySize)
+		{
+			camelliaKg.Init(new KeyGenerationParameters(rand, keySize));
+
+			return ParameterUtilities.CreateKeyParameter("CAMELLIA", camelliaKg.GenerateKey());
+		}
+
+		public static X509Certificate MakeCertificate(AsymmetricCipherKeyPair _subKP,
+			string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN)
+		{
+			return MakeCertificate(_subKP, _subDN, _issKP, _issDN, false);
+		}
+
+		public static X509Certificate MakeCACertificate(AsymmetricCipherKeyPair _subKP,
+			string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN)
+		{
+			return MakeCertificate(_subKP, _subDN, _issKP, _issDN, true);
+		}
+
+		public static X509Certificate MakeV1Certificate(AsymmetricCipherKeyPair subKP,
+			string _subDN, AsymmetricCipherKeyPair issKP, string _issDN)
+		{
+			AsymmetricKeyParameter subPub = subKP.Public;
+			AsymmetricKeyParameter issPriv = issKP.Private;
+			AsymmetricKeyParameter issPub = issKP.Public;
+
+			X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator();
+
+			v1CertGen.Reset();
+			v1CertGen.SetSerialNumber(AllocateSerialNumber());
+			v1CertGen.SetIssuerDN(new X509Name(_issDN));
+			v1CertGen.SetNotBefore(DateTime.UtcNow);
+			v1CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100));
+			v1CertGen.SetSubjectDN(new X509Name(_subDN));
+			v1CertGen.SetPublicKey(subPub);
+
+			if (issPub is RsaKeyParameters)
+			{
+				v1CertGen.SetSignatureAlgorithm("SHA1WithRSA");
+			}
+			else if (issPub is DsaPublicKeyParameters)
+			{
+				v1CertGen.SetSignatureAlgorithm("SHA1withDSA");
+			}
+			else if (issPub is ECPublicKeyParameters)
+			{
+				ECPublicKeyParameters ecPub = (ECPublicKeyParameters)issPub;
+				if (ecPub.AlgorithmName == "ECGOST3410")
+				{
+					v1CertGen.SetSignatureAlgorithm("GOST3411withECGOST3410");
+				}
+				else
+				{
+					v1CertGen.SetSignatureAlgorithm("SHA1withECDSA");
+				}	
+			}
+			else
+			{
+				v1CertGen.SetSignatureAlgorithm("GOST3411WithGOST3410");
+			}
+
+			X509Certificate _cert = v1CertGen.Generate(issPriv);
+
+			_cert.CheckValidity(DateTime.UtcNow);
+			_cert.Verify(issPub);
+
+			return _cert;
+		}
+
+		public static X509Certificate MakeCertificate(
+			AsymmetricCipherKeyPair subKP, string _subDN,
+			AsymmetricCipherKeyPair issKP, string _issDN, bool _ca)
+		{
+			AsymmetricKeyParameter subPub = subKP.Public;
+			AsymmetricKeyParameter issPriv = issKP.Private;
+			AsymmetricKeyParameter issPub = issKP.Public;
+
+			X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
+
+			v3CertGen.Reset();
+			v3CertGen.SetSerialNumber(AllocateSerialNumber());
+			v3CertGen.SetIssuerDN(new X509Name(_issDN));
+			v3CertGen.SetNotBefore(DateTime.UtcNow);
+			v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100));
+			v3CertGen.SetSubjectDN(new X509Name(_subDN));
+			v3CertGen.SetPublicKey(subPub);
+
+			if (issPub is RsaKeyParameters)
+			{
+				v3CertGen.SetSignatureAlgorithm("SHA1WithRSA");
+			}
+			else if (issPub is ECPublicKeyParameters)
+			{
+				ECPublicKeyParameters ecPub = (ECPublicKeyParameters) issPub;
+				if (ecPub.AlgorithmName == "ECGOST3410")
+				{
+					v3CertGen.SetSignatureAlgorithm("GOST3411withECGOST3410");
+				}
+				else
+				{
+					v3CertGen.SetSignatureAlgorithm("SHA1withECDSA");
+				}
+			}
+			else
+			{
+				v3CertGen.SetSignatureAlgorithm("GOST3411WithGOST3410");
+			}
+
+			v3CertGen.AddExtension(
+				X509Extensions.SubjectKeyIdentifier,
+				false,
+				CreateSubjectKeyId(subPub));
+
+			v3CertGen.AddExtension(
+				X509Extensions.AuthorityKeyIdentifier,
+				false,
+				CreateAuthorityKeyId(issPub));
+
+			v3CertGen.AddExtension(
+				X509Extensions.BasicConstraints,
+				false,
+				new BasicConstraints(_ca));
+
+			X509Certificate _cert = v3CertGen.Generate(issPriv);
+
+			_cert.CheckValidity();
+			_cert.Verify(issPub);
+
+			return _cert;
+		}
+
+		public static X509Crl MakeCrl(
+			AsymmetricCipherKeyPair pair)
+		{
+			X509V2CrlGenerator crlGen = new X509V2CrlGenerator();
+			DateTime now = DateTime.UtcNow;
+
+			crlGen.SetIssuerDN(new X509Name("CN=Test CA"));
+
+			crlGen.SetThisUpdate(now);
+			crlGen.SetNextUpdate(now.AddSeconds(100));
+			crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
+
+			crlGen.AddCrlEntry(BigInteger.One, now, CrlReason.PrivilegeWithdrawn);
+
+			crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public));
+
+			return crlGen.Generate(pair.Private);
+		}
+
+		/*
+		*
+		*  INTERNAL METHODS
+		*
+		*/
+		private static AuthorityKeyIdentifier CreateAuthorityKeyId(
+			AsymmetricKeyParameter _pubKey)
+		{
+			SubjectPublicKeyInfo _info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(_pubKey);
+			return new AuthorityKeyIdentifier(_info);
+		}
+
+		internal static SubjectKeyIdentifier CreateSubjectKeyId(
+			AsymmetricKeyParameter _pubKey)
+		{
+			SubjectPublicKeyInfo _info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(_pubKey);
+			return new SubjectKeyIdentifier(_info);
+		}
+
+		private static BigInteger AllocateSerialNumber()
+		{
+			BigInteger _tmp = serialNumber;
+			serialNumber = serialNumber.Add(BigInteger.One);
+			return _tmp;
+		}
+
+		public static byte[] StreamToByteArray(
+			Stream inStream)
+		{
+			return Streams.ReadAll(inStream);
+		}
+	}
+}
diff --git a/crypto/test/src/cms/test/CompressedDataStreamTest.cs b/crypto/test/src/cms/test/CompressedDataStreamTest.cs
new file mode 100644
index 000000000..48a6c56ee
--- /dev/null
+++ b/crypto/test/src/cms/test/CompressedDataStreamTest.cs
@@ -0,0 +1,116 @@
+using System;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Cms;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Cms.Tests
+{
+	[TestFixture]
+	public class CompressedDataStreamTest
+	{
+		private static readonly byte[] compData = Base64.Decode(
+			  "MIAGCyqGSIb3DQEJEAEJoIAwgAIBADANBgsqhkiG9w0BCRADCDCABgkqhkiG9w0BBwGggCSABIIC"
+			+ "Hnic7ZRdb9owFIbvK/k/5PqVYPFXGK12YYyboVFASSp1vQtZGiLRACZE49/XHoUW7S/0tXP8Efux"
+			+ "fU5ivWnasml72XFb3gb5druui7ytN803M570nii7C5r8tfwR281hy/p/KSM3+jzH5s3+pbQ90xSb"
+			+ "P3VT3QbLusnt8WPIuN5vN/vaA2+DulnXTXkXvNTr8j8ouZmkCmGI/UW+ZS/C8zP0bz2dz0zwLt+1"
+			+ "UEk2M8mlaxjRMByAhZTj0RGYg4TvogiRASROsZgjpVcJCb1KV6QzQeDJ1XkoQ5Jm+C5PbOHZZGRi"
+			+ "v+ORAcshOGeCcdFJyfgFxdtCdEcmOrbinc/+BBMzRThEYpwl+jEBpciSGWQkI0TSlREmD/eOHb2D"
+			+ "SGLuESm/iKUFt1y4XHBO2a5oq0IKJKWLS9kUZTA7vC5LSxYmgVL46SIWxIfWBQd6AdrnjLmH94UT"
+			+ "vGxVibLqRCtIpp4g2qpdtqK1LiOeolpVK5wVQ5P7+QjZAlrh0cePYTx/gNZuB9Vhndtgujl9T/tg"
+			+ "W9ogK+3rnmg3YWygnTuF5GDS+Q/jIVLnCcYZFc6Kk/+c80wKwZjwdZIqDYWRH68MuBQSXLgXYXj2"
+			+ "3CAaYOBNJMliTl0X7eV5DnoKIFSKYdj3cRpD/cK/JWTHJRe76MUXnfBW8m7Hd5zhQ4ri2NrVF/WL"
+			+ "+kV1/3AGSlJ32bFPd2BsQD8uSzIx6lObkjdz95c0AAAAAAAAAAAAAAAA");
+
+		private static readonly byte[] uncompData = Base64.Decode(
+			  "Q29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9FREktWDEyOyBuYW1lPUdyb3VwMi54MTINCkNvbnRl"
+			+ "bnQtVHJhbnNmZXItRW5jb2Rpbmc6IGJpbmFyeQ0KQ29udGVudC1EaXNwb3NpdGlvbjogaW5saW5l"
+			+ "OyBmaWxlbmFtZT1Hcm91cDIueDEyDQoNCklTQSowMCpzc3Nzc3Nzc3NzKjAwKnJycnJycnJycnIqW"
+			+ "loqQ1lDTE9ORSAgICAgICAgKlpaKlBBUlRORVIgICAgICAgICo5NjEwMDcqMjAxMypVKjAwMjAwKj"
+			+ "AwMDAwMDAwMSowKlQqKg1HUypQTypTMVMxUzFTMVMxUzFTMVMqUjFSMVIxUjFSMVIxUjFSKjk2MTA"
+			+ "wNyoyMDEzKjAwMDAwMDAwNCpYKjAwMzA1MA1TVCo4NTAqMDAwMDQwMDAxDUJFRyowMCpCRSoyYSo0"
+			+ "MzMyNDIzNHY1NTIzKjk2MTAwNyoyM3RjNHZ5MjR2MmgzdmgzdmgqWloqSUVMKjA5KlJFKjA5DUNVU"
+			+ "ioxMSpUUk4qNTY1Nio2NSo1NjYqSU1GKjAwNio5NjEwMDcNUkVGKjZBKjQzM3IxYzNyMzRyMzRjMz"
+			+ "MxMnFjdGdjNTQqUmVmZXJlbmNlIE51bWJlcg1QRVIqQUEqSGFucyBHdXR0ZW4qQ1AqMS4zMjIuMzI"
+			+ "zLjQ0NDQqKioqKnJnZzRlZ3Y0dDQNVEFYKjR0Z3RidDR0cjR0cipHTCpnaGdoKioqKioqKioqRypD"
+			+ "DUZPQipUUCpDQSpVU0EqMDIqRE9NKkNDKlJlZ3VsYXIgTG9jYXRpb25zIHBlciBUZXJtcw1DVFAqR"
+			+ "EUqQzA0KjQ1MyoyNTAwMCpEOSpTRUwqMjMyMTQqMjM0MzI0MjM0MjMqRVMqNDIyNDM0MjMNU0FDKk"
+			+ "EqQjAwMCpBRSozNTQ1KjM0NDIzMDANQ1VSKjExKjc2Nyo3NzY3KjY1DVBPMSoxMTEtYWFhKjEwMDA"
+			+ "wMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioq"
+			+ "KioqKkExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwMCpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzN"
+			+ "HE2ZjM1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKioqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMD"
+			+ "AwKkFTKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZmMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKio"
+			+ "qKipBMSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRx"
+			+ "NmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqKkExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwM"
+			+ "CpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzNHE2ZjM1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKi"
+			+ "oqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMDAwKkFTKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZ"
+			+ "mMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKioqKipBMSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAq"
+			+ "QVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqK"
+			+ "kExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwMCpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzNHE2Zj"
+			+ "M1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKioqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMDAwKkF"
+			+ "TKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZmMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKioqKipB"
+			+ "MSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzN"
+			+ "TM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqKkExKnl0cmgNQ1RUKjENU0UqMjIqMDAwMDQwMDAxDU"
+			+ "dFKjEqMDAwMDAwMDA0DUlFQSoxKjAwMDAwMDAwMQ0=");
+
+		[Test]
+		public void TestWorkingData()
+		{
+			CmsCompressedDataParser ed = new CmsCompressedDataParser(compData);
+
+			Assert.IsTrue(Arrays.AreEqual(uncompData, CmsTestUtil.StreamToByteArray(ed.GetContent().ContentStream)));
+		}
+
+		[Test]
+		public void TestEach()
+		{
+			byte[] testData = Encoding.ASCII.GetBytes("Hello world!");
+
+			CmsCompressedDataStreamGenerator gen = new CmsCompressedDataStreamGenerator();
+			MemoryStream bOut = new MemoryStream();
+
+			Stream cOut = gen.Open(bOut, CmsCompressedDataStreamGenerator.ZLib);
+
+			cOut.Write(testData, 0, testData.Length);
+
+			cOut.Close();
+
+			CmsCompressedDataParser ed = new CmsCompressedDataParser(bOut.ToArray());
+
+			Assert.IsTrue(Arrays.AreEqual(testData, CmsTestUtil.StreamToByteArray(ed.GetContent().ContentStream)));
+		}
+
+		[Test]
+		public void Test1000()
+		{
+			byte[] testData = new byte[10000];
+			SecureRandom rand = new SecureRandom();
+
+			rand.SetSeed(0);
+
+			for (int i = 0; i != 10; i++)
+			{
+				CmsCompressedDataStreamGenerator gen = new CmsCompressedDataStreamGenerator();
+				MemoryStream bOut = new MemoryStream();
+
+				Stream cOut = gen.Open(bOut, CmsCompressedDataStreamGenerator.ZLib);
+
+				rand.NextBytes(testData);
+
+				cOut.Write(testData, 0, testData.Length);
+
+				cOut.Close();
+
+				CmsCompressedDataParser ed = new CmsCompressedDataParser(bOut.ToArray());
+
+				Assert.IsTrue(Arrays.AreEqual(testData, CmsTestUtil.StreamToByteArray(ed.GetContent().ContentStream)));
+			}
+		}
+	}
+}
diff --git a/crypto/test/src/cms/test/CompressedDataTest.cs b/crypto/test/src/cms/test/CompressedDataTest.cs
new file mode 100644
index 000000000..6df85d9fd
--- /dev/null
+++ b/crypto/test/src/cms/test/CompressedDataTest.cs
@@ -0,0 +1,117 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Cms;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Cms.Tests
+{
+	[TestFixture]
+	public class CompressedDataTest
+	{
+		private static readonly byte[] TEST_DATA = Encoding.ASCII.GetBytes("Hello world!");
+
+		private static readonly byte[] compData = Base64.Decode(
+			  "MIAGCyqGSIb3DQEJEAEJoIAwgAIBADANBgsqhkiG9w0BCRADCDCABgkqhkiG9w0BBwGggCSABIIC"
+			+ "Hnic7ZRdb9owFIbvK/k/5PqVYPFXGK12YYyboVFASSp1vQtZGiLRACZE49/XHoUW7S/0tXP8Efux"
+			+ "fU5ivWnasml72XFb3gb5druui7ytN803M570nii7C5r8tfwR281hy/p/KSM3+jzH5s3+pbQ90xSb"
+			+ "P3VT3QbLusnt8WPIuN5vN/vaA2+DulnXTXkXvNTr8j8ouZmkCmGI/UW+ZS/C8zP0bz2dz0zwLt+1"
+			+ "UEk2M8mlaxjRMByAhZTj0RGYg4TvogiRASROsZgjpVcJCb1KV6QzQeDJ1XkoQ5Jm+C5PbOHZZGRi"
+			+ "v+ORAcshOGeCcdFJyfgFxdtCdEcmOrbinc/+BBMzRThEYpwl+jEBpciSGWQkI0TSlREmD/eOHb2D"
+			+ "SGLuESm/iKUFt1y4XHBO2a5oq0IKJKWLS9kUZTA7vC5LSxYmgVL46SIWxIfWBQd6AdrnjLmH94UT"
+			+ "vGxVibLqRCtIpp4g2qpdtqK1LiOeolpVK5wVQ5P7+QjZAlrh0cePYTx/gNZuB9Vhndtgujl9T/tg"
+			+ "W9ogK+3rnmg3YWygnTuF5GDS+Q/jIVLnCcYZFc6Kk/+c80wKwZjwdZIqDYWRH68MuBQSXLgXYXj2"
+			+ "3CAaYOBNJMliTl0X7eV5DnoKIFSKYdj3cRpD/cK/JWTHJRe76MUXnfBW8m7Hd5zhQ4ri2NrVF/WL"
+			+ "+kV1/3AGSlJ32bFPd2BsQD8uSzIx6lObkjdz95c0AAAAAAAAAAAAAAAA");
+
+		private static readonly byte[] uncompData = Base64.Decode(
+			  "Q29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9FREktWDEyOyBuYW1lPUdyb3VwMi54MTINCkNvbnRl"
+			+ "bnQtVHJhbnNmZXItRW5jb2Rpbmc6IGJpbmFyeQ0KQ29udGVudC1EaXNwb3NpdGlvbjogaW5saW5l"
+			+ "OyBmaWxlbmFtZT1Hcm91cDIueDEyDQoNCklTQSowMCpzc3Nzc3Nzc3NzKjAwKnJycnJycnJycnIqW"
+			+ "loqQ1lDTE9ORSAgICAgICAgKlpaKlBBUlRORVIgICAgICAgICo5NjEwMDcqMjAxMypVKjAwMjAwKj"
+			+ "AwMDAwMDAwMSowKlQqKg1HUypQTypTMVMxUzFTMVMxUzFTMVMqUjFSMVIxUjFSMVIxUjFSKjk2MTA"
+			+ "wNyoyMDEzKjAwMDAwMDAwNCpYKjAwMzA1MA1TVCo4NTAqMDAwMDQwMDAxDUJFRyowMCpCRSoyYSo0"
+			+ "MzMyNDIzNHY1NTIzKjk2MTAwNyoyM3RjNHZ5MjR2MmgzdmgzdmgqWloqSUVMKjA5KlJFKjA5DUNVU"
+			+ "ioxMSpUUk4qNTY1Nio2NSo1NjYqSU1GKjAwNio5NjEwMDcNUkVGKjZBKjQzM3IxYzNyMzRyMzRjMz"
+			+ "MxMnFjdGdjNTQqUmVmZXJlbmNlIE51bWJlcg1QRVIqQUEqSGFucyBHdXR0ZW4qQ1AqMS4zMjIuMzI"
+			+ "zLjQ0NDQqKioqKnJnZzRlZ3Y0dDQNVEFYKjR0Z3RidDR0cjR0cipHTCpnaGdoKioqKioqKioqRypD"
+			+ "DUZPQipUUCpDQSpVU0EqMDIqRE9NKkNDKlJlZ3VsYXIgTG9jYXRpb25zIHBlciBUZXJtcw1DVFAqR"
+			+ "EUqQzA0KjQ1MyoyNTAwMCpEOSpTRUwqMjMyMTQqMjM0MzI0MjM0MjMqRVMqNDIyNDM0MjMNU0FDKk"
+			+ "EqQjAwMCpBRSozNTQ1KjM0NDIzMDANQ1VSKjExKjc2Nyo3NzY3KjY1DVBPMSoxMTEtYWFhKjEwMDA"
+			+ "wMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioq"
+			+ "KioqKkExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwMCpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzN"
+			+ "HE2ZjM1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKioqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMD"
+			+ "AwKkFTKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZmMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKio"
+			+ "qKipBMSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRx"
+			+ "NmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqKkExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwM"
+			+ "CpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzNHE2ZjM1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKi"
+			+ "oqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMDAwKkFTKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZ"
+			+ "mMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKioqKipBMSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAq"
+			+ "QVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqK"
+			+ "kExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwMCpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzNHE2Zj"
+			+ "M1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKioqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMDAwKkF"
+			+ "TKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZmMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKioqKipB"
+			+ "MSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzN"
+			+ "TM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqKkExKnl0cmgNQ1RUKjENU0UqMjIqMDAwMDQwMDAxDU"
+			+ "dFKjEqMDAwMDAwMDA0DUlFQSoxKjAwMDAwMDAwMQ0=");
+
+		[Test]
+		public void TestWorkingData()
+		{
+			CmsCompressedData ed = new CmsCompressedData(compData);
+
+			Assert.IsTrue(Arrays.AreEqual(uncompData, ed.GetContent()));
+		}
+
+		[Test]
+		public void TestEach()
+		{
+			CmsCompressedData cd = GetStdData();
+
+			Assert.IsTrue(Arrays.AreEqual(TEST_DATA, cd.GetContent()));
+		}
+
+		[Test]
+		public void TestLimitUnder()
+		{
+			CmsCompressedData cd = GetStdData();
+
+			try
+			{
+				cd.GetContent(TEST_DATA.Length / 2);
+			}
+			catch (CmsException e)
+			{
+				Assert.IsTrue(e.InnerException is StreamOverflowException);
+			}
+		}
+
+		[Test]
+		public void TestLimitOver()
+		{
+			CmsCompressedData cd = GetStdData();
+
+			Assert.IsTrue(Arrays.AreEqual(TEST_DATA, cd.GetContent(TEST_DATA.Length * 2)));
+		}
+
+		[Test]
+		public void TestLimitEqual()
+		{
+			CmsCompressedData cd = GetStdData();
+
+			Assert.IsTrue(Arrays.AreEqual(TEST_DATA, cd.GetContent(TEST_DATA.Length)));
+		}
+
+		private CmsCompressedData GetStdData()
+		{
+			CmsProcessableByteArray testData = new CmsProcessableByteArray(TEST_DATA);
+			CmsCompressedDataGenerator gen = new CmsCompressedDataGenerator();
+			return gen.Generate(testData, CmsCompressedDataGenerator.ZLib);
+		}
+	}
+}
diff --git a/crypto/test/src/cms/test/EnvelopedDataStreamTest.cs b/crypto/test/src/cms/test/EnvelopedDataStreamTest.cs
new file mode 100644
index 000000000..8512f6622
--- /dev/null
+++ b/crypto/test/src/cms/test/EnvelopedDataStreamTest.cs
@@ -0,0 +1,537 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Cms;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Cms.Tests
+{
+	[TestFixture]
+	public class EnvelopedDataStreamTest
+	{
+		private const int BufferSize = 4000;
+
+		private const string SignDN = "O=Bouncy Castle, C=AU";
+		private static AsymmetricCipherKeyPair signKP;
+//		private static X509Certificate signCert;
+		//signCert = CmsTestUtil.MakeCertificate(_signKP, SignDN, _signKP, SignDN);
+
+//		private const string OrigDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
+//		private static AsymmetricCipherKeyPair origKP;
+		//origKP   = CmsTestUtil.MakeKeyPair();
+//		private static X509Certificate origCert;
+		//origCert = CmsTestUtil.MakeCertificate(origKP, OrigDN, _signKP, SignDN);
+
+		private const string ReciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
+		private static AsymmetricCipherKeyPair reciKP;
+		private static X509Certificate reciCert;
+
+		private static AsymmetricCipherKeyPair origECKP;
+		private static AsymmetricCipherKeyPair reciECKP;
+		private static X509Certificate reciECCert;
+
+		private static AsymmetricCipherKeyPair SignKP
+		{
+			get { return signKP == null ? (signKP   = CmsTestUtil.MakeKeyPair()) : signKP; }
+		}
+
+		private static AsymmetricCipherKeyPair ReciKP
+		{
+			get { return reciKP == null ? (reciKP   = CmsTestUtil.MakeKeyPair()) : reciKP; }
+		}
+
+		private static X509Certificate ReciCert
+		{
+			get { return reciCert == null ? (reciCert = CmsTestUtil.MakeCertificate(ReciKP, ReciDN, SignKP, SignDN)) : reciCert;}
+		}
+
+		private static AsymmetricCipherKeyPair OrigECKP
+		{
+			get { return origECKP == null ? (origECKP = CmsTestUtil.MakeECDsaKeyPair()) : origECKP; }
+		}
+
+		private static AsymmetricCipherKeyPair ReciECKP
+		{
+			get { return reciECKP == null ? (reciECKP = CmsTestUtil.MakeECDsaKeyPair()) : reciECKP; }
+		}
+
+		private static X509Certificate ReciECCert
+		{
+			get { return reciECCert == null ? (reciECCert = CmsTestUtil.MakeCertificate(ReciECKP, ReciDN, SignKP, SignDN)) : reciECCert;}
+		}
+
+		[Test]
+		public void TestWorkingData()
+		{
+			byte[] keyData = Base64.Decode(
+				"MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKrAz/SQKrcQ" +
+				"nj9IxHIfKDbuXsMqUpI06s2gps6fp7RDNvtUDDMOciWGFhD45YSy8GO0mPx3" +
+				"Nkc7vKBqX4TLcqLUz7kXGOHGOwiPZoNF+9jBMPNROe/B0My0PkWg9tuq+nxN" +
+				"64oD47+JvDwrpNOS5wsYavXeAW8Anv9ZzHLU7KwZAgMBAAECgYA/fqdVt+5K" +
+				"WKGfwr1Z+oAHvSf7xtchiw/tGtosZ24DOCNP3fcTXUHQ9kVqVkNyzt9ZFCT3" +
+				"bJUAdBQ2SpfuV4DusVeQZVzcROKeA09nPkxBpTefWbSDQGhb+eZq9L8JDRSW" +
+				"HyYqs+MBoUpLw7GKtZiJkZyY6CsYkAnQ+uYVWq/TIQJBAP5zafO4HUV/w4KD" +
+				"VJi+ua+GYF1Sg1t/dYL1kXO9GP1p75YAmtm6LdnOCas7wj70/G1YlPGkOP0V" +
+				"GFzeG5KAmAUCQQCryvKU9nwWA+kypcQT9Yr1P4vGS0APYoBThnZq7jEPc5Cm" +
+				"ZI82yseSxSeea0+8KQbZ5mvh1p3qImDLEH/iNSQFAkAghS+tboKPN10NeSt+" +
+				"uiGRRWNbiggv0YJ7Uldcq3ZeLQPp7/naiekCRUsHD4Qr97OrZf7jQ1HlRqTu" +
+				"eZScjMLhAkBNUMZCQnhwFAyEzdPkQ7LpU1MdyEopYmRssuxijZao5JLqQAGw" +
+				"YCzXokGFa7hz72b09F4DQurJL/WuDlvvu4jdAkEAxwT9lylvfSfEQw4/qQgZ" +
+				"MFB26gqB6Gqs1pHIZCzdliKx5BO3VDeUGfXMI8yOkbXoWbYx5xPid/+N8R//" +
+				"+sxLBw==");
+
+			byte[] envData = Base64.Decode(
+				"MIAGCSqGSIb3DQEHA6CAMIACAQAxgcQwgcECAQAwKjAlMRYwFAYDVQQKEw1C" +
+				"b3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVQIBHjANBgkqhkiG9w0BAQEFAASB" +
+				"gDmnaDZ0vDJNlaUSYyEXsgbaUH+itNTjCOgv77QTX2ImXj+kTctM19PQF2I1" +
+				"0/NL0fjakvCgBTHKmk13a7jqB6cX3bysenHNrglHsgNGgeXQ7ggAq5fV/JQQ" +
+				"T7rSxEtuwpbuHQnoVUZahOHVKy/a0uLr9iIh1A3y+yZTZaG505ZJMIAGCSqG" +
+				"SIb3DQEHATAdBglghkgBZQMEAQIEENmkYNbDXiZxJWtq82qIRZKggAQgkOGr" +
+				"1JcTsADStez1eY4+rO4DtyBIyUYQ3pilnbirfPkAAAAAAAAAAAAA");
+
+
+			CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(envData);
+
+			RecipientInformationStore recipients = ep.GetRecipientInfos();
+
+			Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			ICollection c = recipients.GetRecipients();
+
+//            PKCS8EncodedKeySpec	keySpec = new PKCS8EncodedKeySpec(keyData);
+//            KeyFactory			keyFact = KeyFactory.GetInstance("RSA");
+//            Key					priKey = keyFact.generatePrivate(keySpec);
+			AsymmetricKeyParameter priKey = PrivateKeyFactory.CreateKey(keyData);
+            byte[] data = Hex.Decode("57616c6c6157616c6c6157617368696e67746f6e");
+
+			foreach (RecipientInformation recipient in c)
+			{
+				Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id);
+
+				CmsTypedStream recData = recipient.GetContentStream(priKey);
+
+				byte[] compare = CmsTestUtil.StreamToByteArray(recData.ContentStream);
+				Assert.IsTrue(Arrays.AreEqual(data, compare));
+			}
+		}
+
+		private void VerifyData(
+			byte[]	encodedBytes,
+			string	expectedOid,
+			byte[]	expectedData)
+		{
+			CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(encodedBytes);
+			RecipientInformationStore recipients = ep.GetRecipientInfos();
+
+			Assert.AreEqual(ep.EncryptionAlgOid, expectedOid);
+
+			ICollection c = recipients.GetRecipients();
+
+			foreach (RecipientInformation recipient in c)
+			{
+				Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id);
+
+				CmsTypedStream recData = recipient.GetContentStream(ReciKP.Private);
+
+				Assert.IsTrue(Arrays.AreEqual(expectedData, CmsTestUtil.StreamToByteArray(
+					recData.ContentStream)));
+			}
+		}
+
+		[Test]
+		public void TestKeyTransAes128BufferedStream()
+		{
+			byte[] data = new byte[2000];
+			for (int i = 0; i != 2000; i++)
+			{
+				data[i] = (byte)(i & 0xff);
+			}
+
+			//
+			// unbuffered
+			//
+			CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator();
+
+			edGen.AddKeyTransRecipient(ReciCert);
+
+			MemoryStream bOut = new MemoryStream();
+
+			Stream outStream = edGen.Open(
+				bOut, CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			for (int i = 0; i != 2000; i++)
+			{
+				outStream.WriteByte(data[i]);
+			}
+
+			outStream.Close();
+
+			VerifyData(bOut.ToArray(), CmsEnvelopedDataGenerator.Aes128Cbc, data);
+
+			int unbufferedLength = bOut.ToArray().Length;
+
+			//
+			// Using buffered output - should be == to unbuffered
+			//
+			edGen = new CmsEnvelopedDataStreamGenerator();
+
+			edGen.AddKeyTransRecipient(ReciCert);
+
+			bOut.SetLength(0);
+
+			outStream = edGen.Open(bOut, CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			Streams.PipeAll(new MemoryStream(data, false), outStream);
+			outStream.Close();
+
+			VerifyData(bOut.ToArray(), CmsEnvelopedDataGenerator.Aes128Cbc, data);
+
+			Assert.AreEqual(unbufferedLength, bOut.ToArray().Length);
+		}
+
+		[Test]
+		public void TestKeyTransAes128Buffered()
+		{
+			byte[] data = new byte[2000];
+			for (int i = 0; i != 2000; i++)
+			{
+				data[i] = (byte)(i & 0xff);
+			}
+
+			//
+			// unbuffered
+			//
+			CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator();
+
+			edGen.AddKeyTransRecipient(ReciCert);
+
+			MemoryStream  bOut = new MemoryStream();
+
+			Stream outStream = edGen.Open(
+				bOut, CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			for (int i = 0; i != 2000; i++)
+			{
+				outStream.WriteByte(data[i]);
+			}
+
+			outStream.Close();
+
+			VerifyData(bOut.ToArray(), CmsEnvelopedDataGenerator.Aes128Cbc, data);
+
+			int unbufferedLength = bOut.ToArray().Length;
+
+			//
+			// buffered - less than default of 1000
+			//
+			edGen = new CmsEnvelopedDataStreamGenerator();
+
+			edGen.SetBufferSize(300);
+
+			edGen.AddKeyTransRecipient(ReciCert);
+
+			bOut.SetLength(0);
+
+			outStream = edGen.Open(bOut, CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			for (int i = 0; i != 2000; i++)
+			{
+				outStream.WriteByte(data[i]);
+			}
+
+			outStream.Close();
+
+			VerifyData(bOut.ToArray(), CmsEnvelopedDataGenerator.Aes128Cbc, data);
+
+			Assert.IsTrue(unbufferedLength < bOut.ToArray().Length);
+		}
+
+		[Test]
+		public void TestKeyTransAes128Der()
+		{
+			byte[] data = new byte[2000];
+			for (int i = 0; i != 2000; i++)
+			{
+				data[i] = (byte)(i & 0xff);
+			}
+
+			CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator();
+
+			edGen.AddKeyTransRecipient(ReciCert);
+
+			MemoryStream bOut = new MemoryStream();
+
+			Stream outStream = edGen.Open(
+				bOut, CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			for (int i = 0; i != 2000; i++)
+			{
+				outStream.WriteByte(data[i]);
+			}
+
+			outStream.Close();
+
+			// convert to DER
+			byte[] derEncodedBytes = Asn1Object.FromByteArray(bOut.ToArray()).GetDerEncoded();
+
+			VerifyData(derEncodedBytes, CmsEnvelopedDataGenerator.Aes128Cbc, data);
+		}
+
+		[Test]
+		public void TestKeyTransAes128Throughput()
+		{
+			byte[] data = new byte[40001];
+			for (int i = 0; i != data.Length; i++)
+			{
+				data[i] = (byte)(i & 0xff);
+			}
+
+			//
+			// buffered
+			//
+			CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator();
+
+			edGen.SetBufferSize(BufferSize);
+
+			edGen.AddKeyTransRecipient(ReciCert);
+
+			MemoryStream bOut = new MemoryStream();
+
+			Stream outStream = edGen.Open(bOut, CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			for (int i = 0; i != data.Length; i++)
+			{
+				outStream.WriteByte(data[i]);
+			}
+
+			outStream.Close();
+
+			CmsEnvelopedDataParser		ep = new CmsEnvelopedDataParser(bOut.ToArray());
+			RecipientInformationStore	recipients = ep.GetRecipientInfos();
+			ICollection					c = recipients.GetRecipients();
+
+			IEnumerator e = c.GetEnumerator();
+
+			if (e.MoveNext())
+			{
+				RecipientInformation recipient = (RecipientInformation) e.Current;
+
+				Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id);
+
+				CmsTypedStream recData = recipient.GetContentStream(ReciKP.Private);
+
+				Stream dataStream = recData.ContentStream;
+				MemoryStream dataOut = new MemoryStream();
+				int len;
+				byte[] buf = new byte[BufferSize];
+				int count = 0;
+
+				while (count != 10 && (len = dataStream.Read(buf, 0, buf.Length)) > 0)
+				{
+					Assert.AreEqual(buf.Length, len);
+
+					dataOut.Write(buf, 0, buf.Length);
+					count++;
+				}
+
+				len = dataStream.Read(buf, 0, buf.Length);
+				dataOut.Write(buf, 0, len);
+
+				Assert.IsTrue(Arrays.AreEqual(data, dataOut.ToArray()));
+			}
+			else
+			{
+				Assert.Fail("recipient not found.");
+			}
+		}
+
+		[Test]
+		public void TestKeyTransAes128()
+		{
+			byte[] data = Encoding.Default.GetBytes("WallaWallaWashington");
+
+			CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator();
+
+			edGen.AddKeyTransRecipient(ReciCert);
+
+			MemoryStream bOut = new MemoryStream();
+
+			Stream outStream = edGen.Open(
+				bOut, CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			outStream.Write(data, 0, data.Length);
+
+			outStream.Close();
+
+			CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray());
+
+			RecipientInformationStore recipients = ep.GetRecipientInfos();
+
+			Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			ICollection c = recipients.GetRecipients();
+
+			foreach (RecipientInformation recipient in c)
+			{
+				Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id);
+
+				CmsTypedStream recData = recipient.GetContentStream(ReciKP.Private);
+
+				Assert.IsTrue(Arrays.AreEqual(data, CmsTestUtil.StreamToByteArray(recData.ContentStream)));
+			}
+
+			ep.Close();
+		}
+
+		[Test]
+		public void TestAesKek()
+		{
+			byte[] data = Encoding.Default.GetBytes("WallaWallaWashington");
+			KeyParameter kek = CmsTestUtil.MakeAes192Key();
+
+			CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator();
+
+			byte[] kekId = new byte[] { 1, 2, 3, 4, 5 };
+
+			edGen.AddKekRecipient("AES192", kek, kekId);
+
+			MemoryStream  bOut = new MemoryStream();
+
+			Stream outStream = edGen.Open(
+				bOut,
+				CmsEnvelopedDataGenerator.DesEde3Cbc);
+			outStream.Write(data, 0, data.Length);
+
+			outStream.Close();
+
+			CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray());
+
+			RecipientInformationStore recipients = ep.GetRecipientInfos();
+
+			Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.DesEde3Cbc);
+
+			ICollection c = recipients.GetRecipients();
+
+			foreach (RecipientInformation recipient in c)
+			{
+				Assert.AreEqual(recipient.KeyEncryptionAlgOid, "2.16.840.1.101.3.4.1.25");
+
+				CmsTypedStream recData = recipient.GetContentStream(kek);
+
+				Assert.IsTrue(Arrays.AreEqual(data, CmsTestUtil.StreamToByteArray(recData.ContentStream)));
+			}
+
+			ep.Close();
+		}
+
+		[Test]
+		public void TestTwoAesKek()
+		{
+			byte[] data = Encoding.Default.GetBytes("WallaWallaWashington");
+			KeyParameter kek1 = CmsTestUtil.MakeAes192Key();
+			KeyParameter kek2 = CmsTestUtil.MakeAes192Key();
+
+			CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator();
+
+			byte[]  kekId1 = new byte[] { 1, 2, 3, 4, 5 };
+			byte[]  kekId2 = new byte[] { 5, 4, 3, 2, 1 };
+
+			edGen.AddKekRecipient("AES192", kek1, kekId1);
+			edGen.AddKekRecipient("AES192", kek2, kekId2);
+
+			MemoryStream bOut = new MemoryStream();
+
+			Stream outStream = edGen.Open(
+				bOut,
+				CmsEnvelopedDataGenerator.DesEde3Cbc);
+			outStream.Write(data, 0, data.Length);
+
+			outStream.Close();
+
+			CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray());
+
+			RecipientInformationStore recipients = ep.GetRecipientInfos();
+
+			Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.DesEde3Cbc);
+
+			RecipientID recSel = new RecipientID();
+
+			recSel.KeyIdentifier = kekId2;
+
+			RecipientInformation recipient = recipients.GetFirstRecipient(recSel);
+
+			Assert.AreEqual(recipient.KeyEncryptionAlgOid, "2.16.840.1.101.3.4.1.25");
+
+			CmsTypedStream recData = recipient.GetContentStream(kek2);
+
+			Assert.IsTrue(Arrays.AreEqual(data, CmsTestUtil.StreamToByteArray(recData.ContentStream)));
+
+			ep.Close();
+		}
+
+		[Test]
+		public void TestECKeyAgree()
+		{
+			byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
+
+			CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator();
+
+			edGen.AddKeyAgreementRecipient(
+				CmsEnvelopedDataGenerator.ECDHSha1Kdf,
+				OrigECKP.Private,
+				OrigECKP.Public,
+				ReciECCert,
+				CmsEnvelopedDataGenerator.Aes128Wrap);
+
+			MemoryStream bOut = new MemoryStream();
+
+			Stream outStr = edGen.Open(bOut, CmsEnvelopedDataGenerator.Aes128Cbc);
+			outStr.Write(data, 0, data.Length);
+
+			outStr.Close();
+
+			CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray());
+
+			RecipientInformationStore recipients = ep.GetRecipientInfos();
+
+			Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			RecipientID recSel = new RecipientID();
+
+//			recSel.SetIssuer(PrincipalUtilities.GetIssuerX509Principal(ReciECCert).GetEncoded());
+			recSel.Issuer = PrincipalUtilities.GetIssuerX509Principal(ReciECCert);
+			recSel.SerialNumber = ReciECCert.SerialNumber;
+
+			RecipientInformation recipient = recipients.GetFirstRecipient(recSel);
+
+			CmsTypedStream recData = recipient.GetContentStream(ReciECKP.Private);
+
+			Assert.IsTrue(Arrays.AreEqual(data, CmsTestUtil.StreamToByteArray(recData.ContentStream)));
+
+			ep.Close();
+		}
+
+		[Test]
+		public void TestOriginatorInfo()
+		{
+			CmsEnvelopedDataParser env = new CmsEnvelopedDataParser(CmsSampleMessages.originatorMessage);
+
+			env.GetRecipientInfos();
+
+			Assert.AreEqual(CmsEnvelopedDataGenerator.DesEde3Cbc, env.EncryptionAlgOid);
+		}
+	}
+}
diff --git a/crypto/test/src/cms/test/EnvelopedDataTest.cs b/crypto/test/src/cms/test/EnvelopedDataTest.cs
new file mode 100644
index 000000000..be588ef42
--- /dev/null
+++ b/crypto/test/src/cms/test/EnvelopedDataTest.cs
@@ -0,0 +1,866 @@
+using System;
+using System.Collections;
+using System.Text;
+
+using NUnit.Framework;
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Kisa;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Ntt;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Cms;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Cms.Tests
+{
+	[TestFixture]
+	public class EnvelopedDataTest
+	{
+		private const string SignDN = "O=Bouncy Castle, C=AU";
+
+		private static AsymmetricCipherKeyPair signKP;
+//		private static X509Certificate signCert;
+		//signCert = CmsTestUtil.MakeCertificate(_signKP, SignDN, _signKP, SignDN);
+
+//		private const string OrigDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
+
+//		private static AsymmetricCipherKeyPair origKP;
+		//origKP = CmsTestUtil.MakeKeyPair();
+//		private static X509Certificate origCert;
+		//origCert = CmsTestUtil.MakeCertificate(_origKP, OrigDN, _signKP, SignDN);
+
+		private const string ReciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
+		private const string ReciDN2 = "CN=Fred, OU=Sales, O=Bouncy Castle, C=AU";
+
+		private static AsymmetricCipherKeyPair reciKP;
+		private static X509Certificate reciCert;
+
+		private static AsymmetricCipherKeyPair origECKP;
+		private static AsymmetricCipherKeyPair reciECKP;
+		private static X509Certificate reciECCert;
+		private static AsymmetricCipherKeyPair reciECKP2;
+		private static X509Certificate reciECCert2;
+
+		private static AsymmetricCipherKeyPair SignKP
+		{
+			get { return signKP == null ? (signKP = CmsTestUtil.MakeKeyPair()) : signKP; }
+		}
+
+		private static AsymmetricCipherKeyPair ReciKP
+		{
+			get { return reciKP == null ? (reciKP = CmsTestUtil.MakeKeyPair()) : reciKP; }
+		}
+
+		private static X509Certificate ReciCert
+		{
+			get { return reciCert == null ? (reciCert = CmsTestUtil.MakeCertificate(ReciKP, ReciDN, SignKP, SignDN)) : reciCert; }
+		}
+
+		private static AsymmetricCipherKeyPair OrigECKP
+		{
+			get { return origECKP == null ? (origECKP = CmsTestUtil.MakeECDsaKeyPair()) : origECKP; }
+		}
+
+		private static AsymmetricCipherKeyPair ReciECKP
+		{
+			get { return reciECKP == null ? (reciECKP = CmsTestUtil.MakeECDsaKeyPair()) : reciECKP; }
+		}
+
+		private static X509Certificate ReciECCert
+		{
+			get { return reciECCert == null ? (reciECCert = CmsTestUtil.MakeCertificate(ReciECKP, ReciDN, SignKP, SignDN)) : reciECCert; }
+		}
+
+		private static AsymmetricCipherKeyPair ReciECKP2
+		{
+			get { return reciECKP2 == null ? (reciECKP2 = CmsTestUtil.MakeECDsaKeyPair()) : reciECKP2; }
+		}
+
+		private static X509Certificate ReciECCert2
+		{
+			get { return reciECCert2 == null ? (reciECCert2 = CmsTestUtil.MakeCertificate(ReciECKP2, ReciDN2, SignKP, SignDN)) : reciECCert2; }
+		}
+
+		private static readonly byte[] oldKEK = Base64.Decode(
+			"MIAGCSqGSIb3DQEHA6CAMIACAQIxQaI/MD0CAQQwBwQFAQIDBAUwDQYJYIZIAWUDBAEFBQAEI"
+			+ "Fi2eHTPM4bQSjP4DUeDzJZLpfemW2gF1SPq7ZPHJi1mMIAGCSqGSIb3DQEHATAUBggqhkiG9w"
+			+ "0DBwQImtdGyUdGGt6ggAQYk9X9z01YFBkU7IlS3wmsKpm/zpZClTceAAAAAAAAAAAAAA==");
+
+		private static readonly byte[] ecKeyAgreeMsgAES256 = Base64.Decode(
+			"MIAGCSqGSIb3DQEHA6CAMIACAQIxgcShgcECAQOgQ6FBMAsGByqGSM49AgEF"
+			+ "AAMyAAPdXlSTpub+qqno9hUGkUDl+S3/ABhPziIB5yGU4678tgOgU5CiKG9Z"
+			+ "kfnabIJ3nZYwGgYJK4EFEIZIPwACMA0GCWCGSAFlAwQBLQUAMFswWTAtMCgx"
+			+ "EzARBgNVBAMTCkFkbWluLU1EU0UxETAPBgNVBAoTCDRCQ1QtMklEAgEBBCi/"
+			+ "rJRLbFwEVW6PcLLmojjW9lI/xGD7CfZzXrqXFw8iHaf3hTRau1gYMIAGCSqG"
+			+ "SIb3DQEHATAdBglghkgBZQMEASoEEMtCnKKPwccmyrbgeSIlA3qggAQQDLw8"
+			+ "pNJR97bPpj6baG99bQQQwhEDsoj5Xg1oOxojHVcYzAAAAAAAAAAAAAA=");
+
+		private static readonly byte[] ecKeyAgreeMsgAES128 = Base64.Decode(
+			"MIAGCSqGSIb3DQEHA6CAMIACAQIxgbShgbECAQOgQ6FBMAsGByqGSM49AgEF"
+			+ "AAMyAAL01JLEgKvKh5rbxI/hOxs/9WEezMIsAbUaZM4l5tn3CzXAN505nr5d"
+			+ "LhrcurMK+tAwGgYJK4EFEIZIPwACMA0GCWCGSAFlAwQBBQUAMEswSTAtMCgx"
+			+ "EzARBgNVBAMTCkFkbWluLU1EU0UxETAPBgNVBAoTCDRCQ1QtMklEAgEBBBhi"
+			+ "FLjc5g6aqDT3f8LomljOwl1WTrplUT8wgAYJKoZIhvcNAQcBMB0GCWCGSAFl"
+			+ "AwQBAgQQzXjms16Y69S/rB0EbHqRMaCABBAFmc/QdVW6LTKdEy97kaZzBBBa"
+			+ "fQuviUS03NycpojELx0bAAAAAAAAAAAAAA==");
+
+		private static readonly byte[] ecKeyAgreeMsgDESEDE = Base64.Decode(
+			"MIAGCSqGSIb3DQEHA6CAMIACAQIxgcahgcMCAQOgQ6FBMAsGByqGSM49AgEF"
+			+ "AAMyAALIici6Nx1WN5f0ThH2A8ht9ovm0thpC5JK54t73E1RDzCifePaoQo0"
+			+ "xd6sUqoyGaYwHAYJK4EFEIZIPwACMA8GCyqGSIb3DQEJEAMGBQAwWzBZMC0w"
+			+ "KDETMBEGA1UEAxMKQWRtaW4tTURTRTERMA8GA1UEChMINEJDVC0ySUQCAQEE"
+			+ "KJuqZQ1NB1vXrKPOnb4TCpYOsdm6GscWdwAAZlm2EHMp444j0s55J9wwgAYJ"
+			+ "KoZIhvcNAQcBMBQGCCqGSIb3DQMHBAjwnsDMsafCrKCABBjyPvqFOVMKxxut"
+			+ "VfTx4fQlNGJN8S2ATRgECMcTQ/dsmeViAAAAAAAAAAAAAA==");
+
+		private static readonly byte[] ecMqvKeyAgreeMsgAes128 = Base64.Decode(
+			  "MIAGCSqGSIb3DQEHA6CAMIACAQIxgf2hgfoCAQOgQ6FBMAsGByqGSM49AgEF"
+			+ "AAMyAAPDKU+0H58tsjpoYmYCInMr/FayvCCkupebgsnpaGEB7qS9vzcNVUj6"
+			+ "mrnmiC2grpmhRwRFMEMwQTALBgcqhkjOPQIBBQADMgACZpD13z9c7DzRWx6S"
+			+ "0xdbq3S+EJ7vWO+YcHVjTD8NcQDcZcWASW899l1PkL936zsuMBoGCSuBBRCG"
+			+ "SD8AEDANBglghkgBZQMEAQUFADBLMEkwLTAoMRMwEQYDVQQDEwpBZG1pbi1N"
+			+ "RFNFMREwDwYDVQQKEwg0QkNULTJJRAIBAQQYFq58L71nyMK/70w3nc6zkkRy"
+			+ "RL7DHmpZMIAGCSqGSIb3DQEHATAdBglghkgBZQMEAQIEEDzRUpreBsZXWHBe"
+			+ "onxOtSmggAQQ7csAZXwT1lHUqoazoy8bhAQQq+9Zjj8iGdOWgyebbfj67QAA"
+			+ "AAAAAAAAAAA=");
+
+		private static readonly byte[] ecKeyAgreeKey = Base64.Decode(
+			"MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDC8vp7xVTbKSgYVU5Wc"
+			+ "hGkWbzaj+yUFETIWP1Dt7+WSpq3ikSPdl7PpHPqnPVZfoIWhZANiAgSYHTgxf+Dd"
+			+ "Tt84dUvuSKkFy3RhjxJmjwIscK6zbEUzKhcPQG2GHzXhWK5x1kov0I74XpGhVkya"
+			+ "ElH5K6SaOXiXAzcyNGggTOk4+ZFnz5Xl0pBje3zKxPhYu0SnCw7Pcqw=");
+
+		private static readonly byte[] bobPrivRsaEncrypt = Base64.Decode(
+			"MIIChQIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKnhZ5g/OdVf"
+			+ "8qCTQV6meYmFyDVdmpFb+x0B2hlwJhcPvaUi0DWFbXqYZhRBXM+3twg7CcmR"
+			+ "uBlpN235ZR572akzJKN/O7uvRgGGNjQyywcDWVL8hYsxBLjMGAgUSOZPHPtd"
+			+ "YMTgXB9T039T2GkB8QX4enDRvoPGXzjPHCyqaqfrAgMBAAECgYBnzUhMmg2P"
+			+ "mMIbZf8ig5xt8KYGHbztpwOIlPIcaw+LNd4Ogngwy+e6alatd8brUXlweQqg"
+			+ "9P5F4Kmy9Bnah5jWMIR05PxZbMHGd9ypkdB8MKCixQheIXFD/A0HPfD6bRSe"
+			+ "TmPwF1h5HEuYHD09sBvf+iU7o8AsmAX2EAnYh9sDGQJBANDDIsbeopkYdo+N"
+			+ "vKZ11mY/1I1FUox29XLE6/BGmvE+XKpVC5va3Wtt+Pw7PAhDk7Vb/s7q/WiE"
+			+ "I2Kv8zHCueUCQQDQUfweIrdb7bWOAcjXq/JY1PeClPNTqBlFy2bKKBlf4hAr"
+			+ "84/sajB0+E0R9KfEILVHIdxJAfkKICnwJAiEYH2PAkA0umTJSChXdNdVUN5q"
+			+ "SO8bKlocSHseIVnDYDubl6nA7xhmqU5iUjiEzuUJiEiUacUgFJlaV/4jbOSn"
+			+ "I3vQgLeFAkEAni+zN5r7CwZdV+EJBqRd2ZCWBgVfJAZAcpw6iIWchw+dYhKI"
+			+ "FmioNRobQ+g4wJhprwMKSDIETukPj3d9NDAlBwJAVxhn1grStavCunrnVNqc"
+			+ "BU+B1O8BiR4yPWnLMcRSyFRVJQA7HCp8JlDV6abXd8vPFfXuC9WN7rOvTKF8"
+			+ "Y0ZB9qANMAsGA1UdDzEEAwIAEA==");
+
+		private static readonly byte[] rfc4134ex5_1 = Base64.Decode(
+			"MIIBHgYJKoZIhvcNAQcDoIIBDzCCAQsCAQAxgcAwgb0CAQAwJjASMRAwDgYD"
+			+ "VQQDEwdDYXJsUlNBAhBGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUA"
+			+ "BIGAC3EN5nGIiJi2lsGPcP2iJ97a4e8kbKQz36zg6Z2i0yx6zYC4mZ7mX7FB"
+			+ "s3IWg+f6KgCLx3M1eCbWx8+MDFbbpXadCDgO8/nUkUNYeNxJtuzubGgzoyEd"
+			+ "8Ch4H/dd9gdzTd+taTEgS0ipdSJuNnkVY4/M652jKKHRLFf02hosdR8wQwYJ"
+			+ "KoZIhvcNAQcBMBQGCCqGSIb3DQMHBAgtaMXpRwZRNYAgDsiSf8Z9P43LrY4O"
+			+ "xUk660cu1lXeCSFOSOpOJ7FuVyU=");
+
+		private static readonly byte[] rfc4134ex5_2 = Base64.Decode(
+			"MIIBZQYJKoZIhvcNAQcDoIIBVjCCAVICAQIxggEAMIG9AgEAMCYwEjEQMA4G"
+			+ "A1UEAxMHQ2FybFJTQQIQRjRrx4AAVrwR024uzV1x0DANBgkqhkiG9w0BAQEF"
+			+ "AASBgJQmQojGi7Z4IP+CVypBmNFoCDoEp87khtgyff2N4SmqD3RxPx+8hbLQ"
+			+ "t9i3YcMwcap+aiOkyqjMalT03VUC0XBOGv+HYI3HBZm/aFzxoq+YOXAWs5xl"
+			+ "GerZwTOc9j6AYlK4qXvnztR5SQ8TBjlzytm4V7zg+TGrnGVNQBNw47Ewoj4C"
+			+ "AQQwDQQLTWFpbExpc3RSQzIwEAYLKoZIhvcNAQkQAwcCAToEGHcUr5MSJ/g9"
+			+ "HnJVHsQ6X56VcwYb+OfojTBJBgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgIC"
+			+ "AKAECJwE0hkuKlWhgCBeKNXhojuej3org9Lt7n+wWxOhnky5V50vSpoYRfRR"
+			+ "yw==");
+
+		[Test]
+		public void TestKeyTrans()
+		{
+			byte[] data = Encoding.ASCII.GetBytes("WallaWallaWashington");
+
+			CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
+
+			edGen.AddKeyTransRecipient(ReciCert);
+
+			CmsEnvelopedData ed = edGen.Generate(
+				new CmsProcessableByteArray(data),
+				CmsEnvelopedDataGenerator.DesEde3Cbc);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+
+			Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.DesEde3Cbc);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id);
+
+				byte[] recData = recipient.GetContent(ReciKP.Private);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+			}
+		}
+
+		[Test]
+		public void TestKeyTransRC4()
+		{
+			byte[] data = Encoding.ASCII.GetBytes("WallaWallaBouncyCastle");
+
+			CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
+
+			edGen.AddKeyTransRecipient(ReciCert);
+
+			CmsEnvelopedData ed = edGen.Generate(
+				new CmsProcessableByteArray(data),
+				"1.2.840.113549.3.4"); // RC4 OID
+
+			RecipientInformationStore  recipients = ed.GetRecipientInfos();
+
+			Assert.AreEqual(ed.EncryptionAlgOid, "1.2.840.113549.3.4");
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				byte[] recData = recipient.GetContent(ReciKP.Private);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+			}
+		}
+
+		[Test]
+		public void TestKeyTrans128RC4()
+		{
+			byte[] data = Encoding.ASCII.GetBytes("WallaWallaBouncyCastle");
+
+			CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
+
+			edGen.AddKeyTransRecipient(ReciCert);
+
+			CmsEnvelopedData ed = edGen.Generate(
+				new CmsProcessableByteArray(data),
+				"1.2.840.113549.3.4", 128);  // RC4 OID
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			Assert.AreEqual(ed.EncryptionAlgOid, "1.2.840.113549.3.4");
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				byte[] recData = recipient.GetContent(ReciKP.Private);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+			}
+		}
+
+		[Test]
+		public void TestKeyTransOdes()
+		{
+			byte[] data = Encoding.ASCII.GetBytes("WallaWallaBouncyCastle");
+
+			CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
+
+			edGen.AddKeyTransRecipient(ReciCert);
+
+			CmsEnvelopedData ed = edGen.Generate(
+				new CmsProcessableByteArray(data),
+				OiwObjectIdentifiers.DesCbc.Id);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			Assert.AreEqual(ed.EncryptionAlgOid, OiwObjectIdentifiers.DesCbc.Id);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				byte[] recData = recipient.GetContent(ReciKP.Private);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+			}
+		}
+
+		[Test]
+		public void TestKeyTransSmallAes()
+		{
+			byte[] data = new byte[] { 0, 1, 2, 3 };
+
+			CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
+
+			edGen.AddKeyTransRecipient(ReciCert);
+
+			CmsEnvelopedData ed = edGen.Generate(
+				new CmsProcessableByteArray(data),
+				CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			Assert.AreEqual(ed.EncryptionAlgOid,
+				CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				byte[] recData = recipient.GetContent(ReciKP.Private);
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+			}
+		}
+
+		[Test]
+		public void TestKeyTransCast5()
+		{
+			TryKeyTrans(CmsEnvelopedDataGenerator.Cast5Cbc,
+				new DerObjectIdentifier(CmsEnvelopedDataGenerator.Cast5Cbc),
+				typeof(Asn1Sequence));
+		}
+
+		[Test]
+		public void TestKeyTransAes128()
+		{
+			TryKeyTrans(CmsEnvelopedDataGenerator.Aes128Cbc,
+				NistObjectIdentifiers.IdAes128Cbc,
+				typeof(DerOctetString));
+		}
+
+		[Test]
+		public void TestKeyTransAes192()
+		{
+			TryKeyTrans(CmsEnvelopedDataGenerator.Aes192Cbc,
+				NistObjectIdentifiers.IdAes192Cbc,
+				typeof(DerOctetString));
+		}
+
+		[Test]
+		public void TestKeyTransAes256()
+		{
+			TryKeyTrans(CmsEnvelopedDataGenerator.Aes256Cbc,
+				NistObjectIdentifiers.IdAes256Cbc,
+				typeof(DerOctetString));
+		}
+
+		[Test]
+		public void TestKeyTransSeed()
+		{
+			TryKeyTrans(CmsEnvelopedDataGenerator.SeedCbc,
+				KisaObjectIdentifiers.IdSeedCbc,
+				typeof(DerOctetString));
+		}
+
+		public void TestKeyTransCamellia128()
+		{
+			TryKeyTrans(CmsEnvelopedDataGenerator.Camellia128Cbc,
+				NttObjectIdentifiers.IdCamellia128Cbc,
+				typeof(DerOctetString));
+		}
+
+		public void TestKeyTransCamellia192()
+		{
+			TryKeyTrans(CmsEnvelopedDataGenerator.Camellia192Cbc,
+				NttObjectIdentifiers.IdCamellia192Cbc,
+				typeof(DerOctetString));
+		}
+
+		public void TestKeyTransCamellia256()
+		{
+			TryKeyTrans(CmsEnvelopedDataGenerator.Camellia256Cbc,
+				NttObjectIdentifiers.IdCamellia256Cbc,
+				typeof(DerOctetString));
+		}
+
+		private void TryKeyTrans(
+			string				generatorOID,
+			DerObjectIdentifier	checkOID,
+			Type				asn1Params)
+		{
+			byte[] data = Encoding.ASCII.GetBytes("WallaWallaWashington");
+
+			CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
+
+			edGen.AddKeyTransRecipient(ReciCert);
+
+			CmsEnvelopedData ed = edGen.Generate(new CmsProcessableByteArray(data), generatorOID);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			Assert.AreEqual(checkOID.Id, ed.EncryptionAlgOid);
+
+			if (asn1Params != null)
+			{
+				Assert.IsTrue(asn1Params.IsInstanceOfType(ed.EncryptionAlgorithmID.Parameters));
+			}
+
+			ArrayList c = new ArrayList(recipients.GetRecipients());
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id);
+
+				byte[] recData = recipient.GetContent(ReciKP.Private);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+			}
+		}
+
+		[Test]
+		public void TestErroneousKek()
+		{
+			byte[] data = Encoding.ASCII.GetBytes("WallaWallaWashington");
+			KeyParameter kek = ParameterUtilities.CreateKeyParameter(
+				"AES",
+				new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 });
+
+			CmsEnvelopedData ed = new CmsEnvelopedData(oldKEK);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.DesEde3Cbc);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				Assert.AreEqual(recipient.KeyEncryptionAlgOid, NistObjectIdentifiers.IdAes128Wrap.Id);
+
+				byte[] recData = recipient.GetContent(kek);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+			}
+		}
+
+		[Test]
+		public void TestDesKek()
+		{
+			TryKekAlgorithm(CmsTestUtil.MakeDesEde192Key(), new DerObjectIdentifier("1.2.840.113549.1.9.16.3.6"));
+		}
+
+		[Test]
+		public void TestRC2128Kek()
+		{
+			TryKekAlgorithm(CmsTestUtil.MakeRC2128Key(), new DerObjectIdentifier("1.2.840.113549.1.9.16.3.7"));
+		}
+
+		[Test]
+		public void TestAes128Kek()
+		{
+			TryKekAlgorithm(CmsTestUtil.MakeAesKey(128), NistObjectIdentifiers.IdAes128Wrap);
+		}
+
+		[Test]
+		public void TestAes192Kek()
+		{
+			TryKekAlgorithm(CmsTestUtil.MakeAesKey(192), NistObjectIdentifiers.IdAes192Wrap);
+		}
+
+		[Test]
+		public void TestAes256Kek()
+		{
+			TryKekAlgorithm(CmsTestUtil.MakeAesKey(256), NistObjectIdentifiers.IdAes256Wrap);
+		}
+
+		[Test]
+		public void TestSeed128Kek()
+		{
+			TryKekAlgorithm(CmsTestUtil.MakeSeedKey(), KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap);
+		}
+
+		[Test]
+		public void TestCamellia128Kek()
+		{
+			TryKekAlgorithm(CmsTestUtil.MakeCamelliaKey(128), NttObjectIdentifiers.IdCamellia128Wrap);
+		}
+
+		[Test]
+		public void TestCamellia192Kek()
+		{
+			TryKekAlgorithm(CmsTestUtil.MakeCamelliaKey(192), NttObjectIdentifiers.IdCamellia192Wrap);
+		}
+
+		[Test]
+		public void TestCamellia256Kek()
+		{
+			TryKekAlgorithm(CmsTestUtil.MakeCamelliaKey(256), NttObjectIdentifiers.IdCamellia256Wrap);
+		}
+
+		private void TryKekAlgorithm(
+			KeyParameter		kek,
+			DerObjectIdentifier	algOid)
+		{
+			byte[] data = Encoding.ASCII.GetBytes("WallaWallaWashington");
+			CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
+
+			byte[] kekId = new byte[] { 1, 2, 3, 4, 5 };
+
+			string keyAlgorithm = ParameterUtilities.GetCanonicalAlgorithmName(algOid.Id);
+
+			edGen.AddKekRecipient(keyAlgorithm, kek, kekId);
+
+			CmsEnvelopedData ed = edGen.Generate(
+				new CmsProcessableByteArray(data),
+				CmsEnvelopedDataGenerator.DesEde3Cbc);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.DesEde3Cbc);
+
+			ArrayList c = new ArrayList(recipients.GetRecipients());
+
+			Assert.IsTrue(c.Count > 0);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				Assert.AreEqual(algOid.Id, recipient.KeyEncryptionAlgOid);
+
+				byte[] recData = recipient.GetContent(kek);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+			}
+		}
+
+		[Test]
+		public void TestECKeyAgree()
+		{
+			byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
+
+			CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
+
+			edGen.AddKeyAgreementRecipient(
+				CmsEnvelopedDataGenerator.ECDHSha1Kdf,
+				OrigECKP.Private,
+				OrigECKP.Public,
+				ReciECCert,
+				CmsEnvelopedDataGenerator.Aes128Wrap);
+
+			CmsEnvelopedData ed = edGen.Generate(
+				new CmsProcessableByteArray(data),
+				CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			ConfirmDataReceived(recipients, data, ReciECCert, ReciECKP.Private);
+			ConfirmNumberRecipients(recipients, 1);
+		}
+
+		[Test]
+		public void TestECMqvKeyAgree()
+		{
+			byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
+
+			CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
+
+			edGen.AddKeyAgreementRecipient(
+				CmsEnvelopedDataGenerator.ECMqvSha1Kdf,
+				OrigECKP.Private,
+				OrigECKP.Public,
+				ReciECCert,
+				CmsEnvelopedDataGenerator.Aes128Wrap);
+
+			CmsEnvelopedData ed = edGen.Generate(
+				new CmsProcessableByteArray(data),
+				CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			ConfirmDataReceived(recipients, data, ReciECCert, ReciECKP.Private);
+			ConfirmNumberRecipients(recipients, 1);
+		}
+
+		[Test]
+		public void TestECMqvKeyAgreeMultiple()
+		{
+			byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
+
+			CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
+
+			ArrayList recipientCerts = new ArrayList();
+			recipientCerts.Add(ReciECCert);
+			recipientCerts.Add(ReciECCert2);
+
+			edGen.AddKeyAgreementRecipients(
+				CmsEnvelopedDataGenerator.ECMqvSha1Kdf,
+				OrigECKP.Private,
+				OrigECKP.Public,
+				recipientCerts,
+				CmsEnvelopedDataGenerator.Aes128Wrap);
+
+			CmsEnvelopedData ed = edGen.Generate(
+				new CmsProcessableByteArray(data),
+				CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			ConfirmDataReceived(recipients, data, ReciECCert, ReciECKP.Private);
+			ConfirmDataReceived(recipients, data, ReciECCert2, ReciECKP2.Private);
+			ConfirmNumberRecipients(recipients, 2);
+		}
+
+		private static void ConfirmDataReceived(RecipientInformationStore recipients,
+			byte[] expectedData, X509Certificate reciCert, AsymmetricKeyParameter reciPrivKey)
+		{
+			RecipientID rid = new RecipientID();
+			rid.Issuer = PrincipalUtilities.GetIssuerX509Principal(reciCert);
+			rid.SerialNumber = reciCert.SerialNumber;
+
+			RecipientInformation recipient = recipients[rid];
+			Assert.IsNotNull(recipient);
+
+			byte[] actualData = recipient.GetContent(reciPrivKey);
+			Assert.IsTrue(Arrays.AreEqual(expectedData, actualData));
+		}
+
+		private static void ConfirmNumberRecipients(RecipientInformationStore recipients, int count)
+		{
+			Assert.AreEqual(count, recipients.GetRecipients().Count);
+		}
+
+		[Test]
+		public void TestECKeyAgreeVectors()
+		{
+			AsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(ecKeyAgreeKey);
+
+			VerifyECKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.42", ecKeyAgreeMsgAES256);
+			VerifyECKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.2", ecKeyAgreeMsgAES128);
+			VerifyECKeyAgreeVectors(privKey, "1.2.840.113549.3.7", ecKeyAgreeMsgDESEDE);
+		}
+
+		[Test]
+		public void TestECMqvKeyAgreeVectors()
+		{
+			AsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(ecKeyAgreeKey);
+
+			VerifyECMqvKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.2", ecMqvKeyAgreeMsgAes128);
+		}
+
+		[Test]
+		public void TestPasswordAes256()
+		{
+			PasswordTest(CmsEnvelopedDataGenerator.Aes256Cbc);
+			PasswordUtf8Test(CmsEnvelopedDataGenerator.Aes256Cbc);
+		}
+
+		[Test]
+		public void TestPasswordDesEde()
+		{
+			PasswordTest(CmsEnvelopedDataGenerator.DesEde3Cbc);
+			PasswordUtf8Test(CmsEnvelopedDataGenerator.DesEde3Cbc);
+		}
+
+		[Test]
+		public void TestRfc4134Ex5_1()
+		{
+			byte[] data = Hex.Decode("5468697320697320736f6d652073616d706c6520636f6e74656e742e");
+
+//			KeyFactory kFact = KeyFactory.GetInstance("RSA");
+//			Key key = kFact.generatePrivate(new PKCS8EncodedKeySpec(bobPrivRsaEncrypt));
+			AsymmetricKeyParameter key = PrivateKeyFactory.CreateKey(bobPrivRsaEncrypt);
+
+			CmsEnvelopedData ed = new CmsEnvelopedData(rfc4134ex5_1);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			Assert.AreEqual("1.2.840.113549.3.7", ed.EncryptionAlgOid);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				byte[] recData = recipient.GetContent(key);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+			}
+		}
+
+		[Test]
+		public void TestRfc4134Ex5_2()
+		{
+			byte[] data = Hex.Decode("5468697320697320736f6d652073616d706c6520636f6e74656e742e");
+
+//			KeyFactory kFact = KeyFactory.GetInstance("RSA");
+//			Key key = kFact.generatePrivate(new PKCS8EncodedKeySpec(bobPrivRsaEncrypt));
+			AsymmetricKeyParameter key = PrivateKeyFactory.CreateKey(bobPrivRsaEncrypt);
+
+			CmsEnvelopedData ed = new CmsEnvelopedData(rfc4134ex5_2);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			Assert.AreEqual("1.2.840.113549.3.2", ed.EncryptionAlgOid);
+
+			ICollection c = recipients.GetRecipients();
+			IEnumerator e = c.GetEnumerator();
+
+			if (e.MoveNext())
+			{
+				do
+				{
+					RecipientInformation recipient = (RecipientInformation) e.Current;
+
+					if (recipient is KeyTransRecipientInformation)
+					{
+						byte[] recData = recipient.GetContent(key);
+
+						Assert.IsTrue(Arrays.AreEqual(data, recData));
+					}
+				}
+				while (e.MoveNext());
+			}
+			else
+			{
+				Assert.Fail("no recipient found");
+			}
+		}
+
+		[Test]
+		public void TestOriginatorInfo()
+		{
+			CmsEnvelopedData env = new CmsEnvelopedData(CmsSampleMessages.originatorMessage);
+
+			RecipientInformationStore  recipients = env.GetRecipientInfos();
+
+			Assert.AreEqual(CmsEnvelopedDataGenerator.DesEde3Cbc, env.EncryptionAlgOid);
+		}
+
+		private void PasswordTest(
+			string algorithm)
+		{
+			byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
+
+			CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
+
+			edGen.AddPasswordRecipient(new Pkcs5Scheme2PbeKey("password".ToCharArray(), new byte[20], 5), algorithm);
+
+			CmsEnvelopedData ed = edGen.Generate(
+				new CmsProcessableByteArray(data),
+				CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (PasswordRecipientInformation recipient in c)
+			{
+				CmsPbeKey key = new Pkcs5Scheme2PbeKey("password".ToCharArray(), recipient.KeyDerivationAlgorithm);
+
+				byte[] recData = recipient.GetContent(key);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+			}
+		}
+
+		private void PasswordUtf8Test(
+			string algorithm)
+		{
+			byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
+
+			CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
+
+			edGen.AddPasswordRecipient(
+				new Pkcs5Scheme2Utf8PbeKey("abc\u5639\u563b".ToCharArray(), new byte[20], 5),
+				algorithm);
+
+			CmsEnvelopedData ed = edGen.Generate(
+				new CmsProcessableByteArray(data),
+				CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (PasswordRecipientInformation recipient in c)
+			{
+				CmsPbeKey key = new Pkcs5Scheme2Utf8PbeKey(
+					"abc\u5639\u563b".ToCharArray(), recipient.KeyDerivationAlgorithm);
+
+				byte[] recData = recipient.GetContent(key);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+			}
+		}
+
+		private void VerifyECKeyAgreeVectors(
+			AsymmetricKeyParameter	privKey,
+			string					wrapAlg,
+			byte[]					message)
+		{
+			byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
+
+			CmsEnvelopedData ed = new CmsEnvelopedData(message);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			Assert.AreEqual(wrapAlg, ed.EncryptionAlgOid);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				Assert.AreEqual("1.3.133.16.840.63.0.2", recipient.KeyEncryptionAlgOid);
+
+				byte[] recData = recipient.GetContent(privKey);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+			}
+		}
+
+		private void VerifyECMqvKeyAgreeVectors(
+			AsymmetricKeyParameter	privKey,
+			string					wrapAlg,
+			byte[]					message)
+		{
+			byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
+
+			CmsEnvelopedData ed = new CmsEnvelopedData(message);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(wrapAlg, ed.EncryptionAlgOid);
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				Assert.AreEqual("1.3.133.16.840.63.0.16", recipient.KeyEncryptionAlgOid);
+
+				byte[] recData = recipient.GetContent(privKey);
+
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+			}
+		}
+	}
+}
diff --git a/crypto/test/src/cms/test/MiscDataStreamTest.cs b/crypto/test/src/cms/test/MiscDataStreamTest.cs
new file mode 100644
index 000000000..f958d058f
--- /dev/null
+++ b/crypto/test/src/cms/test/MiscDataStreamTest.cs
@@ -0,0 +1,221 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Cms;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Cms.Tests
+{
+	[TestFixture]
+	public class MiscDataStreamTest
+	{
+		private const string TestMessage = "Hello World!";
+		private const string SignDN = "O=Bouncy Castle, C=AU";
+		private static AsymmetricCipherKeyPair signKP;
+		private static X509Certificate signCert;
+
+		private const string OrigDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
+		private static AsymmetricCipherKeyPair origKP;
+		private static X509Certificate origCert;
+
+		private const string ReciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
+		//		private static AsymmetricCipherKeyPair reciKP;
+		//		private static X509Certificate reciCert;
+
+		private static AsymmetricCipherKeyPair origDsaKP;
+		private static X509Certificate origDsaCert;
+
+		private static X509Crl signCrl;
+		private static X509Crl origCrl;
+
+		private static AsymmetricCipherKeyPair SignKP
+		{
+			get { return signKP == null ? (signKP = CmsTestUtil.MakeKeyPair()) : signKP; }
+		}
+
+		private static AsymmetricCipherKeyPair OrigKP
+		{
+			get { return origKP == null ? (origKP = CmsTestUtil.MakeKeyPair()) : origKP; }
+		}
+
+		//		private static AsymmetricCipherKeyPair ReciKP
+		//		{
+		//			get { return reciKP == null ? (reciKP = CmsTestUtil.MakeKeyPair()) : reciKP; }
+		//		}
+
+		private static AsymmetricCipherKeyPair OrigDsaKP
+		{
+			get { return origDsaKP == null ? (origDsaKP = CmsTestUtil.MakeDsaKeyPair()) : origDsaKP; }
+		}
+
+		private static X509Certificate SignCert
+		{
+			get { return signCert == null ? (signCert = CmsTestUtil.MakeCertificate(SignKP, SignDN, SignKP, SignDN)) : signCert; }
+		}
+
+		private static X509Certificate OrigCert
+		{
+			get { return origCert == null ? (origCert = CmsTestUtil.MakeCertificate(OrigKP, OrigDN, SignKP, SignDN)) : origCert; }
+		}
+
+		//		private static X509Certificate ReciCert
+		//		{
+		//			get { return reciCert == null ? (reciCert = CmsTestUtil.MakeCertificate(ReciKP, ReciDN, SignKP, SignDN)) : reciCert; }
+		//		}
+
+		private static X509Certificate OrigDsaCert
+		{
+			get { return origDsaCert == null ? (origDsaCert = CmsTestUtil.MakeCertificate(OrigDsaKP, OrigDN, SignKP, SignDN)) : origDsaCert; }
+		}
+
+		private static X509Crl SignCrl
+		{
+			get { return signCrl == null ? (signCrl = CmsTestUtil.MakeCrl(SignKP)) : signCrl; }
+		}
+
+		private static X509Crl OrigCrl
+		{
+			get { return origCrl == null ? (origCrl = CmsTestUtil.MakeCrl(OrigKP)) : origCrl; }
+		}
+
+		private void VerifySignatures(
+			CmsSignedDataParser	sp,
+			byte[]				contentDigest)
+		{
+			IX509Store certStore = sp.GetCertificates("Collection");
+			SignerInformationStore signers = sp.GetSignerInfos();
+
+			foreach (SignerInformation signer in signers.GetSigners())
+			{
+				ICollection certCollection = certStore.GetMatches(signer.SignerID);
+
+				IEnumerator certEnum = certCollection.GetEnumerator();
+
+				certEnum.MoveNext();
+				X509Certificate	cert = (X509Certificate) certEnum.Current;
+
+				Assert.IsTrue(signer.Verify(cert));
+
+				if (contentDigest != null)
+				{
+					Assert.IsTrue(Arrays.AreEqual(contentDigest, signer.GetContentDigest()));
+				}
+			}
+		}
+
+		private void VerifySignatures(
+			CmsSignedDataParser sp)
+		{
+			VerifySignatures(sp, null);
+		}
+
+		private void VerifyEncodedData(
+			MemoryStream bOut)
+		{
+			CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());
+
+			sp.GetSignedContent().Drain();
+
+			VerifySignatures(sp);
+
+			sp.Close();
+		}
+
+		private void CheckSigParseable(byte[] sig)
+		{
+			CmsSignedDataParser sp = new CmsSignedDataParser(sig);
+			sp.Version.ToString();
+			CmsTypedStream sc = sp.GetSignedContent();
+			if (sc != null)
+			{
+				sc.Drain();
+			}
+			sp.GetAttributeCertificates("Collection");
+			sp.GetCertificates("Collection");
+			sp.GetCrls("Collection");
+			sp.GetSignerInfos();
+			sp.Close();
+		}
+
+		[Test]
+		public void TestSha1WithRsa()
+		{
+			IList certList = new ArrayList();
+			IList crlList = new ArrayList();
+			MemoryStream bOut = new MemoryStream();
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			crlList.Add(SignCrl);
+			crlList.Add(OrigCrl);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+			IX509Store x509Crls = X509StoreFactory.Create(
+				"CRL/Collection",
+				new X509CollectionStoreParameters(crlList));
+
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+			gen.AddCrls(x509Crls);
+
+			Stream sigOut = gen.Open(bOut);
+
+			CmsCompressedDataStreamGenerator cGen = new CmsCompressedDataStreamGenerator();
+
+			Stream cOut = cGen.Open(sigOut, CmsCompressedDataStreamGenerator.ZLib);
+
+			byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
+			cOut.Write(testBytes, 0, testBytes.Length);
+
+			cOut.Close();
+
+			sigOut.Close();
+
+			CheckSigParseable(bOut.ToArray());
+
+			// generate compressed stream
+			MemoryStream cDataOut = new MemoryStream();
+		    
+			cOut = cGen.Open(cDataOut, CmsCompressedDataStreamGenerator.ZLib);
+
+			cOut.Write(testBytes, 0, testBytes.Length);
+
+			cOut.Close();
+
+			CmsSignedDataParser sp = new CmsSignedDataParser(
+				new CmsTypedStream(new MemoryStream(cDataOut.ToArray(), false)), bOut.ToArray());
+
+			sp.GetSignedContent().Drain();
+
+			//
+			// compute expected content digest
+			//
+			IDigest md = DigestUtilities.GetDigest("SHA1");
+			byte[] cDataOutBytes = cDataOut.ToArray();
+			md.BlockUpdate(cDataOutBytes, 0, cDataOutBytes.Length);
+			byte[] hash = DigestUtilities.DoFinal(md);
+
+			VerifySignatures(sp, hash);
+		}
+	}
+}
diff --git a/crypto/test/src/cms/test/Rfc4134Test.cs b/crypto/test/src/cms/test/Rfc4134Test.cs
new file mode 100644
index 000000000..3bfbd1358
--- /dev/null
+++ b/crypto/test/src/cms/test/Rfc4134Test.cs
@@ -0,0 +1,344 @@
+using System;
+using System.Collections;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Cms.Tests
+{
+	[TestFixture]
+	public class Rfc4134Test
+	{
+		private static readonly byte[] exContent = GetRfc4134Data("ExContent.bin");
+		private static readonly byte[] sha1 = Hex.Decode("406aec085279ba6e16022d9e0629c0229687dd48");
+
+		[Test]
+		public void Test4_1()
+		{
+			byte[] data = GetRfc4134Data("4.1.bin");
+			CmsSignedData signedData = new CmsSignedData(data);
+
+			VerifySignatures(signedData);
+
+			CmsSignedDataParser parser = new CmsSignedDataParser(data);
+
+			VerifySignatures(parser);
+		}
+
+		[Test]
+		public void Test4_2()
+		{
+			byte[] data = GetRfc4134Data("4.2.bin");
+			CmsSignedData signedData = new CmsSignedData(data);
+
+			VerifySignatures(signedData);
+
+			CmsSignedDataParser parser = new CmsSignedDataParser(data);
+
+			VerifySignatures(parser);
+		}
+
+		[Test]
+		public void Test4_3()
+		{
+			CmsProcessableByteArray unencap = new CmsProcessableByteArray(exContent);
+			byte[] data = GetRfc4134Data("4.3.bin");
+			CmsSignedData signedData = new CmsSignedData(unencap, data);
+
+			VerifySignatures(signedData, sha1);
+
+			CmsSignedDataParser parser = new CmsSignedDataParser(
+				new CmsTypedStream(unencap.GetInputStream()), data);
+
+			VerifySignatures(parser);
+		}
+
+		[Test]
+		public void Test4_4()
+		{
+			byte[] data = GetRfc4134Data("4.4.bin");
+			byte[] counterSigCert = GetRfc4134Data("AliceRSASignByCarl.cer");
+			CmsSignedData signedData = new CmsSignedData(data);
+
+			VerifySignatures(signedData, sha1);
+
+			VerifySignerInfo4_4(GetFirstSignerInfo(signedData.GetSignerInfos()), counterSigCert);
+
+			CmsSignedDataParser parser = new CmsSignedDataParser(data);
+
+			VerifySignatures(parser);
+
+			VerifySignerInfo4_4(GetFirstSignerInfo(parser.GetSignerInfos()), counterSigCert);
+		}
+
+		[Test]
+		public void Test4_5()
+		{
+			byte[] data = GetRfc4134Data("4.5.bin");
+			CmsSignedData signedData = new CmsSignedData(data);
+
+			VerifySignatures(signedData);
+
+			CmsSignedDataParser parser = new CmsSignedDataParser(data);
+
+			VerifySignatures(parser);
+		}
+
+		[Test]
+		public void Test4_6()
+		{
+			byte[] data = GetRfc4134Data("4.6.bin");
+			CmsSignedData signedData = new CmsSignedData(data);
+
+			VerifySignatures(signedData);
+
+			CmsSignedDataParser parser = new CmsSignedDataParser(data);
+
+			VerifySignatures(parser);
+		}
+		
+		[Test]
+		public void Test4_7()
+		{
+			byte[] data = GetRfc4134Data("4.7.bin");
+			CmsSignedData signedData = new CmsSignedData(data);
+
+			VerifySignatures(signedData);
+
+			CmsSignedDataParser parser = new CmsSignedDataParser(data);
+
+			VerifySignatures(parser);
+		}
+
+		[Test]
+		public void Test5_1()
+		{
+			byte[] data = GetRfc4134Data("5.1.bin");
+			CmsEnvelopedData envelopedData = new CmsEnvelopedData(data);
+
+			VerifyEnvelopedData(envelopedData, CmsEnvelopedDataGenerator.DesEde3Cbc);
+
+			CmsEnvelopedDataParser envelopedParser = new CmsEnvelopedDataParser(data);
+
+			VerifyEnvelopedData(envelopedParser, CmsEnvelopedDataGenerator.DesEde3Cbc);
+		}
+
+		[Test]
+		public void Test5_2()
+		{
+			byte[] data = GetRfc4134Data("5.2.bin");
+			CmsEnvelopedData envelopedData = new CmsEnvelopedData(data);
+
+			VerifyEnvelopedData(envelopedData, CmsEnvelopedDataGenerator.RC2Cbc);
+
+			CmsEnvelopedDataParser envelopedParser = new CmsEnvelopedDataParser(data);
+
+			VerifyEnvelopedData(envelopedParser, CmsEnvelopedDataGenerator.RC2Cbc);
+		}
+
+		private void VerifyEnvelopedData(CmsEnvelopedData envelopedData, string symAlgorithmOID)
+		{
+			byte[] privKeyData = GetRfc4134Data("BobPrivRSAEncrypt.pri");
+			AsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(privKeyData);
+			Assert.IsTrue(privKey.IsPrivate);
+			Assert.IsTrue(privKey is RsaKeyParameters);
+
+			RecipientInformationStore recipients = envelopedData.GetRecipientInfos();
+
+			Assert.AreEqual(envelopedData.EncryptionAlgOid, symAlgorithmOID);
+
+			ArrayList c = new ArrayList(recipients.GetRecipients());
+			Assert.LessOrEqual(1, c.Count);
+			Assert.GreaterOrEqual(2, c.Count);
+
+			VerifyRecipient((RecipientInformation)c[0], privKey);
+
+			if (c.Count == 2)
+			{
+				RecipientInformation recInfo = (RecipientInformation)c[1];
+
+				Assert.AreEqual(PkcsObjectIdentifiers.IdAlgCmsRC2Wrap.Id, recInfo.KeyEncryptionAlgOid);
+			}
+		}
+
+		private void VerifyEnvelopedData(CmsEnvelopedDataParser envelopedParser, string symAlgorithmOID)
+		{
+			byte[] privKeyData = GetRfc4134Data("BobPrivRSAEncrypt.pri");
+			AsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(privKeyData);
+			Assert.IsTrue(privKey.IsPrivate);
+			Assert.IsTrue(privKey is RsaKeyParameters);
+
+			RecipientInformationStore recipients = envelopedParser.GetRecipientInfos();
+
+			Assert.AreEqual(envelopedParser.EncryptionAlgOid, symAlgorithmOID);
+
+			ArrayList c = new ArrayList(recipients.GetRecipients());
+			Assert.LessOrEqual(1, c.Count);
+			Assert.GreaterOrEqual(2, c.Count);
+
+			VerifyRecipient((RecipientInformation)c[0], privKey);
+
+			if (c.Count == 2)
+			{
+				RecipientInformation recInfo = (RecipientInformation)c[1];
+
+				Assert.AreEqual(PkcsObjectIdentifiers.IdAlgCmsRC2Wrap.Id, recInfo.KeyEncryptionAlgOid);
+			}
+		}
+
+		private void VerifyRecipient(RecipientInformation recipient, AsymmetricKeyParameter privKey)
+		{
+			Assert.IsTrue(privKey.IsPrivate);
+
+			Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id);
+
+			byte[] recData = recipient.GetContent(privKey);
+
+			Assert.IsTrue(Arrays.AreEqual(exContent, recData));
+		}
+
+		private void VerifySignerInfo4_4(SignerInformation signerInfo, byte[] counterSigCert)
+		{
+			VerifyCounterSignature(signerInfo, counterSigCert);
+
+			VerifyContentHint(signerInfo);
+		}
+
+		private SignerInformation GetFirstSignerInfo(SignerInformationStore store)
+		{
+			IEnumerator e = store.GetSigners().GetEnumerator();
+			e.MoveNext();
+			return (SignerInformation)e.Current;
+		}
+
+		private void VerifyCounterSignature(SignerInformation signInfo, byte[] certificate)
+		{
+			SignerInformation csi = GetFirstSignerInfo(signInfo.GetCounterSignatures());
+
+			X509Certificate cert = new X509CertificateParser().ReadCertificate(certificate);
+
+			Assert.IsTrue(csi.Verify(cert));
+		}
+
+		private void VerifyContentHint(SignerInformation signInfo)
+		{
+			Asn1.Cms.AttributeTable attrTable = signInfo.UnsignedAttributes;
+
+			Asn1.Cms.Attribute attr = attrTable[CmsAttributes.ContentHint];
+
+			Assert.AreEqual(1, attr.AttrValues.Count);
+		
+			Asn1EncodableVector v = new Asn1EncodableVector(
+				new DerUtf8String("Content Hints Description Buffer"),
+				CmsObjectIdentifiers.Data);
+
+			Assert.IsTrue(attr.AttrValues[0].Equals(new DerSequence(v)));
+		}
+
+		private void VerifySignatures(CmsSignedData s, byte[] contentDigest)
+		{
+			IX509Store x509Certs = s.GetCertificates("Collection");
+			IX509Store x509Crls = s.GetCrls("Collection");
+			SignerInformationStore signers = s.GetSignerInfos();
+
+			foreach (SignerInformation signer in signers.GetSigners())
+			{
+				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+
+				IEnumerator certEnum = certCollection.GetEnumerator();
+
+				certEnum.MoveNext();
+				X509Certificate cert = (X509Certificate) certEnum.Current;
+
+				VerifySigner(signer, cert);
+
+				if (contentDigest != null)
+				{
+					Assert.IsTrue(Arrays.AreEqual(contentDigest, signer.GetContentDigest()));
+				}
+			}
+
+			ICollection certColl = x509Certs.GetMatches(null);
+			ICollection crlColl = x509Crls.GetMatches(null);
+
+			Assert.AreEqual(certColl.Count, s.GetCertificates("Collection").GetMatches(null).Count);
+			Assert.AreEqual(crlColl.Count, s.GetCrls("Collection").GetMatches(null).Count);
+		}
+
+		private void VerifySignatures(CmsSignedData s)
+		{
+			VerifySignatures(s, null);
+		}
+
+		private void VerifySignatures(CmsSignedDataParser sp)
+		{
+	        CmsTypedStream sc = sp.GetSignedContent();
+	        if (sc != null)
+	        {
+	            sc.Drain();
+	        }
+			
+			IX509Store x509Certs = sp.GetCertificates("Collection");
+			SignerInformationStore signers = sp.GetSignerInfos();
+
+			foreach (SignerInformation signer in signers.GetSigners())
+			{
+				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+
+				IEnumerator certEnum = certCollection.GetEnumerator();
+				certEnum.MoveNext();
+				X509Certificate cert = (X509Certificate)certEnum.Current;
+
+				VerifySigner(signer, cert);
+			}
+		}
+
+		private void VerifySigner(SignerInformation signer, X509Certificate cert)
+		{
+			if (cert.GetPublicKey() is DsaPublicKeyParameters)
+			{
+				DsaPublicKeyParameters key = (DsaPublicKeyParameters)cert.GetPublicKey();
+
+				if (key.Parameters == null)
+				{
+					Assert.IsTrue(signer.Verify(GetInheritedKey(key)));
+				}
+				else
+				{
+					Assert.IsTrue(signer.Verify(cert));
+				}
+			}
+			else
+			{
+				Assert.IsTrue(signer.Verify(cert));
+			}
+		}
+
+		private DsaPublicKeyParameters GetInheritedKey(DsaPublicKeyParameters dsaPubKey)
+		{
+			X509Certificate cert = new X509CertificateParser().ReadCertificate(
+				GetRfc4134Data("CarlDSSSelf.cer"));
+
+			DsaParameters dsaParams = ((DsaPublicKeyParameters)cert.GetPublicKey()).Parameters;
+
+			return new DsaPublicKeyParameters(dsaPubKey.Y, dsaParams);
+		}
+
+		private static byte[] GetRfc4134Data(string name)
+		{
+			return Streams.ReadAll(SimpleTest.GetTestDataAsStream("rfc4134." + name));
+		}
+	}
+}
diff --git a/crypto/test/src/cms/test/SignedDataStreamTest.cs b/crypto/test/src/cms/test/SignedDataStreamTest.cs
new file mode 100644
index 000000000..29b0db8f4
--- /dev/null
+++ b/crypto/test/src/cms/test/SignedDataStreamTest.cs
@@ -0,0 +1,1215 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Cms;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Cms.Tests
+{
+	[TestFixture]
+	public class SignedDataStreamTest
+	{
+		private const string TestMessage = "Hello World!";
+		private const string SignDN = "O=Bouncy Castle, C=AU";
+		private static AsymmetricCipherKeyPair signKP;
+		private static X509Certificate signCert;
+
+		private const string OrigDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
+		private static AsymmetricCipherKeyPair origKP;
+		private static X509Certificate origCert;
+
+		private const string ReciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
+//		private static AsymmetricCipherKeyPair reciKP;
+//		private static X509Certificate reciCert;
+
+		private static AsymmetricCipherKeyPair origDsaKP;
+		private static X509Certificate origDsaCert;
+
+		private static X509Crl signCrl;
+		private static X509Crl origCrl;
+
+		private static AsymmetricCipherKeyPair SignKP
+		{
+			get { return signKP == null ? (signKP = CmsTestUtil.MakeKeyPair()) : signKP; }
+		}
+
+		private static AsymmetricCipherKeyPair OrigKP
+		{
+			get { return origKP == null ? (origKP = CmsTestUtil.MakeKeyPair()) : origKP; }
+		}
+
+//		private static AsymmetricCipherKeyPair ReciKP
+//		{
+//			get { return reciKP == null ? (reciKP = CmsTestUtil.MakeKeyPair()) : reciKP; }
+//		}
+
+		private static AsymmetricCipherKeyPair OrigDsaKP
+		{
+			get { return origDsaKP == null ? (origDsaKP = CmsTestUtil.MakeDsaKeyPair()) : origDsaKP; }
+		}
+
+		private static X509Certificate SignCert
+		{
+			get { return signCert == null ? (signCert = CmsTestUtil.MakeCertificate(SignKP, SignDN, SignKP, SignDN)) : signCert; }
+		}
+
+		private static X509Certificate OrigCert
+		{
+			get { return origCert == null ? (origCert = CmsTestUtil.MakeCertificate(OrigKP, OrigDN, SignKP, SignDN)) : origCert; }
+		}
+
+//		private static X509Certificate ReciCert
+//		{
+//			get { return reciCert == null ? (reciCert = CmsTestUtil.MakeCertificate(ReciKP, ReciDN, SignKP, SignDN)) : reciCert; }
+//		}
+
+		private static X509Certificate OrigDsaCert
+		{
+			get { return origDsaCert == null ? (origDsaCert = CmsTestUtil.MakeCertificate(OrigDsaKP, OrigDN, SignKP, SignDN)) : origDsaCert; }
+		}
+
+		private static X509Crl SignCrl
+		{
+			get { return signCrl == null ? (signCrl = CmsTestUtil.MakeCrl(SignKP)) : signCrl; }
+		}
+
+		private static X509Crl OrigCrl
+		{
+			get { return origCrl == null ? (origCrl = CmsTestUtil.MakeCrl(OrigKP)) : origCrl; }
+		}
+
+		private void VerifySignatures(
+			CmsSignedDataParser	sp,
+			byte[]				contentDigest)
+		{
+			IX509Store certStore = sp.GetCertificates("Collection");
+			SignerInformationStore signers = sp.GetSignerInfos();
+
+			foreach (SignerInformation signer in signers.GetSigners())
+			{
+				ICollection certCollection = certStore.GetMatches(signer.SignerID);
+
+				IEnumerator certEnum = certCollection.GetEnumerator();
+
+				certEnum.MoveNext();
+				X509Certificate	cert = (X509Certificate) certEnum.Current;
+
+				Assert.IsTrue(signer.Verify(cert));
+
+				if (contentDigest != null)
+				{
+					Assert.IsTrue(Arrays.AreEqual(contentDigest, signer.GetContentDigest()));
+				}
+			}
+		}
+
+		private void VerifySignatures(
+			CmsSignedDataParser sp)
+		{
+			VerifySignatures(sp, null);
+		}
+
+		private void VerifyEncodedData(
+			MemoryStream bOut)
+		{
+			CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());
+
+			sp.GetSignedContent().Drain();
+
+			VerifySignatures(sp);
+
+			sp.Close();
+		}
+
+	    private void CheckSigParseable(byte[] sig)
+	    {
+	        CmsSignedDataParser sp = new CmsSignedDataParser(sig);
+	        sp.Version.ToString();
+	        CmsTypedStream sc = sp.GetSignedContent();
+	        if (sc != null)
+	        {
+	            sc.Drain();
+	        }
+	        sp.GetAttributeCertificates("Collection");
+	        sp.GetCertificates("Collection");
+	        sp.GetCrls("Collection");
+	        sp.GetSignerInfos();
+	        sp.Close();
+	    }
+
+		[Test]
+		public void TestEarlyInvalidKeyException()
+		{
+			try
+			{
+				CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+				gen.AddSigner(OrigKP.Private, OrigCert,
+					"DSA", // DOESN'T MATCH KEY ALG
+					CmsSignedDataStreamGenerator.DigestSha1);
+
+				Assert.Fail("Expected InvalidKeyException in AddSigner");
+			}
+			catch (InvalidKeyException)
+			{
+				// Ignore
+			}
+		}
+
+		[Test]
+		public void TestEarlyNoSuchAlgorithmException()
+		{
+			try
+			{
+				CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+				gen.AddSigner(OrigKP.Private, OrigCert,
+					CmsSignedDataStreamGenerator.DigestSha1, // BAD OID!
+					CmsSignedDataStreamGenerator.DigestSha1);
+
+				Assert.Fail("Expected NoSuchAlgorithmException in AddSigner");
+			}
+			catch (SecurityUtilityException)
+			{
+				// Ignore
+			}
+		}
+
+		[Test]
+		public void TestSha1EncapsulatedSignature()
+		{
+			byte[]  encapSigData = Base64.Decode(
+				"MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEH"
+				+ "AaCAJIAEDEhlbGxvIFdvcmxkIQAAAAAAAKCCBGIwggINMIIBdqADAgECAgEF"
+				+ "MA0GCSqGSIb3DQEBBAUAMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJ"
+				+ "BgNVBAYTAkFVMB4XDTA1MDgwNzA2MjU1OVoXDTA1MTExNTA2MjU1OVowJTEW"
+				+ "MBQGA1UEChMNQm91bmN5IENhc3RsZTELMAkGA1UEBhMCQVUwgZ8wDQYJKoZI"
+				+ "hvcNAQEBBQADgY0AMIGJAoGBAI1fZGgH9wgC3QiK6yluH6DlLDkXkxYYL+Qf"
+				+ "nVRszJVYl0LIxZdpb7WEbVpO8fwtEgFtoDsOdxyqh3dTBv+L7NVD/v46kdPt"
+				+ "xVkSNHRbutJVY8Xn4/TC/CDngqtbpbniMO8n0GiB6vs94gBT20M34j96O2IF"
+				+ "73feNHP+x8PkJ+dNAgMBAAGjTTBLMB0GA1UdDgQWBBQ3XUfEE6+D+t+LIJgK"
+				+ "ESSUE58eyzAfBgNVHSMEGDAWgBQ3XUfEE6+D+t+LIJgKESSUE58eyzAJBgNV"
+				+ "HRMEAjAAMA0GCSqGSIb3DQEBBAUAA4GBAFK3r1stYOeXYJOlOyNGDTWEhZ+a"
+				+ "OYdFeFaS6c+InjotHuFLAy+QsS8PslE48zYNFEqYygGfLhZDLlSnJ/LAUTqF"
+				+ "01vlp+Bgn/JYiJazwi5WiiOTf7Th6eNjHFKXS3hfSGPNPIOjvicAp3ce3ehs"
+				+ "uK0MxgLAaxievzhFfJcGSUMDMIICTTCCAbagAwIBAgIBBzANBgkqhkiG9w0B"
+				+ "AQQFADAlMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVTAe"
+				+ "Fw0wNTA4MDcwNjI1NTlaFw0wNTExMTUwNjI1NTlaMGUxGDAWBgNVBAMTD0Vy"
+				+ "aWMgSC4gRWNoaWRuYTEkMCIGCSqGSIb3DQEJARYVZXJpY0Bib3VuY3ljYXN0"
+				+ "bGUub3JnMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVTCB"
+				+ "nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAgHCJyfwV6/V3kqSu2SOU2E/K"
+				+ "I+N0XohCMUaxPLLNtNBZ3ijxwaV6JGFz7siTgZD/OGfzir/eZimkt+L1iXQn"
+				+ "OAB+ZChivKvHtX+dFFC7Vq+E4Uy0Ftqc/wrGxE6DHb5BR0hprKH8wlDS8wSP"
+				+ "zxovgk4nH0ffUZOoDSuUgjh3gG8CAwEAAaNNMEswHQYDVR0OBBYEFLfY/4EG"
+				+ "mYrvJa7Cky+K9BJ7YmERMB8GA1UdIwQYMBaAFDddR8QTr4P634sgmAoRJJQT"
+				+ "nx7LMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEEBQADgYEADIOmpMd6UHdMjkyc"
+				+ "mIE1yiwfClCsGhCK9FigTg6U1G2FmkBwJIMWBlkeH15uvepsAncsgK+Cn3Zr"
+				+ "dZMb022mwtTJDtcaOM+SNeuCnjdowZ4i71Hf68siPm6sMlZkhz49rA0Yidoo"
+				+ "WuzYOO+dggzwDsMldSsvsDo/ARyCGOulDOAxggEvMIIBKwIBATAqMCUxFjAU"
+				+ "BgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJBgNVBAYTAkFVAgEHMAkGBSsOAwIa"
+				+ "BQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEP"
+				+ "Fw0wNTA4MDcwNjI1NTlaMCMGCSqGSIb3DQEJBDEWBBQu973mCM5UBOl9XwQv"
+				+ "lfifHCMocTANBgkqhkiG9w0BAQEFAASBgGxnBl2qozYKLgZ0ygqSFgWcRGl1"
+				+ "LgNuE587LtO+EKkgoc3aFqEdjXlAyP8K7naRsvWnFrsB6pUpnrgI9Z8ZSKv8"
+				+ "98IlpsSSJ0jBlEb4gzzavwcBpYbr2ryOtDcF+kYmKIpScglyyoLzm+KPXOoT"
+				+ "n7MsJMoKN3Kd2Vzh6s10PFgeAAAAAAAA");
+
+			CmsSignedDataParser sp = new CmsSignedDataParser(encapSigData);
+
+			sp.GetSignedContent().Drain();
+
+			VerifySignatures(sp);
+		}
+
+//		[Test]
+//		public void TestSha1WithRsaNoAttributes()
+//		{
+//			IList certList = new ArrayList();
+//			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes(TestMessage));
+//
+//			certList.Add(OrigCert);
+//			certList.Add(SignCert);
+//
+//			IX509Store x509Certs = X509StoreFactory.Create(
+//				"Certificate/Collection",
+//				new X509CollectionStoreParameters(certList));
+//
+//			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+//
+//			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
+//
+//			gen.AddCertificates(x509Certs);
+//
+//			CmsSignedData s = gen.Generate(CmsSignedDataGenerator.Data, msg, false, false);
+//
+//			CmsSignedDataParser sp = new CmsSignedDataParser(
+//				new CmsTypedStream(new MemoryStream(Encoding.ASCII.GetBytes(TestMessage), false)), s.GetEncoded());
+//
+//			sp.GetSignedContent().Drain();
+//
+//			//
+//			// compute expected content digest
+//			//
+//			IDigest md = DigestUtilities.GetDigest("SHA1");
+//
+//			byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
+//			md.BlockUpdate(testBytes, 0, testBytes.Length);
+//			byte[] hash = DigestUtilities.DoFinal(md);
+//
+//			VerifySignatures(sp, hash);
+//		}
+
+//		[Test]
+//		public void TestDsaNoAttributes()
+//		{
+//			IList certList = new ArrayList();
+//			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes(TestMessage));
+//
+//			certList.Add(OrigDsaCert);
+//			certList.Add(SignCert);
+//
+//			IX509Store x509Certs = X509StoreFactory.Create(
+//				"Certificate/Collection",
+//				new X509CollectionStoreParameters(certList));
+//
+//			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+//
+//			gen.AddSigner(OrigDsaKP.Private, OrigDsaCert, CmsSignedDataGenerator.DigestSha1);
+//
+//			gen.AddCertificates(x509Certs);
+//
+//			CmsSignedData s = gen.Generate(CmsSignedDataGenerator.Data, msg, false, false);
+//
+//			CmsSignedDataParser sp = new CmsSignedDataParser(
+//				new CmsTypedStream(
+//				new MemoryStream(Encoding.ASCII.GetBytes(TestMessage), false)),
+//				s.GetEncoded());
+//
+//			sp.GetSignedContent().Drain();
+//
+//			//
+//			// compute expected content digest
+//			//
+//			IDigest md = DigestUtilities.GetDigest("SHA1");
+//
+//			byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
+//			md.BlockUpdate(testBytes, 0, testBytes.Length);
+//			byte[] hash = DigestUtilities.DoFinal(md);
+//
+//			VerifySignatures(sp, hash);
+//		}
+
+		[Test]
+		public void TestSha1WithRsa()
+		{
+			IList certList = new ArrayList();
+			IList crlList = new ArrayList();
+			MemoryStream bOut = new MemoryStream();
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			crlList.Add(SignCrl);
+			crlList.Add(OrigCrl);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+			IX509Store x509Crls = X509StoreFactory.Create(
+				"CRL/Collection",
+				new X509CollectionStoreParameters(crlList));
+
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+			gen.AddCrls(x509Crls);
+
+			Stream sigOut = gen.Open(bOut);
+
+			byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
+			sigOut.Write(testBytes, 0, testBytes.Length);
+
+			sigOut.Close();
+
+			CheckSigParseable(bOut.ToArray());
+
+			CmsSignedDataParser sp = new CmsSignedDataParser(
+				new CmsTypedStream(new MemoryStream(testBytes, false)), bOut.ToArray());
+
+			sp.GetSignedContent().Drain();
+
+			//
+			// compute expected content digest
+			//
+			IDigest md = DigestUtilities.GetDigest("SHA1");
+			md.BlockUpdate(testBytes, 0, testBytes.Length);
+			byte[] hash = DigestUtilities.DoFinal(md);
+
+			VerifySignatures(sp, hash);
+
+			//
+			// try using existing signer
+			//
+			gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigners(sp.GetSignerInfos());
+
+			gen.AddCertificates(sp.GetCertificates("Collection"));
+			gen.AddCrls(sp.GetCrls("Collection"));
+
+			bOut.SetLength(0);
+
+			sigOut = gen.Open(bOut, true);
+
+			sigOut.Write(testBytes, 0, testBytes.Length);
+
+			sigOut.Close();
+
+			VerifyEncodedData(bOut);
+
+			//
+			// look for the CRLs
+			//
+			ArrayList col = new ArrayList(x509Crls.GetMatches(null));
+
+			Assert.AreEqual(2, col.Count);
+			Assert.IsTrue(col.Contains(SignCrl));
+			Assert.IsTrue(col.Contains(OrigCrl));
+		}
+
+		[Test]
+		public void TestSha1WithRsaNonData()
+		{
+			IList certList = new ArrayList();
+			IList crlList = new ArrayList();
+			MemoryStream bOut = new MemoryStream();
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			crlList.Add(SignCrl);
+			crlList.Add(OrigCrl);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+			IX509Store x509Crls = X509StoreFactory.Create(
+				"CRL/Collection",
+				new X509CollectionStoreParameters(crlList));
+
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+			gen.AddCrls(x509Crls);
+
+			Stream sigOut = gen.Open(bOut, "1.2.3.4", true);
+
+			byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
+			sigOut.Write(testBytes, 0, testBytes.Length);
+
+			sigOut.Close();
+
+			CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());
+
+			CmsTypedStream stream = sp.GetSignedContent();
+
+			Assert.AreEqual("1.2.3.4", stream.ContentType);
+
+			stream.Drain();
+
+			//
+			// compute expected content digest
+			//
+			IDigest md = DigestUtilities.GetDigest("SHA1");
+			md.BlockUpdate(testBytes, 0, testBytes.Length);
+			byte[] hash = DigestUtilities.DoFinal(md);
+
+			VerifySignatures(sp, hash);
+		}
+
+		[Test]
+		public void TestSha1AndMD5WithRsa()
+		{
+			IList certList = new ArrayList();
+			MemoryStream bOut = new MemoryStream();
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddDigests(CmsSignedDataStreamGenerator.DigestSha1,
+				CmsSignedDataStreamGenerator.DigestMD5);
+
+			Stream sigOut = gen.Open(bOut);
+
+			byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
+			sigOut.Write(testBytes, 0, testBytes.Length);
+
+			gen.AddCertificates(x509Certs);
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestMD5);
+
+			sigOut.Close();
+
+			CheckSigParseable(bOut.ToArray());
+
+			CmsSignedDataParser sp = new CmsSignedDataParser(
+				new CmsTypedStream(new MemoryStream(testBytes, false)), bOut.ToArray());
+
+			sp.GetSignedContent().Drain();
+
+			VerifySignatures(sp);
+		}
+
+		[Test]
+		public void TestSha1WithRsaEncapsulatedBufferedStream()
+		{
+			IList certList = new ArrayList();
+			MemoryStream bOut = new MemoryStream();
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			//
+			// find unbuffered length
+			//
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			Stream sigOut = gen.Open(bOut, true);
+
+			for (int i = 0; i != 2000; i++)
+			{
+				sigOut.WriteByte((byte)(i & 0xff));
+			}
+
+			sigOut.Close();
+
+			CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());
+
+			sp.GetSignedContent().Drain();
+
+			VerifySignatures(sp);
+
+			int unbufferedLength = bOut.ToArray().Length;
+
+			//
+			// find buffered length with buffered stream - should be equal
+			//
+			bOut.SetLength(0);
+
+			gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			sigOut = gen.Open(bOut, true);
+
+			byte[] data = new byte[2000];
+			for (int i = 0; i != 2000; i++)
+			{
+				data[i] = (byte)(i & 0xff);
+			}
+
+			Streams.PipeAll(new MemoryStream(data, false), sigOut);
+			sigOut.Close();
+
+			VerifyEncodedData(bOut);
+
+			Assert.AreEqual(unbufferedLength, bOut.ToArray().Length);
+		}
+
+		[Test]
+		public void TestSha1WithRsaEncapsulatedBuffered()
+		{
+			IList certList = new ArrayList();
+			MemoryStream bOut = new MemoryStream();
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			//
+			// find unbuffered length
+			//
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			Stream sigOut = gen.Open(bOut, true);
+
+			for (int i = 0; i != 2000; i++)
+			{
+				sigOut.WriteByte((byte)(i & 0xff));
+			}
+
+			sigOut.Close();
+
+			CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());
+
+			sp.GetSignedContent().Drain();
+
+			VerifySignatures(sp);
+
+			int unbufferedLength = bOut.ToArray().Length;
+
+			//
+			// find buffered length - buffer size less than default
+			//
+			bOut.SetLength(0);
+
+			gen = new CmsSignedDataStreamGenerator();
+
+			gen.SetBufferSize(300);
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			sigOut = gen.Open(bOut, true);
+
+			for (int i = 0; i != 2000; i++)
+			{
+				sigOut.WriteByte((byte)(i & 0xff));
+			}
+
+			sigOut.Close();
+
+			VerifyEncodedData(bOut);
+
+			Assert.IsTrue(unbufferedLength < bOut.ToArray().Length);
+		}
+
+		[Test]
+		public void TestSha1WithRsaEncapsulated()
+		{
+			IList certList = new ArrayList();
+			MemoryStream bOut = new MemoryStream();
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			Stream sigOut = gen.Open(bOut, true);
+
+			byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
+			sigOut.Write(testBytes, 0, testBytes.Length);
+
+			sigOut.Close();
+
+			CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());
+
+			sp.GetSignedContent().Drain();
+
+			VerifySignatures(sp);
+
+			byte[] contentDigest = (byte[])gen.GetGeneratedDigests()[CmsSignedGenerator.DigestSha1];
+
+			ArrayList signers = new ArrayList(sp.GetSignerInfos().GetSigners());
+
+			AttributeTable table = ((SignerInformation) signers[0]).SignedAttributes;
+			Asn1.Cms.Attribute hash = table[CmsAttributes.MessageDigest];
+
+			Assert.IsTrue(Arrays.AreEqual(contentDigest, ((Asn1OctetString)hash.AttrValues[0]).GetOctets()));
+
+			//
+			// try using existing signer
+			//
+			gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigners(sp.GetSignerInfos());
+
+			gen.AddCertificates(sp.GetCertificates("Collection"));
+			gen.AddCrls(sp.GetCrls("Collection"));
+
+			bOut.SetLength(0);
+
+			sigOut = gen.Open(bOut, true);
+
+			sigOut.Write(testBytes, 0, testBytes.Length);
+
+			sigOut.Close();
+
+			CmsSignedData sd = new CmsSignedData(
+				new CmsProcessableByteArray(testBytes), bOut.ToArray());
+
+			Assert.AreEqual(1, sd.GetSignerInfos().GetSigners().Count);
+
+			VerifyEncodedData(bOut);
+		}
+
+		private static readonly DerObjectIdentifier dummyOid1 = new DerObjectIdentifier("1.2.3");
+		private static readonly DerObjectIdentifier dummyOid2 = new DerObjectIdentifier("1.2.3.4");
+
+		private class SignedGenAttributeTableGenerator
+			: DefaultSignedAttributeTableGenerator
+		{
+			public override AttributeTable GetAttributes(
+				IDictionary parameters)
+			{
+				IDictionary table = createStandardAttributeTable(parameters);
+
+				DerOctetString val = new DerOctetString((byte[])parameters[CmsAttributeTableParameter.Digest]);
+				Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(dummyOid1, new DerSet(val));
+
+				table[attr.AttrType] = attr;
+
+				return new AttributeTable(table);
+			}
+		};
+
+		private class UnsignedGenAttributeTableGenerator
+			: CmsAttributeTableGenerator
+		{
+			public AttributeTable GetAttributes(
+				IDictionary parameters)
+			{
+				DerOctetString val = new DerOctetString((byte[])parameters[CmsAttributeTableParameter.Signature]);
+				Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(dummyOid2, new DerSet(val));
+
+				return new AttributeTable(new DerSet(attr));
+			}
+		};
+
+		[Test]
+	    public void TestSha1WithRsaEncapsulatedSubjectKeyID()
+	    {
+	        IList certList = new ArrayList();
+	        MemoryStream bOut = new MemoryStream();
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+
+	        gen.AddSigner(OrigKP.Private,
+				CmsTestUtil.CreateSubjectKeyId(OrigCert.GetPublicKey()).GetKeyIdentifier(),
+				CmsSignedDataStreamGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			Stream sigOut = gen.Open(bOut, true);
+
+			byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
+			sigOut.Write(testBytes, 0, testBytes.Length);
+
+			sigOut.Close();
+
+			CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());
+
+			sp.GetSignedContent().Drain();
+
+			VerifySignatures(sp);
+
+			byte[] contentDigest = (byte[])gen.GetGeneratedDigests()[CmsSignedGenerator.DigestSha1];
+
+			ArrayList signers = new ArrayList(sp.GetSignerInfos().GetSigners());
+
+			AttributeTable table = ((SignerInformation) signers[0]).SignedAttributes;
+			Asn1.Cms.Attribute hash = table[CmsAttributes.MessageDigest];
+
+			Assert.IsTrue(Arrays.AreEqual(contentDigest, ((Asn1OctetString)hash.AttrValues[0]).GetOctets()));
+
+			//
+			// try using existing signer
+			//
+			gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigners(sp.GetSignerInfos());
+
+//			gen.AddCertificatesAndCRLs(sp.getCertificatesAndCRLs("Collection", "BC"));
+			gen.AddCertificates(sp.GetCertificates("Collection"));
+
+			bOut.SetLength(0);
+
+			sigOut = gen.Open(bOut, true);
+
+			sigOut.Write(testBytes, 0, testBytes.Length);
+
+			sigOut.Close();
+
+			CmsSignedData sd = new CmsSignedData(new CmsProcessableByteArray(testBytes), bOut.ToArray());
+
+			Assert.AreEqual(1, sd.GetSignerInfos().GetSigners().Count);
+
+	        VerifyEncodedData(bOut);
+	    }
+
+		[Test]
+		public void TestAttributeGenerators()
+		{
+			IList certList = new ArrayList();
+			MemoryStream bOut = new MemoryStream();
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+
+			CmsAttributeTableGenerator signedGen = new SignedGenAttributeTableGenerator();
+			CmsAttributeTableGenerator unsignedGen = new UnsignedGenAttributeTableGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert,
+				CmsSignedDataStreamGenerator.DigestSha1, signedGen, unsignedGen);
+
+			gen.AddCertificates(x509Certs);
+
+			Stream sigOut = gen.Open(bOut, true);
+
+			byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
+			sigOut.Write(testBytes, 0, testBytes.Length);
+
+			sigOut.Close();
+
+			CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());
+
+			sp.GetSignedContent().Drain();
+
+			VerifySignatures(sp);
+
+			//
+			// check attributes
+			//
+			SignerInformationStore signers = sp.GetSignerInfos();
+
+			foreach (SignerInformation signer in signers.GetSigners())
+			{
+				checkAttribute(signer.GetContentDigest(), signer.SignedAttributes[dummyOid1]);
+				checkAttribute(signer.GetSignature(), signer.UnsignedAttributes[dummyOid2]);
+			}
+		}
+
+		private void checkAttribute(
+			byte[]				expected,
+			Asn1.Cms.Attribute	attr)
+		{
+			DerOctetString value = (DerOctetString)attr.AttrValues[0];
+
+			Assert.AreEqual(new DerOctetString(expected), value);
+		}
+
+		[Test]
+		public void TestWithAttributeCertificate()
+		{
+			IList certList = new ArrayList();
+
+			certList.Add(SignCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			IX509AttributeCertificate attrCert = CmsTestUtil.GetAttributeCertificate();
+
+			ArrayList attrCerts = new ArrayList();
+			attrCerts.Add(attrCert);
+			IX509Store store = X509StoreFactory.Create(
+				"AttributeCertificate/Collection",
+				new X509CollectionStoreParameters(attrCerts));
+
+			gen.AddAttributeCertificates(store);
+
+			MemoryStream bOut = new MemoryStream();
+
+			Stream sigOut = gen.Open(bOut, true);
+
+			byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
+			sigOut.Write(testBytes, 0, testBytes.Length);
+
+			sigOut.Close();
+
+			CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());
+
+			sp.GetSignedContent().Drain();
+
+			Assert.AreEqual(4, sp.Version);
+
+			store = sp.GetAttributeCertificates("Collection");
+
+			ArrayList coll = new ArrayList(store.GetMatches(null));
+
+			Assert.AreEqual(1, coll.Count);
+
+			Assert.IsTrue(coll.Contains(attrCert));
+		}
+
+		[Test]
+		public void TestSignerStoreReplacement()
+		{
+			IList certList = new ArrayList();
+			MemoryStream bOut = new MemoryStream();
+			byte[] data = Encoding.ASCII.GetBytes(TestMessage);
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			Stream sigOut = gen.Open(bOut, false);
+
+			sigOut.Write(data, 0, data.Length);
+
+			sigOut.Close();
+
+			CheckSigParseable(bOut.ToArray());
+
+			//
+			// create new Signer
+			//
+			MemoryStream original = new MemoryStream(bOut.ToArray(), false);
+
+			bOut.SetLength(0);
+
+			gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha224);
+
+			gen.AddCertificates(x509Certs);
+
+			sigOut = gen.Open(bOut);
+
+			sigOut.Write(data, 0, data.Length);
+
+			sigOut.Close();
+
+			CheckSigParseable(bOut.ToArray());
+
+			CmsSignedData sd = new CmsSignedData(bOut.ToArray());
+
+			//
+			// replace signer
+			//
+			MemoryStream newOut = new MemoryStream();
+
+			CmsSignedDataParser.ReplaceSigners(original, sd.GetSignerInfos(), newOut);
+
+			sd = new CmsSignedData(new CmsProcessableByteArray(data), newOut.ToArray());
+
+			IEnumerator signerEnum = sd.GetSignerInfos().GetSigners().GetEnumerator();
+			signerEnum.MoveNext();
+			SignerInformation signer = (SignerInformation) signerEnum.Current;
+
+			Assert.AreEqual(signer.DigestAlgOid, CmsSignedDataStreamGenerator.DigestSha224);
+
+			CmsSignedDataParser sp = new CmsSignedDataParser(new CmsTypedStream(
+				new MemoryStream(data, false)), newOut.ToArray());
+
+			sp.GetSignedContent().Drain();
+
+			VerifySignatures(sp);
+		}
+
+		[Test]
+		public void TestEncapsulatedSignerStoreReplacement()
+		{
+			IList certList = new ArrayList();
+			MemoryStream bOut = new MemoryStream();
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			Stream sigOut = gen.Open(bOut, true);
+
+			byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
+			sigOut.Write(testBytes, 0, testBytes.Length);
+
+			sigOut.Close();
+
+			//
+			// create new Signer
+			//
+			MemoryStream  original = new MemoryStream(bOut.ToArray(), false);
+
+			bOut.SetLength(0);
+
+			gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha224);
+
+			gen.AddCertificates(x509Certs);
+
+			sigOut = gen.Open(bOut, true);
+
+			sigOut.Write(testBytes, 0, testBytes.Length);
+
+			sigOut.Close();
+
+			CmsSignedData sd = new CmsSignedData(bOut.ToArray());
+
+			//
+			// replace signer
+			//
+			MemoryStream newOut = new MemoryStream();
+
+			CmsSignedDataParser.ReplaceSigners(original, sd.GetSignerInfos(), newOut);
+
+			sd = new CmsSignedData(newOut.ToArray());
+
+			IEnumerator signerEnum = sd.GetSignerInfos().GetSigners().GetEnumerator();
+			signerEnum.MoveNext();
+			SignerInformation signer = (SignerInformation) signerEnum.Current;
+
+			Assert.AreEqual(signer.DigestAlgOid, CmsSignedDataStreamGenerator.DigestSha224);
+
+			CmsSignedDataParser sp = new CmsSignedDataParser(newOut.ToArray());
+
+			sp.GetSignedContent().Drain();
+
+			VerifySignatures(sp);
+		}
+
+		[Test]
+		public void TestCertStoreReplacement()
+		{
+			IList certList = new ArrayList();
+			MemoryStream bOut = new MemoryStream();
+			byte[] data = Encoding.ASCII.GetBytes(TestMessage);
+
+			certList.Add(OrigDsaCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			Stream sigOut = gen.Open(bOut);
+
+			sigOut.Write(data, 0, data.Length);
+
+			sigOut.Close();
+
+			CheckSigParseable(bOut.ToArray());
+
+			//
+			// create new certstore with the right certificates
+			//
+			certList = new ArrayList();
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			//
+			// replace certs
+			//
+			MemoryStream original = new MemoryStream(bOut.ToArray(), false);
+			MemoryStream newOut = new MemoryStream();
+
+			CmsSignedDataParser.ReplaceCertificatesAndCrls(original, x509Certs, null, null, newOut);
+
+			CmsSignedDataParser sp = new CmsSignedDataParser(new CmsTypedStream(new MemoryStream(data, false)), newOut.ToArray());
+
+			sp.GetSignedContent().Drain();
+
+			VerifySignatures(sp);
+		}
+
+		[Test]
+		public void TestEncapsulatedCertStoreReplacement()
+		{
+			IList certList = new ArrayList();
+			MemoryStream bOut = new MemoryStream();
+
+			certList.Add(OrigDsaCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			Stream sigOut = gen.Open(bOut, true);
+
+			byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
+			sigOut.Write(testBytes, 0, testBytes.Length);
+
+			sigOut.Close();
+
+			//
+			// create new certstore with the right certificates
+			//
+			certList = new ArrayList();
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			//
+			// replace certs
+			//
+			MemoryStream original = new MemoryStream(bOut.ToArray(), false);
+			MemoryStream newOut = new MemoryStream();
+
+			CmsSignedDataParser.ReplaceCertificatesAndCrls(original, x509Certs, null, null, newOut);
+
+			CmsSignedDataParser sp = new CmsSignedDataParser(newOut.ToArray());
+
+			sp.GetSignedContent().Drain();
+
+			VerifySignatures(sp);
+		}
+
+		[Test]
+		public void TestCertOrdering1()
+		{
+			IList certList = new ArrayList();
+			MemoryStream bOut = new MemoryStream();
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			Stream sigOut = gen.Open(bOut, true);
+
+			byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
+			sigOut.Write(testBytes, 0, testBytes.Length);
+
+			sigOut.Close();
+
+			CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());
+
+			sp.GetSignedContent().Drain();
+			x509Certs = sp.GetCertificates("Collection");
+			ArrayList a = new ArrayList(x509Certs.GetMatches(null));
+
+			Assert.AreEqual(2, a.Count);
+			Assert.AreEqual(OrigCert, a[0]);
+			Assert.AreEqual(SignCert, a[1]);
+		}
+
+		[Test]
+		public void TestCertOrdering2()
+		{
+			IList certList = new ArrayList();
+			MemoryStream bOut = new MemoryStream();
+
+			certList.Add(SignCert);
+			certList.Add(OrigCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			Stream sigOut = gen.Open(bOut, true);
+
+			byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
+			sigOut.Write(testBytes, 0, testBytes.Length);
+
+			sigOut.Close();
+
+			CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());
+
+			sp.GetSignedContent().Drain();
+			x509Certs = sp.GetCertificates("Collection");
+			ArrayList a = new ArrayList(x509Certs.GetMatches(null));
+
+			Assert.AreEqual(2, a.Count);
+			Assert.AreEqual(SignCert, a[0]);
+			Assert.AreEqual(OrigCert, a[1]);
+		}
+	}
+}
diff --git a/crypto/test/src/cms/test/SignedDataTest.cs b/crypto/test/src/cms/test/SignedDataTest.cs
new file mode 100644
index 000000000..96f00eadc
--- /dev/null
+++ b/crypto/test/src/cms/test/SignedDataTest.cs
@@ -0,0 +1,1480 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Cms;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Cms.Tests
+{
+	[TestFixture]
+	public class SignedDataTest
+	{
+		private const string OrigDN = "O=Bouncy Castle, C=AU";
+		private static AsymmetricCipherKeyPair origKP;
+		private static X509Certificate origCert;
+
+		private const string SignDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
+		private static AsymmetricCipherKeyPair signKP;
+		private static X509Certificate signCert;
+
+		private const string ReciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
+//		private static AsymmetricCipherKeyPair reciKP;
+//		private static X509Certificate reciCert;
+
+		private static X509Crl signCrl;
+
+		private static AsymmetricCipherKeyPair signGostKP;
+		private static X509Certificate signGostCert;
+
+		private static AsymmetricCipherKeyPair signDsaKP;
+		private static X509Certificate signDsaCert;
+
+		private static AsymmetricCipherKeyPair signECGostKP;
+		private static X509Certificate signECGostCert;
+
+		private static AsymmetricCipherKeyPair signECDsaKP;
+		private static X509Certificate signECDsaCert;
+
+		private static AsymmetricCipherKeyPair OrigKP
+		{
+			get { return origKP == null ? (origKP = CmsTestUtil.MakeKeyPair()) : origKP; }
+		}
+
+		private static AsymmetricCipherKeyPair SignKP
+		{
+			get { return signKP == null ? (signKP = CmsTestUtil.MakeKeyPair()) : signKP; }
+		}
+
+//		private static AsymmetricCipherKeyPair ReciKP
+//		{
+//			get { return reciKP == null ? (reciKP = CmsTestUtil.MakeKeyPair()) : reciKP; }
+//		}
+
+		private static AsymmetricCipherKeyPair SignGostKP
+		{
+			get { return signGostKP == null ? (signGostKP = CmsTestUtil.MakeGostKeyPair()) : signGostKP; }
+		}
+
+		private static AsymmetricCipherKeyPair SignDsaKP
+		{
+			get { return signDsaKP == null ? (signDsaKP = CmsTestUtil.MakeDsaKeyPair()) : signDsaKP; }
+		}
+
+		private static AsymmetricCipherKeyPair SignECGostKP
+		{
+			get { return signECGostKP == null ? (signECGostKP = CmsTestUtil.MakeECGostKeyPair()) : signECGostKP; }
+		}
+
+		private static AsymmetricCipherKeyPair SignECDsaKP
+		{
+			get { return signECDsaKP == null ? (signECDsaKP = CmsTestUtil.MakeECDsaKeyPair()) : signECDsaKP; }
+		}
+
+		private static X509Certificate OrigCert
+		{
+			get { return origCert == null ? (origCert = CmsTestUtil.MakeCertificate(OrigKP, OrigDN, OrigKP, OrigDN)) : origCert; }
+		}
+
+		private static X509Certificate SignCert
+		{
+			get { return signCert == null ? (signCert = CmsTestUtil.MakeCertificate(SignKP, SignDN, OrigKP, OrigDN)) : signCert; }
+		}
+
+//		private static X509Certificate ReciCert
+//		{
+//			get { return reciCert == null ? (reciCert = CmsTestUtil.MakeCertificate(ReciKP, ReciDN, SignKP, SignDN)) : reciCert; }
+//		}
+
+		private static X509Crl SignCrl
+		{
+			get { return signCrl == null ? (signCrl = CmsTestUtil.MakeCrl(SignKP)) : signCrl; }
+		}
+
+		private static X509Certificate SignGostCert
+		{
+			get { return signGostCert == null ? (signGostCert = CmsTestUtil.MakeCertificate(SignGostKP, SignDN, OrigKP, OrigDN)) : signGostCert; }
+		}
+
+		private static X509Certificate SignECGostCert
+		{
+			get { return signECGostCert == null ? (signECGostCert = CmsTestUtil.MakeCertificate(SignECGostKP, SignDN, OrigKP, OrigDN)) : signECGostCert; }
+		}
+
+		private static X509Certificate SignDsaCert
+		{
+			get { return signDsaCert == null ? (signDsaCert = CmsTestUtil.MakeCertificate(SignDsaKP, SignDN, OrigKP, OrigDN)) : signDsaCert; }
+		}
+
+		private static X509Certificate SignECDsaCert
+		{
+			get { return signECDsaCert == null ? (signECDsaCert = CmsTestUtil.MakeCertificate(SignECDsaKP, SignDN, OrigKP, OrigDN)) : signECDsaCert; }
+		}
+
+		private static readonly byte[] disorderedMessage = Base64.Decode(
+			"SU9fc3RkaW5fdXNlZABfX2xpYmNfc3RhcnRfbWFpbgBnZXRob3N0aWQAX19n"
+			+ "bW9uX3M=");
+
+		private static readonly byte[] disorderedSet = Base64.Decode(
+			"MIIYXQYJKoZIhvcNAQcCoIIYTjCCGEoCAQExCzAJBgUrDgMCGgUAMAsGCSqG"
+			+ "SIb3DQEHAaCCFqswggJUMIIBwKADAgECAgMMg6wwCgYGKyQDAwECBQAwbzEL"
+			+ "MAkGA1UEBhMCREUxPTA7BgNVBAoUNFJlZ3VsaWVydW5nc2JlaMhvcmRlIGbI"
+			+ "dXIgVGVsZWtvbW11bmlrYXRpb24gdW5kIFBvc3QxITAMBgcCggYBCgcUEwEx"
+			+ "MBEGA1UEAxQKNFItQ0EgMTpQTjAiGA8yMDAwMDMyMjA5NDM1MFoYDzIwMDQw"
+			+ "MTIxMTYwNDUzWjBvMQswCQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxpZXJ1"
+			+ "bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9zdDEh"
+			+ "MAwGBwKCBgEKBxQTATEwEQYDVQQDFAo1Ui1DQSAxOlBOMIGhMA0GCSqGSIb3"
+			+ "DQEBAQUAA4GPADCBiwKBgQCKHkFTJx8GmoqFTxEOxpK9XkC3NZ5dBEKiUv0I"
+			+ "fe3QMqeGMoCUnyJxwW0k2/53duHxtv2yHSZpFKjrjvE/uGwdOMqBMTjMzkFg"
+			+ "19e9JPv061wyADOucOIaNAgha/zFt9XUyrHF21knKCvDNExv2MYIAagkTKaj"
+			+ "LMAw0bu1J0FadQIFAMAAAAEwCgYGKyQDAwECBQADgYEAgFauXpoTLh3Z3pT/"
+			+ "3bhgrxO/2gKGZopWGSWSJPNwq/U3x2EuctOJurj+y2inTcJjespThflpN+7Q"
+			+ "nvsUhXU+jL2MtPlObU0GmLvWbi47cBShJ7KElcZAaxgWMBzdRGqTOdtMv+ev"
+			+ "2t4igGF/q71xf6J2c3pTLWr6P8s6tzLfOCMwggJDMIIBr6ADAgECAgQAuzyu"
+			+ "MAoGBiskAwMBAgUAMG8xCzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1bGll"
+			+ "cnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0"
+			+ "MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjVSLUNBIDE6UE4wIhgPMjAwMTA4"
+			+ "MjAwODA4MjBaGA8yMDA1MDgyMDA4MDgyMFowSzELMAkGA1UEBhMCREUxEjAQ"
+			+ "BgNVBAoUCVNpZ250cnVzdDEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFDQSBT"
+			+ "SUdOVFJVU1QgMTpQTjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAhV12"
+			+ "N2WhlR6f+3CXP57GrBM9la5Vnsu2b92zv5MZqQOPeEsYbZqDCFkYg1bSwsDE"
+			+ "XsGVQqXdQNAGUaapr/EUVVN+hNZ07GcmC1sPeQECgUkxDYjGi4ihbvzxlahj"
+			+ "L4nX+UTzJVBfJwXoIvJ+lMHOSpnOLIuEL3SRhBItvRECxN0CAwEAAaMSMBAw"
+			+ "DgYDVR0PAQH/BAQDAgEGMAoGBiskAwMBAgUAA4GBACDc9Pc6X8sK1cerphiV"
+			+ "LfFv4kpZb9ev4WPy/C6987Qw1SOTElhZAmxaJQBqmDHWlQ63wj1DEqswk7hG"
+			+ "LrvQk/iX6KXIn8e64uit7kx6DHGRKNvNGofPjr1WelGeGW/T2ZJKgmPDjCkf"
+			+ "sIKt2c3gwa2pDn4mmCz/DStUIqcPDbqLMIICVTCCAcGgAwIBAgIEAJ16STAK"
+			+ "BgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxpZXJ1"
+			+ "bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9zdDEh"
+			+ "MAwGBwKCBgEKBxQTATEwEQYDVQQDFAo1Ui1DQSAxOlBOMCIYDzIwMDEwMjAx"
+			+ "MTM0NDI1WhgPMjAwNTAzMjIwODU1NTFaMG8xCzAJBgNVBAYTAkRFMT0wOwYD"
+			+ "VQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0"
+			+ "aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjZSLUNhIDE6"
+			+ "UE4wgaEwDQYJKoZIhvcNAQEBBQADgY8AMIGLAoGBAIOiqxUkzVyqnvthihnl"
+			+ "tsE5m1Xn5TZKeR/2MQPStc5hJ+V4yptEtIx+Fn5rOoqT5VEVWhcE35wdbPvg"
+			+ "JyQFn5msmhPQT/6XSGOlrWRoFummXN9lQzAjCj1sgTcmoLCVQ5s5WpCAOXFw"
+			+ "VWu16qndz3sPItn3jJ0F3Kh3w79NglvPAgUAwAAAATAKBgYrJAMDAQIFAAOB"
+			+ "gQBpSRdnDb6AcNVaXSmGo6+kVPIBhot1LzJOGaPyDNpGXxd7LV4tMBF1U7gr"
+			+ "4k1g9BO6YiMWvw9uiTZmn0CfV8+k4fWEuG/nmafRoGIuay2f+ILuT+C0rnp1"
+			+ "4FgMsEhuVNJJAmb12QV0PZII+UneyhAneZuQQzVUkTcVgYxogxdSOzCCAlUw"
+			+ "ggHBoAMCAQICBACdekowCgYGKyQDAwECBQAwbzELMAkGA1UEBhMCREUxPTA7"
+			+ "BgNVBAoUNFJlZ3VsaWVydW5nc2JlaMhvcmRlIGbIdXIgVGVsZWtvbW11bmlr"
+			+ "YXRpb24gdW5kIFBvc3QxITAMBgcCggYBCgcUEwExMBEGA1UEAxQKNlItQ2Eg"
+			+ "MTpQTjAiGA8yMDAxMDIwMTEzNDcwN1oYDzIwMDUwMzIyMDg1NTUxWjBvMQsw"
+			+ "CQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1"
+			+ "ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9zdDEhMAwGBwKCBgEKBxQTATEw"
+			+ "EQYDVQQDFAo1Ui1DQSAxOlBOMIGhMA0GCSqGSIb3DQEBAQUAA4GPADCBiwKB"
+			+ "gQCKHkFTJx8GmoqFTxEOxpK9XkC3NZ5dBEKiUv0Ife3QMqeGMoCUnyJxwW0k"
+			+ "2/53duHxtv2yHSZpFKjrjvE/uGwdOMqBMTjMzkFg19e9JPv061wyADOucOIa"
+			+ "NAgha/zFt9XUyrHF21knKCvDNExv2MYIAagkTKajLMAw0bu1J0FadQIFAMAA"
+			+ "AAEwCgYGKyQDAwECBQADgYEAV1yTi+2gyB7sUhn4PXmi/tmBxAfe5oBjDW8m"
+			+ "gxtfudxKGZ6l/FUPNcrSc5oqBYxKWtLmf3XX87LcblYsch617jtNTkMzhx9e"
+			+ "qxiD02ufcrxz2EVt0Akdqiz8mdVeqp3oLcNU/IttpSrcA91CAnoUXtDZYwb/"
+			+ "gdQ4FI9l3+qo/0UwggJVMIIBwaADAgECAgQAxIymMAoGBiskAwMBAgUAMG8x"
+			+ "CzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBm"
+			+ "yHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMB"
+			+ "MTARBgNVBAMUCjZSLUNhIDE6UE4wIhgPMjAwMTEwMTUxMzMxNThaGA8yMDA1"
+			+ "MDYwMTA5NTIxN1owbzELMAkGA1UEBhMCREUxPTA7BgNVBAoUNFJlZ3VsaWVy"
+			+ "dW5nc2JlaMhvcmRlIGbIdXIgVGVsZWtvbW11bmlrYXRpb24gdW5kIFBvc3Qx"
+			+ "ITAMBgcCggYBCgcUEwExMBEGA1UEAxQKN1ItQ0EgMTpQTjCBoTANBgkqhkiG"
+			+ "9w0BAQEFAAOBjwAwgYsCgYEAiokD/j6lEP4FexF356OpU5teUpGGfUKjIrFX"
+			+ "BHc79G0TUzgVxqMoN1PWnWktQvKo8ETaugxLkP9/zfX3aAQzDW4Zki6x6GDq"
+			+ "fy09Agk+RJvhfbbIzRkV4sBBco0n73x7TfG/9NTgVr/96U+I+z/1j30aboM6"
+			+ "9OkLEhjxAr0/GbsCBQDAAAABMAoGBiskAwMBAgUAA4GBAHWRqRixt+EuqHhR"
+			+ "K1kIxKGZL2vZuakYV0R24Gv/0ZR52FE4ECr+I49o8FP1qiGSwnXB0SwjuH2S"
+			+ "iGiSJi+iH/MeY85IHwW1P5e+bOMvEOFhZhQXQixOD7totIoFtdyaj1XGYRef"
+			+ "0f2cPOjNJorXHGV8wuBk+/j++sxbd/Net3FtMIICVTCCAcGgAwIBAgIEAMSM"
+			+ "pzAKBgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxp"
+			+ "ZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9z"
+			+ "dDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAo3Ui1DQSAxOlBOMCIYDzIwMDEx"
+			+ "MDE1MTMzNDE0WhgPMjAwNTA2MDEwOTUyMTdaMG8xCzAJBgNVBAYTAkRFMT0w"
+			+ "OwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5p"
+			+ "a2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjZSLUNh"
+			+ "IDE6UE4wgaEwDQYJKoZIhvcNAQEBBQADgY8AMIGLAoGBAIOiqxUkzVyqnvth"
+			+ "ihnltsE5m1Xn5TZKeR/2MQPStc5hJ+V4yptEtIx+Fn5rOoqT5VEVWhcE35wd"
+			+ "bPvgJyQFn5msmhPQT/6XSGOlrWRoFummXN9lQzAjCj1sgTcmoLCVQ5s5WpCA"
+			+ "OXFwVWu16qndz3sPItn3jJ0F3Kh3w79NglvPAgUAwAAAATAKBgYrJAMDAQIF"
+			+ "AAOBgQBi5W96UVDoNIRkCncqr1LLG9vF9SGBIkvFpLDIIbcvp+CXhlvsdCJl"
+			+ "0pt2QEPSDl4cmpOet+CxJTdTuMeBNXxhb7Dvualog69w/+K2JbPhZYxuVFZs"
+			+ "Zh5BkPn2FnbNu3YbJhE60aIkikr72J4XZsI5DxpZCGh6xyV/YPRdKSljFjCC"
+			+ "AlQwggHAoAMCAQICAwyDqzAKBgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9"
+			+ "MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVu"
+			+ "aWthdGlvbiB1bmQgUG9zdDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAo1Ui1D"
+			+ "QSAxOlBOMCIYDzIwMDAwMzIyMDk0MTI3WhgPMjAwNDAxMjExNjA0NTNaMG8x"
+			+ "CzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBm"
+			+ "yHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMB"
+			+ "MTARBgNVBAMUCjRSLUNBIDE6UE4wgaEwDQYJKoZIhvcNAQEBBQADgY8AMIGL"
+			+ "AoGBAI8x26tmrFJanlm100B7KGlRemCD1R93PwdnG7svRyf5ZxOsdGrDszNg"
+			+ "xg6ouO8ZHQMT3NC2dH8TvO65Js+8bIyTm51azF6clEg0qeWNMKiiXbBXa+ph"
+			+ "hTkGbXiLYvACZ6/MTJMJ1lcrjpRF7BXtYeYMcEF6znD4pxOqrtbf9z5hAgUA"
+			+ "wAAAATAKBgYrJAMDAQIFAAOBgQB99BjSKlGPbMLQAgXlvA9jUsDNhpnVm3a1"
+			+ "YkfxSqS/dbQlYkbOKvCxkPGA9NBxisBM8l1zFynVjJoy++aysRmcnLY/sHaz"
+			+ "23BF2iU7WERy18H3lMBfYB6sXkfYiZtvQZcWaO48m73ZBySuiV3iXpb2wgs/"
+			+ "Cs20iqroAWxwq/W/9jCCAlMwggG/oAMCAQICBDsFZ9UwCgYGKyQDAwECBQAw"
+			+ "bzELMAkGA1UEBhMCREUxITAMBgcCggYBCgcUEwExMBEGA1UEAxQKNFItQ0Eg"
+			+ "MTpQTjE9MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxl"
+			+ "a29tbXVuaWthdGlvbiB1bmQgUG9zdDAiGA8xOTk5MDEyMTE3MzUzNFoYDzIw"
+			+ "MDQwMTIxMTYwMDAyWjBvMQswCQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxp"
+			+ "ZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9z"
+			+ "dDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAozUi1DQSAxOlBOMIGfMA0GCSqG"
+			+ "SIb3DQEBAQUAA4GNADCBiQKBgI4B557mbKQg/AqWBXNJhaT/6lwV93HUl4U8"
+			+ "u35udLq2+u9phns1WZkdM3gDfEpL002PeLfHr1ID/96dDYf04lAXQfombils"
+			+ "of1C1k32xOvxjlcrDOuPEMxz9/HDAQZA5MjmmYHAIulGI8Qg4Tc7ERRtg/hd"
+			+ "0QX0/zoOeXoDSEOBAgTAAAABMAoGBiskAwMBAgUAA4GBAIyzwfT3keHI/n2P"
+			+ "LrarRJv96mCohmDZNpUQdZTVjGu5VQjVJwk3hpagU0o/t/FkdzAjOdfEw8Ql"
+			+ "3WXhfIbNLv1YafMm2eWSdeYbLcbB5yJ1od+SYyf9+tm7cwfDAcr22jNRBqx8"
+			+ "wkWKtKDjWKkevaSdy99sAI8jebHtWz7jzydKMIID9TCCA16gAwIBAgICbMcw"
+			+ "DQYJKoZIhvcNAQEFBQAwSzELMAkGA1UEBhMCREUxEjAQBgNVBAoUCVNpZ250"
+			+ "cnVzdDEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFDQSBTSUdOVFJVU1QgMTpQ"
+			+ "TjAeFw0wNDA3MzAxMzAyNDZaFw0wNzA3MzAxMzAyNDZaMDwxETAPBgNVBAMM"
+			+ "CFlhY29tOlBOMQ4wDAYDVQRBDAVZYWNvbTELMAkGA1UEBhMCREUxCjAIBgNV"
+			+ "BAUTATEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAIWzLlYLQApocXIp"
+			+ "pgCCpkkOUVLgcLYKeOd6/bXAnI2dTHQqT2bv7qzfUnYvOqiNgYdF13pOYtKg"
+			+ "XwXMTNFL4ZOI6GoBdNs9TQiZ7KEWnqnr2945HYx7UpgTBclbOK/wGHuCdcwO"
+			+ "x7juZs1ZQPFG0Lv8RoiV9s6HP7POqh1sO0P/AgMBAAGjggH1MIIB8TCBnAYD"
+			+ "VR0jBIGUMIGRgBQcZzNghfnXoXRm8h1+VITC5caNRqFzpHEwbzELMAkGA1UE"
+			+ "BhMCREUxPTA7BgNVBAoUNFJlZ3VsaWVydW5nc2JlaMhvcmRlIGbIdXIgVGVs"
+			+ "ZWtvbW11bmlrYXRpb24gdW5kIFBvc3QxITAMBgcCggYBCgcUEwExMBEGA1UE"
+			+ "AxQKNVItQ0EgMTpQToIEALs8rjAdBgNVHQ4EFgQU2e5KAzkVuKaM9I5heXkz"
+			+ "bcAIuR8wDgYDVR0PAQH/BAQDAgZAMBIGA1UdIAQLMAkwBwYFKyQIAQEwfwYD"
+			+ "VR0fBHgwdjB0oCygKoYobGRhcDovL2Rpci5zaWdudHJ1c3QuZGUvbz1TaWdu"
+			+ "dHJ1c3QsYz1kZaJEpEIwQDEdMBsGA1UEAxMUQ1JMU2lnblNpZ250cnVzdDE6"
+			+ "UE4xEjAQBgNVBAoTCVNpZ250cnVzdDELMAkGA1UEBhMCREUwYgYIKwYBBQUH"
+			+ "AQEEVjBUMFIGCCsGAQUFBzABhkZodHRwOi8vZGlyLnNpZ250cnVzdC5kZS9T"
+			+ "aWdudHJ1c3QvT0NTUC9zZXJ2bGV0L2h0dHBHYXRld2F5LlBvc3RIYW5kbGVy"
+			+ "MBgGCCsGAQUFBwEDBAwwCjAIBgYEAI5GAQEwDgYHAoIGAQoMAAQDAQH/MA0G"
+			+ "CSqGSIb3DQEBBQUAA4GBAHn1m3GcoyD5GBkKUY/OdtD6Sj38LYqYCF+qDbJR"
+			+ "6pqUBjY2wsvXepUppEler+stH8mwpDDSJXrJyuzf7xroDs4dkLl+Rs2x+2tg"
+			+ "BjU+ABkBDMsym2WpwgA8LCdymmXmjdv9tULxY+ec2pjSEzql6nEZNEfrU8nt"
+			+ "ZCSCavgqW4TtMYIBejCCAXYCAQEwUTBLMQswCQYDVQQGEwJERTESMBAGA1UE"
+			+ "ChQJU2lnbnRydXN0MSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEUNBIFNJR05U"
+			+ "UlVTVCAxOlBOAgJsxzAJBgUrDgMCGgUAoIGAMBgGCSqGSIb3DQEJAzELBgkq"
+			+ "hkiG9w0BBwEwIwYJKoZIhvcNAQkEMRYEFIYfhPoyfGzkLWWSSLjaHb4HQmaK"
+			+ "MBwGCSqGSIb3DQEJBTEPFw0wNTAzMjQwNzM4MzVaMCEGBSskCAYFMRgWFi92"
+			+ "YXIvZmlsZXMvdG1wXzEvdGVzdDEwDQYJKoZIhvcNAQEFBQAEgYA2IvA8lhVz"
+			+ "VD5e/itUxbFboKxeKnqJ5n/KuO/uBCl1N14+7Z2vtw1sfkIG+bJdp3OY2Cmn"
+			+ "mrQcwsN99Vjal4cXVj8t+DJzFG9tK9dSLvD3q9zT/GQ0kJXfimLVwCa4NaSf"
+			+ "Qsu4xtG0Rav6bCcnzabAkKuNNvKtH8amSRzk870DBg==");
+
+		private static readonly byte[] xtraCounterSig = Base64.Decode(
+			  "MIIR/AYJKoZIhvcNAQcCoIIR7TCCEekCAQExCzAJBgUrDgMCGgUAMBoGCSqG"
+			+ "SIb3DQEHAaANBAtIZWxsbyB3b3JsZKCCDnkwggTPMIIDt6ADAgECAgRDnYD3"
+			+ "MA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNVBAYTAklUMRowGAYDVQQKExFJbi5U"
+			+ "ZS5TLkEuIFMucC5BLjEtMCsGA1UEAxMkSW4uVGUuUy5BLiAtIENlcnRpZmlj"
+			+ "YXRpb24gQXV0aG9yaXR5MB4XDTA4MDkxMjExNDMxMloXDTEwMDkxMjExNDMx"
+			+ "MlowgdgxCzAJBgNVBAYTAklUMSIwIAYDVQQKDBlJbnRlc2EgUy5wLkEuLzA1"
+			+ "MjYyODkwMDE0MSowKAYDVQQLDCFCdXNpbmVzcyBDb2xsYWJvcmF0aW9uICYg"
+			+ "U2VjdXJpdHkxHjAcBgNVBAMMFU1BU1NJTUlMSUFOTyBaSUNDQVJESTERMA8G"
+			+ "A1UEBAwIWklDQ0FSREkxFTATBgNVBCoMDE1BU1NJTUlMSUFOTzEcMBoGA1UE"
+			+ "BRMTSVQ6WkNDTVNNNzZIMTRMMjE5WTERMA8GA1UELhMIMDAwMDI1ODUwgaAw"
+			+ "DQYJKoZIhvcNAQEBBQADgY4AMIGKAoGBALeJTjmyFgx1SIP6c2AuB/kuyHo5"
+			+ "j/prKELTALsFDimre/Hxr3wOSet1TdQfFzU8Lu+EJqgfV9cV+cI1yeH1rZs7"
+			+ "lei7L3tX/VR565IywnguX5xwvteASgWZr537Fkws50bvTEMyYOj1Tf3FZvZU"
+			+ "z4n4OD39KI4mfR9i1eEVIxR3AgQAizpNo4IBoTCCAZ0wHQYDVR0RBBYwFIES"
+			+ "emljY2FyZGlAaW50ZXNhLml0MC8GCCsGAQUFBwEDBCMwITAIBgYEAI5GAQEw"
+			+ "CwYGBACORgEDAgEUMAgGBgQAjkYBBDBZBgNVHSAEUjBQME4GBgQAizABATBE"
+			+ "MEIGCCsGAQUFBwIBFjZodHRwOi8vZS10cnVzdGNvbS5pbnRlc2EuaXQvY2Ff"
+			+ "cHViYmxpY2EvQ1BTX0lOVEVTQS5odG0wDgYDVR0PAQH/BAQDAgZAMIGDBgNV"
+			+ "HSMEfDB6gBQZCQOW0bjFWBt+EORuxPagEgkQqKFcpFowWDELMAkGA1UEBhMC"
+			+ "SVQxGjAYBgNVBAoTEUluLlRlLlMuQS4gUy5wLkEuMS0wKwYDVQQDEyRJbi5U"
+			+ "ZS5TLkEuIC0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCBDzRARMwOwYDVR0f"
+			+ "BDQwMjAwoC6gLIYqaHR0cDovL2UtdHJ1c3Rjb20uaW50ZXNhLml0L0NSTC9J"
+			+ "TlRFU0EuY3JsMB0GA1UdDgQWBBTf5ItL8KmQh541Dxt7YxcWI1254TANBgkq"
+			+ "hkiG9w0BAQUFAAOCAQEAgW+uL1CVWQepbC/wfCmR6PN37Sueb4xiKQj2mTD5"
+			+ "UZ5KQjpivy/Hbuf0NrfKNiDEhAvoHSPC31ebGiKuTMFNyZPHfPEUnyYGSxea"
+			+ "2w837aXJFr6utPNQGBRi89kH90sZDlXtOSrZI+AzJJn5QK3F9gjcayU2NZXQ"
+			+ "MJgRwYmFyn2w4jtox+CwXPQ9E5XgxiMZ4WDL03cWVXDLX00EOJwnDDMUNTRI"
+			+ "m9Zv+4SKTNlfFbi9UTBqWBySkDzAelsfB2U61oqc2h1xKmCtkGMmN9iZT+Qz"
+			+ "ZC/vaaT+hLEBFGAH2gwFrYc4/jTBKyBYeU1vsAxsibIoTs1Apgl6MH75qPDL"
+			+ "BzCCBM8wggO3oAMCAQICBEOdgPcwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UE"
+			+ "BhMCSVQxGjAYBgNVBAoTEUluLlRlLlMuQS4gUy5wLkEuMS0wKwYDVQQDEyRJ"
+			+ "bi5UZS5TLkEuIC0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwOTEy"
+			+ "MTE0MzEyWhcNMTAwOTEyMTE0MzEyWjCB2DELMAkGA1UEBhMCSVQxIjAgBgNV"
+			+ "BAoMGUludGVzYSBTLnAuQS4vMDUyNjI4OTAwMTQxKjAoBgNVBAsMIUJ1c2lu"
+			+ "ZXNzIENvbGxhYm9yYXRpb24gJiBTZWN1cml0eTEeMBwGA1UEAwwVTUFTU0lN"
+			+ "SUxJQU5PIFpJQ0NBUkRJMREwDwYDVQQEDAhaSUNDQVJESTEVMBMGA1UEKgwM"
+			+ "TUFTU0lNSUxJQU5PMRwwGgYDVQQFExNJVDpaQ0NNU003NkgxNEwyMTlZMREw"
+			+ "DwYDVQQuEwgwMDAwMjU4NTCBoDANBgkqhkiG9w0BAQEFAAOBjgAwgYoCgYEA"
+			+ "t4lOObIWDHVIg/pzYC4H+S7IejmP+msoQtMAuwUOKat78fGvfA5J63VN1B8X"
+			+ "NTwu74QmqB9X1xX5wjXJ4fWtmzuV6Lsve1f9VHnrkjLCeC5fnHC+14BKBZmv"
+			+ "nfsWTCznRu9MQzJg6PVN/cVm9lTPifg4Pf0ojiZ9H2LV4RUjFHcCBACLOk2j"
+			+ "ggGhMIIBnTAdBgNVHREEFjAUgRJ6aWNjYXJkaUBpbnRlc2EuaXQwLwYIKwYB"
+			+ "BQUHAQMEIzAhMAgGBgQAjkYBATALBgYEAI5GAQMCARQwCAYGBACORgEEMFkG"
+			+ "A1UdIARSMFAwTgYGBACLMAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9lLXRy"
+			+ "dXN0Y29tLmludGVzYS5pdC9jYV9wdWJibGljYS9DUFNfSU5URVNBLmh0bTAO"
+			+ "BgNVHQ8BAf8EBAMCBkAwgYMGA1UdIwR8MHqAFBkJA5bRuMVYG34Q5G7E9qAS"
+			+ "CRCooVykWjBYMQswCQYDVQQGEwJJVDEaMBgGA1UEChMRSW4uVGUuUy5BLiBT"
+			+ "LnAuQS4xLTArBgNVBAMTJEluLlRlLlMuQS4gLSBDZXJ0aWZpY2F0aW9uIEF1"
+			+ "dGhvcml0eYIEPNEBEzA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vZS10cnVz"
+			+ "dGNvbS5pbnRlc2EuaXQvQ1JML0lOVEVTQS5jcmwwHQYDVR0OBBYEFN/ki0vw"
+			+ "qZCHnjUPG3tjFxYjXbnhMA0GCSqGSIb3DQEBBQUAA4IBAQCBb64vUJVZB6ls"
+			+ "L/B8KZHo83ftK55vjGIpCPaZMPlRnkpCOmK/L8du5/Q2t8o2IMSEC+gdI8Lf"
+			+ "V5saIq5MwU3Jk8d88RSfJgZLF5rbDzftpckWvq6081AYFGLz2Qf3SxkOVe05"
+			+ "Ktkj4DMkmflArcX2CNxrJTY1ldAwmBHBiYXKfbDiO2jH4LBc9D0TleDGIxnh"
+			+ "YMvTdxZVcMtfTQQ4nCcMMxQ1NEib1m/7hIpM2V8VuL1RMGpYHJKQPMB6Wx8H"
+			+ "ZTrWipzaHXEqYK2QYyY32JlP5DNkL+9ppP6EsQEUYAfaDAWthzj+NMErIFh5"
+			+ "TW+wDGyJsihOzUCmCXowfvmo8MsHMIIEzzCCA7egAwIBAgIEQ52A9zANBgkq"
+			+ "hkiG9w0BAQUFADBYMQswCQYDVQQGEwJJVDEaMBgGA1UEChMRSW4uVGUuUy5B"
+			+ "LiBTLnAuQS4xLTArBgNVBAMTJEluLlRlLlMuQS4gLSBDZXJ0aWZpY2F0aW9u"
+			+ "IEF1dGhvcml0eTAeFw0wODA5MTIxMTQzMTJaFw0xMDA5MTIxMTQzMTJaMIHY"
+			+ "MQswCQYDVQQGEwJJVDEiMCAGA1UECgwZSW50ZXNhIFMucC5BLi8wNTI2Mjg5"
+			+ "MDAxNDEqMCgGA1UECwwhQnVzaW5lc3MgQ29sbGFib3JhdGlvbiAmIFNlY3Vy"
+			+ "aXR5MR4wHAYDVQQDDBVNQVNTSU1JTElBTk8gWklDQ0FSREkxETAPBgNVBAQM"
+			+ "CFpJQ0NBUkRJMRUwEwYDVQQqDAxNQVNTSU1JTElBTk8xHDAaBgNVBAUTE0lU"
+			+ "OlpDQ01TTTc2SDE0TDIxOVkxETAPBgNVBC4TCDAwMDAyNTg1MIGgMA0GCSqG"
+			+ "SIb3DQEBAQUAA4GOADCBigKBgQC3iU45shYMdUiD+nNgLgf5Lsh6OY/6ayhC"
+			+ "0wC7BQ4pq3vx8a98DknrdU3UHxc1PC7vhCaoH1fXFfnCNcnh9a2bO5Xouy97"
+			+ "V/1UeeuSMsJ4Ll+ccL7XgEoFma+d+xZMLOdG70xDMmDo9U39xWb2VM+J+Dg9"
+			+ "/SiOJn0fYtXhFSMUdwIEAIs6TaOCAaEwggGdMB0GA1UdEQQWMBSBEnppY2Nh"
+			+ "cmRpQGludGVzYS5pdDAvBggrBgEFBQcBAwQjMCEwCAYGBACORgEBMAsGBgQA"
+			+ "jkYBAwIBFDAIBgYEAI5GAQQwWQYDVR0gBFIwUDBOBgYEAIswAQEwRDBCBggr"
+			+ "BgEFBQcCARY2aHR0cDovL2UtdHJ1c3Rjb20uaW50ZXNhLml0L2NhX3B1YmJs"
+			+ "aWNhL0NQU19JTlRFU0EuaHRtMA4GA1UdDwEB/wQEAwIGQDCBgwYDVR0jBHww"
+			+ "eoAUGQkDltG4xVgbfhDkbsT2oBIJEKihXKRaMFgxCzAJBgNVBAYTAklUMRow"
+			+ "GAYDVQQKExFJbi5UZS5TLkEuIFMucC5BLjEtMCsGA1UEAxMkSW4uVGUuUy5B"
+			+ "LiAtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ80QETMDsGA1UdHwQ0MDIw"
+			+ "MKAuoCyGKmh0dHA6Ly9lLXRydXN0Y29tLmludGVzYS5pdC9DUkwvSU5URVNB"
+			+ "LmNybDAdBgNVHQ4EFgQU3+SLS/CpkIeeNQ8be2MXFiNdueEwDQYJKoZIhvcN"
+			+ "AQEFBQADggEBAIFvri9QlVkHqWwv8Hwpkejzd+0rnm+MYikI9pkw+VGeSkI6"
+			+ "Yr8vx27n9Da3yjYgxIQL6B0jwt9XmxoirkzBTcmTx3zxFJ8mBksXmtsPN+2l"
+			+ "yRa+rrTzUBgUYvPZB/dLGQ5V7Tkq2SPgMySZ+UCtxfYI3GslNjWV0DCYEcGJ"
+			+ "hcp9sOI7aMfgsFz0PROV4MYjGeFgy9N3FlVwy19NBDicJwwzFDU0SJvWb/uE"
+			+ "ikzZXxW4vVEwalgckpA8wHpbHwdlOtaKnNodcSpgrZBjJjfYmU/kM2Qv72mk"
+			+ "/oSxARRgB9oMBa2HOP40wSsgWHlNb7AMbImyKE7NQKYJejB++ajwywcxggM8"
+			+ "MIIDOAIBATBgMFgxCzAJBgNVBAYTAklUMRowGAYDVQQKExFJbi5UZS5TLkEu"
+			+ "IFMucC5BLjEtMCsGA1UEAxMkSW4uVGUuUy5BLiAtIENlcnRpZmljYXRpb24g"
+			+ "QXV0aG9yaXR5AgRDnYD3MAkGBSsOAwIaBQAwDQYJKoZIhvcNAQEBBQAEgYB+"
+			+ "lH2cwLqc91mP8prvgSV+RRzk13dJdZvdoVjgQoFrPhBiZCNIEoHvIhMMA/sM"
+			+ "X6euSRZk7EjD24FasCEGYyd0mJVLEy6TSPmuW+wWz/28w3a6IWXBGrbb/ild"
+			+ "/CJMkPgLPGgOVD1WDwiNKwfasiQSFtySf5DPn3jFevdLeMmEY6GCAjIwggEV"
+			+ "BgkqhkiG9w0BCQYxggEGMIIBAgIBATBgMFgxCzAJBgNVBAYTAklUMRowGAYD"
+			+ "VQQKExFJbi5UZS5TLkEuIFMucC5BLjEtMCsGA1UEAxMkSW4uVGUuUy5BLiAt"
+			+ "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5AgRDnYD3MAkGBSsOAwIaBQAwDQYJ"
+			+ "KoZIhvcNAQEBBQAEgYBHlOULfT5GDigIvxP0qZOy8VbpntmzaPF55VV4buKV"
+			+ "35J+uHp98gXKp0LrHM69V5IRKuyuQzHHFBqsXxsRI9o6KoOfgliD9Xc+BeMg"
+			+ "dKzQhBhBYoFREq8hQM0nSbqDNHYAQyNHMzUA/ZQUO5dlFuH8Dw3iDYAhNtfd"
+			+ "PrlchKJthDCCARUGCSqGSIb3DQEJBjGCAQYwggECAgEBMGAwWDELMAkGA1UE"
+			+ "BhMCSVQxGjAYBgNVBAoTEUluLlRlLlMuQS4gUy5wLkEuMS0wKwYDVQQDEyRJ"
+			+ "bi5UZS5TLkEuIC0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkCBEOdgPcwCQYF"
+			+ "Kw4DAhoFADANBgkqhkiG9w0BAQEFAASBgEeU5Qt9PkYOKAi/E/Spk7LxVume"
+			+ "2bNo8XnlVXhu4pXfkn64en3yBcqnQusczr1XkhEq7K5DMccUGqxfGxEj2joq"
+			+ "g5+CWIP1dz4F4yB0rNCEGEFigVESryFAzSdJuoM0dgBDI0czNQD9lBQ7l2UW"
+			+ "4fwPDeINgCE2190+uVyEom2E");
+
+		private void VerifySignatures(
+			CmsSignedData	s,
+			byte[]			contentDigest)
+		{
+			IX509Store x509Certs = s.GetCertificates("Collection");
+
+			SignerInformationStore signers = s.GetSignerInfos();
+			ICollection c = signers.GetSigners();
+
+			foreach (SignerInformation signer in c)
+			{
+				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+
+				IEnumerator certEnum = certCollection.GetEnumerator();
+
+				certEnum.MoveNext();
+				X509Certificate cert = (X509Certificate) certEnum.Current;
+
+				Assert.IsTrue(signer.Verify(cert));
+
+				if (contentDigest != null)
+				{
+					Assert.IsTrue(Arrays.AreEqual(contentDigest, signer.GetContentDigest()));
+				}
+			}
+		}
+
+		private void VerifySignatures(
+			CmsSignedData s)
+		{
+			VerifySignatures(s, null);
+		}
+
+		[Test]
+		public void TestDetachedVerification()
+		{
+			byte[] data = Encoding.ASCII.GetBytes("Hello World!");
+			CmsProcessable msg = new CmsProcessableByteArray(data);
+
+			IList certList = new ArrayList();
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestMD5);
+
+			gen.AddCertificates(x509Certs);
+
+			CmsSignedData s = gen.Generate(msg);
+
+			IDictionary hashes = new Hashtable();
+			hashes.Add(CmsSignedDataGenerator.DigestSha1, CalculateHash("SHA1", data));
+			hashes.Add(CmsSignedDataGenerator.DigestMD5, CalculateHash("MD5", data));
+
+			s = new CmsSignedData(hashes, s.GetEncoded());
+
+			VerifySignatures(s, null);
+		}
+
+		private byte[] CalculateHash(
+			string	digestName,
+			byte[]	data)
+		{
+			IDigest digest = DigestUtilities.GetDigest(digestName);
+			digest.BlockUpdate(data, 0, data.Length);
+			return DigestUtilities.DoFinal(digest);
+		}
+
+		[Test]
+		public void TestSha1AndMD5WithRsaEncapsulatedRepeated()
+		{
+			IList certList = new ArrayList();
+			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestMD5);
+
+			gen.AddCertificates(x509Certs);
+
+			CmsSignedData s = gen.Generate(msg, true);
+
+			s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
+
+			x509Certs = s.GetCertificates("Collection");
+
+			SignerInformationStore signers = s.GetSignerInfos();
+
+			Assert.AreEqual(2, signers.Count);
+
+			SignerID sid = null;
+			ICollection c = signers.GetSigners();
+
+			foreach (SignerInformation signer in c)
+			{
+				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+
+				IEnumerator certEnum = certCollection.GetEnumerator();
+
+				certEnum.MoveNext();
+				X509Certificate cert = (X509Certificate) certEnum.Current;
+
+				sid = signer.SignerID;
+
+				Assert.IsTrue(signer.Verify(cert));
+
+				//
+				// check content digest
+				//
+
+				byte[] contentDigest = (byte[])gen.GetGeneratedDigests()[signer.DigestAlgOid];
+
+				AttributeTable table = signer.SignedAttributes;
+				Asn1.Cms.Attribute hash = table[CmsAttributes.MessageDigest];
+
+				Assert.IsTrue(Arrays.AreEqual(contentDigest, ((Asn1OctetString)hash.AttrValues[0]).GetOctets()));
+			}
+
+			c = signers.GetSigners(sid);
+
+			Assert.AreEqual(2, c.Count);
+
+			//
+			// try using existing signer
+			//
+
+			gen = new CmsSignedDataGenerator();
+
+			gen.AddSigners(s.GetSignerInfos());
+
+			gen.AddCertificates(s.GetCertificates("Collection"));
+			gen.AddCrls(s.GetCrls("Collection"));
+
+			s = gen.Generate(msg, true);
+
+			s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
+
+			x509Certs = s.GetCertificates("Collection");
+
+			signers = s.GetSignerInfos();
+			c = signers.GetSigners();
+
+			Assert.AreEqual(2, c.Count);
+
+			foreach (SignerInformation signer in c)
+			{
+				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+
+				IEnumerator certEnum = certCollection.GetEnumerator();
+
+				certEnum.MoveNext();
+				X509Certificate cert = (X509Certificate) certEnum.Current;
+
+				Assert.AreEqual(true, signer.Verify(cert));
+			}
+
+			CheckSignerStoreReplacement(s, signers);
+		}
+
+		// NB: C# build doesn't support "no attributes" version of CmsSignedDataGenerator.Generate
+//		[Test]
+//		public void TestSha1WithRsaNoAttributes()
+//		{
+//			IList certList = new ArrayList();
+//			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello world!"));
+//
+//			certList.Add(OrigCert);
+//			certList.Add(SignCert);
+//
+//			IX509Store x509Certs = X509StoreFactory.Create(
+//				"Certificate/Collection",
+//				new X509CollectionStoreParameters(certList));
+//
+//			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+//
+//			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
+//
+//			gen.AddCertificates(x509Certs);
+//
+//			CmsSignedData s = gen.Generate(CmsSignedDataGenerator.Data, msg, false, false);
+//
+//			//
+//			// compute expected content digest
+//			//
+//			IDigest md = DigestUtilities.GetDigest("SHA1");
+//
+//			byte[] testBytes = Encoding.ASCII.GetBytes("Hello world!");
+//			md.BlockUpdate(testBytes, 0, testBytes.Length);
+//			byte[] hash = DigestUtilities.DoFinal(md);
+//
+//			VerifySignatures(s, hash);
+//		}
+
+		[Test]
+		public void TestSha1WithRsaAndAttributeTable()
+		{
+			byte[] testBytes = Encoding.ASCII.GetBytes("Hello world!");
+
+			IList certList = new ArrayList();
+			CmsProcessable msg = new CmsProcessableByteArray(testBytes);
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+
+			IDigest md = DigestUtilities.GetDigest("SHA1");
+			md.BlockUpdate(testBytes, 0, testBytes.Length);
+			byte[] hash = DigestUtilities.DoFinal(md);
+
+			Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(CmsAttributes.MessageDigest,
+				new DerSet(new DerOctetString(hash)));
+
+			Asn1EncodableVector v = new Asn1EncodableVector(attr);
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1,
+				new AttributeTable(v), null);
+
+			gen.AddCertificates(x509Certs);
+
+			CmsSignedData s = gen.Generate(CmsSignedDataGenerator.Data, null, false);
+
+			//
+			// the signature is detached, so need to add msg before passing on
+			//
+			s = new CmsSignedData(msg, s.GetEncoded());
+
+			//
+			// compute expected content digest
+			//
+			VerifySignatures(s, hash);
+		}
+
+		[Test]
+		public void TestSha1WithRsaEncapsulated()
+		{
+			EncapsulatedTest(SignKP, SignCert, CmsSignedDataGenerator.DigestSha1);
+		}
+
+		[Test]
+		public void TestSha1WithRsaEncapsulatedSubjectKeyID()
+		{
+			SubjectKeyIDTest(SignKP, SignCert, CmsSignedDataGenerator.DigestSha1);
+		}
+
+		[Test]
+		public void TestSha1WithRsaPss()
+		{
+			rsaPssTest("SHA1", CmsSignedDataGenerator.DigestSha1);
+		}
+
+		[Test]
+		public void TestSha224WithRsaPss()
+		{
+			rsaPssTest("SHA224", CmsSignedDataGenerator.DigestSha224);
+		}
+
+		[Test]
+		public void TestSha256WithRsaPss()
+		{
+			rsaPssTest("SHA256", CmsSignedDataGenerator.DigestSha256);
+		}
+
+		[Test]
+		public void TestSha384WithRsaPss()
+		{
+			rsaPssTest("SHA384", CmsSignedDataGenerator.DigestSha384);
+		}
+
+		[Test]
+		public void TestSha224WithRsaEncapsulated()
+		{
+			EncapsulatedTest(SignKP, SignCert, CmsSignedDataGenerator.DigestSha224);
+		}
+
+		[Test]
+		public void TestSha256WithRsaEncapsulated()
+		{
+			EncapsulatedTest(SignKP, SignCert, CmsSignedDataGenerator.DigestSha256);
+		}
+
+		[Test]
+		public void TestRipeMD128WithRsaEncapsulated()
+		{
+			EncapsulatedTest(SignKP, SignCert, CmsSignedDataGenerator.DigestRipeMD128);
+		}
+
+		[Test]
+		public void TestRipeMD160WithRsaEncapsulated()
+		{
+			EncapsulatedTest(SignKP, SignCert, CmsSignedDataGenerator.DigestRipeMD160);
+		}
+
+		[Test]
+		public void TestRipeMD256WithRsaEncapsulated()
+		{
+			EncapsulatedTest(SignKP, SignCert, CmsSignedDataGenerator.DigestRipeMD256);
+		}
+
+		[Test]
+		public void TestECDsaEncapsulated()
+		{
+			EncapsulatedTest(SignECDsaKP, SignECDsaCert, CmsSignedDataGenerator.DigestSha1);
+		}
+
+		[Test]
+		public void TestECDsaEncapsulatedSubjectKeyID()
+		{
+			SubjectKeyIDTest(SignECDsaKP, SignECDsaCert, CmsSignedDataGenerator.DigestSha1);
+		}
+
+		[Test]
+		public void TestECDsaSha224Encapsulated()
+		{
+			EncapsulatedTest(SignECDsaKP, SignECDsaCert, CmsSignedDataGenerator.DigestSha224);
+		}
+
+		[Test]
+		public void TestECDsaSha256Encapsulated()
+		{
+			EncapsulatedTest(SignECDsaKP, SignECDsaCert, CmsSignedDataGenerator.DigestSha256);
+		}
+
+		[Test]
+		public void TestECDsaSha384Encapsulated()
+		{
+			EncapsulatedTest(SignECDsaKP, SignECDsaCert, CmsSignedDataGenerator.DigestSha384);
+		}
+
+		[Test]
+		public void TestECDsaSha512Encapsulated()
+		{
+			EncapsulatedTest(SignECDsaKP, SignECDsaCert, CmsSignedDataGenerator.DigestSha512);
+		}
+
+		[Test]
+		public void TestECDsaSha512EncapsulatedWithKeyFactoryAsEC()
+		{
+//			X509EncodedKeySpec  pubSpec = new X509EncodedKeySpec(_signEcDsaKP.getPublic().getEncoded());
+			byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(SignECDsaKP.Public).GetDerEncoded();
+//			PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(_signEcDsaKP.Private.getEncoded());
+			byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(SignECDsaKP.Private).GetDerEncoded();
+//			KeyFactory          keyFact = KeyFactory.GetInstance("EC", "BC");
+//			KeyPair             kp = new KeyPair(keyFact.generatePublic(pubSpec), keyFact.generatePrivate(privSpec));
+			AsymmetricCipherKeyPair kp = new AsymmetricCipherKeyPair(
+                PublicKeyFactory.CreateKey(pubEnc),
+				PrivateKeyFactory.CreateKey(privEnc));
+
+			EncapsulatedTest(kp, SignECDsaCert, CmsSignedDataGenerator.DigestSha512);
+		}
+
+		[Test]
+		public void TestDsaEncapsulated()
+		{
+			EncapsulatedTest(SignDsaKP, SignDsaCert, CmsSignedDataGenerator.DigestSha1);
+		}
+
+		[Test]
+		public void TestDsaEncapsulatedSubjectKeyID()
+		{
+			SubjectKeyIDTest(SignDsaKP, SignDsaCert, CmsSignedDataGenerator.DigestSha1);
+		}
+
+		[Test]
+		public void TestGost3411WithGost3410Encapsulated()
+		{
+			EncapsulatedTest(SignGostKP, SignGostCert, CmsSignedDataGenerator.DigestGost3411);
+		}
+
+		[Test]
+		public void TestGost3411WithECGost3410Encapsulated()
+		{
+			EncapsulatedTest(SignECGostKP, SignECGostCert, CmsSignedDataGenerator.DigestGost3411);
+		}
+
+		[Test]
+		public void TestSha1WithRsaCounterSignature()
+		{
+			IList certList = new ArrayList();
+			IList crlList = new ArrayList();
+			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
+
+			certList.Add(SignCert);
+			certList.Add(OrigCert);
+
+			crlList.Add(SignCrl);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+			IX509Store x509Crls = X509StoreFactory.Create(
+				"CRL/Collection",
+				new X509CollectionStoreParameters(crlList));
+
+			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+
+			gen.AddSigner(SignKP.Private, SignCert, CmsSignedDataGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+			gen.AddCrls(x509Crls);
+
+			CmsSignedData s = gen.Generate(msg, true);
+			SignerInformation origSigner = (SignerInformation) new ArrayList(s.GetSignerInfos().GetSigners())[0];
+			SignerInformationStore counterSigners1 = gen.GenerateCounterSigners(origSigner);
+			SignerInformationStore counterSigners2 = gen.GenerateCounterSigners(origSigner);
+
+			SignerInformation signer1 = SignerInformation.AddCounterSigners(origSigner, counterSigners1);
+			SignerInformation signer2 = SignerInformation.AddCounterSigners(signer1, counterSigners2);
+
+			SignerInformationStore cs = signer2.GetCounterSignatures();
+			ICollection csSigners = cs.GetSigners();
+			Assert.AreEqual(2, csSigners.Count);
+
+			foreach (SignerInformation cSigner in csSigners)
+			{
+				ICollection certCollection = x509Certs.GetMatches(cSigner.SignerID);
+
+				IEnumerator certEnum = certCollection.GetEnumerator();
+
+				certEnum.MoveNext();
+				X509Certificate cert = (X509Certificate) certEnum.Current;
+
+				Assert.IsNull(cSigner.SignedAttributes[Asn1.Pkcs.PkcsObjectIdentifiers.Pkcs9AtContentType]);
+				Assert.IsTrue(cSigner.Verify(cert));
+			}
+		}
+
+		private void rsaPssTest(
+			string	digestName,
+			string	digestOID)
+		{
+			IList certList = new ArrayList();
+			byte[] msgBytes = Encoding.ASCII.GetBytes("Hello World!");
+			CmsProcessable msg = new CmsProcessableByteArray(msgBytes);
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.EncryptionRsaPss, digestOID);
+
+			gen.AddCertificates(x509Certs);
+
+			CmsSignedData s = gen.Generate(CmsSignedDataGenerator.Data, msg, false);
+
+			//
+			// compute expected content digest
+			//
+			IDigest md = DigestUtilities.GetDigest(digestName);
+			md.BlockUpdate(msgBytes, 0, msgBytes.Length);
+			byte[] expectedDigest = DigestUtilities.DoFinal(md);
+
+			VerifySignatures(s, expectedDigest);
+		}
+
+		private void SubjectKeyIDTest(
+			AsymmetricCipherKeyPair	signaturePair,
+			X509Certificate			signatureCert,
+			string					digestAlgorithm)
+		{
+			IList certList = new ArrayList();
+			IList crlList = new ArrayList();
+			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
+
+			certList.Add(signatureCert);
+			certList.Add(OrigCert);
+
+			crlList.Add(SignCrl);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+			IX509Store x509Crls = X509StoreFactory.Create(
+				"CRL/Collection",
+				new X509CollectionStoreParameters(crlList));
+
+			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+
+			gen.AddSigner(signaturePair.Private,
+				CmsTestUtil.CreateSubjectKeyId(signatureCert.GetPublicKey()).GetKeyIdentifier(),
+				digestAlgorithm);
+
+			gen.AddCertificates(x509Certs);
+			gen.AddCrls(x509Crls);
+
+			CmsSignedData s = gen.Generate(msg, true);
+
+			Assert.AreEqual(3, s.Version);
+
+			MemoryStream bIn = new MemoryStream(s.GetEncoded(), false);
+			Asn1InputStream aIn = new Asn1InputStream(bIn);
+
+			s = new CmsSignedData(ContentInfo.GetInstance(aIn.ReadObject()));
+
+			x509Certs = s.GetCertificates("Collection");
+			x509Crls = s.GetCrls("Collection");
+
+			SignerInformationStore signers = s.GetSignerInfos();
+
+			foreach (SignerInformation signer in signers.GetSigners())
+			{
+				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+
+				IEnumerator certEnum = certCollection.GetEnumerator();
+
+				certEnum.MoveNext();
+				X509Certificate cert = (X509Certificate) certEnum.Current;
+
+				Assert.IsTrue(signer.Verify(cert));
+			}
+
+			//
+			// check for CRLs
+			//
+			ArrayList crls = new ArrayList(x509Crls.GetMatches(null));
+
+			Assert.AreEqual(1, crls.Count);
+
+			Assert.IsTrue(crls.Contains(SignCrl));
+
+			//
+			// try using existing signer
+			//
+
+			gen = new CmsSignedDataGenerator();
+
+			gen.AddSigners(s.GetSignerInfos());
+
+			gen.AddCertificates(s.GetCertificates("Collection"));
+			gen.AddCrls(s.GetCrls("Collection"));
+
+			s = gen.Generate(msg, true);
+
+			bIn = new MemoryStream(s.GetEncoded(), false);
+			aIn = new Asn1InputStream(bIn);
+
+			s = new CmsSignedData(ContentInfo.GetInstance(aIn.ReadObject()));
+
+			x509Certs = s.GetCertificates("Collection");
+			x509Crls = s.GetCrls("Collection");
+
+			signers = s.GetSignerInfos();
+
+			foreach (SignerInformation signer in signers.GetSigners())
+			{
+				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+
+				IEnumerator certEnum = certCollection.GetEnumerator();
+
+				certEnum.MoveNext();
+				X509Certificate cert = (X509Certificate) certEnum.Current;
+
+				Assert.IsTrue(signer.Verify(cert));
+			}
+
+			CheckSignerStoreReplacement(s, signers);
+		}
+
+		private void EncapsulatedTest(
+			AsymmetricCipherKeyPair	signaturePair,
+			X509Certificate			signatureCert,
+			string					digestAlgorithm)
+		{
+			IList certList = new ArrayList();
+			IList crlList = new ArrayList();
+			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
+
+			certList.Add(signatureCert);
+			certList.Add(OrigCert);
+
+			crlList.Add(SignCrl);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+			IX509Store x509Crls = X509StoreFactory.Create(
+				"CRL/Collection",
+				new X509CollectionStoreParameters(crlList));
+
+			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+
+			gen.AddSigner(signaturePair.Private, signatureCert, digestAlgorithm);
+
+			gen.AddCertificates(x509Certs);
+			gen.AddCrls(x509Crls);
+
+			CmsSignedData s = gen.Generate(msg, true);
+
+			s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
+
+			x509Certs = s.GetCertificates("Collection");
+			x509Crls = s.GetCrls("Collection");
+
+			SignerInformationStore signers = s.GetSignerInfos();
+			ICollection c = signers.GetSigners();
+
+			foreach (SignerInformation signer in c)
+			{
+				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+
+				IEnumerator certEnum = certCollection.GetEnumerator();
+
+				certEnum.MoveNext();
+				X509Certificate cert = (X509Certificate) certEnum.Current;
+
+				Assert.IsTrue(signer.Verify(cert));
+			}
+
+			//
+			// check for CRLs
+			//
+			ArrayList crls = new ArrayList(x509Crls.GetMatches(null));
+
+			Assert.AreEqual(1, crls.Count);
+
+			Assert.IsTrue(crls.Contains(SignCrl));
+
+			//
+			// try using existing signer
+			//
+
+			gen = new CmsSignedDataGenerator();
+
+			gen.AddSigners(s.GetSignerInfos());
+
+			gen.AddCertificates(s.GetCertificates("Collection"));
+			gen.AddCrls(s.GetCrls("Collection"));
+
+			s = gen.Generate(msg, true);
+
+			s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
+
+			x509Certs = s.GetCertificates("Collection");
+			x509Crls = s.GetCrls("Collection");
+
+			signers = s.GetSignerInfos();
+			c = signers.GetSigners();
+
+			foreach (SignerInformation signer in c)
+			{
+				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+
+				IEnumerator certEnum = certCollection.GetEnumerator();
+
+				certEnum.MoveNext();
+				X509Certificate cert = (X509Certificate) certEnum.Current;
+
+				Assert.IsTrue(signer.Verify(cert));
+			}
+
+			CheckSignerStoreReplacement(s, signers);
+		}
+
+		//
+		// signerInformation store replacement test.
+		//
+		private void CheckSignerStoreReplacement(
+			CmsSignedData orig,
+			SignerInformationStore signers)
+		{
+			CmsSignedData s = CmsSignedData.ReplaceSigners(orig, signers);
+
+			IX509Store x509Certs = s.GetCertificates("Collection");
+
+			signers = s.GetSignerInfos();
+			ICollection c = signers.GetSigners();
+
+			foreach (SignerInformation signer in c)
+			{
+				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+
+				IEnumerator certEnum = certCollection.GetEnumerator();
+
+				certEnum.MoveNext();
+				X509Certificate cert = (X509Certificate) certEnum.Current;
+
+				Assert.IsTrue(signer.Verify(cert));
+			}
+		}
+
+		[Test]
+		public void TestUnsortedAttributes()
+		{
+			CmsSignedData s = new CmsSignedData(new CmsProcessableByteArray(disorderedMessage), disorderedSet);
+
+			IX509Store x509Certs = s.GetCertificates("Collection");
+
+			SignerInformationStore	signers = s.GetSignerInfos();
+			ICollection				c = signers.GetSigners();
+
+			foreach (SignerInformation signer in c)
+			{
+				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+
+				IEnumerator certEnum = certCollection.GetEnumerator();
+
+				certEnum.MoveNext();
+				X509Certificate cert = (X509Certificate) certEnum.Current;
+
+				Assert.IsTrue(signer.Verify(cert));
+			}
+		}
+
+		[Test]
+		public void TestNullContentWithSigner()
+		{
+			IList certList = new ArrayList();
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			CmsSignedData s = gen.Generate(null, false);
+
+			s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
+
+			VerifySignatures(s);
+		}
+
+		[Test]
+		public void TestWithAttributeCertificate()
+		{
+			IList certList = new ArrayList();
+			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
+
+			certList.Add(SignDsaCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			IX509AttributeCertificate attrCert = CmsTestUtil.GetAttributeCertificate();
+
+			ArrayList attrCerts = new ArrayList();
+			attrCerts.Add(attrCert);
+
+			IX509Store store = X509StoreFactory.Create(
+				"AttributeCertificate/Collection",
+				new X509CollectionStoreParameters(attrCerts));
+
+			gen.AddAttributeCertificates(store);
+
+			CmsSignedData sd = gen.Generate(msg);
+
+			Assert.AreEqual(4, sd.Version);
+
+			store = sd.GetAttributeCertificates("Collection");
+
+			ArrayList coll = new ArrayList(store.GetMatches(null));
+
+			Assert.AreEqual(1, coll.Count);
+
+			Assert.IsTrue(coll.Contains(attrCert));
+
+			//
+			// create new certstore
+			//
+			certList = new ArrayList();
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			//
+			// replace certs
+			//
+			sd = CmsSignedData.ReplaceCertificatesAndCrls(sd, x509Certs, null, null);
+
+			VerifySignatures(sd);
+		}
+
+		[Test]
+		public void TestCertStoreReplacement()
+		{
+			IList certList = new ArrayList();
+			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
+
+			certList.Add(SignDsaCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			CmsSignedData sd = gen.Generate(msg);
+
+			//
+			// create new certstore
+			//
+			certList = new ArrayList();
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			//
+			// replace certs
+			//
+			sd = CmsSignedData.ReplaceCertificatesAndCrls(sd, x509Certs, null, null);
+
+			VerifySignatures(sd);
+		}
+
+		[Test]
+		public void TestEncapsulatedCertStoreReplacement()
+		{
+			IList certList = new ArrayList();
+			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
+
+			certList.Add(SignDsaCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			CmsSignedData sd = gen.Generate(msg, true);
+
+			//
+			// create new certstore
+			//
+			certList = new ArrayList();
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			//
+			// replace certs
+			//
+			sd = CmsSignedData.ReplaceCertificatesAndCrls(sd, x509Certs, null, null);
+
+			VerifySignatures(sd);
+		}
+
+		[Test]
+		public void TestCertOrdering1()
+		{
+			IList certList = new ArrayList();
+			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+			certList.Add(SignDsaCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			CmsSignedData sd = gen.Generate(msg, true);
+
+			x509Certs = sd.GetCertificates("Collection");
+			ArrayList a = new ArrayList(x509Certs.GetMatches(null));
+
+			Assert.AreEqual(3, a.Count);
+			Assert.AreEqual(OrigCert, a[0]);
+			Assert.AreEqual(SignCert, a[1]);
+			Assert.AreEqual(SignDsaCert, a[2]);
+		}
+
+		[Test]
+		public void TestCertOrdering2()
+		{
+			IList certList = new ArrayList();
+			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
+
+			certList.Add(SignCert);
+			certList.Add(SignDsaCert);
+			certList.Add(OrigCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+	
+			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			CmsSignedData sd = gen.Generate(msg, true);
+
+			x509Certs = sd.GetCertificates("Collection");
+			ArrayList a = new ArrayList(x509Certs.GetMatches(null));
+
+			Assert.AreEqual(3, a.Count);
+			Assert.AreEqual(SignCert, a[0]);
+			Assert.AreEqual(SignDsaCert, a[1]);
+			Assert.AreEqual(OrigCert, a[2]);
+		}
+
+		[Test]
+		public void TestSignerStoreReplacement()
+		{
+			IList certList = new ArrayList();
+			CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
+
+			certList.Add(OrigCert);
+			certList.Add(SignCert);
+
+			IX509Store x509Certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1);
+
+			gen.AddCertificates(x509Certs);
+
+			CmsSignedData original = gen.Generate(msg, true);
+
+			//
+			// create new Signer
+			//
+			gen = new CmsSignedDataGenerator();
+
+			gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha224);
+
+			gen.AddCertificates(x509Certs);
+
+			CmsSignedData newSD = gen.Generate(msg, true);
+
+			//
+			// replace signer
+			//
+			CmsSignedData sd = CmsSignedData.ReplaceSigners(original, newSD.GetSignerInfos());
+
+			IEnumerator signerEnum = sd.GetSignerInfos().GetSigners().GetEnumerator();
+			signerEnum.MoveNext();
+			SignerInformation signer = (SignerInformation) signerEnum.Current;
+
+			Assert.AreEqual(CmsSignedDataGenerator.DigestSha224, signer.DigestAlgOid);
+
+			// we use a parser here as it requires the digests to be correct in the digest set, if it
+			// isn't we'll get a NullPointerException
+			CmsSignedDataParser sp = new CmsSignedDataParser(sd.GetEncoded());
+
+			sp.GetSignedContent().Drain();
+
+			VerifySignatures(sp);
+		}
+
+		[Test]
+		public void TestEncapsulatedSamples()
+		{
+			doTestSample("PSSSignDataSHA1Enc.sig");
+			doTestSample("PSSSignDataSHA256Enc.sig");
+			doTestSample("PSSSignDataSHA512Enc.sig");
+		}
+
+		[Test]
+		public void TestSamples()
+		{
+			doTestSample("PSSSignData.data", "PSSSignDataSHA1.sig");
+			doTestSample("PSSSignData.data", "PSSSignDataSHA256.sig");
+			doTestSample("PSSSignData.data", "PSSSignDataSHA512.sig");
+		}
+
+		[Test]
+		public void TestCounterSig()
+		{
+			CmsSignedData sig = new CmsSignedData(GetInput("counterSig.p7m"));
+
+			SignerInformationStore ss = sig.GetSignerInfos();
+			ArrayList signers = new ArrayList(ss.GetSigners());
+
+			SignerInformationStore cs = ((SignerInformation)signers[0]).GetCounterSignatures();
+			ArrayList csSigners = new ArrayList(cs.GetSigners());
+			Assert.AreEqual(1, csSigners.Count);
+
+			foreach (SignerInformation cSigner in csSigners)
+			{
+				ArrayList certCollection = new ArrayList(
+					sig.GetCertificates("Collection").GetMatches(cSigner.SignerID));
+
+				X509Certificate cert = (X509Certificate)certCollection[0];
+
+				Assert.IsNull(cSigner.SignedAttributes[Asn1.Pkcs.PkcsObjectIdentifiers.Pkcs9AtContentType]);
+				Assert.IsTrue(cSigner.Verify(cert));
+			}
+
+			VerifySignatures(sig);
+		}
+
+		private void doTestSample(
+			string sigName)
+		{
+			CmsSignedData sig = new CmsSignedData(GetInput(sigName));
+			VerifySignatures(sig);
+		}
+
+		private void doTestSample(
+			string	messageName,
+			string	sigName)
+		{
+			CmsSignedData sig = new CmsSignedData(
+				new CmsProcessableByteArray(GetInput(messageName)),
+				GetInput(sigName));
+
+			VerifySignatures(sig);
+		}
+
+		private byte[] GetInput(
+			string name)
+		{
+			return Streams.ReadAll(SimpleTest.GetTestDataAsStream("cms.sigs." + name));
+		}
+
+		[Test]
+		public void TestForMultipleCounterSignatures()
+		{
+			CmsSignedData sd = new CmsSignedData(xtraCounterSig);
+
+			foreach (SignerInformation sigI in sd.GetSignerInfos().GetSigners())
+			{
+				SignerInformationStore counter = sigI.GetCounterSignatures();
+				IList sigs = new ArrayList(counter.GetSigners());
+
+				Assert.AreEqual(2, sigs.Count);
+			}
+		}
+
+		private void VerifySignatures(
+			CmsSignedDataParser sp)
+		{
+			IX509Store x509Certs = sp.GetCertificates("Collection");
+			SignerInformationStore signers = sp.GetSignerInfos();
+
+			foreach (SignerInformation signer in signers.GetSigners())
+			{
+				ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
+
+				IEnumerator certEnum = certCollection.GetEnumerator();
+				certEnum.MoveNext();
+				X509Certificate cert = (X509Certificate)certEnum.Current;
+
+				Assert.IsTrue(signer.Verify(cert));
+			}
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/examples/DESExample.cs b/crypto/test/src/crypto/examples/DESExample.cs
new file mode 100644
index 000000000..c026d3159
--- /dev/null
+++ b/crypto/test/src/crypto/examples/DESExample.cs
@@ -0,0 +1,396 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Paddings;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Crypto.Examples
+{
+	/**
+	* DesExample is a simple DES based encryptor/decryptor.
+	* <p>
+	* The program is command line driven, with the input
+	* and output files specified on the command line.
+	* <pre>
+	* java org.bouncycastle.crypto.examples.DesExample infile outfile [keyfile]
+	* </pre>
+	* A new key is generated for each encryption, if key is not specified,
+	* then the example will assume encryption is required, and as output
+	* create deskey.dat in the current directory.  This key is a hex
+	* encoded byte-stream that is used for the decryption.  The output
+	* file is Hex encoded, 60 characters wide text file.
+	* </p>
+	* <p>
+	* When encrypting;
+	* <ul>
+	*  <li>the infile is expected to be a byte stream (text or binary)</li>
+	*  <li>there is no keyfile specified on the input line</li>
+	* </ul>
+	* </p>
+	* <p>
+	* When decrypting;
+	*  <li>the infile is expected to be the 60 character wide base64 
+	*    encoded file</li>
+	*  <li>the keyfile is expected to be a base64 encoded file</li>
+	* </p>
+	* <p>
+	* This example shows how to use the light-weight API, DES and
+	* the filesystem for message encryption and decryption.
+	* </p>
+	*/
+	public class DesExample
+	{
+		// Encrypting or decrypting ?
+		private bool encrypt = true;
+
+		// To hold the initialised DESede cipher
+		private PaddedBufferedBlockCipher cipher = null;
+
+		// The input stream of bytes to be processed for encryption
+		private Stream inStr = null;
+
+		// The output stream of bytes to be procssed
+		private Stream outStr = null;
+
+		// The key
+		private byte[] key = null;
+
+		/*
+		* start the application
+		*/
+		public static int Main(
+			string[] args)
+		{
+			bool encrypt = true;
+			string infile = null;
+			string outfile = null;
+			string keyfile = null;
+
+			if (args.Length < 2)
+			{
+//				Console.Error.WriteLine("Usage: java " + typeof(DesExample).Name + " infile outfile [keyfile]");
+				Console.Error.WriteLine("Usage: " + typeof(DesExample).Name + " infile outfile [keyfile]");
+				return 1;
+			}
+
+			keyfile = "deskey.dat";
+			infile = args[0];
+			outfile = args[1];
+
+			if (args.Length > 2)
+			{
+				encrypt = false;
+				keyfile = args[2];
+			}
+
+			try
+			{
+				DesExample de = new DesExample(infile, outfile, keyfile, encrypt);
+				de.process();
+			}
+			catch (Exception)
+			{
+				return 1;
+			}
+
+			return 0;
+		}
+
+		// Default constructor, used for the usage message
+		public DesExample()
+		{
+		}
+
+		/*
+		* Constructor, that takes the arguments appropriate for
+		* processing the command line directives.
+		*/
+		public DesExample(
+			string	infile,
+			string	outfile,
+			string	keyfile,
+			bool	encrypt)
+		{
+			/* 
+			* First, determine that infile & keyfile exist as appropriate.
+			*
+			* This will also create the BufferedInputStream as required
+			* for reading the input file.  All input files are treated
+			* as if they are binary, even if they contain text, it's the
+			* bytes that are encrypted.
+			*/
+			this.encrypt = encrypt;
+			try
+			{
+				inStr = File.OpenRead(infile);
+			}
+			catch (FileNotFoundException e)
+			{
+				Console.Error.WriteLine("Input file not found ["+infile+"]");
+				throw e;
+			}
+
+			try
+			{
+				outStr = File.Create(outfile);
+			}
+			catch (IOException e)
+			{
+				Console.Error.WriteLine("Output file not created ["+outfile+"]");
+				throw e;
+			}
+
+			if (encrypt)
+			{
+				try
+				{
+					/*
+					* The process of creating a new key requires a 
+					* number of steps.
+					*
+					* First, create the parameters for the key generator
+					* which are a secure random number generator, and
+					* the length of the key (in bits).
+					*/
+					SecureRandom sr = new SecureRandom();
+
+					KeyGenerationParameters kgp = new KeyGenerationParameters(
+						sr, 
+						DesEdeParameters.DesEdeKeyLength * 8);
+
+					/*
+					* Second, initialise the key generator with the parameters
+					*/
+					DesEdeKeyGenerator kg = new DesEdeKeyGenerator();
+					kg.Init(kgp);
+
+					/*
+					* Third, and finally, generate the key
+					*/
+					key = kg.GenerateKey();
+
+					/*
+					* We can now output the key to the file, but first
+					* hex Encode the key so that we can have a look
+					* at it with a text editor if we so desire
+					*/
+					using (Stream keystream = File.Create(keyfile))
+					{
+						Hex.Encode(key, keystream);
+					}
+				}
+				catch (IOException e)
+				{
+					Console.Error.WriteLine("Could not decryption create key file "+
+										"["+keyfile+"]");
+					throw e;
+				}
+			}
+			else
+			{
+				try
+				{
+					// TODO This block is a bit dodgy
+
+					// read the key, and Decode from hex encoding
+					Stream keystream = File.OpenRead(keyfile);
+//					int len = keystream.available();
+					int len = (int) keystream.Length;
+					byte[] keyhex = new byte[len];
+					keystream.Read(keyhex, 0, len);
+					key = Hex.Decode(keyhex);
+				}
+				catch (IOException e)
+				{
+					Console.Error.WriteLine("Decryption key file not found, "
+						+ "or not valid ["+keyfile+"]");
+					throw e;
+				}
+			}
+		}
+
+		private void process()
+		{
+			/* 
+			* Setup the DESede cipher engine, create a PaddedBufferedBlockCipher
+			* in CBC mode.
+			*/
+			cipher = new PaddedBufferedBlockCipher(
+				new CbcBlockCipher(new DesEdeEngine()));
+
+			/*
+			* The input and output streams are currently set up
+			* appropriately, and the key bytes are ready to be
+			* used.
+			*
+			*/
+
+			if (encrypt)
+			{
+				performEncrypt(key);
+			}
+			else
+			{
+				performDecrypt(key);
+			}
+
+			// after processing clean up the files
+			try
+			{
+				inStr.Close();
+				outStr.Flush();
+				outStr.Close();
+			}
+			catch (IOException)
+			{
+			}
+		}
+
+		/*
+		* This method performs all the encryption and writes
+		* the cipher text to the buffered output stream created
+		* previously.
+		*/
+		private void performEncrypt(byte[] key)
+		{
+			// initialise the cipher with the key bytes, for encryption
+			cipher.Init(true, new KeyParameter(key));
+
+			/*
+			* Create some temporary byte arrays for use in
+			* encryption, make them a reasonable size so that
+			* we don't spend forever reading small chunks from
+			* a file.
+			*
+			* There is no particular reason for using getBlockSize()
+			* to determine the size of the input chunk.  It just
+			* was a convenient number for the example.  
+			*/
+			// int inBlockSize = cipher.getBlockSize() * 5;
+			int inBlockSize = 47;
+			int outBlockSize = cipher.GetOutputSize(inBlockSize);
+
+			byte[] inblock = new byte[inBlockSize];
+			byte[] outblock = new byte[outBlockSize];
+
+			/* 
+			* now, read the file, and output the chunks
+			*/
+			try
+			{
+				int inL;
+				int outL;
+				while ((inL = inStr.Read(inblock, 0, inBlockSize)) > 0)
+				{
+					outL = cipher.ProcessBytes(inblock, 0, inL, outblock, 0);
+
+					/*
+					* Before we write anything out, we need to make sure
+					* that we've got something to write out. 
+					*/
+					if (outL > 0)
+					{
+						Hex.Encode(outblock, 0, outL, outStr);
+						outStr.WriteByte((byte)'\n');
+					}
+				}
+
+				try
+				{
+					/*
+					* Now, process the bytes that are still buffered
+					* within the cipher.
+					*/
+					outL = cipher.DoFinal(outblock, 0);
+					if (outL > 0)
+					{
+						Hex.Encode(outblock, 0, outL, outStr);
+						outStr.WriteByte((byte) '\n');
+					}
+				}
+				catch (CryptoException)
+				{
+
+				}
+			}
+			catch (IOException ioeread)
+			{
+				Console.Error.WriteLine(ioeread.StackTrace);
+			}
+		}
+
+		/*
+		* This method performs all the decryption and writes
+		* the plain text to the buffered output stream created
+		* previously.
+		*/
+		private void performDecrypt(byte[] key)
+		{    
+			// initialise the cipher for decryption
+			cipher.Init(false, new KeyParameter(key));
+
+			/* 
+			* As the decryption is from our preformatted file,
+			* and we know that it's a hex encoded format, then
+			* we wrap the InputStream with a BufferedReader
+			* so that we can read it easily.
+			*/
+//			BufferedReader br = new BufferedReader(new StreamReader(inStr));
+			StreamReader br = new StreamReader(inStr); // 'inStr' already buffered
+
+			/* 
+			* now, read the file, and output the chunks
+			*/
+			try
+			{
+				int outL;
+				byte[] inblock = null;
+				byte[] outblock = null;
+				string rv = null;
+				while ((rv = br.ReadLine()) != null)
+				{
+					inblock = Hex.Decode(rv);
+					outblock = new byte[cipher.GetOutputSize(inblock.Length)];
+
+					outL = cipher.ProcessBytes(inblock, 0, inblock.Length, outblock, 0);
+					/*
+					* Before we write anything out, we need to make sure
+					* that we've got something to write out. 
+					*/
+					if (outL > 0)
+					{
+						outStr.Write(outblock, 0, outL);
+					}
+				}
+
+				try
+				{
+					/*
+					* Now, process the bytes that are still buffered
+					* within the cipher.
+					*/
+					outL = cipher.DoFinal(outblock, 0);
+					if (outL > 0)
+					{
+						outStr.Write(outblock, 0, outL);
+					}
+				}
+				catch (CryptoException)
+				{
+
+				}
+			}
+			catch (IOException ioeread)
+			{
+				Console.Error.WriteLine(ioeread.StackTrace);
+			}
+		}
+
+	}
+}
diff --git a/crypto/test/src/crypto/io/test/AllTests.cs b/crypto/test/src/crypto/io/test/AllTests.cs
new file mode 100644
index 000000000..0296a2dc0
--- /dev/null
+++ b/crypto/test/src/crypto/io/test/AllTests.cs
@@ -0,0 +1,27 @@
+using System;
+
+using NUnit.Core;
+using NUnit.Framework;
+
+namespace Org.BouncyCastle.Crypto.IO.Tests
+{
+	public class AllTests
+	{
+		public static void Main(
+			string[] args)
+		{
+//            junit.textui.TestRunner.run(suite());
+			EventListener el = new NullListener();
+			suite().Run(el);
+		}
+
+		public static TestSuite suite()
+		{
+			TestSuite suite = new TestSuite("IO tests");
+
+			suite.Add(new CipherStreamTest());
+
+			return suite;
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/io/test/CipherStreamTest.cs b/crypto/test/src/crypto/io/test/CipherStreamTest.cs
new file mode 100644
index 000000000..8f03c5770
--- /dev/null
+++ b/crypto/test/src/crypto/io/test/CipherStreamTest.cs
@@ -0,0 +1,166 @@
+using System;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.IO.Tests
+{
+	[TestFixture]
+	public class CipherStreamTest
+	{
+		private const string DATA = "This will be encrypted and then decrypted and checked for correctness";
+
+		[Test]
+		public void TestEncryptDecryptA()
+		{
+			byte[] dataBytes = Encoding.ASCII.GetBytes(DATA);
+			byte[] encryptedDataBytes = encryptOnWrite(dataBytes);
+
+			byte[] decryptedDataBytes = decryptOnRead(encryptedDataBytes);
+			string decryptedData = Encoding.ASCII.GetString(decryptedDataBytes, 0, decryptedDataBytes.Length);
+			Assert.AreEqual(DATA, decryptedData);
+		}
+
+		[Test]
+		public void TestEncryptDecryptB()
+		{
+			byte[] dataBytes = Encoding.ASCII.GetBytes(DATA);
+			byte[] encryptedDataBytes = encryptOnRead(dataBytes);
+
+			byte[] decryptedDataBytes = decryptOnWrite(encryptedDataBytes);
+			string decryptedData = Encoding.ASCII.GetString(decryptedDataBytes, 0, decryptedDataBytes.Length);
+			Assert.AreEqual(DATA, decryptedData);
+		}
+
+		[Test]
+		public void TestEncryptDecryptC()
+		{
+			byte[] dataBytes = Encoding.ASCII.GetBytes(DATA);
+			byte[] encryptedDataBytes = encryptOnWrite(dataBytes);
+
+			byte[] decryptedDataBytes = decryptOnWrite(encryptedDataBytes);
+			string decryptedData = Encoding.ASCII.GetString(decryptedDataBytes, 0, decryptedDataBytes.Length);
+			Assert.AreEqual(DATA, decryptedData);
+		}
+
+		[Test]
+		public void TestEncryptDecryptD()
+		{
+			byte[] dataBytes = Encoding.ASCII.GetBytes(DATA);
+			byte[] encryptedDataBytes = encryptOnRead(dataBytes);
+
+			byte[] decryptedDataBytes = decryptOnRead(encryptedDataBytes);
+			string decryptedData = Encoding.ASCII.GetString(decryptedDataBytes, 0, decryptedDataBytes.Length);
+			Assert.AreEqual(DATA, decryptedData);
+		}
+
+		private byte[] encryptOnWrite(byte[] dataBytes)
+		{
+			MemoryStream encryptedDataStream = new MemoryStream();
+			IBufferedCipher outCipher = createCipher(true);
+			CipherStream outCipherStream = new CipherStream(encryptedDataStream, null, outCipher);
+			outCipherStream.Write(dataBytes, 0, dataBytes.Length);
+			Assert.AreEqual(0L, encryptedDataStream.Position % outCipher.GetBlockSize());
+
+			outCipherStream.Close();
+			byte[] encryptedDataBytes = encryptedDataStream.ToArray();
+			Assert.AreEqual(dataBytes.Length, encryptedDataBytes.Length);
+
+			return encryptedDataBytes;
+		}
+
+		private byte[] encryptOnRead(byte[] dataBytes)
+		{
+			MemoryStream dataStream = new MemoryStream(dataBytes, false);
+			MemoryStream encryptedDataStream = new MemoryStream();
+			IBufferedCipher inCipher = createCipher(true);
+			CipherStream inCipherStream = new CipherStream(dataStream, inCipher, null);
+
+			int ch;
+			while ((ch = inCipherStream.ReadByte()) >= 0)
+			{
+				encryptedDataStream.WriteByte((byte) ch);
+			}
+
+			encryptedDataStream.Close();
+			inCipherStream.Close();
+
+			byte[] encryptedDataBytes = encryptedDataStream.ToArray();
+			Assert.AreEqual(dataBytes.Length, encryptedDataBytes.Length);
+
+			return encryptedDataBytes;
+		}
+
+		private byte[] decryptOnRead(byte[] encryptedDataBytes)
+		{
+			MemoryStream encryptedDataStream = new MemoryStream(encryptedDataBytes, false);
+			MemoryStream dataStream = new MemoryStream();
+			IBufferedCipher inCipher = createCipher(false);
+			CipherStream inCipherStream = new CipherStream(encryptedDataStream, inCipher, null);
+
+			int ch;
+			while ((ch = inCipherStream.ReadByte()) >= 0)
+			{
+				dataStream.WriteByte((byte) ch);
+			}
+
+			inCipherStream.Close();
+			dataStream.Close();
+
+			byte[] dataBytes = dataStream.ToArray();
+			Assert.AreEqual(encryptedDataBytes.Length, dataBytes.Length);
+
+			return dataBytes;
+		}
+
+		private byte[] decryptOnWrite(byte[] encryptedDataBytes)
+		{
+			MemoryStream encryptedDataStream = new MemoryStream(encryptedDataBytes, false);
+			MemoryStream dataStream = new MemoryStream();
+			IBufferedCipher outCipher = createCipher(false);
+			CipherStream outCipherStream = new CipherStream(dataStream, null, outCipher);
+
+			int ch;
+			while ((ch = encryptedDataStream.ReadByte()) >= 0)
+			{
+				outCipherStream.WriteByte((byte) ch);
+			}
+
+			outCipherStream.Close();
+			encryptedDataStream.Close();
+
+			byte[] dataBytes = dataStream.ToArray();
+			Assert.AreEqual(encryptedDataBytes.Length, dataBytes.Length);
+
+			return dataBytes;
+		}
+
+		private IBufferedCipher createCipher(bool forEncryption)
+		{
+//			IBufferedCipher cipher = CipherUtilities.GetCipher("AES/CFB/NoPadding");
+
+			IBlockCipher blockCipher = new AesEngine();
+			int bits = 8 * blockCipher.GetBlockSize(); // TODO Is this right?
+			blockCipher = new CfbBlockCipher(blockCipher, bits);
+			IBufferedCipher cipher = new BufferedBlockCipher(blockCipher);
+
+//			SecureRandom random = new SecureRandom();
+			byte[] keyBytes = new byte[32];
+			//random.NextBytes(keyBytes);
+			KeyParameter key = new KeyParameter(keyBytes);
+
+			byte[] iv = new byte[cipher.GetBlockSize()];
+			//random.NextBytes(iv);
+
+			cipher.Init(forEncryption, new ParametersWithIV(key, iv));
+
+			return cipher;
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/AESFastTest.cs b/crypto/test/src/crypto/test/AESFastTest.cs
new file mode 100644
index 000000000..5513a0e78
--- /dev/null
+++ b/crypto/test/src/crypto/test/AESFastTest.cs
@@ -0,0 +1,168 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* Test vectors from the NIST standard tests and Brian Gladman's vector set
+	* <a href="http://fp.gladman.plus.com/cryptography_technology/rijndael/">
+	* http://fp.gladman.plus.com/cryptography_technology/rijndael/</a>
+	*/
+	[TestFixture]
+	public class AesFastTest
+		: CipherTest
+	{
+		static SimpleTest[]  tests =
+		{
+			new BlockCipherVectorTest(0, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("80000000000000000000000000000000")),
+					"00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
+			new BlockCipherVectorTest(1, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("00000000000000000000000000000080")),
+					"00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
+			new BlockCipherMonteCarloTest(2, 10000, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+					"00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
+			new BlockCipherMonteCarloTest(3, 10000, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")),
+					"355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
+			new BlockCipherVectorTest(4, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
+					"80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
+			new BlockCipherMonteCarloTest(5, 10000, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")),
+					"F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
+			new BlockCipherVectorTest(6, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+					"80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
+			new BlockCipherMonteCarloTest(7, 10000, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")),
+					"C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"),
+			new BlockCipherVectorTest(8, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("80000000000000000000000000000000")),
+					"00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
+			new BlockCipherVectorTest(9, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("00000000000000000000000000000080")),
+					"00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
+			new BlockCipherMonteCarloTest(10, 10000, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+					"00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
+			new BlockCipherMonteCarloTest(11, 10000, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")),
+					"355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
+			new BlockCipherVectorTest(12, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
+					"80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
+			new BlockCipherMonteCarloTest(13, 10000, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")),
+					"F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
+			new BlockCipherVectorTest(14, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+					"80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
+			new BlockCipherMonteCarloTest(15, 10000, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")),
+					"C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"),
+			new BlockCipherVectorTest(16, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("80000000000000000000000000000000")),
+					"00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
+			new BlockCipherVectorTest(17, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("00000000000000000000000000000080")),
+					"00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
+			new BlockCipherMonteCarloTest(18, 10000, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+					"00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
+			new BlockCipherMonteCarloTest(19, 10000, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")),
+					"355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
+			new BlockCipherVectorTest(20, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
+					"80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
+			new BlockCipherMonteCarloTest(21, 10000, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")),
+					"F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
+			new BlockCipherVectorTest(22, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+					"80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
+			new BlockCipherMonteCarloTest(23, 10000, new AesFastEngine(),
+					new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")),
+					"C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168")
+		};
+
+		private IBlockCipher _engine = new AesFastEngine();
+
+		public AesFastTest()
+			: base(tests, new AesFastEngine(), new KeyParameter(new byte[16]))
+		{
+		}
+
+		public override string Name
+		{
+			get
+			{
+				return "AESFast";
+			}
+		}
+
+		public override void PerformTest()
+		{
+			base.PerformTest();
+
+			byte[] keyBytes = new byte[16];
+
+			_engine.Init(true, new KeyParameter(keyBytes));
+
+			//
+			// init tests
+			//
+			try
+			{
+				byte[] dudKey = new byte[6];
+
+				_engine.Init(true, new KeyParameter(dudKey));
+
+				Fail("failed key length check");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+
+			try
+			{
+				byte[] iv = new byte[16];
+
+				_engine.Init(true, new ParametersWithIV(null, iv));
+
+				Fail("failed parameter check");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			AesFastTest test = new AesFastTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/AESLightTest.cs b/crypto/test/src/crypto/test/AESLightTest.cs
new file mode 100644
index 000000000..0b5777ba1
--- /dev/null
+++ b/crypto/test/src/crypto/test/AESLightTest.cs
@@ -0,0 +1,168 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* Test vectors from the NIST standard tests and Brian Gladman's vector set
+	* <a href="http://fp.gladman.plus.com/cryptography_technology/rijndael/">
+	* http://fp.gladman.plus.com/cryptography_technology/rijndael/</a>
+	*/
+	[TestFixture]
+	public class AesLightTest
+		: CipherTest
+	{
+		static SimpleTest[]  tests =
+		{
+			new BlockCipherVectorTest(0, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("80000000000000000000000000000000")),
+					"00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
+			new BlockCipherVectorTest(1, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("00000000000000000000000000000080")),
+					"00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
+			new BlockCipherMonteCarloTest(2, 10000, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+					"00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
+			new BlockCipherMonteCarloTest(3, 10000, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")),
+					"355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
+			new BlockCipherVectorTest(4, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
+					"80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
+			new BlockCipherMonteCarloTest(5, 10000, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")),
+					"F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
+			new BlockCipherVectorTest(6, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+					"80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
+			new BlockCipherMonteCarloTest(7, 10000, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")),
+					"C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"),
+			new BlockCipherVectorTest(8, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("80000000000000000000000000000000")),
+					"00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
+			new BlockCipherVectorTest(9, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("00000000000000000000000000000080")),
+					"00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
+			new BlockCipherMonteCarloTest(10, 10000, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+					"00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
+			new BlockCipherMonteCarloTest(11, 10000, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")),
+					"355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
+			new BlockCipherVectorTest(12, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
+					"80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
+			new BlockCipherMonteCarloTest(13, 10000, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")),
+					"F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
+			new BlockCipherVectorTest(14, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+					"80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
+			new BlockCipherMonteCarloTest(15, 10000, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")),
+					"C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"),
+			new BlockCipherVectorTest(16, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("80000000000000000000000000000000")),
+					"00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
+			new BlockCipherVectorTest(17, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("00000000000000000000000000000080")),
+					"00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
+			new BlockCipherMonteCarloTest(18, 10000, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+					"00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
+			new BlockCipherMonteCarloTest(19, 10000, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")),
+					"355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
+			new BlockCipherVectorTest(20, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
+					"80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
+			new BlockCipherMonteCarloTest(21, 10000, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")),
+					"F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
+			new BlockCipherVectorTest(22, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+					"80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
+			new BlockCipherMonteCarloTest(23, 10000, new AesLightEngine(),
+					new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")),
+					"C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168")
+		};
+
+		private IBlockCipher _engine = new AesLightEngine();
+
+		public AesLightTest()
+			: base(tests, new AesLightEngine(), new KeyParameter(new byte[16]))
+		{
+		}
+
+		public override string Name
+		{
+			get
+			{
+				return "AESLight";
+			}
+		}
+
+		public override void PerformTest()
+		{
+			base.PerformTest();
+
+			byte[] keyBytes = new byte[16];
+
+			_engine.Init(true, new KeyParameter(keyBytes));
+
+			//
+			// init tests
+			//
+			try
+			{
+				byte[] dudKey = new byte[6];
+
+				_engine.Init(true, new KeyParameter(dudKey));
+
+				Fail("failed key length check");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+
+			try
+			{
+				byte[] iv = new byte[16];
+
+				_engine.Init(true, new ParametersWithIV(null, iv));
+
+				Fail("failed parameter check");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			AesLightTest test = new AesLightTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/AESTest.cs b/crypto/test/src/crypto/test/AESTest.cs
new file mode 100644
index 000000000..7b8fc34cf
--- /dev/null
+++ b/crypto/test/src/crypto/test/AESTest.cs
@@ -0,0 +1,178 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <summary> Test vectors from the NIST standard tests and Brian Gladman's vector set
+    /// <a href="http://fp.gladman.plus.com/cryptography_technology/rijndael/">
+    /// http://fp.gladman.plus.com/cryptography_technology/rijndael/</a>
+    /// </summary>
+    [TestFixture]
+    public class AesTest : CipherTest
+    {
+        internal static SimpleTest[] tests = new SimpleTest[]{
+            new BlockCipherVectorTest(0, new AesEngine(), new KeyParameter(Hex.Decode("80000000000000000000000000000000")), "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
+            new BlockCipherVectorTest(1, new AesEngine(), new KeyParameter(Hex.Decode("00000000000000000000000000000080")), "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
+            new BlockCipherMonteCarloTest(2, 10000, new AesEngine(), new KeyParameter(Hex.Decode("00000000000000000000000000000000")), "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
+            new BlockCipherMonteCarloTest(3, 10000, new AesEngine(), new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")), "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
+            new BlockCipherVectorTest(4, new AesEngine(), new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
+            new BlockCipherMonteCarloTest(5, 10000, new AesEngine(), new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")), "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
+            new BlockCipherVectorTest(6, new AesEngine(), new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
+            new BlockCipherMonteCarloTest(7, 10000, new AesEngine(), new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")), "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"),
+            new BlockCipherVectorTest(8, new AesEngine(), new KeyParameter(Hex.Decode("80000000000000000000000000000000")), "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
+            new BlockCipherVectorTest(9, new AesEngine(), new KeyParameter(Hex.Decode("00000000000000000000000000000080")), "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
+            new BlockCipherMonteCarloTest(10, 10000, new AesEngine(), new KeyParameter(Hex.Decode("00000000000000000000000000000000")), "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
+            new BlockCipherMonteCarloTest(11, 10000, new AesEngine(), new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")), "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
+            new BlockCipherVectorTest(12, new AesEngine(), new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
+            new BlockCipherMonteCarloTest(13, 10000, new AesEngine(), new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")), "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
+            new BlockCipherVectorTest(14, new AesEngine(), new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
+            new BlockCipherMonteCarloTest(15, 10000, new AesEngine(), new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")), "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"),
+            new BlockCipherVectorTest(16, new AesEngine(), new KeyParameter(Hex.Decode("80000000000000000000000000000000")), "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
+            new BlockCipherVectorTest(17, new AesEngine(), new KeyParameter(Hex.Decode("00000000000000000000000000000080")), "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
+            new BlockCipherMonteCarloTest(18, 10000, new AesEngine(), new KeyParameter(Hex.Decode("00000000000000000000000000000000")), "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
+            new BlockCipherMonteCarloTest(19, 10000, new AesEngine(), new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")), "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
+            new BlockCipherVectorTest(20, new AesEngine(), new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
+            new BlockCipherMonteCarloTest(21, 10000, new AesEngine(), new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")), "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
+            new BlockCipherVectorTest(22, new AesEngine(), new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
+            new BlockCipherMonteCarloTest(23, 10000, new AesEngine(), new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")), "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168")};
+
+        public override string Name { get { return "AES"; } }
+
+		public AesTest()
+			: base(tests, new AesEngine(), new KeyParameter(new byte[16]))
+		{
+		}
+
+		private ITestResult WrapTest(int id, byte[] kek, byte[] input, byte[] outBytes)
+        {
+            IWrapper wrapper = new AesWrapEngine();
+
+            wrapper.Init(true, new KeyParameter(kek));
+
+            try
+            {
+                byte[] cText = wrapper.Wrap(input, 0, input.Length);
+
+				if (!Arrays.AreEqual(cText, outBytes))
+                {
+                    return new SimpleTestResult(false, Name + ": failed wrap test " + id
+						+ " expected " + Hex.ToHexString(outBytes)
+						+ " got " + Hex.ToHexString(cText));
+                }
+            }
+            catch (System.Exception e)
+            {
+                return new SimpleTestResult(false, Name + ": failed wrap test exception " + e.ToString());
+            }
+
+            wrapper.Init(false, new KeyParameter(kek));
+
+            try
+            {
+                byte[] pText = wrapper.Unwrap(outBytes, 0, outBytes.Length);
+                if (!Arrays.AreEqual(pText, input))
+                {
+                    return new SimpleTestResult(false, Name + ": failed unwrap test " + id
+						+ " expected " + Hex.ToHexString(input)
+						+ " got " + Hex.ToHexString(pText));
+                }
+            }
+            catch (Exception e)
+            {
+                return new SimpleTestResult(false, Name + ": failed unwrap test exception.", e);
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public override ITestResult Perform()
+        {
+            ITestResult result = base.Perform();
+            if (!result.IsSuccessful())
+            {
+                return result;
+            }
+
+            byte[] kek1 = Hex.Decode("000102030405060708090a0b0c0d0e0f");
+            byte[] in1 = Hex.Decode("00112233445566778899aabbccddeeff");
+            byte[] out1 = Hex.Decode("1fa68b0a8112b447aef34bd8fb5a7b829d3e862371d2cfe5");
+            result = WrapTest(1, kek1, in1, out1);
+            if (!result.IsSuccessful())
+            {
+                return result;
+            }
+
+            byte[] kek2 = Hex.Decode("000102030405060708090a0b0c0d0e0f1011121314151617");
+            byte[] in2 = Hex.Decode("00112233445566778899aabbccddeeff");
+            byte[] out2 = Hex.Decode("96778b25ae6ca435f92b5b97c050aed2468ab8a17ad84e5d");
+            result = WrapTest(2, kek2, in2, out2);
+            if (!result.IsSuccessful())
+            {
+                return result;
+            }
+
+            byte[] kek3 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f");
+            byte[] in3 = Hex.Decode("00112233445566778899aabbccddeeff");
+            byte[] out3 = Hex.Decode("64e8c3f9ce0f5ba263e9777905818a2a93c8191e7d6e8ae7");
+            result = WrapTest(3, kek3, in3, out3);
+            if (!result.IsSuccessful())
+            {
+                return result;
+            }
+
+            byte[] kek4 = Hex.Decode("000102030405060708090a0b0c0d0e0f1011121314151617");
+            byte[] in4 = Hex.Decode("00112233445566778899aabbccddeeff0001020304050607");
+            byte[] out4 = Hex.Decode("031d33264e15d33268f24ec260743edce1c6c7ddee725a936ba814915c6762d2");
+            result = WrapTest(4, kek4, in4, out4);
+            if (!result.IsSuccessful())
+            {
+                return result;
+            }
+
+            byte[] kek5 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f");
+            byte[] in5 = Hex.Decode("00112233445566778899aabbccddeeff0001020304050607");
+            byte[] out5 = Hex.Decode("a8f9bc1612c68b3ff6e6f4fbe30e71e4769c8b80a32cb8958cd5d17d6b254da1");
+            result = WrapTest(5, kek5, in5, out5);
+            if (!result.IsSuccessful())
+            {
+                return result;
+            }
+
+            byte[] kek6 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f");
+            byte[] in6 = Hex.Decode("00112233445566778899aabbccddeeff000102030405060708090a0b0c0d0e0f");
+            byte[] out6 = Hex.Decode("28c9f404c4b810f4cbccb35cfb87f8263f5786e2d80ed326cbc7f0e71a99f43bfb988b9b7a02dd21");
+            result = WrapTest(6, kek6, in6, out6);
+            if (!result.IsSuccessful())
+            {
+                return result;
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public static void Main(
+	        string[] args)
+        {
+            AesTest test = new AesTest();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/AESWrapTest.cs b/crypto/test/src/crypto/test/AESWrapTest.cs
new file mode 100644
index 000000000..11b46098e
--- /dev/null
+++ b/crypto/test/src/crypto/test/AESWrapTest.cs
@@ -0,0 +1,214 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* Wrap Test
+	*/
+	[TestFixture]
+	public class AesWrapTest
+		: ITest
+	{
+		public string Name
+		{
+			get
+			{
+				return "AESWrap";
+			}
+		}
+
+		private ITestResult wrapTest(
+			int     id,
+			byte[]  kek,
+			byte[]  inBytes,
+			byte[]  outBytes)
+		{
+			IWrapper wrapper = new AesWrapEngine();
+
+			wrapper.Init(true, new KeyParameter(kek));
+
+			try
+			{
+				byte[]  cText = wrapper.Wrap(inBytes, 0, inBytes.Length);
+				if (!Arrays.AreEqual(cText, outBytes))
+				{
+					return new SimpleTestResult(false, Name + ": failed wrap test " + id
+						+ " expected " + Hex.ToHexString(outBytes)
+						+ " got " + Hex.ToHexString(cText));
+				}
+			}
+			catch (Exception e)
+			{
+				return new SimpleTestResult(false, Name + ": failed wrap test exception " + e);
+			}
+
+			wrapper.Init(false, new KeyParameter(kek));
+
+			try
+			{
+				byte[]  pText = wrapper.Unwrap(outBytes, 0, outBytes.Length);
+				if (!Arrays.AreEqual(pText, inBytes))
+				{
+					return new SimpleTestResult(false, Name + ": failed unwrap test " + id
+						+ " expected " + Hex.ToHexString(inBytes)
+						+ " got " + Hex.ToHexString(pText));
+				}
+			}
+			catch (Exception e)
+			{
+				return new SimpleTestResult(false, Name + ": failed unwrap test exception.", e);
+			}
+
+			return new SimpleTestResult(true, Name + ": Okay");
+		}
+
+		public ITestResult Perform()
+		{
+			byte[]  kek1 = Hex.Decode("000102030405060708090a0b0c0d0e0f");
+			byte[]  in1 = Hex.Decode("00112233445566778899aabbccddeeff");
+			byte[]  out1 = Hex.Decode("1fa68b0a8112b447aef34bd8fb5a7b829d3e862371d2cfe5");
+			ITestResult result = wrapTest(1, kek1, in1, out1);
+
+			if (!result.IsSuccessful())
+			{
+				return result;
+			}
+
+			byte[]  kek2 = Hex.Decode("000102030405060708090a0b0c0d0e0f1011121314151617");
+			byte[]  in2 = Hex.Decode("00112233445566778899aabbccddeeff");
+			byte[]  out2 = Hex.Decode("96778b25ae6ca435f92b5b97c050aed2468ab8a17ad84e5d");
+			result = wrapTest(2, kek2, in2, out2);
+			if (!result.IsSuccessful())
+			{
+				return result;
+			}
+
+			byte[]  kek3 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f");
+			byte[]  in3 = Hex.Decode("00112233445566778899aabbccddeeff");
+			byte[]  out3 = Hex.Decode("64e8c3f9ce0f5ba263e9777905818a2a93c8191e7d6e8ae7");
+			result = wrapTest(3, kek3, in3, out3);
+			if (!result.IsSuccessful())
+			{
+				return result;
+			}
+
+			byte[]  kek4 = Hex.Decode("000102030405060708090a0b0c0d0e0f1011121314151617");
+			byte[]  in4 = Hex.Decode("00112233445566778899aabbccddeeff0001020304050607");
+			byte[]  out4 = Hex.Decode("031d33264e15d33268f24ec260743edce1c6c7ddee725a936ba814915c6762d2");
+			result = wrapTest(4, kek4, in4, out4);
+			if (!result.IsSuccessful())
+			{
+				return result;
+			}
+
+			byte[]  kek5 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f");
+			byte[]  in5 = Hex.Decode("00112233445566778899aabbccddeeff0001020304050607");
+			byte[]  out5 = Hex.Decode("a8f9bc1612c68b3ff6e6f4fbe30e71e4769c8b80a32cb8958cd5d17d6b254da1");
+			result = wrapTest(5, kek5, in5, out5);
+			if (!result.IsSuccessful())
+			{
+				return result;
+			}
+
+			byte[]  kek6 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f");
+			byte[]  in6 = Hex.Decode("00112233445566778899aabbccddeeff000102030405060708090a0b0c0d0e0f");
+			byte[]  out6 = Hex.Decode("28c9f404c4b810f4cbccb35cfb87f8263f5786e2d80ed326cbc7f0e71a99f43bfb988b9b7a02dd21");
+			result = wrapTest(6, kek6, in6, out6);
+			if (!result.IsSuccessful())
+			{
+				return result;
+			}
+
+			IWrapper wrapper = new AesWrapEngine();
+			KeyParameter key = new KeyParameter(new byte[16]);
+			byte[]       buf = new byte[16];
+
+			try
+			{
+				wrapper.Init(true, key);
+
+				wrapper.Unwrap(buf, 0, buf.Length);
+
+				return new SimpleTestResult(false, Name + ": failed unwrap state test.");
+			}
+			catch (InvalidOperationException)
+			{
+				// expected
+			}
+			catch (InvalidCipherTextException e)
+			{
+				return new SimpleTestResult(false, Name + ": unexpected exception: " + e, e);
+			}
+
+			try
+			{
+				wrapper.Init(false, key);
+
+				wrapper.Wrap(buf, 0, buf.Length);
+
+				return new SimpleTestResult(false, Name + ": failed unwrap state test.");
+			}
+			catch (InvalidOperationException)
+			{
+				// expected
+			}
+
+			//
+			// short test
+			//
+			try
+			{
+				wrapper.Init(false, key);
+
+				wrapper.Unwrap(buf, 0, buf.Length / 2);
+
+				return new SimpleTestResult(false, Name + ": failed unwrap short test.");
+			}
+			catch (InvalidCipherTextException)
+			{
+				// expected
+			}
+
+			try
+			{
+				wrapper.Init(true, key);
+
+				wrapper.Wrap(buf, 0, 15);
+
+				return new SimpleTestResult(false, Name + ": failed wrap length test.");
+			}
+			catch (DataLengthException)
+			{
+				// expected
+			}
+
+			return new SimpleTestResult(true, Name + ": Okay");
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			AesWrapTest test = new AesWrapTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/AllTests.cs b/crypto/test/src/crypto/test/AllTests.cs
new file mode 100644
index 000000000..1cb1b965d
--- /dev/null
+++ b/crypto/test/src/crypto/test/AllTests.cs
@@ -0,0 +1,47 @@
+using System;
+
+using NUnit.Core;
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	[TestFixture]
+	public class AllTests
+	{
+		[Suite]
+		public static TestSuite Suite
+		{
+			get
+			{
+				TestSuite suite = new TestSuite("Lightweight Crypto Tests");
+				suite.Add(new AllTests());
+		        suite.Add(new GcmReorderTest());
+				return suite;
+			}
+		}
+
+		[Test]
+		public void TestCrypto()
+		{
+			foreach (Org.BouncyCastle.Utilities.Test.ITest test in RegressionTest.tests)
+			{
+				SimpleTestResult result = (SimpleTestResult)test.Perform();
+
+				if (!result.IsSuccessful())
+				{
+					Assert.Fail(result.ToString());
+				}
+			}
+		}
+
+        public static void Main(
+			string[] args)
+        {
+            //junit.textui.TestRunner.run(suite());
+            EventListener el = new NullListener();
+            Suite.Run(el);
+        }
+	}
+}
diff --git a/crypto/test/src/crypto/test/BlockCipherMonteCarloTest.cs b/crypto/test/src/crypto/test/BlockCipherMonteCarloTest.cs
new file mode 100644
index 000000000..1a46a3201
--- /dev/null
+++ b/crypto/test/src/crypto/test/BlockCipherMonteCarloTest.cs
@@ -0,0 +1,83 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* a basic test that takes a cipher, key parameter, and an input
+	* and output string. This test wraps the engine in a buffered block
+	* cipher with padding disabled.
+	*/
+	public class BlockCipherMonteCarloTest
+		: SimpleTest
+	{
+		int					id;
+		int					iterations;
+		IBlockCipher		engine;
+		ICipherParameters	param;
+		byte[]				input;
+		byte[]				output;
+
+		public BlockCipherMonteCarloTest(
+			int                 id,
+			int                 iterations,
+			IBlockCipher         engine,
+			ICipherParameters    param,
+			string              input,
+			string              output)
+		{
+			this.id = id;
+			this.iterations = iterations;
+			this.engine = engine;
+			this.param = param;
+			this.input = Hex.Decode(input);
+			this.output = Hex.Decode(output);
+		}
+
+		public override string Name
+		{
+			get { return engine.AlgorithmName + " Monte Carlo Test " + id; }
+		}
+
+		public override void PerformTest()
+		{
+			BufferedBlockCipher cipher = new BufferedBlockCipher(engine);
+
+			cipher.Init(true, param);
+
+			byte[]  outBytes = new byte[input.Length];
+
+			Array.Copy(input, 0, outBytes, 0, outBytes.Length);
+
+			for (int i = 0; i != iterations; i++)
+			{
+				int len1 = cipher.ProcessBytes(outBytes, 0, outBytes.Length, outBytes, 0);
+
+				cipher.DoFinal(outBytes, len1);
+			}
+
+			if (!AreEqual(outBytes, output))
+			{
+				Fail("failed - " + "expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(outBytes));
+			}
+
+			cipher.Init(false, param);
+
+			for (int i = 0; i != iterations; i++)
+			{
+				int len1 = cipher.ProcessBytes(outBytes, 0, outBytes.Length, outBytes, 0);
+
+				cipher.DoFinal(outBytes, len1);
+			}
+
+			if (!AreEqual(input, outBytes))
+			{
+				Fail("failed reversal");
+			}
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/BlockCipherVectorTest.cs b/crypto/test/src/crypto/test/BlockCipherVectorTest.cs
new file mode 100644
index 000000000..1ce9fa477
--- /dev/null
+++ b/crypto/test/src/crypto/test/BlockCipherVectorTest.cs
@@ -0,0 +1,75 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* a basic test that takes a cipher, key parameter, and an input
+	* and output string. This test wraps the engine in a buffered block
+	* cipher with padding disabled.
+	*/
+	public class BlockCipherVectorTest
+		: SimpleTest
+	{
+		int                 id;
+		IBlockCipher         engine;
+		ICipherParameters    param;
+		byte[]              input;
+		byte[]              output;
+
+		public BlockCipherVectorTest(
+			int					id,
+			IBlockCipher		engine,
+			ICipherParameters	param,
+			string				input,
+			string				output)
+		{
+			this.id = id;
+			this.engine = engine;
+			this.param = param;
+			this.input = Hex.Decode(input);
+			this.output = Hex.Decode(output);
+		}
+
+		public override string Name
+		{
+			get
+			{
+				return engine.AlgorithmName + " Vector Test " + id;
+			}
+		}
+
+		public override void PerformTest()
+		{
+			BufferedBlockCipher cipher = new BufferedBlockCipher(engine);
+
+			cipher.Init(true, param);
+
+			byte[]  outBytes = new byte[input.Length];
+
+			int len1 = cipher.ProcessBytes(input, 0, input.Length, outBytes, 0);
+
+				cipher.DoFinal(outBytes, len1);
+
+			if (!AreEqual(outBytes, output))
+			{
+				Fail("failed - " + "expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(outBytes));
+			}
+
+			cipher.Init(false, param);
+
+			int len2 = cipher.ProcessBytes(output, 0, output.Length, outBytes, 0);
+
+			cipher.DoFinal(outBytes, len2);
+
+			if (!AreEqual(input, outBytes))
+			{
+				Fail("failed reversal got " + Hex.ToHexString(outBytes));
+			}
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/BlowfishTest.cs b/crypto/test/src/crypto/test/BlowfishTest.cs
new file mode 100644
index 000000000..780dd3abd
--- /dev/null
+++ b/crypto/test/src/crypto/test/BlowfishTest.cs
@@ -0,0 +1,55 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/// <remarks>Blowfish tester - vectors from http://www.counterpane.com/vectors.txt</remarks>
+    [TestFixture]
+    public class BlowfishTest
+		: CipherTest
+    {
+        public override string Name
+        {
+			get { return "Blowfish"; }
+        }
+
+        internal static SimpleTest[] tests = new SimpleTest[]{
+            new BlockCipherVectorTest(0, new BlowfishEngine(), new KeyParameter(Hex.Decode("0000000000000000")), "0000000000000000", "4EF997456198DD78"),
+            new BlockCipherVectorTest(1, new BlowfishEngine(), new KeyParameter(Hex.Decode("FFFFFFFFFFFFFFFF")), "FFFFFFFFFFFFFFFF", "51866FD5B85ECB8A"),
+            new BlockCipherVectorTest(2, new BlowfishEngine(), new KeyParameter(Hex.Decode("3000000000000000")), "1000000000000001", "7D856F9A613063F2"),
+            new BlockCipherVectorTest(3, new BlowfishEngine(), new KeyParameter(Hex.Decode("1111111111111111")), "1111111111111111", "2466DD878B963C9D"),
+            new BlockCipherVectorTest(4, new BlowfishEngine(), new KeyParameter(Hex.Decode("0123456789ABCDEF")), "1111111111111111", "61F9C3802281B096"),
+            new BlockCipherVectorTest(5, new BlowfishEngine(), new KeyParameter(Hex.Decode("FEDCBA9876543210")), "0123456789ABCDEF", "0ACEAB0FC6A0A28D"),
+            new BlockCipherVectorTest(6, new BlowfishEngine(), new KeyParameter(Hex.Decode("7CA110454A1A6E57")), "01A1D6D039776742", "59C68245EB05282B"),
+            new BlockCipherVectorTest(7, new BlowfishEngine(), new KeyParameter(Hex.Decode("0131D9619DC1376E")), "5CD54CA83DEF57DA", "B1B8CC0B250F09A0")
+        };
+
+        public BlowfishTest()
+			: base(tests, new BlowfishEngine(), new KeyParameter(new byte[16]))
+		{
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+
+		public static void Main(
+			string[] args)
+        {
+            ITest test = new BlowfishTest();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/CAST6Test.cs b/crypto/test/src/crypto/test/CAST6Test.cs
new file mode 100644
index 000000000..7517b6737
--- /dev/null
+++ b/crypto/test/src/crypto/test/CAST6Test.cs
@@ -0,0 +1,57 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <remarks>Cast6 tester - vectors from http://www.ietf.org/rfc/rfc2612.txt</remarks>
+    [TestFixture]
+    public class Cast6Test : CipherTest
+    {
+        public override string Name
+        {
+			get { return "CAST6"; }
+        }
+
+		internal static SimpleTest[] tests = new SimpleTest[]
+		{
+			new BlockCipherVectorTest(0, new Cast6Engine(),
+				new KeyParameter(Hex.Decode("2342bb9efa38542c0af75647f29f615d")),
+				"00000000000000000000000000000000",
+				"c842a08972b43d20836c91d1b7530f6b"),
+			new BlockCipherVectorTest(0, new Cast6Engine(),
+				new KeyParameter(Hex.Decode("2342bb9efa38542cbed0ac83940ac298bac77a7717942863")),
+				"00000000000000000000000000000000",
+				"1b386c0210dcadcbdd0e41aa08a7a7e8"),
+			new BlockCipherVectorTest(0, new Cast6Engine(),
+				new KeyParameter(Hex.Decode("2342bb9efa38542cbed0ac83940ac2988d7c47ce264908461cc1b5137ae6b604")),
+				"00000000000000000000000000000000",
+				"4f6a2038286897b9c9870136553317fa")
+		};
+
+        public Cast6Test()
+			: base(tests, new Cast6Engine(), new KeyParameter(new byte[16]))
+        {
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            ITest test = new Cast6Test();
+            ITestResult result = test.Perform();
+            Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/CCMTest.cs b/crypto/test/src/crypto/test/CCMTest.cs
new file mode 100644
index 000000000..4a54fb4f9
--- /dev/null
+++ b/crypto/test/src/crypto/test/CCMTest.cs
@@ -0,0 +1,268 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* First four test vectors from
+	* NIST Special Publication 800-38C.
+	*/
+	[TestFixture]
+	public class CcmTest
+		: SimpleTest
+	{
+		private byte[] K1 = Hex.Decode("404142434445464748494a4b4c4d4e4f");
+		private byte[] N1 = Hex.Decode("10111213141516");
+		private byte[] A1 = Hex.Decode("0001020304050607");
+		private byte[] P1 = Hex.Decode("20212223");
+		private byte[] C1 = Hex.Decode("7162015b4dac255d");
+		private byte[] T1 = Hex.Decode("6084341b");
+
+		private byte[] K2 = Hex.Decode("404142434445464748494a4b4c4d4e4f");
+		private byte[] N2 = Hex.Decode("1011121314151617");
+		private byte[] A2 = Hex.Decode("000102030405060708090a0b0c0d0e0f");
+		private byte[] P2 = Hex.Decode("202122232425262728292a2b2c2d2e2f");
+		private byte[] C2 = Hex.Decode("d2a1f0e051ea5f62081a7792073d593d1fc64fbfaccd");
+		private byte[] T2 = Hex.Decode("7f479ffca464");
+
+		private byte[] K3 = Hex.Decode("404142434445464748494a4b4c4d4e4f");
+		private byte[] N3 = Hex.Decode("101112131415161718191a1b");
+		private byte[] A3 = Hex.Decode("000102030405060708090a0b0c0d0e0f10111213");
+		private byte[] P3 = Hex.Decode("202122232425262728292a2b2c2d2e2f3031323334353637");
+		private byte[] C3 = Hex.Decode("e3b201a9f5b71a7a9b1ceaeccd97e70b6176aad9a4428aa5484392fbc1b09951");
+		private byte[] T3 = Hex.Decode("67c99240c7d51048");
+
+		private byte[] K4 = Hex.Decode("404142434445464748494a4b4c4d4e4f");
+		private byte[] N4 = Hex.Decode("101112131415161718191a1b1c");
+		private byte[] A4 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff");
+		private byte[] P4 = Hex.Decode("202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f");
+		private byte[] C4 = Hex.Decode("69915dad1e84c6376a68c2967e4dab615ae0fd1faec44cc484828529463ccf72b4ac6bec93e8598e7f0dadbcea5b");
+		private byte[] T4 = Hex.Decode("f4dd5d0ee404617225ffe34fce91");
+
+		//
+		// long data vector
+		//
+		private byte[] C5 = Hex.Decode("49b17d8d3ea4e6174a48e2b65e6d8b417ac0dd3f8ee46ce4a4a2a509661cef52528c1cd9805333a5cfd482fa3f095a3c2fdd1cc47771c5e55fddd60b5c8d6d3fa5c8dd79d08b16242b6642106e7c0c28bd1064b31e6d7c9800c8397dbc3fa8071e6a38278b386c18d65d39c6ad1ef9501a5c8f68d38eb6474799f3cc898b4b9b97e87f9c95ce5c51bc9d758f17119586663a5684e0a0daf6520ec572b87473eb141d10471e4799ded9e607655402eca5176bbf792ef39dd135ac8d710da8e9e854fd3b95c681023f36b5ebe2fb213d0b62dd6e9e3cfe190b792ccb20c53423b2dca128f861a61d306910e1af418839467e466f0ec361d2539eedd99d4724f1b51c07beb40e875a87491ec8b27cd1");
+		private byte[] T5 = Hex.Decode("5c768856796b627b13ec8641581b");
+
+		public override void PerformTest()
+		{
+			CcmBlockCipher ccm = new CcmBlockCipher(new AesEngine());
+
+			checkVectors(0, ccm, K1, 32, N1, A1, P1, T1, C1);
+			checkVectors(1, ccm, K2, 48, N2, A2, P2, T2, C2);
+			checkVectors(2, ccm, K3, 64, N3, A3, P3, T3, C3);
+
+			ivParamTest(0, ccm, K1, N1);
+
+			//
+			// 4 has a reduced associated text which needs to be replicated
+			//
+			byte[] a4 = new byte[65536]; // 524288 / 8
+
+			for (int i = 0; i < a4.Length; i += A4.Length)
+			{
+				Array.Copy(A4, 0, a4, i, A4.Length);
+			}
+
+			checkVectors(3, ccm, K4, 112, N4, a4, P4, T4, C4);
+
+			//
+			// long data test
+			//
+			checkVectors(4, ccm, K4, 112, N4, A4, A4, T5, C5);
+
+			//
+			// exception tests
+			//
+
+			try
+			{
+				ccm.Init(false, new AeadParameters(new KeyParameter(K1), 32, N2, A2));
+
+				ccm.ProcessPacket(C2, 0, C2.Length);
+
+				Fail("invalid cipher text not picked up");
+			}
+			catch (InvalidCipherTextException)
+			{
+				// expected
+			}
+
+			try
+			{
+				ccm = new CcmBlockCipher(new DesEngine());
+
+				Fail("incorrect block size not picked up");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+
+			try
+			{
+				ccm.Init(false, new KeyParameter(K1));
+
+				Fail("illegal argument not picked up");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void checkVectors(
+			int count,
+			CcmBlockCipher ccm,
+			byte[] k,
+			int macSize,
+			byte[] n,
+			byte[] a,
+			byte[] p,
+			byte[] t,
+			byte[] c)
+        {
+            byte[] fa = new byte[a.Length / 2];
+            byte[] la = new byte[a.Length - (a.Length / 2)];
+            Array.Copy(a, 0, fa, 0, fa.Length);
+            Array.Copy(a, fa.Length, la, 0, la.Length);
+
+            checkVectors(count, ccm, "all initial associated data", k, macSize, n, a, null, p, t, c);
+            checkVectors(count, ccm, "subsequent associated data", k, macSize, n, null, a, p, t, c);
+            checkVectors(count, ccm, "split associated data", k, macSize, n, fa, la, p, t, c);
+    //      checkVectors(count, ccm, "reuse key", null, macSize, n, fa, la, p, t, c);
+        }
+
+        private void checkVectors(
+            int count,
+            CcmBlockCipher ccm,
+            string additionalDataType,
+            byte[] k,
+            int macSize,
+            byte[] n,
+            byte[] a,
+            byte[] sa,
+            byte[] p,
+            byte[] t,
+            byte[] c)
+        {
+            KeyParameter keyParam = (k == null) ? null : new KeyParameter(k);
+
+            ccm.Init(true, new AeadParameters(keyParam, macSize, n, a));
+
+			byte[] enc = new byte[c.Length];
+
+            if (sa != null)
+            {
+                ccm.ProcessAadBytes(sa, 0, sa.Length);
+            }
+
+			int len = ccm.ProcessBytes(p, 0, p.Length, enc, 0);
+
+			len += ccm.DoFinal(enc, len);
+
+//			ccm.Init(true, new AeadParameters(new KeyParameter(k), macSize, n, a));
+//
+//			byte[] enc = ccm.ProcessPacket(p, 0, p.Length);
+
+			if (!AreEqual(c, enc))
+			{
+                Fail("encrypted stream fails to match in test " + count + " with " + additionalDataType);
+            }
+
+//			ccm.Init(false, new AeadParameters(new KeyParameter(k), macSize, n, a));
+//
+//			byte[] dec = ccm.ProcessPacket(enc, 0, enc.Length);
+
+			ccm.Init(false, new AeadParameters(new KeyParameter(k), macSize, n, a));
+
+			byte[] tmp = new byte[enc.Length];
+
+            if (sa != null)
+            {
+                ccm.ProcessAadBytes(sa, 0, sa.Length);
+            }
+
+            len = ccm.ProcessBytes(enc, 0, enc.Length, tmp, 0);
+
+			len += ccm.DoFinal(tmp, len);
+
+			byte[] dec = new byte[len];
+
+			Array.Copy(tmp, 0, dec, 0, len);
+
+			if (!AreEqual(p, dec))
+			{
+                Fail("decrypted stream fails to match in test " + count + " with " + additionalDataType);
+            }
+
+			if (!AreEqual(t, ccm.GetMac()))
+			{
+                Fail("MAC fails to match in test " + count + " with " + additionalDataType);
+            }
+		}
+
+		private void ivParamTest(
+			int				count,
+			CcmBlockCipher	ccm,
+			byte[]			k,
+			byte[]			n)
+		{
+			byte[] p = Encoding.ASCII.GetBytes("hello world!!");
+
+			ccm.Init(true, new ParametersWithIV(new KeyParameter(k), n));
+
+			byte[] enc = new byte[p.Length + 8];
+
+			int len = ccm.ProcessBytes(p, 0, p.Length, enc, 0);
+
+			len += ccm.DoFinal(enc, len);
+
+			ccm.Init(false, new ParametersWithIV(new KeyParameter(k), n));
+
+			byte[] tmp = new byte[enc.Length];
+
+			len = ccm.ProcessBytes(enc, 0, enc.Length, tmp, 0);
+
+			len += ccm.DoFinal(tmp, len);
+
+			byte[] dec = new byte[len];
+
+			Array.Copy(tmp, 0, dec, 0, len);
+
+			if (!AreEqual(p, dec))
+			{
+				Fail("decrypted stream fails to match in test " + count);
+			}
+		}
+
+		public override string Name
+		{
+			get { return "CCM"; }
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new CcmTest());
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/CMacTest.cs b/crypto/test/src/crypto/test/CMacTest.cs
new file mode 100644
index 000000000..35f5735b9
--- /dev/null
+++ b/crypto/test/src/crypto/test/CMacTest.cs
@@ -0,0 +1,286 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	 * CMAC tester - <a href="http://www.nuee.nagoya-u.ac.jp/labs/tiwata/omac/tv/omac1-tv.txt">Official Test Vectors</a>.
+	 */
+	[TestFixture]
+	public class CMacTest
+		: SimpleTest
+	{
+		private static readonly byte[] keyBytes128 = Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c");
+		private static readonly byte[] keyBytes192 = Hex.Decode(
+			"8e73b0f7da0e6452c810f32b809079e5"
+			+ "62f8ead2522c6b7b");
+		private static readonly byte[] keyBytes256 = Hex.Decode(
+			"603deb1015ca71be2b73aef0857d7781"
+			+ "1f352c073b6108d72d9810a30914dff4");
+
+		private static readonly byte[] input0 = Hex.Decode("");
+		private static readonly byte[] input16 = Hex.Decode("6bc1bee22e409f96e93d7e117393172a");
+		private static readonly byte[] input40 = Hex.Decode(
+			"6bc1bee22e409f96e93d7e117393172a"
+			+ "ae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411");
+		private static readonly byte[] input64 = Hex.Decode(
+			"6bc1bee22e409f96e93d7e117393172a"
+			+ "ae2d8a571e03ac9c9eb76fac45af8e51"
+			+ "30c81c46a35ce411e5fbc1191a0a52ef"
+			+ "f69f2445df4f9b17ad2b417be66c3710");
+
+		private static readonly byte[] output_k128_m0 = Hex.Decode("bb1d6929e95937287fa37d129b756746");
+		private static readonly byte[] output_k128_m16 = Hex.Decode("070a16b46b4d4144f79bdd9dd04a287c");
+		private static readonly byte[] output_k128_m40 = Hex.Decode("dfa66747de9ae63030ca32611497c827");
+		private static readonly byte[] output_k128_m64 = Hex.Decode("51f0bebf7e3b9d92fc49741779363cfe");
+
+		private static readonly byte[] output_k192_m0 = Hex.Decode("d17ddf46adaacde531cac483de7a9367");
+		private static readonly byte[] output_k192_m16 = Hex.Decode("9e99a7bf31e710900662f65e617c5184");
+		private static readonly byte[] output_k192_m40 = Hex.Decode("8a1de5be2eb31aad089a82e6ee908b0e");
+		private static readonly byte[] output_k192_m64 = Hex.Decode("a1d5df0eed790f794d77589659f39a11");
+
+		private static readonly byte[] output_k256_m0 = Hex.Decode("028962f61b7bf89efc6b551f4667d983");
+		private static readonly byte[] output_k256_m16 = Hex.Decode("28a7023f452e8f82bd4bf28d8c37c35c");
+		private static readonly byte[] output_k256_m40 = Hex.Decode("aaf3d8f1de5640c232f5b169b9c911e6");
+		private static readonly byte[] output_k256_m64 = Hex.Decode("e1992190549f6ed5696a2c056c315410");
+
+		public CMacTest()
+		{
+		}
+
+		public override void PerformTest()
+		{
+			IBlockCipher cipher = new AesFastEngine();
+			IMac mac = new CMac(cipher, 128);
+
+			//128 bytes key
+
+			KeyParameter key = new KeyParameter(keyBytes128);
+
+			// 0 bytes message - 128 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input0, 0, input0.Length);
+
+			byte[] outBytes = new byte[16];
+
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output_k128_m0))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(output_k128_m0) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			// 16 bytes message - 128 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input16, 0, input16.Length);
+
+			outBytes = new byte[16];
+
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output_k128_m16))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(output_k128_m16) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			// 40 bytes message - 128 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input40, 0, input40.Length);
+
+			outBytes = new byte[16];
+
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output_k128_m40))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(output_k128_m40) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			// 64 bytes message - 128 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input64, 0, input64.Length);
+
+			outBytes = new byte[16];
+
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output_k128_m64))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(output_k128_m64) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			//192 bytes key
+			key = new KeyParameter(keyBytes192);
+
+			// 0 bytes message - 192 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input0, 0, input0.Length);
+
+			outBytes = new byte[16];
+
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output_k192_m0))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(output_k192_m0) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			// 16 bytes message - 192 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input16, 0, input16.Length);
+
+			outBytes = new byte[16];
+
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output_k192_m16))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(output_k192_m16) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			// 40 bytes message - 192 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input40, 0, input40.Length);
+
+			outBytes = new byte[16];
+
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output_k192_m40))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(output_k192_m40) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			// 64 bytes message - 192 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input64, 0, input64.Length);
+
+			outBytes = new byte[16];
+
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output_k192_m64))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(output_k192_m64) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			//256 bytes key
+
+			key = new KeyParameter(keyBytes256);
+
+			// 0 bytes message - 256 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input0, 0, input0.Length);
+
+			outBytes = new byte[16];
+
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output_k256_m0))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(output_k256_m0) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			// 16 bytes message - 256 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input16, 0, input16.Length);
+
+			outBytes = new byte[16];
+
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output_k256_m16))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(output_k256_m16) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			// 40 bytes message - 256 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input40, 0, input40.Length);
+
+			outBytes = new byte[16];
+
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output_k256_m40))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(output_k256_m40) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			// 64 bytes message - 256 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input64, 0, input64.Length);
+
+			outBytes = new byte[16];
+
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output_k256_m64))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(output_k256_m64) + " got "
+					+ Hex.ToHexString(outBytes));
+				}
+		}
+
+		public override string Name
+		{
+			get { return "CMac"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new CMacTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/CTSTest.cs b/crypto/test/src/crypto/test/CTSTest.cs
new file mode 100644
index 000000000..9d001bc68
--- /dev/null
+++ b/crypto/test/src/crypto/test/CTSTest.cs
@@ -0,0 +1,192 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <summary> CTS tester</summary>
+    [TestFixture]
+    public class CTSTest : ITest
+    {
+        public string Name
+        {
+			get
+			{
+				return "CTS";
+			}
+        }
+
+        internal static byte[] in1;
+
+        internal static byte[] in2;
+
+        internal static byte[] out1;
+
+        internal static byte[] out2;
+
+        internal static byte[] out3;
+
+        private class CTSTester : ITest
+        {
+            private void  InitBlock(CTSTest enclosingInstance)
+            {
+                this.enclosingInstance = enclosingInstance;
+            }
+            private CTSTest enclosingInstance;
+
+            public string Name
+            {
+				get
+				{
+					return "CTS";
+				}
+            }
+
+            public CTSTest Enclosing_Instance
+            {
+                get
+                {
+                    return enclosingInstance;
+                }
+
+            }
+
+            private int id;
+            private IBlockCipher cipher;
+            private ICipherParameters parameters;
+            private byte[] input;
+            private byte[] output;
+
+            internal CTSTester(CTSTest enclosingInstance, int id, IBlockCipher cipher, ICipherParameters parameters, byte[] input, byte[] output)
+            {
+                InitBlock(enclosingInstance);
+                this.id = id;
+                this.cipher = cipher;
+                this.parameters = parameters;
+                this.input = input;
+                this.output = output;
+            }
+
+            public virtual ITestResult Perform()
+            {
+                byte[] outBytes = new byte[input.Length];
+                BufferedBlockCipher engine = new CtsBlockCipher(cipher);
+
+                engine.Init(true, parameters);
+
+                int len = engine.ProcessBytes(input, 0, input.Length, outBytes, 0);
+
+                try
+                {
+                    engine.DoFinal(outBytes, len);
+                }
+                catch (Exception e)
+                {
+                    return new SimpleTestResult(false, Name + ": encryption exception - " + e.ToString());
+                }
+
+                for (int i = 0; i != output.Length; i++)
+                {
+                    if (outBytes[i] != output[i])
+                    {
+                        return new SimpleTestResult(false, Name + ": failed encryption expected "
+							+ Hex.ToHexString(output) + " got " + Hex.ToHexString(outBytes));
+                    }
+                }
+
+                engine.Init(false, parameters);
+
+                len = engine.ProcessBytes(output, 0, output.Length, outBytes, 0);
+
+                try
+                {
+                    engine.DoFinal(outBytes, len);
+                }
+                catch (Exception e)
+                {
+                    return new SimpleTestResult(false, Name + ": decryption exception - " + e.ToString());
+                }
+
+                for (int i = 0; i != input.Length; i++)
+                {
+                    if (outBytes[i] != input[i])
+                    {
+                        return new SimpleTestResult(false, Name + ": failed encryption expected "
+							+ Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
+                    }
+                }
+
+                return new SimpleTestResult(true, Name + ": Okay");
+            }
+        }
+
+        public CTSTest()
+        {
+        }
+
+        public virtual ITestResult Perform()
+        {
+            byte[] key1 = new byte[]{(byte) 0x01, (byte) 0x23, (byte) 0x45, (byte) 0x67, (byte) 0x89, (byte) 0xAB, (byte) 0xCD, (byte) 0xEF};
+            byte[] key2 = new byte[]{(byte) 0x01, (byte) 0x23, (byte) 0x45, (byte) 0x67, (byte) 0x89, (byte) 0xAB, (byte) 0xCD, (byte) 0xEF, (byte) 0xee, (byte) 0xff };
+            byte[] iv = new byte[]{1, 2, 3, 4, 5, 6, 7, 8};
+
+            ITest test = new CTSTester(this, 1, new DesEngine(), new KeyParameter(key1), in1, out1);
+            ITestResult result = test.Perform();
+
+            if (!result.IsSuccessful())
+            {
+                return result;
+            }
+
+            test = new CTSTester(this, 2, new CbcBlockCipher(new DesEngine()), new ParametersWithIV(new KeyParameter(key1), iv), in1, out2);
+            result = test.Perform();
+
+            if (!result.IsSuccessful())
+            {
+                return result;
+            }
+
+            test = new CTSTester(this, 3, new CbcBlockCipher(new SkipjackEngine()), new ParametersWithIV(new KeyParameter(key2), iv), in2, out3);
+            result = test.Perform();
+
+            if (!result.IsSuccessful())
+            {
+                return result;
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            CTSTest test = new CTSTest();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+
+        static CTSTest()
+        {
+            in1 = Hex.Decode("4e6f7720697320746865207420");
+            in2 = Hex.Decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f0aaa");
+            out1 = Hex.Decode("9952f131588465033fa40e8a98");
+            out2 = Hex.Decode("358f84d01eb42988dc34efb994");
+            out3 = Hex.Decode("170171cfad3f04530c509b0c1f0be0aefbd45a8e3755a873bff5ea198504b71683c6");
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/CamelliaLightTest.cs b/crypto/test/src/crypto/test/CamelliaLightTest.cs
new file mode 100644
index 000000000..2247178f2
--- /dev/null
+++ b/crypto/test/src/crypto/test/CamelliaLightTest.cs
@@ -0,0 +1,80 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* Camellia tester - vectors from https://www.cosic.esat.kuleuven.be/nessie/testvectors/ and RFC 3713
+	*/
+	[TestFixture]
+	public class CamelliaLightTest
+		: CipherTest
+	{
+		static SimpleTest[] tests =
+		{
+			new BlockCipherVectorTest(0, new CamelliaLightEngine(),
+				new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+				"80000000000000000000000000000000", "07923A39EB0A817D1C4D87BDB82D1F1C"),
+			new BlockCipherVectorTest(1, new CamelliaLightEngine(),
+				new KeyParameter(Hex.Decode("80000000000000000000000000000000")),
+				"00000000000000000000000000000000", "6C227F749319A3AA7DA235A9BBA05A2C"),
+			new BlockCipherVectorTest(2, new CamelliaLightEngine(),
+				new KeyParameter(Hex.Decode("0123456789abcdeffedcba9876543210")),
+				"0123456789abcdeffedcba9876543210", "67673138549669730857065648eabe43"),
+			//
+			// 192 bit
+			//
+			new BlockCipherVectorTest(3, new CamelliaLightEngine(),
+				new KeyParameter(Hex.Decode("0123456789abcdeffedcba98765432100011223344556677")),
+				"0123456789abcdeffedcba9876543210", "b4993401b3e996f84ee5cee7d79b09b9"),
+			new BlockCipherVectorTest(4, new CamelliaLightEngine(),
+				new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
+				"00040000000000000000000000000000", "9BCA6C88B928C1B0F57F99866583A9BC"),
+			new BlockCipherVectorTest(5, new CamelliaLightEngine(),
+				new KeyParameter(Hex.Decode("949494949494949494949494949494949494949494949494")),
+				"636EB22D84B006381235641BCF0308D2", "94949494949494949494949494949494"),
+			//
+			// 256 bit
+			//
+			new BlockCipherVectorTest(6, new CamelliaLightEngine(),
+				new KeyParameter(Hex.Decode("0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff")),
+				"0123456789abcdeffedcba9876543210", "9acc237dff16d76c20ef7c919e3a7509"),
+			new BlockCipherVectorTest(7, new CamelliaLightEngine(),
+				new KeyParameter(Hex.Decode("4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A")),
+				"057764FE3A500EDBD988C5C3B56CBA9A", "4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A"),
+			new BlockCipherVectorTest(8, new CamelliaLightEngine(),
+				new KeyParameter(Hex.Decode("0303030303030303030303030303030303030303030303030303030303030303")),
+				"7968B08ABA92193F2295121EF8D75C8A", "03030303030303030303030303030303"),
+		};
+
+		public CamelliaLightTest()
+			: base(tests, new CamelliaLightEngine(), new KeyParameter(new byte[32]))
+		{
+		}
+
+		public override string Name
+		{
+			get { return "CamelliaLight"; }
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new CamelliaLightTest());
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/CamelliaTest.cs b/crypto/test/src/crypto/test/CamelliaTest.cs
new file mode 100644
index 000000000..a134546b7
--- /dev/null
+++ b/crypto/test/src/crypto/test/CamelliaTest.cs
@@ -0,0 +1,80 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	 * Camellia tester - vectors from https://www.cosic.esat.kuleuven.be/nessie/testvectors/ and RFC 3713
+	 */
+	[TestFixture]
+	public class CamelliaTest
+		: CipherTest
+	{
+		static SimpleTest[]  tests =
+		{
+			new BlockCipherVectorTest(0, new CamelliaEngine(),
+				new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+				"80000000000000000000000000000000", "07923A39EB0A817D1C4D87BDB82D1F1C"),
+			new BlockCipherVectorTest(1, new CamelliaEngine(),
+				new KeyParameter(Hex.Decode("80000000000000000000000000000000")),
+				"00000000000000000000000000000000", "6C227F749319A3AA7DA235A9BBA05A2C"),
+			new BlockCipherVectorTest(2, new CamelliaEngine(),
+				new KeyParameter(Hex.Decode("0123456789abcdeffedcba9876543210")),
+				"0123456789abcdeffedcba9876543210", "67673138549669730857065648eabe43"),
+			//
+			// 192 bit
+			//
+			new BlockCipherVectorTest(3, new CamelliaEngine(),
+				new KeyParameter(Hex.Decode("0123456789abcdeffedcba98765432100011223344556677")),
+				"0123456789abcdeffedcba9876543210", "b4993401b3e996f84ee5cee7d79b09b9"),
+			new BlockCipherVectorTest(4, new CamelliaEngine(),
+				new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
+				"00040000000000000000000000000000", "9BCA6C88B928C1B0F57F99866583A9BC"),
+			new BlockCipherVectorTest(5, new CamelliaEngine(),
+				new KeyParameter(Hex.Decode("949494949494949494949494949494949494949494949494")),
+				"636EB22D84B006381235641BCF0308D2", "94949494949494949494949494949494"),
+			//
+			// 256 bit
+			//
+			new BlockCipherVectorTest(6, new CamelliaEngine(),
+				new KeyParameter(Hex.Decode("0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff")),
+				"0123456789abcdeffedcba9876543210", "9acc237dff16d76c20ef7c919e3a7509"),
+			new BlockCipherVectorTest(7, new CamelliaEngine(),
+				new KeyParameter(Hex.Decode("4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A")),
+				"057764FE3A500EDBD988C5C3B56CBA9A", "4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A"),
+			new BlockCipherVectorTest(8, new CamelliaEngine(),
+				new KeyParameter(Hex.Decode("0303030303030303030303030303030303030303030303030303030303030303")),
+				"7968B08ABA92193F2295121EF8D75C8A", "03030303030303030303030303030303"),
+		};
+
+		public CamelliaTest()
+			: base(tests, new CamelliaEngine(), new KeyParameter(new byte[32]))
+		{
+		}
+
+		public override string Name
+		{
+			get { return "Camellia"; }
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new CamelliaTest());
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/Cast5Test.cs b/crypto/test/src/crypto/test/Cast5Test.cs
new file mode 100644
index 000000000..ea2e0c540
--- /dev/null
+++ b/crypto/test/src/crypto/test/Cast5Test.cs
@@ -0,0 +1,49 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <remarks>Cast tester - vectors from http://www.ietf.org/rfc/rfc2144.txt</remarks>
+    [TestFixture]
+    public class Cast5Test
+		: CipherTest
+    {
+        public override string Name
+        {
+			get { return "Cast5"; }
+        }
+
+		internal static SimpleTest[] testlist = new SimpleTest[]{
+            new BlockCipherVectorTest(0, new Cast5Engine(), new KeyParameter(Hex.Decode("0123456712345678234567893456789A")), "0123456789ABCDEF", "238B4FE5847E44B2"),
+            new BlockCipherVectorTest(0, new Cast5Engine(), new KeyParameter(Hex.Decode("01234567123456782345")), "0123456789ABCDEF", "EB6A711A2C02271B"),
+            new BlockCipherVectorTest(0, new Cast5Engine(), new KeyParameter(Hex.Decode("0123456712")), "0123456789ABCDEF", "7Ac816d16E9B302E")};
+
+		public Cast5Test()
+			: base(testlist , new Cast5Engine(), new KeyParameter(new byte[16]))
+        {
+        }
+
+        public static void Main(
+			string[] args)
+        {
+            ITest test = new Cast5Test();
+            ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/CipherTest.cs b/crypto/test/src/crypto/test/CipherTest.cs
new file mode 100644
index 000000000..a893e0239
--- /dev/null
+++ b/crypto/test/src/crypto/test/CipherTest.cs
@@ -0,0 +1,117 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	public abstract class CipherTest
+		: SimpleTest
+	{
+		private SimpleTest[]      _tests;
+		private IBlockCipher _engine;
+		private KeyParameter _validKey;
+
+//		protected CipherTest(
+//			SimpleTest[]	tests)
+//		{
+//			_tests = tests;
+//		}
+
+		protected CipherTest(
+			SimpleTest[]	tests,
+			IBlockCipher	engine,
+			KeyParameter	validKey)
+		{
+			_tests = tests;
+			_engine = engine;
+			_validKey = validKey;
+		}
+
+		public override void PerformTest()
+		{
+			for (int i = 0; i != _tests.Length; i++)
+			{
+				_tests[i].PerformTest();
+			}
+
+			if (_engine != null)
+			{
+				//
+				// state tests
+				//
+				byte[] buf = new byte[16];
+
+				try
+				{
+					_engine.ProcessBlock(buf, 0, buf, 0);
+
+					Fail("failed initialisation check");
+				}
+				catch (InvalidOperationException)
+				{
+					// expected
+				}
+
+				bufferSizeCheck((_engine));
+			}
+		}
+
+		private void bufferSizeCheck(
+			IBlockCipher engine)
+		{
+			byte[] correctBuf = new byte[engine.GetBlockSize()];
+			byte[] shortBuf = new byte[correctBuf.Length / 2];
+
+			engine.Init(true, _validKey);
+
+			try
+			{
+				engine.ProcessBlock(shortBuf, 0, correctBuf, 0);
+
+				Fail("failed short input check");
+			}
+			catch (DataLengthException)
+			{
+				// expected
+			}
+
+			try
+			{
+				engine.ProcessBlock(correctBuf, 0, shortBuf, 0);
+
+				Fail("failed short output check");
+			}
+			catch (DataLengthException)
+			{
+				// expected
+			}
+
+			engine.Init(false, _validKey);
+
+			try
+			{
+				engine.ProcessBlock(shortBuf, 0, correctBuf, 0);
+
+				Fail("failed short input check");
+			}
+			catch (DataLengthException)
+			{
+				// expected
+			}
+
+			try
+			{
+				engine.ProcessBlock(correctBuf, 0, shortBuf, 0);
+
+				Fail("failed short output check");
+			}
+			catch (DataLengthException)
+			{
+				// expected
+			}
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/DESTest.cs b/crypto/test/src/crypto/test/DESTest.cs
new file mode 100644
index 000000000..cf1022eae
--- /dev/null
+++ b/crypto/test/src/crypto/test/DESTest.cs
@@ -0,0 +1,214 @@
+using System;
+
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+using NUnit.Framework;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	internal class DesParityTest
+		: SimpleTest
+	{
+		public override string Name
+		{
+			get { return "DESParityTest"; }
+		}
+
+		public override void PerformTest()
+		{
+			byte[] k1In = { (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff,
+							   (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff };
+			byte[] k1Out = { (byte)0xfe, (byte)0xfe, (byte)0xfe, (byte)0xfe,
+								(byte)0xfe, (byte)0xfe, (byte)0xfe, (byte)0xfe };
+
+			byte[] k2In = { (byte)0xef, (byte)0xcb, (byte)0xda, (byte)0x4f,
+							   (byte)0xaa, (byte)0x99, (byte)0x7f, (byte)0x63 };
+			byte[] k2Out = { (byte)0xef, (byte)0xcb, (byte)0xda, (byte)0x4f,
+								(byte)0xab, (byte)0x98, (byte)0x7f, (byte)0x62 };
+
+			DesParameters.SetOddParity(k1In);
+
+			for (int i = 0; i != k1In.Length; i++)
+			{
+				if (k1In[i] != k1Out[i])
+				{
+					Fail("Failed "
+						+ "got " + Hex.ToHexString(k1In)
+						+ " expected " + Hex.ToHexString(k1Out));
+				}
+			}
+
+			DesParameters.SetOddParity(k2In);
+
+			for (int i = 0; i != k2In.Length; i++)
+			{
+				if (k2In[i] != k2Out[i])
+				{
+					Fail("Failed "
+						+ "got " + Hex.ToHexString(k2In)
+						+ " expected " + Hex.ToHexString(k2Out));
+				}
+			}
+		}
+	}
+
+	internal class KeyGenTest
+		: SimpleTest
+	{
+		public override string Name
+		{
+			get { return "KeyGenTest"; }
+		}
+
+		public override void PerformTest()
+		{
+			DesKeyGenerator keyGen = new DesKeyGenerator();
+
+			keyGen.Init(new KeyGenerationParameters(new SecureRandom(), 56));
+
+			byte[] kB = keyGen.GenerateKey();
+
+			if (kB.Length != 8)
+			{
+				Fail("DES bit key wrong length.");
+			}
+		}
+	}
+
+	internal class DesParametersTest
+		: SimpleTest
+	{
+		private static readonly byte[] weakKeys =
+		{
+			(byte)0x01,(byte)0x01,(byte)0x01,(byte)0x01, (byte)0x01,(byte)0x01,(byte)0x01,(byte)0x01,
+			(byte)0x1f,(byte)0x1f,(byte)0x1f,(byte)0x1f, (byte)0x0e,(byte)0x0e,(byte)0x0e,(byte)0x0e,
+			(byte)0xe0,(byte)0xe0,(byte)0xe0,(byte)0xe0, (byte)0xf1,(byte)0xf1,(byte)0xf1,(byte)0xf1,
+			(byte)0xfe,(byte)0xfe,(byte)0xfe,(byte)0xfe, (byte)0xfe,(byte)0xfe,(byte)0xfe,(byte)0xfe,
+			/* semi-weak keys */
+			(byte)0x01,(byte)0xfe,(byte)0x01,(byte)0xfe, (byte)0x01,(byte)0xfe,(byte)0x01,(byte)0xfe,
+			(byte)0x1f,(byte)0xe0,(byte)0x1f,(byte)0xe0, (byte)0x0e,(byte)0xf1,(byte)0x0e,(byte)0xf1,
+			(byte)0x01,(byte)0xe0,(byte)0x01,(byte)0xe0, (byte)0x01,(byte)0xf1,(byte)0x01,(byte)0xf1,
+			(byte)0x1f,(byte)0xfe,(byte)0x1f,(byte)0xfe, (byte)0x0e,(byte)0xfe,(byte)0x0e,(byte)0xfe,
+			(byte)0x01,(byte)0x1f,(byte)0x01,(byte)0x1f, (byte)0x01,(byte)0x0e,(byte)0x01,(byte)0x0e,
+			(byte)0xe0,(byte)0xfe,(byte)0xe0,(byte)0xfe, (byte)0xf1,(byte)0xfe,(byte)0xf1,(byte)0xfe,
+			(byte)0xfe,(byte)0x01,(byte)0xfe,(byte)0x01, (byte)0xfe,(byte)0x01,(byte)0xfe,(byte)0x01,
+			(byte)0xe0,(byte)0x1f,(byte)0xe0,(byte)0x1f, (byte)0xf1,(byte)0x0e,(byte)0xf1,(byte)0x0e,
+			(byte)0xe0,(byte)0x01,(byte)0xe0,(byte)0x01, (byte)0xf1,(byte)0x01,(byte)0xf1,(byte)0x01,
+			(byte)0xfe,(byte)0x1f,(byte)0xfe,(byte)0x1f, (byte)0xfe,(byte)0x0e,(byte)0xfe,(byte)0x0e,
+			(byte)0x1f,(byte)0x01,(byte)0x1f,(byte)0x01, (byte)0x0e,(byte)0x01,(byte)0x0e,(byte)0x01,
+			(byte)0xfe,(byte)0xe0,(byte)0xfe,(byte)0xe0, (byte)0xfe,(byte)0xf1,(byte)0xfe,(byte)0xf1
+		};
+
+		public override string Name
+		{
+			get { return "DesParameters"; }
+		}
+
+		public override void PerformTest()
+		{
+			try
+			{
+				DesParameters.IsWeakKey(new byte[4], 0);
+				Fail("no exception on small key");
+			}
+			catch (ArgumentException e)
+			{
+				if (!e.Message.Equals("key material too short."))
+				{
+					Fail("wrong exception");
+				}
+			}
+
+			try
+			{
+				new DesParameters(weakKeys);
+				Fail("no exception on weak key");
+			}
+			catch (ArgumentException e)
+			{
+				if (!e.Message.Equals("attempt to create weak DES key"))
+				{
+					Fail("wrong exception");
+				}
+			}
+
+			for (int i = 0; i != weakKeys.Length; i += 8)
+			{
+				if (!DesParameters.IsWeakKey(weakKeys, i))
+				{
+					Fail("weakKey test failed");
+				}
+			}
+		}
+	}
+
+	/**
+	 * DES tester - vectors from <a href="http://www.itl.nist.gov/fipspubs/fip81.htm">FIPS 81</a>
+	 */
+	[TestFixture]
+	public class DesTest
+		: CipherTest
+	{
+		static string input1 = "4e6f77206973207468652074696d6520666f7220616c6c20";
+		static string input2 = "4e6f7720697320746865";
+		static string input3 = "4e6f7720697320746865aabbcc";
+
+		static SimpleTest[] tests =
+		{
+			new BlockCipherVectorTest(0, new DesEngine(),
+				new DesParameters(Hex.Decode("0123456789abcdef")),
+				input1, "3fa40e8a984d48156a271787ab8883f9893d51ec4b563b53"),
+			new BlockCipherVectorTest(1, new CbcBlockCipher(new DesEngine()),
+				new ParametersWithIV(new DesParameters(Hex.Decode("0123456789abcdef")), Hex.Decode("1234567890abcdef")),
+				input1, "e5c7cdde872bf27c43e934008c389c0f683788499a7c05f6"),
+			new BlockCipherVectorTest(2, new CfbBlockCipher(new DesEngine(), 8),
+				new ParametersWithIV(new DesParameters(Hex.Decode("0123456789abcdef")), Hex.Decode("1234567890abcdef")),
+				input2, "f31fda07011462ee187f"),
+			new BlockCipherVectorTest(3, new CfbBlockCipher(new DesEngine(), 64),
+				new ParametersWithIV(new DesParameters(Hex.Decode("0123456789abcdef")), Hex.Decode("1234567890abcdef")),
+				input1, "f3096249c7f46e51a69e839b1a92f78403467133898ea622"),
+			new BlockCipherVectorTest(4, new OfbBlockCipher(new DesEngine(), 8),
+				new ParametersWithIV(new DesParameters(Hex.Decode("0123456789abcdef")), Hex.Decode("1234567890abcdef")),
+				input2, "f34a2850c9c64985d684"),
+			new BlockCipherVectorTest(5, new CfbBlockCipher(new DesEngine(), 64),
+				new ParametersWithIV(new DesParameters(Hex.Decode("0123456789abcdef")), Hex.Decode("1234567890abcdef")),
+				input3, "f3096249c7f46e51a69e0954bf"),
+			new BlockCipherVectorTest(6, new OfbBlockCipher(new DesEngine(), 64),
+				new ParametersWithIV(new DesParameters(Hex.Decode("0123456789abcdef")), Hex.Decode("1234567890abcdef")),
+				input3, "f3096249c7f46e5135f2c0eb8b"),
+			new DesParityTest(),
+			new DesParametersTest(),
+			new KeyGenTest()
+		};
+
+		public DesTest()
+			: base(tests, new DesEngine(), new DesParameters(new byte[8]))
+		{
+		}
+
+		public override string Name
+		{
+			get { return "DES"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new DesTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/DESedeTest.cs b/crypto/test/src/crypto/test/DESedeTest.cs
new file mode 100644
index 000000000..aa61844f2
--- /dev/null
+++ b/crypto/test/src/crypto/test/DESedeTest.cs
@@ -0,0 +1,187 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+/**
+ * DESede tester
+ */
+	[TestFixture]
+	public class DesEdeTest
+		:CipherTest
+	{
+		private static readonly byte[] weakKey =     // first 8 bytes non-weak
+		{
+			(byte)0x06,(byte)0x01,(byte)0x01,(byte)0x01, (byte)0x01,(byte)0x01,(byte)0x01,(byte)0x01,
+			(byte)0x1f,(byte)0x1f,(byte)0x1f,(byte)0x1f, (byte)0x0e,(byte)0x0e,(byte)0x0e,(byte)0x0e,
+			(byte)0xe0,(byte)0xe0,(byte)0xe0,(byte)0xe0, (byte)0xf1,(byte)0xf1,(byte)0xf1,(byte)0xf1,
+		};
+
+		private const string input1 = "4e6f77206973207468652074696d6520666f7220616c6c20";
+//		private const string input2 = "4e6f7720697320746865";
+
+		private static SimpleTest[] tests =
+		{
+			new BlockCipherVectorTest(0, new DesEdeEngine(),
+				new DesEdeParameters(Hex.Decode("0123456789abcdef0123456789abcdef")),
+				input1, "3fa40e8a984d48156a271787ab8883f9893d51ec4b563b53"),
+			new BlockCipherVectorTest(1, new DesEdeEngine(),
+				new DesEdeParameters(Hex.Decode("0123456789abcdeffedcba9876543210")),
+				input1, "d80a0d8b2bae5e4e6a0094171abcfc2775d2235a706e232c"),
+			new BlockCipherVectorTest(2, new DesEdeEngine(),
+				new DesEdeParameters(Hex.Decode("0123456789abcdef0123456789abcdef0123456789abcdef")),
+				input1, "3fa40e8a984d48156a271787ab8883f9893d51ec4b563b53"),
+			new BlockCipherVectorTest(3, new DesEdeEngine(),
+				new DesEdeParameters(Hex.Decode("0123456789abcdeffedcba98765432100123456789abcdef")),
+				input1, "d80a0d8b2bae5e4e6a0094171abcfc2775d2235a706e232c")
+		};
+
+		public DesEdeTest()
+			: base(tests, new DesEdeEngine(), new DesEdeParameters(new byte[16]))
+		{
+		}
+
+		private void WrapTest(
+			int     id,
+			byte[]  kek,
+			byte[]  iv,
+			byte[]  input,
+			byte[]  output)
+		{
+			IWrapper wrapper = new DesEdeWrapEngine();
+
+			wrapper.Init(true, new ParametersWithIV(new DesEdeParameters(kek), iv));
+
+			try
+			{
+				byte[] cText = wrapper.Wrap(input, 0, input.Length);
+				if (!AreEqual(cText, output))
+				{
+					Fail(": failed wrap test " + id  + " expected " + Hex.ToHexString(output)
+						+ " got " + Hex.ToHexString(cText));
+				}
+			}
+			catch (Exception e)
+			{
+				Fail("failed wrap test exception: " + e.ToString(), e);
+			}
+
+			wrapper.Init(false, new DesEdeParameters(kek));
+
+			try
+			{
+				byte[] pText = wrapper.Unwrap(output, 0, output.Length);
+				if (!AreEqual(pText, input))
+				{
+					Fail("failed unwrap test " + id  + " expected " + Hex.ToHexString(input)
+						+ " got " + Hex.ToHexString(pText));
+				}
+			}
+			catch (Exception e)
+			{
+				Fail("failed unwrap test exception: " + e.ToString(), e);
+			}
+		}
+
+		public override void PerformTest()
+		{
+			base.PerformTest();
+
+			byte[] kek1 = Hex.Decode("255e0d1c07b646dfb3134cc843ba8aa71f025b7c0838251f");
+			byte[] iv1 = Hex.Decode("5dd4cbfc96f5453b");
+			byte[] in1 = Hex.Decode("2923bf85e06dd6ae529149f1f1bae9eab3a7da3d860d3e98");
+			byte[] out1 = Hex.Decode("690107618ef092b3b48ca1796b234ae9fa33ebb4159604037db5d6a84eb3aac2768c632775a467d4");
+
+			WrapTest(1, kek1, iv1, in1, out1);
+
+			//
+			// key generation
+			//
+			SecureRandom random = new SecureRandom();
+			DesEdeKeyGenerator keyGen = new DesEdeKeyGenerator();
+
+			keyGen.Init(new KeyGenerationParameters(random, 112));
+
+			byte[] kB = keyGen.GenerateKey();
+	        
+			if (kB.Length != 16)
+			{
+				Fail("112 bit key wrong length.");
+			}
+	        
+			keyGen.Init(new KeyGenerationParameters(random, 168));
+	        
+			kB = keyGen.GenerateKey();
+	        
+			if (kB.Length != 24)
+			{
+				Fail("168 bit key wrong length.");
+			}
+	        
+			try
+			{
+				keyGen.Init(new KeyGenerationParameters(random, 200));
+	            
+				Fail("invalid key length not detected.");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+
+			try
+			{
+				DesEdeParameters.IsWeakKey(new byte[4], 0);
+				Fail("no exception on small key");
+			}
+			catch (ArgumentException e)
+			{
+				if (!e.Message.Equals("key material too short."))
+				{
+					Fail("wrong exception");
+				}
+			}
+
+			try
+			{
+				new DesEdeParameters(weakKey);
+				Fail("no exception on weak key");
+			}
+			catch (ArgumentException e)
+			{
+				if (!e.Message.Equals("attempt to create weak DESede key"))
+				{
+					Fail("wrong exception");
+				}
+			}
+		}
+
+		public override string Name
+		{
+			get { return "DESede"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new DesEdeTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/DHKEKGeneratorTest.cs b/crypto/test/src/crypto/test/DHKEKGeneratorTest.cs
new file mode 100644
index 000000000..eee408f97
--- /dev/null
+++ b/crypto/test/src/crypto/test/DHKEKGeneratorTest.cs
@@ -0,0 +1,79 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Crypto.Agreement.Kdf;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/// <remarks>DHKEK Generator tests - from RFC 2631.</remarks>
+	[TestFixture]
+	public class DHKekGeneratorTest
+		: SimpleTest
+	{
+		private byte[] seed1 = Hex.Decode("000102030405060708090a0b0c0d0e0f10111213");
+		private DerObjectIdentifier alg1 = PkcsObjectIdentifiers.IdAlgCms3DesWrap;
+		private byte[] result1 = Hex.Decode("a09661392376f7044d9052a397883246b67f5f1ef63eb5fb");
+
+		private byte[] seed2 = Hex.Decode("000102030405060708090a0b0c0d0e0f10111213");
+		private DerObjectIdentifier alg2 = PkcsObjectIdentifiers.IdAlgCmsRC2Wrap;
+		private byte[] partyAInfo = Hex.Decode(
+				"0123456789abcdeffedcba9876543201"
+			+ "0123456789abcdeffedcba9876543201"
+			+ "0123456789abcdeffedcba9876543201"
+			+ "0123456789abcdeffedcba9876543201");
+		private byte[] result2 = Hex.Decode("48950c46e0530075403cce72889604e0");
+
+		public DHKekGeneratorTest()
+		{
+		}
+
+		public override void PerformTest()
+		{
+			CheckMask(1, new DHKekGenerator(new Sha1Digest()), new DHKdfParameters(alg1, 192, seed1), result1);
+			CheckMask(2, new DHKekGenerator(new Sha1Digest()), new DHKdfParameters(alg2, 128, seed2, partyAInfo), result2);
+		}
+
+		private void CheckMask(
+			int						count,
+			IDerivationFunction		kdf,
+			IDerivationParameters	parameters,
+			byte[]					result)
+		{
+			byte[] data = new byte[result.Length];
+
+			kdf.Init(parameters);
+
+			kdf.GenerateBytes(data, 0, data.Length);
+
+			if (!AreEqual(result, data))
+			{
+				Fail("DHKekGenerator failed generator test " + count);
+			}
+		}
+
+		public override string Name
+		{
+			get { return "DHKekGenerator"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new DHKekGeneratorTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/DHTest.cs b/crypto/test/src/crypto/test/DHTest.cs
new file mode 100644
index 000000000..b460f41a5
--- /dev/null
+++ b/crypto/test/src/crypto/test/DHTest.cs
@@ -0,0 +1,403 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Agreement;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	[TestFixture]
+	public class DHTest
+		: SimpleTest
+	{
+		private static readonly BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
+		private static readonly BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
+
+		private static readonly BigInteger g768 = new BigInteger("7c240073c1316c621df461b71ebb0cdcc90a6e5527e5e126633d131f87461c4dc4afc60c2cb0f053b6758871489a69613e2a8b4c8acde23954c08c81cbd36132cfd64d69e4ed9f8e51ed6e516297206672d5c0a69135df0a5dcf010d289a9ca1", 16);
+		private static readonly BigInteger p768 = new BigInteger("8c9dd223debed1b80103b8b309715be009d48860ed5ae9b9d5d8159508efd802e3ad4501a7f7e1cfec78844489148cd72da24b21eddd01aa624291c48393e277cfc529e37075eccef957f3616f962d15b44aeab4039d01b817fde9eaa12fd73f", 16);
+
+		private static readonly BigInteger g1024 = new BigInteger("1db17639cdf96bc4eabba19454f0b7e5bd4e14862889a725c96eb61048dcd676ceb303d586e30f060dbafd8a571a39c4d823982117da5cc4e0f89c77388b7a08896362429b94a18a327604eb7ff227bffbc83459ade299e57b5f77b50fb045250934938efa145511166e3197373e1b5b1e52de713eb49792bedde722c6717abf", 16);
+		private static readonly BigInteger p1024 = new BigInteger("a00e283b3c624e5b2b4d9fbc2653b5185d99499b00fd1bf244c6f0bb817b4d1c451b2958d62a0f8a38caef059fb5ecd25d75ed9af403f5b5bdab97a642902f824e3c13789fed95fa106ddfe0ff4a707c85e2eb77d49e68f2808bcea18ce128b178cd287c6bc00efa9a1ad2a673fe0dceace53166f75b81d6709d5f8af7c66bb7", 16);
+
+		public override string Name
+		{
+			get { return "DH"; }
+		}
+
+		private void doTestDH(
+			int         size,
+			BigInteger  g,
+			BigInteger  p)
+		{
+			DHKeyPairGenerator kpGen = getDHKeyPairGenerator(g, p);
+
+			//
+			// generate first pair
+			//
+			AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
+
+			DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
+			DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;
+			//
+			// generate second pair
+			//
+			pair = kpGen.GenerateKeyPair();
+
+			DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public;
+			DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private;
+
+			//
+			// two way
+			//
+			DHAgreement e1 = new DHAgreement();
+			DHAgreement e2 = new DHAgreement();
+
+			e1.Init(pv1);
+			e2.Init(pv2);
+
+			BigInteger m1 = e1.CalculateMessage();
+			BigInteger m2 = e2.CalculateMessage();
+
+			BigInteger k1 = e1.CalculateAgreement(pu2, m2);
+			BigInteger k2 = e2.CalculateAgreement(pu1, m1);
+
+			if (!k1.Equals(k2))
+			{
+				Fail(size + " bit 2-way test failed");
+			}
+		}
+
+		private void doTestDHBasic(
+			int         size,
+			int         privateValueSize,
+			BigInteger  g,
+			BigInteger  p)
+		{
+			DHBasicKeyPairGenerator kpGen = getDHBasicKeyPairGenerator(g, p, privateValueSize);
+
+			//
+			// generate first pair
+			//
+			AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
+
+			DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
+			DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;
+
+			checkKeySize(privateValueSize, pv1);
+			//
+			// generate second pair
+			//
+			pair = kpGen.GenerateKeyPair();
+
+			DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public;
+			DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private;
+
+			checkKeySize(privateValueSize, pv2);
+			//
+			// two way
+			//
+			DHBasicAgreement e1 = new DHBasicAgreement();
+			DHBasicAgreement e2 = new DHBasicAgreement();
+
+			e1.Init(pv1);
+			e2.Init(pv2);
+
+			BigInteger k1 = e1.CalculateAgreement(pu2);
+			BigInteger k2 = e2.CalculateAgreement(pu1);
+
+			if (!k1.Equals(k2))
+			{
+				Fail("basic " + size + " bit 2-way test failed");
+			}
+		}
+
+		private void checkKeySize(
+			int privateValueSize,
+			DHPrivateKeyParameters priv)
+		{
+			if (privateValueSize != 0)
+			{
+				if (priv.X.BitLength != privateValueSize)
+				{
+					Fail("limited key check failed for key size " + privateValueSize);
+				}
+			}
+		}
+
+		private void doTestGPWithRandom(
+			DHKeyPairGenerator kpGen)
+		{
+			//
+			// generate first pair
+			//
+			AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
+
+			DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
+			DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;
+			//
+			// generate second pair
+			//
+			pair = kpGen.GenerateKeyPair();
+
+			DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public;
+			DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private;
+
+			//
+			// two way
+			//
+			DHAgreement e1 = new DHAgreement();
+			DHAgreement e2 = new DHAgreement();
+
+			e1.Init(new ParametersWithRandom(pv1, new SecureRandom()));
+			e2.Init(new ParametersWithRandom(pv2, new SecureRandom()));
+
+			BigInteger m1 = e1.CalculateMessage();
+			BigInteger m2 = e2.CalculateMessage();
+
+			BigInteger k1 = e1.CalculateAgreement(pu2, m2);
+			BigInteger k2 = e2.CalculateAgreement(pu1, m1);
+
+			if (!k1.Equals(k2))
+			{
+				Fail("basic with random 2-way test failed");
+			}
+		}
+
+		private void doTestSimpleWithRandom(
+			DHBasicKeyPairGenerator kpGen)
+		{
+			//
+			// generate first pair
+			//
+			AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
+
+			DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
+			DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;
+			//
+			// generate second pair
+			//
+			pair = kpGen.GenerateKeyPair();
+
+			DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public;
+			DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private;
+
+			//
+			// two way
+			//
+			DHBasicAgreement e1 = new DHBasicAgreement();
+			DHBasicAgreement e2 = new DHBasicAgreement();
+
+			e1.Init(new ParametersWithRandom(pv1, new SecureRandom()));
+			e2.Init(new ParametersWithRandom(pv2, new SecureRandom()));
+
+			BigInteger   k1 = e1.CalculateAgreement(pu2);
+			BigInteger   k2 = e2.CalculateAgreement(pu1);
+
+			if (!k1.Equals(k2))
+			{
+				Fail("basic with random 2-way test failed");
+			}
+		}
+
+		private DHBasicKeyPairGenerator getDHBasicKeyPairGenerator(
+			BigInteger g,
+			BigInteger p,
+			int        privateValueSize)
+		{
+			DHParameters dhParams = new DHParameters(p, g, null, privateValueSize);
+			DHKeyGenerationParameters dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), dhParams);
+			DHBasicKeyPairGenerator kpGen = new DHBasicKeyPairGenerator();
+
+			kpGen.Init(dhkgParams);
+
+			return kpGen;
+		}
+
+		private DHKeyPairGenerator getDHKeyPairGenerator(
+			BigInteger g,
+			BigInteger p)
+		{
+			DHParameters dhParams = new DHParameters(p, g);
+			DHKeyGenerationParameters dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), dhParams);
+			DHKeyPairGenerator kpGen = new DHKeyPairGenerator();
+
+			kpGen.Init(dhkgParams);
+
+			return kpGen;
+		}
+
+		/**
+		 * this test is can take quiet a while
+		 */
+		private void doTestGeneration(
+			int size)
+		{
+			DHParametersGenerator pGen = new DHParametersGenerator();
+
+			pGen.Init(size, 10, new SecureRandom());
+
+			DHParameters dhParams = pGen.GenerateParameters();
+
+			if (dhParams.L != 0)
+			{
+				Fail("DHParametersGenerator failed to set J to 0 in generated DHParameters");
+			}
+
+			DHKeyGenerationParameters dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), dhParams);
+
+			DHBasicKeyPairGenerator kpGen = new DHBasicKeyPairGenerator();
+
+			kpGen.Init(dhkgParams);
+
+			//
+			// generate first pair
+			//
+			AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
+
+			DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
+			DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;
+
+			//
+			// generate second pair
+			//
+			dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), pu1.Parameters);
+
+			kpGen.Init(dhkgParams);
+
+			pair = kpGen.GenerateKeyPair();
+
+			DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public;
+			DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private;
+
+			//
+			// two way
+			//
+			DHBasicAgreement e1 = new DHBasicAgreement();
+			DHBasicAgreement e2 = new DHBasicAgreement();
+
+			e1.Init(new ParametersWithRandom(pv1, new SecureRandom()));
+			e2.Init(new ParametersWithRandom(pv2, new SecureRandom()));
+
+			BigInteger k1 = e1.CalculateAgreement(pu2);
+			BigInteger k2 = e2.CalculateAgreement(pu1);
+
+			if (!k1.Equals(k2))
+			{
+				Fail("basic with " + size + " bit 2-way test failed");
+			}
+		}
+
+		public override void PerformTest()
+		{
+			doTestDHBasic(512, 0, g512, p512);
+			doTestDHBasic(768, 0, g768, p768);
+			doTestDHBasic(1024, 0, g1024, p1024);
+
+			doTestDHBasic(512, 64, g512, p512);
+			doTestDHBasic(768, 128, g768, p768);
+			doTestDHBasic(1024, 256, g1024, p1024);
+
+			doTestDH(512, g512, p512);
+			doTestDH(768, g768, p768);
+			doTestDH(1024, g1024, p1024);
+
+			//
+			// generation test.
+			//
+			doTestGeneration(256);
+
+			//
+			// with random test
+			//
+			DHBasicKeyPairGenerator kpBasicGen = getDHBasicKeyPairGenerator(g512, p512, 0);
+
+			doTestSimpleWithRandom(kpBasicGen);
+
+			DHKeyPairGenerator kpGen = getDHKeyPairGenerator(g512, p512);
+
+			doTestGPWithRandom(kpGen);
+
+			//
+			// parameter tests
+			//
+			DHAgreement dh = new DHAgreement();
+			AsymmetricCipherKeyPair dhPair = kpGen.GenerateKeyPair();
+
+			try
+			{
+				dh.Init(dhPair.Public);
+				Fail("DHAgreement key check failed");
+			}
+			catch (ArgumentException)
+			{
+				// ignore
+			}
+
+			DHKeyPairGenerator kpGen768 = getDHKeyPairGenerator(g768, p768);
+
+			try
+			{
+				dh.Init(dhPair.Private);
+
+				dh.CalculateAgreement((DHPublicKeyParameters)kpGen768.GenerateKeyPair().Public, BigInteger.ValueOf(100));
+
+				Fail("DHAgreement agreement check failed");
+			}
+			catch (ArgumentException)
+			{
+				// ignore
+			}
+
+			DHBasicAgreement dhBasic = new DHBasicAgreement();
+			AsymmetricCipherKeyPair dhBasicPair = kpBasicGen.GenerateKeyPair();
+
+			try
+			{
+				dhBasic.Init(dhBasicPair.Public);
+				Fail("DHBasicAgreement key check failed");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+
+			DHBasicKeyPairGenerator kpBasicGen768 = getDHBasicKeyPairGenerator(g768, p768, 0);
+
+			try
+			{
+				dhBasic.Init(dhPair.Private);
+
+				dhBasic.CalculateAgreement((DHPublicKeyParameters)kpBasicGen768.GenerateKeyPair().Public);
+
+				Fail("DHBasicAgreement agreement check failed");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new DHTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/DSATest.cs b/crypto/test/src/crypto/test/DSATest.cs
new file mode 100644
index 000000000..0e6367150
--- /dev/null
+++ b/crypto/test/src/crypto/test/DSATest.cs
@@ -0,0 +1,615 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <summary>Test based on FIPS 186-2, Appendix 5, an example of DSA, and FIPS 168-3 test vectors.</summary>
+    [TestFixture]
+    public class DsaTest
+        : SimpleTest
+    {
+        public override string Name
+        {
+            get { return "DSA"; }
+        }
+
+        internal BigInteger pValue = new BigInteger("8df2a494492276aa3d25759bb06869cbeac0d83afb8d0cf7cbb8324f0d7882e5d0762fc5b7210eafc2e9adac32ab7aac49693dfbf83724c2ec0736ee31c80291", 16);
+        internal BigInteger qValue = new BigInteger("c773218c737ec8ee993b4f2ded30f48edace915f", 16);
+
+        public override void PerformTest()
+        {
+            byte[] k1 = Hex.Decode("d5014e4b60ef2ba8b6211b4062ba3224e0427dd3");
+            byte[] k2 = Hex.Decode("345e8d05c075c3a508df729a1685690e68fcfb8c8117847e89063bca1f85d968fd281540b6e13bd1af989a1fbf17e06462bf511f9d0b140fb48ac1b1baa5bded");
+
+            SecureRandom random = FixedSecureRandom.From(k1, k2);
+
+            byte[] keyData = Hex.Decode("b5014e4b60ef2ba8b6211b4062ba3224e0427dd3");
+
+            SecureRandom keyRandom = FixedSecureRandom.From(keyData, keyData);
+
+            BigInteger r = new BigInteger("68076202252361894315274692543577577550894681403");
+            BigInteger s = new BigInteger("1089214853334067536215539335472893651470583479365");
+            DsaParametersGenerator pGen = new DsaParametersGenerator();
+
+            pGen.Init(512, 80, random);
+
+            DsaParameters parameters = pGen.GenerateParameters();
+            DsaValidationParameters pValid = parameters.ValidationParameters;
+
+            if (pValid.Counter != 105)
+            {
+                Fail("Counter wrong");
+            }
+
+            if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q))
+            {
+                Fail("p or q wrong");
+            }
+
+            DsaKeyPairGenerator dsaKeyGen = new DsaKeyPairGenerator();
+            DsaKeyGenerationParameters genParam = new DsaKeyGenerationParameters(keyRandom, parameters);
+
+            dsaKeyGen.Init(genParam);
+
+            AsymmetricCipherKeyPair pair = dsaKeyGen.GenerateKeyPair();
+
+            ParametersWithRandom param = new ParametersWithRandom(pair.Private, keyRandom);
+
+            DsaSigner dsa = new DsaSigner();
+
+            dsa.Init(true, param);
+
+            byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArrayUnsigned();
+            BigInteger[] sig = dsa.GenerateSignature(message);
+
+            if (!r.Equals(sig[0]))
+            {
+                Fail("r component wrong." + SimpleTest.NewLine
+                    + " expecting: " + r + SimpleTest.NewLine
+                    + " got      : " + sig[0]);
+            }
+
+            if (!s.Equals(sig[1]))
+            {
+                Fail("s component wrong." + SimpleTest.NewLine
+                    + " expecting: " + s + SimpleTest.NewLine
+                    + " got      : " + sig[1]);
+            }
+
+            dsa.Init(false, pair.Public);
+
+            if (!dsa.VerifySignature(message, sig[0], sig[1]))
+            {
+                Fail("verification fails");
+            }
+
+            Dsa2Test1();
+            Dsa2Test2();
+            Dsa2Test3();
+            Dsa2Test4();
+        }
+
+        private void Dsa2Test1()
+        {
+            byte[] seed = Hex.Decode("ED8BEE8D1CB89229D2903CBF0E51EE7377F48698");
+
+            DsaParametersGenerator pGen = new DsaParametersGenerator();
+
+            pGen.Init(new DsaParameterGenerationParameters(1024, 160, 80, new DsaTestSecureRandom(seed)));
+
+            DsaParameters parameters = pGen.GenerateParameters();
+
+            DsaValidationParameters pv = parameters.ValidationParameters;
+
+            if (pv.Counter != 5)
+            {
+                Fail("counter incorrect");
+            }
+
+            if (!AreEqual(seed, pv.GetSeed()))
+            {
+                Fail("seed incorrect");
+            }
+
+            if (!parameters.Q.Equals(new BigInteger("E950511EAB424B9A19A2AEB4E159B7844C589C4F", 16)))
+            {
+                Fail("Q incorrect");
+            }
+
+            if (!parameters.P.Equals(new BigInteger(
+                "E0A67598CD1B763B" +
+                "C98C8ABB333E5DDA0CD3AA0E5E1FB5BA8A7B4EABC10BA338" +
+                "FAE06DD4B90FDA70D7CF0CB0C638BE3341BEC0AF8A7330A3" +
+                "307DED2299A0EE606DF035177A239C34A912C202AA5F83B9" +
+                "C4A7CF0235B5316BFC6EFB9A248411258B30B839AF172440" +
+                "F32563056CB67A861158DDD90E6A894C72A5BBEF9E286C6B", 16)))
+            {
+                Fail("P incorrect");
+            }
+
+            if (!parameters.G.Equals(new BigInteger(
+                "D29D5121B0423C27" +
+                "69AB21843E5A3240FF19CACC792264E3BB6BE4F78EDD1B15" +
+                "C4DFF7F1D905431F0AB16790E1F773B5CE01C804E509066A" +
+                "9919F5195F4ABC58189FD9FF987389CB5BEDF21B4DAB4F8B" +
+                "76A055FFE2770988FE2EC2DE11AD92219F0B351869AC24DA" +
+                "3D7BA87011A701CE8EE7BFE49486ED4527B7186CA4610A75", 16)))
+            {
+                Fail("G incorrect");
+            }
+
+            DsaKeyPairGenerator kpGen = new DsaKeyPairGenerator();
+
+            kpGen.Init(new DsaKeyGenerationParameters(FixedSecureRandom.From(Hex.Decode("D0EC4E50BB290A42E9E355C73D8809345DE2E139")), parameters));
+
+            AsymmetricCipherKeyPair kp = kpGen.GenerateKeyPair();
+
+            DsaPublicKeyParameters pub = (DsaPublicKeyParameters)kp.Public;
+            DsaPrivateKeyParameters priv = (DsaPrivateKeyParameters)kp.Private;
+
+            if (!pub.Y.Equals(new BigInteger(
+                "25282217F5730501" +
+                "DD8DBA3EDFCF349AAFFEC20921128D70FAC44110332201BB" +
+                "A3F10986140CBB97C726938060473C8EC97B4731DB004293" +
+                "B5E730363609DF9780F8D883D8C4D41DED6A2F1E1BBBDC97" +
+                "9E1B9D6D3C940301F4E978D65B19041FCF1E8B518F5C0576" +
+                "C770FE5A7A485D8329EE2914A2DE1B5DA4A6128CEAB70F79", 16)))
+            {
+                Fail("Y value incorrect");
+            }
+
+            if (!priv.X.Equals(
+                new BigInteger("D0EC4E50BB290A42E9E355C73D8809345DE2E139", 16)))
+            {
+                Fail("X value incorrect");
+            }
+
+            DsaSigner signer = new DsaSigner();
+
+            signer.Init(true, new ParametersWithRandom(kp.Private, FixedSecureRandom.From(Hex.Decode("349C55648DCF992F3F33E8026CFAC87C1D2BA075"))));
+
+            byte[] msg = Hex.Decode("A9993E364706816ABA3E25717850C26C9CD0D89D");
+
+            BigInteger[] sig = signer.GenerateSignature(msg);
+
+            if (!sig[0].Equals(new BigInteger("636155AC9A4633B4665D179F9E4117DF68601F34", 16)))
+            {
+                Fail("R value incorrect");
+            }
+
+            if (!sig[1].Equals(new BigInteger("6C540B02D9D4852F89DF8CFC99963204F4347704", 16)))
+            {
+                Fail("S value incorrect");
+            }
+
+            signer.Init(false, kp.Public);
+
+            if (!signer.VerifySignature(msg, sig[0], sig[1]))
+            {
+                Fail("signature not verified");
+            }
+
+        }
+
+        private void Dsa2Test2()
+        {
+            byte[] seed = Hex.Decode("5AFCC1EFFC079A9CCA6ECA86D6E3CC3B18642D9BE1CC6207C84002A9");
+
+            DsaParametersGenerator pGen = new DsaParametersGenerator(new Sha224Digest());
+
+            pGen.Init(new DsaParameterGenerationParameters(2048, 224, 80, new DsaTestSecureRandom(seed)));
+
+            DsaParameters parameters = pGen.GenerateParameters();
+
+            DsaValidationParameters pv = parameters.ValidationParameters;
+
+            if (pv.Counter != 21)
+            {
+                Fail("counter incorrect");
+            }
+
+            if (!AreEqual(seed, pv.GetSeed()))
+            {
+                Fail("seed incorrect");
+            }
+
+            if (!parameters.Q.Equals(new BigInteger("90EAF4D1AF0708B1B612FF35E0A2997EB9E9D263C9CE659528945C0D", 16)))
+            {
+                Fail("Q incorrect");
+            }
+
+            if (!parameters.P.Equals(new BigInteger(
+                "C196BA05AC29E1F9C3C72D56DFFC6154" +
+                "A033F1477AC88EC37F09BE6C5BB95F51C296DD20D1A28A06" +
+                "7CCC4D4316A4BD1DCA55ED1066D438C35AEBAABF57E7DAE4" +
+                "28782A95ECA1C143DB701FD48533A3C18F0FE23557EA7AE6" +
+                "19ECACC7E0B51652A8776D02A425567DED36EABD90CA33A1" +
+                "E8D988F0BBB92D02D1D20290113BB562CE1FC856EEB7CDD9" +
+                "2D33EEA6F410859B179E7E789A8F75F645FAE2E136D252BF" +
+                "FAFF89528945C1ABE705A38DBC2D364AADE99BE0D0AAD82E" +
+                "5320121496DC65B3930E38047294FF877831A16D5228418D" +
+                "E8AB275D7D75651CEFED65F78AFC3EA7FE4D79B35F62A040" +
+                "2A1117599ADAC7B269A59F353CF450E6982D3B1702D9CA83", 16)))
+            {
+                Fail("P incorrect");
+            }
+
+            if (!parameters.G.Equals(new BigInteger(
+                "A59A749A11242C58C894E9E5A91804E8"+
+                "FA0AC64B56288F8D47D51B1EDC4D65444FECA0111D78F35F"+
+                "C9FDD4CB1F1B79A3BA9CBEE83A3F811012503C8117F98E50"+
+                "48B089E387AF6949BF8784EBD9EF45876F2E6A5A495BE64B"+
+                "6E770409494B7FEE1DBB1E4B2BC2A53D4F893D418B715959"+
+                "2E4FFFDF6969E91D770DAEBD0B5CB14C00AD68EC7DC1E574"+
+                "5EA55C706C4A1C5C88964E34D09DEB753AD418C1AD0F4FDF"+
+                "D049A955E5D78491C0B7A2F1575A008CCD727AB376DB6E69"+
+                "5515B05BD412F5B8C2F4C77EE10DA48ABD53F5DD498927EE"+
+                "7B692BBBCDA2FB23A516C5B4533D73980B2A3B60E384ED20"+
+                "0AE21B40D273651AD6060C13D97FD69AA13C5611A51B9085", 16)))
+            {
+                Fail("G incorrect");
+            }
+
+            DsaKeyPairGenerator kpGen = new DsaKeyPairGenerator();
+
+            kpGen.Init(new DsaKeyGenerationParameters(
+                FixedSecureRandom.From(Hex.Decode("00D0F09ED3E2568F6CADF9224117DA2AEC5A4300E009DE1366023E17")), parameters));
+
+            AsymmetricCipherKeyPair kp = kpGen.GenerateKeyPair();
+
+            DsaPublicKeyParameters pub = (DsaPublicKeyParameters)kp.Public;
+            DsaPrivateKeyParameters priv = (DsaPrivateKeyParameters)kp.Private;
+
+            if (!pub.Y.Equals(new BigInteger(
+                "70035C9A3B225B258F16741F3941FBF0" +
+                "6F3D056CD7BD864604CBB5EE9DD85304EE8E8E4ABD5E9032" +
+                "11DDF25CE149075510ACE166970AFDC7DF552B7244F342FA" +
+                "02F7A621405B754909D757F97290E1FE5036E904CF593446" +
+                "0C046D95659821E1597ED9F2B1F0E20863A6BBD0CE74DACB" +
+                "A5D8C68A90B29C2157CDEDB82EC12B81EE3068F9BF5F7F34" +
+                "6ECA41ED174CCCD7D154FA4F42F80FFE1BF46AE9D8125DEB" +
+                "5B4BA08A72BDD86596DBEDDC9550FDD650C58F5AE5133509" +
+                "A702F79A31ECB490F7A3C5581631F7C5BE4FF7F9E9F27FA3" +
+                "90E47347AD1183509FED6FCF198BA9A71AB3335B4F38BE8D" +
+                "15496A00B6DC2263E20A5F6B662320A3A1EC033AA61E3B68", 16)))
+            {
+                Fail("Y value incorrect");
+            }
+
+            if (!priv.X.Equals(
+                new BigInteger("00D0F09ED3E2568F6CADF9224117DA2AEC5A4300E009DE1366023E17", 16)))
+            {
+                Fail("X value incorrect");
+            }
+
+            DsaSigner signer = new DsaSigner();
+
+            signer.Init(true, new ParametersWithRandom(kp.Private,
+                FixedSecureRandom.From(Hex.Decode("735959CC4463B8B440E407EECA8A473BF6A6D1FE657546F67D401F05"))));
+
+            byte[] msg = Hex.Decode("23097D223405D8228642A477BDA255B32AADBCE4BDA0B3F7E36C9DA7");
+
+            BigInteger[] sig = signer.GenerateSignature(msg);
+
+            if (!sig[0].Equals(new BigInteger("4400138D05F9639CAF54A583CAAF25D2B76D0C3EAD752CE17DBC85FE", 16)))
+            {
+                Fail("R value incorrect");
+            }
+
+            if (!sig[1].Equals(new BigInteger("874D4F12CB13B61732D398445698CFA9D92381D938AA57EE2C9327B3", 16)))
+            {
+                Fail("S value incorrect");
+            }
+
+            signer.Init(false, kp.Public);
+
+            if (!signer.VerifySignature(msg, sig[0], sig[1]))
+            {
+                Fail("signature not verified");
+            }
+        }
+
+        private void Dsa2Test3()
+        {
+            byte[] seed = Hex.Decode("4783081972865EA95D43318AB2EAF9C61A2FC7BBF1B772A09017BDF5A58F4FF0");
+
+            DsaParametersGenerator pGen = new DsaParametersGenerator(new Sha256Digest());
+
+            pGen.Init(new DsaParameterGenerationParameters(2048, 256, 80, new DsaTestSecureRandom(seed)));
+
+            DsaParameters parameters = pGen.GenerateParameters();
+
+            DsaValidationParameters pv = parameters.ValidationParameters;
+
+            if (pv.Counter != 12)
+            {
+                Fail("counter incorrect");
+            }
+
+            if (!AreEqual(seed, pv.GetSeed()))
+            {
+                Fail("seed incorrect");
+            }
+
+            if (!parameters.Q.Equals(new BigInteger("C24ED361870B61E0D367F008F99F8A1F75525889C89DB1B673C45AF5867CB467", 16)))
+            {
+                Fail("Q incorrect");
+            }
+
+            if (!parameters.P.Equals(new BigInteger(
+                "F56C2A7D366E3EBDEAA1891FD2A0D099" +
+                "436438A673FED4D75F594959CFFEBCA7BE0FC72E4FE67D91" +
+                "D801CBA0693AC4ED9E411B41D19E2FD1699C4390AD27D94C" +
+                "69C0B143F1DC88932CFE2310C886412047BD9B1C7A67F8A2" +
+                "5909132627F51A0C866877E672E555342BDF9355347DBD43" +
+                "B47156B2C20BAD9D2B071BC2FDCF9757F75C168C5D9FC431" +
+                "31BE162A0756D1BDEC2CA0EB0E3B018A8B38D3EF2487782A" +
+                "EB9FBF99D8B30499C55E4F61E5C7DCEE2A2BB55BD7F75FCD" +
+                "F00E48F2E8356BDB59D86114028F67B8E07B127744778AFF" +
+                "1CF1399A4D679D92FDE7D941C5C85C5D7BFF91BA69F9489D" +
+                "531D1EBFA727CFDA651390F8021719FA9F7216CEB177BD75", 16)))
+            {
+                Fail("P incorrect");
+            }
+
+            if (!parameters.G.Equals(new BigInteger(
+                "8DC6CC814CAE4A1C05A3E186A6FE27EA" +
+                "BA8CDB133FDCE14A963A92E809790CBA096EAA26140550C1" +
+                "29FA2B98C16E84236AA33BF919CD6F587E048C52666576DB" +
+                "6E925C6CBE9B9EC5C16020F9A44C9F1C8F7A8E611C1F6EC2" +
+                "513EA6AA0B8D0F72FED73CA37DF240DB57BBB27431D61869" +
+                "7B9E771B0B301D5DF05955425061A30DC6D33BB6D2A32BD0" +
+                "A75A0A71D2184F506372ABF84A56AEEEA8EB693BF29A6403" +
+                "45FA1298A16E85421B2208D00068A5A42915F82CF0B858C8" +
+                "FA39D43D704B6927E0B2F916304E86FB6A1B487F07D8139E" +
+                "428BB096C6D67A76EC0B8D4EF274B8A2CF556D279AD267CC" +
+                "EF5AF477AFED029F485B5597739F5D0240F67C2D948A6279", 16)))
+            {
+                Fail("G incorrect");
+            }
+
+            DsaKeyPairGenerator kpGen = new DsaKeyPairGenerator();
+
+            kpGen.Init(new DsaKeyGenerationParameters(
+                FixedSecureRandom.From(Hex.Decode("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C")), parameters));
+
+            AsymmetricCipherKeyPair kp = kpGen.GenerateKeyPair();
+
+            DsaPublicKeyParameters pub = (DsaPublicKeyParameters)kp.Public;
+            DsaPrivateKeyParameters priv = (DsaPrivateKeyParameters)kp.Private;
+
+            if (!pub.Y.Equals(new BigInteger(
+                "2828003D7C747199143C370FDD07A286" +
+                "1524514ACC57F63F80C38C2087C6B795B62DE1C224BF8D1D" +
+                "1424E60CE3F5AE3F76C754A2464AF292286D873A7A30B7EA" +
+                "CBBC75AAFDE7191D9157598CDB0B60E0C5AA3F6EBE425500" +
+                "C611957DBF5ED35490714A42811FDCDEB19AF2AB30BEADFF" +
+                "2907931CEE7F3B55532CFFAEB371F84F01347630EB227A41" +
+                "9B1F3F558BC8A509D64A765D8987D493B007C4412C297CAF" +
+                "41566E26FAEE475137EC781A0DC088A26C8804A98C23140E" +
+                "7C936281864B99571EE95C416AA38CEEBB41FDBFF1EB1D1D" +
+                "C97B63CE1355257627C8B0FD840DDB20ED35BE92F08C49AE" +
+                "A5613957D7E5C7A6D5A5834B4CB069E0831753ECF65BA02B", 16)))
+            {
+                Fail("Y value incorrect");
+            }
+
+            if (!priv.X.Equals(
+                new BigInteger("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C", 16)))
+            {
+                Fail("X value incorrect");
+            }
+
+            DsaSigner signer = new DsaSigner();
+
+            signer.Init(true, new ParametersWithRandom(kp.Private,
+                FixedSecureRandom.From(Hex.Decode("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C"))));
+
+            byte[] msg = Hex.Decode("BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD");
+
+            BigInteger[] sig = signer.GenerateSignature(msg);
+
+            if (!sig[0].Equals(new BigInteger("315C875DCD4850E948B8AC42824E9483A32D5BA5ABE0681B9B9448D444F2BE3C", 16)))
+            {
+                Fail("R value incorrect");
+            }
+
+            if (!sig[1].Equals(new BigInteger("89718D12E54A8D9ED066E4A55F7ED5A2229CD23B9A3CEE78F83ED6AA61F6BCB9", 16)))
+            {
+                Fail("S value incorrect");
+            }
+
+            signer.Init(false, kp.Public);
+
+            if (!signer.VerifySignature(msg, sig[0], sig[1]))
+            {
+                Fail("signature not verified");
+            }
+        }
+
+        private void Dsa2Test4()
+        {
+            byte[] seed = Hex.Decode("193AFCA7C1E77B3C1ECC618C81322E47B8B8B997C9C83515C59CC446C2D9BD47");
+
+            DsaParametersGenerator pGen = new DsaParametersGenerator(new Sha256Digest());
+
+            pGen.Init(new DsaParameterGenerationParameters(3072, 256, 80, new DsaTestSecureRandom(seed)));
+
+            DsaParameters parameters = pGen.GenerateParameters();
+
+            DsaValidationParameters pv = parameters.ValidationParameters;
+
+            if (pv.Counter != 20)
+            {
+                Fail("counter incorrect");
+            }
+
+            if (!AreEqual(seed, pv.GetSeed()))
+            {
+                Fail("seed incorrect");
+            }
+
+            if (!parameters.Q.Equals(new BigInteger("CFA0478A54717B08CE64805B76E5B14249A77A4838469DF7F7DC987EFCCFB11D", 16)))
+            {
+                Fail("Q incorrect");
+            }
+
+            if (!parameters.P.Equals(new BigInteger(
+                "90066455B5CFC38F9CAA4A48B4281F292C260FEEF01FD610" +
+                "37E56258A7795A1C7AD46076982CE6BB956936C6AB4DCFE0" +
+                "5E6784586940CA544B9B2140E1EB523F009D20A7E7880E4E" +
+                "5BFA690F1B9004A27811CD9904AF70420EEFD6EA11EF7DA1" +
+                "29F58835FF56B89FAA637BC9AC2EFAAB903402229F491D8D" +
+                "3485261CD068699B6BA58A1DDBBEF6DB51E8FE34E8A78E54" +
+                "2D7BA351C21EA8D8F1D29F5D5D15939487E27F4416B0CA63" +
+                "2C59EFD1B1EB66511A5A0FBF615B766C5862D0BD8A3FE7A0" +
+                "E0DA0FB2FE1FCB19E8F9996A8EA0FCCDE538175238FC8B0E" +
+                "E6F29AF7F642773EBE8CD5402415A01451A840476B2FCEB0" +
+                "E388D30D4B376C37FE401C2A2C2F941DAD179C540C1C8CE0" +
+                "30D460C4D983BE9AB0B20F69144C1AE13F9383EA1C08504F" +
+                "B0BF321503EFE43488310DD8DC77EC5B8349B8BFE97C2C56" +
+                "0EA878DE87C11E3D597F1FEA742D73EEC7F37BE43949EF1A" +
+                "0D15C3F3E3FC0A8335617055AC91328EC22B50FC15B941D3" +
+                "D1624CD88BC25F3E941FDDC6200689581BFEC416B4B2CB73", 16)))
+            {
+                Fail("P incorrect");
+            }
+
+            if (!parameters.G.Equals(new BigInteger(
+                "5E5CBA992E0A680D885EB903AEA78E4A45A469103D448EDE" +
+                "3B7ACCC54D521E37F84A4BDD5B06B0970CC2D2BBB715F7B8" +
+                "2846F9A0C393914C792E6A923E2117AB805276A975AADB52" +
+                "61D91673EA9AAFFEECBFA6183DFCB5D3B7332AA19275AFA1" +
+                "F8EC0B60FB6F66CC23AE4870791D5982AAD1AA9485FD8F4A" +
+                "60126FEB2CF05DB8A7F0F09B3397F3937F2E90B9E5B9C9B6" +
+                "EFEF642BC48351C46FB171B9BFA9EF17A961CE96C7E7A7CC" +
+                "3D3D03DFAD1078BA21DA425198F07D2481622BCE45969D9C" +
+                "4D6063D72AB7A0F08B2F49A7CC6AF335E08C4720E31476B6" +
+                "7299E231F8BD90B39AC3AE3BE0C6B6CACEF8289A2E2873D5" +
+                "8E51E029CAFBD55E6841489AB66B5B4B9BA6E2F784660896" +
+                "AFF387D92844CCB8B69475496DE19DA2E58259B090489AC8" +
+                "E62363CDF82CFD8EF2A427ABCD65750B506F56DDE3B98856" +
+                "7A88126B914D7828E2B63A6D7ED0747EC59E0E0A23CE7D8A" +
+                "74C1D2C2A7AFB6A29799620F00E11C33787F7DED3B30E1A2" +
+                "2D09F1FBDA1ABBBFBF25CAE05A13F812E34563F99410E73B", 16)))
+            {
+                Fail("G incorrect");
+            }
+
+            DsaKeyPairGenerator kpGen = new DsaKeyPairGenerator();
+
+            kpGen.Init(new DsaKeyGenerationParameters(
+                FixedSecureRandom.From(Hex.Decode("3ABC1587297CE7B9EA1AD6651CF2BC4D7F92ED25CABC8553F567D1B40EBB8764")), parameters));
+
+            AsymmetricCipherKeyPair kp = kpGen.GenerateKeyPair();
+
+            DsaPublicKeyParameters pub = (DsaPublicKeyParameters)kp.Public;
+            DsaPrivateKeyParameters priv = (DsaPrivateKeyParameters)kp.Private;
+
+            if (!pub.Y.Equals(new BigInteger(
+                "8B891C8692D3DE875879390F2698B26FBECCA6B075535DCE" +
+                "6B0C862577F9FA0DEF6074E7A7624121224A595896ABD4CD" +
+                "A56B2CEFB942E025D2A4282FFAA98A48CDB47E1A6FCB5CFB" +
+                "393EF35AF9DF913102BB303C2B5C36C3F8FC04ED7B8B69FE" +
+                "FE0CF3E1FC05CFA713B3435B2656E913BA8874AEA9F93600" +
+                "6AEB448BCD005D18EC3562A33D04CF25C8D3D69844343442" +
+                "FA3DB7DE618C5E2DA064573E61E6D5581BFB694A23AC87FD" +
+                "5B52D62E954E1376DB8DDB524FFC0D469DF978792EE44173" +
+                "8E5DB05A7DC43E94C11A2E7A4FBE383071FA36D2A7EC8A93" +
+                "88FE1C4F79888A99D3B6105697C2556B79BB4D7E781CEBB3" +
+                "D4866AD825A5E830846072289FDBC941FA679CA82F5F78B7" +
+                "461B2404DB883D215F4E0676CF5493950AC5591697BFEA8D" +
+                "1EE6EC016B89BA51CAFB5F9C84C989FA117375E94578F28B" +
+                "E0B34CE0545DA46266FD77F62D8F2CEE92AB77012AFEBC11" +
+                "008985A821CD2D978C7E6FE7499D1AAF8DE632C21BB48CA5" +
+                "CBF9F31098FD3FD3854C49A65D9201744AACE540354974F9", 16)))
+            {
+                Fail("Y value incorrect");
+            }
+
+            if (!priv.X.Equals(
+                new BigInteger("3ABC1587297CE7B9EA1AD6651CF2BC4D7F92ED25CABC8553F567D1B40EBB8764", 16)))
+            {
+                Fail("X value incorrect");
+            }
+
+            DsaSigner signer = new DsaSigner();
+
+            signer.Init(true, new ParametersWithRandom(kp.Private,
+                FixedSecureRandom.From(Hex.Decode("A6902C1E6E3943C5628061588A8B007BCCEA91DBF12915483F04B24AB0678BEE"))));
+
+            byte[] msg = Hex.Decode("BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD");
+
+            BigInteger[] sig = signer.GenerateSignature(msg);
+
+            if (!sig[0].Equals(new BigInteger("5F184E645A38BE8FB4A6871B6503A9D12924C7ABE04B71410066C2ECA6E3BE3E", 16)))
+            {
+                Fail("R value incorrect");
+            }
+
+            if (!sig[1].Equals(new BigInteger("91EB0C7BA3D4B9B60B825C3D9F2CADA8A2C9D7723267B033CBCDCF8803DB9C18", 16)))
+            {
+                Fail("S value incorrect");
+            }
+
+            signer.Init(false, kp.Public);
+
+            if (!signer.VerifySignature(msg, sig[0], sig[1]))
+            {
+                Fail("signature not verified");
+            }
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new DsaTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+
+        private class DsaTestSecureRandom
+            : FixedSecureRandom
+        {
+            private bool first = true;
+
+            public DsaTestSecureRandom(byte[] value)
+                : base(Arrays.Clone(value))
+            {
+            }
+
+            public override void NextBytes(byte[] bytes)
+            {
+                if (first)
+                {
+                    base.NextBytes(bytes);
+                    first = false;
+                }
+                else
+                {
+                    bytes[bytes.Length - 1] = 2;
+                }
+            }
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/DigestRandomNumberTest.cs b/crypto/test/src/crypto/test/DigestRandomNumberTest.cs
new file mode 100644
index 000000000..cee2e354e
--- /dev/null
+++ b/crypto/test/src/crypto/test/DigestRandomNumberTest.cs
@@ -0,0 +1,163 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Prng;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	[TestFixture]
+	public class DigestRandomNumberTest
+		: SimpleTest
+	{
+		private static readonly byte[] ZERO_SEED = { 0, 0, 0, 0, 0, 0, 0, 0 };
+
+		private static readonly byte[] TEST_SEED = Hex.Decode("81dcfafc885914057876");
+
+		private static readonly byte[] expected0SHA1 = Hex.Decode("95bca677b3d4ff793213c00892d2356ec729ee02");
+		private static readonly byte[] noCycle0SHA1 = Hex.Decode("d57ccd0eb12c3938d59226412bc1268037b6b846");
+		private static readonly byte[] expected0SHA256 = Hex.Decode("587e2dfd597d086e47ddcd343eac983a5c913bef8c6a1a560a5c1bc3a74b0991");
+		private static readonly byte[] noCycle0SHA256 = Hex.Decode("e5776c4483486ba7be081f4e1b9dafbab25c8fae290fd5474c1ceda2c16f9509");
+		private static readonly byte[] expected100SHA1 = Hex.Decode("b9d924092546e0876cafd4937d7364ebf9efa4be");
+		private static readonly byte[] expected100SHA256 = Hex.Decode("fbc4aa54b948b99de104c44563a552899d718bb75d1941cc62a2444b0506abaf");
+		private static readonly byte[] expectedTestSHA1 = Hex.Decode("e9ecef9f5306daf1ac51a89a211a64cb24415649");
+		private static readonly byte[] expectedTestSHA256 = Hex.Decode("bdab3ca831b472a2fa09bd1bade541ef16c96640a91fcec553679a136061de98");
+
+		private static readonly byte[] sha1Xors = Hex.Decode("7edcc1216934f3891b03ffa65821611a3e2b1f79");
+		private static readonly byte[] sha256Xors = Hex.Decode("5ec48189cc0aa71e79c707bc3c33ffd47bbba368a83d6cfebf3cd3969d7f3eed");
+
+		public override string Name
+		{
+			get { return "DigestRandomNumber"; }
+		}
+
+		private void doExpectedTest(IDigest digest, int seed, byte[] expected)
+		{
+			doExpectedTest(digest, seed, expected, null);
+		}
+	    
+		private void doExpectedTest(IDigest digest, int seed, byte[] expected, byte[] noCycle)
+		{
+			DigestRandomGenerator rGen = new DigestRandomGenerator(digest);
+			byte[] output = new byte[digest.GetDigestSize()];
+
+			rGen.AddSeedMaterial(seed);
+
+			for (int i = 0; i != 1024; i++)
+			{
+				rGen.NextBytes(output);
+			}
+
+			if (noCycle != null)
+			{
+				if (Arrays.AreEqual(noCycle, output))
+				{
+					Fail("seed not being cycled!");
+				}
+			}
+
+			if (!Arrays.AreEqual(expected, output))
+			{
+				Fail("expected output doesn't match");
+			}
+		}
+
+		private void doExpectedTest(IDigest digest, byte[] seed, byte[] expected)
+		{
+			DigestRandomGenerator rGen = new DigestRandomGenerator(digest);
+			byte[] output = new byte[digest.GetDigestSize()];
+
+			rGen.AddSeedMaterial(seed);
+
+			for (int i = 0; i != 1024; i++)
+			{
+				rGen.NextBytes(output);
+			}
+
+			if (!Arrays.AreEqual(expected, output))
+			{
+				Fail("expected output doesn't match");
+			}
+		}
+
+		private void doCountTest(IDigest digest, byte[] seed, byte[] expectedXors)
+		{
+			DigestRandomGenerator rGen = new DigestRandomGenerator(digest);
+			byte[] output = new byte[digest.GetDigestSize()];
+			int[] averages = new int[digest.GetDigestSize()];
+			byte[] ands = new byte[digest.GetDigestSize()];
+			byte[] xors = new byte[digest.GetDigestSize()];
+			byte[] ors = new byte[digest.GetDigestSize()];
+
+			rGen.AddSeedMaterial(seed);
+
+			for (int i = 0; i != 1000000; i++)
+			{
+				rGen.NextBytes(output);
+				for (int j = 0; j != output.Length; j++)
+				{
+					averages[j] += output[j] & 0xff;
+					ands[j] &= output[j];
+					xors[j] ^= output[j];
+					ors[j] |= output[j];
+				}
+			}
+
+			for (int i = 0; i != output.Length; i++)
+			{
+				if ((averages[i] / 1000000) != 127)
+				{
+					Fail("average test failed for " + digest.AlgorithmName);
+				}
+				if (ands[i] != 0)
+				{
+					Fail("and test failed for " + digest.AlgorithmName);
+				}
+				if ((ors[i] & 0xff) != 0xff)
+				{
+					Fail("or test failed for " + digest.AlgorithmName);
+				}
+				if (xors[i] != expectedXors[i])
+				{
+					Fail("xor test failed for " + digest.AlgorithmName);
+				}
+			}
+		}
+
+		public override void PerformTest()
+		{
+			doExpectedTest(new Sha1Digest(), 0, expected0SHA1, noCycle0SHA1);
+			doExpectedTest(new Sha256Digest(), 0, expected0SHA256, noCycle0SHA256);
+
+			doExpectedTest(new Sha1Digest(), 100, expected100SHA1);
+			doExpectedTest(new Sha256Digest(), 100, expected100SHA256);
+
+			doExpectedTest(new Sha1Digest(), ZERO_SEED, expected0SHA1);
+			doExpectedTest(new Sha256Digest(), ZERO_SEED, expected0SHA256);
+
+			doExpectedTest(new Sha1Digest(), TEST_SEED, expectedTestSHA1);
+			doExpectedTest(new Sha256Digest(), TEST_SEED, expectedTestSHA256);
+
+			doCountTest(new Sha1Digest(), TEST_SEED, sha1Xors);
+			doCountTest(new Sha256Digest(), TEST_SEED, sha256Xors);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new DigestRandomNumberTest());
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/DigestTest.cs b/crypto/test/src/crypto/test/DigestTest.cs
new file mode 100644
index 000000000..533e87181
--- /dev/null
+++ b/crypto/test/src/crypto/test/DigestTest.cs
@@ -0,0 +1,143 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	public abstract class DigestTest
+		: SimpleTest
+	{
+		private IDigest digest;
+		private string[] input;
+		private string[] results;
+
+		protected DigestTest(
+			IDigest digest,
+			string[] input,
+			string[] results)
+		{
+			this.digest = digest;
+			this.input = input;
+			this.results = results;
+		}
+
+		public override string Name
+		{
+			get { return digest.AlgorithmName; }
+		}
+
+		public override void PerformTest()
+		{
+			byte[] resBuf = new byte[digest.GetDigestSize()];
+
+			for (int i = 0; i < input.Length - 1; i++)
+			{
+				byte[] m = toByteArray(input[i]);
+
+				vectorTest(digest, i, resBuf, m, Hex.Decode(results[i]));
+			}
+
+			byte[] lastV = toByteArray(input[input.Length - 1]);
+			byte[] lastDigest = Hex.Decode(results[input.Length - 1]);
+
+			vectorTest(digest, input.Length - 1, resBuf, lastV, Hex.Decode(results[input.Length - 1]));
+
+			//
+			// clone test
+			//
+			digest.BlockUpdate(lastV, 0, lastV.Length/2);
+
+			// clone the Digest
+			IDigest d = CloneDigest(digest);
+
+			digest.BlockUpdate(lastV, lastV.Length/2, lastV.Length - lastV.Length/2);
+			digest.DoFinal(resBuf, 0);
+
+			if (!AreEqual(lastDigest, resBuf))
+			{
+				Fail("failing clone vector test", results[results.Length - 1], Hex.ToHexString(resBuf));
+			}
+
+			d.BlockUpdate(lastV, lastV.Length/2, lastV.Length - lastV.Length/2);
+			d.DoFinal(resBuf, 0);
+
+			if (!AreEqual(lastDigest, resBuf))
+			{
+				Fail("failing second clone vector test", results[results.Length - 1], Hex.ToHexString(resBuf));
+			}
+		}
+
+		private byte[] toByteArray(
+			string input)
+		{
+			byte[] bytes = new byte[input.Length];
+
+			for (int i = 0; i != bytes.Length; i++)
+			{
+				bytes[i] = (byte)input[i];
+			}
+
+			return bytes;
+		}
+
+		private void vectorTest(
+			IDigest digest,
+			int count,
+			byte[] resBuf,
+			byte[] input,
+			byte[] expected)
+		{
+			digest.BlockUpdate(input, 0, input.Length);
+			digest.DoFinal(resBuf, 0);
+
+			if (!AreEqual(resBuf, expected))
+			{
+				Fail("Vector " + count + " failed got " + Hex.ToHexString(resBuf));
+			}
+		}
+
+		protected abstract IDigest CloneDigest(IDigest digest);
+
+		//
+		// optional tests
+		//
+		protected void millionATest(
+			string expected)
+		{
+			byte[] resBuf = new byte[digest.GetDigestSize()];
+
+			for (int i = 0; i < 1000000; i++)
+			{
+				digest.Update((byte)'a');
+			}
+
+			digest.DoFinal(resBuf, 0);
+
+			if (!AreEqual(resBuf, Hex.Decode(expected)))
+			{
+				Fail("Million a's failed");
+			}
+		}
+
+		protected void sixtyFourKTest(
+			string expected)
+		{
+			byte[] resBuf = new byte[digest.GetDigestSize()];
+
+			for (int i = 0; i < 65536; i++)
+			{
+				digest.Update((byte)(i & 0xff));
+			}
+
+			digest.DoFinal(resBuf, 0);
+
+			if (!AreEqual(resBuf, Hex.Decode(expected)))
+			{
+				Fail("64k test failed");
+			}
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/EAXTest.cs b/crypto/test/src/crypto/test/EAXTest.cs
new file mode 100644
index 000000000..c6be118b2
--- /dev/null
+++ b/crypto/test/src/crypto/test/EAXTest.cs
@@ -0,0 +1,352 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	[TestFixture]
+	public class EaxTest
+		: SimpleTest
+	{
+		private static readonly byte[] K1 = Hex.Decode("233952DEE4D5ED5F9B9C6D6FF80FF478");
+		private static readonly byte[] N1 = Hex.Decode("62EC67F9C3A4A407FCB2A8C49031A8B3");
+		private static readonly byte[] A1 = Hex.Decode("6BFB914FD07EAE6B");
+		private static readonly byte[] P1 = Hex.Decode("");
+		private static readonly byte[] C1 = Hex.Decode("E037830E8389F27B025A2D6527E79D01");
+		private static readonly byte[] T1 = Hex.Decode("E037830E8389F27B025A2D6527E79D01");
+
+		private static readonly byte[] K2 = Hex.Decode("91945D3F4DCBEE0BF45EF52255F095A4");
+		private static readonly byte[] N2 = Hex.Decode("BECAF043B0A23D843194BA972C66DEBD");
+		private static readonly byte[] A2 = Hex.Decode("FA3BFD4806EB53FA");
+		private static readonly byte[] P2 = Hex.Decode("F7FB");
+		private static readonly byte[] C2 = Hex.Decode("19DD5C4C9331049D0BDAB0277408F67967E5");
+		private static readonly byte[] T2 = Hex.Decode("5C4C9331049D0BDAB0277408F67967E5");
+
+		private static readonly byte[] K3 = Hex.Decode("01F74AD64077F2E704C0F60ADA3DD523");
+		private static readonly byte[] N3 = Hex.Decode("70C3DB4F0D26368400A10ED05D2BFF5E");
+		private static readonly byte[] A3 = Hex.Decode("234A3463C1264AC6");
+		private static readonly byte[] P3 = Hex.Decode("1A47CB4933");
+		private static readonly byte[] C3 = Hex.Decode("D851D5BAE03A59F238A23E39199DC9266626C40F80");
+		private static readonly byte[] T3 = Hex.Decode("3A59F238A23E39199DC9266626C40F80");
+
+		private static readonly byte[] K4 = Hex.Decode("D07CF6CBB7F313BDDE66B727AFD3C5E8");
+		private static readonly byte[] N4 = Hex.Decode("8408DFFF3C1A2B1292DC199E46B7D617");
+		private static readonly byte[] A4 = Hex.Decode("33CCE2EABFF5A79D");
+		private static readonly byte[] P4 = Hex.Decode("481C9E39B1");
+		private static readonly byte[] C4 = Hex.Decode("632A9D131AD4C168A4225D8E1FF755939974A7BEDE");
+		private static readonly byte[] T4 = Hex.Decode("D4C168A4225D8E1FF755939974A7BEDE");
+
+		private static readonly byte[] K5 = Hex.Decode("35B6D0580005BBC12B0587124557D2C2");
+		private static readonly byte[] N5 = Hex.Decode("FDB6B06676EEDC5C61D74276E1F8E816");
+		private static readonly byte[] A5 = Hex.Decode("AEB96EAEBE2970E9");
+		private static readonly byte[] P5 = Hex.Decode("40D0C07DA5E4");
+		private static readonly byte[] C5 = Hex.Decode("071DFE16C675CB0677E536F73AFE6A14B74EE49844DD");
+		private static readonly byte[] T5 = Hex.Decode("CB0677E536F73AFE6A14B74EE49844DD");
+
+		private static readonly byte[] K6 = Hex.Decode("BD8E6E11475E60B268784C38C62FEB22");
+		private static readonly byte[] N6 = Hex.Decode("6EAC5C93072D8E8513F750935E46DA1B");
+		private static readonly byte[] A6 = Hex.Decode("D4482D1CA78DCE0F");
+		private static readonly byte[] P6 = Hex.Decode("4DE3B35C3FC039245BD1FB7D");
+		private static readonly byte[] C6 = Hex.Decode("835BB4F15D743E350E728414ABB8644FD6CCB86947C5E10590210A4F");
+		private static readonly byte[] T6 = Hex.Decode("ABB8644FD6CCB86947C5E10590210A4F");
+
+		private static readonly byte[] K7 = Hex.Decode("7C77D6E813BED5AC98BAA417477A2E7D");
+		private static readonly byte[] N7 = Hex.Decode("1A8C98DCD73D38393B2BF1569DEEFC19");
+		private static readonly byte[] A7 = Hex.Decode("65D2017990D62528");
+		private static readonly byte[] P7 = Hex.Decode("8B0A79306C9CE7ED99DAE4F87F8DD61636");
+		private static readonly byte[] C7 = Hex.Decode("02083E3979DA014812F59F11D52630DA30137327D10649B0AA6E1C181DB617D7F2");
+		private static readonly byte[] T7 = Hex.Decode("137327D10649B0AA6E1C181DB617D7F2");
+
+		private static readonly byte[] K8 = Hex.Decode("5FFF20CAFAB119CA2FC73549E20F5B0D");
+		private static readonly byte[] N8 = Hex.Decode("DDE59B97D722156D4D9AFF2BC7559826");
+		private static readonly byte[] A8 = Hex.Decode("54B9F04E6A09189A");
+		private static readonly byte[] P8 = Hex.Decode("1BDA122BCE8A8DBAF1877D962B8592DD2D56");
+		private static readonly byte[] C8 = Hex.Decode("2EC47B2C4954A489AFC7BA4897EDCDAE8CC33B60450599BD02C96382902AEF7F832A");
+		private static readonly byte[] T8 = Hex.Decode("3B60450599BD02C96382902AEF7F832A");
+
+		private static readonly byte[] K9 = Hex.Decode("A4A4782BCFFD3EC5E7EF6D8C34A56123");
+		private static readonly byte[] N9 = Hex.Decode("B781FCF2F75FA5A8DE97A9CA48E522EC");
+		private static readonly byte[] A9 = Hex.Decode("899A175897561D7E");
+		private static readonly byte[] P9 = Hex.Decode("6CF36720872B8513F6EAB1A8A44438D5EF11");
+		private static readonly byte[] C9 = Hex.Decode("0DE18FD0FDD91E7AF19F1D8EE8733938B1E8E7F6D2231618102FDB7FE55FF1991700");
+		private static readonly byte[] T9 = Hex.Decode("E7F6D2231618102FDB7FE55FF1991700");
+
+		private static readonly byte[] K10 = Hex.Decode("8395FCF1E95BEBD697BD010BC766AAC3");
+		private static readonly byte[] N10 = Hex.Decode("22E7ADD93CFC6393C57EC0B3C17D6B44");
+		private static readonly byte[] A10 = Hex.Decode("126735FCC320D25A");
+		private static readonly byte[] P10 = Hex.Decode("CA40D7446E545FFAED3BD12A740A659FFBBB3CEAB7");
+		private static readonly byte[] C10 = Hex.Decode("CB8920F87A6C75CFF39627B56E3ED197C552D295A7CFC46AFC253B4652B1AF3795B124AB6E");
+		private static readonly byte[] T10 = Hex.Decode("CFC46AFC253B4652B1AF3795B124AB6E");
+
+		private static readonly byte[] K11 = Hex.Decode("8395FCF1E95BEBD697BD010BC766AAC3");
+		private static readonly byte[] N11 = Hex.Decode("22E7ADD93CFC6393C57EC0B3C17D6B44");
+		private static readonly byte[] A11 = Hex.Decode("126735FCC320D25A");
+		private static readonly byte[] P11 = Hex.Decode("CA40D7446E545FFAED3BD12A740A659FFBBB3CEAB7");
+		private static readonly byte[] C11 = Hex.Decode("CB8920F87A6C75CFF39627B56E3ED197C552D295A7CFC46AFC");
+		private static readonly byte[] T11 = Hex.Decode("CFC46AFC");
+
+		private const int NONCE_LEN = 8;
+		private const int MAC_LEN = 8;
+		private const int AUTHEN_LEN = 20;
+
+		public override string Name
+		{
+			get { return "EAX"; }
+		}
+
+		public override void PerformTest()
+		{
+			checkVectors(1, K1, 128, N1, A1, P1, T1, C1);
+			checkVectors(2, K2, 128, N2, A2, P2, T2, C2);
+			checkVectors(3, K3, 128, N3, A3, P3, T3, C3);
+			checkVectors(4, K4, 128, N4, A4, P4, T4, C4);
+			checkVectors(5, K5, 128, N5, A5, P5, T5, C5);
+			checkVectors(6, K6, 128, N6, A6, P6, T6, C6);
+			checkVectors(7, K7, 128, N7, A7, P7, T7, C7);
+			checkVectors(8, K8, 128, N8, A8, P8, T8, C8);
+			checkVectors(9, K9, 128, N9, A9, P9, T9, C9);
+			checkVectors(10, K10, 128, N10, A10, P10, T10, C10);
+			checkVectors(11, K11, 32, N11, A11, P11, T11, C11);
+
+			EaxBlockCipher eax = new EaxBlockCipher(new AesEngine());
+			ivParamTest(1, eax, K1, N1);
+
+			//
+			// exception tests
+			//
+
+			try
+			{
+				eax.Init(false, new AeadParameters(new KeyParameter(K1), 32, N2, A2));
+
+				byte[] enc = new byte[C2.Length]; 
+				int len = eax.ProcessBytes(C2, 0, C2.Length, enc, 0);
+
+				len += eax.DoFinal(enc, len);
+
+				Fail("invalid cipher text not picked up");
+			}
+			catch (InvalidCipherTextException)
+			{
+				// expected
+			}
+
+			try
+			{
+				eax.Init(false, new KeyParameter(K1));
+
+				Fail("illegal argument not picked up");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+
+			randomTests();
+		}
+
+		private void checkVectors(
+			int				count,
+			byte[]			k,
+			int				macSize,
+			byte[]			n,
+			byte[]			a,
+			byte[]			p,
+			byte[]			t,
+			byte[]			c)
+        {
+            byte[] fa = new byte[a.Length / 2];
+            byte[] la = new byte[a.Length - (a.Length / 2)];
+            Array.Copy(a, 0, fa, 0, fa.Length);
+            Array.Copy(a, fa.Length, la, 0, la.Length);
+
+            checkVectors(count, "all initial associated data", k, macSize, n, a, null, p, t, c);
+            checkVectors(count, "subsequent associated data", k, macSize, n, null, a, p, t, c);
+            checkVectors(count, "split associated data", k, macSize, n, fa, la, p, t, c);
+        }
+
+        private void checkVectors(
+            int count,
+            string additionalDataType,
+            byte[] k,
+            int macSize,
+            byte[] n,
+            byte[] a,
+            byte[] sa,
+            byte[] p,
+            byte[] t,
+            byte[] c)
+        {
+			EaxBlockCipher encEax = new EaxBlockCipher(new AesFastEngine());
+			EaxBlockCipher decEax = new EaxBlockCipher(new AesFastEngine());
+
+			AeadParameters parameters = new AeadParameters(new KeyParameter(k), macSize, n, a);
+			encEax.Init(true, parameters);
+			decEax.Init(false, parameters);
+
+            runCheckVectors(count, encEax, decEax, additionalDataType, sa, p, t, c);
+            runCheckVectors(count, encEax, decEax, additionalDataType, sa, p, t, c);
+
+            // key reuse test
+            parameters = new AeadParameters(null, macSize, n, a);
+            encEax.Init(true, parameters);
+            decEax.Init(false, parameters);
+
+            runCheckVectors(count, encEax, decEax, additionalDataType, sa, p, t, c);
+            runCheckVectors(count, encEax, decEax, additionalDataType, sa, p, t, c);
+        }
+
+		private void runCheckVectors(
+			int				count,
+			EaxBlockCipher	encEax,
+			EaxBlockCipher	decEax,
+            string          additionalDataType,
+            byte[]          sa,
+            byte[]          p,
+			byte[]			t,
+			byte[]			c)
+		{
+			byte[] enc = new byte[c.Length];
+
+            if (sa != null)
+            {
+                encEax.ProcessAadBytes(sa, 0, sa.Length);
+            }
+
+			int len = encEax.ProcessBytes(p, 0, p.Length, enc, 0);
+
+			len += encEax.DoFinal(enc, len);
+
+			if (!AreEqual(c, enc))
+			{
+                Fail("encrypted stream fails to match in test " + count + " with " + additionalDataType);
+            }
+
+			byte[] tmp = new byte[enc.Length];
+
+            if (sa != null)
+            {
+                decEax.ProcessAadBytes(sa, 0, sa.Length);
+            }
+
+            len = decEax.ProcessBytes(enc, 0, enc.Length, tmp, 0);
+
+			len += decEax.DoFinal(tmp, len);
+
+			byte[] dec = new byte[len];
+
+			Array.Copy(tmp, 0, dec, 0, len);
+
+			if (!AreEqual(p, dec))
+			{
+                Fail("decrypted stream fails to match in test " + count + " with " + additionalDataType);
+            }
+
+			if (!AreEqual(t, decEax.GetMac()))
+			{
+                Fail("MAC fails to match in test " + count + " with " + additionalDataType);
+            }
+		}
+
+        private void ivParamTest(
+			int					count,
+			IAeadBlockCipher	eax,
+			byte[]				k,
+			byte[]				n)
+		{
+			byte[] p = Encoding.ASCII.GetBytes("hello world!!");
+
+			eax.Init(true, new ParametersWithIV(new KeyParameter(k), n));
+
+			byte[] enc = new byte[p.Length + 8];
+
+			int len = eax.ProcessBytes(p, 0, p.Length, enc, 0);
+
+			len += eax.DoFinal(enc, len);
+
+			eax.Init(false, new ParametersWithIV(new KeyParameter(k), n));
+
+			byte[] tmp = new byte[enc.Length];
+
+			len = eax.ProcessBytes(enc, 0, enc.Length, tmp, 0);
+
+			len += eax.DoFinal(tmp, len);
+
+			byte[] dec = new byte[len];
+
+			Array.Copy(tmp, 0, dec, 0, len);
+
+			if (!AreEqual(p, dec))
+			{
+				Fail("decrypted stream fails to match in test " + count);
+			}
+		}
+
+		private void randomTests()
+		{
+			SecureRandom srng = new SecureRandom();
+			for (int i = 0; i < 10; ++i)
+			{
+				randomTest(srng);
+			}
+		}
+
+		private void randomTest(
+			SecureRandom srng)
+		{
+			int DAT_LEN = srng.Next(1024);
+			byte[] nonce = new byte[NONCE_LEN];
+			byte[] authen = new byte[AUTHEN_LEN];
+			byte[] datIn = new byte[DAT_LEN];
+			byte[] key = new byte[16];
+			srng.NextBytes(nonce);
+			srng.NextBytes(authen);
+			srng.NextBytes(datIn);
+			srng.NextBytes(key);
+
+			AesFastEngine engine = new AesFastEngine();
+			KeyParameter sessKey = new KeyParameter(key);
+			EaxBlockCipher eaxCipher = new EaxBlockCipher(engine);
+
+			AeadParameters parameters = new AeadParameters(sessKey, MAC_LEN * 8, nonce, authen);
+			eaxCipher.Init(true, parameters);
+
+			byte[] intrDat = new byte[eaxCipher.GetOutputSize(datIn.Length)];
+			int outOff = eaxCipher.ProcessBytes(datIn, 0, DAT_LEN, intrDat, 0);
+			outOff += eaxCipher.DoFinal(intrDat, outOff);
+
+			eaxCipher.Init(false, parameters);
+			byte[] datOut = new byte[eaxCipher.GetOutputSize(outOff)];
+			int resultLen = eaxCipher.ProcessBytes(intrDat, 0, outOff, datOut, 0);
+			eaxCipher.DoFinal(datOut, resultLen);
+
+			if (!AreEqual(datIn, datOut))
+			{
+				Fail("EAX roundtrip failed to match");
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new EaxTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/ECDHKEKGeneratorTest.cs b/crypto/test/src/crypto/test/ECDHKEKGeneratorTest.cs
new file mode 100644
index 000000000..250b2ca22
--- /dev/null
+++ b/crypto/test/src/crypto/test/ECDHKEKGeneratorTest.cs
@@ -0,0 +1,80 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Crypto.Agreement.Kdf;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/// <remarks>ECDHKEK Generator tests.</remarks>
+	[TestFixture]
+	public class ECDHKekGeneratorTest
+		: SimpleTest
+	{
+		private byte[] seed1 = Hex.Decode("db4a8daba1f98791d54e940175dd1a5f3a0826a1066aa9b668d4dc1e1e0790158dcad1533c03b44214d1b61fefa8b579");
+		private DerObjectIdentifier alg1 = NistObjectIdentifiers.IdAes256Wrap;
+		private byte[] result1 = Hex.Decode("8ecc6d85caf25eaba823a7d620d4ab0d33e4c645f2");
+
+		private byte[] seed2 = Hex.Decode("75d7487b5d3d2bfb3c69ce0365fe64e3bfab5d0d63731628a9f47eb8fddfa28c65decaf228a0b38f0c51c6a3356d7c56");
+		private DerObjectIdentifier alg2 = NistObjectIdentifiers.IdAes128Wrap;
+		private byte[] result2 = Hex.Decode("042be1faca3a4a8fc859241bfb87ba35");
+
+		private byte[] seed3 = Hex.Decode("fdeb6d809f997e8ac174d638734dc36d37aaf7e876e39967cd82b1cada3de772449788461ee7f856bad9305627f8e48b");
+		private DerObjectIdentifier alg3 = PkcsObjectIdentifiers.IdAlgCms3DesWrap;
+		private byte[] result3 = Hex.Decode("bcd701fc92109b1b9d6f3b6497ad5ca9627fa8a597010305");
+
+		public ECDHKekGeneratorTest()
+		{
+		}
+
+		public override void PerformTest()
+		{
+			CheckMask(1, new ECDHKekGenerator(new Sha1Digest()), new DHKdfParameters(alg1, 256, seed1), result1);
+			CheckMask(2, new ECDHKekGenerator(new Sha1Digest()), new DHKdfParameters(alg2, 128, seed2), result2);
+			CheckMask(3, new ECDHKekGenerator(new Sha1Digest()), new DHKdfParameters(alg3, 192, seed3), result3);
+		}
+
+		private void CheckMask(
+			int						count,
+			IDerivationFunction		kdf,
+			IDerivationParameters	parameters,
+			byte[]					result)
+		{
+			byte[] data = new byte[result.Length];
+
+			kdf.Init(parameters);
+
+			kdf.GenerateBytes(data, 0, data.Length);
+
+			if (!AreEqual(result, data))
+			{
+				Fail("ECDHKekGenerator failed generator test " + count);
+			}
+		}
+
+		public override string Name
+		{
+			get { return "ECDHKekGenerator"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new ECDHKekGeneratorTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/ECGOST3410Test.cs b/crypto/test/src/crypto/test/ECGOST3410Test.cs
new file mode 100644
index 000000000..c04ba9047
--- /dev/null
+++ b/crypto/test/src/crypto/test/ECGOST3410Test.cs
@@ -0,0 +1,335 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	 *  ECGOST3410 tests are taken from GOST R 34.10-2001.
+	 */
+	[TestFixture]
+	public class ECGost3410Test
+		: SimpleTest
+	{
+		private static readonly byte[] hashmessage = Hex.Decode("3042453136414534424341374533364339313734453431443642453241453435");
+
+		/**
+		* ECGOST3410 over the field Fp<br/>
+		*/
+		BigInteger r = new BigInteger("29700980915817952874371204983938256990422752107994319651632687982059210933395");
+		BigInteger s = new BigInteger("574973400270084654178925310019147038455227042649098563933718999175515839552");
+
+		byte[] kData = new BigInteger("53854137677348463731403841147996619241504003434302020712960838528893196233395").ToByteArray();
+
+		private readonly SecureRandom k;
+
+		public ECGost3410Test()
+		{
+			k = FixedSecureRandom.From(kData);
+		}
+
+		private void ecGOST3410_TEST()
+		{
+			BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); //p
+
+			FpCurve curve = new FpCurve(
+				mod_p, // p
+				new BigInteger("7"), // a
+				new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414")); // b
+
+			ECDomainParameters parameters = new ECDomainParameters(
+				curve,
+				new FpPoint(curve,
+				new FpFieldElement(mod_p,new BigInteger("2")), // x
+				new FpFieldElement(mod_p,new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280"))), // y
+				new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619")); // q
+
+			ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
+				"ECGOST3410",
+				new BigInteger("55441196065363246126355624130324183196576709222340016572108097750006097525544"), // d
+				parameters);
+
+			ParametersWithRandom param = new ParametersWithRandom(priKey, k);
+
+			ECGost3410Signer ecgost3410 = new ECGost3410Signer();
+
+			ecgost3410.Init(true, param);
+
+			byte[] mVal = new BigInteger("20798893674476452017134061561508270130637142515379653289952617252661468872421").ToByteArray();
+			byte[] message = new byte[mVal.Length];
+
+			for (int i = 0; i != mVal.Length; i++)
+			{
+				message[i] = mVal[mVal.Length - 1 - i];
+			}
+
+			BigInteger[] sig = ecgost3410.GenerateSignature(message);
+
+			if (!r.Equals(sig[0]))
+			{
+				Fail("r component wrong.", r, sig[0]);
+			}
+
+			if (!s.Equals(sig[1]))
+			{
+				Fail("s component wrong.", s, sig[1]);
+			}
+
+			// Verify the signature
+			ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+				"ECGOST3410",
+				new FpPoint(curve,
+				new FpFieldElement(mod_p, new BigInteger("57520216126176808443631405023338071176630104906313632182896741342206604859403")), // x
+				new FpFieldElement(mod_p, new BigInteger("17614944419213781543809391949654080031942662045363639260709847859438286763994"))), // y
+				parameters);
+
+			ecgost3410.Init(false, pubKey);
+			if (!ecgost3410.VerifySignature(message, sig[0], sig[1]))
+			{
+				Fail("verification fails");
+			}
+		}
+
+		/**
+		 * Test Sign and Verify with test parameters
+		 * see: http://www.ietf.org/internet-drafts/draft-popov-cryptopro-cpalgs-01.txt
+		 * gostR3410-2001-TestParamSet  P.46
+		 */
+		private void ecGOST3410_TestParam()
+		{
+			SecureRandom    random = new SecureRandom();
+
+			BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); //p
+
+			FpCurve curve = new FpCurve(
+				mod_p, // p
+				new BigInteger("7"), // a
+				new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414")); // b
+
+			ECDomainParameters parameters = new ECDomainParameters(
+								   curve,
+								   new FpPoint(curve,
+								   new FpFieldElement(mod_p,new BigInteger("2")), // x
+								   new FpFieldElement(mod_p,new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280"))), // y
+								   new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619")); // q
+
+			ECKeyPairGenerator          pGen = new ECKeyPairGenerator();
+			ECKeyGenerationParameters   genParam = new ECKeyGenerationParameters(
+				parameters,
+				random);
+
+			pGen.Init(genParam);
+
+			AsymmetricCipherKeyPair  pair = pGen.GenerateKeyPair();
+
+			ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
+
+			ECGost3410Signer ecgost3410 = new ECGost3410Signer();
+
+			ecgost3410.Init(true, param);
+
+			//get hash message using the digest GOST3411.
+			byte[] message = Encoding.ASCII.GetBytes("Message for sign");
+			Gost3411Digest gost3411 = new Gost3411Digest();
+			gost3411.BlockUpdate(message, 0, message.Length);
+			byte[] hashmessage = new byte[gost3411.GetDigestSize()];
+			gost3411.DoFinal(hashmessage, 0);
+
+			BigInteger[] sig = ecgost3410.GenerateSignature(hashmessage);
+
+			ecgost3410.Init(false, pair.Public);
+
+			if (!ecgost3410.VerifySignature(hashmessage, sig[0], sig[1]))
+			{
+				Fail("signature fails");
+			}
+		}
+
+		/**
+		 * Test Sign and Verify with A parameters
+		 * see: http://www.ietf.org/internet-drafts/draft-popov-cryptopro-cpalgs-01.txt
+		 * gostR3410-2001-CryptoPro-A-ParamSet  P.47
+		 */
+		public void ecGOST3410_AParam()
+		{
+			SecureRandom    random = new SecureRandom();
+
+			BigInteger mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319"); //p
+
+			FpCurve curve = new FpCurve(
+				mod_p, // p
+				new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), // a
+				new BigInteger("166")); // b
+
+			ECDomainParameters parameters = new ECDomainParameters(
+				curve,
+				new FpPoint(curve,
+				new FpFieldElement(mod_p, new BigInteger("1")), // x
+				new FpFieldElement(mod_p, new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612"))), // y
+				new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323")); // q
+
+			ECKeyPairGenerator pGen = new ECKeyPairGenerator("ECGOST3410");
+			ECKeyGenerationParameters genParam = new ECKeyGenerationParameters(
+				parameters,
+				random);
+
+			pGen.Init(genParam);
+
+			AsymmetricCipherKeyPair  pair = pGen.GenerateKeyPair();
+
+			ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
+
+			ECGost3410Signer ecgost3410 = new ECGost3410Signer();
+
+			ecgost3410.Init(true, param);
+
+			BigInteger[] sig = ecgost3410.GenerateSignature(hashmessage);
+
+			ecgost3410.Init(false, pair.Public);
+
+			if (!ecgost3410.VerifySignature(hashmessage, sig[0], sig[1]))
+			{
+				Fail("signature fails");
+			}
+		}
+
+		/**
+		 * Test Sign and Verify with B parameters
+		 * see: http://www.ietf.org/internet-drafts/draft-popov-cryptopro-cpalgs-01.txt
+		 * gostR3410-2001-CryptoPro-B-ParamSet  P.47-48
+		 */
+		private void ecGOST3410_BParam()
+		{
+			SecureRandom random = new SecureRandom();
+
+			BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823193"); //p
+
+			FpCurve curve = new FpCurve(
+				mod_p, // p
+				new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823190"), // a
+				new BigInteger("28091019353058090096996979000309560759124368558014865957655842872397301267595")); // b
+
+			ECDomainParameters parameters = new ECDomainParameters(
+				curve,
+				new FpPoint(curve,
+				new FpFieldElement(mod_p,new BigInteger("1")), // x
+				new FpFieldElement(mod_p,new BigInteger("28792665814854611296992347458380284135028636778229113005756334730996303888124"))), // y
+				new BigInteger("57896044618658097711785492504343953927102133160255826820068844496087732066703")); // q
+
+			ECKeyPairGenerator pGen = new ECKeyPairGenerator("ECGOST3410");
+			ECKeyGenerationParameters genParam = new ECKeyGenerationParameters(
+				parameters,
+				random);
+
+			pGen.Init(genParam);
+
+			AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair();
+
+			ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
+
+			ECGost3410Signer ecgost3410 = new ECGost3410Signer();
+
+			ecgost3410.Init(true, param);
+
+			BigInteger[] sig = ecgost3410.GenerateSignature(hashmessage);
+
+			ecgost3410.Init(false, pair.Public);
+
+			if (!ecgost3410.VerifySignature(hashmessage, sig[0], sig[1]))
+			{
+				Fail("signature fails");
+			}
+		}
+
+		/**
+		 * Test Sign and Verify with C parameters
+		 * see: http://www.ietf.org/internet-drafts/draft-popov-cryptopro-cpalgs-01.txt
+		 * gostR3410-2001-CryptoPro-C-ParamSet  P.48
+		 */
+		private void ecGOST3410_CParam()
+		{
+			SecureRandom random = new SecureRandom();
+
+			BigInteger mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619"); //p
+
+			FpCurve curve = new FpCurve(
+				mod_p, // p
+				new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"), // a
+				new BigInteger("32858")); // b
+
+			ECDomainParameters parameters = new ECDomainParameters(
+				curve,
+				new FpPoint(curve,
+				new FpFieldElement(mod_p,new BigInteger("0")), // x
+				new FpFieldElement(mod_p,new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247"))), // y
+				new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601")); // q
+
+			ECKeyPairGenerator pGen = new ECKeyPairGenerator("ECGOST3410");
+			ECKeyGenerationParameters genParam = new ECKeyGenerationParameters(
+				parameters,
+				random);
+
+			pGen.Init(genParam);
+
+			AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair();
+
+			ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
+
+			ECGost3410Signer ecgost3410 = new ECGost3410Signer();
+
+			ecgost3410.Init(true, param);
+
+			BigInteger[] sig = ecgost3410.GenerateSignature(hashmessage);
+
+			ecgost3410.Init(false, pair.Public);
+
+			if (!ecgost3410.VerifySignature(hashmessage, sig[0], sig[1]))
+			{
+				Fail("signature fails");
+			}
+		}
+
+		public override string Name
+		{
+			get { return "ECGOST3410"; }
+		}
+
+		public override void PerformTest()
+		{
+			ecGOST3410_TEST();
+			ecGOST3410_TestParam();
+			ecGOST3410_AParam();
+			ecGOST3410_BParam();
+			ecGOST3410_CParam();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ECGost3410Test test = new ECGost3410Test();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/ECIESTest.cs b/crypto/test/src/crypto/test/ECIESTest.cs
new file mode 100644
index 000000000..383750b14
--- /dev/null
+++ b/crypto/test/src/crypto/test/ECIESTest.cs
@@ -0,0 +1,246 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Agreement;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Paddings;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/// <remarks>Test for ECIES - Elliptic Curve Integrated Encryption Scheme</remarks>
+	[TestFixture]
+	public class EcIesTest
+		: SimpleTest
+	{
+		public EcIesTest()
+		{
+		}
+
+		public override string Name
+		{
+			get { return "ECIES"; }
+		}
+
+		private void StaticTest()
+		{
+			FpCurve curve = new FpCurve(
+				new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q
+				new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a
+				new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b
+
+			ECDomainParameters parameters = new ECDomainParameters(
+				curve,
+				curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G
+				new BigInteger("6277101735386680763835789423176059013767194773182842284081")); // n
+
+			ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
+				"ECDH",
+				new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d
+				parameters);
+
+			ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+				"ECDH",
+				curve.DecodePoint(Hex.Decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q
+				parameters);
+
+			AsymmetricCipherKeyPair p1 = new AsymmetricCipherKeyPair(pubKey, priKey);
+			AsymmetricCipherKeyPair p2 = new AsymmetricCipherKeyPair(pubKey, priKey);
+
+			//
+			// stream test
+			//
+			IesEngine i1 = new IesEngine(
+				new ECDHBasicAgreement(),
+				new Kdf2BytesGenerator(new Sha1Digest()),
+				new HMac(new Sha1Digest()));
+			IesEngine i2 = new IesEngine(
+				new ECDHBasicAgreement(),
+				new Kdf2BytesGenerator(new Sha1Digest()),
+				new HMac(new Sha1Digest()));
+			byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
+			byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
+			IesParameters p = new IesParameters(d, e, 64);
+
+			i1.Init(true, p1.Private, p2.Public, p);
+			i2.Init(false, p2.Private, p1.Public, p);
+
+			byte[] message = Hex.Decode("1234567890abcdef");
+
+			byte[] out1 = i1.ProcessBlock(message, 0, message.Length);
+
+			if (!AreEqual(out1, Hex.Decode("468d89877e8238802403ec4cb6b329faeccfa6f3a730f2cdb3c0a8e8")))
+			{
+				Fail("stream cipher test failed on enc");
+			}
+
+			byte[] out2 = i2.ProcessBlock(out1, 0, out1.Length);
+
+			if (!AreEqual(out2, message))
+			{
+				Fail("stream cipher test failed");
+			}
+
+			//
+			// twofish with CBC
+			//
+			BufferedBlockCipher c1 = new PaddedBufferedBlockCipher(
+				new CbcBlockCipher(new TwofishEngine()));
+			BufferedBlockCipher c2 = new PaddedBufferedBlockCipher(
+				new CbcBlockCipher(new TwofishEngine()));
+			i1 = new IesEngine(
+				new ECDHBasicAgreement(),
+				new Kdf2BytesGenerator(new Sha1Digest()),
+				new HMac(new Sha1Digest()),
+				c1);
+			i2 = new IesEngine(
+				new ECDHBasicAgreement(),
+				new Kdf2BytesGenerator(new Sha1Digest()),
+				new HMac(new Sha1Digest()),
+				c2);
+			d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
+			e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
+			p = new IesWithCipherParameters(d, e, 64, 128);
+
+			i1.Init(true, p1.Private, p2.Public, p);
+			i2.Init(false, p2.Private, p1.Public, p);
+
+			message = Hex.Decode("1234567890abcdef");
+
+			out1 = i1.ProcessBlock(message, 0, message.Length);
+
+			if (!AreEqual(out1, Hex.Decode("b8a06ea5c2b9df28b58a0a90a734cde8c9c02903e5c220021fe4417410d1e53a32a71696")))
+			{
+				Fail("twofish cipher test failed on enc");
+			}
+
+			out2 = i2.ProcessBlock(out1, 0, out1.Length);
+
+			if (!AreEqual(out2, message))
+			{
+				Fail("twofish cipher test failed");
+			}
+		}
+
+		private void DoTest(
+			AsymmetricCipherKeyPair	p1,
+			AsymmetricCipherKeyPair	p2)
+		{
+			//
+			// stream test
+			//
+			IesEngine i1 = new IesEngine(
+				new ECDHBasicAgreement(),
+				new Kdf2BytesGenerator(new Sha1Digest()),
+				new HMac(new Sha1Digest()));
+			IesEngine i2 = new IesEngine(
+				new ECDHBasicAgreement(),
+				new Kdf2BytesGenerator(new Sha1Digest()),
+				new HMac(new Sha1Digest()));
+			byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
+			byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
+			IesParameters  p = new IesParameters(d, e, 64);
+
+			i1.Init(true, p1.Private, p2.Public, p);
+			i2.Init(false, p2.Private, p1.Public, p);
+
+			byte[] message = Hex.Decode("1234567890abcdef");
+
+			byte[] out1 = i1.ProcessBlock(message, 0, message.Length);
+
+			byte[] out2 = i2.ProcessBlock(out1, 0, out1.Length);
+
+			if (!AreEqual(out2, message))
+			{
+				Fail("stream cipher test failed");
+			}
+
+			//
+			// twofish with CBC
+			//
+			BufferedBlockCipher c1 = new PaddedBufferedBlockCipher(
+				new CbcBlockCipher(new TwofishEngine()));
+			BufferedBlockCipher c2 = new PaddedBufferedBlockCipher(
+				new CbcBlockCipher(new TwofishEngine()));
+			i1 = new IesEngine(
+				new ECDHBasicAgreement(),
+				new Kdf2BytesGenerator(new Sha1Digest()),
+				new HMac(new Sha1Digest()),
+				c1);
+			i2 = new IesEngine(
+				new ECDHBasicAgreement(),
+				new Kdf2BytesGenerator(new Sha1Digest()),
+				new HMac(new Sha1Digest()),
+				c2);
+			d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
+			e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
+			p = new IesWithCipherParameters(d, e, 64, 128);
+
+			i1.Init(true, p1.Private, p2.Public, p);
+			i2.Init(false, p2.Private, p1.Public, p);
+
+			message = Hex.Decode("1234567890abcdef");
+
+			out1 = i1.ProcessBlock(message, 0, message.Length);
+
+			out2 = i2.ProcessBlock(out1, 0, out1.Length);
+
+			if (!AreEqual(out2, message))
+			{
+				Fail("twofish cipher test failed");
+			}
+		}
+
+		public override void PerformTest()
+		{
+			StaticTest();
+
+			FpCurve curve = new FpCurve(
+				new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q
+				new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a
+				new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b
+
+			ECDomainParameters parameters = new ECDomainParameters(
+				curve,
+				curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G
+				new BigInteger("6277101735386680763835789423176059013767194773182842284081")); // n
+
+			ECKeyPairGenerator eGen = new ECKeyPairGenerator();
+			KeyGenerationParameters gParam = new ECKeyGenerationParameters(parameters, new SecureRandom());
+
+			eGen.Init(gParam);
+
+			AsymmetricCipherKeyPair p1 = eGen.GenerateKeyPair();
+			AsymmetricCipherKeyPair p2 = eGen.GenerateKeyPair();
+
+			DoTest(p1, p2);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new EcIesTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/ECNRTest.cs b/crypto/test/src/crypto/test/ECNRTest.cs
new file mode 100644
index 000000000..c477fe625
--- /dev/null
+++ b/crypto/test/src/crypto/test/ECNRTest.cs
@@ -0,0 +1,115 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	 * ECNR tests.
+	 */
+	[TestFixture]
+	public class EcNrTest
+		: SimpleTest
+	{
+		/**
+			* a basic regression test with 239 bit prime
+			*/
+		BigInteger r = new BigInteger("308636143175167811492623515537541734843573549327605293463169625072911693");
+		BigInteger s = new BigInteger("852401710738814635664888632022555967400445256405412579597015412971797143");
+
+		byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655"));
+
+		private readonly SecureRandom k;
+
+		public EcNrTest()
+		{
+			k = FixedSecureRandom.From(kData);
+		}
+
+		private void ecNR239bitPrime()
+		{
+			FpCurve curve = new FpCurve(
+				new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
+				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+
+			ECDomainParameters parameters = new ECDomainParameters(
+				curve,
+				curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
+				new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n
+
+			ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
+				new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d
+				parameters);
+
+			ECNRSigner ecnr = new ECNRSigner();
+			ParametersWithRandom param = new ParametersWithRandom(priKey, k);
+
+			ecnr.Init(true, param);
+
+			byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray();
+			BigInteger[] sig = ecnr.GenerateSignature(message);
+
+			if (!r.Equals(sig[0]))
+			{
+				Fail("r component wrong.", r, sig[0]);
+			}
+
+			if (!s.Equals(sig[1]))
+			{
+				Fail("s component wrong.", s, sig[1]);
+			}
+
+			// Verify the signature
+			ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+				curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
+				parameters);
+
+			ecnr.Init(false, pubKey);
+			if (!ecnr.VerifySignature(message, sig[0], sig[1]))
+			{
+				Fail("signature fails");
+			}
+		}
+
+		public override string Name
+		{
+			get
+			{
+				return "ECNR";
+			}
+		}
+
+		public override void PerformTest()
+		{
+			ecNR239bitPrime();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			EcNrTest test = new EcNrTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/ECTest.cs b/crypto/test/src/crypto/test/ECTest.cs
new file mode 100644
index 000000000..70702e730
--- /dev/null
+++ b/crypto/test/src/crypto/test/ECTest.cs
@@ -0,0 +1,919 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Agreement;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	 * ECDSA tests are taken from X9.62.
+	 */
+	[TestFixture]
+	public class ECTest
+		: SimpleTest
+	{
+		/**
+		* X9.62 - 1998,<br/>
+		* J.3.1, Page 152, ECDSA over the field Fp<br/>
+		* an example with 192 bit prime
+		*/
+		[Test]
+		public void TestECDsa192bitPrime()
+		{
+			BigInteger r = new BigInteger("3342403536405981729393488334694600415596881826869351677613");
+			BigInteger s = new BigInteger("5735822328888155254683894997897571951568553642892029982342");
+
+			byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("6140507067065001063065065565667405560006161556565665656654"));
+
+			SecureRandom k = FixedSecureRandom.From(kData);
+
+			FpCurve curve = new FpCurve(
+				new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q
+				new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a
+				new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b
+
+			ECDomainParameters parameters = new ECDomainParameters(
+				curve,
+				curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G
+				new BigInteger("6277101735386680763835789423176059013767194773182842284081")); // n
+
+			ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
+				"ECDSA",
+				new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d
+				parameters);
+
+			ParametersWithRandom param = new ParametersWithRandom(priKey, k);
+
+			ECDsaSigner ecdsa = new ECDsaSigner();
+
+			ecdsa.Init(true, param);
+
+			byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray();
+			BigInteger[] sig = ecdsa.GenerateSignature(message);
+
+			if (!r.Equals(sig[0]))
+			{
+				Fail("r component wrong." + SimpleTest.NewLine
+					+ " expecting: " + r + SimpleTest.NewLine
+					+ " got      : " + sig[0]);
+			}
+
+			if (!s.Equals(sig[1]))
+			{
+				Fail("s component wrong." + SimpleTest.NewLine
+					+ " expecting: " + s + SimpleTest.NewLine
+					+ " got      : " + sig[1]);
+			}
+
+			// Verify the signature
+			ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+				"ECDSA",
+				curve.DecodePoint(Hex.Decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q
+				parameters);
+
+			ecdsa.Init(false, pubKey);
+			if (!ecdsa.VerifySignature(message, sig[0], sig[1]))
+			{
+				Fail("verification fails");
+			}
+		}
+
+		[Test]
+		public void TestDecode()
+		{
+			FpCurve curve = new FpCurve(
+				new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q
+				new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a
+				new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b
+
+			ECPoint p = curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012"));
+
+			if (!p.X.ToBigInteger().Equals(new BigInteger("188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", 16)))
+			{
+				Fail("x uncompressed incorrectly");
+			}
+
+			if (!p.Y.ToBigInteger().Equals(new BigInteger("7192b95ffc8da78631011ed6b24cdd573f977a11e794811", 16)))
+			{
+				Fail("y uncompressed incorrectly");
+			}
+
+			byte[] encoding = p.GetEncoded();
+
+			if (!AreEqual(encoding, Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")))
+			{
+				Fail("point compressed incorrectly");
+			}
+		}
+
+		/**
+		 * X9.62 - 1998,<br/>
+		 * J.3.2, Page 155, ECDSA over the field Fp<br/>
+		 * an example with 239 bit prime
+		 */
+		[Test]
+		public void TestECDsa239bitPrime()
+		{
+			BigInteger r = new BigInteger("308636143175167811492622547300668018854959378758531778147462058306432176");
+			BigInteger s = new BigInteger("323813553209797357708078776831250505931891051755007842781978505179448783");
+
+			byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655"));
+
+			SecureRandom k = FixedSecureRandom.From(kData);
+
+			FpCurve curve = new FpCurve(
+				new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
+				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+
+			ECDomainParameters parameters = new ECDomainParameters(
+				curve,
+				curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
+				new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n
+
+			ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
+				"ECDSA",
+				new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d
+				parameters);
+
+			ECDsaSigner ecdsa = new ECDsaSigner();
+			ParametersWithRandom param = new ParametersWithRandom(priKey, k);
+
+			ecdsa.Init(true, param);
+
+			byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray();
+			BigInteger[] sig = ecdsa.GenerateSignature(message);
+
+			if (!r.Equals(sig[0]))
+			{
+				Fail("r component wrong." + SimpleTest.NewLine
+					+ " expecting: " + r + SimpleTest.NewLine
+					+ " got      : " + sig[0]);
+			}
+
+			if (!s.Equals(sig[1]))
+			{
+				Fail("s component wrong." + SimpleTest.NewLine
+					+ " expecting: " + s + SimpleTest.NewLine
+					+ " got      : " + sig[1]);
+			}
+
+			// Verify the signature
+			ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+				"ECDSA",
+				curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
+				parameters);
+
+			ecdsa.Init(false, pubKey);
+			if (!ecdsa.VerifySignature(message, sig[0], sig[1]))
+			{
+				Fail("signature fails");
+			}
+		}
+
+
+		/**
+		 * X9.62 - 1998,<br/>
+		 * J.2.1, Page 100, ECDSA over the field F2m<br/>
+		 * an example with 191 bit binary field
+		 */
+		[Test]
+		public void TestECDsa191bitBinary()
+		{
+			BigInteger r = new BigInteger("87194383164871543355722284926904419997237591535066528048");
+			BigInteger s = new BigInteger("308992691965804947361541664549085895292153777025772063598");
+
+			byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("1542725565216523985789236956265265265235675811949404040041"));
+
+			SecureRandom k = FixedSecureRandom.From(kData);
+
+			F2mCurve curve = new F2mCurve(
+				191, // m
+				9, //k
+				new BigInteger("2866537B676752636A68F56554E12640276B649EF7526267", 16), // a
+				new BigInteger("2E45EF571F00786F67B0081B9495A3D95462F5DE0AA185EC", 16)); // b
+
+			ECDomainParameters parameters = new ECDomainParameters(
+				curve,
+				curve.DecodePoint(Hex.Decode("0436B3DAF8A23206F9C4F299D7B21A9C369137F2C84AE1AA0D765BE73433B3F95E332932E70EA245CA2418EA0EF98018FB")), // G
+				new BigInteger("1569275433846670190958947355803350458831205595451630533029"), // n
+				BigInteger.Two); // h
+
+			ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
+				"ECDSA",
+				new BigInteger("1275552191113212300012030439187146164646146646466749494799"), // d
+				parameters);
+
+			ECDsaSigner ecdsa = new ECDsaSigner();
+			ParametersWithRandom param = new ParametersWithRandom(priKey, k);
+
+			ecdsa.Init(true, param);
+
+			byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray();
+			BigInteger[] sig = ecdsa.GenerateSignature(message);
+
+			if (!r.Equals(sig[0]))
+			{
+				Fail("r component wrong." + SimpleTest.NewLine
+					+ " expecting: " + r + SimpleTest.NewLine
+					+ " got      : " + sig[0]);
+			}
+
+			if (!s.Equals(sig[1]))
+			{
+				Fail("s component wrong." + SimpleTest.NewLine
+					+ " expecting: " + s + SimpleTest.NewLine
+					+ " got      : " + sig[1]);
+			}
+
+			// Verify the signature
+			ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+				"ECDSA",
+				curve.DecodePoint(Hex.Decode("045DE37E756BD55D72E3768CB396FFEB962614DEA4CE28A2E755C0E0E02F5FB132CAF416EF85B229BBB8E1352003125BA1")), // Q
+				parameters);
+
+			ecdsa.Init(false, pubKey);
+			if (!ecdsa.VerifySignature(message, sig[0], sig[1]))
+			{
+				Fail("signature fails");
+			}
+		}
+
+		/**
+		 * X9.62 - 1998,<br/>
+		 * J.2.1, Page 100, ECDSA over the field F2m<br/>
+		 * an example with 191 bit binary field
+		 */
+		[Test]
+		public void TestECDsa239bitBinary()
+		{
+			BigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552");
+			BigInteger s = new BigInteger("197030374000731686738334997654997227052849804072198819102649413465737174");
+
+			byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363"));
+
+			SecureRandom k = FixedSecureRandom.From(kData);
+
+			F2mCurve curve = new F2mCurve(
+				239, // m
+				36, //k
+				new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a
+				new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b
+
+			ECDomainParameters parameters = new ECDomainParameters(
+				curve,
+				curve.DecodePoint(Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G
+				new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783"), // n
+				BigInteger.ValueOf(4)); // h
+
+			ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
+				"ECDSA",
+				new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d
+				parameters);
+
+			ECDsaSigner ecdsa = new ECDsaSigner();
+			ParametersWithRandom param = new ParametersWithRandom(priKey, k);
+
+			ecdsa.Init(true, param);
+
+			byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray();
+			BigInteger[] sig = ecdsa.GenerateSignature(message);
+
+			if (!r.Equals(sig[0]))
+			{
+				Fail("r component wrong." + SimpleTest.NewLine
+					+ " expecting: " + r + SimpleTest.NewLine
+					+ " got      : " + sig[0]);
+			}
+
+			if (!s.Equals(sig[1]))
+			{
+				Fail("s component wrong." + SimpleTest.NewLine
+					+ " expecting: " + s + SimpleTest.NewLine
+					+ " got      : " + sig[1]);
+			}
+
+			// Verify the signature
+			ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+				"ECDSA",
+				curve.DecodePoint(Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q
+				parameters);
+
+			ecdsa.Init(false, pubKey);
+			if (!ecdsa.VerifySignature(message, sig[0], sig[1]))
+			{
+				Fail("signature fails");
+			}
+		}
+
+		// L 4.1  X9.62 2005
+		[Test]
+		public void TestECDsaP224Sha224()
+		{
+			X9ECParameters p = NistNamedCurves.GetByName("P-224");
+			ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
+			ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
+				new BigInteger("6081831502424510080126737029209236539191290354021104541805484120491"), // d
+				parameters);
+			SecureRandom k = FixedSecureRandom.From(BigIntegers.AsUnsignedByteArray(new BigInteger("15456715103636396133226117016818339719732885723579037388121116732601")));
+        
+			byte[] M = Hex.Decode("8797A3C693CC292441039A4E6BAB7387F3B4F2A63D00ED384B378C79");
+
+			ECDsaSigner dsa = new ECDsaSigner();
+
+			dsa.Init(true, new ParametersWithRandom(priKey, k));
+
+			BigInteger[] sig = dsa.GenerateSignature(M);
+
+			BigInteger r = new BigInteger("26477406756127720855365980332052585411804331993436302005017227573742");
+			BigInteger s = new BigInteger("17694958233103667059888193972742186995283044672015112738919822429978");
+        
+			if (!r.Equals(sig[0]))
+			{
+				Fail("r component wrong." + SimpleTest.NewLine
+					+ " expecting: " + r + SimpleTest.NewLine
+					+ " got      : " + sig[0]);
+			}
+
+			if (!s.Equals(sig[1]))
+			{
+				Fail("s component wrong." + SimpleTest.NewLine
+					+ " expecting: " + s + SimpleTest.NewLine
+					+ " got      : " + sig[1]);
+			}
+
+			// Verify the signature
+			ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+				parameters.Curve.DecodePoint(Hex.Decode("03FD44EC11F9D43D9D23B1E1D1C9ED6519B40ECF0C79F48CF476CC43F1")), // Q
+				parameters);
+
+			dsa.Init(false, pubKey);
+			if (!dsa.VerifySignature(M, sig[0], sig[1]))
+			{
+				Fail("signature fails");
+			}
+		}
+
+		[Test]
+		public void TestECDsaSecP224k1Sha256()
+		{
+			X9ECParameters p = SecNamedCurves.GetByName("secp224k1");
+			ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
+			ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
+				new BigInteger("BE6F6E91FE96840A6518B56F3FE21689903A64FA729057AB872A9F51", 16), // d
+				parameters);
+			SecureRandom k = FixedSecureRandom.From(Hex.Decode("00c39beac93db21c3266084429eb9b846b787c094f23a4de66447efbb3"));
+       
+			byte[] M = Hex.Decode("E5D5A7ADF73C5476FAEE93A2C76CE94DC0557DB04CDC189504779117920B896D");
+
+			ECDsaSigner dsa = new ECDsaSigner();
+
+			dsa.Init(true, new ParametersWithRandom(priKey, k));
+
+			BigInteger[] sig = dsa.GenerateSignature(M);
+
+			BigInteger r = new BigInteger("8163E5941BED41DA441B33E653C632A55A110893133351E20CE7CB75", 16);
+			BigInteger s = new BigInteger("D12C3FC289DDD5F6890DCE26B65792C8C50E68BF551D617D47DF15A8", 16);
+
+			if (!r.Equals(sig[0]))
+			{
+				Fail("r component wrong." + SimpleTest.NewLine
+					+ " expecting: " + r + SimpleTest.NewLine
+					+ " got      : " + sig[0]);
+			}
+
+			if (!s.Equals(sig[1]))
+			{
+				Fail("s component wrong." + SimpleTest.NewLine
+					+ " expecting: " + s + SimpleTest.NewLine
+					+ " got      : " + sig[1]);
+			}
+
+			// Verify the signature
+			ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+				parameters.Curve.DecodePoint(Hex.Decode("04C5C9B38D3603FCCD6994CBB9594E152B658721E483669BB42728520F484B537647EC816E58A8284D3B89DFEDB173AFDC214ECA95A836FA7C")), // Q
+				parameters);
+
+			dsa.Init(false, pubKey);
+			if (!dsa.VerifySignature(M, sig[0], sig[1]))
+			{
+				Fail("signature fails");
+			}
+		}
+
+		// L4.2  X9.62 2005
+		[Test]
+		public void TestECDsaP256Sha256()
+		{
+			X9ECParameters p = NistNamedCurves.GetByName("P-256");
+			ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
+			ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
+				new BigInteger("20186677036482506117540275567393538695075300175221296989956723148347484984008"), // d
+				parameters);
+			SecureRandom k = FixedSecureRandom.From(BigIntegers.AsUnsignedByteArray(new BigInteger("72546832179840998877302529996971396893172522460793442785601695562409154906335")));
+
+			byte[] M = Hex.Decode("1BD4ED430B0F384B4E8D458EFF1A8A553286D7AC21CB2F6806172EF5F94A06AD");
+
+			ECDsaSigner dsa = new ECDsaSigner();
+
+			dsa.Init(true, new ParametersWithRandom(priKey, k));
+
+			BigInteger[] sig = dsa.GenerateSignature(M);
+
+			BigInteger r = new BigInteger("97354732615802252173078420023658453040116611318111190383344590814578738210384");
+			BigInteger s = new BigInteger("98506158880355671805367324764306888225238061309262649376965428126566081727535");
+
+			if (!r.Equals(sig[0]))
+			{
+				Fail("r component wrong." + SimpleTest.NewLine
+					+ " expecting: " + r + SimpleTest.NewLine
+					+ " got      : " + sig[0]);
+			}
+
+			if (!s.Equals(sig[1]))
+			{
+				Fail("s component wrong." + SimpleTest.NewLine
+					+ " expecting: " + s + SimpleTest.NewLine
+					+ " got      : " + sig[1]);
+			}
+
+			// Verify the signature
+			ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+				parameters.Curve.DecodePoint(Hex.Decode("03596375E6CE57E0F20294FC46BDFCFD19A39F8161B58695B3EC5B3D16427C274D")), // Q
+				parameters);
+
+			dsa.Init(false, pubKey);
+			if (!dsa.VerifySignature(M, sig[0], sig[1]))
+			{
+				Fail("signature fails");
+			}
+		}
+
+		[Test]
+		public void TestECDsaP224OneByteOver()
+		{
+			X9ECParameters p = NistNamedCurves.GetByName("P-224");
+			ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
+			ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
+				new BigInteger("6081831502424510080126737029209236539191290354021104541805484120491"), // d
+				parameters);
+			SecureRandom    k = FixedSecureRandom.From(BigIntegers.AsUnsignedByteArray(new BigInteger("15456715103636396133226117016818339719732885723579037388121116732601")));
+
+			byte[] M = Hex.Decode("8797A3C693CC292441039A4E6BAB7387F3B4F2A63D00ED384B378C79FF");
+
+			ECDsaSigner dsa = new ECDsaSigner();
+
+			dsa.Init(true, new ParametersWithRandom(priKey, k));
+
+			BigInteger[] sig = dsa.GenerateSignature(M);
+
+			BigInteger r = new BigInteger("26477406756127720855365980332052585411804331993436302005017227573742");
+			BigInteger s = new BigInteger("17694958233103667059888193972742186995283044672015112738919822429978");
+
+			if (!r.Equals(sig[0]))
+			{
+				Fail("r component wrong." + SimpleTest.NewLine
+					+ " expecting: " + r + SimpleTest.NewLine
+					+ " got      : " + sig[0]);
+			}
+
+			if (!s.Equals(sig[1]))
+			{
+				Fail("s component wrong." + SimpleTest.NewLine
+					+ " expecting: " + s + SimpleTest.NewLine
+					+ " got      : " + sig[1]);
+			}
+
+			// Verify the signature
+			ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+				parameters.Curve.DecodePoint(Hex.Decode("03FD44EC11F9D43D9D23B1E1D1C9ED6519B40ECF0C79F48CF476CC43F1")), // Q
+				parameters);
+
+			dsa.Init(false, pubKey);
+			if (!dsa.VerifySignature(M, sig[0], sig[1]))
+			{
+				Fail("signature fails");
+			}
+		}
+
+		// L4.3  X9.62 2005
+		[Test]
+		public void TestECDsaP521Sha512()
+		{
+			X9ECParameters p = NistNamedCurves.GetByName("P-521");
+			ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
+			ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
+				new BigInteger("617573726813476282316253885608633222275541026607493641741273231656161177732180358888434629562647985511298272498852936680947729040673640492310550142822667389"), // d
+				parameters);
+			SecureRandom k = FixedSecureRandom.From(BigIntegers.AsUnsignedByteArray(new BigInteger("6806532878215503520845109818432174847616958675335397773700324097584974639728725689481598054743894544060040710846048585856076812050552869216017728862957612913")));
+
+			byte[] M = Hex.Decode("6893B64BD3A9615C39C3E62DDD269C2BAAF1D85915526083183CE14C2E883B48B193607C1ED871852C9DF9C3147B574DC1526C55DE1FE263A676346A20028A66");
+
+			ECDsaSigner dsa = new ECDsaSigner();
+
+			dsa.Init(true, new ParametersWithRandom(priKey, k));
+
+			BigInteger[] sig = dsa.GenerateSignature(M);
+
+			BigInteger r = new BigInteger("1368926195812127407956140744722257403535864168182534321188553460365652865686040549247096155740756318290773648848859639978618869784291633651685766829574104630");
+			BigInteger s = new BigInteger("1624754720348883715608122151214003032398685415003935734485445999065609979304811509538477657407457976246218976767156629169821116579317401249024208611945405790");
+
+			if (!r.Equals(sig[0]))
+			{
+				Fail("r component wrong." + SimpleTest.NewLine
+					+ " expecting: " + r + SimpleTest.NewLine
+					+ " got      : " + sig[0]);
+			}
+
+			if (!s.Equals(sig[1]))
+			{
+				Fail("s component wrong." + SimpleTest.NewLine
+					+ " expecting: " + s + SimpleTest.NewLine
+					+ " got      : " + sig[1]);
+			}
+
+			// Verify the signature
+			ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+				parameters.Curve.DecodePoint(Hex.Decode("020145E221AB9F71C5FE740D8D2B94939A09E2816E2167A7D058125A06A80C014F553E8D6764B048FB6F2B687CEC72F39738F223D4CE6AFCBFF2E34774AA5D3C342CB3")), // Q
+				parameters);
+
+			dsa.Init(false, pubKey);
+			if (!dsa.VerifySignature(M, sig[0], sig[1]))
+			{
+				Fail("signature fails");
+			}
+		}
+
+		/**
+		 * General test for long digest.
+		 */
+		[Test]
+		public void TestECDsa239bitBinaryAndLargeDigest()
+		{
+			BigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552");
+			BigInteger s = new BigInteger("144940322424411242416373536877786566515839911620497068645600824084578597");
+
+			byte[] kData = BigIntegers.AsUnsignedByteArray(
+				new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363"));
+
+			SecureRandom k = FixedSecureRandom.From(kData);
+
+			F2mCurve curve = new F2mCurve(
+				239, // m
+				36, //k
+				new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a
+				new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b
+
+			ECDomainParameters parameters = new ECDomainParameters(
+				curve,
+				curve.DecodePoint(
+					Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G
+				new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783"), // n
+				BigInteger.ValueOf(4)); // h
+
+			ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
+				"ECDSA",
+				new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d
+				parameters);
+
+			ECDsaSigner ecdsa = new ECDsaSigner();
+			ParametersWithRandom param = new ParametersWithRandom(priKey, k);
+
+			ecdsa.Init(true, param);
+
+			byte[] message = new BigInteger("968236873715988614170569073515315707566766479517968236873715988614170569073515315707566766479517968236873715988614170569073515315707566766479517").ToByteArray();
+			BigInteger[] sig = ecdsa.GenerateSignature(message);
+
+			if (!r.Equals(sig[0]))
+			{
+				Fail("r component wrong." + SimpleTest.NewLine
+					+ " expecting: " + r + SimpleTest.NewLine
+					+ " got      : " + sig[0]);
+			}
+
+			if (!s.Equals(sig[1]))
+			{
+				Fail("s component wrong." + SimpleTest.NewLine
+					+ " expecting: " + s + SimpleTest.NewLine
+					+ " got      : " + sig[1]);
+			}
+
+			// Verify the signature
+			ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+				"ECDSA",
+				curve.DecodePoint(
+					Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q
+				parameters);
+
+			ecdsa.Init(false, pubKey);
+			if (!ecdsa.VerifySignature(message, sig[0], sig[1]))
+			{
+				Fail("signature fails");
+			}
+		}
+
+		/**
+		 * key generation test
+		 */
+		[Test]
+		public void TestECDsaKeyGenTest()
+		{
+			SecureRandom random = new SecureRandom();
+
+			FpCurve curve = new FpCurve(
+				new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
+				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+
+			ECDomainParameters parameters = new ECDomainParameters(
+				curve,
+				curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
+				new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n
+
+
+			ECKeyPairGenerator pGen = new ECKeyPairGenerator();
+			ECKeyGenerationParameters genParam = new ECKeyGenerationParameters(
+				parameters,
+				random);
+
+			pGen.Init(genParam);
+
+			AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair();
+
+			ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
+
+			ECDsaSigner ecdsa = new ECDsaSigner();
+
+			ecdsa.Init(true, param);
+
+			byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray();
+			BigInteger[] sig = ecdsa.GenerateSignature(message);
+
+			ecdsa.Init(false, pair.Public);
+
+			if (!ecdsa.VerifySignature(message, sig[0], sig[1]))
+			{
+				Fail("signature fails");
+			}
+		}
+
+		/**
+		 * Basic Key Agreement Test
+		 */
+		[Test]
+		public void TestECBasicAgreementTest()
+		{
+			SecureRandom random = new SecureRandom();
+
+			FpCurve curve = new FpCurve(
+				new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
+				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+
+			ECDomainParameters parameters = new ECDomainParameters(
+				curve,
+				curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
+				new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n
+
+
+			ECKeyPairGenerator pGen = new ECKeyPairGenerator();
+			ECKeyGenerationParameters genParam = new ECKeyGenerationParameters(parameters, random);
+
+			pGen.Init(genParam);
+
+			AsymmetricCipherKeyPair p1 = pGen.GenerateKeyPair();
+			AsymmetricCipherKeyPair p2 = pGen.GenerateKeyPair();
+
+			//
+			// two way
+			//
+			IBasicAgreement e1 = new ECDHBasicAgreement();
+			IBasicAgreement e2 = new ECDHBasicAgreement();
+
+			e1.Init(p1.Private);
+			e2.Init(p2.Private);
+
+			BigInteger   k1 = e1.CalculateAgreement(p2.Public);
+			BigInteger   k2 = e2.CalculateAgreement(p1.Public);
+
+			if (!k1.Equals(k2))
+			{
+				Fail("calculated agreement test failed");
+			}
+
+			//
+			// two way
+			//
+			e1 = new ECDHCBasicAgreement();
+			e2 = new ECDHCBasicAgreement();
+
+			e1.Init(p1.Private);
+			e2.Init(p2.Private);
+
+			k1 = e1.CalculateAgreement(p2.Public);
+			k2 = e2.CalculateAgreement(p1.Public);
+
+			if (!k1.Equals(k2))
+			{
+				Fail("calculated agreement test failed");
+			}
+		}
+
+		[Test]
+		public void TestECMqvTestVector1()
+		{
+			// Test Vector from GEC-2
+
+			X9ECParameters x9 = SecNamedCurves.GetByName("secp160r1");
+			ECDomainParameters p = new ECDomainParameters(
+				x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed());
+
+			AsymmetricCipherKeyPair U1 = new AsymmetricCipherKeyPair(
+				new ECPublicKeyParameters(
+					p.Curve.DecodePoint(Hex.Decode("0251B4496FECC406ED0E75A24A3C03206251419DC0")), p),
+				new ECPrivateKeyParameters(
+					new BigInteger("AA374FFC3CE144E6B073307972CB6D57B2A4E982", 16), p));
+
+			AsymmetricCipherKeyPair U2 = new AsymmetricCipherKeyPair(
+				new ECPublicKeyParameters(
+					p.Curve.DecodePoint(Hex.Decode("03D99CE4D8BF52FA20BD21A962C6556B0F71F4CA1F")), p),
+				new ECPrivateKeyParameters(
+					new BigInteger("149EC7EA3A220A887619B3F9E5B4CA51C7D1779C", 16), p));
+
+			AsymmetricCipherKeyPair V1 = new AsymmetricCipherKeyPair(
+				new ECPublicKeyParameters(
+					p.Curve.DecodePoint(Hex.Decode("0349B41E0E9C0369C2328739D90F63D56707C6E5BC")), p),
+				new ECPrivateKeyParameters(
+					new BigInteger("45FB58A92A17AD4B15101C66E74F277E2B460866", 16), p));
+
+			AsymmetricCipherKeyPair V2 = new AsymmetricCipherKeyPair(
+				new ECPublicKeyParameters(
+					p.Curve.DecodePoint(Hex.Decode("02706E5D6E1F640C6E9C804E75DBC14521B1E5F3B5")), p),
+				new ECPrivateKeyParameters(
+					new BigInteger("18C13FCED9EADF884F7C595C8CB565DEFD0CB41E", 16), p));
+
+			BigInteger x = calculateAgreement(U1, U2, V1, V2);
+
+			if (x == null
+				|| !x.Equals(new BigInteger("5A6955CEFDB4E43255FB7FCF718611E4DF8E05AC", 16)))
+			{
+				Fail("MQV Test Vector #1 agreement failed");
+			}
+		}
+
+		[Test]
+		public void TestECMqvTestVector2()
+		{
+			// Test Vector from GEC-2
+
+			X9ECParameters x9 = SecNamedCurves.GetByName("sect163k1");
+			ECDomainParameters p = new ECDomainParameters(
+				x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed());
+
+			AsymmetricCipherKeyPair U1 = new AsymmetricCipherKeyPair(
+				new ECPublicKeyParameters(
+					p.Curve.DecodePoint(Hex.Decode("03037D529FA37E42195F10111127FFB2BB38644806BC")), p),
+				new ECPrivateKeyParameters(
+					new BigInteger("03A41434AA99C2EF40C8495B2ED9739CB2155A1E0D", 16), p));
+
+			AsymmetricCipherKeyPair U2 = new AsymmetricCipherKeyPair(
+				new ECPublicKeyParameters(
+					p.Curve.DecodePoint(Hex.Decode("02015198E74BC2F1E5C9A62B80248DF0D62B9ADF8429")), p),
+				new ECPrivateKeyParameters(
+					new BigInteger("032FC4C61A8211E6A7C4B8B0C03CF35F7CF20DBD52", 16), p));
+
+			AsymmetricCipherKeyPair V1 = new AsymmetricCipherKeyPair(
+				new ECPublicKeyParameters(
+					p.Curve.DecodePoint(Hex.Decode("03072783FAAB9549002B4F13140B88132D1C75B3886C")), p),
+				new ECPrivateKeyParameters(
+					new BigInteger("57E8A78E842BF4ACD5C315AA0569DB1703541D96", 16), p));
+
+			AsymmetricCipherKeyPair V2 = new AsymmetricCipherKeyPair(
+				new ECPublicKeyParameters(
+					p.Curve.DecodePoint(Hex.Decode("03067E3AEA3510D69E8EDD19CB2A703DDC6CF5E56E32")), p),
+				new ECPrivateKeyParameters(
+					new BigInteger("02BD198B83A667A8D908EA1E6F90FD5C6D695DE94F", 16), p));
+
+			BigInteger x = calculateAgreement(U1, U2, V1, V2);
+
+			if (x == null
+				|| !x.Equals(new BigInteger("038359FFD30C0D5FC1E6154F483B73D43E5CF2B503", 16)))
+			{
+				Fail("MQV Test Vector #2 agreement failed");
+			}
+		}
+
+		[Test]
+		public void TestECMqvRandom()
+		{
+			SecureRandom random = new SecureRandom();
+
+			FpCurve curve = new FpCurve(
+				new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
+				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+
+			ECDomainParameters parameters = new ECDomainParameters(
+				curve,
+				curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
+				new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n
+
+			ECKeyPairGenerator pGen = new ECKeyPairGenerator();
+
+			pGen.Init(new ECKeyGenerationParameters(parameters, random));
+
+
+			// Pre-established key pairs
+			AsymmetricCipherKeyPair U1 = pGen.GenerateKeyPair();
+			AsymmetricCipherKeyPair V1 = pGen.GenerateKeyPair();
+
+			// Ephemeral key pairs
+			AsymmetricCipherKeyPair U2 = pGen.GenerateKeyPair();
+			AsymmetricCipherKeyPair V2 = pGen.GenerateKeyPair();
+
+			BigInteger x = calculateAgreement(U1, U2, V1, V2);
+
+			if (x == null)
+			{
+				Fail("MQV Test Vector (random) agreement failed");
+			}
+		}
+
+		private static BigInteger calculateAgreement(
+			AsymmetricCipherKeyPair U1,
+			AsymmetricCipherKeyPair U2,
+			AsymmetricCipherKeyPair V1,
+			AsymmetricCipherKeyPair V2)
+		{
+			ECMqvBasicAgreement u = new ECMqvBasicAgreement();
+			u.Init(new MqvPrivateParameters(
+				(ECPrivateKeyParameters)U1.Private,
+				(ECPrivateKeyParameters)U2.Private,
+				(ECPublicKeyParameters)U2.Public));
+			BigInteger ux = u.CalculateAgreement(new MqvPublicParameters(
+				(ECPublicKeyParameters)V1.Public,
+				(ECPublicKeyParameters)V2.Public));
+
+			ECMqvBasicAgreement v = new ECMqvBasicAgreement();
+			v.Init(new MqvPrivateParameters(
+				(ECPrivateKeyParameters)V1.Private,
+				(ECPrivateKeyParameters)V2.Private,
+				(ECPublicKeyParameters)V2.Public));
+			BigInteger vx = v.CalculateAgreement(new MqvPublicParameters(
+				(ECPublicKeyParameters)U1.Public,
+				(ECPublicKeyParameters)U2.Public));
+
+			if (ux.Equals(vx))
+				return ux;
+
+			return null;
+		}
+
+		public override string Name
+		{
+			get { return "EC"; }
+		}
+
+		public override void PerformTest()
+		{
+			TestDecode();
+			TestECDsa192bitPrime();
+			TestECDsa239bitPrime();
+			TestECDsa191bitBinary();
+			TestECDsa239bitBinary();
+			TestECDsaKeyGenTest();
+			TestECBasicAgreementTest();
+
+			TestECDsaP224Sha224();
+			TestECDsaP224OneByteOver();
+			TestECDsaP256Sha256();
+			TestECDsaP521Sha512();
+			TestECDsaSecP224k1Sha256();
+			TestECDsa239bitBinaryAndLargeDigest();
+
+			TestECMqvTestVector1();
+			TestECMqvTestVector2();
+			TestECMqvRandom();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new ECTest());
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/ElGamalTest.cs b/crypto/test/src/crypto/test/ElGamalTest.cs
new file mode 100644
index 000000000..1caa70387
--- /dev/null
+++ b/crypto/test/src/crypto/test/ElGamalTest.cs
@@ -0,0 +1,278 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	[TestFixture]
+	public class ElGamalTest
+		: SimpleTest
+	{
+		private static readonly BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
+		private static readonly BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
+
+		private static readonly BigInteger g768 = new BigInteger("7c240073c1316c621df461b71ebb0cdcc90a6e5527e5e126633d131f87461c4dc4afc60c2cb0f053b6758871489a69613e2a8b4c8acde23954c08c81cbd36132cfd64d69e4ed9f8e51ed6e516297206672d5c0a69135df0a5dcf010d289a9ca1", 16);
+		private static readonly BigInteger p768 = new BigInteger("8c9dd223debed1b80103b8b309715be009d48860ed5ae9b9d5d8159508efd802e3ad4501a7f7e1cfec78844489148cd72da24b21eddd01aa624291c48393e277cfc529e37075eccef957f3616f962d15b44aeab4039d01b817fde9eaa12fd73f", 16);
+
+		private static readonly BigInteger g1024 = new BigInteger("1db17639cdf96bc4eabba19454f0b7e5bd4e14862889a725c96eb61048dcd676ceb303d586e30f060dbafd8a571a39c4d823982117da5cc4e0f89c77388b7a08896362429b94a18a327604eb7ff227bffbc83459ade299e57b5f77b50fb045250934938efa145511166e3197373e1b5b1e52de713eb49792bedde722c6717abf", 16);
+		private static readonly BigInteger p1024 = new BigInteger("a00e283b3c624e5b2b4d9fbc2653b5185d99499b00fd1bf244c6f0bb817b4d1c451b2958d62a0f8a38caef059fb5ecd25d75ed9af403f5b5bdab97a642902f824e3c13789fed95fa106ddfe0ff4a707c85e2eb77d49e68f2808bcea18ce128b178cd287c6bc00efa9a1ad2a673fe0dceace53166f75b81d6709d5f8af7c66bb7", 16);
+
+		private static readonly BigInteger yPgpBogusPSamp = new BigInteger("de4688497cc05b45fe8559bc9918c45afcad69b74123a7236eba409fd9de8ea34c7869839ee9df35e3d97576145d089841aa65b5b4e061fae52c37e430354269a02496b8ed8456f2d0d7c9b0db985fbcb21ae9f78507ed6e3a29db595b201b1a4f931c7d791eede65ccf918e8a61cf146859151c78c41ad48853694623467d78", 16);
+		private static readonly BigInteger xPgpBogusPSamp = new BigInteger("cbaf780f2cfe4f987bbc5fcb0738bbd7912060ccfdf37cbfeea65c0fd857e74a8df6cc359375f28cf5725d081813c614410a78cbe4b06d677beea9ff0fa10b1dbc47a6ed8c5b8466d6a95d6574029dbdf72596392e1b6b230faf9916dc8455821c10527a375a4d1c8a54947d1fe714d321aca25ad486b4b456506999fd2fd11a", 16);
+		private static readonly BigInteger gPgpBogusPSamp = new BigInteger("153ffe9522076d1cbd6e75f0816a0fc2ebd8b0e0091406587387a1763022088a03b411eed07ff50efb82b21f1608c352d10f63ba7e7e981a2f3387cec8af2915953d00493857663ae8919f517fe90f1d2abe7af4305a344b10d1a25d75f65902cd7fd775853d3ac43d7c5253ad666e1e63ee98cdcb10af81273d4ff053ff07d51", 16);
+		private static readonly BigInteger pPgpBogusPSamp = new BigInteger("15061b26cdab4e865098a01c86f13b03220104c5443e950658b36b85245aa0c616a0c0d8d99c454bea087c172315e45b3bc9b925443948a2b6ba47608a6035b9a79a4ef34a78d7274a12ede8364f02d5030db864988643d7e92753df603bd69fbd2682ab0af64d1a866d1131a2cb13333cedb0a9e6eefddd9fff8154d34c2daab", 16);
+		private const int lPgpBogusPSamp = 0;
+
+		public override string Name
+		{
+			get { return "ElGamal"; }
+		}
+
+		private void doTestEnc(
+			int         size,
+			int         privateValueSize,
+			BigInteger  g,
+			BigInteger  p)
+		{
+			ElGamalParameters dhParams = new ElGamalParameters(p, g, privateValueSize);
+			ElGamalKeyGenerationParameters ekgParams = new ElGamalKeyGenerationParameters(new SecureRandom(), dhParams);
+			ElGamalKeyPairGenerator kpGen = new ElGamalKeyPairGenerator();
+
+			kpGen.Init(ekgParams);
+
+			//
+			// generate pair
+			//
+			AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
+
+			ElGamalPublicKeyParameters pu = (ElGamalPublicKeyParameters) pair.Public;
+			ElGamalPrivateKeyParameters pv = (ElGamalPrivateKeyParameters) pair.Private;
+
+			checkKeySize(privateValueSize, pv);
+
+			ElGamalEngine e = new ElGamalEngine();
+
+			e.Init(true, pu);
+
+			if (e.GetOutputBlockSize() != size / 4)
+			{
+				Fail(size + " GetOutputBlockSize() on encryption failed.");
+			}
+
+			byte[] message = Hex.Decode("5468697320697320612074657374");
+
+			byte[] pText = message;
+			byte[] cText = e.ProcessBlock(pText, 0, pText.Length);
+
+			e.Init(false, pv);
+
+			if (e.GetOutputBlockSize() != (size / 8) - 1)
+			{
+				Fail(size + " GetOutputBlockSize() on decryption failed.");
+			}
+
+			pText = e.ProcessBlock(cText, 0, cText.Length);
+
+			if (!Arrays.AreEqual(message, pText))
+			{
+				Fail(size + " bit test failed");
+			}
+
+
+
+			e.Init(true, pu);
+			byte[] bytes = new byte[e.GetInputBlockSize() + 2];
+
+			try
+			{
+				e.ProcessBlock(bytes, 0, bytes.Length);
+
+				Fail("out of range block not detected");
+			}
+			catch (DataLengthException)
+			{
+				// expected
+			}
+
+			try
+			{
+				bytes[0] = (byte)0xff;
+
+				e.ProcessBlock(bytes, 0, bytes.Length - 1);
+
+				Fail("out of range block not detected");
+			}
+			catch (DataLengthException)
+			{
+				// expected
+			}
+
+			try
+			{
+				bytes[0] = (byte)0x7f;
+
+				e.ProcessBlock(bytes, 0, bytes.Length - 1);
+			}
+			catch (DataLengthException)
+			{
+				Fail("in range block failed");
+			}
+		}
+
+		private void checkKeySize(
+			int							privateValueSize,
+			ElGamalPrivateKeyParameters	priv)
+		{
+			if (privateValueSize != 0)
+			{
+				if (priv.X.BitLength != privateValueSize)
+				{
+					Fail("limited key check failed for key size " + privateValueSize);
+				}
+			}
+		}
+
+		/**
+		 * this test is can take quiet a while
+		 *
+		 * @param size size of key in bits.
+		 */
+		private void doTestGeneration(
+			int size)
+		{
+			ElGamalParametersGenerator pGen = new ElGamalParametersGenerator();
+
+			pGen.Init(size, 10, new SecureRandom());
+
+			ElGamalParameters elParams = pGen.GenerateParameters();
+
+			if (elParams.L != 0)
+			{
+				Fail("ElGamalParametersGenerator failed to set L to 0 in generated ElGamalParameters");
+			}
+
+			ElGamalKeyGenerationParameters ekgParams = new ElGamalKeyGenerationParameters(new SecureRandom(), elParams);
+
+			ElGamalKeyPairGenerator kpGen = new ElGamalKeyPairGenerator();
+
+			kpGen.Init(ekgParams);
+
+			//
+			// generate first pair
+			//
+			AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
+
+			ElGamalPublicKeyParameters pu = (ElGamalPublicKeyParameters)pair.Public;
+			ElGamalPrivateKeyParameters pv = (ElGamalPrivateKeyParameters)pair.Private;
+
+			ElGamalEngine e = new ElGamalEngine();
+
+			e.Init(true, new ParametersWithRandom(pu, new SecureRandom()));
+
+			byte[] message = Hex.Decode("5468697320697320612074657374");
+
+			byte[] pText = message;
+			byte[] cText = e.ProcessBlock(pText, 0, pText.Length);
+
+			e.Init(false, pv);
+
+			pText = e.ProcessBlock(cText, 0, cText.Length);
+
+			if (!Arrays.AreEqual(message, pText))
+			{
+				Fail("generation test failed");
+			}
+		}
+
+		[Test]
+		public void TestInvalidP()
+		{
+			ElGamalParameters dhParams = new ElGamalParameters(pPgpBogusPSamp, gPgpBogusPSamp, lPgpBogusPSamp);
+			ElGamalPublicKeyParameters pu = new ElGamalPublicKeyParameters(yPgpBogusPSamp, dhParams);
+			ElGamalPrivateKeyParameters pv = new ElGamalPrivateKeyParameters(xPgpBogusPSamp, dhParams);
+
+			ElGamalEngine e = new ElGamalEngine();
+
+			e.Init(true, pu);
+
+			byte[] message = Hex.Decode("5468697320697320612074657374");
+
+			byte[] pText = message;
+			byte[] cText = e.ProcessBlock(pText, 0, pText.Length);
+
+			e.Init(false, pv);
+
+			pText = e.ProcessBlock(cText, 0, cText.Length);
+
+			if (Arrays.AreEqual(message, pText))
+			{
+				Fail("invalid test failed");
+			}
+		}
+
+		[Test]
+		public void TestEnc512()
+		{
+			doTestEnc(512, 0, g512, p512);
+			doTestEnc(512, 64, g512, p512);
+		}
+
+		[Test]
+		public void TestEnc768()
+		{
+			doTestEnc(768, 0, g768, p768);
+			doTestEnc(768, 128, g768, p768);
+		}
+
+		[Test]
+		public void TestEnc1024()
+		{
+			doTestEnc(1024, 0, g1024, p1024);
+		}
+
+		[Test]
+		public void TestGeneration258()
+		{
+			doTestGeneration(258);
+		}
+
+		[Test]
+		public void TestInitCheck()
+		{
+			try
+			{
+				new ElGamalEngine().ProcessBlock(new byte[]{ 1 }, 0, 1);
+				Fail("failed initialisation check");
+			}
+			catch (InvalidOperationException)
+			{
+				// expected
+			}
+		}
+
+		public override void PerformTest()
+		{
+			TestInvalidP();
+			TestEnc512();
+			TestEnc768();
+			TestEnc1024();
+			TestGeneration258();
+			TestInitCheck();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new ElGamalTest());
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/EqualsHashCodeTest.cs b/crypto/test/src/crypto/test/EqualsHashCodeTest.cs
new file mode 100644
index 000000000..05cc9ad53
--- /dev/null
+++ b/crypto/test/src/crypto/test/EqualsHashCodeTest.cs
@@ -0,0 +1,262 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	internal class DHTestKeyParameters
+		: DHKeyParameters
+	{
+		public DHTestKeyParameters(
+			bool			isPrivate,
+			DHParameters	parameters)
+			: base(isPrivate, parameters)
+		{
+		}
+	}
+
+	internal class ElGamalTestKeyParameters
+		: ElGamalKeyParameters
+	{
+		public ElGamalTestKeyParameters(
+			bool				isPrivate,
+			ElGamalParameters	parameters)
+			: base(isPrivate, parameters)
+		{
+		}
+	}
+
+	[TestFixture]
+	public class EqualsHashCodeTest
+		: SimpleTest
+	{
+		private static object Other = new object();
+
+		public override string Name
+		{
+			get { return "EqualsHashCode"; }
+		}
+
+		private void doTest(
+			object	a,
+			object	equalsA,
+			object	notEqualsA)
+		{
+			if (a.Equals(null))
+			{
+				Fail("a equaled null");
+			}
+
+			if (!a.Equals(equalsA) || !equalsA.Equals(a))
+			{
+				Fail("equality failed");
+			}
+
+			if (a.Equals(Other))
+			{
+				Fail("other inequality failed");
+			}
+
+			if (a.Equals(notEqualsA) || notEqualsA.Equals(a))
+			{
+				Fail("inequality failed");
+			}
+
+			if (a.GetHashCode() != equalsA.GetHashCode())
+			{
+				Fail("hashCode equality failed");
+			}
+		}
+
+		[Test]
+		public void TestDH()
+		{
+			BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
+			BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
+
+			DHParameters dhParams = new DHParameters(p512, g512);
+			DHKeyGenerationParameters parameters = new DHKeyGenerationParameters(new SecureRandom(), dhParams);         DHKeyPairGenerator          kpGen = new DHKeyPairGenerator();
+
+			kpGen.Init(parameters);
+
+			AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
+			DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public;
+			DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private;
+
+			DHPublicKeyParameters pu2 = new DHPublicKeyParameters(pu1.Y, pu1.Parameters);
+			DHPrivateKeyParameters pv2 = new DHPrivateKeyParameters(pv1.X, pv1.Parameters);
+			DHPublicKeyParameters pu3 = new DHPublicKeyParameters(pv1.X, pu1.Parameters);
+			DHPrivateKeyParameters pv3 = new DHPrivateKeyParameters(pu1.Y, pu1.Parameters);
+
+			doTest(pu1, pu2, pu3);
+			doTest(pv1, pv2, pv3);
+
+			DHParameters pr1 = pu1.Parameters;
+			DHParameters pr2 = new DHParameters(
+				pr1.P, pr1.G, pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters);
+			DHParameters pr3 = new DHParameters(
+				pr1.P.Add(BigInteger.Two), pr1.G, pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters);
+
+			doTest(pr1, pr2, pr3);
+
+			pr3 = new DHParameters(
+				pr1.P, pr1.G.Add(BigInteger.One), pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters);
+
+			doTest(pr1, pr2, pr3);
+
+			pu2 = new DHPublicKeyParameters(pu1.Y, pr2);
+			pv2 = new DHPrivateKeyParameters(pv1.X, pr2);
+
+			doTest(pu1, pu2, pu3);
+			doTest(pv1, pv2, pv3);
+
+			DHValidationParameters vp1 = new DHValidationParameters(new byte[20], 1024);
+			DHValidationParameters vp2 = new DHValidationParameters(new byte[20], 1024);
+			DHValidationParameters vp3 = new DHValidationParameters(new byte[24], 1024);
+
+			doTest(vp1, vp1, vp3);
+			doTest(vp1, vp2, vp3);
+
+			byte[] bytes = new byte[20];
+			bytes[0] = 1;
+
+			vp3 = new DHValidationParameters(bytes, 1024);
+
+			doTest(vp1, vp2, vp3);
+
+			vp3 = new DHValidationParameters(new byte[20], 2048);
+
+			doTest(vp1, vp2, vp3);
+
+			DHTestKeyParameters k1 = new DHTestKeyParameters(false, null);
+			DHTestKeyParameters k2 = new DHTestKeyParameters(false, null);
+			DHTestKeyParameters k3 = new DHTestKeyParameters(false, pu1.Parameters);
+
+			doTest(k1, k2, k3);
+		}
+
+		[Test]
+		public void TestElGamal()
+		{
+			BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
+			BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
+
+			ElGamalParameters dhParams = new ElGamalParameters(p512, g512);
+			ElGamalKeyGenerationParameters parameters = new ElGamalKeyGenerationParameters(new SecureRandom(), dhParams);         ElGamalKeyPairGenerator kpGen = new ElGamalKeyPairGenerator();
+
+			kpGen.Init(parameters);
+
+			AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
+			ElGamalPublicKeyParameters pu1 = (ElGamalPublicKeyParameters)pair.Public;
+			ElGamalPrivateKeyParameters pv1 = (ElGamalPrivateKeyParameters)pair.Private;
+
+			ElGamalPublicKeyParameters pu2 = new ElGamalPublicKeyParameters(pu1.Y, pu1.Parameters);
+			ElGamalPrivateKeyParameters pv2 = new ElGamalPrivateKeyParameters(pv1.X, pv1.Parameters);
+			ElGamalPublicKeyParameters pu3 = new ElGamalPublicKeyParameters(pv1.X, pu1.Parameters);
+			ElGamalPrivateKeyParameters pv3 = new ElGamalPrivateKeyParameters(pu1.Y, pu1.Parameters);
+
+			doTest(pu1, pu2, pu3);
+			doTest(pv1, pv2, pv3);
+
+			ElGamalParameters pr1 = pu1.Parameters;
+			ElGamalParameters pr2 = new ElGamalParameters(pr1.P, pr1.G);
+			ElGamalParameters pr3 = new ElGamalParameters(pr1.G, pr1.P);
+
+			doTest(pr1, pr2, pr3);
+
+			pu2 = new ElGamalPublicKeyParameters(pu1.Y, pr2);
+			pv2 = new ElGamalPrivateKeyParameters(pv1.X, pr2);
+
+			doTest(pu1, pu2, pu3);
+			doTest(pv1, pv2, pv3);
+
+			ElGamalTestKeyParameters k1 = new ElGamalTestKeyParameters(false, null);
+			ElGamalTestKeyParameters k2 = new ElGamalTestKeyParameters(false, null);
+			ElGamalTestKeyParameters k3 = new ElGamalTestKeyParameters(false, pu1.Parameters);
+
+			doTest(k1, k2, k3);
+		}
+
+		[Test]
+		public void TestDsa()
+		{
+			BigInteger a = BigInteger.ValueOf(1), b = BigInteger.ValueOf(2), c = BigInteger.ValueOf(3);
+
+			DsaParameters dsaP1 = new DsaParameters(a, b, c);
+			DsaParameters dsaP2 = new DsaParameters(a, b, c);
+			DsaParameters dsaP3 = new DsaParameters(b, c, a);
+
+			doTest(dsaP1, dsaP2, dsaP3);
+
+			DsaValidationParameters vp1 = new DsaValidationParameters(new byte[20], 1024);
+			DsaValidationParameters vp2 = new DsaValidationParameters(new byte[20], 1024);
+			DsaValidationParameters vp3 = new DsaValidationParameters(new byte[24], 1024);
+
+			doTest(vp1, vp1, vp3);
+			doTest(vp1, vp2, vp3);
+
+			byte[] bytes = new byte[20];
+			bytes[0] = 1;
+
+			vp3 = new DsaValidationParameters(bytes, 1024);
+
+			doTest(vp1, vp2, vp3);
+
+			vp3 = new DsaValidationParameters(new byte[20], 2048);
+
+			doTest(vp1, vp2, vp3);
+		}
+
+		[Test]
+		public void TestGost3410()
+		{
+			BigInteger a = BigInteger.ValueOf(1), b = BigInteger.ValueOf(2), c = BigInteger.ValueOf(3);
+
+			Gost3410Parameters g1 = new Gost3410Parameters(a, b, c);
+			Gost3410Parameters g2 = new Gost3410Parameters(a, b, c);
+			Gost3410Parameters g3 = new Gost3410Parameters(a, c, c);
+
+			doTest(g1, g2, g3);
+
+			Gost3410ValidationParameters v1 = new Gost3410ValidationParameters(100, 1);
+			Gost3410ValidationParameters v2 = new Gost3410ValidationParameters(100, 1);
+			Gost3410ValidationParameters v3 = new Gost3410ValidationParameters(101, 1);
+
+			doTest(v1, v2, v3);
+
+			v3 = new Gost3410ValidationParameters(100, 2);
+
+			doTest(v1, v2, v3);
+
+			v1 = new Gost3410ValidationParameters(100L, 1L);
+			v2 = new Gost3410ValidationParameters(100L, 1L);
+			v3 = new Gost3410ValidationParameters(101L, 1L);
+
+			doTest(v1, v2, v3);
+
+			v3 = new Gost3410ValidationParameters(100L, 2L);
+
+			doTest(v1, v2, v3);
+		}
+
+		public override void PerformTest()
+		{
+			TestDH();
+			TestElGamal();
+			TestGost3410();
+			TestDsa();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new EqualsHashCodeTest());
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/GCMTest.cs b/crypto/test/src/crypto/test/GCMTest.cs
new file mode 100644
index 000000000..60630c6e4
--- /dev/null
+++ b/crypto/test/src/crypto/test/GCMTest.cs
@@ -0,0 +1,589 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Modes.Gcm;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/// <summary>
+	/// Test vectors from "The Galois/Counter Mode of Operation (GCM)", McGrew/Viega, Appendix B
+	/// </summary>
+	[TestFixture]
+	public class GcmTest
+		: SimpleTest
+	{
+		private static readonly string[][] TestVectors = new string[][]
+		{
+			new string[]
+			{
+				"Test Case 1",
+				"00000000000000000000000000000000",
+				"",
+				"",
+				"000000000000000000000000",
+				"",
+				"58e2fccefa7e3061367f1d57a4e7455a",
+			},
+			new string[]
+			{
+				"Test Case 2",
+				"00000000000000000000000000000000",
+				"00000000000000000000000000000000",
+				"",
+				"000000000000000000000000",
+				"0388dace60b6a392f328c2b971b2fe78",
+				"ab6e47d42cec13bdf53a67b21257bddf",
+			},
+			new string[]
+			{
+				"Test Case 3",
+				"feffe9928665731c6d6a8f9467308308",
+				"d9313225f88406e5a55909c5aff5269a"
+				+ "86a7a9531534f7da2e4c303d8a318a72"
+				+ "1c3c0c95956809532fcf0e2449a6b525"
+				+ "b16aedf5aa0de657ba637b391aafd255",
+				"",
+				"cafebabefacedbaddecaf888",
+				"42831ec2217774244b7221b784d0d49c"
+				+ "e3aa212f2c02a4e035c17e2329aca12e"
+				+ "21d514b25466931c7d8f6a5aac84aa05"
+				+ "1ba30b396a0aac973d58e091473f5985",
+				"4d5c2af327cd64a62cf35abd2ba6fab4",
+			},
+			new string[]
+			{
+				"Test Case 4",
+				"feffe9928665731c6d6a8f9467308308",
+				"d9313225f88406e5a55909c5aff5269a"
+				+ "86a7a9531534f7da2e4c303d8a318a72"
+				+ "1c3c0c95956809532fcf0e2449a6b525"
+				+ "b16aedf5aa0de657ba637b39",
+				"feedfacedeadbeeffeedfacedeadbeef"
+				+ "abaddad2",
+				"cafebabefacedbaddecaf888",
+				"42831ec2217774244b7221b784d0d49c"
+				+ "e3aa212f2c02a4e035c17e2329aca12e"
+				+ "21d514b25466931c7d8f6a5aac84aa05"
+				+ "1ba30b396a0aac973d58e091",
+				"5bc94fbc3221a5db94fae95ae7121a47",
+			},
+			new string[]
+			{
+				"Test Case 5",
+				"feffe9928665731c6d6a8f9467308308",
+				"d9313225f88406e5a55909c5aff5269a"
+				+ "86a7a9531534f7da2e4c303d8a318a72"
+				+ "1c3c0c95956809532fcf0e2449a6b525"
+				+ "b16aedf5aa0de657ba637b39",
+				"feedfacedeadbeeffeedfacedeadbeef"
+				+ "abaddad2",
+				"cafebabefacedbad",
+				"61353b4c2806934a777ff51fa22a4755"
+				+ "699b2a714fcdc6f83766e5f97b6c7423"
+				+ "73806900e49f24b22b097544d4896b42"
+				+ "4989b5e1ebac0f07c23f4598",
+				"3612d2e79e3b0785561be14aaca2fccb",
+			},
+			new string[]
+			{
+				"Test Case 6",
+				"feffe9928665731c6d6a8f9467308308",
+				"d9313225f88406e5a55909c5aff5269a"
+				+ "86a7a9531534f7da2e4c303d8a318a72"
+				+ "1c3c0c95956809532fcf0e2449a6b525"
+				+ "b16aedf5aa0de657ba637b39",
+				"feedfacedeadbeeffeedfacedeadbeef"
+				+ "abaddad2",
+				"9313225df88406e555909c5aff5269aa"
+				+ "6a7a9538534f7da1e4c303d2a318a728"
+				+ "c3c0c95156809539fcf0e2429a6b5254"
+				+ "16aedbf5a0de6a57a637b39b",
+				"8ce24998625615b603a033aca13fb894"
+				+ "be9112a5c3a211a8ba262a3cca7e2ca7"
+				+ "01e4a9a4fba43c90ccdcb281d48c7c6f"
+				+ "d62875d2aca417034c34aee5",
+				"619cc5aefffe0bfa462af43c1699d050",
+			},
+			new string[]
+			{
+				"Test Case 7",
+				"00000000000000000000000000000000"
+				+ "0000000000000000",
+				"",
+				"",
+				"000000000000000000000000",
+				"",
+				"cd33b28ac773f74ba00ed1f312572435",
+			},
+			new string[]
+			{
+				"Test Case 8",
+				"00000000000000000000000000000000"
+				+ "0000000000000000",
+				"00000000000000000000000000000000",
+				"",
+				"000000000000000000000000",
+				"98e7247c07f0fe411c267e4384b0f600",
+				"2ff58d80033927ab8ef4d4587514f0fb",
+			},
+			new string[]
+			{
+				"Test Case 9",
+				"feffe9928665731c6d6a8f9467308308"
+				+ "feffe9928665731c",
+				"d9313225f88406e5a55909c5aff5269a"
+				+ "86a7a9531534f7da2e4c303d8a318a72"
+				+ "1c3c0c95956809532fcf0e2449a6b525"
+				+ "b16aedf5aa0de657ba637b391aafd255",
+				"",
+				"cafebabefacedbaddecaf888",
+				"3980ca0b3c00e841eb06fac4872a2757"
+				+ "859e1ceaa6efd984628593b40ca1e19c"
+				+ "7d773d00c144c525ac619d18c84a3f47"
+				+ "18e2448b2fe324d9ccda2710acade256",
+				"9924a7c8587336bfb118024db8674a14",
+			},
+			new string[]
+			{
+				"Test Case 10",
+				"feffe9928665731c6d6a8f9467308308"
+				+ "feffe9928665731c",
+				"d9313225f88406e5a55909c5aff5269a"
+				+ "86a7a9531534f7da2e4c303d8a318a72"
+				+ "1c3c0c95956809532fcf0e2449a6b525"
+				+ "b16aedf5aa0de657ba637b39",
+				"feedfacedeadbeeffeedfacedeadbeef"
+				+ "abaddad2",
+				"cafebabefacedbaddecaf888",
+				"3980ca0b3c00e841eb06fac4872a2757"
+				+ "859e1ceaa6efd984628593b40ca1e19c"
+				+ "7d773d00c144c525ac619d18c84a3f47"
+				+ "18e2448b2fe324d9ccda2710",
+				"2519498e80f1478f37ba55bd6d27618c",
+			},
+			new string[]
+			{
+				"Test Case 11",
+				"feffe9928665731c6d6a8f9467308308"
+				+ "feffe9928665731c",
+				"d9313225f88406e5a55909c5aff5269a"
+				+ "86a7a9531534f7da2e4c303d8a318a72"
+				+ "1c3c0c95956809532fcf0e2449a6b525"
+				+ "b16aedf5aa0de657ba637b39",
+				"feedfacedeadbeeffeedfacedeadbeef"
+				+ "abaddad2",
+				"cafebabefacedbad",
+				"0f10f599ae14a154ed24b36e25324db8"
+				+ "c566632ef2bbb34f8347280fc4507057"
+				+ "fddc29df9a471f75c66541d4d4dad1c9"
+				+ "e93a19a58e8b473fa0f062f7",
+				"65dcc57fcf623a24094fcca40d3533f8",
+			},
+			new string[]
+			{
+				"Test Case 12",
+				"feffe9928665731c6d6a8f9467308308"
+				+ "feffe9928665731c",
+				"d9313225f88406e5a55909c5aff5269a"
+				+ "86a7a9531534f7da2e4c303d8a318a72"
+				+ "1c3c0c95956809532fcf0e2449a6b525"
+				+ "b16aedf5aa0de657ba637b39",
+				"feedfacedeadbeeffeedfacedeadbeef"
+				+ "abaddad2",
+				"9313225df88406e555909c5aff5269aa"
+				+ "6a7a9538534f7da1e4c303d2a318a728"
+				+ "c3c0c95156809539fcf0e2429a6b5254"
+				+ "16aedbf5a0de6a57a637b39b",
+				"d27e88681ce3243c4830165a8fdcf9ff"
+				+ "1de9a1d8e6b447ef6ef7b79828666e45"
+				+ "81e79012af34ddd9e2f037589b292db3"
+				+ "e67c036745fa22e7e9b7373b",
+				"dcf566ff291c25bbb8568fc3d376a6d9",
+			},
+			new string[]
+			{
+				"Test Case 13",
+				"00000000000000000000000000000000"
+				+ "00000000000000000000000000000000",
+				"",
+				"",
+				"000000000000000000000000",
+				"",
+				"530f8afbc74536b9a963b4f1c4cb738b",
+			},
+			new string[]
+			{
+				"Test Case 14",
+				"00000000000000000000000000000000"
+				+ "00000000000000000000000000000000",
+				"00000000000000000000000000000000",
+				"",
+				"000000000000000000000000",
+				"cea7403d4d606b6e074ec5d3baf39d18",
+				"d0d1c8a799996bf0265b98b5d48ab919",
+			},
+			new string[]
+			{
+				"Test Case 15",
+				"feffe9928665731c6d6a8f9467308308"
+				+ "feffe9928665731c6d6a8f9467308308",
+				"d9313225f88406e5a55909c5aff5269a"
+				+ "86a7a9531534f7da2e4c303d8a318a72"
+				+ "1c3c0c95956809532fcf0e2449a6b525"
+				+ "b16aedf5aa0de657ba637b391aafd255",
+				"",
+				"cafebabefacedbaddecaf888",
+				"522dc1f099567d07f47f37a32a84427d"
+				+ "643a8cdcbfe5c0c97598a2bd2555d1aa"
+				+ "8cb08e48590dbb3da7b08b1056828838"
+				+ "c5f61e6393ba7a0abcc9f662898015ad",
+				"b094dac5d93471bdec1a502270e3cc6c",
+			},
+			new string[]
+			{
+				"Test Case 16",
+				"feffe9928665731c6d6a8f9467308308"
+				+ "feffe9928665731c6d6a8f9467308308",
+				"d9313225f88406e5a55909c5aff5269a"
+				+ "86a7a9531534f7da2e4c303d8a318a72"
+				+ "1c3c0c95956809532fcf0e2449a6b525"
+				+ "b16aedf5aa0de657ba637b39",
+				"feedfacedeadbeeffeedfacedeadbeef"
+				+ "abaddad2",
+				"cafebabefacedbaddecaf888",
+				"522dc1f099567d07f47f37a32a84427d"
+				+ "643a8cdcbfe5c0c97598a2bd2555d1aa"
+				+ "8cb08e48590dbb3da7b08b1056828838"
+				+ "c5f61e6393ba7a0abcc9f662",
+				"76fc6ece0f4e1768cddf8853bb2d551b",
+			},
+			new string[]
+			{
+				"Test Case 17",
+				"feffe9928665731c6d6a8f9467308308"
+				+ "feffe9928665731c6d6a8f9467308308",
+				"d9313225f88406e5a55909c5aff5269a"
+				+ "86a7a9531534f7da2e4c303d8a318a72"
+				+ "1c3c0c95956809532fcf0e2449a6b525"
+				+ "b16aedf5aa0de657ba637b39",
+				"feedfacedeadbeeffeedfacedeadbeef"
+				+ "abaddad2",
+				"cafebabefacedbad",
+				"c3762df1ca787d32ae47c13bf19844cb"
+				+ "af1ae14d0b976afac52ff7d79bba9de0"
+				+ "feb582d33934a4f0954cc2363bc73f78"
+				+ "62ac430e64abe499f47c9b1f",
+				"3a337dbf46a792c45e454913fe2ea8f2",
+			},
+			new string[]
+			{
+				"Test Case 18",
+				"feffe9928665731c6d6a8f9467308308"
+				+ "feffe9928665731c6d6a8f9467308308",
+				"d9313225f88406e5a55909c5aff5269a"
+				+ "86a7a9531534f7da2e4c303d8a318a72"
+				+ "1c3c0c95956809532fcf0e2449a6b525"
+				+ "b16aedf5aa0de657ba637b39",
+				"feedfacedeadbeeffeedfacedeadbeef"
+				+ "abaddad2",
+				"9313225df88406e555909c5aff5269aa"
+				+ "6a7a9538534f7da1e4c303d2a318a728"
+				+ "c3c0c95156809539fcf0e2429a6b5254"
+				+ "16aedbf5a0de6a57a637b39b",
+				"5a8def2f0c9e53f1f75d7853659e2a20"
+				+ "eeb2b22aafde6419a058ab4f6f746bf4"
+				+ "0fc0c3b780f244452da3ebf1c5d82cde"
+				+ "a2418997200ef82e44ae7e3f",
+				"a44a8266ee1c8eb0c8b5d4cf5ae9f19a",
+			},
+		};
+
+		public override string Name
+		{
+			get { return "GCM"; }
+		}
+
+		public override void PerformTest()
+		{
+			for (int i = 0; i < TestVectors.Length; ++i)
+			{
+				runTestCase(TestVectors[i]);
+			}
+
+			randomTests();
+		}    
+
+		private void runTestCase(
+			string[] testVector)
+		{
+			for (int macLength = 12; macLength <= 16; ++macLength)
+			{
+				runTestCase(testVector, macLength);
+			}
+		}
+
+		private void runTestCase(
+			string[]	testVector,
+			int			macLength)
+		{
+			int pos = 0;
+			string testName = testVector[pos++];
+			byte[] K = Hex.Decode(testVector[pos++]);
+			byte[] P = Hex.Decode(testVector[pos++]);
+			byte[] A = Hex.Decode(testVector[pos++]);
+			byte[] IV = Hex.Decode(testVector[pos++]);
+			byte[] C = Hex.Decode(testVector[pos++]);
+
+			// For short MAC, take leading bytes
+			byte[] t = Hex.Decode(testVector[pos++]);
+			byte[] T = new byte[macLength];
+			Array.Copy(t, T, T.Length);
+
+			// Default multiplier
+            runTestCase(null, null, testName, K, IV, A, P, C, T);
+
+            runTestCase(new BasicGcmMultiplier(), new BasicGcmMultiplier(), testName, K, IV, A, P, C, T);
+            runTestCase(new Tables8kGcmMultiplier(), new Tables8kGcmMultiplier(), testName, K, IV, A, P, C, T);
+            runTestCase(new Tables64kGcmMultiplier(), new Tables64kGcmMultiplier(), testName, K, IV, A, P, C, T);
+		}
+
+        private void runTestCase(
+			IGcmMultiplier	encM,
+			IGcmMultiplier	decM,
+			string			testName,
+            byte[]          K,
+            byte[]          IV,
+            byte[]          A,
+            byte[]          P,
+			byte[]			C,
+			byte[]			T)
+        {
+            byte[] fa = new byte[A.Length / 2];
+            byte[] la = new byte[A.Length - (A.Length / 2)];
+            Array.Copy(A, 0, fa, 0, fa.Length);
+            Array.Copy(A, fa.Length, la, 0, la.Length);
+
+            runTestCase(encM, decM, testName + " all initial associated data", K, IV, A, null, P, C, T);
+            runTestCase(encM, decM, testName + " all subsequent associated data", K, IV, null, A, P, C, T);
+            runTestCase(encM, decM, testName + " split associated data", K, IV, fa, la, P, C, T);
+        }
+
+        private void runTestCase(
+            IGcmMultiplier  encM,
+            IGcmMultiplier  decM,
+            string          testName,
+            byte[]          K,
+            byte[]          IV,
+            byte[]          A,
+            byte[]          SA,
+            byte[]          P,
+            byte[]          C,
+            byte[]          T)
+        {
+            AeadParameters parameters = new AeadParameters(new KeyParameter(K), T.Length * 8, IV, A);
+            GcmBlockCipher encCipher = initCipher(encM, true, parameters);
+			GcmBlockCipher decCipher = initCipher(decM, false, parameters);
+            checkTestCase(encCipher, decCipher, testName, SA, P, C, T);
+            checkTestCase(encCipher, decCipher, testName + " (reused)", SA, P, C, T);
+
+            // Key reuse
+            AeadParameters keyReuseParams = new AeadParameters(null, parameters.MacSize, parameters.GetNonce(), parameters.GetAssociatedText());
+            encCipher.Init(true, keyReuseParams);
+            decCipher.Init(false, keyReuseParams);
+            checkTestCase(encCipher, decCipher, testName + " (key reuse)", SA, P, C, T);
+            checkTestCase(encCipher, decCipher, testName + " (key reuse)", SA, P, C, T);
+        }
+
+		private GcmBlockCipher initCipher(
+			IGcmMultiplier	m,
+			bool			forEncryption,
+			AeadParameters	parameters)
+		{
+			GcmBlockCipher c = new GcmBlockCipher(new AesFastEngine(), m);
+			c.Init(forEncryption, parameters);
+			return c;
+		}
+
+		private void checkTestCase(
+			GcmBlockCipher	encCipher,
+			GcmBlockCipher	decCipher,
+			string			testName,
+            byte[]          SA,
+            byte[]          P,
+			byte[]			C,
+			byte[]			T)
+		{
+			byte[] enc = new byte[encCipher.GetOutputSize(P.Length)];
+            if (SA != null)
+            {
+                encCipher.ProcessAadBytes(SA, 0, SA.Length);
+            }
+            int len = encCipher.ProcessBytes(P, 0, P.Length, enc, 0);
+			len += encCipher.DoFinal(enc, len);
+
+			if (enc.Length != len)
+			{
+//				Console.WriteLine("" + enc.Length + "/" + len);
+				Fail("encryption reported incorrect length: " + testName);
+			}
+
+			byte[] mac = encCipher.GetMac();
+
+			byte[] data = new byte[P.Length];
+			Array.Copy(enc, data, data.Length);
+			byte[] tail = new byte[enc.Length - P.Length];
+			Array.Copy(enc, P.Length, tail, 0, tail.Length);
+
+			if (!AreEqual(C, data))
+			{
+				Fail("incorrect encrypt in: " + testName);
+			}
+
+			if (!AreEqual(T, mac))
+			{
+				Fail("GetMac() returned wrong mac in: " + testName);
+			}
+
+			if (!AreEqual(T, tail))
+			{
+				Fail("stream contained wrong mac in: " + testName);
+			}
+
+			byte[] dec = new byte[decCipher.GetOutputSize(enc.Length)];
+            if (SA != null)
+            {
+                decCipher.ProcessAadBytes(SA, 0, SA.Length);
+            }
+            len = decCipher.ProcessBytes(enc, 0, enc.Length, dec, 0);
+			len += decCipher.DoFinal(dec, len);
+			mac = decCipher.GetMac();
+
+			data = new byte[C.Length];
+			Array.Copy(dec, data, data.Length);
+
+			if (!AreEqual(P, data))
+			{
+				Fail("incorrect decrypt in: " + testName);
+			}
+		}
+
+        private void randomTests()
+		{
+			SecureRandom srng = new SecureRandom();
+			for (int i = 0; i < 10; ++i)
+			{
+                randomTest(srng, null);
+                randomTest(srng, new BasicGcmMultiplier()); 
+				randomTest(srng, new Tables8kGcmMultiplier());
+                randomTest(srng, new Tables64kGcmMultiplier()); 
+			}
+		}
+
+		private void randomTest(
+			SecureRandom	srng,
+			IGcmMultiplier	m)
+		{
+			int kLength = 16 + 8 * srng.Next(3);
+			byte[] K = new byte[kLength];
+			srng.NextBytes(K);
+
+			int pLength = srng.Next(65536);
+			byte[] P = new byte[pLength];
+			srng.NextBytes(P);
+
+			int aLength = srng.Next(256);
+			byte[] A = new byte[aLength];
+			srng.NextBytes(A);
+
+            int saLength = srng.Next(256);
+            byte[] SA = new byte[saLength];
+            srng.NextBytes(SA);
+
+			int ivLength = 1 + srng.Next(256);
+			byte[] IV = new byte[ivLength];
+			srng.NextBytes(IV);
+
+			GcmBlockCipher cipher = new GcmBlockCipher(new AesFastEngine(), m);
+			AeadParameters parameters = new AeadParameters(new KeyParameter(K), 16 * 8, IV, A);
+			cipher.Init(true, parameters);
+			byte[] C = new byte[cipher.GetOutputSize(P.Length)];
+            int predicted = cipher.GetUpdateOutputSize(P.Length);
+
+            int split = srng.Next(SA.Length + 1);
+            cipher.ProcessAadBytes(SA, 0, split);
+            int len = cipher.ProcessBytes(P, 0, P.Length, C, 0);
+            cipher.ProcessAadBytes(SA, split, SA.Length - split);
+
+            if (predicted != len)
+            {
+                Fail("encryption reported incorrect update length in randomised test");
+            }
+
+            len += cipher.DoFinal(C, len);
+
+			if (C.Length != len)
+			{
+				Fail("encryption reported incorrect length in randomised test");
+			}
+
+			byte[] encT = cipher.GetMac();
+			byte[] tail = new byte[C.Length - P.Length];
+			Array.Copy(C, P.Length, tail, 0, tail.Length);
+
+			if (!AreEqual(encT, tail))
+			{
+				Fail("stream contained wrong mac in randomised test");
+			}
+
+			cipher.Init(false, parameters);
+			byte[] decP = new byte[cipher.GetOutputSize(C.Length)];
+            predicted = cipher.GetUpdateOutputSize(C.Length);
+
+            split = srng.Next(SA.Length + 1);
+            cipher.ProcessAadBytes(SA, 0, split);
+            len = cipher.ProcessBytes(C, 0, C.Length, decP, 0);
+            cipher.ProcessAadBytes(SA, split, SA.Length - split);
+
+            if (predicted != len)
+            {
+                Fail("decryption reported incorrect update length in randomised test");
+            }
+
+            len += cipher.DoFinal(decP, len);
+
+			if (!AreEqual(P, decP))
+			{
+				Fail("incorrect decrypt in randomised test");
+			}
+
+			byte[] decT = cipher.GetMac();
+			if (!AreEqual(encT, decT))
+			{
+				Fail("decryption produced different mac from encryption");
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new GcmTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/GOST28147MacTest.cs b/crypto/test/src/crypto/test/GOST28147MacTest.cs
new file mode 100644
index 000000000..5f3188f48
--- /dev/null
+++ b/crypto/test/src/crypto/test/GOST28147MacTest.cs
@@ -0,0 +1,105 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	 * GOST 28147 MAC tester
+	 */
+	[TestFixture]
+	public class Gost28147MacTest
+		:	ITest
+	{
+		//
+		// these GOSTMac for testing.
+		//
+		static byte[]   gkeyBytes1 = Hex.Decode("6d145dc993f4019e104280df6fcd8cd8e01e101e4c113d7ec4f469ce6dcd9e49");
+		static byte[]   gkeyBytes2 = Hex.Decode("6d145dc993f4019e104280df6fcd8cd8e01e101e4c113d7ec4f469ce6dcd9e49");
+
+		static byte[]   input3 = Hex.Decode("7768617420646f2079612077616e7420666f72206e6f7468696e673f");
+		static byte[]   input4 = Hex.Decode("7768617420646f2079612077616e7420666f72206e6f7468696e673f");
+
+		static byte[]   output7 = Hex.Decode("93468a46");
+		static byte[]   output8 = Hex.Decode("93468a46");
+
+		public Gost28147MacTest()
+		{
+		}
+
+		public ITestResult Perform()
+		{
+			// test1
+			IMac mac = new Gost28147Mac();
+			KeyParameter key = new KeyParameter(gkeyBytes1);
+
+			mac.Init(key);
+
+			mac.BlockUpdate(input3, 0, input3.Length);
+
+			byte[] outBytes = new byte[4];
+
+			mac.DoFinal(outBytes, 0);
+
+			if (!Arrays.AreEqual(outBytes, output7))
+			{
+				return new SimpleTestResult(false, Name + ": Failed test 1 - expected "
+					+ Hex.ToHexString(output7)
+					+ " got " + Hex.ToHexString(outBytes));
+			}
+
+			// test2
+			key = new KeyParameter(gkeyBytes2);
+
+			ParametersWithSBox gparam = new ParametersWithSBox(key, Gost28147Engine.GetSBox("E-A"));
+
+			mac.Init(gparam);
+
+			mac.BlockUpdate(input4, 0, input4.Length);
+
+			outBytes = new byte[4];
+
+			mac.DoFinal(outBytes, 0);
+
+			if (!Arrays.AreEqual(outBytes, output8))
+			{
+				return new SimpleTestResult(false, Name + ": Failed test 2 - expected "
+					+ Hex.ToHexString(output8)
+					+ " got " + Hex.ToHexString(outBytes));
+			}
+
+			return new SimpleTestResult(true, Name + ": Okay");
+		}
+
+		public string Name
+		{
+			get { return "Gost28147Mac"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new Gost28147MacTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/GOST28147Test.cs b/crypto/test/src/crypto/test/GOST28147Test.cs
new file mode 100644
index 000000000..5b6753517
--- /dev/null
+++ b/crypto/test/src/crypto/test/GOST28147Test.cs
@@ -0,0 +1,334 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	[TestFixture]
+	public class Gost28147Test
+		: CipherTest
+	{
+		static string input1 =  "0000000000000000";
+		static string output1 = "1b0bbc32cebcab42";
+		static string input2 =  "bc350e71aac5f5c2";
+		static string output2 = "d35ab653493b49f5";
+		static string input3 =  "bc350e71aa11345709acde";
+		static string output3 = "8824c124c4fd14301fb1e8";
+		static string input4 =  "000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f";
+		static string output4 = "29b7083e0a6d955ca0ec5b04fdb4ea41949f1dd2efdf17baffc1780b031f3934";
+
+		static byte[] TestSBox = {
+				0x0,0x1,0x2,0x3,0x4,0x5,0x6,0x7,0x8,0x9,0xA,0xB,0xC,0xD,0xE,0xF,
+				0xF,0xE,0xD,0xC,0xB,0xA,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0,
+				0x0,0x1,0x2,0x3,0x4,0x5,0x6,0x7,0x8,0x9,0xA,0xB,0xC,0xD,0xE,0xF,
+				0xF,0xE,0xD,0xC,0xB,0xA,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0,
+				0x0,0x1,0x2,0x3,0x4,0x5,0x6,0x7,0x8,0x9,0xA,0xB,0xC,0xD,0xE,0xF,
+				0xF,0xE,0xD,0xC,0xB,0xA,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0,
+				0x0,0x1,0x2,0x3,0x4,0x5,0x6,0x7,0x8,0x9,0xA,0xB,0xC,0xD,0xE,0xF,
+				0xF,0xE,0xD,0xC,0xB,0xA,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0
+		};
+
+		static SimpleTest[] tests =
+		{   new BlockCipherVectorTest(1, new Gost28147Engine(),
+				new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")),
+					input1, output1),
+			new BlockCipherVectorTest(2, new CbcBlockCipher(new Gost28147Engine()),
+				new ParametersWithIV(new KeyParameter(Hex.Decode("00112233445566778899AABBCCDDEEFF00112233445566778899AABBCCDDEEFF")),
+				Hex.Decode("1234567890abcdef")), input2, output2),
+			new BlockCipherVectorTest(3, new GOfbBlockCipher(new Gost28147Engine()),
+				new ParametersWithIV(new KeyParameter(Hex.Decode("0011223344556677889900112233445566778899001122334455667788990011")),
+				Hex.Decode("1234567890abcdef")), //IV
+				input3, output3),
+			new BlockCipherVectorTest(4, new CfbBlockCipher(new Gost28147Engine(), 64),
+				new ParametersWithIV(new KeyParameter(Hex.Decode("aafd12f659cae63489b479e5076ddec2f06cb58faafd12f659cae63489b479e5")),
+				Hex.Decode("aafd12f659cae634")), input4, output4),
+
+			//tests with parameters, set S-box.
+			new BlockCipherVectorTest(5, new Gost28147Engine(),
+				new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")),//key , default parameter S-box set to D-Test
+				input1, output1),
+			new BlockCipherVectorTest(6, new CfbBlockCipher(new Gost28147Engine(), 64),
+				new ParametersWithIV(
+					new ParametersWithSBox(
+						new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key
+						Gost28147Engine.GetSBox("D-Test")), //type S-box
+					Hex.Decode("1234567890abcdef")), //IV
+					"0000000000000000", //input message
+					"b587f7a0814c911d"), //encrypt message
+			new BlockCipherVectorTest(7, new CfbBlockCipher(new Gost28147Engine(), 64),
+				new ParametersWithIV(
+					new ParametersWithSBox(
+						new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key
+						Gost28147Engine.GetSBox("E-Test")), //type S-box
+					Hex.Decode("1234567890abcdef")), //IV
+					"0000000000000000", //input message
+					"e8287f53f991d52b"), //encrypt message
+			new BlockCipherVectorTest(8, new CfbBlockCipher(new Gost28147Engine(), 64),
+				new ParametersWithIV(
+					new ParametersWithSBox(
+						new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key
+						Gost28147Engine.GetSBox("E-A")), //type S-box
+					Hex.Decode("1234567890abcdef")), //IV
+					"0000000000000000", //input message
+					"c41009dba22ebe35"), //encrypt message
+			new BlockCipherVectorTest(9, new CfbBlockCipher(new Gost28147Engine(), 8),
+				new ParametersWithIV(
+					new ParametersWithSBox(
+						new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key
+						Gost28147Engine.GetSBox("E-B")), //type S-box
+					Hex.Decode("1234567890abcdef")), //IV
+					"0000000000000000", //input message
+					"80d8723fcd3aba28"), //encrypt message
+			new BlockCipherVectorTest(10, new CfbBlockCipher(new Gost28147Engine(), 8),
+				new ParametersWithIV(
+					new ParametersWithSBox(
+						new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key
+						Gost28147Engine.GetSBox("E-C")), //type S-box
+					Hex.Decode("1234567890abcdef")), //IV
+					"0000000000000000", //input message
+					"739f6f95068499b5"), //encrypt message
+			new BlockCipherVectorTest(11, new CfbBlockCipher(new Gost28147Engine(), 8),
+				new ParametersWithIV(
+					new ParametersWithSBox(
+						new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key
+						Gost28147Engine.GetSBox("E-D")), //type S-box
+					Hex.Decode("1234567890abcdef")), //IV
+					"0000000000000000", //input message
+					"4663f720f4340f57"), //encrypt message
+			new BlockCipherVectorTest(12, new CfbBlockCipher(new Gost28147Engine(), 8),
+				new ParametersWithIV(
+					new ParametersWithSBox(
+						new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key
+						Gost28147Engine.GetSBox("D-A")), //type S-box
+					Hex.Decode("1234567890abcdef")), //IV
+					"0000000000000000", //input message
+					"5bb0a31d218ed564"), //encrypt message
+			new BlockCipherVectorTest(13, new CfbBlockCipher(new Gost28147Engine(), 8),
+				new ParametersWithIV(
+					new ParametersWithSBox(
+						new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key
+						TestSBox), //set own S-box
+					Hex.Decode("1234567890abcdef")), //IV
+					"0000000000000000", //input message
+					"c3af96ef788667c5"), //encrypt message
+			new BlockCipherVectorTest(14, new GOfbBlockCipher(new Gost28147Engine()),
+				new ParametersWithIV(
+					new ParametersWithSBox(
+							new KeyParameter(Hex.Decode("4ef72b778f0b0bebeef4f077551cb74a927b470ad7d7f2513454569a247e989d")), //key
+							Gost28147Engine.GetSBox("E-A")), //type S-box
+					Hex.Decode("1234567890abcdef")), //IV
+					"bc350e71aa11345709acde",  //input message
+					"1bcc2282707c676fb656dc"), //encrypt message
+
+		};
+
+		private const int Gost28147_KEY_LENGTH = 32;
+
+		private byte[] generateKey(byte[] startkey)
+		{
+			byte[] newKey = new byte[Gost28147_KEY_LENGTH];
+
+			Gost3411Digest digest = new Gost3411Digest();
+
+			digest.BlockUpdate(startkey, 0, startkey.Length);
+			digest.DoFinal(newKey, 0);
+
+			return newKey;
+		}
+
+		public Gost28147Test()
+			: base(tests, new Gost28147Engine(), new KeyParameter(new byte[32]))
+		{
+		}
+
+		public override void PerformTest()
+		{
+			base.PerformTest();
+
+			//advanced tests with Gost28147KeyGenerator:
+			//encrypt on hesh message; ECB mode:
+			byte[] inBytes = Hex.Decode("4e6f77206973207468652074696d6520666f7220616c6c20");
+			byte[] output = Hex.Decode("8ad3c8f56b27ff1fbd46409359bdc796bc350e71aac5f5c0");
+			byte[] outBytes = new byte[inBytes.Length];
+
+			byte[] key = generateKey(Hex.Decode("0123456789abcdef"));  //!!! heshing start_key - get 256 bits !!!
+	//        System.out.println(new string(Hex.Encode(key)));
+			ICipherParameters  param = new ParametersWithSBox(new KeyParameter(key), Gost28147Engine.GetSBox("E-A"));
+			//CipherParameters  param = new Gost28147Parameters(key,"D-Test");
+			BufferedBlockCipher cipher = new BufferedBlockCipher(new Gost28147Engine());
+
+			cipher.Init(true, param);
+			int len1 = cipher.ProcessBytes(inBytes, 0, inBytes.Length, outBytes, 0);
+			try
+			{
+				cipher.DoFinal(outBytes, len1);
+			}
+			catch (CryptoException e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			if (outBytes.Length != output.Length)
+			{
+				Fail("failed - "
+					+ "expected " + Hex.ToHexString(output) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			for (int i = 0; i != outBytes.Length; i++)
+			{
+				if (outBytes[i] != output[i])
+				{
+					Fail("failed - "
+						+ "expected " + Hex.ToHexString(output)
+						+ " got " + Hex.ToHexString(outBytes));
+				}
+			}
+
+
+			//encrypt on hesh message; CFB mode:
+			inBytes = Hex.Decode("bc350e71aac5f5c2");
+			output = Hex.Decode("0ebbbafcf38f14a5");
+			outBytes = new byte[inBytes.Length];
+
+			key = generateKey(Hex.Decode("0123456789abcdef"));  //!!! heshing start_key - get 256 bits !!!
+			param = new ParametersWithIV(
+				new ParametersWithSBox(
+					new KeyParameter(key), //key
+					Gost28147Engine.GetSBox("E-A")), //type S-box
+				Hex.Decode("1234567890abcdef")); //IV
+
+			cipher = new BufferedBlockCipher(new CfbBlockCipher(new Gost28147Engine(), 64));
+
+			cipher.Init(true, param);
+			len1 = cipher.ProcessBytes(inBytes, 0, inBytes.Length, outBytes, 0);
+			try
+			{
+				cipher.DoFinal(outBytes, len1);
+			}
+			catch (CryptoException e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+			if (outBytes.Length != output.Length)
+			{
+				Fail("failed - "
+					+ "expected " + Hex.ToHexString(output)
+					+ " got " + Hex.ToHexString(outBytes));
+			}
+			for (int i = 0; i != outBytes.Length; i++)
+			{
+				if (outBytes[i] != output[i])
+				{
+					Fail("failed - "
+						+ "expected " + Hex.ToHexString(output)
+						+ " got " + Hex.ToHexString(outBytes));
+				}
+			}
+
+
+			//encrypt on hesh message; CFB mode:
+			inBytes = Hex.Decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f");
+			output = Hex.Decode("64988982819f0a1655e226e19ecad79d10cc73bac95c5d7da034786c12294225");
+			outBytes = new byte[inBytes.Length];
+
+			key = generateKey(Hex.Decode("aafd12f659cae63489b479e5076ddec2f06cb58faafd12f659cae63489b479e5"));  //!!! heshing start_key - get 256 bits !!!
+			param = new ParametersWithIV(
+				new ParametersWithSBox(
+					new KeyParameter(key), //key
+					Gost28147Engine.GetSBox("E-A")), //type S-box
+				Hex.Decode("aafd12f659cae634")); //IV
+
+			cipher = new BufferedBlockCipher(new CfbBlockCipher(new Gost28147Engine(), 64));
+
+			cipher.Init(true, param);
+			len1 = cipher.ProcessBytes(inBytes, 0, inBytes.Length, outBytes, 0);
+
+			cipher.DoFinal(outBytes, len1);
+
+			if (outBytes.Length != output.Length)
+			{
+				Fail("failed - "
+					+ "expected " + Hex.ToHexString(output)
+					+ " got " + Hex.ToHexString(outBytes));
+			}
+
+			for (int i = 0; i != outBytes.Length; i++)
+			{
+				if (outBytes[i] != output[i])
+				{
+					Fail("failed - "
+						+ "expected " + Hex.ToHexString(output)
+						+ " got " + Hex.ToHexString(outBytes));
+				}
+			}
+
+			//encrypt on hesh message; OFB mode:
+			inBytes = Hex.Decode("bc350e71aa11345709acde");
+			output = Hex.Decode("1bcc2282707c676fb656dc");
+			outBytes = new byte[inBytes.Length];
+
+			key = generateKey(Hex.Decode("0123456789abcdef"));  //!!! heshing start_key - get 256 bits !!!
+			param = new ParametersWithIV(
+				new ParametersWithSBox(
+					new KeyParameter(key), //key
+					Gost28147Engine.GetSBox("E-A")), //type S-box
+				Hex.Decode("1234567890abcdef")); //IV
+
+			cipher = new BufferedBlockCipher(new GOfbBlockCipher(new Gost28147Engine()));
+
+			cipher.Init(true, param);
+			len1 = cipher.ProcessBytes(inBytes, 0, inBytes.Length, outBytes, 0);
+
+			cipher.DoFinal(outBytes, len1);
+
+			if (outBytes.Length != output.Length)
+			{
+				Fail("failed - "
+					+ "expected " + Hex.ToHexString(output)
+					+ " got " + Hex.ToHexString(outBytes));
+			}
+
+			for (int i = 0; i != outBytes.Length; i++)
+			{
+				if (outBytes[i] != output[i])
+				{
+					Fail("failed - "
+						+ "expected " + Hex.ToHexString(output)
+						+ " got " + Hex.ToHexString(outBytes));
+				}
+			}
+		}
+
+		public override string Name
+		{
+			get { return "Gost28147"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new Gost28147Test();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/GOST3410Test.cs b/crypto/test/src/crypto/test/GOST3410Test.cs
new file mode 100644
index 000000000..f54662770
--- /dev/null
+++ b/crypto/test/src/crypto/test/GOST3410Test.cs
@@ -0,0 +1,1604 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	[TestFixture]
+	public class Gost3410Test
+		: ITest
+	{
+		private static readonly byte[] hashmessage = Hex.Decode("3042453136414534424341374533364339313734453431443642453241453435");
+
+		private static byte[] zeroTwo(int length)
+		{
+			byte[] data = new byte[length];
+			data[data.Length - 1] = 0x02;
+			return data;
+		}
+
+		private class Gost3410_TEST1_512
+			: ITest
+		{
+			public string Name
+			{
+				get { return "Gost3410-TEST1-512"; }
+			}
+
+			FixedSecureRandom init_random = FixedSecureRandom.From(Hex.Decode("00005EC900007341"), zeroTwo(64));
+			FixedSecureRandom random = FixedSecureRandom.From(Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A"));
+			FixedSecureRandom keyRandom = FixedSecureRandom.From(Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046"));
+
+			BigInteger pValue = new BigInteger("EE8172AE8996608FB69359B89EB82A69854510E2977A4D63BC97322CE5DC3386EA0A12B343E9190F23177539845839786BB0C345D165976EF2195EC9B1C379E3", 16);
+			BigInteger qValue = new BigInteger("98915E7EC8265EDFCDA31E88F24809DDB064BDC7285DD50D7289F0AC6F49DD2D", 16);
+
+			public ITestResult Perform()
+			{
+				BigInteger r = new BigInteger("3e5f895e276d81d2d52c0763270a458157b784c57abdbd807bc44fd43a32ac06",16);
+				BigInteger s = new BigInteger("3f0dd5d4400d47c08e4ce505ff7434b6dbf729592e37c74856dab85115a60955",16);
+				Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator();
+
+				pGen.Init(512, 1, init_random);
+
+				Gost3410Parameters parameters = pGen.GenerateParameters();
+
+				if (parameters.ValidationParameters == null)
+				{
+					return new SimpleTestResult(false, Name + "validation parameters wrong");
+				}
+
+				if (parameters.ValidationParameters.C != 29505
+					||  parameters.ValidationParameters.X0 != 24265)
+				{
+					return new SimpleTestResult(false, Name + "validation parameters values wrong");
+				}
+
+				if (!init_random.IsExhausted)
+				{
+					return new SimpleTestResult(false, Name
+						+ ": unexpected number of bytes used from 'init_random'.");
+				}
+
+				if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q))
+				{
+					return new SimpleTestResult(false, Name + ": p or q wrong");
+				}
+
+				Gost3410KeyPairGenerator         Gost3410KeyGen = new Gost3410KeyPairGenerator();
+				Gost3410KeyGenerationParameters  genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters);
+
+				Gost3410KeyGen.Init(genParam);
+
+				AsymmetricCipherKeyPair  pair = Gost3410KeyGen.GenerateKeyPair();
+
+				if (!keyRandom.IsExhausted)
+				{
+					return new SimpleTestResult(false, Name
+						+ ": unexpected number of bytes used from 'keyRandom'.");
+				}
+
+				ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
+
+				Gost3410Signer gost3410 = new Gost3410Signer();
+
+				gost3410.Init(true, param);
+
+				BigInteger[] sig = gost3410.GenerateSignature(hashmessage);
+
+				if (!random.IsExhausted)
+				{
+					return new SimpleTestResult(false, Name
+						+ ": unexpected number of bytes used from 'random'.");
+				}
+
+				if (!r.Equals(sig[0]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": r component wrong." + SimpleTest.NewLine
+						+ " expecting: " + r.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[0].ToString(16));
+				}
+
+				if (!s.Equals(sig[1]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": s component wrong." + SimpleTest.NewLine
+						+ " expecting: " + s.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[1].ToString(16));
+				}
+
+				gost3410.Init(false, pair.Public);
+
+				if (gost3410.VerifySignature(hashmessage, sig[0], sig[1]))
+				{
+					return new SimpleTestResult(true, Name + ": Okay");
+				}
+				else
+				{
+					return new SimpleTestResult(false, Name + ": verification fails");
+				}
+			}
+		}
+
+		private class Gost3410_TEST2_512
+			: ITest
+		{
+			public string Name
+			{
+				get { return "Gost3410-TEST2-512"; }
+			}
+
+			FixedSecureRandom init_random = FixedSecureRandom.From(Hex.Decode("000000003DFC46F1000000000000000D"), zeroTwo(64));
+			FixedSecureRandom random = FixedSecureRandom.From(Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A"));
+			FixedSecureRandom keyRandom = FixedSecureRandom.From(Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046"));
+
+			BigInteger pValue = new BigInteger("8b08eb135af966aab39df294538580c7da26765d6d38d30cf1c06aae0d1228c3316a0e29198460fad2b19dc381c15c888c6dfd0fc2c565abb0bf1faff9518f85", 16);
+			BigInteger qValue = new BigInteger("931a58fb6f0dcdf2fe7549bc3f19f4724b56898f7f921a076601edb18c93dc75", 16);
+
+			public ITestResult Perform()
+			{
+				BigInteger r = new BigInteger("7c07c8cf035c2a1cb2b7fae5807ac7cd623dfca7a1a68f6d858317822f1ea00d",16);
+				BigInteger s = new BigInteger("7e9e036a6ff87dbf9b004818252b1f6fc310bdd4d17cb8c37d9c36c7884de60c",16);
+				Gost3410ParametersGenerator  pGen = new Gost3410ParametersGenerator();
+
+				pGen.Init(512, 2, init_random);
+
+				Gost3410Parameters parameters = pGen.GenerateParameters();
+
+				if (!init_random.IsExhausted)
+				{
+					return new SimpleTestResult(false, Name
+						+ ": unexpected number of bytes used from 'init_random'.");
+				}
+
+				if (parameters.ValidationParameters == null)
+				{
+					return new SimpleTestResult(false, Name + ": validation parameters wrong");
+				}
+
+				if (parameters.ValidationParameters.CL != 13
+					||  parameters.ValidationParameters.X0L != 1039943409)
+				{
+					return new SimpleTestResult(false, Name + ": validation parameters values wrong");
+				}
+
+				if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q))
+				{
+					return new SimpleTestResult(false, Name + ": p or q wrong");
+				}
+
+				Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator();
+				Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters);
+
+				Gost3410KeyGen.Init(genParam);
+
+				AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair();
+
+				if (!keyRandom.IsExhausted)
+				{
+					return new SimpleTestResult(false, Name
+						+ ": unexpected number of bytes used from 'keyRandom'.");
+				}
+
+				ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
+
+				Gost3410Signer Gost3410 = new Gost3410Signer();
+
+				Gost3410.Init(true, param);
+
+				BigInteger[] sig = Gost3410.GenerateSignature(hashmessage);
+
+				if (!random.IsExhausted)
+				{
+					return new SimpleTestResult(false, Name
+						+ ": unexpected number of bytes used from 'random'.");
+				}
+
+				if (!r.Equals(sig[0]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": r component wrong." + SimpleTest.NewLine
+						+ " expecting: " + r.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[0].ToString(16));
+				}
+
+				if (!s.Equals(sig[1]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": s component wrong." + SimpleTest.NewLine
+						+ " expecting: " + s.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[1].ToString(16));
+				}
+
+				Gost3410.Init(false, pair.Public);
+
+				if (!Gost3410.VerifySignature(hashmessage, sig[0], sig[1]))
+				{
+					return new SimpleTestResult(false, Name + ": verification fails");
+				}
+
+				return new SimpleTestResult(true, Name + ": Okay");
+			}
+		}
+
+		private class Gost3410_TEST1_1024
+			: ITest
+		{
+			public string Name
+			{
+				get { return "Gost3410-TEST1-1024"; }
+			}
+
+			private class SecureRandomImpl1 : SecureRandom
+			{
+				bool firstInt = true;
+
+				public override int NextInt()
+				{
+					string x0 = "0xA565";
+					string c =  "0x538B";
+
+					if (firstInt)
+					{
+						firstInt = false;
+						return NumberParsing.DecodeIntFromHex(x0);
+					}
+					return NumberParsing.DecodeIntFromHex(c);
+				}
+
+				public override void NextBytes(byte[] bytes)
+				{
+
+					byte[] d = Hex.Decode("02");
+
+					Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length);
+				}
+			};
+			SecureRandom init_random = new SecureRandomImpl1();
+
+			private class SecureRandomImpl2 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - k.Length); i += k.Length)
+					{
+						Array.Copy(k, 0, bytes, i, k.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length));
+					}
+					else
+					{
+						Array.Copy(k, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom random = new SecureRandomImpl2();
+
+			private class SecureRandomImpl3 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - x.Length); i += x.Length)
+					{
+						Array.Copy(x, 0, bytes, i, x.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length));
+					}
+					else
+					{
+						Array.Copy(x, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom keyRandom = new SecureRandomImpl3();
+
+			BigInteger  pValue = new BigInteger("ab8f37938356529e871514c1f48c5cbce77b2f4fc9a2673ac2c1653da8984090c0ac73775159a26bef59909d4c9846631270e16653a6234668f2a52a01a39b921490e694c0f104b58d2e14970fccb478f98d01e975a1028b9536d912de5236d2dd2fc396b77153594d4178780e5f16f718471e2111c8ce64a7d7e196fa57142d", 16);
+			BigInteger  qValue = new BigInteger("bcc02ca0ce4f0753ec16105ee5d530aa00d39f3171842ab2c334a26b5f576e0f", 16);
+
+			public ITestResult Perform()
+			{
+				BigInteger r = new BigInteger("a8790aabbd5a998ff524bad048ac69cd1faff2dab048265c8d60d1471c44a9ee",16);
+				BigInteger s = new BigInteger("30df5ba32ac77170b9632559bef7d37620017756dff3fea1088b4267db0944b8",16);
+				Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator();
+
+				pGen.Init(1024, 1, init_random);
+
+				Gost3410Parameters parameters = pGen.GenerateParameters();
+
+				if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q))
+				{
+					return new SimpleTestResult(false, Name + ": p or q wrong");
+				}
+
+				Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator();
+				Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters);
+
+				Gost3410KeyGen.Init(genParam);
+
+				AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair();
+
+				ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
+
+				Gost3410Signer Gost3410 = new Gost3410Signer();
+
+				Gost3410.Init(true, param);
+
+				BigInteger[] sig = Gost3410.GenerateSignature(hashmessage);
+
+				if (!r.Equals(sig[0]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": r component wrong." + SimpleTest.NewLine
+						+ " expecting: " + r.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[0].ToString(16));
+				}
+
+				if (!s.Equals(sig[1]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": s component wrong." + SimpleTest.NewLine
+						+ " expecting: " + s.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[1].ToString(16));
+				}
+
+				Gost3410.Init(false, pair.Public);
+
+				if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1]))
+				{
+					return new SimpleTestResult(true, Name + ": Okay");
+				}
+				else
+				{
+					return new SimpleTestResult(false, Name + ": verification fails");
+				}
+			}
+		}
+
+		private class Gost3410_TEST2_1024
+			: ITest
+		{
+			public string Name
+			{
+				get { return "Gost3410-TEST2-1024"; }
+			}
+
+			private class SecureRandomImpl4 : SecureRandom
+			{
+				bool firstLong = true;
+
+				public override long NextLong()
+				{
+					string x0 = "0x3DFC46F1";
+					string c =  "0xD";
+
+					if (firstLong)
+					{
+						firstLong = false;
+						return NumberParsing.DecodeLongFromHex(x0);
+					}
+					return NumberParsing.DecodeLongFromHex(c);
+				}
+
+				public override void NextBytes(byte[] bytes)
+				{
+
+					byte[] d = Hex.Decode("02");
+
+					Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length);
+				}
+			};
+			SecureRandom init_random = new SecureRandomImpl4();
+
+			private class SecureRandomImpl5 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - k.Length); i += k.Length)
+					{
+						Array.Copy(k, 0, bytes, i, k.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length));
+					}
+					else
+					{
+						Array.Copy(k, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom random = new SecureRandomImpl5();
+
+			private class SecureRandomImpl6 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - x.Length); i += x.Length)
+					{
+						Array.Copy(x, 0, bytes, i, x.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length));
+					}
+					else
+					{
+						Array.Copy(x, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom keyRandom = new SecureRandomImpl6();
+
+			BigInteger  pValue = new BigInteger("e2c4191c4b5f222f9ac2732562f6d9b4f18e7fb67a290ea1e03d750f0b9806755fc730d975bf3faa606d05c218b35a6c3706919aab92e0c58b1de4531c8fa8e7af43c2bff016251e21b2870897f6a27ac4450bca235a5b748ad386e4a0e4dfcb09152435abcfe48bd0b126a8122c7382f285a9864615c66decddf6afd355dfb7", 16);
+			BigInteger  qValue = new BigInteger("931a58fb6f0dcdf2fe7549bc3f19f4724b56898f7f921a076601edb18c93dc75", 16);
+
+			public ITestResult Perform()
+			{
+				BigInteger              r = new BigInteger("81d69a192e9c7ac21fc07da41bd07e230ba6a94eb9f3c1fd104c7bd976733ca5",16);
+				BigInteger              s = new BigInteger("315c879c8414f35feb4deb15e7cc0278c48e6ca1596325d6959338d860b0c47a",16);
+				Gost3410ParametersGenerator  pGen = new Gost3410ParametersGenerator();
+
+				pGen.Init(1024, 2, init_random);
+
+				Gost3410Parameters           parameters = pGen.GenerateParameters();
+
+				if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q))
+				{
+					return new SimpleTestResult(false, Name + ": p or q wrong");
+				}
+
+				Gost3410KeyPairGenerator         Gost3410KeyGen = new Gost3410KeyPairGenerator();
+				Gost3410KeyGenerationParameters  genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters);
+
+				Gost3410KeyGen.Init(genParam);
+
+				AsymmetricCipherKeyPair  pair = Gost3410KeyGen.GenerateKeyPair();
+
+				ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
+
+				Gost3410Signer Gost3410 = new Gost3410Signer();
+
+				Gost3410.Init(true, param);
+
+				BigInteger[] sig = Gost3410.GenerateSignature(hashmessage);
+
+				if (!r.Equals(sig[0]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": r component wrong." + SimpleTest.NewLine
+						+ " expecting: " + r.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[0].ToString(16));
+				}
+
+				if (!s.Equals(sig[1]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": s component wrong." + SimpleTest.NewLine
+						+ " expecting: " + s.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[1].ToString(16));
+				}
+
+				Gost3410.Init(false, pair.Public);
+
+				if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1]))
+				{
+					return new SimpleTestResult(true, Name + ": Okay");
+				}
+				else
+				{
+					return new SimpleTestResult(false, Name + ": verification fails");
+				}
+			}
+		}
+
+		private class Gost3410_AParam
+			: ITest
+		{
+			public string Name
+			{
+				get { return "Gost3410-AParam"; }
+			}
+
+			private class SecureRandomImpl7 : SecureRandom
+			{
+				bool firstLong = true;
+
+				public override long NextLong()
+				{
+					string x0 = "0x520874F5";
+					string c =  "0xEE39ADB3";
+
+					if (firstLong)
+					{
+						firstLong = false;
+						return NumberParsing.DecodeLongFromHex(x0);
+					}
+					return NumberParsing.DecodeLongFromHex(c);
+				}
+
+				public override void NextBytes(byte[] bytes)
+				{
+
+					byte[] d = Hex.Decode("02");
+
+					Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length);
+				}
+			};
+			SecureRandom init_random = new SecureRandomImpl7();
+
+			private class SecureRandomImpl8 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - k.Length); i += k.Length)
+					{
+						Array.Copy(k, 0, bytes, i, k.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length));
+					}
+					else
+					{
+						Array.Copy(k, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom random = new SecureRandomImpl8();
+
+			private class SecureRandomImpl9 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - x.Length); i += x.Length)
+					{
+						Array.Copy(x, 0, bytes, i, x.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length));
+					}
+					else
+					{
+						Array.Copy(x, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom keyRandom = new SecureRandomImpl9();
+
+			BigInteger  pValue = new BigInteger("b4e25efb018e3c8b87505e2a67553c5edc56c2914b7e4f89d23f03f03377e70a2903489dd60e78418d3d851edb5317c4871e40b04228c3b7902963c4b7d85d52b9aa88f2afdbeb28da8869d6df846a1d98924e925561bd69300b9ddd05d247b5922d967cbb02671881c57d10e5ef72d3e6dad4223dc82aa1f7d0294651a480df", 16);
+			BigInteger  qValue = new BigInteger("972432a437178b30bd96195b773789ab2fff15594b176dd175b63256ee5af2cf", 16);
+
+			public ITestResult Perform()
+			{
+				BigInteger r = new BigInteger("64a8856628e5669d85f62cd763dd4a99bc56d33dc0e1859122855d141e9e4774",16);
+				BigInteger s = new BigInteger("319ebac97092b288d469a4b988248794f60c865bc97858d9a3135c6d1a1bf2dd",16);
+				Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator();
+
+				pGen.Init(1024, 2, init_random);
+
+				Gost3410Parameters parameters = pGen.GenerateParameters();
+
+				if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q))
+				{
+					return new SimpleTestResult(false, Name + ": p or q wrong");
+				}
+
+				Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator();
+				Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters);
+
+				Gost3410KeyGen.Init(genParam);
+
+				AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair();
+
+				ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
+
+				Gost3410Signer Gost3410 = new Gost3410Signer();
+
+				Gost3410.Init(true, param);
+
+				BigInteger[] sig = Gost3410.GenerateSignature(hashmessage);
+
+				if (!r.Equals(sig[0]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": r component wrong." + SimpleTest.NewLine
+						+ " expecting: " + r.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[0].ToString(16));
+				}
+
+				if (!s.Equals(sig[1]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": s component wrong." + SimpleTest.NewLine
+						+ " expecting: " + s.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[1].ToString(16));
+				}
+
+				Gost3410.Init(false, pair.Public);
+
+				if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1]))
+				{
+					return new SimpleTestResult(true, Name + ": Okay");
+				}
+				else
+				{
+					return new SimpleTestResult(false, Name + ": verification fails");
+				}
+			}
+		}
+
+		private class Gost3410_BParam
+			: ITest
+		{
+			public string Name
+			{
+				get { return "Gost3410-BParam"; }
+			}
+
+			private class SecureRandomImpl10 : SecureRandom
+			{
+				bool firstLong = true;
+
+				public override long NextLong()
+				{
+					string x0 = "0x5B977CDB";
+					string c =  "0x6E9692DD";
+
+					if (firstLong)
+					{
+						firstLong = false;
+						return NumberParsing.DecodeLongFromHex(x0);
+					}
+					return NumberParsing.DecodeLongFromHex(c);
+				}
+
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] d = Hex.Decode("bc3cbbdb7e6f848286e19ad9a27a8e297e5b71c53dd974cdf60f937356df69cbc97a300ccc71685c553046147f11568c4fddf363d9d886438345a62c3b75963d6546adfabf31b31290d12cae65ecb8309ef66782");
+
+					Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length);
+				}
+			};
+			SecureRandom init_random = new SecureRandomImpl10();
+
+			private class SecureRandomImpl11 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - k.Length); i += k.Length)
+					{
+						Array.Copy(k, 0, bytes, i, k.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length));
+					}
+					else
+					{
+						Array.Copy(k, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom random = new SecureRandomImpl11();
+
+			private class SecureRandomImpl12 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - x.Length); i += x.Length)
+					{
+						Array.Copy(x, 0, bytes, i, x.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length));
+					}
+					else
+					{
+						Array.Copy(x, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom keyRandom = new SecureRandomImpl12();
+
+			BigInteger  pValue = new BigInteger("c6971fc57524b30c9018c5e621de15499736854f56a6f8aee65a7a404632b3540f09020f67f04dc2e6783b141dceffd21a703035b7d0187c6e12cb4229922bafdb2225b73e6b23a0de36e20047065aea000c1a374283d0ad8dc1981e3995f0bb8c72526041fcb98ae6163e1e71a669d8364e9c4c3188f673c5f8ee6fadb41abf", 16);
+			BigInteger  qValue = new BigInteger("b09d634c10899cd7d4c3a7657403e05810b07c61a688bab2c37f475e308b0607", 16);
+
+			public ITestResult Perform()
+			{
+				BigInteger r = new BigInteger("860d82c60e9502cd00c0e9e1f6563feafec304801974d745c5e02079946f729e",16);
+				BigInteger s = new BigInteger("7ef49264ef022801aaa03033cd97915235fbab4c823ed936b0f360c22114688a",16);
+				Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator();
+
+				pGen.Init(1024, 2, init_random);
+
+				Gost3410Parameters parameters = pGen.GenerateParameters();
+
+				if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q))
+				{
+					return new SimpleTestResult(false, Name + ": p or q wrong");
+				}
+
+				Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator();
+				Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters);
+
+				Gost3410KeyGen.Init(genParam);
+
+				AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair();
+
+				ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
+
+				Gost3410Signer Gost3410 = new Gost3410Signer();
+
+				Gost3410.Init(true, param);
+
+				BigInteger[] sig = Gost3410.GenerateSignature(hashmessage);
+
+				if (!r.Equals(sig[0]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": r component wrong." + SimpleTest.NewLine
+						+ " expecting: " + r.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[0].ToString(16));
+				}
+
+				if (!s.Equals(sig[1]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": s component wrong." + SimpleTest.NewLine
+						+ " expecting: " + s.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[1].ToString(16));
+				}
+
+				Gost3410.Init(false, pair.Public);
+
+				if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1]))
+				{
+					return new SimpleTestResult(true, Name + ": Okay");
+				}
+				else
+				{
+					return new SimpleTestResult(false, Name + ": verification fails");
+				}
+			}
+		}
+
+		private class Gost3410_CParam
+			: ITest
+		{
+			public string Name
+			{
+				get { return "Gost3410-CParam"; }
+			}
+
+			private class SecureRandomImpl13 : SecureRandom
+			{
+				bool firstLong = true;
+
+				public override long NextLong()
+				{
+					string x0 = "0x43848744";
+					string c =  "0xB50A826D";
+
+					if (firstLong)
+					{
+						firstLong = false;
+						return NumberParsing.DecodeLongFromHex(x0);
+					}
+					return NumberParsing.DecodeLongFromHex(c);
+				}
+
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] d = Hex.Decode("7F575E8194BC5BDF");
+
+					Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length);
+				}
+			};
+			SecureRandom init_random = new SecureRandomImpl13();
+
+			private class SecureRandomImpl14 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - k.Length); i += k.Length)
+					{
+						Array.Copy(k, 0, bytes, i, k.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length));
+					}
+					else
+					{
+						Array.Copy(k, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom random = new SecureRandomImpl14();
+
+			private class SecureRandomImpl15 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - x.Length); i += x.Length)
+					{
+						Array.Copy(x, 0, bytes, i, x.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length));
+					}
+					else
+					{
+						Array.Copy(x, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom keyRandom = new SecureRandomImpl15();
+
+			BigInteger  pValue = new BigInteger("9d88e6d7fe3313bd2e745c7cdd2ab9ee4af3c8899e847de74a33783ea68bc30588ba1f738c6aaf8ab350531f1854c3837cc3c860ffd7e2e106c3f63b3d8a4c034ce73942a6c3d585b599cf695ed7a3c4a93b2b947b7157bb1a1c043ab41ec8566c6145e938a611906de0d32e562494569d7e999a0dda5c879bdd91fe124df1e9", 16);
+			BigInteger  qValue = new BigInteger("fadd197abd19a1b4653eecf7eca4d6a22b1f7f893b641f901641fbb555354faf", 16);
+
+			public ITestResult Perform()
+			{
+				BigInteger r = new BigInteger("4deb95a0b35e7ed7edebe9bef5a0f93739e16b7ff27fe794d989d0c13159cfbc",16);
+				BigInteger s = new BigInteger("e1d0d30345c24cfeb33efde3deee5fbbda78ddc822b719d860cd0ba1fb6bd43b",16);
+				Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator();
+
+				pGen.Init(1024, 2, init_random);
+
+				Gost3410Parameters parameters = pGen.GenerateParameters();
+
+				if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q))
+				{
+					return new SimpleTestResult(false, Name + ": p or q wrong");
+				}
+
+				Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator();
+				Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters);
+
+				Gost3410KeyGen.Init(genParam);
+
+				AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair();
+
+				ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
+
+				Gost3410Signer Gost3410 = new Gost3410Signer();
+
+				Gost3410.Init(true, param);
+
+				BigInteger[] sig = Gost3410.GenerateSignature(hashmessage);
+
+				if (!r.Equals(sig[0]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": r component wrong." + SimpleTest.NewLine
+						+ " expecting: " + r.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[0].ToString(16));
+				}
+
+				if (!s.Equals(sig[1]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": s component wrong." + SimpleTest.NewLine
+						+ " expecting: " + s.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[1].ToString(16));
+				}
+
+				Gost3410.Init(false, pair.Public);
+
+				if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1]))
+				{
+					return new SimpleTestResult(true, Name + ": Okay");
+				}
+				else
+				{
+					return new SimpleTestResult(false, Name + ": verification fails");
+				}
+			}
+		}
+
+		private class Gost3410_DParam
+			: ITest
+		{
+			public string Name
+			{
+				get { return "Gost3410-DParam"; }
+			}
+
+			private class SecureRandomImpl16 : SecureRandom
+			{
+				bool firstLong = true;
+
+				public override long NextLong()
+				{
+					string x0 = "0x13DA8B9D";
+					string c =  "0xA0E9DE4B";
+
+					if (firstLong)
+					{
+						firstLong = false;
+						return NumberParsing.DecodeLongFromHex(x0);
+					}
+					return NumberParsing.DecodeLongFromHex(c);
+				}
+
+				public override void NextBytes(byte[] bytes)
+				{
+
+					byte[] d = Hex.Decode("41ab97857f42614355d32db0b1069f109a4da283676c7c53a68185b4");
+
+					Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length);
+				}
+			};
+			SecureRandom init_random = new SecureRandomImpl16();
+
+			private class SecureRandomImpl17 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - k.Length); i += k.Length)
+					{
+						Array.Copy(k, 0, bytes, i, k.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length));
+					}
+					else
+					{
+						Array.Copy(k, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom random = new SecureRandomImpl17();
+
+			private class SecureRandomImpl18 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - x.Length); i += x.Length)
+					{
+						Array.Copy(x, 0, bytes, i, x.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length));
+					}
+					else
+					{
+						Array.Copy(x, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom keyRandom = new SecureRandomImpl18();
+
+			BigInteger  pValue = new BigInteger("80f102d32b0fd167d069c27a307adad2c466091904dbaa55d5b8cc7026f2f7a1919b890cb652c40e054e1e9306735b43d7b279eddf9102001cd9e1a831fe8a163eed89ab07cf2abe8242ac9dedddbf98d62cddd1ea4f5f15d3a42a6677bdd293b24260c0f27c0f1d15948614d567b66fa902baa11a69ae3bceadbb83e399c9b5", 16);
+			BigInteger  qValue = new BigInteger("f0f544c418aac234f683f033511b65c21651a6078bda2d69bb9f732867502149", 16);
+
+			public ITestResult Perform()
+			{
+				BigInteger              r = new BigInteger("712592d285b792e33b8a9a11e8e6c4f512ddf0042972bbfd1abb0a93e8fc6f54",16);
+				BigInteger              s = new BigInteger("2cf26758321258b130d5612111339f09ceb8668241f3482e38baa56529963f07",16);
+				Gost3410ParametersGenerator  pGen = new Gost3410ParametersGenerator();
+
+				pGen.Init(1024, 2, init_random);
+
+				Gost3410Parameters parameters = pGen.GenerateParameters();
+
+				if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q))
+				{
+					return new SimpleTestResult(false, Name + ": p or q wrong");
+				}
+
+				Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator();
+				Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters);
+
+				Gost3410KeyGen.Init(genParam);
+
+				AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair();
+
+				ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
+
+				Gost3410Signer Gost3410 = new Gost3410Signer();
+
+				Gost3410.Init(true, param);
+
+				BigInteger[] sig = Gost3410.GenerateSignature(hashmessage);
+
+				if (!r.Equals(sig[0]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": r component wrong." + SimpleTest.NewLine
+						+ " expecting: " + r.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[0].ToString(16));
+				}
+
+				if (!s.Equals(sig[1]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": s component wrong." + SimpleTest.NewLine
+						+ " expecting: " + s.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[1].ToString(16));
+				}
+
+				Gost3410.Init(false, pair.Public);
+
+				if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1]))
+				{
+					return new SimpleTestResult(true, Name + ": Okay");
+				}
+				else
+				{
+					return new SimpleTestResult(false, Name + ": verification fails");
+				}
+			}
+		}
+
+		private class Gost3410_AExParam
+			: ITest
+		{
+			public string Name
+			{
+				get { return "Gost3410-AExParam"; }
+			}
+
+			private class SecureRandomImpl19 : SecureRandom
+			{
+				bool firstLong = true;
+
+				public override long NextLong()
+				{
+					string x0 = "0xD05E9F14";
+					string c =  "0x46304C5F";
+
+					if (firstLong)
+					{
+						firstLong = false;
+						return NumberParsing.DecodeLongFromHex(x0);
+					}
+					return NumberParsing.DecodeLongFromHex(c);
+				}
+
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] d = Hex.Decode("35ab875399cda33c146ca629660e5a5e5c07714ca326db032dd6751995cdb90a612b9228932d8302704ec24a5def7739c5813d83");
+
+					Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length);
+				}
+			};
+			SecureRandom init_random = new SecureRandomImpl19();
+
+			private class SecureRandomImpl20 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - k.Length); i += k.Length)
+					{
+						Array.Copy(k, 0, bytes, i, k.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length));
+					}
+					else
+					{
+						Array.Copy(k, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom random = new SecureRandomImpl20();
+
+			private class SecureRandomImpl21 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - x.Length); i += x.Length)
+					{
+						Array.Copy(x, 0, bytes, i, x.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length));
+					}
+					else
+					{
+						Array.Copy(x, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom keyRandom = new SecureRandomImpl21();
+
+			BigInteger  pValue = new BigInteger("ca3b3f2eee9fd46317d49595a9e7518e6c63d8f4eb4d22d10d28af0b8839f079f8289e603b03530784b9bb5a1e76859e4850c670c7b71c0df84ca3e0d6c177fe9f78a9d8433230a883cd82a2b2b5c7a3306980278570cdb79bf01074a69c9623348824b0c53791d53c6a78cab69e1cfb28368611a397f50f541e16db348dbe5f", 16);
+			BigInteger  qValue = new BigInteger("cae4d85f80c147704b0ca48e85fb00a9057aa4acc44668e17f1996d7152690d9", 16);
+
+			public ITestResult Perform()
+			{
+				BigInteger r = new BigInteger("90892707282f433398488f19d31ac48523a8e2ded68944e0da91c6895ee7045e",16);
+				BigInteger s = new BigInteger("3be4620ee88f1ee8f9dd63c7d145b7e554839feeca125049118262ea4651e9de",16);
+				Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator();
+
+				pGen.Init(1024, 2, init_random);
+
+				Gost3410Parameters parameters = pGen.GenerateParameters();
+
+				if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q))
+				{
+					return new SimpleTestResult(false, Name + ": p or q wrong");
+				}
+
+				Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator();
+				Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters);
+
+				Gost3410KeyGen.Init(genParam);
+
+				AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair();
+
+				ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
+
+				Gost3410Signer Gost3410 = new Gost3410Signer();
+
+				Gost3410.Init(true, param);
+
+				BigInteger[] sig = Gost3410.GenerateSignature(hashmessage);
+
+				if (!r.Equals(sig[0]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": r component wrong." + SimpleTest.NewLine
+						+ " expecting: " + r.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[0].ToString(16));
+				}
+
+				if (!s.Equals(sig[1]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": s component wrong." + SimpleTest.NewLine
+						+ " expecting: " + s.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[1].ToString(16));
+				}
+
+				Gost3410.Init(false, pair.Public);
+
+				if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1]))
+				{
+					return new SimpleTestResult(true, Name + ": Okay");
+				}
+				else
+				{
+					return new SimpleTestResult(false, Name + ": verification fails");
+				}
+			}
+		}
+
+		private class Gost3410_BExParam
+			: ITest
+		{
+			public string Name
+			{
+				get { return "Gost3410-BExParam"; }
+			}
+
+			private class SecureRandomImpl22 : SecureRandom
+			{
+				bool firstLong = true;
+
+				public override long NextLong()
+				{
+					string x0 = "0x7A007804";
+					string c =  "0xD31A4FF7";
+
+					if (firstLong)
+					{
+						firstLong = false;
+						return NumberParsing.DecodeLongFromHex(x0);
+					}
+					return NumberParsing.DecodeLongFromHex(c);
+				}
+
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] d = Hex.Decode("7ec123d161477762838c2bea9dbdf33074af6d41d108a066a1e7a07ab3048de2");
+
+					Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length);
+				}
+			};
+			SecureRandom init_random = new SecureRandomImpl22();
+
+			private class SecureRandomImpl23 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - k.Length); i += k.Length)
+					{
+						Array.Copy(k, 0, bytes, i, k.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length));
+					}
+					else
+					{
+						Array.Copy(k, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom random = new SecureRandomImpl23();
+
+			private class SecureRandomImpl24 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - x.Length); i += x.Length)
+					{
+						Array.Copy(x, 0, bytes, i, x.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length));
+					}
+					else
+					{
+						Array.Copy(x, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom keyRandom = new SecureRandomImpl24();
+
+			BigInteger  pValue = new BigInteger("9286dbda91eccfc3060aa5598318e2a639f5ba90a4ca656157b2673fb191cd0589ee05f4cef1bd13508408271458c30851ce7a4ef534742bfb11f4743c8f787b11193ba304c0e6bca25701bf88af1cb9b8fd4711d89f88e32b37d95316541bf1e5dbb4989b3df13659b88c0f97a3c1087b9f2d5317d557dcd4afc6d0a754e279", 16);
+			BigInteger  qValue = new BigInteger("c966e9b3b8b7cdd82ff0f83af87036c38f42238ec50a876cd390e43d67b6013f", 16);
+
+			public ITestResult Perform()
+			{
+				BigInteger r = new BigInteger("8f79a582513df84dc247bcb624340cc0e5a34c4324a20ce7fe3ab8ff38a9db71",16);
+				BigInteger s = new BigInteger("7508d22fd6cbb45efd438cb875e43f137247088d0f54b29a7c91f68a65b5fa85",16);
+				Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator();
+
+				pGen.Init(1024, 2, init_random);
+
+				Gost3410Parameters parameters = pGen.GenerateParameters();
+
+				if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q))
+				{
+					return new SimpleTestResult(false, Name + ": p or q wrong");
+				}
+
+				Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator();
+				Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters);
+
+				Gost3410KeyGen.Init(genParam);
+
+				AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair();
+
+				ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
+
+				Gost3410Signer Gost3410 = new Gost3410Signer();
+
+				Gost3410.Init(true, param);
+
+				BigInteger[] sig = Gost3410.GenerateSignature(hashmessage);
+
+				if (!r.Equals(sig[0]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": r component wrong." + SimpleTest.NewLine
+						+ " expecting: " + r.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[0].ToString(16));
+				}
+
+				if (!s.Equals(sig[1]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": s component wrong." + SimpleTest.NewLine
+						+ " expecting: " + s.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[1].ToString(16));
+				}
+
+				Gost3410.Init(false, pair.Public);
+
+				if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1]))
+				{
+					return new SimpleTestResult(true, Name + ": Okay");
+				}
+				else
+				{
+					return new SimpleTestResult(false, Name + ": verification fails");
+				}
+			}
+		}
+
+		private class Gost3410_CExParam
+			: ITest
+		{
+			public string Name
+			{
+				get { return "Gost3410-CExParam"; }
+			}
+
+			private class SecureRandomImpl25 : SecureRandom
+			{
+				bool firstLong = true;
+
+				public override long NextLong()
+				{
+					string x0 = "0x162AB910";
+					string c =  "0x93F828D3";
+
+					if (firstLong)
+					{
+						firstLong = false;
+						return NumberParsing.DecodeLongFromHex(x0);
+					}
+					return NumberParsing.DecodeLongFromHex(c);
+				}
+
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] d = Hex.Decode("ca82cce78a738bc46f103d53b9bf809745ec845e4f6da462606c51f60ecf302e31204b81");
+
+					Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length);
+				}
+			};
+			SecureRandom init_random = new SecureRandomImpl25();
+
+			private class SecureRandomImpl26 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - k.Length); i += k.Length)
+					{
+						Array.Copy(k, 0, bytes, i, k.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length));
+					}
+					else
+					{
+						Array.Copy(k, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom random = new SecureRandomImpl26();
+
+			private class SecureRandomImpl27 : SecureRandom
+			{
+				public override void NextBytes(byte[] bytes)
+				{
+					byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046");
+
+					int i;
+
+					for (i = 0; i < (bytes.Length - x.Length); i += x.Length)
+					{
+						Array.Copy(x, 0, bytes, i, x.Length);
+					}
+
+					if (i > bytes.Length)
+					{
+						Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length));
+					}
+					else
+					{
+						Array.Copy(x, 0, bytes, i, bytes.Length - i);
+					}
+				}
+			};
+			SecureRandom keyRandom = new SecureRandomImpl27();
+
+			BigInteger  pValue = new BigInteger("b194036ace14139d36d64295ae6c50fc4b7d65d8b340711366ca93f383653908ee637be428051d86612670ad7b402c09b820fa77d9da29c8111a8496da6c261a53ed252e4d8a69a20376e6addb3bdcd331749a491a184b8fda6d84c31cf05f9119b5ed35246ea4562d85928ba1136a8d0e5a7e5c764ba8902029a1336c631a1d", 16);
+			BigInteger  qValue = new BigInteger("96120477df0f3896628e6f4a88d83c93204c210ff262bccb7dae450355125259", 16);
+
+			public ITestResult Perform()
+			{
+				BigInteger r = new BigInteger("169fdb2dc09f690b71332432bfec806042e258fa9a21dafe73c6abfbc71407d9",16);
+				BigInteger s = new BigInteger("9002551808ae40d19f6f31fb67e4563101243cf07cffd5f2f8ff4c537b0c9866",16);
+				Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator();
+
+				pGen.Init(1024, 2, init_random);
+
+				Gost3410Parameters parameters = pGen.GenerateParameters();
+
+				if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q))
+				{
+					return new SimpleTestResult(false, Name + ": p or q wrong");
+				}
+
+				Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator();
+				Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters);
+
+				Gost3410KeyGen.Init(genParam);
+
+				AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair();
+
+				ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
+
+				Gost3410Signer Gost3410 = new Gost3410Signer();
+
+				Gost3410.Init(true, param);
+
+				BigInteger[] sig = Gost3410.GenerateSignature(hashmessage);
+
+				if (!r.Equals(sig[0]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": r component wrong." + SimpleTest.NewLine
+						+ " expecting: " + r.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[0].ToString(16));
+				}
+
+				if (!s.Equals(sig[1]))
+				{
+					return new SimpleTestResult(false, Name
+						+ ": s component wrong." + SimpleTest.NewLine
+						+ " expecting: " + s.ToString(16) + SimpleTest.NewLine
+						+ " got      : " + sig[1].ToString(16));
+				}
+
+				Gost3410.Init(false, pair.Public);
+
+				if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1]))
+				{
+					return new SimpleTestResult(true, Name + ": Okay");
+				}
+				else
+				{
+					return new SimpleTestResult(false, Name + ": verification fails");
+				}
+			}
+		}
+
+		ITest[] tests =
+		{
+			new Gost3410_TEST1_512(),
+			new Gost3410_TEST2_512(),
+//	        new Gost3410_TEST1_1024(),
+//	        new Gost3410_TEST2_1024(),
+//	        new Gost3410_AParam(),
+//	        new Gost3410_BParam(),
+//	        new Gost3410_CParam(),
+//	        new Gost3410_DParam(),
+//	        new Gost3410_AExParam(),
+//	        new Gost3410_BExParam(),
+//	        new Gost3410_CExParam()
+		};
+
+		public string Name
+		{
+			get { return "Gost3410"; }
+		}
+
+		public ITestResult Perform()
+		{
+			for (int i = 0; i != tests.Length; i++)
+			{
+				ITestResult result = tests[i].Perform();
+
+				if (!result.IsSuccessful())
+				{
+					return result;
+				}
+			}
+
+			return new SimpleTestResult(true, "Gost3410: Okay");
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new Gost3410Test();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/GOST3411DigestTest.cs b/crypto/test/src/crypto/test/GOST3411DigestTest.cs
new file mode 100644
index 000000000..1826b28c9
--- /dev/null
+++ b/crypto/test/src/crypto/test/GOST3411DigestTest.cs
@@ -0,0 +1,79 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	[TestFixture]
+	public class Gost3411DigestTest
+		: DigestTest
+	{
+		private static readonly string[] messages =
+		{
+			"",
+			"This is message, length=32 bytes",
+			"Suppose the original message has length = 50 bytes",
+			"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
+		};
+
+		//  If S-box = D-A (see: digest/Gost3411Digest.java; function: E(byte[] in, byte[] key); string: CipherParameters  param = new Gost28147Parameters(key,"D-A");)
+		private static readonly string[] digests =
+		{
+			"981e5f3ca30c841487830f84fb433e13ac1101569b9c13584ac483234cd656c0",
+			"2cefc2f7b7bdc514e18ea57fa74ff357e7fa17d652c75f69cb1be7893ede48eb",
+			"c3730c5cbccacf915ac292676f21e8bd4ef75331d9405e5f1a61dc3130a65011",
+			"73b70a39497de53a6e08c67b6d4db853540f03e9389299d9b0156ef7e85d0f61"
+		};
+
+		//  If S-box = D-Test (see: digest/GOST3411Digest.cs; function:E(byte[] in, byte[] key); string: ICipherParameters p = new Gost28147Parameters(key, "D-Test");)
+//		private static readonly string[] digests =
+//		{
+//			"ce85b99cc46752fffee35cab9a7b0278abb4c2d2055cff685af4912c49490f8d",
+//			"b1c466d37519b82e8319819ff32595e047a28cb6f83eff1c6916a815a637fffa",
+//			"471aba57a60a770d3a76130635c1fbea4ef14de51f78b4ae57dd893b62f55208",
+//			"95c1af627c356496d80274330b2cff6a10c67b5f597087202f94d06d2338cf8e"
+//		};
+
+		// 1 million 'a'
+		static private string  million_a_digest = "8693287aa62f9478f7cb312ec0866b6c4e4a0f11160441e8f4ffcd2715dd554f";
+
+		public Gost3411DigestTest()
+			: base(new Gost3411Digest(), messages, digests)
+		{
+		}
+
+		public override void PerformTest()
+		{
+			base.PerformTest();
+
+			millionATest(million_a_digest);
+		}
+
+		protected override IDigest CloneDigest(IDigest digest)
+		{
+			return new Gost3411Digest((Gost3411Digest)digest);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new Gost3411DigestTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/GcmReorderTest.cs b/crypto/test/src/crypto/test/GcmReorderTest.cs
new file mode 100644
index 000000000..54d17f4f4
--- /dev/null
+++ b/crypto/test/src/crypto/test/GcmReorderTest.cs
@@ -0,0 +1,362 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Modes.Gcm;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	[TestFixture]
+	public class GcmReorderTest
+	{
+		private static readonly byte[] H;
+		private static readonly SecureRandom random = new SecureRandom(); 
+		private static readonly IGcmMultiplier mul = new Tables64kGcmMultiplier();
+		private static readonly IGcmExponentiator exp = new Tables1kGcmExponentiator();
+		private static readonly byte[] Empty = new byte[0];
+
+		static GcmReorderTest()
+		{
+			H = new byte[16];
+			random.NextBytes(H);
+			mul.Init(Arrays.Clone(H));
+			exp.Init(Arrays.Clone(H));
+		}
+
+		[Test]
+		public void TestCombine()
+		{
+			for (int count = 0; count < 10; ++count)
+			{
+				byte[] A = randomBytes(1000);
+				byte[] C = randomBytes(1000);
+
+				byte[] ghashA_ = GHASH(A, Empty);
+				byte[] ghash_C = GHASH(Empty, C);
+				byte[] ghashAC = GHASH(A, C);
+
+				byte[] ghashCombine = combine_GHASH(ghashA_, (long)A.Length * 8, ghash_C, (long)C.Length * 8);
+
+				Assert.IsTrue(Arrays.AreEqual(ghashAC, ghashCombine));
+			}
+		}
+
+		[Test]
+		public void TestConcatAuth()
+		{
+			for (int count = 0; count < 10; ++count)
+			{
+				byte[] P = randomBlocks(100);
+				byte[] A = randomBytes(1000);
+				byte[] PA = concatArrays(P, A);
+
+				byte[] ghashP_ = GHASH(P, Empty);
+				byte[] ghashA_ = GHASH(A, Empty);
+				byte[] ghashPA_val = GHASH(PA, Empty);
+				byte[] ghashConcat = concatAuth_GHASH(ghashP_, (long)P.Length * 8, ghashA_, (long)A.Length * 8);
+
+				Assert.IsTrue(Arrays.AreEqual(ghashPA_val, ghashConcat));
+			}
+		}
+
+		[Test]
+		public void TestConcatCrypt()
+		{
+			for (int count = 0; count < 10; ++count)
+			{
+				byte[] P = randomBlocks(100);
+				byte[] A = randomBytes(1000);
+				byte[] PA = concatArrays(P, A);
+
+				byte[] ghash_P = GHASH(Empty, P);
+				byte[] ghash_A = GHASH(Empty, A);
+				byte[] ghash_PA = GHASH(Empty, PA);
+				byte[] ghashConcat = concatCrypt_GHASH(ghash_P, (long)P.Length * 8, ghash_A, (long)A.Length * 8);
+
+				Assert.IsTrue(Arrays.AreEqual(ghash_PA, ghashConcat));
+			}
+		}
+
+		[Test]
+		public void TestExp()
+		{
+			{
+				byte[] buf1 = new byte[16];
+				buf1[0] = 0x80;
+
+				byte[] buf2 = new byte[16];
+
+				for (int pow = 0; pow != 100; ++pow)
+				{
+					exp.ExponentiateX(pow, buf2);
+
+					Assert.IsTrue(Arrays.AreEqual(buf1, buf2));
+
+					mul.MultiplyH(buf1);
+				}
+			}
+
+			long[] testPow = new long[]{ 10, 1, 8, 17, 24, 13, 2, 13, 2, 3 };
+			byte[][] testData = new byte[][]{
+				Hex.Decode("9185848a877bd87ba071e281f476e8e7"),
+				Hex.Decode("697ce3052137d80745d524474fb6b290"),
+				Hex.Decode("2696fc47198bb23b11296e4f88720a17"),
+				Hex.Decode("01f2f0ead011a4ae0cf3572f1b76dd8e"),
+				Hex.Decode("a53060694a044e4b7fa1e661c5a7bb6b"),
+				Hex.Decode("39c0392e8b6b0e04a7565c85394c2c4c"),
+				Hex.Decode("519c362d502e07f2d8b7597a359a5214"),
+				Hex.Decode("5a527a393675705e19b2117f67695af4"),
+				Hex.Decode("27fc0901d1d332a53ba4d4386c2109d2"),
+				Hex.Decode("93ca9b57174aabedf8220e83366d7df6"),
+			};
+
+			for (int i = 0; i != 10; ++i)
+			{
+				long pow = testPow[i];
+				byte[] data = Arrays.Clone(testData[i]);
+
+				byte[] expected = Arrays.Clone(data);
+				for (int j = 0; j < pow; ++j)
+				{
+					mul.MultiplyH(expected);
+				}
+
+				byte[] H_a = new byte[16];
+				exp.ExponentiateX(pow, H_a);
+				byte[] actual = multiply(data, H_a);
+
+				Assert.IsTrue(Arrays.AreEqual(expected, actual));
+			}
+		}
+
+		[Test]
+		public void TestMultiply()
+		{
+			byte[] expected = Arrays.Clone(H);
+			mul.MultiplyH(expected);
+
+			Assert.IsTrue(Arrays.AreEqual(expected, multiply(H, H)));
+
+			for (int count = 0; count < 10; ++count)
+			{
+				byte[] a = new byte[16];
+				random.NextBytes(a);
+
+				byte[] b = new byte[16];
+				random.NextBytes(b);
+
+				expected = Arrays.Clone(a);
+				mul.MultiplyH(expected);
+				Assert.IsTrue(Arrays.AreEqual(expected, multiply(a, H)));
+				Assert.IsTrue(Arrays.AreEqual(expected, multiply(H, a)));
+				
+				expected = Arrays.Clone(b);
+				mul.MultiplyH(expected);
+				Assert.IsTrue(Arrays.AreEqual(expected, multiply(b, H)));
+				Assert.IsTrue(Arrays.AreEqual(expected, multiply(H, b)));
+				
+				Assert.IsTrue(Arrays.AreEqual(multiply(a, b), multiply(b, a)));
+			}
+		}
+
+		private byte[] randomBlocks(int upper)
+		{
+			byte[] bs = new byte[16 * random.Next(upper)];
+			random.NextBytes(bs);
+			return bs;
+		}
+
+		private byte[] randomBytes(int upper)
+		{
+			byte[] bs = new byte[random.Next(upper)];
+			random.NextBytes(bs);
+			return bs;
+		}
+
+		private byte[] concatArrays(byte[] a, byte[] b)
+		{
+			byte[] ab = new byte[a.Length + b.Length];
+			Array.Copy(a, 0, ab, 0, a.Length);
+			Array.Copy(b, 0, ab, a.Length, b.Length);
+			return ab;
+		}
+
+		private byte[] combine_GHASH(byte[] ghashA_, long bitlenA, byte[] ghash_C, long bitlenC)
+		{
+			// Note: bitlenA must be aligned to the block size
+
+			long c = (bitlenC + 127) >> 7;
+
+			byte[] H_c = new byte[16];
+			exp.ExponentiateX(c, H_c);
+
+			byte[] tmp1 = lengthBlock(bitlenA, 0);
+			mul.MultiplyH(tmp1);
+
+			byte[] ghashAC = Arrays.Clone(ghashA_);
+			xor(ghashAC, tmp1);
+			ghashAC = multiply(ghashAC, H_c);
+			// No need to touch the len(C) part (second 8 bytes)
+			xor(ghashAC, tmp1);
+			xor(ghashAC, ghash_C);
+
+			return ghashAC;
+		}
+
+		private byte[] concatAuth_GHASH(byte[] ghashP, long bitlenP, byte[] ghashA, long bitlenA)
+		{
+			// Note: bitlenP must be aligned to the block size
+
+			long a = (bitlenA + 127) >> 7;
+
+			byte[] tmp1 = lengthBlock(bitlenP, 0);
+			mul.MultiplyH(tmp1);
+
+			byte[] tmp2 = lengthBlock(bitlenA ^ (bitlenP + bitlenA), 0);
+			mul.MultiplyH(tmp2);
+
+			byte[] H_a = new byte[16];
+			exp.ExponentiateX(a, H_a);
+
+			byte[] ghashC = Arrays.Clone(ghashP);
+			xor(ghashC, tmp1);
+			ghashC = multiply(ghashC, H_a);
+			xor(ghashC, tmp2);
+			xor(ghashC, ghashA);
+			return ghashC;
+		}
+
+		private byte[] concatCrypt_GHASH(byte[] ghashP, long bitlenP, byte[] ghashA, long bitlenA)
+		{
+			// Note: bitlenP must be aligned to the block size
+			
+			long a = (bitlenA + 127) >> 7;
+
+			byte[] tmp1 = lengthBlock(0, bitlenP);
+			mul.MultiplyH(tmp1);
+
+			byte[] tmp2 = lengthBlock(0, bitlenA ^ (bitlenP + bitlenA));
+			mul.MultiplyH(tmp2);
+
+			byte[] H_a = new byte[16];
+			exp.ExponentiateX(a, H_a);
+
+			byte[] ghashC = Arrays.Clone(ghashP);
+			xor(ghashC, tmp1);
+			ghashC = multiply(ghashC, H_a);
+			xor(ghashC, tmp2);
+			xor(ghashC, ghashA);
+			return ghashC;
+		}
+
+		private byte[] GHASH(byte[] A, byte[] C)
+		{
+			byte[] X = new byte[16];
+
+			{
+				for (int pos = 0; pos < A.Length; pos += 16)
+				{
+					byte[] tmp = new byte[16];
+					int num = System.Math.Min(A.Length - pos, 16);
+					Array.Copy(A, pos, tmp, 0, num);
+					xor(X, tmp);
+					mul.MultiplyH(X);
+				}
+			}
+
+			{
+				for (int pos = 0; pos < C.Length; pos += 16)
+				{
+					byte[] tmp = new byte[16];
+					int num = System.Math.Min(C.Length - pos, 16);
+					Array.Copy(C, pos, tmp, 0, num);
+					xor(X, tmp);
+					mul.MultiplyH(X);
+				}
+			}
+
+			{
+				xor(X, lengthBlock((long)A.Length * 8, (long)C.Length * 8));
+				mul.MultiplyH(X);
+			}
+
+			return X;
+		}
+
+		private static byte[] lengthBlock(long bitlenA, long bitlenC)
+		{
+			byte[] tmp = new byte[16];
+			UInt64_To_BE((ulong)bitlenA, tmp, 0);
+			UInt64_To_BE((ulong)bitlenC, tmp, 8);
+			return tmp;
+		}
+
+		private static void xor(byte[] block, byte[] val)
+		{
+			for (int i = 15; i >= 0; --i)
+			{
+				block[i] ^= val[i];
+			}
+		}
+
+		private static void UInt64_To_BE(ulong n, byte[] bs, int off)
+		{
+			UInt32_To_BE((uint)(n >> 32), bs, off);
+			UInt32_To_BE((uint)(n), bs, off + 4);
+		}
+
+		private static void UInt32_To_BE(uint n, byte[] bs, int off)
+		{
+			bs[  off] = (byte)(n >> 24);
+			bs[++off] = (byte)(n >> 16);
+			bs[++off] = (byte)(n >>  8);
+			bs[++off] = (byte)(n      );
+		}
+
+		private static byte[] multiply(byte[] a, byte[] b)
+		{
+			byte[] c = new byte[16];
+			byte[] tmp = Arrays.Clone(b);
+
+			for (int i = 0; i < 16; ++i)
+			{
+				byte bits = a[i];
+				for (int j = 7; j >= 0; --j)
+				{
+					if ((bits & (1 << j)) != 0)
+					{
+						xor(c, tmp);
+					}
+
+					bool lsb = (tmp[15] & 1) != 0;
+					shiftRight(tmp);
+					if (lsb)
+					{
+						// R = new byte[]{ 0xe1, ... };
+						//GcmUtilities.Xor(tmp, R);
+						tmp[0] ^= (byte)0xe1;
+					}
+				}
+			}
+
+			return c;
+		}
+
+		private static void shiftRight(byte[] block)
+		{
+			int i = 0;
+			byte bit = 0;
+			for (;;)
+			{
+				byte b = block[i];
+				block[i] = (byte)((b >> 1) | bit);
+				if (++i == 16) break;
+				bit = (byte)(b << 7);
+			}
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/HCFamilyTest.cs b/crypto/test/src/crypto/test/HCFamilyTest.cs
new file mode 100644
index 000000000..0904bc9eb
--- /dev/null
+++ b/crypto/test/src/crypto/test/HCFamilyTest.cs
@@ -0,0 +1,192 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	 * HC-128 and HC-256 Tests. Based on the test vectors in the official reference
+	 * papers, respectively:
+	 * <pre>
+	 * http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc128_p3.pdf
+	 * http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc256_p3.pdf
+	 * </pre>
+	 * See HCFamilyVecTest for a more exhaustive test based on the ecrypt vectors.
+	 */
+	public class HCFamilyTest
+		: SimpleTest
+	{
+		private static readonly byte[] MSG = new byte[64];
+
+		private static readonly string[][] HC128_VerifiedTest = new string[][]
+		{
+			new string[]{
+				"Set 2, vector#  0",
+				"00000000000000000000000000000000",
+				"00000000000000000000000000000000",
+				"82001573A003FD3B7FD72FFB0EAF63AA" +
+				"C62F12DEB629DCA72785A66268EC758B" +
+				"1EDB36900560898178E0AD009ABF1F49" +
+				"1330DC1C246E3D6CB264F6900271D59C"
+			},
+			new string[]{
+				"Set 6, vector#  0",
+				"0053A6F94C9FF24598EB3E91E4378ADD",
+				"0D74DB42A91077DE45AC137AE148AF16",
+				"2E1ED12A8551C05AF41FF39D8F9DF933" +
+				"122B5235D48FC2A6F20037E69BDBBCE8" +
+				"05782EFC16C455A4B3FF06142317535E" +
+				"F876104C32445138CB26EBC2F88A684C"
+			},
+			new string[]{
+				"Set 6, vector#  1",
+				"0558ABFE51A4F74A9DF04396E93C8FE2",
+				"167DE44BB21980E74EB51C83EA51B81F",
+				"4F864BF3C96D0363B1903F0739189138" +
+				"F6ED2BC0AF583FEEA0CEA66BA7E06E63" +
+				"FB28BF8B3CA0031D24ABB511C57DD17B" +
+				"FC2861C32400072CB680DF2E58A5CECC"
+			},
+			new string[]{
+				"Set 6, vector#  2",
+				"0A5DB00356A9FC4FA2F5489BEE4194E7",
+				"1F86ED54BB2289F057BE258CF35AC128",
+				"82168AB0023B79AAF1E6B4D823855E14" +
+				"A7084378036A951B1CFEF35173875ED8" +
+				"6CB66AB8410491A08582BE40080C3102" +
+				"193BA567F9E95D096C3CC60927DD7901"
+			},
+			new string[]{
+				"Set 6, vector#  3",
+				"0F62B5085BAE0154A7FA4DA0F34699EC",
+				"288FF65DC42B92F960C72E95FC63CA31",
+				"1CD8AEDDFE52E217E835D0B7E84E2922" +
+				"D04B1ADBCA53C4522B1AA604C42856A9" +
+				"0AF83E2614BCE65C0AECABDD8975B557" +
+				"00D6A26D52FFF0888DA38F1DE20B77B7"
+			}
+		};
+
+		private static readonly string[][] HC256_VerifiedTest = new string[][]
+		{
+			new string[]{
+				"Set 2, vector#  0",
+				"00000000000000000000000000000000",
+				"00000000000000000000000000000000",
+				"5B078985D8F6F30D42C5C02FA6B67951" +
+				"53F06534801F89F24E74248B720B4818" +
+				"CD9227ECEBCF4DBF8DBF6977E4AE14FA" +
+				"E8504C7BC8A9F3EA6C0106F5327E6981"
+			},
+			new string[]{
+				"Set 2, vector#  9",
+				"09090909090909090909090909090909",
+				"00000000000000000000000000000000",
+				"F5C2926651AEED9AF1A9C2F04C03D081" +
+				"2145B56AEA46EB283A25A4C9E3D8BEB4" +
+				"821B418F06F2B9DCDF1A85AB8C02CD14" +
+				"62E1BBCAEC9AB0E99AA6AFF918BA627C"
+			},
+			new string[]{
+				"Set 2, vector#135",
+				"87878787878787878787878787878787",
+				"00000000000000000000000000000000",
+				"CEC0C3852E3B98233EBCB975C10B1191" +
+				"3C69F2275EB97A1402EDF16C6FBE19BE" +
+				"79D65360445BCB63676E6553B609A065" +
+				"0155C3B22DD1975AC0F3F65063A2E16E"
+			},
+			new string[]{
+				"Set 6, vector#  0",
+				"0053A6F94C9FF24598EB3E91E4378ADD" +
+				"3083D6297CCF2275C81B6EC11467BA0D",
+				"0D74DB42A91077DE45AC137AE148AF16" +
+				"7DE44BB21980E74EB51C83EA51B81F86",
+				"23D9E70A45EB0127884D66D9F6F23C01" +
+				"D1F88AFD629270127247256C1FFF91E9" +
+				"1A797BD98ADD23AE15BEE6EEA3CEFDBF" +
+				"A3ED6D22D9C4F459DB10C40CDF4F4DFF"
+			},
+			new string[]{
+				"Set 6, vector#  1",
+				"0558ABFE51A4F74A9DF04396E93C8FE2" +
+				"3588DB2E81D4277ACD2073C6196CBF12",
+				"167DE44BB21980E74EB51C83EA51B81F" +
+				"86ED54BB2289F057BE258CF35AC1288F",
+				"C44B5262F2EAD9C018213127686DB742" +
+				"A72D3F2D61D18F0F4E7DE5B4F7ADABE0" +
+				"7E0C82033B139F02BAACB4E2F2D0BE30" +
+				"110C3A8A2B621523756692877C905DD0"
+			},
+			new string[]{
+				"Set 6, vector#  2",
+				"0A5DB00356A9FC4FA2F5489BEE4194E7" +
+				"3A8DE03386D92C7FD22578CB1E71C417",
+				"1F86ED54BB2289F057BE258CF35AC128" +
+				"8FF65DC42B92F960C72E95FC63CA3198",
+				"9D13AA06122F4F03AE60D507701F1ED0" +
+				"63D7530FF35EE76CAEDCBFB01D8A239E" +
+				"FA4A44B272DE9B4092E2AD56E87C3A60" +
+				"89F5A074D1F6E5B8FC6FABEE0C936F06"
+			},
+			new string[]{
+				"Set 6, vector#  3",
+				"0F62B5085BAE0154A7FA4DA0F34699EC" +
+				"3F92E5388BDE3184D72A7DD02376C91C",
+				"288FF65DC42B92F960C72E95FC63CA31" +
+				"98FF66CD349B0269D0379E056CD33AA1",
+				"C8632038DA61679C4685288B37D3E232" +
+				"7BC2D28C266B041FE0CA0D3CFEED8FD5" +
+				"753259BAB757168F85EA96ADABD823CA" +
+				"4684E918423E091565713FEDDE2CCFE0"
+			}
+		};
+
+		public override string Name
+		{
+			get { return "HC-128 and HC-256"; }
+		}
+
+		public override void PerformTest()
+		{
+			IStreamCipher hc = new HC256Engine();
+
+			for (int i = 0; i != HC256_VerifiedTest.Length; i++)
+			{
+				string[] test = HC256_VerifiedTest[i];
+				HCTest(hc, "HC-256 - " + test[0], Hex.Decode(test[1]), Hex.Decode(test[2]), Hex.Decode(test[3]));
+			}
+
+			hc = new HC128Engine();
+
+			for (int i = 0; i != HC128_VerifiedTest.Length; i++)
+			{
+				string[] test = HC128_VerifiedTest[i];
+				HCTest(hc, "HC-128 - " + test[0], Hex.Decode(test[1]), Hex.Decode(test[2]), Hex.Decode(test[3]));
+			}
+		}
+
+		private void HCTest(IStreamCipher hc, string test, byte[] key, byte[] IV, byte[] expected)
+		{
+			KeyParameter kp = new KeyParameter(key);
+			ParametersWithIV ivp = new ParametersWithIV(kp, IV);
+
+			hc.Init(true, ivp);
+			for (int i = 0; i < 64; i++)
+			{
+				if (hc.ReturnByte(MSG[i]) != expected[i])
+				{
+					Fail(test + " failure at byte " + i);
+				}
+			}
+		}
+
+		public static void Main(string[] args)
+		{
+			RunTest(new HCFamilyTest());
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/HCFamilyVecTest.cs b/crypto/test/src/crypto/test/HCFamilyVecTest.cs
new file mode 100644
index 000000000..00b0ee75c
--- /dev/null
+++ b/crypto/test/src/crypto/test/HCFamilyVecTest.cs
@@ -0,0 +1,184 @@
+using System;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* HC-128 and HC-256 Tests. Based on the test vectors in the official reference
+	* papers, respectively:
+	* 
+	* http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc128_p3.pdf
+	* http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc256_p3.pdf
+	*/
+	[TestFixture]
+	public class HCFamilyVecTest
+		: SimpleTest
+	{
+		private class PeekableLineReader
+			: StreamReader
+		{
+			public PeekableLineReader(Stream s)
+				: base(s)
+			{
+				peek = base.ReadLine();
+			}
+
+			public string PeekLine()
+			{
+				return peek;
+			}
+
+			public override string ReadLine()
+			{
+				string tmp = peek;
+				peek = base.ReadLine();
+				return tmp;
+			}
+
+			private string peek; 
+	    }
+
+		public override string Name
+		{
+			get { return "HC-128 and HC-256"; }
+		}
+
+		public override void PerformTest()
+		{
+			RunTests(new HC128Engine(), "hc128/ecrypt_HC-128.txt");
+			RunTests(new HC256Engine(), "hc256/ecrypt_HC-256_128K_128IV.txt");
+			RunTests(new HC256Engine(), "hc256/ecrypt_HC-256_256K_128IV.txt");
+			RunTests(new HC256Engine(), "hc256/ecrypt_HC-256_128K_256IV.txt");
+			RunTests(new HC256Engine(), "hc256/ecrypt_HC-256_256K_256IV.txt");
+		}
+
+		private void RunTests(IStreamCipher hc, string fileName)
+		{
+			Stream resource = SimpleTest.GetTestDataAsStream(
+				"hc256." + fileName.Replace('/', '.'));
+			PeekableLineReader r = new PeekableLineReader(resource);
+			RunAllVectors(hc, fileName, r);
+		}
+
+		private void RunAllVectors(IStreamCipher hc, string fileName, PeekableLineReader r)
+		{
+			for (;;)
+			{
+				string line = r.ReadLine();
+				if (line == null)
+					break;
+
+				line = line.Trim();
+
+				if (line.StartsWith("Set "))
+				{
+					RunVector(hc, fileName, r, line.Replace(":", ""));
+				}
+			}
+		}
+
+		private void RunVector(IStreamCipher hc, string fileName, PeekableLineReader r, string vectorName)
+		{
+//			Console.WriteLine(fileName + " => " + vectorName);
+			string hexKey = ReadBlock(r);
+			string hexIV = ReadBlock(r);
+
+			ICipherParameters cp = new KeyParameter(Hex.Decode(hexKey));
+			cp = new ParametersWithIV(cp, Hex.Decode(hexIV));
+			hc.Init(true, cp);
+
+			byte[] input = new byte[64];
+			byte[] output = new byte[64];
+			byte[] digest = new byte[64];
+			int pos = 0;
+
+			for (;;)
+			{
+				string line1 = r.PeekLine().Trim();
+				int equalsPos = line1.IndexOf('=');
+				string lead = line1.Substring(0, equalsPos - 1);
+
+				string hexData = ReadBlock(r);
+				byte[] data = Hex.Decode(hexData);
+
+				if (lead.Equals("xor-digest"))
+				{
+					if (!Arrays.AreEqual(data, digest))
+					{
+						Fail("Failed in " + fileName + " for test vector: " + vectorName + " at " + lead);
+//						Console.WriteLine(fileName + " => " + vectorName + " failed at " + lead); return;
+					}
+					break;
+				}
+
+				int posA = lead.IndexOf('[');
+				int posB = lead.IndexOf("..");
+				int posC = lead.IndexOf(']');
+				int start = Int32.Parse(lead.Substring(posA + 1, posB - (posA + 1)));
+				int end = Int32.Parse(lead.Substring(posB + 2, posC - (posB + 2)));
+
+				if (start % 64 != 0 || (end - start != 63))
+					throw new InvalidOperationException(vectorName + ": " + lead + " not on 64 byte boundaries");
+
+				while (pos < end)
+				{
+					hc.ProcessBytes(input, 0, input.Length, output, 0);
+					xor(digest, output);
+					pos += 64;
+				}
+
+				if (!Arrays.AreEqual(data, output))
+				{
+					Fail("Failed in " + fileName + " for test vector: " + vectorName + " at " + lead);
+//					Console.WriteLine(fileName + " => " + vectorName + " failed at " + lead); return;
+				}
+			}
+		}
+
+		private static string ReadBlock(PeekableLineReader r)
+		{
+			string first = r.ReadLine().Trim();
+			string result = first.Substring(first.LastIndexOf(' ') + 1);
+
+			for (;;)
+			{
+				string peek = r.PeekLine().Trim();
+				if (peek.Length < 1 || peek.IndexOf('=') >= 0)
+					break;
+				result += r.ReadLine().Trim();
+			}
+
+			return result;
+		}
+
+		private static void xor(byte[] digest, byte[] block)
+		{
+			for (int i = 0; i < digest.Length; ++i)
+			{
+				digest[i] ^= block[i];
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new HCFamilyVecTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/IDEATest.cs b/crypto/test/src/crypto/test/IDEATest.cs
new file mode 100644
index 000000000..6ae822271
--- /dev/null
+++ b/crypto/test/src/crypto/test/IDEATest.cs
@@ -0,0 +1,57 @@
+#if INCLUDE_IDEA
+
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    [TestFixture]
+    public class IdeaTest
+		: CipherTest
+    {
+        public override string Name
+        {
+			get { return "IDEA"; }
+        }
+
+		internal static SimpleTest[] tests = new SimpleTest[]
+		{
+			new BlockCipherVectorTest(0, new IdeaEngine(),
+				new KeyParameter(Hex.Decode("00112233445566778899AABBCCDDEEFF")),
+				"000102030405060708090a0b0c0d0e0f",
+				"ed732271a7b39f475b4b2b6719f194bf"),
+			new BlockCipherVectorTest(0, new IdeaEngine(),
+				new KeyParameter(Hex.Decode("00112233445566778899AABBCCDDEEFF")),
+				"f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",
+				"b8bc6ed5c899265d2bcfad1fc6d4287d")
+		};
+
+		public IdeaTest()
+			: base(tests, new IdeaEngine(), new KeyParameter(new byte[32]))
+        {
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            ITest test = new IdeaTest();
+            ITestResult result = test.Perform();
+            Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
+
+#endif
diff --git a/crypto/test/src/crypto/test/ISAACTest.cs b/crypto/test/src/crypto/test/ISAACTest.cs
new file mode 100644
index 000000000..1782bbc98
--- /dev/null
+++ b/crypto/test/src/crypto/test/ISAACTest.cs
@@ -0,0 +1,196 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* ISAAC Test - see http://www.burtleburtle.net/bob/rand/isaacafa.html
+	*/
+	[TestFixture]
+	public class IsaacTest
+		: SimpleTest
+	{
+		byte[] outBase = Hex.Decode(
+			"f650e4c8e448e96d98db2fb4f5fad54f433f1afbedec154ad837048746ca4f9a" +
+			"5de3743e88381097f1d444eb823cedb66a83e1e04a5f6355c744243325890e2e" +
+			"7452e31957161df638a824f3002ed71329f5544951c08d83d78cb99ea0cc74f3" +
+			"8f651659cbc8b7c2f5f71c6912ad6419e5792e1b860536b809b3ce98d45d6d81" +
+			"f3b2612917e38f8529cf72ce349947b0c998f9ffb5e13dae32ae2a2bf7cf814c" +
+			"8ebfa303cf22e0640b923200eca4d58aef53cec4d0f7b37d9c411a2affdf8a80" +
+			"b40e27bcb4d2f97644b89b08f37c71d51a70e7e90bdb9c3060dc5207b3c3f24b" +
+			"d7386806229749b54e232cd091dabc65a70e11018b87437e5781414fcdbc62e2" +
+			"8107c9ff69d2e4ae3b18e752b143b6886f4e077295138769943c3c74afc17a97" +
+			"0fd439636a529b0bd8c58a6aa8bcc22d2db35dfea7a2f4026cb167db538e1f4e" +
+			"7275e2771d3b8e97ecc5dc9115e3a5b90369661430ab93ecac9fe69d7bc76811" +
+			"60eda8da28833522d5295ebc5adb60e7f7e1cdd097166d14b67ec13a210f3925" +
+			"64af0fef0d0286843aea3decb058bafbb8b0ccfcf2b5cc05e3a662d9814bc24c" +
+			"2364a1aa37c0ed052b36505c451e7ec85d2a542fe43d0fbb91c8d92560d4d5f8" +
+			"12a0594b9e8a51dacd49ebdb1b0dcdc1cd57c7f7e63444517ded386f2f36fa86" +
+			"a6d1210133bc405db388d96cdb6dbe96fe29661c13edc0cbcb0eee4a70cc94ae" +
+			"de11ed340606cf9f3a6ce38923d74f4ea37f63ff917bdec2d73f72d40e7e0e67" +
+			"3d77d9a213add9228891b3db01a9bd7056a001e3d51f093dcc033ce35ad0d3b0" +
+			"34105a8c6a123f57bd2e50247364944be89b1a3b21835c4d9f39e2d9d405ded8" +
+			"294d37e5bccaaeed35a124b56708a2bcb00960ba2a98121a4d8fae820bb3263f" +
+			"12595a196a1075890809e49421c171ec884d682514c8009bb0b84e7b03fb88f4" +
+			"28e7cb789388b13bdd2dc1d5848f520a07c28cd168a3935872c9137d127dd430" +
+			"c613f1578c2f0d55f7d3f39f309bfb788406b13746c0a6f53718d59708607f04" +
+			"76904b6d04db4e13cd7411a7b510ce0ebfc7f7ccb83f957afdfef62dc35e4580" +
+			"3ff1e5244112d96c02c9b944d5990dfbe7e265810d9c7e7e826dfa8966f1e0ab" +
+			"30bcc764eadebeaced35e5ee0c571a7de4f3a26af7f58f7badf6bc235d023e65" +
+			"1ed3ff4eec46b0b6d2a93b51e75b41c97e315aeb61119a5a53245b7933f6d7b1" +
+			"cae8deba50fc8194afa92a6dc87c80064188bfcd8bace62e78ffa5685597ec0f" +
+			"b4415f7d08294766ad56764309c36f903dde9f394a0a283c18080c8e080c79ec" +
+			"79ae4c10cb9e15637cdd662f62d31911a4ca0cf15cf824cd3b708f991e16614c" +
+			"b6b9d7665de87abb7229ea81d5b2d75056e6cd21fe1e42d596da2655c2b9aa36" +
+			"b8f6fd4a6a158d1001913fd3af7d1fb80b5e435f90c107576554abda7a68710f" +
+			"82ac484fd7e1c7be95c85eaa94a302f44d3cfbda786b29081010b27582d53d12" +
+			"21e2a51c3d1e9150b059261dd0638e1a31860f0581f2864dff4cfc350451516d" +
+			"bd086f26bc5654c165dfa427a82427f5582e3014b8d2486dc79a17499a1d7745" +
+			"8766bb541e04a7f73d3dff8ad5ec6bf4dbef7d9f36ec0ea31feb2e4f15cfcc5c" +
+			"d8c423fbd0ef3cc9eb244925ba5590c8a5f48ac433c5321c613b67b2479c3a22" +
+			"e21339cc10d210aa931dd7e2ef05ee06b82f2703a385cb2c5d67133c877eb7b4" +
+			"1e3437f75afb43ae53c078f394d904811d96458908063a85e13222281956b1e5" +
+			"31860f132e7b022f21182ca396f703ac46819e2e0d28fe523724d4dca0eabe6b" +
+			"c66699fdc6112fdd19c1e69c04d3658a4b55dd9931907d62f854b5224d678f26" +
+			"22ae0582eafed133e4a51d2184bd6dd6c1a513753f28ee63fb737b1a70a1660e" +
+			"8a8dfaa31be79937f7476978513c1764531ac6bf12c06908001cdb951a4b6a53" +
+			"d067fce512b2cfb69ddb477f740e006639ddf25acc8bfa2df1b20eaf64f2632c" +
+			"9783cdee63bfd4d80084cfe575f4e9e219b48fd06c48ddd87a36af9371865c4c" +
+			"9ce0199d867027d72cb7b77f84ef01da72f5972f040f7074df9afa29c921f94e" +
+			"75c08a3618c1ef9ad649a428c5b719378a30738ad97cd348858129a6239e3b0a" +
+			"bbb8abc480fac4c2ecfcf20bd9d711f9e2a4ef71b5fe87c0be8b06b2aafef5a7" +
+			"9c15db3b0aeb81654389a84a253b1d7a19047c797cdc78a2d20adf0356f55a71" +
+			"3e730fa8fd8650d8959e234eb7546681dad1b22a142a6e858ef4bce668235b9d" +
+			"85a13f8574096ae7a949bea229322d0dd568385882846526403dae086dd1943a" +
+			"e1279bff9e7e4f041c3a4524484525e481d4cc5fe24124c0037464c0bf1bd691" +
+			"26ceb003275ead3ac5bde90826414ff3a30519add7b43abe2ce5d3d588412761" +
+			"97ca2070e5fbb9c7276df0b4308f751f37a97df6c9cd808cfe4cb3803d469303" +
+			"aee19096c0d5d42a4e823ad3f5f9cc3b4286619c9ca45e1c66c97340891aec49" +
+			"45bae606c798f04752649d6cce86fdfc80c6e402d6ec2f2b27c822821fe26ce0" +
+			"92f57ea7de462f4d07497cae5a48755c721502dd6cbe7935836d80039ead7f70" +
+			"9ab3a42f4c8652d632e39273e8fa38601da4f25a0cd6ef8102503f7d8854a0a1" +
+			"9a30c4e88815715305efe29457c4c9252887d96fc1a71e3ce9f841632d0985de" +
+			"d21e796c6fb5ce5602614abfc3c7be2cb54fed6fa617a083c3142d8f6079e4ce" +
+			"ceffc1471d0cb81bdc153e5fe36ef5bbd531161a165b10157aa114ed3f7579b3" +
+			"f7f395f1bc6172c7a86f875e0e6c51b3cdfec2af73c0e762824c2009c5a87748" +
+			"94d401258aba3ffbd32be0608c17eff021e2547e07cffad905340e15f3310c92" +
+			"9d8d190886ba527ff943f672ef73fbf046d95ca5c54cd95b9d855e894bb5af29");
+
+		byte[] outFFFFFFFF = Hex.Decode(
+			"de3b3f3c19e0629c1fc8b7836695d523e7804edd86ff7ce9b106f52caebae9d9" +
+			"72f845d49ce17d7da44e49bae954aac0d0b1284b98a88eec1524fb6bc91a16b5" +
+			"1192ac5334131446ac2442de9ff3d5867b9b9148881ee30a6e87dd88e5d1f7cd" +
+			"98db31ff36f70d9850cfefaef42abb00ecc39ed308bf4b8030cdc2b6b7e42f0e" +
+			"908030dd282f96edacc888b3a986e109c129998f89baa1b5da8970b07a6ab012" +
+			"f10264f23c315c9c8e0c164955c68517b6a4f982b2626db70787f869ac6d551b" +
+			"e34931627c7058e965c502e18d2cd370e6db3b70d947d61aa9717cf8394f48c6" +
+			"3c796f3a154950846badb28b70d982f29bc670254e3e5e0f8e36b0a5f6da0a04" +
+			"6b235ed6a42988c012bde74d879fa8eb5d59f5f40ed5e76601c9847b3edb2690");
+
+		byte[] outFFFF0000 = Hex.Decode(
+			"26c54b1f8c4e3fc582e9e8180f7aba5380463dcf58b03cbeda0ecc8ba90ccff8" +
+			"5bd50896313d7efed44015faeac6964b241a7fb8a2e37127a7cbea0fd7c020f2" +
+			"406371b87ef5185089504751e5e44352eff63e00e5c28f5dff0616a9a3a00f1f" +
+			"4a1350e3a17be9abddfc2c94571450a0dc4c3c0c7c7f98e80c95f607d50c676a" +
+			"9a3006f9d279a79a4d66b2ab0c52930c9ee84bc09895e70fa041b1a3a2966f11" +
+			"6a47fd09705124b1f5c7ae055e54536e66584b1608f3612d81b72f109a385831" +
+			"121945b207b90ac72437a248f27a121c2801f4153a8699fb047e193f7ba69e1b" +
+			"b117869675d4c963e6070c2ca3d332ce830cb5e3d9ed2eee7faf0acc20fbe154" +
+			"188ae789e95bd5c1f459dbd150aab6eb833170257084bc5d44e9df09f5624f9d" +
+			"afecd0c9340ac8587f8625d343f7efd1cc8abcf7a6f90eabd4e8e2d906278d6e" +
+			"431fcade165c8c467887fbf5c26d341557b064b98c60dd40ab262dc046d69647" +
+			"56f3ddc1a07ae5f87be878b9334fcde40add68d2ca1dc05fb1670f998c7c4607" +
+			"9a6e48bdb330ad8d30b61b5cc8dc156f5733905931949783f89ac396b65aa4b8" +
+			"51f746b53ed8ea66130e1d75e8eab136e60450e3e600226bc8e17d03744ce94c" +
+			"0eec9234fea5f18eef65d81f2f10cfbc0b112b8cde17c32eb33ed81d7356eac3" +
+			"eb1cb9cefa6604c2d707949b6e5a83e60705bf6aae76dcc7d35d68ff149c1ac5" +
+			"424bb4a39e2f496f886637fce3db4ba4ad12c1a32d25e1606f6635ff636486f6" +
+			"714997b45477f38813c02afce4bebf196b813332f0decd567c745f441e736364");
+
+		byte[] out0000FFFF = Hex.Decode(
+			"bc31712f2a2f467a5abc737c57ce0f8d49d2f775eb850fc8f856daf19310fee2"+
+			"5bab40e78403c9ef4ccd971418992faf4e85ca643fa6b482f30c4659066158a6"+
+			"5bc3e620ba7ea5c34dd0eac5aabb2cf078d915fd1f8c437ed00423076c10f701"+
+			"eefa7fc7c461aca5db8a87be29d925c4212d4adcfa71ff5b06af15c048aa0dfd"+
+			"f0e645bc09fea200c430a88eb38c466ff358b836f1159656a078f6fc752f6db1"+
+			"6680bb30fc771a6a785bbb2298e947d7b3500e557775962248bedf4e82c16e66"+
+			"f39283ccb95e5399061056a11c4a280f00f7487888199487905273c7aa13012b"+
+			"4849eca626cbf071c782e084f9fded57de92313e5f61a6e81117fb1115eff275"+
+			"66fd5c755bb3b01bba69aeb8f1b1b1cc9709734be31b35bc707d372ba6fe70d1"+
+			"e2c3b0e5e74a7058faff6b11d3a168f19fecc9fcb36b3e6a5f828c01c22ac0c2"+
+			"5da2a3a9eec7e0ebbbf51472e430ed4cf1c7ab57ef9aea511e40250846d260b6"+
+			"17a3fdeba16cf4afaf700144d3296b58b22a3c79ed96f3e2fc8d9e3c660ae153"+
+			"8e0c285ccdc48b59117e80413bd0ad24c6a8d4f133fe1496f14351bb89904fa5"+
+			"e10c4b8d50e0604578389c336a9ab3d292beb90ce640fc028e697cf54e021e2f"+
+			"c0ca3fe0471fde5e5462f221739a74f5a13ae0621fe2a82e752bc294f63de48d"+
+			"e85430af71307a30441b861ab5380e6a6dbe1251c9baa567da14e38e5a0ccddf"+
+			"0127205c38fc3b77065e98101d219246103438d223ec7f8f533d4bb3a3d3407a"+
+			"944910f11e8e5492e86de7a0471250eca32f0838b3db02fffe71898712af3261");
+
+		public override string Name
+		{
+			get { return "ISAAC"; }
+		}
+
+		public override void PerformTest()
+		{
+			IsaacEngine engine = new IsaacEngine();
+
+			doTest(engine, Hex.Decode("00000000"), outBase);
+			doTest(engine, Hex.Decode("ffffffff"), outFFFFFFFF);
+
+			byte[] k = new byte[256 * 4];
+			for (int i = 0; i != k.Length; i++)
+			{
+				k[i] = (byte)((i % 4 == 0 || i % 4 == 1) ? 0xff : 0x00);
+			}
+			doTest(engine, k, outFFFF0000);
+			k = new byte[256 * 4];
+			for (int i = 0; i != k.Length; i++)
+			{
+				k[i] = (byte)((i % 4 == 2 || i % 4 == 3) ? 0xff : 0x00);
+			}
+			doTest(engine, k, out0000FFFF);
+		}
+
+		private void doTest(
+			IsaacEngine	engine,
+			byte[]		key,
+			byte[]		output)
+		{
+			byte[] input = new byte[output.Length];
+			byte[] enc = new byte[output.Length];
+			engine.Init(true, new KeyParameter(key));
+			engine.ProcessBytes(input, 0, input.Length, enc, 0);
+			if (!AreEqual(enc, output))
+			{
+				Fail("ciphertext mismatch");
+			}
+			engine.Init(false, new KeyParameter(key));
+			engine.ProcessBytes(enc, 0, enc.Length, enc, 0);
+			if (!AreEqual(enc, input))
+			{
+				Fail("plaintext mismatch");
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new IsaacTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/ISO9796Test.cs b/crypto/test/src/crypto/test/ISO9796Test.cs
new file mode 100644
index 000000000..562238bca
--- /dev/null
+++ b/crypto/test/src/crypto/test/ISO9796Test.cs
@@ -0,0 +1,961 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <summary> test vectors from ISO 9796-1 and ISO 9796-2 edition 1.</summary>
+    [TestFixture]
+    public class ISO9796Test
+        : SimpleTest
+    {
+        static BigInteger mod1 = new BigInteger("0100000000000000000000000000000000bba2d15dbb303c8a21c5ebbcbae52b7125087920dd7cdf358ea119fd66fb064012ec8ce692f0a0b8e8321b041acd40b7", 16);
+
+        static BigInteger pub1 = new BigInteger("03", 16);
+
+        static BigInteger pri1 = new BigInteger("2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaac9f0783a49dd5f6c5af651f4c9d0dc9281c96a3f16a85f9572d7cc3f2d0f25a9dbf1149e4cdc32273faadd3fda5dcda7", 16);
+
+        static BigInteger mod2 = new BigInteger("ffffff7fa27087c35ebead78412d2bdffe0301edd494df13458974ea89b364708f7d0f5a00a50779ddf9f7d4cb80b8891324da251a860c4ec9ef288104b3858d", 16);
+
+        static BigInteger pub2 = new BigInteger("03", 16);
+
+        static BigInteger pri2 = new BigInteger("2aaaaa9545bd6bf5e51fc7940adcdca5550080524e18cfd88b96e8d1c19de6121b13fac0eb0495d47928e047724d91d1740f6968457ce53ec8e24c9362ce84b5", 16);
+
+        static byte[] msg1 = Hex.Decode("0cbbaa99887766554433221100");
+
+        //
+        // you'll need to see the ISO 9796 to make sense of this
+        //
+        static byte[] sig1 = mod1.Subtract(new BigInteger("309f873d8ded8379490f6097eaafdabc137d3ebfd8f25ab5f138d56a719cdc526bdd022ea65dabab920a81013a85d092e04d3e421caab717c90d89ea45a8d23a", 16)).ToByteArray();
+
+        static byte[] msg2 = Hex.Decode("fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210");
+
+        static byte[] sig2 = new BigInteger("319bb9becb49f3ed1bca26d0fcf09b0b0a508e4d0bd43b350f959b72cd25b3af47d608fdcd248eada74fbe19990dbeb9bf0da4b4e1200243a14e5cab3f7e610c", 16).ToByteArray();
+
+        static byte[] msg3 = Hex.Decode("0112233445566778899aabbccd");
+
+        static byte[] sig3 = mod2.Subtract(new BigInteger("58e59ffb4b1fb1bcdbf8d1fe9afa3730c78a318a1134f5791b7313d480ff07ac319b068edf8f212945cb09cf33df30ace54f4a063fcca0b732f4b662dc4e2454", 16)).ToByteArray();
+
+        //
+        // ISO 9796-2
+        //
+        static BigInteger mod3 = new BigInteger("ffffffff78f6c55506c59785e871211ee120b0b5dd644aa796d82413a47b24573f1be5745b5cd9950f6b389b52350d4e01e90009669a8720bf265a2865994190a661dea3c7828e2e7ca1b19651adc2d5", 16);
+
+        static BigInteger pub3 = new BigInteger("03", 16);
+
+        static BigInteger pri3 = new BigInteger("2aaaaaaa942920e38120ee965168302fd0301d73a4e60c7143ceb0adf0bf30b9352f50e8b9e4ceedd65343b2179005b2f099915e4b0c37e41314bb0821ad8330d23cba7f589e0f129b04c46b67dfce9d", 16);
+
+        static BigInteger mod4 = new BigInteger("FFFFFFFF45f1903ebb83d4d363f70dc647b839f2a84e119b8830b2dec424a1ce0c9fd667966b81407e89278283f27ca8857d40979407fc6da4cc8a20ecb4b8913b5813332409bc1f391a94c9c328dfe46695daf922259174544e2bfbe45cc5cd", 16);
+        static BigInteger pub4 = new BigInteger("02", 16);
+        static BigInteger pri4 = new BigInteger("1fffffffe8be3207d7707a9a6c7ee1b8c8f7073e5509c2337106165bd8849439c193faccf2cd70280fd124f0507e4f94cb66447680c6b87b6599d1b61c8f3600854a618262e9c1cb1438e485e47437be036d94b906087a61ee74ab0d9a1accd8", 16);
+
+        static byte[] msg4 = Hex.Decode("6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071");
+        static byte[] sig4 = Hex.Decode("374695b7ee8b273925b4656cc2e008d41463996534aa5aa5afe72a52ffd84e118085f8558f36631471d043ad342de268b94b080bee18a068c10965f581e7f32899ad378835477064abed8ef3bd530fce");
+
+        static byte[] msg5 = Hex.Decode("fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210");
+        static byte[] sig5 = Hex.Decode("5cf9a01854dbacaec83aae8efc563d74538192e95466babacd361d7c86000fe42dcb4581e48e4feb862d04698da9203b1803b262105104d510b365ee9c660857ba1c001aa57abfd1c8de92e47c275cae");
+
+        //
+        // scheme 2 data
+        //
+        static BigInteger mod6 = new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16);
+        static BigInteger pub6 = new BigInteger("11", 16);
+        static BigInteger pri6 = new BigInteger("92e08f83cc9920746989ca5034dcb384a094fb9c5a6288fcc4304424ab8f56388f72652d8fafc65a4b9020896f2cde297080f2a540e7b7ce5af0b3446e1258d1dd7f245cf54124b4c6e17da21b90a0ebd22605e6f45c9f136d7a13eaac1c0f7487de8bd6d924972408ebb58af71e76fd7b012a8d0e165f3ae2e5077a8648e619", 16);
+
+        //		static byte[] sig6 = new BigInteger("0073FEAF13EB12914A43FE635022BB4AB8188A8F3ABD8D8A9E4AD6C355EE920359C7F237AE36B1212FE947F676C68FE362247D27D1F298CA9302EB21F4A64C26CE44471EF8C0DFE1A54606F0BA8E63E87CDACA993BFA62973B567473B4D38FAE73AB228600934A9CC1D3263E632E21FD52D2B95C5F7023DA63DE9509C01F6C7BBC", 16).ModPow(pri6, mod6).ToByteArray();
+        static byte[] sig6 = new BigInteger("0073FEAF13EB12914A43FE635022BB4AB8188A8F3ABD8D8A9E4AD6C355EE920359C7F237AE36B1212FE947F676C68FE362247D27D1F298CA9302EB21F4A64C26CE44471EF8C0DFE1A54606F0BA8E63E87CDACA993BFA62973B567473B4D38FAE73AB228600934A9CC1D3263E632E21FD52D2B95C5F7023DA63DE9509C01F6C7BBC", 16).ModPow(pri6, mod6).ToByteArray();
+
+        static byte[] msg7 = Hex.Decode("6162636462636465636465666465666765666768666768696768696A68696A6B696A6B6C6A6B6C6D6B6C6D6E6C6D6E6F6D6E6F706E6F70716F70717270717273");
+        static byte[] sig7 = new BigInteger("296B06224010E1EC230D4560A5F88F03550AAFCE31C805CE81E811E5E53E5F71AE64FC2A2A486B193E87972D90C54B807A862F21A21919A43ECF067240A8C8C641DE8DCDF1942CF790D136728FFC0D98FB906E7939C1EC0E64C0E067F0A7443D6170E411DF91F797D1FFD74009C4638462E69D5923E7433AEC028B9A90E633CC", 16).ModPow(pri6, mod6).ToByteArray();
+
+        static byte[] msg8 = Hex.Decode("FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA98");
+        static byte[] sig8 = new BigInteger("01402B29ABA104079677CE7FC3D5A84DB24494D6F9508B4596484F5B3CC7E8AFCC4DDE7081F21CAE9D4F94D6D2CCCB43FCEDA0988FFD4EF2EAE72CFDEB4A2638F0A34A0C49664CD9DB723315759D758836C8BA26AC4348B66958AC94AE0B5A75195B57ABFB9971E21337A4B517F2E820B81F26BCE7C66F48A2DB12A8F3D731CC", 16).ModPow(pri6, mod6).ToByteArray();
+
+        static byte[] msg9 = Hex.Decode("6162636462636465636465666465666765666768666768696768696A68696A6B696A6B6C6A6B6C6D6B6C6D6E6C6D6E6F6D6E6F706E6F70716F707172707172737172737472737475737475767475767775767778767778797778797A78797A61797A61627A6162636162636462636465");
+        static byte[] sig9 = new BigInteger("6F2BB97571FE2EF205B66000E9DD06656655C1977F374E8666D636556A5FEEEEAF645555B25F45567C4EE5341F96FED86508C90A9E3F11B26E8D496139ED3E55ECE42860A6FB3A0817DAFBF13019D93E1D382DA07264FE99D9797D2F0B7779357CA7E74EE440D8855B7DDF15F000AC58EE3FFF144845E771907C0C83324A6FBC", 16).ModPow(pri6, mod6).ToByteArray();
+
+        public override string Name
+        {
+            get { return "ISO9796"; }
+        }
+
+        private bool IsSameAs(
+            byte[]	a,
+            int		off,
+            byte[]	b)
+        {
+            if ((a.Length - off) != b.Length)
+            {
+                return false;
+            }
+
+            for (int i = 0; i != b.Length; i++)
+            {
+                if (a[i + off] != b[i])
+                {
+                    return false;
+                }
+            }
+
+            return true;
+        }
+
+        private bool StartsWith(
+            byte[]	a,
+            byte[]	b)
+        {
+            if (a.Length < b.Length)
+                return false;
+
+            for (int i = 0; i != b.Length; i++)
+            {
+                if (a[i] != b[i])
+                    return false;
+            }
+
+            return true;
+        }
+
+        [Test]
+        public virtual void DoTest1()
+        {
+            RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod1, pub1);
+            RsaKeyParameters privParameters = new RsaKeyParameters(true, mod1, pri1);
+            RsaEngine rsa = new RsaEngine();
+            byte[] data;
+
+            //
+            // ISO 9796-1 - public encrypt, private decrypt
+            //
+            ISO9796d1Encoding eng = new ISO9796d1Encoding(rsa);
+
+            eng.Init(true, privParameters);
+
+            eng.SetPadBits(4);
+
+            data = eng.ProcessBlock(msg1, 0, msg1.Length);
+
+            eng.Init(false, pubParameters);
+
+            if (!AreEqual(sig1, data))
+            {
+                Fail("failed ISO9796-1 generation Test 1");
+            }
+
+            data = eng.ProcessBlock(data, 0, data.Length);
+
+            if (!AreEqual(msg1, data))
+            {
+                Fail("failed ISO9796-1 retrieve Test 1");
+            }
+        }
+
+        [Test]
+        public virtual void DoTest2()
+        {
+            RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod1, pub1);
+            RsaKeyParameters privParameters = new RsaKeyParameters(true, mod1, pri1);
+            RsaEngine rsa = new RsaEngine();
+            byte[] data;
+
+            //
+            // ISO 9796-1 - public encrypt, private decrypt
+            //
+            ISO9796d1Encoding eng = new ISO9796d1Encoding(rsa);
+
+            eng.Init(true, privParameters);
+
+            data = eng.ProcessBlock(msg2, 0, msg2.Length);
+
+            eng.Init(false, pubParameters);
+
+            if (!IsSameAs(data, 1, sig2))
+            {
+                Fail("failed ISO9796-1 generation Test 2");
+            }
+
+            data = eng.ProcessBlock(data, 0, data.Length);
+
+            if (!AreEqual(msg2, data))
+            {
+                Fail("failed ISO9796-1 retrieve Test 2");
+            }
+        }
+
+        [Test]
+        public virtual void DoTest3()
+        {
+            RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod2, pub2);
+            RsaKeyParameters privParameters = new RsaKeyParameters(true, mod2, pri2);
+            RsaEngine rsa = new RsaEngine();
+            byte[] data;
+
+            //
+            // ISO 9796-1 - public encrypt, private decrypt
+            //
+            ISO9796d1Encoding eng = new ISO9796d1Encoding(rsa);
+
+            eng.Init(true, privParameters);
+
+            eng.SetPadBits(4);
+
+            data = eng.ProcessBlock(msg3, 0, msg3.Length);
+
+            eng.Init(false, pubParameters);
+
+            if (!IsSameAs(sig3, 1, data))
+            {
+                Fail("failed ISO9796-1 generation Test 3");
+            }
+
+            data = eng.ProcessBlock(data, 0, data.Length);
+
+            if (!IsSameAs(msg3, 0, data))
+            {
+                Fail("failed ISO9796-1 retrieve Test 3");
+            }
+        }
+
+        [Test]
+        public virtual void DoTest4()
+        {
+            RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod3, pub3);
+            RsaKeyParameters privParameters = new RsaKeyParameters(true, mod3, pri3);
+            RsaEngine rsa = new RsaEngine();
+            byte[] data;
+
+            //
+            // ISO 9796-2 - Signing
+            //
+            Iso9796d2Signer eng = new Iso9796d2Signer(rsa, new RipeMD128Digest());
+
+            eng.Init(true, privParameters);
+
+            eng.Update(msg4[0]);
+            eng.BlockUpdate(msg4, 1, msg4.Length - 1);
+
+            data = eng.GenerateSignature();
+
+            eng.Init(false, pubParameters);
+
+            if (!IsSameAs(sig4, 0, data))
+            {
+                Fail("failed ISO9796-2 generation Test 4");
+            }
+
+            eng.Update(msg4[0]);
+            eng.BlockUpdate(msg4, 1, msg4.Length - 1);
+
+            if (!eng.VerifySignature(data))
+            {
+                Fail("failed ISO9796-2 verify Test 4");
+            }
+
+            if (eng.HasFullMessage())
+            {
+                eng = new Iso9796d2Signer(rsa, new RipeMD128Digest());
+
+                eng.Init(false, pubParameters);
+
+                if (!eng.VerifySignature(sig4))
+                {
+                    Fail("failed ISO9796-2 verify and recover Test 4");
+                }
+
+                if(!IsSameAs(eng.GetRecoveredMessage(), 0, msg4))
+                {
+                    Fail("failed ISO9796-2 recovered message Test 4");
+                }
+
+                // try update with recovered
+                eng.UpdateWithRecoveredMessage(sig4);
+
+                if(!IsSameAs(eng.GetRecoveredMessage(), 0, msg4))
+                {
+                    Fail("failed ISO9796-2 updateWithRecovered recovered message Test 4");
+                }
+                
+                if (!eng.VerifySignature(sig4))
+                {
+                    Fail("failed ISO9796-2 updateWithRecovered verify and recover Test 4");
+                }
+                
+                if(!IsSameAs(eng.GetRecoveredMessage(), 0, msg4))
+                {
+                    Fail("failed ISO9796-2 updateWithRecovered recovered verify message Test 4");
+                }
+                
+                // should fail
+                eng.UpdateWithRecoveredMessage(sig4);
+                
+                eng.BlockUpdate(msg4, 0, msg4.Length);
+                
+                if (eng.VerifySignature(sig4))
+                {
+                    Fail("failed ISO9796-2 updateWithRecovered verify and recover Test 4");
+                }
+            }
+            else
+            {
+                Fail("full message flag false - Test 4");
+            }
+        }
+
+        [Test]
+        public virtual void DoTest5()
+        {
+            RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod3, pub3);
+            RsaKeyParameters privParameters = new RsaKeyParameters(true, mod3, pri3);
+            RsaEngine rsa = new RsaEngine();
+            byte[] data;
+
+            //
+            // ISO 9796-2 - Signing
+            //
+            Iso9796d2Signer eng = new Iso9796d2Signer(rsa, new RipeMD160Digest(), true);
+
+            eng.Init(true, privParameters);
+
+            eng.Update(msg5[0]);
+            eng.BlockUpdate(msg5, 1, msg5.Length - 1);
+
+            data = eng.GenerateSignature();
+
+            eng.Init(false, pubParameters);
+
+            if (!IsSameAs(sig5, 0, data))
+            {
+                Fail("failed ISO9796-2 generation Test 5");
+            }
+
+            eng.Update(msg5[0]);
+            eng.BlockUpdate(msg5, 1, msg5.Length - 1);
+
+            if (!eng.VerifySignature(data))
+            {
+                Fail("failed ISO9796-2 verify Test 5");
+            }
+
+            if (eng.HasFullMessage())
+            {
+                Fail("fullMessage true - Test 5");
+            }
+
+            if (!StartsWith(msg5, eng.GetRecoveredMessage()))
+            {
+                Fail("failed ISO9796-2 partial recovered message Test 5");
+            }
+
+            int length = eng.GetRecoveredMessage().Length;
+
+            if (length >= msg5.Length)
+            {
+                Fail("Test 5 recovered message too long");
+            }
+
+            eng = new Iso9796d2Signer(rsa, new RipeMD160Digest(), true);
+
+            eng.Init(false, pubParameters);
+
+            eng.UpdateWithRecoveredMessage(sig5);
+
+            if (!StartsWith(msg5, eng.GetRecoveredMessage()))
+            {
+                Fail("failed ISO9796-2 updateWithRecovered partial recovered message Test 5");
+            }
+
+            if (eng.HasFullMessage())
+            {
+                Fail("fullMessage updateWithRecovered true - Test 5");
+            }
+
+            for (int i = length ; i != msg5.Length; i++)
+            {
+                eng.Update(msg5[i]);
+            }
+
+            if (!eng.VerifySignature(sig5))
+            {
+                Fail("failed ISO9796-2 verify Test 5");
+            }
+
+            if (eng.HasFullMessage())
+            {
+                Fail("fullMessage updateWithRecovered true - Test 5");
+            }
+
+            // should fail
+            eng.UpdateWithRecoveredMessage(sig5);
+
+            eng.BlockUpdate(msg5, 0, msg5.Length);
+
+            if (eng.VerifySignature(sig5))
+            {
+                Fail("failed ISO9796-2 updateWithRecovered verify fail Test 5");
+            }
+        }
+
+        //
+        // against a zero length string
+        //
+        [Test]
+        public virtual void DoTest6()
+        {
+            byte[] salt = Hex.Decode("61DF870C4890FE85D6E3DD87C3DCE3723F91DB49");
+            RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod6, pub6);
+            RsaKeyParameters privParameters = new RsaKeyParameters(true, mod6, pri6);
+            ParametersWithSalt sigParameters = new ParametersWithSalt(privParameters, salt);
+            RsaEngine rsa = new RsaEngine();
+            byte[] data;
+
+            //
+            // ISO 9796-2 - PSS Signing
+            //
+            Iso9796d2PssSigner eng = new Iso9796d2PssSigner(rsa, new RipeMD160Digest(), 20, true);
+
+            eng.Init(true, sigParameters);
+
+            data = eng.GenerateSignature();
+
+            eng.Init(false, pubParameters);
+
+            if (!IsSameAs(sig6, 1, data))
+            {
+                Fail("failed ISO9796-2 generation Test 6");
+            }
+
+            if (!eng.VerifySignature(data))
+            {
+                Fail("failed ISO9796-2 verify Test 6");
+            }
+        }
+
+        [Test]
+        public virtual void DoTest7()
+        {
+            byte[] salt = new byte[0];
+            RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod6, pub6);
+            RsaKeyParameters privParameters = new RsaKeyParameters(true, mod6, pri6);
+            ParametersWithSalt sigParameters = new ParametersWithSalt(privParameters, salt);
+            RsaEngine rsa = new RsaEngine();
+            byte[] data;
+
+            //
+            // ISO 9796-2 - PSS Signing
+            //
+            Iso9796d2PssSigner eng = new Iso9796d2PssSigner(rsa, new Sha1Digest(), 0, false);
+
+            eng.Init(true, sigParameters);
+
+            eng.Update(msg7[0]);
+            eng.BlockUpdate(msg7, 1, msg7.Length - 1);
+
+            data = eng.GenerateSignature();
+
+            eng.Init(false, pubParameters);
+
+            if (!IsSameAs(sig7, 0, data))
+            {
+                Fail("failed ISO9796-2 generation Test 7");
+            }
+
+            eng.Update(msg7[0]);
+            eng.BlockUpdate(msg7, 1, msg7.Length - 1);
+
+            if (!eng.VerifySignature(data))
+            {
+                Fail("failed ISO9796-2 verify Test 7");
+            }
+
+            if (!IsSameAs(msg7, 0, eng.GetRecoveredMessage()))
+            {
+                Fail("failed ISO9796-2 recovery Test 7");
+            }
+        }
+
+        [Test]
+        public virtual void DoTest8()
+        {
+            byte[] salt = Hex.Decode("78E293203CBA1B7F92F05F4D171FF8CA3E738FF8");
+            RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod6, pub6);
+            RsaKeyParameters privParameters = new RsaKeyParameters(true, mod6, pri6);
+            ParametersWithSalt sigParameters = new ParametersWithSalt(privParameters, salt);
+            RsaEngine rsa = new RsaEngine();
+            byte[] data;
+
+            //
+            // ISO 9796-2 - PSS Signing
+            //
+            Iso9796d2PssSigner eng = new Iso9796d2PssSigner(rsa, new RipeMD160Digest(), 20, false);
+
+            eng.Init(true, sigParameters);
+
+            eng.Update(msg8[0]);
+            eng.BlockUpdate(msg8, 1, msg8.Length - 1);
+
+            data = eng.GenerateSignature();
+
+            eng.Init(false, pubParameters);
+
+            if (!IsSameAs(sig8, 0, data))
+            {
+                Fail("failed ISO9796-2 generation Test 8");
+            }
+
+            eng.Update(msg8[0]);
+            eng.BlockUpdate(msg8, 1, msg8.Length - 1);
+
+            if (!eng.VerifySignature(data))
+            {
+                Fail("failed ISO9796-2 verify Test 8");
+            }
+        }
+
+        [Test]
+        public virtual void DoTest9()
+        {
+            RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod6, pub6);
+            RsaKeyParameters privParameters = new RsaKeyParameters(true, mod6, pri6);
+            RsaEngine rsa = new RsaEngine();
+            byte[] data;
+
+            //
+            // ISO 9796-2 - PSS Signing
+            //
+            Iso9796d2PssSigner eng = new Iso9796d2PssSigner(rsa, new RipeMD160Digest(), 0, true);
+
+            eng.Init(true, privParameters);
+
+            eng.Update(msg9[0]);
+            eng.BlockUpdate(msg9, 1, msg9.Length - 1);
+
+            data = eng.GenerateSignature();
+
+            eng.Init(false, pubParameters);
+
+            if (!IsSameAs(sig9, 0, data))
+            {
+                Fail("failed ISO9796-2 generation Test 9");
+            }
+
+            eng.Update(msg9[0]);
+            eng.BlockUpdate(msg9, 1, msg9.Length - 1);
+
+            if (!eng.VerifySignature(data))
+            {
+                Fail("failed ISO9796-2 verify Test 9");
+            }
+        }
+
+        [Test]
+        public virtual void DoTest10()
+        {
+            BigInteger          mod = new BigInteger("B3ABE6D91A4020920F8B3847764ECB34C4EB64151A96FDE7B614DC986C810FF2FD73575BDF8532C06004C8B4C8B64F700A50AEC68C0701ED10E8D211A4EA554D", 16);
+            BigInteger          pubExp = new BigInteger("65537", 10);
+            BigInteger          priExp = new BigInteger("AEE76AE4716F77C5782838F328327012C097BD67E5E892E75C1356E372CCF8EE1AA2D2CBDFB4DA19F703743F7C0BA42B2D69202BA7338C294D1F8B6A5771FF41", 16);
+            RsaKeyParameters    pubParameters = new RsaKeyParameters(false, mod, pubExp);
+            RsaKeyParameters    privParameters = new RsaKeyParameters(true, mod, priExp);
+            RsaEngine           rsa = new RsaEngine();
+            byte[]              data;
+
+            //
+            // ISO 9796-2 - PSS Signing
+            //
+            IDigest              dig = new Sha1Digest();
+            Iso9796d2PssSigner  eng = new Iso9796d2PssSigner(rsa, dig, dig.GetDigestSize());
+
+            //
+            // as the padding is random this test needs to repeat a few times to
+            // make sure
+            //
+            for (int i = 0; i != 500; i++)
+            {
+                eng.Init(true, privParameters);
+
+                eng.Update(msg9[0]);
+                eng.BlockUpdate(msg9, 1, msg9.Length - 1);
+
+                data = eng.GenerateSignature();
+
+                eng.Init(false, pubParameters);
+
+                eng.Update(msg9[0]);
+                eng.BlockUpdate(msg9, 1, msg9.Length - 1);
+
+                if (!eng.VerifySignature(data))
+                {
+                    Fail("failed ISO9796-2 verify Test 10");
+                }
+            }
+        }
+
+        [Test]
+        public virtual void DoTest11()
+        {
+            BigInteger          mod = new BigInteger("B3ABE6D91A4020920F8B3847764ECB34C4EB64151A96FDE7B614DC986C810FF2FD73575BDF8532C06004C8B4C8B64F700A50AEC68C0701ED10E8D211A4EA554D", 16);
+            BigInteger          pubExp = new BigInteger("65537", 10);
+            BigInteger          priExp = new BigInteger("AEE76AE4716F77C5782838F328327012C097BD67E5E892E75C1356E372CCF8EE1AA2D2CBDFB4DA19F703743F7C0BA42B2D69202BA7338C294D1F8B6A5771FF41", 16);
+            RsaKeyParameters    pubParameters = new RsaKeyParameters(false, mod, pubExp);
+            RsaKeyParameters    privParameters = new RsaKeyParameters(true, mod, priExp);
+            RsaEngine           rsa = new RsaEngine();
+            byte[]              data;
+            byte[]              m1 = { 1, 2, 3, 4, 5, 6, 7, 8, 9 };
+            byte[]              m2 = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
+            byte[]              m3 = { 1, 2, 3, 4, 5, 6, 7, 8 };
+
+            //
+            // ISO 9796-2 - PSS Signing
+            //
+            IDigest              dig = new Sha1Digest();
+            Iso9796d2PssSigner  eng = new Iso9796d2PssSigner(rsa, dig, dig.GetDigestSize());
+
+            //
+            // check message bounds
+            //
+            eng.Init(true, privParameters);
+
+            eng.BlockUpdate(m1, 0, m1.Length);
+
+            data = eng.GenerateSignature();
+
+            eng.Init(false, pubParameters);
+
+            eng.BlockUpdate(m2, 0, m2.Length);
+
+            if (eng.VerifySignature(data))
+            {
+                Fail("failed ISO9796-2 m2 verify Test 11");
+            }
+
+            eng.Init(false, pubParameters);
+
+            eng.BlockUpdate(m3, 0, m3.Length);
+
+            if (eng.VerifySignature(data))
+            {
+                Fail("failed ISO9796-2 m3 verify Test 11");
+            }
+
+            eng.Init(false, pubParameters);
+
+            eng.BlockUpdate(m1, 0, m1.Length);
+
+            if (!eng.VerifySignature(data))
+            {
+                Fail("failed ISO9796-2 verify Test 11");
+            }
+        }
+
+        [Test]
+        public virtual void DoTest12()
+        {
+            BigInteger          mod = new BigInteger("B3ABE6D91A4020920F8B3847764ECB34C4EB64151A96FDE7B614DC986C810FF2FD73575BDF8532C06004C8B4C8B64F700A50AEC68C0701ED10E8D211A4EA554D", 16);
+            BigInteger          pubExp = new BigInteger("65537", 10);
+            BigInteger          priExp = new BigInteger("AEE76AE4716F77C5782838F328327012C097BD67E5E892E75C1356E372CCF8EE1AA2D2CBDFB4DA19F703743F7C0BA42B2D69202BA7338C294D1F8B6A5771FF41", 16);
+            RsaKeyParameters    pubParameters = new RsaKeyParameters(false, mod, pubExp);
+            RsaKeyParameters    privParameters = new RsaKeyParameters(true, mod, priExp);
+            RsaEngine           rsa = new RsaEngine();
+            byte[]              data;
+            byte[]              m1 = { 1, 2, 3, 4, 5, 6, 7, 8, 9 };
+            byte[]              m2 = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
+            byte[]              m3 = { 1, 2, 3, 4, 5, 6, 7, 8 };
+
+            //
+            // ISO 9796-2 - Regular Signing
+            //
+            IDigest           dig = new Sha1Digest();
+            Iso9796d2Signer  eng = new Iso9796d2Signer(rsa, dig);
+
+            //
+            // check message bounds
+            //
+            eng.Init(true, privParameters);
+
+            eng.BlockUpdate(m1, 0, m1.Length);
+
+            data = eng.GenerateSignature();
+
+            eng.Init(false, pubParameters);
+
+            eng.BlockUpdate(m2, 0, m2.Length);
+
+            if (eng.VerifySignature(data))
+            {
+                Fail("failed ISO9796-2 m2 verify Test 12");
+            }
+
+            eng.Init(false, pubParameters);
+
+            eng.BlockUpdate(m3, 0, m3.Length);
+
+            if (eng.VerifySignature(data))
+            {
+                Fail("failed ISO9796-2 m3 verify Test 12");
+            }
+
+            eng.Init(false, pubParameters);
+
+            eng.BlockUpdate(m1, 0, m1.Length);
+
+            if (!eng.VerifySignature(data))
+            {
+                Fail("failed ISO9796-2 verify Test 12");
+            }
+        }
+
+        [Test]
+        public void DoTest13()
+        {
+            BigInteger modulus = new BigInteger(1, Hex.Decode("CDCBDABBF93BE8E8294E32B055256BBD0397735189BF75816341BB0D488D05D627991221DF7D59835C76A4BB4808ADEEB779E7794504E956ADC2A661B46904CDC71337DD29DDDD454124EF79CFDD7BC2C21952573CEFBA485CC38C6BD2428809B5A31A898A6B5648CAA4ED678D9743B589134B7187478996300EDBA16271A861"));
+            BigInteger pubExp = new BigInteger(1, Hex.Decode("010001"));
+            BigInteger privExp = new BigInteger(1, Hex.Decode("4BA6432AD42C74AA5AFCB6DF60FD57846CBC909489994ABD9C59FE439CC6D23D6DE2F3EA65B8335E796FD7904CA37C248367997257AFBD82B26F1A30525C447A236C65E6ADE43ECAAF7283584B2570FA07B340D9C9380D88EAACFFAEEFE7F472DBC9735C3FF3A3211E8A6BBFD94456B6A33C17A2C4EC18CE6335150548ED126D"));
+
+            RsaKeyParameters pubParams = new RsaKeyParameters(false, modulus, pubExp);
+            RsaKeyParameters privParams = new RsaKeyParameters(true, modulus, privExp);
+
+            IAsymmetricBlockCipher rsaEngine = new RsaBlindedEngine();
+            IDigest digest = new Sha256Digest();
+
+            // set challenge to all zero's for verification
+            byte[] challenge = new byte[8];
+
+            // DOES NOT USE FINAL BOOLEAN TO INDICATE RECOVERY
+            Iso9796d2Signer signer = new Iso9796d2Signer(rsaEngine, digest, false);
+
+            // sign
+            signer.Init(true, privParams);
+            signer.BlockUpdate(challenge, 0, challenge.Length);
+
+            byte[]  sig = signer.GenerateSignature();
+
+            // verify
+            signer.Init(false, pubParams);
+            signer.BlockUpdate(challenge, 0, challenge.Length);
+
+            if (!signer.VerifySignature(sig))
+            {
+                Fail("basic verification failed");
+            }
+
+            // === LETS ACTUALLY DO SOME RECOVERY, USING INPUT FROM INTERNAL AUTHENTICATE ===
+
+            signer.Reset();
+
+            string args0 = "482E20D1EDDED34359C38F5E7C01203F9D6B2641CDCA5C404D49ADAEDE034C7481D781D043722587761C90468DE69C6585A1E8B9C322F90E1B580EEDAB3F6007D0C366CF92B4DB8B41C8314929DCE2BE889C0129123484D2FD3D12763D2EBFD12AC8E51D7061AFCA1A53DEDEC7B9A617472A78C952CCC72467AE008E5F132994";
+
+            digest = new Sha1Digest();
+
+            signer = new Iso9796d2Signer(rsaEngine, digest, true);
+
+
+            signer.Init(false, pubParams);
+            byte[] signature = Hex.Decode(args0);
+            signer.UpdateWithRecoveredMessage(signature);
+            signer.BlockUpdate(challenge, 0, challenge.Length);
+
+            if (!signer.VerifySignature(signature))
+            {
+                Fail("recovered + challenge signature failed");
+            }
+
+            // === FINALLY, USING SHA-256 ===
+
+            signer.Reset();
+
+            digest = new Sha256Digest();
+
+            // NOTE setting implicit to false does not actually do anything for verification !!!
+            signer = new Iso9796d2Signer(rsaEngine, digest, false);
+
+
+            signer.Init(true, privParams);
+            // generate NONCE of correct length using some inner knowledge
+            int nonceLength = modulus.BitLength / 8 - 1 - digest.GetDigestSize() - 2;
+            byte[] nonce = new byte[nonceLength];
+            SecureRandom rnd = new SecureRandom();
+
+            rnd.NextBytes(nonce);
+
+            signer.BlockUpdate(nonce, 0, nonce.Length);
+            signer.BlockUpdate(challenge, 0, challenge.Length);
+            byte[] sig3 = signer.GenerateSignature();
+
+            signer.Init(false, pubParams);
+            signer.UpdateWithRecoveredMessage(sig3);
+            signer.BlockUpdate(challenge, 0, challenge.Length);
+            if (signer.VerifySignature(sig3))
+            {
+                if (signer.HasFullMessage())
+                {
+                    Fail("signer indicates full message");
+                }
+                byte[] recoverableMessage = signer.GetRecoveredMessage();
+
+                // sanity check, normally the nonce is ignored in eMRTD specs (PKI Technical Report)
+                if (!Arrays.AreEqual(nonce, recoverableMessage))
+                {
+                    Fail("Nonce compare with recoverable part of message failed");
+                }
+            }
+            else
+            {
+                Fail("recoverable + nonce failed.");
+            }
+        }
+
+        private static readonly byte[] longMessage = Base64.Decode(
+            "VVNIKzErU0U2ODAxNTMyOTcxOSsyKzErNisyKzErMTo6OTk5OTk5OTk5OTk5"
+          + "OTo6OSsyOjo3Nzc3Nzc3Nzc3Nzc3Ojo5Kys1OjIwMTMwNDA1OjExMzUyMCdV"
+          + "U0ErMTo6OjE2OjEnVVNDKzRmYjk3YzFhNDI5ZGIyZDYnVVNBKzY6MTY6MTox"
+          + "MDoxKzE0OjIwNDgrMTI6/vn3S0h96eNhfmPN6OZUxXhd815h0tP871Hl+V1r"
+          + "fHHUXvrPXmjHV0vdb8fYY1zxwvnQUcFBWXT43PFi7Xbow0/9e9l6/mhs1UJq"
+          + "VPvp+ELbeXfn4Nj02ttk0e3H5Hfa69NYRuHv1WBO6lfizNnM9m9XYmh9TOrg"
+          + "f9rDRtd+ZNbf4lz9fPTt9OXyxOJWRPr/0FLzxUVsddplfHxM3ndETFD7ffjI"
+          + "/mhRYuL8WXZ733LeWFRCeOzKzmDz/HvT3GZx/XJMbFpqyOZjedzh6vZr1vrD"
+          + "615TQfN7wtJJ29bN2Hvzb2f1xGHaXl7af0/w9dpR2dr7/HzuZEJKYc7JSkv4"
+          + "/k37yERIbcrfbVTeVtR+dcVoeeRT41fmzMfzf8RnWOX4YMNifl0rMTM68EFA"
+          + "QSdCR00rMzgwKzk5OTk5OTk5J0RUTSsxMzc6MjAxMzA0MDU6MTAyJ0ZUWCtB"
+          + "QUkrKytJTlZPSUNFIFRFU1QnUkZGK09OOjEyMzQ1NidSRkYrRFE6MjIyMjIy"
+          + "MjIyJ0RUTSsxNzE6MjAxMzA0MDE6MTAyJ05BRCtTVSs5OTk5OTk5OTk5OTk5"
+          + "Ojo5KytURVNUIFNVUFBMSUVSOjpUcmFzZSByZWdpc3RlciBYWFhYWFhYK1Rl"
+          + "c3QgYWRkcmVzcyBzdXBwbGllcitDaXR5KysxMjM0NStERSdSRkYrVkE6QTEy"
+          + "MzQ1Njc4J05BRCtTQ08rOTk5OTk5OTk5OTk5OTo6OSsrVEVTVCBTVVBQTElF"
+          + "Ujo6VHJhc2UgcmVnaXN0ZXIgWFhYWFhYWCtUZXN0IGFkZHJlc3Mgc3VwcGxp"
+          + "ZXIrQ2l0eSsrMTIzNDUrREUnUkZGK1ZBOkExMjM0NTY3OCdOQUQrQlkrODg4"
+          + "ODg4ODg4ODg4ODo6OSdOQUQrSVYrNzc3Nzc3Nzc3Nzc3Nzo6OSsrVEVTVCBC"
+          + "VVlFUitUZXN0IGFkZHJlc3MgYnV5ZXIrQ2l0eTIrKzU0MzIxK0RFJ1JGRitW"
+          + "QTpKODc2NTQzMjEnTkFEK0JDTys3Nzc3Nzc3Nzc3Nzc3Ojo5KytURVNUIEJV"
+          + "WUVSK1Rlc3QgYWRkcmVzcyBidXllcitDaXR5MisrNTQzMjErREUnUkZGK1ZB"
+          + "Oko4NzY1NDMyMSdOQUQrRFArODg4ODg4ODg4ODg4ODo6OSdOQUQrUFIrNzc3"
+          + "Nzc3Nzc3Nzc3Nzo6OSdDVVgrMjpFVVI6NCdQQVQrMzUnRFRNKzEzOjIwMTMw"
+          + "NjI0OjEwMidMSU4rMSsrMTExMTExMTExMTExMTpFTidQSUErMStBQUFBQUFB"
+          + "OlNBJ0lNRCtGK00rOjo6UFJPRFVDVCBURVNUIDEnUVRZKzQ3OjEwLjAwMCdN"
+          + "T0ErNjY6Ny4wMCdQUkkrQUFCOjEuMDAnUFJJK0FBQTowLjcwJ1JGRitPTjox"
+          + "MjM0NTYnUkZGK0RROjIyMjIyMjIyMidUQVgrNytWQVQrKys6OjoyMS4wMDAn"
+          + "QUxDK0ErKysxK1REJ1BDRCsxOjMwLjAwMCdNT0ErMjA0OjMuMDAnTElOKzIr"
+          + "KzIyMjIyMjIyMjIyMjI6RU4nUElBKzErQkJCQkJCQjpTQSdJTUQrRitNKzo6"
+          + "OlBST0RVQ1QgVEVTVCAyJ1FUWSs0NzoyMC4wMDAnTU9BKzY2OjgwLjAwJ1BS"
+          + "SStBQUI6NS4wMCdQUkkrQUFBOjQuMDAnUkZGK09OOjEyMzQ1NidSRkYrRFE6"
+          + "MjIyMjIyMjIyJ1RBWCs3K1ZBVCsrKzo6OjIxLjAwMCdBTEMrQSsrKzErVEQn"
+          + "UENEKzE6MjAuMDAwJ01PQSsyMDQ6MjAuMDAnVU5TK1MnQ05UKzI6MidNT0Er"
+          + "Nzk6ODcuMDAnTU9BKzEzOToxMDUuMjcnTU9BKzEyNTo4Ny4wMCdNT0ErMjYw"
+          + "OjAuMDAnTU9BKzI1OTowLjAwJ01PQSsxNzY6MTguMjcnVEFYKzcrVkFUKysr"
+          + "Ojo6MjEuMDAwJ01PQSsxNzY6MTguMjcnTU9BKzEyNTo4Ny4wMCc=");
+
+        private static readonly byte[] shortPartialSig = Base64.Decode(
+            "sb8yyKk6HM1cJhICScMx7QRQunRyrZ1fbI42+T+TBGNjOknvzKuvG7aftGX7"
+          + "O/RXuYgk6LTxpXv7+O5noUhMBsR2PKaHveuylU1WSPmDxDCui3kp4frqVH0w"
+          + "8Vjpl5CsKqBsmKkbGCKE+smM0xFXhYxV8QUTB2XsWNCQiFiHPgwbpfWzZUNY"
+          + "QPWd0A99P64EuUIYz1tkkDnLFmwQ19/PJu1a8orIQInmkVYWSsBsZ/7Ks6lx"
+          + "nDHpAvgiRe+OXmJ/yuQy1O3FJYdyoqvjYRPBu3qYeBK9+9L3lExLilImH5aD"
+          + "nJznaXcO8QFOxVPbrF2s4GdPIMDonEyAHdrnzoghlg==");
+
+        [Test]
+        public void DoShortPartialTest()
+        {
+            byte[]     recovered = Hex.Decode("5553482b312b534536383031353332393731392b322b312b362b322b312b313a3a393939393939393939393939393a3a392b323a3a373737373737373737373737373a3a392b2b353a32303133303430353a313133");
+            BigInteger exp = new BigInteger("10001", 16);
+            BigInteger mod = new BigInteger("b9b70b083da9e37e23cde8e654855db31e21d2d3fc11a5f91d2b3c311efa8f5e28c757dd6fc798631cb1b9d051c14119749cb122ad76e8c3fd7bd93abe282c026a14fba9f8023977a7a0d8b49a24d1ad87e4379a931846a1ef9520ea57e28c998cf65722683d0caaa0da8306973e2496a25cbd3cb4adb4b284e25604fabf12f385456c75da7c3c4cde37440cfb7db8c8fe6851e2bc59767b9f7218540238ac8acef3bc7bd3dc6671320c2c1a2ac8a6799ce1eaf62b9683ab1e1341b37b9249dbd6cd987b2f27b5c4619a1eda7f0fb0b59a519afbbc3cee640261cec90a4bb8fefbc844082dca9f549e56943e758579a453a357e6ccb37fc46718a5b8c3227e5d", 16);
+
+            AsymmetricKeyParameter pubKey = new RsaKeyParameters(false, mod, exp);
+
+            Iso9796d2PssSigner pssSign = new Iso9796d2PssSigner(new RsaEngine(), new Sha1Digest(), 20);
+
+            pssSign.Init(false, pubKey);
+
+            pssSign.UpdateWithRecoveredMessage(shortPartialSig);
+
+            byte[] recoveredMessage = pssSign.GetRecoveredMessage();
+            pssSign.BlockUpdate(longMessage, recoveredMessage.Length, longMessage.Length - recoveredMessage.Length);
+
+            if (!pssSign.VerifySignature(shortPartialSig))
+            {
+                Fail("short partial PSS sig verification failed.");
+            }
+
+            byte[] mm = pssSign.GetRecoveredMessage();
+
+            if (!Arrays.AreEqual(recovered, mm))
+            {
+                Fail("short partial PSS recovery failed");
+            }
+        }
+
+        [Test]
+        public void DoFullMessageTest()
+        {
+            BigInteger modulus = new BigInteger(1, Hex.Decode("CDCBDABBF93BE8E8294E32B055256BBD0397735189BF75816341BB0D488D05D627991221DF7D59835C76A4BB4808ADEEB779E7794504E956ADC2A661B46904CDC71337DD29DDDD454124EF79CFDD7BC2C21952573CEFBA485CC38C6BD2428809B5A31A898A6B5648CAA4ED678D9743B589134B7187478996300EDBA16271A861"));
+            BigInteger pubExp = new BigInteger(1, Hex.Decode("010001"));
+            BigInteger privExp = new BigInteger(1, Hex.Decode("4BA6432AD42C74AA5AFCB6DF60FD57846CBC909489994ABD9C59FE439CC6D23D6DE2F3EA65B8335E796FD7904CA37C248367997257AFBD82B26F1A30525C447A236C65E6ADE43ECAAF7283584B2570FA07B340D9C9380D88EAACFFAEEFE7F472DBC9735C3FF3A3211E8A6BBFD94456B6A33C17A2C4EC18CE6335150548ED126D"));
+            RsaKeyParameters pubParams = new RsaKeyParameters(false, modulus, pubExp);
+            RsaKeyParameters privParams = new RsaKeyParameters(true, modulus, privExp);
+
+            IAsymmetricBlockCipher rsaEngine = new RsaBlindedEngine();
+
+            // set challenge to all zero's for verification
+            byte[] challenge = new byte[8];
+
+            Iso9796d2PssSigner pssSign = new Iso9796d2PssSigner(new RsaEngine(), new Sha256Digest(), 20, true);
+
+            pssSign.Init(true, privParams);
+
+            pssSign.BlockUpdate(challenge, 0, challenge.Length);
+
+            byte[] sig = pssSign.GenerateSignature();
+
+            pssSign.Init(false, pubParams);
+
+            pssSign.UpdateWithRecoveredMessage(sig);
+
+            if (!pssSign.VerifySignature(sig))
+            {
+                Fail("challenge PSS sig verification failed.");
+            }
+
+            byte[] mm = pssSign.GetRecoveredMessage();
+
+            if (!Arrays.AreEqual(challenge, mm))
+            {
+                Fail("challenge partial PSS recovery failed");
+            }
+        }
+
+        public override void PerformTest()
+        {
+            DoTest1();
+            DoTest2();
+            DoTest3();
+            DoTest4();
+            DoTest5();
+            DoTest6();
+            DoTest7();
+            DoTest8();
+            DoTest9();
+            DoTest10();
+            DoTest11();
+            DoTest12();
+            DoTest13();
+            DoShortPartialTest();
+            DoFullMessageTest();
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new ISO9796Test());
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/ISO9797Alg3MacTest.cs b/crypto/test/src/crypto/test/ISO9797Alg3MacTest.cs
new file mode 100644
index 000000000..9d5d8b6b7
--- /dev/null
+++ b/crypto/test/src/crypto/test/ISO9797Alg3MacTest.cs
@@ -0,0 +1,99 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	[TestFixture]
+	public class ISO9797Alg3MacTest
+		: SimpleTest
+	{
+		static byte[] keyBytes = Hex.Decode("7CA110454A1A6E570131D9619DC1376E");
+		static byte[] ivBytes = Hex.Decode("0000000000000000");
+
+		static byte[] input1 = Encoding.ASCII.GetBytes("Hello World !!!!");
+
+		static byte[] output1 = Hex.Decode("F09B856213BAB83B");
+
+		public ISO9797Alg3MacTest()
+		{
+		}
+
+		public override void PerformTest()
+		{
+			KeyParameter key = new KeyParameter(keyBytes);
+			IBlockCipher cipher = new DesEngine();
+			IMac mac = new ISO9797Alg3Mac(cipher);
+
+			//
+			// standard DAC - zero IV
+			//
+			mac.Init(key);
+
+			mac.BlockUpdate(input1, 0, input1.Length);
+
+			byte[] outBytes = new byte[8];
+
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output1))
+			{
+				Fail("Failed - expected " + Hex.ToHexString(output1) + " got " + Hex.ToHexString(outBytes));
+			}
+
+			//
+			//  reset
+			//
+			mac.Reset();
+
+			mac.Init(key);
+
+			for (int i = 0; i != input1.Length / 2; i++)
+			{
+				mac.Update(input1[i]);
+			}
+
+			mac.BlockUpdate(input1, input1.Length / 2, input1.Length - (input1.Length / 2));
+
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output1))
+			{
+				Fail("Reset failed - expected " + Hex.ToHexString(output1) + " got " + Hex.ToHexString(outBytes));
+			}
+		}
+
+		public override string Name
+		{
+			get
+			{
+				return "ISO9797Alg3Mac";
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ISO9797Alg3MacTest test = new ISO9797Alg3MacTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/KDF1GeneratorTest.cs b/crypto/test/src/crypto/test/KDF1GeneratorTest.cs
new file mode 100644
index 000000000..89c8d5453
--- /dev/null
+++ b/crypto/test/src/crypto/test/KDF1GeneratorTest.cs
@@ -0,0 +1,103 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	 * KDF1 tests - vectors from ISO 18033.
+	 */
+	[TestFixture]
+	public class Kdf1GeneratorTest
+		: SimpleTest
+	{
+		private byte[] seed1 = Hex.Decode("d6e168c5f256a2dcff7ef12facd390f393c7a88d");
+		private byte[] mask1 = Hex.Decode(
+			"0742ba966813af75536bb6149cc44fc256fd6406df79665bc31dc5"
+			+ "a62f70535e52c53015b9d37d412ff3c1193439599e1b628774c50d9c"
+			+ "cb78d82c425e4521ee47b8c36a4bcffe8b8112a89312fc04420a39de"
+			+ "99223890e74ce10378bc515a212b97b8a6447ba6a8870278");
+
+		private byte[] seed2 = Hex.Decode(
+			"032e45326fa859a72ec235acff929b15d1372e30b207255f0611b8f785d7643741"
+			+ "52e0ac009e509e7ba30cd2f1778e113b64e135cf4e2292c75efe5288edfda4");
+		private byte[] mask2 = Hex.Decode(
+			"5f8de105b5e96b2e490ddecbd147dd1def7e3b8e0e6a26eb7b956ccb8b3bdc1ca9"
+			+ "75bc57c3989e8fbad31a224655d800c46954840ff32052cdf0d640562bdfadfa263c"
+			+ "fccf3c52b29f2af4a1869959bc77f854cf15bd7a25192985a842dbff8e13efee5b7e"
+			+ "7e55bbe4d389647c686a9a9ab3fb889b2d7767d3837eea4e0a2f04");
+
+		private byte[] seed3;
+		private byte[] mask3= Hex.Decode(
+			"09e2decf2a6e1666c2f6071ff4298305e2643fd510a2403db42a8743cb989de86e"
+			+ "668d168cbe604611ac179f819a3d18412e9eb45668f2923c087c12fee0c5a0d2a8aa"
+			+ "70185401fbbd99379ec76c663e875a60b4aacb1319fa11c3365a8b79a44669f26fb5"
+			+ "55c80391847b05eca1cb5cf8c2d531448d33fbaca19f6410ee1fcb");
+
+		public Kdf1GeneratorTest()
+		{
+			seed3 = seed2;
+		}
+
+		public override void PerformTest()
+		{
+			checkMask(1, new Kdf1BytesGenerator(new ShortenedDigest(new Sha256Digest(), 20)), seed1, mask1);
+			checkMask(2, new Kdf1BytesGenerator(new Sha1Digest()), seed2, mask2);
+			checkMask(3, new Kdf1BytesGenerator(new ShortenedDigest(new Sha256Digest(), 20)), seed3, mask3);
+
+			try
+			{
+				new Kdf1BytesGenerator(new Sha1Digest()).GenerateBytes(new byte[10], 0, 20);
+
+				Fail("short input array not caught");
+			}
+			catch (DataLengthException)
+			{
+				// expected
+			}
+		}
+
+		private void checkMask(
+			int					count,
+			IDerivationFunction	kdf,
+			byte[]				seed,
+			byte[]				result)
+		{
+			byte[] data = new byte[result.Length];
+
+			kdf.Init(new Iso18033KdfParameters(seed));
+
+			kdf.GenerateBytes(data, 0, data.Length);
+
+			if (!AreEqual(result, data))
+			{
+				Fail("KDF1 failed generator test " + count);
+			}
+		}
+
+		public override string Name
+		{
+			get { return "KDF1"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new Kdf1GeneratorTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/KDF2GeneratorTest.cs b/crypto/test/src/crypto/test/KDF2GeneratorTest.cs
new file mode 100644
index 000000000..e184e0b40
--- /dev/null
+++ b/crypto/test/src/crypto/test/KDF2GeneratorTest.cs
@@ -0,0 +1,115 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* KDF2 tests - vectors from ISO 18033.
+	*/
+	[TestFixture]
+	public class Kdf2GeneratorTest
+		: SimpleTest
+	{
+		private static readonly byte[] seed1 = Hex.Decode("d6e168c5f256a2dcff7ef12facd390f393c7a88d");
+		private static readonly byte[] mask1 = Hex.Decode(
+			"df79665bc31dc5a62f70535e52c53015b9d37d412ff3c119343959"
+			+ "9e1b628774c50d9ccb78d82c425e4521ee47b8c36a4bcffe8b8112a8"
+			+ "9312fc04420a39de99223890e74ce10378bc515a212b97b8a6447ba6"
+			+ "a8870278f0262727ca041fa1aa9f7b5d1cf7f308232fe861");
+
+		private static readonly byte[] seed2 = Hex.Decode(
+			"032e45326fa859a72ec235acff929b15d1372e30b207255f0611b8f785d7643741"
+			+ "52e0ac009e509e7ba30cd2f1778e113b64e135cf4e2292c75efe5288edfda4");
+		private static readonly byte[] mask2 = Hex.Decode(
+			"10a2403db42a8743cb989de86e668d168cbe604611ac179f819a3d18412e9eb456"
+			+ "68f2923c087c12fee0c5a0d2a8aa70185401fbbd99379ec76c663e875a60b4aacb13"
+			+ "19fa11c3365a8b79a44669f26fb555c80391847b05eca1cb5cf8c2d531448d33fbac"
+			+ "a19f6410ee1fcb260892670e0814c348664f6a7248aaf998a3acc6");
+		private static readonly byte[] adjustedMask2 = Hex.Decode(
+			"10a2403db42a8743cb989de86e668d168cbe6046e23ff26f741e87949a3bba1311ac1"
+			+ "79f819a3d18412e9eb45668f2923c087c1299005f8d5fd42ca257bc93e8fee0c5a0d2"
+			+ "a8aa70185401fbbd99379ec76c663e9a29d0b70f3fe261a59cdc24875a60b4aacb131"
+			+ "9fa11c3365a8b79a44669f26fba933d012db213d7e3b16349");
+
+		private static readonly byte[] sha1Mask = Hex.Decode(
+			"0e6a26eb7b956ccb8b3bdc1ca975bc57c3989e8fbad31a224655d800c46954840ff32"
+			+ "052cdf0d640562bdfadfa263cfccf3c52b29f2af4a1869959bc77f854cf15bd7a2519"
+			+ "2985a842dbff8e13efee5b7e7e55bbe4d389647c686a9a9ab3fb889b2d7767d3837ee"
+			+ "a4e0a2f04b53ca8f50fb31225c1be2d0126c8c7a4753b0807");
+
+		private static readonly byte[] seed3 = Hex.Decode("CA7C0F8C3FFA87A96E1B74AC8E6AF594347BB40A");
+		private static readonly byte[] mask3 = Hex.Decode("744AB703F5BC082E59185F6D049D2D367DB245C2");
+
+		private static readonly byte[] seed4 = Hex.Decode("0499B502FC8B5BAFB0F4047E731D1F9FD8CD0D8881");
+		private static readonly byte[] mask4 = Hex.Decode("03C62280C894E103C680B13CD4B4AE740A5EF0C72547292F82DC6B1777F47D63BA9D1EA732DBF386");
+
+		public Kdf2GeneratorTest()
+		{
+		}
+
+		public override void PerformTest()
+		{
+			checkMask(1, new Kdf2BytesGenerator(new ShortenedDigest(new Sha256Digest(), 20)), seed1, mask1);
+			checkMask(2, new Kdf2BytesGenerator(new ShortenedDigest(new Sha256Digest(), 20)), seed2, mask2);
+			checkMask(3, new Kdf2BytesGenerator(new Sha256Digest()), seed2, adjustedMask2);
+			checkMask(4, new Kdf2BytesGenerator(new Sha1Digest()), seed2, sha1Mask);
+			checkMask(5, new Kdf2BytesGenerator(new Sha1Digest()), seed3, mask3);
+			checkMask(6, new Kdf2BytesGenerator(new Sha1Digest()), seed4, mask4);
+
+			try
+			{
+				new Kdf2BytesGenerator(new Sha1Digest()).GenerateBytes(new byte[10], 0, 20);
+
+				Fail("short input array not caught");
+			}
+			catch (DataLengthException)
+			{
+				// expected
+			}
+		}
+
+		private void checkMask(
+			int					count,
+			IDerivationFunction	kdf,
+			byte[]				seed,
+			byte[]				result)
+		{
+			byte[] data = new byte[result.Length];
+
+			kdf.Init(new KdfParameters(seed, new byte[0]));
+
+			kdf.GenerateBytes(data, 0, data.Length);
+
+			if (!AreEqual(result, data))
+			{
+				Fail("KDF2 failed generator test " + count);
+			}
+		}
+
+		public override string Name
+		{
+			get { return "KDF2"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new Kdf2GeneratorTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
\ No newline at end of file
diff --git a/crypto/test/src/crypto/test/MD2DigestTest.cs b/crypto/test/src/crypto/test/MD2DigestTest.cs
new file mode 100644
index 000000000..e9d2cb88f
--- /dev/null
+++ b/crypto/test/src/crypto/test/MD2DigestTest.cs
@@ -0,0 +1,204 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /**
+     * standard vector test for MD2
+     * from RFC1319 by B.Kaliski of RSA Laboratories April 1992
+     *
+     */
+    [TestFixture]
+    public class MD2DigestTest
+		: ITest
+    {
+        static private string testVec1 = "";
+        static private string resVec1 = "8350e5a3e24c153df2275c9f80692773";
+        static private string testVec2 = "61";
+        static private string resVec2 = "32ec01ec4a6dac72c0ab96fb34c0b5d1";
+        static private string testVec3 = "616263";
+        static private string resVec3 = "da853b0d3f88d99b30283a69e6ded6bb";
+        static private string testVec4 = "6d65737361676520646967657374";
+        static private string resVec4 = "ab4f496bfb2a530b219ff33031fe06b0";
+        static private string testVec5 = "6162636465666768696a6b6c6d6e6f707172737475767778797a";
+        static private string resVec5 = "4e8ddff3650292ab5a4108c3aa47940b";
+        static private string testVec6 = "4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839";
+        static private string resVec6 = "da33def2a42df13975352846c30338cd";
+        static private string testVec7 = "3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930";
+        static private string resVec7 = "d5976f79d83d3a0dc9806c3c66f3efd8";
+
+		public string Name
+        {
+			get { return "MD2"; }
+        }
+
+		public ITestResult Perform()
+        {
+            IDigest digest = new MD2Digest();
+            byte[] resBuf = new byte[digest.GetDigestSize()];
+            string resStr;
+
+            //
+            // test 1
+            //
+            byte[]  bytes = Hex.Decode(testVec1);
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec1.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD2 failing standard vector test 1"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec1
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 2
+            //
+            bytes = Hex.Decode(testVec2);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec2.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD2 failing standard vector test 2"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec2
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 3
+            //
+            bytes = Hex.Decode(testVec3);
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec3.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD2 failing standard vector test 3"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec3
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 4
+            //
+
+            bytes = Hex.Decode(testVec4);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD2 failing standard vector test 4"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec4
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+            //
+            // test 5
+            //
+            bytes = Hex.Decode(testVec5);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec5.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    //System.err.println(
+                    "MD2 failing standard vector test 5"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec5
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+            //
+            // test 6
+            //
+            bytes = Hex.Decode(testVec6);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec6.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD2 failing standard vector test 6"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec6
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+            //
+            // test 7
+            //
+            bytes = Hex.Decode(testVec7);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec7.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD2 failing standard vector test 7"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec7
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            ITest test = new MD2DigestTest();
+            ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/MD4DigestTest.cs b/crypto/test/src/crypto/test/MD4DigestTest.cs
new file mode 100644
index 000000000..89b5d7949
--- /dev/null
+++ b/crypto/test/src/crypto/test/MD4DigestTest.cs
@@ -0,0 +1,176 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /**
+     * standard vector test for MD4 from RFC 1320.
+     */
+    [TestFixture]
+    public class MD4DigestTest
+		: ITest
+    {
+//        static private string testVec1 = "";
+        static private string resVec1 = "31d6cfe0d16ae931b73c59d7e0c089c0";
+
+        static private string testVec2 = "61";
+        static private string resVec2 = "bde52cb31de33e46245e05fbdbd6fb24";
+
+        static private string testVec3 = "616263";
+        static private string resVec3 = "a448017aaf21d8525fc10ae87aa6729d";
+
+        static private string testVec4 = "3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930";
+        static private string resVec4 = "e33b4ddc9c38f2199c3e7b164fcc0536";
+
+        public string Name
+        {
+			get { return "MD4"; }
+        }
+
+		public ITestResult Perform()
+        {
+            IDigest  digest = new MD4Digest();
+            byte[]  resBuf = new byte[digest.GetDigestSize()];
+            string  resStr;
+
+            //
+            // test 1
+            //
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec1.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD4 failing standard vector test 1"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec1
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 2
+            //
+            byte[]  bytes = Hex.Decode(testVec2);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec2.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD4 failing standard vector test 2"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec2
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 3
+            //
+            bytes = Hex.Decode(testVec3);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec3.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD4 failing standard vector test 3"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec3
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 4
+            //
+            bytes = Hex.Decode(testVec4);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD4 failing standard vector test 4"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec4
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 5
+            //
+            bytes = Hex.Decode(testVec4);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length/2);
+
+            // clone the IDigest
+            IDigest d = new MD4Digest((MD4Digest)digest);
+
+            digest.BlockUpdate(bytes, bytes.Length/2, bytes.Length - bytes.Length/2);
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD4 failing standard vector test 5"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec4
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            d.BlockUpdate(bytes, bytes.Length/2, bytes.Length - bytes.Length/2);
+            d.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD4 failing standard vector test 5"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec4
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            ITest test = new MD4DigestTest();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+
+}
diff --git a/crypto/test/src/crypto/test/MD5DigestTest.cs b/crypto/test/src/crypto/test/MD5DigestTest.cs
new file mode 100644
index 000000000..b38e06391
--- /dev/null
+++ b/crypto/test/src/crypto/test/MD5DigestTest.cs
@@ -0,0 +1,175 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/// <remarks>Standard vector test for MD5 from "Handbook of Applied Cryptography", page 345.</remarks>
+    [TestFixture]
+    public class MD5DigestTest
+		: ITest
+    {
+//        static private string testVec1 = "";
+        static private string resVec1 = "d41d8cd98f00b204e9800998ecf8427e";
+
+        static private string testVec2 = "61";
+        static private string resVec2 = "0cc175b9c0f1b6a831c399e269772661";
+
+        static private string testVec3 = "616263";
+        static private string resVec3 = "900150983cd24fb0d6963f7d28e17f72";
+
+        static private string testVec4 = "6162636465666768696a6b6c6d6e6f707172737475767778797a";
+        static private string resVec4 = "c3fcd3d76192e4007dfb496cca67e13b";
+
+        public string Name
+        {
+			get { return "MD5"; }
+        }
+
+		public ITestResult Perform()
+        {
+            IDigest digest = new MD5Digest();
+            byte[] resBuf = new byte[digest.GetDigestSize()];
+            string resStr;
+
+            //
+            // test 1
+            //
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec1.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD5 failing standard vector test 1"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec1
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 2
+            //
+            byte[] bytes = Hex.Decode(testVec2);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec2.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD5 failing standard vector test 2"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec2
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 3
+            //
+            bytes = Hex.Decode(testVec3);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec3.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD5 failing standard vector test 3"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec3
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 4
+            //
+            bytes = Hex.Decode(testVec4);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD5 failing standard vector test 4"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec4
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 5
+            //
+            bytes = Hex.Decode(testVec4);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length/2);
+
+            // clone the IDigest
+            IDigest d = new MD5Digest((MD5Digest)digest);
+
+            digest.BlockUpdate(bytes, bytes.Length/2, bytes.Length - bytes.Length/2);
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD5 failing standard vector test 5"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec4
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            d.BlockUpdate(bytes, bytes.Length/2, bytes.Length - bytes.Length/2);
+            d.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "MD5 failing standard vector test 5"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec4
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            ITest test = new MD5DigestTest();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+
+}
diff --git a/crypto/test/src/crypto/test/MD5HMacTest.cs b/crypto/test/src/crypto/test/MD5HMacTest.cs
new file mode 100644
index 000000000..101b8be3c
--- /dev/null
+++ b/crypto/test/src/crypto/test/MD5HMacTest.cs
@@ -0,0 +1,91 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <remarks> MD5 HMac Test, test vectors from RFC 2202</remarks>
+    [TestFixture]
+    public class MD5HMacTest
+		: ITest
+    {
+        public string Name
+        {
+			get { return "MD5HMac"; }
+        }
+
+		internal static readonly string[] keys = new string[]{"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b", "4a656665", "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "0102030405060708090a0b0c0d0e0f10111213141516171819", "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c", "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"};
+        internal static readonly string[] digests = new string[]{"9294727a3638bb1c13f48ef8158bfc9d", "750c783e6ab0b503eaa86e310a5db738", "56be34521d144c88dbb8c733f0e8b3f6", "697eaf0aca3a3aea3a75164746ffaa79", "56461ef2342edc00f9bab995690efd4c", "6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd", "6f630fad67cda0ee1fb1f562db3aa53e"};
+        internal static readonly string[] messages = new string[]{"Hi There", "what do ya want for nothing?", "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd", "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd", "Test With Truncation", "Test Using Larger Than Block-Size Key - Hash Key First", "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data"};
+
+		public virtual ITestResult Perform()
+        {
+            HMac hmac = new HMac(new MD5Digest());
+            byte[] resBuf = new byte[hmac.GetMacSize()];
+
+			for (int i = 0; i < messages.Length; i++)
+            {
+                byte[] m = Encoding.ASCII.GetBytes(messages[i]);
+                if (messages[i].StartsWith("0x"))
+                {
+                    m = Hex.Decode(messages[i].Substring(2));
+                }
+                hmac.Init(new KeyParameter(Hex.Decode(keys[i])));
+                hmac.BlockUpdate(m, 0, m.Length);
+                hmac.DoFinal(resBuf, 0);
+
+                if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i])))
+                {
+                    return new SimpleTestResult(false, Name + "Vector " + i + " failed");
+                }
+            }
+
+			// test reset
+            int vector = 0; // vector used for test
+            byte[] m2 = Encoding.ASCII.GetBytes(messages[vector]);
+            if (messages[vector].StartsWith("0x"))
+            {
+                m2 = Hex.Decode(messages[vector].Substring(2));
+            }
+            hmac.Init(new KeyParameter(Hex.Decode(keys[vector])));
+            hmac.BlockUpdate(m2, 0, m2.Length);
+            hmac.DoFinal(resBuf, 0);
+            hmac.Reset();
+            hmac.BlockUpdate(m2, 0, m2.Length);
+            hmac.DoFinal(resBuf, 0);
+
+			if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[vector])))
+            {
+                return new SimpleTestResult(false, Name + "Reset with vector " + vector + " failed");
+            }
+
+			return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            ITest test = new MD5HMacTest();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/MGF1GeneratorTest.cs b/crypto/test/src/crypto/test/MGF1GeneratorTest.cs
new file mode 100644
index 000000000..ee67ffa1c
--- /dev/null
+++ b/crypto/test/src/crypto/test/MGF1GeneratorTest.cs
@@ -0,0 +1,103 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	 * MGF1 tests - vectors from ISO 18033 for KDF1 (equivalent).
+	 */
+	[TestFixture]
+	public class Mgf1GeneratorTest
+		: SimpleTest
+	{
+		private byte[] seed1 = Hex.Decode("d6e168c5f256a2dcff7ef12facd390f393c7a88d");
+		private byte[] mask1 = Hex.Decode(
+			"0742ba966813af75536bb6149cc44fc256fd6406df79665bc31dc5"
+			+ "a62f70535e52c53015b9d37d412ff3c1193439599e1b628774c50d9c"
+			+ "cb78d82c425e4521ee47b8c36a4bcffe8b8112a89312fc04420a39de"
+			+ "99223890e74ce10378bc515a212b97b8a6447ba6a8870278");
+
+		private byte[] seed2 = Hex.Decode(
+			"032e45326fa859a72ec235acff929b15d1372e30b207255f0611b8f785d7643741"
+			+ "52e0ac009e509e7ba30cd2f1778e113b64e135cf4e2292c75efe5288edfda4");
+		private byte[] mask2 = Hex.Decode(
+			"5f8de105b5e96b2e490ddecbd147dd1def7e3b8e0e6a26eb7b956ccb8b3bdc1ca9"
+			+ "75bc57c3989e8fbad31a224655d800c46954840ff32052cdf0d640562bdfadfa263c"
+			+ "fccf3c52b29f2af4a1869959bc77f854cf15bd7a25192985a842dbff8e13efee5b7e"
+			+ "7e55bbe4d389647c686a9a9ab3fb889b2d7767d3837eea4e0a2f04");
+
+		private byte[] seed3;
+		private byte[] mask3= Hex.Decode(
+			"09e2decf2a6e1666c2f6071ff4298305e2643fd510a2403db42a8743cb989de86e"
+			+ "668d168cbe604611ac179f819a3d18412e9eb45668f2923c087c12fee0c5a0d2a8aa"
+			+ "70185401fbbd99379ec76c663e875a60b4aacb1319fa11c3365a8b79a44669f26fb5"
+			+ "55c80391847b05eca1cb5cf8c2d531448d33fbaca19f6410ee1fcb");
+
+		public Mgf1GeneratorTest()
+		{
+			seed3 = seed2;
+		}
+
+		public override void PerformTest()
+		{
+			checkMask(1, new Mgf1BytesGenerator(new ShortenedDigest(new Sha256Digest(), 20)), seed1, mask1);
+			checkMask(2, new Mgf1BytesGenerator(new Sha1Digest()), seed2, mask2);
+			checkMask(3, new Mgf1BytesGenerator(new ShortenedDigest(new Sha256Digest(), 20)), seed3, mask3);
+
+			try
+			{
+				new Mgf1BytesGenerator(new Sha1Digest()).GenerateBytes(new byte[10], 0, 20);
+
+				Fail("short input array not caught");
+			}
+			catch (DataLengthException)
+			{
+				// expected
+			}
+		}
+
+		private void checkMask(
+			int                count,
+			IDerivationFunction kdf,
+			byte[]             seed,
+			byte[]             result)
+		{
+			byte[]             data = new byte[result.Length];
+
+			kdf.Init(new MgfParameters(seed));
+
+			kdf.GenerateBytes(data, 0, data.Length);
+
+			if (!AreEqual(result, data))
+			{
+				Fail("MGF1 failed generator test " + count);
+			}
+		}
+
+		public override string Name
+		{
+			get { return "MGF1"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new Mgf1GeneratorTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
\ No newline at end of file
diff --git a/crypto/test/src/crypto/test/MacTest.cs b/crypto/test/src/crypto/test/MacTest.cs
new file mode 100644
index 000000000..9a58f8a8c
--- /dev/null
+++ b/crypto/test/src/crypto/test/MacTest.cs
@@ -0,0 +1,214 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Paddings;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <remarks> MAC tester - vectors from
+    /// <a href="http://www.itl.nist.gov/fipspubs/fip81.htm">FIP 81</a> and
+    /// <a href="http://www.itl.nist.gov/fipspubs/fip113.htm">FIP 113</a>.
+    /// </remarks>
+    [TestFixture]
+    public class MacTest
+		: ITest
+    {
+        public string Name
+        {
+			get { return "IMac"; }
+        }
+
+		internal static byte[] keyBytes;
+        internal static byte[] ivBytes;
+        internal static byte[] input1;
+        internal static byte[] output1;
+        internal static byte[] output2;
+        internal static byte[] output3;
+
+        //
+        // these aren't NIST vectors, just for regression testing.
+        //
+        internal static byte[] input2;
+        internal static byte[] output4;
+        internal static byte[] output5;
+        internal static byte[] output6;
+
+        public MacTest()
+        {
+        }
+
+        public virtual ITestResult Perform()
+        {
+            KeyParameter key = new KeyParameter(keyBytes);
+            IBlockCipher cipher = new DesEngine();
+            IMac mac = new CbcBlockCipherMac(cipher);
+
+            //
+            // standard DAC - zero IV
+            //
+            mac.Init(key);
+
+            mac.BlockUpdate(input1, 0, input1.Length);
+
+            byte[] outBytes = new byte[4];
+
+            mac.DoFinal(outBytes, 0);
+
+            if (!Arrays.AreEqual(outBytes, output1))
+            {
+                return new SimpleTestResult(false, Name + ": Failed - expected "
+					+ Hex.ToHexString(output1) + " got " + Hex.ToHexString(outBytes));
+            }
+
+            //
+            // mac with IV.
+            //
+            ParametersWithIV param = new ParametersWithIV(key, ivBytes);
+
+            mac.Init(param);
+
+            mac.BlockUpdate(input1, 0, input1.Length);
+
+            outBytes = new byte[4];
+
+            mac.DoFinal(outBytes, 0);
+
+            if (!Arrays.AreEqual(outBytes, output2))
+            {
+                return new SimpleTestResult(false, Name + ": Failed - expected "
+					+ Hex.ToHexString(output2) + " got " + Hex.ToHexString(outBytes));
+            }
+
+            //
+            // CFB mac with IV - 8 bit CFB mode
+            //
+            param = new ParametersWithIV(key, ivBytes);
+
+            mac = new CfbBlockCipherMac(cipher);
+
+            mac.Init(param);
+
+            mac.BlockUpdate(input1, 0, input1.Length);
+
+            outBytes = new byte[4];
+
+            mac.DoFinal(outBytes, 0);
+
+            if (!Arrays.AreEqual(outBytes, output3))
+            {
+                return new SimpleTestResult(false, Name + ": Failed - expected "
+					+ Hex.ToHexString(output3) + " got " + Hex.ToHexString(outBytes));
+            }
+
+            //
+            // word aligned data - zero IV
+            //
+            mac.Init(key);
+
+            mac.BlockUpdate(input2, 0, input2.Length);
+
+            outBytes = new byte[4];
+
+            mac.DoFinal(outBytes, 0);
+
+            if (!Arrays.AreEqual(outBytes, output4))
+            {
+                return new SimpleTestResult(false, Name + ": Failed - expected "
+					+ Hex.ToHexString(output4) + " got " + Hex.ToHexString(outBytes));
+            }
+
+            //
+            // word aligned data - zero IV - CBC padding
+            //
+            mac = new CbcBlockCipherMac(cipher, new Pkcs7Padding());
+
+            mac.Init(key);
+
+            mac.BlockUpdate(input2, 0, input2.Length);
+
+            outBytes = new byte[4];
+
+            mac.DoFinal(outBytes, 0);
+
+            if (!Arrays.AreEqual(outBytes, output5))
+            {
+                return new SimpleTestResult(false, Name + ": Failed - expected "
+					+ Hex.ToHexString(output5) + " got " + Hex.ToHexString(outBytes));
+            }
+
+            //
+            // non-word aligned data - zero IV - CBC padding
+            //
+            mac.Reset();
+
+            mac.BlockUpdate(input1, 0, input1.Length);
+
+            outBytes = new byte[4];
+
+            mac.DoFinal(outBytes, 0);
+
+            if (!Arrays.AreEqual(outBytes, output6))
+            {
+                return new SimpleTestResult(false, Name + ": Failed - expected "
+					+ Hex.ToHexString(output6) + " got " + Hex.ToHexString(outBytes));
+            }
+
+            //
+            // non-word aligned data - zero IV - CBC padding
+            //
+            mac.Init(key);
+
+            mac.BlockUpdate(input1, 0, input1.Length);
+
+            outBytes = new byte[4];
+
+            mac.DoFinal(outBytes, 0);
+
+            if (!Arrays.AreEqual(outBytes, output6))
+            {
+                return new SimpleTestResult(false, Name + ": Failed - expected "
+					+ Hex.ToHexString(output6) + " got " + Hex.ToHexString(outBytes));
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            MacTest test = new MacTest();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+
+        static MacTest()
+        {
+            keyBytes = Hex.Decode("0123456789abcdef");
+            ivBytes = Hex.Decode("1234567890abcdef");
+            input1 = Hex.Decode("37363534333231204e6f77206973207468652074696d6520666f7220");
+            output1 = Hex.Decode("f1d30f68");
+            output2 = Hex.Decode("58d2e77e");
+            output3 = Hex.Decode("cd647403");
+            input2 = Hex.Decode("3736353433323120");
+            output4 = Hex.Decode("3af549c9");
+            output5 = Hex.Decode("188fbdd5");
+            output6 = Hex.Decode("7045eecd");
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/ModeTest.cs b/crypto/test/src/crypto/test/ModeTest.cs
new file mode 100644
index 000000000..c67dce094
--- /dev/null
+++ b/crypto/test/src/crypto/test/ModeTest.cs
@@ -0,0 +1,108 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/// <remarks> CFB/OFB Mode test of IV padding.</remarks>
+	[TestFixture]
+	public class ModeTest
+		: ITest
+	{
+		public string Name
+		{
+			get { return "ModeTest"; }
+		}
+
+		public ModeTest()
+		{
+		}
+
+		public virtual ITestResult Perform()
+		{
+			KeyParameter key = new KeyParameter(Hex.Decode("0011223344556677"));
+			byte[] input = Hex.Decode("4e6f7720");
+			byte[] out1 = new byte[4];
+			byte[] out2 = new byte[4];
+
+
+			IBlockCipher ofb = new OfbBlockCipher(new DesEngine(), 32);
+
+			ofb.Init(true, new ParametersWithIV(key, Hex.Decode("1122334455667788")));
+
+			ofb.ProcessBlock(input, 0, out1, 0);
+
+			ofb.Init(false, new ParametersWithIV(key, Hex.Decode("1122334455667788")));
+			ofb.ProcessBlock(out1, 0, out2, 0);
+
+			if (!Arrays.AreEqual(out2, input))
+			{
+				return new SimpleTestResult(false, Name + ": test 1 - in != out");
+			}
+
+			ofb.Init(true, new ParametersWithIV(key, Hex.Decode("11223344")));
+
+			ofb.ProcessBlock(input, 0, out1, 0);
+
+			ofb.Init(false, new ParametersWithIV(key, Hex.Decode("0000000011223344")));
+			ofb.ProcessBlock(out1, 0, out2, 0);
+
+			if (!Arrays.AreEqual(out2, input))
+			{
+				return new SimpleTestResult(false, Name + ": test 2 - in != out");
+			}
+
+			IBlockCipher cfb = new CfbBlockCipher(new DesEngine(), 32);
+
+			cfb.Init(true, new ParametersWithIV(key, Hex.Decode("1122334455667788")));
+
+			cfb.ProcessBlock(input, 0, out1, 0);
+
+			cfb.Init(false, new ParametersWithIV(key, Hex.Decode("1122334455667788")));
+			cfb.ProcessBlock(out1, 0, out2, 0);
+
+			if (!Arrays.AreEqual(out2, input))
+			{
+				return new SimpleTestResult(false, Name + ": test 3 - in != out");
+			}
+
+			cfb.Init(true, new ParametersWithIV(key, Hex.Decode("11223344")));
+
+			cfb.ProcessBlock(input, 0, out1, 0);
+
+			cfb.Init(false, new ParametersWithIV(key, Hex.Decode("0000000011223344")));
+			cfb.ProcessBlock(out1, 0, out2, 0);
+
+			if (!Arrays.AreEqual(out2, input))
+			{
+				return new SimpleTestResult(false, Name + ": test 4 - in != out");
+			}
+
+			return new SimpleTestResult(true, Name + ": Okay");
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new ModeTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/NaccacheSternTest.cs b/crypto/test/src/crypto/test/NaccacheSternTest.cs
new file mode 100644
index 000000000..faa845059
--- /dev/null
+++ b/crypto/test/src/crypto/test/NaccacheSternTest.cs
@@ -0,0 +1,354 @@
+using System;
+using System.Collections;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	 * Test case for NaccacheStern cipher. For details on this cipher, please see
+	 *
+	 * http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf
+	 *
+	 * Performs the following tests:
+	 *  <ul>
+	 *  <li> Toy example from the NaccacheSternPaper </li>
+	 *  <li> 768 bit test with text "Now is the time for all good men." (ripped from RSA test) and
+	 *     the same test with the first byte replaced by 0xFF </li>
+	 *  <li> 1024 bit test analog to 768 bit test </li>
+	 *  </ul>
+	 */
+	[TestFixture, Explicit]
+	public class NaccacheSternTest
+		: SimpleTest
+	{
+		static bool debug = false;
+
+		static readonly NaccacheSternEngine cryptEng = new NaccacheSternEngine();
+		static readonly NaccacheSternEngine decryptEng = new NaccacheSternEngine();
+
+		static NaccacheSternTest()
+		{
+			cryptEng.Debug = debug;
+			decryptEng.Debug = debug;
+		}
+
+		// Values from NaccacheStern paper
+		static readonly BigInteger a = BigInteger.ValueOf(101);
+		static readonly BigInteger u1 = BigInteger.ValueOf(3);
+		static readonly BigInteger u2 = BigInteger.ValueOf(5);
+		static readonly BigInteger u3 = BigInteger.ValueOf(7);
+		static readonly BigInteger b = BigInteger.ValueOf(191);
+		static readonly BigInteger v1 = BigInteger.ValueOf(11);
+		static readonly BigInteger v2 = BigInteger.ValueOf(13);
+		static readonly BigInteger v3 = BigInteger.ValueOf(17);
+
+		static readonly BigInteger sigma
+			= u1.Multiply(u2).Multiply(u3).Multiply(v1).Multiply(v2).Multiply(v3);
+
+		static readonly BigInteger p
+			= BigInteger.Two.Multiply(a).Multiply(u1).Multiply(u2).Multiply(u3).Add(BigInteger.One);
+
+		static readonly BigInteger q
+			= BigInteger.Two.Multiply(b).Multiply(v1).Multiply(v2).Multiply(v3).Add(BigInteger.One);
+
+		static readonly BigInteger n = p.Multiply(q);
+
+		static readonly BigInteger phi_n
+			= p.Subtract(BigInteger.One).Multiply(q.Subtract(BigInteger.One));
+
+		static readonly BigInteger g = BigInteger.ValueOf(131);
+
+		static readonly IList smallPrimes = new ArrayList();
+
+		// static final BigInteger paperTest = BigInteger.ValueOf(202);
+
+		static readonly string input = "4e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e";
+
+		static readonly BigInteger paperTest = BigInteger.ValueOf(202);
+
+		//
+		// to check that we handling byte extension by big number correctly.
+		//
+		static readonly string edgeInput = "ff6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e";
+
+		public override string Name
+		{
+			get { return "NaccacheStern"; }
+		}
+
+		public override void PerformTest()
+		{
+			// Test with given key from NaccacheSternPaper (totally insecure)
+
+			// First the Parameters from the NaccacheStern Paper
+			// (see http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf )
+
+			smallPrimes.Add(u1);
+			smallPrimes.Add(u2);
+			smallPrimes.Add(u3);
+			smallPrimes.Add(v1);
+			smallPrimes.Add(v2);
+			smallPrimes.Add(v3);
+
+			NaccacheSternKeyParameters pubParameters = new NaccacheSternKeyParameters(false, g, n, sigma.BitLength);
+
+			NaccacheSternPrivateKeyParameters privParameters = new NaccacheSternPrivateKeyParameters(g, n, sigma
+				.BitLength, smallPrimes, phi_n);
+
+			AsymmetricCipherKeyPair pair = new AsymmetricCipherKeyPair(pubParameters, privParameters);
+
+			// Initialize Engines with KeyPair
+
+			if (debug)
+			{
+				Console.WriteLine("initializing encryption engine");
+			}
+			cryptEng.Init(true, pair.Public);
+
+			if (debug)
+			{
+				Console.WriteLine("initializing decryption engine");
+			}
+			decryptEng.Init(false, pair.Private);
+
+			byte[] data = paperTest.ToByteArray();
+
+			if (!new BigInteger(data).Equals(new BigInteger(enDeCrypt(data))))
+			{
+				Fail("failed NaccacheStern paper test");
+			}
+
+			//
+			// key generation test
+			//
+
+			//
+			// 768 Bit test
+			//
+
+			if (debug)
+			{
+				Console.WriteLine();
+				Console.WriteLine("768 Bit TEST");
+			}
+
+			// specify key generation parameters
+			NaccacheSternKeyGenerationParameters genParam
+				= new NaccacheSternKeyGenerationParameters(new SecureRandom(), 768, 8, 30, debug);
+
+			// Initialize Key generator and generate key pair
+			NaccacheSternKeyPairGenerator pGen = new NaccacheSternKeyPairGenerator();
+			pGen.Init(genParam);
+
+			pair = pGen.GenerateKeyPair();
+
+			if (((NaccacheSternKeyParameters)pair.Public).Modulus.BitLength < 768)
+			{
+				Console.WriteLine("FAILED: key size is <786 bit, exactly "
+						   + ((NaccacheSternKeyParameters)pair.Public).Modulus.BitLength + " bit");
+				Fail("failed key generation (768) length test");
+			}
+
+			// Initialize Engines with KeyPair
+
+			if (debug)
+			{
+				Console.WriteLine("initializing " + genParam.Strength + " bit encryption engine");
+			}
+			cryptEng.Init(true, pair.Public);
+
+			if (debug)
+			{
+				Console.WriteLine("initializing " + genParam.Strength + " bit decryption engine");
+			}
+			decryptEng.Init(false, pair.Private);
+
+			// Basic data input
+			data = Hex.Decode(input);
+
+			if (!new BigInteger(1, data).Equals(new BigInteger(1, enDeCrypt(data))))
+			{
+				Fail("failed encryption decryption (" + genParam.Strength + ") basic test");
+			}
+
+			// Data starting with FF byte (would be interpreted as negative
+			// BigInteger)
+
+			data = Hex.Decode(edgeInput);
+
+			if (!new BigInteger(1, data).Equals(new BigInteger(1, enDeCrypt(data))))
+			{
+				Fail("failed encryption decryption (" + genParam.Strength + ") edgeInput test");
+			}
+
+			//
+			// 1024 Bit Test
+			//
+			/*
+					if (debug)
+					{
+						Console.WriteLine();
+						Console.WriteLine("1024 Bit TEST");
+					}
+
+					// specify key generation parameters
+					genParam = new NaccacheSternKeyGenerationParameters(new SecureRandom(), 1024, 8, 40, debug);
+
+					pGen.Init(genParam);
+					pair = pGen.generateKeyPair();
+
+					if (((NaccacheSternKeyParameters)pair.Public).getModulus().bitLength() < 1024)
+					{
+						if (debug)
+						{
+							Console.WriteLine("FAILED: key size is <1024 bit, exactly "
+											+ ((NaccacheSternKeyParameters)pair.Public).getModulus().bitLength() + " bit");
+						}
+						Fail("failed key generation (1024) length test");
+					}
+
+					// Initialize Engines with KeyPair
+
+					if (debug)
+					{
+						Console.WriteLine("initializing " + genParam.getStrength() + " bit encryption engine");
+					}
+					cryptEng.Init(true, pair.Public);
+
+					if (debug)
+					{
+						Console.WriteLine("initializing " + genParam.getStrength() + " bit decryption engine");
+					}
+					decryptEng.Init(false, pair.Private);
+
+					if (debug)
+					{
+						Console.WriteLine("Data is           " + new BigInteger(1, data));
+					}
+
+					// Basic data input
+					data = Hex.Decode(input);
+
+					if (!new BigInteger(1, data).Equals(new BigInteger(1, enDeCrypt(data))))
+					{
+						Fail("failed encryption decryption (" + genParam.getStrength() + ") basic test");
+					}
+
+					// Data starting with FF byte (would be interpreted as negative
+					// BigInteger)
+
+					data = Hex.Decode(edgeInput);
+
+					if (!new BigInteger(1, data).Equals(new BigInteger(1, enDeCrypt(data))))
+					{
+						Fail("failed encryption decryption (" + genParam.getStrength() + ") edgeInput test");
+					}
+			*/
+			// END OF TEST CASE
+
+			try
+			{
+				new NaccacheSternEngine().ProcessBlock(new byte[]{ 1 }, 0, 1);
+				Fail("failed initialisation check");
+			}
+			catch (InvalidOperationException)
+			{
+				// expected
+			}
+
+			if (debug)
+			{
+				Console.WriteLine("All tests successful");
+			}
+		}
+
+		private byte[] enDeCrypt(
+			byte[] input)
+		{
+			// create work array
+			byte[] data = new byte[input.Length];
+			Array.Copy(input, 0, data, 0, data.Length);
+
+			// Perform encryption like in the paper from Naccache-Stern
+			if (debug)
+			{
+				Console.WriteLine("encrypting data. Data representation\n"
+					//                    + "As string:.... " + new string(data) + "\n"
+					+ "As BigInteger: " + new BigInteger(1, data));
+				Console.WriteLine("data length is " + data.Length);
+			}
+
+			try
+			{
+				data = cryptEng.ProcessData(data);
+			}
+			catch (InvalidCipherTextException e)
+			{
+				if (debug)
+				{
+					Console.WriteLine("failed - exception " + e + "\n" + e.Message);
+				}
+				Fail("failed - exception " + e + "\n" + e.Message);
+			}
+
+			if (debug)
+			{
+				Console.WriteLine("enrypted data representation\n"
+						   //                    + "As string:.... " + new string(data) + "\n"
+						   + "As BigInteger: " + new BigInteger(1, data));
+				Console.WriteLine("data length is " + data.Length);
+			}
+
+			try
+			{
+				data = decryptEng.ProcessData(data);
+			}
+			catch (InvalidCipherTextException e)
+			{
+				if (debug)
+				{
+					Console.WriteLine("failed - exception " + e + "\n" + e.Message);
+				}
+				Fail("failed - exception " + e + "\n" + e.Message);
+			}
+
+			if (debug)
+			{
+				Console.WriteLine("decrypted data representation\n"
+					//                    + "As string:.... " + new string(data) + "\n"
+					+ "As BigInteger: " + new BigInteger(1, data));
+				Console.WriteLine("data length is " + data.Length);
+			}
+
+			return data;
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new NaccacheSternTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/NoekeonTest.cs b/crypto/test/src/crypto/test/NoekeonTest.cs
new file mode 100644
index 000000000..b6fff70ce
--- /dev/null
+++ b/crypto/test/src/crypto/test/NoekeonTest.cs
@@ -0,0 +1,59 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* Noekeon tester
+	*/
+	[TestFixture]
+	public class NoekeonTest
+		: CipherTest
+	{
+		private static readonly SimpleTest[] tests =
+		{
+			new BlockCipherVectorTest(0, new NoekeonEngine(),
+				new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+				"00000000000000000000000000000000",
+				"b1656851699e29fa24b70148503d2dfc"),
+			new BlockCipherVectorTest(1, new NoekeonEngine(),
+				new KeyParameter(Hex.Decode("ffffffffffffffffffffffffffffffff")),
+				"ffffffffffffffffffffffffffffffff",
+				"2a78421b87c7d0924f26113f1d1349b2"),
+			new BlockCipherVectorTest(2, new NoekeonEngine(),
+				new KeyParameter(Hex.Decode("b1656851699e29fa24b70148503d2dfc")),
+				"2a78421b87c7d0924f26113f1d1349b2",
+				"e2f687e07b75660ffc372233bc47532c")
+		};
+
+		public NoekeonTest()
+			: base(tests, new NoekeonEngine(), new KeyParameter(new byte[16]))
+		{
+		}
+
+		public override string Name
+		{
+			get { return "Noekeon"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new NoekeonTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/NullTest.cs b/crypto/test/src/crypto/test/NullTest.cs
new file mode 100644
index 000000000..16a51808f
--- /dev/null
+++ b/crypto/test/src/crypto/test/NullTest.cs
@@ -0,0 +1,88 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	[TestFixture]
+	public class NullTest
+		: CipherTest
+	{
+		static SimpleTest[]  tests =
+		{
+			new BlockCipherVectorTest(0, new NullEngine(),
+					new KeyParameter(Hex.Decode("00")), "00", "00")
+		};
+
+		public NullTest()
+			: base(tests, new NullEngine(), new KeyParameter(new byte[2]))
+		{
+		}
+
+		public override string Name
+		{
+			get { return "Null"; }
+		}
+
+		public override void PerformTest()
+		{
+			base.PerformTest();
+
+			IBlockCipher engine = new NullEngine();
+
+			engine.Init(true, null);
+
+			byte[] buf = new byte[1];
+
+			engine.ProcessBlock(buf, 0, buf, 0);
+
+			if (buf[0] != 0)
+			{
+				Fail("NullCipher changed data!");
+			}
+
+			byte[] shortBuf = new byte[0];
+
+			try
+			{
+				engine.ProcessBlock(shortBuf, 0, buf, 0);
+
+				Fail("failed short input check");
+			}
+			catch (DataLengthException)
+			{
+				// expected
+			}
+
+			try
+			{
+				engine.ProcessBlock(buf, 0, shortBuf, 0);
+
+				Fail("failed short output check");
+			}
+			catch (DataLengthException)
+			{
+				// expected
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new NullTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/OAEPTest.cs b/crypto/test/src/crypto/test/OAEPTest.cs
new file mode 100644
index 000000000..c414f5964
--- /dev/null
+++ b/crypto/test/src/crypto/test/OAEPTest.cs
@@ -0,0 +1,798 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	[TestFixture]
+	public class OaepTest
+		: SimpleTest
+	{
+		private static readonly byte[] pubKeyEnc1 =
+		{
+			(byte)0x30, (byte)0x5a, (byte)0x30, (byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a, (byte)0x86,
+			(byte)0x48, (byte)0x86, (byte)0xf7, (byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01, (byte)0x05,
+			(byte)0x00, (byte)0x03, (byte)0x49, (byte)0x00, (byte)0x30, (byte)0x46, (byte)0x02, (byte)0x41,
+			(byte)0x00, (byte)0xaa, (byte)0x36, (byte)0xab, (byte)0xce, (byte)0x88, (byte)0xac, (byte)0xfd,
+			(byte)0xff, (byte)0x55, (byte)0x52, (byte)0x3c, (byte)0x7f, (byte)0xc4, (byte)0x52, (byte)0x3f,
+			(byte)0x90, (byte)0xef, (byte)0xa0, (byte)0x0d, (byte)0xf3, (byte)0x77, (byte)0x4a, (byte)0x25,
+			(byte)0x9f, (byte)0x2e, (byte)0x62, (byte)0xb4, (byte)0xc5, (byte)0xd9, (byte)0x9c, (byte)0xb5,
+			(byte)0xad, (byte)0xb3, (byte)0x00, (byte)0xa0, (byte)0x28, (byte)0x5e, (byte)0x53, (byte)0x01,
+			(byte)0x93, (byte)0x0e, (byte)0x0c, (byte)0x70, (byte)0xfb, (byte)0x68, (byte)0x76, (byte)0x93,
+			(byte)0x9c, (byte)0xe6, (byte)0x16, (byte)0xce, (byte)0x62, (byte)0x4a, (byte)0x11, (byte)0xe0,
+			(byte)0x08, (byte)0x6d, (byte)0x34, (byte)0x1e, (byte)0xbc, (byte)0xac, (byte)0xa0, (byte)0xa1,
+			(byte)0xf5, (byte)0x02, (byte)0x01, (byte)0x11
+		};
+
+		private static readonly byte[] privKeyEnc1 =
+		{
+			(byte)0x30, (byte)0x82, (byte)0x01, (byte)0x52, (byte)0x02, (byte)0x01, (byte)0x00, (byte)0x30,
+			(byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a, (byte)0x86, (byte)0x48, (byte)0x86, (byte)0xf7,
+			(byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01, (byte)0x05, (byte)0x00, (byte)0x04, (byte)0x82,
+			(byte)0x01, (byte)0x3c, (byte)0x30, (byte)0x82, (byte)0x01, (byte)0x38, (byte)0x02, (byte)0x01,
+			(byte)0x00, (byte)0x02, (byte)0x41, (byte)0x00, (byte)0xaa, (byte)0x36, (byte)0xab, (byte)0xce,
+			(byte)0x88, (byte)0xac, (byte)0xfd, (byte)0xff, (byte)0x55, (byte)0x52, (byte)0x3c, (byte)0x7f,
+			(byte)0xc4, (byte)0x52, (byte)0x3f, (byte)0x90, (byte)0xef, (byte)0xa0, (byte)0x0d, (byte)0xf3,
+			(byte)0x77, (byte)0x4a, (byte)0x25, (byte)0x9f, (byte)0x2e, (byte)0x62, (byte)0xb4, (byte)0xc5,
+			(byte)0xd9, (byte)0x9c, (byte)0xb5, (byte)0xad, (byte)0xb3, (byte)0x00, (byte)0xa0, (byte)0x28,
+			(byte)0x5e, (byte)0x53, (byte)0x01, (byte)0x93, (byte)0x0e, (byte)0x0c, (byte)0x70, (byte)0xfb,
+			(byte)0x68, (byte)0x76, (byte)0x93, (byte)0x9c, (byte)0xe6, (byte)0x16, (byte)0xce, (byte)0x62,
+			(byte)0x4a, (byte)0x11, (byte)0xe0, (byte)0x08, (byte)0x6d, (byte)0x34, (byte)0x1e, (byte)0xbc,
+			(byte)0xac, (byte)0xa0, (byte)0xa1, (byte)0xf5, (byte)0x02, (byte)0x01, (byte)0x11, (byte)0x02,
+			(byte)0x40, (byte)0x0a, (byte)0x03, (byte)0x37, (byte)0x48, (byte)0x62, (byte)0x64, (byte)0x87,
+			(byte)0x69, (byte)0x5f, (byte)0x5f, (byte)0x30, (byte)0xbc, (byte)0x38, (byte)0xb9, (byte)0x8b,
+			(byte)0x44, (byte)0xc2, (byte)0xcd, (byte)0x2d, (byte)0xff, (byte)0x43, (byte)0x40, (byte)0x98,
+			(byte)0xcd, (byte)0x20, (byte)0xd8, (byte)0xa1, (byte)0x38, (byte)0xd0, (byte)0x90, (byte)0xbf,
+			(byte)0x64, (byte)0x79, (byte)0x7c, (byte)0x3f, (byte)0xa7, (byte)0xa2, (byte)0xcd, (byte)0xcb,
+			(byte)0x3c, (byte)0xd1, (byte)0xe0, (byte)0xbd, (byte)0xba, (byte)0x26, (byte)0x54, (byte)0xb4,
+			(byte)0xf9, (byte)0xdf, (byte)0x8e, (byte)0x8a, (byte)0xe5, (byte)0x9d, (byte)0x73, (byte)0x3d,
+			(byte)0x9f, (byte)0x33, (byte)0xb3, (byte)0x01, (byte)0x62, (byte)0x4a, (byte)0xfd, (byte)0x1d,
+			(byte)0x51, (byte)0x02, (byte)0x21, (byte)0x00, (byte)0xd8, (byte)0x40, (byte)0xb4, (byte)0x16,
+			(byte)0x66, (byte)0xb4, (byte)0x2e, (byte)0x92, (byte)0xea, (byte)0x0d, (byte)0xa3, (byte)0xb4,
+			(byte)0x32, (byte)0x04, (byte)0xb5, (byte)0xcf, (byte)0xce, (byte)0x33, (byte)0x52, (byte)0x52,
+			(byte)0x4d, (byte)0x04, (byte)0x16, (byte)0xa5, (byte)0xa4, (byte)0x41, (byte)0xe7, (byte)0x00,
+			(byte)0xaf, (byte)0x46, (byte)0x12, (byte)0x0d, (byte)0x02, (byte)0x21, (byte)0x00, (byte)0xc9,
+			(byte)0x7f, (byte)0xb1, (byte)0xf0, (byte)0x27, (byte)0xf4, (byte)0x53, (byte)0xf6, (byte)0x34,
+			(byte)0x12, (byte)0x33, (byte)0xea, (byte)0xaa, (byte)0xd1, (byte)0xd9, (byte)0x35, (byte)0x3f,
+			(byte)0x6c, (byte)0x42, (byte)0xd0, (byte)0x88, (byte)0x66, (byte)0xb1, (byte)0xd0, (byte)0x5a,
+			(byte)0x0f, (byte)0x20, (byte)0x35, (byte)0x02, (byte)0x8b, (byte)0x9d, (byte)0x89, (byte)0x02,
+			(byte)0x20, (byte)0x59, (byte)0x0b, (byte)0x95, (byte)0x72, (byte)0xa2, (byte)0xc2, (byte)0xa9,
+			(byte)0xc4, (byte)0x06, (byte)0x05, (byte)0x9d, (byte)0xc2, (byte)0xab, (byte)0x2f, (byte)0x1d,
+			(byte)0xaf, (byte)0xeb, (byte)0x7e, (byte)0x8b, (byte)0x4f, (byte)0x10, (byte)0xa7, (byte)0x54,
+			(byte)0x9e, (byte)0x8e, (byte)0xed, (byte)0xf5, (byte)0xb4, (byte)0xfc, (byte)0xe0, (byte)0x9e,
+			(byte)0x05, (byte)0x02, (byte)0x21, (byte)0x00, (byte)0x8e, (byte)0x3c, (byte)0x05, (byte)0x21,
+			(byte)0xfe, (byte)0x15, (byte)0xe0, (byte)0xea, (byte)0x06, (byte)0xa3, (byte)0x6f, (byte)0xf0,
+			(byte)0xf1, (byte)0x0c, (byte)0x99, (byte)0x52, (byte)0xc3, (byte)0x5b, (byte)0x7a, (byte)0x75,
+			(byte)0x14, (byte)0xfd, (byte)0x32, (byte)0x38, (byte)0xb8, (byte)0x0a, (byte)0xad, (byte)0x52,
+			(byte)0x98, (byte)0x62, (byte)0x8d, (byte)0x51, (byte)0x02, (byte)0x20, (byte)0x36, (byte)0x3f,
+			(byte)0xf7, (byte)0x18, (byte)0x9d, (byte)0xa8, (byte)0xe9, (byte)0x0b, (byte)0x1d, (byte)0x34,
+			(byte)0x1f, (byte)0x71, (byte)0xd0, (byte)0x9b, (byte)0x76, (byte)0xa8, (byte)0xa9, (byte)0x43,
+			(byte)0xe1, (byte)0x1d, (byte)0x10, (byte)0xb2, (byte)0x4d, (byte)0x24, (byte)0x9f, (byte)0x2d,
+			(byte)0xea, (byte)0xfe, (byte)0xf8, (byte)0x0c, (byte)0x18, (byte)0x26
+		};
+
+		private static readonly byte[] output1 = 
+		{ 
+			(byte)0x1b, (byte)0x8f, (byte)0x05, (byte)0xf9, (byte)0xca, (byte)0x1a, (byte)0x79, (byte)0x52,
+			(byte)0x6e, (byte)0x53, (byte)0xf3, (byte)0xcc, (byte)0x51, (byte)0x4f, (byte)0xdb, (byte)0x89,
+			(byte)0x2b, (byte)0xfb, (byte)0x91, (byte)0x93, (byte)0x23, (byte)0x1e, (byte)0x78, (byte)0xb9,
+			(byte)0x92, (byte)0xe6, (byte)0x8d, (byte)0x50, (byte)0xa4, (byte)0x80, (byte)0xcb, (byte)0x52,
+			(byte)0x33, (byte)0x89, (byte)0x5c, (byte)0x74, (byte)0x95, (byte)0x8d, (byte)0x5d, (byte)0x02,
+			(byte)0xab, (byte)0x8c, (byte)0x0f, (byte)0xd0, (byte)0x40, (byte)0xeb, (byte)0x58, (byte)0x44,
+			(byte)0xb0, (byte)0x05, (byte)0xc3, (byte)0x9e, (byte)0xd8, (byte)0x27, (byte)0x4a, (byte)0x9d,
+			(byte)0xbf, (byte)0xa8, (byte)0x06, (byte)0x71, (byte)0x40, (byte)0x94, (byte)0x39, (byte)0xd2
+		};
+
+		private static readonly byte[] pubKeyEnc2 =
+		{
+			(byte)0x30, (byte)0x4c, (byte)0x30, (byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a, (byte)0x86,
+			(byte)0x48, (byte)0x86, (byte)0xf7, (byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01, (byte)0x05,
+			(byte)0x00, (byte)0x03, (byte)0x3b, (byte)0x00, (byte)0x30, (byte)0x38, (byte)0x02, (byte)0x33,
+			(byte)0x00, (byte)0xa3, (byte)0x07, (byte)0x9a, (byte)0x90, (byte)0xdf, (byte)0x0d, (byte)0xfd,
+			(byte)0x72, (byte)0xac, (byte)0x09, (byte)0x0c, (byte)0xcc, (byte)0x2a, (byte)0x78, (byte)0xb8,
+			(byte)0x74, (byte)0x13, (byte)0x13, (byte)0x3e, (byte)0x40, (byte)0x75, (byte)0x9c, (byte)0x98,
+			(byte)0xfa, (byte)0xf8, (byte)0x20, (byte)0x4f, (byte)0x35, (byte)0x8a, (byte)0x0b, (byte)0x26,
+			(byte)0x3c, (byte)0x67, (byte)0x70, (byte)0xe7, (byte)0x83, (byte)0xa9, (byte)0x3b, (byte)0x69,
+			(byte)0x71, (byte)0xb7, (byte)0x37, (byte)0x79, (byte)0xd2, (byte)0x71, (byte)0x7b, (byte)0xe8,
+			(byte)0x34, (byte)0x77, (byte)0xcf, (byte)0x02, (byte)0x01, (byte)0x03
+		};
+
+		private static readonly byte[] privKeyEnc2 =
+		{
+			(byte)0x30, (byte)0x82, (byte)0x01, (byte)0x13, (byte)0x02, (byte)0x01, (byte)0x00, (byte)0x30,
+			(byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a, (byte)0x86, (byte)0x48, (byte)0x86, (byte)0xf7,
+			(byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01, (byte)0x05, (byte)0x00, (byte)0x04, (byte)0x81,
+			(byte)0xfe, (byte)0x30, (byte)0x81, (byte)0xfb, (byte)0x02, (byte)0x01, (byte)0x00, (byte)0x02,
+			(byte)0x33, (byte)0x00, (byte)0xa3, (byte)0x07, (byte)0x9a, (byte)0x90, (byte)0xdf, (byte)0x0d,
+			(byte)0xfd, (byte)0x72, (byte)0xac, (byte)0x09, (byte)0x0c, (byte)0xcc, (byte)0x2a, (byte)0x78,
+			(byte)0xb8, (byte)0x74, (byte)0x13, (byte)0x13, (byte)0x3e, (byte)0x40, (byte)0x75, (byte)0x9c,
+			(byte)0x98, (byte)0xfa, (byte)0xf8, (byte)0x20, (byte)0x4f, (byte)0x35, (byte)0x8a, (byte)0x0b,
+			(byte)0x26, (byte)0x3c, (byte)0x67, (byte)0x70, (byte)0xe7, (byte)0x83, (byte)0xa9, (byte)0x3b,
+			(byte)0x69, (byte)0x71, (byte)0xb7, (byte)0x37, (byte)0x79, (byte)0xd2, (byte)0x71, (byte)0x7b,
+			(byte)0xe8, (byte)0x34, (byte)0x77, (byte)0xcf, (byte)0x02, (byte)0x01, (byte)0x03, (byte)0x02,
+			(byte)0x32, (byte)0x6c, (byte)0xaf, (byte)0xbc, (byte)0x60, (byte)0x94, (byte)0xb3, (byte)0xfe,
+			(byte)0x4c, (byte)0x72, (byte)0xb0, (byte)0xb3, (byte)0x32, (byte)0xc6, (byte)0xfb, (byte)0x25,
+			(byte)0xa2, (byte)0xb7, (byte)0x62, (byte)0x29, (byte)0x80, (byte)0x4e, (byte)0x68, (byte)0x65,
+			(byte)0xfc, (byte)0xa4, (byte)0x5a, (byte)0x74, (byte)0xdf, (byte)0x0f, (byte)0x8f, (byte)0xb8,
+			(byte)0x41, (byte)0x3b, (byte)0x52, (byte)0xc0, (byte)0xd0, (byte)0xe5, (byte)0x3d, (byte)0x9b,
+			(byte)0x59, (byte)0x0f, (byte)0xf1, (byte)0x9b, (byte)0xe7, (byte)0x9f, (byte)0x49, (byte)0xdd,
+			(byte)0x21, (byte)0xe5, (byte)0xeb, (byte)0x02, (byte)0x1a, (byte)0x00, (byte)0xcf, (byte)0x20,
+			(byte)0x35, (byte)0x02, (byte)0x8b, (byte)0x9d, (byte)0x86, (byte)0x98, (byte)0x40, (byte)0xb4,
+			(byte)0x16, (byte)0x66, (byte)0xb4, (byte)0x2e, (byte)0x92, (byte)0xea, (byte)0x0d, (byte)0xa3,
+			(byte)0xb4, (byte)0x32, (byte)0x04, (byte)0xb5, (byte)0xcf, (byte)0xce, (byte)0x91, (byte)0x02,
+			(byte)0x1a, (byte)0x00, (byte)0xc9, (byte)0x7f, (byte)0xb1, (byte)0xf0, (byte)0x27, (byte)0xf4,
+			(byte)0x53, (byte)0xf6, (byte)0x34, (byte)0x12, (byte)0x33, (byte)0xea, (byte)0xaa, (byte)0xd1,
+			(byte)0xd9, (byte)0x35, (byte)0x3f, (byte)0x6c, (byte)0x42, (byte)0xd0, (byte)0x88, (byte)0x66,
+			(byte)0xb1, (byte)0xd0, (byte)0x5f, (byte)0x02, (byte)0x1a, (byte)0x00, (byte)0x8a, (byte)0x15,
+			(byte)0x78, (byte)0xac, (byte)0x5d, (byte)0x13, (byte)0xaf, (byte)0x10, (byte)0x2b, (byte)0x22,
+			(byte)0xb9, (byte)0x99, (byte)0xcd, (byte)0x74, (byte)0x61, (byte)0xf1, (byte)0x5e, (byte)0x6d,
+			(byte)0x22, (byte)0xcc, (byte)0x03, (byte)0x23, (byte)0xdf, (byte)0xdf, (byte)0x0b, (byte)0x02,
+			(byte)0x1a, (byte)0x00, (byte)0x86, (byte)0x55, (byte)0x21, (byte)0x4a, (byte)0xc5, (byte)0x4d,
+			(byte)0x8d, (byte)0x4e, (byte)0xcd, (byte)0x61, (byte)0x77, (byte)0xf1, (byte)0xc7, (byte)0x36,
+			(byte)0x90, (byte)0xce, (byte)0x2a, (byte)0x48, (byte)0x2c, (byte)0x8b, (byte)0x05, (byte)0x99,
+			(byte)0xcb, (byte)0xe0, (byte)0x3f, (byte)0x02, (byte)0x1a, (byte)0x00, (byte)0x83, (byte)0xef,
+			(byte)0xef, (byte)0xb8, (byte)0xa9, (byte)0xa4, (byte)0x0d, (byte)0x1d, (byte)0xb6, (byte)0xed,
+			(byte)0x98, (byte)0xad, (byte)0x84, (byte)0xed, (byte)0x13, (byte)0x35, (byte)0xdc, (byte)0xc1,
+			(byte)0x08, (byte)0xf3, (byte)0x22, (byte)0xd0, (byte)0x57, (byte)0xcf, (byte)0x8d
+		};
+
+		private static readonly byte[] output2 =
+		{
+			(byte)0x14, (byte)0xbd, (byte)0xdd, (byte)0x28, (byte)0xc9, (byte)0x83, (byte)0x35, (byte)0x19,
+			(byte)0x23, (byte)0x80, (byte)0xe8, (byte)0xe5, (byte)0x49, (byte)0xb1, (byte)0x58, (byte)0x2a,
+			(byte)0x8b, (byte)0x40, (byte)0xb4, (byte)0x48, (byte)0x6d, (byte)0x03, (byte)0xa6, (byte)0xa5,
+			(byte)0x31, (byte)0x1f, (byte)0x1f, (byte)0xd5, (byte)0xf0, (byte)0xa1, (byte)0x80, (byte)0xe4,
+			(byte)0x17, (byte)0x53, (byte)0x03, (byte)0x29, (byte)0xa9, (byte)0x34, (byte)0x90, (byte)0x74,
+			(byte)0xb1, (byte)0x52, (byte)0x13, (byte)0x54, (byte)0x29, (byte)0x08, (byte)0x24, (byte)0x52,
+			(byte)0x62, (byte)0x51
+		};
+
+		private static readonly byte[] pubKeyEnc3 =
+		{
+			(byte)0x30, (byte)0x81, (byte)0x9d, (byte)0x30, (byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a,
+			(byte)0x86, (byte)0x48, (byte)0x86, (byte)0xf7, (byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01,
+			(byte)0x05, (byte)0x00, (byte)0x03, (byte)0x81, (byte)0x8b, (byte)0x00, (byte)0x30, (byte)0x81,
+			(byte)0x87, (byte)0x02, (byte)0x81, (byte)0x81, (byte)0x00, (byte)0xbb, (byte)0xf8, (byte)0x2f,
+			(byte)0x09, (byte)0x06, (byte)0x82, (byte)0xce, (byte)0x9c, (byte)0x23, (byte)0x38, (byte)0xac,
+			(byte)0x2b, (byte)0x9d, (byte)0xa8, (byte)0x71, (byte)0xf7, (byte)0x36, (byte)0x8d, (byte)0x07,
+			(byte)0xee, (byte)0xd4, (byte)0x10, (byte)0x43, (byte)0xa4, (byte)0x40, (byte)0xd6, (byte)0xb6,
+			(byte)0xf0, (byte)0x74, (byte)0x54, (byte)0xf5, (byte)0x1f, (byte)0xb8, (byte)0xdf, (byte)0xba,
+			(byte)0xaf, (byte)0x03, (byte)0x5c, (byte)0x02, (byte)0xab, (byte)0x61, (byte)0xea, (byte)0x48,
+			(byte)0xce, (byte)0xeb, (byte)0x6f, (byte)0xcd, (byte)0x48, (byte)0x76, (byte)0xed, (byte)0x52,
+			(byte)0x0d, (byte)0x60, (byte)0xe1, (byte)0xec, (byte)0x46, (byte)0x19, (byte)0x71, (byte)0x9d,
+			(byte)0x8a, (byte)0x5b, (byte)0x8b, (byte)0x80, (byte)0x7f, (byte)0xaf, (byte)0xb8, (byte)0xe0,
+			(byte)0xa3, (byte)0xdf, (byte)0xc7, (byte)0x37, (byte)0x72, (byte)0x3e, (byte)0xe6, (byte)0xb4,
+			(byte)0xb7, (byte)0xd9, (byte)0x3a, (byte)0x25, (byte)0x84, (byte)0xee, (byte)0x6a, (byte)0x64,
+			(byte)0x9d, (byte)0x06, (byte)0x09, (byte)0x53, (byte)0x74, (byte)0x88, (byte)0x34, (byte)0xb2,
+			(byte)0x45, (byte)0x45, (byte)0x98, (byte)0x39, (byte)0x4e, (byte)0xe0, (byte)0xaa, (byte)0xb1,
+			(byte)0x2d, (byte)0x7b, (byte)0x61, (byte)0xa5, (byte)0x1f, (byte)0x52, (byte)0x7a, (byte)0x9a,
+			(byte)0x41, (byte)0xf6, (byte)0xc1, (byte)0x68, (byte)0x7f, (byte)0xe2, (byte)0x53, (byte)0x72,
+			(byte)0x98, (byte)0xca, (byte)0x2a, (byte)0x8f, (byte)0x59, (byte)0x46, (byte)0xf8, (byte)0xe5,
+			(byte)0xfd, (byte)0x09, (byte)0x1d, (byte)0xbd, (byte)0xcb, (byte)0x02, (byte)0x01, (byte)0x11
+		};
+
+		private static readonly byte[] privKeyEnc3 =
+		{
+			(byte)0x30, (byte)0x82, (byte)0x02, (byte)0x75, (byte)0x02, (byte)0x01, (byte)0x00, (byte)0x30,
+			(byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a, (byte)0x86, (byte)0x48, (byte)0x86, (byte)0xf7,
+			(byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01, (byte)0x05, (byte)0x00, (byte)0x04, (byte)0x82,
+			(byte)0x02, (byte)0x5f, (byte)0x30, (byte)0x82, (byte)0x02, (byte)0x5b, (byte)0x02, (byte)0x01,
+			(byte)0x00, (byte)0x02, (byte)0x81, (byte)0x81, (byte)0x00, (byte)0xbb, (byte)0xf8, (byte)0x2f,
+			(byte)0x09, (byte)0x06, (byte)0x82, (byte)0xce, (byte)0x9c, (byte)0x23, (byte)0x38, (byte)0xac,
+			(byte)0x2b, (byte)0x9d, (byte)0xa8, (byte)0x71, (byte)0xf7, (byte)0x36, (byte)0x8d, (byte)0x07,
+			(byte)0xee, (byte)0xd4, (byte)0x10, (byte)0x43, (byte)0xa4, (byte)0x40, (byte)0xd6, (byte)0xb6,
+			(byte)0xf0, (byte)0x74, (byte)0x54, (byte)0xf5, (byte)0x1f, (byte)0xb8, (byte)0xdf, (byte)0xba,
+			(byte)0xaf, (byte)0x03, (byte)0x5c, (byte)0x02, (byte)0xab, (byte)0x61, (byte)0xea, (byte)0x48,
+			(byte)0xce, (byte)0xeb, (byte)0x6f, (byte)0xcd, (byte)0x48, (byte)0x76, (byte)0xed, (byte)0x52,
+			(byte)0x0d, (byte)0x60, (byte)0xe1, (byte)0xec, (byte)0x46, (byte)0x19, (byte)0x71, (byte)0x9d,
+			(byte)0x8a, (byte)0x5b, (byte)0x8b, (byte)0x80, (byte)0x7f, (byte)0xaf, (byte)0xb8, (byte)0xe0,
+			(byte)0xa3, (byte)0xdf, (byte)0xc7, (byte)0x37, (byte)0x72, (byte)0x3e, (byte)0xe6, (byte)0xb4,
+			(byte)0xb7, (byte)0xd9, (byte)0x3a, (byte)0x25, (byte)0x84, (byte)0xee, (byte)0x6a, (byte)0x64,
+			(byte)0x9d, (byte)0x06, (byte)0x09, (byte)0x53, (byte)0x74, (byte)0x88, (byte)0x34, (byte)0xb2,
+			(byte)0x45, (byte)0x45, (byte)0x98, (byte)0x39, (byte)0x4e, (byte)0xe0, (byte)0xaa, (byte)0xb1,
+			(byte)0x2d, (byte)0x7b, (byte)0x61, (byte)0xa5, (byte)0x1f, (byte)0x52, (byte)0x7a, (byte)0x9a,
+			(byte)0x41, (byte)0xf6, (byte)0xc1, (byte)0x68, (byte)0x7f, (byte)0xe2, (byte)0x53, (byte)0x72,
+			(byte)0x98, (byte)0xca, (byte)0x2a, (byte)0x8f, (byte)0x59, (byte)0x46, (byte)0xf8, (byte)0xe5,
+			(byte)0xfd, (byte)0x09, (byte)0x1d, (byte)0xbd, (byte)0xcb, (byte)0x02, (byte)0x01, (byte)0x11,
+			(byte)0x02, (byte)0x81, (byte)0x81, (byte)0x00, (byte)0xa5, (byte)0xda, (byte)0xfc, (byte)0x53,
+			(byte)0x41, (byte)0xfa, (byte)0xf2, (byte)0x89, (byte)0xc4, (byte)0xb9, (byte)0x88, (byte)0xdb,
+			(byte)0x30, (byte)0xc1, (byte)0xcd, (byte)0xf8, (byte)0x3f, (byte)0x31, (byte)0x25, (byte)0x1e,
+			(byte)0x06, (byte)0x68, (byte)0xb4, (byte)0x27, (byte)0x84, (byte)0x81, (byte)0x38, (byte)0x01,
+			(byte)0x57, (byte)0x96, (byte)0x41, (byte)0xb2, (byte)0x94, (byte)0x10, (byte)0xb3, (byte)0xc7,
+			(byte)0x99, (byte)0x8d, (byte)0x6b, (byte)0xc4, (byte)0x65, (byte)0x74, (byte)0x5e, (byte)0x5c,
+			(byte)0x39, (byte)0x26, (byte)0x69, (byte)0xd6, (byte)0x87, (byte)0x0d, (byte)0xa2, (byte)0xc0,
+			(byte)0x82, (byte)0xa9, (byte)0x39, (byte)0xe3, (byte)0x7f, (byte)0xdc, (byte)0xb8, (byte)0x2e,
+			(byte)0xc9, (byte)0x3e, (byte)0xda, (byte)0xc9, (byte)0x7f, (byte)0xf3, (byte)0xad, (byte)0x59,
+			(byte)0x50, (byte)0xac, (byte)0xcf, (byte)0xbc, (byte)0x11, (byte)0x1c, (byte)0x76, (byte)0xf1,
+			(byte)0xa9, (byte)0x52, (byte)0x94, (byte)0x44, (byte)0xe5, (byte)0x6a, (byte)0xaf, (byte)0x68,
+			(byte)0xc5, (byte)0x6c, (byte)0x09, (byte)0x2c, (byte)0xd3, (byte)0x8d, (byte)0xc3, (byte)0xbe,
+			(byte)0xf5, (byte)0xd2, (byte)0x0a, (byte)0x93, (byte)0x99, (byte)0x26, (byte)0xed, (byte)0x4f,
+			(byte)0x74, (byte)0xa1, (byte)0x3e, (byte)0xdd, (byte)0xfb, (byte)0xe1, (byte)0xa1, (byte)0xce,
+			(byte)0xcc, (byte)0x48, (byte)0x94, (byte)0xaf, (byte)0x94, (byte)0x28, (byte)0xc2, (byte)0xb7,
+			(byte)0xb8, (byte)0x88, (byte)0x3f, (byte)0xe4, (byte)0x46, (byte)0x3a, (byte)0x4b, (byte)0xc8,
+			(byte)0x5b, (byte)0x1c, (byte)0xb3, (byte)0xc1, (byte)0x02, (byte)0x41, (byte)0x00, (byte)0xee,
+			(byte)0xcf, (byte)0xae, (byte)0x81, (byte)0xb1, (byte)0xb9, (byte)0xb3, (byte)0xc9, (byte)0x08,
+			(byte)0x81, (byte)0x0b, (byte)0x10, (byte)0xa1, (byte)0xb5, (byte)0x60, (byte)0x01, (byte)0x99,
+			(byte)0xeb, (byte)0x9f, (byte)0x44, (byte)0xae, (byte)0xf4, (byte)0xfd, (byte)0xa4, (byte)0x93,
+			(byte)0xb8, (byte)0x1a, (byte)0x9e, (byte)0x3d, (byte)0x84, (byte)0xf6, (byte)0x32, (byte)0x12,
+			(byte)0x4e, (byte)0xf0, (byte)0x23, (byte)0x6e, (byte)0x5d, (byte)0x1e, (byte)0x3b, (byte)0x7e,
+			(byte)0x28, (byte)0xfa, (byte)0xe7, (byte)0xaa, (byte)0x04, (byte)0x0a, (byte)0x2d, (byte)0x5b,
+			(byte)0x25, (byte)0x21, (byte)0x76, (byte)0x45, (byte)0x9d, (byte)0x1f, (byte)0x39, (byte)0x75,
+			(byte)0x41, (byte)0xba, (byte)0x2a, (byte)0x58, (byte)0xfb, (byte)0x65, (byte)0x99, (byte)0x02,
+			(byte)0x41, (byte)0x00, (byte)0xc9, (byte)0x7f, (byte)0xb1, (byte)0xf0, (byte)0x27, (byte)0xf4,
+			(byte)0x53, (byte)0xf6, (byte)0x34, (byte)0x12, (byte)0x33, (byte)0xea, (byte)0xaa, (byte)0xd1,
+			(byte)0xd9, (byte)0x35, (byte)0x3f, (byte)0x6c, (byte)0x42, (byte)0xd0, (byte)0x88, (byte)0x66,
+			(byte)0xb1, (byte)0xd0, (byte)0x5a, (byte)0x0f, (byte)0x20, (byte)0x35, (byte)0x02, (byte)0x8b,
+			(byte)0x9d, (byte)0x86, (byte)0x98, (byte)0x40, (byte)0xb4, (byte)0x16, (byte)0x66, (byte)0xb4,
+			(byte)0x2e, (byte)0x92, (byte)0xea, (byte)0x0d, (byte)0xa3, (byte)0xb4, (byte)0x32, (byte)0x04,
+			(byte)0xb5, (byte)0xcf, (byte)0xce, (byte)0x33, (byte)0x52, (byte)0x52, (byte)0x4d, (byte)0x04,
+			(byte)0x16, (byte)0xa5, (byte)0xa4, (byte)0x41, (byte)0xe7, (byte)0x00, (byte)0xaf, (byte)0x46,
+			(byte)0x15, (byte)0x03, (byte)0x02, (byte)0x40, (byte)0x54, (byte)0x49, (byte)0x4c, (byte)0xa6,
+			(byte)0x3e, (byte)0xba, (byte)0x03, (byte)0x37, (byte)0xe4, (byte)0xe2, (byte)0x40, (byte)0x23,
+			(byte)0xfc, (byte)0xd6, (byte)0x9a, (byte)0x5a, (byte)0xeb, (byte)0x07, (byte)0xdd, (byte)0xdc,
+			(byte)0x01, (byte)0x83, (byte)0xa4, (byte)0xd0, (byte)0xac, (byte)0x9b, (byte)0x54, (byte)0xb0,
+			(byte)0x51, (byte)0xf2, (byte)0xb1, (byte)0x3e, (byte)0xd9, (byte)0x49, (byte)0x09, (byte)0x75,
+			(byte)0xea, (byte)0xb7, (byte)0x74, (byte)0x14, (byte)0xff, (byte)0x59, (byte)0xc1, (byte)0xf7,
+			(byte)0x69, (byte)0x2e, (byte)0x9a, (byte)0x2e, (byte)0x20, (byte)0x2b, (byte)0x38, (byte)0xfc,
+			(byte)0x91, (byte)0x0a, (byte)0x47, (byte)0x41, (byte)0x74, (byte)0xad, (byte)0xc9, (byte)0x3c,
+			(byte)0x1f, (byte)0x67, (byte)0xc9, (byte)0x81, (byte)0x02, (byte)0x40, (byte)0x47, (byte)0x1e,
+			(byte)0x02, (byte)0x90, (byte)0xff, (byte)0x0a, (byte)0xf0, (byte)0x75, (byte)0x03, (byte)0x51,
+			(byte)0xb7, (byte)0xf8, (byte)0x78, (byte)0x86, (byte)0x4c, (byte)0xa9, (byte)0x61, (byte)0xad,
+			(byte)0xbd, (byte)0x3a, (byte)0x8a, (byte)0x7e, (byte)0x99, (byte)0x1c, (byte)0x5c, (byte)0x05,
+			(byte)0x56, (byte)0xa9, (byte)0x4c, (byte)0x31, (byte)0x46, (byte)0xa7, (byte)0xf9, (byte)0x80,
+			(byte)0x3f, (byte)0x8f, (byte)0x6f, (byte)0x8a, (byte)0xe3, (byte)0x42, (byte)0xe9, (byte)0x31,
+			(byte)0xfd, (byte)0x8a, (byte)0xe4, (byte)0x7a, (byte)0x22, (byte)0x0d, (byte)0x1b, (byte)0x99,
+			(byte)0xa4, (byte)0x95, (byte)0x84, (byte)0x98, (byte)0x07, (byte)0xfe, (byte)0x39, (byte)0xf9,
+			(byte)0x24, (byte)0x5a, (byte)0x98, (byte)0x36, (byte)0xda, (byte)0x3d, (byte)0x02, (byte)0x41,
+			(byte)0x00, (byte)0xb0, (byte)0x6c, (byte)0x4f, (byte)0xda, (byte)0xbb, (byte)0x63, (byte)0x01,
+			(byte)0x19, (byte)0x8d, (byte)0x26, (byte)0x5b, (byte)0xdb, (byte)0xae, (byte)0x94, (byte)0x23,
+			(byte)0xb3, (byte)0x80, (byte)0xf2, (byte)0x71, (byte)0xf7, (byte)0x34, (byte)0x53, (byte)0x88,
+			(byte)0x50, (byte)0x93, (byte)0x07, (byte)0x7f, (byte)0xcd, (byte)0x39, (byte)0xe2, (byte)0x11,
+			(byte)0x9f, (byte)0xc9, (byte)0x86, (byte)0x32, (byte)0x15, (byte)0x4f, (byte)0x58, (byte)0x83,
+			(byte)0xb1, (byte)0x67, (byte)0xa9, (byte)0x67, (byte)0xbf, (byte)0x40, (byte)0x2b, (byte)0x4e,
+			(byte)0x9e, (byte)0x2e, (byte)0x0f, (byte)0x96, (byte)0x56, (byte)0xe6, (byte)0x98, (byte)0xea,
+			(byte)0x36, (byte)0x66, (byte)0xed, (byte)0xfb, (byte)0x25, (byte)0x79, (byte)0x80, (byte)0x39,
+			(byte)0xf7
+		};
+
+		private static readonly byte[] output3 = Hex.Decode(
+			  "b8246b56a6ed5881aeb585d9a25b2ad790c417e080681bf1ac2bc3deb69d8bce"
+			+ "f0c4366fec400af052a72e9b0effb5b3f2f192dbeaca03c12740057113bf1f06"
+			+ "69ac22e9f3a7852e3c15d913cab0b8863a95c99294ce8674214954610346f4d4"
+			+ "74b26f7c48b42ee68e1f572a1fc4026ac456b4f59f7b621ea1b9d88f64202fb1");
+
+		private static readonly byte[] seed = {
+			(byte)0xaa, (byte)0xfd, (byte)0x12, (byte)0xf6, (byte)0x59,
+			(byte)0xca, (byte)0xe6, (byte)0x34, (byte)0x89, (byte)0xb4,
+			(byte)0x79, (byte)0xe5, (byte)0x07, (byte)0x6d, (byte)0xde,
+			(byte)0xc2, (byte)0xf0, (byte)0x6c, (byte)0xb5, (byte)0x8f
+		};
+
+		private class VecRand
+			: SecureRandom
+		{
+			private readonly byte[] seed;
+
+			internal VecRand(byte[] seed)
+			{
+				this.seed = seed;
+			}
+
+			public override void NextBytes(
+				byte[] bytes)
+			{
+				Array.Copy(seed, 0, bytes, 0, bytes.Length);
+			}
+		}
+
+		private void BaseOaepTest(
+			int		id,
+			byte[]	pubKeyEnc,
+			byte[]	privKeyEnc,
+			byte[]	output)
+		{
+			//
+			// extract the public key info.
+			//
+			Asn1Object pubKeyObj = Asn1Object.FromByteArray(pubKeyEnc);
+			RsaPublicKeyStructure pubStruct = RsaPublicKeyStructure.GetInstance(
+				SubjectPublicKeyInfo.GetInstance(pubKeyObj).GetPublicKey());
+
+			//
+			// extract the private key info.
+			//
+			Asn1Object privKeyObj = Asn1Object.FromByteArray(privKeyEnc);
+			RsaPrivateKeyStructure privStruct = new RsaPrivateKeyStructure(
+				(Asn1Sequence) PrivateKeyInfo.GetInstance(privKeyObj).PrivateKey);
+
+			RsaKeyParameters pubParameters = new RsaKeyParameters(
+				false,
+				pubStruct.Modulus,
+				pubStruct.PublicExponent);
+
+			RsaKeyParameters privParameters = new RsaPrivateCrtKeyParameters(
+				privStruct.Modulus,
+				privStruct.PublicExponent,
+				privStruct.PrivateExponent,
+				privStruct.Prime1,
+				privStruct.Prime2,
+				privStruct.Exponent1,
+				privStruct.Exponent2,
+				privStruct.Coefficient);
+
+			byte[] input = new byte[] {
+				(byte)0x54, (byte)0x85, (byte)0x9b, (byte)0x34,
+				(byte)0x2c, (byte)0x49, (byte)0xea, (byte)0x2a
+			};
+
+			EncDec("id(" + id + ")", pubParameters, privParameters, seed, input, output);
+		}
+
+		private void EncDec(
+			string				label,
+			RsaKeyParameters	pubParameters,
+			RsaKeyParameters	privParameters,
+			byte[]				seed,
+			byte[]				input,
+			byte[]				output)
+		{
+			IAsymmetricBlockCipher cipher = new OaepEncoding(new RsaEngine());
+
+			cipher.Init(true, new ParametersWithRandom(pubParameters, new VecRand(seed)));
+
+			byte[] outBytes = cipher.ProcessBlock(input, 0, input.Length);
+
+			for (int i = 0; i != output.Length; i++)
+			{
+				if (outBytes[i] != output[i])
+				{
+					Fail(label + " failed encryption");
+				}
+			}
+
+			cipher.Init(false, privParameters);
+
+			outBytes = cipher.ProcessBlock(output, 0, output.Length);
+
+			for (int i = 0; i != input.Length; i++)
+			{
+				if (outBytes[i] != input[i])
+				{
+					Fail(label + " failed decoding");
+				}
+			}
+		}
+
+		/*
+		* RSA vector tests from PKCS#1 page
+		*/
+		private static readonly byte[] modulus_1024 = Hex.Decode(
+			  "a8b3b284af8eb50b387034a860f146c4"
+			+ "919f318763cd6c5598c8ae4811a1e0ab"
+			+ "c4c7e0b082d693a5e7fced675cf46685"
+			+ "12772c0cbc64a742c6c630f533c8cc72"
+			+ "f62ae833c40bf25842e984bb78bdbf97"
+			+ "c0107d55bdb662f5c4e0fab9845cb514"
+			+ "8ef7392dd3aaff93ae1e6b667bb3d424"
+			+ "7616d4f5ba10d4cfd226de88d39f16fb");
+
+		private static readonly byte[] pubExp_1024 = Hex.Decode("010001");
+
+		private static readonly byte[] privExp_1024 = Hex.Decode(
+			  "53339cfdb79fc8466a655c7316aca85c"
+			+ "55fd8f6dd898fdaf119517ef4f52e8fd"
+			+ "8e258df93fee180fa0e4ab29693cd83b"
+			+ "152a553d4ac4d1812b8b9fa5af0e7f55"
+			+ "fe7304df41570926f3311f15c4d65a73"
+			+ "2c483116ee3d3d2d0af3549ad9bf7cbf"
+			+ "b78ad884f84d5beb04724dc7369b31de"
+			+ "f37d0cf539e9cfcdd3de653729ead5d1");
+
+		private static readonly byte[] prime1_1024 = Hex.Decode(
+			  "d32737e7267ffe1341b2d5c0d150a81b"
+			+ "586fb3132bed2f8d5262864a9cb9f30a"
+			+ "f38be448598d413a172efb802c21acf1"
+			+ "c11c520c2f26a471dcad212eac7ca39d");
+
+		private static readonly byte[] prime2_1024 = Hex.Decode(
+			  "cc8853d1d54da630fac004f471f281c7"
+			+ "b8982d8224a490edbeb33d3e3d5cc93c"
+			+ "4765703d1dd791642f1f116a0dd852be"
+			+ "2419b2af72bfe9a030e860b0288b5d77");
+
+		private static readonly byte[] primeExp1_1024 = Hex.Decode(
+			  "0e12bf1718e9cef5599ba1c3882fe804"
+			+ "6a90874eefce8f2ccc20e4f2741fb0a3"
+			+ "3a3848aec9c9305fbecbd2d76819967d"
+			+ "4671acc6431e4037968db37878e695c1");
+
+		private static readonly byte[] primeExp2_1024 = Hex.Decode(
+			  "95297b0f95a2fa67d00707d609dfd4fc"
+			+ "05c89dafc2ef6d6ea55bec771ea33373"
+			+ "4d9251e79082ecda866efef13c459e1a"
+			+ "631386b7e354c899f5f112ca85d71583");
+
+		private static readonly byte[] crtCoef_1024 = Hex.Decode(
+			  "4f456c502493bdc0ed2ab756a3a6ed4d"
+			+ "67352a697d4216e93212b127a63d5411"
+			+ "ce6fa98d5dbefd73263e372814274381"
+			+ "8166ed7dd63687dd2a8ca1d2f4fbd8e1");
+
+		private static readonly byte[] input_1024_1 = Hex.Decode(
+			  "6628194e12073db03ba94cda9ef95323"
+			+ "97d50dba79b987004afefe34");
+
+		private static readonly byte[] seed_1024_1 = Hex.Decode(
+			  "18b776ea21069d69776a33e96bad48e1"
+			+ "dda0a5ef");
+
+		private static readonly byte[] output_1024_1 = Hex.Decode(
+			  "354fe67b4a126d5d35fe36c777791a3f"
+			+ "7ba13def484e2d3908aff722fad468fb"
+			+ "21696de95d0be911c2d3174f8afcc201"
+			+ "035f7b6d8e69402de5451618c21a535f"
+			+ "a9d7bfc5b8dd9fc243f8cf927db31322"
+			+ "d6e881eaa91a996170e657a05a266426"
+			+ "d98c88003f8477c1227094a0d9fa1e8c"
+			+ "4024309ce1ecccb5210035d47ac72e8a");
+
+		private static readonly byte[] input_1024_2 = Hex.Decode(
+			  "750c4047f547e8e41411856523298ac9"
+			+ "bae245efaf1397fbe56f9dd5");
+
+		private static readonly byte[] seed_1024_2 = Hex.Decode(
+			  "0cc742ce4a9b7f32f951bcb251efd925"
+			+ "fe4fe35f");
+
+		private static readonly byte[] output_1024_2 = Hex.Decode(
+			  "640db1acc58e0568fe5407e5f9b701df"
+			+ "f8c3c91e716c536fc7fcec6cb5b71c11"
+			+ "65988d4a279e1577d730fc7a29932e3f"
+			+ "00c81515236d8d8e31017a7a09df4352"
+			+ "d904cdeb79aa583adcc31ea698a4c052"
+			+ "83daba9089be5491f67c1a4ee48dc74b"
+			+ "bbe6643aef846679b4cb395a352d5ed1"
+			+ "15912df696ffe0702932946d71492b44");
+
+		private static readonly byte[] input_1024_3 = Hex.Decode(
+			  "d94ae0832e6445ce42331cb06d531a82"
+			+ "b1db4baad30f746dc916df24d4e3c245"
+			+ "1fff59a6423eb0e1d02d4fe646cf699d"
+			+ "fd818c6e97b051");
+
+		private static readonly byte[] seed_1024_3 = Hex.Decode(
+			  "2514df4695755a67b288eaf4905c36ee"
+			+ "c66fd2fd");
+
+		private static readonly byte[] output_1024_3 = Hex.Decode(
+			  "423736ed035f6026af276c35c0b3741b"
+			+ "365e5f76ca091b4e8c29e2f0befee603"
+			+ "595aa8322d602d2e625e95eb81b2f1c9"
+			+ "724e822eca76db8618cf09c5343503a4"
+			+ "360835b5903bc637e3879fb05e0ef326"
+			+ "85d5aec5067cd7cc96fe4b2670b6eac3"
+			+ "066b1fcf5686b68589aafb7d629b02d8"
+			+ "f8625ca3833624d4800fb081b1cf94eb");
+
+		private static readonly byte[] input_1024_4 = Hex.Decode(
+			  "52e650d98e7f2a048b4f86852153b97e"
+			+ "01dd316f346a19f67a85");
+
+		private static readonly byte[] seed_1024_4 = Hex.Decode(
+			  "c4435a3e1a18a68b6820436290a37cef"
+			+ "b85db3fb");
+
+		private static readonly byte[] output_1024_4 = Hex.Decode(
+			  "45ead4ca551e662c9800f1aca8283b05"
+			+ "25e6abae30be4b4aba762fa40fd3d38e"
+			+ "22abefc69794f6ebbbc05ddbb1121624"
+			+ "7d2f412fd0fba87c6e3acd888813646f"
+			+ "d0e48e785204f9c3f73d6d8239562722"
+			+ "dddd8771fec48b83a31ee6f592c4cfd4"
+			+ "bc88174f3b13a112aae3b9f7b80e0fc6"
+			+ "f7255ba880dc7d8021e22ad6a85f0755");
+
+		private static readonly byte[] input_1024_5 = Hex.Decode(
+			  "8da89fd9e5f974a29feffb462b49180f"
+			+ "6cf9e802");
+
+		private static readonly byte[] seed_1024_5 = Hex.Decode(
+			  "b318c42df3be0f83fea823f5a7b47ed5"
+			+ "e425a3b5");
+
+		private static readonly byte[] output_1024_5 = Hex.Decode(
+			  "36f6e34d94a8d34daacba33a2139d00a"
+			+ "d85a9345a86051e73071620056b920e2"
+			+ "19005855a213a0f23897cdcd731b4525"
+			+ "7c777fe908202befdd0b58386b1244ea"
+			+ "0cf539a05d5d10329da44e13030fd760"
+			+ "dcd644cfef2094d1910d3f433e1c7c6d"
+			+ "d18bc1f2df7f643d662fb9dd37ead905"
+			+ "9190f4fa66ca39e869c4eb449cbdc439");
+
+		private static readonly byte[] input_1024_6 = Hex.Decode("26521050844271");
+
+		private static readonly byte[] seed_1024_6 = Hex.Decode(
+			  "e4ec0982c2336f3a677f6a356174eb0c"
+			+ "e887abc2");
+
+		private static readonly byte[] output_1024_6 = Hex.Decode(
+			  "42cee2617b1ecea4db3f4829386fbd61"
+			+ "dafbf038e180d837c96366df24c097b4"
+			+ "ab0fac6bdf590d821c9f10642e681ad0"
+			+ "5b8d78b378c0f46ce2fad63f74e0ad3d"
+			+ "f06b075d7eb5f5636f8d403b9059ca76"
+			+ "1b5c62bb52aa45002ea70baace08ded2"
+			+ "43b9d8cbd62a68ade265832b56564e43"
+			+ "a6fa42ed199a099769742df1539e8255");
+
+		private static readonly byte[] modulus_1027 = Hex.Decode(
+			  "051240b6cc0004fa48d0134671c078c7"
+			+ "c8dec3b3e2f25bc2564467339db38853"
+			+ "d06b85eea5b2de353bff42ac2e46bc97"
+			+ "fae6ac9618da9537a5c8f553c1e35762"
+			+ "5991d6108dcd7885fb3a25413f53efca"
+			+ "d948cb35cd9b9ae9c1c67626d113d57d"
+			+ "de4c5bea76bb5bb7de96c00d07372e96"
+			+ "85a6d75cf9d239fa148d70931b5f3fb0"
+			+ "39");
+
+		private static readonly byte[] pubExp_1027 = Hex.Decode("010001");
+
+		private static readonly byte[] privExp_1027 = Hex.Decode(
+			  "0411ffca3b7ca5e9e9be7fe38a85105e"
+			+ "353896db05c5796aecd2a725161eb365"
+			+ "1c8629a9b862b904d7b0c7b37f8cb5a1"
+			+ "c2b54001018a00a1eb2cafe4ee4e9492"
+			+ "c348bc2bedab4b9ebbf064e8eff322b9"
+			+ "009f8eec653905f40df88a3cdc49d456"
+			+ "7f75627d41aca624129b46a0b7c698e5"
+			+ "e65f2b7ba102c749a10135b6540d0401");
+
+		private static readonly byte[] prime1_1027 = Hex.Decode(
+			  "027458c19ec1636919e736c9af25d609"
+			+ "a51b8f561d19c6bf6943dd1ee1ab8a4a"
+			+ "3f232100bd40b88decc6ba235548b6ef"
+			+ "792a11c9de823d0a7922c7095b6eba57"
+			+ "01");
+
+		private static readonly byte[] prime2_1027 = Hex.Decode(
+			  "0210ee9b33ab61716e27d251bd465f4b"
+			+ "35a1a232e2da00901c294bf22350ce49"
+			+ "0d099f642b5375612db63ba1f2038649"
+			+ "2bf04d34b3c22bceb909d13441b53b51"
+			+ "39");
+
+		private static readonly byte[] primeExp1_1027 = Hex.Decode(
+			  "39fa028b826e88c1121b750a8b242fa9"
+			+ "a35c5b66bdfd1fa637d3cc48a84a4f45"
+			+ "7a194e7727e49f7bcc6e5a5a412657fc"
+			+ "470c7322ebc37416ef458c307a8c0901");
+
+		private static readonly byte[] primeExp2_1027 = Hex.Decode(
+			  "015d99a84195943979fa9e1be2c3c1b6"
+			+ "9f432f46fd03e47d5befbbbfd6b1d137"
+			+ "1d83efb330a3e020942b2fed115e5d02"
+			+ "be24fd92c9019d1cecd6dd4cf1e54cc8"
+			+ "99");
+
+		private static readonly byte[] crtCoef_1027 = Hex.Decode(
+			  "01f0b7015170b3f5e42223ba30301c41"
+			+ "a6d87cbb70e30cb7d3c67d25473db1f6"
+			+ "cbf03e3f9126e3e97968279a865b2c2b"
+			+ "426524cfc52a683d31ed30eb984be412"
+			+ "ba");
+
+		private static readonly byte[] input_1027_1 = Hex.Decode(
+			  "4a86609534ee434a6cbca3f7e962e76d"
+			+ "455e3264c19f605f6e5ff6137c65c56d"
+			+ "7fb344cd52bc93374f3d166c9f0c6f9c"
+			+ "506bad19330972d2");
+
+		private static readonly byte[] seed_1027_1 = Hex.Decode(
+			  "1cac19ce993def55f98203f6852896c9"
+			+ "5ccca1f3");
+
+		private static readonly byte[] output_1027_1 = Hex.Decode(
+			  "04cce19614845e094152a3fe18e54e33"
+			+ "30c44e5efbc64ae16886cb1869014cc5"
+			+ "781b1f8f9e045384d0112a135ca0d12e"
+			+ "9c88a8e4063416deaae3844f60d6e96f"
+			+ "e155145f4525b9a34431ca3766180f70"
+			+ "e15a5e5d8e8b1a516ff870609f13f896"
+			+ "935ced188279a58ed13d07114277d75c"
+			+ "6568607e0ab092fd803a223e4a8ee0b1"
+			+ "a8");
+
+		private static readonly byte[] input_1027_2 = Hex.Decode(
+			  "b0adc4f3fe11da59ce992773d9059943"
+			+ "c03046497ee9d9f9a06df1166db46d98"
+			+ "f58d27ec074c02eee6cbe2449c8b9fc5"
+			+ "080c5c3f4433092512ec46aa793743c8");
+
+		private static readonly byte[] seed_1027_2 = Hex.Decode(
+			  "f545d5897585e3db71aa0cb8da76c51d"
+			+ "032ae963");
+
+		private static readonly byte[] output_1027_2 = Hex.Decode(
+			  "0097b698c6165645b303486fbf5a2a44"
+			+ "79c0ee85889b541a6f0b858d6b6597b1"
+			+ "3b854eb4f839af03399a80d79bda6578"
+			+ "c841f90d645715b280d37143992dd186"
+			+ "c80b949b775cae97370e4ec97443136c"
+			+ "6da484e970ffdb1323a20847821d3b18"
+			+ "381de13bb49aaea66530c4a4b8271f3e"
+			+ "ae172cd366e07e6636f1019d2a28aed1"
+			+ "5e");
+
+		private static readonly byte[] input_1027_3 = Hex.Decode(
+			  "bf6d42e701707b1d0206b0c8b45a1c72"
+			+ "641ff12889219a82bdea965b5e79a96b"
+			+ "0d0163ed9d578ec9ada20f2fbcf1ea3c"
+			+ "4089d83419ba81b0c60f3606da99");
+
+		private static readonly byte[] seed_1027_3 = Hex.Decode(
+			  "ad997feef730d6ea7be60d0dc52e72ea"
+			+ "cbfdd275");
+
+		private static readonly byte[] output_1027_3 = Hex.Decode(
+			  "0301f935e9c47abcb48acbbe09895d9f"
+			+ "5971af14839da4ff95417ee453d1fd77"
+			+ "319072bb7297e1b55d7561cd9d1bb24c"
+			+ "1a9a37c619864308242804879d86ebd0"
+			+ "01dce5183975e1506989b70e5a834341"
+			+ "54d5cbfd6a24787e60eb0c658d2ac193"
+			+ "302d1192c6e622d4a12ad4b53923bca2"
+			+ "46df31c6395e37702c6a78ae081fb9d0"
+			+ "65");
+
+		private static readonly byte[] input_1027_4 = Hex.Decode(
+			  "fb2ef112f5e766eb94019297934794f7"
+			+ "be2f6fc1c58e");
+
+		private static readonly byte[] seed_1027_4 = Hex.Decode(
+			  "136454df5730f73c807a7e40d8c1a312"
+			+ "ac5b9dd3");
+
+		private static readonly byte[] output_1027_4 = Hex.Decode(
+			  "02d110ad30afb727beb691dd0cf17d0a"
+			+ "f1a1e7fa0cc040ec1a4ba26a42c59d0a"
+			+ "796a2e22c8f357ccc98b6519aceb682e"
+			+ "945e62cb734614a529407cd452bee3e4"
+			+ "4fece8423cc19e55548b8b994b849c7e"
+			+ "cde4933e76037e1d0ce44275b08710c6"
+			+ "8e430130b929730ed77e09b015642c55"
+			+ "93f04e4ffb9410798102a8e96ffdfe11"
+			+ "e4");
+
+		private static readonly byte[] input_1027_5 = Hex.Decode(
+			  "28ccd447bb9e85166dabb9e5b7d1adad"
+			+ "c4b9d39f204e96d5e440ce9ad928bc1c"
+			+ "2284");
+
+		private static readonly byte[] seed_1027_5 = Hex.Decode(
+			  "bca8057f824b2ea257f2861407eef63d"
+			+ "33208681");
+
+		private static readonly byte[] output_1027_5 = Hex.Decode(
+			  "00dbb8a7439d90efd919a377c54fae8f"
+			+ "e11ec58c3b858362e23ad1b8a4431079"
+			+ "9066b99347aa525691d2adc58d9b06e3"
+			+ "4f288c170390c5f0e11c0aa3645959f1"
+			+ "8ee79e8f2be8d7ac5c23d061f18dd74b"
+			+ "8c5f2a58fcb5eb0c54f99f01a8324756"
+			+ "8292536583340948d7a8c97c4acd1e98"
+			+ "d1e29dc320e97a260532a8aa7a758a1e"
+			+ "c2");
+
+		private static readonly byte[] input_1027_6 = Hex.Decode("f22242751ec6b1");
+
+		private static readonly byte[] seed_1027_6 = Hex.Decode(
+			  "2e7e1e17f647b5ddd033e15472f90f68"
+			+ "12f3ac4e");
+
+		private static readonly byte[] output_1027_6 = Hex.Decode(
+			  "00a5ffa4768c8bbecaee2db77e8f2eec"
+			+ "99595933545520835e5ba7db9493d3e1"
+			+ "7cddefe6a5f567624471908db4e2d83a"
+			+ "0fbee60608fc84049503b2234a07dc83"
+			+ "b27b22847ad8920ff42f674ef79b7628"
+			+ "0b00233d2b51b8cb2703a9d42bfbc825"
+			+ "0c96ec32c051e57f1b4ba528db89c37e"
+			+ "4c54e27e6e64ac69635ae887d9541619"
+			+ "a9");
+
+		private void OaepVecTest(
+			int					keySize,
+			int					no,
+			RsaKeyParameters	pubParam,
+			RsaKeyParameters	privParam,
+			byte[]				seed,
+			byte[]				input,
+			byte[]				output)
+		{
+			EncDec(keySize + " " + no, pubParam, privParam, seed, input, output);
+		}
+
+		public override string Name
+		{
+			get { return "OAEP"; }
+		}
+
+		public override void PerformTest()
+		{
+			BaseOaepTest(1, pubKeyEnc1, privKeyEnc1, output1);
+			BaseOaepTest(2, pubKeyEnc2, privKeyEnc2, output2);
+			BaseOaepTest(3, pubKeyEnc3, privKeyEnc3, output3);
+
+			RsaKeyParameters pubParam = new RsaKeyParameters(
+				false,
+				new BigInteger(1, modulus_1024),
+				new BigInteger(1, pubExp_1024));
+			RsaKeyParameters privParam = new RsaPrivateCrtKeyParameters(
+				pubParam.Modulus,
+				pubParam.Exponent,
+				new BigInteger(1, privExp_1024),
+				new BigInteger(1, prime1_1024),
+				new BigInteger(1, prime2_1024),
+				new BigInteger(1, primeExp1_1024),
+				new BigInteger(1, primeExp2_1024),
+				new BigInteger(1, crtCoef_1024));
+
+			OaepVecTest(1024, 1, pubParam, privParam, seed_1024_1, input_1024_1, output_1024_1);
+			OaepVecTest(1024, 2, pubParam, privParam, seed_1024_2, input_1024_2, output_1024_2);
+			OaepVecTest(1024, 3, pubParam, privParam, seed_1024_3, input_1024_3, output_1024_3);
+			OaepVecTest(1024, 4, pubParam, privParam, seed_1024_4, input_1024_4, output_1024_4);
+			OaepVecTest(1024, 5, pubParam, privParam, seed_1024_5, input_1024_5, output_1024_5);
+			OaepVecTest(1024, 6, pubParam, privParam, seed_1024_6, input_1024_6, output_1024_6);
+
+			pubParam = new RsaKeyParameters(
+				false,
+				new BigInteger(1, modulus_1027),
+				new BigInteger(1, pubExp_1027));
+			privParam = new RsaPrivateCrtKeyParameters(
+				pubParam.Modulus,
+				pubParam.Exponent,
+				new BigInteger(1, privExp_1027),
+				new BigInteger(1, prime1_1027),
+				new BigInteger(1, prime2_1027),
+				new BigInteger(1, primeExp1_1027),
+				new BigInteger(1, primeExp2_1027),
+				new BigInteger(1, crtCoef_1027));
+
+			OaepVecTest(1027, 1, pubParam, privParam, seed_1027_1, input_1027_1, output_1027_1);
+			OaepVecTest(1027, 2, pubParam, privParam, seed_1027_2, input_1027_2, output_1027_2);
+			OaepVecTest(1027, 3, pubParam, privParam, seed_1027_3, input_1027_3, output_1027_3);
+			OaepVecTest(1027, 4, pubParam, privParam, seed_1027_4, input_1027_4, output_1027_4);
+			OaepVecTest(1027, 5, pubParam, privParam, seed_1027_5, input_1027_5, output_1027_5);
+			OaepVecTest(1027, 6, pubParam, privParam, seed_1027_6, input_1027_6, output_1027_6);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new OaepTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/OCBTest.cs b/crypto/test/src/crypto/test/OCBTest.cs
new file mode 100644
index 000000000..051aa665a
--- /dev/null
+++ b/crypto/test/src/crypto/test/OCBTest.cs
@@ -0,0 +1,261 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /**
+     * Test vectors from the "work in progress" Internet-Draft <a
+     * href="http://tools.ietf.org/html/draft-irtf-cfrg-ocb-03">The OCB Authenticated-Encryption
+     * Algorithm</a>
+     */
+    public class OcbTest
+        : SimpleTest
+    {
+        private const string K = "000102030405060708090A0B0C0D0E0F";
+        private const string N = "000102030405060708090A0B";
+
+        // Each test vector contains the strings A, P, C in order
+        private static readonly string[][] TestVectors = new string[][]
+        {
+            new string[]{ "", "", "197B9C3C441D3C83EAFB2BEF633B9182" },
+            new string[]{ "0001020304050607", "0001020304050607",
+                "92B657130A74B85A16DC76A46D47E1EAD537209E8A96D14E" },
+            new string[]{ "0001020304050607", "", "98B91552C8C009185044E30A6EB2FE21" },
+            new string[]{ "", "0001020304050607", "92B657130A74B85A971EFFCAE19AD4716F88E87B871FBEED" },
+            new string[]{ "000102030405060708090A0B0C0D0E0F", "000102030405060708090A0B0C0D0E0F",
+                "BEA5E8798DBE7110031C144DA0B26122776C9924D6723A1F" + "C4524532AC3E5BEB" },
+            new string[]{ "000102030405060708090A0B0C0D0E0F", "", "7DDB8E6CEA6814866212509619B19CC6" },
+            new string[]{ "", "000102030405060708090A0B0C0D0E0F",
+                "BEA5E8798DBE7110031C144DA0B2612213CC8B747807121A" + "4CBB3E4BD6B456AF" },
+            new string[]{ "000102030405060708090A0B0C0D0E0F1011121314151617",
+                "000102030405060708090A0B0C0D0E0F1011121314151617",
+                "BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48" + "5FA94FC3F38820F1DC3F3D1FD4E55E1C" },
+            new string[]{ "000102030405060708090A0B0C0D0E0F1011121314151617", "",
+                "282026DA3068BC9FA118681D559F10F6" },
+            new string[]{ "", "000102030405060708090A0B0C0D0E0F1011121314151617",
+                "BEA5E8798DBE7110031C144DA0B26122FCFCEE7A2A8D4D48" + "6EF2F52587FDA0ED97DC7EEDE241DF68" },
+            new string[]{
+                "000102030405060708090A0B0C0D0E0F1011121314151617" + "18191A1B1C1D1E1F",
+                "000102030405060708090A0B0C0D0E0F1011121314151617" + "18191A1B1C1D1E1F",
+                "BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A6"
+                    + "57149D53773463CBB2A040DD3BD5164372D76D7BB6824240" },
+            new string[]{ "000102030405060708090A0B0C0D0E0F1011121314151617" + "18191A1B1C1D1E1F", "",
+                "E1E072633BADE51A60E85951D9C42A1B" },
+            new string[]{
+                "",
+                "000102030405060708090A0B0C0D0E0F1011121314151617" + "18191A1B1C1D1E1F",
+                "BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A6"
+                    + "57149D53773463CB4A3BAE824465CFDAF8C41FC50C7DF9D9" },
+            new string[]{
+                "000102030405060708090A0B0C0D0E0F1011121314151617" + "18191A1B1C1D1E1F2021222324252627",
+                "000102030405060708090A0B0C0D0E0F1011121314151617" + "18191A1B1C1D1E1F2021222324252627",
+                "BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A6"
+                    + "57149D53773463CB68C65778B058A635659C623211DEEA0D" + "E30D2C381879F4C8" },
+            new string[]{ "000102030405060708090A0B0C0D0E0F1011121314151617" + "18191A1B1C1D1E1F2021222324252627",
+                "", "7AEB7A69A1687DD082CA27B0D9A37096" },
+            new string[]{
+                "",
+                "000102030405060708090A0B0C0D0E0F1011121314151617" + "18191A1B1C1D1E1F2021222324252627",
+                "BEA5E8798DBE7110031C144DA0B26122CEAAB9B05DF771A6"
+                    + "57149D53773463CB68C65778B058A635060C8467F4ABAB5E" + "8B3C2067A2E115DC" },
+        };
+
+        public override string Name
+        {
+            get { return "OCB"; }
+        }
+
+        public override void PerformTest()
+        {
+            for (int i = 0; i < TestVectors.Length; ++i)
+            {
+                RunTestCase("Test Case " + i, TestVectors[i]);
+            }
+
+            RunLongerTestCase(128, 128, Hex.Decode("B2B41CBF9B05037DA7F16C24A35C1C94"));
+            RunLongerTestCase(192, 128, Hex.Decode("1529F894659D2B51B776740211E7D083"));
+            RunLongerTestCase(256, 128, Hex.Decode("42B83106E473C0EEE086C8D631FD4C7B"));
+            RunLongerTestCase(128, 96, Hex.Decode("1A4F0654277709A5BDA0D380"));
+            RunLongerTestCase(192, 96, Hex.Decode("AD819483E01DD648978F4522"));
+            RunLongerTestCase(256, 96, Hex.Decode("CD2E41379C7E7C4458CCFB4A"));
+            RunLongerTestCase(128, 64, Hex.Decode("B7ECE9D381FE437F"));
+            RunLongerTestCase(192, 64, Hex.Decode("DE0574C87FF06DF9"));
+            RunLongerTestCase(256, 64, Hex.Decode("833E45FF7D332F7E"));
+        }
+
+        private void RunTestCase(string testName, string[] testVector)
+        {
+            RunTestCase(testName, testVector, 128);
+        }
+
+        private void RunTestCase(string testName, string[] testVector, int macLengthBits)
+        {
+            byte[] key = Hex.Decode(K);
+            byte[] nonce = Hex.Decode(N);
+
+            int pos = 0;
+            byte[] A = Hex.Decode(testVector[pos++]);
+            byte[] P = Hex.Decode(testVector[pos++]);
+            byte[] C = Hex.Decode(testVector[pos++]);
+
+            int macLengthBytes = macLengthBits / 8;
+
+            // TODO Variations processing AAD and cipher bytes incrementally
+
+            KeyParameter keyParameter = new KeyParameter(key);
+            AeadParameters aeadParameters = new AeadParameters(keyParameter, macLengthBits, nonce, A);
+
+            OcbBlockCipher encCipher = InitCipher(true, aeadParameters);
+            OcbBlockCipher decCipher = InitCipher(false, aeadParameters);
+
+            CheckTestCase(encCipher, decCipher, testName, macLengthBytes, P, C);
+            CheckTestCase(encCipher, decCipher, testName + " (reused)", macLengthBytes, P, C);
+
+            // TODO Key reuse
+        }
+
+        private OcbBlockCipher InitCipher(bool forEncryption, AeadParameters parameters)
+        {
+            OcbBlockCipher c = new OcbBlockCipher(new AesFastEngine(), new AesFastEngine());
+            c.Init(forEncryption, parameters);
+            return c;
+        }
+
+        private void CheckTestCase(OcbBlockCipher encCipher, OcbBlockCipher decCipher, string testName,
+            int macLengthBytes, byte[] P, byte[] C)
+        {
+            byte[] tag = Arrays.Copy(C, C.Length - macLengthBytes, macLengthBytes);
+
+            {
+                byte[] enc = new byte[encCipher.GetOutputSize(P.Length)];
+                int len = encCipher.ProcessBytes(P, 0, P.Length, enc, 0);
+                len += encCipher.DoFinal(enc, len);
+
+                if (enc.Length != len)
+                {
+                    Fail("encryption reported incorrect length: " + testName);
+                }
+
+                if (!AreEqual(C, enc))
+                {
+                    Fail("incorrect encrypt in: " + testName);
+                }
+
+                if (!AreEqual(tag, encCipher.GetMac()))
+                {
+                    Fail("getMac() not the same as the appended tag: " + testName);
+                }
+            }
+
+            {
+                byte[] dec = new byte[decCipher.GetOutputSize(C.Length)];
+                int len = decCipher.ProcessBytes(C, 0, C.Length, dec, 0);
+                len += decCipher.DoFinal(dec, len);
+
+                if (dec.Length != len)
+                {
+                    Fail("decryption reported incorrect length: " + testName);
+                }
+
+                if (!AreEqual(P, dec))
+                {
+                    Fail("incorrect decrypt in: " + testName);
+                }
+
+                if (!AreEqual(tag, decCipher.GetMac()))
+                {
+                    Fail("getMac() not the same as the appended tag: " + testName);
+                }
+            }
+        }
+
+        private void RunLongerTestCase(int aesKeySize, int tagLen, byte[] expectedOutput)
+        {
+            KeyParameter key = new KeyParameter(new byte[aesKeySize / 8]);
+            byte[] N = new byte[12];
+
+            IAeadBlockCipher c1 = new OcbBlockCipher(new AesFastEngine(), new AesFastEngine());
+            c1.Init(true, new AeadParameters(key, tagLen, N));
+
+            IAeadBlockCipher c2 = new OcbBlockCipher(new AesFastEngine(), new AesFastEngine());
+
+            long total = 0;
+
+            byte[] S = new byte[128];
+
+            for (int i = 0; i < 128; ++i)
+            {
+                N[11] = (byte) i;
+
+                c2.Init(true, new AeadParameters(key, tagLen, N));
+
+                total += UpdateCiphers(c1, c2, S, i, true, true);
+                total += UpdateCiphers(c1, c2, S, i, false, true);
+                total += UpdateCiphers(c1, c2, S, i, true, false);
+            }
+
+            long expectedTotal = 16256 + (48 * tagLen);
+
+            if (total != expectedTotal)
+            {
+                Fail("test generated the wrong amount of input: " + total);
+            }
+
+            byte[] output = new byte[c1.GetOutputSize(0)];
+            c1.DoFinal(output, 0);
+
+            if (!AreEqual(expectedOutput, output))
+            {
+                Fail("incorrect encrypt in long-form test");
+            }
+        }
+
+        private int UpdateCiphers(IAeadBlockCipher c1, IAeadBlockCipher c2, byte[] S, int i,
+            bool includeAAD, bool includePlaintext)
+        {
+            int inputLen = includePlaintext ? i : 0;
+            int outputLen = c2.GetOutputSize(inputLen);
+
+            byte[] output = new byte[outputLen];
+
+            int len = 0;
+
+            if (includeAAD) {
+                c2.ProcessAadBytes(S, 0, i);
+            }
+
+            if (includePlaintext) {
+                len += c2.ProcessBytes(S, 0, i, output, len);
+            }
+
+            len += c2.DoFinal(output, len);
+
+            c1.ProcessAadBytes(output, 0, len);
+
+            return len;
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new OcbTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/PSSBlindTest.cs b/crypto/test/src/crypto/test/PSSBlindTest.cs
new file mode 100644
index 000000000..d887a8f08
--- /dev/null
+++ b/crypto/test/src/crypto/test/PSSBlindTest.cs
@@ -0,0 +1,399 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/*
+	* RSA PSS test vectors for PKCS#1 V2.1 with blinding
+	*/
+	[TestFixture]
+	public class PssBlindTest
+		: SimpleTest
+	{
+		private readonly int DATA_LENGTH = 1000;
+		private readonly int NUM_TESTS = 50;
+		private readonly int NUM_TESTS_WITH_KEY_GENERATION = 10;
+
+		private class FixedRandom
+			: SecureRandom
+		{
+			private readonly byte[] vals;
+
+			public FixedRandom(
+				byte[] vals)
+			{
+				this.vals = vals;
+			}
+
+			public override void NextBytes(
+				byte[] bytes)
+			{
+				Array.Copy(vals, 0, bytes, 0, vals.Length);
+			}
+		}
+
+		//
+		// Example 1: A 1024-bit RSA keypair
+		//
+		private RsaKeyParameters pub1 = new RsaKeyParameters(false,
+					new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
+					new BigInteger("010001",16));
+
+		private RsaKeyParameters prv1 = new RsaPrivateCrtKeyParameters(
+					new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
+					new BigInteger("010001",16),
+					new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16),
+					new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16),
+					new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16),
+					new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16),
+					new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16),
+					new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16));
+
+		// PSSExample1.1
+
+		private byte[] msg1a = Hex.Decode("cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0");
+
+		private byte[] slt1a = Hex.Decode("dee959c7e06411361420ff80185ed57f3e6776af");
+
+		private byte[] sig1a = Hex.Decode("9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c");
+
+		// PSSExample1.2
+
+		private byte[] msg1b = Hex.Decode("851384cdfe819c22ed6c4ccb30daeb5cf059bc8e1166b7e3530c4c233e2b5f8f71a1cca582d43ecc72b1bca16dfc7013226b9e");
+
+		private byte[] slt1b = Hex.Decode("ef2869fa40c346cb183dab3d7bffc98fd56df42d");
+
+		private byte[] sig1b = Hex.Decode("3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843");
+
+		//
+		// Example 2: A 1025-bit RSA keypair
+		//
+
+		private RsaKeyParameters pub2 = new RsaKeyParameters(false,
+					new BigInteger("01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9", 16),
+					new BigInteger("010001", 16));
+
+		private RsaKeyParameters prv2 = new RsaPrivateCrtKeyParameters(
+					new BigInteger("01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9", 16),
+					new BigInteger("010001", 16),
+					new BigInteger("027d147e4673057377fd1ea201565772176a7dc38358d376045685a2e787c23c15576bc16b9f444402d6bfc5d98a3e88ea13ef67c353eca0c0ddba9255bd7b8bb50a644afdfd1dd51695b252d22e7318d1b6687a1c10ff75545f3db0fe602d5f2b7f294e3601eab7b9d1cecd767f64692e3e536ca2846cb0c2dd486a39fa75b1", 16),
+					new BigInteger("016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1", 16),
+					new BigInteger("014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079", 16),
+					new BigInteger("e247cce504939b8f0a36090de200938755e2444b29539a7da7a902f6056835c0db7b52559497cfe2c61a8086d0213c472c78851800b171f6401de2e9c2756f31", 16),
+					new BigInteger("b12fba757855e586e46f64c38a70c68b3f548d93d787b399999d4c8f0bbd2581c21e19ed0018a6d5d3df86424b3abcad40199d31495b61309f27c1bf55d487c1", 16),
+					new BigInteger("564b1e1fa003bda91e89090425aac05b91da9ee25061e7628d5f51304a84992fdc33762bd378a59f030a334d532bd0dae8f298ea9ed844636ad5fb8cbdc03cad", 16));
+
+		// PSS Example 2.1
+
+		private byte[] msg2a = Hex.Decode("daba032066263faedb659848115278a52c44faa3a76f37515ed336321072c40a9d9b53bc05014078adf520875146aae70ff060226dcb7b1f1fc27e9360");
+		private byte[] slt2a = Hex.Decode("57bf160bcb02bb1dc7280cf0458530b7d2832ff7");
+		private byte[] sig2a = Hex.Decode("014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3");
+
+		// PSS Example 2.2
+
+		private byte[] msg2b = Hex.Decode("e4f8601a8a6da1be34447c0959c058570c3668cfd51dd5f9ccd6ad4411fe8213486d78a6c49f93efc2ca2288cebc2b9b60bd04b1e220d86e3d4848d709d032d1e8c6a070c6af9a499fcf95354b14ba6127c739de1bb0fd16431e46938aec0cf8ad9eb72e832a7035de9b7807bdc0ed8b68eb0f5ac2216be40ce920c0db0eddd3860ed788efaccaca502d8f2bd6d1a7c1f41ff46f1681c8f1f818e9c4f6d91a0c7803ccc63d76a6544d843e084e363b8acc55aa531733edb5dee5b5196e9f03e8b731b3776428d9e457fe3fbcb3db7274442d785890e9cb0854b6444dace791d7273de1889719338a77fe");
+		private byte[] slt2b = Hex.Decode("7f6dd359e604e60870e898e47b19bf2e5a7b2a90");
+		private byte[] sig2b = Hex.Decode("010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea");
+
+		//
+		//  Example 4: A 1027-bit RSA key pair
+		//
+
+		private RsaKeyParameters pub4 = new RsaKeyParameters(false,
+					new BigInteger("054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705", 16),
+					new BigInteger("010001", 16));
+
+		private RsaKeyParameters prv4 = new RsaPrivateCrtKeyParameters(
+					new BigInteger("054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705", 16),
+					new BigInteger("010001", 16),
+					new BigInteger("fa041f8cd9697ceed38ec8caa275523b4dd72b09a301d3541d72f5d31c05cbce2d6983b36183af10690bd46c46131e35789431a556771dd0049b57461bf060c1f68472e8a67c25f357e5b6b4738fa541a730346b4a07649a2dfa806a69c975b6aba64678acc7f5913e89c622f2d8abb1e3e32554e39df94ba60c002e387d9011", 16),
+					new BigInteger("029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995", 16),
+					new BigInteger("020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1", 16),
+					new BigInteger("026e7e28010ecf2412d9523ad704647fb4fe9b66b1a681581b0e15553a89b1542828898f27243ebab45ff5e1acb9d4df1b051fbc62824dbc6f6c93261a78b9a759", 16),
+					new BigInteger("012ddcc86ef655998c39ddae11718669e5e46cf1495b07e13b1014cd69b3af68304ad2a6b64321e78bf3bbca9bb494e91d451717e2d97564c6549465d0205cf421", 16),
+					new BigInteger("010600c4c21847459fe576703e2ebecae8a5094ee63f536bf4ac68d3c13e5e4f12ac5cc10ab6a2d05a199214d1824747d551909636b774c22cac0b837599abcc75", 16));
+
+		// PSS Example 4.1
+
+		private byte[] msg4a = Hex.Decode("9fb03b827c8217d9");
+
+		private byte[] slt4a = Hex.Decode("ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d");
+
+		private byte[] sig4a = Hex.Decode("0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948");
+
+		// PSS Example 4.2
+
+		private byte[] msg4b = Hex.Decode("0ca2ad77797ece86de5bf768750ddb5ed6a3116ad99bbd17edf7f782f0db1cd05b0f677468c5ea420dc116b10e80d110de2b0461ea14a38be68620392e7e893cb4ea9393fb886c20ff790642305bf302003892e54df9f667509dc53920df583f50a3dd61abb6fab75d600377e383e6aca6710eeea27156e06752c94ce25ae99fcbf8592dbe2d7e27453cb44de07100ebb1a2a19811a478adbeab270f94e8fe369d90b3ca612f9f");
+
+		private byte[] slt4b = Hex.Decode("22d71d54363a4217aa55113f059b3384e3e57e44");
+
+		private byte[] sig4b = Hex.Decode("049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598");
+
+
+		//
+		// Example 8: A 1031-bit RSA key pair
+		//
+
+		private RsaKeyParameters pub8 = new RsaKeyParameters(false,
+					new BigInteger("495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f", 16),
+					new BigInteger("010001", 16));
+
+		private RsaKeyParameters prv8 = new RsaPrivateCrtKeyParameters(
+					new BigInteger("495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f", 16),
+					new BigInteger("010001", 16),
+					new BigInteger("6c66ffe98980c38fcdeab5159898836165f4b4b817c4f6a8d486ee4ea9130fe9b9092bd136d184f95f504a607eac565846d2fdd6597a8967c7396ef95a6eeebb4578a643966dca4d8ee3de842de63279c618159c1ab54a89437b6a6120e4930afb52a4ba6ced8a4947ac64b30a3497cbe701c2d6266d517219ad0ec6d347dbe9", 16),
+					new BigInteger("08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb", 16),
+					new BigInteger("0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d", 16),
+					new BigInteger("05c2a83c124b3621a2aa57ea2c3efe035eff4560f33ddebb7adab81fce69a0c8c2edc16520dda83d59a23be867963ac65f2cc710bbcfb96ee103deb771d105fd85", 16),
+					new BigInteger("04cae8aa0d9faa165c87b682ec140b8ed3b50b24594b7a3b2c220b3669bb819f984f55310a1ae7823651d4a02e99447972595139363434e5e30a7e7d241551e1b9", 16),
+					new BigInteger("07d3e47bf686600b11ac283ce88dbb3f6051e8efd04680e44c171ef531b80b2b7c39fc766320e2cf15d8d99820e96ff30dc69691839c4b40d7b06e45307dc91f3f", 16));
+
+		// PSS Example 8.1
+
+		private byte[] msg8a = Hex.Decode("81332f4be62948415ea1d899792eeacf6c6e1db1da8be13b5cea41db2fed467092e1ff398914c714259775f595f8547f735692a575e6923af78f22c6997ddb90fb6f72d7bb0dd5744a31decd3dc3685849836ed34aec596304ad11843c4f88489f209735f5fb7fdaf7cec8addc5818168f880acbf490d51005b7a8e84e43e54287977571dd99eea4b161eb2df1f5108f12a4142a83322edb05a75487a3435c9a78ce53ed93bc550857d7a9fb");
+
+		private byte[] slt8a = Hex.Decode("1d65491d79c864b373009be6f6f2467bac4c78fa");
+
+		private byte[] sig8a = Hex.Decode("0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5");
+
+		// PSS Example 8.2
+
+		private byte[] msg8b = Hex.Decode("e2f96eaf0e05e7ba326ecca0ba7fd2f7c02356f3cede9d0faabf4fcc8e60a973e5595fd9ea08");
+
+		private byte[] slt8b = Hex.Decode("435c098aa9909eb2377f1248b091b68987ff1838");
+
+		private byte[] sig8b = Hex.Decode("2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e");
+
+		//
+		// Example 9: A 1536-bit RSA key pair
+		//
+
+		private RsaKeyParameters pub9 = new RsaKeyParameters(false,
+					new BigInteger("e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b", 16),
+					new BigInteger("010001", 16));
+
+		private RsaKeyParameters prv9 = new RsaPrivateCrtKeyParameters(
+					new BigInteger("e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b", 16),
+					new BigInteger("010001", 16),
+					new BigInteger("6a7fd84fb85fad073b34406db74f8d61a6abc12196a961dd79565e9da6e5187bce2d980250f7359575359270d91590bb0e427c71460b55d51410b191bcf309fea131a92c8e702738fa719f1e0041f52e40e91f229f4d96a1e6f172e15596b4510a6daec26105f2bebc53316b87bdf21311666070e8dfee69d52c71a976caae79c72b68d28580dc686d9f5129d225f82b3d615513a882b3db91416b48ce08888213e37eeb9af800d81cab328ce420689903c00c7b5fd31b75503a6d419684d629", 16),
+					new BigInteger("f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367", 16),
+					new BigInteger("ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d", 16),
+					new BigInteger("2bb68bddfb0c4f56c8558bffaf892d8043037841e7fa81cfa61a38c5e39b901c8ee71122a5da2227bd6cdeeb481452c12ad3d61d5e4f776a0ab556591befe3e59e5a7fddb8345e1f2f35b9f4cee57c32414c086aec993e9353e480d9eec6289f", 16),
+					new BigInteger("4ff897709fad079746494578e70fd8546130eeab5627c49b080f05ee4ad9f3e4b7cba9d6a5dff113a41c3409336833f190816d8a6bc42e9bec56b7567d0f3c9c696db619b245d901dd856db7c8092e77e9a1cccd56ee4dba42c5fdb61aec2669", 16),
+					new BigInteger("77b9d1137b50404a982729316efafc7dfe66d34e5a182600d5f30a0a8512051c560d081d4d0a1835ec3d25a60f4e4d6aa948b2bf3dbb5b124cbbc3489255a3a948372f6978496745f943e1db4f18382ceaa505dfc65757bb3f857a58dce52156", 16));
+
+		// PSS Example 9.1
+
+		private byte[] msg9a = Hex.Decode("a88e265855e9d7ca36c68795f0b31b591cd6587c71d060a0b3f7f3eaef43795922028bc2b6ad467cfc2d7f659c5385aa70ba3672cdde4cfe4970cc7904601b278872bf51321c4a972f3c95570f3445d4f57980e0f20df54846e6a52c668f1288c03f95006ea32f562d40d52af9feb32f0fa06db65b588a237b34e592d55cf979f903a642ef64d2ed542aa8c77dc1dd762f45a59303ed75e541ca271e2b60ca709e44fa0661131e8d5d4163fd8d398566ce26de8730e72f9cca737641c244159420637028df0a18079d6208ea8b4711a2c750f5");
+
+		private byte[] slt9a = Hex.Decode("c0a425313df8d7564bd2434d311523d5257eed80");
+
+		private byte[] sig9a = Hex.Decode("586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e");
+
+		// PSS Example 9.2
+
+		private byte[] msg9b = Hex.Decode("c8c9c6af04acda414d227ef23e0820c3732c500dc87275e95b0d095413993c2658bc1d988581ba879c2d201f14cb88ced153a01969a7bf0a7be79c84c1486bc12b3fa6c59871b6827c8ce253ca5fefa8a8c690bf326e8e37cdb96d90a82ebab69f86350e1822e8bd536a2e");
+
+		private byte[] slt9b = Hex.Decode("b307c43b4850a8dac2f15f32e37839ef8c5c0e91");
+
+		private byte[] sig9b = Hex.Decode("80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958");
+
+
+		public override string Name
+		{
+			get { return "PssBlindTest"; }
+		}
+
+		private void testSig(
+			int                 id,
+			RsaKeyParameters    pub,
+			RsaKeyParameters    prv,
+			byte[]              slt,
+			byte[]              msg,
+			byte[]              sig)
+		{
+			RsaBlindingFactorGenerator blindFactorGen = new RsaBlindingFactorGenerator();
+			RsaBlindingEngine blindingEngine = new RsaBlindingEngine();
+			PssSigner blindSigner = new PssSigner(blindingEngine, new Sha1Digest(), 20);
+			PssSigner signer = new PssSigner(new RsaEngine(), new Sha1Digest(), 20);
+
+			blindFactorGen.Init(pub);
+
+			BigInteger blindFactor = blindFactorGen.GenerateBlindingFactor();
+			RsaBlindingParameters parameters = new RsaBlindingParameters(pub, blindFactor);
+
+			// generate a blind signature
+			blindSigner.Init(true, new ParametersWithRandom(parameters, new FixedRandom(slt)));
+
+			blindSigner.BlockUpdate(msg, 0, msg.Length);
+
+			byte[] blindedData = blindSigner.GenerateSignature();
+
+			RsaEngine signerEngine = new RsaEngine();
+
+			signerEngine.Init(true, prv);
+
+			byte[] blindedSig = signerEngine.ProcessBlock(blindedData, 0, blindedData.Length);
+
+			// unblind the signature
+			blindingEngine.Init(false, parameters);
+
+			byte[] s = blindingEngine.ProcessBlock(blindedSig, 0, blindedSig.Length);
+
+			//signature verification
+			if (!AreEqual(s, sig))
+			{
+				Fail("test " + id + " failed generation");
+			}
+	        
+			//verify signature with PssSigner
+			signer.Init(false, pub);
+			signer.BlockUpdate(msg, 0, msg.Length);
+
+			if (!signer.VerifySignature(s))
+			{
+        		Fail("test " + id + " failed PssSigner verification");
+			}
+		}
+
+		private bool isProcessingOkay(
+			RsaKeyParameters    pub,
+			RsaKeyParameters    prv,
+			byte[]              data,
+			SecureRandom        random)
+		{
+			RsaBlindingFactorGenerator blindFactorGen = new RsaBlindingFactorGenerator();
+			RsaBlindingEngine blindingEngine = new RsaBlindingEngine();
+			PssSigner blindSigner = new PssSigner(blindingEngine, new Sha1Digest(), 20);
+			PssSigner pssEng = new PssSigner(new RsaEngine(), new Sha1Digest(), 20);
+
+			random.NextBytes(data);
+
+			blindFactorGen.Init(pub);
+
+			BigInteger blindFactor = blindFactorGen.GenerateBlindingFactor();
+			RsaBlindingParameters parameters = new RsaBlindingParameters(pub, blindFactor);
+
+			// generate a blind signature
+			blindSigner.Init(true, new ParametersWithRandom(parameters, random));
+
+			blindSigner.BlockUpdate(data, 0, data.Length);
+
+			byte[] blindedData = blindSigner.GenerateSignature();
+
+			RsaEngine signerEngine = new RsaEngine();
+
+			signerEngine.Init(true, prv);
+
+			byte[] blindedSig = signerEngine.ProcessBlock(blindedData, 0, blindedData.Length);
+
+			// unblind the signature
+			blindingEngine.Init(false, parameters);
+
+			byte[] s = blindingEngine.ProcessBlock(blindedSig, 0, blindedSig.Length);
+
+			//verify signature with PssSigner
+			pssEng.Init(false, pub);
+			pssEng.BlockUpdate(data, 0, data.Length);
+
+			return pssEng.VerifySignature(s);
+		}
+
+		public override void PerformTest()
+		{
+			testSig(1, pub1, prv1, slt1a, msg1a, sig1a);
+			testSig(2, pub1, prv1, slt1b, msg1b, sig1b);
+			testSig(3, pub2, prv2, slt2a, msg2a, sig2a);
+			testSig(4, pub2, prv2, slt2b, msg2b, sig2b);
+			testSig(5, pub4, prv4, slt4a, msg4a, sig4a);
+			testSig(6, pub4, prv4, slt4b, msg4b, sig4b);
+			testSig(7, pub8, prv8, slt8a, msg8a, sig8a);
+			testSig(8, pub8, prv8, slt8b, msg8b, sig8b);
+			testSig(9, pub9, prv9, slt9a, msg9a, sig9a);
+			testSig(10, pub9, prv9, slt9b, msg9b, sig9b);
+	        
+			//
+			// loop test
+			//
+			int failed = 0;
+			byte[] data = new byte[DATA_LENGTH];
+
+			SecureRandom    random = new SecureRandom();
+
+
+			RsaKeyParameters[] kprv ={prv1, prv2, prv4, prv8, prv9};
+			RsaKeyParameters[] kpub ={pub1, pub2, pub4, pub8, pub9};
+
+			for (int j = 0, i = 0; j < NUM_TESTS; j++, i++)
+			{
+        		if (i == kprv.Length)
+				{
+					i = 0;
+				}
+
+				if (!isProcessingOkay(kpub[i], kprv[i], data, random))
+				{
+            		failed++;
+				}
+			}
+
+			if (failed != 0)
+			{
+				Fail("loop test failed - failures: " + failed);
+			}
+
+			//
+			// key generation test
+			//
+			RsaKeyPairGenerator pGen = new RsaKeyPairGenerator();
+			RsaKeyGenerationParameters genParam = new RsaKeyGenerationParameters(
+				BigInteger.ValueOf(0x11), new SecureRandom(), 1024, 25);
+
+			pGen.Init(genParam);
+			failed = 0;
+
+			for (int k = 0; k < NUM_TESTS_WITH_KEY_GENERATION; k++)
+			{
+        		AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair();
+
+				for (int j = 0; j < NUM_TESTS; j++)
+				{
+					if (!isProcessingOkay((RsaKeyParameters)pair.Public, (RsaKeyParameters)pair.Private, data, random))
+					{
+						failed++;
+					}
+				}
+			}
+
+			if (failed != 0)
+			{
+				Fail("loop test with key generation failed - failures: " + failed);
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new PssBlindTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/PSSTest.cs b/crypto/test/src/crypto/test/PSSTest.cs
new file mode 100644
index 000000000..91d8d3a6e
--- /dev/null
+++ b/crypto/test/src/crypto/test/PSSTest.cs
@@ -0,0 +1,338 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/// <remarks>RSA PSS test vectors for PKCS#1 V2.1</remarks>
+	[TestFixture]
+	public class PssTest
+		: SimpleTest
+	{
+		private const int DataLength = 1000;
+		private const int NumTests = 500;
+
+		private class FixedRandom
+			: SecureRandom
+		{
+			private readonly byte[] vals;
+
+			public FixedRandom(
+				byte[] vals)
+			{
+				this.vals = vals;
+			}
+
+			public override void NextBytes(
+				byte[] bytes)
+			{
+				Array.Copy(vals, 0, bytes, 0, vals.Length);
+			}
+		}
+
+		//
+		// Example 1: A 1024-bit RSA keypair
+		//
+		private RsaKeyParameters pub1 = new RsaKeyParameters(false,
+			new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
+			new BigInteger("010001",16));
+
+		private RsaKeyParameters prv1 = new RsaPrivateCrtKeyParameters(
+			new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
+			new BigInteger("010001",16),
+			new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16),
+			new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16),
+			new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16),
+			new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16),
+			new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16),
+			new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16));
+
+		// PSSExample1.1
+
+		private byte[] msg1a = Hex.Decode("cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0");
+
+		private byte[] slt1a = Hex.Decode("dee959c7e06411361420ff80185ed57f3e6776af");
+
+		private byte[] sig1a = Hex.Decode("9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c");
+
+		// PSSExample1.2
+
+		private byte[] msg1b = Hex.Decode("851384cdfe819c22ed6c4ccb30daeb5cf059bc8e1166b7e3530c4c233e2b5f8f71a1cca582d43ecc72b1bca16dfc7013226b9e");
+
+		private byte[] slt1b = Hex.Decode("ef2869fa40c346cb183dab3d7bffc98fd56df42d");
+
+		private byte[] sig1b = Hex.Decode("3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843");
+
+		//
+		// Example 2: A 1025-bit RSA keypair
+		//
+
+		private RsaKeyParameters pub2 = new RsaKeyParameters(false,
+			new BigInteger("01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9", 16),
+			new BigInteger("010001", 16));
+
+		private RsaKeyParameters prv2 = new RsaPrivateCrtKeyParameters(
+			new BigInteger("01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9", 16),
+			new BigInteger("010001", 16),
+			new BigInteger("027d147e4673057377fd1ea201565772176a7dc38358d376045685a2e787c23c15576bc16b9f444402d6bfc5d98a3e88ea13ef67c353eca0c0ddba9255bd7b8bb50a644afdfd1dd51695b252d22e7318d1b6687a1c10ff75545f3db0fe602d5f2b7f294e3601eab7b9d1cecd767f64692e3e536ca2846cb0c2dd486a39fa75b1", 16),
+			new BigInteger("016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1", 16),
+			new BigInteger("014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079", 16),
+			new BigInteger("e247cce504939b8f0a36090de200938755e2444b29539a7da7a902f6056835c0db7b52559497cfe2c61a8086d0213c472c78851800b171f6401de2e9c2756f31", 16),
+			new BigInteger("b12fba757855e586e46f64c38a70c68b3f548d93d787b399999d4c8f0bbd2581c21e19ed0018a6d5d3df86424b3abcad40199d31495b61309f27c1bf55d487c1", 16),
+			new BigInteger("564b1e1fa003bda91e89090425aac05b91da9ee25061e7628d5f51304a84992fdc33762bd378a59f030a334d532bd0dae8f298ea9ed844636ad5fb8cbdc03cad", 16));
+
+		// PSS Example 2.1
+
+		private byte[] msg2a = Hex.Decode("daba032066263faedb659848115278a52c44faa3a76f37515ed336321072c40a9d9b53bc05014078adf520875146aae70ff060226dcb7b1f1fc27e9360");
+		private byte[] slt2a = Hex.Decode("57bf160bcb02bb1dc7280cf0458530b7d2832ff7");
+		private byte[] sig2a = Hex.Decode("014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3");
+
+		// PSS Example 2.2
+
+		private byte[] msg2b = Hex.Decode("e4f8601a8a6da1be34447c0959c058570c3668cfd51dd5f9ccd6ad4411fe8213486d78a6c49f93efc2ca2288cebc2b9b60bd04b1e220d86e3d4848d709d032d1e8c6a070c6af9a499fcf95354b14ba6127c739de1bb0fd16431e46938aec0cf8ad9eb72e832a7035de9b7807bdc0ed8b68eb0f5ac2216be40ce920c0db0eddd3860ed788efaccaca502d8f2bd6d1a7c1f41ff46f1681c8f1f818e9c4f6d91a0c7803ccc63d76a6544d843e084e363b8acc55aa531733edb5dee5b5196e9f03e8b731b3776428d9e457fe3fbcb3db7274442d785890e9cb0854b6444dace791d7273de1889719338a77fe");
+		private byte[] slt2b = Hex.Decode("7f6dd359e604e60870e898e47b19bf2e5a7b2a90");
+		private byte[] sig2b = Hex.Decode("010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea");
+
+		//
+		//  Example 4: A 1027-bit RSA key pair
+		//
+
+		private RsaKeyParameters pub4 = new RsaKeyParameters(false,
+			new BigInteger("054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705", 16),
+			new BigInteger("010001", 16));
+
+		private RsaKeyParameters prv4 = new RsaPrivateCrtKeyParameters(
+			new BigInteger("054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705", 16),
+			new BigInteger("010001", 16),
+			new BigInteger("fa041f8cd9697ceed38ec8caa275523b4dd72b09a301d3541d72f5d31c05cbce2d6983b36183af10690bd46c46131e35789431a556771dd0049b57461bf060c1f68472e8a67c25f357e5b6b4738fa541a730346b4a07649a2dfa806a69c975b6aba64678acc7f5913e89c622f2d8abb1e3e32554e39df94ba60c002e387d9011", 16),
+			new BigInteger("029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995", 16),
+			new BigInteger("020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1", 16),
+			new BigInteger("026e7e28010ecf2412d9523ad704647fb4fe9b66b1a681581b0e15553a89b1542828898f27243ebab45ff5e1acb9d4df1b051fbc62824dbc6f6c93261a78b9a759", 16),
+			new BigInteger("012ddcc86ef655998c39ddae11718669e5e46cf1495b07e13b1014cd69b3af68304ad2a6b64321e78bf3bbca9bb494e91d451717e2d97564c6549465d0205cf421", 16),
+			new BigInteger("010600c4c21847459fe576703e2ebecae8a5094ee63f536bf4ac68d3c13e5e4f12ac5cc10ab6a2d05a199214d1824747d551909636b774c22cac0b837599abcc75", 16));
+
+		// PSS Example 4.1
+
+		private byte[] msg4a = Hex.Decode("9fb03b827c8217d9");
+
+		private byte[] slt4a = Hex.Decode("ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d");
+
+		private byte[] sig4a = Hex.Decode("0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948");
+
+		// PSS Example 4.2
+
+		private byte[] msg4b = Hex.Decode("0ca2ad77797ece86de5bf768750ddb5ed6a3116ad99bbd17edf7f782f0db1cd05b0f677468c5ea420dc116b10e80d110de2b0461ea14a38be68620392e7e893cb4ea9393fb886c20ff790642305bf302003892e54df9f667509dc53920df583f50a3dd61abb6fab75d600377e383e6aca6710eeea27156e06752c94ce25ae99fcbf8592dbe2d7e27453cb44de07100ebb1a2a19811a478adbeab270f94e8fe369d90b3ca612f9f");
+
+		private byte[] slt4b = Hex.Decode("22d71d54363a4217aa55113f059b3384e3e57e44");
+
+		private byte[] sig4b = Hex.Decode("049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598");
+
+
+		//
+		// Example 8: A 1031-bit RSA key pair
+		//
+
+		private RsaKeyParameters pub8 = new RsaKeyParameters(false,
+			new BigInteger("495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f", 16),
+			new BigInteger("010001", 16));
+
+		private RsaKeyParameters prv8 = new RsaPrivateCrtKeyParameters(
+			new BigInteger("495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f", 16),
+			new BigInteger("010001", 16),
+			new BigInteger("6c66ffe98980c38fcdeab5159898836165f4b4b817c4f6a8d486ee4ea9130fe9b9092bd136d184f95f504a607eac565846d2fdd6597a8967c7396ef95a6eeebb4578a643966dca4d8ee3de842de63279c618159c1ab54a89437b6a6120e4930afb52a4ba6ced8a4947ac64b30a3497cbe701c2d6266d517219ad0ec6d347dbe9", 16),
+			new BigInteger("08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb", 16),
+			new BigInteger("0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d", 16),
+			new BigInteger("05c2a83c124b3621a2aa57ea2c3efe035eff4560f33ddebb7adab81fce69a0c8c2edc16520dda83d59a23be867963ac65f2cc710bbcfb96ee103deb771d105fd85", 16),
+			new BigInteger("04cae8aa0d9faa165c87b682ec140b8ed3b50b24594b7a3b2c220b3669bb819f984f55310a1ae7823651d4a02e99447972595139363434e5e30a7e7d241551e1b9", 16),
+			new BigInteger("07d3e47bf686600b11ac283ce88dbb3f6051e8efd04680e44c171ef531b80b2b7c39fc766320e2cf15d8d99820e96ff30dc69691839c4b40d7b06e45307dc91f3f", 16));
+
+		// PSS Example 8.1
+
+		private byte[] msg8a = Hex.Decode("81332f4be62948415ea1d899792eeacf6c6e1db1da8be13b5cea41db2fed467092e1ff398914c714259775f595f8547f735692a575e6923af78f22c6997ddb90fb6f72d7bb0dd5744a31decd3dc3685849836ed34aec596304ad11843c4f88489f209735f5fb7fdaf7cec8addc5818168f880acbf490d51005b7a8e84e43e54287977571dd99eea4b161eb2df1f5108f12a4142a83322edb05a75487a3435c9a78ce53ed93bc550857d7a9fb");
+
+		private byte[] slt8a = Hex.Decode("1d65491d79c864b373009be6f6f2467bac4c78fa");
+
+		private byte[] sig8a = Hex.Decode("0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5");
+
+		// PSS Example 8.2
+
+		private byte[] msg8b = Hex.Decode("e2f96eaf0e05e7ba326ecca0ba7fd2f7c02356f3cede9d0faabf4fcc8e60a973e5595fd9ea08");
+
+		private byte[] slt8b = Hex.Decode("435c098aa9909eb2377f1248b091b68987ff1838");
+
+		private byte[] sig8b = Hex.Decode("2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e");
+
+		//
+		// Example 9: A 1536-bit RSA key pair
+		//
+
+		private RsaKeyParameters pub9 = new RsaKeyParameters(false,
+			new BigInteger("e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b", 16),
+			new BigInteger("010001", 16));
+
+		private RsaKeyParameters prv9 = new RsaPrivateCrtKeyParameters(
+			new BigInteger("e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b", 16),
+			new BigInteger("010001", 16),
+			new BigInteger("6a7fd84fb85fad073b34406db74f8d61a6abc12196a961dd79565e9da6e5187bce2d980250f7359575359270d91590bb0e427c71460b55d51410b191bcf309fea131a92c8e702738fa719f1e0041f52e40e91f229f4d96a1e6f172e15596b4510a6daec26105f2bebc53316b87bdf21311666070e8dfee69d52c71a976caae79c72b68d28580dc686d9f5129d225f82b3d615513a882b3db91416b48ce08888213e37eeb9af800d81cab328ce420689903c00c7b5fd31b75503a6d419684d629", 16),
+			new BigInteger("f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367", 16),
+			new BigInteger("ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d", 16),
+			new BigInteger("2bb68bddfb0c4f56c8558bffaf892d8043037841e7fa81cfa61a38c5e39b901c8ee71122a5da2227bd6cdeeb481452c12ad3d61d5e4f776a0ab556591befe3e59e5a7fddb8345e1f2f35b9f4cee57c32414c086aec993e9353e480d9eec6289f", 16),
+			new BigInteger("4ff897709fad079746494578e70fd8546130eeab5627c49b080f05ee4ad9f3e4b7cba9d6a5dff113a41c3409336833f190816d8a6bc42e9bec56b7567d0f3c9c696db619b245d901dd856db7c8092e77e9a1cccd56ee4dba42c5fdb61aec2669", 16),
+			new BigInteger("77b9d1137b50404a982729316efafc7dfe66d34e5a182600d5f30a0a8512051c560d081d4d0a1835ec3d25a60f4e4d6aa948b2bf3dbb5b124cbbc3489255a3a948372f6978496745f943e1db4f18382ceaa505dfc65757bb3f857a58dce52156", 16));
+
+		// PSS Example 9.1
+
+		private byte[] msg9a = Hex.Decode("a88e265855e9d7ca36c68795f0b31b591cd6587c71d060a0b3f7f3eaef43795922028bc2b6ad467cfc2d7f659c5385aa70ba3672cdde4cfe4970cc7904601b278872bf51321c4a972f3c95570f3445d4f57980e0f20df54846e6a52c668f1288c03f95006ea32f562d40d52af9feb32f0fa06db65b588a237b34e592d55cf979f903a642ef64d2ed542aa8c77dc1dd762f45a59303ed75e541ca271e2b60ca709e44fa0661131e8d5d4163fd8d398566ce26de8730e72f9cca737641c244159420637028df0a18079d6208ea8b4711a2c750f5");
+
+		private byte[] slt9a = Hex.Decode("c0a425313df8d7564bd2434d311523d5257eed80");
+
+		private byte[] sig9a = Hex.Decode("586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e");
+
+		// PSS Example 9.2
+
+		private byte[] msg9b = Hex.Decode("c8c9c6af04acda414d227ef23e0820c3732c500dc87275e95b0d095413993c2658bc1d988581ba879c2d201f14cb88ced153a01969a7bf0a7be79c84c1486bc12b3fa6c59871b6827c8ce253ca5fefa8a8c690bf326e8e37cdb96d90a82ebab69f86350e1822e8bd536a2e");
+
+		private byte[] slt9b = Hex.Decode("b307c43b4850a8dac2f15f32e37839ef8c5c0e91");
+
+		private byte[] sig9b = Hex.Decode("80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958");
+
+
+		public override string Name
+		{
+			get { return "PSSTest"; }
+		}
+
+		private void doTestSig(
+			int					id,
+			RsaKeyParameters	pub,
+			RsaKeyParameters	prv,
+			byte[]				slt,
+			byte[]				msg,
+			byte[]				sig)
+		{
+			PssSigner eng = new PssSigner(new RsaEngine(), new Sha1Digest(), 20);
+
+			eng.Init(true, new ParametersWithRandom(prv, new FixedRandom(slt)));
+
+			eng.BlockUpdate(msg, 0, msg.Length);
+
+			byte[] s = eng.GenerateSignature();
+
+			if (!AreEqual(s, sig))
+			{
+				Fail("test " + id + " failed generation");
+			}
+
+			eng.Init(false, pub);
+
+			eng.BlockUpdate(msg, 0, msg.Length);
+
+			if (!eng.VerifySignature(s))
+			{
+				Fail("test " + id + " failed verification");
+			}
+		}
+
+		public override void PerformTest()
+		{
+			doTestSig(1, pub1, prv1, slt1a, msg1a, sig1a);
+			doTestSig(2, pub1, prv1, slt1b, msg1b, sig1b);
+			doTestSig(3, pub2, prv2, slt2a, msg2a, sig2a);
+			doTestSig(4, pub2, prv2, slt2b, msg2b, sig2b);
+			doTestSig(5, pub4, prv4, slt4a, msg4a, sig4a);
+			doTestSig(6, pub4, prv4, slt4b, msg4b, sig4b);
+			doTestSig(7, pub8, prv8, slt8a, msg8a, sig8a);
+			doTestSig(8, pub8, prv8, slt8b, msg8b, sig8b);
+			doTestSig(9, pub9, prv9, slt9a, msg9a, sig9a);
+			doTestSig(10, pub9, prv9, slt9b, msg9b, sig9b);
+
+			//
+			// loop test - sha-1 only
+			//
+			PssSigner eng = new PssSigner(new RsaEngine(), new Sha1Digest(), 20);
+			int failed = 0;
+			byte[] data = new byte[DataLength];
+
+			SecureRandom random = new SecureRandom();
+			random.NextBytes(data);
+
+			for (int j = 0; j < NumTests; j++)
+			{
+				eng.Init(true, new ParametersWithRandom(prv8, random));
+
+				eng.BlockUpdate(data, 0, data.Length);
+
+				byte[] s = eng.GenerateSignature();
+
+				eng.Init(false, pub8);
+
+				eng.BlockUpdate(data, 0, data.Length);
+
+				if (!eng.VerifySignature(s))
+				{
+					failed++;
+				}
+			}
+
+			if (failed != 0)
+			{
+				Fail("loop test failed - failures: " + failed);
+			}
+
+			//
+			// loop test - sha-256 and sha-1
+			//
+			eng = new PssSigner(new RsaEngine(), new Sha256Digest(), new Sha1Digest(), 20);
+			failed = 0;
+			data = new byte[DataLength];
+
+			random.NextBytes(data);
+
+			for (int j = 0; j < NumTests; j++)
+			{
+				eng.Init(true, new ParametersWithRandom(prv8, random));
+
+				eng.BlockUpdate(data, 0, data.Length);
+
+				byte[] s = eng.GenerateSignature();
+
+				eng.Init(false, pub8);
+
+				eng.BlockUpdate(data, 0, data.Length);
+
+				if (!eng.VerifySignature(s))
+				{
+					failed++;
+				}
+			}
+
+			if (failed != 0)
+			{
+				Fail("loop test failed - failures: " + failed);
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new PssTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/PaddingTest.cs b/crypto/test/src/crypto/test/PaddingTest.cs
new file mode 100644
index 000000000..6f41d754c
--- /dev/null
+++ b/crypto/test/src/crypto/test/PaddingTest.cs
@@ -0,0 +1,171 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Paddings;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* General Padding tests.
+	*/
+	[TestFixture]
+	public class PaddingTest : SimpleTest
+	{
+		public PaddingTest()
+		{
+		}
+
+		private void blockCheck(
+			PaddedBufferedBlockCipher   cipher,
+			IBlockCipherPadding          padding,
+			KeyParameter                key,
+			byte[]                      data)
+		{
+			byte[]  outBytes = new byte[data.Length + 8];
+			byte[]  dec = new byte[data.Length];
+
+			try
+			{
+				cipher.Init(true, key);
+
+				int    len = cipher.ProcessBytes(data, 0, data.Length, outBytes, 0);
+
+				len += cipher.DoFinal(outBytes, len);
+
+				cipher.Init(false, key);
+
+				int    decLen = cipher.ProcessBytes(outBytes, 0, len, dec, 0);
+
+				decLen += cipher.DoFinal(dec, decLen);
+
+				if (!AreEqual(data, dec))
+				{
+					Fail("failed to decrypt - i = " + data.Length + ", padding = " + padding.PaddingName);
+				}
+			}
+			catch (Exception e)
+			{
+				Fail("Exception - " + e.ToString(), e);
+			}
+		}
+
+		public void doTestPadding(
+			IBlockCipherPadding  padding,
+			SecureRandom        rand,
+			byte[]              ffVector,
+			byte[]              ZeroVector)
+		{
+			PaddedBufferedBlockCipher    cipher = new PaddedBufferedBlockCipher(new DesEngine(), padding);
+			KeyParameter                 key = new KeyParameter(Hex.Decode("0011223344556677"));
+
+			//
+			// ff test
+			//
+			byte[]    data = { (byte)0xff, (byte)0xff, (byte)0xff, (byte)0, (byte)0, (byte)0, (byte)0, (byte)0 };
+
+			if (ffVector != null)
+			{
+				padding.AddPadding(data, 3);
+
+				if (!AreEqual(data, ffVector))
+				{
+					Fail("failed ff test for " + padding.PaddingName);
+				}
+			}
+
+			//
+			// zero test
+			//
+			if (ZeroVector != null)
+			{
+				data = new byte[8];
+				padding.AddPadding(data, 4);
+
+				if (!AreEqual(data, ZeroVector))
+				{
+					Fail("failed zero test for " + padding.PaddingName);
+				}
+			}
+
+			for (int i = 1; i != 200; i++)
+			{
+				data = new byte[i];
+
+				rand.NextBytes(data);
+
+				blockCheck(cipher, padding, key, data);
+			}
+		}
+
+		public override void PerformTest()
+		{
+			SecureRandom    rand = new SecureRandom(new byte[20]);
+
+			rand.SetSeed(DateTime.Now.Ticks);
+
+			doTestPadding(new Pkcs7Padding(), rand,
+				Hex.Decode("ffffff0505050505"),
+				Hex.Decode("0000000004040404"));
+
+			Pkcs7Padding padder = new Pkcs7Padding();
+			try
+			{
+				padder.PadCount(new byte[8]);
+
+				Fail("invalid padding not detected");
+			}
+			catch (InvalidCipherTextException e)
+			{
+				if (!"pad block corrupted".Equals(e.Message))
+				{
+					Fail("wrong exception for corrupt padding: " + e);
+				}
+			} 
+
+			doTestPadding(new ISO10126d2Padding(), rand,
+				null,
+				null);
+
+			doTestPadding(new X923Padding(), rand,
+				null,
+				null);
+
+			doTestPadding(new TbcPadding(), rand,
+				Hex.Decode("ffffff0000000000"),
+				Hex.Decode("00000000ffffffff"));
+
+			doTestPadding(new ZeroBytePadding(), rand,
+				Hex.Decode("ffffff0000000000"),
+				null);
+
+			doTestPadding(new ISO7816d4Padding(), rand,
+				Hex.Decode("ffffff8000000000"),
+				Hex.Decode("0000000080000000"));
+		}
+
+		public override string Name
+		{
+			get { return "PaddingTest"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new PaddingTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/Pkcs12Test.cs b/crypto/test/src/crypto/test/Pkcs12Test.cs
new file mode 100644
index 000000000..29d5a3942
--- /dev/null
+++ b/crypto/test/src/crypto/test/Pkcs12Test.cs
@@ -0,0 +1,101 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/// <remarks> test for Pkcs12 key generation - vectors from
+	/// <a href="http://www.drh-consultancy.demon.co.uk/test.txt">
+	///	http://www.drh-consultancy.demon.co.uk/test.txt</a>
+	/// </remarks>
+	[TestFixture]
+	public class Pkcs12Test
+		: SimpleTest
+	{
+		public override string Name
+		{
+			get { return "Pkcs12Test"; }
+		}
+
+		internal char[] password1 = new char[]{'s', 'm', 'e', 'g'};
+		internal char[] password2 = new char[]{'q', 'u', 'e', 'e', 'g'};
+
+		private void Run1(int id, char[] password, byte[] salt, int iCount, byte[] result)
+		{
+			PbeParametersGenerator generator = new Pkcs12ParametersGenerator(new Sha1Digest());
+
+			generator.Init(PbeParametersGenerator.Pkcs12PasswordToBytes(password), salt, iCount);
+
+			ICipherParameters key = generator.GenerateDerivedParameters("DESEDE", 24 * 8);
+
+			if (!Arrays.AreEqual(result, ((KeyParameter) key).GetKey()))
+			{
+				Fail("id " + id + " Failed");
+			}
+		}
+
+		private void Run2(int id, char[] password, byte[] salt, int iCount, byte[] result)
+		{
+			PbeParametersGenerator generator = new Pkcs12ParametersGenerator(new Sha1Digest());
+
+			generator.Init(PbeParametersGenerator.Pkcs12PasswordToBytes(password), salt, iCount);
+
+			ParametersWithIV parameters = (ParametersWithIV)
+				generator.GenerateDerivedParameters("DES", 64, 64);
+
+			if (!Arrays.AreEqual(result, parameters.GetIV()))
+			{
+				Fail("id " + id + " Failed");
+			}
+		}
+
+		private void Run3(int id, char[] password, byte[] salt, int iCount, byte[] result)
+		{
+			PbeParametersGenerator generator = new Pkcs12ParametersGenerator(new Sha1Digest());
+
+			generator.Init(PbeParametersGenerator.Pkcs12PasswordToBytes(password), salt, iCount);
+
+			ICipherParameters key = generator.GenerateDerivedMacParameters(160);
+
+			if (!Arrays.AreEqual(result, ((KeyParameter) key).GetKey()))
+			{
+				Fail("id " + id + " Failed");
+			}
+		}
+
+		public override void PerformTest()
+		{
+			Run1(1, password1, Hex.Decode("0A58CF64530D823F"), 1, Hex.Decode("8AAAE6297B6CB04642AB5B077851284EB7128F1A2A7FBCA3"));
+			Run2(2, password1, Hex.Decode("0A58CF64530D823F"), 1, Hex.Decode("79993DFE048D3B76"));
+			Run1(3, password1, Hex.Decode("642B99AB44FB4B1F"), 1, Hex.Decode("F3A95FEC48D7711E985CFE67908C5AB79FA3D7C5CAA5D966"));
+			Run2(4, password1, Hex.Decode("642B99AB44FB4B1F"), 1, Hex.Decode("C0A38D64A79BEA1D"));
+			Run3(5, password1, Hex.Decode("3D83C0E4546AC140"), 1, Hex.Decode("8D967D88F6CAA9D714800AB3D48051D63F73A312"));
+			Run1(6, password2, Hex.Decode("05DEC959ACFF72F7"), 1000, Hex.Decode("ED2034E36328830FF09DF1E1A07DD357185DAC0D4F9EB3D4"));
+			Run2(7, password2, Hex.Decode("05DEC959ACFF72F7"), 1000, Hex.Decode("11DEDAD7758D4860"));
+			Run1(8, password2, Hex.Decode("1682C0FC5B3F7EC5"), 1000, Hex.Decode("483DD6E919D7DE2E8E648BA8F862F3FBFBDC2BCB2C02957F"));
+			Run2(9, password2, Hex.Decode("1682C0FC5B3F7EC5"), 1000, Hex.Decode("9D461D1B00355C50"));
+			Run3(10, password2, Hex.Decode("263216FCC2FAB31C"), 1000, Hex.Decode("5EC4C7A80DF652294C3925B6489A7AB857C83476"));
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new Pkcs12Test());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/Pkcs5Test.cs b/crypto/test/src/crypto/test/Pkcs5Test.cs
new file mode 100644
index 000000000..8066e8e41
--- /dev/null
+++ b/crypto/test/src/crypto/test/Pkcs5Test.cs
@@ -0,0 +1,243 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Paddings;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+
+    /// <summary> A test class for Pkcs5 PbeS2 with PBKDF2 (Pkcs5 v2.0) using
+    /// test vectors provider at
+    /// <a href="http://www.rsasecurity.com/rsalabs/pkcs/pkcs-5/index.html">
+    /// RSA's Pkcs5 Page</a>
+    /// <br/>
+    /// The vectors are Base 64 encoded and encrypted using the password "password"
+    /// (without quotes). They should all yield the same PrivateKeyInfo object.
+    /// </summary>
+    [TestFixture]
+    public class Pkcs5Test
+        : SimpleTest
+    {
+        public override string Name
+        {
+            get { return "Pkcs5Test"; }
+        }
+
+        /// <summary> encrypted using des-cbc.</summary>
+        internal static byte[] sample1;
+
+        /// <summary> encrypted using des-ede3-cbc.</summary>
+        internal static byte[] sample2;
+
+        /// <summary> encrypted using rc2-cbc.</summary>
+        internal static byte[] sample3;
+
+        internal static byte[] result;
+
+        private class PbeTest
+            : SimpleTest
+        {
+            private Pkcs5Test enclosingInstance;
+
+            private void InitBlock(
+                Pkcs5Test enclosingInstance)
+            {
+                this.enclosingInstance = enclosingInstance;
+            }
+
+            public override string Name
+            {
+                get { return cipher.AlgorithmName + " Pkcs5S2 Test " + id; }
+            }
+
+            public Pkcs5Test Enclosing_Instance
+            {
+                get { return enclosingInstance; }
+            }
+
+            internal int id;
+            internal BufferedBlockCipher cipher;
+            internal byte[] sample;
+            internal int keySize;
+
+            internal PbeTest(
+                Pkcs5Test			enclosingInstance,
+                int					id,
+                BufferedBlockCipher	cipher,
+                byte[]				sample,
+                int					keySize)
+            {
+                InitBlock(enclosingInstance);
+
+                this.id = id;
+                this.cipher = cipher;
+                this.sample = sample;
+                this.keySize = keySize;
+            }
+
+            public override void PerformTest()
+            {
+                char[] password = "password".ToCharArray();
+                PbeParametersGenerator generator = new Pkcs5S2ParametersGenerator();
+
+                EncryptedPrivateKeyInfo info = null;
+                try
+                {
+                    info = EncryptedPrivateKeyInfo.GetInstance(Asn1Object.FromByteArray(sample));
+                }
+                catch (System.Exception e)
+                {
+                    Fail("failed construction - exception " + e.ToString(), e);
+                }
+
+                PbeS2Parameters alg = PbeS2Parameters.GetInstance(info.EncryptionAlgorithm.Parameters);
+                Pbkdf2Params func = Pbkdf2Params.GetInstance(alg.KeyDerivationFunc.Parameters);
+                EncryptionScheme scheme = alg.EncryptionScheme;
+
+                if (func.KeyLength != null)
+                {
+                    keySize = func.KeyLength.IntValue * 8;
+                }
+
+                int iterationCount = func.IterationCount.IntValue;
+                byte[] salt = func.GetSalt();
+
+                generator.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt, iterationCount);
+
+                DerObjectIdentifier algOid = scheme.ObjectID;
+
+                byte[] iv;
+                if (algOid.Equals(PkcsObjectIdentifiers.RC2Cbc))
+                {
+                    RC2CbcParameter rc2Params = RC2CbcParameter.GetInstance(scheme.Asn1Object);
+                    iv = rc2Params.GetIV();
+                }
+                else
+                {
+                    iv = ((Asn1OctetString) scheme.Asn1Object).GetOctets();
+                }
+
+                ICipherParameters param = new ParametersWithIV(
+                    generator.GenerateDerivedParameters(algOid.Id, keySize), iv);
+
+                cipher.Init(false, param);
+
+                byte[] data = info.GetEncryptedData();
+                byte[] outBytes = new byte[cipher.GetOutputSize(data.Length)];
+                int len = cipher.ProcessBytes(data, 0, data.Length, outBytes, 0);
+
+                try
+                {
+                    len += cipher.DoFinal(outBytes, len);
+                }
+                catch (Exception e)
+                {
+                    Fail("failed DoFinal - exception " + e.ToString());
+                }
+
+                if (result.Length != len)
+                {
+                    Fail("failed length");
+                }
+
+                for (int i = 0; i != len; i++)
+                {
+                    if (outBytes[i] != result[i])
+                    {
+                        Fail("failed comparison");
+                    }
+                }
+            }
+        }
+
+        public override void PerformTest()
+        {
+            BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new DesEngine()));
+            SimpleTest test = new PbeTest(this, 0, cipher, sample1, 64);
+
+            test.PerformTest();
+
+            cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new DesEdeEngine()));
+            test = new PbeTest(this, 1, cipher, sample2, 192);
+
+            test.PerformTest();
+
+            cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new RC2Engine()));
+            test = new PbeTest(this, 2, cipher, sample3, 0);
+
+            test.PerformTest();
+
+            //
+            // RFC 3211 tests
+            //
+            char[] password = "password".ToCharArray();
+            PbeParametersGenerator generator = new Pkcs5S2ParametersGenerator();
+
+            byte[] salt = Hex.Decode("1234567878563412");
+
+            generator.Init(
+                PbeParametersGenerator.Pkcs5PasswordToBytes(password),
+                salt,
+                5);
+
+            if (!AreEqual(((KeyParameter)generator.GenerateDerivedParameters("DES", 64)).GetKey(),
+                Hex.Decode("d1daa78615f287e6")))
+            {
+                Fail("64 test failed");
+            }
+
+            password = "All n-entities must communicate with other n-entities via n-1 entiteeheehees".ToCharArray();
+
+            generator.Init(
+                PbeParametersGenerator.Pkcs5PasswordToBytes(password),
+                salt,
+                500);
+
+            if (!AreEqual(((KeyParameter)generator.GenerateDerivedParameters("DESEDE", 192)).GetKey(),
+                Hex.Decode("6a8970bf68c92caea84a8df28510858607126380cc47ab2d")))
+            {
+                Fail("192 test failed");
+            }
+
+            generator.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt, 60000);
+            if (!AreEqual(((KeyParameter)generator.GenerateDerivedParameters("DESEDE", 192)).GetKey(),
+                Hex.Decode("29aaef810c12ecd2236bbcfb55407f9852b5573dc1c095bb")))
+            {
+                Fail("192 (60000) test failed");
+            }
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new Pkcs5Test());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+
+        static Pkcs5Test()
+        {
+            sample1 = Base64.Decode("MIIBozA9BgkqhkiG9w0BBQ0wMDAbBgkqhkiG9w0BBQwwDgQIfWBDXwLp4K4CAggA" + "MBEGBSsOAwIHBAiaCF/AvOgQ6QSCAWDWX4BdAzCRNSQSANSuNsT5X8mWYO27mr3Y" + "9c9LoBVXGNmYWKA77MI4967f7SmjNcgXj3xNE/jmnVz6hhsjS8E5VPT3kfyVkpdZ" + "0lr5e9Yk2m3JWpPU7++v5zBkZmC4V/MwV/XuIs6U+vykgzMgpxQg0oZKS9zgmiZo" + "f/4dOCL0UtCDnyOSvqT7mCVIcMDIEKu8QbVlgZYBop08l60EuEU3gARUo8WsYQmO" + "Dz/ldx0Z+znIT0SXVuOwc+RVItC5T/Qx+aijmmpt+9l14nmaGBrEkmuhmtdvU/4v" + "aptewGRgmjOfD6cqK+zs0O5NrrJ3P/6ZSxXj91CQgrThGfOv72bUncXEMNtc8pks" + "2jpHFjGMdKufnadAD7XuMgzkkaklEXZ4f5tU6heIIwr51g0GBEGF96gYPFnjnSQM" + "75JE02Clo+DfcfXpcybPTwwFg2jd6JTTOfkdf6OdSlA/1XNK43FA");
+            sample2 = Base64.Decode("MIIBpjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIeFeOWl1jywYCAggA" + "MBQGCCqGSIb3DQMHBAjUJ5eGBhQGtQSCAWBrHrRgqO8UUMLcWzZEtpk1l3mjxiF/" + "koCMkHsFwowgyWhEbgIkTgbSViK54LVK8PskekcGNLph+rB6bGZ7pPbL5pbXASJ8" + "+MkQcG3FZdlS4Ek9tTJDApj3O1UubZGFG4uvTlJJFbF1BOJ3MkY3XQ9Gl1qwv7j5" + "6e103Da7Cq9+oIDKmznza78XXQYrUsPo8mJGjUxPskEYlzwvHjKubRnYm/K6RKhi" + "5f4zX4BQ/Dt3H812ZjRXrsjAJP0KrD/jyD/jCT7zNBVPH1izBds+RwizyQAHwfNJ" + "BFR78TH4cgzB619X47FDVOnT0LqQNVd0O3cSwnPrXE9XR3tPayE+iOB15llFSmi8" + "z0ByOXldEpkezCn92Umk++suzIVj1qfsK+bv2phZWJPbLEIWPDRHUbYf76q5ArAr" + "u4xtxT/hoK3krEs/IN3d70qjlUJ36SEw1UaZ82PWhakQbdtu39ZraMJB");
+            sample3 = Base64.Decode("MIIBrjBIBgkqhkiG9w0BBQ0wOzAeBgkqhkiG9w0BBQwwEQQIrHyQPBZqWLUCAggA" + "AgEQMBkGCCqGSIb3DQMCMA0CAToECEhbh7YZKiPSBIIBYCT1zp6o5jpFlIkgwPop" + "7bW1+8ACr4exqzkeb3WflQ8cWJ4cURxzVdvxUnXeW1VJdaQZtjS/QHs5GhPTG/0f" + "wtvnaPfwrIJ3FeGaZfcg2CrYhalOFmEb4xrE4KyoEQmUN8tb/Cg94uzd16BOPw21" + "RDnE8bnPdIGY7TyL95kbkqH23mK53pi7h+xWIgduW+atIqDyyt55f7WMZcvDvlj6" + "VpN/V0h+qxBHL274WA4dj6GYgeyUFpi60HdGCK7By2TBy8h1ZvKGjmB9h8jZvkx1" + "MkbRumXxyFsowTZawyYvO8Um6lbfEDP9zIEUq0IV8RqH2MRyblsPNSikyYhxX/cz" + "tdDxRKhilySbSBg5Kr8OfcwKp9bpinN96nmG4xr3Tch1bnVvqJzOQ5+Vva2WwVvH" + "2JkWvYm5WaANg4Q6bRxu9vz7DuhbJjQdZbxFezIAgrJdSe92B00jO/0Kny1WjiVO" + "6DA=");
+            result = Hex.Decode("30820155020100300d06092a864886f70d01010105000482013f3082013b020100024100" + "debbfc2c09d61bada2a9462f24224e54cc6b3cc0755f15ce318ef57e79df17026b6a85cc" + "a12428027245045df2052a329a2f9ad3d17b78a10572ad9b22bf343b020301000102402d" + "90a96adcec472743527bc023153d8f0d6e96b40c8ed228276d467d843306429f8670559b" + "f376dd41857f6397c2fc8d95e0e53ed62de420b855430ee4a1b8a1022100ffcaf0838239" + "31e073ff534f06a5d415b3d414bc614a4544a3dff7ed271817eb022100deea30242117db" + "2d3b8837f58f1da530ff83cf9283680da33683ec4e583610f1022100e6026381adb0a683" + "f16a8f4c096b462979b9e4277cc89f3ed8a905b46fa9ff9f02210097c146d4d1d2b3dbaf" + "53a504ff51674c5c271800de84d003f4f10ac6ab36e38102202bfa141f10bda874e1017d" + "845e82767c1c38e82745daf421f0c8cd09d7652387");
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/RC2Test.cs b/crypto/test/src/crypto/test/RC2Test.cs
new file mode 100644
index 000000000..177c1817d
--- /dev/null
+++ b/crypto/test/src/crypto/test/RC2Test.cs
@@ -0,0 +1,58 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+
+    /// <summary> RC2 tester - vectors from  ftp://ftp.isi.edu/in-notes/rfc2268.txt
+    ///
+    /// RFC 2268 "A Description of the RC2(r) Encryption Algorithm"
+    /// </summary>
+
+    [TestFixture]
+    public class RC2Test:CipherTest
+    {
+        public override string Name
+        {
+			get { return "RC2"; }
+        }
+
+		internal static BlockCipherVectorTest[] tests = new BlockCipherVectorTest[]{
+            new BlockCipherVectorTest(0, new RC2Engine(), new RC2Parameters(Hex.Decode("0000000000000000"), 63), "0000000000000000", "ebb773f993278eff"),
+            new BlockCipherVectorTest(1, new RC2Engine(), new RC2Parameters(Hex.Decode("ffffffffffffffff"), 64), "ffffffffffffffff", "278b27e42e2f0d49"),
+            new BlockCipherVectorTest(2, new RC2Engine(), new RC2Parameters(Hex.Decode("3000000000000000"), 64), "1000000000000001", "30649edf9be7d2c2"),
+            new BlockCipherVectorTest(3, new RC2Engine(), new RC2Parameters(Hex.Decode("88"), 64), "0000000000000000", "61a8a244adacccf0"),
+            new BlockCipherVectorTest(4, new RC2Engine(), new RC2Parameters(Hex.Decode("88bca90e90875a"), 64), "0000000000000000", "6ccf4308974c267f"),
+            new BlockCipherVectorTest(5, new RC2Engine(), new RC2Parameters(Hex.Decode("88bca90e90875a7f0f79c384627bafb2"), 64), "0000000000000000", "1a807d272bbe5db1"),
+            new BlockCipherVectorTest(6, new RC2Engine(), new RC2Parameters(Hex.Decode("88bca90e90875a7f0f79c384627bafb2"), 128), "0000000000000000", "2269552ab0f85ca6"),
+            new BlockCipherVectorTest(7, new RC2Engine(), new RC2Parameters(Hex.Decode("88bca90e90875a7f0f79c384627bafb216f80a6f85920584c42fceb0be255daf1e"), 129), "0000000000000000", "5b78d3a43dfff1f1")};
+
+		public RC2Test()
+			:base(tests, new RC2Engine(), new RC2Parameters(new byte[16]))
+        {
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            ITest test = new RC2Test();
+            ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/RC2WrapTest.cs b/crypto/test/src/crypto/test/RC2WrapTest.cs
new file mode 100644
index 000000000..fc27acd2c
--- /dev/null
+++ b/crypto/test/src/crypto/test/RC2WrapTest.cs
@@ -0,0 +1,123 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* RC2 wrap tester
+	*/
+	[TestFixture]
+	public class RC2WrapTest
+		: ITest
+	{
+		private class RFCRandom
+			: SecureRandom
+		{
+			public override void NextBytes(
+				byte[] nextBytes)
+			{
+				Array.Copy(Hex.Decode("4845cce7fd1250"), 0, nextBytes, 0, nextBytes.Length);
+			}
+		}
+
+		private ITestResult wrapTest(
+			int     id,
+			ICipherParameters paramsWrap,
+			ICipherParameters paramsUnwrap,
+			byte[]  inBytes,
+			byte[]  outBytes)
+		{
+			IWrapper wrapper = new RC2WrapEngine();
+
+			wrapper.Init(true, paramsWrap);
+
+			try
+			{
+				byte[]  cText = wrapper.Wrap(inBytes, 0, inBytes.Length);
+				if (!Arrays.AreEqual(cText, outBytes))
+				{
+					return new SimpleTestResult(false, Name + ": failed wrap test " + id
+						+ " expected " + Hex.ToHexString(outBytes)
+						+ " got " + Hex.ToHexString(cText));
+				}
+			}
+			catch (Exception e)
+			{
+				return new SimpleTestResult(false, Name + ": failed wrap test exception " + e, e);
+			}
+
+			wrapper.Init(false, paramsUnwrap);
+
+			try
+			{
+				byte[]  pText = wrapper.Unwrap(outBytes, 0, outBytes.Length);
+				if (!Arrays.AreEqual(pText, inBytes))
+				{
+					return new SimpleTestResult(false, Name + ": failed unwrap test " + id
+						+ " expected " + Hex.ToHexString(inBytes)
+						+ " got " + Hex.ToHexString(pText));
+				}
+			}
+			catch (Exception e)
+			{
+				return new SimpleTestResult(false, Name + ": failed unwrap test exception " + e, e);
+			}
+
+			return new SimpleTestResult(true, Name + ": Okay");
+		}
+
+		public ITestResult Perform()
+		{
+			byte[]  kek1 = Hex.Decode("fd04fd08060707fb0003fefffd02fe05");
+			byte[]  iv1 = Hex.Decode("c7d90059b29e97f7");
+			byte[]  in1 = Hex.Decode("b70a25fbc9d86a86050ce0d711ead4d9");
+			byte[]  out1 = Hex.Decode("70e699fb5701f7833330fb71e87c85a420bdc99af05d22af5a0e48d35f3138986cbaafb4b28d4f35");
+			//
+			// note the RFC 3217 test specifies a key to be used with an effective key size of
+			// 40 bits which is why it is done here - in practice nothing less than 128 bits should be used.
+			//
+			ICipherParameters paramWrap = new ParametersWithRandom(new ParametersWithIV(new RC2Parameters(kek1, 40), iv1), new RFCRandom());
+			ICipherParameters paramUnwrap = new RC2Parameters(kek1, 40);
+
+			ITestResult result = wrapTest(1, paramWrap, paramUnwrap, in1, out1);
+
+			if (!result.IsSuccessful())
+			{
+				return result;
+			}
+
+			return new SimpleTestResult(true, Name + ": Okay");
+		}
+
+		public string Name
+		{
+			get { return "RC2Wrap"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new RC2WrapTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/RC4Test.cs b/crypto/test/src/crypto/test/RC4Test.cs
new file mode 100644
index 000000000..7c1ac9162
--- /dev/null
+++ b/crypto/test/src/crypto/test/RC4Test.cs
@@ -0,0 +1,59 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <summary> RC4 Test</summary>
+    [TestFixture]
+    public class RC4Test
+		: ITest
+    {
+        public string Name
+        {
+			get { return "RC4"; }
+        }
+
+		internal StreamCipherVectorTest[] tests = new StreamCipherVectorTest[]{
+            new StreamCipherVectorTest(0, new RC4Engine(), new KeyParameter(Hex.Decode("0123456789ABCDEF")), "4e6f772069732074", "3afbb5c77938280d"),
+            new StreamCipherVectorTest(0, new RC4Engine(), new KeyParameter(Hex.Decode("0123456789ABCDEF")), "68652074696d6520", "1cf1e29379266d59"),
+            new StreamCipherVectorTest(0, new RC4Engine(), new KeyParameter(Hex.Decode("0123456789ABCDEF")), "666f7220616c6c20", "12fbb0c771276459")};
+
+        public virtual ITestResult Perform()
+        {
+            for (int i = 0; i != tests.Length; i++)
+            {
+                ITestResult res = tests[i].Perform();
+
+                if (!res.IsSuccessful())
+                {
+                    return res;
+                }
+            }
+
+			return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            ITest test = new RC4Test();
+            ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/RC5Test.cs b/crypto/test/src/crypto/test/RC5Test.cs
new file mode 100644
index 000000000..e50878a0e
--- /dev/null
+++ b/crypto/test/src/crypto/test/RC5Test.cs
@@ -0,0 +1,201 @@
+using System;
+
+using NUnit.Framework;
+
+using System.Text;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+
+    /**
+    * RC5 tester - vectors from ftp://ftp.nordu.net/rfc/rfc2040.txt
+    *
+    * RFC 2040 "The RC5, RC5-CBC, RC5-CBC-Pad, and RC5-CTS Algorithms"
+    */
+    [TestFixture]
+    public class RC5Test: ITest
+    {
+        BlockCipherVectorTest[] tests =
+        {
+            new BlockCipherVectorTest(0, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("00"), 0),
+                        Hex.Decode("0000000000000000")),
+                    "0000000000000000", "7a7bba4d79111d1e"),
+            new BlockCipherVectorTest(1, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("00"), 0),
+                        Hex.Decode("0000000000000000")),
+                    "ffffffffffffffff", "797bba4d78111d1e"),
+            new BlockCipherVectorTest(2, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("00"), 0),
+                        Hex.Decode("0000000000000001")),
+                    "0000000000000000", "7a7bba4d79111d1f"),
+            new BlockCipherVectorTest(3, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("00"), 0),
+                        Hex.Decode("0000000000000000")),
+                    "0000000000000001", "7a7bba4d79111d1f"),
+            new BlockCipherVectorTest(4, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("00"), 0),
+                        Hex.Decode("0102030405060708")),
+                    "1020304050607080", "8b9ded91ce7794a6"),
+            new BlockCipherVectorTest(5, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("11"), 1),
+                        Hex.Decode("0000000000000000")),
+                    "0000000000000000", "2f759fe7ad86a378"),
+            new BlockCipherVectorTest(6, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("00"), 2),
+                        Hex.Decode("0000000000000000")),
+                    "0000000000000000", "dca2694bf40e0788"),
+            new BlockCipherVectorTest(7, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("00000000"), 2),
+                        Hex.Decode("0000000000000000")),
+                    "0000000000000000", "dca2694bf40e0788"),
+            new BlockCipherVectorTest(8, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("00000000"), 8),
+                        Hex.Decode("0000000000000000")),
+                    "0000000000000000", "dcfe098577eca5ff"),
+            new BlockCipherVectorTest(9, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("00"), 8),
+                        Hex.Decode("0102030405060708")),
+                    "1020304050607080", "9646fb77638f9ca8"),
+            new BlockCipherVectorTest(10, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("00"), 12),
+                        Hex.Decode("0102030405060708")),
+                    "1020304050607080", "b2b3209db6594da4"),
+            new BlockCipherVectorTest(11, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("00"), 16),
+                        Hex.Decode("0102030405060708")),
+                    "1020304050607080", "545f7f32a5fc3836"),
+            new BlockCipherVectorTest(12, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("01020304"), 8),
+                        Hex.Decode("0000000000000000")),
+                    "ffffffffffffffff", "8285e7c1b5bc7402"),
+            new BlockCipherVectorTest(13, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("01020304"), 12),
+                        Hex.Decode("0000000000000000")),
+                    "ffffffffffffffff", "fc586f92f7080934"),
+            new BlockCipherVectorTest(14, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("01020304"), 16),
+                        Hex.Decode("0000000000000000")),
+                    "ffffffffffffffff", "cf270ef9717ff7c4"),
+            new BlockCipherVectorTest(15, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("0102030405060708"), 12),
+                        Hex.Decode("0000000000000000")),
+                    "ffffffffffffffff", "e493f1c1bb4d6e8c"),
+            new BlockCipherVectorTest(16, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("0102030405060708"), 8),
+                        Hex.Decode("0102030405060708")),
+                    "1020304050607080", "5c4c041e0f217ac3"),
+            new BlockCipherVectorTest(17, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("0102030405060708"), 12),
+                        Hex.Decode("0102030405060708")),
+                    "1020304050607080", "921f12485373b4f7"),
+            new BlockCipherVectorTest(18, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("0102030405060708"), 16),
+                        Hex.Decode("0102030405060708")),
+                    "1020304050607080", "5ba0ca6bbe7f5fad"),
+            new BlockCipherVectorTest(19, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("01020304050607081020304050607080"), 8),
+                        Hex.Decode("0102030405060708")),
+                    "1020304050607080", "c533771cd0110e63"),
+            new BlockCipherVectorTest(20, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("01020304050607081020304050607080"), 12),
+                        Hex.Decode("0102030405060708")),
+                    "1020304050607080", "294ddb46b3278d60"),
+            new BlockCipherVectorTest(21, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("01020304050607081020304050607080"), 16),
+                        Hex.Decode("0102030405060708")),
+                    "1020304050607080", "dad6bda9dfe8f7e8"),
+            new BlockCipherVectorTest(22, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("0102030405"), 12),
+                        Hex.Decode("0000000000000000")),
+                    "ffffffffffffffff", "97e0787837ed317f"),
+            new BlockCipherVectorTest(23, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("0102030405"), 8),
+                        Hex.Decode("0000000000000000")),
+                    "ffffffffffffffff", "7875dbf6738c6478"),
+            new BlockCipherVectorTest(23, new CbcBlockCipher(new RC532Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("0102030405"), 8),
+                        Hex.Decode("7875dbf6738c6478")),
+                    "0808080808080808", "8f34c3c681c99695"),
+            new BlockCipherVectorTest(640, new CbcBlockCipher(new RC564Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("00"), 0),
+                        Hex.Decode("00000000000000000000000000000000")),
+                    "00000000000000000000000000000000", "9f09b98d3f6062d9d4d59973d00e0e63"),
+            new BlockCipherVectorTest(641, new CbcBlockCipher(new RC564Engine()),
+                    new ParametersWithIV(
+                        new RC5Parameters(Hex.Decode("00"), 0),
+                        Hex.Decode("00000000000000000000000000000000")),
+                    "ffffffffffffffffffffffffffffffff", "9e09b98d3f6062d9d3d59973d00e0e63")
+        };
+
+		public string Name
+        {
+			get { return "RC5"; }
+        }
+
+		public ITestResult Perform()
+        {
+            for (int i = 0; i != tests.Length; i++)
+            {
+                ITestResult  res = tests[i].Perform();
+
+                if (!res.IsSuccessful())
+                {
+                    return res;
+                }
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RC5Test test = new RC5Test();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/RC6Test.cs b/crypto/test/src/crypto/test/RC6Test.cs
new file mode 100644
index 000000000..4f59ec4e9
--- /dev/null
+++ b/crypto/test/src/crypto/test/RC6Test.cs
@@ -0,0 +1,54 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <remarks> RC6 Test - test vectors from AES Submitted RSA Reference implementation.
+    /// ftp://ftp.funet.fi/pub/crypt/cryptography/symmetric/aes/rc6-unix-refc.tar
+    /// </remarks>
+	[TestFixture]
+    public class RC6Test
+		: CipherTest
+    {
+        public override string Name
+        {
+			get { return "RC6"; }
+        }
+
+		internal static SimpleTest[] tests = new SimpleTest[]{
+            new BlockCipherVectorTest(0, new RC6Engine(), new KeyParameter(Hex.Decode("00000000000000000000000000000000")), "80000000000000000000000000000000", "f71f65e7b80c0c6966fee607984b5cdf"),
+            new BlockCipherVectorTest(1, new RC6Engine(), new KeyParameter(Hex.Decode("000000000000000000000000000000008000000000000000")), "00000000000000000000000000000000", "dd04c176440bbc6686c90aee775bd368"),
+            new BlockCipherVectorTest(2, new RC6Engine(), new KeyParameter(Hex.Decode("000000000000000000000000000000000000001000000000")), "00000000000000000000000000000000", "937fe02d20fcb72f0f57201012b88ba4"),
+            new BlockCipherVectorTest(3, new RC6Engine(), new KeyParameter(Hex.Decode("00000001000000000000000000000000")), "00000000000000000000000000000000", "8a380594d7396453771a1dfbe2914c8e"),
+            new BlockCipherVectorTest(4, new RC6Engine(), new KeyParameter(Hex.Decode("1000000000000000000000000000000000000000000000000000000000000000")), "00000000000000000000000000000000", "11395d4bfe4c8258979ee2bf2d24dff4"),
+            new BlockCipherVectorTest(5, new RC6Engine(), new KeyParameter(Hex.Decode("0000000000000000000000000000000000080000000000000000000000000000")), "00000000000000000000000000000000", "3d6f7e99f6512553bb983e8f75672b97")};
+
+        public RC6Test()
+			: base(tests, new RC6Engine(), new KeyParameter(new byte[32]))
+        {
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            ITest test = new RC6Test();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/RFC3211WrapTest.cs b/crypto/test/src/crypto/test/RFC3211WrapTest.cs
new file mode 100644
index 000000000..bdef7c999
--- /dev/null
+++ b/crypto/test/src/crypto/test/RFC3211WrapTest.cs
@@ -0,0 +1,216 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* Wrap Test based on RFC3211 test vectors
+	*/
+	[TestFixture]
+	public class Rfc3211WrapTest
+		: SimpleTest
+	{
+		// Note: These test data assume the Rfc3211WrapEngine will call SecureRandom.NextBytes
+
+		SecureRandom r1 = FixedSecureRandom.From(
+			new byte[]{ 0xC4, 0x36, 0xF5, 0x41 });
+
+		SecureRandom r2 = FixedSecureRandom.From(
+			new byte[]{ 0xFA, 0x06, 0x0A, 0x45 });
+
+		public override string Name
+		{
+			get { return "RFC3211Wrap"; }
+		}
+
+		private void doWrapTest(
+			int				id,
+			IBlockCipher	engine,
+			byte[]			kek,
+			byte[]			iv,
+			SecureRandom	rand,
+			byte[]			inBytes,
+			byte[]			outBytes)
+		{
+			IWrapper wrapper = new Rfc3211WrapEngine(engine);
+
+			wrapper.Init(true, new ParametersWithRandom(
+				new ParametersWithIV(new KeyParameter(kek), iv), rand));
+
+			byte[] cText = wrapper.Wrap(inBytes, 0, inBytes.Length);
+			if (!AreEqual(cText, outBytes))
+			{
+				Fail("failed Wrap test " + id  + " expected "
+					+ Hex.ToHexString(outBytes) + " got " + Hex.ToHexString(cText));
+			}
+
+			wrapper.Init(false, new ParametersWithIV(new KeyParameter(kek), iv));
+
+			byte[] pText = wrapper.Unwrap(outBytes, 0, outBytes.Length);
+			if (!AreEqual(pText, inBytes))
+			{
+				Fail("rfailed Unwrap test " + id  + " expected "
+					+ Hex.ToHexString(inBytes) + " got " + Hex.ToHexString(pText));
+			}
+		}
+
+		private void doTestCorruption()
+		{
+			byte[] kek = Hex.Decode("D1DAA78615F287E6");
+			byte[] iv = Hex.Decode("EFE598EF21B33D6D");
+
+			IWrapper wrapper = new Rfc3211WrapEngine(new DesEngine());
+
+			wrapper.Init(false, new ParametersWithIV(new KeyParameter(kek), iv));
+
+			byte[] block = Hex.Decode("ff739D838C627C897323A2F8C436F541");
+			encryptBlock(kek, iv, block);
+
+			try
+			{
+				wrapper.Unwrap(block, 0, block.Length);
+
+				Fail("bad length not detected");
+			}
+			catch (InvalidCipherTextException e)
+			{
+				if (!e.Message.Equals("wrapped key corrupted"))
+				{
+					Fail("wrong exception on length");
+				}
+			}
+
+			block = Hex.Decode("08639D838C627C897323A2F8C436F541");
+			doTestChecksum(kek, iv, block, wrapper);
+
+			block = Hex.Decode("08736D838C627C897323A2F8C436F541");
+			doTestChecksum(kek, iv, block, wrapper);
+	        
+			block = Hex.Decode("08739D638C627C897323A2F8C436F541");
+			doTestChecksum(kek, iv, block, wrapper);
+		}
+
+		private void doTestChecksum(
+			byte[]		kek,
+			byte[]		iv,
+			byte[]		block,
+			IWrapper	wrapper)
+		{
+			encryptBlock(kek, iv, block);
+
+			try
+			{
+				wrapper.Unwrap(block, 0, block.Length);
+
+				Fail("bad checksum not detected");
+			}
+			catch (InvalidCipherTextException e)
+			{
+				if (!e.Message.Equals("wrapped key fails checksum"))
+				{
+					Fail("wrong exception");
+				}
+			}
+		}
+
+		private void encryptBlock(byte[] key, byte[] iv, byte[] cekBlock)
+		{
+			IBlockCipher engine = new CbcBlockCipher(new DesEngine());
+
+			engine.Init(true, new ParametersWithIV(new KeyParameter(key), iv));
+
+			for (int i = 0; i < cekBlock.Length; i += 8)
+			{
+				engine.ProcessBlock(cekBlock, i, cekBlock, i);
+			}
+
+			for (int i = 0; i < cekBlock.Length; i += 8)
+			{
+				engine.ProcessBlock(cekBlock, i, cekBlock, i);
+			}
+		}
+
+		public override void PerformTest()
+		{
+			doWrapTest(1, new DesEngine(), Hex.Decode("D1DAA78615F287E6"), Hex.Decode("EFE598EF21B33D6D"), r1, Hex.Decode("8C627C897323A2F8"), Hex.Decode("B81B2565EE373CA6DEDCA26A178B0C10"));
+			doWrapTest(2, new DesEdeEngine(), Hex.Decode("6A8970BF68C92CAEA84A8DF28510858607126380CC47AB2D"), Hex.Decode("BAF1CA7931213C4E"), r2,
+				Hex.Decode("8C637D887223A2F965B566EB014B0FA5D52300A3F7EA40FFFC577203C71BAF3B"),
+				Hex.Decode("C03C514ABDB9E2C5AAC038572B5E24553876B377AAFB82ECA5A9D73F8AB143D9EC74E6CAD7DB260C"));
+
+			doTestCorruption();
+	        
+			IWrapper wrapper = new Rfc3211WrapEngine(new DesEngine());
+			ParametersWithIV parameters = new ParametersWithIV(new KeyParameter(new byte[16]), new byte[16]);
+			byte[] buf = new byte[16];
+
+			try
+			{
+				wrapper.Init(true, parameters);
+
+				wrapper.Unwrap(buf, 0, buf.Length);
+
+				Fail("failed Unwrap state test.");
+			}
+			catch (InvalidOperationException)
+			{
+				// expected
+			}
+			catch (InvalidCipherTextException e)
+			{
+				Fail("unexpected exception: " + e, e);
+			}
+
+			try
+			{
+				wrapper.Init(false, parameters);
+
+				wrapper.Wrap(buf, 0, buf.Length);
+
+				Fail("failed Unwrap state test.");
+			}
+			catch (InvalidOperationException)
+			{
+				// expected
+			}
+
+			//
+			// short test
+			//
+			try
+			{
+				wrapper.Init(false, parameters);
+
+				wrapper.Unwrap(buf, 0, buf.Length / 2);
+
+				Fail("failed Unwrap short test.");
+			}
+			catch (InvalidCipherTextException)
+			{
+				// expected
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new Rfc3211WrapTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/RSABlindedTest.cs b/crypto/test/src/crypto/test/RSABlindedTest.cs
new file mode 100644
index 000000000..80d6e8e49
--- /dev/null
+++ b/crypto/test/src/crypto/test/RSABlindedTest.cs
@@ -0,0 +1,449 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	[TestFixture]
+	public class RsaBlindedTest
+		: SimpleTest
+	{
+		static BigInteger mod = new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16);
+		static BigInteger  pubExp = new BigInteger("11", 16);
+		static BigInteger  privExp = new BigInteger("92e08f83cc9920746989ca5034dcb384a094fb9c5a6288fcc4304424ab8f56388f72652d8fafc65a4b9020896f2cde297080f2a540e7b7ce5af0b3446e1258d1dd7f245cf54124b4c6e17da21b90a0ebd22605e6f45c9f136d7a13eaac1c0f7487de8bd6d924972408ebb58af71e76fd7b012a8d0e165f3ae2e5077a8648e619", 16);
+		static BigInteger  p = new BigInteger("f75e80839b9b9379f1cf1128f321639757dba514642c206bbbd99f9a4846208b3e93fbbe5e0527cc59b1d4b929d9555853004c7c8b30ee6a213c3d1bb7415d03", 16);
+		static BigInteger  q = new BigInteger("b892d9ebdbfc37e397256dd8a5d3123534d1f03726284743ddc6be3a709edb696fc40c7d902ed804c6eee730eee3d5b20bf6bd8d87a296813c87d3b3cc9d7947", 16);
+		static BigInteger  pExp = new BigInteger("1d1a2d3ca8e52068b3094d501c9a842fec37f54db16e9a67070a8b3f53cc03d4257ad252a1a640eadd603724d7bf3737914b544ae332eedf4f34436cac25ceb5", 16);
+		static BigInteger  qExp = new BigInteger("6c929e4e81672fef49d9c825163fec97c4b7ba7acb26c0824638ac22605d7201c94625770984f78a56e6e25904fe7db407099cad9b14588841b94f5ab498dded", 16);
+		static BigInteger  crtCoef = new BigInteger("dae7651ee69ad1d081ec5e7188ae126f6004ff39556bde90e0b870962fa7b926d070686d8244fe5a9aa709a95686a104614834b0ada4b10f53197a5cb4c97339", 16);
+
+		static string input = "4e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e";
+
+		//
+		// to check that we handling byte extension by big number correctly.
+		//
+		static string edgeInput = "ff6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e";
+
+		static byte[] oversizedSig = Hex.Decode("01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e");
+		static byte[] dudBlock = Hex.Decode("000fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e");
+		static byte[] truncatedDataBlock = Hex.Decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e");
+		static byte[] incorrectPadding = Hex.Decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff4e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e");
+		static byte[] missingDataBlock = Hex.Decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff");
+
+		public override string Name
+		{
+			get { return "RSABlinded"; }
+		}
+
+		private void doTestStrictPkcs1Length(RsaKeyParameters pubParameters, RsaKeyParameters privParameters)
+		{
+			IAsymmetricBlockCipher eng = new RsaBlindedEngine();
+
+			eng.Init(true, privParameters);
+
+			byte[] data = null;
+
+			try
+			{
+				data = eng.ProcessBlock(oversizedSig, 0, oversizedSig.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("RSA: failed - exception " + e.ToString(), e);
+			}
+
+			eng = new Pkcs1Encoding(eng);
+
+			eng.Init(false, pubParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+
+				Fail("oversized signature block not recognised");
+			}
+			catch (InvalidCipherTextException e)
+			{
+				if (!e.Message.Equals("block incorrect size"))
+				{
+					Fail("RSA: failed - exception " + e.ToString(), e);
+				}
+			}
+
+
+			// Create the encoding with StrictLengthEnabled=false (done thru environment in Java version)
+			Pkcs1Encoding.StrictLengthEnabled = false;
+
+			eng = new Pkcs1Encoding(new RsaBlindedEngine());
+
+			eng.Init(false, pubParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (InvalidCipherTextException e)
+			{
+				Fail("RSA: failed - exception " + e.ToString(), e);
+			}
+
+			Pkcs1Encoding.StrictLengthEnabled = true;
+		}
+
+		private void doTestTruncatedPkcs1Block(RsaKeyParameters pubParameters, RsaKeyParameters privParameters)
+		{
+			checkForPkcs1Exception(pubParameters, privParameters, truncatedDataBlock, "block truncated");
+		}
+
+		private void doTestDudPkcs1Block(RsaKeyParameters pubParameters, RsaKeyParameters privParameters)
+		{
+			checkForPkcs1Exception(pubParameters, privParameters, dudBlock, "unknown block type");
+		}
+
+		private void doTestWrongPaddingPkcs1Block(RsaKeyParameters pubParameters, RsaKeyParameters privParameters)
+		{
+			checkForPkcs1Exception(pubParameters, privParameters, incorrectPadding, "block padding incorrect");
+		}
+
+		private void doTestMissingDataPkcs1Block(RsaKeyParameters pubParameters, RsaKeyParameters privParameters)
+		{
+			checkForPkcs1Exception(pubParameters, privParameters, missingDataBlock, "no data in block");
+		}
+
+		private void checkForPkcs1Exception(RsaKeyParameters pubParameters, RsaKeyParameters privParameters, byte[] inputData, string expectedMessage)
+		{
+			IAsymmetricBlockCipher eng = new RsaBlindedEngine();
+
+			eng.Init(true, privParameters);
+
+			byte[] data = null;
+
+			try
+			{
+				data = eng.ProcessBlock(inputData, 0, inputData.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("RSA: failed - exception " + e.ToString(), e);
+			}
+
+			eng = new Pkcs1Encoding(eng);
+
+			eng.Init(false, pubParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+
+				Fail("missing data block not recognised");
+			}
+			catch (InvalidCipherTextException e)
+			{
+				if (!e.Message.Equals(expectedMessage))
+				{
+					Fail("RSA: failed - exception " + e.ToString(), e);
+				}
+			}
+		}
+
+		private void doTestOaep(RsaKeyParameters pubParameters, RsaKeyParameters privParameters)
+		{
+			//
+			// OAEP - public encrypt, private decrypt
+			//
+			IAsymmetricBlockCipher eng = new OaepEncoding(new RsaBlindedEngine());
+			byte[] data = Hex.Decode(input);
+
+			eng.Init(true, pubParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			eng.Init(false, privParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			if (!input.Equals(Hex.ToHexString(data)))
+			{
+				Fail("failed OAEP Test");
+			}
+		}
+
+		public override void PerformTest()
+		{
+			RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod, pubExp);
+			RsaKeyParameters privParameters = new RsaPrivateCrtKeyParameters(mod, pubExp, privExp, p, q, pExp, qExp, crtCoef);
+			byte[] data = Hex.Decode(edgeInput);
+
+			//
+			// RAW
+			//
+			IAsymmetricBlockCipher eng = new RsaBlindedEngine();
+
+			eng.Init(true, pubParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("RSA: failed - exception " + e.ToString(), e);
+			}
+
+			eng.Init(false, privParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			if (!edgeInput.Equals(Hex.ToHexString(data)))
+			{
+				Fail("failed RAW edge Test");
+			}
+
+			data = Hex.Decode(input);
+
+			eng.Init(true, pubParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			eng.Init(false, privParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			if (!input.Equals(Hex.ToHexString(data)))
+			{
+				Fail("failed RAW Test");
+			}
+
+			//
+			// PKCS1 - public encrypt, private decrypt
+			//
+			eng = new Pkcs1Encoding(eng);
+
+			eng.Init(true, pubParameters);
+
+			if (eng.GetOutputBlockSize() != ((Pkcs1Encoding)eng).GetUnderlyingCipher().GetOutputBlockSize())
+			{
+				Fail("PKCS1 output block size incorrect");
+			}
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			eng.Init(false, privParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			if (!input.Equals(Hex.ToHexString(data)))
+			{
+				Fail("failed PKCS1 public/private Test");
+			}
+
+			//
+			// PKCS1 - private encrypt, public decrypt
+			//
+			eng = new Pkcs1Encoding(((Pkcs1Encoding)eng).GetUnderlyingCipher());
+
+			eng.Init(true, privParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			eng.Init(false, pubParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			if (!input.Equals(Hex.ToHexString(data)))
+			{
+				Fail("failed PKCS1 private/public Test");
+			}
+
+			//
+			// key generation test
+			//
+			RsaKeyPairGenerator pGen = new RsaKeyPairGenerator();
+			RsaKeyGenerationParameters genParam = new RsaKeyGenerationParameters(
+				BigInteger.ValueOf(0x11), new SecureRandom(), 768, 25);
+
+			pGen.Init(genParam);
+
+			AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair();
+
+			eng = new RsaBlindedEngine();
+
+			if (((RsaKeyParameters)pair.Public).Modulus.BitLength < 768)
+			{
+				Fail("failed key generation (768) length test");
+			}
+
+			eng.Init(true, pair.Public);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			eng.Init(false, pair.Private);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			if (!input.Equals(Hex.ToHexString(data)))
+			{
+				Fail("failed key generation (768) Test");
+			}
+
+			genParam = new RsaKeyGenerationParameters(BigInteger.ValueOf(0x11), new SecureRandom(), 1024, 25);
+
+			pGen.Init(genParam);
+			pair = pGen.GenerateKeyPair();
+
+			eng.Init(true, pair.Public);
+
+			if (((RsaKeyParameters)pair.Public).Modulus.BitLength < 1024)
+			{
+				Fail("failed key generation (1024) length test");
+			}
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			eng.Init(false, pair.Private);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			if (!input.Equals(Hex.ToHexString(data)))
+			{
+				Fail("failed key generation (1024) test");
+			}
+
+			doTestOaep(pubParameters, privParameters);
+			doTestStrictPkcs1Length(pubParameters, privParameters);
+			doTestDudPkcs1Block(pubParameters, privParameters);
+			doTestMissingDataPkcs1Block(pubParameters, privParameters);
+			doTestTruncatedPkcs1Block(pubParameters, privParameters);
+			doTestWrongPaddingPkcs1Block(pubParameters, privParameters);
+
+			try
+			{
+				new RsaBlindedEngine().ProcessBlock(new byte[]{ 1 }, 0, 1);
+				Fail("failed initialisation check");
+			}
+			catch (InvalidOperationException)
+			{
+				// expected
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new RsaBlindedTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/RegressionTest.cs b/crypto/test/src/crypto/test/RegressionTest.cs
new file mode 100644
index 000000000..687e9ee4f
--- /dev/null
+++ b/crypto/test/src/crypto/test/RegressionTest.cs
@@ -0,0 +1,126 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    public class RegressionTest
+    {
+        public static ITest[] tests = new ITest[]
+        {
+            new AesTest(),
+            new AesLightTest(),
+            new AesFastTest(),
+            new AesWrapTest(),
+            new DesTest(),
+            new DesEdeTest(),
+            new ModeTest(),
+            new PaddingTest(),
+            new DHTest(),
+            new ElGamalTest(),
+            new DsaTest(),
+            new ECTest(),
+            new Gost3410Test(),
+            new ECGost3410Test(),
+            new EcIesTest(),
+            new EcNrTest(),
+            new MacTest(),
+            new Gost28147MacTest(),
+            new RC2Test(),
+            new RC2WrapTest(),
+            new RC4Test(),
+            new RC5Test(),
+            new RC6Test(),
+            new RijndaelTest(),
+            new SerpentTest(),
+            new CamelliaTest(),
+            new CamelliaLightTest(),
+            new DigestRandomNumberTest(),
+            new SkipjackTest(),
+            new BlowfishTest(),
+            new TwofishTest(),
+            new Cast5Test(),
+            new Cast6Test(),
+            new Gost28147Test(),
+#if INCLUDE_IDEA
+            new IdeaTest(),
+#endif
+            new RsaBlindedTest(),
+            new RsaTest(),
+            new ISO9796Test(),
+            new ISO9797Alg3MacTest(),
+            new MD2DigestTest(),
+            new MD4DigestTest(),
+            new MD5DigestTest(),
+            new PssBlindTest(),
+            new Sha1DigestTest(),
+            new Sha224DigestTest(),
+            new Sha256DigestTest(),
+            new Sha384DigestTest(),
+            new Sha512DigestTest(),
+            new Sha512t224DigestTest(),
+            new Sha512t256DigestTest(),
+            new Sha3DigestTest(),
+            new RipeMD128DigestTest(),
+            new RipeMD160DigestTest(),
+            new RipeMD256DigestTest(),
+            new RipeMD320DigestTest(),
+            new TigerDigestTest(),
+            new Gost3411DigestTest(),
+            new WhirlpoolDigestTest(),
+            new MD5HMacTest(),
+            new Sha1HMacTest(),
+            new Sha224HMacTest(),
+            new Sha256HMacTest(),
+            new Sha384HMacTest(),
+            new Sha512HMacTest(),
+            new RipeMD128HMacTest(),
+            new RipeMD160HMacTest(),
+            new OaepTest(),
+            new PssTest(),
+            new CTSTest(),
+            new CcmTest(),
+            new Pkcs5Test(),
+            new Pkcs12Test(),
+            new Kdf1GeneratorTest(),
+            new Kdf2GeneratorTest(),
+            new Mgf1GeneratorTest(),
+            new DHKekGeneratorTest(),
+            new ECDHKekGeneratorTest(),
+            new ShortenedDigestTest(),
+            new EqualsHashCodeTest(),
+            new TeaTest(),
+            new XteaTest(),
+            new Rfc3211WrapTest(),
+            new SeedTest(),
+            new NaccacheSternTest(),
+            new Salsa20Test(),
+            new CMacTest(),
+            new EaxTest(),
+            new GcmTest(),
+            new HCFamilyTest(),
+            new HCFamilyVecTest(),
+            new IsaacTest(),
+            new NoekeonTest(),
+            new VmpcKsa3Test(),
+            new VmpcMacTest(),
+            new VmpcTest(),
+            new Srp6Test(),
+            new SCryptTest(),
+            new NullTest(),
+            new SipHashTest(),
+            new OcbTest(),
+        };
+
+        public static void Main(
+            string[] args)
+        {
+            for (int i = 0; i != tests.Length; i++)
+            {
+                ITestResult result = tests[i].Perform();
+
+                Console.WriteLine(result);
+            }
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/RijndaelTest.cs b/crypto/test/src/crypto/test/RijndaelTest.cs
new file mode 100644
index 000000000..f714c83eb
--- /dev/null
+++ b/crypto/test/src/crypto/test/RijndaelTest.cs
@@ -0,0 +1,135 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /**
+    * Test vectors from the NIST standard tests and Brian Gladman's vector set
+    * <a href="http://fp.gladman.plus.com/cryptography_technology/rijndael/">
+    * http://fp.gladman.plus.com/cryptography_technology/rijndael/</a>
+    */
+    [TestFixture]
+    public class RijndaelTest
+		: CipherTest
+    {
+        static SimpleTest[] tests =
+        {
+            new BlockCipherVectorTest(0, new RijndaelEngine(128),
+                    new KeyParameter(Hex.Decode("80000000000000000000000000000000")),
+                    "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
+            new BlockCipherVectorTest(1, new RijndaelEngine(128),
+                    new KeyParameter(Hex.Decode("00000000000000000000000000000080")),
+                    "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
+            new BlockCipherMonteCarloTest(2, 10000, new RijndaelEngine(128),
+                    new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+                    "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
+            new BlockCipherMonteCarloTest(3, 10000, new RijndaelEngine(128),
+                    new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")),
+                    "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
+            new BlockCipherVectorTest(4, new RijndaelEngine(128),
+                    new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
+                    "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
+            new BlockCipherMonteCarloTest(5, 10000, new RijndaelEngine(128),
+                    new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")),
+                    "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
+            new BlockCipherVectorTest(6, new RijndaelEngine(128),
+                    new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+                    "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
+            new BlockCipherMonteCarloTest(7, 10000, new RijndaelEngine(128),
+                    new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")),
+                    "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"),
+            new BlockCipherVectorTest(8, new RijndaelEngine(160),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c")),
+                    "3243f6a8885a308d313198a2e03707344a409382", "16e73aec921314c29df905432bc8968ab64b1f51"),
+            new BlockCipherVectorTest(8, new RijndaelEngine(160),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160")),
+                    "3243f6a8885a308d313198a2e03707344a409382", "0553eb691670dd8a5a5b5addf1aa7450f7a0e587"),
+            new BlockCipherVectorTest(8, new RijndaelEngine(160),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da5")),
+                    "3243f6a8885a308d313198a2e03707344a409382", "73cd6f3423036790463aa9e19cfcde894ea16623"),
+            new BlockCipherVectorTest(8, new RijndaelEngine(160),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d90")),
+                    "3243f6a8885a308d313198a2e03707344a409382", "601b5dcd1cf4ece954c740445340bf0afdc048df"),
+            new BlockCipherVectorTest(8, new RijndaelEngine(160),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d9045190cfe")),
+                    "3243f6a8885a308d313198a2e03707344a409382", "579e930b36c1529aa3e86628bacfe146942882cf"),
+            new BlockCipherVectorTest(8, new RijndaelEngine(192),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c")),
+                    "3243f6a8885a308d313198a2e03707344a4093822299f31d", "b24d275489e82bb8f7375e0d5fcdb1f481757c538b65148a"),
+            new BlockCipherVectorTest(9, new RijndaelEngine(192),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da5")),
+                    "3243f6a8885a308d313198a2e03707344a4093822299f31d", "725ae43b5f3161de806a7c93e0bca93c967ec1ae1b71e1cf"),
+            new BlockCipherVectorTest(10, new RijndaelEngine(192),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d90")),
+                    "3243f6a8885a308d313198a2e03707344a4093822299f31d", "bbfc14180afbf6a36382a061843f0b63e769acdc98769130"),
+            new BlockCipherVectorTest(11, new RijndaelEngine(192),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d9045190cfe")),
+                    "3243f6a8885a308d313198a2e03707344a4093822299f31d", "0ebacf199e3315c2e34b24fcc7c46ef4388aa475d66c194c"),
+            new BlockCipherVectorTest(12, new RijndaelEngine(224),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c")),
+                    "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa9", "b0a8f78f6b3c66213f792ffd2a61631f79331407a5e5c8d3793aceb1"),
+            new BlockCipherVectorTest(13, new RijndaelEngine(224),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160")),
+                    "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa9", "08b99944edfce33a2acb131183ab0168446b2d15e958480010f545e3"),
+            new BlockCipherVectorTest(14, new RijndaelEngine(224),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da5")),
+                    "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa9", "be4c597d8f7efe22a2f7e5b1938e2564d452a5bfe72399c7af1101e2"),
+            new BlockCipherVectorTest(15, new RijndaelEngine(224),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d90")),
+                    "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa9", "ef529598ecbce297811b49bbed2c33bbe1241d6e1a833dbe119569e8"),
+            new BlockCipherVectorTest(16, new RijndaelEngine(224),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d9045190cfe")),
+                    "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa9", "02fafc200176ed05deb8edb82a3555b0b10d47a388dfd59cab2f6c11"),
+            new BlockCipherVectorTest(17, new RijndaelEngine(256),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c")),
+                    "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa98ec4e6c8", "7d15479076b69a46ffb3b3beae97ad8313f622f67fedb487de9f06b9ed9c8f19"),
+            new BlockCipherVectorTest(18, new RijndaelEngine(256),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160")),
+                    "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa98ec4e6c8", "514f93fb296b5ad16aa7df8b577abcbd484decacccc7fb1f18dc567309ceeffd"),
+            new BlockCipherVectorTest(19, new RijndaelEngine(256),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da5")),
+                    "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa98ec4e6c8", "5d7101727bb25781bf6715b0e6955282b9610e23a43c2eb062699f0ebf5887b2"),
+            new BlockCipherVectorTest(20, new RijndaelEngine(256),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d90")),
+                    "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa98ec4e6c8", "d56c5a63627432579e1dd308b2c8f157b40a4bfb56fea1377b25d3ed3d6dbf80"),
+            new BlockCipherVectorTest(21, new RijndaelEngine(256),
+                    new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d9045190cfe")),
+                    "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa98ec4e6c8", "a49406115dfb30a40418aafa4869b7c6a886ff31602a7dd19c889dc64f7e4e7a")
+        };
+
+		public RijndaelTest()
+			: base(tests, new RijndaelEngine(128), new KeyParameter(new byte[16]))
+		{
+		}
+
+		public override string Name
+        {
+			get { return "Rijndael"; }
+        }
+
+        public static void Main(
+			string[] args)
+        {
+            ITest test = new RijndaelTest();
+            ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+
+}
diff --git a/crypto/test/src/crypto/test/RipeMD128DigestTest.cs b/crypto/test/src/crypto/test/RipeMD128DigestTest.cs
new file mode 100644
index 000000000..61d70f3f8
--- /dev/null
+++ b/crypto/test/src/crypto/test/RipeMD128DigestTest.cs
@@ -0,0 +1,135 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /**
+     * RipeMD128 IDigest Test
+     */
+    [TestFixture]
+    public class RipeMD128DigestTest: ITest
+    {
+        readonly static string[] messages =
+        {
+            "",
+            "a",
+            "abc",
+            "message digest",
+            "abcdefghijklmnopqrstuvwxyz",
+            "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+            "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+            "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
+        };
+
+        readonly static string[] digests = {
+            "cdf26213a150dc3ecb610f18f6b38b46",
+            "86be7afa339d0fc7cfc785e72f578d33",
+            "c14a12199c66e4ba84636b0f69144c77",
+            "9e327b3d6e523062afc1132d7df9d1b8",
+            "fd2aa607f71dc8f510714922b371834e",
+            "a1aa0689d0fafa2ddc22e88b49133a06",
+            "d1e959eb179c911faea4624c60c5c702",
+            "3f45ef194732c2dbb2c4a2c769795fa3"
+        };
+
+		readonly static string MillionADigest = "4a7f5723f954eba1216c9d8f6320431f";
+
+        public string Name
+        {
+			get { return "RipeMD128"; }
+        }
+
+		public ITestResult Perform()
+        {
+            IDigest digest = new RipeMD128Digest();
+            byte[] resBuf = new byte[digest.GetDigestSize()];
+
+            for (int i = 0; i < messages.Length; i++)
+            {
+                byte[] m = Encoding.ASCII.GetBytes(messages[i]);
+                digest.BlockUpdate(m, 0, m.Length);
+                digest.DoFinal(resBuf, 0);
+
+                if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i])))
+                {
+                    return new SimpleTestResult(false, Name + ": Vector " + i + " failed");
+                }
+            }
+
+            //
+            // test 2
+            //
+            byte[] mm = Encoding.ASCII.GetBytes(messages[messages.Length-1]);
+
+            digest.BlockUpdate(mm, 0, mm.Length/2);
+
+            // clone the IDigest
+            IDigest d = new RipeMD128Digest((RipeMD128Digest)digest);
+
+            digest.BlockUpdate(mm, mm.Length/2, mm.Length - mm.Length/2);
+            digest.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[digests.Length-1])))
+            {
+                return new SimpleTestResult(false,
+                    "RipeMD128 failing clone test"
+                    + SimpleTest.NewLine
+                    + "    expected: " + digests[digests.Length-1]
+                    + SimpleTest.NewLine
+                    + "    got     : " + Hex.ToHexString(resBuf));
+            }
+
+            d.BlockUpdate(mm, mm.Length/2, mm.Length - mm.Length/2);
+            d.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[digests.Length-1])))
+            {
+                return new SimpleTestResult(false,
+                    "RipeMD128 failing clone test - part 2"
+                    + SimpleTest.NewLine
+                    + "    expected: " +  digests[digests.Length-1]
+                    + SimpleTest.NewLine
+                    + "    got     : " + Hex.ToHexString(resBuf));
+            }
+
+            for (int i = 0; i < 1000000; i++)
+            {
+                digest.Update((byte)'a');
+            }
+            digest.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(MillionADigest)))
+            {
+                return new SimpleTestResult(false, Name + ": Million a's failed");
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public static void Main(
+			string[] args)
+        {
+            ITest test = new RipeMD128DigestTest();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+
+}
diff --git a/crypto/test/src/crypto/test/RipeMD128HMacTest.cs b/crypto/test/src/crypto/test/RipeMD128HMacTest.cs
new file mode 100644
index 000000000..2f6a2d979
--- /dev/null
+++ b/crypto/test/src/crypto/test/RipeMD128HMacTest.cs
@@ -0,0 +1,100 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /**
+     * RipeMD128 HMac Test, test vectors from RFC 2286
+     */
+    [TestFixture]
+    public class RipeMD128HMacTest: ITest
+    {
+        readonly static string[] keys =
+        {
+            "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
+            "4a656665",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+            "0102030405060708090a0b0c0d0e0f10111213141516171819",
+            "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+        };
+
+        readonly static string[] digests = {
+            "fbf61f9492aa4bbf81c172e84e0734db",
+            "875f828862b6b334b427c55f9f7ff09b",
+            "09f0b2846d2f543da363cbec8d62a38d",
+            "bdbbd7cf03e44b5aa60af815be4d2294",
+            "e79808f24b25fd031c155f0d551d9a3a",
+            "dc732928de98104a1f59d373c150acbb",
+            "5c6bec96793e16d40690c237635f30c5"
+        };
+
+        readonly static string[] messages = {
+            "Hi There",
+            "what do ya want for nothing?",
+            "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd",
+            "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
+            "Test With Truncation",
+            "Test Using Larger Than Block-Size Key - Hash Key First",
+            "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data"
+        };
+
+		public string Name
+        {
+			get { return "RipeMD128HMac"; }
+        }
+
+		public ITestResult Perform()
+        {
+            HMac hmac = new HMac(new RipeMD128Digest());
+            byte[] resBuf = new byte[hmac.GetMacSize()];
+
+            for (int i = 0; i < messages.Length; i++)
+            {
+                byte[] m = Encoding.ASCII.GetBytes(messages[i]);
+                if (messages[i].StartsWith("0x"))
+                {
+                    m = Hex.Decode(messages[i].Substring(2));
+                }
+                hmac.Init(new KeyParameter(Hex.Decode(keys[i])));
+                hmac.BlockUpdate(m, 0, m.Length);
+                hmac.DoFinal(resBuf, 0);
+
+                if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i])))
+                {
+                    return new SimpleTestResult(false, Name + ": Vector " + i + " failed");
+                }
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            ITest test = new RipeMD128HMacTest();
+            ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/RipeMD160DigestTest.cs b/crypto/test/src/crypto/test/RipeMD160DigestTest.cs
new file mode 100644
index 000000000..347c64d49
--- /dev/null
+++ b/crypto/test/src/crypto/test/RipeMD160DigestTest.cs
@@ -0,0 +1,135 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /**
+     * RipeMD160 IDigest Test
+     */
+    [TestFixture]
+    public class RipeMD160DigestTest
+		: ITest
+    {
+        readonly static string[] messages =
+        {
+            "",
+            "a",
+            "abc",
+            "message digest",
+            "abcdefghijklmnopqrstuvwxyz",
+            "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+            "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+            "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
+        };
+
+        readonly static string[] digests = {
+            "9c1185a5c5e9fc54612808977ee8f548b2258d31",
+            "0bdc9d2d256b3ee9daae347be6f4dc835a467ffe",
+            "8eb208f7e05d987a9b044a8e98c6b087f15a0bfc",
+            "5d0689ef49d2fae572b881b123a85ffa21595f36",
+            "f71c27109c692c1b56bbdceb5b9d2865b3708dbc",
+            "12a053384a9c0c88e405a06c27dcf49ada62eb2b",
+            "b0e20b6e3116640286ed3a87a5713079b21f5189",
+            "9b752e45573d4b39f4dbd3323cab82bf63326bfb"
+        };
+
+        readonly static string MillionADigest = "52783243c1697bdbe16d37f97f68f08325dc1528";
+
+        public string Name
+        {
+			get { return "RipeMD160"; }
+        }
+
+		public ITestResult Perform()
+        {
+            IDigest digest = new RipeMD160Digest();
+            byte[] resBuf = new byte[digest.GetDigestSize()];
+
+            for (int i = 0; i < messages.Length; i++)
+            {
+                byte[] m = Encoding.ASCII.GetBytes(messages[i]);
+                digest.BlockUpdate(m, 0, m.Length);
+                digest.DoFinal(resBuf, 0);
+
+                if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i])))
+                {
+                    return new SimpleTestResult(false, Name + ": Vector " + i + " failed");
+                }
+            }
+
+            //
+            // test 2
+            //
+            byte[] mm = Encoding.ASCII.GetBytes(messages[messages.Length-1]);
+
+            digest.BlockUpdate(mm, 0, mm.Length/2);
+
+            // clone the IDigest
+            IDigest d = new RipeMD160Digest((RipeMD160Digest)digest);
+
+            digest.BlockUpdate(mm, mm.Length/2, mm.Length - mm.Length/2);
+            digest.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[digests.Length-1])))
+            {
+                return new SimpleTestResult(false,
+                    "RipeMD160 failing clone test"
+                    + SimpleTest.NewLine
+                    + "    expected: " + digests[digests.Length-1]
+                    + SimpleTest.NewLine
+                    + "    got     : " + Hex.ToHexString(resBuf));
+            }
+
+            d.BlockUpdate(mm, mm.Length/2, mm.Length - mm.Length/2);
+            d.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[digests.Length-1])))
+            {
+                return new SimpleTestResult(false,
+                    "RipeMD160 failing clone test - part 2"
+                    + SimpleTest.NewLine
+                    + "    expected: " +  digests[digests.Length-1]
+                    + SimpleTest.NewLine
+                    + "    got     : " + Hex.ToHexString(resBuf));
+            }
+
+            for (int i = 0; i < 1000000; i++)
+            {
+                digest.Update((byte)'a');
+            }
+            digest.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(MillionADigest)))
+            {
+                return new SimpleTestResult(false, Name + ": Million a's failed");
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+		public static void Main(
+			string[] args)
+        {
+            ITest test = new RipeMD160DigestTest();
+            ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/RipeMD160HMacTest.cs b/crypto/test/src/crypto/test/RipeMD160HMacTest.cs
new file mode 100644
index 000000000..cc87a535f
--- /dev/null
+++ b/crypto/test/src/crypto/test/RipeMD160HMacTest.cs
@@ -0,0 +1,102 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /**
+     * RipeMD160 HMac Test, test vectors from RFC 2286
+     */
+    [TestFixture]
+    public class RipeMD160HMacTest
+		: ITest
+    {
+        readonly static string[] keys =
+        {
+            "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
+            "4a656665",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+            "0102030405060708090a0b0c0d0e0f10111213141516171819",
+            "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+        };
+
+        readonly static string[] digests = {
+            "24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668",
+            "dda6c0213a485a9e24f4742064a7f033b43c4069",
+            "b0b105360de759960ab4f35298e116e295d8e7c1",
+            "d5ca862f4d21d5e610e18b4cf1beb97a4365ecf4",
+            "7619693978f91d90539ae786500ff3d8e0518e39",
+            "6466ca07ac5eac29e1bd523e5ada7605b791fd8b",
+            "69ea60798d71616cce5fd0871e23754cd75d5a0a"
+        };
+
+        readonly static string[] messages = {
+            "Hi There",
+            "what do ya want for nothing?",
+            "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd",
+            "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
+            "Test With Truncation",
+            "Test Using Larger Than Block-Size Key - Hash Key First",
+            "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data"
+        };
+
+        public string Name
+        {
+			get { return "RipeMD160HMac"; }
+        }
+
+		public ITestResult Perform()
+        {
+            HMac hmac = new HMac(new RipeMD160Digest());
+            byte[] resBuf = new byte[hmac.GetMacSize()];
+
+            for (int i = 0; i < messages.Length; i++)
+            {
+                byte[] m = Encoding.ASCII.GetBytes(messages[i]);
+                if (messages[i].StartsWith("0x"))
+                {
+                    m = Hex.Decode(messages[i].Substring(2));
+                }
+                hmac.Init(new KeyParameter(Hex.Decode(keys[i])));
+                hmac.BlockUpdate(m, 0, m.Length);
+                hmac.DoFinal(resBuf, 0);
+
+                if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i])))
+                {
+                    return new SimpleTestResult(false, Name + ": Vector " + i + " failed");
+                }
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            ITest test = new RipeMD160HMacTest();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+
+}
diff --git a/crypto/test/src/crypto/test/RipeMD256DigestTest.cs b/crypto/test/src/crypto/test/RipeMD256DigestTest.cs
new file mode 100644
index 000000000..909200d64
--- /dev/null
+++ b/crypto/test/src/crypto/test/RipeMD256DigestTest.cs
@@ -0,0 +1,104 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <summary> RipeMD256 IDigest Test</summary>
+    [TestFixture]
+    public class RipeMD256DigestTest
+		: ITest
+    {
+        public string Name
+        {
+			get { return "RipeMD256"; }
+        }
+
+		internal static readonly string[] messages = new string[]{"", "a", "abc", "message digest", "abcdefghijklmnopqrstuvwxyz", "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", "12345678901234567890123456789012345678901234567890123456789012345678901234567890"};
+
+		internal static readonly string[] digests = new string[]{"02ba4c4e5f8ecd1877fc52d64d30e37a2d9774fb1e5d026380ae0168e3c5522d", "f9333e45d857f5d90a91bab70a1eba0cfb1be4b0783c9acfcd883a9134692925", "afbd6e228b9d8cbbcef5ca2d03e6dba10ac0bc7dcbe4680e1e42d2e975459b65", "87e971759a1ce47a514d5c914c392c9018c7c46bc14465554afcdf54a5070c0e", "649d3034751ea216776bf9a18acc81bc7896118a5197968782dd1fd97d8d5133", "3843045583aac6c8c8d9128573e7a9809afb2a0f34ccc36ea9e72f16f6368e3f", "5740a408ac16b720b84424ae931cbb1fe363d1d0bf4017f1a89f7ea6de77a0b8", "06fdcc7a409548aaf91368c06a6275b553e3f099bf0ea4edfd6778df89a890dd"};
+
+		internal const string MillionADigest = "ac953744e10e31514c150d4d8d7b677342e33399788296e43ae4850ce4f97978";
+
+		public virtual ITestResult Perform()
+        {
+            IDigest digest = new RipeMD256Digest();
+            byte[] resBuf = new byte[digest.GetDigestSize()];
+
+			for (int i = 0; i < messages.Length; i++)
+            {
+                byte[] m = Encoding.ASCII.GetBytes(messages[i]);
+                digest.BlockUpdate(m, 0, m.Length);
+                digest.DoFinal(resBuf, 0);
+
+                if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i])))
+                {
+                    return new SimpleTestResult(false, Name + ": Vector " + i + " failed" + "    expected: " + digests[i] + SimpleTest.NewLine + "    got     : " + Hex.ToHexString(resBuf));
+                }
+            }
+
+            //
+            // test 2
+            //
+            byte[] m2 = Encoding.ASCII.GetBytes(messages[messages.Length - 1]);
+            digest.BlockUpdate(m2, 0, m2.Length / 2);
+
+			// clone the IDigest
+            IDigest d = new RipeMD256Digest((RipeMD256Digest) digest);
+
+            digest.BlockUpdate(m2, m2.Length / 2, m2.Length - m2.Length / 2);
+            digest.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[digests.Length - 1])))
+            {
+                return new SimpleTestResult(false, "RipeMD256 failing clone test" + SimpleTest.NewLine + "    expected: " + digests[digests.Length - 1] + SimpleTest.NewLine + "    got     : " + Hex.ToHexString(resBuf));
+            }
+
+            d.BlockUpdate(m2, m2.Length / 2, m2.Length - m2.Length / 2);
+            d.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[digests.Length - 1])))
+            {
+                return new SimpleTestResult(false, "RipeMD256 failing clone test - part 2" + SimpleTest.NewLine + "    expected: " + digests[digests.Length - 1] + SimpleTest.NewLine + "    got     : " + Hex.ToHexString(resBuf));
+            }
+
+            for (int i = 0; i < 1000000; i++)
+            {
+                digest.Update((byte) 'a');
+            }
+
+			digest.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(MillionADigest)))
+            {
+                return new SimpleTestResult(false, Name + ": Million a's failed");
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+		public static void Main(
+			string[] args)
+        {
+            ITest test = new RipeMD256DigestTest();
+            ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+    }
+}
diff --git a/crypto/test/src/crypto/test/RipeMD320DigestTest.cs b/crypto/test/src/crypto/test/RipeMD320DigestTest.cs
new file mode 100644
index 000000000..253cb9d9a
--- /dev/null
+++ b/crypto/test/src/crypto/test/RipeMD320DigestTest.cs
@@ -0,0 +1,105 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <summary> RipeMD320 IDigest Test</summary>
+    [TestFixture]
+    public class RipeMD320DigestTest
+		: ITest
+    {
+        public string Name
+        {
+			get { return "RipeMD320"; }
+        }
+
+		internal static readonly string[] messages = new string[]{"", "a", "abc", "message digest", "abcdefghijklmnopqrstuvwxyz", "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", "12345678901234567890123456789012345678901234567890123456789012345678901234567890"};
+
+		internal static readonly string[] digests = new string[]{"22d65d5661536cdc75c1fdf5c6de7b41b9f27325ebc61e8557177d705a0ec880151c3a32a00899b8", "ce78850638f92658a5a585097579926dda667a5716562cfcf6fbe77f63542f99b04705d6970dff5d", "de4c01b3054f8930a79d09ae738e92301e5a17085beffdc1b8d116713e74f82fa942d64cdbc4682d", "3a8e28502ed45d422f68844f9dd316e7b98533fa3f2a91d29f84d425c88d6b4eff727df66a7c0197", "cabdb1810b92470a2093aa6bce05952c28348cf43ff60841975166bb40ed234004b8824463e6b009", "d034a7950cf722021ba4b84df769a5de2060e259df4c9bb4a4268c0e935bbc7470a969c9d072a1ac", "ed544940c86d67f250d232c30b7b3e5770e0c60c8cb9a4cafe3b11388af9920e1b99230b843c86a4", "557888af5f6d8ed62ab66945c6d2a0a47ecd5341e915eb8fea1d0524955f825dc717e4a008ab2d42"};
+
+		internal const string MillionADigest = "bdee37f4371e20646b8b0d862dda16292ae36f40965e8c8509e63d1dbddecc503e2b63eb9245bb66";
+
+		public virtual ITestResult Perform()
+        {
+            IDigest digest = new RipeMD320Digest();
+            byte[] resBuf = new byte[digest.GetDigestSize()];
+
+            for (int i = 0; i < messages.Length; i++)
+            {
+                byte[] m = Encoding.ASCII.GetBytes(messages[i]);
+                digest.BlockUpdate(m, 0, m.Length);
+                digest.DoFinal(resBuf, 0);
+
+                if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i])))
+                {
+                    Console.WriteLine(Name + ": Vector " + i + " failed" + "    expected: " + digests[i] + SimpleTest.NewLine + "    got     : " + Hex.ToHexString(resBuf));
+                    return new SimpleTestResult(false, Name + ": Vector " + i + " failed");
+                }
+            }
+
+            //
+            // test 2
+            //
+            byte[] m2 = Encoding.ASCII.GetBytes(messages[messages.Length - 1]);
+
+            digest.BlockUpdate(m2, 0, m2.Length / 2);
+
+            // clone the IDigest
+            IDigest d = new RipeMD320Digest((RipeMD320Digest) digest);
+
+            digest.BlockUpdate(m2, m2.Length / 2, m2.Length - m2.Length / 2);
+            digest.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[digests.Length - 1])))
+            {
+                return new SimpleTestResult(false, "RipeMD320 failing clone test" + SimpleTest.NewLine + "    expected: " + digests[digests.Length - 1] + SimpleTest.NewLine + "    got     : " + Hex.ToHexString(resBuf));
+            }
+
+            d.BlockUpdate(m2, m2.Length / 2, m2.Length - m2.Length / 2);
+            d.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[digests.Length - 1])))
+            {
+                return new SimpleTestResult(false, "RipeMD320 failing clone test - part 2" + SimpleTest.NewLine + "    expected: " + digests[digests.Length - 1] + SimpleTest.NewLine + "    got     : " + Hex.ToHexString(resBuf));
+            }
+
+            for (int i = 0; i < 1000000; i++)
+            {
+                digest.Update((byte) 'a');
+            }
+            digest.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(MillionADigest)))
+            {
+                return new SimpleTestResult(false, Name + ": Million a's failed");
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public static void Main(
+			string[] args)
+        {
+            ITest test = new RipeMD320DigestTest();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/RsaTest.cs b/crypto/test/src/crypto/test/RsaTest.cs
new file mode 100644
index 000000000..c343f0ba5
--- /dev/null
+++ b/crypto/test/src/crypto/test/RsaTest.cs
@@ -0,0 +1,596 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	[TestFixture]
+	public class RsaTest
+		: SimpleTest
+	{
+		static BigInteger  mod = new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16);
+		static BigInteger  pubExp = new BigInteger("11", 16);
+		static BigInteger  privExp = new BigInteger("92e08f83cc9920746989ca5034dcb384a094fb9c5a6288fcc4304424ab8f56388f72652d8fafc65a4b9020896f2cde297080f2a540e7b7ce5af0b3446e1258d1dd7f245cf54124b4c6e17da21b90a0ebd22605e6f45c9f136d7a13eaac1c0f7487de8bd6d924972408ebb58af71e76fd7b012a8d0e165f3ae2e5077a8648e619", 16);
+		static BigInteger  p = new BigInteger("f75e80839b9b9379f1cf1128f321639757dba514642c206bbbd99f9a4846208b3e93fbbe5e0527cc59b1d4b929d9555853004c7c8b30ee6a213c3d1bb7415d03", 16);
+		static BigInteger  q = new BigInteger("b892d9ebdbfc37e397256dd8a5d3123534d1f03726284743ddc6be3a709edb696fc40c7d902ed804c6eee730eee3d5b20bf6bd8d87a296813c87d3b3cc9d7947", 16);
+		static BigInteger  pExp = new BigInteger("1d1a2d3ca8e52068b3094d501c9a842fec37f54db16e9a67070a8b3f53cc03d4257ad252a1a640eadd603724d7bf3737914b544ae332eedf4f34436cac25ceb5", 16);
+		static BigInteger  qExp = new BigInteger("6c929e4e81672fef49d9c825163fec97c4b7ba7acb26c0824638ac22605d7201c94625770984f78a56e6e25904fe7db407099cad9b14588841b94f5ab498dded", 16);
+		static BigInteger  crtCoef = new BigInteger("dae7651ee69ad1d081ec5e7188ae126f6004ff39556bde90e0b870962fa7b926d070686d8244fe5a9aa709a95686a104614834b0ada4b10f53197a5cb4c97339", 16);
+
+		static string input = "4e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e";
+
+		//
+		// to check that we handling byte extension by big number correctly.
+		//
+		static string edgeInput = "ff6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e";
+
+		static byte[] oversizedSig = Hex.Decode("01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e");
+		static byte[] dudBlock = Hex.Decode("000fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e");
+		static byte[] truncatedDataBlock = Hex.Decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e");
+		static byte[] incorrectPadding = Hex.Decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff4e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e");
+		static byte[] missingDataBlock = Hex.Decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff");
+
+		public override string Name
+		{
+			get { return "RSA"; }
+		}
+
+		private void doTestStrictPkcs1Length(RsaKeyParameters pubParameters, RsaKeyParameters privParameters)
+		{
+			IAsymmetricBlockCipher   eng = new RsaEngine();
+
+			eng.Init(true, privParameters);
+
+			byte[] data = null;
+
+			try
+			{
+				data = eng.ProcessBlock(oversizedSig, 0, oversizedSig.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("RSA: failed - exception " + e.ToString(), e);
+			}
+
+			eng = new Pkcs1Encoding(eng);
+
+			eng.Init(false, pubParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+
+				Fail("oversized signature block not recognised");
+			}
+			catch (InvalidCipherTextException e)
+			{
+				if (!e.Message.Equals("block incorrect size"))
+				{
+					Fail("RSA: failed - exception " + e.ToString(), e);
+				}
+			}
+
+
+			// Create the encoding with StrictLengthEnabled=false (done thru environment in Java version)
+			Pkcs1Encoding.StrictLengthEnabled = false;
+
+			eng = new Pkcs1Encoding(new RsaEngine());
+
+			eng.Init(false, pubParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (InvalidCipherTextException e)
+			{
+				Fail("RSA: failed - exception " + e.ToString(), e);
+			}
+
+			Pkcs1Encoding.StrictLengthEnabled = true;
+		}
+
+		private void doTestTruncatedPkcs1Block(RsaKeyParameters pubParameters, RsaKeyParameters privParameters)
+		{
+			checkForPkcs1Exception(pubParameters, privParameters, truncatedDataBlock, "block truncated");
+		}
+
+		private void doTestDudPkcs1Block(RsaKeyParameters pubParameters, RsaKeyParameters privParameters)
+		{
+			checkForPkcs1Exception(pubParameters, privParameters, dudBlock, "unknown block type");
+		}
+
+		private void doTestWrongPaddingPkcs1Block(RsaKeyParameters pubParameters, RsaKeyParameters privParameters)
+		{
+			checkForPkcs1Exception(pubParameters, privParameters, incorrectPadding, "block padding incorrect");
+		}
+
+		private void doTestMissingDataPkcs1Block(RsaKeyParameters pubParameters, RsaKeyParameters privParameters)
+		{
+			checkForPkcs1Exception(pubParameters, privParameters, missingDataBlock, "no data in block");
+		}
+
+		private void checkForPkcs1Exception(RsaKeyParameters pubParameters, RsaKeyParameters privParameters, byte[] inputData, string expectedMessage)
+		{
+			IAsymmetricBlockCipher   eng = new RsaEngine();
+
+			eng.Init(true, privParameters);
+
+			byte[] data = null;
+
+			try
+			{
+				data = eng.ProcessBlock(inputData, 0, inputData.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("RSA: failed - exception " + e.ToString(), e);
+			}
+
+			eng = new Pkcs1Encoding(eng);
+
+			eng.Init(false, pubParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+
+				Fail("missing data block not recognised");
+			}
+			catch (InvalidCipherTextException e)
+			{
+				if (!e.Message.Equals(expectedMessage))
+				{
+					Fail("RSA: failed - exception " + e.ToString(), e);
+				}
+			}
+		}
+
+		private void doTestOaep(RsaKeyParameters pubParameters, RsaKeyParameters privParameters)
+		{
+			//
+			// OAEP - public encrypt, private decrypt
+			//
+			IAsymmetricBlockCipher eng = new OaepEncoding(new RsaEngine());
+			byte[] data = Hex.Decode(input);
+
+			eng.Init(true, pubParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			eng.Init(false, privParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			if (!input.Equals(Hex.ToHexString(data)))
+			{
+				Fail("failed OAEP Test");
+			}
+		}
+
+		// TODO Move this when other JCE tests are ported from Java
+		/**
+		 * signature with a "forged signature" (sig block not at end of plain text)
+		 */
+		private void doTestBadSig()//PrivateKey priv, PublicKey pub)
+		{
+//			Signature           sig = Signature.getInstance("SHA1WithRSAEncryption", "BC");
+			ISigner sig = SignerUtilities.GetSigner("SHA1WithRSAEncryption");
+//			KeyPairGenerator    fact;
+//			KeyPair             keyPair;
+//			byte[]              data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
+
+//			fact = KeyPairGenerator.getInstance("RSA", "BC");
+			RsaKeyPairGenerator fact = new RsaKeyPairGenerator();
+
+//			fact.initialize(768, new SecureRandom());
+			RsaKeyGenerationParameters factParams = new RsaKeyGenerationParameters(
+//				BigInteger.ValueOf(0x11), new SecureRandom(), 768, 25);
+				BigInteger.ValueOf(3), new SecureRandom(), 768, 25);
+			fact.Init(factParams);
+
+//			keyPair = fact.generateKeyPair();
+//
+//			PrivateKey  signingKey = keyPair.getPrivate();
+//			PublicKey   verifyKey = keyPair.getPublic();
+			AsymmetricCipherKeyPair keyPair = fact.GenerateKeyPair();
+
+			AsymmetricKeyParameter priv = keyPair.Private;
+			AsymmetricKeyParameter pub = keyPair.Public;
+
+//			testBadSig(signingKey, verifyKey);
+
+
+
+
+
+//			MessageDigest sha1 = MessageDigest.getInstance("SHA1", "BC");
+			IDigest sha1 = DigestUtilities.GetDigest("SHA1");
+
+//			Cipher signer = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
+//			IBufferedCipher signer = CipherUtilities.GetCipher("RSA/ECB/PKCS1Padding");
+			IAsymmetricBlockCipher signer = new Pkcs1Encoding(new RsaEngine());
+
+//			signer.init(Cipher.ENCRYPT_MODE, priv);
+			signer.Init(true, priv);
+
+//			byte[] block = new byte[signer.getBlockSize()];
+//			byte[] block = new byte[signer.GetBlockSize()];
+			byte[] block = new byte[signer.GetInputBlockSize()];
+
+//			sha1.update((byte)0);
+			sha1.Update(0);
+
+//			byte[] sigHeader = Hex.decode("3021300906052b0e03021a05000414");
+			byte[] sigHeader = Hex.Decode("3021300906052b0e03021a05000414");
+//			System.arraycopy(sigHeader, 0, block, 0, sigHeader.length);
+			Array.Copy(sigHeader, 0, block, 0, sigHeader.Length);
+
+//			sha1.digest(block, sigHeader.length, sha1.getDigestLength());
+			sha1.DoFinal(block, sigHeader.Length);
+
+//			System.arraycopy(sigHeader, 0, block,
+//				sigHeader.length + sha1.getDigestLength(), sigHeader.length);
+			Array.Copy(sigHeader, 0, block,
+				sigHeader.Length + sha1.GetDigestSize(), sigHeader.Length);
+
+//			byte[] sigBytes = signer.doFinal(block);
+			byte[] sigBytes = signer.ProcessBlock(block, 0, block.Length);
+
+//			Signature verifier = Signature.getInstance("SHA1WithRSA", "BC");
+			ISigner verifier = SignerUtilities.GetSigner("SHA1WithRSA");
+
+//			verifier.initVerify(pub);
+			verifier.Init(false, pub);
+
+//			verifier.update((byte)0);
+			verifier.Update(0);
+
+//			if (verifier.verify(sig))
+			if (verifier.VerifySignature(sigBytes))
+			{
+//				fail("bad signature passed");
+				Fail("bad signature passed");
+			}
+		}
+
+		private void testZeroBlock(ICipherParameters encParameters, ICipherParameters decParameters)
+		{
+			IAsymmetricBlockCipher eng = new Pkcs1Encoding(new RsaEngine());
+		
+			eng.Init(true, encParameters);
+
+			if (eng.GetOutputBlockSize() != ((Pkcs1Encoding)eng).GetUnderlyingCipher().GetOutputBlockSize())
+			{
+				Fail("PKCS1 output block size incorrect");
+			}
+
+			byte[] zero = new byte[0];
+			byte[] data = null;
+
+			try
+			{
+				data = eng.ProcessBlock(zero, 0, zero.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			eng.Init(false, decParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString(), e);
+			}
+
+			if (!Arrays.AreEqual(zero, data))
+			{
+				Fail("failed PKCS1 zero Test");
+			}
+		}
+
+		public override void PerformTest()
+		{
+			RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod, pubExp);
+			RsaKeyParameters privParameters = new RsaPrivateCrtKeyParameters(mod, pubExp, privExp, p, q, pExp, qExp, crtCoef);
+			byte[] data = Hex.Decode(edgeInput);
+
+			//
+			// RAW
+			//
+			IAsymmetricBlockCipher   eng = new RsaEngine();
+
+			eng.Init(true, pubParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("RSA: failed - exception " + e.ToString());
+			}
+
+			eng.Init(false, privParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString());
+			}
+
+			if (!edgeInput.Equals(Hex.ToHexString(data)))
+			{
+				Fail("failed RAW edge Test");
+			}
+
+			data = Hex.Decode(input);
+
+			eng.Init(true, pubParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString());
+			}
+
+			eng.Init(false, privParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString());
+			}
+
+			if (!input.Equals(Hex.ToHexString(data)))
+			{
+				Fail("failed RAW Test");
+			}
+
+			//
+			// PKCS1 - public encrypt, private decrypt
+			//
+			eng = new Pkcs1Encoding(eng);
+
+			eng.Init(true, pubParameters);
+
+			if (eng.GetOutputBlockSize() != ((Pkcs1Encoding)eng).GetUnderlyingCipher().GetOutputBlockSize())
+			{
+				Fail("PKCS1 output block size incorrect");
+			}
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString());
+			}
+
+			eng.Init(false, privParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString());
+			}
+
+			if (!input.Equals(Hex.ToHexString(data)))
+			{
+				Fail("failed PKCS1 public/private Test");
+			}
+
+			//
+			// PKCS1 - private encrypt, public decrypt
+			//
+			eng = new Pkcs1Encoding(((Pkcs1Encoding)eng).GetUnderlyingCipher());
+
+			eng.Init(true, privParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString());
+			}
+
+			eng.Init(false, pubParameters);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString());
+			}
+
+			if (!input.Equals(Hex.ToHexString(data)))
+			{
+				Fail("failed PKCS1 private/public Test");
+			}
+
+			testZeroBlock(pubParameters, privParameters);
+			testZeroBlock(privParameters, pubParameters);
+
+			//
+			// key generation test
+			//
+			RsaKeyPairGenerator  pGen = new RsaKeyPairGenerator();
+			RsaKeyGenerationParameters  genParam = new RsaKeyGenerationParameters(
+				BigInteger.ValueOf(0x11), new SecureRandom(), 768, 25);
+
+			pGen.Init(genParam);
+
+			AsymmetricCipherKeyPair  pair = pGen.GenerateKeyPair();
+
+			eng = new RsaEngine();
+
+			if (((RsaKeyParameters)pair.Public).Modulus.BitLength < 768)
+			{
+				Fail("failed key generation (768) length test");
+			}
+
+			eng.Init(true, pair.Public);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString());
+			}
+
+			eng.Init(false, pair.Private);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString());
+			}
+
+			if (!input.Equals(Hex.ToHexString(data)))
+			{
+				Fail("failed key generation (768) Test");
+			}
+
+			genParam = new RsaKeyGenerationParameters(BigInteger.ValueOf(0x11), new SecureRandom(), 1024, 25);
+
+			pGen.Init(genParam);
+			pair = pGen.GenerateKeyPair();
+
+			eng.Init(true, pair.Public);
+
+			if (((RsaKeyParameters)pair.Public).Modulus.BitLength < 1024)
+			{
+				Fail("failed key generation (1024) length test");
+			}
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString());
+			}
+
+			eng.Init(false, pair.Private);
+
+			try
+			{
+				data = eng.ProcessBlock(data, 0, data.Length);
+			}
+			catch (Exception e)
+			{
+				Fail("failed - exception " + e.ToString());
+			}
+
+			if (!input.Equals(Hex.ToHexString(data)))
+			{
+				Fail("failed key generation (1024) test");
+			}
+
+			genParam = new RsaKeyGenerationParameters(
+				BigInteger.ValueOf(0x11), new SecureRandom(), 16, 25);
+			pGen.Init(genParam);
+
+			for (int i = 0; i < 100; ++i)
+			{
+				pair = pGen.GenerateKeyPair();
+				RsaPrivateCrtKeyParameters privKey = (RsaPrivateCrtKeyParameters) pair.Private;
+				BigInteger pqDiff = privKey.P.Subtract(privKey.Q).Abs();
+
+				if (pqDiff.BitLength < 5)
+				{
+					Fail("P and Q too close in RSA key pair");
+				}
+			}
+
+			doTestBadSig();
+			doTestOaep(pubParameters, privParameters);
+			doTestStrictPkcs1Length(pubParameters, privParameters);
+			doTestDudPkcs1Block(pubParameters, privParameters);
+			doTestMissingDataPkcs1Block(pubParameters, privParameters);
+			doTestTruncatedPkcs1Block(pubParameters, privParameters);
+			doTestWrongPaddingPkcs1Block(pubParameters, privParameters);
+
+			try
+			{
+				new RsaEngine().ProcessBlock(new byte[]{ 1 }, 0, 1);
+				Fail("failed initialisation check");
+			}
+			catch (InvalidOperationException)
+			{
+				// expected
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new RsaTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/SCryptTest.cs b/crypto/test/src/crypto/test/SCryptTest.cs
new file mode 100644
index 000000000..c055ab718
--- /dev/null
+++ b/crypto/test/src/crypto/test/SCryptTest.cs
@@ -0,0 +1,103 @@
+using System;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/// <summary>
+	/// scrypt test vectors from "Stronger Key Derivation Via Sequential Memory-hard Functions" Appendix B.
+	/// (http://www.tarsnap.com/scrypt/scrypt.pdf)
+	/// </summary>
+	[TestFixture]
+	public class SCryptTest
+		: SimpleTest
+	{
+		public override string Name
+		{
+			get { return "SCrypt"; }
+		}
+
+		public override void PerformTest()
+		{
+			using (StreamReader sr = new StreamReader(SimpleTest.GetTestDataAsStream("scrypt.TestVectors.txt")))
+			{
+				int count = 0;
+				string line = sr.ReadLine();
+
+				while (line != null)
+				{
+					++count;
+					string header = line;
+					StringBuilder data = new StringBuilder();
+
+					while (!IsEndData(line = sr.ReadLine()))
+					{
+						data.Append(line.Replace(" ", ""));
+					}
+
+					int start = header.IndexOf('(') + 1;
+					int limit = header.LastIndexOf(')');
+					string argStr = header.Substring(start, limit - start);
+					string[] args = argStr.Split(',');
+
+					byte[] P = ExtractQuotedString(args[0]);
+					byte[] S = ExtractQuotedString(args[1]);
+					int N = ExtractInteger(args[2]);
+					int r = ExtractInteger(args[3]);
+					int p = ExtractInteger(args[4]);
+					int dkLen = ExtractInteger(args[5]);
+					byte[] expected = Hex.Decode(data.ToString());
+
+					// This skips very expensive test case(s), remove check to re-enable
+					if (N <= 16384)
+					{
+						byte[] result = SCrypt.Generate(P, S, N, r, p, dkLen);
+
+						if (!AreEqual(expected, result))
+						{
+							Fail("Result does not match expected value in test case " + count);
+						}
+					}
+				}
+			}
+		}
+
+		private static bool IsEndData(string line)
+		{
+			return line == null || line.StartsWith("scrypt");
+		}
+
+		private static byte[] ExtractQuotedString(string arg)
+		{
+			arg = arg.Trim();
+			arg = arg.Substring(1, arg.Length - 2);
+			return Encoding.ASCII.GetBytes(arg);
+		}
+
+		private static int ExtractInteger(string arg)
+		{
+			return int.Parse(arg.Trim());
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new SCryptTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/SEEDTest.cs b/crypto/test/src/crypto/test/SEEDTest.cs
new file mode 100644
index 000000000..2fcb242cc
--- /dev/null
+++ b/crypto/test/src/crypto/test/SEEDTest.cs
@@ -0,0 +1,65 @@
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* SEED tester - vectors http://www.ietf.org/rfc/rfc4009.txt
+	*/
+	[TestFixture]
+	public class SeedTest
+		: CipherTest
+	{
+		static SimpleTest[]  tests =
+		{
+			new BlockCipherVectorTest(0, new SeedEngine(),
+				new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+				"000102030405060708090a0b0c0d0e0f",
+				"5EBAC6E0054E166819AFF1CC6D346CDB"),
+			new BlockCipherVectorTest(0, new SeedEngine(),
+				new KeyParameter(Hex.Decode("000102030405060708090a0b0c0d0e0f")),
+				"00000000000000000000000000000000",
+				"c11f22f20140505084483597e4370f43"),
+			new BlockCipherVectorTest(0, new SeedEngine(),
+				new KeyParameter(Hex.Decode("4706480851E61BE85D74BFB3FD956185")),
+				"83A2F8A288641FB9A4E9A5CC2F131C7D",
+				"EE54D13EBCAE706D226BC3142CD40D4A"),
+			new BlockCipherVectorTest(0, new SeedEngine(),
+				new KeyParameter(Hex.Decode("28DBC3BC49FFD87DCFA509B11D422BE7")),
+				"B41E6BE2EBA84A148E2EED84593C5EC7",
+				"9B9B7BFCD1813CB95D0B3618F40F5122"),
+			new BlockCipherVectorTest(0, new SeedEngine(),
+				new KeyParameter(Hex.Decode("0E0E0E0E0E0E0E0E0E0E0E0E0E0E0E0E")),
+				"0E0E0E0E0E0E0E0E0E0E0E0E0E0E0E0E",
+				"8296F2F1B007AB9D533FDEE35A9AD850"),
+		};
+
+		public SeedTest()
+			: base(tests, new SeedEngine(), new KeyParameter(new byte[16]))
+		{
+		}
+
+		public override string Name
+		{
+			get { return "SEED"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new SeedTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/SHA1DigestTest.cs b/crypto/test/src/crypto/test/SHA1DigestTest.cs
new file mode 100644
index 000000000..22a5c8f46
--- /dev/null
+++ b/crypto/test/src/crypto/test/SHA1DigestTest.cs
@@ -0,0 +1,151 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/// <remarks>Standard vector test for SHA-1 from "Handbook of Applied Cryptography", page 345.</remarks>
+	[TestFixture]
+	public class Sha1DigestTest
+		: SimpleTest
+	{
+		//static private string testVec1 = "";
+		static private string resVec1 = "da39a3ee5e6b4b0d3255bfef95601890afd80709";
+
+		static private string testVec2 = "61";
+		static private string resVec2 = "86f7e437faa5a7fce15d1ddcb9eaeaea377667b8";
+
+		static private string testVec3 = "616263";
+		static private string resVec3 = "a9993e364706816aba3e25717850c26c9cd0d89d";
+
+		static private string testVec4 = "6162636465666768696a6b6c6d6e6f707172737475767778797a";
+		static private string resVec4 = "32d10c7b8cf96570ca04ce37f2a19d84240d3a89";
+
+		public override string Name
+		{
+			get { return "SHA1"; }
+		}
+
+		public override void PerformTest()
+		{
+			IDigest digest = new Sha1Digest();
+			byte[] resBuf = new byte[digest.GetDigestSize()];
+			string resStr;
+
+			//
+			// test 1
+			//
+			digest.DoFinal(resBuf, 0);
+
+			resStr = Hex.ToHexString(resBuf);
+			if (!resVec1.Equals(resStr))
+			{
+				Fail("failing standard vector test 1" + SimpleTest.NewLine
+					+ "    expected: " + resVec1 + SimpleTest.NewLine
+					+ "    got     : " + resStr);
+			}
+
+			//
+			// test 2
+			//
+			byte[] bytes = Hex.Decode(testVec2);
+
+			digest.BlockUpdate(bytes, 0, bytes.Length);
+
+			digest.DoFinal(resBuf, 0);
+
+			resStr = Hex.ToHexString(resBuf);
+			if (!resVec2.Equals(resStr))
+			{
+				Fail("failing standard vector test 2" + SimpleTest.NewLine
+					+ "    expected: " + resVec2 + SimpleTest.NewLine
+					+ "    got     : " + resStr);
+			}
+
+			//
+			// test 3
+			//
+			bytes = Hex.Decode(testVec3);
+
+			digest.BlockUpdate(bytes, 0, bytes.Length);
+
+			digest.DoFinal(resBuf, 0);
+
+			resStr = Hex.ToHexString(resBuf);
+			if (!resVec3.Equals(resStr))
+			{
+				Fail("failing standard vector test 3" + SimpleTest.NewLine
+					+ "    expected: " + resVec3 + SimpleTest.NewLine
+					+ "    got     : " + resStr);
+			}
+
+			//
+			// test 4
+			//
+			bytes = Hex.Decode(testVec4);
+
+			digest.BlockUpdate(bytes, 0, bytes.Length);
+
+			digest.DoFinal(resBuf, 0);
+
+			resStr = Hex.ToHexString(resBuf);
+			if (!resVec4.Equals(resStr))
+			{
+				Fail("failing standard vector test 4" + SimpleTest.NewLine
+					+ "    expected: " + resVec4 + SimpleTest.NewLine
+					+ "    got     : " + resStr);
+			}
+
+			//
+			// test 5
+			//
+			bytes = Hex.Decode(testVec4);
+
+			digest.BlockUpdate(bytes, 0, bytes.Length / 2);
+
+			// clone the IDigest
+			IDigest d = new Sha1Digest((Sha1Digest)digest);
+
+			digest.BlockUpdate(bytes, bytes.Length / 2, bytes.Length - bytes.Length / 2);
+			digest.DoFinal(resBuf, 0);
+
+			resStr = Hex.ToHexString(resBuf);
+			if (!resVec4.Equals(resStr))
+			{
+				Fail("failing standard vector test 5" + SimpleTest.NewLine
+					+ "    expected: " + resVec4 + SimpleTest.NewLine
+					+ "    got     : " + resStr);
+			}
+
+			d.BlockUpdate(bytes, bytes.Length / 2, bytes.Length - bytes.Length / 2);
+			d.DoFinal(resBuf, 0);
+
+			resStr = Hex.ToHexString(resBuf);
+			if (!resVec4.Equals(resStr))
+			{
+				Fail("failing standard vector test 5" + SimpleTest.NewLine
+					+ "    expected: " + resVec4 + SimpleTest.NewLine
+					+ "    got     : " + resStr);
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new Sha1DigestTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/SHA1HMacTest.cs b/crypto/test/src/crypto/test/SHA1HMacTest.cs
new file mode 100644
index 000000000..865f5b58b
--- /dev/null
+++ b/crypto/test/src/crypto/test/SHA1HMacTest.cs
@@ -0,0 +1,93 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <summary> SHA1 HMac Test, test vectors from RFC 2202</summary>
+    [TestFixture]
+    public class Sha1HMacTest
+		: ITest
+    {
+        public string Name
+        {
+			get { return "SHA1HMac"; }
+        }
+
+		public static readonly string[] keys = new string[]{"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b", "4a656665", "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "0102030405060708090a0b0c0d0e0f10111213141516171819", "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c", "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"};
+        public static readonly string[] digests = new string[]{"b617318655057264e28bc0b6fb378c8ef146be00", "effcdf6ae5eb2fa2d27416d5f184df9c259a7c79", "125d7342b9ac11cd91a39af48aa17b4f63f175d3", "4c9007f4026250c6bc8414f9bf50c86c2d7235da", "4c1a03424b55e07fe7f27be1d58bb9324a9a5a04", "aa4ae5e15272d00e95705637ce8a3b55ed402112", "e8e99d0f45237d786d6bbaa7965c7808bbff1a91", "4c1a03424b55e07fe7f27be1d58bb9324a9a5a04", "aa4ae5e15272d00e95705637ce8a3b55ed402112", "e8e99d0f45237d786d6bbaa7965c7808bbff1a91"};
+        public static readonly string[] messages = new string[]{"Hi There", "what do ya want for nothing?", "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd", "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd", "Test With Truncation", "Test Using Larger Than Block-Size Key - Hash Key First", "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data"};
+
+		public virtual ITestResult Perform()
+        {
+            HMac hmac = new HMac(new Sha1Digest());
+            byte[] resBuf = new byte[hmac.GetMacSize()];
+
+            for (int i = 0; i < messages.Length; i++)
+            {
+                byte[] m = Encoding.ASCII.GetBytes(messages[i]);
+                if (messages[i].StartsWith("0x"))
+                {
+                    m = Hex.Decode(messages[i].Substring(2));
+                }
+                hmac.Init(new KeyParameter(Hex.Decode(keys[i])));
+                hmac.BlockUpdate(m, 0, m.Length);
+                hmac.DoFinal(resBuf, 0);
+
+                if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i])))
+                {
+                    return new SimpleTestResult(false, Name + ": Vector " + i + " failed");
+                }
+            }
+
+            //
+            // test reset
+            //
+            int vector = 0; // vector used for test
+            byte[] m2 = Encoding.ASCII.GetBytes(messages[vector]);
+            if (messages[vector].StartsWith("0x"))
+            {
+                m2 = Hex.Decode(messages[vector].Substring(2));
+            }
+            hmac.Init(new KeyParameter(Hex.Decode(keys[vector])));
+            hmac.BlockUpdate(m2, 0, m2.Length);
+            hmac.DoFinal(resBuf, 0);
+            hmac.Reset();
+            hmac.BlockUpdate(m2, 0, m2.Length);
+            hmac.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[vector])))
+            {
+                return new SimpleTestResult(false, Name + "Reset with vector " + vector + " failed");
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            ITest test = new Sha1HMacTest();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/SHA224DigestTest.cs b/crypto/test/src/crypto/test/SHA224DigestTest.cs
new file mode 100644
index 000000000..37035c30f
--- /dev/null
+++ b/crypto/test/src/crypto/test/SHA224DigestTest.cs
@@ -0,0 +1,200 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /**
+     * standard vector test for SHA-224 from RFC 3874 - only the last three are in
+     * the RFC.
+     */
+    [TestFixture]
+    public class Sha224DigestTest
+        : ITest
+    {
+        private const string testVec1 = "";
+        private const string resVec1 = "d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f";
+
+		private const string testVec2 = "61";
+        private const string resVec2 = "abd37534c7d9a2efb9465de931cd7055ffdb8879563ae98078d6d6d5";
+
+		private const string testVec3 = "616263";
+        private const string resVec3 = "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7";
+
+		private const string testVec4 = "6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071";
+        private const string resVec4 = "75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525";
+
+		// 1 million 'a'
+        private const string testVec5 = "61616161616161616161";
+        private const string resVec5 = "20794655980c91d8bbb4c1ea97618a4bf03f42581948b2ee4ee7ad67";
+
+		public string Name
+        {
+			get { return "SHA224"; }
+        }
+
+		public ITestResult Perform()
+        {
+            IDigest digest = new Sha224Digest();
+            byte[] resBuf = new byte[digest.GetDigestSize()];
+            string resStr;
+
+			//
+            // test 1
+            //
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec1.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-224 failing standard vector test 1"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec1
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 2
+            //
+            byte[]  bytes = Hex.Decode(testVec2);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec2.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-224 failing standard vector test 2"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec2
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 3
+            //
+            bytes = Hex.Decode(testVec3);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec3.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-224 failing standard vector test 3"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec3
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 4
+            //
+            bytes = Hex.Decode(testVec4);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-224 failing standard vector test 4"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec4
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 5
+            //
+            bytes = Hex.Decode(testVec4);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length/2);
+
+            // clone the IDigest
+            IDigest d = new Sha224Digest((Sha224Digest)digest);
+
+            digest.BlockUpdate(bytes, bytes.Length/2, bytes.Length - bytes.Length/2);
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-224 failing standard vector test 5"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec4
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            d.BlockUpdate(bytes, bytes.Length/2, bytes.Length - bytes.Length/2);
+            d.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-224 failing standard vector test 5"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec4
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            // test 6
+            bytes = Hex.Decode(testVec5);
+            for ( int i = 0; i < 100000; i++ )
+            {
+                digest.BlockUpdate(bytes, 0, bytes.Length);
+            }
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec5.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-224 failing standard vector test 6"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec5
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+			return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            ITest test = new Sha224DigestTest();
+            ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/SHA224HMacTest.cs b/crypto/test/src/crypto/test/SHA224HMacTest.cs
new file mode 100644
index 000000000..06c6ea1cb
--- /dev/null
+++ b/crypto/test/src/crypto/test/SHA224HMacTest.cs
@@ -0,0 +1,122 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <summary> SHA224 HMac Test, test vectors from RFC</summary>
+    [TestFixture]
+    public class Sha224HMacTest
+		: ITest
+    {
+        public string Name
+        {
+			get { return "SHA224HMac"; }
+        }
+
+		public static readonly string[] keys =
+		{
+            "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
+            "4a656665",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+            "0102030405060708090a0b0c0d0e0f10111213141516171819",
+            "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+        };
+
+		public static readonly string[] digests =
+		{
+            "896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22",
+            "a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44",
+            "7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea",
+            "6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a",
+            "0e2aea68a90c8d37c988bcdb9fca6fa8099cd857c7ec4a1815cac54c",
+            "95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e",
+            "3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1"
+        };
+
+		public static readonly string[] messages =
+		{
+            "Hi There",
+            "what do ya want for nothing?",
+            "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd",
+            "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
+            "Test With Truncation",
+            "Test Using Larger Than Block-Size Key - Hash Key First",
+            "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm."
+        };
+
+		public virtual ITestResult Perform()
+        {
+            HMac hmac = new HMac(new Sha224Digest());
+            byte[] resBuf = new byte[hmac.GetMacSize()];
+
+            for (int i = 0; i < messages.Length; i++)
+            {
+                byte[] m = Encoding.ASCII.GetBytes(messages[i]);
+                if (messages[i].StartsWith("0x"))
+                {
+                    m = Hex.Decode(messages[i].Substring(2));
+                }
+                hmac.Init(new KeyParameter(Hex.Decode(keys[i])));
+                hmac.BlockUpdate(m, 0, m.Length);
+                hmac.DoFinal(resBuf, 0);
+
+                if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i])))
+                {
+                    return new SimpleTestResult(false, Name + ": Vector " + i + " failed");
+                }
+            }
+
+            //
+            // test reset
+            //
+            int vector = 0; // vector used for test
+            byte[] m2 = Encoding.ASCII.GetBytes(messages[vector]);
+            if (messages[vector].StartsWith("0x"))
+            {
+                m2 = Hex.Decode(messages[vector].Substring(2));
+            }
+            hmac.Init(new KeyParameter(Hex.Decode(keys[vector])));
+            hmac.BlockUpdate(m2, 0, m2.Length);
+            hmac.DoFinal(resBuf, 0);
+            hmac.Reset();
+            hmac.BlockUpdate(m2, 0, m2.Length);
+            hmac.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[vector])))
+            {
+                return new SimpleTestResult(false, Name + "Reset with vector " + vector + " failed");
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            ITest test = new Sha224HMacTest();
+            ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/SHA256DigestTest.cs b/crypto/test/src/crypto/test/SHA256DigestTest.cs
new file mode 100644
index 000000000..67f0c2397
--- /dev/null
+++ b/crypto/test/src/crypto/test/SHA256DigestTest.cs
@@ -0,0 +1,205 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /**
+     * standard vector test for SHA-256 from FIPS Draft 180-2.
+     *
+     * Note, the first two vectors are _not_ from the draft, the last three are.
+     */
+    [TestFixture]
+    public class Sha256DigestTest
+		: ITest
+    {
+//        static private string  testVec1 = "";
+        static private string resVec1 = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
+
+        static private string testVec2 = "61";
+        static private string resVec2 = "ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb";
+
+        static private string testVec3 = "616263";
+        static private string resVec3 = "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad";
+
+        static private string testVec4 = "6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071";
+        static private string resVec4 = "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1";
+
+        // 1 million 'a'
+        static private string testVec5 = "61616161616161616161";
+        static private string resVec5 = "cdc76e5c9914fb9281a1c7e284d73e67f1809a48a497200e046d39ccc7112cd0";
+
+		public string Name
+        {
+			get { return "SHA256"; }
+        }
+
+		public ITestResult Perform()
+        {
+            IDigest digest = new Sha256Digest();
+            byte[] resBuf = new byte[digest.GetDigestSize()];
+            string resStr;
+
+			//
+            // test 1
+            //
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec1.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-256 failing standard vector test 1"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec1
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 2
+            //
+            byte[]  bytes = Hex.Decode(testVec2);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec2.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-256 failing standard vector test 2"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec2
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 3
+            //
+            bytes = Hex.Decode(testVec3);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec3.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-256 failing standard vector test 3"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec3
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 4
+            //
+            bytes = Hex.Decode(testVec4);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-256 failing standard vector test 4"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec4
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 5
+            //
+            bytes = Hex.Decode(testVec4);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length/2);
+
+            // clone the IDigest
+            IDigest d = new Sha256Digest((Sha256Digest)digest);
+
+            digest.BlockUpdate(bytes, bytes.Length/2, bytes.Length - bytes.Length/2);
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-256 failing standard vector test 5"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec4
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            d.BlockUpdate(bytes, bytes.Length/2, bytes.Length - bytes.Length/2);
+            d.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-256 failing standard vector test 5"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec4
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            // test 6
+            bytes = Hex.Decode(testVec5);
+            for ( int i = 0; i < 100000; i++ )
+            {
+                digest.BlockUpdate(bytes, 0, bytes.Length);
+            }
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec5.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-256 failing standard vector test 6"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec5
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+		public static void Main(
+			string[] args)
+        {
+            ITest test = new Sha256DigestTest();
+            ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+
+}
diff --git a/crypto/test/src/crypto/test/SHA256HMacTest.cs b/crypto/test/src/crypto/test/SHA256HMacTest.cs
new file mode 100644
index 000000000..a9016af21
--- /dev/null
+++ b/crypto/test/src/crypto/test/SHA256HMacTest.cs
@@ -0,0 +1,122 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <summary> SHA256 HMac Test, test vectors from RFC</summary>
+    [TestFixture]
+    public class Sha256HMacTest
+		: ITest
+    {
+        public string Name
+        {
+			get { return "SHA256HMac"; }
+        }
+
+		public static readonly string[] keys =
+		{
+            "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
+            "4a656665",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+            "0102030405060708090a0b0c0d0e0f10111213141516171819",
+            "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+        };
+
+		public static readonly string[] digests =
+		{
+            "b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7",
+            "5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843",
+            "773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe",
+            "82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b",
+            "a3b6167473100ee06e0c796c2955552bfa6f7c0a6a8aef8b93f860aab0cd20c5",
+            "60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54",
+            "9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2"
+        };
+
+		public static readonly string[] messages =
+		{
+            "Hi There",
+            "what do ya want for nothing?",
+            "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd",
+            "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
+            "Test With Truncation",
+            "Test Using Larger Than Block-Size Key - Hash Key First",
+            "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm."
+        };
+
+		public virtual ITestResult Perform()
+        {
+            HMac hmac = new HMac(new Sha256Digest());
+            byte[] resBuf = new byte[hmac.GetMacSize()];
+
+            for (int i = 0; i < messages.Length; i++)
+            {
+                byte[] m = Encoding.ASCII.GetBytes(messages[i]);
+                if (messages[i].StartsWith("0x"))
+                {
+                    m = Hex.Decode(messages[i].Substring(2));
+                }
+                hmac.Init(new KeyParameter(Hex.Decode(keys[i])));
+                hmac.BlockUpdate(m, 0, m.Length);
+                hmac.DoFinal(resBuf, 0);
+
+                if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i])))
+                {
+                    return new SimpleTestResult(false, Name + ": Vector " + i + " failed");
+                }
+            }
+
+            //
+            // test reset
+            //
+            int vector = 0; // vector used for test
+            byte[] m2 = Encoding.ASCII.GetBytes(messages[vector]);
+            if (messages[vector].StartsWith("0x"))
+            {
+                m2 = Hex.Decode(messages[vector].Substring(2));
+            }
+            hmac.Init(new KeyParameter(Hex.Decode(keys[vector])));
+            hmac.BlockUpdate(m2, 0, m2.Length);
+            hmac.DoFinal(resBuf, 0);
+            hmac.Reset();
+            hmac.BlockUpdate(m2, 0, m2.Length);
+            hmac.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[vector])))
+            {
+                return new SimpleTestResult(false, Name + "Reset with vector " + vector + " failed");
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            ITest test = new Sha256HMacTest();
+            ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/SHA384DigestTest.cs b/crypto/test/src/crypto/test/SHA384DigestTest.cs
new file mode 100644
index 000000000..70c26edcc
--- /dev/null
+++ b/crypto/test/src/crypto/test/SHA384DigestTest.cs
@@ -0,0 +1,203 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /**
+     * standard vector test for SHA-384 from FIPS Draft 180-2.
+     *
+     * Note, the first two vectors are _not_ from the draft, the last three are.
+     */
+    [TestFixture]
+    public class Sha384DigestTest
+		: ITest
+    {
+//        static private string testVec1 = "";
+        static private string resVec1 = "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b";
+
+        static private string testVec2 = "61";
+        static private string resVec2 = "54a59b9f22b0b80880d8427e548b7c23abd873486e1f035dce9cd697e85175033caa88e6d57bc35efae0b5afd3145f31";
+
+        static private string testVec3 = "616263";
+        static private string resVec3 = "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7";
+
+        static private string testVec4 = "61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475";
+        static private string resVec4 = "09330c33f71147e83d192fc782cd1b4753111b173b3b05d22fa08086e3b0f712fcc7c71a557e2db966c3e9fa91746039";
+
+        // 1 million 'a'
+        static private string testVec5 = "61616161616161616161";
+        static private string resVec5 = "9d0e1809716474cb086e834e310a4a1ced149e9c00f248527972cec5704c2a5b07b8b3dc38ecc4ebae97ddd87f3d8985";
+
+		public string Name
+        {
+			get { return "SHA384"; }
+        }
+
+		public ITestResult Perform()
+        {
+            IDigest digest = new Sha384Digest();
+            byte[] resBuf = new byte[digest.GetDigestSize()];
+            string resStr;
+
+			//
+            // test 1
+            //
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec1.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-384 failing standard vector test 1"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec1
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 2
+            //
+            byte[] bytes = Hex.Decode(testVec2);
+			digest.BlockUpdate(bytes, 0, bytes.Length);
+
+			digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec2.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-384 failing standard vector test 2"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec2
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+			//
+            // test 3
+            //
+            bytes = Hex.Decode(testVec3);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec3.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-384 failing standard vector test 3"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec3
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 4
+            //
+            bytes = Hex.Decode(testVec4);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-384 failing standard vector test 4"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec4
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            //
+            // test 5
+            //
+            bytes = Hex.Decode(testVec4);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length/2);
+
+            // clone the IDigest
+            IDigest d = new Sha384Digest((Sha384Digest)digest);
+
+            digest.BlockUpdate(bytes, bytes.Length/2, bytes.Length - bytes.Length/2);
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-384 failing standard vector test 5"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec4
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            d.BlockUpdate(bytes, bytes.Length/2, bytes.Length - bytes.Length/2);
+            d.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-384 failing standard vector test 5"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec4
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            // test 6
+            bytes = Hex.Decode(testVec5);
+            for ( int i = 0; i < 100000; i++ )
+            {
+                digest.BlockUpdate(bytes, 0, bytes.Length);
+            }
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec5.Equals(resStr))
+            {
+                return new SimpleTestResult(false,
+                    "SHA-384 failing standard vector test 6"
+                    + SimpleTest.NewLine
+                    + "    expected: " + resVec5
+                    + SimpleTest.NewLine
+                    + "    got     : " + resStr);
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            ITest test = new Sha384DigestTest();
+            ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/SHA384HMacTest.cs b/crypto/test/src/crypto/test/SHA384HMacTest.cs
new file mode 100644
index 000000000..0caba12c4
--- /dev/null
+++ b/crypto/test/src/crypto/test/SHA384HMacTest.cs
@@ -0,0 +1,122 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <summary> SHA384 HMac Test, test vectors from RFC</summary>
+    [TestFixture]
+    public class Sha384HMacTest
+		: ITest
+    {
+        public string Name
+        {
+			get { return "SHA384HMac"; }
+        }
+
+		public static readonly string[] keys =
+		{
+            "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
+            "4a656665",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+            "0102030405060708090a0b0c0d0e0f10111213141516171819",
+            "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+        };
+
+		public static readonly string[] digests =
+		{
+            "afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6",
+            "af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649",
+            "88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27",
+            "3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb",
+            "3abf34c3503b2a23a46efc619baef897f4c8e42c934ce55ccbae9740fcbc1af4ca62269e2a37cd88ba926341efe4aeea",
+            "4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952",
+            "6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e"
+        };
+
+		public static readonly string[] messages =
+		{
+            "Hi There",
+            "what do ya want for nothing?",
+            "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd",
+            "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
+            "Test With Truncation",
+            "Test Using Larger Than Block-Size Key - Hash Key First",
+            "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm."
+        };
+
+		public virtual ITestResult Perform()
+        {
+            HMac hmac = new HMac(new Sha384Digest());
+            byte[] resBuf = new byte[hmac.GetMacSize()];
+
+            for (int i = 0; i < messages.Length; i++)
+            {
+                byte[] m = Encoding.ASCII.GetBytes(messages[i]);
+                if (messages[i].StartsWith("0x"))
+                {
+                    m = Hex.Decode(messages[i].Substring(2));
+                }
+                hmac.Init(new KeyParameter(Hex.Decode(keys[i])));
+                hmac.BlockUpdate(m, 0, m.Length);
+                hmac.DoFinal(resBuf, 0);
+
+                if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i])))
+                {
+                    return new SimpleTestResult(false, Name + ": Vector " + i + " failed");
+                }
+            }
+
+            //
+            // test reset
+            //
+            int vector = 0; // vector used for test
+            byte[] m2 = Encoding.ASCII.GetBytes(messages[vector]);
+            if (messages[vector].StartsWith("0x"))
+            {
+                m2 = Hex.Decode(messages[vector].Substring(2));
+            }
+            hmac.Init(new KeyParameter(Hex.Decode(keys[vector])));
+            hmac.BlockUpdate(m2, 0, m2.Length);
+            hmac.DoFinal(resBuf, 0);
+            hmac.Reset();
+            hmac.BlockUpdate(m2, 0, m2.Length);
+            hmac.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[vector])))
+            {
+                return new SimpleTestResult(false, Name + "Reset with vector " + vector + " failed");
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            ITest test = new Sha384HMacTest();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/SHA3DigestTest.cs b/crypto/test/src/crypto/test/SHA3DigestTest.cs
new file mode 100644
index 000000000..2b8ae4a63
--- /dev/null
+++ b/crypto/test/src/crypto/test/SHA3DigestTest.cs
@@ -0,0 +1,374 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /**
+     * SHA3 Digest Test
+     */
+    [TestFixture]
+    public class Sha3DigestTest
+        : SimpleTest
+    {
+        readonly static string[] messages = {
+            "",
+            "54686520717569636b2062726f776e20666f78206a756d7073206f76657220746865206c617a7920646f67",
+            "54686520717569636b2062726f776e20666f78206a756d7073206f76657220746865206c617a7920646f672e"
+        };
+
+        readonly static string[] digests288 = { // the default settings
+            "6753e3380c09e385d0339eb6b050a68f66cfd60a73476e6fd6adeb72f5edd7c6f04a5d01",  // message[0]    
+            "0bbe6afae0d7e89054085c1cc47b1689772c89a41796891e197d1ca1b76f288154933ded",  // message[1]
+            "82558a209b960ddeb531e6dcb281885b2400ca160472462486e79f071e88a3330a8a303d",  // message[2]
+            "94049e1ad7ef5d5b0df2b880489e7ab09ec937c3bfc1b04470e503e1ac7b1133c18f86da",  // 64k a-test
+            "a9cb5a75b5b81b7528301e72553ed6770214fa963956e790528afe420de33c074e6f4220",  // random alphabet test
+            "eadaf5ba2ad6a2f6f338fce0e1efdad2a61bb38f6be6068b01093977acf99e97a5d5827c"   // extremely long data test
+        };
+
+        readonly static string[] digests224 = {
+            "f71837502ba8e10837bdd8d365adb85591895602fc552b48b7390abd",
+            "310aee6b30c47350576ac2873fa89fd190cdc488442f3ef654cf23fe",
+            "c59d4eaeac728671c635ff645014e2afa935bebffdb5fbd207ffdeab",
+            "f621e11c142fbf35fa8c22841c3a812ba1e0151be4f38d80b9f1ff53",
+            "68b5fc8c87193155bba68a2485377e809ee4f81a85ef023b9e64add0",
+            "c42e4aee858e1a8ad2976896b9d23dd187f64436ee15969afdbc68c5"
+        };
+
+        readonly static string[] digests256 = {
+            "c5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470",
+            "4d741b6f1eb29cb2a9b9911c82f56fa8d73b04959d3d9d222895df6c0b28aa15",
+            "578951e24efd62a3d63a86f7cd19aaa53c898fe287d2552133220370240b572d",
+            "0047a916daa1f92130d870b542e22d3108444f5a7e4429f05762fb647e6ed9ed",
+            "db368762253ede6d4f1db87e0b799b96e554eae005747a2ea687456ca8bcbd03",
+            "5f313c39963dcf792b5470d4ade9f3a356a3e4021748690a958372e2b06f82a4"
+        };
+
+        readonly static string[] digests384 = {
+            "2c23146a63a29acf99e73b88f8c24eaa7dc60aa771780ccc006afbfa8fe2479b2dd2b21362337441ac12b515911957ff",
+            "283990fa9d5fb731d786c5bbee94ea4db4910f18c62c03d173fc0a5e494422e8a0b3da7574dae7fa0baf005e504063b3",
+            "9ad8e17325408eddb6edee6147f13856ad819bb7532668b605a24a2d958f88bd5c169e56dc4b2f89ffd325f6006d820b",
+            "c704cfe7a1a53208ca9526cd24251e0acdc252ecd978eee05acd16425cfb404ea81f5a9e2e5e97784d63ee6a0618a398",
+            "d4fe8586fd8f858dd2e4dee0bafc19b4c12b4e2a856054abc4b14927354931675cdcaf942267f204ea706c19f7beefc4",
+            "9b7168b4494a80a86408e6b9dc4e5a1837c85dd8ff452ed410f2832959c08c8c0d040a892eb9a755776372d4a8732315"
+        };
+
+        readonly static string[] digests512 = {
+            "0eab42de4c3ceb9235fc91acffe746b29c29a8c366b7c60e4e67c466f36a4304c00fa9caf9d87976ba469bcbe06713b435f091ef2769fb160cdab33d3670680e",
+            "d135bb84d0439dbac432247ee573a23ea7d3c9deb2a968eb31d47c4fb45f1ef4422d6c531b5b9bd6f449ebcc449ea94d0a8f05f62130fda612da53c79659f609",
+            "ab7192d2b11f51c7dd744e7b3441febf397ca07bf812cceae122ca4ded6387889064f8db9230f173f6d1ab6e24b6e50f065b039f799f5592360a6558eb52d760",
+            "34341ead153aa1d1fdcf6cf624c2b4f6894b6fd16dc38bd4ec971ac0385ad54fafcb2e0ed86a1e509456f4246fdcb02c3172824cd649d9ad54c51f7fb49ea67c",
+            "dc44d4f4d36b07ab5fc04016cbe53548e5a7778671c58a43cb379fd00c06719b8073141fc22191ffc3db5f8b8983ae8341fa37f18c1c969664393aa5ceade64e",
+            "3e122edaf37398231cfaca4c7c216c9d66d5b899ec1d7ac617c40c7261906a45fc01617a021e5da3bd8d4182695b5cb785a28237cbb167590e34718e56d8aab8"
+        };
+
+        // test vectors from  http://www.di-mgt.com.au/hmac_sha3_testvectors.html
+        readonly static byte[][] macKeys =
+        {
+            Hex.Decode("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"),
+            Hex.Decode("4a656665"),
+            Hex.Decode("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"),
+            Hex.Decode("0102030405060708090a0b0c0d0e0f10111213141516171819"),
+            Hex.Decode("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
+                       "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
+                       "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
+                       "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
+                       "aaaaaa"),
+            Hex.Decode("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
+                       "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
+                       "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
+                       "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
+                       "aaaaaa"),
+            Hex.Decode("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
+                       "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
+                       "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
+                       "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
+                       "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")
+        };
+
+        readonly static string[] macData =
+        {
+            "4869205468657265",
+            "7768617420646f2079612077616e7420666f72206e6f7468696e673f",
+            "dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd" +
+                "dddddddddddddddddddddddddddddddddddd",
+            "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd" +
+                "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
+            "54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a" +
+                "65204b6579202d2048617368204b6579204669727374",
+            "5468697320697320612074657374207573696e672061206c6172676572207468" +
+                "616e20626c6f636b2d73697a65206b657920616e642061206c61726765722074" +
+                "68616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565" +
+                "647320746f20626520686173686564206265666f7265206265696e6720757365" +
+                "642062792074686520484d414320616c676f726974686d2e",
+            "5468697320697320612074657374207573696e672061206c6172676572207468" +
+                "616e20626c6f636b2d73697a65206b657920616e642061206c61726765722074" +
+                "68616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565" +
+                "647320746f20626520686173686564206265666f7265206265696e6720757365\n" +
+                "642062792074686520484d414320616c676f726974686d2e"
+        };
+
+        readonly static string[] mac224 =
+        {
+            "b73d595a2ba9af815e9f2b4e53e78581ebd34a80b3bbaac4e702c4cc",
+            "e824fec96c074f22f99235bb942da1982664ab692ca8501053cbd414",
+            "770df38c99d6e2bacd68056dcfe07d4c89ae20b2686a6185e1faa449",
+            "305a8f2dfb94bad28861a03cbc4d590febe775c58cb4961c28428a0b",
+            "e7a52dfa45f95a217c100066b239aa8ad519be9b35d667268b1b57ff",
+            "ba13009405a929f398b348885caa5419191bb948ada32194afc84104",
+            "92649468be236c3c72c189909c063b13f994be05749dc91310db639e"
+        };
+
+        readonly static string[] mac256 =
+        {
+            "9663d10c73ee294054dc9faf95647cb99731d12210ff7075fb3d3395abfb9821",
+            "aa9aed448c7abc8b5e326ffa6a01cdedf7b4b831881468c044ba8dd4566369a1",
+            "95f43e50f8df80a21977d51a8db3ba572dcd71db24687e6f86f47c1139b26260",
+            "6331ba9b4af5804a68725b3663eb74814494b63c6093e35fb320a85d507936fd",
+            "b4d0cdee7ec2ba81a88b86918958312300a15622377929a054a9ce3ae1fac2b6",
+            "1fdc8cb4e27d07c10d897dec39c217792a6e64fa9c63a77ce42ad106ef284e02",
+            "fdaa10a0299aecff9bb411cf2d7748a4022e4a26be3fb5b11b33d8c2b7ef5484"
+        };
+
+        readonly static string[] mac384 =
+        {
+            "892dfdf5d51e4679bf320cd16d4c9dc6f749744608e003add7fba894acff87361efa4e5799be06b6461f43b60ae97048",
+            "5af5c9a77a23a6a93d80649e562ab77f4f3552e3c5caffd93bdf8b3cfc6920e3023fc26775d9df1f3c94613146ad2c9d",
+            "4243c29f2201992ff96441e3b91ff81d8c601d706fbc83252684a4bc51101ca9b2c06ddd03677303c502ac5331752a3c",
+            "b730724d3d4090cda1be799f63acbbe389fef7792fc18676fa5453aab398664650ed029c3498bbe8056f06c658e1e693",
+            "d62482ef601d7847439b55236e9679388ffcd53c62cd126f39be6ea63de762e26cd5974cb9a8de401b786b5555040f6f",
+            "4860ea191ac34994cf88957afe5a836ef36e4cc1a66d75bf77defb7576122d75f60660e4cf731c6effac06402787e2b9",
+            "fe9357e3cfa538eb0373a2ce8f1e26ad6590afdaf266f1300522e8896d27e73f654d0631c8fa598d4bb82af6b744f4f5"
+        };
+
+        readonly static string[] mac512 =
+        {
+            "8852c63be8cfc21541a4ee5e5a9a852fc2f7a9adec2ff3a13718ab4ed81aaea0b87b7eb397323548e261a64e7fc75198f6663a11b22cd957f7c8ec858a1c7755",
+            "c2962e5bbe1238007852f79d814dbbecd4682e6f097d37a363587c03bfa2eb0859d8d9c701e04cececfd3dd7bfd438f20b8b648e01bf8c11d26824b96cebbdcb",
+            "eb0ed9580e0ec11fc66cbb646b1be904eaff6da4556d9334f65ee4b2c85739157bae9027c51505e49d1bb81cfa55e6822db55262d5a252c088a29a5e95b84a66",
+            "b46193bb59f4f696bf702597616da91e2a4558a593f4b015e69141ba81e1e50ea580834c2b87f87baa25a3a03bfc9bb389847f2dc820beae69d30c4bb75369cb",
+            "d05888a6ebf8460423ea7bc85ea4ffda847b32df32291d2ce115fd187707325c7ce4f71880d91008084ce24a38795d20e6a28328a0f0712dc38253370da3ebb5",
+            "2c6b9748d35c4c8db0b4407dd2ed2381f133bdbd1dfaa69e30051eb6badfcca64299b88ae05fdbd3dd3dd7fe627e42e39e48b0fe8c7f1e85f2dbd52c2d753572",
+            "6adc502f14e27812402fc81a807b28bf8a53c87bea7a1df6256bf66f5de1a4cb741407ad15ab8abc136846057f881969fbb159c321c904bfb557b77afb7778c8"
+        };
+
+        readonly static KeyParameter truncKey = new KeyParameter(Hex.Decode("0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c"));
+        readonly static byte[] truncData = Hex.Decode("546573742057697468205472756e636174696f6e");
+
+        readonly static byte[] trunc224 = Hex.Decode("f52bbcfd654264e7133085c5e69b72c3");
+        readonly static byte[] trunc256 = Hex.Decode("745e7e687f8335280d54202ef13cecc6");
+        readonly static byte[] trunc384 = Hex.Decode("fa9aea2bc1e181e47cbb8c3df243814d");
+        readonly static byte[] trunc512 = Hex.Decode("04c929fead434bba190dacfa554ce3f5");
+
+        readonly static byte[] xtremeData = Hex.Decode("61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f");
+
+        public override string Name
+        {
+            get { return "SHA3"; }
+        }
+
+        private void TestDigest(IDigest digest, string[] expected)
+        {
+            byte[] hash = new byte[digest.GetDigestSize()];
+
+            for (int i = 0; i != messages.Length; i++)
+            {
+                if (messages.Length != 0)
+                {
+                    byte[] data = Hex.Decode(messages[i]);
+
+                    digest.BlockUpdate(data, 0, data.Length);
+                }
+
+                digest.DoFinal(hash, 0);
+
+                if (!Arrays.AreEqual(Hex.Decode(expected[i]), hash))
+                {
+                    Fail("sha3 mismatch on " + digest.AlgorithmName + " index " + i);
+                }
+            }
+
+            byte[] k64 = new byte[1024 * 64];
+
+            for (int i = 0; i != k64.Length; i++)
+            {
+                k64[i] = (byte)'a';
+            }
+
+            digest.BlockUpdate(k64, 0, k64.Length);
+
+            digest.DoFinal(hash, 0);
+
+            if (!Arrays.AreEqual(Hex.Decode(expected[messages.Length]), hash))
+            {
+                Fail("sha3 mismatch on " + digest.AlgorithmName + " 64k a");
+            }
+
+            for (int i = 0; i != k64.Length; i++)
+            {
+                digest.Update((byte)'a');
+            }
+
+            digest.DoFinal(hash, 0);
+
+            if (!Arrays.AreEqual(Hex.Decode(expected[messages.Length]), hash))
+            {
+                Fail("sha3 mismatch on " + digest.AlgorithmName + " 64k a single");
+            }
+
+
+            for (int i = 0; i != k64.Length; i++)
+            {
+                k64[i] = (byte)('a' + (i % 26));
+            }
+
+            digest.BlockUpdate(k64, 0, k64.Length);
+
+            digest.DoFinal(hash, 0);
+
+            if (!Arrays.AreEqual(Hex.Decode(expected[messages.Length + 1]), hash))
+            {
+                Fail("sha3 mismatch on " + digest.AlgorithmName + " 64k alpha");
+            }
+
+            for (int i = 0; i != 64; i++)
+            {
+                digest.Update(k64[i * 1024]);
+                digest.BlockUpdate(k64, i * 1024 + 1, 1023);
+            }
+
+            digest.DoFinal(hash, 0);
+
+            if (!Arrays.AreEqual(Hex.Decode(expected[messages.Length + 1]), hash))
+            {
+                Fail("sha3 mismatch on " + digest.AlgorithmName + " 64k chunked alpha");
+            }
+
+            TestDigestDoFinal(digest);
+
+            //
+            // extremely long data test
+            //
+            //Console.WriteLine("Starting very long");
+            //for (int i = 0; i != 16384; i++)
+            //{
+            //    for (int j = 0; j != 1024; j++)
+            //    {
+            //        digest.BlockUpdate(xtremeData, 0, xtremeData.Length);
+            //    }
+            //}
+    
+            //digest.DoFinal(hash, 0);
+    
+            //if (!Arrays.AreEqual(Hex.Decode(expected[messages.Length + 2]), hash))
+            //{
+            //    Fail("sha3 mismatch on " + digest.AlgorithmName + " extreme data test");
+            //}
+            //Console.WriteLine("Done");
+        }
+
+        private void TestDigestDoFinal(IDigest digest)
+        {
+            byte[] hash = new byte[digest.GetDigestSize()];
+            digest.DoFinal(hash, 0);
+
+            for (int i = 0; i <= digest.GetDigestSize(); ++i)
+            {
+                byte[] cmp = new byte[2 * digest.GetDigestSize()];
+                Array.Copy(hash, 0, cmp, i, hash.Length);
+
+                byte[] buf = new byte[2 * digest.GetDigestSize()];
+                digest.DoFinal(buf, i);
+
+                if (!Arrays.AreEqual(cmp, buf))
+                {
+                    Fail("sha3 offset DoFinal on " + digest.AlgorithmName);
+                }
+            }
+        }
+
+        private void TestMac(IDigest digest, byte[][] keys, String[] data, String[] expected, byte[] truncExpected)
+        {
+            IMac mac = new HMac(digest);
+
+            for (int i = 0; i != keys.Length; i++)
+            {
+                mac.Init(new KeyParameter(keys[i]));
+
+                byte[] mData = Hex.Decode(data[i]);
+
+                mac.BlockUpdate(mData, 0, mData.Length);
+
+                byte[] macV = new byte[mac.GetMacSize()];
+
+                mac.DoFinal(macV, 0);
+
+                if (!Arrays.AreEqual(Hex.Decode(expected[i]), macV))
+                {
+                    Fail("sha3 HMAC mismatch on " + digest.AlgorithmName);
+                }
+            }
+
+            {
+                mac = new HMac(digest);
+
+                mac.Init(truncKey);
+
+                mac.BlockUpdate(truncData, 0, truncData.Length);
+
+                byte[] macV = new byte[mac.GetMacSize()];
+
+                mac.DoFinal(macV, 0);
+
+                for (int i = 0; i != truncExpected.Length; i++)
+                {
+                    if (macV[i] != truncExpected[i])
+                    {
+                        Fail("mismatch on truncated HMAC for " + digest.AlgorithmName);
+                    }
+                }
+            }
+        }
+
+        public override void PerformTest()
+        {
+            TestDigest(new Sha3Digest(), digests288);
+            TestDigest(new Sha3Digest(224), digests224);
+            TestDigest(new Sha3Digest(256), digests256);
+            TestDigest(new Sha3Digest(384), digests384);
+            TestDigest(new Sha3Digest(512), digests512);
+
+            TestMac(new Sha3Digest(224), macKeys, macData, mac224, trunc224);
+            TestMac(new Sha3Digest(256), macKeys, macData, mac256, trunc256);
+            TestMac(new Sha3Digest(384), macKeys, macData, mac384, trunc384);
+            TestMac(new Sha3Digest(512), macKeys, macData, mac512, trunc512);
+        }
+
+        protected virtual IDigest CloneDigest(IDigest digest)
+        {
+            return new Sha3Digest((Sha3Digest)digest);
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new Sha3DigestTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/SHA512DigestTest.cs b/crypto/test/src/crypto/test/SHA512DigestTest.cs
new file mode 100644
index 000000000..c8096b7db
--- /dev/null
+++ b/crypto/test/src/crypto/test/SHA512DigestTest.cs
@@ -0,0 +1,165 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <summary>
+    /// Standard vector test for SHA-512 from FIPS Draft 180-2.
+    /// Note, the first two vectors are _not_ from the draft, the last three are.
+    /// </summary>
+    [TestFixture]
+    public class Sha512DigestTest
+		: ITest
+    {
+        public string Name
+        {
+			get { return "SHA512"; }
+        }
+
+		//private static string testVec1 = "";
+        private static string resVec1 = "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e";
+
+        private static string testVec2 = "61";
+        private static string resVec2 = "1f40fc92da241694750979ee6cf582f2d5d7d28e18335de05abc54d0560e0f5302860c652bf08d560252aa5e74210546f369fbbbce8c12cfc7957b2652fe9a75";
+
+        private static string testVec3 = "616263";
+        private static string resVec3 = "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f";
+
+        private static string testVec4 = "61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475";
+        private static string resVec4 = "8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909";
+
+        // 1 million 'a'
+        private static string testVec5 = "61616161616161616161";
+        private static string resVec5 = "e718483d0ce769644e2e42c7bc15b4638e1f98b13b2044285632a803afa973ebde0ff244877ea60a4cb0432ce577c31beb009c5c2c49aa2e4eadb217ad8cc09b";
+
+        public virtual ITestResult Perform()
+        {
+            IDigest digest = new Sha512Digest();
+            byte[] resBuf = new byte[digest.GetDigestSize()];
+            string resStr;
+
+            //
+            // test 1
+            //
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec1.Equals(resStr))
+            {
+                return new SimpleTestResult(false, "SHA-512 failing standard vector test 1" + SimpleTest.NewLine + "    expected: " + resVec1 + SimpleTest.NewLine + "    got     : " + resStr);
+            }
+
+            //
+            // test 2
+            //
+            byte[] bytes = Hex.Decode(testVec2);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec2.Equals(resStr))
+            {
+                return new SimpleTestResult(false, "SHA-512 failing standard vector test 2" + SimpleTest.NewLine + "    expected: " + resVec2 + SimpleTest.NewLine + "    got     : " + resStr);
+            }
+
+            //
+            // test 3
+            //
+            bytes = Hex.Decode(testVec3);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec3.Equals(resStr))
+            {
+                return new SimpleTestResult(false, "SHA-512 failing standard vector test 3" + SimpleTest.NewLine + "    expected: " + resVec3 + SimpleTest.NewLine + "    got     : " + resStr);
+            }
+
+            //
+            // test 4
+            //
+            bytes = Hex.Decode(testVec4);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false, "SHA-512 failing standard vector test 4" + SimpleTest.NewLine + "    expected: " + resVec4 + SimpleTest.NewLine + "    got     : " + resStr);
+            }
+
+            //
+            // test 5
+            //
+            bytes = Hex.Decode(testVec4);
+
+            digest.BlockUpdate(bytes, 0, bytes.Length / 2);
+
+            // clone the IDigest
+            IDigest d = new Sha512Digest((Sha512Digest)digest);
+
+            digest.BlockUpdate(bytes, bytes.Length / 2, bytes.Length - bytes.Length / 2);
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false, "SHA-512 failing standard vector test 5" + SimpleTest.NewLine + "    expected: " + resVec4 + SimpleTest.NewLine + "    got     : " + resStr);
+            }
+
+            d.BlockUpdate(bytes, bytes.Length / 2, bytes.Length - bytes.Length / 2);
+            d.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec4.Equals(resStr))
+            {
+                return new SimpleTestResult(false, "SHA-512 failing standard vector test 5" + SimpleTest.NewLine + "    expected: " + resVec4 + SimpleTest.NewLine + "    got     : " + resStr);
+            }
+
+            // test 6
+            bytes = Hex.Decode(testVec5);
+            for (int i = 0; i < 100000; i++)
+            {
+                digest.BlockUpdate(bytes, 0, bytes.Length);
+            }
+            digest.DoFinal(resBuf, 0);
+
+            resStr = Hex.ToHexString(resBuf);
+            if (!resVec5.Equals(resStr))
+            {
+                return new SimpleTestResult(false, "SHA-512 failing standard vector test 6" + SimpleTest.NewLine + "    expected: " + resVec5 + SimpleTest.NewLine + "    got     : " + resStr);
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            ITest test = new Sha512DigestTest();
+            ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/SHA512HMacTest.cs b/crypto/test/src/crypto/test/SHA512HMacTest.cs
new file mode 100644
index 000000000..c091a7220
--- /dev/null
+++ b/crypto/test/src/crypto/test/SHA512HMacTest.cs
@@ -0,0 +1,123 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+
+    /// <summary> SHA512 HMac Test, test vectors from RFC</summary>
+    [TestFixture]
+    public class Sha512HMacTest
+		: ITest
+    {
+        public string Name
+        {
+			get { return "SHA512HMac"; }
+        }
+
+		public static readonly string[] keys =
+		{
+            "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
+            "4a656665",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+            "0102030405060708090a0b0c0d0e0f10111213141516171819",
+            "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+            "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+        };
+
+		public static readonly string[] digests =
+		{
+            "87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854",
+            "164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737",
+            "fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb",
+            "b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd",
+            "415fad6271580a531d4179bc891d87a650188707922a4fbb36663a1eb16da008711c5b50ddd0fc235084eb9d3364a1454fb2ef67cd1d29fe6773068ea266e96b",
+            "80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598",
+            "e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58"
+        };
+
+		public static readonly string[] messages =
+		{
+			"Hi There",
+			"what do ya want for nothing?",
+			"0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd",
+			"0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
+			"Test With Truncation",
+			"Test Using Larger Than Block-Size Key - Hash Key First",
+			"This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm."
+		};
+
+		public virtual ITestResult Perform()
+        {
+            HMac hmac = new HMac(new Sha512Digest());
+            byte[] resBuf = new byte[hmac.GetMacSize()];
+
+            for (int i = 0; i < messages.Length; i++)
+            {
+                byte[] m = Encoding.ASCII.GetBytes(messages[i]);
+                if (messages[i].StartsWith("0x"))
+                {
+                    m = Hex.Decode(messages[i].Substring(2));
+                }
+                hmac.Init(new KeyParameter(Hex.Decode(keys[i])));
+                hmac.BlockUpdate(m, 0, m.Length);
+                hmac.DoFinal(resBuf, 0);
+
+                if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i])))
+                {
+                    return new SimpleTestResult(false, Name + ": Vector " + i + " failed");
+                }
+            }
+
+            //
+            // test reset
+            //
+            int vector = 0; // vector used for test
+            byte[] m2 = Encoding.ASCII.GetBytes(messages[vector]);
+            if (messages[vector].StartsWith("0x"))
+            {
+                m2 = Hex.Decode(messages[vector].Substring(2));
+            }
+            hmac.Init(new KeyParameter(Hex.Decode(keys[vector])));
+            hmac.BlockUpdate(m2, 0, m2.Length);
+            hmac.DoFinal(resBuf, 0);
+            hmac.Reset();
+            hmac.BlockUpdate(m2, 0, m2.Length);
+            hmac.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[vector])))
+            {
+                return new SimpleTestResult(false, Name + "Reset with vector " + vector + " failed");
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            ITest test = new Sha512HMacTest();
+            ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/SHA512t224DigestTest.cs b/crypto/test/src/crypto/test/SHA512t224DigestTest.cs
new file mode 100644
index 000000000..a3d68e1ab
--- /dev/null
+++ b/crypto/test/src/crypto/test/SHA512t224DigestTest.cs
@@ -0,0 +1,62 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /**
+     * standard vector test for SHA-512/224 from FIPS 180-4.
+     *
+     * Note, only the last 2 message entries are FIPS originated..
+     */
+    public class Sha512t224DigestTest
+        : DigestTest
+    {
+        private static string[] messages =
+        {
+            "",
+            "a",
+            "abc",
+            "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
+        };
+
+        private static string[] digests =
+        {
+            "6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4",
+            "d5cdb9ccc769a5121d4175f2bfdd13d6310e0d3d361ea75d82108327",
+            "4634270F707B6A54DAAE7530460842E20E37ED265CEEE9A43E8924AA",
+            "23FEC5BB94D60B23308192640B0C453335D664734FE40E7268674AF9"
+        };
+
+        // 1 million 'a'
+        private const string million_a_digest = "37ab331d76f0d36de422bd0edeb22a28accd487b7a8453ae965dd287";
+
+        internal Sha512t224DigestTest()
+            : base(new Sha512tDigest(224), messages, digests)
+        {
+        }
+
+        public override void PerformTest()
+        {
+            base.PerformTest();
+
+            millionATest(million_a_digest);
+        }
+
+        protected override IDigest CloneDigest(IDigest digest)
+        {
+            return new Sha512tDigest((Sha512tDigest)digest);
+        }
+
+        public static void Main(
+            string[]    args)
+        {
+            RunTest(new Sha512t224DigestTest());
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/SHA512t256DigestTest.cs b/crypto/test/src/crypto/test/SHA512t256DigestTest.cs
new file mode 100644
index 000000000..c957aa660
--- /dev/null
+++ b/crypto/test/src/crypto/test/SHA512t256DigestTest.cs
@@ -0,0 +1,62 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /**
+     * standard vector test for SHA-512/256 from FIPS 180-4.
+     *
+     * Note, only the last 2 message entries are FIPS originated..
+     */
+    public class Sha512t256DigestTest
+        : DigestTest
+    {
+        private static string[] messages =
+        {
+            "",
+            "a",
+            "abc",
+            "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
+        };
+
+        private static string[] digests =
+        {
+            "c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a",
+            "455e518824bc0601f9fb858ff5c37d417d67c2f8e0df2babe4808858aea830f8",
+            "53048E2681941EF99B2E29B76B4C7DABE4C2D0C634FC6D46E0E2F13107E7AF23",
+            "3928E184FB8690F840DA3988121D31BE65CB9D3EF83EE6146FEAC861E19B563A"
+        };
+
+        // 1 million 'a'
+        private const string million_a_digest = "9a59a052930187a97038cae692f30708aa6491923ef5194394dc68d56c74fb21";
+
+        internal Sha512t256DigestTest()
+            : base(new Sha512tDigest(256), messages, digests)
+        {
+        }
+
+        public override void PerformTest()
+        {
+            base.PerformTest();
+
+            millionATest(million_a_digest);
+        }
+
+        protected override IDigest CloneDigest(IDigest digest)
+        {
+            return new Sha512tDigest((Sha512tDigest)digest);
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new Sha512t256DigestTest());
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/SRP6Test.cs b/crypto/test/src/crypto/test/SRP6Test.cs
new file mode 100644
index 000000000..3b80e2c16
--- /dev/null
+++ b/crypto/test/src/crypto/test/SRP6Test.cs
@@ -0,0 +1,300 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Agreement.Srp;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	[TestFixture]
+	public class Srp6Test
+		: SimpleTest
+	{
+	    private static BigInteger FromHex(string hex)
+	    {
+	        return new BigInteger(1, Hex.Decode(hex));
+	    }
+
+		// 1024 bit example prime from RFC5054 and corresponding generator
+		private static readonly BigInteger N_1024 = FromHex("EEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2314C"
+	            + "9C256576D674DF7496EA81D3383B4813D692C6E0E0D5D8E250B98BE4"
+	            + "8E495C1D6089DAD15DC7D7B46154D6B6CE8EF4AD69B15D4982559B29"
+	            + "7BCF1885C529F566660E57EC68EDBC3C05726CC02FD4CBF4976EAA9A"
+	            + "FD5138FE8376435B9FC61D2FC0EB06E3");
+		private static readonly BigInteger g_1024 = BigInteger.Two;
+
+		private readonly SecureRandom random = new SecureRandom();
+
+	    public override string Name
+	    {
+	        get { return "SRP6"; }
+	    }
+
+	    public override void PerformTest()
+	    {
+	    	rfc5054AppendixBTestVectors();
+
+	        testMutualVerification(N_1024, g_1024);
+	        testClientCatchesBadB(N_1024, g_1024);
+	        testServerCatchesBadA(N_1024, g_1024);
+
+			testWithRandomParams(256);
+			testWithRandomParams(384);
+			testWithRandomParams(512);
+	    }
+
+	    private void rfc5054AppendixBTestVectors()
+	    {
+	    	byte[] I = Encoding.UTF8.GetBytes("alice");
+	    	byte[] P = Encoding.UTF8.GetBytes("password123");
+	    	byte[] s = Hex.Decode("BEB25379D1A8581EB5A727673A2441EE");
+	    	BigInteger N = N_1024;
+	    	BigInteger g = g_1024;
+	    	BigInteger a = FromHex("60975527035CF2AD1989806F0407210BC81EDC04E2762A56AFD529DDDA2D4393");
+	    	BigInteger b = FromHex("E487CB59D31AC550471E81F00F6928E01DDA08E974A004F49E61F5D105284D20");
+
+	    	BigInteger expect_k = FromHex("7556AA045AEF2CDD07ABAF0F665C3E818913186F");
+	    	BigInteger expect_x = FromHex("94B7555AABE9127CC58CCF4993DB6CF84D16C124");
+	    	BigInteger expect_v = FromHex("7E273DE8696FFC4F4E337D05B4B375BEB0DDE1569E8FA00A9886D812"
+	            + "9BADA1F1822223CA1A605B530E379BA4729FDC59F105B4787E5186F5"
+	            + "C671085A1447B52A48CF1970B4FB6F8400BBF4CEBFBB168152E08AB5"
+	            + "EA53D15C1AFF87B2B9DA6E04E058AD51CC72BFC9033B564E26480D78"
+	            + "E955A5E29E7AB245DB2BE315E2099AFB");
+	    	BigInteger expect_A = FromHex("61D5E490F6F1B79547B0704C436F523DD0E560F0C64115BB72557EC4"
+	            + "4352E8903211C04692272D8B2D1A5358A2CF1B6E0BFCF99F921530EC"
+	            + "8E39356179EAE45E42BA92AEACED825171E1E8B9AF6D9C03E1327F44"
+	            + "BE087EF06530E69F66615261EEF54073CA11CF5858F0EDFDFE15EFEA"
+	            + "B349EF5D76988A3672FAC47B0769447B");
+	    	BigInteger expect_B = FromHex("BD0C61512C692C0CB6D041FA01BB152D4916A1E77AF46AE105393011"
+	            + "BAF38964DC46A0670DD125B95A981652236F99D9B681CBF87837EC99"
+	            + "6C6DA04453728610D0C6DDB58B318885D7D82C7F8DEB75CE7BD4FBAA"
+	            + "37089E6F9C6059F388838E7A00030B331EB76840910440B1B27AAEAE"
+	            + "EB4012B7D7665238A8E3FB004B117B58");
+	    	BigInteger expect_u = FromHex("CE38B9593487DA98554ED47D70A7AE5F462EF019");
+	    	BigInteger expect_S = FromHex("B0DC82BABCF30674AE450C0287745E7990A3381F63B387AAF271A10D"
+	            + "233861E359B48220F7C4693C9AE12B0A6F67809F0876E2D013800D6C"
+	            + "41BB59B6D5979B5C00A172B4A2A5903A0BDCAF8A709585EB2AFAFA8F"
+	            + "3499B200210DCC1F10EB33943CD67FC88A2F39A4BE5BEC4EC0A3212D"
+	            + "C346D7E474B29EDE8A469FFECA686E5A");
+
+	    	BigInteger k = Srp6Utilities.CalculateK(new Sha1Digest(), N, g);
+	    	if (!k.Equals(expect_k))
+	    	{
+	    		Fail("wrong value of 'k'");
+	    	}
+
+	    	BigInteger x = Srp6Utilities.CalculateX(new Sha1Digest(), N, s, I, P);
+	    	if (!x.Equals(expect_x))
+	    	{
+	    		Fail("wrong value of 'x'");
+	    	}
+
+	    	Srp6VerifierGenerator gen = new Srp6VerifierGenerator();
+	    	gen.Init(N, g, new Sha1Digest());
+	    	BigInteger v = gen.GenerateVerifier(s, I, P);
+	    	if (!v.Equals(expect_v))
+	    	{
+	    		Fail("wrong value of 'v'");
+	    	}
+
+	        Srp6Client client = new MySrp6Client(a);
+	        client.Init(N, g, new Sha1Digest(), random);
+
+	    	BigInteger A = client.GenerateClientCredentials(s, I, P);
+	    	if (!A.Equals(expect_A))
+	    	{
+	    		Fail("wrong value of 'A'");
+	    	}
+
+	    	Srp6Server server = new MySrp6Server(b);
+	        server.Init(N, g, v, new Sha1Digest(), random);
+
+	    	BigInteger B = server.GenerateServerCredentials();
+	    	if (!B.Equals(expect_B))
+	    	{
+	    		Fail("wrong value of 'B'");
+	    	}
+
+	        BigInteger u = Srp6Utilities.CalculateU(new Sha1Digest(), N, A, B);
+	    	if (!u.Equals(expect_u))
+	    	{
+	    		Fail("wrong value of 'u'");
+	    	}
+
+	        BigInteger clientS = client.CalculateSecret(B);
+	        if (!clientS.Equals(expect_S))
+	    	{
+	    		Fail("wrong value of 'S' (client)");
+	    	}
+
+	        BigInteger serverS = server.CalculateSecret(A);
+	        if (!serverS.Equals(expect_S))
+	    	{
+	    		Fail("wrong value of 'S' (server)");
+	    	}
+	    }
+
+		private void testWithRandomParams(int bits)
+		{
+	        DHParametersGenerator paramGen = new DHParametersGenerator();
+	        paramGen.Init(bits, 25, random);
+	        DHParameters parameters = paramGen.GenerateParameters();
+
+	        BigInteger g = parameters.G;
+	        BigInteger p = parameters.P;
+
+	        testMutualVerification(p, g);
+		}
+
+	    private void testMutualVerification(BigInteger N, BigInteger g)
+	    {
+	        byte[] I = Encoding.UTF8.GetBytes("username");
+	        byte[] P = Encoding.UTF8.GetBytes("password");
+	        byte[] s = new byte[16];
+	        random.NextBytes(s);
+
+	        Srp6VerifierGenerator gen = new Srp6VerifierGenerator();
+	        gen.Init(N, g, new Sha256Digest());
+	        BigInteger v = gen.GenerateVerifier(s, I, P);
+
+	        Srp6Client client = new Srp6Client();
+	        client.Init(N, g, new Sha256Digest(), random);
+
+	        Srp6Server server = new Srp6Server();
+	        server.Init(N, g, v, new Sha256Digest(), random);
+
+	        BigInteger A = client.GenerateClientCredentials(s, I, P);
+	        BigInteger B = server.GenerateServerCredentials();
+
+	        BigInteger clientS = client.CalculateSecret(B);
+	        BigInteger serverS = server.CalculateSecret(A);
+
+	        if (!clientS.Equals(serverS))
+	        {
+	            Fail("SRP agreement failed - client/server calculated different secrets");
+	        }
+	    }
+
+	    private void testClientCatchesBadB(BigInteger N, BigInteger g)
+	    {
+	        byte[] I = Encoding.UTF8.GetBytes("username");
+	        byte[] P = Encoding.UTF8.GetBytes("password");
+	        byte[] s = new byte[16];
+	        random.NextBytes(s);
+
+	        Srp6Client client = new Srp6Client();
+	        client.Init(N, g, new Sha256Digest(), random);
+
+	        client.GenerateClientCredentials(s, I, P);
+
+	        try
+	        {
+	        	client.CalculateSecret(BigInteger.Zero);
+	        	Fail("Client failed to detect invalid value for 'B'");
+	        }
+	        catch (CryptoException)
+	        {
+	        	// Expected
+	        }
+
+	        try
+	        {
+	        	client.CalculateSecret(N);
+	        	Fail("Client failed to detect invalid value for 'B'");
+	        }
+	        catch (CryptoException)
+	        {
+	        	// Expected
+	        }
+	    }
+
+	    private void testServerCatchesBadA(BigInteger N, BigInteger g)
+	    {
+	        byte[] I = Encoding.UTF8.GetBytes("username");
+	        byte[] P = Encoding.UTF8.GetBytes("password");
+	        byte[] s = new byte[16];
+	        random.NextBytes(s);
+
+	        Srp6VerifierGenerator gen = new Srp6VerifierGenerator();
+	        gen.Init(N, g, new Sha256Digest());
+	        BigInteger v = gen.GenerateVerifier(s, I, P);
+
+	        Srp6Server server = new Srp6Server();
+	        server.Init(N, g, v, new Sha256Digest(), random);
+
+	        server.GenerateServerCredentials();
+
+	        try
+	        {
+	        	server.CalculateSecret(BigInteger.Zero);
+	        	Fail("Client failed to detect invalid value for 'A'");
+	        }
+	        catch (CryptoException)
+	        {
+	        	// Expected
+	        }
+
+	        try
+	        {
+	        	server.CalculateSecret(N);
+	        	Fail("Client failed to detect invalid value for 'A'");
+	        }
+	        catch (CryptoException)
+	        {
+	        	// Expected
+	        }
+	    }
+
+	    public static void Main(string[] args)
+	    {
+	        RunTest(new Srp6Test());
+	    }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+
+		private class MySrp6Client
+			: Srp6Client
+		{
+			private readonly BigInteger nonRandomPrivA;
+
+			internal MySrp6Client(BigInteger nonRandomPrivA)
+			{
+				this.nonRandomPrivA = nonRandomPrivA;
+			}
+
+            protected override BigInteger SelectPrivateValue()
+            {
+                return nonRandomPrivA;
+            }
+		}
+
+		private class MySrp6Server
+			: Srp6Server
+		{
+			private readonly BigInteger nonRandomPrivB;
+
+			internal MySrp6Server(BigInteger nonRandomPrivB)
+			{
+				this.nonRandomPrivB = nonRandomPrivB;
+			}
+
+            protected override BigInteger SelectPrivateValue()
+            {
+                return nonRandomPrivB;
+            }
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/Salsa20Test.cs b/crypto/test/src/crypto/test/Salsa20Test.cs
new file mode 100644
index 000000000..9e7549ae7
--- /dev/null
+++ b/crypto/test/src/crypto/test/Salsa20Test.cs
@@ -0,0 +1,261 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* Salsa20 Test
+	*/
+	[TestFixture]
+	public class Salsa20Test
+		: SimpleTest
+	{
+		private static readonly byte[] zeroes = Hex.Decode(
+			  "00000000000000000000000000000000"
+			+ "00000000000000000000000000000000"
+			+ "00000000000000000000000000000000"
+			+ "00000000000000000000000000000000");
+
+		private static readonly string set1v0_0 =
+			  "4DFA5E481DA23EA09A31022050859936"
+			+ "DA52FCEE218005164F267CB65F5CFD7F"
+			+ "2B4F97E0FF16924A52DF269515110A07"
+			+ "F9E460BC65EF95DA58F740B7D1DBB0AA";
+
+		private static readonly string set1v0_192 =
+			  "DA9C1581F429E0A00F7D67E23B730676"
+			+ "783B262E8EB43A25F55FB90B3E753AEF"
+			+ "8C6713EC66C51881111593CCB3E8CB8F"
+			+ "8DE124080501EEEB389C4BCB6977CF95";
+
+		private static readonly string set1v0_256 =
+			  "7D5789631EB4554400E1E025935DFA7B"
+			+ "3E9039D61BDC58A8697D36815BF1985C"
+			+ "EFDF7AE112E5BB81E37ECF0616CE7147"
+			+ "FC08A93A367E08631F23C03B00A8DA2F";
+
+		private static readonly string set1v0_448 =
+			  "B375703739DACED4DD4059FD71C3C47F"
+			+ "C2F9939670FAD4A46066ADCC6A564578"
+			+ "3308B90FFB72BE04A6B147CBE38CC0C3"
+			+ "B9267C296A92A7C69873F9F263BE9703";
+
+		private static readonly string set1v9_0 =
+			  "0471076057830FB99202291177FBFE5D"
+			+ "38C888944DF8917CAB82788B91B53D1C"
+			+ "FB06D07A304B18BB763F888A61BB6B75"
+			+ "5CD58BEC9C4CFB7569CB91862E79C459";
+
+		private static readonly string set1v9_192 =
+			  "D1D7E97556426E6CFC21312AE3811425"
+			+ "9E5A6FB10DACBD88E4354B0472556935"
+			+ "2B6DA5ACAFACD5E266F9575C2ED8E6F2"
+			+ "EFE4B4D36114C3A623DD49F4794F865B";
+
+		private static readonly string set1v9_256 =
+			  "AF06FAA82C73291231E1BD916A773DE1"
+			+ "52FD2126C40A10C3A6EB40F22834B8CC"
+			+ "68BD5C6DBD7FC1EC8F34165C517C0B63"
+			+ "9DB0C60506D3606906B8463AA0D0EC2F";
+
+		private static readonly string set1v9_448 =
+			  "AB3216F1216379EFD5EC589510B8FD35"
+			+ "014D0AA0B613040BAE63ECAB90A9AF79"
+			+ "661F8DA2F853A5204B0F8E72E9D9EB4D"
+			+ "BA5A4690E73A4D25F61EE7295215140C";
+
+		private static readonly string set6v0_0 =
+			  "F5FAD53F79F9DF58C4AEA0D0ED9A9601"
+			+ "F278112CA7180D565B420A48019670EA"
+			+ "F24CE493A86263F677B46ACE1924773D"
+			+ "2BB25571E1AA8593758FC382B1280B71";
+
+		private static readonly string set6v0_65472 =
+			  "B70C50139C63332EF6E77AC54338A407"
+			+ "9B82BEC9F9A403DFEA821B83F7860791"
+			+ "650EF1B2489D0590B1DE772EEDA4E3BC"
+			+ "D60FA7CE9CD623D9D2FD5758B8653E70";
+
+		private static readonly string set6v0_65536 =
+			  "81582C65D7562B80AEC2F1A673A9D01C"
+			+ "9F892A23D4919F6AB47B9154E08E699B"
+			+ "4117D7C666477B60F8391481682F5D95"
+			+ "D96623DBC489D88DAA6956B9F0646B6E";
+
+		private static readonly string set6v1_0 =
+			  "3944F6DC9F85B128083879FDF190F7DE"
+			+ "E4053A07BC09896D51D0690BD4DA4AC1"
+			+ "062F1E47D3D0716F80A9B4D85E6D6085"
+			+ "EE06947601C85F1A27A2F76E45A6AA87";
+
+		private static readonly string set6v1_65472 =
+			  "36E03B4B54B0B2E04D069E690082C8C5"
+			+ "92DF56E633F5D8C7682A02A65ECD1371"
+			+ "8CA4352AACCB0DA20ED6BBBA62E177F2"
+			+ "10E3560E63BB822C4158CAA806A88C82";
+
+		private static readonly string set6v1_65536 =
+			  "1B779E7A917C8C26039FFB23CF0EF8E0"
+			+ "8A1A13B43ACDD9402CF5DF38501098DF"
+			+ "C945A6CC69A6A17367BC03431A86B3ED"
+			+ "04B0245B56379BF997E25800AD837D7D";
+
+		public override string Name
+		{
+			get { return "Salsa20"; }
+		}
+
+		public override void PerformTest()
+		{
+			salsa20Test1(new ParametersWithIV(new KeyParameter(Hex.Decode("80000000000000000000000000000000")), Hex.Decode("0000000000000000")),
+					set1v0_0, set1v0_192,  set1v0_256,  set1v0_448);
+			salsa20Test1(new ParametersWithIV(new KeyParameter(Hex.Decode("00400000000000000000000000000000")), Hex.Decode("0000000000000000")),
+					set1v9_0, set1v9_192,  set1v9_256,  set1v9_448);
+			salsa20Test2(new ParametersWithIV(new KeyParameter(Hex.Decode("0053A6F94C9FF24598EB3E91E4378ADD3083D6297CCF2275C81B6EC11467BA0D")), Hex.Decode("0D74DB42A91077DE")),
+					set6v0_0, set6v0_65472, set6v0_65536);
+			salsa20Test2(new ParametersWithIV(new KeyParameter(Hex.Decode("0558ABFE51A4F74A9DF04396E93C8FE23588DB2E81D4277ACD2073C6196CBF12")), Hex.Decode("167DE44BB21980E7")),
+					set6v1_0, set6v1_65472, set6v1_65536);
+			reinitBug();
+		}
+
+		private void salsa20Test1(
+			ICipherParameters	parameters,
+			string				v0,
+			string				v192,
+			string				v256,
+			string				v448)
+		{
+			IStreamCipher salsa = new Salsa20Engine();
+			byte[]       buf = new byte[64];
+
+			salsa.Init(true, parameters);
+
+			for (int i = 0; i != 7; i++)
+			{
+				salsa.ProcessBytes(zeroes, 0, 64, buf, 0);
+				switch (i)
+				{
+				case 0:
+					if (!AreEqual(buf, Hex.Decode(v0)))
+					{
+						mismatch("v0", v0, buf);
+					}
+					break;
+				case 3:
+					if (!AreEqual(buf, Hex.Decode(v192)))
+					{
+						mismatch("v192", v192, buf);
+					}
+					break;
+				case 4:
+					if (!AreEqual(buf, Hex.Decode(v256)))
+					{
+						mismatch("v256", v256, buf);
+					}
+					break;
+				default:
+					// ignore
+					break;
+				}
+			}
+
+			for (int i = 0; i != 64; i++)
+			{
+				buf[i] = salsa.ReturnByte(zeroes[i]);
+			}
+
+			if (!AreEqual(buf, Hex.Decode(v448)))
+			{
+				mismatch("v448", v448, buf);
+			}       
+		}
+
+		private void salsa20Test2(
+			ICipherParameters	parameters,
+			string				v0,
+			string				v65472,
+			string				v65536)
+		{
+			IStreamCipher salsa = new Salsa20Engine();
+			byte[]       buf = new byte[64];
+
+			salsa.Init(true, parameters);
+
+			for (int i = 0; i != 1025; i++)
+			{
+				salsa.ProcessBytes(zeroes, 0, 64, buf, 0);
+				switch (i)
+				{
+				case 0:
+					if (!AreEqual(buf, Hex.Decode(v0)))
+					{
+						mismatch("v0", v0, buf);
+					}
+					break;
+				case 1023:
+					if (!AreEqual(buf, Hex.Decode(v65472)))
+					{
+						mismatch("v65472", v65472, buf);
+					}
+					break;
+				case 1024:
+					if (!AreEqual(buf, Hex.Decode(v65536)))
+					{
+						mismatch("v65536", v65536, buf);
+					}
+					break;
+				default:
+					// ignore
+					break;
+				}
+			}
+		}
+
+		private void mismatch(
+			string	name,
+			string	expected,
+			byte[]	found)
+		{
+			Fail("mismatch on " + name, expected, Hex.ToHexString(found));
+		}
+
+		private void reinitBug()
+		{
+			KeyParameter key = new KeyParameter(Hex.Decode("80000000000000000000000000000000"));
+			ParametersWithIV parameters = new ParametersWithIV(key, Hex.Decode("0000000000000000"));
+
+			IStreamCipher salsa = new Salsa20Engine();
+
+			salsa.Init(true, parameters);
+
+			try
+			{
+				salsa.Init(true, key);
+				Fail("Salsa20 should throw exception if no IV in Init");
+			}
+			catch (ArgumentException)
+			{
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new Salsa20Test());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/SerpentTest.cs b/crypto/test/src/crypto/test/SerpentTest.cs
new file mode 100644
index 000000000..2467797e9
--- /dev/null
+++ b/crypto/test/src/crypto/test/SerpentTest.cs
@@ -0,0 +1,119 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    [TestFixture]
+    public class SerpentTest: CipherTest
+    {
+        static SimpleTest[]  tests =
+        {
+            new BlockCipherVectorTest(0, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+                "00000000000000000000000000000000", "8910494504181950f98dd998a82b6749"),
+            new BlockCipherVectorTest(1, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+                "80000000000000000000000000000000", "10b5ffb720b8cb9002a1142b0ba2e94a"),
+            new BlockCipherVectorTest(2, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+                "00000000008000000000000000000000", "4f057a42d8d5bd9746e434680ddcd5e5"),
+            new BlockCipherVectorTest(3, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+                "00000000000000000000400000000000", "99407bf8582ef12550886ef5b6f169b9"),
+            new BlockCipherVectorTest(4, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
+                "40000000000000000000000000000000", "d522a3b8d6d89d4d2a124fdd88f36896"),
+            new BlockCipherVectorTest(5, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
+                "00000000000200000000000000000000", "189b8ec3470085b3da97e82ca8964e32"),
+            new BlockCipherVectorTest(6, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")),
+                "00000000000000000000008000000000", "f77d868cf760b9143a89809510ccb099"),
+            new BlockCipherVectorTest(7, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+                "08000000000000000000000000000000", "d43b7b981b829342fce0e3ec6f5f4c82"),
+            new BlockCipherVectorTest(8, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+                "00000000000000000100000000000000", "0bf30e1a0c33ccf6d5293177886912a7"),
+            new BlockCipherVectorTest(9, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")),
+                "00000000000000000000000000000001", "6a7f3b805d2ddcba49b89770ade5e507"),
+            new BlockCipherVectorTest(10, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("80000000000000000000000000000000")),
+                "00000000000000000000000000000000", "49afbfad9d5a34052cd8ffa5986bd2dd"),
+            new BlockCipherVectorTest(11, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("000000000000000000000000004000000000000000000000")),
+                "00000000000000000000000000000000", "ba8829b1de058c4b48615d851fc74f17"),
+            new BlockCipherVectorTest(12, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000100000000")),
+                "00000000000000000000000000000000", "89f64377bf1e8a46c8247044e8056a98"),
+/*
+            new BlockCipherMonteCarloTest(13, 10000, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("47f5f881daab9b67b43bd1342e339c19")),
+                "7a4f7db38c52a8b711b778a38d203b6b", "003380e19f10065740394f48e2fe80b7"),
+*/
+            new BlockCipherMonteCarloTest(13, 100, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("47f5f881daab9b67b43bd1342e339c19")),
+                "7a4f7db38c52a8b711b778a38d203b6b", "4db75303d815c2f7cc6ca935d1c5a046"),
+/*
+            new BlockCipherMonteCarloTest(14, 10000, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("31fba879ebc5e80df35e6fa33eaf92d6")),
+                "70a05e12f74589009692a337f53ff614", "afb5425426906db26b70bdf842ac5400"),
+*/
+            new BlockCipherMonteCarloTest(14, 100, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("31fba879ebc5e80df35e6fa33eaf92d6")),
+                "70a05e12f74589009692a337f53ff614", "fc53a50f4d3bc9836001893d2f41742d"),
+/*
+            new BlockCipherMonteCarloTest(15, 10000, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("bde6dd392307984695aee80e574f9977caae9aa78eda53e8")),
+                "9cc523d034a93740a0aa4e2054bb34d8", "1949d506ada7de1f1344986e8ea049b2"),
+*/
+            new BlockCipherMonteCarloTest(15, 100, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("bde6dd392307984695aee80e574f9977caae9aa78eda53e8")),
+                "9cc523d034a93740a0aa4e2054bb34d8", "77117e6a9e80f40b2a36b7d755573c2d"),
+/*
+            new BlockCipherMonteCarloTest(16, 10000, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("60f6f8ad4290699dc50921a1bbcca92da914e7d9cf01a9317c79c0af8f2487a1")),
+                "ee1a61106fae2d381d686cbf854bab65", "e57f45559027cb1f2ed9603d814e1c34"),
+*/
+            new BlockCipherMonteCarloTest(16, 100, new SerpentEngine(),
+                new KeyParameter(Hex.Decode("60f6f8ad4290699dc50921a1bbcca92da914e7d9cf01a9317c79c0af8f2487a1")),
+                "ee1a61106fae2d381d686cbf854bab65", "dcd7f13ea0dcdfd0139d1a42e2ffb84b")
+        };
+
+		public SerpentTest()
+			: base(tests, new SerpentEngine(), new KeyParameter(new byte[32]))
+		{
+		}
+
+		public override string Name
+        {
+			get { return "Serpent"; }
+        }
+
+		public static void Main(
+	        string[] args)
+        {
+            ITest test = new SerpentTest();
+            ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/ShortenedDigestTest.cs b/crypto/test/src/crypto/test/ShortenedDigestTest.cs
new file mode 100644
index 000000000..4956b5b39
--- /dev/null
+++ b/crypto/test/src/crypto/test/ShortenedDigestTest.cs
@@ -0,0 +1,98 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Paddings;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	[TestFixture]
+	public class ShortenedDigestTest : SimpleTest
+	{
+		public override void PerformTest()
+		{
+			IDigest  d = new Sha1Digest();
+			ShortenedDigest sd = new ShortenedDigest(new Sha1Digest(), 10);
+
+			if (sd.GetDigestSize() != 10)
+			{
+				Fail("size check wrong for SHA-1");
+			}
+
+			if (sd.GetByteLength() != d.GetByteLength())
+			{
+				Fail("byte length check wrong for SHA-1");
+			}
+
+			//
+			// check output fits
+			//
+			sd.DoFinal(new byte[10], 0);
+
+			d = new Sha512Digest();
+			sd = new ShortenedDigest(new Sha512Digest(), 20);
+
+			if (sd.GetDigestSize() != 20)
+			{
+				Fail("size check wrong for SHA-512");
+			}
+
+			if (sd.GetByteLength() != d.GetByteLength())
+			{
+				Fail("byte length check wrong for SHA-512");
+			}
+
+			//
+			// check output fits
+			//
+			sd.DoFinal(new byte[20], 0);
+
+			try
+			{
+				new ShortenedDigest(null, 20);
+
+				Fail("null parameter not caught");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+
+			try
+			{
+				new ShortenedDigest(new Sha1Digest(), 50);
+
+				Fail("short digest not caught");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		public override string Name
+		{
+			get { return "ShortenedDigest"; }
+		}
+
+		public static void Main(
+			string[]    args)
+		{
+			RunTest(new ShortenedDigestTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
\ No newline at end of file
diff --git a/crypto/test/src/crypto/test/SipHashTest.cs b/crypto/test/src/crypto/test/SipHashTest.cs
new file mode 100644
index 000000000..81b6f64ae
--- /dev/null
+++ b/crypto/test/src/crypto/test/SipHashTest.cs
@@ -0,0 +1,76 @@
+using System;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /// <summary>
+    /// SipHash test values from "SipHash: a fast short-input PRF", by Jean-Philippe
+    /// Aumasson and Daniel J. Bernstein (https://131002.net/siphash/siphash.pdf), Appendix A.
+    /// </summary>
+    [TestFixture]
+    public class SipHashTest
+        : SimpleTest
+    {
+        public override string Name
+        {
+            get { return "SipHash"; }
+        }
+
+        public override void PerformTest()
+        {
+            byte[] key = Hex.Decode("000102030405060708090a0b0c0d0e0f");
+            byte[] input = Hex.Decode("000102030405060708090a0b0c0d0e");
+
+            long expected = unchecked((long)0xa129ca6149be45e5);
+
+            SipHash mac = new SipHash();
+            mac.Init(new KeyParameter(key));
+            mac.BlockUpdate(input, 0, input.Length);
+
+            long result = mac.DoFinal();
+            if (expected != result)
+            {
+                Fail("Result does not match expected value for DoFinal()");
+            }
+
+            // NOTE: Little-endian representation of 0xa129ca6149be45e5
+            byte[] expectedBytes = Hex.Decode("e545be4961ca29a1");
+
+            mac.BlockUpdate(input, 0, input.Length);
+
+            byte[] output = new byte[mac.GetMacSize()];
+            int len = mac.DoFinal(output, 0);
+            if (len != output.Length)
+            {
+                Fail("Result length does not equal GetMacSize() for DoFinal(byte[],int)");
+            }
+            if (!AreEqual(expectedBytes, output))
+            {
+                Fail("Result does not match expected value for DoFinal(byte[],int)");
+            }
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new SipHashTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/SkipjackTest.cs b/crypto/test/src/crypto/test/SkipjackTest.cs
new file mode 100644
index 000000000..d9fe6e4b4
--- /dev/null
+++ b/crypto/test/src/crypto/test/SkipjackTest.cs
@@ -0,0 +1,46 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    [TestFixture]
+    public class SkipjackTest
+		: CipherTest
+    {
+        public override string Name
+        {
+			get { return "SKIPJACK"; }
+        }
+
+        internal static SimpleTest[] tests = new SimpleTest[]{
+            new BlockCipherVectorTest(0, new SkipjackEngine(), new KeyParameter(Hex.Decode("00998877665544332211")), "33221100ddccbbaa", "2587cae27a12d300")};
+
+		public SkipjackTest()
+			: base(tests, new SkipjackEngine(), new KeyParameter(new byte[16]))
+		{
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            ITest test = new SkipjackTest();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/StreamCipherVectorTest.cs b/crypto/test/src/crypto/test/StreamCipherVectorTest.cs
new file mode 100644
index 000000000..ead2f16c3
--- /dev/null
+++ b/crypto/test/src/crypto/test/StreamCipherVectorTest.cs
@@ -0,0 +1,68 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    /**
+     * a basic test that takes a stream cipher, key parameter, and an input
+     * and output string.
+     */
+    public class StreamCipherVectorTest: ITest
+    {
+        int                 id;
+        IStreamCipher       cipher;
+        ICipherParameters    param;
+        byte[]              input;
+        byte[]              output;
+
+        public StreamCipherVectorTest(
+            int                 id,
+            IStreamCipher       cipher,
+            ICipherParameters    param,
+            string              input,
+            string              output)
+        {
+            this.id = id;
+            this.cipher = cipher;
+            this.param = param;
+            this.input = Hex.Decode(input);
+            this.output = Hex.Decode(output);
+        }
+
+		public string Name
+		{
+			get { return cipher.AlgorithmName + " Vector Test " + id; }
+		}
+
+		public ITestResult Perform()
+        {
+            cipher.Init(true, param);
+
+            byte[] outBytes = new byte[input.Length];
+
+            cipher.ProcessBytes(input, 0, input.Length, outBytes, 0);
+
+            if (!Arrays.AreEqual(outBytes, output))
+            {
+                return new SimpleTestResult(false, Name + ": failed - "
+					+ "expected " + Hex.ToHexString(output)
+					+ " got " + Hex.ToHexString(outBytes));
+            }
+
+            cipher.Init(false, param);
+
+            cipher.ProcessBytes(output, 0, output.Length, outBytes, 0);
+
+            if (!Arrays.AreEqual(input, outBytes))
+            {
+                return new SimpleTestResult(false, Name + ": failed reversal");
+            }
+
+            return new SimpleTestResult(true, Name + ": OKAY");
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/TEATest.cs b/crypto/test/src/crypto/test/TEATest.cs
new file mode 100644
index 000000000..525941dbf
--- /dev/null
+++ b/crypto/test/src/crypto/test/TEATest.cs
@@ -0,0 +1,59 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* TEA tester - based on C implementation results from http://www.simonshepherd.supanet.com/tea.htm
+	*/
+	[TestFixture]
+	public class TeaTest
+		: CipherTest
+	{
+		private static readonly SimpleTest[] tests =
+		{
+			new BlockCipherVectorTest(0, new TeaEngine(),
+				new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+				"0000000000000000","41ea3a0a94baa940"),
+			new BlockCipherVectorTest(1, new TeaEngine(),
+				new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+				"0102030405060708", "6a2f9cf3fccf3c55"),
+			new BlockCipherVectorTest(2, new TeaEngine(),
+				new KeyParameter(Hex.Decode("0123456712345678234567893456789A")),
+				"0000000000000000", "34e943b0900f5dcb"),
+			new BlockCipherVectorTest(3, new TeaEngine(),
+				new KeyParameter(Hex.Decode("0123456712345678234567893456789A")),
+				"0102030405060708", "773dc179878a81c0"),
+		};
+
+		public TeaTest()
+			: base(tests, new TeaEngine(), new KeyParameter(new byte[16]))
+		{
+		}
+
+		public override string Name
+		{
+			get { return "TEA"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new TeaTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/TigerDigestTest.cs b/crypto/test/src/crypto/test/TigerDigestTest.cs
new file mode 100644
index 000000000..6fec60185
--- /dev/null
+++ b/crypto/test/src/crypto/test/TigerDigestTest.cs
@@ -0,0 +1,140 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+
+    /**
+     * Tiger Digest Test
+     */
+    [TestFixture]
+    public class TigerDigestTest
+        : ITest
+    {
+        readonly static string[] messages =
+        {
+            "",
+            "abc",
+            "Tiger",
+            "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-",
+            "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvw",
+            "ABCDEFGHIJKLMNOPQRSTUVWXYZ=abcdefghijklmnopqrstuvwxyz+0123456789",
+            "Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham, proceedings of Fast Software Encryption 3, Cambridge, 1996.",
+            "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-"
+        };
+
+        readonly static string[] digests = {
+            "3293AC630C13F0245F92BBB1766E16167A4E58492DDE73F3",
+            "2AAB1484E8C158F2BFB8C5FF41B57A525129131C957B5F93",
+            "DD00230799F5009FEC6DEBC838BB6A27DF2B9D6F110C7937",
+            "F71C8583902AFB879EDFE610F82C0D4786A3A534504486B5",
+            "38F41D9D9A710A10C3727AC0DEEAA270727D9F926EC10139",
+            "48CEEB6308B87D46E95D656112CDF18D97915F9765658957",
+            "631ABDD103EB9A3D245B6DFD4D77B257FC7439501D1568DD",
+            "C54034E5B43EB8005848A7E0AE6AAC76E4FF590AE715FD25",
+            "C54034E5B43EB8005848A7E0AE6AAC76E4FF590AE715FD25"
+        };
+
+        readonly static string hash64k = "FDF4F5B35139F48E710E421BE5AF411DE1A8AAC333F26204";
+
+        public string Name
+        {
+			get { return "Tiger"; }
+        }
+
+		public ITestResult Perform()
+        {
+            IDigest digest = new TigerDigest();
+            byte[] resBuf = new byte[digest.GetDigestSize()];
+
+            for (int i = 0; i < messages.Length; i++)
+            {
+                byte[] m = Encoding.ASCII.GetBytes(messages[i]);
+                digest.BlockUpdate(m, 0, m.Length);
+                digest.DoFinal(resBuf, 0);
+
+                if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i])))
+                {
+                    return new SimpleTestResult(false, Name + ": Vector " + i + " failed got " + Hex.ToHexString(resBuf));
+                }
+            }
+
+            //
+            // test 2
+            //
+            byte[] mm = Encoding.ASCII.GetBytes(messages[messages.Length-1]);
+
+            digest.BlockUpdate(mm, 0, mm.Length/2);
+
+            // clone the IDigest
+            IDigest d = new TigerDigest((TigerDigest)digest);
+
+            digest.BlockUpdate(mm, mm.Length/2, mm.Length - mm.Length/2);
+            digest.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[digests.Length-1])))
+            {
+                return new SimpleTestResult(false,
+                    "Tiger failing clone test"
+                    + SimpleTest.NewLine
+                    + "    expected: " + digests[digests.Length-1]
+                    + SimpleTest.NewLine
+                    + "    got     : " + Hex.ToHexString(resBuf));
+            }
+
+            d.BlockUpdate(mm, mm.Length/2, mm.Length - mm.Length/2);
+            d.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[digests.Length-1])))
+            {
+                return new SimpleTestResult(false,
+                    "Tiger failing clone test - part 2"
+                    + SimpleTest.NewLine
+                    + "    expected: " +  digests[digests.Length-1]
+                    + SimpleTest.NewLine
+                    + "    got     : " + Hex.ToHexString(resBuf));
+            }
+
+            for (int i = 0; i < 65536; i++)
+            {
+                digest.Update((byte)(i & 0xff));
+            }
+            digest.DoFinal(resBuf, 0);
+
+            if (!Arrays.AreEqual(resBuf, Hex.Decode(hash64k)))
+            {
+                return new SimpleTestResult(false, Name + ": Million a's failed");
+            }
+
+            return new SimpleTestResult(true, Name + ": Okay");
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            ITest test = new TigerDigestTest();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/TwofishTest.cs b/crypto/test/src/crypto/test/TwofishTest.cs
new file mode 100644
index 000000000..9425d2e60
--- /dev/null
+++ b/crypto/test/src/crypto/test/TwofishTest.cs
@@ -0,0 +1,54 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+    [TestFixture]
+    public class TwofishTest
+		: CipherTest
+    {
+        public override string Name
+        {
+			get { return "Twofish"; }
+        }
+
+        internal static string key1 = "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f";
+        internal static string key2 = "000102030405060708090a0b0c0d0e0f1011121314151617";
+        internal static string key3 = "000102030405060708090a0b0c0d0e0f";
+
+        internal static string input = "000102030405060708090A0B0C0D0E0F";
+
+        internal static SimpleTest[] tests = new SimpleTest[]{
+            new BlockCipherVectorTest(0, new TwofishEngine(), new KeyParameter(Hex.Decode(key1)), input, "8ef0272c42db838bcf7b07af0ec30f38"),
+            new BlockCipherVectorTest(1, new TwofishEngine(), new KeyParameter(Hex.Decode(key2)), input, "95accc625366547617f8be4373d10cd7"),
+            new BlockCipherVectorTest(2, new TwofishEngine(), new KeyParameter(Hex.Decode(key3)), input, "9fb63337151be9c71306d159ea7afaa4")};
+
+        public TwofishTest()
+			: base(tests, new TwofishEngine(), new KeyParameter(new byte[32]))
+		{
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            ITest test = new TwofishTest();
+            ITestResult result = test.Perform();
+
+            Console.WriteLine(result);
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/crypto/test/VMPCKSA3Test.cs b/crypto/test/src/crypto/test/VMPCKSA3Test.cs
new file mode 100644
index 000000000..a25105b77
--- /dev/null
+++ b/crypto/test/src/crypto/test/VMPCKSA3Test.cs
@@ -0,0 +1,112 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* VMPC Test
+	*/
+	[TestFixture]
+	public class VmpcKsa3Test
+		: SimpleTest
+	{
+		private static readonly byte[] input = new byte[1000000];
+
+		public override string Name
+		{
+			get { return "VMPC-KSA3"; }
+		}
+
+		private void checkByte(byte[] array, int position, byte b)
+		{
+			if (array[position] != b)
+			{
+				Fail("Fail on position " + position,
+					Hex.ToHexString(new byte[] { b }),
+					Hex.ToHexString(new byte[] { array[position] }));
+			}
+		}
+
+		public override void PerformTest()
+		{
+			byte[] key = Hex.Decode("9661410AB797D8A9EB767C21172DF6C7");
+			byte[] iv = Hex.Decode("4B5C2F003E67F39557A8D26F3DA2B155");
+			ICipherParameters kp = new KeyParameter(key);
+			ICipherParameters kpwiv = new ParametersWithIV(kp, iv);
+
+			VmpcKsa3Engine engine = new VmpcKsa3Engine();
+
+			try
+			{
+				engine.Init(true, kp);
+				Fail("Init failed to throw expected exception");
+			}
+			catch (ArgumentException)
+			{
+				// Expected
+			}
+
+			engine.Init(true, kpwiv);
+			checkEngine(engine);
+
+			engine.Reset();
+			byte[] output = checkEngine(engine);
+
+			engine.Init(false, kpwiv);
+			byte[] recovered = new byte[output.Length];
+			engine.ProcessBytes(output, 0, output.Length, recovered, 0);
+
+			if (!Arrays.AreEqual(input, recovered))
+			{
+				Fail("decrypted bytes differ from original bytes");
+			}
+		}
+
+		private byte[] checkEngine(VmpcKsa3Engine engine)
+		{
+			byte[] output = new byte[input.Length];
+			engine.ProcessBytes(input, 0, output.Length, output, 0);
+
+			checkByte(output, 0, (byte) 0xB6);
+			checkByte(output, 1, (byte) 0xEB);
+			checkByte(output, 2, (byte) 0xAE);
+			checkByte(output, 3, (byte) 0xFE);
+			checkByte(output, 252, (byte) 0x48);
+			checkByte(output, 253, (byte) 0x17);
+			checkByte(output, 254, (byte) 0x24);
+			checkByte(output, 255, (byte) 0x73);
+			checkByte(output, 1020, (byte) 0x1D);
+			checkByte(output, 1021, (byte) 0xAE);
+			checkByte(output, 1022, (byte) 0xC3);
+			checkByte(output, 1023, (byte) 0x5A);
+			checkByte(output, 102396, (byte) 0x1D);
+			checkByte(output, 102397, (byte) 0xA7);
+			checkByte(output, 102398, (byte) 0xE1);
+			checkByte(output, 102399, (byte) 0xDC);
+
+			return output;
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new VmpcKsa3Test());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/VMPCMacTest.cs b/crypto/test/src/crypto/test/VMPCMacTest.cs
new file mode 100644
index 000000000..0ddb5506f
--- /dev/null
+++ b/crypto/test/src/crypto/test/VMPCMacTest.cs
@@ -0,0 +1,68 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	[TestFixture]
+	public class VmpcMacTest
+		: SimpleTest
+	{
+		public override string Name
+		{
+			get { return "VMPC-MAC"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new VmpcMacTest());
+		}
+
+		private static byte[] output1 = Hex.Decode("9BDA16E2AD0E284774A3ACBC8835A8326C11FAAD");
+
+		public override void PerformTest()
+		{
+			ICipherParameters kp = new KeyParameter(
+				Hex.Decode("9661410AB797D8A9EB767C21172DF6C7"));
+			ICipherParameters kpwiv = new ParametersWithIV(kp,
+				Hex.Decode("4B5C2F003E67F39557A8D26F3DA2B155"));
+
+			byte[] m = new byte[256];
+			for (int i = 0; i < 256; i++)
+			{
+				m[i] = (byte) i;
+			}
+
+			VmpcMac mac = new VmpcMac();
+			mac.Init(kpwiv);
+
+			mac.BlockUpdate(m, 0, m.Length);
+
+			byte[] output = new byte[20];
+			mac.DoFinal(output, 0);
+
+			if (!Arrays.AreEqual(output, output1))
+			{
+				Fail("Fail",
+					Hex.ToHexString(output1),
+					Hex.ToHexString(output));
+			}
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/VMPCTest.cs b/crypto/test/src/crypto/test/VMPCTest.cs
new file mode 100644
index 000000000..6186c4733
--- /dev/null
+++ b/crypto/test/src/crypto/test/VMPCTest.cs
@@ -0,0 +1,112 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* VMPC Test
+	*/
+	[TestFixture]
+	public class VmpcTest
+		: SimpleTest
+	{
+		private static readonly byte[] input = new byte[1000000];
+
+		public override string Name
+		{
+			get { return "VMPC"; }
+		}
+
+		private void checkByte(byte[] array, int position, byte b)
+		{
+			if (array[position] != b)
+			{
+				Fail("Fail on position " + position,
+					Hex.ToHexString(new byte[] { b }),
+					Hex.ToHexString(new byte[] { array[position] }));
+			}
+		}
+
+		public override void PerformTest()
+		{
+			byte[] key = Hex.Decode("9661410AB797D8A9EB767C21172DF6C7");
+			byte[] iv = Hex.Decode("4B5C2F003E67F39557A8D26F3DA2B155");
+			ICipherParameters kp = new KeyParameter(key);
+			ICipherParameters kpwiv = new ParametersWithIV(kp, iv);
+
+			VmpcEngine engine = new VmpcEngine();
+
+			try
+			{
+				engine.Init(true, kp);
+				Fail("Init failed to throw expected exception");
+			}
+			catch (ArgumentException)
+			{
+				// Expected
+			}
+
+			engine.Init(true, kpwiv);
+			checkEngine(engine);
+
+			engine.Reset();
+			byte[] output = checkEngine(engine);
+
+			engine.Init(false, kpwiv);
+			byte[] recovered = new byte[output.Length];
+			engine.ProcessBytes(output, 0, output.Length, recovered, 0);
+
+			if (!Arrays.AreEqual(input, recovered))
+			{
+				Fail("decrypted bytes differ from original bytes");
+			}
+		}
+
+		private byte[] checkEngine(VmpcEngine engine)
+		{
+			byte[] output = new byte[input.Length];
+			engine.ProcessBytes(input, 0, output.Length, output, 0);
+
+			checkByte(output, 0, (byte) 0xA8);
+			checkByte(output, 1, (byte) 0x24);
+			checkByte(output, 2, (byte) 0x79);
+			checkByte(output, 3, (byte) 0xF5);
+			checkByte(output, 252, (byte) 0xB8);
+			checkByte(output, 253, (byte) 0xFC);
+			checkByte(output, 254, (byte) 0x66);
+			checkByte(output, 255, (byte) 0xA4);
+			checkByte(output, 1020, (byte) 0xE0);
+			checkByte(output, 1021, (byte) 0x56);
+			checkByte(output, 1022, (byte) 0x40);
+			checkByte(output, 1023, (byte) 0xA5);
+			checkByte(output, 102396, (byte) 0x81);
+			checkByte(output, 102397, (byte) 0xCA);
+			checkByte(output, 102398, (byte) 0x49);
+			checkByte(output, 102399, (byte) 0x9A);
+
+			return output;
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new VmpcTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/WhirlpoolDigestTest.cs b/crypto/test/src/crypto/test/WhirlpoolDigestTest.cs
new file mode 100644
index 000000000..865408f6a
--- /dev/null
+++ b/crypto/test/src/crypto/test/WhirlpoolDigestTest.cs
@@ -0,0 +1,147 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	 * ISO vector test for Whirlpool
+	 *
+	 */
+	[TestFixture]
+	public class WhirlpoolDigestTest
+		: SimpleTest
+	{
+		private static string[][] _isoVectors =
+		{
+			new string[]
+			{
+				"",
+				"19FA61D75522A4669B44E39C1D2E1726C530232130D407F89AFEE0964997F7A73E83BE698B288FEBCF88E3E03C4F0757EA8964E59B63D93708B138CC42A66EB3"
+			},
+			new string[]
+			{
+				"a",
+				"8ACA2602792AEC6F11A67206531FB7D7F0DFF59413145E6973C45001D0087B42D11BC645413AEFF63A42391A39145A591A92200D560195E53B478584FDAE231A"
+			},
+			new string[]
+			{
+				"abc",
+				"4E2448A4C6F486BB16B6562C73B4020BF3043E3A731BCE721AE1B303D97E6D4C7181EEBDB6C57E277D0E34957114CBD6C797FC9D95D8B582D225292076D4EEF5"
+			},
+			new string[]
+			{
+				"message digest",
+				"378C84A4126E2DC6E56DCC7458377AAC838D00032230F53CE1F5700C0FFB4D3B8421557659EF55C106B4B52AC5A4AAA692ED920052838F3362E86DBD37A8903E"
+			},
+			new string[]
+			{
+				"abcdefghijklmnopqrstuvwxyz",
+				"F1D754662636FFE92C82EBB9212A484A8D38631EAD4238F5442EE13B8054E41B08BF2A9251C30B6A0B8AAE86177AB4A6F68F673E7207865D5D9819A3DBA4EB3B"
+			},
+			new string[]
+			{
+				"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+				"DC37E008CF9EE69BF11F00ED9ABA26901DD7C28CDEC066CC6AF42E40F82F3A1E08EBA26629129D8FB7CB57211B9281A65517CC879D7B962142C65F5A7AF01467"
+			},
+			new string[]
+			{
+				"12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+				"466EF18BABB0154D25B9D38A6414F5C08784372BCCB204D6549C4AFADB6014294D5BD8DF2A6C44E538CD047B2681A51A2C60481E88C5A20B2C2A80CF3A9A083B"
+			},
+			new string[]
+			{
+				"abcdbcdecdefdefgefghfghighijhijk",
+				"2A987EA40F917061F5D6F0A0E4644F488A7A5A52DEEE656207C562F988E95C6916BDC8031BC5BE1B7B947639FE050B56939BAAA0ADFF9AE6745B7B181C3BE3FD"
+			}
+		};
+
+		private static string _millionAResultVector = "0C99005BEB57EFF50A7CF005560DDF5D29057FD86B20BFD62DECA0F1CCEA4AF51FC15490EDDC47AF32BB2B66C34FF9AD8C6008AD677F77126953B226E4ED8B01";
+
+		private static string _thirtyOneZeros = "3E3F188F8FEBBEB17A933FEAF7FE53A4858D80C915AD6A1418F0318E68D49B4E459223CD414E0FBC8A57578FD755D86E827ABEF4070FC1503E25D99E382F72BA";
+
+		public override string Name
+		{
+			get
+			{
+				return "Whirlpool";
+			}
+		}
+
+		public override void PerformTest()
+		{
+			for (int i = 0; i < _isoVectors.Length; i++)
+			{
+				performStandardVectorTest("ISO vector test ["+i+"]", _isoVectors[i][0],
+					_isoVectors[i][1]);
+			}
+
+			byte[] thirtyOneZeros = new byte[31];
+			performStandardVectorTest("31 zeroes test",
+				thirtyOneZeros, _thirtyOneZeros);
+
+			byte[] millionAInByteArray = new byte[1000000];
+//			Arrays.fill(millionAInByteArray, (byte)'a');
+			for (int ai = 0; ai < millionAInByteArray.Length; ++ai)
+			{
+				millionAInByteArray[ai] = (byte) 'a';
+			}
+
+			performStandardVectorTest("Million 'a' test",
+				millionAInByteArray, _millionAResultVector);
+		}
+
+		private void performStandardVectorTest(string testTitle, byte[] inputBytes,
+			string resultsAsHex)
+		{
+			doPerformTest(testTitle, inputBytes, resultsAsHex);
+		}
+
+		private void doPerformTest(string testTitle, byte[] inputBytes, string resultsAsHex)
+		{
+			string resStr = createHexOutputFromDigest(inputBytes);
+			if (resultsAsHex != resStr.ToUpper())
+			{
+				Fail(testTitle, resultsAsHex, resStr);
+			}
+		}
+
+		private void performStandardVectorTest(string testTitle, string inputBytesAsString,
+			string resultsAsHex)
+		{
+			doPerformTest(testTitle, Encoding.ASCII.GetBytes(inputBytesAsString), resultsAsHex);
+		}
+
+		private string createHexOutputFromDigest(byte[] digestBytes)
+		{
+			IDigest digest = new WhirlpoolDigest();
+			byte[] resBuf = new byte[digest.GetDigestSize()];
+			digest.BlockUpdate(digestBytes, 0, digestBytes.Length);
+			digest.DoFinal(resBuf, 0);
+			return Hex.ToHexString(resBuf);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			WhirlpoolDigestTest test = new WhirlpoolDigestTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/crypto/test/XTEATest.cs b/crypto/test/src/crypto/test/XTEATest.cs
new file mode 100644
index 000000000..a1ea65298
--- /dev/null
+++ b/crypto/test/src/crypto/test/XTEATest.cs
@@ -0,0 +1,59 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Crypto.Tests
+{
+	/**
+	* TEA tester - based on C implementation results from http://www.simonshepherd.supanet.com/tea.htm
+	*/
+	[TestFixture]
+	public class XteaTest
+		: CipherTest
+	{
+		private static readonly SimpleTest[] tests =
+		{
+			new BlockCipherVectorTest(0, new XteaEngine(),
+				new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+				"0000000000000000", "dee9d4d8f7131ed9"),
+			new BlockCipherVectorTest(1, new XteaEngine(),
+				new KeyParameter(Hex.Decode("00000000000000000000000000000000")),
+				"0102030405060708", "065c1b8975c6a816"),
+			new BlockCipherVectorTest(2, new XteaEngine(),
+				new KeyParameter(Hex.Decode("0123456712345678234567893456789A")),
+				"0000000000000000", "1ff9a0261ac64264"),
+			new BlockCipherVectorTest(3, new XteaEngine(),
+				new KeyParameter(Hex.Decode("0123456712345678234567893456789A")),
+				"0102030405060708", "8c67155b2ef91ead"),
+		};
+
+		public XteaTest()
+			: base(tests, new XteaEngine(), new KeyParameter(new byte[16]))
+		{
+		}
+
+		public override string Name
+		{
+			get { return "XTEA"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new XteaTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/math/ec/test/AllTests.cs b/crypto/test/src/math/ec/test/AllTests.cs
new file mode 100644
index 000000000..f5d7d2249
--- /dev/null
+++ b/crypto/test/src/math/ec/test/AllTests.cs
@@ -0,0 +1,27 @@
+using System;
+
+using NUnit.Core;
+using NUnit.Framework;
+
+namespace Org.BouncyCastle.Math.EC.Tests
+{
+    public class AllTests
+    {
+        public static void Main(
+			string[] args)
+        {
+//            junit.textui.TestRunner.run(suite());
+            EventListener el = new NullListener();
+            suite().Run(el);
+        }
+
+        public static TestSuite suite()
+        {
+			TestSuite suite = new TestSuite("EC Math tests");
+
+			suite.Add(new ECPointTest());
+
+			return suite;
+        }
+    }
+}
diff --git a/crypto/test/src/math/ec/test/ECPointPerformanceTest.cs b/crypto/test/src/math/ec/test/ECPointPerformanceTest.cs
new file mode 100644
index 000000000..e71ee653a
--- /dev/null
+++ b/crypto/test/src/math/ec/test/ECPointPerformanceTest.cs
@@ -0,0 +1,73 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Date;
+
+namespace Org.BouncyCastle.Math.EC.Tests
+{
+	/**
+	* Compares the performance of the the window NAF point multiplication against
+	* conventional point multiplication.
+	*/
+	[TestFixture, Explicit]
+	public class ECPointPerformanceTest
+	{
+		public const int NUM_ROUNDS = 100;
+
+		private void randMult(string curveName)
+		{
+			X9ECParameters spec = SecNamedCurves.GetByName(curveName);
+
+			BigInteger n = spec.N;
+			ECPoint g = (ECPoint) spec.G;
+			SecureRandom random = new SecureRandom(); //SecureRandom.getInstance("SHA1PRNG", "SUN");
+			BigInteger k = new BigInteger(n.BitLength - 1, random);
+
+			ECPoint qMultiply = null;
+			long startTime = DateTimeUtilities.CurrentUnixMs();
+			for (int i = 0; i < NUM_ROUNDS; i++)
+			{
+				qMultiply = g.Multiply(k);
+			}
+			long endTime = DateTimeUtilities.CurrentUnixMs();
+
+			double avgDuration = (double) (endTime - startTime) / NUM_ROUNDS;
+			Console.WriteLine(curveName);
+			Console.Write("Millis   : ");
+			Console.WriteLine(avgDuration);
+			Console.WriteLine();
+		}
+
+		[Test]
+		public void TestMultiply()
+		{
+			randMult("sect163k1");
+			randMult("sect163r2");
+			randMult("sect233k1");
+			randMult("sect233r1");
+			randMult("sect283k1");
+			randMult("sect283r1");
+			randMult("sect409k1");
+			randMult("sect409r1");
+			randMult("sect571k1");
+			randMult("sect571r1");
+			randMult("secp224k1");
+			randMult("secp224r1");
+			randMult("secp256k1");
+			randMult("secp256r1");
+			randMult("secp521r1");
+		}
+
+		// public static void Main(string argv[])
+		// {
+		// ECMultiplyPerformanceTest test = new ECMultiplyPerformanceTest();
+		// Test.testMultiply();
+		// }
+	}
+}
diff --git a/crypto/test/src/math/ec/test/ECPointTest.cs b/crypto/test/src/math/ec/test/ECPointTest.cs
new file mode 100644
index 000000000..4c8b2d8fc
--- /dev/null
+++ b/crypto/test/src/math/ec/test/ECPointTest.cs
@@ -0,0 +1,451 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Math.EC.Tests
+{
+	/**
+	 * Test class for {@link org.bouncycastle.math.ec.ECPoint ECPoint}. All
+	 * literature values are taken from "Guide to elliptic curve cryptography",
+	 * Darrel Hankerson, Alfred J. Menezes, Scott Vanstone, 2004, Springer-Verlag
+	 * New York, Inc.
+	 */
+	[TestFixture]
+	public class ECPointTest
+	{
+		/**
+		 * Random source used to generate random points
+		 */
+		private SecureRandom secRand = new SecureRandom();
+
+//		private ECPointTest.Fp fp = null;
+
+//		private ECPointTest.F2m f2m = null;
+
+		/**
+		 * Nested class containing sample literature values for <code>Fp</code>.
+		 */
+		public class Fp
+		{
+			internal static readonly BigInteger q = new BigInteger("29");
+
+			internal static readonly BigInteger a = new BigInteger("4");
+
+			internal static readonly BigInteger b = new BigInteger("20");
+
+			internal static readonly FpCurve curve = new FpCurve(q, a, b);
+
+			internal static readonly FpPoint infinity = (FpPoint) curve.Infinity;
+
+			internal static readonly int[] pointSource = { 5, 22, 16, 27, 13, 6, 14, 6 };
+
+			internal static FpPoint[] p = new FpPoint[pointSource.Length / 2];
+
+			/**
+			 * Creates the points on the curve with literature values.
+			 */
+			internal static void createPoints()
+			{
+				for (int i = 0; i < pointSource.Length / 2; i++)
+				{
+					FpFieldElement x = new FpFieldElement(q, new BigInteger(
+						pointSource[2 * i].ToString()));
+					FpFieldElement y = new FpFieldElement(q, new BigInteger(
+						pointSource[2 * i + 1].ToString()));
+					p[i] = new FpPoint(curve, x, y);
+				}
+			}
+		}
+
+		/**
+		 * Nested class containing sample literature values for <code>F2m</code>.
+		 */
+		public class F2m
+		{
+			// Irreducible polynomial for TPB z^4 + z + 1
+			internal const int m = 4;
+
+			internal const int k1 = 1;
+
+			// a = z^3
+			internal static readonly F2mFieldElement aTpb = new F2mFieldElement(m, k1,
+				new BigInteger("8", 16));
+
+			// b = z^3 + 1
+			internal static readonly F2mFieldElement bTpb = new F2mFieldElement(m, k1,
+				new BigInteger("9", 16));
+
+			internal static readonly F2mCurve curve = new F2mCurve(m, k1, aTpb
+				.ToBigInteger(), bTpb.ToBigInteger());
+
+			internal static readonly F2mPoint infinity = (F2mPoint) curve.Infinity;
+
+			internal static readonly string[] pointSource = { "2", "f", "c", "c", "1", "1", "b", "2" };
+
+			internal static F2mPoint[] p = new F2mPoint[pointSource.Length / 2];
+
+			/**
+			 * Creates the points on the curve with literature values.
+			 */
+			internal static void createPoints()
+			{
+				for (int i = 0; i < pointSource.Length / 2; i++)
+				{
+					F2mFieldElement x = new F2mFieldElement(m, k1,
+						new BigInteger(pointSource[2 * i], 16));
+					F2mFieldElement y = new F2mFieldElement(m, k1,
+						new BigInteger(pointSource[2 * i + 1], 16));
+					p[i] = new F2mPoint(curve, x, y);
+				}
+			}
+		}
+
+		[SetUp]
+		public void setUp()
+		{
+//			fp = new ECPointTest.Fp();
+			Fp.createPoints();
+
+//			f2m = new ECPointTest.F2m();
+			F2m.createPoints();
+		}
+
+		/**
+		 * Tests, if inconsistent points can be created, i.e. points with exactly
+		 * one null coordinate (not permitted).
+		 */
+		[Test]
+		public void TestPointCreationConsistency()
+		{
+			try
+			{
+				FpPoint bad = new FpPoint(Fp.curve, new FpFieldElement(
+					Fp.q, new BigInteger("12")), null);
+				Assert.Fail();
+			}
+			catch (ArgumentException)
+			{
+				// Expected
+			}
+
+			try
+			{
+				FpPoint bad = new FpPoint(Fp.curve, null,
+					new FpFieldElement(Fp.q, new BigInteger("12")));
+				Assert.Fail();
+			}
+			catch (ArgumentException)
+			{
+				// Expected
+			}
+
+			try
+			{
+				F2mPoint bad = new F2mPoint(F2m.curve, new F2mFieldElement(
+					F2m.m, F2m.k1, new BigInteger("1011")), null);
+				Assert.Fail();
+			}
+			catch (ArgumentException)
+			{
+				// Expected
+			}
+
+			try
+			{
+				F2mPoint bad = new F2mPoint(F2m.curve, null,
+					new F2mFieldElement(F2m.m, F2m.k1,
+					new BigInteger("1011")));
+				Assert.Fail();
+			}
+			catch (ArgumentException)
+			{
+				// Expected
+			}
+		}
+
+		/**
+		 * Tests <code>ECPoint.add()</code> against literature values.
+		 *
+		 * @param p
+		 *            The array of literature values.
+		 * @param infinity
+		 *            The point at infinity on the respective curve.
+		 */
+		private void implTestAdd(ECPoint[] p, ECPoint infinity)
+		{
+			Assert.AreEqual(p[2], p[0].Add(p[1]), "p0 plus p1 does not equal p2");
+			Assert.AreEqual(p[2], p[1].Add(p[0]), "p1 plus p0 does not equal p2");
+			for (int i = 0; i < p.Length; i++)
+			{
+				Assert.AreEqual(p[i], p[i].Add(infinity), "Adding infinity failed");
+				Assert.AreEqual(p[i], infinity.Add(p[i]), "Adding to infinity failed");
+			}
+		}
+
+		/**
+		 * Calls <code>implTestAdd()</code> for <code>Fp</code> and
+		 * <code>F2m</code>.
+		 */
+		[Test]
+		public void TestAdd()
+		{
+			implTestAdd(Fp.p, Fp.infinity);
+			implTestAdd(F2m.p, F2m.infinity);
+		}
+
+		/**
+		 * Tests <code>ECPoint.twice()</code> against literature values.
+		 *
+		 * @param p
+		 *            The array of literature values.
+		 */
+		private void implTestTwice(ECPoint[] p)
+		{
+			Assert.AreEqual(p[3], p[0].Twice(), "Twice incorrect");
+			Assert.AreEqual(p[3], p[0].Add(p[0]), "Add same point incorrect");
+		}
+
+		/**
+		 * Calls <code>implTestTwice()</code> for <code>Fp</code> and
+		 * <code>F2m</code>.
+		 */
+		[Test]
+		public void TestTwice()
+		{
+			implTestTwice(Fp.p);
+			implTestTwice(F2m.p);
+		}
+
+		/**
+		 * Goes through all points on an elliptic curve and checks, if adding a
+		 * point <code>k</code>-times is the same as multiplying the point by
+		 * <code>k</code>, for all <code>k</code>. Should be called for points
+		 * on very small elliptic curves only.
+		 *
+		 * @param p
+		 *            The base point on the elliptic curve.
+		 * @param infinity
+		 *            The point at infinity on the elliptic curve.
+		 */
+		private void implTestAllPoints(ECPoint p, ECPoint infinity)
+		{
+			ECPoint adder = infinity;
+			ECPoint multiplier = infinity;
+			int i = 1;
+			do
+			{
+				adder = adder.Add(p);
+				multiplier = p.Multiply(new BigInteger(i.ToString()));
+				Assert.AreEqual(adder, multiplier,
+					"Results of add() and multiply() are inconsistent " + i);
+				i++;
+			}
+			while (!(adder.Equals(infinity)));
+		}
+
+		/**
+		 * Calls <code>implTestAllPoints()</code> for the small literature curves,
+		 * both for <code>Fp</code> and <code>F2m</code>.
+		 */
+		[Test]
+		public void TestAllPoints()
+		{
+			for (int i = 0; i < Fp.p.Length; i++)
+			{
+				implTestAllPoints(Fp.p[0], Fp.infinity);
+			}
+
+			for (int i = 0; i < F2m.p.Length; i++)
+			{
+				implTestAllPoints(F2m.p[0], F2m.infinity);
+			}
+		}
+
+		/**
+		 * Simple shift-and-add multiplication. Serves as reference implementation
+		 * to verify (possibly faster) implementations in
+		 * {@link org.bouncycastle.math.ec.ECPoint ECPoint}.
+		 *
+		 * @param p
+		 *            The point to multiply.
+		 * @param k
+		 *            The multiplier.
+		 * @return The result of the point multiplication <code>kP</code>.
+		 */
+		private ECPoint multiply(ECPoint p, BigInteger k)
+		{
+			ECPoint q = p.Curve.Infinity;
+			int t = k.BitLength;
+			for (int i = 0; i < t; i++)
+			{
+				if (k.TestBit(i))
+				{
+					q = q.Add(p);
+				}
+				p = p.Twice();
+			}
+			return q;
+		}
+
+		/**
+		 * Checks, if the point multiplication algorithm of the given point yields
+		 * the same result as point multiplication done by the reference
+		 * implementation given in <code>multiply()</code>. This method chooses a
+		 * random number by which the given point <code>p</code> is multiplied.
+		 *
+		 * @param p
+		 *            The point to be multiplied.
+		 * @param numBits
+		 *            The bitlength of the random number by which <code>p</code>
+		 *            is multiplied.
+		 */
+		private void implTestMultiply(ECPoint p, int numBits)
+		{
+			BigInteger k = new BigInteger(numBits, secRand);
+			ECPoint reff = multiply(p, k);
+			ECPoint q = p.Multiply(k);
+			Assert.AreEqual(reff, q, "ECPoint.multiply is incorrect");
+		}
+
+		/**
+		 * Checks, if the point multiplication algorithm of the given point yields
+		 * the same result as point multiplication done by the reference
+		 * implementation given in <code>multiply()</code>. This method tests
+		 * multiplication of <code>p</code> by every number of bitlength
+		 * <code>numBits</code> or less.
+		 *
+		 * @param p
+		 *            The point to be multiplied.
+		 * @param numBits
+		 *            Try every multiplier up to this bitlength
+		 */
+		private void implTestMultiplyAll(ECPoint p, int numBits)
+		{
+			BigInteger bound = BigInteger.Two.Pow(numBits);
+			BigInteger k = BigInteger.Zero;
+
+			do
+			{
+				ECPoint reff = multiply(p, k);
+				ECPoint q = p.Multiply(k);
+				Assert.AreEqual(reff, q, "ECPoint.multiply is incorrect");
+				k = k.Add(BigInteger.One);
+			}
+			while (k.CompareTo(bound) < 0);
+		}
+
+		/**
+		 * Tests <code>ECPoint.add()</code> and <code>ECPoint.subtract()</code>
+		 * for the given point and the given point at infinity.
+		 *
+		 * @param p
+		 *            The point on which the tests are performed.
+		 * @param infinity
+		 *            The point at infinity on the same curve as <code>p</code>.
+		 */
+		private void implTestAddSubtract(ECPoint p, ECPoint infinity)
+		{
+			Assert.AreEqual(p.Twice(), p.Add(p), "Twice and Add inconsistent");
+			Assert.AreEqual(p, p.Twice().Subtract(p), "Twice p - p is not p");
+			Assert.AreEqual(infinity, p.Subtract(p), "p - p is not infinity");
+			Assert.AreEqual(p, p.Add(infinity), "p plus infinity is not p");
+			Assert.AreEqual(p, infinity.Add(p), "infinity plus p is not p");
+			Assert.AreEqual(infinity, infinity.Add(infinity), "infinity plus infinity is not infinity ");
+		}
+
+		/**
+		 * Calls <code>implTestAddSubtract()</code> for literature values, both
+		 * for <code>Fp</code> and <code>F2m</code>.
+		 */
+		[Test]
+		public void TestAddSubtractMultiplySimple()
+		{
+			for (int iFp = 0; iFp < Fp.pointSource.Length / 2; iFp++)
+			{
+				implTestAddSubtract(Fp.p[iFp], Fp.infinity);
+
+				// Could be any numBits, 6 is chosen at will
+				implTestMultiplyAll(Fp.p[iFp], 6);
+				implTestMultiplyAll(Fp.infinity, 6);
+			}
+
+			for (int iF2m = 0; iF2m < F2m.pointSource.Length / 2; iF2m++)
+			{
+				implTestAddSubtract(F2m.p[iF2m], F2m.infinity);
+
+				// Could be any numBits, 6 is chosen at will
+				implTestMultiplyAll(F2m.p[iF2m], 6);
+				implTestMultiplyAll(F2m.infinity, 6);
+			}
+		}
+
+		/**
+		 * Test encoding with and without point compression.
+		 *
+		 * @param p
+		 *            The point to be encoded and decoded.
+		 */
+		private void implTestEncoding(ECPoint p)
+		{
+			// Not Point Compression
+			ECPoint unCompP;
+
+			// Point compression
+			ECPoint compP;
+
+			if (p is FpPoint)
+			{
+				unCompP = new FpPoint(p.Curve, p.X, p.Y, false);
+				compP = new FpPoint(p.Curve, p.X, p.Y, true);
+			}
+			else
+			{
+				unCompP = new F2mPoint(p.Curve, p.X, p.Y, false);
+				compP = new F2mPoint(p.Curve, p.X, p.Y, true);
+			}
+
+			byte[] unCompBarr = unCompP.GetEncoded();
+			ECPoint decUnComp = p.Curve.DecodePoint(unCompBarr);
+			Assert.AreEqual(p, decUnComp, "Error decoding uncompressed point");
+
+			byte[] compBarr = compP.GetEncoded();
+			ECPoint decComp = p.Curve.DecodePoint(compBarr);
+			Assert.AreEqual(p, decComp, "Error decoding compressed point");
+		}
+
+		/**
+		 * Calls <code>implTestAddSubtract()</code>,
+		 * <code>implTestMultiply</code> and <code>implTestEncoding</code> for
+		 * the standard elliptic curves as given in <code>SecNamedCurves</code>.
+		 */
+		[Test]
+		public void TestAddSubtractMultiplyTwiceEncoding()
+		{
+			foreach (string name in SecNamedCurves.Names)
+			{
+				X9ECParameters x9ECParameters = SecNamedCurves.GetByName(name);
+
+				BigInteger n = x9ECParameters.N;
+
+				// The generator is multiplied by random b to get random q
+				BigInteger b = new BigInteger(n.BitLength, secRand);
+				ECPoint g = x9ECParameters.G;
+				ECPoint q = g.Multiply(b);
+
+				// Get point at infinity on the curve
+				ECPoint infinity = x9ECParameters.Curve.Infinity;
+
+				implTestAddSubtract(q, infinity);
+				implTestMultiply(q, n.BitLength);
+				implTestMultiply(infinity, n.BitLength);
+				implTestEncoding(q);
+			}
+		}
+	}
+}
\ No newline at end of file
diff --git a/crypto/test/src/math/ec/test/F2mProofer.cs b/crypto/test/src/math/ec/test/F2mProofer.cs
new file mode 100644
index 000000000..88e868c34
--- /dev/null
+++ b/crypto/test/src/math/ec/test/F2mProofer.cs
@@ -0,0 +1,201 @@
+// TODO Need a replacement for the Java properties class to finish this class
+
+//using System;
+//using System.IO;
+//using System.Text;
+//
+//using Org.BouncyCastle.Asn1.Sec;
+//using Org.BouncyCastle.Asn1.X9;
+//using Org.BouncyCastle.Math.EC;
+//using Org.BouncyCastle.Security;
+//
+//namespace Org.BouncyCastle.Math.EC.Tests
+//{
+//	public class F2mProofer
+//	{
+//		private const int NUM_SAMPLES = 1000;
+//
+//		private static readonly string PATH = "crypto/test/src/org/bouncycastle/math/ec/test/samples/";
+//
+//		private static readonly string INPUT_FILE_NAME_PREFIX = "Input_";
+//
+//		private static readonly string RESULT_FILE_NAME_PREFIX = "Output_";
+//
+//		/**
+//		* The standard curves on which the tests are done
+//		*/
+//		public static readonly string[] Curves = { "sect163r2", "sect233r1",
+//			"sect283r1", "sect409r1", "sect571r1" };
+//
+//		private string pointToString(F2mPoint p)
+//		{
+//			F2mFieldElement x = (F2mFieldElement) p.X;
+//			F2mFieldElement y = (F2mFieldElement) p.Y;
+//
+//			int m = x.M;
+//			int len = m / 2 + 5;
+//
+//			StringBuilder sb = new StringBuilder(len);
+//			sb.Append('(');
+//			sb.Append(x.ToBigInteger().ToString(16));
+//			sb.Append(", ");
+//			sb.Append(y.ToBigInteger().ToString(16));
+//			sb.Append(')');
+//
+//			return sb.ToString();
+//		}
+//
+//		private void generateRandomInput(X9ECParameters x9ECParameters)
+//		{
+//			F2mPoint g = (F2mPoint) x9ECParameters.G;
+//			int m = ((F2mFieldElement) g.X).M;
+//
+//			SecureRandom secRand = new SecureRandom(); //SecureRandom.GetInstance("SHA1PRNG");
+//			Properties inputProps = new Properties();
+//			for (int i = 0; i < NUM_SAMPLES; i++)
+//			{
+//				BigInteger rand = new BigInteger(m, secRand);
+//				inputProps.put(i.ToString(), rand.ToString(16));
+//			}
+//			string bits = m.ToString();
+//			FileStream fos = File.Create(PATH
+//				+ INPUT_FILE_NAME_PREFIX + bits + ".properties");
+//			inputProps.store(fos, "Input Samples of length" + bits);
+//			fos.Close();
+//		}
+//
+//		private void multiplyPoints(X9ECParameters x9ECParameters,
+//			string classPrefix)
+//		{
+//			F2mPoint g = (F2mPoint) x9ECParameters.G;
+//			int m = ((F2mFieldElement) g.X).M;
+//
+//			string inputFileName = PATH + INPUT_FILE_NAME_PREFIX + m
+//				+ ".properties";
+//			Properties inputProps = new Properties();
+//			FileStream fis = File.OpenRead(inputFileName); 
+//			inputProps.load(fis);
+//			fis.Close();
+//
+//			Properties outputProps = new Properties();
+//
+//			for (int i = 0; i < NUM_SAMPLES; i++)
+//			{
+//				BigInteger rand = new BigInteger(inputProps.getProperty(Integer
+//					.ToString(i)), 16);
+//				F2mPoint result = (F2mPoint) g.Multiply(rand);
+//				string resultStr = pointToString(result);
+//				outputProps.setProperty(i.ToString(), resultStr);
+//			}
+//
+//			string outputFileName = PATH + RESULT_FILE_NAME_PREFIX + classPrefix
+//				+ "_" + m + ".properties";
+//			FileStream fos = File.Create(outputFileName);
+//			outputProps.store(fos, "Output Samples of length" + m);
+//			fos.Close();
+//		}
+//
+//		private Properties loadResults(string classPrefix, int m)
+//		{
+//			FileStream fis = File.OpenRead(PATH
+//				+ RESULT_FILE_NAME_PREFIX + classPrefix + "_" + m + ".properties");
+//			Properties res = new Properties();
+//			res.load(fis);
+//			fis.Close();
+//			return res;
+//		}
+//
+//		private void compareResult(X9ECParameters x9ECParameters,
+//			string classPrefix1, string classPrefix2)
+//		{
+//			F2mPoint g = (F2mPoint) x9ECParameters.G;
+//			int m = ((F2mFieldElement) g.X).M;
+//
+//			Properties res1 = loadResults(classPrefix1, m);
+//			Properties res2 = loadResults(classPrefix2, m);
+//
+//			Set keys = res1.keySet();
+//			Iterator iter = keys.iterator();
+//			while (iter.hasNext())
+//			{
+//				string key = (string) iter.next();
+//				string result1 = res1.getProperty(key);
+//				string result2 = res2.getProperty(key);
+//				if (!(result1.Equals(result2)))
+//				{
+//					Console.Error.WriteLine("Difference found: m = " + m + ", "
+//						+ result1 + " does not equal " + result2);
+//				}
+//			}
+//
+//		}
+//
+//		private static void usage()
+//		{
+//			Console.Error.WriteLine("Usage: F2mProofer [-init | -Multiply <className> "
+//				+ "| -compare <className1> <className2>]");
+//		}
+//
+//		public static void Main(string[] args)
+//		{
+//			if (args.Length == 0)
+//			{
+//				usage();
+//				return;
+//			}
+//			F2mProofer proofer = new F2mProofer();
+//			if (args[0].Equals("-init"))
+//			{
+//				Console.WriteLine("Generating random input...");
+//				for (int i = 0; i < Curves.Length; i++)
+//				{
+//					X9ECParameters x9ECParameters = SecNamedCurves
+//						.GetByName(Curves[i]);
+//					proofer.generateRandomInput(x9ECParameters);
+//				}
+//				Console.WriteLine("Successfully generated random input in " + PATH);
+//			}
+//			else if (args[0].Equals("-compare"))
+//			{
+//				if (args.Length < 3)
+//				{
+//					usage();
+//					return;
+//				}
+//				string classPrefix1 = args[1];
+//				string classPrefix2 = args[2];
+//				Console.WriteLine("Comparing results...");
+//				for (int i = 0; i < Curves.Length; i++)
+//				{
+//					X9ECParameters x9ECParameters = SecNamedCurves
+//						.GetByName(Curves[i]);
+//					proofer.compareResult(x9ECParameters, classPrefix1,
+//						classPrefix2);
+//				}
+//				Console.WriteLine("Successfully compared results in " + PATH);
+//			}
+//			else if (args[0].Equals("-Multiply"))
+//			{
+//				if (args.Length < 2)
+//				{
+//					usage();
+//					return;
+//				}
+//				string classPrefix = args[1];
+//				Console.WriteLine("Multiplying points...");
+//				for (int i = 0; i < Curves.Length; i++)
+//				{
+//					X9ECParameters x9ECParameters = SecNamedCurves
+//						.GetByName(Curves[i]);
+//					proofer.multiplyPoints(x9ECParameters, classPrefix);
+//				}
+//				Console.WriteLine("Successfully generated multiplied points in "
+//					+ PATH);
+//			}
+//			else
+//			{
+//				usage();
+//			}
+//		}
+//	}
+//}
diff --git a/crypto/test/src/math/ec/test/TnafTest.cs b/crypto/test/src/math/ec/test/TnafTest.cs
new file mode 100644
index 000000000..c04ae00d2
--- /dev/null
+++ b/crypto/test/src/math/ec/test/TnafTest.cs
@@ -0,0 +1,158 @@
+//using System;
+//using System.Text;
+//
+//using NUnit.Framework;
+//
+//using Org.BouncyCastle.Asn1.Sec;
+//using Org.BouncyCastle.Asn1.X9;
+//using Org.BouncyCastle.Math.EC.Multiplier;
+//using Org.BouncyCastle.Utilities.Date;
+//
+//namespace Org.BouncyCastle.Math.EC.Tests
+//{
+//	[TestFixture, Explicit]
+//	public class TnafTest
+//	{
+//		private Random m_rand = new Random();
+//
+//		private string ecPointToString(
+//			ECPoint p) 
+//		{
+//			StringBuilder sb = new StringBuilder("x = ");
+//			sb.Append(p.X.ToBigInteger().ToString());
+//			sb.Append("; y = ");
+//			sb.Append(p.Y.ToBigInteger().ToString());
+//			return sb.ToString();
+//		}
+//
+//		private ECPoint repeatedMultiply(ECPoint p, BigInteger k)
+//		{
+//			ECPoint result = p.Multiply(k);
+//			for (int i = 1; i < 10; ++i)
+//			{
+//				ECPoint check = p.Multiply(k);
+//				Assert.AreEqual(result, check);
+//			}
+//			return result;
+//		}
+//
+//		private void ImplTestMultiplyTnaf(string curveName) 
+//		{
+//			X9ECParameters x9ECParameters = SecNamedCurves.GetByName(curveName);
+//
+//			F2mCurve curve = (F2mCurve)x9ECParameters.Curve;
+//			BigInteger n = curve.N;
+//
+//			// The generator is multiplied by random b to get random q
+//			BigInteger b = new BigInteger(n.BitLength, m_rand);
+//			ECPoint g = x9ECParameters.G;
+//			F2mPoint p = (F2mPoint) g.Multiply(b);
+//
+//			BigInteger k = new BigInteger(n.BitLength, m_rand);
+//			long now1 = DateTimeUtilities.CurrentUnixMs();
+//			p.SetECMultiplier(new WTauNafMultiplier());
+//			ECPoint refRWTnaf = repeatedMultiply(p, k);
+//			long now2 = DateTimeUtilities.CurrentUnixMs();
+//			p.SetECMultiplier(new WNafMultiplier());
+//			ECPoint refWnaf = repeatedMultiply(p, k);
+//			long now3 = DateTimeUtilities.CurrentUnixMs();
+//			p.SetECMultiplier(new FpNafMultiplier());
+//			ECPoint refFpNaf = repeatedMultiply(p, k);
+//			long now4 = DateTimeUtilities.CurrentUnixMs();
+//			p.SetECMultiplier(new ReferenceMultiplier());
+//			ECPoint reference = repeatedMultiply(p, k);
+//			long now5 = DateTimeUtilities.CurrentUnixMs();
+//
+//			Assert.AreEqual(reference, refRWTnaf, "WTNAF multiplication is incorrect");
+//			Assert.AreEqual(reference, refFpNaf, "FPNAF multiplication is incorrect");
+//			Assert.AreEqual(reference, refWnaf, "WNAF multiplication is incorrect");
+//
+//			Console.WriteLine(curveName + ": Multiply WTNAF took millis:  " + (now2 - now1));
+//			Console.WriteLine(curveName + ": Multiply WNAF took millis:   " + (now3 - now2));
+//			Console.WriteLine(curveName + ": Multiply FPNAF took millis:  " + (now4 - now3));
+//			Console.WriteLine(curveName + ": Multiply REFE took millis:   " + (now5 - now4));
+//
+////			Console.WriteLine(curveName + ": refRWTnaf  = " + ecPointToString(refRWTnaf));
+////			Console.WriteLine(curveName + ": refWnaf    = " + ecPointToString(refWnaf));
+////			Console.WriteLine(curveName + ": refFpNaf   = " + ecPointToString(refFpNaf));
+////			Console.WriteLine(curveName + ": reference  = " + ecPointToString(reference) + "\n");
+//			Console.WriteLine();
+//		}
+//
+//		[Test]
+//		public void TestMultiplyTnaf() 
+//		{
+//			Console.WriteLine("\n\n\n*****  Start test multiplications on F2m (Koblitz) *****");
+//			ImplTestMultiplyTnaf("sect163k1");
+//			ImplTestMultiplyTnaf("sect233k1");
+//			ImplTestMultiplyTnaf("sect239k1");
+//			ImplTestMultiplyTnaf("sect283k1");
+//			ImplTestMultiplyTnaf("sect409k1");
+//			ImplTestMultiplyTnaf("sect571k1");
+//		}
+//
+//		private void ImplTestMultiplyWnaf(String curveName) 
+//		{
+//			X9ECParameters x9ECParameters = SecNamedCurves.GetByName(curveName);
+//
+//			BigInteger r = x9ECParameters.N;
+//
+//			// The generator is multiplied by random b to get random q
+//			BigInteger b = new BigInteger(r.BitLength, m_rand);
+//			ECPoint g = x9ECParameters.G;
+//			ECPoint p = g.Multiply(b);
+//
+//			BigInteger k = new BigInteger(r.BitLength, m_rand);
+//			long now1 = DateTimeUtilities.CurrentUnixMs();
+//			p.SetECMultiplier(new WNafMultiplier());
+//			ECPoint refWnaf = repeatedMultiply(p, k);
+//			long now2 = DateTimeUtilities.CurrentUnixMs();
+//			p.SetECMultiplier(new FpNafMultiplier());
+//			ECPoint refFpNaf = repeatedMultiply(p, k);
+//			long now3 = DateTimeUtilities.CurrentUnixMs();
+//			p.SetECMultiplier(new ReferenceMultiplier());
+//			ECPoint reference = repeatedMultiply(p, k);
+//			long now4 = DateTimeUtilities.CurrentUnixMs();
+//
+//			Assert.AreEqual(reference, refWnaf, "WNAF multiplication is incorrect");
+//			Assert.AreEqual(reference, refFpNaf, "FPNAF multiplication is incorrect");
+//
+//			Console.WriteLine(curveName + ": Multiply WNAF took millis:   " + (now2 - now1));
+//			Console.WriteLine(curveName + ": Multiply FPNAF took millis:  " + (now3 - now2));
+//			Console.WriteLine(curveName + ": Multiply REFE took millis:   " + (now4 - now3));
+//
+////			Console.WriteLine(curveName + ": refWnaf    = " + ecPointToString(refWnaf));
+////			Console.WriteLine(curveName + ": refFpNaf   = " + ecPointToString(refFpNaf));
+////			Console.WriteLine(curveName + ": reference  = " + ecPointToString(reference));
+//			Console.WriteLine();
+//		}
+//
+//		[Test]
+//		public void TestMultiplyWnaf() 
+//		{
+//			Console.WriteLine("\n\n\n*****  Start test multiplications on F2m *****");
+//			ImplTestMultiplyWnaf("sect113r1");
+//			ImplTestMultiplyWnaf("sect113r2");
+//			ImplTestMultiplyWnaf("sect131r1");
+//			ImplTestMultiplyWnaf("sect131r2");
+//			ImplTestMultiplyWnaf("sect163r1");
+//			ImplTestMultiplyWnaf("sect163r2");
+//			ImplTestMultiplyWnaf("sect193r1");
+//			ImplTestMultiplyWnaf("sect193r2");
+//			ImplTestMultiplyWnaf("sect233r1");
+//			ImplTestMultiplyWnaf("sect283r1");
+//			ImplTestMultiplyWnaf("sect409r1");
+//			ImplTestMultiplyWnaf("sect571r1");
+//
+//			Console.WriteLine("\n\n\n*****  Start test multiplications on Fp  *****");
+//			ImplTestMultiplyWnaf("secp112r1");
+//			ImplTestMultiplyWnaf("secp128r1");
+//			ImplTestMultiplyWnaf("secp160r1");
+//			ImplTestMultiplyWnaf("secp192r1");
+//			ImplTestMultiplyWnaf("secp224r1");
+//			ImplTestMultiplyWnaf("secp256r1");
+//			ImplTestMultiplyWnaf("secp384r1");
+//			ImplTestMultiplyWnaf("secp521r1");
+//		}
+//	}
+//}
diff --git a/crypto/test/src/math/test/AllTests.cs b/crypto/test/src/math/test/AllTests.cs
new file mode 100644
index 000000000..6f2b50140
--- /dev/null
+++ b/crypto/test/src/math/test/AllTests.cs
@@ -0,0 +1,27 @@
+using System;
+
+using NUnit.Core;
+using NUnit.Framework;
+
+namespace Org.BouncyCastle.Math.Tests
+{
+    public class AllTests
+    {
+        public static void Main(
+			string[] args)
+        {
+//            junit.textui.TestRunner.run(suite());
+            EventListener el = new NullListener();
+            suite().Run(el);
+        }
+
+        public static TestSuite suite()
+        {
+			TestSuite suite = new TestSuite("Math tests");
+
+			suite.Add(new BigIntegerTest());
+
+			return suite;
+        }
+    }
+}
diff --git a/crypto/test/src/math/test/BigIntegerTest.cs b/crypto/test/src/math/test/BigIntegerTest.cs
new file mode 100644
index 000000000..2f66a4b59
--- /dev/null
+++ b/crypto/test/src/math/test/BigIntegerTest.cs
@@ -0,0 +1,1048 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.Tests
+{
+	[TestFixture]
+	public class BigIntegerTest
+	{
+		private static Random random = new Random();
+
+		[Test]
+		public void MonoBug81857()
+		{
+			BigInteger b = new BigInteger("18446744073709551616");
+			BigInteger exp = BigInteger.Two;
+			BigInteger mod = new BigInteger("48112959837082048697");
+			BigInteger expected = new BigInteger("4970597831480284165");
+
+			BigInteger manual = b.Multiply(b).Mod(mod);
+			Assert.AreEqual(expected, manual, "b * b % mod");
+		}
+
+		[Test]
+		public void TestAbs()
+		{
+			Assert.AreEqual(zero, zero.Abs());
+
+			Assert.AreEqual(one, one.Abs());
+			Assert.AreEqual(one, minusOne.Abs());
+
+			Assert.AreEqual(two, two.Abs());
+			Assert.AreEqual(two, minusTwo.Abs());
+		}
+
+		[Test]
+		public void TestAdd()
+		{
+			for (int i = -10; i <= 10; ++i)
+			{
+				for (int j = -10; j <= 10; ++j)
+				{
+					Assert.AreEqual(
+						val(i + j),
+						val(i).Add(val(j)),
+						"Problem: " + i + ".Add(" + j + ") should be " + (i + j));
+				}
+			}
+		}
+
+		[Test]
+		public void TestAnd()
+		{
+			for (int i = -10; i <= 10; ++i)
+			{
+				for (int j = -10; j <= 10; ++j)
+				{
+					Assert.AreEqual(
+						val(i & j),
+						val(i).And(val(j)),
+						"Problem: " + i + " AND " + j + " should be " + (i & j));
+				}
+			}
+		}
+
+		[Test]
+		public void TestAndNot()
+		{
+			for (int i = -10; i <= 10; ++i)
+			{
+				for (int j = -10; j <= 10; ++j)
+				{
+					Assert.AreEqual(
+						val(i & ~j),
+						val(i).AndNot(val(j)),
+						"Problem: " + i + " AND NOT " + j + " should be " + (i & ~j));
+				}
+			}
+		}
+
+		[Test]
+		public void TestBitCount()
+		{
+			Assert.AreEqual(0, zero.BitCount);
+			Assert.AreEqual(1, one.BitCount);
+			Assert.AreEqual(0, minusOne.BitCount);
+			Assert.AreEqual(1, two.BitCount);
+			Assert.AreEqual(1, minusTwo.BitCount);
+
+			for (int i = 0; i < 100; ++i)
+			{
+				BigInteger pow2 = one.ShiftLeft(i);
+
+				Assert.AreEqual(1, pow2.BitCount);
+				Assert.AreEqual(i, pow2.Negate().BitCount);
+			}
+
+			for (int i = 0; i < 10; ++i)
+			{
+				BigInteger test = new BigInteger(128, 0, random);
+				int bitCount = 0;
+
+				for (int bit = 0; bit < test.BitLength; ++bit)
+				{
+					if (test.TestBit(bit))
+					{
+						++bitCount;
+					}
+				}
+
+				Assert.AreEqual(bitCount, test.BitCount);
+			}
+		}
+
+		[Test]
+		public void TestBitLength()
+		{
+			Assert.AreEqual(0, zero.BitLength);
+			Assert.AreEqual(1, one.BitLength);
+			Assert.AreEqual(0, minusOne.BitLength);
+			Assert.AreEqual(2, two.BitLength);
+			Assert.AreEqual(1, minusTwo.BitLength);
+
+			for (int i = 0; i < 100; ++i)
+			{
+				int bit = i + random.Next(64);
+				BigInteger odd = new BigInteger(bit, random).SetBit(bit + 1).SetBit(0);
+				BigInteger pow2 = one.ShiftLeft(bit);
+
+				Assert.AreEqual(bit + 2, odd.BitLength);
+				Assert.AreEqual(bit + 2, odd.Negate().BitLength);
+				Assert.AreEqual(bit + 1, pow2.BitLength);
+				Assert.AreEqual(bit, pow2.Negate().BitLength);
+			}
+		}
+
+		[Test]
+		public void TestClearBit()
+		{
+			Assert.AreEqual(zero, zero.ClearBit(0));
+			Assert.AreEqual(zero, one.ClearBit(0));
+			Assert.AreEqual(two, two.ClearBit(0));
+
+			Assert.AreEqual(zero, zero.ClearBit(1));
+			Assert.AreEqual(one, one.ClearBit(1));
+			Assert.AreEqual(zero, two.ClearBit(1));
+
+			// TODO Tests for clearing bits in negative numbers
+
+			// TODO Tests for clearing extended bits
+
+			for (int i = 0; i < 10; ++i)
+			{
+				BigInteger n = new BigInteger(128, random);
+
+				for (int j = 0; j < 10; ++j)
+				{
+					int pos = random.Next(128);
+					BigInteger m = n.ClearBit(pos);
+					bool test = m.ShiftRight(pos).Remainder(two).Equals(one);
+
+					Assert.IsFalse(test);
+				}
+			}
+
+			for (int i = 0; i < 100; ++i)
+			{
+				BigInteger pow2 = one.ShiftLeft(i);
+				BigInteger minusPow2 = pow2.Negate();
+
+				Assert.AreEqual(zero, pow2.ClearBit(i));
+				Assert.AreEqual(minusPow2.ShiftLeft(1), minusPow2.ClearBit(i));
+
+				BigInteger bigI = BigInteger.ValueOf(i);
+				BigInteger negI = bigI.Negate();
+
+				for (int j = 0; j < 10; ++j)
+				{
+					string data = "i=" + i + ", j=" + j;
+					Assert.AreEqual(bigI.AndNot(one.ShiftLeft(j)), bigI.ClearBit(j), data);
+					Assert.AreEqual(negI.AndNot(one.ShiftLeft(j)), negI.ClearBit(j), data);
+				}
+			}
+		}
+
+		[Test]
+		public void TestCompareTo()
+		{
+			Assert.AreEqual(0, minusTwo.CompareTo(minusTwo));
+			Assert.AreEqual(-1, minusTwo.CompareTo(minusOne));
+			Assert.AreEqual(-1, minusTwo.CompareTo(zero));
+			Assert.AreEqual(-1, minusTwo.CompareTo(one));
+			Assert.AreEqual(-1, minusTwo.CompareTo(two));
+
+			Assert.AreEqual(1, minusOne.CompareTo(minusTwo));
+			Assert.AreEqual(0, minusOne.CompareTo(minusOne));
+			Assert.AreEqual(-1, minusOne.CompareTo(zero));
+			Assert.AreEqual(-1, minusOne.CompareTo(one));
+			Assert.AreEqual(-1, minusOne.CompareTo(two));
+
+			Assert.AreEqual(1, zero.CompareTo(minusTwo));
+			Assert.AreEqual(1, zero.CompareTo(minusOne));
+			Assert.AreEqual(0, zero.CompareTo(zero));
+			Assert.AreEqual(-1, zero.CompareTo(one));
+			Assert.AreEqual(-1, zero.CompareTo(two));
+
+			Assert.AreEqual(1, one.CompareTo(minusTwo));
+			Assert.AreEqual(1, one.CompareTo(minusOne));
+			Assert.AreEqual(1, one.CompareTo(zero));
+			Assert.AreEqual(0, one.CompareTo(one));
+			Assert.AreEqual(-1, one.CompareTo(two));
+
+			Assert.AreEqual(1, two.CompareTo(minusTwo));
+			Assert.AreEqual(1, two.CompareTo(minusOne));
+			Assert.AreEqual(1, two.CompareTo(zero));
+			Assert.AreEqual(1, two.CompareTo(one));
+			Assert.AreEqual(0, two.CompareTo(two));
+		}
+
+		[Test]
+		public void TestConstructors()
+		{
+			Assert.AreEqual(BigInteger.Zero, new BigInteger(new byte[]{ 0 }));
+			Assert.AreEqual(BigInteger.Zero, new BigInteger(new byte[]{ 0, 0 }));
+
+			for (int i = 0; i < 10; ++i)
+			{
+				Assert.IsTrue(new BigInteger(i + 3, 0, random).TestBit(0));
+			}
+
+			// TODO Other constructors
+		}
+
+		[Test]
+		public void TestDivide()
+		{
+			for (int i = -5; i <= 5; ++i)
+			{
+				try
+				{
+					val(i).Divide(zero);
+					Assert.Fail("expected ArithmeticException");
+				}
+				catch (ArithmeticException) {}
+			}
+
+			int product = 1 * 2 * 3 * 4 * 5 * 6 * 7 * 8 * 9;
+			int productPlus = product + 1;
+
+			BigInteger bigProduct = val(product);
+			BigInteger bigProductPlus = val(productPlus);
+
+			for (int divisor = 1; divisor < 10; ++divisor)
+			{
+				// Exact division
+				BigInteger expected = val(product / divisor);
+
+				Assert.AreEqual(expected, bigProduct.Divide(val(divisor)));
+				Assert.AreEqual(expected.Negate(), bigProduct.Negate().Divide(val(divisor)));
+				Assert.AreEqual(expected.Negate(), bigProduct.Divide(val(divisor).Negate()));
+				Assert.AreEqual(expected, bigProduct.Negate().Divide(val(divisor).Negate()));
+
+				expected = val((product + 1)/divisor);
+
+				Assert.AreEqual(expected, bigProductPlus.Divide(val(divisor)));
+				Assert.AreEqual(expected.Negate(), bigProductPlus.Negate().Divide(val(divisor)));
+				Assert.AreEqual(expected.Negate(), bigProductPlus.Divide(val(divisor).Negate()));
+				Assert.AreEqual(expected, bigProductPlus.Negate().Divide(val(divisor).Negate()));
+			}
+
+			for (int rep = 0; rep < 10; ++rep)
+			{
+				BigInteger a = new BigInteger(100 - rep, 0, random);
+				BigInteger b = new BigInteger(100 + rep, 0, random);
+				BigInteger c = new BigInteger(10 + rep, 0, random);
+				BigInteger d = a.Multiply(b).Add(c);
+				BigInteger e = d.Divide(a);
+
+				Assert.AreEqual(b, e);
+			}
+
+			// Special tests for power of two since uses different code path internally
+			for (int i = 0; i < 100; ++i)
+			{
+				int shift = random.Next(64);
+				BigInteger a = one.ShiftLeft(shift);
+				BigInteger b = new BigInteger(64 + random.Next(64), random);
+				BigInteger bShift = b.ShiftRight(shift);
+
+				string data = "shift=" + shift +", b=" + b.ToString(16);
+
+				Assert.AreEqual(bShift, b.Divide(a), data);
+				Assert.AreEqual(bShift.Negate(), b.Divide(a.Negate()), data);
+				Assert.AreEqual(bShift.Negate(), b.Negate().Divide(a), data);
+				Assert.AreEqual(bShift, b.Negate().Divide(a.Negate()), data);
+			}
+
+			// Regression
+			{
+				int shift = 63;
+				BigInteger a = one.ShiftLeft(shift);
+				BigInteger b = new BigInteger(1, Hex.Decode("2504b470dc188499"));
+				BigInteger bShift = b.ShiftRight(shift);
+
+				string data = "shift=" + shift +", b=" + b.ToString(16);
+
+				Assert.AreEqual(bShift, b.Divide(a), data);
+				Assert.AreEqual(bShift.Negate(), b.Divide(a.Negate()), data);
+//				Assert.AreEqual(bShift.Negate(), b.Negate().Divide(a), data);
+				Assert.AreEqual(bShift, b.Negate().Divide(a.Negate()), data);
+			}
+		}
+
+		[Test]
+		public void TestDivideAndRemainder()
+		{
+			// TODO More basic tests
+
+            BigInteger n = new BigInteger(48, random);
+            BigInteger[] qr = n.DivideAndRemainder(n);
+            Assert.AreEqual(one, qr[0]);
+            Assert.AreEqual(zero, qr[1]);
+            qr = n.DivideAndRemainder(one);
+			Assert.AreEqual(n, qr[0]);
+			Assert.AreEqual(zero, qr[1]);
+
+			for (int rep = 0; rep < 10; ++rep)
+			{
+				BigInteger a = new BigInteger(100 - rep, 0, random);
+				BigInteger b = new BigInteger(100 + rep, 0, random);
+				BigInteger c = new BigInteger(10 + rep, 0, random);
+				BigInteger d = a.Multiply(b).Add(c);
+				BigInteger[] es = d.DivideAndRemainder(a);
+
+				Assert.AreEqual(b, es[0]);
+				Assert.AreEqual(c, es[1]);
+			}
+
+			// Special tests for power of two since uses different code path internally
+			for (int i = 0; i < 100; ++i)
+			{
+				int shift = random.Next(64);
+				BigInteger a = one.ShiftLeft(shift);
+				BigInteger b = new BigInteger(64 + random.Next(64), random);
+				BigInteger bShift = b.ShiftRight(shift);
+				BigInteger bMod = b.And(a.Subtract(one));
+
+				string data = "shift=" + shift +", b=" + b.ToString(16);
+
+				qr = b.DivideAndRemainder(a);
+				Assert.AreEqual(bShift, qr[0], data);
+				Assert.AreEqual(bMod, qr[1], data);
+
+				qr = b.DivideAndRemainder(a.Negate());
+				Assert.AreEqual(bShift.Negate(), qr[0], data);
+				Assert.AreEqual(bMod, qr[1], data);
+
+				qr = b.Negate().DivideAndRemainder(a);
+				Assert.AreEqual(bShift.Negate(), qr[0], data);
+				Assert.AreEqual(bMod.Negate(), qr[1], data);
+
+				qr = b.Negate().DivideAndRemainder(a.Negate());
+				Assert.AreEqual(bShift, qr[0], data);
+				Assert.AreEqual(bMod.Negate(), qr[1], data);
+			}
+		}
+
+		[Test]
+		public void TestFlipBit()
+		{
+			for (int i = 0; i < 10; ++i)
+			{
+				BigInteger a = new BigInteger(128, 0, random);
+				BigInteger b = a;
+
+				for (int x = 0; x < 100; ++x)
+				{
+					// Note: Intentionally greater than initial size
+					int pos = random.Next(256);
+
+					a = a.FlipBit(pos);
+					b = b.TestBit(pos) ? b.ClearBit(pos) : b.SetBit(pos);
+				}
+
+				Assert.AreEqual(a, b);
+			}
+
+			for (int i = 0; i < 100; ++i)
+			{
+				BigInteger pow2 = one.ShiftLeft(i);
+				BigInteger minusPow2 = pow2.Negate();
+
+				Assert.AreEqual(zero, pow2.FlipBit(i));
+				Assert.AreEqual(minusPow2.ShiftLeft(1), minusPow2.FlipBit(i));
+
+				BigInteger bigI = BigInteger.ValueOf(i);
+				BigInteger negI = bigI.Negate();
+
+				for (int j = 0; j < 10; ++j)
+				{
+					string data = "i=" + i + ", j=" + j;
+					Assert.AreEqual(bigI.Xor(one.ShiftLeft(j)), bigI.FlipBit(j), data);
+					Assert.AreEqual(negI.Xor(one.ShiftLeft(j)), negI.FlipBit(j), data);
+				}
+			}
+		}
+
+		[Test]
+		public void TestGcd()
+		{
+			for (int i = 0; i < 10; ++i)
+			{
+				BigInteger fac = new BigInteger(32, random).Add(two);
+				BigInteger p1 = BigInteger.ProbablePrime(63, random);
+				BigInteger p2 = BigInteger.ProbablePrime(64, random);
+
+				BigInteger gcd = fac.Multiply(p1).Gcd(fac.Multiply(p2));
+
+				Assert.AreEqual(fac, gcd);
+			}
+		}
+
+		[Test]
+		public void TestGetLowestSetBit()
+		{
+			for (int i = 1; i <= 100; ++i)
+			{
+				BigInteger test = new BigInteger(i + 1, 0, random).Add(one);
+				int bit1 = test.GetLowestSetBit();
+				Assert.AreEqual(test, test.ShiftRight(bit1).ShiftLeft(bit1));
+				int bit2 = test.ShiftLeft(i + 1).GetLowestSetBit();
+				Assert.AreEqual(i + 1, bit2 - bit1);
+				int bit3 = test.ShiftLeft(3 * i).GetLowestSetBit();
+				Assert.AreEqual(3 * i, bit3 - bit1);
+			}
+		}
+
+		[Test]
+		public void TestIntValue()
+		{
+			int[] tests = new int[]{ int.MinValue, -1234, -10, -1, 0, ~0, 1, 10, 5678, int.MaxValue };
+
+			foreach (int test in tests)
+			{
+				Assert.AreEqual(test, val(test).IntValue);
+			}
+
+			// TODO Tests for large numbers
+		}
+
+		[Test]
+		public void TestIsProbablePrime()
+		{
+			Assert.IsFalse(zero.IsProbablePrime(100));
+			Assert.IsFalse(zero.IsProbablePrime(100));
+			Assert.IsTrue(zero.IsProbablePrime(0));
+			Assert.IsTrue(zero.IsProbablePrime(-10));
+			Assert.IsFalse(minusOne.IsProbablePrime(100));
+			Assert.IsTrue(minusTwo.IsProbablePrime(100));
+			Assert.IsTrue(val(-17).IsProbablePrime(100));
+			Assert.IsTrue(val(67).IsProbablePrime(100));
+			Assert.IsTrue(val(773).IsProbablePrime(100));
+
+			foreach (int p in firstPrimes)
+			{
+				Assert.IsTrue(val(p).IsProbablePrime(100));
+				Assert.IsTrue(val(-p).IsProbablePrime(100));
+			}
+
+			foreach (int c in nonPrimes)
+			{
+				Assert.IsFalse(val(c).IsProbablePrime(100));
+				Assert.IsFalse(val(-c).IsProbablePrime(100));
+			}
+
+			foreach (int e in mersennePrimeExponents)
+			{
+				Assert.IsTrue(mersenne(e).IsProbablePrime(100));
+				Assert.IsTrue(mersenne(e).Negate().IsProbablePrime(100));
+			}
+
+			foreach (int e in nonPrimeExponents)
+			{
+				Assert.IsFalse(mersenne(e).IsProbablePrime(100));
+				Assert.IsFalse(mersenne(e).Negate().IsProbablePrime(100));
+			}
+
+			// TODO Other examples of 'tricky' values?
+		}
+
+		[Test]
+		public void TestLongValue()
+		{
+			long[] tests = new long[]{ long.MinValue, -1234, -10, -1, 0L, ~0L, 1, 10, 5678, long.MaxValue };
+
+			foreach (long test in tests)
+			{
+				Assert.AreEqual(test, val(test).LongValue);
+			}
+
+			// TODO Tests for large numbers
+		}
+
+		[Test]
+		public void TestMax()
+		{
+			for (int i = -10; i <= 10; ++i)
+			{
+				for (int j = -10; j <= 10; ++j)
+				{
+					Assert.AreEqual(val(System.Math.Max(i, j)), val(i).Max(val(j)));
+				}
+			}
+		}
+
+		[Test]
+		public void TestMin()
+		{
+			for (int i = -10; i <= 10; ++i)
+			{
+				for (int j = -10; j <= 10; ++j)
+				{
+					Assert.AreEqual(val(System.Math.Min(i, j)), val(i).Min(val(j)));
+				}
+			}
+		}
+
+		[Test]
+		public void TestMod()
+		{
+			// TODO Basic tests
+
+			for (int rep = 0; rep < 100; ++rep)
+			{
+				int diff = random.Next(25);
+				BigInteger a = new BigInteger(100 - diff, 0, random);
+				BigInteger b = new BigInteger(100 + diff, 0, random);
+				BigInteger c = new BigInteger(10 + diff, 0, random);
+
+				BigInteger d = a.Multiply(b).Add(c);
+				BigInteger e = d.Mod(a);
+				Assert.AreEqual(c, e);
+
+				BigInteger pow2 = one.ShiftLeft(random.Next(128));
+				Assert.AreEqual(b.And(pow2.Subtract(one)), b.Mod(pow2));
+			}
+		}
+
+		[Test]
+		public void TestModInverse()
+		{
+			for (int i = 0; i < 10; ++i)
+			{
+				BigInteger p = BigInteger.ProbablePrime(64, random);
+				BigInteger q = new BigInteger(63, random).Add(one);
+				BigInteger inv = q.ModInverse(p);
+				BigInteger inv2 = inv.ModInverse(p);
+
+				Assert.AreEqual(q, inv2);
+				Assert.AreEqual(one, q.Multiply(inv).Mod(p));
+			}
+
+            // ModInverse a power of 2 for a range of powers
+            for (int i = 1; i <= 128; ++i)
+            {
+                BigInteger m = one.ShiftLeft(i);
+                BigInteger d = new BigInteger(i, random).SetBit(0);
+                BigInteger x = d.ModInverse(m);
+                BigInteger check = x.Multiply(d).Mod(m);
+
+                Assert.AreEqual(one, check);
+            }
+		}
+
+        [Test]
+		public void TestModPow()
+		{
+			try
+			{
+				two.ModPow(one, zero);
+				Assert.Fail("expected ArithmeticException");
+			}
+			catch (ArithmeticException) {}
+
+			Assert.AreEqual(zero, zero.ModPow(zero, one));
+			Assert.AreEqual(one, zero.ModPow(zero, two));
+			Assert.AreEqual(zero, two.ModPow(one, one));
+			Assert.AreEqual(one, two.ModPow(zero, two));
+
+			for (int i = 0; i < 100; ++i)
+			{
+				BigInteger m = BigInteger.ProbablePrime(10 + i, random);
+				BigInteger x = new BigInteger(m.BitLength - 1, random);
+
+				Assert.AreEqual(x, x.ModPow(m, m));
+				if (x.SignValue != 0)
+				{
+					Assert.AreEqual(zero, zero.ModPow(x, m));
+					Assert.AreEqual(one, x.ModPow(m.Subtract(one), m));
+				}
+
+				BigInteger y = new BigInteger(m.BitLength - 1, random);
+				BigInteger n = new BigInteger(m.BitLength - 1, random);
+				BigInteger n3 = n.ModPow(three, m);
+
+				BigInteger resX = n.ModPow(x, m);
+				BigInteger resY = n.ModPow(y, m);
+				BigInteger res = resX.Multiply(resY).Mod(m);
+				BigInteger res3 = res.ModPow(three, m);
+
+				Assert.AreEqual(res3, n3.ModPow(x.Add(y), m));
+
+				BigInteger a = x.Add(one); // Make sure it's not zero
+				BigInteger b = y.Add(one); // Make sure it's not zero
+
+				Assert.AreEqual(a.ModPow(b, m).ModInverse(m), a.ModPow(b.Negate(), m));
+			}
+		}
+
+		[Test]
+		public void TestMultiply()
+		{
+			BigInteger one = BigInteger.One;
+
+			Assert.AreEqual(one, one.Negate().Multiply(one.Negate()));
+
+			for (int i = 0; i < 100; ++i)
+			{
+				int aLen = 64 + random.Next(64);
+				int bLen = 64 + random.Next(64);
+
+				BigInteger a = new BigInteger(aLen, random).SetBit(aLen);
+				BigInteger b = new BigInteger(bLen, random).SetBit(bLen);
+				BigInteger c = new BigInteger(32, random);
+
+				BigInteger ab = a.Multiply(b);
+				BigInteger bc = b.Multiply(c);
+
+				Assert.AreEqual(ab.Add(bc), a.Add(c).Multiply(b));
+				Assert.AreEqual(ab.Subtract(bc), a.Subtract(c).Multiply(b));
+			}
+
+			// Special tests for power of two since uses different code path internally
+			for (int i = 0; i < 100; ++i)
+			{
+				int shift = random.Next(64);
+				BigInteger a = one.ShiftLeft(shift);
+				BigInteger b = new BigInteger(64 + random.Next(64), random);
+				BigInteger bShift = b.ShiftLeft(shift);
+
+				Assert.AreEqual(bShift, a.Multiply(b));
+				Assert.AreEqual(bShift.Negate(), a.Multiply(b.Negate()));
+				Assert.AreEqual(bShift.Negate(), a.Negate().Multiply(b));
+				Assert.AreEqual(bShift, a.Negate().Multiply(b.Negate()));
+
+				Assert.AreEqual(bShift, b.Multiply(a));
+				Assert.AreEqual(bShift.Negate(), b.Multiply(a.Negate()));
+				Assert.AreEqual(bShift.Negate(), b.Negate().Multiply(a));
+				Assert.AreEqual(bShift, b.Negate().Multiply(a.Negate()));
+			}
+		}
+
+		[Test]
+		public void TestNegate()
+		{
+			for (int i = -10; i <= 10; ++i)
+			{
+				Assert.AreEqual(val(-i), val(i).Negate());
+			}
+		}
+
+		[Test]
+		public void TestNextProbablePrime()
+		{
+			BigInteger firstPrime = BigInteger.ProbablePrime(32, random);
+			BigInteger nextPrime = firstPrime.NextProbablePrime();
+
+			Assert.IsTrue(firstPrime.IsProbablePrime(10));
+			Assert.IsTrue(nextPrime.IsProbablePrime(10));
+
+			BigInteger check = firstPrime.Add(one);
+
+			while (check.CompareTo(nextPrime) < 0)
+			{
+				Assert.IsFalse(check.IsProbablePrime(10));
+				check = check.Add(one);
+			}
+		}
+
+		[Test]
+		public void TestNot()
+		{
+			for (int i = -10; i <= 10; ++i)
+			{
+				Assert.AreEqual(
+					val(~i),
+					val(i).Not(),
+					"Problem: ~" + i + " should be " + ~i);
+			}
+		}
+
+		[Test]
+		public void TestOr()
+		{
+			for (int i = -10; i <= 10; ++i)
+			{
+				for (int j = -10; j <= 10; ++j)
+				{
+					Assert.AreEqual(
+						val(i | j),
+						val(i).Or(val(j)),
+						"Problem: " + i + " OR " + j + " should be " + (i | j));
+				}
+			}
+		}
+
+		[Test]
+		public void TestPow()
+		{
+			Assert.AreEqual(one, zero.Pow(0));
+			Assert.AreEqual(zero, zero.Pow(123));
+			Assert.AreEqual(one, one.Pow(0));
+			Assert.AreEqual(one, one.Pow(123));
+
+            Assert.AreEqual(two.Pow(147), one.ShiftLeft(147));
+            Assert.AreEqual(one.ShiftLeft(7).Pow(11), one.ShiftLeft(77));
+
+            BigInteger n = new BigInteger("1234567890987654321");
+			BigInteger result = one;
+
+			for (int i = 0; i < 10; ++i)
+			{
+				try
+				{
+					val(i).Pow(-1);
+					Assert.Fail("expected ArithmeticException");
+				}
+				catch (ArithmeticException) {}
+
+				Assert.AreEqual(result, n.Pow(i));
+
+				result = result.Multiply(n);
+			}
+		}
+
+		[Test]
+		public void TestRemainder()
+		{
+			// TODO Basic tests
+
+			for (int rep = 0; rep < 10; ++rep)
+			{
+				BigInteger a = new BigInteger(100 - rep, 0, random);
+				BigInteger b = new BigInteger(100 + rep, 0, random);
+				BigInteger c = new BigInteger(10 + rep, 0, random);
+				BigInteger d = a.Multiply(b).Add(c);
+				BigInteger e = d.Remainder(a);
+
+				Assert.AreEqual(c, e);
+			}
+		}
+
+		[Test]
+		public void TestSetBit()
+		{
+			Assert.AreEqual(one, zero.SetBit(0));
+			Assert.AreEqual(one, one.SetBit(0));
+			Assert.AreEqual(three, two.SetBit(0));
+
+			Assert.AreEqual(two, zero.SetBit(1));
+			Assert.AreEqual(three, one.SetBit(1));
+			Assert.AreEqual(two, two.SetBit(1));
+
+			// TODO Tests for setting bits in negative numbers
+
+			// TODO Tests for setting extended bits
+
+			for (int i = 0; i < 10; ++i)
+			{
+				BigInteger n = new BigInteger(128, random);
+
+				for (int j = 0; j < 10; ++j)
+				{
+					int pos = random.Next(128);
+					BigInteger m = n.SetBit(pos);
+					bool test = m.ShiftRight(pos).Remainder(two).Equals(one);
+
+					Assert.IsTrue(test);
+				}
+			}
+
+			for (int i = 0; i < 100; ++i)
+			{
+				BigInteger pow2 = one.ShiftLeft(i);
+				BigInteger minusPow2 = pow2.Negate();
+
+				Assert.AreEqual(pow2, pow2.SetBit(i));
+				Assert.AreEqual(minusPow2, minusPow2.SetBit(i));
+
+				BigInteger bigI = BigInteger.ValueOf(i);
+				BigInteger negI = bigI.Negate();
+
+				for (int j = 0; j < 10; ++j)
+				{
+					string data = "i=" + i + ", j=" + j;
+					Assert.AreEqual(bigI.Or(one.ShiftLeft(j)), bigI.SetBit(j), data);
+					Assert.AreEqual(negI.Or(one.ShiftLeft(j)), negI.SetBit(j), data);
+				}
+			}
+		}
+
+		[Test]
+		public void TestShiftLeft()
+		{
+			for (int i = 0; i < 100; ++i)
+			{
+				int shift = random.Next(128);
+
+				BigInteger a = new BigInteger(128 + i, random).Add(one);
+				int bits = a.BitCount; // Make sure nBits is set
+
+				BigInteger negA = a.Negate();
+				bits = negA.BitCount; // Make sure nBits is set
+
+				BigInteger b = a.ShiftLeft(shift);
+				BigInteger c = negA.ShiftLeft(shift);
+
+				Assert.AreEqual(a.BitCount, b.BitCount);
+				Assert.AreEqual(negA.BitCount + shift, c.BitCount);
+				Assert.AreEqual(a.BitLength + shift, b.BitLength);
+				Assert.AreEqual(negA.BitLength + shift, c.BitLength);
+
+				int j = 0;
+				for (; j < shift; ++j)
+				{
+					Assert.IsFalse(b.TestBit(j));
+				}
+
+				for (; j < b.BitLength; ++j)
+				{
+					Assert.AreEqual(a.TestBit(j - shift), b.TestBit(j));
+				}
+			}
+		}
+
+		[Test]
+		public void TestShiftRight()
+		{
+			for (int i = 0; i < 10; ++i)
+			{
+				int shift = random.Next(128);
+				BigInteger a = new BigInteger(256 + i, random).SetBit(256 + i);
+				BigInteger b = a.ShiftRight(shift);
+
+				Assert.AreEqual(a.BitLength - shift, b.BitLength);
+
+				for (int j = 0; j < b.BitLength; ++j)
+				{
+					Assert.AreEqual(a.TestBit(j + shift), b.TestBit(j));
+				}
+			}
+		}
+
+		[Test]
+		public void TestSignValue()
+		{
+			for (int i = -10; i <= 10; ++i)
+			{
+				Assert.AreEqual(i < 0 ? -1 : i > 0 ? 1 : 0, val(i).SignValue);
+			}
+		}
+
+		[Test]
+		public void TestSubtract()
+		{
+			for (int i = -10; i <= 10; ++i)
+			{
+				for (int j = -10; j <= 10; ++j)
+				{
+					Assert.AreEqual(
+						val(i - j),
+						val(i).Subtract(val(j)),
+						"Problem: " + i + ".Subtract(" + j + ") should be " + (i - j));
+				}
+			}
+		}
+
+		[Test]
+		public void TestTestBit()
+		{
+			for (int i = 0; i < 10; ++i)
+			{
+				BigInteger n = new BigInteger(128, random);
+
+				Assert.IsFalse(n.TestBit(128));
+				Assert.IsTrue(n.Negate().TestBit(128));
+
+				for (int j = 0; j < 10; ++j)
+				{
+					int pos = random.Next(128);
+					bool test = n.ShiftRight(pos).Remainder(two).Equals(one);
+
+					Assert.AreEqual(test, n.TestBit(pos));
+				}
+			}
+		}
+
+		[Test]
+		public void TestToByteArray()
+		{
+			byte[] z = BigInteger.Zero.ToByteArray();
+			Assert.IsTrue(Arrays.AreEqual(new byte[1], z));
+
+			for (int i = 16; i <= 48; ++i)
+			{
+				BigInteger x = BigInteger.ProbablePrime(i, random);
+				byte[] b = x.ToByteArray();
+				Assert.AreEqual((i / 8 + 1), b.Length);
+				BigInteger y = new BigInteger(b);
+				Assert.AreEqual(x, y);
+
+				x = x.Negate();
+				b = x.ToByteArray();
+				Assert.AreEqual((i / 8 + 1), b.Length);
+				y = new BigInteger(b);
+				Assert.AreEqual(x, y);
+			}
+		}
+
+		[Test]
+		public void TestToByteArrayUnsigned()
+		{
+			byte[] z = BigInteger.Zero.ToByteArrayUnsigned();
+			Assert.IsTrue(Arrays.AreEqual(new byte[0], z));
+
+			for (int i = 16; i <= 48; ++i)
+			{
+				BigInteger x = BigInteger.ProbablePrime(i, random);
+				byte[] b = x.ToByteArrayUnsigned();
+				Assert.AreEqual((i + 7) / 8, b.Length);
+				BigInteger y = new BigInteger(1, b);
+				Assert.AreEqual(x, y);
+
+				x = x.Negate();
+				b = x.ToByteArrayUnsigned();
+				Assert.AreEqual(i / 8 + 1, b.Length);
+				y = new BigInteger(b);
+				Assert.AreEqual(x, y);
+			}
+		}
+
+		[Test]
+		public void TestToString()
+		{
+			string s = "12345667890987654321";
+
+			Assert.AreEqual(s, new BigInteger(s).ToString());
+			Assert.AreEqual(s, new BigInteger(s, 10).ToString(10));
+			Assert.AreEqual(s, new BigInteger(s, 16).ToString(16));
+
+			for (int i = 0; i < 100; ++i)
+			{
+				BigInteger n = new BigInteger(i, random);
+
+				Assert.AreEqual(n, new BigInteger(n.ToString(2), 2));
+				Assert.AreEqual(n, new BigInteger(n.ToString(10), 10));
+				Assert.AreEqual(n, new BigInteger(n.ToString(16), 16));
+			}
+
+            // Radix version
+            int[] radices = new int[] { 2, 8, 10, 16 };
+            int trials = 256;
+
+            BigInteger[] tests = new BigInteger[trials];
+            for (int i = 0; i < trials; ++i)
+            {
+                int len = random.Next(i + 1);
+                tests[i] = new BigInteger(len, random);
+            }
+
+            foreach (int radix in radices)
+            {
+                for (int i = 0; i < trials; ++i)
+                {
+                    BigInteger n1 = tests[i];
+                    string str = n1.ToString(radix);
+                    BigInteger n2 = new BigInteger(str, radix);
+                    Assert.AreEqual(n1, n2);
+                }
+            }
+		}
+
+        [Test]
+		public void TestValueOf()
+		{
+			Assert.AreEqual(-1, BigInteger.ValueOf(-1).SignValue);
+			Assert.AreEqual(0, BigInteger.ValueOf(0).SignValue);
+			Assert.AreEqual(1, BigInteger.ValueOf(1).SignValue);
+
+			for (long i = -5; i < 5; ++i)
+			{
+				Assert.AreEqual(i, BigInteger.ValueOf(i).IntValue);
+			}
+		}
+
+		[Test]
+		public void TestXor()
+		{
+			for (int i = -10; i <= 10; ++i)
+			{
+				for (int j = -10; j <= 10; ++j)
+				{
+					Assert.AreEqual(
+						val(i ^ j),
+						val(i).Xor(val(j)),
+						"Problem: " + i + " XOR " + j + " should be " + (i ^ j));
+				}
+			}
+		}
+
+		private static BigInteger val(long n)
+		{
+			return BigInteger.ValueOf(n);
+		}
+
+		private static BigInteger mersenne(int e)
+		{
+			return two.Pow(e).Subtract(one);
+		}
+
+		private static readonly BigInteger minusTwo = BigInteger.Two.Negate();
+		private static readonly BigInteger minusOne = BigInteger.One.Negate();
+		private static readonly BigInteger zero = BigInteger.Zero;
+		private static readonly BigInteger one = BigInteger.One;
+		private static readonly BigInteger two = BigInteger.Two;
+		private static readonly BigInteger three = BigInteger.Three;
+
+		private static int[] firstPrimes = { 2, 3, 5, 7, 11, 13, 17, 19, 23, 29 };
+		private static int[] nonPrimes = { 0, 1, 4, 10, 20, 21, 22, 25, 26, 27 };
+
+		private static int[] mersennePrimeExponents = { 2, 3, 5, 7, 13, 17, 19, 31, 61, 89 };
+		private static int[] nonPrimeExponents = { 1, 4, 6, 9, 11, 15, 23, 29, 37, 41 };
+	}
+}
diff --git a/crypto/test/src/ocsp/test/AllTests.cs b/crypto/test/src/ocsp/test/AllTests.cs
new file mode 100644
index 000000000..2b30e3ad4
--- /dev/null
+++ b/crypto/test/src/ocsp/test/AllTests.cs
@@ -0,0 +1,29 @@
+using System;
+
+using NUnit.Core;
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Ocsp.Tests
+{
+	public class AllTests
+	{
+		public static void Main(
+			string[] args)
+		{
+			//junit.textui.TestRunner.run(suite());
+			EventListener el = new NullListener();
+			suite().Run(el);
+		}
+
+		public static TestSuite suite()
+		{
+			TestSuite suite = new TestSuite("OCSP Tests");
+
+			suite.Add(new OcspTest());
+
+			return suite;
+		}
+	}
+}
diff --git a/crypto/test/src/ocsp/test/OCSPTest.cs b/crypto/test/src/ocsp/test/OCSPTest.cs
new file mode 100644
index 000000000..823de90f9
--- /dev/null
+++ b/crypto/test/src/ocsp/test/OCSPTest.cs
@@ -0,0 +1,852 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ocsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Extension;
+
+namespace Org.BouncyCastle.Ocsp.Tests
+{
+	[TestFixture]
+	public class OcspTest
+		: SimpleTest
+	{
+		private static readonly byte[] testResp1 = Base64.Decode(
+			  "MIIFnAoBAKCCBZUwggWRBgkrBgEFBQcwAQEEggWCMIIFfjCCARehgZ8wgZwx"
+			+ "CzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEgcHJhZGVzaDESMBAGA1UE"
+			+ "BxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAKBgNVBAsTA0FUQzEeMBwG"
+			+ "A1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQwIgYJKoZIhvcNAQkBFhVv"
+			+ "Y3NwQHRjcy1jYS50Y3MuY28uaW4YDzIwMDMwNDAyMTIzNDU4WjBiMGAwOjAJ"
+			+ "BgUrDgMCGgUABBRs07IuoCWNmcEl1oHwIak1BPnX8QQUtGyl/iL9WJ1VxjxF"
+			+ "j0hAwJ/s1AcCAQKhERgPMjAwMjA4MjkwNzA5MjZaGA8yMDAzMDQwMjEyMzQ1"
+			+ "OFowDQYJKoZIhvcNAQEFBQADgYEAfbN0TCRFKdhsmvOdUoiJ+qvygGBzDxD/"
+			+ "VWhXYA+16AphHLIWNABR3CgHB3zWtdy2j7DJmQ/R7qKj7dUhWLSqclAiPgFt"
+			+ "QQ1YvSJAYfEIdyHkxv4NP0LSogxrumANcDyC9yt/W9yHjD2ICPBIqCsZLuLk"
+			+ "OHYi5DlwWe9Zm9VFwCGgggPMMIIDyDCCA8QwggKsoAMCAQICAQYwDQYJKoZI"
+			+ "hvcNAQEFBQAwgZQxFDASBgNVBAMTC1RDUy1DQSBPQ1NQMSYwJAYJKoZIhvcN"
+			+ "AQkBFhd0Y3MtY2FAdGNzLWNhLnRjcy5jby5pbjEMMAoGA1UEChMDVENTMQww"
+			+ "CgYDVQQLEwNBVEMxEjAQBgNVBAcTCUh5ZGVyYWJhZDEXMBUGA1UECBMOQW5k"
+			+ "aHJhIHByYWRlc2gxCzAJBgNVBAYTAklOMB4XDTAyMDgyOTA3MTE0M1oXDTAz"
+			+ "MDgyOTA3MTE0M1owgZwxCzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEg"
+			+ "cHJhZGVzaDESMBAGA1UEBxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAK"
+			+ "BgNVBAsTA0FUQzEeMBwGA1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQw"
+			+ "IgYJKoZIhvcNAQkBFhVvY3NwQHRjcy1jYS50Y3MuY28uaW4wgZ8wDQYJKoZI"
+			+ "hvcNAQEBBQADgY0AMIGJAoGBAM+XWW4caMRv46D7L6Bv8iwtKgmQu0SAybmF"
+			+ "RJiz12qXzdvTLt8C75OdgmUomxp0+gW/4XlTPUqOMQWv463aZRv9Ust4f8MH"
+			+ "EJh4ekP/NS9+d8vEO3P40ntQkmSMcFmtA9E1koUtQ3MSJlcs441JjbgUaVnm"
+			+ "jDmmniQnZY4bU3tVAgMBAAGjgZowgZcwDAYDVR0TAQH/BAIwADALBgNVHQ8E"
+			+ "BAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwkwNgYIKwYBBQUHAQEEKjAoMCYG"
+			+ "CCsGAQUFBzABhhpodHRwOi8vMTcyLjE5LjQwLjExMDo3NzAwLzAtBgNVHR8E"
+			+ "JjAkMCKgIKAehhxodHRwOi8vMTcyLjE5LjQwLjExMC9jcmwuY3JsMA0GCSqG"
+			+ "SIb3DQEBBQUAA4IBAQB6FovM3B4VDDZ15o12gnADZsIk9fTAczLlcrmXLNN4"
+			+ "PgmqgnwF0Ymj3bD5SavDOXxbA65AZJ7rBNAguLUo+xVkgxmoBH7R2sBxjTCc"
+			+ "r07NEadxM3HQkt0aX5XYEl8eRoifwqYAI9h0ziZfTNes8elNfb3DoPPjqq6V"
+			+ "mMg0f0iMS4W8LjNPorjRB+kIosa1deAGPhq0eJ8yr0/s2QR2/WFD5P4aXc8I"
+			+ "KWleklnIImS3zqiPrq6tl2Bm8DZj7vXlTOwmraSQxUwzCKwYob1yGvNOUQTq"
+			+ "pG6jxn7jgDawHU1+WjWQe4Q34/pWeGLysxTraMa+Ug9kPe+jy/qRX2xwvKBZ"
+//			+ "====");
+			+ "");
+
+		private static readonly byte[] testResp2 = Base64.Decode(
+			  "MIII1QoBAKCCCM4wggjKBgkrBgEFBQcwAQEEggi7MIIItzCBjqADAgEAoSMw"
+			+ "ITEfMB0GA1UEAxMWT0NTUCBjZXJ0LVFBLUNMSUVOVC04NxgPMjAwMzA1MTky"
+			+ "MDI2MzBaMFEwTzA6MAkGBSsOAwIaBQAEFJniwiUuyrhKIEF2TjVdVdCAOw0z"
+			+ "BBR2olPKrPOJUVyGZ7BXOC4L2BmAqgIBL4AAGA8yMDAzMDUxOTIwMjYzMFow"
+			+ "DQYJKoZIhvcNAQEEBQADggEBALImFU3kUtpNVf4tIFKg/1sDHvGpk5Pk0uhH"
+			+ "TiNp6vdPfWjOgPkVXskx9nOTabVOBE8RusgwEcK1xeBXSHODb6mnjt9pkfv3"
+			+ "ZdbFLFvH/PYjOb6zQOgdIOXhquCs5XbcaSFCX63hqnSaEqvc9w9ctmQwds5X"
+			+ "tCuyCB1fWu/ie8xfuXR5XZKTBf5c6dO82qFE65gTYbGOxJBYiRieIPW1XutZ"
+			+ "A76qla4m+WdxubV6SPG8PVbzmAseqjsJRn4jkSKOGenqSOqbPbZn9oBsU0Ku"
+			+ "hul3pwsNJvcBvw2qxnWybqSzV+n4OvYXk+xFmtTjw8H9ChV3FYYDs8NuUAKf"
+			+ "jw1IjWegggcOMIIHCjCCAzMwggIboAMCAQICAQIwDQYJKoZIhvcNAQEEBQAw"
+			+ "bzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1BMRAwDgYDVQQHEwdXYWx0aGFt"
+			+ "MRYwFAYDVQQKEw1Gb3J1bSBTeXN0ZW1zMQswCQYDVQQLEwJRQTEcMBoGA1UE"
+			+ "AxMTQ2VydGlmaWNhdGUgTWFuYWdlcjAeFw0wMzAzMjEwNTAwMDBaFw0yNTAz"
+			+ "MjEwNTAwMDBaMCExHzAdBgNVBAMTFk9DU1AgY2VydC1RQS1DTElFTlQtODcw"
+			+ "ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVuxRCZgJAYAftYuRy"
+			+ "9axdtsHrkIJyVVRorLCTWOoLmx2tlrGqKbHOGKmvqEPEpeCDYQk+0WIlWMuM"
+			+ "2pgiYAolwqSFBwCjkjQN3fCIHXiby0JBgCCLoe7wa0pZffE+8XZH0JdSjoT3"
+			+ "2OYD19wWZeY2VB0JWJFWYAnIL+R5Eg7LwJ5QZSdvghnOWKTv60m/O1rC0see"
+			+ "9lbPO+3jRuaDyCUKYy/YIKBYC9rtC4hS47jg70dTfmE2nccjn7rFCPBrVr4M"
+			+ "5szqdRzwu3riL9W+IE99LTKXOH/24JX0S4woeGXMS6me7SyZE6x7P2tYkNXM"
+			+ "OfXk28b3SJF75K7vX6T6ecWjAgMBAAGjKDAmMBMGA1UdJQQMMAoGCCsGAQUF"
+			+ "BwMJMA8GCSsGAQUFBzABBQQCBQAwDQYJKoZIhvcNAQEEBQADggEBAKNSn7pp"
+			+ "UEC1VTN/Iqk8Sc2cAYM7KSmeB++tuyes1iXY4xSQaEgOxRa5AvPAKnXKSzfY"
+			+ "vqi9WLdzdkpTo4AzlHl5nqU/NCUv3yOKI9lECVMgMxLAvZgMALS5YXNZsqrs"
+			+ "hP3ASPQU99+5CiBGGYa0PzWLstXLa6SvQYoHG2M8Bb2lHwgYKsyrUawcfc/s"
+			+ "jE3jFJeyCyNwzH0eDJUVvW1/I3AhLNWcPaT9/VfyIWu5qqZU+ukV/yQXrKiB"
+			+ "glY8v4QDRD4aWQlOuiV2r9sDRldOPJe2QSFDBe4NtBbynQ+MRvF2oQs/ocu+"
+			+ "OAHX7uiskg9GU+9cdCWPwJf9cP/Zem6MemgwggPPMIICt6ADAgECAgEBMA0G"
+			+ "CSqGSIb3DQEBBQUAMG8xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNQTEQMA4G"
+			+ "A1UEBxMHV2FsdGhhbTEWMBQGA1UEChMNRm9ydW0gU3lzdGVtczELMAkGA1UE"
+			+ "CxMCUUExHDAaBgNVBAMTE0NlcnRpZmljYXRlIE1hbmFnZXIwHhcNMDMwMzIx"
+			+ "MDUwMDAwWhcNMjUwMzIxMDUwMDAwWjBvMQswCQYDVQQGEwJVUzELMAkGA1UE"
+			+ "CBMCTUExEDAOBgNVBAcTB1dhbHRoYW0xFjAUBgNVBAoTDUZvcnVtIFN5c3Rl"
+			+ "bXMxCzAJBgNVBAsTAlFBMRwwGgYDVQQDExNDZXJ0aWZpY2F0ZSBNYW5hZ2Vy"
+			+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4VeU+48VBjI0mGRt"
+			+ "9qlD+WAhx3vv4KCOD5f3HWLj8D2DcoszVTVDqtRK+HS1eSpO/xWumyXhjV55"
+			+ "FhG2eYi4e0clv0WyswWkGLqo7IxYn3ZhVmw04ohdTjdhVv8oS+96MUqPmvVW"
+			+ "+MkVRyqm75HdgWhKRr/lEpDNm+RJe85xMCipkyesJG58p5tRmAZAAyRs3jYw"
+			+ "5YIFwDOnt6PCme7ui4xdas2zolqOlynMuq0ctDrUPKGLlR4mVBzgAVPeatcu"
+			+ "ivEQdB3rR6UN4+nv2jx9kmQNNb95R1M3J9xHfOWX176UWFOZHJwVq8eBGF9N"
+			+ "pav4ZGBAyqagW7HMlo7Hw0FzUwIDAQABo3YwdDARBglghkgBhvhCAQEEBAMC"
+			+ "AJcwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU64zBxl1yKES8tjU3/rBA"
+			+ "NaeBpjkwHwYDVR0jBBgwFoAU64zBxl1yKES8tjU3/rBANaeBpjkwDgYDVR0P"
+			+ "AQH/BAQDAgGGMA0GCSqGSIb3DQEBBQUAA4IBAQAzHnf+Z+UgxDVOpCu0DHF+"
+			+ "qYZf8IaUQxLhUD7wjwnt3lJ0QV1z4oyc6Vs9J5xa8Mvf7u1WMmOxvN8r8Kb0"
+			+ "k8DlFszLd0Qwr+NVu5NQO4Vn01UAzCtH4oX2bgrVzotqDnzZ4TcIr11EX3Nb"
+			+ "tO8yWWl+xWIuxKoAO8a0Rh97TyYfAj4++GIm43b2zIvRXEWAytjz7rXUMwRC"
+			+ "1ipRQwSA9gyw2y0s8emV/VwJQXsTe9xtDqlEC67b90V/BgL/jxck5E8yrY9Z"
+			+ "gNxlOgcqscObisAkB5I6GV+dfa+BmZrhSJ/bvFMUrnFzjLFvZp/9qiK11r5K"
+			+ "A5oyOoNv0w+8bbtMNEc1"
+//			+ "====");
+			+ "");
+
+		/**
+		 * extra version number encoding.
+		 */
+		private static readonly byte[] irregReq = Base64.Decode(
+			  "MIIQpTBUoAMCAQAwTTBLMEkwCQYFKw4DAhoFAAQUIcFvFFVjPem15pKox4cfcnzF"
+			+ "Kf4EFJf8OQzmVmyJ/hc4EhitQbXcqAzDAhB9ePsP19SuP6CsAgFwQuEAoIIQSzCC"
+			+ "EEcwDQYJKoZIhvcNAQEFBQADgYEAlq/Tjl8OtFM8Tib1JYTiaPy9vFDr8UZhqXJI"
+			+ "FyrdgtUyyDt0EcrgnBGacAeRZzF5sokIC6DjXweU7EItGqrpw/RaCUPUWFpPxR6y"
+			+ "HjuzrLmICocTI9MH7dRUXm0qpxoY987sx1PtWB4pSR99ixBtq3OPNdsI0uJ+Qkei"
+			+ "LbEZyvWggg+wMIIPrDCCA5owggKCoAMCAQICEEAxXx/eFe7gm/NX7AkcS68wDQYJ"
+			+ "KoZIhvcNAQEFBQAwgZoxCzAJBgNVBAYTAlNFMTMwMQYDVQQKDCpMw6Ruc2bDtnJz"
+			+ "w6RrcmluZ2FyIEJhbmsgQWt0aWVib2xhZyAocHVibCkxFTATBgNVBAUTDDExMTEx"
+			+ "MTExMTExMTE/MD0GA1UEAww2TMOkbnNmw7Zyc8Oka3JpbmdhciBCYW5rIFB1cmNo"
+			+ "YXNlciBDQTEgZm9yIEJhbmtJRCBURVNUMB4XDTA4MTAwNjIyMDAwMFoXDTEwMTAx"
+			+ "MDIxNTk1OVowgZExCzAJBgNVBAYTAlNFMTMwMQYDVQQKDCpMw6Ruc2bDtnJzw6Rr"
+			+ "cmluZ2FyIEJhbmsgQWt0aWVib2xhZyAocHVibCkxFTATBgNVBAUTDDExMTExMTEx"
+			+ "MTExMTE2MDQGA1UEAwwtTMOkbnNmw7Zyc8Oka3JpbmdhciBCYW5rIE9DU1AgZm9y"
+			+ "IEJhbmtJRCBURVNUMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5e/h6aL2m"
+			+ "DVpWeu5e5p1Ps9kbvuuGeAp9zJDYLbZz7uzT67X+s59HaViroD2+2my/gg7rX7tK"
+			+ "H9VXpJad1W9O19SjfNyxgeAMwVMkrbb4IlrQwu0v/Ub8JPxSWwZZXYiODq5abeXA"
+			+ "abMYIHxSaSkhrsUj1dpSAohHLJRlq707swIDAQABo2cwZTAfBgNVHSMEGDAWgBTR"
+			+ "vcp2QyNdNGZ+q7TjKSrrHZqxmDATBgNVHSAEDDAKMAgGBiqFcDwBBjAOBgNVHQ8B"
+			+ "Af8EBAMCBkAwHQYDVR0OBBYEFF/3557FEvkA8iiPv2XcBclxKnTdMA0GCSqGSIb3"
+			+ "DQEBBQUAA4IBAQAOxRvHO89XJ0v83BZdPFzEBA4B2Tqc1oABUn13S6fAkcGWvOmG"
+			+ "eY61MK16aMnLPNDadZrAqJc6PEtVY57uaywE9acwv9XpHO0bcS94tLwvZZJ2KBt0"
+			+ "Oq96gaI6gnJViUjyWjm+qBZvod0QPOLGv6wUPoiNcCpSid/COTjKpLYpCJj3ZWUV"
+			+ "nsTRWSRVXsdY/xI0gs/A8/c5P1PuTxoi99RTmcruoFxvV4MmhWyX7IGqG4OAtLdo"
+			+ "yefz/90FPGOrmqY9OgEb+gNuTM26YDvSs1dfarPl89d8jjwxHgNbZjh2VHFqKolJ"
+			+ "8TB8ZS5aNvhHPumOOE47y95rTBxrxSmGvKb8MIIENDCCAxygAwIBAgIRAJAFaeOw"
+			+ "7XbxH/DN/Vvhjx8wDQYJKoZIhvcNAQEFBQAwgZUxCzAJBgNVBAYTAlNFMTMwMQYD"
+			+ "VQQKDCpMw6Ruc2bDtnJzw6RrcmluZ2FyIEJhbmsgQWt0aWVib2xhZyAocHVibCkx"
+			+ "FTATBgNVBAUTDDExMTExMTExMTExMTE6MDgGA1UEAwwxTMOkbnNmw7Zyc8Oka3Jp"
+			+ "bmdhciBCYW5rIFJvb3QgQ0ExIGZvciBCYW5rSUQgVEVTVDAeFw0wNzEwMDExMjAw"
+			+ "MzdaFw0yOTA3MDExMjAwMzdaMIGaMQswCQYDVQQGEwJTRTEzMDEGA1UECgwqTMOk"
+			+ "bnNmw7Zyc8Oka3JpbmdhciBCYW5rIEFrdGllYm9sYWcgKHB1YmwpMRUwEwYDVQQF"
+			+ "EwwxMTExMTExMTExMTExPzA9BgNVBAMMNkzDpG5zZsO2cnPDpGtyaW5nYXIgQmFu"
+			+ "ayBQdXJjaGFzZXIgQ0ExIGZvciBCYW5rSUQgVEVTVDCCASIwDQYJKoZIhvcNAQEB"
+			+ "BQADggEPADCCAQoCggEBAMK5WbYojYRX1ZKrbxJBgbd4x503LfMWgr67sVD5L0NY"
+			+ "1RPhZVFJRKJWvawE5/eXJ4oNQwc831h2jiOgINXuKyGXqdAVGBcpFwIxTfzxwT4l"
+			+ "fvztr8pE6wk7mLLwKUvIjbM3EF1IL3zUI3UU/U5ioyGmcb/o4GGN71kMmvV/vrkU"
+			+ "02/s7xicXNxYej4ExLiCkS5+j/+3sR47Uq5cL9e8Yg7t5/6FyLGQjKoS8HU/abYN"
+			+ "4kpx/oyrxzrXMhnMVDiI8QX9NYGJwI8KZ/LU6GDq/NnZ3gG5v4l4UU1GhgUbrk4I"
+			+ "AZPDu99zvwCtkdj9lJN0eDv8jdyEPZ6g1qPBE0pCNqcCAwEAAaN4MHYwDwYDVR0T"
+			+ "AQH/BAUwAwEB/zATBgNVHSAEDDAKMAgGBiqFcDwBBjAOBgNVHQ8BAf8EBAMCAQYw"
+			+ "HwYDVR0jBBgwFoAUnkjp1bkQUOrkRiLgxpxwAe2GQFYwHQYDVR0OBBYEFNG9ynZD"
+			+ "I100Zn6rtOMpKusdmrGYMA0GCSqGSIb3DQEBBQUAA4IBAQAPVSC4HEd+yCtSgL0j"
+			+ "NI19U2hJeP28lAD7OA37bcLP7eNrvfU/2tuqY7rEn1m44fUbifewdgR8x2DzhM0m"
+			+ "fJcA5Z12PYUb85L9z8ewGQdyHLNlMpKSTP+0lebSc/obFbteC4jjuvux60y5KVOp"
+			+ "osXbGw2qyrS6uhZJrTDP1B+bYg/XBttG+i7Qzx0S5Tq//VU9OfAQZWpvejadKAk9"
+			+ "WCcXq6zALiJcxsUwOHZRvvHDxkHuf5eZpPvm1gaqa+G9CtV+oysZMU1eTRasBHsB"
+			+ "NRWYfOSXggsyqRHfIAVieB4VSsB8WhZYm8UgYoLhAQfSJ5Xq5cwBOHkVj33MxAyP"
+			+ "c7Y5MIID/zCCAuegAwIBAgIRAOXEoBcV4gV3Z92gk5AuRgwwDQYJKoZIhvcNAQEF"
+			+ "BQAwZjEkMCIGA1UECgwbRmluYW5zaWVsbCBJRC1UZWtuaWsgQklEIEFCMR8wHQYD"
+			+ "VQQLDBZCYW5rSUQgTWVtYmVyIEJhbmtzIENBMR0wGwYDVQQDDBRCYW5rSUQgUm9v"
+			+ "dCBDQSBURVNUMjAeFw0wNzEwMDExMTQ1NDlaFw0yOTA4MDExMTU4MjVaMIGVMQsw"
+			+ "CQYDVQQGEwJTRTEzMDEGA1UECgwqTMOkbnNmw7Zyc8Oka3JpbmdhciBCYW5rIEFr"
+			+ "dGllYm9sYWcgKHB1YmwpMRUwEwYDVQQFEwwxMTExMTExMTExMTExOjA4BgNVBAMM"
+			+ "MUzDpG5zZsO2cnPDpGtyaW5nYXIgQmFuayBSb290IENBMSBmb3IgQmFua0lEIFRF"
+			+ "U1QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBzn7IXIpyOGCCTuzL"
+			+ "DKE/T+pFRTgFh3QgKtifZ4zxdvB2Sd5+90vUEGcGExUhzpgb9gOUrT1eE0XhdiUR"
+			+ "YuYYpJI/nzPQWTsRtEaql7NHBPKnEauoA9oAhCT4pE5gLlqpTfkB8nAsRTI2XqpI"
+			+ "hQ7vTvnTRx20xog21NIbz1GztV8H1kBH2eDvRX7cXGiugp6CXV/le9cB+/4TBNUN"
+			+ "Xqupt79dM49KCoDuYr72W7Hv4BSWw3IInEN2m8T2X6UBpBGkCiGwLQy/+KOmYRK7"
+			+ "1PSFC0rXDwOJ0HJ/8fHwx6vLMxHAQ6s/9vOW10MjgjSQlbVqH/4Pa+TlpWumSV4E"
+			+ "l0z9AgMBAAGjeDB2MA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0gBAwwCjAIBgYqhXA8"
+			+ "AQYwDgYDVR0PAQH/BAQDAgEGMB8GA1UdIwQYMBaAFJuTMPljHcYdrRO9sEi1amb4"
+			+ "tE3VMB0GA1UdDgQWBBSeSOnVuRBQ6uRGIuDGnHAB7YZAVjANBgkqhkiG9w0BAQUF"
+			+ "AAOCAQEArnW/9n+G+84JOgv1Wn4tsBBS7QgJp1rdCoiNrZPx2du/7Wz3wQVNKBjL"
+			+ "eMCyLjg0OVHuq4hpCv9MZpUqdcUW8gpp4dLDAAd1uE7xqVuG8g4Ir5qocxbZHQew"
+			+ "fnqSJJDlEZgDeZIzod92OO+htv0MWqKWbr3Mo2Hqhn+t0+UVWsW4k44e7rUw3xQq"
+			+ "r2VdMJv/C68BXUgqh3pplUDjWyXfreiACTT0q3HT6v6WaihKCa2WY9Kd1IkDcLHb"
+			+ "TZk8FqMmGn72SgJw3H5Dvu7AiZijjNAUulMnMpxBEKyFTU2xRBlZZVcp50VJ2F7+"
+			+ "siisxbcYOAX4GztLMlcyq921Ov/ipDCCA88wggK3oAMCAQICEQCmaX+5+m5bF5us"
+			+ "CtyMq41SMA0GCSqGSIb3DQEBBQUAMGYxJDAiBgNVBAoMG0ZpbmFuc2llbGwgSUQt"
+			+ "VGVrbmlrIEJJRCBBQjEfMB0GA1UECwwWQmFua0lEIE1lbWJlciBCYW5rcyBDQTEd"
+			+ "MBsGA1UEAwwUQmFua0lEIFJvb3QgQ0EgVEVTVDIwHhcNMDQwODEzMDcyMDEwWhcN"
+			+ "MjkwODEyMTIwMjQ2WjBmMSQwIgYDVQQKDBtGaW5hbnNpZWxsIElELVRla25payBC"
+			+ "SUQgQUIxHzAdBgNVBAsMFkJhbmtJRCBNZW1iZXIgQmFua3MgQ0ExHTAbBgNVBAMM"
+			+ "FEJhbmtJRCBSb290IENBIFRFU1QyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB"
+			+ "CgKCAQEA25D0f1gipbACk4Bg3t6ODUlCWOU0TWeTkzAHR7IRB5T++yvsVosedMMW"
+			+ "6KYYTbPONeJSt5kydX+wZi9nVNdlhkNULLbDKWfRY7x+B9MR1Q0Kq/e4VR0uRsak"
+			+ "Bv5iwEYZ7cSR63HfBaPTqQsGobq+wtGH5JeTBrmCt4A3kN1UWgX32Dv/I3m7v8bK"
+			+ "iwh4cnvAD9PIOtq6pOmAkSvLvp8jCy3qFLe9KAxm8M/ZAmnxYaRV8DVEg57FGoG6"
+			+ "oiG3Ixx8PSVVdzpFY4kuUFLi4ueMPwjnXFiBhhWJJeOtFG3Lc2aW3zvcDbD/MsDm"
+			+ "rSZNTmtbOOou8xuMKjlNY9PU5MHIaQIDAQABo3gwdjAPBgNVHRMBAf8EBTADAQH/"
+			+ "MBMGA1UdIAQMMAowCAYGKoVwPAEGMA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAW"
+			+ "gBSbkzD5Yx3GHa0TvbBItWpm+LRN1TAdBgNVHQ4EFgQUm5Mw+WMdxh2tE72wSLVq"
+			+ "Zvi0TdUwDQYJKoZIhvcNAQEFBQADggEBAIQ4ZBHWssA38pfNzH5A+H3SXpAlI8Jc"
+			+ "LuoMVOIwwbfd1Up0xopCs+Ay41v8FZtcTMFqCVTih2nzVusTgnFBPMPJ2cnTlRue"
+			+ "kAtVRNsiWn2/Ool/OXoYf5YnpgYu8t9jLCBCoDS5YJg714r9V9hCwfey8TCWBU80"
+			+ "vL7EIfjK13nUxf8d49GzZlFMNqGDMjfMp1FYrHBGLZBr8br/G/7em1Cprw7iR8cw"
+			+ "pddz+QXXFIrIz5Y9D/x1RrwoLibPw0kMrSwI2G4aCvoBySfbD6cpnJf6YHRctdSb"
+			+ "755zhdBW7XWTl6ReUVuEt0hTFms4F60kFAi5hIbDRSN1Slv5yP2b0EA=");
+
+		public override string Name
+		{
+			get { return "OCSP"; }
+		}
+
+		private void doTestECDsa()
+		{
+			string signDN = "O=Bouncy Castle, C=AU";
+			AsymmetricCipherKeyPair signKP = OcspTestUtil.MakeECKeyPair();
+			X509Certificate testCert = OcspTestUtil.MakeECDsaCertificate(signKP, signDN, signKP, signDN);
+
+			string origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU";
+			GeneralName origName = new GeneralName(new X509Name(origDN));
+
+			//
+			// general id value for our test issuer cert and a serial number.
+			//
+			CertificateID id = new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One);
+
+			//
+			// basic request generation
+			//
+			OcspReqGenerator gen = new OcspReqGenerator();
+
+			gen.AddRequest(id);
+
+			OcspReq req = gen.Generate();
+
+			if (req.IsSigned)
+			{
+				Fail("signed but shouldn't be");
+			}
+
+			X509Certificate[] certs = req.GetCerts();
+
+			if (certs != null)
+			{
+				Fail("null certs expected, but not found");
+			}
+
+			Req[] requests = req.GetRequestList();
+
+			if (!requests[0].GetCertID().Equals(id))
+			{
+				Fail("Failed isFor test");
+			}
+
+			//
+			// request generation with signing
+			//
+			X509Certificate[] chain = new X509Certificate[1];
+
+			gen = new OcspReqGenerator();
+
+			gen.SetRequestorName(new GeneralName(GeneralName.DirectoryName, new X509Name("CN=fred")));
+
+			gen.AddRequest(new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One));
+
+			chain[0] = testCert;
+
+			req = gen.Generate("SHA1withECDSA", signKP.Private, chain);
+
+			if (!req.IsSigned)
+			{
+				Fail("not signed but should be");
+			}
+
+			if (!req.Verify(signKP.Public))
+			{
+				Fail("signature failed to Verify");
+			}
+
+			requests = req.GetRequestList();
+
+			if (!requests[0].GetCertID().Equals(id))
+			{
+				Fail("Failed isFor test");
+			}
+
+			certs = req.GetCerts();
+
+			if (certs == null)
+			{
+				Fail("null certs found");
+			}
+
+			if (certs.Length != 1 || !certs[0].Equals(testCert))
+			{
+				Fail("incorrect certs found in request");
+			}
+
+			//
+			// encoding test
+			//
+			byte[] reqEnc = req.GetEncoded();
+
+			OcspReq newReq = new OcspReq(reqEnc);
+
+			if (!newReq.Verify(signKP.Public))
+			{
+				Fail("newReq signature failed to Verify");
+			}
+
+			//
+			// request generation with signing and nonce
+			//
+			chain = new X509Certificate[1];
+
+			gen = new OcspReqGenerator();
+
+			IList oids = new ArrayList();
+			IList values = new ArrayList();
+			byte[] sampleNonce = new byte[16];
+			Random rand = new Random();
+
+			rand.NextBytes(sampleNonce);
+
+			gen.SetRequestorName(new GeneralName(GeneralName.DirectoryName, new X509Name("CN=fred")));
+
+			oids.Add(OcspObjectIdentifiers.PkixOcspNonce);
+			values.Add(new X509Extension(false, new DerOctetString(new DerOctetString(sampleNonce))));
+
+			gen.SetRequestExtensions(new X509Extensions(oids, values));
+
+			gen.AddRequest(new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One));
+
+			chain[0] = testCert;
+
+			req = gen.Generate("SHA1withECDSA", signKP.Private, chain);
+
+			if (!req.IsSigned)
+			{
+				Fail("not signed but should be");
+			}
+
+			if (!req.Verify(signKP.Public))
+			{
+				Fail("signature failed to Verify");
+			}
+
+			//
+			// extension check.
+			//
+			ISet extOids = req.GetCriticalExtensionOids();
+
+			if (extOids.Count != 0)
+			{
+				Fail("wrong number of critical extensions in OCSP request.");
+			}
+
+			extOids = req.GetNonCriticalExtensionOids();
+
+			if (extOids.Count != 1)
+			{
+				Fail("wrong number of non-critical extensions in OCSP request.");
+			}
+
+			Asn1OctetString extValue = req.GetExtensionValue(OcspObjectIdentifiers.PkixOcspNonce);
+
+			Asn1Encodable extObj = X509ExtensionUtilities.FromExtensionValue(extValue);
+
+			if (!(extObj is Asn1OctetString))
+			{
+				Fail("wrong extension type found.");
+			}
+
+			if (!AreEqual(((Asn1OctetString)extObj).GetOctets(), sampleNonce))
+			{
+				Fail("wrong extension value found.");
+			}
+
+			//
+			// request list check
+			//
+			requests = req.GetRequestList();
+
+			if (!requests[0].GetCertID().Equals(id))
+			{
+				Fail("Failed isFor test");
+			}
+
+			//
+			// response generation
+			//
+			BasicOcspRespGenerator respGen = new BasicOcspRespGenerator(signKP.Public);
+
+			respGen.AddResponse(id, CertificateStatus.Good);
+
+			respGen.Generate("SHA1withECDSA", signKP.Private, chain, DateTime.UtcNow);
+		}
+
+		private void doTestRsa()
+		{
+			string signDN = "O=Bouncy Castle, C=AU";
+			AsymmetricCipherKeyPair signKP = OcspTestUtil.MakeKeyPair();
+			X509Certificate testCert = OcspTestUtil.MakeCertificate(signKP, signDN, signKP, signDN);
+
+			string origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU";
+			GeneralName origName = new GeneralName(new X509Name(origDN));
+
+			//
+			// general id value for our test issuer cert and a serial number.
+			//
+			CertificateID id = new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One);
+
+			//
+			// basic request generation
+			//
+			OcspReqGenerator gen = new OcspReqGenerator();
+
+			gen.AddRequest(
+				new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One));
+
+			OcspReq req = gen.Generate();
+
+			if (req.IsSigned)
+			{
+				Fail("signed but shouldn't be");
+			}
+
+			X509Certificate[] certs = req.GetCerts();
+
+			if (certs != null)
+			{
+				Fail("null certs expected, but not found");
+			}
+
+			Req[] requests = req.GetRequestList();
+
+			if (!requests[0].GetCertID().Equals(id))
+			{
+				Fail("Failed isFor test");
+			}
+
+			//
+			// request generation with signing
+			//
+			X509Certificate[] chain = new X509Certificate[1];
+
+			gen = new OcspReqGenerator();
+
+			gen.SetRequestorName(new GeneralName(GeneralName.DirectoryName, new X509Name("CN=fred")));
+
+			gen.AddRequest(
+				new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One));
+
+			chain[0] = testCert;
+
+			req = gen.Generate("SHA1withRSA", signKP.Private, chain);
+
+			if (!req.IsSigned)
+			{
+				Fail("not signed but should be");
+			}
+
+			if (!req.Verify(signKP.Public))
+			{
+				Fail("signature failed to Verify");
+			}
+
+			requests = req.GetRequestList();
+
+			if (!requests[0].GetCertID().Equals(id))
+			{
+				Fail("Failed isFor test");
+			}
+
+			certs = req.GetCerts();
+
+			if (certs == null)
+			{
+				Fail("null certs found");
+			}
+
+			if (certs.Length != 1 || !certs[0].Equals(testCert))
+			{
+				Fail("incorrect certs found in request");
+			}
+
+			//
+			// encoding test
+			//
+			byte[] reqEnc = req.GetEncoded();
+
+			OcspReq newReq = new OcspReq(reqEnc);
+
+			if (!newReq.Verify(signKP.Public))
+			{
+				Fail("newReq signature failed to Verify");
+			}
+
+			//
+			// request generation with signing and nonce
+			//
+			chain = new X509Certificate[1];
+
+			gen = new OcspReqGenerator();
+
+			IList oids = new ArrayList();
+			IList values = new ArrayList();
+			byte[] sampleNonce = new byte[16];
+			Random rand = new Random();
+
+			rand.NextBytes(sampleNonce);
+
+			gen.SetRequestorName(new GeneralName(GeneralName.DirectoryName, new X509Name("CN=fred")));
+
+			oids.Add(OcspObjectIdentifiers.PkixOcspNonce);
+			values.Add(new X509Extension(false, new DerOctetString(new DerOctetString(sampleNonce))));
+
+			gen.SetRequestExtensions(new X509Extensions(oids, values));
+
+			gen.AddRequest(
+				new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One));
+
+			chain[0] = testCert;
+
+			req = gen.Generate("SHA1withRSA", signKP.Private, chain);
+
+			if (!req.IsSigned)
+			{
+				Fail("not signed but should be");
+			}
+
+			if (!req.Verify(signKP.Public))
+			{
+				Fail("signature failed to Verify");
+			}
+
+			//
+			// extension check.
+			//
+			ISet extOids = req.GetCriticalExtensionOids();
+
+			if (extOids.Count != 0)
+			{
+				Fail("wrong number of critical extensions in OCSP request.");
+			}
+
+			extOids = req.GetNonCriticalExtensionOids();
+
+			if (extOids.Count != 1)
+			{
+				Fail("wrong number of non-critical extensions in OCSP request.");
+			}
+
+			Asn1OctetString extValue = req.GetExtensionValue(OcspObjectIdentifiers.PkixOcspNonce);
+
+			Asn1Object extObj = X509ExtensionUtilities.FromExtensionValue(extValue);
+
+			if (!(extObj is Asn1OctetString))
+			{
+				Fail("wrong extension type found.");
+			}
+
+			if (!AreEqual(((Asn1OctetString)extObj).GetOctets(), sampleNonce))
+			{
+				Fail("wrong extension value found.");
+			}
+
+			//
+			// request list check
+			//
+			requests = req.GetRequestList();
+
+			if (!requests[0].GetCertID().Equals(id))
+			{
+				Fail("Failed isFor test");
+			}
+
+			//
+			// response generation
+			//
+			BasicOcspRespGenerator respGen = new BasicOcspRespGenerator(signKP.Public);
+
+			respGen.AddResponse(id, CertificateStatus.Good);
+
+			BasicOcspResp resp = respGen.Generate("SHA1withRSA", signKP.Private, chain, DateTime.UtcNow);
+			OCSPRespGenerator rGen = new OCSPRespGenerator();
+
+			byte[] enc = rGen.Generate(OCSPRespGenerator.Successful, resp).GetEncoded();
+		}
+
+		private void doTestIrregularVersionReq()
+		{
+			OcspReq ocspRequest = new OcspReq(irregReq);
+			X509Certificate cert = ocspRequest.GetCerts()[0];
+			if (!ocspRequest.Verify(cert.GetPublicKey()))
+			{
+				Fail("extra version encoding test failed");
+			}
+		}
+
+		public override void PerformTest()
+		{
+			string signDN = "O=Bouncy Castle, C=AU";
+			AsymmetricCipherKeyPair signKP = OcspTestUtil.MakeKeyPair();
+			X509Certificate testCert = OcspTestUtil.MakeCertificate(signKP, signDN, signKP, signDN);
+
+			string origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU";
+			GeneralName origName = new GeneralName(new X509Name(origDN));
+
+			//
+			// general id value for our test issuer cert and a serial number.
+			//
+			CertificateID   id = new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One);
+
+			//
+			// basic request generation
+			//
+			OcspReqGenerator gen = new OcspReqGenerator();
+
+			gen.AddRequest(
+				new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One));
+
+			OcspReq req = gen.Generate();
+
+			if (req.IsSigned)
+			{
+				Fail("signed but shouldn't be");
+			}
+
+			X509Certificate[] certs = req.GetCerts();
+
+			if (certs != null)
+			{
+				Fail("null certs expected, but not found");
+			}
+
+			Req[] requests = req.GetRequestList();
+
+			if (!requests[0].GetCertID().Equals(id))
+			{
+				Fail("Failed isFor test");
+			}
+
+			//
+			// request generation with signing
+			//
+			X509Certificate[] chain = new X509Certificate[1];
+
+			gen = new OcspReqGenerator();
+
+			gen.SetRequestorName(new GeneralName(GeneralName.DirectoryName, new X509Name("CN=fred")));
+
+			gen.AddRequest(
+				new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One));
+
+			chain[0] = testCert;
+
+			req = gen.Generate("SHA1withRSA", signKP.Private, chain);
+
+			if (!req.IsSigned)
+			{
+				Fail("not signed but should be");
+			}
+
+			if (!req.Verify(signKP.Public))
+			{
+				Fail("signature failed to Verify");
+			}
+
+			requests = req.GetRequestList();
+
+			if (!requests[0].GetCertID().Equals(id))
+			{
+				Fail("Failed isFor test");
+			}
+
+			certs = req.GetCerts();
+
+			if (certs == null)
+			{
+				Fail("null certs found");
+			}
+
+			if (certs.Length != 1 || !testCert.Equals(certs[0]))
+			{
+				Fail("incorrect certs found in request");
+			}
+
+			//
+			// encoding test
+			//
+			byte[] reqEnc = req.GetEncoded();
+
+			OcspReq newReq = new OcspReq(reqEnc);
+
+			if (!newReq.Verify(signKP.Public))
+			{
+				Fail("newReq signature failed to Verify");
+			}
+
+			//
+			// request generation with signing and nonce
+			//
+			chain = new X509Certificate[1];
+
+			gen = new OcspReqGenerator();
+
+			IList oids = new ArrayList();
+			IList values = new ArrayList();
+			byte[] sampleNonce = new byte[16];
+			Random rand = new Random();
+
+			rand.NextBytes(sampleNonce);
+
+			gen.SetRequestorName(new GeneralName(GeneralName.DirectoryName, new X509Name("CN=fred")));
+
+			oids.Add(OcspObjectIdentifiers.PkixOcspNonce);
+			values.Add(new X509Extension(false, new DerOctetString(new DerOctetString(sampleNonce))));
+
+			gen.SetRequestExtensions(new X509Extensions(oids, values));
+
+			gen.AddRequest(
+				new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One));
+
+			chain[0] = testCert;
+
+			req = gen.Generate("SHA1withRSA", signKP.Private, chain);
+
+			if (!req.IsSigned)
+			{
+				Fail("not signed but should be");
+			}
+
+			if (!req.Verify(signKP.Public))
+			{
+				Fail("signature failed to Verify");
+			}
+
+			//
+			// extension check.
+			//
+			ISet extOids = req.GetCriticalExtensionOids();
+
+			if (extOids.Count != 0)
+			{
+				Fail("wrong number of critical extensions in OCSP request.");
+			}
+
+			extOids = req.GetNonCriticalExtensionOids();
+
+			if (extOids.Count != 1)
+			{
+				Fail("wrong number of non-critical extensions in OCSP request.");
+			}
+
+			Asn1OctetString extValue = req.GetExtensionValue(OcspObjectIdentifiers.PkixOcspNonce);
+			Asn1Object extObj = X509ExtensionUtilities.FromExtensionValue(extValue);
+
+			if (!(extObj is Asn1OctetString))
+			{
+				Fail("wrong extension type found.");
+			}
+
+			byte[] compareNonce = ((Asn1OctetString) extObj).GetOctets();
+
+			if (!AreEqual(compareNonce, sampleNonce))
+			{
+				Fail("wrong extension value found.");
+			}
+
+			//
+			// request list check
+			//
+			requests = req.GetRequestList();
+
+			if (!requests[0].GetCertID().Equals(id))
+			{
+				Fail("Failed isFor test");
+			}
+
+			//
+			// response parsing - test 1
+			//
+			OcspResp response = new OcspResp(testResp1);
+
+			if (response.Status != 0)
+			{
+				Fail("response status not zero.");
+			}
+
+			BasicOcspResp brep = (BasicOcspResp) response.GetResponseObject();
+			chain = brep.GetCerts();
+
+			if (!brep.Verify(chain[0].GetPublicKey()))
+			{
+				Fail("response 1 failed to Verify.");
+			}
+
+			//
+			// test 2
+			//
+			SingleResp[] singleResp = brep.Responses;
+
+			response = new OcspResp(testResp2);
+
+			if (response.Status != 0)
+			{
+				Fail("response status not zero.");
+			}
+
+			brep = (BasicOcspResp)response.GetResponseObject();
+			chain = brep.GetCerts();
+
+			if (!brep.Verify(chain[0].GetPublicKey()))
+			{
+				Fail("response 2 failed to Verify.");
+			}
+
+			singleResp = brep.Responses;
+
+			//
+			// simple response generation
+			//
+			OCSPRespGenerator respGen = new OCSPRespGenerator();
+			OcspResp resp = respGen.Generate(OCSPRespGenerator.Successful, response.GetResponseObject());
+
+			if (!resp.GetResponseObject().Equals(response.GetResponseObject()))
+			{
+				Fail("response fails to match");
+			}
+
+			doTestECDsa();
+			doTestRsa();
+			doTestIrregularVersionReq();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new OcspTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/ocsp/test/OCSPTestUtil.cs b/crypto/test/src/ocsp/test/OCSPTestUtil.cs
new file mode 100644
index 000000000..53b8f5bb9
--- /dev/null
+++ b/crypto/test/src/ocsp/test/OCSPTestUtil.cs
@@ -0,0 +1,147 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Ocsp.Tests
+{
+	public class OcspTestUtil
+	{
+		public static SecureRandom rand;
+		public static IAsymmetricCipherKeyPairGenerator kpg, ecKpg;
+		public static CipherKeyGenerator desede128kg;
+		public static CipherKeyGenerator desede192kg;
+		public static CipherKeyGenerator rc240kg;
+		public static CipherKeyGenerator rc264kg;
+		public static CipherKeyGenerator rc2128kg;
+		public static BigInteger serialNumber;
+
+		public static readonly bool Debug = true;
+
+		static OcspTestUtil()
+		{
+			rand = new SecureRandom();
+
+//			kpg  = KeyPairGenerator.GetInstance("RSA");
+//			kpg.initialize(1024, rand);
+			kpg = GeneratorUtilities.GetKeyPairGenerator("RSA");
+			kpg.Init(new RsaKeyGenerationParameters(
+				BigInteger.ValueOf(0x10001), rand, 1024, 25));
+
+			serialNumber = BigInteger.One;
+
+			ecKpg = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
+			ecKpg.Init(new KeyGenerationParameters(rand, 192));
+		}
+
+		public static AsymmetricCipherKeyPair MakeKeyPair()
+		{
+			return kpg.GenerateKeyPair();
+		}
+
+		public static AsymmetricCipherKeyPair MakeECKeyPair()
+		{
+			return ecKpg.GenerateKeyPair();
+		}
+
+		public static X509Certificate MakeCertificate(AsymmetricCipherKeyPair _subKP,
+			string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN)
+		{
+			return MakeCertificate(_subKP, _subDN, _issKP, _issDN, false);
+		}
+
+		public static X509Certificate MakeECDsaCertificate(AsymmetricCipherKeyPair _subKP,
+			string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN)
+		{
+			return MakeECDsaCertificate(_subKP, _subDN, _issKP, _issDN, false);
+		}
+
+		public static X509Certificate MakeCACertificate(AsymmetricCipherKeyPair _subKP,
+			string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN)
+		{
+
+			return MakeCertificate(_subKP, _subDN, _issKP, _issDN, true);
+		}
+
+		public static X509Certificate MakeCertificate(AsymmetricCipherKeyPair _subKP,
+			string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN, bool _ca)
+		{
+			return MakeCertificate(_subKP,_subDN, _issKP, _issDN, "MD5withRSA", _ca);
+		}
+
+		public static X509Certificate MakeECDsaCertificate(AsymmetricCipherKeyPair _subKP,
+			string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN, bool _ca)
+		{
+			return MakeCertificate(_subKP,_subDN, _issKP, _issDN, "SHA1WithECDSA", _ca);
+		}
+
+		public static X509Certificate MakeCertificate(AsymmetricCipherKeyPair _subKP,
+			string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN, string algorithm, bool _ca)
+		{
+			AsymmetricKeyParameter _subPub = _subKP.Public;
+			AsymmetricKeyParameter _issPriv = _issKP.Private;
+			AsymmetricKeyParameter _issPub = _issKP.Public;
+
+			X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator();
+
+			_v3CertGen.Reset();
+			_v3CertGen.SetSerialNumber(allocateSerialNumber());
+			_v3CertGen.SetIssuerDN(new X509Name(_issDN));
+			_v3CertGen.SetNotBefore(DateTime.UtcNow);
+			_v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100));
+			_v3CertGen.SetSubjectDN(new X509Name(_subDN));
+			_v3CertGen.SetPublicKey(_subPub);
+			_v3CertGen.SetSignatureAlgorithm(algorithm);
+
+			_v3CertGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false,
+				createSubjectKeyId(_subPub));
+
+			_v3CertGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false,
+				createAuthorityKeyId(_issPub));
+
+			_v3CertGen.AddExtension(X509Extensions.BasicConstraints, false,
+				new BasicConstraints(_ca));
+
+			X509Certificate _cert = _v3CertGen.Generate(_issPriv);
+
+			_cert.CheckValidity(DateTime.UtcNow);
+			_cert.Verify(_issPub);
+
+			return _cert;
+		}
+
+		/*
+		 *
+		 * INTERNAL METHODS
+		 *
+		 */
+
+		private static AuthorityKeyIdentifier createAuthorityKeyId(
+			AsymmetricKeyParameter _pubKey)
+		{
+			SubjectPublicKeyInfo _info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(_pubKey);
+			return new AuthorityKeyIdentifier(_info);
+		}
+
+		private static SubjectKeyIdentifier createSubjectKeyId(
+			AsymmetricKeyParameter _pubKey)
+		{
+			SubjectPublicKeyInfo _info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(_pubKey);
+			return new SubjectKeyIdentifier(_info);
+		}
+
+		private static BigInteger allocateSerialNumber()
+		{
+			BigInteger _tmp = serialNumber;
+			serialNumber = serialNumber.Add(BigInteger.One);
+			return _tmp;
+		}
+	}
+}
diff --git a/crypto/test/src/openpgp/examples/ByteArrayHandler.cs b/crypto/test/src/openpgp/examples/ByteArrayHandler.cs
new file mode 100644
index 000000000..676db8766
--- /dev/null
+++ b/crypto/test/src/openpgp/examples/ByteArrayHandler.cs
@@ -0,0 +1,195 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Bcpg.OpenPgp;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples
+{
+    /**
+    * Simple routine to encrypt and decrypt using a passphrase.
+    * This service routine provides the basic PGP services between
+    * byte arrays.
+    *
+    * Note: this code plays no attention to -Console in the file name
+    * the specification of "_CONSOLE" in the filename.
+    * It also expects that a single pass phrase will have been used.
+    *
+    */
+    public sealed class ByteArrayHandler
+    {
+        private ByteArrayHandler()
+        {
+        }
+
+        /**
+        * decrypt the passed in message stream
+        *
+        * @param encrypted  The message to be decrypted.
+        * @param passPhrase Pass phrase (key)
+        *
+        * @return Clear text as a byte array.  I18N considerations are
+        *         not handled by this routine
+        * @exception IOException
+        * @exception PgpException
+        */
+        public static byte[] Decrypt(
+            byte[] encrypted,
+            char[] passPhrase)
+        {
+            Stream inputStream = new MemoryStream(encrypted);
+
+            inputStream = PgpUtilities.GetDecoderStream(inputStream);
+
+            PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
+            PgpEncryptedDataList enc = null;
+            PgpObject o = pgpF.NextPgpObject();
+
+			//
+            // the first object might be a PGP marker packet.
+            //
+            if (o is PgpEncryptedDataList)
+            {
+                enc = (PgpEncryptedDataList) o;
+            }
+            else
+            {
+                enc = (PgpEncryptedDataList) pgpF.NextPgpObject();
+            }
+
+            PgpPbeEncryptedData pbe = (PgpPbeEncryptedData)enc[0];
+
+            Stream clear = pbe.GetDataStream(passPhrase);
+
+            PgpObjectFactory pgpFact = new PgpObjectFactory(clear);
+
+            PgpCompressedData cData = (PgpCompressedData) pgpFact.NextPgpObject();
+
+            pgpFact = new PgpObjectFactory(cData.GetDataStream());
+
+            PgpLiteralData ld = (PgpLiteralData) pgpFact.NextPgpObject();
+
+            Stream unc = ld.GetInputStream();
+
+			return Streams.ReadAll(unc);
+        }
+
+        /**
+        * Simple PGP encryptor between byte[].
+        *
+        * @param clearData  The test to be encrypted
+        * @param passPhrase The pass phrase (key).  This method assumes that the
+        *                   key is a simple pass phrase, and does not yet support
+        *                   RSA or more sophisiticated keying.
+        * @param fileName   File name. This is used in the Literal Data Packet (tag 11)
+        *                   which is really inly important if the data is to be
+        *                   related to a file to be recovered later.  Because this
+        *                   routine does not know the source of the information, the
+        *                   caller can set something here for file name use that
+        *                   will be carried.  If this routine is being used to
+        *                   encrypt SOAP MIME bodies, for example, use the file name from the
+        *                   MIME type, if applicable. Or anything else appropriate.
+        *
+        * @param armor
+        *
+        * @return encrypted data.
+        * @exception IOException
+        * @exception PgpException
+        */
+        public static byte[] Encrypt(
+            byte[]						clearData,
+            char[]						passPhrase,
+            string						fileName,
+            SymmetricKeyAlgorithmTag	algorithm,
+            bool						armor)
+        {
+            if (fileName == null)
+            {
+                fileName = PgpLiteralData.Console;
+            }
+
+			byte[] compressedData = Compress(clearData, fileName, CompressionAlgorithmTag.Zip);
+
+			MemoryStream bOut = new MemoryStream();
+
+			Stream output = bOut;
+			if (armor)
+			{
+				output = new ArmoredOutputStream(output);
+			}
+
+			PgpEncryptedDataGenerator encGen = new PgpEncryptedDataGenerator(algorithm, new SecureRandom());
+            encGen.AddMethod(passPhrase);
+
+			Stream encOut = encGen.Open(output, compressedData.Length);
+
+			encOut.Write(compressedData, 0, compressedData.Length);
+			encOut.Close();
+			
+			if (armor)
+			{
+				output.Close();
+			}
+
+			return bOut.ToArray();
+        }
+
+		private static byte[] Compress(byte[] clearData, string fileName, CompressionAlgorithmTag algorithm)
+		{
+            MemoryStream bOut = new MemoryStream();
+
+            PgpCompressedDataGenerator comData = new PgpCompressedDataGenerator(algorithm);
+            Stream cos = comData.Open(bOut); // open it with the final destination
+            PgpLiteralDataGenerator lData = new PgpLiteralDataGenerator();
+
+            // we want to Generate compressed data. This might be a user option later,
+            // in which case we would pass in bOut.
+            Stream pOut = lData.Open(
+				cos,					// the compressed output stream
+                PgpLiteralData.Binary,
+                fileName,				// "filename" to store
+                clearData.Length,		// length of clear data
+                DateTime.UtcNow			// current time
+            );
+
+			pOut.Write(clearData, 0, clearData.Length);
+			pOut.Close();
+
+			comData.Close();
+
+			return bOut.ToArray();
+		}
+
+		private static string GetAsciiString(byte[] bs)
+		{
+			return Encoding.ASCII.GetString(bs, 0, bs.Length);
+		}
+
+        public static void Main(
+			string[] args)
+        {
+            string passPhrase = "Dick Beck";
+            char[] passArray = passPhrase.ToCharArray();
+
+            byte[] original = Encoding.ASCII.GetBytes("Hello world");
+            Console.WriteLine("Starting PGP test");
+            byte[] encrypted = Encrypt(original, passArray, "iway", SymmetricKeyAlgorithmTag.Cast5, true);
+
+            Console.WriteLine("\nencrypted data = '"+Hex.ToHexString(encrypted)+"'");
+            byte[] decrypted= Decrypt(encrypted,passArray);
+
+            Console.WriteLine("\ndecrypted data = '"+GetAsciiString(decrypted)+"'");
+
+            encrypted = Encrypt(original, passArray, "iway", SymmetricKeyAlgorithmTag.Aes256, false);
+
+            Console.WriteLine("\nencrypted data = '"+Hex.ToHexString(encrypted)+"'");
+            decrypted= Decrypt(encrypted, passArray);
+
+            Console.WriteLine("\ndecrypted data = '"+GetAsciiString(decrypted)+"'");
+        }
+    }
+}
diff --git a/crypto/test/src/openpgp/examples/ClearSignedFileProcessor.cs b/crypto/test/src/openpgp/examples/ClearSignedFileProcessor.cs
new file mode 100644
index 000000000..14fa37269
--- /dev/null
+++ b/crypto/test/src/openpgp/examples/ClearSignedFileProcessor.cs
@@ -0,0 +1,375 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Bcpg.OpenPgp;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples
+{
+    /**
+    * A simple utility class that creates clear signed files and verifies them.
+    * <p>
+    * To sign a file: ClearSignedFileProcessor -s fileName secretKey passPhrase.
+	* </p>
+    * <p>
+    * To decrypt: ClearSignedFileProcessor -v fileName signatureFile publicKeyFile.
+	* </p>
+    */
+    public sealed class ClearSignedFileProcessor
+    {
+        private ClearSignedFileProcessor()
+        {
+        }
+
+		private static int ReadInputLine(
+			MemoryStream	bOut,
+			Stream			fIn)
+		{
+			bOut.SetLength(0);
+
+			int lookAhead = -1;
+			int ch;
+
+			while ((ch = fIn.ReadByte()) >= 0)
+			{
+				bOut.WriteByte((byte) ch);
+				if (ch == '\r' || ch == '\n')
+				{
+					lookAhead = ReadPassedEol(bOut, ch, fIn);
+					break;
+				}
+			}
+
+			return lookAhead;
+		}
+
+		private static int ReadInputLine(
+			MemoryStream	bOut,
+			int				lookAhead,
+			Stream			fIn)
+		{
+			bOut.SetLength(0);
+
+			int ch = lookAhead;
+
+			do
+			{
+				bOut.WriteByte((byte) ch);
+				if (ch == '\r' || ch == '\n')
+				{
+					lookAhead = ReadPassedEol(bOut, ch, fIn);
+					break;
+				}
+			}
+			while ((ch = fIn.ReadByte()) >= 0);
+
+			if (ch < 0)
+			{
+				lookAhead = -1;
+			}
+
+			return lookAhead;
+		}
+
+		private static int ReadPassedEol(
+			MemoryStream	bOut,
+			int				lastCh,
+			Stream			fIn)
+		{
+			int lookAhead = fIn.ReadByte();
+
+			if (lastCh == '\r' && lookAhead == '\n')
+			{
+				bOut.WriteByte((byte) lookAhead);
+				lookAhead = fIn.ReadByte();
+			}
+
+			return lookAhead;
+		}
+
+		/*
+		* verify a clear text signed file
+		*/
+        private static void VerifyFile(
+            Stream	inputStream,
+            Stream	keyIn,
+			string	resultName)
+        {
+			ArmoredInputStream aIn = new ArmoredInputStream(inputStream);
+			Stream outStr = File.Create(resultName);
+
+			//
+			// write out signed section using the local line separator.
+			// note: trailing white space needs to be removed from the end of
+			// each line RFC 4880 Section 7.1
+			//
+			MemoryStream lineOut = new MemoryStream();
+			int lookAhead = ReadInputLine(lineOut, aIn);
+			byte[] lineSep = LineSeparator;
+
+			if (lookAhead != -1 && aIn.IsClearText())
+			{
+				byte[] line = lineOut.ToArray();
+				outStr.Write(line, 0, GetLengthWithoutSeparatorOrTrailingWhitespace(line));
+				outStr.Write(lineSep, 0, lineSep.Length);
+
+				while (lookAhead != -1 && aIn.IsClearText())
+				{
+					lookAhead = ReadInputLine(lineOut, lookAhead, aIn);
+                
+					line = lineOut.ToArray();
+					outStr.Write(line, 0, GetLengthWithoutSeparatorOrTrailingWhitespace(line));
+					outStr.Write(lineSep, 0, lineSep.Length);
+				}
+			}
+
+			outStr.Close();
+
+			PgpPublicKeyRingBundle pgpRings = new PgpPublicKeyRingBundle(keyIn);
+
+			PgpObjectFactory pgpFact = new PgpObjectFactory(aIn);
+			PgpSignatureList p3 = (PgpSignatureList) pgpFact.NextPgpObject();
+			PgpSignature sig = p3[0];
+
+			sig.InitVerify(pgpRings.GetPublicKey(sig.KeyId));
+
+			//
+			// read the input, making sure we ignore the last newline.
+			//
+			Stream sigIn = File.OpenRead(resultName);
+
+			lookAhead = ReadInputLine(lineOut, sigIn);
+
+			ProcessLine(sig, lineOut.ToArray());
+
+			if (lookAhead != -1)
+			{
+				do
+				{
+					lookAhead = ReadInputLine(lineOut, lookAhead, sigIn);
+
+					sig.Update((byte) '\r');
+					sig.Update((byte) '\n');
+
+					ProcessLine(sig, lineOut.ToArray());
+				}
+				while (lookAhead != -1);
+			}
+
+			sigIn.Close();
+
+			if (sig.Verify())
+            {
+                Console.WriteLine("signature verified.");
+            }
+            else
+            {
+                Console.WriteLine("signature verification failed.");
+            }
+        }
+
+		private static byte[] LineSeparator
+		{
+			get { return Encoding.ASCII.GetBytes(SimpleTest.NewLine); }
+		}
+
+        /*
+        * create a clear text signed file.
+        */
+        private static void SignFile(
+            string	fileName,
+            Stream	keyIn,
+            Stream	outputStream,
+            char[]	pass,
+			string	digestName)
+        {
+			HashAlgorithmTag digest;
+
+			if (digestName.Equals("SHA256"))
+			{
+				digest = HashAlgorithmTag.Sha256;
+			}
+			else if (digestName.Equals("SHA384"))
+			{
+				digest = HashAlgorithmTag.Sha384;
+			}
+			else if (digestName.Equals("SHA512"))
+			{
+				digest = HashAlgorithmTag.Sha512;
+			}
+			else if (digestName.Equals("MD5"))
+			{
+				digest = HashAlgorithmTag.MD5;
+			}
+			else if (digestName.Equals("RIPEMD160"))
+			{
+				digest = HashAlgorithmTag.RipeMD160;
+			}
+			else
+			{
+				digest = HashAlgorithmTag.Sha1;
+			}
+
+			PgpSecretKey                    pgpSecKey = PgpExampleUtilities.ReadSecretKey(keyIn);
+            PgpPrivateKey                   pgpPrivKey = pgpSecKey.ExtractPrivateKey(pass);
+            PgpSignatureGenerator           sGen = new PgpSignatureGenerator(pgpSecKey.PublicKey.Algorithm, digest);
+            PgpSignatureSubpacketGenerator  spGen = new PgpSignatureSubpacketGenerator();
+
+			sGen.InitSign(PgpSignature.CanonicalTextDocument, pgpPrivKey);
+
+			IEnumerator enumerator = pgpSecKey.PublicKey.GetUserIds().GetEnumerator();
+            if (enumerator.MoveNext())
+            {
+                spGen.SetSignerUserId(false, (string) enumerator.Current);
+                sGen.SetHashedSubpackets(spGen.Generate());
+            }
+
+            Stream fIn = File.OpenRead(fileName);
+			ArmoredOutputStream aOut = new ArmoredOutputStream(outputStream);
+
+			aOut.BeginClearText(digest);
+
+			//
+			// note the last \n/\r/\r\n in the file is ignored
+			//
+			MemoryStream lineOut = new MemoryStream();
+			int lookAhead = ReadInputLine(lineOut, fIn);
+
+			ProcessLine(aOut, sGen, lineOut.ToArray());
+
+			if (lookAhead != -1)
+			{
+				do
+				{
+					lookAhead = ReadInputLine(lineOut, lookAhead, fIn);
+
+					sGen.Update((byte) '\r');
+					sGen.Update((byte) '\n');
+
+					ProcessLine(aOut, sGen, lineOut.ToArray());
+				}
+				while (lookAhead != -1);
+			}
+
+			fIn.Close();
+
+			aOut.EndClearText();
+
+			BcpgOutputStream bOut = new BcpgOutputStream(aOut);
+
+            sGen.Generate().Encode(bOut);
+
+            aOut.Close();
+        }
+
+		private static void ProcessLine(
+			PgpSignature	sig,
+			byte[]			line)
+		{
+			// note: trailing white space needs to be removed from the end of
+			// each line for signature calculation RFC 4880 Section 7.1
+			int length = GetLengthWithoutWhiteSpace(line);
+			if (length > 0)
+			{
+				sig.Update(line, 0, length);
+			}
+		}
+
+		private static void ProcessLine(
+			Stream					aOut,
+			PgpSignatureGenerator	sGen,
+			byte[]					line)
+		{
+			int length = GetLengthWithoutWhiteSpace(line);
+			if (length > 0)
+			{
+				sGen.Update(line, 0, length);
+			}
+
+			aOut.Write(line, 0, line.Length);
+		}
+
+		private static int GetLengthWithoutSeparatorOrTrailingWhitespace(byte[] line)
+		{
+			int end = line.Length - 1;
+
+			while (end >= 0 && IsWhiteSpace(line[end]))
+			{
+				end--;
+			}
+
+			return end + 1;
+		}
+
+		private static bool IsLineEnding(
+			byte b)
+		{
+			return b == '\r' || b == '\n';
+		}
+
+		private static int GetLengthWithoutWhiteSpace(
+			byte[] line)
+		{
+			int end = line.Length - 1;
+
+			while (end >= 0 && IsWhiteSpace(line[end]))
+			{
+				end--;
+			}
+
+			return end + 1;
+		}
+
+		private static bool IsWhiteSpace(
+			byte b)
+		{
+			return IsLineEnding(b) || b == '\t' || b == ' ';
+		}
+
+		public static int Main(
+            string[] args)
+        {
+            if (args[0].Equals("-s"))
+            {
+				Stream fis = File.OpenRead(args[2]);
+				Stream fos = File.Create(args[1] + ".asc");
+
+				Stream keyIn = PgpUtilities.GetDecoderStream(fis);
+
+				string digestName = (args.Length == 4)
+					?	"SHA1"
+					:	args[4];
+
+				SignFile(args[1], keyIn, fos, args[3].ToCharArray(), digestName);
+
+				fis.Close();
+				fos.Close();
+            }
+            else if (args[0].Equals("-v"))
+            {
+				if (args[1].IndexOf(".asc") < 0)
+				{
+					Console.Error.WriteLine("file needs to end in \".asc\"");
+					return 1;
+				}
+
+				Stream fin = File.OpenRead(args[1]);
+				Stream fis = File.OpenRead(args[2]);
+
+				Stream keyIn = PgpUtilities.GetDecoderStream(fis);
+
+				VerifyFile(fin, keyIn, args[1].Substring(0, args[1].Length - 4));
+
+				fin.Close();
+				fis.Close();
+            }
+            else
+            {
+                Console.Error.WriteLine("usage: ClearSignedFileProcessor [-s file keyfile passPhrase]|[-v sigFile keyFile]");
+            }
+			return 0;
+        }
+    }
+}
diff --git a/crypto/test/src/openpgp/examples/DetachedSignatureProcessor.cs b/crypto/test/src/openpgp/examples/DetachedSignatureProcessor.cs
new file mode 100644
index 000000000..c4959844d
--- /dev/null
+++ b/crypto/test/src/openpgp/examples/DetachedSignatureProcessor.cs
@@ -0,0 +1,167 @@
+using System;
+using System.Collections;
+using System.IO;
+
+
+using Org.BouncyCastle.Bcpg.OpenPgp;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples
+{
+    /**
+    * A simple utility class that creates seperate signatures for files and verifies them.
+    * <p>
+    * To sign a file: DetachedSignatureProcessor -s [-a] fileName secretKey passPhrase.<br/>
+    * If -a is specified the output file will be "ascii-armored".</p>
+    * <p>
+    * To decrypt: DetachedSignatureProcessor -v  fileName signatureFile publicKeyFile.</p>
+    * <p>
+    * Note: this example will silently overwrite files.
+    * It also expects that a single pass phrase
+    * will have been used.</p>
+    */
+    public sealed class DetachedSignatureProcessor
+    {
+        private DetachedSignatureProcessor()
+        {
+        }
+
+		private static void VerifySignature(
+			string	fileName,
+			string	inputFileName,
+			string	keyFileName)
+		{
+			using (Stream input = File.OpenRead(inputFileName),
+				keyIn = File.OpenRead(keyFileName))
+			{
+				VerifySignature(fileName, input, keyIn);
+			}
+		}
+
+		/**
+        * verify the signature in in against the file fileName.
+        */
+        private static void VerifySignature(
+            string	fileName,
+            Stream	inputStream,
+            Stream	keyIn)
+        {
+            inputStream = PgpUtilities.GetDecoderStream(inputStream);
+
+            PgpObjectFactory pgpFact = new PgpObjectFactory(inputStream);
+            PgpSignatureList p3 = null;
+            PgpObject o = pgpFact.NextPgpObject();
+            if (o is PgpCompressedData)
+            {
+                PgpCompressedData c1 = (PgpCompressedData)o;
+                pgpFact = new PgpObjectFactory(c1.GetDataStream());
+
+                p3 = (PgpSignatureList)pgpFact.NextPgpObject();
+            }
+            else
+            {
+                p3 = (PgpSignatureList)o;
+            }
+
+            PgpPublicKeyRingBundle pgpPubRingCollection = new PgpPublicKeyRingBundle(
+				PgpUtilities.GetDecoderStream(keyIn));
+            Stream dIn = File.OpenRead(fileName);
+            PgpSignature sig = p3[0];
+            PgpPublicKey key = pgpPubRingCollection.GetPublicKey(sig.KeyId);
+            sig.InitVerify(key);
+
+			int ch;
+            while ((ch = dIn.ReadByte()) >= 0)
+            {
+                sig.Update((byte)ch);
+            }
+
+			dIn.Close();
+
+			if (sig.Verify())
+            {
+                Console.WriteLine("signature verified.");
+            }
+            else
+            {
+                Console.WriteLine("signature verification failed.");
+            }
+        }
+
+		private static void CreateSignature(
+			string	inputFileName,
+			string	keyFileName,
+			string	outputFileName,
+			char[]	pass,
+			bool	armor)
+		{
+			using (Stream keyIn = File.OpenRead(keyFileName),
+				output = File.OpenRead(outputFileName))
+			{
+				CreateSignature(inputFileName, keyIn, output, pass, armor);
+			}
+		}
+
+		private static void CreateSignature(
+			string	fileName,
+			Stream	keyIn,
+			Stream	outputStream,
+			char[]	pass,
+			bool	armor)
+        {
+            if (armor)
+            {
+                outputStream = new ArmoredOutputStream(outputStream);
+            }
+
+            PgpSecretKey pgpSec = PgpExampleUtilities.ReadSecretKey(keyIn);
+            PgpPrivateKey pgpPrivKey = pgpSec.ExtractPrivateKey(pass);
+            PgpSignatureGenerator sGen = new PgpSignatureGenerator(
+				pgpSec.PublicKey.Algorithm, HashAlgorithmTag.Sha1);
+
+			sGen.InitSign(PgpSignature.BinaryDocument, pgpPrivKey);
+
+			BcpgOutputStream bOut = new BcpgOutputStream(outputStream);
+
+			Stream fIn = File.OpenRead(fileName);
+
+            int ch;
+            while ((ch = fIn.ReadByte()) >= 0)
+            {
+                sGen.Update((byte)ch);
+            }
+
+			fIn.Close();
+
+			sGen.Generate().Encode(bOut);
+
+			if (armor)
+			{
+				outputStream.Close();
+			}
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            if (args[0].Equals("-s"))
+            {
+                if (args[1].Equals("-a"))
+                {
+					CreateSignature(args[2], args[3], args[2] + ".asc", args[4].ToCharArray(), true);
+                }
+                else
+                {
+					CreateSignature(args[1], args[2], args[1] + ".bpg", args[3].ToCharArray(), false);
+                }
+            }
+            else if (args[0].Equals("-v"))
+            {
+				VerifySignature(args[1], args[2], args[3]);
+			}
+            else
+            {
+                Console.Error.WriteLine("usage: DetachedSignatureProcessor [-s [-a] file keyfile passPhrase]|[-v file sigFile keyFile]");
+            }
+        }
+    }
+}
diff --git a/crypto/test/src/openpgp/examples/DirectKeySignature.cs b/crypto/test/src/openpgp/examples/DirectKeySignature.cs
new file mode 100644
index 000000000..a6bf8e755
--- /dev/null
+++ b/crypto/test/src/openpgp/examples/DirectKeySignature.cs
@@ -0,0 +1,140 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Bcpg;
+using Org.BouncyCastle.Bcpg.Sig;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples
+{
+	/**
+	* A simple utility class that directly signs a public key and writes the signed key to "SignedKey.asc" in 
+	* the current working directory.
+	* <p>
+	* To sign a key: DirectKeySignature secretKeyFile secretKeyPass publicKeyFile(key to be signed) NotationName NotationValue.<br/>
+	* </p><p>
+	* To display a NotationData packet from a publicKey previously signed: DirectKeySignature signedPublicKeyFile.<br/>
+	* </p><p>
+	* <b>Note</b>: this example will silently overwrite files, nor does it pay any attention to
+	* the specification of "_CONSOLE" in the filename. It also expects that a single pass phrase
+	* will have been used.
+	* </p>
+	*/
+	public class DirectKeySignature
+	{
+		public static void Main(
+			string[] args)
+		{
+			if (args.Length == 1)
+			{
+				Stream fis = File.OpenRead(args[0]);
+
+				PgpPublicKeyRing ring = new PgpPublicKeyRing(
+					PgpUtilities.GetDecoderStream(fis));
+				PgpPublicKey key = ring.GetPublicKey();
+
+				// iterate through all direct key signautures and look for NotationData subpackets
+				foreach (PgpSignature sig in key.GetSignaturesOfType(PgpSignature.DirectKey))
+				{
+					Console.WriteLine("Signature date is: "
+						+ sig.GetHashedSubPackets().GetSignatureCreationTime());
+
+					NotationData[] data = sig.GetHashedSubPackets().GetNotationDataOccurences();
+
+					for (int i = 0; i < data.Length; i++)
+					{
+						Console.WriteLine("Found Notaion named '" + data[i].GetNotationName()
+							+"' with content '" + data[i].GetNotationValue() + "'.");
+					}
+				}
+
+				fis.Close();
+			}
+			else if (args.Length == 5)
+			{
+				Stream secFis = File.OpenRead(args[0]);
+				Stream pubFis = File.OpenRead(args[2]);
+
+				// gather command line arguments
+				PgpSecretKeyRing secRing = new PgpSecretKeyRing(
+					PgpUtilities.GetDecoderStream(secFis));
+				String secretKeyPass = args[1];
+				PgpPublicKeyRing ring = new PgpPublicKeyRing(
+					PgpUtilities.GetDecoderStream(pubFis));
+				String notationName = args[3];
+				String notationValue = args[4];
+
+				// create the signed keyRing
+				PgpPublicKeyRing sRing = null;
+				sRing = new PgpPublicKeyRing(
+					new MemoryStream(
+						SignPublicKey(secRing.GetSecretKey(), secretKeyPass,
+							ring.GetPublicKey(), notationName, notationValue, true),
+						false));
+				ring = sRing;
+
+				secFis.Close();
+				pubFis.Close();
+
+				Stream fos = File.Create("SignedKey.asc");
+
+				// write the created keyRing to file
+				ArmoredOutputStream aOut = new ArmoredOutputStream(fos);
+				sRing.Encode(aOut);
+				aOut.Close();
+
+				// Note: ArmoredOutputStream.Close() leaves underlying stream open
+				fos.Close();
+			}
+			else
+			{
+				Console.Error.WriteLine("usage: DirectKeySignature secretKeyFile secretKeyPass publicKeyFile(key to be signed) NotationName NotationValue");
+				Console.Error.WriteLine("or: DirectKeySignature signedPublicKeyFile");
+			}
+		}
+
+		private static byte[] SignPublicKey(
+			PgpSecretKey	secretKey,
+			string			secretKeyPass,
+			PgpPublicKey	keyToBeSigned,
+			string			notationName,
+			string			notationValue,
+			bool			armor)
+		{
+			Stream os = new MemoryStream();
+			if (armor)
+			{
+				os = new ArmoredOutputStream(os);
+			}
+
+			PgpPrivateKey pgpPrivKey = secretKey.ExtractPrivateKey(
+				secretKeyPass.ToCharArray());
+
+			PgpSignatureGenerator sGen = new PgpSignatureGenerator(
+				secretKey.PublicKey.Algorithm, HashAlgorithmTag.Sha1);
+
+			sGen.InitSign(PgpSignature.DirectKey, pgpPrivKey);
+
+			BcpgOutputStream bOut = new BcpgOutputStream(os);
+
+			sGen.GenerateOnePassVersion(false).Encode(bOut);
+
+			PgpSignatureSubpacketGenerator spGen = new PgpSignatureSubpacketGenerator();
+
+			bool isHumanReadable = true;
+
+			spGen.SetNotationData(true, isHumanReadable, notationName, notationValue);
+
+			PgpSignatureSubpacketVector packetVector = spGen.Generate();
+			sGen.SetHashedSubpackets(packetVector);
+
+			bOut.Flush();
+
+			if (armor)
+			{
+				os.Close();
+			}
+
+			return PgpPublicKey.AddCertification(keyToBeSigned, sGen.Generate()).GetEncoded();
+		}
+	}
+}
diff --git a/crypto/test/src/openpgp/examples/DsaElGamalKeyRingGenerator.cs b/crypto/test/src/openpgp/examples/DsaElGamalKeyRingGenerator.cs
new file mode 100644
index 000000000..6040351a3
--- /dev/null
+++ b/crypto/test/src/openpgp/examples/DsaElGamalKeyRingGenerator.cs
@@ -0,0 +1,134 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Bcpg.OpenPgp;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples
+{
+    /**
+    * A simple utility class that Generates a public/secret keyring containing a DSA signing
+    * key and an El Gamal key for encryption.
+    * <p>
+    * usage: DSAElGamalKeyRingGenerator [-a] identity passPhrase</p>
+    * <p>
+    * Where identity is the name to be associated with the public key. The keys are placed
+    * in the files pub.[asc|bpg] and secret.[asc|bpg].</p>
+    * <p>
+    * <b>Note</b>: this example encrypts the secret key using AES_256, many PGP products still
+    * do not support this, if you are having problems importing keys try changing the algorithm
+    * id to PgpEncryptedData.Cast5. CAST5 is more widelysupported.</p>
+    */
+    public sealed class DsaElGamalKeyRingGenerator
+    {
+        private DsaElGamalKeyRingGenerator()
+        {
+        }
+
+		private static void ExportKeyPair(
+            Stream					secretOut,
+            Stream					publicOut,
+            AsymmetricCipherKeyPair	dsaKp,
+            AsymmetricCipherKeyPair	elgKp,
+            string					identity,
+            char[]					passPhrase,
+            bool					armor)
+        {
+            if (armor)
+            {
+                secretOut = new ArmoredOutputStream(secretOut);
+            }
+
+			PgpKeyPair dsaKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa, dsaKp, DateTime.UtcNow);
+            PgpKeyPair elgKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ElGamalEncrypt, elgKp, DateTime.UtcNow);
+
+			PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, dsaKeyPair,
+				identity, SymmetricKeyAlgorithmTag.Aes256, passPhrase, true, null, null, new SecureRandom());
+
+			keyRingGen.AddSubKey(elgKeyPair);
+
+			keyRingGen.GenerateSecretKeyRing().Encode(secretOut);
+
+			if (armor)
+            {
+				secretOut.Close();
+				publicOut = new ArmoredOutputStream(publicOut);
+            }
+
+			keyRingGen.GeneratePublicKeyRing().Encode(publicOut);
+
+			if (armor)
+			{
+				publicOut.Close();
+			}
+        }
+
+		public static int Main(
+            string[] args)
+        {
+            if (args.Length < 2)
+            {
+                Console.WriteLine("DsaElGamalKeyRingGenerator [-a] identity passPhrase");
+                return 0;
+            }
+
+			IAsymmetricCipherKeyPairGenerator dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA");
+            DsaParametersGenerator pGen = new DsaParametersGenerator();
+            pGen.Init(1024, 80, new SecureRandom());
+            DsaParameters dsaParams = pGen.GenerateParameters();
+            DsaKeyGenerationParameters kgp = new DsaKeyGenerationParameters(new SecureRandom(), dsaParams);
+            dsaKpg.Init(kgp);
+
+
+			//
+            // this takes a while as the key generator has to Generate some DSA parameters
+            // before it Generates the key.
+            //
+            AsymmetricCipherKeyPair dsaKp = dsaKpg.GenerateKeyPair();
+
+
+			IAsymmetricCipherKeyPairGenerator elgKpg = GeneratorUtilities.GetKeyPairGenerator("ELGAMAL");
+
+			BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
+            BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
+
+			ElGamalParameters elParams = new ElGamalParameters(p, g);
+            ElGamalKeyGenerationParameters elKgp = new ElGamalKeyGenerationParameters(new SecureRandom(), elParams);
+            elgKpg.Init(elKgp);
+
+			//
+            // this is quicker because we are using preGenerated parameters.
+            //
+            AsymmetricCipherKeyPair elgKp = elgKpg.GenerateKeyPair();
+
+			Stream out1, out2;
+			if (args[0].Equals("-a"))
+            {
+                if (args.Length < 3)
+                {
+                    Console.WriteLine("DSAElGamalKeyRingGenerator [-a] identity passPhrase");
+                    return 0;
+                }
+
+				out1 = File.Create("secret.asc");
+                out2 = File.Create("pub.asc");
+
+				ExportKeyPair(out1, out2, dsaKp, elgKp, args[1], args[2].ToCharArray(), true);
+            }
+            else
+            {
+                out1 = File.Create("secret.bpg");
+                out2 = File.Create("pub.bpg");
+
+				ExportKeyPair(out1, out2, dsaKp, elgKp, args[0], args[1].ToCharArray(), false);
+            }
+			out1.Close();
+			out2.Close();
+			return 0;
+        }
+    }
+}
diff --git a/crypto/test/src/openpgp/examples/KeyBasedFileProcessor.cs b/crypto/test/src/openpgp/examples/KeyBasedFileProcessor.cs
new file mode 100644
index 000000000..c77408b1f
--- /dev/null
+++ b/crypto/test/src/openpgp/examples/KeyBasedFileProcessor.cs
@@ -0,0 +1,259 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Bcpg.OpenPgp;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples
+{
+    /**
+    * A simple utility class that encrypts/decrypts public key based
+    * encryption files.
+    * <p>
+    * To encrypt a file: KeyBasedFileProcessor -e [-a|-ai] fileName publicKeyFile.<br/>
+    * If -a is specified the output file will be "ascii-armored".
+    * If -i is specified the output file will be have integrity checking added.</p>
+    * <p>
+    * To decrypt: KeyBasedFileProcessor -d fileName secretKeyFile passPhrase.</p>
+    * <p>
+	* Note 1: this example will silently overwrite files, nor does it pay any attention to
+	* the specification of "_CONSOLE" in the filename. It also expects that a single pass phrase
+	* will have been used.</p>
+	* <p>
+	* Note 2: if an empty file name has been specified in the literal data object contained in the
+	* encrypted packet a file with the name filename.out will be generated in the current working directory.</p>
+    */
+    public sealed class KeyBasedFileProcessor
+    {
+        private KeyBasedFileProcessor()
+        {
+        }
+
+		private static void DecryptFile(
+			string	inputFileName,
+			string	keyFileName,
+			char[]	passwd,
+			string	defaultFileName)
+		{
+			using (Stream input = File.OpenRead(inputFileName),
+			       keyIn = File.OpenRead(keyFileName))
+			{
+				DecryptFile(input, keyIn, passwd, defaultFileName);
+			}
+		}
+
+		/**
+		 * decrypt the passed in message stream
+		 */
+		private static void DecryptFile(
+			Stream	inputStream,
+			Stream	keyIn,
+			char[]	passwd,
+			string	defaultFileName)
+		{
+            inputStream = PgpUtilities.GetDecoderStream(inputStream);
+
+            try
+            {
+                PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
+                PgpEncryptedDataList enc;
+
+                PgpObject o = pgpF.NextPgpObject();
+                //
+                // the first object might be a PGP marker packet.
+                //
+                if (o is PgpEncryptedDataList)
+                {
+                    enc = (PgpEncryptedDataList)o;
+                }
+                else
+                {
+                    enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
+                }
+
+                //
+                // find the secret key
+                //
+                PgpPrivateKey sKey = null;
+                PgpPublicKeyEncryptedData pbe = null;
+				PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle(
+					PgpUtilities.GetDecoderStream(keyIn));
+
+				foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
+                {
+                    sKey = PgpExampleUtilities.FindSecretKey(pgpSec, pked.KeyId, passwd);
+
+                    if (sKey != null)
+                    {
+                        pbe = pked;
+                        break;
+                    }
+                }
+
+				if (sKey == null)
+                {
+                    throw new ArgumentException("secret key for message not found.");
+                }
+
+                Stream clear = pbe.GetDataStream(sKey);
+
+                PgpObjectFactory plainFact = new PgpObjectFactory(clear);
+
+                PgpObject message = plainFact.NextPgpObject();
+
+                if (message is PgpCompressedData)
+                {
+                    PgpCompressedData cData = (PgpCompressedData)message;
+                    PgpObjectFactory pgpFact = new PgpObjectFactory(cData.GetDataStream());
+
+                    message = pgpFact.NextPgpObject();
+                }
+
+                if (message is PgpLiteralData)
+                {
+                    PgpLiteralData ld = (PgpLiteralData)message;
+
+					string outFileName = ld.FileName;
+					if (outFileName.Length == 0)
+					{
+						outFileName = defaultFileName;
+					}
+
+					Stream fOut = File.Create(outFileName);
+					Stream unc = ld.GetInputStream();
+					Streams.PipeAll(unc, fOut);
+					fOut.Close();
+                }
+                else if (message is PgpOnePassSignatureList)
+                {
+                    throw new PgpException("encrypted message contains a signed message - not literal data.");
+                }
+                else
+                {
+                    throw new PgpException("message is not a simple encrypted file - type unknown.");
+                }
+
+                if (pbe.IsIntegrityProtected())
+                {
+                    if (!pbe.Verify())
+                    {
+                        Console.Error.WriteLine("message failed integrity check");
+                    }
+                    else
+                    {
+                        Console.Error.WriteLine("message integrity check passed");
+                    }
+                }
+                else
+                {
+                    Console.Error.WriteLine("no message integrity check");
+                }
+            }
+            catch (PgpException e)
+            {
+                Console.Error.WriteLine(e);
+
+                Exception underlyingException = e.InnerException;
+                if (underlyingException != null)
+                {
+                    Console.Error.WriteLine(underlyingException.Message);
+                    Console.Error.WriteLine(underlyingException.StackTrace);
+                }
+            }
+        }
+		
+		private static void EncryptFile(
+			string	outputFileName,
+			string	inputFileName,
+			string	encKeyFileName,
+			bool	armor,
+			bool	withIntegrityCheck)
+		{
+			PgpPublicKey encKey = PgpExampleUtilities.ReadPublicKey(encKeyFileName);
+
+			using (Stream output = File.Create(outputFileName))
+			{
+				EncryptFile(output, inputFileName, encKey, armor, withIntegrityCheck);
+			}
+		}
+
+        private static void EncryptFile(
+            Stream			outputStream,
+            string			fileName,
+            PgpPublicKey	encKey,
+            bool			armor,
+            bool			withIntegrityCheck)
+        {
+            if (armor)
+            {
+                outputStream = new ArmoredOutputStream(outputStream);
+            }
+
+            try
+            {
+            	byte[] bytes = PgpExampleUtilities.CompressFile(fileName, CompressionAlgorithmTag.Zip);
+
+				PgpEncryptedDataGenerator encGen = new PgpEncryptedDataGenerator(
+					SymmetricKeyAlgorithmTag.Cast5, withIntegrityCheck, new SecureRandom());
+				encGen.AddMethod(encKey);
+
+				Stream cOut = encGen.Open(outputStream, bytes.Length);
+
+				cOut.Write(bytes, 0, bytes.Length);
+				cOut.Close();
+
+				if (armor)
+				{
+					outputStream.Close();
+				}
+            }
+            catch (PgpException e)
+            {
+                Console.Error.WriteLine(e);
+
+                Exception underlyingException = e.InnerException;
+                if (underlyingException != null)
+                {
+                    Console.Error.WriteLine(underlyingException.Message);
+                    Console.Error.WriteLine(underlyingException.StackTrace);
+                }
+            }
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            if (args.Length == 0)
+            {
+                Console.Error.WriteLine("usage: KeyBasedFileProcessor -e|-d [-a|ai] file [secretKeyFile passPhrase|pubKeyFile]");
+                return;
+            }
+
+            if (args[0].Equals("-e"))
+            {
+                if (args[1].Equals("-a") || args[1].Equals("-ai") || args[1].Equals("-ia"))
+                {
+					EncryptFile(args[2] + ".asc", args[2], args[3], true, (args[1].IndexOf('i') > 0));
+                }
+                else if (args[1].Equals("-i"))
+                {
+					EncryptFile(args[2] + ".bpg", args[2], args[3], false, true);
+                }
+                else
+                {
+					EncryptFile(args[1] + ".bpg", args[1], args[2], false, false);
+                }
+            }
+            else if (args[0].Equals("-d"))
+            {
+				DecryptFile(args[1], args[2], args[3].ToCharArray(), new FileInfo(args[1]).Name + ".out");
+            }
+            else
+            {
+                Console.Error.WriteLine("usage: KeyBasedFileProcessor -d|-e [-a|ai] file [secretKeyFile passPhrase|pubKeyFile]");
+            }
+        }
+    }
+}
diff --git a/crypto/test/src/openpgp/examples/KeyBasedLargeFileProcessor.cs b/crypto/test/src/openpgp/examples/KeyBasedLargeFileProcessor.cs
new file mode 100644
index 000000000..7fb00a3b7
--- /dev/null
+++ b/crypto/test/src/openpgp/examples/KeyBasedLargeFileProcessor.cs
@@ -0,0 +1,267 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Bcpg.OpenPgp;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples
+{
+    /**
+    * A simple utility class that encrypts/decrypts public key based
+    * encryption large files.
+    * <p>
+    * To encrypt a file: KeyBasedLargeFileProcessor -e [-a|-ai] fileName publicKeyFile.<br/>
+    * If -a is specified the output file will be "ascii-armored".
+    * If -i is specified the output file will be have integrity checking added.</p>
+    * <p>
+    * To decrypt: KeyBasedLargeFileProcessor -d fileName secretKeyFile passPhrase.</p>
+    * <p>
+    * Note 1: this example will silently overwrite files, nor does it pay any attention to
+    * the specification of "_CONSOLE" in the filename. It also expects that a single pass phrase
+    * will have been used.</p>
+    * <p>
+    * Note 2: this example Generates partial packets to encode the file, the output it Generates
+    * will not be readable by older PGP products or products that don't support partial packet
+    * encoding.</p>
+	* <p>
+	* Note 3: if an empty file name has been specified in the literal data object contained in the
+	* encrypted packet a file with the name filename.out will be generated in the current working directory.</p>
+    */
+    public sealed class KeyBasedLargeFileProcessor
+    {
+        private KeyBasedLargeFileProcessor()
+        {
+        }
+
+		private static void DecryptFile(
+			string	inputFileName,
+			string	keyFileName,
+			char[]	passwd,
+			string	defaultFileName)
+		{
+			using (Stream input = File.OpenRead(inputFileName),
+			       keyIn = File.OpenRead(keyFileName))
+			{
+				DecryptFile(input, keyIn, passwd, defaultFileName);
+			}
+		}
+
+		/**
+        * decrypt the passed in message stream
+        */
+        private static void DecryptFile(
+            Stream	inputStream,
+            Stream	keyIn,
+			char[]	passwd,
+			string	defaultFileName)
+		{
+            inputStream = PgpUtilities.GetDecoderStream(inputStream);
+
+            try
+            {
+                PgpObjectFactory        pgpF = new PgpObjectFactory(inputStream);
+                PgpEncryptedDataList    enc;
+
+                PgpObject o = pgpF.NextPgpObject();
+                //
+                // the first object might be a PGP marker packet.
+                //
+                if (o is PgpEncryptedDataList)
+                {
+                    enc = (PgpEncryptedDataList)o;
+                }
+                else
+                {
+                    enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
+                }
+
+                //
+                // find the secret key
+                //
+                PgpPrivateKey sKey = null;
+                PgpPublicKeyEncryptedData pbe = null;
+				PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle(
+					PgpUtilities.GetDecoderStream(keyIn));
+
+				foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
+                {
+                    sKey = PgpExampleUtilities.FindSecretKey(pgpSec, pked.KeyId, passwd);
+
+                    if (sKey != null)
+                    {
+                        pbe = pked;
+                        break;
+                    }
+                }
+
+                if (sKey == null)
+                {
+                    throw new ArgumentException("secret key for message not found.");
+                }
+
+                Stream clear = pbe.GetDataStream(sKey);
+
+                PgpObjectFactory plainFact = new PgpObjectFactory(clear);
+
+                PgpCompressedData cData = (PgpCompressedData) plainFact.NextPgpObject();
+
+                PgpObjectFactory pgpFact = new PgpObjectFactory(cData.GetDataStream());
+
+                PgpObject message = pgpFact.NextPgpObject();
+
+                if (message is PgpLiteralData)
+                {
+                    PgpLiteralData ld = (PgpLiteralData)message;
+
+					string outFileName = ld.FileName;
+					if (outFileName.Length == 0)
+					{
+						outFileName = defaultFileName;
+					}
+
+					Stream fOut = File.Create(outFileName);
+                    Stream unc = ld.GetInputStream();
+					Streams.PipeAll(unc, fOut);
+					fOut.Close();
+                }
+                else if (message is PgpOnePassSignatureList)
+                {
+                    throw new PgpException("encrypted message contains a signed message - not literal data.");
+                }
+                else
+                {
+                    throw new PgpException("message is not a simple encrypted file - type unknown.");
+                }
+
+                if (pbe.IsIntegrityProtected())
+                {
+                    if (!pbe.Verify())
+                    {
+                        Console.Error.WriteLine("message failed integrity check");
+                    }
+                    else
+                    {
+                        Console.Error.WriteLine("message integrity check passed");
+                    }
+                }
+                else
+                {
+                    Console.Error.WriteLine("no message integrity check");
+                }
+            }
+            catch (PgpException e)
+            {
+                Console.Error.WriteLine(e);
+
+                Exception underlyingException = e.InnerException;
+                if (underlyingException != null)
+                {
+                    Console.Error.WriteLine(underlyingException.Message);
+                    Console.Error.WriteLine(underlyingException.StackTrace);
+                }
+            }
+        }
+
+		private static void EncryptFile(
+			string	outputFileName,
+			string	inputFileName,
+			string	encKeyFileName,
+			bool	armor,
+			bool	withIntegrityCheck)
+		{
+			PgpPublicKey encKey = PgpExampleUtilities.ReadPublicKey(encKeyFileName);
+
+			using (Stream output = File.Create(outputFileName))
+			{
+				EncryptFile(output, inputFileName, encKey, armor, withIntegrityCheck);
+			}
+		}
+
+        private static void EncryptFile(
+            Stream			outputStream,
+            string			fileName,
+            PgpPublicKey	encKey,
+            bool			armor,
+            bool			withIntegrityCheck)
+        {
+            if (armor)
+            {
+                outputStream = new ArmoredOutputStream(outputStream);
+            }
+
+            try
+            {
+                PgpEncryptedDataGenerator cPk = new PgpEncryptedDataGenerator(SymmetricKeyAlgorithmTag.Cast5, withIntegrityCheck, new SecureRandom());
+
+                cPk.AddMethod(encKey);
+
+                Stream cOut = cPk.Open(outputStream, new byte[1 << 16]);
+
+                PgpCompressedDataGenerator comData = new PgpCompressedDataGenerator(
+					CompressionAlgorithmTag.Zip);
+
+				PgpUtilities.WriteFileToLiteralData(
+					comData.Open(cOut),
+					PgpLiteralData.Binary,
+					new FileInfo(fileName),
+					new byte[1 << 16]);
+
+				comData.Close();
+
+				cOut.Close();
+
+				if (armor)
+				{
+					outputStream.Close();
+				}
+            }
+            catch (PgpException e)
+            {
+                Console.Error.WriteLine(e);
+
+                Exception underlyingException = e.InnerException;
+                if (underlyingException != null)
+                {
+                    Console.Error.WriteLine(underlyingException.Message);
+                    Console.Error.WriteLine(underlyingException.StackTrace);
+                }
+            }
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            if (args.Length == 0)
+            {
+                Console.Error.WriteLine("usage: KeyBasedLargeFileProcessor -e|-d [-a|ai] file [secretKeyFile passPhrase|pubKeyFile]");
+                return;
+            }
+
+            if (args[0].Equals("-e"))
+            {
+                if (args[1].Equals("-a") || args[1].Equals("-ai") || args[1].Equals("-ia"))
+                {
+					EncryptFile(args[2] + ".asc", args[2], args[3], true, (args[1].IndexOf('i') > 0));
+                }
+                else if (args[1].Equals("-i"))
+                {
+					EncryptFile(args[2] + ".bpg", args[2], args[3], false, true);
+                }
+                else
+                {
+					EncryptFile(args[1] + ".bpg", args[1], args[2], false, false);
+                }
+            }
+            else if (args[0].Equals("-d"))
+            {
+				DecryptFile(args[1], args[2], args[3].ToCharArray(), new FileInfo(args[1]).Name + ".out");
+            }
+            else
+            {
+                Console.Error.WriteLine("usage: KeyBasedLargeFileProcessor -d|-e [-a|ai] file [secretKeyFile passPhrase|pubKeyFile]");
+            }
+        }
+    }
+}
diff --git a/crypto/test/src/openpgp/examples/PbeFileProcessor.cs b/crypto/test/src/openpgp/examples/PbeFileProcessor.cs
new file mode 100644
index 000000000..66b1cc4ed
--- /dev/null
+++ b/crypto/test/src/openpgp/examples/PbeFileProcessor.cs
@@ -0,0 +1,183 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Bcpg.OpenPgp;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples
+{
+    /**
+    * A simple utility class that encrypts/decrypts password based
+    * encryption files.
+    * <p>
+    * To encrypt a file: PBEFileProcessor -e [-ai] fileName passPhrase.<br/>
+    * If -a is specified the output file will be "ascii-armored".<br/>
+    * If -i is specified the output file will be "integrity protected".</p>
+    * <p>
+    * To decrypt: PBEFileProcessor -d fileName passPhrase.</p>
+    * <p>
+    * Note: this example will silently overwrite files, nor does it pay any attention to
+    * the specification of "_CONSOLE" in the filename. It also expects that a single pass phrase
+    * will have been used.</p>
+    */
+    public sealed class PbeFileProcessor
+    {
+        private PbeFileProcessor() {}
+
+		private static void DecryptFile(string inputFileName, char[] passPhrase)
+		{
+			using (Stream input = File.OpenRead(inputFileName))
+			{
+				DecryptFile(input, passPhrase);
+			}
+		}
+
+        /**
+        * decrypt the passed in message stream
+        */
+        private static void DecryptFile(
+            Stream	inputStream,
+            char[]	passPhrase)
+        {
+            inputStream = PgpUtilities.GetDecoderStream(inputStream);
+
+			PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
+            PgpObject o = pgpF.NextPgpObject();
+
+            //
+            // the first object might be a PGP marker packet.
+            //
+			PgpEncryptedDataList enc = o as PgpEncryptedDataList;
+            if (enc == null)
+            {
+                enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
+            }
+
+            PgpPbeEncryptedData pbe = (PgpPbeEncryptedData)enc[0];
+
+            Stream clear = pbe.GetDataStream(passPhrase);
+
+            PgpObjectFactory pgpFact = new PgpObjectFactory(clear);
+
+			//
+			// if we're trying to read a file generated by someone other than us
+			// the data might not be compressed, so we check the return type from
+			// the factory and behave accordingly.
+			//
+			o = pgpFact.NextPgpObject();
+			if (o is PgpCompressedData)
+			{
+				PgpCompressedData cData = (PgpCompressedData) o;
+				pgpFact = new PgpObjectFactory(cData.GetDataStream());
+				o = pgpFact.NextPgpObject();
+			}
+
+			PgpLiteralData ld = (PgpLiteralData) o;
+			Stream unc = ld.GetInputStream();
+            Stream fOut = File.Create(ld.FileName);
+			Streams.PipeAll(unc, fOut);
+			fOut.Close();
+
+			if (pbe.IsIntegrityProtected())
+            {
+                if (!pbe.Verify())
+                {
+                    Console.Error.WriteLine("message failed integrity check");
+                }
+                else
+                {
+                    Console.Error.WriteLine("message integrity check passed");
+                }
+            }
+            else
+            {
+                Console.Error.WriteLine("no message integrity check");
+            }
+        }
+
+		private static void EncryptFile(
+			string	outputFileName,
+			string	inputFileName,
+			char[]	passPhrase,
+			bool	armor,
+			bool	withIntegrityCheck)
+		{
+			using (Stream output = File.Create(outputFileName))
+			{
+				EncryptFile(output, inputFileName, passPhrase, armor, withIntegrityCheck);
+			}
+		}
+
+        private static void EncryptFile(
+            Stream	outputStream,
+            string	fileName,
+            char[]	passPhrase,
+            bool	armor,
+            bool	withIntegrityCheck)
+        {
+            if (armor)
+            {
+                outputStream = new ArmoredOutputStream(outputStream);
+            }
+
+			try
+            {
+				byte[] compressedData = PgpExampleUtilities.CompressFile(fileName, CompressionAlgorithmTag.Zip);
+
+				PgpEncryptedDataGenerator encGen = new PgpEncryptedDataGenerator(
+					SymmetricKeyAlgorithmTag.Cast5, withIntegrityCheck, new SecureRandom());
+				encGen.AddMethod(passPhrase);
+
+				Stream encOut = encGen.Open(outputStream, compressedData.Length);
+
+	            encOut.Write(compressedData, 0, compressedData.Length);
+				encOut.Close();
+
+				if (armor)
+				{
+					outputStream.Close();
+				}
+            }
+            catch (PgpException e)
+            {
+                Console.Error.WriteLine(e);
+
+                Exception underlyingException = e.InnerException;
+                if (underlyingException != null)
+                {
+                    Console.Error.WriteLine(underlyingException.Message);
+                    Console.Error.WriteLine(underlyingException.StackTrace);
+                }
+            }
+        }
+
+		public static void Main(
+			string[] args)
+        {
+            if (args[0].Equals("-e"))
+            {
+                if (args[1].Equals("-a") || args[1].Equals("-ai") || args[1].Equals("-ia"))
+                {
+					EncryptFile(args[2] + ".asc", args[2], args[3].ToCharArray(), true, (args[1].IndexOf('i') > 0));
+                }
+                else if (args[1].Equals("-i"))
+                {
+					EncryptFile(args[2] + ".bpg", args[2], args[3].ToCharArray(), false, true);
+                }
+                else
+                {
+					EncryptFile(args[1] + ".bpg", args[1], args[2].ToCharArray(), false, false);
+                }
+            }
+            else if (args[0].Equals("-d"))
+            {
+				DecryptFile(args[1], args[2].ToCharArray());
+            }
+            else
+            {
+                Console.Error.WriteLine("usage: PbeFileProcessor -e [-ai]|-d file passPhrase");
+            }
+        }
+    }
+}
diff --git a/crypto/test/src/openpgp/examples/PgpExampleUtilities.cs b/crypto/test/src/openpgp/examples/PgpExampleUtilities.cs
new file mode 100644
index 000000000..fd371d7af
--- /dev/null
+++ b/crypto/test/src/openpgp/examples/PgpExampleUtilities.cs
@@ -0,0 +1,123 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples
+{
+	internal class PgpExampleUtilities
+	{
+		internal static byte[] CompressFile(string fileName, CompressionAlgorithmTag algorithm)
+		{
+			MemoryStream bOut = new MemoryStream();
+			PgpCompressedDataGenerator comData = new PgpCompressedDataGenerator(algorithm);
+			PgpUtilities.WriteFileToLiteralData(comData.Open(bOut), PgpLiteralData.Binary,
+				new FileInfo(fileName));
+			comData.Close();
+			return bOut.ToArray();
+		}
+
+		/**
+		 * Search a secret key ring collection for a secret key corresponding to keyID if it
+		 * exists.
+		 * 
+		 * @param pgpSec a secret key ring collection.
+		 * @param keyID keyID we want.
+		 * @param pass passphrase to decrypt secret key with.
+		 * @return
+		 * @throws PGPException
+		 * @throws NoSuchProviderException
+		 */
+		internal static PgpPrivateKey FindSecretKey(PgpSecretKeyRingBundle pgpSec, long keyID, char[] pass)
+		{
+			PgpSecretKey pgpSecKey = pgpSec.GetSecretKey(keyID);
+
+			if (pgpSecKey == null)
+			{
+				return null;
+			}
+
+			return pgpSecKey.ExtractPrivateKey(pass);
+		}
+
+		internal static PgpPublicKey ReadPublicKey(string fileName)
+		{
+			using (Stream keyIn = File.OpenRead(fileName))
+			{
+				return ReadPublicKey(keyIn);
+			}
+		}
+
+		/**
+		 * A simple routine that opens a key ring file and loads the first available key
+		 * suitable for encryption.
+		 * 
+		 * @param input
+		 * @return
+		 * @throws IOException
+		 * @throws PGPException
+		 */
+		internal static PgpPublicKey ReadPublicKey(Stream input)
+		{
+			PgpPublicKeyRingBundle pgpPub = new PgpPublicKeyRingBundle(
+				PgpUtilities.GetDecoderStream(input));
+
+			//
+			// we just loop through the collection till we find a key suitable for encryption, in the real
+			// world you would probably want to be a bit smarter about this.
+			//
+
+			foreach (PgpPublicKeyRing keyRing in pgpPub.GetKeyRings())
+			{
+				foreach (PgpPublicKey key in keyRing.GetPublicKeys())
+				{
+					if (key.IsEncryptionKey)
+					{
+						return key;
+					}
+				}
+			}
+
+			throw new ArgumentException("Can't find encryption key in key ring.");
+		}
+
+		internal static PgpSecretKey ReadSecretKey(string fileName)
+		{
+			using (Stream keyIn = File.OpenRead(fileName))
+			{
+				return ReadSecretKey(keyIn);
+			}
+		}
+
+		/**
+		 * A simple routine that opens a key ring file and loads the first available key
+		 * suitable for signature generation.
+		 * 
+		 * @param input stream to read the secret key ring collection from.
+		 * @return a secret key.
+		 * @throws IOException on a problem with using the input stream.
+		 * @throws PGPException if there is an issue parsing the input stream.
+		 */
+		internal static PgpSecretKey ReadSecretKey(Stream input)
+		{
+			PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle(
+				PgpUtilities.GetDecoderStream(input));
+
+			//
+			// we just loop through the collection till we find a key suitable for encryption, in the real
+			// world you would probably want to be a bit smarter about this.
+			//
+
+			foreach (PgpSecretKeyRing keyRing in pgpSec.GetKeyRings())
+			{
+				foreach (PgpSecretKey key in keyRing.GetSecretKeys())
+				{
+					if (key.IsSigningKey)
+					{
+						return key;
+					}
+				}
+			}
+
+			throw new ArgumentException("Can't find signing key in key ring.");
+		}
+	}
+}
diff --git a/crypto/test/src/openpgp/examples/PublicKeyRingDump.cs b/crypto/test/src/openpgp/examples/PublicKeyRingDump.cs
new file mode 100644
index 000000000..bb6108f2d
--- /dev/null
+++ b/crypto/test/src/openpgp/examples/PublicKeyRingDump.cs
@@ -0,0 +1,98 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.Utilities;
+
+using Org.BouncyCastle.Bcpg.OpenPgp;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples
+{
+    /**
+    * Basic class which just lists the contents of the public key file passed
+    * as an argument. If the file contains more than one "key ring" they are
+    * listed in the order found.
+    */
+    public sealed class PublicKeyRingDump
+    {
+        private PublicKeyRingDump()
+        {
+        }
+
+        public static string GetAlgorithm(
+            PublicKeyAlgorithmTag algId)
+        {
+            switch (algId)
+            {
+                case PublicKeyAlgorithmTag.RsaGeneral:
+                    return "RsaGeneral";
+                case PublicKeyAlgorithmTag.RsaEncrypt:
+                    return "RsaEncrypt";
+                case PublicKeyAlgorithmTag.RsaSign:
+                    return "RsaSign";
+                case PublicKeyAlgorithmTag.ElGamalEncrypt:
+                    return "ElGamalEncrypt";
+                case PublicKeyAlgorithmTag.Dsa:
+                    return "DSA";
+                case PublicKeyAlgorithmTag.EC:
+                    return "EC";
+                case PublicKeyAlgorithmTag.ECDsa:
+                    return "ECDSA";
+                case PublicKeyAlgorithmTag.ElGamalGeneral:
+                    return "ElGamalGeneral";
+                case PublicKeyAlgorithmTag.DiffieHellman:
+                    return "DiffieHellman";
+            }
+
+            return "unknown";
+        }
+
+		public static void Main(
+			string[] args)
+        {
+			Stream fs = File.OpenRead(args[0]);
+
+			//
+            // Read the public key rings
+            //
+            PgpPublicKeyRingBundle pubRings = new PgpPublicKeyRingBundle(
+                PgpUtilities.GetDecoderStream(fs));
+
+			fs.Close();
+
+			foreach (PgpPublicKeyRing pgpPub in pubRings.GetKeyRings())
+            {
+                try
+                {
+					//PgpPublicKey pubKey =
+					pgpPub.GetPublicKey();
+                }
+                catch (Exception e)
+                {
+                    Console.Error.WriteLine(e.Message);
+                    Console.Error.WriteLine(e.StackTrace);
+                    continue;
+                }
+
+				bool first = true;
+
+				foreach (PgpPublicKey pgpKey in pgpPub.GetPublicKeys())
+                {
+                    if (first)
+                    {
+                        Console.WriteLine("Key ID: " +  pgpKey.KeyId.ToString("X"));
+                        first = false;
+                    }
+                    else
+                    {
+                        Console.WriteLine("Key ID: " + pgpKey.KeyId.ToString("X") + " (subkey)");
+                    }
+
+					Console.WriteLine("            Algorithm: " + GetAlgorithm(pgpKey.Algorithm));
+                    Console.WriteLine("            Fingerprint: " + Hex.ToHexString(pgpKey.GetFingerprint()));
+                }
+            }
+        }
+    }
+}
diff --git a/crypto/test/src/openpgp/examples/RsaKeyRingGenerator.cs b/crypto/test/src/openpgp/examples/RsaKeyRingGenerator.cs
new file mode 100644
index 000000000..284118b99
--- /dev/null
+++ b/crypto/test/src/openpgp/examples/RsaKeyRingGenerator.cs
@@ -0,0 +1,115 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Bcpg.OpenPgp;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples
+{
+    /**
+    * A simple utility class that Generates a RSA PgpPublicKey/PgpSecretKey pair.
+    * <p>
+    * usage: RsaKeyRingGenerator [-a] identity passPhrase</p>
+    * <p>
+    * Where identity is the name to be associated with the public key. The keys are placed
+    * in the files pub.[asc|bpg] and secret.[asc|bpg].</p>
+    */
+    public sealed class RsaKeyRingGenerator
+    {
+        private RsaKeyRingGenerator()
+        {
+        }
+
+		private static void ExportKeyPair(
+            Stream                   secretOut,
+            Stream                   publicOut,
+            AsymmetricKeyParameter   publicKey,
+            AsymmetricKeyParameter   privateKey,
+            string                   identity,
+            char[]                   passPhrase,
+            bool                     armor)
+        {
+			if (armor)
+			{
+				secretOut = new ArmoredOutputStream(secretOut);
+			}
+
+			PgpSecretKey secretKey = new PgpSecretKey(
+                PgpSignature.DefaultCertification,
+                PublicKeyAlgorithmTag.RsaGeneral,
+                publicKey,
+                privateKey,
+                DateTime.UtcNow,
+                identity,
+                SymmetricKeyAlgorithmTag.Cast5,
+                passPhrase,
+                null,
+                null,
+                new SecureRandom()
+                );
+
+            secretKey.Encode(secretOut);
+
+			if (armor)
+            {
+				secretOut.Close();
+				publicOut = new ArmoredOutputStream(publicOut);
+            }
+
+            PgpPublicKey key = secretKey.PublicKey;
+
+            key.Encode(publicOut);
+
+			if (armor)
+			{
+				publicOut.Close();
+			}
+        }
+
+		public static int Main(
+			string[] args)
+        {
+            IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("RSA");
+
+            kpg.Init(new RsaKeyGenerationParameters(
+				BigInteger.ValueOf(0x10001), new SecureRandom(), 1024, 25));
+
+            AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
+
+            if (args.Length < 2)
+            {
+                Console.WriteLine("RsaKeyPairGenerator [-a] identity passPhrase");
+                return 0;
+            }
+
+			Stream out1, out2;
+            if (args[0].Equals("-a"))
+            {
+                if (args.Length < 3)
+                {
+                    Console.WriteLine("RsaKeyPairGenerator [-a] identity passPhrase");
+					return 0;
+				}
+
+				out1 = File.Create("secret.asc");
+                out2 = File.Create("pub.asc");
+
+                ExportKeyPair(out1, out2, kp.Public, kp.Private, args[1], args[2].ToCharArray(), true);
+            }
+            else
+            {
+                out1 = File.Create("secret.bpg");
+                out2 = File.Create("pub.bpg");
+
+                ExportKeyPair(out1, out2, kp.Public, kp.Private, args[0], args[1].ToCharArray(), false);
+            }
+			out1.Close();
+			out2.Close();
+			return 0;
+		}
+    }
+}
diff --git a/crypto/test/src/openpgp/examples/SignedFileProcessor.cs b/crypto/test/src/openpgp/examples/SignedFileProcessor.cs
new file mode 100644
index 000000000..1ad0d102b
--- /dev/null
+++ b/crypto/test/src/openpgp/examples/SignedFileProcessor.cs
@@ -0,0 +1,188 @@
+using System;
+using System.Collections;
+using System.IO;
+
+
+using Org.BouncyCastle.Bcpg.OpenPgp;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples
+{
+    /**
+    * A simple utility class that signs and verifies files.
+    * <p>
+    * To sign a file: SignedFileProcessor -s [-a] fileName secretKey passPhrase.<br/>
+    * If -a is specified the output file will be "ascii-armored".</p>
+    * <p>
+    * To decrypt: SignedFileProcessor -v fileName publicKeyFile.</p>
+    * <p>
+    * <b>Note</b>: this example will silently overwrite files, nor does it pay any attention to
+    * the specification of "_CONSOLE" in the filename. It also expects that a single pass phrase
+    * will have been used.</p>
+    * <p>
+    * <b>Note</b>: the example also makes use of PGP compression. If you are having difficulty Getting it
+    * to interoperate with other PGP programs try removing the use of compression first.</p>
+    */
+    public sealed class SignedFileProcessor
+    {
+        private SignedFileProcessor() {}
+
+		/**
+        * verify the passed in file as being correctly signed.
+        */
+        private static void VerifyFile(
+            Stream	inputStream,
+            Stream	keyIn)
+        {
+            inputStream = PgpUtilities.GetDecoderStream(inputStream);
+
+            PgpObjectFactory			pgpFact = new PgpObjectFactory(inputStream);
+            PgpCompressedData			c1 = (PgpCompressedData) pgpFact.NextPgpObject();
+            pgpFact = new PgpObjectFactory(c1.GetDataStream());
+
+            PgpOnePassSignatureList		p1 = (PgpOnePassSignatureList) pgpFact.NextPgpObject();
+            PgpOnePassSignature			ops = p1[0];
+
+            PgpLiteralData				p2 = (PgpLiteralData) pgpFact.NextPgpObject();
+            Stream						dIn = p2.GetInputStream();
+            PgpPublicKeyRingBundle		pgpRing = new PgpPublicKeyRingBundle(PgpUtilities.GetDecoderStream(keyIn));
+            PgpPublicKey				key = pgpRing.GetPublicKey(ops.KeyId);
+            Stream						fos = File.Create(p2.FileName);
+
+			ops.InitVerify(key);
+
+			int ch;
+			while ((ch = dIn.ReadByte()) >= 0)
+            {
+                ops.Update((byte)ch);
+                fos.WriteByte((byte) ch);
+            }
+            fos.Close();
+
+            PgpSignatureList	p3 = (PgpSignatureList)pgpFact.NextPgpObject();
+			PgpSignature		firstSig = p3[0];
+            if (ops.Verify(firstSig))
+            {
+                Console.Out.WriteLine("signature verified.");
+            }
+            else
+            {
+                Console.Out.WriteLine("signature verification failed.");
+            }
+        }
+
+        /**
+        * Generate an encapsulated signed file.
+        *
+        * @param fileName
+        * @param keyIn
+        * @param outputStream
+        * @param pass
+        * @param armor
+        */
+        private static void SignFile(
+            string	fileName,
+            Stream	keyIn,
+            Stream	outputStream,
+            char[]	pass,
+            bool	armor,
+			bool	compress)
+        {
+            if (armor)
+            {
+                outputStream = new ArmoredOutputStream(outputStream);
+            }
+
+            PgpSecretKey pgpSec = PgpExampleUtilities.ReadSecretKey(keyIn);
+            PgpPrivateKey pgpPrivKey = pgpSec.ExtractPrivateKey(pass);
+            PgpSignatureGenerator sGen = new PgpSignatureGenerator(pgpSec.PublicKey.Algorithm, HashAlgorithmTag.Sha1);
+
+            sGen.InitSign(PgpSignature.BinaryDocument, pgpPrivKey);
+            foreach (string userId in pgpSec.PublicKey.GetUserIds())
+            {
+                PgpSignatureSubpacketGenerator spGen = new PgpSignatureSubpacketGenerator();
+                spGen.SetSignerUserId(false, userId);
+                sGen.SetHashedSubpackets(spGen.Generate());
+                // Just the first one!
+                break;
+            }
+
+            Stream cOut = outputStream;
+			PgpCompressedDataGenerator cGen = null;
+			if (compress)
+			{
+				cGen = new PgpCompressedDataGenerator(CompressionAlgorithmTag.ZLib);
+
+				cOut = cGen.Open(cOut);
+			}
+
+			BcpgOutputStream bOut = new BcpgOutputStream(cOut);
+
+            sGen.GenerateOnePassVersion(false).Encode(bOut);
+
+            FileInfo					file = new FileInfo(fileName);
+            PgpLiteralDataGenerator     lGen = new PgpLiteralDataGenerator();
+            Stream						lOut = lGen.Open(bOut, PgpLiteralData.Binary, file);
+            FileStream					fIn = file.OpenRead();
+            int                         ch = 0;
+
+			while ((ch = fIn.ReadByte()) >= 0)
+            {
+                lOut.WriteByte((byte) ch);
+                sGen.Update((byte)ch);
+            }
+
+			fIn.Close();
+			lGen.Close();
+
+			sGen.Generate().Encode(bOut);
+
+			if (cGen != null)
+			{
+				cGen.Close();
+			}
+
+			if (armor)
+			{
+				outputStream.Close();
+			}
+        }
+
+		public static void Main(
+            string[] args)
+        {
+			// TODO provide command-line option to determine whether to use compression in SignFile
+            if (args[0].Equals("-s"))
+            {
+				Stream keyIn, fos;
+                if (args[1].Equals("-a"))
+                {
+                    keyIn = File.OpenRead(args[3]);
+                    fos = File.Create(args[2] + ".asc");
+
+					SignFile(args[2], keyIn, fos, args[4].ToCharArray(), true, true);
+                }
+                else
+                {
+                    keyIn = File.OpenRead(args[2]);
+                    fos = File.Create(args[1] + ".bpg");
+
+					SignFile(args[1], keyIn, fos, args[3].ToCharArray(), false, true);
+                }
+				keyIn.Close();
+				fos.Close();
+            }
+            else if (args[0].Equals("-v"))
+            {
+				using (Stream fis = File.OpenRead(args[1]),
+                	keyIn = File.OpenRead(args[2]))
+				{
+					VerifyFile(fis, keyIn);
+				}
+			}
+            else
+            {
+                Console.Error.WriteLine("usage: SignedFileProcessor -v|-s [-a] file keyfile [passPhrase]");
+            }
+        }
+    }
+}
diff --git a/crypto/test/src/openpgp/examples/test/AllTests.cs b/crypto/test/src/openpgp/examples/test/AllTests.cs
new file mode 100644
index 000000000..180d2fa80
--- /dev/null
+++ b/crypto/test/src/openpgp/examples/test/AllTests.cs
@@ -0,0 +1,403 @@
+using System;
+using System.IO;
+
+using NUnit.Core;
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples.Tests
+{
+	[TestFixture]
+	public class AllTests
+	{
+		private static readonly byte[] clearSignedPublicKey = Base64.Decode(
+			  "mQELBEQh2+wBCAD26kte0hO6flr7Y2aetpPYutHY4qsmDPy+GwmmqVeCDkX+"
+			+ "r1g7DuFbMhVeu0NkKDnVl7GsJ9VarYsFYyqu0NzLa9XS2qlTIkmJV+2/xKa1"
+			+ "tzjn18fT/cnAWL88ZLCOWUr241aPVhLuIc6vpHnySpEMkCh4rvMaimnTrKwO"
+			+ "42kgeDGd5cXfs4J4ovRcTbc4hmU2BRVsRjiYMZWWx0kkyL2zDVyaJSs4yVX7"
+			+ "Jm4/LSR1uC/wDT0IJJuZT/gQPCMJNMEsVCziRgYkAxQK3OWojPSuv4rXpyd4"
+			+ "Gvo6IbvyTgIskfpSkCnQtORNLIudQSuK7pW+LkL62N+ohuKdMvdxauOnAAYp"
+			+ "tBNnZ2dnZ2dnZyA8Z2dnQGdnZ2c+iQE2BBMBAgAgBQJEIdvsAhsDBgsJCAcD"
+			+ "AgQVAggDBBYCAwECHgECF4AACgkQ4M/Ier3f9xagdAf/fbKWBjLQM8xR7JkR"
+			+ "P4ri8YKOQPhK+VrddGUD59/wzVnvaGyl9MZE7TXFUeniQq5iXKnm22EQbYch"
+			+ "v2Jcxyt2H9yptpzyh4tP6tEHl1C887p2J4qe7F2ATua9CzVGwXQSUbKtj2fg"
+			+ "UZP5SsNp25guhPiZdtkf2sHMeiotmykFErzqGMrvOAUThrO63GiYsRk4hF6r"
+			+ "cQ01d+EUVpY/sBcCxgNyOiB7a84sDtrxnX5BTEZDTEj8LvuEyEV3TMUuAjx1"
+			+ "7Eyd+9JtKzwV4v3hlTaWOvGro9nPS7YaPuG+RtufzXCUJPbPfTjTvtGOqvEz"
+			+ "oztls8tuWA0OGHba9XfX9rfgorACAAM=");
+
+		private static readonly string crOnlyMessage =
+			"\r"
+			+ " hello world!\r"
+			+ "\r"
+			+ "- dash\r";
+
+		private static readonly string nlOnlyMessage =
+			"\n"
+			+ " hello world!\n"
+			+ "\n"
+			+ "- dash\n";
+
+		private static readonly string crNlMessage =
+			"\r\n"
+			+ " hello world!\r\n"
+			+ "\r\n"
+			+ "- dash\r\n";
+
+		private static readonly string crNlMessageTrailingWhiteSpace =
+			"\r\n"
+			+ " hello world! \t\r\n"
+			+ "\r\n"
+			+ "\r\n";
+
+		private static readonly string crOnlySignedMessage =
+			"-----BEGIN PGP SIGNED MESSAGE-----\r"
+			+ "Hash: SHA256\r"
+			+ "\r"
+			+ "\r"
+			+ " hello world!\r"
+			+ "\r"
+			+ "- - dash\r"
+			+ "-----BEGIN PGP SIGNATURE-----\r"
+			+ "Version: GnuPG v1.4.2.1 (GNU/Linux)\r"
+			+ "\r"
+			+ "iQEVAwUBRCNS8+DPyHq93/cWAQi6SwgAj3ItmSLr/sd/ixAQLW7/12jzEjfNmFDt\r"
+			+ "WOZpJFmXj0fnMzTrOILVnbxHv2Ru+U8Y1K6nhzFSR7d28n31/XGgFtdohDEaFJpx\r"
+			+ "Fl+KvASKIonnpEDjFJsPIvT1/G/eCPalwO9IuxaIthmKj0z44SO1VQtmNKxdLAfK\r"
+			+ "+xTnXGawXS1WUE4CQGPM45mIGSqXcYrLtJkAg3jtRa8YRUn2d7b2BtmWH+jVaVuC\r"
+			+ "hNrXYv7iHFOu25yRWhUQJisvdC13D/gKIPRvARXPgPhAC2kovIy6VS8tDoyG6Hm5\r"
+			+ "dMgLEGhmqsgaetVq1ZIuBZj5S4j2apBJCDpF6GBfpBOfwIZs0Tpmlw==\r"
+			+ "=84Nd\r"
+			+ "-----END PGP SIGNATURE-----\r";
+
+		private static readonly string nlOnlySignedMessage =
+			"-----BEGIN PGP SIGNED MESSAGE-----\n"
+			+ "Hash: SHA256\n"
+			+ "\n"
+			+ "\n"
+			+ " hello world!\n"
+			+ "\n"
+			+ "- - dash\n"
+			+ "-----BEGIN PGP SIGNATURE-----\n"
+			+ "Version: GnuPG v1.4.2.1 (GNU/Linux)\n"
+			+ "\n"
+			+ "iQEVAwUBRCNS8+DPyHq93/cWAQi6SwgAj3ItmSLr/sd/ixAQLW7/12jzEjfNmFDt\n"
+			+ "WOZpJFmXj0fnMzTrOILVnbxHv2Ru+U8Y1K6nhzFSR7d28n31/XGgFtdohDEaFJpx\n"
+			+ "Fl+KvASKIonnpEDjFJsPIvT1/G/eCPalwO9IuxaIthmKj0z44SO1VQtmNKxdLAfK\n"
+			+ "+xTnXGawXS1WUE4CQGPM45mIGSqXcYrLtJkAg3jtRa8YRUn2d7b2BtmWH+jVaVuC\n"
+			+ "hNrXYv7iHFOu25yRWhUQJisvdC13D/gKIPRvARXPgPhAC2kovIy6VS8tDoyG6Hm5\n"
+			+ "dMgLEGhmqsgaetVq1ZIuBZj5S4j2apBJCDpF6GBfpBOfwIZs0Tpmlw==\n"
+			+ "=84Nd\n"
+			+ "-----END PGP SIGNATURE-----\n";
+
+		private static readonly string crNlSignedMessage =
+			"-----BEGIN PGP SIGNED MESSAGE-----\r\n"
+			+ "Hash: SHA256\r\n"
+			+ "\r\n"
+			+ "\r\n"
+			+ " hello world!\r\n"
+			+ "\r\n"
+			+ "- - dash\r\n"
+			+ "-----BEGIN PGP SIGNATURE-----\r\n"
+			+ "Version: GnuPG v1.4.2.1 (GNU/Linux)\r\n"
+			+ "\r\n"
+			+ "iQEVAwUBRCNS8+DPyHq93/cWAQi6SwgAj3ItmSLr/sd/ixAQLW7/12jzEjfNmFDt\r\n"
+			+ "WOZpJFmXj0fnMzTrOILVnbxHv2Ru+U8Y1K6nhzFSR7d28n31/XGgFtdohDEaFJpx\r\n"
+			+ "Fl+KvASKIonnpEDjFJsPIvT1/G/eCPalwO9IuxaIthmKj0z44SO1VQtmNKxdLAfK\r\n"
+			+ "+xTnXGawXS1WUE4CQGPM45mIGSqXcYrLtJkAg3jtRa8YRUn2d7b2BtmWH+jVaVuC\r\n"
+			+ "hNrXYv7iHFOu25yRWhUQJisvdC13D/gKIPRvARXPgPhAC2kovIy6VS8tDoyG6Hm5\r\n"
+			+ "dMgLEGhmqsgaetVq1ZIuBZj5S4j2apBJCDpF6GBfpBOfwIZs0Tpmlw==\r\n"
+			+ "=84Nd\r"
+			+ "-----END PGP SIGNATURE-----\r\n";
+
+		private static readonly string crNlSignedMessageTrailingWhiteSpace =
+			"-----BEGIN PGP SIGNED MESSAGE-----\r\n"
+			+ "Hash: SHA256\r\n"
+			+ "\r\n"
+			+ "\r\n"
+			+ " hello world! \t\r\n"
+			+ "\r\n"
+			+ "- - dash\r\n"
+			+ "-----BEGIN PGP SIGNATURE-----\r\n"
+			+ "Version: GnuPG v1.4.2.1 (GNU/Linux)\r\n"
+			+ "\r\n"
+			+ "iQEVAwUBRCNS8+DPyHq93/cWAQi6SwgAj3ItmSLr/sd/ixAQLW7/12jzEjfNmFDt\r\n"
+			+ "WOZpJFmXj0fnMzTrOILVnbxHv2Ru+U8Y1K6nhzFSR7d28n31/XGgFtdohDEaFJpx\r\n"
+			+ "Fl+KvASKIonnpEDjFJsPIvT1/G/eCPalwO9IuxaIthmKj0z44SO1VQtmNKxdLAfK\r\n"
+			+ "+xTnXGawXS1WUE4CQGPM45mIGSqXcYrLtJkAg3jtRa8YRUn2d7b2BtmWH+jVaVuC\r\n"
+			+ "hNrXYv7iHFOu25yRWhUQJisvdC13D/gKIPRvARXPgPhAC2kovIy6VS8tDoyG6Hm5\r\n"
+			+ "dMgLEGhmqsgaetVq1ZIuBZj5S4j2apBJCDpF6GBfpBOfwIZs0Tpmlw==\r\n"
+			+ "=84Nd\r"
+			+ "-----END PGP SIGNATURE-----\r\n";
+
+		private TextWriter _oldOut;
+		private TextWriter _oldErr;
+
+		private MemoryStream _currentOut;
+		private MemoryStream _currentErr;
+
+		[SetUp]
+		public void SetUp()
+		{
+			_oldOut = Console.Out;
+			_oldErr = Console.Error;
+			_currentOut = new MemoryStream();
+			_currentErr = new MemoryStream();
+
+			Console.SetOut(new StreamWriter(_currentOut));
+			Console.SetError(new StreamWriter(_currentErr));
+		}
+
+		[TearDown]
+		public void TearDown()
+		{
+			Console.SetOut(_oldOut);
+			Console.SetError(_oldErr);
+		}
+
+		[Test]
+		public void TestRsaKeyGeneration() 
+		{
+			RsaKeyRingGenerator.Main(new string[] { "test", "password" });
+
+			CreateSmallTestInput();
+			CreateLargeTestInput();
+
+			CheckSigning("bpg");
+			CheckKeyBasedEncryption("bpg");
+			CheckLargeKeyBasedEncryption("bpg");
+
+			RsaKeyRingGenerator.Main(new string[] { "-a", "test", "password" });
+
+			CheckSigning("asc");
+			CheckKeyBasedEncryption("asc");
+			CheckLargeKeyBasedEncryption("asc");
+		}
+
+		[Test]
+		public void TestDsaElGamalKeyGeneration() 
+		{
+			DsaElGamalKeyRingGenerator.Main(new string[] { "test", "password" });
+
+			CreateSmallTestInput();
+			CreateLargeTestInput();
+
+			CheckSigning("bpg");
+			CheckKeyBasedEncryption("bpg");
+			CheckLargeKeyBasedEncryption("bpg");
+
+			DsaElGamalKeyRingGenerator.Main(new string[] { "-a", "test", "password" });
+
+			CheckSigning("asc");
+			CheckKeyBasedEncryption("asc");
+			CheckLargeKeyBasedEncryption("asc");
+		}
+
+		[Test]
+		public void TestPbeEncryption() 
+		{
+			Console.Error.Flush();
+			_currentErr.SetLength(0);
+
+			PbeFileProcessor.Main(new string[] { "-e", "test.txt", "password" });
+
+			PbeFileProcessor.Main(new string[] { "-d", "test.txt.bpg", "password" });
+
+			Console.Error.Flush();
+			Assert.AreEqual("no message integrity check", GetLine(_currentErr));
+
+			PbeFileProcessor.Main(new string[] { "-e", "-i", "test.txt", "password" });
+
+			PbeFileProcessor.Main(new string[] { "-d", "test.txt.bpg", "password" });
+
+			Console.Error.Flush();
+			Assert.AreEqual("message integrity check passed", GetLine(_currentErr));
+
+			PbeFileProcessor.Main(new string[] { "-e", "-ai", "test.txt", "password" });
+
+			PbeFileProcessor.Main(new string[] { "-d", "test.txt.asc", "password" });
+
+			Console.Error.Flush();
+			Assert.AreEqual("message integrity check passed", GetLine(_currentErr));
+		}
+
+		[Test]
+		public void TestClearSigned()
+		{
+			CreateTestFile(clearSignedPublicKey, "pub.bpg");
+
+			CheckClearSignedVerify(nlOnlySignedMessage);
+			CheckClearSignedVerify(crOnlySignedMessage);
+			CheckClearSignedVerify(crNlSignedMessage);
+			CheckClearSignedVerify(crNlSignedMessageTrailingWhiteSpace);
+
+			ClearSignedFileProcessor.Main(new string[] { "-v", "test.txt.asc", "pub.bpg" });
+
+			RsaKeyRingGenerator.Main(new string[] { "test", "password" });
+
+			CheckClearSigned(crOnlyMessage);
+			CheckClearSigned(nlOnlyMessage);
+			CheckClearSigned(crNlMessage);
+			CheckClearSigned(crNlMessageTrailingWhiteSpace);
+		}
+
+		[Test]
+		public void TestClearSignedBogusInput()
+		{
+			CreateTestFile(clearSignedPublicKey, "test.txt");
+
+			ClearSignedFileProcessor.Main(new String[] { "-s", "test.txt", "secret.bpg", "password" });
+		}
+
+		private void CheckClearSignedVerify(
+			string message)
+		{
+			CreateTestData(message, "test.txt.asc");
+
+			ClearSignedFileProcessor.Main(new string[] { "-v", "test.txt.asc", "pub.bpg" });
+		}
+
+		private void CheckClearSigned(
+			string message)
+		{
+			CreateTestData(message, "test.txt");
+
+			ClearSignedFileProcessor.Main(new string[] { "-s", "test.txt", "secret.bpg", "password" });
+			ClearSignedFileProcessor.Main(new string[] { "-v", "test.txt.asc", "pub.bpg" });
+		}
+
+		private void CheckSigning(
+			string type) 
+		{
+			Console.Out.Flush();
+			_currentOut.SetLength(0);
+
+			SignedFileProcessor.Main(new string[] { "-s", "test.txt", "secret." + type, "password" });
+			SignedFileProcessor.Main(new string[] { "-v", "test.txt.bpg", "pub." + type });
+
+			Console.Out.Flush();
+			Assert.AreEqual("signature verified.", GetLine(_currentOut));
+
+			SignedFileProcessor.Main(new string[] { "-s", "-a", "test.txt", "secret." + type, "password" });
+			SignedFileProcessor.Main(new string[] { "-v", "test.txt.asc", "pub." + type });
+
+			Console.Out.Flush();
+			Assert.AreEqual("signature verified.", GetLine(_currentOut));
+		}
+
+		private void CheckKeyBasedEncryption(
+			string type) 
+		{
+			Console.Error.Flush();
+			_currentErr.SetLength(0);
+
+			KeyBasedFileProcessor.Main(new string[] { "-e", "test.txt", "pub." + type });
+			KeyBasedFileProcessor.Main(new string[] { "-d", "test.txt.bpg", "secret." + type, "password" });
+
+			Console.Error.Flush();
+			Assert.AreEqual("no message integrity check", GetLine(_currentErr));
+
+			KeyBasedFileProcessor.Main(new string[] { "-e", "-i", "test.txt", "pub." + type });
+			KeyBasedFileProcessor.Main(new string[] { "-d", "test.txt.bpg", "secret." + type, "password" });
+
+			Console.Error.Flush();
+			Assert.AreEqual("message integrity check passed", GetLine(_currentErr));
+
+			KeyBasedFileProcessor.Main(new string[] { "-e", "-ai", "test.txt", "pub." + type });
+			KeyBasedFileProcessor.Main(new string[] { "-d", "test.txt.asc", "secret." + type, "password" });
+
+			Console.Error.Flush();
+			Assert.AreEqual("message integrity check passed", GetLine(_currentErr));
+		}
+
+		private void CheckLargeKeyBasedEncryption(
+			string type) 
+		{
+			Console.Error.Flush();
+			_currentErr.SetLength(0);
+
+			KeyBasedLargeFileProcessor.Main(new string[] { "-e", "large.txt", "pub." + type });
+			KeyBasedLargeFileProcessor.Main(new string[] { "-d", "large.txt.bpg", "secret." + type, "password" });
+
+			Console.Error.Flush();
+			Assert.AreEqual("no message integrity check", GetLine(_currentErr));
+
+			KeyBasedLargeFileProcessor.Main(new string[] { "-e", "-i", "large.txt", "pub." + type });
+			KeyBasedLargeFileProcessor.Main(new string[] { "-d", "large.txt.bpg", "secret." + type, "password" });
+
+			Console.Error.Flush();
+			Assert.AreEqual("message integrity check passed", GetLine(_currentErr));
+
+			KeyBasedLargeFileProcessor.Main(new string[] { "-e", "-ai", "large.txt", "pub." + type });
+			KeyBasedLargeFileProcessor.Main(new string[] { "-d", "large.txt.asc", "secret." + type, "password" });
+
+			Console.Error.Flush();
+			Assert.AreEqual("message integrity check passed", GetLine(_currentErr));
+		}
+
+		private void CreateSmallTestInput() 
+		{
+			TextWriter bfOut = new StreamWriter(File.Create("test.txt"));
+			bfOut.WriteLine("hello world!");
+			bfOut.Close();
+		}
+
+		private void CreateLargeTestInput() 
+		{
+			TextWriter bfOut = new StreamWriter(File.Create("large.txt"));
+
+			for (int i = 1; i <= 2000; i++)
+			{
+				bfOut.WriteLine("hello to planet " + i + "!");
+			}
+
+			bfOut.Close();
+		}
+
+		private void CreateTestData(
+			string	testData,
+			string	name)
+		{
+			TextWriter bfOut = new StreamWriter(File.Create(name));
+			bfOut.Write(testData);
+			bfOut.Close();
+		}
+
+		private void CreateTestFile(
+			byte[]	keyData,
+			string	name)
+		{
+			FileStream fOut = File.Create(name);
+			fOut.Write(keyData, 0, keyData.Length);
+			fOut.Close();
+		}
+
+		private string GetLine(
+			MemoryStream outStr) 
+		{
+			byte[] b = outStr.ToArray();
+			TextReader bRd = new StreamReader(new MemoryStream(b, false));
+			outStr.SetLength(0);
+			return bRd.ReadLine();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			//junit.textui.TestRunner.run(suite());
+			EventListener el = new NullListener();
+			suite().Run(el);
+		}
+
+		public static TestSuite suite()
+		{
+			TestSuite suite = new TestSuite("OpenPGP Example Tests");
+
+			suite.Add(new AllTests());
+
+			return suite;
+		}
+
+	}
+}
diff --git a/crypto/test/src/openpgp/test/DSA2Test.cs b/crypto/test/src/openpgp/test/DSA2Test.cs
new file mode 100644
index 000000000..883ae317f
--- /dev/null
+++ b/crypto/test/src/openpgp/test/DSA2Test.cs
@@ -0,0 +1,237 @@
+using System;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
+{
+	/**
+	* GPG compatability test vectors
+	*/
+	[TestFixture]
+	public class Dsa2Test
+		//extends TestCase
+	{
+		[Test]
+		public void TestK1024H160()
+		{
+			doSigVerifyTest("DSA-1024-160.pub", "dsa-1024-160-sign.gpg");
+		}
+
+		[Test]
+		public void TestK1024H224()
+		{
+			doSigVerifyTest("DSA-1024-160.pub", "dsa-1024-224-sign.gpg");
+		}
+
+		[Test]
+		public void TestK1024H256()
+		{
+			doSigVerifyTest("DSA-1024-160.pub", "dsa-1024-256-sign.gpg");
+		}
+
+		[Test]
+		public void TestK1024H384()
+		{
+			doSigVerifyTest("DSA-1024-160.pub", "dsa-1024-384-sign.gpg");
+		}
+
+		[Test]
+		public void TestK1024H512()
+		{
+			doSigVerifyTest("DSA-1024-160.pub", "dsa-1024-512-sign.gpg");
+		}
+
+		[Test]
+		public void TestK2048H224()
+		{
+			doSigVerifyTest("DSA-2048-224.pub", "dsa-2048-224-sign.gpg");
+		}
+
+		[Test]
+		public void TestK3072H256()
+		{
+			doSigVerifyTest("DSA-3072-256.pub", "dsa-3072-256-sign.gpg");
+		}
+
+		[Test]
+		public void TestK7680H384()
+		{
+			doSigVerifyTest("DSA-7680-384.pub", "dsa-7680-384-sign.gpg");
+		}
+
+		[Test]
+		public void TestK15360H512()
+		{
+			doSigVerifyTest("DSA-15360-512.pub", "dsa-15360-512-sign.gpg");
+		}
+
+		[Test]
+		public void TestGenerateK1024H224()
+		{
+			doSigGenerateTest("DSA-1024-160.sec", "DSA-1024-160.pub", HashAlgorithmTag.Sha224);
+		}
+
+		[Test]
+		public void TestGenerateK1024H256()
+		{
+			doSigGenerateTest("DSA-1024-160.sec", "DSA-1024-160.pub", HashAlgorithmTag.Sha256);
+		}
+
+		[Test]
+		public void TestGenerateK1024H384()
+		{
+			doSigGenerateTest("DSA-1024-160.sec", "DSA-1024-160.pub", HashAlgorithmTag.Sha384);
+		}
+
+		[Test]
+		public void TestGenerateK1024H512()
+		{
+			doSigGenerateTest("DSA-1024-160.sec", "DSA-1024-160.pub", HashAlgorithmTag.Sha512);
+		}
+
+		[Test]
+		public void TestGenerateK2048H256()
+		{
+			doSigGenerateTest("DSA-2048-224.sec", "DSA-2048-224.pub", HashAlgorithmTag.Sha256);
+		}
+
+		[Test]
+		public void TestGenerateK2048H512()
+		{
+			doSigGenerateTest("DSA-2048-224.sec", "DSA-2048-224.pub", HashAlgorithmTag.Sha512);
+		}
+
+		private void doSigGenerateTest(
+			string				privateKeyFile,
+			string				publicKeyFile,
+			HashAlgorithmTag	digest)
+		{
+			PgpSecretKeyRing		secRing = loadSecretKey(privateKeyFile);
+			PgpPublicKeyRing		pubRing = loadPublicKey(publicKeyFile);
+			string					data = "hello world!";
+			byte[]					dataBytes = Encoding.ASCII.GetBytes(data);
+			MemoryStream			bOut = new MemoryStream();
+			MemoryStream			testIn = new MemoryStream(dataBytes, false);
+			PgpSignatureGenerator	sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.Dsa, digest);
+
+			sGen.InitSign(PgpSignature.BinaryDocument, secRing.GetSecretKey().ExtractPrivateKey("test".ToCharArray()));
+
+			BcpgOutputStream bcOut = new BcpgOutputStream(bOut);
+
+			sGen.GenerateOnePassVersion(false).Encode(bcOut);
+
+			PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator();
+
+//			Date testDate = new Date((System.currentTimeMillis() / 1000) * 1000);
+			DateTime testDate = new DateTime(
+				(DateTime.UtcNow.Ticks / TimeSpan.TicksPerSecond) * TimeSpan.TicksPerSecond);
+
+			Stream lOut = lGen.Open(
+				new UncloseableStream(bcOut),
+				PgpLiteralData.Binary,
+				"_CONSOLE",
+				dataBytes.Length,
+				testDate);
+
+			int ch;
+			while ((ch = testIn.ReadByte()) >= 0)
+			{
+				lOut.WriteByte((byte)ch);
+				sGen.Update((byte)ch);
+			}
+
+			lGen.Close();
+
+			sGen.Generate().Encode(bcOut);
+
+			PgpObjectFactory        pgpFact = new PgpObjectFactory(bOut.ToArray());
+			PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
+			PgpOnePassSignature     ops = p1[0];
+
+			Assert.AreEqual(digest, ops.HashAlgorithm);
+			Assert.AreEqual(PublicKeyAlgorithmTag.Dsa, ops.KeyAlgorithm);
+
+			PgpLiteralData          p2 = (PgpLiteralData)pgpFact.NextPgpObject();
+			if (!p2.ModificationTime.Equals(testDate))
+			{
+				Assert.Fail("Modification time not preserved");
+			}
+
+			Stream dIn = p2.GetInputStream();
+
+			ops.InitVerify(pubRing.GetPublicKey());
+
+			while ((ch = dIn.ReadByte()) >= 0)
+			{
+				ops.Update((byte)ch);
+			}
+
+			PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject();
+			PgpSignature sig = p3[0];
+
+			Assert.AreEqual(digest, sig.HashAlgorithm);
+			Assert.AreEqual(PublicKeyAlgorithmTag.Dsa, sig.KeyAlgorithm);
+
+			Assert.IsTrue(ops.Verify(sig));
+		}
+
+		private void doSigVerifyTest(
+			string	publicKeyFile,
+			string	sigFile)
+		{
+			PgpPublicKeyRing publicKey = loadPublicKey(publicKeyFile);
+			PgpObjectFactory pgpFact = loadSig(sigFile);
+
+			PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject();
+
+			pgpFact = new PgpObjectFactory(c1.GetDataStream());
+
+			PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
+			PgpOnePassSignature ops = p1[0];
+
+			PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject();
+
+			Stream dIn = p2.GetInputStream();
+
+			ops.InitVerify(publicKey.GetPublicKey());
+
+			int ch;
+			while ((ch = dIn.ReadByte()) >= 0)
+			{
+				ops.Update((byte)ch);
+			}
+
+			PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject();
+
+			Assert.IsTrue(ops.Verify(p3[0]));
+		}
+
+		private PgpObjectFactory loadSig(
+			string sigName)
+		{
+			Stream fIn = SimpleTest.GetTestDataAsStream("openpgp.dsa.sigs." + sigName);
+
+			return new PgpObjectFactory(fIn);
+		}
+
+		private PgpPublicKeyRing loadPublicKey(
+			string keyName)
+		{
+			Stream fIn = SimpleTest.GetTestDataAsStream("openpgp.dsa.keys." + keyName);
+
+			return new PgpPublicKeyRing(fIn);
+		}
+
+		private PgpSecretKeyRing loadSecretKey(
+			string keyName)
+		{
+			Stream fIn = SimpleTest.GetTestDataAsStream("openpgp.dsa.keys." + keyName);
+
+			return new PgpSecretKeyRing(fIn);
+		}
+	}
+}
diff --git a/crypto/test/src/openpgp/test/PGPArmoredTest.cs b/crypto/test/src/openpgp/test/PGPArmoredTest.cs
new file mode 100644
index 000000000..aa13477ed
--- /dev/null
+++ b/crypto/test/src/openpgp/test/PGPArmoredTest.cs
@@ -0,0 +1,265 @@
+using System;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
+{
+	[TestFixture]
+	public class PgpArmoredTest
+		: SimpleTest
+	{
+		private static readonly byte[] sample = Base64.Decode(
+				"mQGiBEA83v0RBADzKVLVCnpWQxX0LCsevw/3OLs0H7MOcLBQ4wMO9sYmzGYn"
+			+ "xpVj+4e4PiCP7QBayWyy4lugL6Lnw7tESvq3A4v3fefcxaCTkJrryiKn4+Cg"
+			+ "y5rIBbrSKNtCEhVi7xjtdnDjP5kFKgHYjVOeIKn4Cz/yzPG3qz75kDknldLf"
+			+ "yHxp2wCgwW1vAE5EnZU4/UmY7l8kTNkMltMEAJP4/uY4zcRwLI9Q2raPqAOJ"
+			+ "TYLd7h+3k/BxI0gIw96niQ3KmUZDlobbWBI+VHM6H99vcttKU3BgevNf8M9G"
+			+ "x/AbtW3SS4De64wNSU3189XDG8vXf0vuyW/K6Pcrb8exJWY0E1zZQ1WXT0gZ"
+			+ "W0kH3g5ro//Tusuil9q2lVLF2ovJA/0W+57bPzi318dWeNs0tTq6Njbc/GTG"
+			+ "FUAVJ8Ss5v2u6h7gyJ1DB334ExF/UdqZGldp0ugkEXaSwBa2R7d3HBgaYcoP"
+			+ "Ck1TrovZzEY8gm7JNVy7GW6mdOZuDOHTxyADEEP2JPxh6eRcZbzhGuJuYIif"
+			+ "IIeLOTI5Dc4XKeV32a+bWrQidGVzdCAoVGVzdCBrZXkpIDx0ZXN0QHViaWNh"
+			+ "bGwuY29tPohkBBMRAgAkBQJAPN79AhsDBQkB4TOABgsJCAcDAgMVAgMDFgIB"
+			+ "Ah4BAheAAAoJEJh8Njfhe8KmGDcAoJWr8xgPr75y/Cp1kKn12oCCOb8zAJ4p"
+			+ "xSvk4K6tB2jYbdeSrmoWBZLdMLACAAC5AQ0EQDzfARAEAJeUAPvUzJJbKcc5"
+			+ "5Iyb13+Gfb8xBWE3HinQzhGr1v6A1aIZbRj47UPAD/tQxwz8VAwJySx82ggN"
+			+ "LxCk4jW9YtTL3uZqfczsJngV25GoIN10f4/j2BVqZAaX3q79a3eMiql1T0oE"
+			+ "AGmD7tO1LkTvWfm3VvA0+t8/6ZeRLEiIqAOHAAQNBACD0mVMlAUgd7REYy/1"
+			+ "mL99Zlu9XU0uKyUex99sJNrcx1aj8rIiZtWaHz6CN1XptdwpDeSYEOFZ0PSu"
+			+ "qH9ByM3OfjU/ya0//xdvhwYXupn6P1Kep85efMBA9jUv/DeBOzRWMFG6sC6y"
+			+ "k8NGG7Swea7EHKeQI40G3jgO/+xANtMyTIhPBBgRAgAPBQJAPN8BAhsMBQkB"
+			+ "4TOAAAoJEJh8Njfhe8KmG7kAn00mTPGJCWqmskmzgdzeky5fWd7rAKCNCp3u"
+			+ "ZJhfg0htdgAfIy8ppm05vLACAAA=");
+
+		private static readonly byte[] marker = Hex.Decode("2d2d2d2d2d454e4420504750205055424c4943204b455920424c4f434b2d2d2d2d2d");
+
+		// Contains "Hello World!" as an armored message
+		// The 'blank line' after the headers contains (legal) whitespace - see RFC2440 6.2
+		private static readonly string blankLineData =
+			  "-----BEGIN PGP MESSAGE-----\n"
+			+ "Version: BCPG v1.32\n"
+			+ "Comment: A dummy message\n"
+			+ " \t \t\n"
+			+ "SGVsbG8gV29ybGQh\n"
+			+ "=d9Xi\n"
+			+ "-----END PGP MESSAGE-----\n";
+
+		private int markerCount(
+			byte[] data)
+		{
+			int ind = 0;
+			int matches = 0;
+
+			while (ind < data.Length)
+			{
+				if (data[ind] == 0x2d)
+				{
+					int count = 0;
+					while (count < marker.Length)
+					{
+						if (data[ind + count] != marker[count])
+						{
+							break;
+						}
+						count++;
+					}
+
+					if (count == marker.Length)
+					{
+						matches++;
+					}
+
+					// TODO Is this correct?
+					ind += count;
+				}
+				else
+				{
+					ind++;
+				}
+			}
+
+			return matches;
+		}
+
+		private void blankLineTest()
+		{
+			byte[] blankLineBytes = Encoding.ASCII.GetBytes(blankLineData);
+			MemoryStream bIn = new MemoryStream(blankLineBytes, false);
+			ArmoredInputStream aIn = new ArmoredInputStream(bIn, true);
+
+			MemoryStream bOut = new MemoryStream();
+			int c;
+			while ((c = aIn.ReadByte()) >= 0)
+			{
+				bOut.WriteByte((byte)c);
+			}
+
+			byte[] expected = Encoding.ASCII.GetBytes("Hello World!");
+
+			if (!Arrays.AreEqual(expected, bOut.ToArray()))
+			{
+				Fail("Incorrect message retrieved in blank line test.");
+			}
+		}
+
+		public override void PerformTest()
+		{
+			//
+			// test immediate close
+			//
+			MemoryStream bOut = new MemoryStream();
+			ArmoredOutputStream aOut = new ArmoredOutputStream(bOut);
+
+			aOut.Close();
+
+			byte[] data = bOut.ToArray();
+
+			if (data.Length != 0)
+			{
+				Fail("No data should have been written");
+			}
+
+			//
+			// multiple close
+			//
+			bOut = new MemoryStream();
+			aOut = new ArmoredOutputStream(bOut);
+
+			aOut.Write(sample, 0, sample.Length);
+
+			aOut.Close();
+			aOut.Close();
+
+			int mc = markerCount(bOut.ToArray());
+
+			if (mc < 1)
+			{
+				Fail("No end marker found");
+			}
+
+			if (mc > 1)
+			{
+				Fail("More than one end marker found");
+			}
+
+			//
+			// writing and reading single objects
+			//
+			bOut = new MemoryStream();
+			aOut = new ArmoredOutputStream(bOut);
+
+			aOut.Write(sample, 0, sample.Length);
+
+			aOut.Close();
+
+			ArmoredInputStream aIn = new ArmoredInputStream(
+				new MemoryStream(bOut.ToArray(), false));
+
+			PgpObjectFactory fact = new PgpObjectFactory(aIn);
+			int count = 0;
+
+			while (fact.NextPgpObject() != null)
+			{
+				count++;
+			}
+
+			if (count != 1)
+			{
+				Fail("wrong number of objects found: " + count);
+			}
+
+			//
+			// writing and reading multiple objects  - in single block
+			//
+			bOut = new MemoryStream();
+			aOut = new ArmoredOutputStream(bOut);
+
+			aOut.Write(sample, 0, sample.Length);
+			aOut.Write(sample, 0, sample.Length);
+
+			aOut.Close();
+
+			aIn = new ArmoredInputStream(
+				new MemoryStream(bOut.ToArray(), false));
+
+			fact = new PgpObjectFactory(aIn);
+			count = 0;
+
+			while (fact.NextPgpObject() != null)
+			{
+				count++;
+			}
+
+			if (count != 2)
+			{
+				Fail("wrong number of objects found: " + count);
+			}
+
+			//
+			// writing and reading multiple objects  - in single block
+			//
+			bOut = new MemoryStream();
+			aOut = new ArmoredOutputStream(bOut);
+
+			aOut.Write(sample, 0, sample.Length);
+
+			aOut.Close();     // does not close underlying stream
+
+			aOut = new ArmoredOutputStream(bOut);
+
+			aOut.Write(sample, 0, sample.Length);
+
+			aOut.Close();
+
+			aIn = new ArmoredInputStream(
+				new MemoryStream(bOut.ToArray(), false));
+
+			count = 0;
+			bool atLeastOne;
+			do
+			{
+				atLeastOne = false;
+				fact = new PgpObjectFactory(aIn);
+
+				while (fact.NextPgpObject() != null)
+				{
+					atLeastOne = true;
+					count++;
+				}
+			}
+			while (atLeastOne);
+
+			if (count != 2)
+			{
+				Fail("wrong number of objects found: " + count);
+			}
+
+			blankLineTest();
+		}
+
+		public override string Name
+		{
+			get { return "PGPArmoredTest"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new PgpArmoredTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/openpgp/test/PGPClearSignedSignatureTest.cs b/crypto/test/src/openpgp/test/PGPClearSignedSignatureTest.cs
new file mode 100644
index 000000000..668f8cce2
--- /dev/null
+++ b/crypto/test/src/openpgp/test/PGPClearSignedSignatureTest.cs
@@ -0,0 +1,445 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
+{
+	[TestFixture]
+	public class PgpClearSignedSignatureTest
+		: SimpleTest
+	{
+		private static readonly byte[] publicKey = Base64.Decode(
+			  "mQELBEQh2+wBCAD26kte0hO6flr7Y2aetpPYutHY4qsmDPy+GwmmqVeCDkX+"
+			+ "r1g7DuFbMhVeu0NkKDnVl7GsJ9VarYsFYyqu0NzLa9XS2qlTIkmJV+2/xKa1"
+			+ "tzjn18fT/cnAWL88ZLCOWUr241aPVhLuIc6vpHnySpEMkCh4rvMaimnTrKwO"
+			+ "42kgeDGd5cXfs4J4ovRcTbc4hmU2BRVsRjiYMZWWx0kkyL2zDVyaJSs4yVX7"
+			+ "Jm4/LSR1uC/wDT0IJJuZT/gQPCMJNMEsVCziRgYkAxQK3OWojPSuv4rXpyd4"
+			+ "Gvo6IbvyTgIskfpSkCnQtORNLIudQSuK7pW+LkL62N+ohuKdMvdxauOnAAYp"
+			+ "tBNnZ2dnZ2dnZyA8Z2dnQGdnZ2c+iQE2BBMBAgAgBQJEIdvsAhsDBgsJCAcD"
+			+ "AgQVAggDBBYCAwECHgECF4AACgkQ4M/Ier3f9xagdAf/fbKWBjLQM8xR7JkR"
+			+ "P4ri8YKOQPhK+VrddGUD59/wzVnvaGyl9MZE7TXFUeniQq5iXKnm22EQbYch"
+			+ "v2Jcxyt2H9yptpzyh4tP6tEHl1C887p2J4qe7F2ATua9CzVGwXQSUbKtj2fg"
+			+ "UZP5SsNp25guhPiZdtkf2sHMeiotmykFErzqGMrvOAUThrO63GiYsRk4hF6r"
+			+ "cQ01d+EUVpY/sBcCxgNyOiB7a84sDtrxnX5BTEZDTEj8LvuEyEV3TMUuAjx1"
+			+ "7Eyd+9JtKzwV4v3hlTaWOvGro9nPS7YaPuG+RtufzXCUJPbPfTjTvtGOqvEz"
+			+ "oztls8tuWA0OGHba9XfX9rfgorACAAM=");
+
+		private static readonly byte[] secretKey = Base64.Decode(
+			  "lQOWBEQh2+wBCAD26kte0hO6flr7Y2aetpPYutHY4qsmDPy+GwmmqVeCDkX+"
+			+ "r1g7DuFbMhVeu0NkKDnVl7GsJ9VarYsFYyqu0NzLa9XS2qlTIkmJV+2/xKa1"
+			+ "tzjn18fT/cnAWL88ZLCOWUr241aPVhLuIc6vpHnySpEMkCh4rvMaimnTrKwO"
+			+ "42kgeDGd5cXfs4J4ovRcTbc4hmU2BRVsRjiYMZWWx0kkyL2zDVyaJSs4yVX7"
+			+ "Jm4/LSR1uC/wDT0IJJuZT/gQPCMJNMEsVCziRgYkAxQK3OWojPSuv4rXpyd4"
+			+ "Gvo6IbvyTgIskfpSkCnQtORNLIudQSuK7pW+LkL62N+ohuKdMvdxauOnAAYp"
+			+ "AAf+JCJJeAXEcrTVHotsrRR5idzmg6RK/1MSQUijwPmP7ZGy1BmpAmYUfbxn"
+			+ "B56GvXyFV3Pbj9PgyJZGS7cY+l0BF4ZqN9USiQtC9OEpCVT5LVMCFXC/lahC"
+			+ "/O3EkjQy0CYK+GwyIXa+Flxcr460L/Hvw2ZEXJZ6/aPdiR+DU1l5h99Zw8V1"
+			+ "Y625MpfwN6ufJfqE0HLoqIjlqCfi1iwcKAK2oVx2SwnT1W0NwUUXjagGhD2s"
+			+ "VzJVpLqhlwmS0A+RE9Niqrf80/zwE7QNDF2DtHxmMHJ3RY/pfu5u1rrFg9YE"
+			+ "lmS60mzOe31CaD8Li0k5YCJBPnmvM9mN3/DWWprSZZKtmQQA96C2/VJF5EWm"
+			+ "+/Yxi5J06dG6Bkz311Ui4p2zHm9/4GvTPCIKNpGx9Zn47YFD3tIg3fIBVPOE"
+			+ "ktG38pEPx++dSSFF9Ep5UgmYFNOKNUVq3yGpatBtCQBXb1LQLAMBJCJ5TQmk"
+			+ "68hMOEaqjMHSOa18cS63INgA6okb/ueAKIHxYQcEAP9DaXu5n9dZQw7pshbN"
+			+ "Nu/T5IP0/D/wqM+W5r+j4P1N7PgiAnfKA4JjKrUgl8PGnI2qM/Qu+g3qK++c"
+			+ "F1ESHasnJPjvNvY+cfti06xnJVtCB/EBOA2UZkAr//Tqa76xEwYAWRBnO2Y+"
+			+ "KIVOT+nMiBFkjPTrNAD6fSr1O4aOueBhBAC6aA35IfjC2h5MYk8+Z+S4io2o"
+			+ "mRxUZ/dUuS+kITvWph2e4DT28Xpycpl2n1Pa5dCDO1lRqe/5JnaDYDKqxfmF"
+			+ "5tTG8GR4d4nVawwLlifXH5Ll7t5NcukGNMCsGuQAHMy0QHuAaOvMdLs5kGHn"
+			+ "8VxfKEVKhVrXsvJSwyXXSBtMtUcRtBNnZ2dnZ2dnZyA8Z2dnQGdnZ2c+iQE2"
+			+ "BBMBAgAgBQJEIdvsAhsDBgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQ4M/I"
+			+ "er3f9xagdAf/fbKWBjLQM8xR7JkRP4ri8YKOQPhK+VrddGUD59/wzVnvaGyl"
+			+ "9MZE7TXFUeniQq5iXKnm22EQbYchv2Jcxyt2H9yptpzyh4tP6tEHl1C887p2"
+			+ "J4qe7F2ATua9CzVGwXQSUbKtj2fgUZP5SsNp25guhPiZdtkf2sHMeiotmykF"
+			+ "ErzqGMrvOAUThrO63GiYsRk4hF6rcQ01d+EUVpY/sBcCxgNyOiB7a84sDtrx"
+			+ "nX5BTEZDTEj8LvuEyEV3TMUuAjx17Eyd+9JtKzwV4v3hlTaWOvGro9nPS7Ya"
+			+ "PuG+RtufzXCUJPbPfTjTvtGOqvEzoztls8tuWA0OGHba9XfX9rfgorACAAA=");
+
+		private static readonly string crOnlyMessage =
+				"\r"
+			+ " hello world!\r"
+			+ "\r"
+			+ "- dash\r";
+
+		private static readonly string nlOnlyMessage =
+			"\n"
+			+ " hello world!\n"
+			+ "\n"
+			+ "- dash\n";
+
+		private static readonly string crNlMessage =
+			"\r\n"
+			+ " hello world!\r\n"
+			+ "\r\n"
+			+ "- dash\r\n";
+
+		private static readonly string crOnlySignedMessage =
+				"-----BEGIN PGP SIGNED MESSAGE-----\r"
+			+ "Hash: SHA256\r"
+			+ "\r"
+			+ "\r"
+			+ " hello world!\r"
+			+ "\r"
+			+ "- - dash\r"
+			+ "-----BEGIN PGP SIGNATURE-----\r"
+			+ "Version: GnuPG v1.4.2.1 (GNU/Linux)\r"
+			+ "\r"
+			+ "iQEVAwUBRCNS8+DPyHq93/cWAQi6SwgAj3ItmSLr/sd/ixAQLW7/12jzEjfNmFDt\r"
+			+ "WOZpJFmXj0fnMzTrOILVnbxHv2Ru+U8Y1K6nhzFSR7d28n31/XGgFtdohDEaFJpx\r"
+			+ "Fl+KvASKIonnpEDjFJsPIvT1/G/eCPalwO9IuxaIthmKj0z44SO1VQtmNKxdLAfK\r"
+			+ "+xTnXGawXS1WUE4CQGPM45mIGSqXcYrLtJkAg3jtRa8YRUn2d7b2BtmWH+jVaVuC\r"
+			+ "hNrXYv7iHFOu25yRWhUQJisvdC13D/gKIPRvARXPgPhAC2kovIy6VS8tDoyG6Hm5\r"
+			+ "dMgLEGhmqsgaetVq1ZIuBZj5S4j2apBJCDpF6GBfpBOfwIZs0Tpmlw==\r"
+			+ "=84Nd\r"
+			+ "-----END PGP SIGNATURE-----\r";
+
+		private static readonly string nlOnlySignedMessage =
+			"-----BEGIN PGP SIGNED MESSAGE-----\n"
+			+ "Hash: SHA256\n"
+			+ "\n"
+			+ "\n"
+			+ " hello world!\n"
+			+ "\n"
+			+ "- - dash\n"
+			+ "-----BEGIN PGP SIGNATURE-----\n"
+			+ "Version: GnuPG v1.4.2.1 (GNU/Linux)\n"
+			+ "\n"
+			+ "iQEVAwUBRCNS8+DPyHq93/cWAQi6SwgAj3ItmSLr/sd/ixAQLW7/12jzEjfNmFDt\n"
+			+ "WOZpJFmXj0fnMzTrOILVnbxHv2Ru+U8Y1K6nhzFSR7d28n31/XGgFtdohDEaFJpx\n"
+			+ "Fl+KvASKIonnpEDjFJsPIvT1/G/eCPalwO9IuxaIthmKj0z44SO1VQtmNKxdLAfK\n"
+			+ "+xTnXGawXS1WUE4CQGPM45mIGSqXcYrLtJkAg3jtRa8YRUn2d7b2BtmWH+jVaVuC\n"
+			+ "hNrXYv7iHFOu25yRWhUQJisvdC13D/gKIPRvARXPgPhAC2kovIy6VS8tDoyG6Hm5\n"
+			+ "dMgLEGhmqsgaetVq1ZIuBZj5S4j2apBJCDpF6GBfpBOfwIZs0Tpmlw==\n"
+			+ "=84Nd\n"
+			+ "-----END PGP SIGNATURE-----\n";
+
+		private static readonly string crNlSignedMessage =
+				"-----BEGIN PGP SIGNED MESSAGE-----\r\n"
+			+ "Hash: SHA256\r\n"
+			+ "\r\n"
+			+ "\r\n"
+			+ " hello world!\r\n"
+			+ "\r\n"
+			+ "- - dash\r\n"
+			+ "-----BEGIN PGP SIGNATURE-----\r\n"
+			+ "Version: GnuPG v1.4.2.1 (GNU/Linux)\r\n"
+			+ "\r\n"
+			+ "iQEVAwUBRCNS8+DPyHq93/cWAQi6SwgAj3ItmSLr/sd/ixAQLW7/12jzEjfNmFDt\r\n"
+			+ "WOZpJFmXj0fnMzTrOILVnbxHv2Ru+U8Y1K6nhzFSR7d28n31/XGgFtdohDEaFJpx\r\n"
+			+ "Fl+KvASKIonnpEDjFJsPIvT1/G/eCPalwO9IuxaIthmKj0z44SO1VQtmNKxdLAfK\r\n"
+			+ "+xTnXGawXS1WUE4CQGPM45mIGSqXcYrLtJkAg3jtRa8YRUn2d7b2BtmWH+jVaVuC\r\n"
+			+ "hNrXYv7iHFOu25yRWhUQJisvdC13D/gKIPRvARXPgPhAC2kovIy6VS8tDoyG6Hm5\r\n"
+			+ "dMgLEGhmqsgaetVq1ZIuBZj5S4j2apBJCDpF6GBfpBOfwIZs0Tpmlw==\r\n"
+			+ "=84Nd\r"
+			+ "-----END PGP SIGNATURE-----\r\n";
+
+		private static readonly string crNlSignedMessageTrailingWhiteSpace =
+			"-----BEGIN PGP SIGNED MESSAGE-----\r\n"
+			+ "Hash: SHA256\r\n"
+			+ "\r\n"
+			+ "\r\n"
+			+ " hello world! \t\r\n"
+			+ "\r\n"
+			+ "- - dash\r\n"
+			+ "-----BEGIN PGP SIGNATURE-----\r\n"
+			+ "Version: GnuPG v1.4.2.1 (GNU/Linux)\r\n"
+			+ "\r\n"
+			+ "iQEVAwUBRCNS8+DPyHq93/cWAQi6SwgAj3ItmSLr/sd/ixAQLW7/12jzEjfNmFDt\r\n"
+			+ "WOZpJFmXj0fnMzTrOILVnbxHv2Ru+U8Y1K6nhzFSR7d28n31/XGgFtdohDEaFJpx\r\n"
+			+ "Fl+KvASKIonnpEDjFJsPIvT1/G/eCPalwO9IuxaIthmKj0z44SO1VQtmNKxdLAfK\r\n"
+			+ "+xTnXGawXS1WUE4CQGPM45mIGSqXcYrLtJkAg3jtRa8YRUn2d7b2BtmWH+jVaVuC\r\n"
+			+ "hNrXYv7iHFOu25yRWhUQJisvdC13D/gKIPRvARXPgPhAC2kovIy6VS8tDoyG6Hm5\r\n"
+			+ "dMgLEGhmqsgaetVq1ZIuBZj5S4j2apBJCDpF6GBfpBOfwIZs0Tpmlw==\r\n"
+			+ "=84Nd\r"
+			+ "-----END PGP SIGNATURE-----\r\n";
+
+		public override string Name
+		{
+			get { return "PGPClearSignedSignature"; }
+		}
+
+		private void messageTest(
+			string message,
+			string type)
+		{
+			ArmoredInputStream aIn = new ArmoredInputStream(
+				new MemoryStream(Encoding.ASCII.GetBytes(message)));
+
+			string[] headers = aIn.GetArmorHeaders();
+
+			if (headers == null || headers.Length != 1)
+			{
+				Fail("wrong number of headers found");
+			}
+
+			if (!"Hash: SHA256".Equals(headers[0]))
+			{
+				Fail("header value wrong: " + headers[0]);
+			}
+
+			//
+			// read the input, making sure we ingore the last newline.
+			//
+			MemoryStream bOut = new MemoryStream();
+			int ch;
+
+			while ((ch = aIn.ReadByte()) >= 0 && aIn.IsClearText())
+			{
+				bOut.WriteByte((byte)ch);
+			}
+
+			PgpPublicKeyRingBundle pgpRings = new PgpPublicKeyRingBundle(publicKey);
+
+			PgpObjectFactory	pgpFact = new PgpObjectFactory(aIn);
+			PgpSignatureList	p3 = (PgpSignatureList)pgpFact.NextPgpObject();
+			PgpSignature		sig = p3[0];
+
+			sig.InitVerify(pgpRings.GetPublicKey(sig.KeyId));
+
+			MemoryStream lineOut = new MemoryStream();
+			Stream sigIn = new MemoryStream(bOut.ToArray(), false);
+			int lookAhead = ReadInputLine(lineOut, sigIn);
+
+			ProcessLine(sig, lineOut.ToArray());
+
+			if (lookAhead != -1)
+			{
+				do
+				{
+					lookAhead = ReadInputLine(lineOut, lookAhead, sigIn);
+
+					sig.Update((byte) '\r');
+					sig.Update((byte) '\n');
+
+					ProcessLine(sig, lineOut.ToArray());
+				}
+				while (lookAhead != -1);
+			}
+
+			if (!sig.Verify())
+			{
+				Fail("signature failed to verify m_in " + type);
+			}
+		}
+
+		private PgpSecretKey ReadSecretKey(
+			Stream    inputStream)
+		{
+			PgpSecretKeyRingBundle        pgpSec = new PgpSecretKeyRingBundle(inputStream);
+
+			//
+			// we just loop through the collection till we find a key suitable for encryption, in the real
+			// world you would probably want to be a bit smarter about this.
+			//
+			//
+			// iterate through the key rings.
+			//
+			foreach (PgpSecretKeyRing kRing in pgpSec.GetKeyRings())
+			{
+				foreach (PgpSecretKey k in kRing.GetSecretKeys())
+				{
+					if (k.IsSigningKey)
+					{
+						return k;
+					}
+				}
+			}
+
+			throw new ArgumentException("Can't find signing key in key ring.");
+		}
+
+		private void generateTest(
+			string message,
+			string type)
+		{
+			PgpSecretKey                    pgpSecKey = ReadSecretKey(new MemoryStream(secretKey));
+			PgpPrivateKey                   pgpPrivKey = pgpSecKey.ExtractPrivateKey("".ToCharArray());
+			PgpSignatureGenerator           sGen = new PgpSignatureGenerator(pgpSecKey.PublicKey.Algorithm, HashAlgorithmTag.Sha256);
+			PgpSignatureSubpacketGenerator  spGen = new PgpSignatureSubpacketGenerator();
+
+			sGen.InitSign(PgpSignature.CanonicalTextDocument, pgpPrivKey);
+
+			IEnumerator    it = pgpSecKey.PublicKey.GetUserIds().GetEnumerator();
+			if (it.MoveNext())
+			{
+				spGen.SetSignerUserId(false, (string)it.Current);
+				sGen.SetHashedSubpackets(spGen.Generate());
+			}
+
+			MemoryStream bOut = new MemoryStream();
+			ArmoredOutputStream aOut = new ArmoredOutputStream(bOut);
+			MemoryStream bIn = new MemoryStream(Encoding.ASCII.GetBytes(message), false);
+
+			aOut.BeginClearText(HashAlgorithmTag.Sha256);
+
+			//
+			// note the last \n m_in the file is ignored
+			//
+			MemoryStream lineOut = new MemoryStream();
+			int lookAhead = ReadInputLine(lineOut, bIn);
+
+			ProcessLine(aOut, sGen, lineOut.ToArray());
+
+			if (lookAhead != -1)
+			{
+				do
+				{
+					lookAhead = ReadInputLine(lineOut, lookAhead, bIn);
+
+					sGen.Update((byte) '\r');
+					sGen.Update((byte) '\n');
+
+					ProcessLine(aOut, sGen, lineOut.ToArray());
+				}
+				while (lookAhead != -1);
+			}
+
+			aOut.EndClearText();
+
+			BcpgOutputStream bcpgOut = new BcpgOutputStream(aOut);
+
+			sGen.Generate().Encode(bcpgOut);
+
+			aOut.Close();
+
+			byte[] bs = bOut.ToArray();
+			messageTest(Encoding.ASCII.GetString(bs, 0, bs.Length), type);
+		}
+
+		private static int ReadInputLine(
+			MemoryStream	bOut,
+			Stream			fIn)
+		{
+			bOut.SetLength(0);
+
+			int lookAhead = -1;
+			int ch;
+
+			while ((ch = fIn.ReadByte()) >= 0)
+			{
+				bOut.WriteByte((byte) ch);
+				if (ch == '\r' || ch == '\n')
+				{
+					lookAhead = ReadPassedEol(bOut, ch, fIn);
+					break;
+				}
+			}
+
+			return lookAhead;
+		}
+
+		private static int ReadInputLine(
+			MemoryStream	bOut,
+			int				lookAhead,
+			Stream			fIn)
+		{
+			bOut.SetLength(0);
+
+			int ch = lookAhead;
+
+			do
+			{
+				bOut.WriteByte((byte) ch);
+				if (ch == '\r' || ch == '\n')
+				{
+					lookAhead = ReadPassedEol(bOut, ch, fIn);
+					break;
+				}
+			}
+			while ((ch = fIn.ReadByte()) >= 0);
+
+			return lookAhead;
+		}
+
+		private static int ReadPassedEol(
+			MemoryStream	bOut,
+			int				lastCh,
+			Stream			fIn)
+		{
+			int lookAhead = fIn.ReadByte();
+
+			if (lastCh == '\r' && lookAhead == '\n')
+			{
+				bOut.WriteByte((byte) lookAhead);
+				lookAhead = fIn.ReadByte();
+			}
+
+			return lookAhead;
+		}
+
+		private static void ProcessLine(
+			PgpSignature	sig,
+			byte[]			line)
+		{
+			int length = GetLengthWithoutWhiteSpace(line);
+			if (length > 0)
+			{
+				sig.Update(line, 0, length);
+			}
+		}
+
+		private static void ProcessLine(
+			Stream					aOut,
+			PgpSignatureGenerator	sGen,
+			byte[]					line)
+		{
+			int length = GetLengthWithoutWhiteSpace(line);
+			if (length > 0)
+			{
+				sGen.Update(line, 0, length);
+			}
+
+			aOut.Write(line, 0, line.Length);
+		}
+
+		private static int GetLengthWithoutWhiteSpace(
+			byte[] line)
+		{
+			int end = line.Length - 1;
+
+			while (end >= 0 && IsWhiteSpace(line[end]))
+			{
+				end--;
+			}
+
+			return end + 1;
+		}
+
+		private static bool IsWhiteSpace(
+			byte b)
+		{
+			return b == '\r' || b == '\n' || b == '\t' || b == ' ';
+		}
+
+		public override void PerformTest()
+		{
+			messageTest(crOnlySignedMessage, "\\r");
+			messageTest(nlOnlySignedMessage, "\\n");
+			messageTest(crNlSignedMessage, "\\r\\n");
+			messageTest(crNlSignedMessageTrailingWhiteSpace, "\\r\\n");
+
+			generateTest(nlOnlyMessage, "\\r");
+			generateTest(crOnlyMessage, "\\n");
+			generateTest(crNlMessage, "\\r\\n");
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new PgpClearSignedSignatureTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/openpgp/test/PGPCompressionTest.cs b/crypto/test/src/openpgp/test/PGPCompressionTest.cs
new file mode 100644
index 000000000..fdcf7222c
--- /dev/null
+++ b/crypto/test/src/openpgp/test/PGPCompressionTest.cs
@@ -0,0 +1,117 @@
+using System;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Utilities;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
+{
+	[TestFixture]
+	public class PgpCompressionTest
+		: SimpleTest
+	{
+		private static readonly byte[] Data = Encoding.ASCII.GetBytes("hello world! !dlrow olleh");
+
+		[Test]
+		public void TestUncompressed()
+		{
+			doTestCompression(CompressionAlgorithmTag.Uncompressed);
+		}
+
+		[Test]
+		public void TestZip()
+		{
+			doTestCompression(CompressionAlgorithmTag.Zip);
+		}
+
+		[Test]
+		public void TestZLib()
+		{
+			doTestCompression(CompressionAlgorithmTag.ZLib);
+		}
+
+		[Test]
+		public void TestBZip2()
+		{
+			doTestCompression(CompressionAlgorithmTag.BZip2);
+		}
+
+		public override void PerformTest()
+		{
+			doTestCompression(CompressionAlgorithmTag.Uncompressed);
+			doTestCompression(CompressionAlgorithmTag.Zip);
+			doTestCompression(CompressionAlgorithmTag.ZLib);
+			doTestCompression(CompressionAlgorithmTag.BZip2);
+		}
+
+		private void doTestCompression(
+			CompressionAlgorithmTag type)
+		{
+			doTestCompression(type, true);
+			doTestCompression(type, false);
+		}
+
+		private void doTestCompression(
+			CompressionAlgorithmTag	type,
+			bool					streamClose)
+		{
+			MemoryStream bOut = new MemoryStream();
+			PgpCompressedDataGenerator cPacket = new PgpCompressedDataGenerator(type);
+			Stream os = cPacket.Open(new UncloseableStream(bOut), new byte[Data.Length - 1]);
+			os.Write(Data, 0, Data.Length);
+
+			if (streamClose)
+			{
+				os.Close();
+			}
+			else
+			{
+				cPacket.Close();
+			}
+
+			ValidateData(bOut.ToArray());
+
+			try
+			{
+				os.Close();
+				cPacket.Close();
+			}
+			catch (Exception)
+			{
+				Fail("Redundant Close() should be ignored");
+			}
+		}
+
+		private void ValidateData(
+			byte[] compressed)
+		{
+			PgpObjectFactory pgpFact = new PgpObjectFactory(compressed);
+			PgpCompressedData c1 = (PgpCompressedData) pgpFact.NextPgpObject();
+
+			Stream pIn = c1.GetDataStream();
+			byte[] bytes = Streams.ReadAll(pIn);
+			pIn.Close();
+
+			if (!AreEqual(bytes, Data))
+			{
+				Fail("compression test failed");
+			}
+		}
+
+		public override string Name
+		{
+			get { return "PGPCompressionTest"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new PgpCompressionTest());
+		}
+	}
+}
diff --git a/crypto/test/src/openpgp/test/PGPDSAElGamalTest.cs b/crypto/test/src/openpgp/test/PGPDSAElGamalTest.cs
new file mode 100644
index 000000000..b86324954
--- /dev/null
+++ b/crypto/test/src/openpgp/test/PGPDSAElGamalTest.cs
@@ -0,0 +1,492 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
+{
+	[TestFixture]
+	public class PgpDsaElGamalTest
+		: SimpleTest
+	{
+		private static readonly byte[] testPubKeyRing = Base64.Decode(
+			  "mQGiBEAR8jYRBADNifuSopd20JOQ5x30ljIaY0M6927+vo09NeNxS3KqItba"
+			+ "nz9o5e2aqdT0W1xgdHYZmdElOHTTsugZxdXTEhghyxoo3KhVcNnTABQyrrvX"
+			+ "qouvmP2fEDEw0Vpyk+90BpyY9YlgeX/dEA8OfooRLCJde/iDTl7r9FT+mts8"
+			+ "g3azjwCgx+pOLD9LPBF5E4FhUOdXISJ0f4EEAKXSOi9nZzajpdhe8W2ZL9gc"
+			+ "BpzZi6AcrRZBHOEMqd69gtUxA4eD8xycUQ42yH89imEcwLz8XdJ98uHUxGJi"
+			+ "qp6hq4oakmw8GQfiL7yQIFgaM0dOAI9Afe3m84cEYZsoAFYpB4/s9pVMpPRH"
+			+ "NsVspU0qd3NHnSZ0QXs8L8DXGO1uBACjDUj+8GsfDCIP2QF3JC+nPUNa0Y5t"
+			+ "wKPKl+T8hX/0FBD7fnNeC6c9j5Ir/Fp/QtdaDAOoBKiyNLh1JaB1NY6US5zc"
+			+ "qFks2seZPjXEiE6OIDXYra494mjNKGUobA4hqT2peKWXt/uBcuL1mjKOy8Qf"
+			+ "JxgEd0MOcGJO+1PFFZWGzLQ3RXJpYyBILiBFY2hpZG5hICh0ZXN0IGtleSBv"
+			+ "bmx5KSA8ZXJpY0Bib3VuY3ljYXN0bGUub3JnPohZBBMRAgAZBQJAEfI2BAsH"
+			+ "AwIDFQIDAxYCAQIeAQIXgAAKCRAOtk6iUOgnkDdnAKC/CfLWikSBdbngY6OK"
+			+ "5UN3+o7q1ACcDRqjT3yjBU3WmRUNlxBg3tSuljmwAgAAuQENBEAR8jgQBAC2"
+			+ "kr57iuOaV7Ga1xcU14MNbKcA0PVembRCjcVjei/3yVfT/fuCVtGHOmYLEBqH"
+			+ "bn5aaJ0P/6vMbLCHKuN61NZlts+LEctfwoya43RtcubqMc7eKw4k0JnnoYgB"
+			+ "ocLXOtloCb7jfubOsnfORvrUkK0+Ne6anRhFBYfaBmGU75cQgwADBQP/XxR2"
+			+ "qGHiwn+0YiMioRDRiIAxp6UiC/JQIri2AKSqAi0zeAMdrRsBN7kyzYVVpWwN"
+			+ "5u13gPdQ2HnJ7d4wLWAuizUdKIQxBG8VoCxkbipnwh2RR4xCXFDhJrJFQUm+"
+			+ "4nKx9JvAmZTBIlI5Wsi5qxst/9p5MgP3flXsNi1tRbTmRhqIRgQYEQIABgUC"
+			+ "QBHyOAAKCRAOtk6iUOgnkBStAJoCZBVM61B1LG2xip294MZecMtCwQCbBbsk"
+			+ "JVCXP0/Szm05GB+WN+MOCT2wAgAA");
+
+		private static readonly byte[] testPrivKeyRing = Base64.Decode(
+			  "lQHhBEAR8jYRBADNifuSopd20JOQ5x30ljIaY0M6927+vo09NeNxS3KqItba"
+			+ "nz9o5e2aqdT0W1xgdHYZmdElOHTTsugZxdXTEhghyxoo3KhVcNnTABQyrrvX"
+			+ "qouvmP2fEDEw0Vpyk+90BpyY9YlgeX/dEA8OfooRLCJde/iDTl7r9FT+mts8"
+			+ "g3azjwCgx+pOLD9LPBF5E4FhUOdXISJ0f4EEAKXSOi9nZzajpdhe8W2ZL9gc"
+			+ "BpzZi6AcrRZBHOEMqd69gtUxA4eD8xycUQ42yH89imEcwLz8XdJ98uHUxGJi"
+			+ "qp6hq4oakmw8GQfiL7yQIFgaM0dOAI9Afe3m84cEYZsoAFYpB4/s9pVMpPRH"
+			+ "NsVspU0qd3NHnSZ0QXs8L8DXGO1uBACjDUj+8GsfDCIP2QF3JC+nPUNa0Y5t"
+			+ "wKPKl+T8hX/0FBD7fnNeC6c9j5Ir/Fp/QtdaDAOoBKiyNLh1JaB1NY6US5zc"
+			+ "qFks2seZPjXEiE6OIDXYra494mjNKGUobA4hqT2peKWXt/uBcuL1mjKOy8Qf"
+			+ "JxgEd0MOcGJO+1PFFZWGzP4DAwLeUcsVxIC2s2Bb9ab2XD860TQ2BI2rMD/r"
+			+ "7/psx9WQ+Vz/aFAT3rXkEJ97nFeqEACgKmUCAEk9939EwLQ3RXJpYyBILiBF"
+			+ "Y2hpZG5hICh0ZXN0IGtleSBvbmx5KSA8ZXJpY0Bib3VuY3ljYXN0bGUub3Jn"
+			+ "PohZBBMRAgAZBQJAEfI2BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRAOtk6iUOgn"
+			+ "kDdnAJ9Ala3OcwEV1DbK906CheYWo4zIQwCfUqUOLMp/zj6QAk02bbJAhV1r"
+			+ "sAewAgAAnQFYBEAR8jgQBAC2kr57iuOaV7Ga1xcU14MNbKcA0PVembRCjcVj"
+			+ "ei/3yVfT/fuCVtGHOmYLEBqHbn5aaJ0P/6vMbLCHKuN61NZlts+LEctfwoya"
+			+ "43RtcubqMc7eKw4k0JnnoYgBocLXOtloCb7jfubOsnfORvrUkK0+Ne6anRhF"
+			+ "BYfaBmGU75cQgwADBQP/XxR2qGHiwn+0YiMioRDRiIAxp6UiC/JQIri2AKSq"
+			+ "Ai0zeAMdrRsBN7kyzYVVpWwN5u13gPdQ2HnJ7d4wLWAuizUdKIQxBG8VoCxk"
+			+ "bipnwh2RR4xCXFDhJrJFQUm+4nKx9JvAmZTBIlI5Wsi5qxst/9p5MgP3flXs"
+			+ "Ni1tRbTmRhr+AwMC3lHLFcSAtrNg/EiWFLAnKNXH27zjwuhje8u2r+9iMTYs"
+			+ "GjbRxaxRY0GKRhttCwqe2BC0lHhzifdlEcc9yjIjuKfepG2fnnSIRgQYEQIA"
+			+ "BgUCQBHyOAAKCRAOtk6iUOgnkBStAJ9HFejVtVJ/A9LM/mDPe0ExhEXt/QCg"
+			+ "m/KM7hJ/JrfnLQl7IaZsdg1F6vCwAgAA");
+
+		private static readonly byte[] encMessage = Base64.Decode(
+			  "hQEOAynbo4lhNjcHEAP/dgCkMtPB6mIgjFvNiotjaoh4sAXf4vFNkSeehQ2c"
+			+ "r+IMt9CgIYodJI3FoJXxOuTcwesqTp5hRzgUBJS0adLDJwcNubFMy0M2tp5o"
+			+ "KTWpXulIiqyO6f5jI/oEDHPzFoYgBmR4x72l/YpMy8UoYGtNxNvR7LVOfqJv"
+			+ "uDY/71KMtPQEAIadOWpf1P5Td+61Zqn2VH2UV7H8eI6hGa6Lsy4sb9iZNE7f"
+			+ "c+spGJlgkiOt8TrQoq3iOK9UN9nHZLiCSIEGCzsEn3uNuorD++Qs065ij+Oy"
+			+ "36TKeuJ+38CfT7u47dEshHCPqWhBKEYrxZWHUJU/izw2Q1Yxd2XRxN+nafTL"
+			+ "X1fQ0lABQUASa18s0BkkEERIdcKQXVLEswWcGqWNv1ZghC7xO2VDBX4HrPjp"
+			+ "drjL63p2UHzJ7/4gPWGGtnqq1Xita/1mrImn7pzLThDWiT55vjw6Hw==");
+
+		private static readonly byte[] signedAndEncMessage = Base64.Decode(
+			  "hQEOAynbo4lhNjcHEAP+K20MVhzdX57hf/cU8TH0prP0VePr9mmeBedzqqMn"
+			+ "fp2p8Zb68zmcMlI/WiL5XMNLYRmCgEcXyWbKdP/XV9m9LDBe1CMAGrkCeGBy"
+			+ "je69IQQ5LS9vDPyEMF4iAAv/EqACjqHkizdY/a/FRx/t2ioXYdEC2jA6kS9C"
+			+ "McpsNz16DE8EAIk3uKn4bGo/+15TXkyFYzW5Cf71SfRoHNmU2zAI93zhjN+T"
+			+ "B7mGJwWXzsMkIO6FkMU5TCSrwZS3DBWCIaJ6SYoaawE/C/2j9D7bX1Jv8kum"
+			+ "4cq+eZM7z6JYs6xend+WAwittpUxbEiyC2AJb3fBSXPAbLqWd6J6xbZZ7GDK"
+			+ "r2Ca0pwBxwGhbMDyi2zpHLzw95H7Ah2wMcGU6kMLB+hzBSZ6mSTGFehqFQE3"
+			+ "2BnAj7MtnbghiefogacJ891jj8Y2ggJeKDuRz8j2iICaTOy+Y2rXnnJwfYzm"
+			+ "BMWcd2h1C5+UeBJ9CrrLniCCI8s5u8z36Rno3sfhBnXdRmWSxExXtocbg1Ht"
+			+ "dyiThf6TK3W29Yy/T6x45Ws5zOasaJdsFKM=");
+
+		private static readonly char[] pass = "hello world".ToCharArray();
+
+		private static readonly SecureRandom random = new SecureRandom();
+
+		public override void PerformTest()
+		{
+			PgpPublicKey pubKey = null;
+
+			//
+			// Read the public key
+			//
+			PgpObjectFactory pgpFact = new PgpObjectFactory(testPubKeyRing);
+			PgpPublicKeyRing pgpPub = (PgpPublicKeyRing)pgpFact.NextPgpObject();
+
+			pubKey = pgpPub.GetPublicKey();
+
+			if (pubKey.BitStrength != 1024)
+			{
+				Fail("failed - key strength reported incorrectly.");
+			}
+
+			//
+			// Read the private key
+			//
+			PgpSecretKeyRing	sKey = new PgpSecretKeyRing(testPrivKeyRing);
+			PgpSecretKey		secretKey = sKey.GetSecretKey();
+			PgpPrivateKey		pgpPrivKey = secretKey.ExtractPrivateKey(pass);
+
+			//
+			// signature generation
+			//
+			const string data = "hello world!";
+			byte[] dataBytes = Encoding.ASCII.GetBytes(data);
+			MemoryStream bOut = new MemoryStream();
+			MemoryStream testIn = new MemoryStream(dataBytes, false);
+			PgpSignatureGenerator sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.Dsa,
+				HashAlgorithmTag.Sha1);
+
+			sGen.InitSign(PgpSignature.BinaryDocument, pgpPrivKey);
+
+			PgpCompressedDataGenerator cGen = new PgpCompressedDataGenerator(
+				CompressionAlgorithmTag.Zip);
+
+			BcpgOutputStream bcOut = new BcpgOutputStream(
+				cGen.Open(new UncloseableStream(bOut)));
+
+			sGen.GenerateOnePassVersion(false).Encode(bcOut);
+
+			PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator();
+
+			DateTime testDateTime = new DateTime(1973, 7, 27);
+			Stream lOut = lGen.Open(
+				new UncloseableStream(bcOut),
+				PgpLiteralData.Binary,
+				"_CONSOLE",
+				dataBytes.Length,
+				testDateTime);
+
+			int ch;
+			while ((ch = testIn.ReadByte()) >= 0)
+			{
+				lOut.WriteByte((byte) ch);
+				sGen.Update((byte) ch);
+			}
+
+			lGen.Close();
+
+			sGen.Generate().Encode(bcOut);
+
+			cGen.Close();
+
+			//
+			// verify Generated signature
+			//
+			pgpFact = new PgpObjectFactory(bOut.ToArray());
+
+			PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject();
+
+			pgpFact = new PgpObjectFactory(c1.GetDataStream());
+
+			PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
+
+			PgpOnePassSignature ops = p1[0];
+
+			PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject();
+			if (!p2.ModificationTime.Equals(testDateTime))
+			{
+				Fail("Modification time not preserved");
+			}
+
+			Stream    dIn = p2.GetInputStream();
+
+			ops.InitVerify(pubKey);
+
+			while ((ch = dIn.ReadByte()) >= 0)
+			{
+				ops.Update((byte)ch);
+			}
+
+			PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject();
+
+			if (!ops.Verify(p3[0]))
+			{
+				Fail("Failed Generated signature check");
+			}
+
+			//
+			// test encryption
+			//
+
+			//
+			// find a key sutiable for encryption
+			//
+			long pgpKeyID = 0;
+			AsymmetricKeyParameter pKey = null;
+
+			foreach (PgpPublicKey pgpKey in pgpPub.GetPublicKeys())
+			{
+				if (pgpKey.Algorithm == PublicKeyAlgorithmTag.ElGamalEncrypt
+					|| pgpKey.Algorithm == PublicKeyAlgorithmTag.ElGamalGeneral)
+				{
+					pKey = pgpKey.GetKey();
+					pgpKeyID = pgpKey.KeyId;
+					if (pgpKey.BitStrength != 1024)
+					{
+						Fail("failed - key strength reported incorrectly.");
+					}
+
+					//
+					// verify the key
+					//
+
+				}
+			}
+
+			IBufferedCipher c = CipherUtilities.GetCipher("ElGamal/None/PKCS1Padding");
+
+			c.Init(true, pKey);
+
+			byte[] inBytes = Encoding.ASCII.GetBytes("hello world");
+			byte[] outBytes = c.DoFinal(inBytes);
+
+			pgpPrivKey = sKey.GetSecretKey(pgpKeyID).ExtractPrivateKey(pass);
+
+			c.Init(false, pgpPrivKey.Key);
+
+			outBytes = c.DoFinal(outBytes);
+
+			if (!Arrays.AreEqual(inBytes, outBytes))
+			{
+				Fail("decryption failed.");
+			}
+
+			//
+			// encrypted message
+			//
+			byte[] text = { (byte)'h', (byte)'e', (byte)'l', (byte)'l', (byte)'o',
+								(byte)' ', (byte)'w', (byte)'o', (byte)'r', (byte)'l', (byte)'d', (byte)'!', (byte)'\n' };
+
+			PgpObjectFactory pgpF = new PgpObjectFactory(encMessage);
+
+			PgpEncryptedDataList encList = (PgpEncryptedDataList)pgpF.NextPgpObject();
+
+			PgpPublicKeyEncryptedData encP = (PgpPublicKeyEncryptedData)encList[0];
+
+			Stream clear = encP.GetDataStream(pgpPrivKey);
+
+			pgpFact = new PgpObjectFactory(clear);
+
+			c1 = (PgpCompressedData)pgpFact.NextPgpObject();
+
+			pgpFact = new PgpObjectFactory(c1.GetDataStream());
+
+			PgpLiteralData ld = (PgpLiteralData)pgpFact.NextPgpObject();
+
+			if (!ld.FileName.Equals("test.txt"))
+			{
+				throw new Exception("wrong filename in packet");
+			}
+
+			Stream inLd = ld.GetDataStream();
+			byte[] bytes = Streams.ReadAll(inLd);
+
+			if (!Arrays.AreEqual(bytes, text))
+			{
+				Fail("wrong plain text in decrypted packet");
+			}
+
+			//
+			// signed and encrypted message
+			//
+			pgpF = new PgpObjectFactory(signedAndEncMessage);
+
+			encList = (PgpEncryptedDataList)pgpF.NextPgpObject();
+
+			encP = (PgpPublicKeyEncryptedData)encList[0];
+
+			clear = encP.GetDataStream(pgpPrivKey);
+
+			pgpFact = new PgpObjectFactory(clear);
+
+			c1 = (PgpCompressedData)pgpFact.NextPgpObject();
+
+			pgpFact = new PgpObjectFactory(c1.GetDataStream());
+
+			p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
+
+			ops = p1[0];
+
+			ld = (PgpLiteralData)pgpFact.NextPgpObject();
+
+			bOut = new MemoryStream();
+
+			if (!ld.FileName.Equals("test.txt"))
+			{
+				throw new Exception("wrong filename in packet");
+			}
+
+			inLd = ld.GetDataStream();
+
+			//
+			// note: we use the DSA public key here.
+			//
+			ops.InitVerify(pgpPub.GetPublicKey());
+
+			while ((ch = inLd.ReadByte()) >= 0)
+			{
+				ops.Update((byte) ch);
+				bOut.WriteByte((byte) ch);
+			}
+
+			p3 = (PgpSignatureList)pgpFact.NextPgpObject();
+
+			if (!ops.Verify(p3[0]))
+			{
+				Fail("Failed signature check");
+			}
+
+			if (!Arrays.AreEqual(bOut.ToArray(), text))
+			{
+				Fail("wrong plain text in decrypted packet");
+			}
+
+			//
+			// encrypt
+			//
+			MemoryStream cbOut = new MemoryStream();
+			PgpEncryptedDataGenerator cPk = new PgpEncryptedDataGenerator(
+				SymmetricKeyAlgorithmTag.TripleDes, random);
+			PgpPublicKey puK = sKey.GetSecretKey(pgpKeyID).PublicKey;
+
+			cPk.AddMethod(puK);
+
+			Stream cOut = cPk.Open(new UncloseableStream(cbOut), bOut.ToArray().Length);
+
+			cOut.Write(text, 0, text.Length);
+
+			cOut.Close();
+
+			pgpF = new PgpObjectFactory(cbOut.ToArray());
+
+			encList = (PgpEncryptedDataList)pgpF.NextPgpObject();
+
+			encP = (PgpPublicKeyEncryptedData)encList[0];
+
+			pgpPrivKey = sKey.GetSecretKey(pgpKeyID).ExtractPrivateKey(pass);
+
+			clear = encP.GetDataStream(pgpPrivKey);
+			outBytes = Streams.ReadAll(clear);
+
+			if (!Arrays.AreEqual(outBytes, text))
+			{
+				Fail("wrong plain text in Generated packet");
+			}
+
+			//
+			// use of PgpKeyPair
+			//
+			BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
+			BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
+
+			ElGamalParameters elParams = new ElGamalParameters(p, g);
+
+			IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("ELGAMAL");
+			kpg.Init(new ElGamalKeyGenerationParameters(random, elParams));
+
+			AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
+
+			PgpKeyPair pgpKp = new PgpKeyPair(PublicKeyAlgorithmTag.ElGamalGeneral ,
+				kp.Public, kp.Private, DateTime.UtcNow);
+
+			PgpPublicKey k1 = pgpKp.PublicKey;
+			PgpPrivateKey k2 = pgpKp.PrivateKey;
+
+
+
+
+
+			// Test bug with ElGamal P size != 0 mod 8 (don't use these sizes at home!)
+			for (int pSize = 257; pSize < 264; ++pSize)
+			{
+				// Generate some parameters of the given size
+				ElGamalParametersGenerator epg = new ElGamalParametersGenerator();
+				epg.Init(pSize, 2, random);
+
+				elParams = epg.GenerateParameters();
+
+				kpg = GeneratorUtilities.GetKeyPairGenerator("ELGAMAL");
+				kpg.Init(new ElGamalKeyGenerationParameters(random, elParams));
+
+
+				// Run a short encrypt/decrypt test with random key for the given parameters
+				kp = kpg.GenerateKeyPair();
+
+				PgpKeyPair elGamalKeyPair = new PgpKeyPair(
+					PublicKeyAlgorithmTag.ElGamalGeneral, kp, DateTime.UtcNow);
+
+				cPk = new PgpEncryptedDataGenerator(SymmetricKeyAlgorithmTag.Cast5, random);
+
+				puK = elGamalKeyPair.PublicKey;
+
+				cPk.AddMethod(puK);
+
+				cbOut = new MemoryStream();
+
+				cOut = cPk.Open(new UncloseableStream(cbOut), text.Length);
+
+				cOut.Write(text, 0, text.Length);
+
+				cOut.Close();
+
+				pgpF = new PgpObjectFactory(cbOut.ToArray());
+
+				encList = (PgpEncryptedDataList)pgpF.NextPgpObject();
+
+				encP = (PgpPublicKeyEncryptedData)encList[0];
+
+				pgpPrivKey = elGamalKeyPair.PrivateKey;
+
+				// Note: This is where an exception would be expected if the P size causes problems
+				clear = encP.GetDataStream(pgpPrivKey);
+				byte[] decText = Streams.ReadAll(clear);
+
+				if (!Arrays.AreEqual(text, decText))
+				{
+					Fail("decrypted message incorrect");
+				}
+			}
+
+
+			// check sub key encoding
+
+			foreach (PgpPublicKey pgpKey in pgpPub.GetPublicKeys())
+			{
+				if (!pgpKey.IsMasterKey)
+				{
+					byte[] kEnc = pgpKey.GetEncoded();
+
+					PgpObjectFactory objF = new PgpObjectFactory(kEnc);
+
+					// TODO Make PgpPublicKey a PgpObject or return a PgpPublicKeyRing
+//					PgpPublicKey k = (PgpPublicKey)objF.NextPgpObject();
+//
+//					pKey = k.GetKey();
+//					pgpKeyID = k.KeyId;
+//					if (k.BitStrength != 1024)
+//					{
+//						Fail("failed - key strength reported incorrectly.");
+//					}
+//
+//					if (objF.NextPgpObject() != null)
+//					{
+//						Fail("failed - stream not fully parsed.");
+//					}
+                }
+            }
+		}
+
+		public override string Name
+		{
+			get { return "PGPDSAElGamalTest"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new PgpDsaElGamalTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/openpgp/test/PGPDSATest.cs b/crypto/test/src/openpgp/test/PGPDSATest.cs
new file mode 100644
index 000000000..7808ed6cd
--- /dev/null
+++ b/crypto/test/src/openpgp/test/PGPDSATest.cs
@@ -0,0 +1,597 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
+{
+	[TestFixture]
+    public class PgpDsaTest
+		: SimpleTest
+    {
+		private static readonly byte[] testPubKey = Base64.Decode(
+              "mQGiBD9HBzURBACzkxRCVGJg5+Ld9DU4Xpnd4LCKgMq7YOY7Gi0EgK92gbaa6+zQ"
+            + "oQFqz1tt3QUmpz3YVkm/zLESBBtC1ACIXGggUdFMUr5I87+1Cb6vzefAtGt8N5VV"
+            + "1F/MXv1gJz4Bu6HyxL/ncfe71jsNhav0i4yAjf2etWFj53zK6R+Ojg5H6wCgpL9/"
+            + "tXVfGP8SqFvyrN/437MlFSUEAIN3V6j/MUllyrZglrtr2+RWIwRrG/ACmrF6hTug"
+            + "Ol4cQxaDYNcntXbhlTlJs9MxjTH3xxzylyirCyq7HzGJxZzSt6FTeh1DFYzhJ7Qu"
+            + "YR1xrSdA6Y0mUv0ixD5A4nPHjupQ5QCqHGeRfFD/oHzD4zqBnJp/BJ3LvQ66bERJ"
+            + "mKl5A/4uj3HoVxpb0vvyENfRqKMmGBISycY4MoH5uWfb23FffsT9r9KL6nJ4syLz"
+            + "aRR0gvcbcjkc9Z3epI7gr3jTrb4d8WPxsDbT/W1tv9bG/EHawomLcihtuUU68Uej"
+            + "6/wZot1XJqu2nQlku57+M/V2X1y26VKsipolPfja4uyBOOyvbLQzRXJpYyBFY2hp"
+            + "ZG5hIChEU0EgVGVzdCBLZXkpIDxlcmljQGJvdW5jeWNhc3RsZS5vcmc+iFkEExEC"
+            + "ABkFAj9HBzUECwcDAgMVAgMDFgIBAh4BAheAAAoJEM0j9enEyjRDAlwAn2rrom0s"
+            + "MhufWK5vIRwg7gj5qsLEAJ4vnT5dPBVblofsG+pDoCVeJXGGng==");
+
+		private static readonly byte[] testPrivKey = Base64.Decode(
+			  "lQHhBD9HBzURBACzkxRCVGJg5+Ld9DU4Xpnd4LCKgMq7YOY7Gi0EgK92gbaa6+zQ"
+            + "oQFqz1tt3QUmpz3YVkm/zLESBBtC1ACIXGggUdFMUr5I87+1Cb6vzefAtGt8N5VV"
+            + "1F/MXv1gJz4Bu6HyxL/ncfe71jsNhav0i4yAjf2etWFj53zK6R+Ojg5H6wCgpL9/"
+            + "tXVfGP8SqFvyrN/437MlFSUEAIN3V6j/MUllyrZglrtr2+RWIwRrG/ACmrF6hTug"
+            + "Ol4cQxaDYNcntXbhlTlJs9MxjTH3xxzylyirCyq7HzGJxZzSt6FTeh1DFYzhJ7Qu"
+            + "YR1xrSdA6Y0mUv0ixD5A4nPHjupQ5QCqHGeRfFD/oHzD4zqBnJp/BJ3LvQ66bERJ"
+            + "mKl5A/4uj3HoVxpb0vvyENfRqKMmGBISycY4MoH5uWfb23FffsT9r9KL6nJ4syLz"
+            + "aRR0gvcbcjkc9Z3epI7gr3jTrb4d8WPxsDbT/W1tv9bG/EHawomLcihtuUU68Uej"
+            + "6/wZot1XJqu2nQlku57+M/V2X1y26VKsipolPfja4uyBOOyvbP4DAwIDIBTxWjkC"
+            + "GGAWQO2jy9CTvLHJEoTO7moHrp1FxOVpQ8iJHyRqZzLllO26OzgohbiPYz8u9qCu"
+            + "lZ9Xn7QzRXJpYyBFY2hpZG5hIChEU0EgVGVzdCBLZXkpIDxlcmljQGJvdW5jeWNh"
+            + "c3RsZS5vcmc+iFkEExECABkFAj9HBzUECwcDAgMVAgMDFgIBAh4BAheAAAoJEM0j"
+            + "9enEyjRDAlwAnjTjjt57NKIgyym7OTCwzIU3xgFpAJ0VO5m5PfQKmGJRhaewLSZD"
+            + "4nXkHg==");
+
+		private static readonly byte[] testPrivKey2 = Base64.Decode(
+              "lQHhBEAnoewRBADRvKgDhbV6pMzqYfUgBsLxSHzmycpuxGbjMrpyKHDOEemj"
+            + "iQb6TyyBKUoR28/pfshFP9R5urtKIT7wjVrDuOkxYkgRhNm+xmPXW2Lw3D++"
+            + "MQrC5VWe8ywBltz6T9msmChsaKo2hDhIiRI/mg9Q6rH9pJKtVGi4R7CgGxM2"
+            + "STQ5fwCgub38qGS1W2O4hUsa+3gva5gaNZUEAItegda4/H4t88XdWxW3D8pv"
+            + "RnFz26/ADdImVaQlBoumD15VmcgYoT1Djizey7X8vfV+pntudESzLbn3GHlI"
+            + "6C09seH4e8eYP63t7KU/qbUCDomlSswd1OgQ/RxfN86q765K2t3K1i3wDSxe"
+            + "EgSRyGKee0VNvOBFOFhuWt+patXaBADE1riNkUxg2P4lBNWwu8tEZRmsl/Ys"
+            + "DBIzXBshoMzZCvS5PnNXMW4G3SAaC9OC9jvKSx9IEWhKjfjs3QcWzXR28mcm"
+            + "5na0bTxeOMlaPPhBdkTCmFl0IITWlH/pFlR2ah9WYoWYhZEL2tqB82wByzxH"
+            + "SkSeD9V5oeSCdCcqiqkEmv4DAwLeNsQ2XGJVRmA4lld+CR5vRxpT/+/2xklp"
+            + "lxVf/nx0+thrHDpro3u/nINIIObk0gh59+zaEEe3APlHqbQVYWFhIGJiYiA8"
+            + "Y2NjQGRkZC5lZWU+iFoEExECABoFAkAnoewFCwcDAgEDFQIDAxYCAQIeAQIX"
+            + "gAAKCRA5nBpCS63az85BAKCbPfU8ATrFvkXhzGNGlc1BJo6DWQCgnK125xVK"
+            + "lWLpt6ZJJ7TXcx3nkm6wAgAAnQFXBEAnoe0QBACsQxPvaeBcv2TkbgU/5Wc/"
+            + "tO222dPE1mxFbXjGTKfb+6ge96iyD8kTRLrKCkEEeVBa8AZqMSoXUVN6tV8j"
+            + "/zD8Bc76o5iJ6wgpg3Mmy2GxInVfsfZN6/G3Y2ukmouz+CDNvQdUw8cTguIb"
+            + "QoV3XhQ03MLbfVmNcHsku9F4CuKNWwADBQP0DSSe8v5PXF9CSCXOIxBDcQ5x"
+            + "RKjyYOveqoH/4lbOV0YNUbIDZq4RaUdotpADuPREFmWf0zTB6KV/WIiag8XU"
+            + "WU9zdDvLKR483Bo6Do5pDBcN+NqfQ+ntGY9WJ7BSFnhQ3+07i1K+NsfFTRfv"
+            + "hf9X3MP75rCf7MxAIWHTabEmUf4DAwLeNsQ2XGJVRmA8DssBUCghogG9n8T3"
+            + "qfBeKsplGyCcF+JjPeQXkKQaoYGJ0aJz36qFP9d8DuWtT9soQcqIxVf6mTa8"
+            + "kN1594hGBBgRAgAGBQJAJ6HtAAoJEDmcGkJLrdrPpMkAnRyjQSKugz0YJqOB"
+            + "yGasMLQLxd2OAKCEIlhtCarlufVQNGZsuWxHVbU8crACAAA=");
+
+		private static readonly byte[] sig1 = Base64.Decode(
+              "owGbwMvMwCR4VvnryyOnTJwZ10gncZSkFpfolVSU2Ltz78hIzcnJVyjPL8pJUeTq"
+            + "sGdmZQCJwpQLMq3ayTA/0Fj3xf4jbwPfK/H3zj55Z9L1n2k/GOapKJrvMZ4tLiCW"
+            + "GtP/XeDqX4fORDUA");
+
+		private static readonly byte[] sig1crc = Base64.Decode("OZa/");
+
+		private static readonly byte[] testPubWithUserAttr = Base64.Decode(
+              "mQGiBD2Rqv0RBADqKCkhVEtB/lEEr/9CubuHEy2oN/yU5j+2GXSdcNdVnRI/rwFy"
+            + "fHEQIk3uU7zHSUKFrC59yDm0sODYyjEdE3BVb0xvEJ5LE/OdndcIMXT1DungZ1vB"
+            + "zIK/3lr33W/PHixYxv9jduH3WrTehBpiKkgMZp8XloSFj2Cnw9LDyfqB7QCg/8K1"
+            + "o2k75NkOd9ZjnA9ye7Ri3bEEAKyr61Mo7viPWBK1joWAEsxG0OBWM+iSlG7kwh31"
+            + "8efgC/7Os6x4Y0jzs8mpcbBjeZtZjS9lRbfp7RinhF269xL0TZ3JxIdtaAV/6yDQ"
+            + "9NXfZY9dskN++HIR/5GCEEgq/qTJZt6ti5k7aV19ZFfO6wiK3NUy08wOrVsdOkVE"
+            + "w9IcBADaplhpcel3201uU3OCboogJtw81R5MJMZ4Y9cKL/ca2jGISn0nA7KrAw9v"
+            + "ShheSixGO4BV9JECkLEbtg7i+W/j/De6S+x2GLNcphuTP3UmgtKbhs0ItRqzW561"
+            + "s6gLkqi6aWmgaFLd8E1pMJcd9DSY95P13EYB9VJIUxFNUopzo7QcUmFsZiBIYXVz"
+            + "ZXIgPGhhdXNlckBhY20ub3JnPokAWAQQEQIAGAUCPZGq/QgLAwkIBwIBCgIZAQUb"
+            + "AwAAAAAKCRAqIBiOh4JvOKg4AJ9j14yygOqqzqiLKeaasIzqT8LCIgCggx14WuLO"
+            + "wOUTUswTaVKMFnU7tseJAJwEEAECAAYFAj2Rqx8ACgkQ9aWTKMpUDFV+9QP/RiWT"
+            + "5FAF5Rgb7beaApsgXsME+Pw7HEYFtqGa6VcXEpbcUXO6rjaXsgMgY90klWlWCF1T"
+            + "HOyKITvj2FdhE+0j8NQn4vaGpiTwORW/zMf/BZ0abdSWQybp10Yjs8gXw30UheO+"
+            + "F1E524MC+s2AeUi2hwHMiS+AVYd4WhxWHmWuBpTRypP/AAALTgEQAAEBAAAAAQAA"
+            + "AAABAAAA/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQ"
+            + "Dg0NDh0VFhEYIx8lJCIfIiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/"
+            + "2wBDAQoLCw4NDhwQEBw7KCIoOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7"
+            + "Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAARCABqAF0DASIAAhEBAxEB/8QAHwAAAQUB"
+            + "AQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQID"
+            + "AAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0"
+            + "NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKT"
+            + "lJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl"
+            + "5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL"
+            + "/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHB"
+            + "CSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpj"
+            + "ZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3"
+            + "uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIR"
+            + "AxEAPwD2aiiq9xcxWsRllcKqjOT06E/0oAsVm6jrmm6VGXvLuOPGflz8x+grzXxV"
+            + "8U51u5LXRgBGowZHXknnkc9OQcV51caneXdw9xPOXlckl2AJHY4J6cD1oA9J1z4p"
+            + "TRkrYQhRyQ0hIY5/2QRx7k9ulczN8SvEEshdZkX0UorDrznI759a5Mksckkknqec"
+            + "mkoA7WD4oavEoEttbTepYEZ+mCMVv6H8SLTULhbe/gFozAYkD5Unp3Ax/kV5XRQB"
+            + "9EAhgCDkHkEcgilryTwd4zn0m4WzvpTJZSMBuY5MfbueletKyugZWDKwyCOc/j3o"
+            + "AduyWLDeWB5Ynj8jSUUUAdFXn/xU15dO0RbGGYC5uWwUB6L1Jx+n413F1cJa2stz"
+            + "J92JC5+gGa+bdfvp9S1q4urmRneQg5Yk4HGAPYZoAzySxySSSep5yaSvQvAPhOHU"
+            + "rB7u5iLGUlIwQRx7HPr/AJ9LGsfC+dJGngc+X12gc8nvx1/rQB5rRXS3Xg28t9ye"
+            + "VLvA7Ddj8MDt6Vnx6JKJCsocnBwqqQSOxPH+fWgDKorTl0SaLGXxkZ+ZcZ4z1yfb"
+            + "P1qg0MqLueN1A6kqRigCOvVPh74mF9YjS7tgLi3GIm6b17c+oOfrXlda3haeW38R"
+            + "WjxfeMgBOCcD/PHpzQB7nRRRQBqarZjUNLubPJXz4yhI64PFfO3iDRrnRtdm0+cq"
+            + "0ocEbehzyOv1xX0vXnHxU8Kf2hYf23aRk3VsMTAZO6MZ5x7UAbfga1W00WzjRSF8"
+            + "kbsg5z744HT/ADmuoysikdQSVP8AI1yPgq6il0axk27V8sDcTg5x7V1qSxOcJIrH"
+            + "/ZOaAKV5p8JgJSPJGMr97PNcxqOiRXLiRI8nONoIGO55z/8AqyeldhPcQxwyOzoQ"
+            + "owRkflXH6t4q0nTLjy57mNXfJCA5x+Qx0NAGXd6LD5iiaPYwTAAx07+vXvXOXmiR"
+            + "Qu6u5VTk/MQQV7cdvxPT866KbxTpt7HGR8p7SMw5HuOP8/Ws/ULlb2No0bKMOGBJ"
+            + "BHrjHHXn6D8QDzWZQk8iAYVWIA9K6LwDZNeeJ4sEqsaF2YHBHpz2/wA/WsG+V0vZ"
+            + "kkGGVsEZz9OcntXffC62iiS7vJTsklKxRFuAw6nBP+eKAPRKKKKAOiqOSNJYzHIo"
+            + "ZGGCD0NSUUAeRajIunwzQG4e3tYZTHGsPzOxJ6ADuQcH8Pw5v+19Q0rVJVgl1JG3"
+            + "cxykEj13cnHT1r1C38OQ3l063cIkkhmkZDKSeCfx9R/kVLeeGIRKs7hVVDn5OCx9"
+            + "yeTjqMf0oAo3k1xP4biuJFeKV4w7gDaQcen1/wAjt5gbK81HW41kIiJBZppULe47"
+            + "eoxx+YzivW9Vh/0FAE+XPIJGCOR0rnbPT7eG+LyxlkAG1wQSPXrjvg9MfjQBycNj"
+            + "4hMRZgJkUjETQqAy/UAY6DoO/wCNbVlYTNbSNJbmBlBwoUfM30B7j2/lz20VhbKA"
+            + "wHmZOQWbOfyrO1G3jil8tBhWToOcdu+c/wAvagDzbUdGlu9aRxFiB/vsuBggZOfq"
+            + "cfWujSIR2dnNZTEeXKgMcb4BUHjofbjNKmI5juiabaGGxVJLcdh/nFWtI0oxagsD"
+            + "DIkkWXYp4VQDnOemSfyHbigDtgSQMjBI6HqKKKKAOiopoPXjGKdQBnXLiDUI5SMK"
+            + "VwxHGf8APFUtW1A+YkMKmbnc23njuf6D/ObWquoaNSQCM/rwP1rMYxxTGWR1UsoU"
+            + "biAcdep+o/KgDG1LxdpracIirCVRjaykHr6cHGQe1cv/AGjNcXBW3sntyT/rHcjj"
+            + "Hp6Z+nQdAK6PXIdIvcE3Fv5rEfNgP9eRn8c8d/rgzX2i2sqo1y8745CD5WPseOnH"
+            + "f8aANiz1O9gjiR5FMUhAV1wcH0Ix6jHHSrMsskz7pGy2MZNc8PEEM7xxWsM/lr8r"
+            + "b4jtI9CcHt7nr7Vqi4JuEjB2qse9y2Ace47dRn/OQDMuRMl8RHw7SgDBPGT6jpwf"
+            + "yzXa2NmbYF3IMrDB2kkAe3HP5Vwk99u1hdg3ANuOOOB0z6ZwPz6c8eiAhgCDkHkE"
+            + "cgigBaKKKAOiqJiMEb9mBknjim3LFIGcOU285ArNa8mKIN3QclScn6+/FADL9xOc"
+            + "K2Tj7xAxnAwQPqOmawdSNpeSJBfQyGNXwQpIAPvjqOPyPT12nYsxYnJIGSeMnHP+"
+            + "e9UL7TUumEqOYp1GNw6N/vDv/wDXoA5+70vSbFGlhtopUxkBl3EZ45z7/kKwTdpN"
+            + "cIsOmeSCduUiCnB9cdeg/M/j0v8AbFtY5hu0gjmGSRICT19cdMDt3+lULzxPZGZv"
+            + "LXcBnCrwB6Y4PX+ZoAptMRbiMDAGSSMksf8A9Q6DuKzJtVYs+BvcPgMTkEdOTnrx"
+            + "/KoLzVmvZZQjjaT82DyPbqcdx+GKitLf7TNsLYAGWPfH+TQBcsYJDE0rOyu4wjHk"
+            + "gfQ+p/zzWjpnja5sdSOm6yyK0Z2pMCQjZ+6SM9CCMdhnp3E1hYy393FaW0eXfjAx"
+            + "gAdT26D+X4Vg/EuFLbxOsCYBitkQkEdsgcADsB+lAHplvqUbsu5vlYA5PIB7468e"
+            + "nPf8lfUlDkRRrIvqZNn6EV41o3iO/wBFcCJ/MhBP7pjwD6g9ua7G08b6TcRl7h5L"
+            + "eTPKvGz5+hUH9cUAeo3uFDrt+Y4O7HOOB69Pr/8AXqhUlx/r2/z2qOgBCQoJJwBy"
+            + "SeABXHeIfHVvbXcemaW4luHlVJJlIKxjODgg8nqKq/Em6uItOhWOeVAx5CuRnrXn"
+            + "+jf8hyw/6+Y//QhQB6xrmlxzXc0NyuHVyQcdjnBz379D1BGeK5u88LMJGlt2RlX7"
+            + "qkEsPXn6/pXo/ilVzbttG7DDOOeornqAONbRpI4v3pKOQcAqQD+Y/P6j052NK0p5"
+            + "HWHy3IBPyqrfN6gZz+P4/hpXoGzOOiP/ACNdH4XRftsp2jIBxx70AX9E0pdMtvMm"
+            + "VRNt5xyEGOgPf3NeDeLdVOs+J768zlGkKx+yjgfy/WvoPXeNEvMcfujXzJQAUUUU"
+            + "Af/ZiQBGBBARAgAGBQI9katEAAoJECogGI6Hgm84xz8AoNGz1fJrVPxqkBrUDmWA"
+            + "GsP6qVGYAJ0ZOftw/GfQHzdGR8pOK85DLUPEErQkUmFsZiBIYXVzZXIgPGhhdXNl"
+            + "ckBwcml2YXNwaGVyZS5jb20+iQBGBBARAgAGBQI9katmAAoJECogGI6Hgm84m0oA"
+            + "oJS3CTrgpqRZfhgPtHGtUVjRCJbbAJ9stJgPcbqA2xXEg9yl2TQToWdWxbQkUmFs"
+            + "ZiBIYXVzZXIgPGhhdXNlckBwcml2YXNwaGVyZS5vcmc+iQBGBBARAgAGBQI9kauJ"
+            + "AAoJECogGI6Hgm84GfAAnRswktLMzDfIjv6ni76Qp5B850byAJ90I0LEHOLhda7r"
+            + "kqTwZ8rguNssUrQkUmFsZiBIYXVzZXIgPGhhdXNlckBwcml2YXNwaGVyZS5uZXQ+"
+            + "iQBGBBARAgAGBQI9kaubAAoJECogGI6Hgm84zi0An16C4s/B9Z0/AtfoN4ealMh3"
+            + "i3/7AJ9Jg4GOUqGCGRRKUA9Gs5pk8yM8GbQmUmFsZiBDLiBIYXVzZXIgPHJhbGZo"
+            + "YXVzZXJAYmx1ZXdpbi5jaD6JAEYEEBECAAYFAj2Rq8oACgkQKiAYjoeCbzhPOACg"
+            + "iiTohKuIa66FNiI24mQ+XR9nTisAoLmh3lJf16/06qLPsRd9shTkLfmHtB9SYWxm"
+            + "IEhhdXNlciA8cmFsZmhhdXNlckBnbXguY2g+iQBGBBARAgAGBQI9kavvAAoJECog"
+            + "GI6Hgm84ZE8An0RlgL8mPBa/P08S5e/lD35MlDdgAJ99pjCeY46S9+nVyx7ACyKO"
+            + "SZ4OcLQmUmFsZiBIYXVzZXIgPGhhdXNlci5yYWxmQG15c3VucmlzZS5jaD6JAEYE"
+            + "EBECAAYFAj2RrEEACgkQKiAYjoeCbzjz0wCg+q801XrXk+Rf+koSI50MW5OaaKYA"
+            + "oKOVA8SLxE29qSR/bJeuW0ryzRLqtCVSYWxmIEhhdXNlciA8aGF1c2VyLnJhbGZA"
+            + "ZnJlZXN1cmYuY2g+iQBGBBARAgAGBQI9kaxXAAoJECogGI6Hgm848zoAnRBtWH6e"
+            + "fTb3is63s8J2zTfpsyS0AKDxTjl+ZZV0COHLrSCaNLZVcpImFrkEDQQ9kar+EBAA"
+            + "+RigfloGYXpDkJXcBWyHhuxh7M1FHw7Y4KN5xsncegus5D/jRpS2MEpT13wCFkiA"
+            + "tRXlKZmpnwd00//jocWWIE6YZbjYDe4QXau2FxxR2FDKIldDKb6V6FYrOHhcC9v4"
+            + "TE3V46pGzPvOF+gqnRRh44SpT9GDhKh5tu+Pp0NGCMbMHXdXJDhK4sTw6I4TZ5dO"
+            + "khNh9tvrJQ4X/faY98h8ebByHTh1+/bBc8SDESYrQ2DD4+jWCv2hKCYLrqmus2UP"
+            + "ogBTAaB81qujEh76DyrOH3SET8rzF/OkQOnX0ne2Qi0CNsEmy2henXyYCQqNfi3t"
+            + "5F159dSST5sYjvwqp0t8MvZCV7cIfwgXcqK61qlC8wXo+VMROU+28W65Szgg2gGn"
+            + "VqMU6Y9AVfPQB8bLQ6mUrfdMZIZJ+AyDvWXpF9Sh01D49Vlf3HZSTz09jdvOmeFX"
+            + "klnN/biudE/F/Ha8g8VHMGHOfMlm/xX5u/2RXscBqtNbno2gpXI61Brwv0YAWCvl"
+            + "9Ij9WE5J280gtJ3kkQc2azNsOA1FHQ98iLMcfFstjvbzySPAQ/ClWxiNjrtVjLhd"
+            + "ONM0/XwXV0OjHRhs3jMhLLUq/zzhsSlAGBGNfISnCnLWhsQDGcgHKXrKlQzZlp+r"
+            + "0ApQmwJG0wg9ZqRdQZ+cfL2JSyIZJrqrol7DVes91hcAAgIQAKD9MGkS8SUD2irI"
+            + "AiwVHU0WXLBnk2CvvueSmT9YtC34UKkIkDPZ7VoeuXDfqTOlbiE6T16zPvArZfbl"
+            + "JGdrU7HhsTdu+ADxRt1dPur0G0ICJ3pBD3ydGWpdLI/94x1BvTY4rsR5mS4YWmpf"
+            + "e2kWc7ZqezhP7Xt9q7m4EK456ddeUZWtkwGU+PKyRAZ+CK82Uhouw+4aW0NjiqmX"
+            + "hfH9/BUhI1P/8R9VkTfAFGPmZzqoHr4AuO5tLRLD2RFSmQCP8nZTiP9nP+wBBvn7"
+            + "vuqKRQsj9PwwPD4V5SM+kpW+rUIWr9TZYl3UqSnlXlpEZFd2Bfl6NloeH0cfU69E"
+            + "gtjcWGvGxYKPS0cg5yhVb4okka6RqIPQiYl6eJgv4tRTKoPRX29o0aUVdqVvDr5u"
+            + "tnFzcINq7jTo8GiO8Ia3cIFWfo0LyQBd1cf1U+eEOz+DleEFqyljaz9VCbDPE4GP"
+            + "o+ALESBlOwn5daUSaah9iU8aVPaSjn45hoQqxOKPwJxnCKKQ01iy0Gir+CDU8JJB"
+            + "7bmbvQN4bke30EGAeED3oi+3VaBHrhjYLv7SHIxP5jtCJKWMJuLRV709HsWJi3kn"
+            + "fGHwH+yCDF8+PDeROAzpXBaD2EFhKgeUTjP5Rgn6ltRf8TQnfbW4qlwyiXMhPOfC"
+            + "x6qNmwaFPKQJpIkVq5VGfRXAERfkiQBMBBgRAgAMBQI9kar+BRsMAAAAAAoJECog"
+            + "GI6Hgm84CDMAoNrNeP4c8XqFJnsLLPcjk5YGLaVIAKCrL5KFuLQVIp7d0Fkscx3/"
+            + "7DGrzw==");
+
+		private static readonly byte[] aesSecretKey = Base64.Decode(
+              "lQHpBEBSdIYRBADpd7MeIxRk4RsvyMnJNIYe4FiVv6i7I7+LPRvnIjDct0bN"
+            + "1gCV48QFej7g/PsvXRjYSowV3VIvchWX8OERd/5i10cLbcs7X52EP1vwYaLj"
+            + "uRfNUBg8Q51RQsKR+/rBmnVsi68rjU4yTH6wpo6FOO4pz4wFV+tWwGOwOitA"
+            + "K31L4wCgqh59eFFBrOlRFAbDvaL7emoCIR8EAOLxDKiLQJYQrKZfXdZnifeo"
+            + "dhEP0uuV4O5TG6nrqkhWffzC9cSoFD0BhMl979d8IB2Uft4FNvQc2u8hbJL5"
+            + "7OCGDCUAidlB9jSdu0/J+kfRaTGhYDjBgw7AA42576BBSMNouJg/aOOQENEN"
+            + "Nn4n7NxR3viBzIsL/OIeU8HSkBgaA/41PsvcgZ3kwpdltJ/FVRWhmMmv/q/X"
+            + "qp1YOnF8xPU9bv2ofELrxJfRsbS4GW1etzD+nXs/woW4Vfixs01x+cutR4iF"
+            + "3hw+eU+yLToMPmmo8D2LUvX1SRODJpx5yBBeRIYv6nz9H3sQRDx3kaLASxDV"
+            + "jTxKmrLYnZz5w5qyVpvRyv4JAwKyWlhdblPudWBFXNkW5ydKn0AV2f51wEtj"
+            + "Zy0aLIeutVMSJf1ytLqjFqrnFe6pdJrHO3G00TE8OuFhftWosLGLbEGytDtF"
+            + "cmljIEguIEVjaGlkbmEgKHRlc3Qga2V5IC0gQUVTMjU2KSA8ZXJpY0Bib3Vu"
+            + "Y3ljYXN0bGUub3JnPohZBBMRAgAZBQJAUnSGBAsHAwIDFQIDAxYCAQIeAQIX"
+            + "gAAKCRBYt1NnUiCgeFKaAKCiqtOO+NQES1gJW6XuOGmSkXt8bQCfcuW7SXZH"
+            + "zxK1FfdcG2HEDs3YEVawAgAA");
+
+		private static readonly byte[] aesPublicKey = Base64.Decode(
+              "mQGiBEBSdIYRBADpd7MeIxRk4RsvyMnJNIYe4FiVv6i7I7+LPRvnIjDct0bN"
+            + "1gCV48QFej7g/PsvXRjYSowV3VIvchWX8OERd/5i10cLbcs7X52EP1vwYaLj"
+            + "uRfNUBg8Q51RQsKR+/rBmnVsi68rjU4yTH6wpo6FOO4pz4wFV+tWwGOwOitA"
+            + "K31L4wCgqh59eFFBrOlRFAbDvaL7emoCIR8EAOLxDKiLQJYQrKZfXdZnifeo"
+            + "dhEP0uuV4O5TG6nrqkhWffzC9cSoFD0BhMl979d8IB2Uft4FNvQc2u8hbJL5"
+            + "7OCGDCUAidlB9jSdu0/J+kfRaTGhYDjBgw7AA42576BBSMNouJg/aOOQENEN"
+            + "Nn4n7NxR3viBzIsL/OIeU8HSkBgaA/41PsvcgZ3kwpdltJ/FVRWhmMmv/q/X"
+            + "qp1YOnF8xPU9bv2ofELrxJfRsbS4GW1etzD+nXs/woW4Vfixs01x+cutR4iF"
+            + "3hw+eU+yLToMPmmo8D2LUvX1SRODJpx5yBBeRIYv6nz9H3sQRDx3kaLASxDV"
+            + "jTxKmrLYnZz5w5qyVpvRyrQ7RXJpYyBILiBFY2hpZG5hICh0ZXN0IGtleSAt"
+            + "IEFFUzI1NikgPGVyaWNAYm91bmN5Y2FzdGxlLm9yZz6IWQQTEQIAGQUCQFJ0"
+            + "hgQLBwMCAxUCAwMWAgECHgECF4AACgkQWLdTZ1IgoHhSmgCfU83BLBF2nCua"
+            + "zk2dXB9zO1l6XS8AnA07U4cq5W0GrKM6/kP9HWtPhgOFsAIAAA==");
+
+		private static readonly byte[] twofishSecretKey = Base64.Decode(
+              "lQHpBEBSdtIRBACf7WfrqTl8F051+EbaljPf/8/ajFpAfMq/7p3Hri8OCsuc"
+            + "fJJIufEEOV1/Lt/wkN67MmSyrU0fUCsRbEckRiB4EJ0zGHVFfAnku2lzdgc8"
+            + "AVounqcHOmqA/gliFDEnhYOx3bOIAOav+yiOqfKVBhWRCpFdOTE+w/XoDM+p"
+            + "p8bH5wCgmP2FuWpzfSut7GVKp51xNEBRNuED/3t2Q+Mq834FVynmLKEmeXB/"
+            + "qtIz5reHEQR8eMogsOoJS3bXs6v3Oblj4in1gLyTVfcID5tku6kLP20xMRM2"
+            + "zx2oRbz7TyOCrs15IpRXyqqJxUWD8ipgJPkPXE7hK8dh4YSTUi4i5a1ug8xG"
+            + "314twlPzrchpWZiutDvZ+ks1rzOtBACHrEFG2frUu+qVkL43tySE0cV2bnuK"
+            + "LVhXbpzF3Qdkfxou2nuzsCbl6m87OWocJX8uYcQGlHLKv8Q2cfxZyieLFg6v"
+            + "06LSFdE9drGBWz7mbrT4OJjxPyvnkffPfLOOqae3PMYIIuscvswuhm4X5aoj"
+            + "KJs01YT3L6f0iIj03hCeV/4KAwLcGrxT3X0qR2CZyZYSVBdjXeNYKXuGBtOf"
+            + "ood26WOtwLw4+l9sHVoiXNv0LomkO58ndJRPGCeZWZEDMVrfkS7rcOlktDxF"
+            + "cmljIEguIEVjaGlkbmEgKHRlc3Qga2V5IC0gdHdvZmlzaCkgPGVyaWNAYm91"
+            + "bmN5Y2FzdGxlLm9yZz6IWQQTEQIAGQUCQFJ20gQLBwMCAxUCAwMWAgECHgEC"
+            + "F4AACgkQaCCMaHh9zR2+RQCghcQwlt4B4YmNxp2b3v6rP3E8M0kAn2Gspi4u"
+            + "A/ynoqnC1O8HNlbjPdlVsAIAAA==");
+
+		private static readonly byte[] twofishPublicKey = Base64.Decode(
+              "mQGiBEBSdtIRBACf7WfrqTl8F051+EbaljPf/8/ajFpAfMq/7p3Hri8OCsuc"
+            + "fJJIufEEOV1/Lt/wkN67MmSyrU0fUCsRbEckRiB4EJ0zGHVFfAnku2lzdgc8"
+            + "AVounqcHOmqA/gliFDEnhYOx3bOIAOav+yiOqfKVBhWRCpFdOTE+w/XoDM+p"
+            + "p8bH5wCgmP2FuWpzfSut7GVKp51xNEBRNuED/3t2Q+Mq834FVynmLKEmeXB/"
+            + "qtIz5reHEQR8eMogsOoJS3bXs6v3Oblj4in1gLyTVfcID5tku6kLP20xMRM2"
+            + "zx2oRbz7TyOCrs15IpRXyqqJxUWD8ipgJPkPXE7hK8dh4YSTUi4i5a1ug8xG"
+            + "314twlPzrchpWZiutDvZ+ks1rzOtBACHrEFG2frUu+qVkL43tySE0cV2bnuK"
+            + "LVhXbpzF3Qdkfxou2nuzsCbl6m87OWocJX8uYcQGlHLKv8Q2cfxZyieLFg6v"
+            + "06LSFdE9drGBWz7mbrT4OJjxPyvnkffPfLOOqae3PMYIIuscvswuhm4X5aoj"
+            + "KJs01YT3L6f0iIj03hCeV7Q8RXJpYyBILiBFY2hpZG5hICh0ZXN0IGtleSAt"
+            + "IHR3b2Zpc2gpIDxlcmljQGJvdW5jeWNhc3RsZS5vcmc+iFkEExECABkFAkBS"
+            + "dtIECwcDAgMVAgMDFgIBAh4BAheAAAoJEGggjGh4fc0dvkUAn2QGdNk8Wrrd"
+            + "+DvKECrO5+yoPRx3AJ91DhCMme6uMrQorKSDYxHlgc7iT7ACAAA=");
+
+		private static readonly char[] pass = "hello world".ToCharArray();
+
+		/**
+        * Generated signature test
+        *
+        * @param sKey
+        * @param pgpPrivKey
+        * @return test result
+        */
+        public void GenerateTest(
+            PgpSecretKeyRing sKey,
+            PgpPublicKey     pgpPubKey,
+            PgpPrivateKey    pgpPrivKey)
+        {
+            string data = "hello world!";
+            MemoryStream bOut = new MemoryStream();
+
+            byte[] dataBytes = Encoding.ASCII.GetBytes(data);
+            MemoryStream testIn = new MemoryStream(dataBytes, false);
+
+            PgpSignatureGenerator sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1);
+
+            sGen.InitSign(PgpSignature.BinaryDocument, pgpPrivKey);
+
+            PgpSignatureSubpacketGenerator spGen = new PgpSignatureSubpacketGenerator();
+
+            IEnumerator enumerator = sKey.GetSecretKey().PublicKey.GetUserIds().GetEnumerator();
+            enumerator.MoveNext();
+            string primaryUserId = (string) enumerator.Current;
+
+            spGen.SetSignerUserId(true, primaryUserId);
+
+            sGen.SetHashedSubpackets(spGen.Generate());
+
+            PgpCompressedDataGenerator cGen = new PgpCompressedDataGenerator(
+                CompressionAlgorithmTag.Zip);
+
+            BcpgOutputStream bcOut = new BcpgOutputStream(cGen.Open(new UncloseableStream(bOut)));
+
+            sGen.GenerateOnePassVersion(false).Encode(bcOut);
+
+            PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator();
+
+			DateTime testDateTime = new DateTime(1973, 7, 27);
+			Stream lOut = lGen.Open(
+				new UncloseableStream(bcOut),
+				PgpLiteralData.Binary,
+				"_CONSOLE",
+				dataBytes.Length,
+				testDateTime);
+
+			int ch;
+            while ((ch = testIn.ReadByte()) >= 0)
+            {
+                lOut.WriteByte((byte) ch);
+                sGen.Update((byte)ch);
+            }
+
+            lGen.Close();
+
+            sGen.Generate().Encode(bcOut);
+
+            cGen.Close();
+
+            PgpObjectFactory pgpFact = new PgpObjectFactory(bOut.ToArray());
+            PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject();
+
+            pgpFact = new PgpObjectFactory(c1.GetDataStream());
+
+			PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
+            PgpOnePassSignature ops = p1[0];
+
+            PgpLiteralData p2 = (PgpLiteralData) pgpFact.NextPgpObject();
+			if (!p2.ModificationTime.Equals(testDateTime))
+			{
+				Fail("Modification time not preserved");
+			}
+
+			Stream dIn = p2.GetInputStream();
+
+            ops.InitVerify(pgpPubKey);
+
+			while ((ch = dIn.ReadByte()) >= 0)
+            {
+                ops.Update((byte) ch);
+            }
+
+			PgpSignatureList p3 = (PgpSignatureList) pgpFact.NextPgpObject();
+
+			if (!ops.Verify(p3[0]))
+            {
+                Fail("Failed generated signature check");
+            }
+        }
+
+		public override void PerformTest()
+        {
+            PgpPublicKey pubKey = null;
+
+			//
+            // Read the public key
+            //
+            PgpPublicKeyRing pgpPub = new PgpPublicKeyRing(testPubKey);
+
+			pubKey = pgpPub.GetPublicKey();
+
+            //
+            // Read the private key
+            //
+            PgpSecretKeyRing sKey = new PgpSecretKeyRing(testPrivKey);
+            PgpSecretKey secretKey = sKey.GetSecretKey();
+            PgpPrivateKey pgpPrivKey = secretKey.ExtractPrivateKey(pass);
+
+            //
+            // test signature message
+            //
+            PgpObjectFactory pgpFact = new PgpObjectFactory(sig1);
+            PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject();
+			pgpFact = new PgpObjectFactory(c1.GetDataStream());
+
+            PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
+            PgpOnePassSignature ops = p1[0];
+
+            PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject();
+
+            Stream dIn = p2.GetInputStream();
+
+            ops.InitVerify(pubKey);
+
+			int ch;
+			while ((ch = dIn.ReadByte()) >= 0)
+            {
+                ops.Update((byte) ch);
+            }
+
+            PgpSignatureList p3 = (PgpSignatureList) pgpFact.NextPgpObject();
+
+            if (!ops.Verify(p3[0]))
+            {
+                Fail("Failed signature check");
+            }
+
+            //
+            // signature generation
+            //
+            GenerateTest(sKey, pubKey, pgpPrivKey);
+
+            //
+            // signature generation - canonical text
+            //
+            const string data = "hello world!";
+            byte[] dataBytes = Encoding.ASCII.GetBytes(data);
+            MemoryStream bOut = new MemoryStream();
+            MemoryStream testIn = new MemoryStream(dataBytes, false);
+            PgpSignatureGenerator sGen = new PgpSignatureGenerator(
+                PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1);
+
+			sGen.InitSign(PgpSignature.CanonicalTextDocument, pgpPrivKey);
+
+            PgpCompressedDataGenerator  cGen = new PgpCompressedDataGenerator(
+                CompressionAlgorithmTag.Zip);
+
+            BcpgOutputStream bcOut = new BcpgOutputStream(cGen.Open(new UncloseableStream(bOut)));
+
+            sGen.GenerateOnePassVersion(false).Encode(bcOut);
+
+            PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator();
+			DateTime testDateTime = new DateTime(1973, 7, 27);
+			Stream lOut = lGen.Open(
+				new UncloseableStream(bcOut),
+				PgpLiteralData.Text,
+				"_CONSOLE",
+				dataBytes.Length,
+				testDateTime);
+
+			while ((ch = testIn.ReadByte()) >= 0)
+            {
+                lOut.WriteByte((byte) ch);
+                sGen.Update((byte)ch);
+            }
+
+			lGen.Close();
+
+			sGen.Generate().Encode(bcOut);
+
+            cGen.Close();
+
+            //
+            // verify Generated signature - canconical text
+            //
+            pgpFact = new PgpObjectFactory(bOut.ToArray());
+
+            c1 = (PgpCompressedData) pgpFact.NextPgpObject();
+
+            pgpFact = new PgpObjectFactory(c1.GetDataStream());
+
+            p1 = (PgpOnePassSignatureList) pgpFact.NextPgpObject();
+
+            ops = p1[0];
+
+            p2 = (PgpLiteralData) pgpFact.NextPgpObject();
+			if (!p2.ModificationTime.Equals(testDateTime))
+			{
+				Fail("Modification time not preserved");
+			}
+
+            dIn = p2.GetInputStream();
+
+            ops.InitVerify(pubKey);
+
+            while ((ch = dIn.ReadByte()) >= 0)
+            {
+                ops.Update((byte)ch);
+            }
+
+            p3 = (PgpSignatureList) pgpFact.NextPgpObject();
+
+            if (!ops.Verify(p3[0]))
+            {
+                Fail("Failed generated signature check");
+            }
+
+            //
+            // Read the public key with user attributes
+            //
+            pgpPub = new PgpPublicKeyRing(testPubWithUserAttr);
+
+            pubKey = pgpPub.GetPublicKey();
+
+            int count = 0;
+            foreach (PgpUserAttributeSubpacketVector attributes in pubKey.GetUserAttributes())
+            {
+                int sigCount = 0;
+                foreach (object sigs in pubKey.GetSignaturesForUserAttribute(attributes))
+                {
+					if (sigs == null)
+						Fail("null signature found");
+
+					sigCount++;
+                }
+
+                if (sigCount != 1)
+                {
+                    Fail("Failed user attributes signature check");
+                }
+
+                count++;
+            }
+
+            if (count != 1)
+            {
+                Fail("Failed user attributes check");
+            }
+
+            byte[]  pgpPubBytes = pgpPub.GetEncoded();
+            pgpPub = new PgpPublicKeyRing(pgpPubBytes);
+            pubKey = pgpPub.GetPublicKey();
+            count = 0;
+
+			foreach (object ua in pubKey.GetUserAttributes())
+            {
+				if (ua == null)
+					Fail("null user attribute found");
+
+				count++;
+            }
+
+			if (count != 1)
+            {
+                Fail("Failed user attributes reread");
+            }
+
+            //
+            // reading test extra data - key with edge condition for DSA key password.
+            //
+            char[] passPhrase = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9' };
+
+			sKey = new PgpSecretKeyRing(testPrivKey2);
+            pgpPrivKey = sKey.GetSecretKey().ExtractPrivateKey(passPhrase);
+
+			//
+            // reading test - aes256 encrypted passphrase.
+            //
+            sKey = new PgpSecretKeyRing(aesSecretKey);
+            pgpPrivKey = sKey.GetSecretKey().ExtractPrivateKey(pass);
+
+            //
+            // reading test - twofish encrypted passphrase.
+            //
+            sKey = new PgpSecretKeyRing(twofishSecretKey);
+            pgpPrivKey = sKey.GetSecretKey().ExtractPrivateKey(pass);
+
+			//
+            // use of PgpKeyPair
+            //
+            DsaParametersGenerator pGen = new DsaParametersGenerator();
+            pGen.Init(512, 80, new SecureRandom()); // TODO Is the certainty okay?
+            DsaParameters dsaParams = pGen.GenerateParameters();
+            DsaKeyGenerationParameters kgp = new DsaKeyGenerationParameters(new SecureRandom(), dsaParams);
+			IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("DSA");
+			kpg.Init(kgp);
+
+
+			AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
+
+            PgpKeyPair pgpKp = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa,
+                kp.Public, kp.Private, DateTime.UtcNow);
+
+			PgpPublicKey k1 = pgpKp.PublicKey;
+            PgpPrivateKey k2 = pgpKp.PrivateKey;
+        }
+
+		public override string Name
+        {
+			get { return "PGPDSATest"; }
+        }
+
+		public static void Main(
+			string[] args)
+        {
+			RunTest(new PgpDsaTest());
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/openpgp/test/PGPPBETest.cs b/crypto/test/src/openpgp/test/PGPPBETest.cs
new file mode 100644
index 000000000..621cef684
--- /dev/null
+++ b/crypto/test/src/openpgp/test/PGPPBETest.cs
@@ -0,0 +1,384 @@
+using System;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
+{
+    [TestFixture]
+    public class PgpPbeTest
+		: SimpleTest
+    {
+		private static readonly DateTime TestDateTime = new DateTime(2003, 8, 29, 23, 35, 11, 0);
+
+		private static readonly byte[] enc1 = Base64.Decode(
+            "jA0EAwMC5M5wWBP2HBZgySvUwWFAmMRLn7dWiZN6AkQMvpE3b6qwN3SSun7zInw2"
+            + "hxxdgFzVGfbjuB8w");
+//        private static readonly byte[] enc1crc = Base64.Decode("H66L");
+		private static readonly char[] pass = "hello world".ToCharArray();
+
+		/**
+		 * Message with both PBE and symmetric
+		 */
+		private static readonly byte[] testPBEAsym = Base64.Decode(
+			"hQIOA/ZlQEFWB5vuEAf/covEUaBve7NlWWdiO5NZubdtTHGElEXzG9hyBycp9At8" +
+			"nZGi27xOZtEGFQo7pfz4JySRc3O0s6w7PpjJSonFJyNSxuze2LuqRwFWBYYcbS8/" +
+			"7YcjB6PqutrT939OWsozfNqivI9/QyZCjBvFU89pp7dtUngiZ6MVv81ds2I+vcvk" +
+			"GlIFcxcE1XoCIB3EvbqWNaoOotgEPT60unnB2BeDV1KD3lDRouMIYHfZ3SzBwOOI" +
+			"6aK39sWnY5sAK7JjFvnDAMBdueOiI0Fy+gxbFD/zFDt4cWAVSAGTC4w371iqppmT" +
+			"25TM7zAtCgpiq5IsELPlUZZnXKmnYQ7OCeysF0eeVwf+OFB9fyvCEv/zVQocJCg8" +
+			"fWxfCBlIVFNeNQpeGygn/ZmRaILvB7IXDWP0oOw7/F2Ym66IdYYIp2HeEZv+jFwa" +
+			"l41w5W4BH/gtbwGjFQ6CvF/m+lfUv6ZZdzsMIeEOwhP5g7rXBxrbcnGBaU+PXbho" +
+			"gjDqaYzAWGlrmAd6aPSj51AGeYXkb2T1T/yoJ++M3GvhH4C4hvitamDkksh/qRnM" +
+			"M/s8Nku6z1+RXO3M6p5QC1nlAVqieU8esT43945eSoC77K8WyujDNbysDyUCUTzt" +
+			"p/aoQwe/HgkeOTJNelKR9y2W3xinZLFzep0SqpNI/e468yB/2/LGsykIyQa7JX6r" +
+			"BYwuBAIDAkOKfv5rK8v0YDfnN+eFqwhTcrfBj5rDH7hER6nW3lNWcMataUiHEaMg" +
+			"o6Q0OO1vptIGxW8jClTD4N1sCNwNu9vKny8dKYDDHbCjE06DNTv7XYVW3+JqTL5E" +
+			"BnidvGgOmA==");
+
+		/**
+        * decrypt the passed in message stream
+        */
+        private byte[] DecryptMessage(
+            byte[] message)
+        {
+            PgpObjectFactory		pgpF = new PgpObjectFactory(message);
+            PgpEncryptedDataList	enc = (PgpEncryptedDataList) pgpF.NextPgpObject();
+            PgpPbeEncryptedData		pbe = (PgpPbeEncryptedData) enc[0];
+            Stream					clear = pbe.GetDataStream(pass);
+
+			PgpObjectFactory		pgpFact = new PgpObjectFactory(clear);
+            PgpCompressedData		cData = (PgpCompressedData) pgpFact.NextPgpObject();
+            pgpFact = new PgpObjectFactory(cData.GetDataStream());
+
+			PgpLiteralData ld = (PgpLiteralData) pgpFact.NextPgpObject();
+
+            if (!ld.FileName.Equals("test.txt")
+                && !ld.FileName.Equals("_CONSOLE"))
+            {
+                Fail("wrong filename in packet");
+            }
+
+			if (!ld.ModificationTime.Equals(TestDateTime))
+			{
+				Fail("wrong modification time in packet: " + ld.ModificationTime + " vs " + TestDateTime);
+			}
+
+			Stream unc = ld.GetInputStream();
+			byte[] bytes = Streams.ReadAll(unc);
+
+			if (pbe.IsIntegrityProtected() && !pbe.Verify())
+			{
+				Fail("integrity check failed");
+			}
+
+			return bytes;
+        }
+
+		private byte[] DecryptMessageBuffered(
+			byte[] message)
+		{
+			PgpObjectFactory		pgpF = new PgpObjectFactory(message);
+			PgpEncryptedDataList	enc = (PgpEncryptedDataList) pgpF.NextPgpObject();
+			PgpPbeEncryptedData		pbe = (PgpPbeEncryptedData) enc[0];
+
+			Stream clear = pbe.GetDataStream(pass);
+
+			PgpObjectFactory	pgpFact = new PgpObjectFactory(clear);
+			PgpCompressedData	cData = (PgpCompressedData) pgpFact.NextPgpObject();
+
+			pgpFact = new PgpObjectFactory(cData.GetDataStream());
+
+			PgpLiteralData ld = (PgpLiteralData) pgpFact.NextPgpObject();
+
+			MemoryStream bOut = new MemoryStream();
+			if (!ld.FileName.Equals("test.txt")
+				&& !ld.FileName.Equals("_CONSOLE"))
+			{
+				Fail("wrong filename in packet");
+			}
+			if (!ld.ModificationTime.Equals(TestDateTime))
+			{
+				Fail("wrong modification time in packet: " + ld.ModificationTime.Ticks + " " + TestDateTime.Ticks);
+			}
+
+			Stream unc = ld.GetInputStream();
+			byte[] buf = new byte[1024];
+
+			int len;
+			while ((len = unc.Read(buf, 0, buf.Length)) > 0)
+			{
+				bOut.Write(buf, 0, len);
+			}
+
+			if (pbe.IsIntegrityProtected() && !pbe.Verify())
+			{
+				Fail("integrity check failed");
+			}
+
+			return bOut.ToArray();
+		}
+
+		public override void PerformTest()
+        {
+            byte[] data = DecryptMessage(enc1);
+            if (data[0] != 'h' || data[1] != 'e' || data[2] != 'l')
+            {
+                Fail("wrong plain text in packet");
+            }
+
+			//
+            // create a PBE encrypted message and read it back.
+            //
+			byte[] text = Encoding.ASCII.GetBytes("hello world!\n");
+
+			//
+            // encryption step - convert to literal data, compress, encode.
+            //
+            MemoryStream bOut = new UncloseableMemoryStream();
+
+            PgpCompressedDataGenerator comData = new PgpCompressedDataGenerator(
+                CompressionAlgorithmTag.Zip);
+
+            PgpLiteralDataGenerator lData = new PgpLiteralDataGenerator();
+			Stream comOut = comData.Open(new UncloseableStream(bOut));
+            Stream ldOut = lData.Open(
+				new UncloseableStream(comOut),
+                PgpLiteralData.Binary,
+                PgpLiteralData.Console,
+                text.Length,
+                TestDateTime);
+
+			ldOut.Write(text, 0, text.Length);
+			ldOut.Close();
+
+			comOut.Close();
+
+			//
+            // encrypt - with stream close
+            //
+            MemoryStream cbOut = new UncloseableMemoryStream();
+            PgpEncryptedDataGenerator cPk = new PgpEncryptedDataGenerator(
+				SymmetricKeyAlgorithmTag.Cast5, new SecureRandom());
+
+            cPk.AddMethod(pass);
+
+			byte[] bOutData = bOut.ToArray();
+			Stream cOut = cPk.Open(new UncloseableStream(cbOut), bOutData.Length);
+            cOut.Write(bOutData, 0, bOutData.Length);
+            cOut.Close();
+
+			data = DecryptMessage(cbOut.ToArray());
+            if (!Arrays.AreEqual(data, text))
+            {
+                Fail("wrong plain text in generated packet");
+            }
+
+			//
+			// encrypt - with generator close
+			//
+			cbOut = new UncloseableMemoryStream();
+			cPk = new PgpEncryptedDataGenerator(
+				SymmetricKeyAlgorithmTag.Cast5, new SecureRandom());
+
+			cPk.AddMethod(pass);
+
+			bOutData = bOut.ToArray();
+			cOut = cPk.Open(new UncloseableStream(cbOut), bOutData.Length);
+			cOut.Write(bOutData, 0, bOutData.Length);
+
+			cPk.Close();
+
+			data = DecryptMessage(cbOut.ToArray());
+
+			if (!AreEqual(data, text))
+			{
+				Fail("wrong plain text in generated packet");
+			}
+
+			//
+            // encrypt - partial packet style.
+            //
+            SecureRandom rand = new SecureRandom();
+            byte[] test = new byte[1233];
+
+            rand.NextBytes(test);
+
+			bOut = new UncloseableMemoryStream();
+
+			comData = new PgpCompressedDataGenerator(
+				CompressionAlgorithmTag.Zip);
+			comOut = comData.Open(new UncloseableStream(bOut));
+
+			lData = new PgpLiteralDataGenerator();
+            ldOut = lData.Open(
+				new UncloseableStream(comOut),
+                PgpLiteralData.Binary,
+                PgpLiteralData.Console,
+                TestDateTime,
+                new byte[16]);
+
+            ldOut.Write(test, 0, test.Length);
+            lData.Close();
+
+			comData.Close();
+            cbOut = new UncloseableMemoryStream();
+            cPk = new PgpEncryptedDataGenerator(
+				SymmetricKeyAlgorithmTag.Cast5, rand);
+
+            cPk.AddMethod(pass);
+
+			cOut = cPk.Open(new UncloseableStream(cbOut), new byte[16]);
+            {
+                byte[] tmp = bOut.ToArray();
+                cOut.Write(tmp, 0, tmp.Length);
+            }
+
+			cPk.Close();
+
+			data = DecryptMessage(cbOut.ToArray());
+            if (!Arrays.AreEqual(data, test))
+            {
+                Fail("wrong plain text in generated packet");
+            }
+
+            //
+            // with integrity packet
+            //
+            cbOut = new UncloseableMemoryStream();
+            cPk = new PgpEncryptedDataGenerator(
+				SymmetricKeyAlgorithmTag.Cast5, true, rand);
+
+            cPk.AddMethod(pass);
+
+            cOut = cPk.Open(new UncloseableStream(cbOut), new byte[16]);
+            bOutData = bOut.ToArray();
+            cOut.Write(bOutData, 0, bOutData.Length);
+            cPk.Close();
+
+			data = DecryptMessage(cbOut.ToArray());
+            if (!Arrays.AreEqual(data, test))
+            {
+                Fail("wrong plain text in generated packet");
+            }
+
+			//
+			// decrypt with buffering
+			//
+			data = DecryptMessageBuffered(cbOut.ToArray());
+			if (!AreEqual(data, test))
+			{
+				Fail("wrong plain text in buffer generated packet");
+			}
+
+			//
+			// sample message
+			//
+			PgpObjectFactory pgpFact = new PgpObjectFactory(testPBEAsym);
+
+			PgpEncryptedDataList enc = (PgpEncryptedDataList)pgpFact.NextPgpObject();
+
+			PgpPbeEncryptedData pbe = (PgpPbeEncryptedData) enc[1];
+
+			Stream clear = pbe.GetDataStream("password".ToCharArray());
+
+			pgpFact = new PgpObjectFactory(clear);
+
+			PgpLiteralData ld = (PgpLiteralData) pgpFact.NextPgpObject();
+
+			Stream unc = ld.GetInputStream();
+			byte[] bytes = Streams.ReadAll(unc);
+
+			if (!AreEqual(bytes, Hex.Decode("5361742031302e30322e30370d0a")))
+			{
+				Fail("data mismatch on combined PBE");
+			}
+
+			//
+			// with integrity packet - one byte message
+			//
+			byte[] msg = new byte[1];
+			bOut = new MemoryStream();
+
+			comData = new PgpCompressedDataGenerator(
+				CompressionAlgorithmTag.Zip);
+
+			lData = new PgpLiteralDataGenerator();
+			comOut = comData.Open(new UncloseableStream(bOut));
+			ldOut = lData.Open(
+				new UncloseableStream(comOut),
+				PgpLiteralData.Binary,
+				PgpLiteralData.Console,
+				msg.Length,
+				TestDateTime);
+
+			ldOut.Write(msg, 0, msg.Length);
+
+			ldOut.Close();
+
+			comOut.Close();
+        
+			cbOut = new MemoryStream();
+			cPk = new PgpEncryptedDataGenerator(SymmetricKeyAlgorithmTag.Cast5, true, rand);
+
+			cPk.AddMethod(pass);
+
+			cOut = cPk.Open(new UncloseableStream(cbOut), new byte[16]);
+
+			data = bOut.ToArray();
+			cOut.Write(data, 0, data.Length);
+
+			cOut.Close();
+
+			data = DecryptMessage(cbOut.ToArray());
+			if (!AreEqual(data, msg))
+			{
+				Fail("wrong plain text in generated packet");
+			}
+
+			//
+			// decrypt with buffering
+			//
+			data = DecryptMessageBuffered(cbOut.ToArray());
+			if (!AreEqual(data, msg))
+			{
+				Fail("wrong plain text in buffer generated packet");
+			}
+		}
+
+		private class UncloseableMemoryStream
+			: MemoryStream
+		{
+			public override void Close()
+			{
+				throw new Exception("Close() called on underlying stream");
+			}
+		}
+
+		public override string Name
+        {
+			get { return "PGPPBETest"; }
+        }
+
+		public static void Main(
+			string[] args)
+        {
+			RunTest(new PgpPbeTest());
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/openpgp/test/PGPPacketTest.cs b/crypto/test/src/openpgp/test/PGPPacketTest.cs
new file mode 100644
index 000000000..b82f8526f
--- /dev/null
+++ b/crypto/test/src/openpgp/test/PGPPacketTest.cs
@@ -0,0 +1,80 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
+{
+    [TestFixture]
+    public class PgpPacketTest
+        : SimpleTest
+    {
+        private static int MAX = 32000;
+
+        private void ReadBackTest(
+            PgpLiteralDataGenerator generator)
+        {
+            Random rand = new Random();
+            byte[] buf = new byte[MAX];
+
+            rand.NextBytes(buf);
+
+            for (int i = 1; i != MAX; i++)
+            {
+                MemoryStream bOut = new MemoryStream();
+
+                Stream outputStream = generator.Open(
+					new UncloseableStream(bOut),
+					PgpLiteralData.Binary,
+					PgpLiteralData.Console,
+					i,
+					DateTime.UtcNow);
+
+				outputStream.Write(buf, 0, i);
+
+                generator.Close();
+
+                PgpObjectFactory fact = new PgpObjectFactory(bOut.ToArray());
+
+                PgpLiteralData data = (PgpLiteralData)fact.NextPgpObject();
+
+                Stream inputStream = data.GetInputStream();
+
+                for (int count = 0; count != i; count++)
+                {
+                    if (inputStream.ReadByte() != (buf[count] & 0xff))
+                    {
+                        Fail("failed readback test - length = " + i);
+                    }
+                }
+            }
+        }
+
+        public override void PerformTest()
+        {
+            ReadBackTest(new PgpLiteralDataGenerator(true));
+			ReadBackTest(new PgpLiteralDataGenerator(false));
+        }
+
+		public override string Name
+        {
+			get { return "PGPPacketTest"; }
+        }
+
+		public static void Main(
+            string[] args)
+        {
+			RunTest(new PgpPacketTest());
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/openpgp/test/PGPRSATest.cs b/crypto/test/src/openpgp/test/PGPRSATest.cs
new file mode 100644
index 000000000..f38aa002f
--- /dev/null
+++ b/crypto/test/src/openpgp/test/PGPRSATest.cs
@@ -0,0 +1,1235 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Bcpg.Attr;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
+{
+    [TestFixture]
+    public class PgpRsaTest
+        : SimpleTest
+    {
+		private static readonly byte[] testPubKey = Base64.Decode(
+			  "mIsEPz2nJAEEAOTVqWMvqYE693qTgzKv/TJpIj3hI8LlYPC6m1dk0z3bDLwVVk9F"
+			+ "FAB+CWS8RdFOWt/FG3tEv2nzcoNdRvjv9WALyIGNawtae4Ml6oAT06/511yUzXHO"
+			+ "k+9xK3wkXN5jdzUhf4cA2oGpLSV/pZlocsIDL+jCUQtumUPwFodmSHhzAAYptC9F"
+			+ "cmljIEVjaGlkbmEgKHRlc3Qga2V5KSA8ZXJpY0Bib3VuY3ljYXN0bGUub3JnPoi4"
+			+ "BBMBAgAiBQI/PackAhsDBQkAg9YABAsHAwIDFQIDAxYCAQIeAQIXgAAKCRA1WGFG"
+			+ "/fPzc8WMA/9BbjuB8E48QAlxoiVf9U8SfNelrz/ONJA/bMvWr/JnOGA9PPmFD5Uc"
+			+ "+kV/q+i94dEMjsC5CQ1moUHWSP2xlQhbOzBP2+oPXw3z2fBs9XJgnTH6QWMAAvLs"
+			+ "3ug9po0loNHLobT/D/XdXvcrb3wvwvPT2FptZqrtonH/OdzT9JdfrA==");
+
+		private static readonly byte[] testPrivKey = Base64.Decode(
+			  "lQH8BD89pyQBBADk1aljL6mBOvd6k4Myr/0yaSI94SPC5WDwuptXZNM92wy8FVZP"
+			+ "RRQAfglkvEXRTlrfxRt7RL9p83KDXUb47/VgC8iBjWsLWnuDJeqAE9Ov+ddclM1x"
+			+ "zpPvcSt8JFzeY3c1IX+HANqBqS0lf6WZaHLCAy/owlELbplD8BaHZkh4cwAGKf4D"
+			+ "AwKbLeIOVYTEdWD5v/YgW8ERs0pDsSIfBTvsJp2qA798KeFuED6jGsHUzdi1M990"
+			+ "6PRtplQgnoYmYQrzEc6DXAiAtBR4Kuxi4XHx0ZR2wpVlVxm2Ypgz7pbBNWcWqzvw"
+			+ "33inl7tR4IDsRdJOY8cFlN+1tSCf16sDidtKXUVjRjZNYJytH18VfSPlGXMeYgtw"
+			+ "3cSGNTERwKaq5E/SozT2MKTiORO0g0Mtyz+9MEB6XVXFavMun/mXURqbZN/k9BFb"
+			+ "z+TadpkihrLD1xw3Hp+tpe4CwPQ2GdWKI9KNo5gEnbkJgLrSMGgWalPhknlNHRyY"
+			+ "bSq6lbIMJEE3LoOwvYWwweR1+GrV9farJESdunl1mDr5/d6rKru+FFDwZM3na1IF"
+			+ "4Ei4FpqhivZ4zG6pN5XqLy+AK85EiW4XH0yAKX1O4YlbmDU4BjxhiwTdwuVMCjLO"
+			+ "5++jkz5BBQWdFX8CCMA4FJl36G70IbGzuFfOj07ly7QvRXJpYyBFY2hpZG5hICh0"
+			+ "ZXN0IGtleSkgPGVyaWNAYm91bmN5Y2FzdGxlLm9yZz6IuAQTAQIAIgUCPz2nJAIb"
+			+ "AwUJAIPWAAQLBwMCAxUCAwMWAgECHgECF4AACgkQNVhhRv3z83PFjAP/QW47gfBO"
+			+ "PEAJcaIlX/VPEnzXpa8/zjSQP2zL1q/yZzhgPTz5hQ+VHPpFf6voveHRDI7AuQkN"
+			+ "ZqFB1kj9sZUIWzswT9vqD18N89nwbPVyYJ0x+kFjAALy7N7oPaaNJaDRy6G0/w/1"
+			+ "3V73K298L8Lz09habWaq7aJx/znc0/SXX6w=");
+
+		private static readonly byte[] testPubKeyV3 = Base64.Decode(
+			  "mQCNAz+zvlEAAAEEAMS22jgXbOZ/D3xWgM2kauSdzrwlU7Ms5hDW05ObqQyO"
+			+ "FfQoKKMhfupyoa7J3x04VVBKu6Eomvr1es+VImH0esoeWFFahNOYq/I+jRRB"
+			+ "woOhAGZ5UB2/hRd7rFmxqp6sCXi8wmLO2tAorlTzAiNNvl7xF4cQZpc0z56F"
+			+ "wdi2fBUJAAURtApGSVhDSVRZX1FBiQCVAwUQP7O+UZ6Fwdi2fBUJAQFMwwQA"
+			+ "qRnFsdg4xQnB8Y5d4cOpXkIn9AZgYS3cxtuSJB84vG2CgC39nfv4c+nlLkWP"
+			+ "4puG+mZuJNgVoE84cuAF4I//1anKjlU7q1M6rFQnt5S4uxPyG3dFXmgyU1b4"
+			+ "PBOnA0tIxjPzlIhJAMsPCGGA5+5M2JP0ad6RnzqzE3EENMX+GqY=");
+
+		private static readonly byte[] testPrivKeyV3 = Base64.Decode(
+			  "lQHfAz+zvlEAAAEEAMS22jgXbOZ/D3xWgM2kauSdzrwlU7Ms5hDW05ObqQyO"
+			+ "FfQoKKMhfupyoa7J3x04VVBKu6Eomvr1es+VImH0esoeWFFahNOYq/I+jRRB"
+			+ "woOhAGZ5UB2/hRd7rFmxqp6sCXi8wmLO2tAorlTzAiNNvl7xF4cQZpc0z56F"
+			+ "wdi2fBUJAAURAXWwRBZQHNikA/f0ScLLjrXi4s0hgQecg+dkpDow94eu5+AR"
+			+ "0DzZnfurpgfUJCNiDi5W/5c3Zj/xyrfMAgkbCgJ1m6FZqAQh7Mq73l7Kfu4/"
+			+ "XIkyDF3tDgRuZNezB+JuElX10tV03xumHepp6M6CfhXqNJ15F33F99TA5hXY"
+			+ "CPYD7SiSOpIhQkCOAgDAA63imxbpuKE2W7Y4I1BUHB7WQi8ZdkZd04njNTv+"
+			+ "rFUuOPapQVfbWG0Vq8ld3YmJB4QWsa2mmqn+qToXbwufAgBpXkjvqK5yPiHF"
+			+ "Px2QbFc1VqoCJB6PO5JRIqEiUZBFGdDlLxt3VSyqz7IZ/zEnxZq+tPCGGGSm"
+			+ "/sAGiMvENcHVAfy0kTXU42TxEAYJyyNyqjXOobDJpEV1mKhFskRXt7tbMfOS"
+			+ "Yf91oX8f6xw6O2Nal+hU8dS0Bmfmk5/enHmvRLHQocO0CkZJWENJVFlfUUE=");
+
+		private static readonly byte[] sig1 = Base64.Decode(
+			  "owGbwMvMwMRoGpHo9vfz52LGNTJJnBmpOTn5eiUVJfb23JvAHIXy/KKcFEWuToap"
+			+ "zKwMIGG4Bqav0SwMy3yParsEKi2LMGI9xhh65sBxb05n5++ZLcWNJ/eLFKdWbm95"
+			+ "tHbDV7GMwj/tUctUpFUXWPYFCLdNsDiVNuXbQvZtdXV/5xzY+9w1nCnijH9JoNiJ"
+			+ "22n2jo0zo30/TZLo+jDl2vTzIvPeLEsPM3ZUE/1Ytqs4SG2TxIQbH7xf3uzcYXq2"
+			+ "5Fw9AA==");
+
+//		private static readonly byte[] sig1crc = Base64.Decode("+3i0");
+
+		private static readonly byte[] subKey = Base64.Decode(
+			  "lQH8BD89pyQBBADk1aljL6mBOvd6k4Myr/0yaSI94SPC5WDwuptXZNM92wy8FVZP"
+			+ "RRQAfglkvEXRTlrfxRt7RL9p83KDXUb47/VgC8iBjWsLWnuDJeqAE9Ov+ddclM1x"
+			+ "zpPvcSt8JFzeY3c1IX+HANqBqS0lf6WZaHLCAy/owlELbplD8BaHZkh4cwAGKf4D"
+			+ "AwKt6ZC7iqsQHGDNn2ZAuhS+ZwiFC+BToW9Vq6rwggWjgM/SThv55rfDk7keiXUT"
+			+ "MyUcZVeYBe4Jttb4fAAm83hNztFu6Jvm9ITcm7YvnasBtVQjppaB+oYZgsTtwK99"
+			+ "LGC3mdexnriCLxPN6tDFkGhzdOcYZfK6py4Ska8Dmq9nOZU9Qtv7Pm3qa5tuBvYw"
+			+ "myTxeaJYifZTu/sky3Gj+REb8WonbgAJX/sLNBPUt+vYko+lxU8uqZpVEMU//hGG"
+			+ "Rns2gIHdbSbIe1vGgIRUEd7Z0b7jfVQLUwqHDyfh5DGvAUhvtJogjUyFIXZzpU+E"
+			+ "9ES9t7LZKdwNZSIdNUjM2eaf4g8BpuQobBVkj/GUcotKyeBjwvKxHlRefL4CCw28"
+			+ "DO3SnLRKxd7uBSqeOGUKxqasgdekM/xIFOrJ85k7p89n6ncLQLHCPGVkzmVeRZro"
+			+ "/T7zE91J57qBGZOUAP1vllcYLty1cs9PCc5oWnj3XbQvRXJpYyBFY2hpZG5hICh0"
+			+ "ZXN0IGtleSkgPGVyaWNAYm91bmN5Y2FzdGxlLm9yZz6IuAQTAQIAIgUCPz2nJAIb"
+			+ "AwUJAIPWAAQLBwMCAxUCAwMWAgECHgECF4AACgkQNVhhRv3z83PFjAP/QW47gfBO"
+			+ "PEAJcaIlX/VPEnzXpa8/zjSQP2zL1q/yZzhgPTz5hQ+VHPpFf6voveHRDI7AuQkN"
+			+ "ZqFB1kj9sZUIWzswT9vqD18N89nwbPVyYJ0x+kFjAALy7N7oPaaNJaDRy6G0/w/1"
+			+ "3V73K298L8Lz09habWaq7aJx/znc0/SXX6y0JEVyaWMgRWNoaWRuYSA8ZXJpY0Bi"
+			+ "b3VuY3ljYXN0bGUub3JnPoi4BBMBAgAiBQI/RxQNAhsDBQkAg9YABAsHAwIDFQID"
+			+ "AxYCAQIeAQIXgAAKCRA1WGFG/fPzc3O6A/49tXFCiiP8vg77OXvnmbnzPBA1G6jC"
+			+ "RZNP1yIXusOjpHqyLN5K9hw6lq/o4pNiCuiq32osqGRX3lv/nDduJU1kn2Ow+I2V"
+			+ "ci+ojMXdCGdEqPwZfv47jHLwRrIUJ22OOoWsORtgvSeRUd4Izg8jruaFM7ufr5hr"
+			+ "jEl1cuLW1Hr8Lp0B/AQ/RxxQAQQA0J2BIdqb8JtDGKjvYxrju0urJVVzyI1CnCjA"
+			+ "p7CtLoHQJUQU7PajnV4Jd12ukfcoK7MRraYydQEjxh2MqPpuQgJS3dgQVrxOParD"
+			+ "QYBFrZNd2tZxOjYakhErvUmRo6yWFaxChwqMgl8XWugBNg1Dva+/YcoGQ+ly+Jg4"
+			+ "RWZoH88ABin+AwMCldD/2v8TyT1ghK70IuFs4MZBhdm6VgyGR8DQ/Ago6IAjA4BY"
+			+ "Sol3lJb7+IIGsZaXwEuMRUvn6dWfa3r2I0p1t75vZb1Ng1YK32RZ5DNzl4Xb3L8V"
+			+ "D+1Fiz9mHO8wiplAwDudB+RmQMlth3DNi/UsjeCTdEJAT+TTC7D40DiHDb1bR86Y"
+			+ "2O5Y7MQ3SZs3/x0D/Ob6PStjfQ1kiqbruAMROKoavG0zVgxvspkoKN7h7BapnwJM"
+			+ "6yf4qN/aByhAx9sFvADxu6z3SVcxiFw3IgAmabyWYb85LP8AsTYAG/HBoC6yob47"
+			+ "Mt+GEDeyPifzzGXBWYIH4heZbSQivvA0eRwY5VZsMsBkbY5VR0FLVWgplbuO21bS"
+			+ "rPS1T0crC+Zfj7FQBAkTfsg8RZQ8MPaHng01+gnFd243DDFvTAHygvm6a2X2fiRw"
+			+ "5epAST4wWfY/BZNOxmfSKH6QS0oQMRscw79He6vGTB7vunLrKQYD4veInwQYAQIA"
+			+ "CQUCP0ccUAIbDAAKCRA1WGFG/fPzczmFA/wMg5HhN5NkqmjnHUFfeXNXdHzmekyw"
+			+ "38RnuCMKmfc43AiDs+FtJ62gpQ6PEsZF4o9S5fxcjVk3VSg00XMDtQ/0BsKBc5Gx"
+			+ "hJTq7G+/SoeM433WG19uoS0+5Lf/31wNoTnpv6npOaYpcTQ7L9LCnzwAF4H0hJPE"
+			+ "6bhmW2CMcsE/IZUB4QQ/Rwc1EQQAs5MUQlRiYOfi3fQ1OF6Z3eCwioDKu2DmOxot"
+			+ "BICvdoG2muvs0KEBas9bbd0FJqc92FZJv8yxEgQbQtQAiFxoIFHRTFK+SPO/tQm+"
+			+ "r83nwLRrfDeVVdRfzF79YCc+Abuh8sS/53H3u9Y7DYWr9IuMgI39nrVhY+d8yukf"
+			+ "jo4OR+sAoKS/f7V1Xxj/Eqhb8qzf+N+zJRUlBACDd1eo/zFJZcq2YJa7a9vkViME"
+			+ "axvwApqxeoU7oDpeHEMWg2DXJ7V24ZU5SbPTMY0x98cc8pcoqwsqux8xicWc0reh"
+			+ "U3odQxWM4Se0LmEdca0nQOmNJlL9IsQ+QOJzx47qUOUAqhxnkXxQ/6B8w+M6gZya"
+			+ "fwSdy70OumxESZipeQP+Lo9x6FcaW9L78hDX0aijJhgSEsnGODKB+bln29txX37E"
+			+ "/a/Si+pyeLMi82kUdIL3G3I5HPWd3qSO4K94062+HfFj8bA20/1tbb/WxvxB2sKJ"
+			+ "i3IobblFOvFHo+v8GaLdVyartp0JZLue/jP1dl9ctulSrIqaJT342uLsgTjsr2z+"
+			+ "AwMCAyAU8Vo5AhhgFkDto8vQk7yxyRKEzu5qB66dRcTlaUPIiR8kamcy5ZTtujs4"
+			+ "KIW4j2M/LvagrpWfV5+0M0VyaWMgRWNoaWRuYSAoRFNBIFRlc3QgS2V5KSA8ZXJp"
+			+ "Y0Bib3VuY3ljYXN0bGUub3JnPohZBBMRAgAZBQI/Rwc1BAsHAwIDFQIDAxYCAQIe"
+			+ "AQIXgAAKCRDNI/XpxMo0QwJcAJ40447eezSiIMspuzkwsMyFN8YBaQCdFTuZuT30"
+			+ "CphiUYWnsC0mQ+J15B4=");
+
+		private static readonly byte[] enc1 = Base64.Decode(
+			  "hIwDKwfQexPJboABA/4/7prhYYMORTiQ5avQKx0XYpCLujzGefYjnyuWZnx3Iev8"
+			+ "Pmsguumm+OLLvtXhhkXQmkJRXbIg6Otj2ubPYWflRPgpJSgOrNOreOl5jeABOrtw"
+			+ "bV6TJb9OTtZuB7cTQSCq2gmYiSZkluIiDjNs3R3mEanILbYzOQ3zKSggKpzlv9JQ"
+			+ "AZUqTyDyJ6/OUbJF5fI5uiv76DCsw1zyMWotUIu5/X01q+AVP5Ly3STzI7xkWg/J"
+			+ "APz4zUHism7kSYz2viAQaJx9/bNnH3AM6qm1Fuyikl4=");
+
+//		private static readonly byte[] enc1crc = Base64.Decode("lv4o");
+
+//        private static readonly byte[] enc2 = Base64.Decode(
+//			  "hIwDKwfQexPJboABBAC62jcJH8xKnKb1neDVmiovYON04+7VQ2v4BmeHwJrdag1g"
+//			+ "Ya++6PeBlQ2Q9lSGBwLobVuJmQ7cOnPUJP727JeSGWlMyFtMbBSHekOaTenT5lj7"
+//			+ "Zk7oRHxMp/hByzlMacIDzOn8LPSh515RHM57eDLCOwqnAxGQwk67GRl8f5dFH9JQ"
+//			+ "Aa7xx8rjCqPbiIQW6t5LqCNvPZOiSCmftll6+se1XJhFEuq8WS4nXtPfTiJ3vib4"
+//			+ "3soJdHzGB6AOs+BQ6aKmmNTVAxa5owhtSt1Z/6dfSSk=");
+
+		private static readonly byte[] subPubKey = Base64.Decode(
+              "mIsEPz2nJAEEAOTVqWMvqYE693qTgzKv/TJpIj3hI8LlYPC6m1dk0z3bDLwVVk9F"
+			+ "FAB+CWS8RdFOWt/FG3tEv2nzcoNdRvjv9WALyIGNawtae4Ml6oAT06/511yUzXHO"
+			+ "k+9xK3wkXN5jdzUhf4cA2oGpLSV/pZlocsIDL+jCUQtumUPwFodmSHhzAAYptC9F"
+			+ "cmljIEVjaGlkbmEgKHRlc3Qga2V5KSA8ZXJpY0Bib3VuY3ljYXN0bGUub3JnPoi4"
+			+ "BBMBAgAiBQI/PackAhsDBQkAg9YABAsHAwIDFQIDAxYCAQIeAQIXgAAKCRA1WGFG"
+			+ "/fPzc8WMA/9BbjuB8E48QAlxoiVf9U8SfNelrz/ONJA/bMvWr/JnOGA9PPmFD5Uc"
+			+ "+kV/q+i94dEMjsC5CQ1moUHWSP2xlQhbOzBP2+oPXw3z2fBs9XJgnTH6QWMAAvLs"
+			+ "3ug9po0loNHLobT/D/XdXvcrb3wvwvPT2FptZqrtonH/OdzT9JdfrIhMBBARAgAM"
+			+ "BQI/RxooBYMAemL8AAoJEM0j9enEyjRDiBgAn3RcLK+gq90PvnQFTw2DNqdq7KA0"
+			+ "AKCS0EEIXCzbV1tfTdCUJ3hVh3btF7QkRXJpYyBFY2hpZG5hIDxlcmljQGJvdW5j"
+			+ "eWNhc3RsZS5vcmc+iLgEEwECACIFAj9HFA0CGwMFCQCD1gAECwcDAgMVAgMDFgIB"
+			+ "Ah4BAheAAAoJEDVYYUb98/Nzc7oD/j21cUKKI/y+Dvs5e+eZufM8EDUbqMJFk0/X"
+			+ "Ihe6w6OkerIs3kr2HDqWr+jik2IK6KrfaiyoZFfeW/+cN24lTWSfY7D4jZVyL6iM"
+			+ "xd0IZ0So/Bl+/juMcvBGshQnbY46haw5G2C9J5FR3gjODyOu5oUzu5+vmGuMSXVy"
+			+ "4tbUevwuiEwEEBECAAwFAj9HGigFgwB6YvwACgkQzSP16cTKNEPwBQCdHm0Amwza"
+			+ "NmVmDHm3rmqI7rp2oQ0An2YbiP/H/kmBNnmTeH55kd253QOhuIsEP0ccUAEEANCd"
+			+ "gSHam/CbQxio72Ma47tLqyVVc8iNQpwowKewrS6B0CVEFOz2o51eCXddrpH3KCuz"
+			+ "Ea2mMnUBI8YdjKj6bkICUt3YEFa8Tj2qw0GARa2TXdrWcTo2GpIRK71JkaOslhWs"
+			+ "QocKjIJfF1roATYNQ72vv2HKBkPpcviYOEVmaB/PAAYpiJ8EGAECAAkFAj9HHFAC"
+			+ "GwwACgkQNVhhRv3z83M5hQP8DIOR4TeTZKpo5x1BX3lzV3R85npMsN/EZ7gjCpn3"
+			+ "ONwIg7PhbSetoKUOjxLGReKPUuX8XI1ZN1UoNNFzA7UP9AbCgXORsYSU6uxvv0qH"
+			+ "jON91htfbqEtPuS3/99cDaE56b+p6TmmKXE0Oy/Swp88ABeB9ISTxOm4ZltgjHLB"
+			+ "PyGZAaIEP0cHNREEALOTFEJUYmDn4t30NThemd3gsIqAyrtg5jsaLQSAr3aBtprr"
+			+ "7NChAWrPW23dBSanPdhWSb/MsRIEG0LUAIhcaCBR0UxSvkjzv7UJvq/N58C0a3w3"
+			+ "lVXUX8xe/WAnPgG7ofLEv+dx97vWOw2Fq/SLjICN/Z61YWPnfMrpH46ODkfrAKCk"
+			+ "v3+1dV8Y/xKoW/Ks3/jfsyUVJQQAg3dXqP8xSWXKtmCWu2vb5FYjBGsb8AKasXqF"
+			+ "O6A6XhxDFoNg1ye1duGVOUmz0zGNMffHHPKXKKsLKrsfMYnFnNK3oVN6HUMVjOEn"
+			+ "tC5hHXGtJ0DpjSZS/SLEPkDic8eO6lDlAKocZ5F8UP+gfMPjOoGcmn8Encu9Drps"
+			+ "REmYqXkD/i6PcehXGlvS+/IQ19GooyYYEhLJxjgygfm5Z9vbcV9+xP2v0ovqcniz"
+			+ "IvNpFHSC9xtyORz1nd6kjuCveNOtvh3xY/GwNtP9bW2/1sb8QdrCiYtyKG25RTrx"
+			+ "R6Pr/Bmi3Vcmq7adCWS7nv4z9XZfXLbpUqyKmiU9+Nri7IE47K9stDNFcmljIEVj"
+			+ "aGlkbmEgKERTQSBUZXN0IEtleSkgPGVyaWNAYm91bmN5Y2FzdGxlLm9yZz6IWQQT"
+			+ "EQIAGQUCP0cHNQQLBwMCAxUCAwMWAgECHgECF4AACgkQzSP16cTKNEMCXACfauui"
+			+ "bSwyG59Yrm8hHCDuCPmqwsQAni+dPl08FVuWh+wb6kOgJV4lcYae");
+
+//		private static readonly byte[] subPubCrc = Base64.Decode("rikt");
+
+		private static readonly byte[] pgp8Key = Base64.Decode(
+              "lQIEBEBXUNMBBADScQczBibewnbCzCswc/9ut8R0fwlltBRxMW0NMdKJY2LF"
+			+ "7k2COeLOCIU95loJGV6ulbpDCXEO2Jyq8/qGw1qD3SCZNXxKs3GS8Iyh9Uwd"
+			+ "VL07nMMYl5NiQRsFB7wOb86+94tYWgvikVA5BRP5y3+O3GItnXnpWSJyREUy"
+			+ "6WI2QQAGKf4JAwIVmnRs4jtTX2DD05zy2mepEQ8bsqVAKIx7lEwvMVNcvg4Y"
+			+ "8vFLh9Mf/uNciwL4Se/ehfKQ/AT0JmBZduYMqRU2zhiBmxj4cXUQ0s36ysj7"
+			+ "fyDngGocDnM3cwPxaTF1ZRBQHSLewP7dqE7M73usFSz8vwD/0xNOHFRLKbsO"
+			+ "RqDlLA1Cg2Yd0wWPS0o7+qqk9ndqrjjSwMM8ftnzFGjShAdg4Ca7fFkcNePP"
+			+ "/rrwIH472FuRb7RbWzwXA4+4ZBdl8D4An0dwtfvAO+jCZSrLjmSpxEOveJxY"
+			+ "GduyR4IA4lemvAG51YHTHd4NXheuEqsIkn1yarwaaj47lFPnxNOElOREMdZb"
+			+ "nkWQb1jfgqO24imEZgrLMkK9bJfoDnlF4k6r6hZOp5FSFvc5kJB4cVo1QJl4"
+			+ "pwCSdoU6luwCggrlZhDnkGCSuQUUW45NE7Br22NGqn4/gHs0KCsWbAezApGj"
+			+ "qYUCfX1bcpPzUMzUlBaD5rz2vPeO58CDtBJ0ZXN0ZXIgPHRlc3RAdGVzdD6I"
+			+ "sgQTAQIAHAUCQFdQ0wIbAwQLBwMCAxUCAwMWAgECHgECF4AACgkQs8JyyQfH"
+			+ "97I1QgP8Cd+35maM2cbWV9iVRO+c5456KDi3oIUSNdPf1NQrCAtJqEUhmMSt"
+			+ "QbdiaFEkPrORISI/2htXruYn0aIpkCfbUheHOu0sef7s6pHmI2kOQPzR+C/j"
+			+ "8D9QvWsPOOso81KU2axUY8zIer64Uzqc4szMIlLw06c8vea27RfgjBpSCryw"
+			+ "AgAA");
+
+		private static readonly char[] pgp8Pass = "2002 Buffalo Sabres".ToCharArray();
+
+		private static readonly char[] pass = "hello world".ToCharArray();
+
+		private static readonly byte[] fingerprintKey = Base64.Decode(
+			  "mQEPA0CiJdUAAAEIAMI+znDlPd2kQoEcnxqxLcRz56Z7ttFKHpnYp0UkljZdquVc"
+			+ "By1jMfXGVV64xN1IvMcyenLXUE0IUeUBCQs6tHunFRAPSeCxJ3FdFe1B5MpqQG8A"
+			+ "BnEpAds/hAUfRDZD5y/lolk1hjvFMrRh6WXckaA/QQ2t00NmTrJ1pYUpkw9tnVQb"
+			+ "LUjWJhfZDBBcN0ADtATzgkugxMtcDxR6I5x8Ndn+IilqIm23kxGIcmMd/BHOec4c"
+			+ "jRwJXXDb7u8tl+2knAf9cwhPHp3+Zy4uGSQPdzQnXOhBlA+4WDa0RROOevWgq8uq"
+			+ "8/9Xp/OlTVL+OoIzjsI6mJP1Joa4qmqAnaHAmXcAEQEAAbQoQk9BM1JTS1kgPEJP"
+			+ "QSBNb25pdG9yaW5nIEAgODg4LTI2OS01MjY2PokBFQMFEECiJdWqaoCdocCZdwEB"
+			+ "0RsH/3HPxoUZ3G3K7T3jgOnJUckTSHWU3XspHzMVgqOxjTrcexi5IsAM5M+BulfW"
+			+ "T2aO+Kqf5w8cKTKgW02DNpHUiPjHx0nzDE+Do95zbIErGeK+Twkc4O/aVsvU9GGO"
+			+ "81VFI6WMvDQ4CUAUnAdk03MRrzI2nAuhn4NJ5LQS+uJrnqUJ4HmFAz6CQZQKd/kS"
+			+ "Xgq+A6i7aI1LG80YxWa9ooQgaCrb9dwY/kPQ+yC22zQ3FExtv+Fv3VtAKTilO3vn"
+			+ "BA4Y9uTHuObHfI+1yxUS2PrlRUX0m48ZjpIX+cEN3QblGBJudI/A1QSd6P0LZeBr"
+			+ "7F1Z1aF7ZDo0KzgiAIBvgXkeTpw=");
+
+//		private static readonly byte[] fingerprintCheck = Base64.Decode("CTv2");
+
+		private static readonly byte[] jpegImage = Base64.Decode(
+			  "/9j/4AAQSkZJRgABAQEASABIAAD/4QAWRXhpZgAATU0AKgAAAAgAAAAAAAD/2wBDAAUDBAQEAwUE"
+			+ "BAQFBQUGBwwIBwcHBw8LCwkMEQ8SEhEPERETFhwXExQaFRERGCEYGh0dHx8fExciJCIeJBweHx7/"
+			+ "wAALCAA6AFABASIA/8QAHAAAAgMAAwEAAAAAAAAAAAAABQcABAYBAggD/8QAMRAAAgEDBAEDAwME"
+			+ "AQUAAAAAAQIDBAURAAYSITEHIkETFFEjYXEVMkKRCCUzQ4Gh/9oACAEBAAA/APX1TdKCmlaOoqoo"
+			+ "WXzzbiP9nWaS71lXuA2tqrgopBOxpyGyWLAEEd4GAf3+fOjLPXoVaOcNzYAhl8HskADwAPz37f3z"
+			+ "opSvI9Mjypwcr7l/B1XuFwSmoTVooljB9xDYAH51Vor191F9dKGb6Py3yo4huwcHwf8AYP7ZLIyu"
+			+ "gZSGBGQQejrnU1NKn1EqVi3sZJOBCwxxIp9xzksfb5PR+Mdga+ljqIKje1TNBBNToYYgU4477HwQ"
+			+ "Bn9z8/nW6mqxLR0NzpJkMLx8lJUkOGAIx4I/0f41lJ93UkkrRxVKvNKVjZfpSe6RyqhCp7wCSD89"
+			+ "EEDRWppEkgqKdYohGcoZAjAlSMMcZ+PHH/3odsG6VLW2qaoqV+nTyFZpHOFQL0Sc9ADGTnHWtZap"
+			+ "EpoamJm/TgYkfgJ5H/zGuKieVJIGkqCgmfCJFFy64s3Z+Oh58fHyNfGavipIJ2BrZcKXA+mzEd9Y"
+			+ "OCcHI/gDV62SzvBGKhQHaNWzj8jvP750oN/xM3qkshLPEstOhj7IVyvkY+f7Nd7hf9vbc9QbVb7n"
+			+ "dadLldqc00FMCwlmZnCrgL2v/cAySPBPwSD+/wC+3HbWx3rLbaqW81CVHOWnetMZjRm9h7VvClcj"
+			+ "oDB7PymPTvem+a6roxvC10sd3ScmlucdEyUtRADxdice9wY3PQGRgj4OnHU3u5RW+op6imo4q+KA"
+			+ "1UKGQ/bzrnt0biWxkgFOJK9ZyCCVX6f3T1Rh9RawbltdQNv18CGe2wxBDQyvGrowIJd15HEnHvP+"
+			+ "OBjXoGzS0tNTpQipFTIw48Xn5SSBVUMw5e5wMgZ/j86yVNvvZ9TeDR1c9XSV0bl443dmYZXiCSCR"
+			+ "jvxkjR1L1b46iWpStpIRLOWkCqyniP8AJjxPIniBjr+etFdu11DVu321WZiFHRjZcA/gsO+seNYf"
+			+ "fVpq6n1Eo5KNATIYmb5Bx7csP4z/AKz8aX1N6Q7W3FuWWrS1TRzi+tXSutUESQhCGiVAvJVRgfcc"
+			+ "HkeidM6tSmTbps9RHIH4KoqC8j/VC8R0+CSScZLdknPZGgNfYpUUUzfewxxcWpopWbhL715KgBIQ"
+			+ "MCQc4A84+dD963X7ywQ0NIVW60qqzkzIfoszAMGUNyUHORkDrHxo3sSaOhtX2hnp3uNRF9b7hqtO"
+			+ "DxM3Rcj3dMCPHXLGfOkLuPddp9R/ViOa62KppqK3Vctvsz0UylKtWfgXy3+L8WIZFBGRhs407rTT"
+			+ "bcuFDRWmtsNGIZ1MMEU9GPqRorKPcJEzhich8Anz350Wk2zs2OsT7D7RZJpChMEk0MoypJZWVwM9"
+			+ "ZzjWw2lbKaioFjQy/U9shLyu7Esi5JLEnsgnQlaSqhqayWSRZ5JaiSSNPoBCiq54jPuJyA2W+QfA"
+			+ "+FrSXq4bdulZHRpWRzpArPK0SSNUExh14qB4c5X9ipz41Zud0juVouVooHN6rrZKVaoek/VhYgqE"
+			+ "4v7cZPTfPHwT7tZX0e2NVUV5rK2ku9TeY6aFZJ6GuLALKzNnizE4CsqHIyBxJCk4AYFNt2wSUExm"
+			+ "pP1lqgq1zkfXUtIgkiOFHQCsCM/kfOtZU7GsNZU1FFc1lrqCSNSlFOQ8SJk8kC4/tJx1rMwbWt0V"
+			+ "CW21VW+krVoFTCRrPC0bf+NF8ocqMcT/AIg6EVF5/p9U6zPXLVFGpoKlSpMiEkniSCcqVY+eQIPW"
+			+ "NULf/UNxJNS0dhklu8SK9Lco6pUcEr0JOu1HQ7z+R5OndaI5leWV0VQ54kA5KlWIx/Gqd2t6vcqe"
+			+ "FIXNJMs71SoCMsQuG5jsN8AAjyTnrGlt6mVlqswtS0SG71NTXpSiCQFpogckll6Y4wvyD/OToVd7"
+			+ "3tLedda4Nr3iRK2mqJhW1K0qxSSGJf1OTOAwwVADLkA9fPV2W77msVfPTClNRUyJCla0SqS5dR5J"
+			+ "b2kluKlQc5BbHnWu2xTS0G4qmjvSq6RwrPHJUMHkkYDhzJHXIhmBAHnxpaL6j3il3D6g1VLuSz1k"
+			+ "1ht//S6SZQ4KoTI6MyMOb9hR85HedM/0wqn3RsC0bhgq/pQV9J9WELEFaNWGARg+04xkd95xjQTe"
+			+ "df6c7U+ysl3mtMFJe5JYGkkmAVKgKZCZGzlVbBySemA/OgvpZUQxvaqitgoqSsiX6XKh5RwVCBP0"
+			+ "8KCTIoU8VJyDjIA8Bs2e5CprDTR8VXi8pRgyyZMh8qQMDHz850ZOlVv30RsW5blcL5S3a626+1cq"
+			+ "TirFQ0qJIgAQCNjgIMeFKn9wQCMA3o2vprca/ctp29Jv6/3aoZ4IRRx08dC5D8nWQv7FJYHByeuv"
+			+ "zo5SWn1Z2ttahutFZqbcG6JK5ZLu1TNEzzUq5ASNyVw6pxUMc5Oc5znR6KyXffldUVW4rBcbAqos"
+			+ "EUq1qrUzUkwy8bFB+m4ZI2IBbAJAbOdau0+nmybJYqe027atvNHTRlYomhVz+Tln8knyScn50j/+"
+			+ "SOyd3VO2oDtmPcNPYqJgDt23xKtOIiTy6gYO/Z5YOcAHGsJ/x39NgbzuDc+0bNt6/wAySmltbXGv"
+			+ "flaT8ST07xBjIR30RjsL+dex9uwT/wBKo6i5UtPFdHp4/u/pgECTiOQDYBIByB+w0RVEVmZUUM39"
+			+ "xA7P867ampqampqaq09BQwV9RWwUVNFU1AUTTJEoeQLnHJgMnGTjP51a1Nf/2Q==");
+
+		private static readonly byte[] embeddedJPEGKey = Base64.Decode(
+			  "mI0ER0JXuwEEAKNqsXwLU6gu6P2Q/HJqEJVt3A7Kp1yucn8HWVeJF9JLAKVjVU8jrvz9Bw4NwaRJ"
+			+ "NGYEAgdRq8Hx3WP9FXFCIVfCdi+oQrphcHWzzBFul8sykUGT+LmcBdqQGU9WaWSJyCOmUht4j7t0"
+			+ "zk/IXX0YxGmkqR+no5rTj9LMDG8AQQrFABEBAAG0P0VyaWMgSCBFY2hpZG5hIChpbWFnZSB0ZXN0"
+			+ "IGtleSkgPGVyaWMuZWNoaWRuYUBib3VuY3ljYXN0bGUub3JnPoi2BBMBAgAgBQJHQle7AhsDBgsJ"
+			+ "CAcDAgQVAggDBBYCAwECHgECF4AACgkQ1+RWqFFpjMTKtgP+Okqkn0gVpQyNYXM/hWX6f3UQcyXk"
+			+ "2Sd/fWW0XG+LBjhhBo+lXRWK0uYF8OMdZwsSl9HimpgYD5/kNs0Seh417DioP1diOgxkgezyQgMa"
+			+ "+ODZfNnIvVaBr1pHLPLeqIBxBVMWBfa4wDXnLLGu8018uvI2yBhz5vByB1ntxwgKMXCwAgAD0cf3"
+			+ "x/UBEAABAQAAAAAAAAAAAAAAAP/Y/+AAEEpGSUYAAQEBAEgASAAA/+EAFkV4aWYAAE1NACoAAAAI"
+			+ "AAAAAAAA/9sAQwAFAwQEBAMFBAQEBQUFBgcMCAcHBwcPCwsJDBEPEhIRDxERExYcFxMUGhURERgh"
+			+ "GBodHR8fHxMXIiQiHiQcHh8e/8AACwgAOgBQAQEiAP/EABwAAAIDAAMBAAAAAAAAAAAAAAUHAAQG"
+			+ "AQIIA//EADEQAAIBAwQBAwMDBAEFAAAAAAECAwQFEQAGEiExByJBExRRI2FxFTJCkQglM0OBof/a"
+			+ "AAgBAQAAPwD19U3SgppWjqKqKFl8824j/Z1mku9ZV7gNraq4KKQTsachsliwBBHeBgH9/nzoyz16"
+			+ "FWjnDc2AIZfB7JAA8AD89+3986KUryPTI8qcHK+5fwdV7hcEpqE1aKJYwfcQ2AB+dVaK9fdRfXSh"
+			+ "m+j8t8qOIbsHB8H/AGD+2SyMroGUhgRkEHo651NTSp9RKlYt7GSTgQsMcSKfcc5LH2+T0fjHYGvp"
+			+ "Y6iCo3tUzQQTU6GGIFOOO+x8EAZ/c/P51upqsS0dDc6SZDC8fJSVJDhgCMeCP9H+NZSfd1JJK0cV"
+			+ "SrzSlY2X6UnukcqoQqe8Akg/PRBA0VqaRJIKinWKIRnKGQIwJUjDHGfjxx/96HbBulS1tqmqKlfp"
+			+ "08hWaRzhUC9EnPQAxk5x1rWWqRKaGpiZv04GJH4CeR/8xrionlSSBpKgoJnwiRRcuuLN2fjoefHx"
+			+ "8jXxmr4qSCdga2XClwPpsxHfWDgnByP4A1etks7wRioUB2jVs4/I7z++dKDf8TN6pLISzxLLToY+"
+			+ "yFcr5GPn+zXe4X/b23PUG1W+53WnS5XanNNBTAsJZmZwq4C9r/3AMkjwT8Eg/v8Avtx21sd6y22q"
+			+ "lvNQlRzlp3rTGY0ZvYe1bwpXI6Awez8pj073pvmuq6MbwtdLHd0nJpbnHRMlLUQA8XYnHvcGNz0B"
+			+ "kYI+Dpx1N7uUVvqKeopqOKvigNVChkP28657dG4lsZIBTiSvWcgglV+n909UYfUWsG5bXUDb9fAh"
+			+ "ntsMQQ0Mrxq6MCCXdeRxJx7z/jgY16Bs0tLTU6UIqRUyMOPF5+UkgVVDMOXucDIGf4/OslTb72fU"
+			+ "3g0dXPV0ldG5eON3ZmGV4gkgkY78ZI0dS9W+OolqUraSESzlpAqsp4j/ACY8TyJ4gY6/nrRXbtdQ"
+			+ "1bt9tVmYhR0Y2XAP4LDvrHjWH31aaup9RKOSjQEyGJm+Qce3LD+M/wCs/Gl9TekO1txbllq0tU0c"
+			+ "4vrV0rrVBEkIQholQLyVUYH3HB5HonTOrUpk26bPURyB+CqKgvI/1QvEdPgkknGS3ZJz2RoDX2KV"
+			+ "FFM33sMcXFqaKVm4S+9eSoASEDAkHOAPOPnQ/et1+8sENDSFVutKqs5MyH6LMwDBlDclBzkZA6x8"
+			+ "aN7EmjobV9oZ6d7jURfW+4arTg8TN0XI93TAjx1yxnzpC7j3XafUf1Yjmutiqaait1XLb7M9FMpS"
+			+ "rVn4F8t/i/FiGRQRkYbONO60023LhQ0VprbDRiGdTDBFPRj6kaKyj3CRM4YnIfAJ89+dFpNs7Njr"
+			+ "E+w+0WSaQoTBJNDKMqSWVlcDPWc41sNpWymoqBY0Mv1PbIS8ruxLIuSSxJ7IJ0JWkqoamslkkWeS"
+			+ "WokkjT6AQoqueIz7icgNlvkHwPha0l6uG3bpWR0aVkc6QKzytEkjVBMYdeKgeHOV/Yqc+NWbndI7"
+			+ "laLlaKBzeq62SlWqHpP1YWIKhOL+3GT03zx8E+7WV9HtjVVFeaytpLvU3mOmhWSehriwCyszZ4sx"
+			+ "OArKhyMgcSQpOAGBTbdsElBMZqT9ZaoKtc5H11LSIJIjhR0ArAjP5HzrWVOxrDWVNRRXNZa6gkjU"
+			+ "pRTkPEiZPJAuP7ScdazMG1rdFQlttVVvpK1aBUwkazwtG3/jRfKHKjHE/wCIOhFRef6fVOsz1y1R"
+			+ "RqaCpUqTIhJJ4kgnKlWPnkCD1jVC3/1DcSTUtHYZJbvEivS3KOqVHBK9CTrtR0O8/keTp3WiOZXl"
+			+ "ldFUOeJAOSpViMfxqndrer3KnhSFzSTLO9UqAjLELhuY7DfAAI8k56xpbeplZarMLUtEhu9TU16U"
+			+ "ogkBaaIHJJZemOML8g/zk6FXe97S3nXWuDa94kStpqiYVtStKsUkhiX9TkzgMMFQAy5APXz1dlu+"
+			+ "5rFXz0wpTUVMiQpWtEqkuXUeSW9pJbipUHOQWx51rtsU0tBuKpo70qukcKzxyVDB5JGA4cyR1yIZ"
+			+ "gQB58aWi+o94pdw+oNVS7ks9ZNYbf/0ukmUOCqEyOjMjDm/YUfOR3nTP9MKp90bAtG4YKv6UFfSf"
+			+ "VhCxBWjVhgEYPtOMZHfecY0E3nX+nO1PsrJd5rTBSXuSWBpJJgFSoCmQmRs5VWwcknpgPzoL6WVE"
+			+ "Mb2qorYKKkrIl+lyoeUcFQgT9PCgkyKFPFScg4yAPAbNnuQqaw00fFV4vKUYMsmTIfKkDAx8/OdG"
+			+ "TpVb99EbFuW5XC+Ut2utuvtXKk4qxUNKiSIAEAjY4CDHhSp/cEAjAN6Nr6a3Gv3LadvSb+v92qGe"
+			+ "CEUcdPHQuQ/J1kL+xSWBwcnrr86OUlp9WdrbWobrRWam3BuiSuWS7tUzRM81KuQEjclcOqcVDHOT"
+			+ "nOc50eisl335XVFVuKwXGwKqLBFKtaq1M1JMMvGxQfpuGSNiAWwCQGznWrtPp5smyWKntNu2rbzR"
+			+ "00ZWKJoVc/k5Z/JJ8knJ+dI//kjsnd1TtqA7Zj3DT2KiYA7dt8SrTiIk8uoGDv2eWDnABxrCf8d/"
+			+ "TYG87g3PtGzbev8AMkppbW1xr35Wk/Ek9O8QYyEd9EY7C/nXsfbsE/8ASqOouVLTxXR6eP7v6YBA"
+			+ "k4jkA2ASAcgfsNEVRFZmVFDN/cQOz/Ou2pqampqamqtPQUMFfUVsFFTRVNQFE0yRKHkC5xyYDJxk"
+			+ "4z+dWtTX/9mItgQTAQIAIAUCR0JYkAIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJENfkVqhR"
+			+ "aYzEAPYD/iHdLOAE8r8HHF3F4z28vtIT8iiRB9aPC/YH0xqV1qeEKG8+VosBaQAOCEquONtRWsww"
+			+ "gO3XB0d6VAq2kMOKc2YiB4ZtZcFvvmP9KdmVIZxVjpa9ozjP5j9zFso1HOpFcsn/VDBEqy5TvsNx"
+			+ "Qvmtc8X7lqK/zLRVkSSBItik2IIhsAIAAw==");
+
+		private void FingerPrintTest()
+        {
+            //
+            // version 3
+            //
+            PgpPublicKeyRing pgpPub = new PgpPublicKeyRing(fingerprintKey);
+
+			PgpPublicKey pubKey = pgpPub.GetPublicKey();
+
+			if (!Arrays.AreEqual(pubKey.GetFingerprint(), Hex.Decode("4FFB9F0884266C715D1CEAC804A3BBFA")))
+            {
+                Fail("version 3 fingerprint test failed");
+            }
+
+			//
+            // version 4
+            //
+            pgpPub = new PgpPublicKeyRing(testPubKey);
+
+            pubKey = pgpPub.GetPublicKey();
+
+            if (!Arrays.AreEqual(pubKey.GetFingerprint(), Hex.Decode("3062363c1046a01a751946bb35586146fdf3f373")))
+            {
+               Fail("version 4 fingerprint test failed");
+            }
+        }
+
+		private void MixedTest(
+			PgpPrivateKey	pgpPrivKey,
+			PgpPublicKey	pgpPubKey)
+		{
+			byte[] text = Encoding.ASCII.GetBytes("hello world!\n");
+
+			//
+			// literal data
+			//
+			MemoryStream bOut = new MemoryStream();
+			PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator();
+			Stream lOut = lGen.Open(
+				bOut,
+				PgpLiteralData.Binary,
+				PgpLiteralData.Console,
+				text.Length,
+				DateTime.UtcNow);
+
+			lOut.Write(text, 0, text.Length);
+
+			lGen.Close();
+
+			byte[] bytes = bOut.ToArray();
+
+			PgpObjectFactory f = new PgpObjectFactory(bytes);
+			CheckLiteralData((PgpLiteralData)f.NextPgpObject(), text);
+
+			MemoryStream bcOut = new MemoryStream();
+
+			PgpEncryptedDataGenerator encGen = new PgpEncryptedDataGenerator(
+				SymmetricKeyAlgorithmTag.Aes128,
+				true,
+				new SecureRandom());
+
+			encGen.AddMethod(pgpPubKey);
+
+			encGen.AddMethod("password".ToCharArray());
+
+			Stream cOut = encGen.Open(bcOut, bytes.Length);
+
+			cOut.Write(bytes, 0, bytes.Length);
+
+			cOut.Close();
+
+			byte[] encData = bcOut.ToArray();
+
+			//
+			// asymmetric
+			//
+			PgpObjectFactory pgpF = new PgpObjectFactory(encData);
+
+			PgpEncryptedDataList encList = (PgpEncryptedDataList) pgpF.NextPgpObject();
+
+			PgpPublicKeyEncryptedData  encP = (PgpPublicKeyEncryptedData)encList[0];
+
+			Stream clear = encP.GetDataStream(pgpPrivKey);
+
+			PgpObjectFactory pgpFact = new PgpObjectFactory(clear);
+
+			CheckLiteralData((PgpLiteralData)pgpFact.NextPgpObject(), text);
+
+			//
+			// PBE
+			//
+			pgpF = new PgpObjectFactory(encData);
+
+			encList = (PgpEncryptedDataList)pgpF.NextPgpObject();
+
+			PgpPbeEncryptedData encPbe = (PgpPbeEncryptedData) encList[1];
+
+			clear = encPbe.GetDataStream("password".ToCharArray());
+
+			pgpF = new PgpObjectFactory(clear);
+
+			CheckLiteralData((PgpLiteralData) pgpF.NextPgpObject(), text);
+		}
+
+		private void CheckLiteralData(
+			PgpLiteralData	ld,
+			byte[]			data)
+		{
+			if (!ld.FileName.Equals(PgpLiteralData.Console))
+				throw new Exception("wrong filename in packet");
+
+			Stream inLd = ld.GetDataStream();
+			byte[] bytes = Streams.ReadAll(inLd);
+
+			if (!AreEqual(bytes, data))
+			{
+				Fail("wrong plain text in decrypted packet");
+			}
+		}
+
+		private void ExistingEmbeddedJpegTest()
+		{
+			PgpPublicKeyRing pgpPub = new PgpPublicKeyRing(embeddedJPEGKey);
+
+			PgpPublicKey pubKey = pgpPub.GetPublicKey();
+
+			int count = 0;
+			foreach (PgpUserAttributeSubpacketVector attributes in pubKey.GetUserAttributes())
+			{
+				int sigCount = 0;
+				foreach (PgpSignature sig in pubKey.GetSignaturesForUserAttribute(attributes))
+				{
+					sig.InitVerify(pubKey);
+
+					if (!sig.VerifyCertification(attributes, pubKey))
+					{
+						Fail("signature failed verification");
+					}
+
+					sigCount++;
+				}
+
+				if (sigCount != 1)
+				{
+					Fail("Failed user attributes signature check");
+				}
+				count++;
+			}
+
+			if (count != 1)
+			{
+				Fail("didn't find user attributes");
+			}
+		}
+
+		private void EmbeddedJpegTest()
+		{
+			PgpPublicKeyRing pgpPub = new PgpPublicKeyRing(testPubKey);
+			PgpSecretKeyRing pgpSec = new PgpSecretKeyRing(testPrivKey);
+
+			PgpPublicKey pubKey = pgpPub.GetPublicKey();
+
+			PgpUserAttributeSubpacketVectorGenerator vGen = new PgpUserAttributeSubpacketVectorGenerator();
+
+			vGen.SetImageAttribute(ImageAttrib.Format.Jpeg, jpegImage);
+
+			PgpUserAttributeSubpacketVector uVec = vGen.Generate();
+
+			PgpSignatureGenerator sGen = new PgpSignatureGenerator(
+				PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1);
+
+			sGen.InitSign(PgpSignature.PositiveCertification, pgpSec.GetSecretKey().ExtractPrivateKey(pass));
+
+			PgpSignature sig = sGen.GenerateCertification(uVec, pubKey);
+
+			PgpPublicKey nKey = PgpPublicKey.AddCertification(pubKey, uVec, sig);
+
+			int count = 0;
+			foreach (PgpUserAttributeSubpacketVector attributes in nKey.GetUserAttributes())
+			{
+				int sigCount = 0;
+				foreach (PgpSignature s in nKey.GetSignaturesForUserAttribute(attributes))
+				{
+					s.InitVerify(pubKey);
+
+					if (!s.VerifyCertification(attributes, pubKey))
+					{
+						Fail("added signature failed verification");
+					}
+
+					sigCount++;
+				}
+
+				if (sigCount != 1)
+				{
+					Fail("Failed added user attributes signature check");
+				}
+				count++;
+			}
+
+			if (count != 1)
+			{
+				Fail("didn't find added user attributes");
+			}
+
+			nKey = PgpPublicKey.RemoveCertification(nKey, uVec);
+
+			if (nKey.GetUserAttributes().GetEnumerator().MoveNext())
+			{
+				Fail("found attributes where none expected");
+			}
+		}
+
+		public override void PerformTest()
+        {
+            //
+            // Read the public key
+            //
+            PgpPublicKeyRing pgpPub = new PgpPublicKeyRing(testPubKey);
+
+			AsymmetricKeyParameter pubKey = pgpPub.GetPublicKey().GetKey();
+
+			IEnumerator enumerator = pgpPub.GetPublicKey().GetUserIds().GetEnumerator();
+            enumerator.MoveNext();
+            string uid = (string) enumerator.Current;
+
+
+            enumerator = pgpPub.GetPublicKey().GetSignaturesForId(uid).GetEnumerator();
+            enumerator.MoveNext();
+            PgpSignature sig = (PgpSignature) enumerator.Current;
+
+			sig.InitVerify(pgpPub.GetPublicKey());
+
+			if (!sig.VerifyCertification(uid, pgpPub.GetPublicKey()))
+            {
+                Fail("failed to verify certification");
+            }
+
+			//
+            // write a public key
+            //
+            MemoryStream bOut = new UncloseableMemoryStream();
+            BcpgOutputStream pOut = new BcpgOutputStream(bOut);
+
+			pgpPub.Encode(pOut);
+
+			if (!Arrays.AreEqual(bOut.ToArray(), testPubKey))
+            {
+                Fail("public key rewrite failed");
+            }
+
+			//
+            // Read the public key
+            //
+            PgpPublicKeyRing pgpPubV3 = new PgpPublicKeyRing(testPubKeyV3);
+            AsymmetricKeyParameter pubKeyV3 = pgpPub.GetPublicKey().GetKey();
+
+			//
+            // write a V3 public key
+            //
+            bOut = new UncloseableMemoryStream();
+            pOut = new BcpgOutputStream(bOut);
+
+			pgpPubV3.Encode(pOut);
+
+			//
+            // Read a v3 private key
+            //
+            char[] passP = "FIXCITY_QA".ToCharArray();
+
+#if INCLUDE_IDEA
+			{
+				PgpSecretKeyRing pgpPriv2 = new PgpSecretKeyRing(testPrivKeyV3);
+				PgpSecretKey pgpPrivSecretKey = pgpPriv2.GetSecretKey();
+				PgpPrivateKey pgpPrivKey2 = pgpPrivSecretKey.ExtractPrivateKey(passP);
+
+				//
+				// write a v3 private key
+				//
+				bOut = new UncloseableMemoryStream();
+				pOut = new BcpgOutputStream(bOut);
+
+				pgpPriv2.Encode(pOut);
+
+				byte[] result = bOut.ToArray();
+				if (!Arrays.AreEqual(result, testPrivKeyV3))
+				{
+					Fail("private key V3 rewrite failed");
+				}
+			}
+#endif
+
+			//
+            // Read the private key
+            //
+            PgpSecretKeyRing pgpPriv = new PgpSecretKeyRing(testPrivKey);
+            PgpPrivateKey pgpPrivKey = pgpPriv.GetSecretKey().ExtractPrivateKey(pass);
+
+			//
+            // write a private key
+            //
+            bOut = new UncloseableMemoryStream();
+            pOut = new BcpgOutputStream(bOut);
+
+			pgpPriv.Encode(pOut);
+
+			if (!Arrays.AreEqual(bOut.ToArray(), testPrivKey))
+            {
+                Fail("private key rewrite failed");
+            }
+
+			//
+            // test encryption
+            //
+            IBufferedCipher c = CipherUtilities.GetCipher("RSA");
+
+//                c.Init(Cipher.ENCRYPT_MODE, pubKey);
+            c.Init(true, pubKey);
+
+			byte[] inBytes = Encoding.ASCII.GetBytes("hello world");
+			byte[] outBytes = c.DoFinal(inBytes);
+
+//                c.Init(Cipher.DECRYPT_MODE, pgpPrivKey.GetKey());
+            c.Init(false, pgpPrivKey.Key);
+
+            outBytes = c.DoFinal(outBytes);
+
+			if (!Arrays.AreEqual(inBytes, outBytes))
+            {
+                Fail("decryption failed.");
+            }
+
+			//
+            // test signature message
+            //
+            PgpObjectFactory pgpFact = new PgpObjectFactory(sig1);
+
+			PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject();
+
+			pgpFact = new PgpObjectFactory(c1.GetDataStream());
+
+			PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
+
+			PgpOnePassSignature ops = p1[0];
+
+			PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject();
+
+			Stream dIn = p2.GetInputStream();
+
+			ops.InitVerify(pgpPub.GetPublicKey(ops.KeyId));
+
+			int ch;
+			while ((ch = dIn.ReadByte()) >= 0)
+            {
+                ops.Update((byte)ch);
+            }
+
+			PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject();
+
+			if (!ops.Verify(p3[0]))
+            {
+                Fail("Failed signature check");
+            }
+
+			//
+            // encrypted message - read subkey
+            //
+            pgpPriv = new PgpSecretKeyRing(subKey);
+
+			//
+            // encrypted message
+            //
+			byte[] text = Encoding.ASCII.GetBytes("hello world!\n");
+
+			PgpObjectFactory pgpF = new PgpObjectFactory(enc1);
+
+			PgpEncryptedDataList encList = (PgpEncryptedDataList)pgpF.NextPgpObject();
+
+			PgpPublicKeyEncryptedData encP = (PgpPublicKeyEncryptedData)encList[0];
+
+			pgpPrivKey = pgpPriv.GetSecretKey(encP.KeyId).ExtractPrivateKey(pass);
+
+			Stream clear = encP.GetDataStream(pgpPrivKey);
+
+			pgpFact = new PgpObjectFactory(clear);
+
+			c1 = (PgpCompressedData)pgpFact.NextPgpObject();
+
+			pgpFact = new PgpObjectFactory(c1.GetDataStream());
+
+			PgpLiteralData ld = (PgpLiteralData)pgpFact.NextPgpObject();
+
+			if (!ld.FileName.Equals("test.txt"))
+            {
+                throw new Exception("wrong filename in packet");
+            }
+
+			Stream inLd = ld.GetDataStream();
+			byte[] bytes = Streams.ReadAll(inLd);
+
+			if (!Arrays.AreEqual(bytes, text))
+            {
+                Fail("wrong plain text in decrypted packet");
+            }
+
+			//
+            // encrypt - short message
+            //
+            byte[] shortText = { (byte)'h', (byte)'e', (byte)'l', (byte)'l', (byte)'o' };
+
+			MemoryStream cbOut = new UncloseableMemoryStream();
+            PgpEncryptedDataGenerator cPk = new PgpEncryptedDataGenerator(SymmetricKeyAlgorithmTag.Cast5, new SecureRandom());
+            PgpPublicKey puK = pgpPriv.GetSecretKey(encP.KeyId).PublicKey;
+
+			cPk.AddMethod(puK);
+
+			Stream cOut = cPk.Open(new UncloseableStream(cbOut), shortText.Length);
+
+			cOut.Write(shortText, 0, shortText.Length);
+
+			cOut.Close();
+
+			pgpF = new PgpObjectFactory(cbOut.ToArray());
+
+			encList = (PgpEncryptedDataList)pgpF.NextPgpObject();
+
+			encP = (PgpPublicKeyEncryptedData)encList[0];
+
+			pgpPrivKey = pgpPriv.GetSecretKey(encP.KeyId).ExtractPrivateKey(pass);
+
+			if (encP.GetSymmetricAlgorithm(pgpPrivKey) != SymmetricKeyAlgorithmTag.Cast5)
+			{
+				Fail("symmetric algorithm mismatch");
+			}
+
+			clear = encP.GetDataStream(pgpPrivKey);
+			outBytes = Streams.ReadAll(clear);
+
+			if (!Arrays.AreEqual(outBytes, shortText))
+            {
+                Fail("wrong plain text in generated short text packet");
+            }
+
+			//
+            // encrypt
+            //
+            cbOut = new UncloseableMemoryStream();
+            cPk = new PgpEncryptedDataGenerator(SymmetricKeyAlgorithmTag.Cast5, new SecureRandom());
+            puK = pgpPriv.GetSecretKey(encP.KeyId).PublicKey;
+
+			cPk.AddMethod(puK);
+
+			cOut = cPk.Open(new UncloseableStream(cbOut), text.Length);
+
+			cOut.Write(text, 0, text.Length);
+
+			cOut.Close();
+
+			pgpF = new PgpObjectFactory(cbOut.ToArray());
+
+			encList = (PgpEncryptedDataList)pgpF.NextPgpObject();
+
+			encP = (PgpPublicKeyEncryptedData)encList[0];
+
+			pgpPrivKey = pgpPriv.GetSecretKey(encP.KeyId).ExtractPrivateKey(pass);
+
+			clear = encP.GetDataStream(pgpPrivKey);
+			outBytes = Streams.ReadAll(clear);
+
+			if (!Arrays.AreEqual(outBytes, text))
+            {
+                Fail("wrong plain text in generated packet");
+            }
+
+			//
+            // read public key with sub key.
+            //
+            pgpF = new PgpObjectFactory(subPubKey);
+            object o;
+            while ((o = pgpFact.NextPgpObject()) != null)
+            {
+				// TODO Should something be tested here?
+                // Console.WriteLine(o);
+            }
+
+			//
+            // key pair generation - CAST5 encryption
+            //
+            char[] passPhrase = "hello".ToCharArray();
+            IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("RSA");
+            RsaKeyGenerationParameters genParam = new RsaKeyGenerationParameters(
+				BigInteger.ValueOf(0x10001), new SecureRandom(), 1024, 25);
+
+			kpg.Init(genParam);
+
+
+			AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
+
+			PgpSecretKey secretKey = new PgpSecretKey(
+                PgpSignature.DefaultCertification,
+                PublicKeyAlgorithmTag.RsaGeneral,
+                kp.Public,
+                kp.Private,
+                DateTime.UtcNow,
+                "fred",
+                SymmetricKeyAlgorithmTag.Cast5,
+                passPhrase,
+                null,
+                null,
+                new SecureRandom()
+                );
+
+			PgpPublicKey key = secretKey.PublicKey;
+
+
+			enumerator = key.GetUserIds().GetEnumerator();
+            enumerator.MoveNext();
+            uid = (string) enumerator.Current;
+
+
+            enumerator = key.GetSignaturesForId(uid).GetEnumerator();
+            enumerator.MoveNext();
+            sig = (PgpSignature) enumerator.Current;
+
+            sig.InitVerify(key);
+
+            if (!sig.VerifyCertification(uid, key))
+            {
+                Fail("failed to verify certification");
+            }
+
+            pgpPrivKey = secretKey.ExtractPrivateKey(passPhrase);
+
+            key = PgpPublicKey.RemoveCertification(key, uid, sig);
+
+            if (key == null)
+            {
+                Fail("failed certification removal");
+            }
+
+            byte[] keyEnc = key.GetEncoded();
+
+			key = PgpPublicKey.AddCertification(key, uid, sig);
+
+			keyEnc = key.GetEncoded();
+
+			PgpSignatureGenerator sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1);
+
+			sGen.InitSign(PgpSignature.KeyRevocation, secretKey.ExtractPrivateKey(passPhrase));
+
+			sig = sGen.GenerateCertification(key);
+
+			key = PgpPublicKey.AddCertification(key, sig);
+
+			keyEnc = key.GetEncoded();
+
+			PgpPublicKeyRing tmpRing = new PgpPublicKeyRing(keyEnc);
+
+			key = tmpRing.GetPublicKey();
+
+			IEnumerator sgEnum = key.GetSignaturesOfType(PgpSignature.KeyRevocation).GetEnumerator();
+            sgEnum.MoveNext();
+            sig = (PgpSignature) sgEnum.Current;
+
+			sig.InitVerify(key);
+
+			if (!sig.VerifyCertification(key))
+            {
+                Fail("failed to verify revocation certification");
+            }
+
+			//
+            // use of PgpKeyPair
+            //
+            PgpKeyPair pgpKp = new PgpKeyPair(PublicKeyAlgorithmTag.RsaGeneral,
+				kp.Public, kp.Private, DateTime.UtcNow);
+
+			PgpPublicKey k1 = pgpKp.PublicKey;
+            PgpPrivateKey k2 = pgpKp.PrivateKey;
+
+            k1.GetEncoded();
+
+			MixedTest(k2, k1);
+
+			//
+            // key pair generation - AES_256 encryption.
+            //
+            kp = kpg.GenerateKeyPair();
+
+			secretKey = new PgpSecretKey(PgpSignature.DefaultCertification, PublicKeyAlgorithmTag.RsaGeneral, kp.Public, kp.Private, DateTime.UtcNow, "fred", SymmetricKeyAlgorithmTag.Aes256, passPhrase, null, null, new SecureRandom());
+
+			secretKey.ExtractPrivateKey(passPhrase);
+
+			secretKey.Encode(new UncloseableMemoryStream());
+
+			//
+            // secret key password changing.
+            //
+            const string newPass = "newPass";
+
+			secretKey = PgpSecretKey.CopyWithNewPassword(secretKey, passPhrase, newPass.ToCharArray(), secretKey.KeyEncryptionAlgorithm, new SecureRandom());
+
+			secretKey.ExtractPrivateKey(newPass.ToCharArray());
+
+			secretKey.Encode(new UncloseableMemoryStream());
+
+			key = secretKey.PublicKey;
+
+			key.Encode(new UncloseableMemoryStream());
+
+
+			enumerator = key.GetUserIds().GetEnumerator();
+            enumerator.MoveNext();
+            uid = (string) enumerator.Current;
+
+
+			enumerator = key.GetSignaturesForId(uid).GetEnumerator();
+            enumerator.MoveNext();
+            sig = (PgpSignature) enumerator.Current;
+
+			sig.InitVerify(key);
+
+			if (!sig.VerifyCertification(uid, key))
+            {
+                Fail("failed to verify certification");
+            }
+
+			pgpPrivKey = secretKey.ExtractPrivateKey(newPass.ToCharArray());
+
+			//
+            // signature generation
+            //
+            const string data = "hello world!";
+            byte[] dataBytes = Encoding.ASCII.GetBytes(data);
+
+			bOut = new UncloseableMemoryStream();
+
+			MemoryStream testIn = new MemoryStream(dataBytes, false);
+
+			sGen = new PgpSignatureGenerator(
+				PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1);
+
+			sGen.InitSign(PgpSignature.BinaryDocument, pgpPrivKey);
+
+			PgpCompressedDataGenerator cGen = new PgpCompressedDataGenerator(
+				CompressionAlgorithmTag.Zip);
+
+			BcpgOutputStream bcOut = new BcpgOutputStream(cGen.Open(new UncloseableStream(bOut)));
+
+			sGen.GenerateOnePassVersion(false).Encode(bcOut);
+
+			PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator();
+
+			DateTime testDateTime = new DateTime(1973, 7, 27);
+			Stream lOut = lGen.Open(new UncloseableStream(bcOut), PgpLiteralData.Binary, "_CONSOLE",
+                dataBytes.Length, testDateTime);
+
+			// TODO Need a stream object to automatically call Update?
+			// (via ISigner implementation of PgpSignatureGenerator)
+			while ((ch = testIn.ReadByte()) >= 0)
+            {
+                lOut.WriteByte((byte)ch);
+                sGen.Update((byte)ch);
+            }
+
+			lOut.Close();
+
+			sGen.Generate().Encode(bcOut);
+
+			bcOut.Close();
+
+			//
+            // verify generated signature
+            //
+            pgpFact = new PgpObjectFactory(bOut.ToArray());
+
+			c1 = (PgpCompressedData)pgpFact.NextPgpObject();
+
+			pgpFact = new PgpObjectFactory(c1.GetDataStream());
+
+			p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
+
+			ops = p1[0];
+
+			p2 = (PgpLiteralData)pgpFact.NextPgpObject();
+			if (!p2.ModificationTime.Equals(testDateTime))
+			{
+				Fail("Modification time not preserved");
+			}
+
+			dIn = p2.GetInputStream();
+
+			ops.InitVerify(secretKey.PublicKey);
+
+			// TODO Need a stream object to automatically call Update?
+			// (via ISigner implementation of PgpSignatureGenerator)
+			while ((ch = dIn.ReadByte()) >= 0)
+            {
+                ops.Update((byte)ch);
+            }
+
+			p3 = (PgpSignatureList)pgpFact.NextPgpObject();
+
+			if (!ops.Verify(p3[0]))
+            {
+                Fail("Failed generated signature check");
+            }
+
+			//
+            // signature generation - version 3
+            //
+            bOut = new UncloseableMemoryStream();
+
+			testIn = new MemoryStream(dataBytes);
+            PgpV3SignatureGenerator sGenV3 = new PgpV3SignatureGenerator(
+                PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1);
+
+			sGen.InitSign(PgpSignature.BinaryDocument, pgpPrivKey);
+
+			cGen = new PgpCompressedDataGenerator(CompressionAlgorithmTag.Zip);
+
+			bcOut = new BcpgOutputStream(cGen.Open(new UncloseableStream(bOut)));
+
+			sGen.GenerateOnePassVersion(false).Encode(bcOut);
+
+			lGen = new PgpLiteralDataGenerator();
+			lOut = lGen.Open(
+				new UncloseableStream(bcOut),
+				PgpLiteralData.Binary,
+				"_CONSOLE",
+				dataBytes.Length,
+				testDateTime);
+
+			// TODO Need a stream object to automatically call Update?
+			// (via ISigner implementation of PgpSignatureGenerator)
+			while ((ch = testIn.ReadByte()) >= 0)
+            {
+                lOut.WriteByte((byte) ch);
+                sGen.Update((byte)ch);
+            }
+
+			lOut.Close();
+
+			sGen.Generate().Encode(bcOut);
+
+			bcOut.Close();
+
+			//
+            // verify generated signature
+            //
+            pgpFact = new PgpObjectFactory(bOut.ToArray());
+
+            c1 = (PgpCompressedData)pgpFact.NextPgpObject();
+
+            pgpFact = new PgpObjectFactory(c1.GetDataStream());
+
+            p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
+
+            ops = p1[0];
+
+            p2 = (PgpLiteralData)pgpFact.NextPgpObject();
+			if (!p2.ModificationTime.Equals(testDateTime))
+			{
+				Fail("Modification time not preserved");
+			}
+
+            dIn = p2.GetInputStream();
+
+            ops.InitVerify(secretKey.PublicKey);
+
+			// TODO Need a stream object to automatically call Update?
+			// (via ISigner implementation of PgpSignatureGenerator)
+			while ((ch = dIn.ReadByte()) >= 0)
+            {
+                ops.Update((byte)ch);
+            }
+
+            p3 = (PgpSignatureList)pgpFact.NextPgpObject();
+
+            if (!ops.Verify(p3[0]))
+            {
+                Fail("Failed v3 generated signature check");
+            }
+
+			//
+            // extract PGP 8 private key
+            //
+            pgpPriv = new PgpSecretKeyRing(pgp8Key);
+
+			secretKey = pgpPriv.GetSecretKey();
+
+			pgpPrivKey = secretKey.ExtractPrivateKey(pgp8Pass);
+
+			//
+            // other sig tests
+            //
+            PerformTestSig(HashAlgorithmTag.Sha256, secretKey.PublicKey, pgpPrivKey);
+			PerformTestSig(HashAlgorithmTag.Sha384, secretKey.PublicKey, pgpPrivKey);
+			PerformTestSig(HashAlgorithmTag.Sha512, secretKey.PublicKey, pgpPrivKey);
+			FingerPrintTest();
+			ExistingEmbeddedJpegTest();
+			EmbeddedJpegTest();
+		}
+
+		private void PerformTestSig(
+            HashAlgorithmTag	hashAlgorithm,
+            PgpPublicKey		pubKey,
+            PgpPrivateKey		privKey)
+        {
+            const string data = "hello world!";
+            byte[] dataBytes = Encoding.ASCII.GetBytes(data);
+
+			MemoryStream bOut = new UncloseableMemoryStream();
+            MemoryStream testIn = new MemoryStream(dataBytes, false);
+            PgpSignatureGenerator sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.RsaGeneral, hashAlgorithm);
+
+			sGen.InitSign(PgpSignature.BinaryDocument, privKey);
+
+			PgpCompressedDataGenerator cGen = new PgpCompressedDataGenerator(CompressionAlgorithmTag.Zip);
+
+			BcpgOutputStream bcOut = new BcpgOutputStream(cGen.Open(new UncloseableStream(bOut)));
+
+			sGen.GenerateOnePassVersion(false).Encode(bcOut);
+
+			PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator();
+			DateTime testDateTime = new DateTime(1973, 7, 27);
+			Stream lOut = lGen.Open(
+				new UncloseableStream(bcOut),
+				PgpLiteralData.Binary,
+				"_CONSOLE",
+                dataBytes.Length,
+				testDateTime);
+
+			// TODO Need a stream object to automatically call Update?
+			// (via ISigner implementation of PgpSignatureGenerator)
+			int ch;
+            while ((ch = testIn.ReadByte()) >= 0)
+            {
+                lOut.WriteByte((byte)ch);
+                sGen.Update((byte)ch);
+            }
+
+			lOut.Close();
+
+			sGen.Generate().Encode(bcOut);
+
+			bcOut.Close();
+
+			//
+            // verify generated signature
+            //
+            PgpObjectFactory pgpFact = new PgpObjectFactory(bOut.ToArray());
+
+			PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject();
+
+			pgpFact = new PgpObjectFactory(c1.GetDataStream());
+
+			PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
+
+			PgpOnePassSignature ops = p1[0];
+
+			PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject();
+			if (!p2.ModificationTime.Equals(testDateTime))
+			{
+				Fail("Modification time not preserved");
+			}
+
+			Stream dIn = p2.GetInputStream();
+
+			ops.InitVerify(pubKey);
+
+			// TODO Need a stream object to automatically call Update?
+			// (via ISigner implementation of PgpSignatureGenerator)
+			while ((ch = dIn.ReadByte()) >= 0)
+            {
+                ops.Update((byte)ch);
+            }
+
+			PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject();
+
+			if (!ops.Verify(p3[0]))
+            {
+                Fail("Failed generated signature check - " + hashAlgorithm);
+            }
+        }
+
+		private class UncloseableMemoryStream
+			: MemoryStream
+		{
+			public override void Close()
+			{
+				throw new Exception("Close() called on underlying stream");
+			}
+		}
+
+		public override string Name
+        {
+			get { return "PGPRSATest"; }
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            RunTest(new PgpRsaTest());
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/openpgp/test/PGPSignatureTest.cs b/crypto/test/src/openpgp/test/PGPSignatureTest.cs
new file mode 100644
index 000000000..3aba2c302
--- /dev/null
+++ b/crypto/test/src/openpgp/test/PGPSignatureTest.cs
@@ -0,0 +1,761 @@
+using System;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Bcpg.Sig;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
+{
+	[TestFixture]
+	public class PgpSignatureTest
+		: SimpleTest
+	{
+		private const int[] NO_PREFERENCES = null;
+		private static readonly int[] PREFERRED_SYMMETRIC_ALGORITHMS
+			= new int[] { (int)SymmetricKeyAlgorithmTag.Aes128, (int)SymmetricKeyAlgorithmTag.TripleDes };
+		private static readonly int[] PREFERRED_HASH_ALGORITHMS
+			= new int[] { (int)HashAlgorithmTag.Sha1, (int)HashAlgorithmTag.Sha256 };
+		private static readonly int[] PREFERRED_COMPRESSION_ALGORITHMS
+			= new int[] { (int)CompressionAlgorithmTag.ZLib };
+
+		private const int TEST_EXPIRATION_TIME = 10000;
+		private const string TEST_USER_ID = "test user id";
+		private static readonly byte[] TEST_DATA = Encoding.ASCII.GetBytes("hello world!\nhello world!\n");
+		private static readonly byte[] TEST_DATA_WITH_CRLF = Encoding.ASCII.GetBytes("hello world!\r\nhello world!\r\n");
+
+		private static readonly byte[] dsaKeyRing = Base64.Decode(
+			"lQHhBD9HBzURBACzkxRCVGJg5+Ld9DU4Xpnd4LCKgMq7YOY7Gi0EgK92gbaa6+zQ"
+			+ "oQFqz1tt3QUmpz3YVkm/zLESBBtC1ACIXGggUdFMUr5I87+1Cb6vzefAtGt8N5VV"
+			+ "1F/MXv1gJz4Bu6HyxL/ncfe71jsNhav0i4yAjf2etWFj53zK6R+Ojg5H6wCgpL9/"
+			+ "tXVfGP8SqFvyrN/437MlFSUEAIN3V6j/MUllyrZglrtr2+RWIwRrG/ACmrF6hTug"
+			+ "Ol4cQxaDYNcntXbhlTlJs9MxjTH3xxzylyirCyq7HzGJxZzSt6FTeh1DFYzhJ7Qu"
+			+ "YR1xrSdA6Y0mUv0ixD5A4nPHjupQ5QCqHGeRfFD/oHzD4zqBnJp/BJ3LvQ66bERJ"
+			+ "mKl5A/4uj3HoVxpb0vvyENfRqKMmGBISycY4MoH5uWfb23FffsT9r9KL6nJ4syLz"
+			+ "aRR0gvcbcjkc9Z3epI7gr3jTrb4d8WPxsDbT/W1tv9bG/EHawomLcihtuUU68Uej"
+			+ "6/wZot1XJqu2nQlku57+M/V2X1y26VKsipolPfja4uyBOOyvbP4DAwIDIBTxWjkC"
+			+ "GGAWQO2jy9CTvLHJEoTO7moHrp1FxOVpQ8iJHyRqZzLllO26OzgohbiPYz8u9qCu"
+			+ "lZ9Xn7QzRXJpYyBFY2hpZG5hIChEU0EgVGVzdCBLZXkpIDxlcmljQGJvdW5jeWNh"
+			+ "c3RsZS5vcmc+iFkEExECABkFAj9HBzUECwcDAgMVAgMDFgIBAh4BAheAAAoJEM0j"
+			+ "9enEyjRDAlwAnjTjjt57NKIgyym7OTCwzIU3xgFpAJ0VO5m5PfQKmGJRhaewLSZD"
+			+ "4nXkHg==");
+
+		private static readonly char[] dsaPass = "hello world".ToCharArray();
+
+		private static readonly byte[] rsaKeyRing = Base64.Decode(
+			  "lQIEBEBXUNMBBADScQczBibewnbCzCswc/9ut8R0fwlltBRxMW0NMdKJY2LF"
+			+ "7k2COeLOCIU95loJGV6ulbpDCXEO2Jyq8/qGw1qD3SCZNXxKs3GS8Iyh9Uwd"
+			+ "VL07nMMYl5NiQRsFB7wOb86+94tYWgvikVA5BRP5y3+O3GItnXnpWSJyREUy"
+			+ "6WI2QQAGKf4JAwIVmnRs4jtTX2DD05zy2mepEQ8bsqVAKIx7lEwvMVNcvg4Y"
+			+ "8vFLh9Mf/uNciwL4Se/ehfKQ/AT0JmBZduYMqRU2zhiBmxj4cXUQ0s36ysj7"
+			+ "fyDngGocDnM3cwPxaTF1ZRBQHSLewP7dqE7M73usFSz8vwD/0xNOHFRLKbsO"
+			+ "RqDlLA1Cg2Yd0wWPS0o7+qqk9ndqrjjSwMM8ftnzFGjShAdg4Ca7fFkcNePP"
+			+ "/rrwIH472FuRb7RbWzwXA4+4ZBdl8D4An0dwtfvAO+jCZSrLjmSpxEOveJxY"
+			+ "GduyR4IA4lemvAG51YHTHd4NXheuEqsIkn1yarwaaj47lFPnxNOElOREMdZb"
+			+ "nkWQb1jfgqO24imEZgrLMkK9bJfoDnlF4k6r6hZOp5FSFvc5kJB4cVo1QJl4"
+			+ "pwCSdoU6luwCggrlZhDnkGCSuQUUW45NE7Br22NGqn4/gHs0KCsWbAezApGj"
+			+ "qYUCfX1bcpPzUMzUlBaD5rz2vPeO58CDtBJ0ZXN0ZXIgPHRlc3RAdGVzdD6I"
+			+ "sgQTAQIAHAUCQFdQ0wIbAwQLBwMCAxUCAwMWAgECHgECF4AACgkQs8JyyQfH"
+			+ "97I1QgP8Cd+35maM2cbWV9iVRO+c5456KDi3oIUSNdPf1NQrCAtJqEUhmMSt"
+			+ "QbdiaFEkPrORISI/2htXruYn0aIpkCfbUheHOu0sef7s6pHmI2kOQPzR+C/j"
+			+ "8D9QvWsPOOso81KU2axUY8zIer64Uzqc4szMIlLw06c8vea27RfgjBpSCryw"
+			+ "AgAA");
+
+		private static readonly char[] rsaPass = "2002 Buffalo Sabres".ToCharArray();
+
+		private static readonly byte[] nullPacketsSubKeyBinding = Base64.Decode(
+			"iDYEGBECAAAAACp9AJ9PlJCrFpi+INwG7z61eku2Wg1HaQCgl33X5Egj+Kf7F9CXIWj2iFCvQDo=");
+
+		public override void PerformTest()
+		{
+			//
+			// RSA tests
+			//
+			PgpSecretKeyRing pgpPriv = new PgpSecretKeyRing(rsaKeyRing);
+			PgpSecretKey secretKey = pgpPriv.GetSecretKey();
+			PgpPrivateKey pgpPrivKey = secretKey.ExtractPrivateKey(rsaPass);
+
+			try
+			{
+				doTestSig(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey);
+
+				Fail("RSA wrong key test failed.");
+			}
+			catch (PgpException)
+			{
+				// expected
+			}
+
+			try
+			{
+				doTestSigV3(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey);
+
+				Fail("RSA V3 wrong key test failed.");
+			}
+			catch (PgpException)
+			{
+				// expected
+			}
+
+			//
+			// certifications
+			//
+			PgpSignatureGenerator sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1);
+
+			sGen.InitSign(PgpSignature.KeyRevocation, pgpPrivKey);
+
+			PgpSignature sig = sGen.GenerateCertification(secretKey.PublicKey);
+
+			sig.InitVerify(secretKey.PublicKey);
+
+			if (!sig.VerifyCertification(secretKey.PublicKey))
+			{
+				Fail("revocation verification failed.");
+			}
+
+			PgpSecretKeyRing pgpDSAPriv = new PgpSecretKeyRing(dsaKeyRing);
+			PgpSecretKey secretDSAKey = pgpDSAPriv.GetSecretKey();
+			PgpPrivateKey pgpPrivDSAKey = secretDSAKey.ExtractPrivateKey(dsaPass);
+
+			sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1);
+
+			sGen.InitSign(PgpSignature.SubkeyBinding, pgpPrivDSAKey);
+
+			PgpSignatureSubpacketGenerator    unhashedGen = new PgpSignatureSubpacketGenerator();
+			PgpSignatureSubpacketGenerator    hashedGen = new PgpSignatureSubpacketGenerator();
+
+			hashedGen.SetSignatureExpirationTime(false, TEST_EXPIRATION_TIME);
+			hashedGen.SetSignerUserId(true, TEST_USER_ID);
+			hashedGen.SetPreferredCompressionAlgorithms(false, PREFERRED_COMPRESSION_ALGORITHMS);
+			hashedGen.SetPreferredHashAlgorithms(false, PREFERRED_HASH_ALGORITHMS);
+			hashedGen.SetPreferredSymmetricAlgorithms(false, PREFERRED_SYMMETRIC_ALGORITHMS);
+
+			sGen.SetHashedSubpackets(hashedGen.Generate());
+			sGen.SetUnhashedSubpackets(unhashedGen.Generate());
+
+			sig = sGen.GenerateCertification(secretDSAKey.PublicKey, secretKey.PublicKey);
+
+			byte[] sigBytes = sig.GetEncoded();
+
+			PgpObjectFactory f = new PgpObjectFactory(sigBytes);
+
+			sig = ((PgpSignatureList) f.NextPgpObject())[0];
+
+			sig.InitVerify(secretDSAKey.PublicKey);
+
+			if (!sig.VerifyCertification(secretDSAKey.PublicKey, secretKey.PublicKey))
+			{
+				Fail("subkey binding verification failed.");
+			}
+
+			PgpSignatureSubpacketVector hashedPcks = sig.GetHashedSubPackets();
+			PgpSignatureSubpacketVector unhashedPcks = sig.GetUnhashedSubPackets();
+
+			if (hashedPcks.Count != 6)
+			{
+				Fail("wrong number of hashed packets found.");
+			}
+
+			if (unhashedPcks.Count != 1)
+			{
+				Fail("wrong number of unhashed packets found.");
+			}
+
+			if (!hashedPcks.GetSignerUserId().Equals(TEST_USER_ID))
+			{
+				Fail("test userid not matching");
+			}
+
+			if (hashedPcks.GetSignatureExpirationTime() != TEST_EXPIRATION_TIME)
+			{
+				Fail("test signature expiration time not matching");
+			}
+
+			if (unhashedPcks.GetIssuerKeyId() != secretDSAKey.KeyId)
+			{
+				Fail("wrong issuer key ID found in certification");
+			}
+
+			int[] prefAlgs = hashedPcks.GetPreferredCompressionAlgorithms();
+			preferredAlgorithmCheck("compression", PREFERRED_COMPRESSION_ALGORITHMS, prefAlgs);
+
+			prefAlgs = hashedPcks.GetPreferredHashAlgorithms();
+			preferredAlgorithmCheck("hash", PREFERRED_HASH_ALGORITHMS, prefAlgs);
+
+			prefAlgs = hashedPcks.GetPreferredSymmetricAlgorithms();
+			preferredAlgorithmCheck("symmetric", PREFERRED_SYMMETRIC_ALGORITHMS, prefAlgs);
+
+			SignatureSubpacketTag[] criticalHashed = hashedPcks.GetCriticalTags();
+
+			if (criticalHashed.Length != 1)
+			{
+				Fail("wrong number of critical packets found.");
+			}
+
+			if (criticalHashed[0] != SignatureSubpacketTag.SignerUserId)
+			{
+				Fail("wrong critical packet found in tag list.");
+			}
+
+			//
+			// no packets passed
+			//
+			sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1);
+
+			sGen.InitSign(PgpSignature.SubkeyBinding, pgpPrivDSAKey);
+
+			sGen.SetHashedSubpackets(null);
+			sGen.SetUnhashedSubpackets(null);
+
+			sig = sGen.GenerateCertification(TEST_USER_ID, secretKey.PublicKey);
+
+			sig.InitVerify(secretDSAKey.PublicKey);
+
+			if (!sig.VerifyCertification(TEST_USER_ID, secretKey.PublicKey))
+			{
+				Fail("subkey binding verification failed.");
+			}
+
+			hashedPcks = sig.GetHashedSubPackets();
+
+			if (hashedPcks.Count != 1)
+			{
+				Fail("found wrong number of hashed packets");
+			}
+
+			unhashedPcks = sig.GetUnhashedSubPackets();
+
+			if (unhashedPcks.Count != 1)
+			{
+				Fail("found wrong number of unhashed packets");
+			}
+
+			try
+			{
+				sig.VerifyCertification(secretKey.PublicKey);
+
+				Fail("failed to detect non-key signature.");
+			}
+			catch (InvalidOperationException)
+			{
+				// expected
+			}
+
+			//
+			// override hash packets
+			//
+			sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1);
+
+			sGen.InitSign(PgpSignature.SubkeyBinding, pgpPrivDSAKey);
+
+			hashedGen = new PgpSignatureSubpacketGenerator();
+
+			DateTime creationTime = new DateTime(1973, 7, 27);
+			hashedGen.SetSignatureCreationTime(false, creationTime);
+
+			sGen.SetHashedSubpackets(hashedGen.Generate());
+
+			sGen.SetUnhashedSubpackets(null);
+
+			sig = sGen.GenerateCertification(TEST_USER_ID, secretKey.PublicKey);
+
+			sig.InitVerify(secretDSAKey.PublicKey);
+
+			if (!sig.VerifyCertification(TEST_USER_ID, secretKey.PublicKey))
+			{
+				Fail("subkey binding verification failed.");
+			}
+
+			hashedPcks = sig.GetHashedSubPackets();
+
+			if (hashedPcks.Count != 1)
+			{
+				Fail("found wrong number of hashed packets in override test");
+			}
+
+			if (!hashedPcks.HasSubpacket(SignatureSubpacketTag.CreationTime))
+			{
+				Fail("hasSubpacket test for creation time failed");
+			}
+
+			DateTime sigCreationTime = hashedPcks.GetSignatureCreationTime();
+			if (!sigCreationTime.Equals(creationTime))
+			{
+				Fail("creation of overridden date failed.");
+			}
+
+			prefAlgs = hashedPcks.GetPreferredCompressionAlgorithms();
+			preferredAlgorithmCheck("compression", NO_PREFERENCES, prefAlgs);
+
+			prefAlgs = hashedPcks.GetPreferredHashAlgorithms();
+			preferredAlgorithmCheck("hash", NO_PREFERENCES, prefAlgs);
+
+			prefAlgs = hashedPcks.GetPreferredSymmetricAlgorithms();
+			preferredAlgorithmCheck("symmetric", NO_PREFERENCES, prefAlgs);
+
+			if (hashedPcks.GetKeyExpirationTime() != 0)
+			{
+				Fail("unexpected key expiration time found");
+			}
+
+			if (hashedPcks.GetSignatureExpirationTime() != 0)
+			{
+				Fail("unexpected signature expiration time found");
+			}
+
+			if (hashedPcks.GetSignerUserId() != null)
+			{
+				Fail("unexpected signer user ID found");
+			}
+
+			criticalHashed = hashedPcks.GetCriticalTags();
+
+			if (criticalHashed.Length != 0)
+			{
+				Fail("critical packets found when none expected");
+			}
+
+			unhashedPcks = sig.GetUnhashedSubPackets();
+
+			if (unhashedPcks.Count != 1)
+			{
+				Fail("found wrong number of unhashed packets in override test");
+			}
+
+			//
+			// general signatures
+			//
+			doTestSig(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha256, secretKey.PublicKey, pgpPrivKey);
+			doTestSig(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha384, secretKey.PublicKey, pgpPrivKey);
+			doTestSig(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha512, secretKey.PublicKey, pgpPrivKey);
+			doTestSigV3(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey);
+			doTestTextSig(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey, TEST_DATA_WITH_CRLF, TEST_DATA_WITH_CRLF);
+			doTestTextSig(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey, TEST_DATA, TEST_DATA_WITH_CRLF);
+			doTestTextSigV3(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey, TEST_DATA_WITH_CRLF, TEST_DATA_WITH_CRLF);
+			doTestTextSigV3(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey, TEST_DATA, TEST_DATA_WITH_CRLF);
+
+			//
+			// DSA Tests
+			//
+			pgpPriv = new PgpSecretKeyRing(dsaKeyRing);
+			secretKey = pgpPriv.GetSecretKey();
+			pgpPrivKey = secretKey.ExtractPrivateKey(dsaPass);
+
+			try
+			{
+				doTestSig(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey);
+
+				Fail("DSA wrong key test failed.");
+			}
+			catch (PgpException)
+			{
+				// expected
+			}
+
+			try
+			{
+				doTestSigV3(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey);
+
+				Fail("DSA V3 wrong key test failed.");
+			}
+			catch (PgpException)
+			{
+				// expected
+			}
+
+			doTestSig(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey);
+			doTestSigV3(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey);
+			doTestTextSig(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey, TEST_DATA_WITH_CRLF, TEST_DATA_WITH_CRLF);
+			doTestTextSig(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey, TEST_DATA, TEST_DATA_WITH_CRLF);
+			doTestTextSigV3(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey, TEST_DATA_WITH_CRLF, TEST_DATA_WITH_CRLF);
+			doTestTextSigV3(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey, TEST_DATA, TEST_DATA_WITH_CRLF);
+
+			// special cases
+			//
+			doTestMissingSubpackets(nullPacketsSubKeyBinding);
+
+			doTestMissingSubpackets(generateV3BinarySig(pgpPrivKey, PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1));
+
+			// keyflags
+			doTestKeyFlagsValues();
+		}
+
+		private void doTestKeyFlagsValues()
+		{
+			checkValue(KeyFlags.CertifyOther, 0x01);
+			checkValue(KeyFlags.SignData, 0x02);
+			checkValue(KeyFlags.EncryptComms, 0x04);
+			checkValue(KeyFlags.EncryptStorage, 0x08);
+			checkValue(KeyFlags.Split, 0x10);
+			checkValue(KeyFlags.Authentication, 0x20);
+			checkValue(KeyFlags.Shared, 0x80);
+
+			// yes this actually happens
+			checkValue(new byte[] { 4, 0, 0, 0 }, 0x04);
+			checkValue(new byte[] { 4, 0, 0 }, 0x04);
+			checkValue(new byte[] { 4, 0 }, 0x04);
+			checkValue(new byte[] { 4 }, 0x04);
+		}
+
+		private void checkValue(int flag, int val)
+		{
+			KeyFlags f = new KeyFlags(true, flag);
+
+			if (f.Flags != val)
+			{
+				Fail("flag value mismatch");
+			}
+		}
+
+		private void checkValue(byte[] flag, int val)
+		{
+			KeyFlags f = new KeyFlags(true, flag);
+
+			if (f.Flags != val)
+			{
+				Fail("flag value mismatch");
+			}
+		}
+
+		private void doTestMissingSubpackets(byte[] signature)
+		{
+			PgpObjectFactory f = new PgpObjectFactory(signature);
+			object obj = f.NextPgpObject();
+
+			while (!(obj is PgpSignatureList))
+			{
+				obj = f.NextPgpObject();
+				if (obj is PgpLiteralData)
+				{
+					Stream input = ((PgpLiteralData)obj).GetDataStream();
+					Streams.Drain(input);
+				}
+			}
+
+			PgpSignature sig = ((PgpSignatureList)obj)[0];
+
+			if (sig.Version > 3)
+			{
+				PgpSignatureSubpacketVector v = sig.GetHashedSubPackets();
+
+				if (v.GetKeyExpirationTime() != 0)
+				{
+					Fail("key expiration time not zero for missing subpackets");
+				}
+
+				if (!sig.HasSubpackets)
+				{
+					Fail("HasSubpackets property was false with packets");
+				}
+			}
+			else
+			{
+				if (sig.GetHashedSubPackets() != null)
+				{
+					Fail("hashed sub packets found when none expected");
+				}
+
+				if (sig.GetUnhashedSubPackets() != null)
+				{
+					Fail("unhashed sub packets found when none expected");
+				}
+
+				if (sig.HasSubpackets)
+				{
+					Fail("HasSubpackets property was true with no packets");
+				}
+			}
+		}
+
+		private void preferredAlgorithmCheck(
+			string	type,
+			int[]	expected,
+			int[]	prefAlgs)
+		{
+			if (expected == null)
+			{
+				if (prefAlgs != null)
+				{
+					Fail("preferences for " + type + " found when none expected");
+				}
+			}
+			else
+			{
+				if (prefAlgs.Length != expected.Length)
+				{
+					Fail("wrong number of preferred " + type + " algorithms found");
+				}
+
+				for (int i = 0; i != expected.Length; i++)
+				{
+					if (expected[i] != prefAlgs[i])
+					{
+						Fail("wrong algorithm found for " + type + ": expected " + expected[i] + " got " + prefAlgs);
+					}
+				}
+			}
+		}
+
+		private void doTestSig(
+			PublicKeyAlgorithmTag	encAlgorithm,
+			HashAlgorithmTag		hashAlgorithm,
+			PgpPublicKey			pubKey,
+			PgpPrivateKey			privKey)
+		{
+			MemoryStream bOut = new MemoryStream();
+			MemoryStream testIn = new MemoryStream(TEST_DATA, false);
+			PgpSignatureGenerator sGen = new PgpSignatureGenerator(encAlgorithm, hashAlgorithm);
+
+			sGen.InitSign(PgpSignature.BinaryDocument, privKey);
+			sGen.GenerateOnePassVersion(false).Encode(bOut);
+
+			PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator();
+			Stream lOut = lGen.Open(
+				new UncloseableStream(bOut),
+				PgpLiteralData.Binary,
+				"_CONSOLE",
+				TEST_DATA.Length * 2,
+				DateTime.UtcNow);
+
+			int ch;
+			while ((ch = testIn.ReadByte()) >= 0)
+			{
+				lOut.WriteByte((byte)ch);
+				sGen.Update((byte)ch);
+			}
+
+			lOut.Write(TEST_DATA, 0, TEST_DATA.Length);
+			sGen.Update(TEST_DATA);
+
+			lGen.Close();
+
+			sGen.Generate().Encode(bOut);
+
+			verifySignature(bOut.ToArray(), hashAlgorithm, pubKey, TEST_DATA);
+		}
+
+		private void doTestTextSig(
+			PublicKeyAlgorithmTag	encAlgorithm,
+			HashAlgorithmTag		hashAlgorithm,
+			PgpPublicKey			pubKey,
+			PgpPrivateKey			privKey,
+			byte[]					data,
+			byte[]					canonicalData)
+		{
+			PgpSignatureGenerator sGen = new PgpSignatureGenerator(encAlgorithm, HashAlgorithmTag.Sha1);
+			MemoryStream bOut = new MemoryStream();
+			MemoryStream testIn = new MemoryStream(data, false);
+			DateTime creationTime = DateTime.UtcNow;
+
+			sGen.InitSign(PgpSignature.CanonicalTextDocument, privKey);
+			sGen.GenerateOnePassVersion(false).Encode(bOut);
+
+			PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator();
+			Stream lOut = lGen.Open(
+				new UncloseableStream(bOut),
+				PgpLiteralData.Text,
+				"_CONSOLE",
+				data.Length * 2,
+				creationTime);
+
+			int ch;
+			while ((ch = testIn.ReadByte()) >= 0)
+			{
+				lOut.WriteByte((byte)ch);
+				sGen.Update((byte)ch);
+			}
+
+			lOut.Write(data, 0, data.Length);
+			sGen.Update(data);
+
+			lGen.Close();
+
+			PgpSignature sig = sGen.Generate();
+
+			if (sig.CreationTime == DateTimeUtilities.UnixMsToDateTime(0))
+			{
+				Fail("creation time not set in v4 signature");
+			}
+
+			sig.Encode(bOut);
+
+			verifySignature(bOut.ToArray(), hashAlgorithm, pubKey, canonicalData);
+		}
+
+		private void doTestSigV3(
+			PublicKeyAlgorithmTag	encAlgorithm,
+			HashAlgorithmTag		hashAlgorithm,
+			PgpPublicKey			pubKey,
+			PgpPrivateKey			privKey)
+		{
+			byte[] bytes = generateV3BinarySig(privKey, encAlgorithm, hashAlgorithm);
+
+			verifySignature(bytes, hashAlgorithm, pubKey, TEST_DATA);
+		}
+
+		private byte[] generateV3BinarySig(
+			PgpPrivateKey			privKey,
+			PublicKeyAlgorithmTag	encAlgorithm,
+			HashAlgorithmTag		hashAlgorithm)
+		{
+			MemoryStream bOut = new MemoryStream();
+			MemoryStream testIn = new MemoryStream(TEST_DATA, false);
+			PgpV3SignatureGenerator sGen = new PgpV3SignatureGenerator(encAlgorithm, hashAlgorithm);
+
+			sGen.InitSign(PgpSignature.BinaryDocument, privKey);
+			sGen.GenerateOnePassVersion(false).Encode(bOut);
+
+			PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator();
+			Stream lOut = lGen.Open(
+				new UncloseableStream(bOut),
+				PgpLiteralData.Binary,
+				"_CONSOLE",
+				TEST_DATA.Length * 2,
+				DateTime.UtcNow);
+
+			int ch;
+			while ((ch = testIn.ReadByte()) >= 0)
+			{
+				lOut.WriteByte((byte)ch);
+				sGen.Update((byte)ch);
+			}
+
+			lOut.Write(TEST_DATA, 0, TEST_DATA.Length);
+			sGen.Update(TEST_DATA);
+
+			lGen.Close();
+
+			sGen.Generate().Encode(bOut);
+
+			return bOut.ToArray();
+		}
+
+		private void doTestTextSigV3(
+			PublicKeyAlgorithmTag	encAlgorithm,
+			HashAlgorithmTag		hashAlgorithm,
+			PgpPublicKey			pubKey,
+			PgpPrivateKey			privKey,
+			byte[]					data,
+			byte[]					canonicalData)
+		{
+			PgpV3SignatureGenerator sGen = new PgpV3SignatureGenerator(encAlgorithm, HashAlgorithmTag.Sha1);
+			MemoryStream bOut = new MemoryStream();
+			MemoryStream testIn = new MemoryStream(data, false);
+
+			sGen.InitSign(PgpSignature.CanonicalTextDocument, privKey);
+			sGen.GenerateOnePassVersion(false).Encode(bOut);
+
+			PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator();
+			Stream lOut = lGen.Open(
+				new UncloseableStream(bOut),
+				PgpLiteralData.Text,
+				"_CONSOLE",
+				data.Length * 2,
+				DateTime.UtcNow);
+
+			int ch;
+			while ((ch = testIn.ReadByte()) >= 0)
+			{
+				lOut.WriteByte((byte)ch);
+				sGen.Update((byte)ch);
+			}
+
+			lOut.Write(data, 0, data.Length);
+			sGen.Update(data);
+
+			lGen.Close();
+
+			PgpSignature sig = sGen.Generate();
+
+			if (sig.CreationTime == DateTimeUtilities.UnixMsToDateTime(0))
+			{
+				Fail("creation time not set in v3 signature");
+			}
+
+			sig.Encode(bOut);
+
+			verifySignature(bOut.ToArray(), hashAlgorithm, pubKey, canonicalData);
+		}
+
+		private void verifySignature(
+			byte[] encodedSig,
+			HashAlgorithmTag hashAlgorithm,
+			PgpPublicKey pubKey,
+			byte[] original)
+		{
+			PgpObjectFactory        pgpFact = new PgpObjectFactory(encodedSig);
+			PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
+			PgpOnePassSignature     ops = p1[0];
+			PgpLiteralData          p2 = (PgpLiteralData)pgpFact.NextPgpObject();
+			Stream					dIn = p2.GetInputStream();
+
+			ops.InitVerify(pubKey);
+
+			int ch;
+			while ((ch = dIn.ReadByte()) >= 0)
+			{
+				ops.Update((byte)ch);
+			}
+
+			PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject();
+			PgpSignature sig = p3[0];
+
+			DateTime creationTime = sig.CreationTime;
+
+			// Check creationTime is recent
+			if (creationTime.CompareTo(DateTime.UtcNow) > 0
+				|| creationTime.CompareTo(DateTime.UtcNow.AddMinutes(-10)) < 0)
+			{
+				Fail("bad creation time in signature: " + creationTime);
+			}
+
+			if (sig.KeyId != pubKey.KeyId)
+			{
+				Fail("key id mismatch in signature");
+			}
+
+			if (!ops.Verify(sig))
+			{
+				Fail("Failed generated signature check - " + hashAlgorithm);
+			}
+
+			sig.InitVerify(pubKey);
+
+			for (int i = 0; i != original.Length; i++)
+			{
+				sig.Update(original[i]);
+			}
+
+			sig.Update(original);
+
+			if (!sig.Verify())
+			{
+				Fail("Failed generated signature check against original data");
+			}
+		}
+
+		public override string Name
+		{
+			get { return "PGPSignatureTest"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new PgpSignatureTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/openpgp/test/PgpKeyRingTest.cs b/crypto/test/src/openpgp/test/PgpKeyRingTest.cs
new file mode 100644
index 000000000..b776a0d2a
--- /dev/null
+++ b/crypto/test/src/openpgp/test/PgpKeyRingTest.cs
@@ -0,0 +1,2163 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
+{
+	[TestFixture]
+	public class PgpKeyRingTest
+		: SimpleTest
+	{
+		private static readonly byte[] pub1 = Base64.Decode(
+			"mQGiBEA83v0RBADzKVLVCnpWQxX0LCsevw/3OLs0H7MOcLBQ4wMO9sYmzGYn"
+			+ "xpVj+4e4PiCP7QBayWyy4lugL6Lnw7tESvq3A4v3fefcxaCTkJrryiKn4+Cg"
+			+ "y5rIBbrSKNtCEhVi7xjtdnDjP5kFKgHYjVOeIKn4Cz/yzPG3qz75kDknldLf"
+			+ "yHxp2wCgwW1vAE5EnZU4/UmY7l8kTNkMltMEAJP4/uY4zcRwLI9Q2raPqAOJ"
+			+ "TYLd7h+3k/BxI0gIw96niQ3KmUZDlobbWBI+VHM6H99vcttKU3BgevNf8M9G"
+			+ "x/AbtW3SS4De64wNSU3189XDG8vXf0vuyW/K6Pcrb8exJWY0E1zZQ1WXT0gZ"
+			+ "W0kH3g5ro//Tusuil9q2lVLF2ovJA/0W+57bPzi318dWeNs0tTq6Njbc/GTG"
+			+ "FUAVJ8Ss5v2u6h7gyJ1DB334ExF/UdqZGldp0ugkEXaSwBa2R7d3HBgaYcoP"
+			+ "Ck1TrovZzEY8gm7JNVy7GW6mdOZuDOHTxyADEEP2JPxh6eRcZbzhGuJuYIif"
+			+ "IIeLOTI5Dc4XKeV32a+bWrQidGVzdCAoVGVzdCBrZXkpIDx0ZXN0QHViaWNh"
+			+ "bGwuY29tPohkBBMRAgAkBQJAPN79AhsDBQkB4TOABgsJCAcDAgMVAgMDFgIB"
+			+ "Ah4BAheAAAoJEJh8Njfhe8KmGDcAoJWr8xgPr75y/Cp1kKn12oCCOb8zAJ4p"
+			+ "xSvk4K6tB2jYbdeSrmoWBZLdMLACAAC5AQ0EQDzfARAEAJeUAPvUzJJbKcc5"
+			+ "5Iyb13+Gfb8xBWE3HinQzhGr1v6A1aIZbRj47UPAD/tQxwz8VAwJySx82ggN"
+			+ "LxCk4jW9YtTL3uZqfczsJngV25GoIN10f4/j2BVqZAaX3q79a3eMiql1T0oE"
+			+ "AGmD7tO1LkTvWfm3VvA0+t8/6ZeRLEiIqAOHAAQNBACD0mVMlAUgd7REYy/1"
+			+ "mL99Zlu9XU0uKyUex99sJNrcx1aj8rIiZtWaHz6CN1XptdwpDeSYEOFZ0PSu"
+			+ "qH9ByM3OfjU/ya0//xdvhwYXupn6P1Kep85efMBA9jUv/DeBOzRWMFG6sC6y"
+			+ "k8NGG7Swea7EHKeQI40G3jgO/+xANtMyTIhPBBgRAgAPBQJAPN8BAhsMBQkB"
+			+ "4TOAAAoJEJh8Njfhe8KmG7kAn00mTPGJCWqmskmzgdzeky5fWd7rAKCNCp3u"
+			+ "ZJhfg0htdgAfIy8ppm05vLACAAA=");
+
+		private static readonly byte[] sec1 = Base64.Decode(
+			"lQHhBEA83v0RBADzKVLVCnpWQxX0LCsevw/3OLs0H7MOcLBQ4wMO9sYmzGYn"
+			+ "xpVj+4e4PiCP7QBayWyy4lugL6Lnw7tESvq3A4v3fefcxaCTkJrryiKn4+Cg"
+			+ "y5rIBbrSKNtCEhVi7xjtdnDjP5kFKgHYjVOeIKn4Cz/yzPG3qz75kDknldLf"
+			+ "yHxp2wCgwW1vAE5EnZU4/UmY7l8kTNkMltMEAJP4/uY4zcRwLI9Q2raPqAOJ"
+			+ "TYLd7h+3k/BxI0gIw96niQ3KmUZDlobbWBI+VHM6H99vcttKU3BgevNf8M9G"
+			+ "x/AbtW3SS4De64wNSU3189XDG8vXf0vuyW/K6Pcrb8exJWY0E1zZQ1WXT0gZ"
+			+ "W0kH3g5ro//Tusuil9q2lVLF2ovJA/0W+57bPzi318dWeNs0tTq6Njbc/GTG"
+			+ "FUAVJ8Ss5v2u6h7gyJ1DB334ExF/UdqZGldp0ugkEXaSwBa2R7d3HBgaYcoP"
+			+ "Ck1TrovZzEY8gm7JNVy7GW6mdOZuDOHTxyADEEP2JPxh6eRcZbzhGuJuYIif"
+			+ "IIeLOTI5Dc4XKeV32a+bWv4CAwJ5KgazImo+sGBfMhDiBcBTqyDGhKHNgHic"
+			+ "0Pky9FeRvfXTc2AO+jGmFPjcs8BnTWuDD0/jkQnRZpp1TrQidGVzdCAoVGVz"
+			+ "dCBrZXkpIDx0ZXN0QHViaWNhbGwuY29tPohkBBMRAgAkBQJAPN79AhsDBQkB"
+			+ "4TOABgsJCAcDAgMVAgMDFgIBAh4BAheAAAoJEJh8Njfhe8KmGDcAn3XeXDMg"
+			+ "BZgrZzFWU2IKtA/5LG2TAJ0Vf/jjyq0jZNZfGfoqGTvD2MAl0rACAACdAVgE"
+			+ "QDzfARAEAJeUAPvUzJJbKcc55Iyb13+Gfb8xBWE3HinQzhGr1v6A1aIZbRj4"
+			+ "7UPAD/tQxwz8VAwJySx82ggNLxCk4jW9YtTL3uZqfczsJngV25GoIN10f4/j"
+			+ "2BVqZAaX3q79a3eMiql1T0oEAGmD7tO1LkTvWfm3VvA0+t8/6ZeRLEiIqAOH"
+			+ "AAQNBACD0mVMlAUgd7REYy/1mL99Zlu9XU0uKyUex99sJNrcx1aj8rIiZtWa"
+			+ "Hz6CN1XptdwpDeSYEOFZ0PSuqH9ByM3OfjU/ya0//xdvhwYXupn6P1Kep85e"
+			+ "fMBA9jUv/DeBOzRWMFG6sC6yk8NGG7Swea7EHKeQI40G3jgO/+xANtMyTP4C"
+			+ "AwJ5KgazImo+sGBl2C7CFuI+5KM4ZhbtVie7l+OiTpr5JW2z5VgnV3EX9p04"
+			+ "LcGKfQvD65+ELwli6yh8B2zGcipqTaYk3QoYNIhPBBgRAgAPBQJAPN8BAhsM"
+			+ "BQkB4TOAAAoJEJh8Njfhe8KmG7kAniuRkaFFv1pdCBN8JJXpcorHmyouAJ9L"
+			+ "xxmusffR6OI7WgD3XZ0AL8zUC7ACAAA=");
+
+//		private static readonly char[] pass1 = "qwertzuiop".ToCharArray();
+
+		private static readonly byte[] pub2 = Base64.Decode(
+			"mQGiBEBtfW8RBADfWjTxFedIbGBNVgh064D/OCf6ul7x4PGsCl+BkAyheYkr"
+			+ "mVUsChmBKoeXaY+Fb85wwusXzyM/6JFK58Rg+vEb3Z19pue8Ixxq7cRtCtOA"
+			+ "tOP1eKXLNtTRWJutvLkQmeOa19UZ6ziIq23aWuWKSq+KKMWek2GUnGycnx5M"
+			+ "W0pn1QCg/39r9RKhY9cdKYqRcqsr9b2B/AsD/Ru24Q15Jmrsl9zZ6EC47J49"
+			+ "iNW5sLQx1qf/mgfVWQTmU2j6gq4ND1OuK7+0OP/1yMOUpkjjcqxFgTnDAAoM"
+			+ "hHDTzCv/aZzIzmMvgLsYU3aIMfbz+ojpuASMCMh+te01cEMjiPWwDtdWWOdS"
+			+ "OSyX9ylzhO3PiNDks8R83onsacYpA/9WhTcg4bvkjaj66I7wGZkm3BmTxNSb"
+			+ "pE4b5HZDh31rRYhY9tmrryCfFnU4BS2Enjj5KQe9zFv7pUBCBW2oFo8i8Osn"
+			+ "O6fa1wVN4fBHC6wqWmmpnkFerNPkiC9V75KUFIfeWHmT3r2DVSO3dfdHDERA"
+			+ "jFIAioMLjhaX6DnODF5KQrABh7QmU2FpIFB1bGxhYmhvdGxhIDxwc2FpQG15"
+			+ "amF2YXdvcmxkLmNvbT6wAwP//4kAVwQQEQIAFwUCQG19bwcLCQgHAwIKAhkB"
+			+ "BRsDAAAAAAoJEKXQf/RT99uYmfAAoMKxV5g2owIfmy2w7vSLvOQUpvvOAJ4n"
+			+ "jB6xJot523rPAQW9itPoGGekirABZ7kCDQRAbX1vEAgA9kJXtwh/CBdyorrW"
+			+ "qULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AHxstDqZSt90xkhkn4DIO9"
+			+ "ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/"
+			+ "Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4"
+			+ "DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEs"
+			+ "tSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1B"
+			+ "n5x8vYlLIhkmuquiXsNV6TILOwACAgf9F7/nJHDayJ3pBVTTVSq2g5WKUXMg"
+			+ "xxGKTvOahiVRcbO03w0pKAkH85COakVfe56sMYpWRl36adjNoKOxaciow74D"
+			+ "1R5snY/hv/kBXPBkzo4UMkbANIVaZ0IcnLp+rkkXcDVbRCibZf8FfCY1zXbq"
+			+ "d680UtEgRbv1D8wFBqfMt7kLsuf9FnIw6vK4DU06z5ZDg25RHGmswaDyY6Mw"
+			+ "NGCrKGbHf9I/T7MMuhGF/in8UU8hv8uREOjseOqklG3/nsI1hD/MdUC7fzXi"
+			+ "MRO4RvahLoeXOuaDkMYALdJk5nmNuCL1YPpbFGttI3XsK7UrP/Fhd8ND6Nro"
+			+ "wCqrN6keduK+uLABh4kATAQYEQIADAUCQG19bwUbDAAAAAAKCRCl0H/0U/fb"
+			+ "mC/0AJ4r1yvyu4qfOXlDgmVuCsvHFWo63gCfRIrCB2Jv/N1cgpmq0L8LGHM7"
+			+ "G/KwAWeZAQ0EQG19owEIAMnavLYqR7ffaDPbbq+lQZvLCK/3uA0QlyngNyTa"
+			+ "sDW0WC1/ryy2dx7ypOOCicjnPYfg3LP5TkYAGoMjxH5+xzM6xfOR+8/EwK1z"
+			+ "N3A5+X/PSBDlYjQ9dEVKrvvc7iMOp+1K1VMf4Ug8Yah22Ot4eLGP0HRCXiv5"
+			+ "vgdBNsAl/uXnBJuDYQmLrEniqq/6UxJHKHxZoS/5p13Cq7NfKB1CJCuJXaCE"
+			+ "TW2do+cDpN6r0ltkF/r+ES+2L7jxyoHcvQ4YorJoDMlAN6xpIZQ8dNaTYP/n"
+			+ "Mx/pDS3shUzbU+UYPQrreJLMF1pD+YWP5MTKaZTo+U/qPjDFGcadInhPxvh3"
+			+ "1ssAEQEAAbABh7QuU2FuZGh5YSBQdWxsYWJob3RsYSA8cHNhbmRoeWFAbXlq"
+			+ "YXZhd29ybGQuY29tPrADA///iQEtBBABAgAXBQJAbX2jBwsJCAcDAgoCGQEF"
+			+ "GwMAAAAACgkQx87DL9gOvoeVUwgAkQXYiF0CxhKbDnuabAssnOEwJrutgCRO"
+			+ "CJRQvIwTe3fe6hQaWn2Yowt8OQtNFiR8GfAY6EYxyFLKzZbAI/qtq5fHmN3e"
+			+ "RSyNWe6d6e17hqZZL7kf2sVkyGTChHj7Jiuo7vWkdqT2MJN6BW5tS9CRH7Me"
+			+ "D839STv+4mAAO9auGvSvicP6UEQikAyCy/ihoJxLQlspfbSNpi0vrUjCPT7N"
+			+ "tWwfP0qF64i9LYkjzLqihnu+UareqOPhXcWnyFKrjmg4ezQkweNU2pdvCLbc"
+			+ "W24FhT92ivHgpLyWTswXcqjhFjVlRr0+2sIz7v1k0budCsJ7PjzOoH0hJxCv"
+			+ "sJQMlZR/e7ABZ7kBDQRAbX2kAQgAm5j+/LO2M4pKm/VUPkYuj3eefHkzjM6n"
+			+ "KbvRZX1Oqyf+6CJTxQskUWKAtkzzKafPdS5Wg0CMqeXov+EFod4bPEYccszn"
+			+ "cKd1U8NRwacbEpCvvvB84Yl2YwdWpDpkryyyLI4PbCHkeuwx9Dc2z7t4XDB6"
+			+ "FyAJTMAkia7nzYa/kbeUO3c2snDb/dU7uyCsyKtTZyTyhTgtl/f9L03Bgh95"
+			+ "y3mOUz0PimJ0Sg4ANczF4d04BpWkjLNVJi489ifWodPlHm1hag5drYekYpWJ"
+			+ "+3g0uxs5AwayV9BcOkPKb1uU3EoYQw+nn0Kn314Nvx2M1tKYunuVNLEm0PhA"
+			+ "/+B8PTq8BQARAQABsAGHiQEiBBgBAgAMBQJAbX2kBRsMAAAAAAoJEMfOwy/Y"
+			+ "Dr6HkLoH/RBY8lvUv1r8IdTs5/fN8e/MnGeThLl+JrlYF/4t3tjXYIf5xUj/"
+			+ "c9NdjreKYgHfMtrbVM08LlxUVQlkjuF3DIk5bVH9Blq8aXmyiwiM5GrCry+z"
+			+ "WiqkpZze1G577C38mMJbHDwbqNCLALMzo+W2q04Avl5sniNnDNGbGz9EjhRg"
+			+ "o7oS16KkkD6Ls4RnHTEZ0vyZOXodDHu+sk/2kzj8K07kKaM8rvR7aDKiI7HH"
+			+ "1GxJz70fn1gkKuV2iAIIiU25bty+S3wr+5h030YBsUZF1qeKCdGOmpK7e9Of"
+			+ "yv9U7rf6Z5l8q+akjqLZvej9RnxeH2Um7W+tGg2me482J+z6WOawAWc=");
+
+		private static readonly byte[] sec2 = Base64.Decode(
+			"lQHpBEBtfW8RBADfWjTxFedIbGBNVgh064D/OCf6ul7x4PGsCl+BkAyheYkr"
+			+ "mVUsChmBKoeXaY+Fb85wwusXzyM/6JFK58Rg+vEb3Z19pue8Ixxq7cRtCtOA"
+			+ "tOP1eKXLNtTRWJutvLkQmeOa19UZ6ziIq23aWuWKSq+KKMWek2GUnGycnx5M"
+			+ "W0pn1QCg/39r9RKhY9cdKYqRcqsr9b2B/AsD/Ru24Q15Jmrsl9zZ6EC47J49"
+			+ "iNW5sLQx1qf/mgfVWQTmU2j6gq4ND1OuK7+0OP/1yMOUpkjjcqxFgTnDAAoM"
+			+ "hHDTzCv/aZzIzmMvgLsYU3aIMfbz+ojpuASMCMh+te01cEMjiPWwDtdWWOdS"
+			+ "OSyX9ylzhO3PiNDks8R83onsacYpA/9WhTcg4bvkjaj66I7wGZkm3BmTxNSb"
+			+ "pE4b5HZDh31rRYhY9tmrryCfFnU4BS2Enjj5KQe9zFv7pUBCBW2oFo8i8Osn"
+			+ "O6fa1wVN4fBHC6wqWmmpnkFerNPkiC9V75KUFIfeWHmT3r2DVSO3dfdHDERA"
+			+ "jFIAioMLjhaX6DnODF5KQv4JAwIJH6A/rzqmMGAG4e+b8Whdvp8jaTGVT4CG"
+			+ "M1b65rbiDyAuf5KTFymQBOIi9towgFzG9NXAZC07nEYSukN56tUTUDNVsAGH"
+			+ "tCZTYWkgUHVsbGFiaG90bGEgPHBzYWlAbXlqYXZhd29ybGQuY29tPrADA///"
+			+ "iQBXBBARAgAXBQJAbX1vBwsJCAcDAgoCGQEFGwMAAAAACgkQpdB/9FP325iZ"
+			+ "8ACgwrFXmDajAh+bLbDu9Iu85BSm+84AnieMHrEmi3nbes8BBb2K0+gYZ6SK"
+			+ "sAFnnQJqBEBtfW8QCAD2Qle3CH8IF3KiutapQvMF6PlTETlPtvFuuUs4INoB"
+			+ "p1ajFOmPQFXz0AfGy0OplK33TGSGSfgMg71l6RfUodNQ+PVZX9x2Uk89PY3b"
+			+ "zpnhV5JZzf24rnRPxfx2vIPFRzBhznzJZv8V+bv9kV7HAarTW56NoKVyOtQa"
+			+ "8L9GAFgr5fSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPw"
+			+ "pVsYjY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obE"
+			+ "AxnIByl6ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpMgs7"
+			+ "AAICB/0Xv+ckcNrInekFVNNVKraDlYpRcyDHEYpO85qGJVFxs7TfDSkoCQfz"
+			+ "kI5qRV97nqwxilZGXfpp2M2go7FpyKjDvgPVHmydj+G/+QFc8GTOjhQyRsA0"
+			+ "hVpnQhycun6uSRdwNVtEKJtl/wV8JjXNdup3rzRS0SBFu/UPzAUGp8y3uQuy"
+			+ "5/0WcjDq8rgNTTrPlkODblEcaazBoPJjozA0YKsoZsd/0j9Pswy6EYX+KfxR"
+			+ "TyG/y5EQ6Ox46qSUbf+ewjWEP8x1QLt/NeIxE7hG9qEuh5c65oOQxgAt0mTm"
+			+ "eY24IvVg+lsUa20jdewrtSs/8WF3w0Po2ujAKqs3qR524r64/gkDAmmp39NN"
+			+ "U2pqYHokufIOab2VpD7iQo8UjHZNwR6dpjyky9dVfIe4MA0H+t0ju8UDdWoe"
+			+ "IkRu8guWsI83mjGPbIq8lmsZOXPCA8hPuBmL0iaj8TnuotmsBjIBsAGHiQBM"
+			+ "BBgRAgAMBQJAbX1vBRsMAAAAAAoJEKXQf/RT99uYL/QAnivXK/K7ip85eUOC"
+			+ "ZW4Ky8cVajreAJ9EisIHYm/83VyCmarQvwsYczsb8rABZ5UDqARAbX2jAQgA"
+			+ "ydq8tipHt99oM9tur6VBm8sIr/e4DRCXKeA3JNqwNbRYLX+vLLZ3HvKk44KJ"
+			+ "yOc9h+Dcs/lORgAagyPEfn7HMzrF85H7z8TArXM3cDn5f89IEOViND10RUqu"
+			+ "+9zuIw6n7UrVUx/hSDxhqHbY63h4sY/QdEJeK/m+B0E2wCX+5ecEm4NhCYus"
+			+ "SeKqr/pTEkcofFmhL/mnXcKrs18oHUIkK4ldoIRNbZ2j5wOk3qvSW2QX+v4R"
+			+ "L7YvuPHKgdy9DhiismgMyUA3rGkhlDx01pNg/+czH+kNLeyFTNtT5Rg9Cut4"
+			+ "kswXWkP5hY/kxMpplOj5T+o+MMUZxp0ieE/G+HfWywARAQABCWEWL2cKQKcm"
+			+ "XFTNsWgRoOcOkKyJ/osERh2PzNWvOF6/ir1BMRsg0qhd+hEcoWHaT+7Vt12i"
+			+ "5Y2Ogm2HFrVrS5/DlV/rw0mkALp/3cR6jLOPyhmq7QGwhG27Iy++pLIksXQa"
+			+ "RTboa7ZasEWw8zTqa4w17M5Ebm8dtB9Mwl/kqU9cnIYnFXj38BWeia3iFBNG"
+			+ "PD00hqwhPUCTUAcH9qQPSqKqnFJVPe0KQWpq78zhCh1zPUIa27CE86xRBf45"
+			+ "XbJwN+LmjCuQEnSNlloXJSPTRjEpla+gWAZz90fb0uVIR1dMMRFxsuaO6aCF"
+			+ "QMN2Mu1wR/xzTzNCiQf8cVzq7YkkJD8ChJvu/4BtWp3BlU9dehAz43mbMhaw"
+			+ "Qx3NmhKR/2dv1cJy/5VmRuljuzC+MRtuIjJ+ChoTa9ubNjsT6BF5McRAnVzf"
+			+ "raZK+KVWCGA8VEZwe/K6ouYLsBr6+ekCKIkGZdM29927m9HjdFwEFjnzQlWO"
+			+ "NZCeYgDcK22v7CzobKjdo2wdC7XIOUVCzMWMl+ch1guO/Y4KVuslfeQG5X1i"
+			+ "PJqV+bwJriCx5/j3eE/aezK/vtZU6cchifmvefKvaNL34tY0Myz2bOx44tl8"
+			+ "qNcGZbkYF7xrNCutzI63xa2ruN1p3hNxicZV1FJSOje6+ITXkU5Jmufto7IJ"
+			+ "t/4Q2dQefBQ1x/d0EdX31yK6+1z9dF/k3HpcSMb5cAWa2u2g4duAmREHc3Jz"
+			+ "lHCsNgyzt5mkb6kS43B6og8Mm2SOx78dBIOA8ANzi5B6Sqk3/uN5eQFLY+sQ"
+			+ "qGxXzimyfbMjyq9DdqXThx4vlp3h/GC39KxL5MPeB0oe6P3fSP3C2ZGjsn3+"
+			+ "XcYk0Ti1cBwBOFOZ59WYuc61B0wlkiU/WGeaebABh7QuU2FuZGh5YSBQdWxs"
+			+ "YWJob3RsYSA8cHNhbmRoeWFAbXlqYXZhd29ybGQuY29tPrADA///iQEtBBAB"
+			+ "AgAXBQJAbX2jBwsJCAcDAgoCGQEFGwMAAAAACgkQx87DL9gOvoeVUwgAkQXY"
+			+ "iF0CxhKbDnuabAssnOEwJrutgCROCJRQvIwTe3fe6hQaWn2Yowt8OQtNFiR8"
+			+ "GfAY6EYxyFLKzZbAI/qtq5fHmN3eRSyNWe6d6e17hqZZL7kf2sVkyGTChHj7"
+			+ "Jiuo7vWkdqT2MJN6BW5tS9CRH7MeD839STv+4mAAO9auGvSvicP6UEQikAyC"
+			+ "y/ihoJxLQlspfbSNpi0vrUjCPT7NtWwfP0qF64i9LYkjzLqihnu+UareqOPh"
+			+ "XcWnyFKrjmg4ezQkweNU2pdvCLbcW24FhT92ivHgpLyWTswXcqjhFjVlRr0+"
+			+ "2sIz7v1k0budCsJ7PjzOoH0hJxCvsJQMlZR/e7ABZ50DqARAbX2kAQgAm5j+"
+			+ "/LO2M4pKm/VUPkYuj3eefHkzjM6nKbvRZX1Oqyf+6CJTxQskUWKAtkzzKafP"
+			+ "dS5Wg0CMqeXov+EFod4bPEYccszncKd1U8NRwacbEpCvvvB84Yl2YwdWpDpk"
+			+ "ryyyLI4PbCHkeuwx9Dc2z7t4XDB6FyAJTMAkia7nzYa/kbeUO3c2snDb/dU7"
+			+ "uyCsyKtTZyTyhTgtl/f9L03Bgh95y3mOUz0PimJ0Sg4ANczF4d04BpWkjLNV"
+			+ "Ji489ifWodPlHm1hag5drYekYpWJ+3g0uxs5AwayV9BcOkPKb1uU3EoYQw+n"
+			+ "n0Kn314Nvx2M1tKYunuVNLEm0PhA/+B8PTq8BQARAQABCXo6bD6qi3s4U8Pp"
+			+ "Uf9l3DyGuwiVPGuyb2P+sEmRFysi2AvxMe9CkF+CLCVYfZ32H3Fcr6XQ8+K8"
+			+ "ZGH6bJwijtV4QRnWDZIuhUQDS7dsbGqTh4Aw81Fm0Bz9fpufViM9RPVEysxs"
+			+ "CZRID+9jDrACthVsbq/xKomkKdBfNTK7XzGeZ/CBr9F4EPlnBWClURi9txc0"
+			+ "pz9YP5ZRy4XTFgx+jCbHgKWUIz4yNaWQqpSgkHEDrGZwstXeRaaPftcfQN+s"
+			+ "EO7OGl/Hd9XepGLez4vKSbT35CnqTwMzCK1IwUDUzyB4BYEFZ+p9TI18HQDW"
+			+ "hA0Wmf6E8pjS16m/SDXoiRY43u1jUVZFNFzz25uLFWitfRNHCLl+VfgnetZQ"
+			+ "jMFr36HGVQ65fogs3avkgvpgPwDc0z+VMj6ujTyXXgnCP/FdhzgkRFJqgmdJ"
+			+ "yOlC+wFmZJEs0MX7L/VXEXdpR27XIGYm24CC7BTFKSdlmR1qqenXHmCCg4Wp"
+			+ "00fV8+aAsnesgwPvxhCbZQVp4v4jqhVuB/rvsQu9t0rZnKdDnWeom/F3StYo"
+			+ "A025l1rrt0wRP8YS4XlslwzZBqgdhN4urnzLH0/F3X/MfjP79Efj7Zk07vOH"
+			+ "o/TPjz8lXroPTscOyXWHwtQqcMhnVsj9jvrzhZZSdUuvnT30DR7b8xcHyvAo"
+			+ "WG2cnF/pNSQX11RlyyAOlw9TOEiDJ4aLbFdkUt+qZdRKeC8mEC2xsQ87HqFR"
+			+ "pWKWABWaoUO0nxBEmvNOy97PkIeGVFNHDLlIeL++Ry03+JvuNNg4qAnwacbJ"
+			+ "TwQzWP4vJqre7Gl/9D0tVlD4Yy6Xz3qyosxdoFpeMSKHhgKVt1bk0SQP7eXA"
+			+ "C1c+eDc4gN/ZWpl+QLqdk2T9vr4wRAaK5LABh4kBIgQYAQIADAUCQG19pAUb"
+			+ "DAAAAAAKCRDHzsMv2A6+h5C6B/0QWPJb1L9a/CHU7Of3zfHvzJxnk4S5fia5"
+			+ "WBf+Ld7Y12CH+cVI/3PTXY63imIB3zLa21TNPC5cVFUJZI7hdwyJOW1R/QZa"
+			+ "vGl5sosIjORqwq8vs1oqpKWc3tRue+wt/JjCWxw8G6jQiwCzM6PltqtOAL5e"
+			+ "bJ4jZwzRmxs/RI4UYKO6EteipJA+i7OEZx0xGdL8mTl6HQx7vrJP9pM4/CtO"
+			+ "5CmjPK70e2gyoiOxx9RsSc+9H59YJCrldogCCIlNuW7cvkt8K/uYdN9GAbFG"
+			+ "RdanignRjpqSu3vTn8r/VO63+meZfKvmpI6i2b3o/UZ8Xh9lJu1vrRoNpnuP"
+			+ "Nifs+ljmsAFn");
+
+		private static readonly char[] sec2pass1 = "sandhya".ToCharArray();
+		private static readonly char[] sec2pass2 = "psai".ToCharArray();
+
+		private static readonly byte[] pub3 = Base64.Decode(
+			"mQGiBEB9BH0RBACtYQtE7tna6hgGyGLpq+ds3r2cLC0ISn5dNw7tm9vwiNVF"
+			+ "JA2N37RRrifw4PvgelRSvLaX3M3ZBqC9s1Metg3v4FSlIRtSLWCNpHSvNw7i"
+			+ "X8C2Xy9Hdlbh6Y/50o+iscojLRE14upfR1bIkcCZQGSyvGV52V2wBImUUZjV"
+			+ "s2ZngwCg7mu852vK7+euz4WaL7ERVYtq9CMEAJ5swrljerDpz/RQ4Lhp6KER"
+			+ "KyuI0PUttO57xINGshEINgYlZdGaZHRueHe7uKfI19mb0T4N3NJWaZ0wF+Cn"
+			+ "rixsq0VrTUfiwfZeGluNG73aTCeY45fVXMGTTSYXzS8T0LW100Xn/0g9HRyA"
+			+ "xUpuWo8IazxkMqHJis2uwriYKpAfA/9anvj5BS9p5pfPjp9dGM7GTMIYl5f2"
+			+ "fcP57f+AW1TVR6IZiMJAvAdeWuLtwLnJiFpGlnFz273pfl+sAuqm1yNceImR"
+			+ "2SDDP4+vtyycWy8nZhgEuhZx3W3cWMQz5WyNJSY1JJHh9TCQkCoN8E7XpVP4"
+			+ "zEPboB2GzD93mfD8JLHP+7QtVGVzdCBLZXkgKG5vIGNvbW1lbnQpIDx0ZXN0"
+			+ "QGJvdW5jeWNhc3RsZS5vcmc+iFkEExECABkFAkB9BH0ECwcDAgMVAgMDFgIB"
+			+ "Ah4BAheAAAoJEKnMV8vjZQOpSRQAnidAQswYkrXQAFcLBzhxQTknI9QMAKDR"
+			+ "ryV3l6xuCCgHST8JlxpbjcXhlLACAAPRwXPBcQEQAAEBAAAAAAAAAAAAAAAA"
+			+ "/9j/4AAQSkZJRgABAQEASABIAAD//gAXQ3JlYXRlZCB3aXRoIFRoZSBHSU1Q"
+			+ "/9sAQwAIBgYHBgUIBwcHCQkICgwUDQwLCwwZEhMPFB0aHx4dGhwcICQuJyAi"
+			+ "LCMcHCg3KSwwMTQ0NB8nOT04MjwuMzQy/9sAQwEJCQkMCwwYDQ0YMiEcITIy"
+			+ "MjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIy"
+			+ "MjIy/8AAEQgAFAAUAwEiAAIRAQMRAf/EABoAAQACAwEAAAAAAAAAAAAAAAAE"
+			+ "BQIDBgf/xAAoEAABAgUDBAEFAAAAAAAAAAABAgMABBEhMQUSQQYTIiNhFFGB"
+			+ "kcH/xAAXAQEAAwAAAAAAAAAAAAAAAAAEAgMF/8QAJBEAAQQAAwkAAAAAAAAA"
+			+ "AAAAAQACERIEIfATMTJBUZGx0fH/2gAMAwEAAhEDEQA/APMuotJlJVxstqaP"
+			+ "o22NlAUp+YsNO0qSUtBcMu6n6EtOHcfPAHHFI16++oajQtTA3DapK02HFR8U"
+			+ "pE9pTbQWtKm2WG2rlxVyQTcfGbn7Qm0OIjL77Wrs2NNm9lzTmmSxQ0PX4opS"
+			+ "prk5tmESF6syggzGwOLG6gXgHFbZhBixk8XlIDcOQLRKt+rX+3qC5ZLTQblp"
+			+ "Qlvwvxn9CMpZturVGkJHapQJphRH8hCLXbzrqpYsCx1zC5rtpJNuYQhASc0U"
+			+ "AQv/2YhcBBMRAgAcBQJAfQV+AhsDBAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCp"
+			+ "zFfL42UDqfa2AJ9hjtEeDTbTEAuuSbzhYFxN/qc0FACgsmzysdbBpuN65yK0"
+			+ "1tbEaeIMtqCwAgADuM0EQH0EfhADAKpG5Y6vGbm//xZYG08RRmdi67dZjF59"
+			+ "Eqfo43mRrliangB8qkqoqqf3za2OUbXcZUQ/ajDXUvjJAoY2b5XJURqmbtKk"
+			+ "wPRIeD2+wnKABat8wmcFhZKATX1bqjdyRRGxawADBgMAoMJKJLELdnn885oJ"
+			+ "6HDmIez++ZWTlafzfUtJkQTCRKiE0NsgSvKJr/20VdK3XUA/iy0m1nQwfzv/"
+			+ "okFuIhEPgldzH7N/NyEvtN5zOv/TpAymFKewAQ26luEu6l+lH4FsiEYEGBEC"
+			+ "AAYFAkB9BH4ACgkQqcxXy+NlA6mtMgCgtQMFBaKymktM+DQmCgy2qjW7WY0A"
+			+ "n3FaE6UZE9GMDmCIAjhI+0X9aH6CsAIAAw==");
+
+		private static readonly byte[] sec3 = Base64.Decode(
+			"lQHhBEB9BH0RBACtYQtE7tna6hgGyGLpq+ds3r2cLC0ISn5dNw7tm9vwiNVF"
+			+ "JA2N37RRrifw4PvgelRSvLaX3M3ZBqC9s1Metg3v4FSlIRtSLWCNpHSvNw7i"
+			+ "X8C2Xy9Hdlbh6Y/50o+iscojLRE14upfR1bIkcCZQGSyvGV52V2wBImUUZjV"
+			+ "s2ZngwCg7mu852vK7+euz4WaL7ERVYtq9CMEAJ5swrljerDpz/RQ4Lhp6KER"
+			+ "KyuI0PUttO57xINGshEINgYlZdGaZHRueHe7uKfI19mb0T4N3NJWaZ0wF+Cn"
+			+ "rixsq0VrTUfiwfZeGluNG73aTCeY45fVXMGTTSYXzS8T0LW100Xn/0g9HRyA"
+			+ "xUpuWo8IazxkMqHJis2uwriYKpAfA/9anvj5BS9p5pfPjp9dGM7GTMIYl5f2"
+			+ "fcP57f+AW1TVR6IZiMJAvAdeWuLtwLnJiFpGlnFz273pfl+sAuqm1yNceImR"
+			+ "2SDDP4+vtyycWy8nZhgEuhZx3W3cWMQz5WyNJSY1JJHh9TCQkCoN8E7XpVP4"
+			+ "zEPboB2GzD93mfD8JLHP+/4DAwIvYrn+YqRaaGAu19XUj895g/GROyP8WEaU"
+			+ "Bd/JNqWc4kE/0guetGnPzq7G3bLVwiKfFd4X7BrgHAo3mrQtVGVzdCBLZXkg"
+			+ "KG5vIGNvbW1lbnQpIDx0ZXN0QGJvdW5jeWNhc3RsZS5vcmc+iFkEExECABkF"
+			+ "AkB9BH0ECwcDAgMVAgMDFgIBAh4BAheAAAoJEKnMV8vjZQOpSRQAoKZy6YS1"
+			+ "irF5/Q3JlWiwbkN6dEuLAJ9lldRLOlXsuQ5JW1+SLEc6K9ho4rACAADRwXPB"
+			+ "cQEQAAEBAAAAAAAAAAAAAAAA/9j/4AAQSkZJRgABAQEASABIAAD//gAXQ3Jl"
+			+ "YXRlZCB3aXRoIFRoZSBHSU1Q/9sAQwAIBgYHBgUIBwcHCQkICgwUDQwLCwwZ"
+			+ "EhMPFB0aHx4dGhwcICQuJyAiLCMcHCg3KSwwMTQ0NB8nOT04MjwuMzQy/9sA"
+			+ "QwEJCQkMCwwYDQ0YMiEcITIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIy"
+			+ "MjIyMjIyMjIyMjIyMjIyMjIyMjIy/8AAEQgAFAAUAwEiAAIRAQMRAf/EABoA"
+			+ "AQACAwEAAAAAAAAAAAAAAAAEBQIDBgf/xAAoEAABAgUDBAEFAAAAAAAAAAAB"
+			+ "AgMABBEhMQUSQQYTIiNhFFGBkcH/xAAXAQEAAwAAAAAAAAAAAAAAAAAEAgMF"
+			+ "/8QAJBEAAQQAAwkAAAAAAAAAAAAAAQACERIEIfATMTJBUZGx0fH/2gAMAwEA"
+			+ "AhEDEQA/APMuotJlJVxstqaPo22NlAUp+YsNO0qSUtBcMu6n6EtOHcfPAHHF"
+			+ "I16++oajQtTA3DapK02HFR8UpE9pTbQWtKm2WG2rlxVyQTcfGbn7Qm0OIjL7"
+			+ "7Wrs2NNm9lzTmmSxQ0PX4opSprk5tmESF6syggzGwOLG6gXgHFbZhBixk8Xl"
+			+ "IDcOQLRKt+rX+3qC5ZLTQblpQlvwvxn9CMpZturVGkJHapQJphRH8hCLXbzr"
+			+ "qpYsCx1zC5rtpJNuYQhASc0UAQv/2YhcBBMRAgAcBQJAfQV+AhsDBAsHAwID"
+			+ "FQIDAxYCAQIeAQIXgAAKCRCpzFfL42UDqfa2AJ9hjtEeDTbTEAuuSbzhYFxN"
+			+ "/qc0FACgsmzysdbBpuN65yK01tbEaeIMtqCwAgAAnQEUBEB9BH4QAwCqRuWO"
+			+ "rxm5v/8WWBtPEUZnYuu3WYxefRKn6ON5ka5Ymp4AfKpKqKqn982tjlG13GVE"
+			+ "P2ow11L4yQKGNm+VyVEapm7SpMD0SHg9vsJygAWrfMJnBYWSgE19W6o3ckUR"
+			+ "sWsAAwYDAKDCSiSxC3Z5/POaCehw5iHs/vmVk5Wn831LSZEEwkSohNDbIEry"
+			+ "ia/9tFXSt11AP4stJtZ0MH87/6JBbiIRD4JXcx+zfzchL7Teczr/06QMphSn"
+			+ "sAENupbhLupfpR+BbP4DAwIvYrn+YqRaaGBjvFK1fbxCt7ZM4I2W/3BC0lCX"
+			+ "m/NypKNspGflec8u96uUlA0fNCnxm6f9nbB0jpvoKi0g4iqAf+P2iEYEGBEC"
+			+ "AAYFAkB9BH4ACgkQqcxXy+NlA6mtMgCgvccZA/Sg7BXVpxli47SYhxSHoM4A"
+			+ "oNCOMplSnYTuh5ikKeBWtz36gC1psAIAAA==");
+
+		private static readonly char[] sec3pass1 = "123456".ToCharArray();
+
+		//
+		// GPG comment packets.
+		//
+		private static readonly byte[] sec4 = Base64.Decode(
+			"lQG7BD0PbK8RBAC0cW4Y2MZXmAmqYp5Txyw0kSQsFvwZKHNMFRv996IsN57URVF5"
+			+ "BGMVPRBi9dNucWbjiSYpiYN13wE9IuLZsvVaQojV4XWGRDc+Rxz9ElsXnsYQ3mZU"
+			+ "7H1bNQEofstChk4z+dlvPBN4GFahrIzn/CeVUn6Ut7dVdYbiTqviANqNXwCglfVA"
+			+ "2OEePvqFnGxs1jhJyPSOnTED/RwRvsLH/k43mk6UEvOyN1RIpBXN+Ieqs7h1gFrQ"
+			+ "kB+WMgeP5ZUsotTffVDSUS9UMxRQggVUW1Xml0geGwQsNfkr/ztWMs/T4xp1v5j+"
+			+ "QyJx6OqNlkGdqOsoqkzJx0SQ1zBxdinFyyC4H95SDAb/RQOu5LQmxFG7quexztMs"
+			+ "infEA/9cVc9+qCo92yRAaXRqKNVVQIQuPxeUsGMyVeJQvJBD4An8KTMCdjpF10Cp"
+			+ "qA3t+n1S0zKr5WRUtvS6y60MOONO+EJWVWBNkx8HJDaIMNkfoqQoz3Krn7w6FE/v"
+			+ "/5uwMd6jY3N3yJZn5nDZT9Yzv9Nx3j+BrY+henRlSU0c6xDc9QAAnjJYg0Z83VJG"
+			+ "6HrBcgc4+4K6lHulCqH9JiM6RFNBX2ZhY3RvcjoAAK9hV206agp99GI6x5qE9+pU"
+			+ "vs6O+Ich/SYjOkRTQV9mYWN0b3I6AACvYAfGn2FGrpBYbjnpTuFOHJMS/T5xg/0m"
+			+ "IzpEU0FfZmFjdG9yOgAAr0dAQz6XxMwxWIn8xIZR/v2iN2L9C6O0EkZvbyBCYXIg"
+			+ "PGJhekBxdXV4PohXBBMRAgAXBQI9D2yvBQsHCgMEAxUDAgMWAgECF4AACgkQUGLI"
+			+ "YCIktfoGogCfZiXMJUKrScqozv5tMwzTTk2AaT8AniM5iRr0Du/Y08SL/NMhtF6H"
+			+ "hJ89nO4EPQ9ssRADAI6Ggxj6ZBfoavuXd/ye99osW8HsNlbqhXObu5mCMNySX2wa"
+			+ "HoWyRUEaUkI9eQw+MlHzIwzA32E7y2mU3OQBKdgLcBg4jxtcWVEg8ESKF9MpFXxl"
+			+ "pExxWrr4DFBfCRcsTwAFEQL9G3OvwJuEZXgx2JSS41D3pG4/qiHYICVa0u3p/14i"
+			+ "cq0kXajIk5ZJ6frCIAHIzuQ3n7jjzr05yR8s/qCrNbBA+nlkVNa/samk+jCzxxxa"
+			+ "cR/Dbh2wkvTFuDFFETwQYLuZAADcDck4YGQAmHivVT2NNDCf/aTz0+CJWl+xRc2l"
+			+ "Qw7D/SQjOkVMR19mYWN0b3I6AACbBnv9m5/bb/pjYAm2PtDp0CysQ9X9JCM6RUxH"
+			+ "X2ZhY3RvcjoAAJsFyHnSmaWguTFf6lJ/j39LtUNtmf0kIzpFTEdfZmFjdG9yOgAA"
+			+ "mwfwMD3LxmWtuCWBE9BptWMNH07Z/SQjOkVMR19mYWN0b3I6AACbBdhBrbSiM4UN"
+			+ "y7khDW2Sk0e4v9mIRgQYEQIABgUCPQ9ssQAKCRBQYshgIiS1+jCMAJ9txwHnb1Kl"
+			+ "6i/fSoDs8SkdM7w48wCdFvPEV0sSxE73073YhBgPZtMWbBo=");
+
+		//
+		// PGP freeware version 7
+		//
+		private static readonly byte[] pub5 = Base64.Decode(
+			"mQENBEBrBE4BCACjXVcNIFDQSofaIyZnALb2CRg+WY9uUqgHEEAOlPe03Cs5STM5"
+			+ "HDlNmrh4TdFceJ46rxk1mQOjULES1YfHay8lCIzrD7FX4oj0r4DC14Fs1vXaSar2"
+			+ "1szIpttOw3obL4A1e0p6N4jjsoG7N/pA0fEL0lSw92SoBrMbAheXRg4qNTZvdjOR"
+			+ "grcuOuwgJRvPLtRXlhyLBoyhkd5mmrIDGv8QHJ/UjpeIcRXY9kn9oGXnEYcRbMaU"
+			+ "VwXB4pLzWqz3ZejFI3lOxRWjm760puPOnGYlzSVBxlt2LgzUgSj1Mn+lIpWmAzsa"
+			+ "xEiU4xUwEomQns72yYRZ6D3euNCibcte4SeXABEBAAG0KXBhbGFzaCBrYXNvZGhh"
+			+ "biA8cGthc29kaGFuQHRpYWEtY3JlZi5vcmc+iQEuBBABAgAYBQJAawROCAsBAwkI"
+			+ "BwIKAhkBBRsDAAAAAAoJEOfelumuiOrYqPEH+wYrdP5Tq5j+E5yN1pyCg1rwbSOt"
+			+ "Dka0y0p7Oq/VIGLk692IWPItLEunnBXQtGBcWqklrvogvlhxtf16FgoyScfLJx1e"
+			+ "1cJa+QQnVuH+VOESN6iS9Gp9lUfVOHv74mEMXw0l2Djfy/lnrkAMBatggyGnF9xF"
+			+ "VXOLk1J2WVFm9KUE23o6qdB7RGkf31pN2eA7SWmkdJSkUH7o/QSFBI+UTRZ/IY5P"
+			+ "ZIJpsdiIOqd9YMG/4RoSZuPqNRR6x7BSs8nQVR9bYs4PPlp4GfdRnOcRonoTeJCZ"
+			+ "83RnsraWJnJTg34gRLBcqumhTuFKc8nuCNK98D6zkQESdcHLLTquCOaF5L+5AQ0E"
+			+ "QGsETwEIAOVwNCTaDZvW4dowPbET1bI5UeYY8rAGLYsWSUfgaFv2srMiApyBVltf"
+			+ "i6OLcPjcUCHDBjCv4pwx/C4qcHWb8av4xQIpqQXOpO9NxYE1eZnel/QB7DtH12ZO"
+			+ "nrDNmHtaXlulcKNGe1i1utlFhgzfFx6rWkRL0ENmkTkaQmPY4gTGymJTUhBbsSRq"
+			+ "2ivWqQA1TPwBuda73UgslIAHRd/SUaxjXoLpMbGOTeqzcKGjr5XMPTs7/YgBpWPP"
+			+ "UxMlEQIiU3ia1bxpEhx05k97ceK6TSH2oCPQA7gumjxOSjKT+jEm+8jACVzymEmc"
+			+ "XRy4D5Ztqkw/Z16pvNcu1DI5m6xHwr8AEQEAAYkBIgQYAQIADAUCQGsETwUbDAAA"
+			+ "AAAKCRDn3pbprojq2EynB/4/cEOtKbI5UisUd3vkTzvWOcqWUqGqi5wjjioNtIM5"
+			+ "pur2nFvhQE7SZ+PbAa87HRJU/4WcWMcoLkHD48JrQwHCHOLHSV5muYowb78X4Yh9"
+			+ "epYtSJ0uUahcn4Gp48p4BkhgsPYXkxEImSYzAOWStv21/7WEMqItMYl89BV6Upm8"
+			+ "HyTJx5MPTDbMR7X51hRg3OeQs6po3WTCWRzFIMyGm1rd/VK1L5ZDFPqO3S6YUJ0z"
+			+ "cxecYruvfK0Wp7q834wE8Zkl/PQ3NhfEPL1ZiLr/L00Ty+77/FZqt8SHRCICzOfP"
+			+ "OawcVGI+xHVXW6lijMpB5VaVIH8i2KdBMHXHtduIkPr9");
+
+		private static readonly byte[] sec5 = Base64.Decode(
+			"lQOgBEBrBE4BCACjXVcNIFDQSofaIyZnALb2CRg+WY9uUqgHEEAOlPe03Cs5STM5"
+			+ "HDlNmrh4TdFceJ46rxk1mQOjULES1YfHay8lCIzrD7FX4oj0r4DC14Fs1vXaSar2"
+			+ "1szIpttOw3obL4A1e0p6N4jjsoG7N/pA0fEL0lSw92SoBrMbAheXRg4qNTZvdjOR"
+			+ "grcuOuwgJRvPLtRXlhyLBoyhkd5mmrIDGv8QHJ/UjpeIcRXY9kn9oGXnEYcRbMaU"
+			+ "VwXB4pLzWqz3ZejFI3lOxRWjm760puPOnGYlzSVBxlt2LgzUgSj1Mn+lIpWmAzsa"
+			+ "xEiU4xUwEomQns72yYRZ6D3euNCibcte4SeXABEBAAEB8wqP7JkKN6oMNi1xJNqU"
+			+ "vvt0OV4CCnrIFiOPCjebjH/NC4T/9pJ6BYSjYdo3VEPNhPhRS9U3071Kqbdt35J5"
+			+ "kmzMq1yNStC1jkxHRCNTMsb1yIEY1v+fv8/Cy+tBpvAYiJKaox8jW3ppi9vTHZjW"
+			+ "tYYq0kwAVojMovz1O3wW/pEF69UPBmPYsze+AHA1UucYYqdWO8U2tsdFJET/hYpe"
+			+ "o7ppHJJCdqWzeiE1vDUrih9pP3MPpzcRS/gU7HRDb5HbfP7ghSLzByEa+2mvg5eK"
+			+ "eLwNAx2OUtrVg9rJswXX7DOLa1nKPhdGrSV/qwuK4rBdaqJ/OvszVJ0Vln0T/aus"
+			+ "it1PAuVROLUPqTVVN8/zkMenFbf5vtryC3GQYXvvZq+l3a4EXwrR/1pqrTfnfOuD"
+			+ "GwlFhRJAqPfthxZS68/xC8qAmTtkl7j4nscNM9kSoZ3BFwSyD9B/vYHPWGlqnpGF"
+			+ "k/hBXuIgl07KIeNIyEC3f1eRyaiMFqEz5yXbbTfEKirSVpHM/mpeKxG8w96aK3Je"
+			+ "AV0X6ZkC4oLTp6HCG2TITUIeNxCh2rX3fhr9HvBDXBbMHgYlIcLwzNkwDX74cz/7"
+			+ "nIclcubaWjEkDHP20XFicuChFc9zx6kBYuYy170snltTBgTWSuRH15W4NQqrLo37"
+			+ "zyzZQubX7CObgQJu4ahquiOg4SWl6uEI7+36U0SED7sZzw8ns1LxrwOWbXuHie1i"
+			+ "xCvsJ4RpJJ03iEdNdUIb77qf6AriqE92tXzcVXToBv5S2K5LdFYNJ1rWdwaKJRkt"
+			+ "kmjCL67KM9WT/IagsUyU+57ao3COtqw9VWZi6ev+ubM6fIV0ZK46NEggOLph1hi2"
+			+ "gZ9ew9uVuruYg7lG2Ku82N0fjrQpcGFsYXNoIGthc29kaGFuIDxwa2Fzb2RoYW5A"
+			+ "dGlhYS1jcmVmLm9yZz6dA6AEQGsETwEIAOVwNCTaDZvW4dowPbET1bI5UeYY8rAG"
+			+ "LYsWSUfgaFv2srMiApyBVltfi6OLcPjcUCHDBjCv4pwx/C4qcHWb8av4xQIpqQXO"
+			+ "pO9NxYE1eZnel/QB7DtH12ZOnrDNmHtaXlulcKNGe1i1utlFhgzfFx6rWkRL0ENm"
+			+ "kTkaQmPY4gTGymJTUhBbsSRq2ivWqQA1TPwBuda73UgslIAHRd/SUaxjXoLpMbGO"
+			+ "TeqzcKGjr5XMPTs7/YgBpWPPUxMlEQIiU3ia1bxpEhx05k97ceK6TSH2oCPQA7gu"
+			+ "mjxOSjKT+jEm+8jACVzymEmcXRy4D5Ztqkw/Z16pvNcu1DI5m6xHwr8AEQEAAQF7"
+			+ "osMrvQieBAJFYY+x9jKPVclm+pVaMaIcHKwCTv6yUZMqbHNRTfwdCVKTdAzdlh5d"
+			+ "zJNXXRu8eNwOcfnG3WrWAy59cYE389hA0pQPOh7iL2V1nITf1qdLru1HJqqLC+dy"
+			+ "E5GtkNcgvQYbv7ACjQacscvnyBioYC6TATtPnHipMO0S1sXEnmUugNlW88pDln4y"
+			+ "VxCtQXMBjuqMt0bURqmb+RoYhHhoCibo6sexxSnbEAPHBaW1b1Rm7l4UBSW6S5U0"
+			+ "MXURE60IHfP1TBe1l/xOIxOi8qdBQCyaFW2up00EhRBy/WOO6KAYXQrRRpOs9TBq"
+			+ "ic2wquwZePmErTbIttnnBcAKmpodrM/JBkn/we5fVg+FDTP8sM/Ubv0ZuM70aWmF"
+			+ "v0/ZKbkCkh2YORLWl5+HR/RKShdkmmFgZZ5uzbOGxxEGKhw+Q3+QFUF7PmYOnOtv"
+			+ "s9PZE3dV7ovRDoXIjfniD1+8sLUWwW5d+3NHAQnCHJrLnPx4sTHx6C0yWMcyZk6V"
+			+ "fNHpLK4xDTbgoTmxJa/4l+wa0iD69h9K/Nxw/6+X/GEM5w3d/vjlK1Da6urN9myc"
+			+ "GMsfiIll5DNIWdLLxCBPFmhJy653CICQLY5xkycWB7JOZUBTOEVrYr0AbBZSTkuB"
+			+ "fq5p9MfH4N51M5TWnwlJnqEiGnpaK+VDeP8GniwCidTYyiocNPvghvWIzG8QGWMY"
+			+ "PFncRpjFxmcY4XScYYpyRme4qyPbJhbZcgGpfeLvFKBPmNxVKJ2nXTdx6O6EbHDj"
+			+ "XctWqNd1EQas7rUN728u7bk8G7m37MGqQuKCpNvOScH4TnPROBY8get0G3bC4mWz"
+			+ "6emPeENnuyElfWQiHEtCZr1InjnNbb/C97O+vWu9PfsE");
+
+		private static readonly char[] sec5pass1 = "12345678".ToCharArray();
+
+		//
+		// Werner Koch "odd keys"
+		//
+		private static readonly byte[] pub6 = Base64.Decode(
+			"mQGiBDWiHh4RBAD+l0rg5p9rW4M3sKvmeyzhs2mDxhRKDTVVUnTwpMIR2kIA9pT4"
+			+ "3No/coPajDvhZTaDM/vSz25IZDZWJ7gEu86RpoEdtr/eK8GuDcgsWvFs5+YpCDwW"
+			+ "G2dx39ME7DN+SRvEE1xUm4E9G2Nnd2UNtLgg82wgi/ZK4Ih9CYDyo0a9awCgisn3"
+			+ "RvZ/MREJmQq1+SjJgDx+c2sEAOEnxGYisqIKcOTdPOTTie7o7x+nem2uac7uOW68"
+			+ "N+wRWxhGPIxsOdueMIa7U94Wg/Ydn4f2WngJpBvKNaHYmW8j1Q5zvZXXpIWRXSvy"
+			+ "TR641BceGHNdYiR/PiDBJsGQ3ac7n7pwhV4qex3IViRDJWz5Dzr88x+Oju63KtxY"
+			+ "urUIBACi7d1rUlHr4ok7iBRlWHYXU2hpUIQ8C+UOE1XXT+HB7mZLSRONQnWMyXnq"
+			+ "bAAW+EUUX2xpb54CevAg4eOilt0es8GZMmU6c0wdUsnMWWqOKHBFFlDIvyI27aZ9"
+			+ "quf0yvby63kFCanQKc0QnqGXQKzuXbFqBYW2UQrYgjXji8rd8bQnV2VybmVyIEtv"
+			+ "Y2ggKGdudXBnIHNpZykgPGRkOWpuQGdudS5vcmc+iGUEExECAB0FAjZVoKYFCQht"
+			+ "DIgDCwQDBRUDAgYBAxYCAQIXgAASCRBot6uJV1SNzQdlR1BHAAEBLj4AoId15gcy"
+			+ "YpBX2YLtEQTlXPp3mtEGAJ9UxzJE/t3EHCHK2bAIOkBwIW8ItIkBXwMFEDWiHkMD"
+			+ "bxG4/z6qCxADYzIFHR6I9Si9gzPQNRcFs2znrTp5pV5Mk6f1aqRgZxL3E4qUZ3xe"
+			+ "PQhwAo3fSy3kCwLmFGqvzautSMHn8K5V1u+T5CSHqLFYKqj5FGtuB/xwoKDXH6UO"
+			+ "P0+l5IP8H1RTjme3Fhqahec+zPG3NT57vc2Ru2t6PmuAwry2BMuSFMBs7wzXkyC3"
+			+ "DbI54MV+IKPjHMORivK8uI8jmna9hdNVyBifCk1GcxkHBSCFvU8xJePsA/Q//zCe"
+			+ "lvrnrIiMfY4CQTmKzke9MSzbAZQIRddgrGAsiX1tE8Z3YMd8lDpuujHLVEdWZo6s"
+			+ "54OJuynHrtFFObdapu0uIrT+dEXSASMUbEuNCLL3aCnrEtGJCwxB2TPQvCCvR2BK"
+			+ "zol6MGWxA+nmddeQib2r+GXoKXLdnHcpsAjA7lkXk3IFyJ7MLFK6uDrjGbGJs2FK"
+			+ "SduUjS/Ib4hGBBARAgAGBQI1oic8AAoJEGx+4bhiHMATftYAn1fOaKDUOt+dS38r"
+			+ "B+CJ2Q+iElWJAKDRPpp8q5GylbM8DPlMpClWN3TYqYhGBBARAgAGBQI27U5sAAoJ"
+			+ "EF3iSZZbA1iiarYAn35qU3ZOlVECELE/3V6q98Q30eAaAKCtO+lacH0Qq1E6v4BP"
+			+ "/9y6MoLIhohiBBMRAgAiAhsDBAsHAwIDFQIDAxYCAQIeAQIXgAUCP+mCaQUJDDMj"
+			+ "ywAKCRBot6uJV1SNzaLvAJwLsPV1yfc2D+yT+2W11H/ftNMDvwCbBweORhCb/O/E"
+			+ "Okg2UTXJBR4ekoCIXQQTEQIAHQMLBAMFFQMCBgEDFgIBAheABQI/6YJzBQkMMyPL"
+			+ "AAoJEGi3q4lXVI3NgroAn2Z+4KgVo2nzW72TgCJwkAP0cOc2AJ0ZMilsOWmxmEG6"
+			+ "B4sHMLkB4ir4GIhdBBMRAgAdAwsEAwUVAwIGAQMWAgECF4AFAj/pgnMFCQwzI8sA"
+			+ "CgkQaLeriVdUjc2CugCfRrOIfllp3mSmGpHgIxvg5V8vtMcAn0BvKVehOn+12Yvn"
+			+ "9BCHfg34jUZbiF0EExECAB0DCwQDBRUDAgYBAxYCAQIXgAUCP+mCcwUJDDMjywAK"
+			+ "CRBot6uJV1SNzYK6AJ9x7R+daNIjkieNW6lJeVUIoj1UHgCeLZm025uULML/5DFs"
+			+ "4tUvXs8n9XiZAaIENaIg8xEEALYPe0XNsPjx+inTQ+Izz527ZJnoc6BhWik/4a2b"
+			+ "ZYENSOQXAMKTDQMv2lLeI0i6ceB967MNubhHeVdNeOWYHFSM1UGRfhmZERISho3b"
+			+ "p+wVZvVG8GBVwpw34PJjgYU/0tDwnJaJ8BzX6j0ecTSTjQPnaUEtdJ/u/gmG9j02"
+			+ "18TzAKDihdNoKJEU9IKUiSjdGomSuem/VwQArHfaucSiDmY8+zyZbVLLnK6UJMqt"
+			+ "sIv1LvAg20xwXoUk2bY8H3tXL4UZ8YcoSXYozwALq3cIo5UZJ0q9Of71mI8WLK2i"
+			+ "FSYVplpTX0WMClAdkGt3HgVb7xtOhGt1mEKeRQjNZ2LteUQrRDD9MTQ+XxcvEN0I"
+			+ "pAj4kBJe9bR6HzAD/iecCmGwSlHUZZrgqWzv78o79XxDdcuLdl4i2fL7kwEOf9js"
+			+ "De7hGs27yrdJEmAG9QF9TOF9LJFmE1CqkgW+EpKxsY01Wjm0BFJB1R7iPUaUtFRZ"
+			+ "xYqfgXarmPjql2iBi+cVjLzGu+4BSojVAPgP/hhcnIowf4M4edPiICMP1GVjtCFX"
+			+ "ZXJuZXIgS29jaCA8d2VybmVyLmtvY2hAZ3V1Zy5kZT6IYwQTEQIAGwUCNs8JNwUJ"
+			+ "CCCxRAMLCgMDFQMCAxYCAQIXgAASCRBsfuG4YhzAEwdlR1BHAAEBaSAAn3YkpT5h"
+			+ "xgehGFfnX7izd+c8jI0SAJ9qJZ6jJvXnGB07p60aIPYxgJbLmYkAdQMFEDWjdxQd"
+			+ "GfTBDJhXpQEBPfMC/0cxo+4xYVAplFO0nIYyjQgP7D8O0ufzPsIwF3kvb7b5FNNj"
+			+ "fp+DAhN6G0HOIgkL3GsWtCfH5UHali+mtNFIKDpTtr+F/lPpZP3OPzzsLZS4hYTq"
+			+ "mMs1O/ACq8axKgAilYkBXwMFEDWiJw4DbxG4/z6qCxADB9wFH0i6mmn6rWYKFepJ"
+			+ "hXyhE4wWqRPJAnvfoiWUntDp4aIQys6lORigVXIWo4k4SK/FH59YnzF7578qrTZW"
+			+ "/RcA0bIqJqzqaqsOdTYEFa49cCjvLnBW4OebJlLTUs/nnmU0FWKW8OwwL+pCu8d7"
+			+ "fLSSnggBsrUQwbepuw0cJoctFPAz5T1nQJieQKVsHaCNwL2du0XefOgF5ujB1jK1"
+			+ "q3p4UysF9hEcBR9ltE3THr+iv4jtZXmC1P4at9W5LFWsYuwr0U3yJcaKSKp0v/wG"
+			+ "EWe2J/gFQZ0hB1+35RrCZPgiWsEv87CHaG6XtQ+3HhirBCJsYhmOikVKoEan6PhU"
+			+ "VR1qlXEytpAt389TBnvyceAX8hcHOE3diuGvILEgYes3gw3s5ZmM7bUX3jm2BrX8"
+			+ "WchexUFUQIuKW2cL379MFXR8TbxpVxrsRYE/4jHZBYhGBBARAgAGBQI27U4LAAoJ"
+			+ "EF3iSZZbA1iifJoAoLEsGy16hV/CfmDku6D1CBUIxXvpAJ9GBApdC/3OXig7sBrV"
+			+ "CWOb3MQzcLkBjQQ2zwcIEAYA9zWEKm5eZpMMBRsipL0IUeSKEyeKUjABX4vYNurl"
+			+ "44+2h6Y8rHn7rG1l/PNj39UJXBkLFj1jk8Q32v+3BQDjvwv8U5e/kTgGlf7hH3WS"
+			+ "W38RkZw18OXYCvnoWkYneIuDj6/HH2bVNXmTac05RkBUPUv4yhqlaFpkVcswKGuE"
+			+ "NRxujv/UWvVF+/2P8uSQgkmGp/cbwfMTkC8JBVLLBRrJhl1uap2JjZuSVklUUBez"
+			+ "Vf3NJMagVzx47HPqLVl4yr4bAAMGBf9PujlH5I5OUnvZpz+DXbV/WQVfV1tGRCra"
+			+ "kIj3mpN6GnUDF1LAbe6vayUUJ+LxkM1SqQVcmuy/maHXJ+qrvNLlPqUZPmU5cINl"
+			+ "sA7bCo1ljVUp54J1y8PZUx6HxfEl/LzLVkr+ITWnyqeiRikDecUf4kix2teTlx6I"
+			+ "3ecqT5oNqZSRXWwnN4SbkXtAd7rSgEptUYhQXgSEarp1pXJ4J4rgqFa49jKISDJq"
+			+ "rn/ElltHe5Fx1bpfkCIYlYk45Cga9bOIVAQYEQIADAUCNs8HCAUJBvPJAAASCRBs"
+			+ "fuG4YhzAEwdlR1BHAAEBeRUAoIGpCDmMy195TatlloHAJEjZu5KaAJwOvW989hOb"
+			+ "8cg924YIFVA1+4/Ia7kBjQQ1oiE8FAYAkQmAlOXixb8wra83rE1i7LCENLzlvBZW"
+			+ "KBXN4ONelZAnnkOm7IqRjMhtKRJN75zqVyKUaUwDKjpf9J5K2t75mSxBtnbNRqL3"
+			+ "XodjHK93OcAUkz3ci7iuC/b24JI2q4XeQG/v4YR1VodM0zEQ1IC0JCq4Pl39QZyX"
+			+ "JdZCrUFvMcXq5ruNSldztBqTFFUiFbkw1Fug/ZyXJve2FVcbsRXFrB7EEuy+iiU/"
+			+ "kZ/NViKk0L4T6KRHVsEiriNlCiibW19fAAMFBf9Tbv67KFMDrLqQan/0oSSodjDQ"
+			+ "KDGqtoh7KQYIKPXqfqT8ced9yd5MLFwPKf3t7AWG1ucW2x118ANYkPSU122UTndP"
+			+ "sax0cY4XkaHxaNwpNFCotGQ0URShxKNpcqbdfvy+1d8ppEavgOyxnV1JOkLjZJLw"
+			+ "K8bgxFdbPWcsJJnjuuH3Pwz87CzTgOSYQxMPnIwQcx5buZIV5NeELJtcbbd3RVua"
+			+ "K/GQht8QJpuXSji8Nl1FihYDjACR8TaRlAh50GmIRgQoEQIABgUCOCv7gwAKCRBs"
+			+ "fuG4YhzAE9hTAJ9cRHu+7q2hkxpFfnok4mRisofCTgCgzoPjNIuYiiV6+wLB5o11"
+			+ "7MNWPZCIVAQYEQIADAUCNaIhPAUJB4TOAAASCRBsfuG4YhzAEwdlR1BHAAEBDfUA"
+			+ "oLstR8cg5QtHwSQ3nFCOKEREUFIwAKDID3K3hM+b6jW1o+tNX9dnjb+YMZkAbQIw"
+			+ "bYOUAAABAwC7ltmO5vdKssohwzXEZeYvDW2ll3CYD2I+ruiNq0ybxkfFBopq9cxt"
+			+ "a0OvVML4LK/TH+60f/Fqx9wg2yk9APXyaomdLrXfWyfZ91YtNCfj3ElC4XB4qqm0"
+			+ "HRn0wQyYV6UABRG0IVdlcm5lciBLb2NoIDx3ZXJuZXIua29jaEBndXVnLmRlPokA"
+			+ "lQMFEDRfoOmOB31Gi6BmjQEBzwgD/2fHcdDXuRRY+SHvIVESweijstB+2/sVRp+F"
+			+ "CDjR74Kg576sJHfTJCxtSSmzpaVpelb5z4URGJ/Byi5L9AU7hC75S1ZnJ+MjBT6V"
+			+ "ePyk/r0uBrMkU/lMG7lk/y2By3Hll+edjzJsdwn6aoNPiyen4Ch4UGTEguxYsLq0"
+			+ "HES/UvojiQEVAwUTNECE2gnp+QqKck5FAQH+1Af/QMlYPlLG+5E19qP6AilKQUzN"
+			+ "kd1TWMenXTS66hGIVwkLVQDi6RCimhnLMq/F7ENA8bSbyyMuncaBz5dH4kjfiDp1"
+			+ "o64LULcTmN1LW9ctpTAIeLLJZnwxoJLkUbLUYKADKqIBXHMt2B0zRmhFOqEjRN+P"
+			+ "hI7XCcHeHWHiDeUB58QKMyeoJ/QG/7zLwnNgDN2PVqq2E72C3ye5FOkYLcHfWKyB"
+			+ "Rrn6BdUphAB0LxZujSGk8ohZFbia+zxpWdE8xSBhZbjVGlwLurmS2UTjjxByBNih"
+			+ "eUD6IC3u5P6psld0OfqnpriZofP0CBP2oTk65r529f/1lsy2kfWrVPYIFJXEnIkA"
+			+ "lQMFEDQyneGkWMS9SnJfMQEBMBMD/1ADuhhuY9kyN7Oj6DPrDt5SpPQDGS0Jtw3y"
+			+ "uIPoed+xyzlrEuL2HeaOj1O9urpn8XLN7V21ajkzlqsxnGkOuifbE9UT67o2b2vC"
+			+ "ldCcY4nV5n+U1snMDwNv+RkcEgNa8ANiWkm03UItd7/FpHDQP0FIgbPEPwRoBN87"
+			+ "I4gaebfRiQCVAwUQNDUSwxRNm5Suj3z1AQGMTAP/UaXXMhPzcjjLxBW0AccTdHUt"
+			+ "Li+K+rS5PNxxef2nnasEhCdK4GkM9nwJgsP0EZxCG3ZSAIlWIgQ3MK3ZAV1Au5pL"
+			+ "KolRjFyEZF420wAtiE7V+4lw3FCqNoXDJEFC3BW431kx1wAhDk9VaIHHadYcof4d"
+			+ "dmMLQOW2cJ7LDEEBW/WJAJUDBRA0M/VQImbGhU33abUBARcoA/9eerDBZGPCuGyE"
+			+ "mQBcr24KPJHWv/EZIKl5DM/Ynz1YZZbzLcvEFww34mvY0jCfoVcCKIeFFBMKiSKr"
+			+ "OMtoVC6cQMKpmhE9hYRStw4E0bcf0BD/stepdVtpwRnG8SDP2ZbmtgyjYT/7T4Yt"
+			+ "6/0f6N/0NC7E9qfq4ZlpU3uCGGu/44kAlQMFEDQz8kp2sPVxuCQEdQEBc5YD/Rix"
+			+ "vFcLTO1HznbblrO0WMzQc+R4qQ50CmCpWcFMwvVeQHo/bxoxGggNMmuVT0bqf7Mo"
+			+ "lZDSJNS96IAN32uf25tYHgERnQaMhmi1aSHvRDh4jxFu8gGVgL6lWit/vBDW/BiF"
+			+ "BCH6sZJJrGSuSdpecTtaWC8OJGDoKTO9PqAA/HQRiQB1AwUQNDJSx011eFs7VOAZ"
+			+ "AQGdKQL/ea3qD2OP3wVTzXvfjQL1CosX4wyKusBBhdt9u2vOT+KWkiRk1o35nIOG"
+			+ "uZLHtSFQDY8CVDOkqg6g4sVbOcTl8QUwHA+A4AVDInwTm1m4Bk4oeCIwk4Bp6mDd"
+			+ "W11g28k/iQEVAgUSNDIWPm/Y4wPDeaMxAQGvBQgAqGhzA/21K7oL/L5S5Xz//eO7"
+			+ "J8hgvqqGXWd13drNy3bHbKPn7TxilkA3ca24st+6YPZDdSUHLMCqg16YOMyQF8gE"
+			+ "kX7ZHWPacVoUpCmSz1uQ3p6W3+u5UCkRpgQN8wBbJx5ZpBBqeq5q/31okaoNjzA2"
+			+ "ghEWyR5Ll+U0C87MY7pc7PlNHGCr0ZNOhhtf1jU+H9ag5UyT6exIYim3QqWYruiC"
+			+ "LSUcim0l3wK7LMW1w/7Q6cWfAFQvl3rGjt3rg6OWg9J4H2h5ukf5JNiRybkupmat"
+			+ "UM+OVMRkf93jzU62kbyZpJBHiQZuxxJaLkhpv2RgWib9pbkftwEy/ZnmjkxlIIkA"
+			+ "lQMFEDQvWjh4313xYR8/NQEB37QEAIi9vR9h9ennz8Vi7RNU413h1ZoZjxfEbOpk"
+			+ "QAjE/LrZ/L5WiWdoStSiyqCLPoyPpQafiU8nTOr1KmY4RgceJNgxIW4OiSMoSvrh"
+			+ "c2kqP+skb8A2B4+47Aqjr5fSAVfVfrDMqDGireOguhQ/hf9BOYsM0gs+ROdtyLWP"
+			+ "tMjRnFlviD8DBRAz8qQSj6lRT5YOKXIRAntSAJ9StSEMBoFvk8iRWpXb6+LDNLUW"
+			+ "zACfT8iY3IxwvMF6jjCHrbuxQkL7chSJARUDBRA0MMO7569NIyeqD3EBATIAB/4t"
+			+ "CPZ1sLWO07g2ZCpiP1HlYpf5PENaXtaasFvhWch7eUe3DksuMEPzB5GnauoQZAku"
+			+ "hEGkoEfrfL3AXtXH+WMm2t7dIcTBD4p3XkeZ+PgJpKiASXDyul9rumXXvMxSL4KV"
+			+ "7ar+F1ZJ0ycCx2r2au0prPao70hDAzLTy16hrWgvdHSK7+wwaYO5TPCL5JDmcB+d"
+			+ "HKW72qNUOD0pxbe0uCkkb+gDxeVX28pZEkIIOMMV/eAs5bs/smV+eJqWT/EyfVBD"
+			+ "o7heF2aeyJj5ecxNOODr88xKF7qEpqazCQ4xhvFY+Yn6+vNCcYfkoZbOn0XQAvqf"
+			+ "a2Vab9woVIVSaDji/mlPiQB1AwUQNDC233FfeD4HYGBJAQFh6QL/XCgm5O3q9kWp"
+			+ "gts1MHKoHoh7vxSSQGSP2k7flNP1UB2nv4sKvyGM8eJKApuROIodcTkccM4qXaBu"
+			+ "XunMr5kJlvDJPm+NLzKyhtQP2fWI7xGYwiCiB29gm1GFMjdur4amiQEVAwUQNDBR"
+			+ "9fjDdqGixRdJAQE+mAf+JyqJZEVFwNwZ2hSIMewekC1r7N97p924nqfZKnzn6weF"
+			+ "pE80KIJSWtEVzI0XvHlVCOnS+WRxn7zxwrOTbrcEOy0goVbNgUsP5ypZa2/EM546"
+			+ "uyyJTvgD0nwA45Q4bP5sGhjh0G63r9Vwov7itFe4RDBGM8ibGnZTr9hHo469jpom"
+			+ "HSNeavcaUYyEqcr4GbpQmdpJTnn/H0A+fMl7ZHRoaclNx9ZksxihuCRrkQvUOb3u"
+			+ "RD9lFIhCvNwEardN62dKOKJXmn1TOtyanZvnmWigU5AmGuk6FpsClm3p5vvlid64"
+			+ "i49fZt9vW5krs2XfUevR4oL0IyUl+qW2HN0DIlDiAYkAlQMFEDQvbv2wcgJwUPMh"
+			+ "JQEBVBID/iOtS8CQfMxtG0EmrfaeVUU8R/pegBmVWDBULAp8CLTtdfxjVzs/6DXw"
+			+ "0RogXMRRl2aFfu1Yp0xhBYjII6Kque/FzAFXY9VNF1peqnPt7ADdeptYMppZa8sG"
+			+ "n9BBRu9Fsw69z6JkyqvMiVxGcKy3XEpVGr0JHx8Xt6BYdrULiKr2iQB1AwUQNC68"
+			+ "n6jZR/ntlUftAQFaYgL+NUYEj/sX9M5xq1ORX0SsVPMpNamHO3JBSmZSIzjiox5M"
+			+ "AqoFOCigAkonuzk5aBy/bRHy1cmDBOxf4mNhzrH8N6IkGvPE70cimDnbFvr+hoZS"
+			+ "jIqxtELNZsLuLVavLPAXiQCVAwUQNC6vWocCuHlnLQXBAQHb1gQAugp62aVzDCuz"
+			+ "4ntfXsmlGbLY7o5oZXYIKdPP4riOj4imcJh6cSgYFL6OMzeIp9VW/PHo2mk8kkdk"
+			+ "z5uif5LqOkEuIxgra7p1Yq/LL4YVhWGQeD8hwpmu+ulYoPOw40dVYS36PwrHIH9a"
+			+ "fNhl8Or5O2VIHIWnoQ++9r6gwngFQOyJAJUDBRAzHnkh1sNKtX1rroUBAWphBACd"
+			+ "huqm7GHoiXptQ/Y5F6BivCjxr9ch+gPSjaLMhq0kBHVO+TbXyVefVVGVgCYvFPjo"
+			+ "zM8PEVykQAtY//eJ475aGXjF+BOAhl2z0IMkQKCJMExoEDHbcj0jIIMZ2/+ptgtb"
+			+ "FSyJ2DQ3vvCdbw/1kyPHTPfP+L2u40GWMIYVBbyouokAlQMFEDMe7+UZsymln7HG"
+			+ "2QEBzMED/3L0DyPK/u6PyAd1AdpjUODTkWTZjZ6XA2ubc6IXXsZWpmCgB/24v8js"
+			+ "J3DIsvUD3Ke55kTr6xV+au+mAkwOQqWUTUWfQCkSrSDlbUJ1VPBzhyTpuzjBopte"
+			+ "7o3R6XXfcLiC5jY6eCX0QtLGhKpLjTr5uRhf1fYODGsAGXmCByDviQB1AgUQMy6U"
+			+ "MB0Z9MEMmFelAQHV4AMAjdFUIyFtpTr5jkyZSd3y//0JGO0z9U9hLVxeBBCwvdEQ"
+			+ "xsrpeTtVdqpeKZxHN1GhPCYvgLFZAQlcPh/Gc8u9uO7wVSgJc3zYKFThKpQevdF/"
+			+ "rzjTCHfgigf5Iui0qiqBiQCVAwUQMx22bAtzgG/ED06dAQFi0gQAkosqTMWy+1eU"
+			+ "Xbi2azFK3RX5ERf9wlN7mqh7TvwcPXvVWzUARnwRv+4kk3uOWI18q5UPis7KH3KY"
+			+ "OVeRrPd8bbp6SjhBh82ourTEQUXLBDQiI1V1cZZmwwEdlnAnhFnkXgMBNM2q7oBe"
+			+ "fRHADfYDfGo90wXyrVVL+GihDNpzUwOJAJUDBRAzHUFnOWvfULwOR3EBAbOYA/90"
+			+ "JIrKmxhwP6quaheFOjjPoxDGEZpGJEOwejEByYj+AgONCRmQS3BydtubA+nm/32D"
+			+ "FeG8pe/dnFvGc+QgNW560hK21C2KJj72mhjRlg/na7jz4/MmBAv5k61Q7roWi0rw"
+			+ "x+R9NSHxpshC8A92zmvo8w/XzVSogC8pJ04jcnY6YokAlQMFEDMdPtta9LwlvuSC"
+			+ "3QEBvPMD/3TJGroHhHYjHhiEpDZZVszeRQ0cvVI/uLLi5yq3W4F6Jy47DF8VckA7"
+			+ "mw0bXrOMNACN7Je7uyaU85qvJC2wgoQpFGdFlkjmkAwDAjR+koEysiE8FomiOHhv"
+			+ "EpEY/SjSS4jj4IPmgV8Vq66XjPw+i7Z0RsPLOIf67yZHxypNiBiYiQCVAwUQMxxw"
+			+ "pKrq6G7/78D5AQHo2QQAjnp6KxOl6Vvv5rLQ/4rj3OemvF7IUUq34xb25i/BSvGB"
+			+ "UpDQVUmhv/qIfWvDqWGZedyM+AlNSfUWPWnP41S8OH+lcERH2g2dGKGl7kH1F2Bx"
+			+ "ByZlqREHm2q624wPPA35RLXtXIx06yYjLtJ7b+FCAX6PUgZktZYk5gwjdoAGrC2J"
+			+ "AJUDBRAzGvcCKC6c7f53PGUBAUozA/9l/qKmcqbi8RtLsKQSh3vHds9d22zcbkuJ"
+			+ "PBSoOv2D7i2VLshaQFjq+62uYZGE6nU1WP5sZcBDuWjoX4t4NrffnOG/1R9D0t1t"
+			+ "9F47D77HJzjvo+J52SN520YHcbT8VoHdPRoEOXPN4tzhvn2GapVVdaAlWM0MLloh"
+			+ "NH3I9jap9okAdQMFEDMZlUAnyXglSykrxQEBnuwC/jXbFL+jzs2HQCuo4gyVrPlU"
+			+ "ksQCLYZjNnZtw1ca697GV3NhBhSXR9WHLQH+ZWnpTzg2iL3WYSdi9tbPs78iY1FS"
+			+ "d4EG8H9V700oQG8dlICF5W2VjzR7fByNosKM70WSXYkBFQMFEDMWBsGCy1t9eckW"
+			+ "HQEBHzMH/jmrsHwSPrA5R055VCTuDzdS0AJ+tuWkqIyqQQpqbost89Hxper3MmjL"
+			+ "Jas/VJv8EheuU3vQ9a8sG2SnlWKLtzFqpk7TCkyq/H3blub0agREbNnYhHHTGQFC"
+			+ "YJb4lWjWvMjfP+N5jvlLcnDqQPloXfAOgy7W90POoqFrsvhxdpnXgoLrzyNNja1O"
+			+ "1NRj+Cdv/GmJYNi6sQe43zmXWeA7syLKMw6058joDqEJFKndgSp3Zy/yXmObOZ/H"
+			+ "C2OJwA3gzEaAu8Pqd1svwGIGznqtTNCn9k1+rMvJPaxglg7PXIJS282hmBl9AcJl"
+			+ "wmh2GUCswl9/sj+REWTb8SgJUbkFcp6JAJUDBRAwdboVMPfsgxioXMEBAQ/LA/9B"
+			+ "FTZ9T95P/TtsxeC7lm9imk2mpNQCBEvXk286FQnGFtDodGfBfcH5SeKHaUNxFaXr"
+			+ "39rDGUtoTE98iAX3qgCElf4V2rzgoHLpuQzCg3U35dfs1rIxlpcSDk5ivaHpPV3S"
+			+ "v+mlqWL049y+3bGaZeAnwM6kvGMP2uccS9U6cbhpw4hGBBARAgAGBQI3GtRfAAoJ"
+			+ "EF3iSZZbA1iikWUAoIpSuXzuN/CI63dZtT7RL7c/KtWUAJ929SAtTr9SlpSgxMC8"
+			+ "Vk1T1i5/SYkBFQMFEzccnFnSJilEzmrGwQEBJxwH/2oauG+JlUC3zBUsoWhRQwqo"
+			+ "7DdqaPl7sH5oCGDKS4x4CRA23U15NicDI7ox6EizkwCjk0dRr1EeRK+RqL1b/2T4"
+			+ "2B6nynOLhRG2A0BPHRRJLcoL4nKfoPSo/6dIC+3iVliGEl90KZZD5bnONrVJQkRj"
+			+ "ZL8Ao+9IpmoYh8XjS5xMLEF9oAQqAkA93nVBm56lKmaL1kl+M3dJFtNKtVB8de1Z"
+			+ "XifDs8HykD42qYVtcseCKxZXhC3UTG5YLNhPvgZKH8WBCr3zcR13hFDxuecUmu0M"
+			+ "VhvEzoKyBYYt0rrqnyWrxwbv4gSTUWH5ZbgsTjc1SYKZxz6hrPQnfYWzNkznlFWJ"
+			+ "ARUDBRM0xL43CdxwOTnzf10BATOCB/0Q6WrpzwPMofjHj54MiGLKVP++Yfwzdvns"
+			+ "HxVpTZLZ5Ux8ErDsnLmvUGphnLVELZwEkEGRjln7a19h9oL8UYZaV+IcR6tQ06Fb"
+			+ "1ldR+q+3nXtBYzGhleXdgJQSKLJkzPF72tvY0DHUB//GUV9IBLQMvfG8If/AFsih"
+			+ "4iXi96DOtUAbeuIhnMlWwLJFeGjLLsX1u6HSX33xy4bGX6v/UcHbTSSYaxzb92GR"
+			+ "/xpP2Xt332hOFRkDZL52g27HS0UrEJWdAVZbh25KbZEl7C6zX/82OZ5nTEziHo20"
+			+ "eOS6Nrt2+gLSeA9X5h/+qUx30kTPz2LUPBQyIqLCJkHM8+0q5j9ciQCiAwUTNMS+"
+			+ "HZFeTizbCJMJAQFrGgRlEAkG1FYU4ufTxsaxhFZy7xv18527Yxpls6mSCi1HL55n"
+			+ "Joce6TI+Z34MrLOaiZljeQP3EUgzA+cs1sFRago4qz2wS8McmQ9w0FNQQMz4vVg9"
+			+ "CVi1JUVd4EWYvJpA8swDd5b9+AodYFEsfxt9Z3aP+AcWFb10RlVVsNw9EhObc6IM"
+			+ "nwAOHCEI9vp5FzzFiQCVAwUQNxyr6UyjTSyISdw9AQHf+wP+K+q6hIQ09tkgaYaD"
+			+ "LlWKLbuxePXqM4oO72qi70Gkg0PV5nU4l368R6W5xgR8ZkxlQlg85sJ0bL6wW/Sj"
+			+ "Mz7pP9hkhNwk0x3IFkGMTYG8i6Gt8Nm7x70dzJoiC+A496PryYC0rvGVf+Om8j5u"
+			+ "TexBBjb/jpJhAQ/SGqeDeCHheOC0Lldlcm5lciBLb2NoIChtZWluIGFsdGVyIGtl"
+			+ "eSkgPHdrQGNvbXB1dGVyLm9yZz6JAHUDBRM2G2MyHRn0wQyYV6UBASKKAv4wzmK7"
+			+ "a9Z+g0KH+6W8ffIhzrQo8wDAU9X1WJKzJjS205tx4mmdnAt58yReBc/+5HXTI8IK"
+			+ "R8IgF+LVXKWAGv5P5AqGhnPMeQSCs1JYdf9MPvbe34jD8wA1LTWFXn9e/cWIRgQQ"
+			+ "EQIABgUCNxrUaQAKCRBd4kmWWwNYovRiAJ9dJBVfjx9lGARoFXmAieYrMGDrmwCZ"
+			+ "AQyO4Wo0ntQ+iq4do9M3/FTFjiCZAaIENu1I6REEAJRGEqcYgXJch5frUYBj2EkD"
+			+ "kWAbhRqVXnmiF3PjCEGAPMMYsTddiU7wcKfiCAqKWWXow7BjTJl6Do8RT1jdKpPO"
+			+ "lBJXqqPYzsyBxLzE6mLps0K7SLJlSKTQqSVRcx0jx78JWYGlAlP0Kh9sPV2w/rPh"
+			+ "0LrPeOKXT7lZt/DrIhfPAKDL/sVqCrmY3QfvrT8kSKJcgtLWfQP/cfbqVNrGjW8a"
+			+ "m631N3UVA3tWfpgM/T9OjmKmw44NE5XfPJTAXlCV5j7zNMUkDeoPkrFF8DvbpYQs"
+			+ "4XWYHozDjhR2Q+eI6gZ0wfmhLHqqc2eVVkEG7dT57Wp9DAtCMe7RZfhnarTQMqlY"
+			+ "tOEa/suiHk0qLo59NsyF8eh68IDNCeYD/Apzonwaq2EQ1OEpfFlp6LcSnS34+UGZ"
+			+ "tTO4BgJdmEjr/QrIPp6bJDstgho+/2oR8yQwuHGJwbS/8ADA4IFEpLduSpzrABho"
+			+ "7RuNQcm96bceRY+7Hza3zf7pg/JGdWOb+bC3S4TIpK+3sx3YNWs7eURwpGREeJi5"
+			+ "/Seic+GXlGzltBpXZXJuZXIgS29jaCA8d2tAZ251cGcub3JnPohjBBMRAgAbBQI3"
+			+ "Gs+QBQkMyXyAAwsKAwMVAwIDFgIBAheAABIJEF3iSZZbA1iiB2VHUEcAAQFdwgCe"
+			+ "O/s43kCLDMIsHCb2H3LC59clC5UAn1EyrqWk+qcOXLpQIrP6Qa3QSmXIiEYEEBEC"
+			+ "AAYFAjca0T0ACgkQbH7huGIcwBOF9ACeNwO8G2G0ei03z0g/n3QZIpjbzvEAnRaE"
+			+ "qX2PuBbClWoIP6h9yrRlAEbUiQB1AwUQNxrRYx0Z9MEMmFelAQHRrgL/QDNKPV5J"
+			+ "gWziyzbHvEKfTIw/Ewv6El2MadVvQI8kbPN4qkPr2mZWwPzuc9rneCPQ1eL8AOdC"
+			+ "8+ZyxWzx2vsrk/FcU5donMObva2ct4kqJN6xl8xjsxDTJhBSFRaiBJjxiEYEEBEC"
+			+ "AAYFAjca0aMACgkQaLeriVdUjc0t+ACghK37H2vTYeXXieNJ8aZkiPJSte4An0WH"
+			+ "FOotQdTW4NmZJK+Uqk5wbWlgiEYEEBECAAYFAjdPH10ACgkQ9u7fIBhLxNktvgCe"
+			+ "LnQ5eOxAJz+Cvkb7FnL/Ko6qc5YAnjhWWW5c1o3onvKEH2Je2wQa8T6iiEYEEBEC"
+			+ "AAYFAjenJv4ACgkQmDRl2yFDlCJ+yQCfSy1zLftEfLuIHZsUHis9U0MlqLMAn2EI"
+			+ "f7TI1M5OKysQcuFLRC58CfcfiEUEEBECAAYFAjfhQTMACgkQNmdg8X0u14h55wCf"
+			+ "d5OZCV3L8Ahi4QW/JoXUU+ZB0M0AmPe2uw7WYDLOzv48H76tm6cy956IRgQQEQIA"
+			+ "BgUCOCpiDwAKCRDj8lhUEo8OeRsdAJ9FHupRibBPG2t/4XDqF+xiMLL/8ACfV5F2"
+			+ "SR0ITE4k/C+scS1nJ1KZUDW0C1dlcm5lciBLb2NoiGMEExECABsFAjbtSOoFCQzJ"
+			+ "fIADCwoDAxUDAgMWAgECF4AAEgkQXeJJllsDWKIHZUdQRwABAbXWAJ9SCW0ieOpL"
+			+ "7AY6vF+OIaMmw2ZW1gCgkto0eWfgpjAuVg6jXqR1wHt2pQOJAh4EEBQDAAYFAjcv"
+			+ "WdQACgkQbEwxpbHVFWcNxQf/bg14WGJ0GWMNSuuOOR0WYzUaNtzYpiLSVyLrreXt"
+			+ "o8LBNwzbgzj2ramW7Ri+tYJAHLhtua8ZgSeibmgBuZasF8db1m5NN1ZcHBXGTysA"
+			+ "jp+KnicTZ9Orj75D9o3oSmMyRcisEhr+gkj0tVhGfOAOC6eKbufVuyYFDVIyOyUB"
+			+ "GlW7ApemzAzYemfs3DdjHn87lkjHMVESO4fM5rtLuSc7cBfL/e6ljaWQc5W8S0gI"
+			+ "Dv0VtL39pMW4BlpKa25r14oJywuUpvWCZusvDm7ZJnqZ/WmgOHQUsyYudTROpGIb"
+			+ "lsNg8iqC6huWpGSBRdu3oRQRhkqpfVdszz6BB/nAx01q2wf/Q+U9XId1jyzxUL1S"
+			+ "GgaYMf6QdyjHQ1oxuFLNxzM6C/M069twbNgXJ71RsDDXVxFZfSTjSiH100AP9+9h"
+			+ "b5mycaXLUOXYDvOSFzHBd/LsjFNVrrFbDs5Xw+cLGVHOIgR5IWAfgu5d1PAZU9uQ"
+			+ "VgdGnQfmZg383RSPxvR3fnZz1rHNUGmS6w7x6FVbxa1QU2t38gNacIwHATAPcBpy"
+			+ "JLfXoznbpg3ADbgCGyDjBwnuPQEQkYwRakbczRrge8IaPZbt2HYPoUsduXMZyJI8"
+			+ "z5tvu7pUDws51nV1EX15BcN3++aY5pUyA1ItaaDymQVmoFbQC0BNMzMO53dMnFko"
+			+ "4i42kohGBBARAgAGBQI3OvmjAAoJEHUPZJXInZM+hosAnRntCkj/70shGTPxgpUF"
+			+ "74zA+EbzAKCcMkyHXIz2W0Isw3gDt27Z9ggsE4hGBBARAgAGBQI3NyPFAAoJEPbu"
+			+ "3yAYS8TZh2UAoJVmzw85yHJzsXQ1vpO2IAPfv59NAJ9WY0oiYqb3q1MSxBRwG0gV"
+			+ "iNCJ7YkBFQMFEDdD3tNSgFdEdlNAHQEByHEH/2JMfg71GgiyGJTKxCAymdyf2j2y"
+			+ "fH6wI782JK4BWV4c0E/V38q+jpIYslihV9t8s8w1XK5niMaLwlCOyBWOkDP3ech6"
+			+ "+GPPtfB3cmlL2hS896PWZ1adQHgCeQpB837n56yj0aTs4L1xarbSVT22lUwMiU6P"
+			+ "wYdH2Rh8nh8FvN0IZsbln2nOj73qANQzNflmseUKF1Xh4ck8yLrRd4r6amhxAVAf"
+			+ "cYFRJN4zdLL3cmhgkt0ADZlzAwXnEjwdHHy7SvAJk1ecNOA9pFsOJbvnzufd1afs"
+			+ "/CbG78I+0JDhg75Z2Nwq8eKjsKqiO0zz/vG5yWSndZvWkTWz3D3b1xr1Id2IRgQQ"
+			+ "EQIABgUCOCpiHgAKCRDj8lhUEo8OeQ+QAKCbOTscyUnWHSrDo4fIy0MThEjhOgCe"
+			+ "L4Kb7TWkd/OHQScVBO8sTUz0+2g=");
+
+//		private static readonly byte[] pub6check = Base64.Decode("62O9");
+
+		//
+		// revoked sub key
+		//
+		private static readonly byte[] pub7 = Base64.Decode(
+			"mQGiBEFOsIwRBADcjRx7nAs4RaWsQU6p8/ECLZD9sSeYc6CN6UDI96RKj0/hCzMs"
+			+ "qlA0+9fzGZ7ZEJ34nuvDKlhKGC7co5eOiE0a9EijxgcrZU/LClZWa4YfyNg/ri6I"
+			+ "yTyfOfrPQ33GNQt2iImDf3FKp7XKuY9nIxicGQEaW0kkuAmbV3oh0+9q8QCg/+fS"
+			+ "epDEqEE/+nKONULGizKUjMED/RtL6RThRftZ9DOSdBytGYd48z35pca/qZ6HA36K"
+			+ "PVQwi7V77VKQyKFLTOXPLnVyO85hyYB/Nv4DFHN+vcC7/49lfoyYMZlN+LarckHi"
+			+ "NL154wmmzygB/KKysvWBLgkErEBCD0xBDd89iTQNlDtVQAWGORVffl6WWjOAkliG"
+			+ "3dL6A/9A288HfFRnywqi3xddriV6wCPmStC3dkCS4vHk2ofS8uw4ZNoRlp1iEPna"
+			+ "ai2Xa9DX1tkhaGk2k96MqqbBdGpbW8sMA9otJ9xdMjWEm/CgJUFUFQf3zaVy3mkM"
+			+ "S2Lvb6P4Wc2l/diEEIyK8+PqJItSh0OVU3K9oM7ngHwVcalKILQVUkV2b2tlZCA8"
+			+ "UmV2b2tlZEB0ZWQ+iQBOBBARAgAOBQJBTrCMBAsDAgECGQEACgkQvglkcFA/c63+"
+			+ "QgCguh8rsJbPTtbhZcrqBi5Mo1bntLEAoPZQ0Kjmu2knRUpHBeUemHDB6zQeuQIN"
+			+ "BEFOsIwQCAD2Qle3CH8IF3KiutapQvMF6PlTETlPtvFuuUs4INoBp1ajFOmPQFXz"
+			+ "0AfGy0OplK33TGSGSfgMg71l6RfUodNQ+PVZX9x2Uk89PY3bzpnhV5JZzf24rnRP"
+			+ "xfx2vIPFRzBhznzJZv8V+bv9kV7HAarTW56NoKVyOtQa8L9GAFgr5fSI/VhOSdvN"
+			+ "ILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPwpVsYjY67VYy4XTjTNP18F1dD"
+			+ "ox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zafq9AKUJsCRtMI"
+			+ "PWakXUGfnHy9iUsiGSa6q6Jew1XpMgs7AAICB/93zriSvSHqsi1FeEmUBo431Jkh"
+			+ "VerIzb6Plb1j6FIq+s3vyvx9K+dMvjotZqylWZj4GXpH+2xLJTjWkrGSfUZVI2Nk"
+			+ "nyOFxUCKLLqaqVBFAQIjULfvQfGEWiGQKk9aRLkdG+D+8Y2N9zYoBXoQ9arvvS/t"
+			+ "4mlOsiuaTe+BZ4x+BXTpF4b9sKZl7V8QP/TkoJWUdydkvxciHdWp7ssqyiKOFRhG"
+			+ "818knDfFQ3cn2w/RnOb+7AF9wDncXDPYLfpPv9b2qZoLrXcyvlLffGDUdWs553ut"
+			+ "1F5AprMURs8BGmY9BnjggfVubHdhTUoA4gVvrdaf+D9NwZAl0xK/5Y/oPuMZiQBG"
+			+ "BBgRAgAGBQJBTrCMAAoJEL4JZHBQP3Ot09gAoMmLKloVDP+WhDXnsM5VikxysZ4+"
+			+ "AKCrJAUO+lYAyPYwEwgK+bKmUGeKrIkARgQoEQIABgUCQU6wpQAKCRC+CWRwUD9z"
+			+ "rQK4AJ98kKFxGU6yhHPr6jYBJPWemTNOXgCfeGB3ox4PXeS4DJDuLy9yllytOjo=");
+
+//		private static readonly byte[] pub7check = Base64.Decode("f/YQ");
+
+		private static readonly byte[] pub8 = Base64.Decode(
+			"mQGiBEEcraYRBADFYj+uFOhHz5SdECvJ3Z03P47gzmWLQ5HH8fPYC9rrv7AgqFFX"
+			+ "aWlJJVMLua9e6xoCiDWJs/n4BbZ/weL/11ELg6XqUnzFhYyz0H2KFsPgQ/b9lWLY"
+			+ "MtcPMFy5jE33hv/ixHgYLFqoNaAIbg0lzYEW/otQ9IhRl16fO1Q/CQZZrQCg/9M2"
+			+ "V2BTmm9RYog86CXJtjawRBcD/RIqU0zulxZ2Zt4javKVxrGIwW3iBU935ebmJEIK"
+			+ "Y5EVkGKBOCvsApZ+RGzpYeR2uMsTnQi8RJgiAnjaoVPCdsVJE7uQ0h8XuJ5n5mJ2"
+			+ "kLCFlF2hj5ViicZzse+crC12CGtgRe8z23ubLRcd6IUGhVutK8/b5knZ22vE14JD"
+			+ "ykKdA/96ObzJQdiuuPsEWN799nUUCaYWPAoLAmiXuICSP4GEnxLbYHWo8zhMrVMT"
+			+ "9Q5x3h8cszUz7Acu2BXjP1m96msUNoxPOZtt88NlaFz1Q/JSbQTsVOMd9b/IRN6S"
+			+ "A/uU0BiKEMHXuT8HUHVPK49oCKhZrGFP3RT8HZxDKLmR/qrgZ7ABh7QhSmlhIFlp"
+			+ "eXUgPHl5amlhQG5vd21lZGlhdGVjaC5jb20+sAMD//+JAF0EEBECAB0FAkEcraYH"
+			+ "CwkIBwMCCgIZAQUbAwAAAAUeAQAAAAAKCRD0/lb4K/9iFJlhAKCRMifQewiX5o8F"
+			+ "U099FG3QnLVUZgCfWpMOsHulGHfNrxdBSkE5Urqh1ymwAWe5Ag0EQRytphAIAPZC"
+			+ "V7cIfwgXcqK61qlC8wXo+VMROU+28W65Szgg2gGnVqMU6Y9AVfPQB8bLQ6mUrfdM"
+			+ "ZIZJ+AyDvWXpF9Sh01D49Vlf3HZSTz09jdvOmeFXklnN/biudE/F/Ha8g8VHMGHO"
+			+ "fMlm/xX5u/2RXscBqtNbno2gpXI61Brwv0YAWCvl9Ij9WE5J280gtJ3kkQc2azNs"
+			+ "OA1FHQ98iLMcfFstjvbzySPAQ/ClWxiNjrtVjLhdONM0/XwXV0OjHRhs3jMhLLUq"
+			+ "/zzhsSlAGBGNfISnCnLWhsQDGcgHKXrKlQzZlp+r0ApQmwJG0wg9ZqRdQZ+cfL2J"
+			+ "SyIZJrqrol7DVekyCzsAAgIH/3K2wKRSzkIpDfZR25+tnQ8brv3TYoDZo3/wN3F/"
+			+ "r6PGjx0150Q8g8EAC0bqm4rXWzOqdSxYxvIPOAGm5P4y+884yS6j3vKcXitT7vj+"
+			+ "ODc2pVwGDLDjrMRrosSK89ycPCK6R/5pD7Rv4l9DWi2fgLvXqJHS2/ujUf2uda9q"
+			+ "i9xNMnBXIietR82Sih4undFUOwh6Mws/o3eed9DIdaqv2Y2Aw43z/rJ6cjSGV3C7"
+			+ "Rkf9x85AajYA3LwpS8d99tgFig2u6V/A16oi6/M51oT0aR/ZAk50qUc4WBk9uRUX"
+			+ "L3Y+P6v6FCBE/06fgVltwcQHO1oKYKhH532tDL+9mW5/dYGwAYeJAEwEGBECAAwF"
+			+ "AkEcraYFGwwAAAAACgkQ9P5W+Cv/YhShrgCg+JW8m5nF3R/oZGuG87bXQBszkjMA"
+			+ "oLhGPncuGKowJXMRVc70/8qwXQJLsAFnmQGiBD2K5rYRBADD6kznWZA9nH/pMlk0"
+			+ "bsG4nI3ELgyI7KpgRSS+Dr17+CCNExxCetT+fRFpiEvUcSxeW4pOe55h0bQWSqLo"
+			+ "MNErXVJEXrm1VPkC08W8D/gZuPIsdtKJu4nowvdoA+WrI473pbeONGjaEDbuIJak"
+			+ "yeKM1VMSGhsImdKtxqhndq2/6QCg/xARUIzPRvKr2TJ52K393895X1kEAMCdjSs+"
+			+ "vABnhaeNNR5+NNkkIOCCjCS8qZRZ4ZnIayvn9ueG3KrhZeBIHoajUHrlTXBVj7XO"
+			+ "wXVfGpW17jCDiqhU8Pu6VwEwX1iFbuUwqBffiRLXKg0zfcN+MyFKToi+VsJi4jiZ"
+			+ "zcwUFMb8jE8tvR/muXti7zKPRPCbNBExoCt4A/0TgkzAosG/W4dUkkbc6XoHrjob"
+			+ "iYuy6Xbs/JYlV0vf2CyuKCZC6UoznO5x2GkvOyVtAgyG4HSh1WybdrutZ8k0ysks"
+			+ "mOthE7n7iczdj9Uwg2h+TfgDUnxcCAwxnOsX5UaBqGdkX1PjCWs+O3ZhUDg6UsZc"
+			+ "7O5a3kstf16lHpf4q7ABAIkAYQQfEQIAIQUCPYrmtgIHABcMgBHRi/xlIgI+Q6LT"
+			+ "kNJ7zKvTd87NHAAKCRDJM3gHb/sRj7bxAJ9f6mdlXQH7gMaYiY5tBe/FRtPr1gCf"
+			+ "UhDJQG0ARvORFWHjwhhBMLxW7j2wAWC0KkRlc21vbmQgS2VlIDxkZXNtb25kLmtl"
+			+ "ZUBub3dtZWRpYXRlY2guY29tPrADAQD9iQBYBBARAgAYBQI9iua2CAsDCQgHAgEK"
+			+ "AhkBBRsDAAAAAAoJEMkzeAdv+xGP7v4An19iqadBCCgDIe2DTpspOMidwQYPAJ4/"
+			+ "5QXbcn4ClhOKTO3ZEZefQvvL27ABYLkCDQQ9iua2EAgA9kJXtwh/CBdyorrWqULz"
+			+ "Bej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AHxstDqZSt90xkhkn4DIO9ZekX1KHT"
+			+ "UPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq"
+			+ "01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O"
+			+ "9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcK"
+			+ "ctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6TIL"
+			+ "OwACAgf/SO+bbg+owbFKVN5HgOjOElQZVnCsegwCLqTeQzPPzsWmkGX2qZJPDIRN"
+			+ "RZfJzti6+oLJwaRA/3krjviUty4VKhZ3lKg8fd9U0jEdnw+ePA7yJ6gZmBHL15U5"
+			+ "OKH4Zo+OVgDhO0c+oetFpend+eKcvtoUcRoQoi8VqzYUNG0b/nmZGDlxQe1/ZNbP"
+			+ "HpNf1BAtJXivCEKMD6PVzsLPg2L4tFIvD9faeeuKYQ4jcWtTkBLuIaZba3i3a4wG"
+			+ "xTN20j9HpISVuLW/EfZAK1ef4DNjLmHEU9dMzDqfi+hPmMbGlFqcKr+VjcYIDuje"
+			+ "o+92xm/EWAmlti88r2hZ3MySamHDrLABAIkATAQYEQIADAUCPYrmtgUbDAAAAAAK"
+			+ "CRDJM3gHb/sRjzVTAKDVS+OJLMeS9VLAmT8atVCB42MwIQCgoh1j3ccWnhc/h6B7"
+			+ "9Uqz3fUvGoewAWA=");
+
+		private static readonly byte[] sec8 = Base64.Decode(
+			"lQHpBEEcraYRBADFYj+uFOhHz5SdECvJ3Z03P47gzmWLQ5HH8fPYC9rrv7AgqFFX"
+			+ "aWlJJVMLua9e6xoCiDWJs/n4BbZ/weL/11ELg6XqUnzFhYyz0H2KFsPgQ/b9lWLY"
+			+ "MtcPMFy5jE33hv/ixHgYLFqoNaAIbg0lzYEW/otQ9IhRl16fO1Q/CQZZrQCg/9M2"
+			+ "V2BTmm9RYog86CXJtjawRBcD/RIqU0zulxZ2Zt4javKVxrGIwW3iBU935ebmJEIK"
+			+ "Y5EVkGKBOCvsApZ+RGzpYeR2uMsTnQi8RJgiAnjaoVPCdsVJE7uQ0h8XuJ5n5mJ2"
+			+ "kLCFlF2hj5ViicZzse+crC12CGtgRe8z23ubLRcd6IUGhVutK8/b5knZ22vE14JD"
+			+ "ykKdA/96ObzJQdiuuPsEWN799nUUCaYWPAoLAmiXuICSP4GEnxLbYHWo8zhMrVMT"
+			+ "9Q5x3h8cszUz7Acu2BXjP1m96msUNoxPOZtt88NlaFz1Q/JSbQTsVOMd9b/IRN6S"
+			+ "A/uU0BiKEMHXuT8HUHVPK49oCKhZrGFP3RT8HZxDKLmR/qrgZ/4JAwLXyWhb4pf4"
+			+ "nmCmD0lDwoYvatLiR7UQVM2MamxClIiT0lCPN9C2AYIFgRWAJNS215Tjx7P/dh7e"
+			+ "8sYfh5XEHErT3dMbsAGHtCFKaWEgWWl5dSA8eXlqaWFAbm93bWVkaWF0ZWNoLmNv"
+			+ "bT6wAwP//4kAXQQQEQIAHQUCQRytpgcLCQgHAwIKAhkBBRsDAAAABR4BAAAAAAoJ"
+			+ "EPT+Vvgr/2IUmWEAoJEyJ9B7CJfmjwVTT30UbdCctVRmAJ9akw6we6UYd82vF0FK"
+			+ "QTlSuqHXKbABZ50CawRBHK2mEAgA9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlL"
+			+ "OCDaAadWoxTpj0BV89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N"
+			+ "286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/"
+			+ "RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2O"
+			+ "u1WMuF040zT9fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqV"
+			+ "DNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6TILOwACAgf/crbApFLO"
+			+ "QikN9lHbn62dDxuu/dNigNmjf/A3cX+vo8aPHTXnRDyDwQALRuqbitdbM6p1LFjG"
+			+ "8g84Aabk/jL7zzjJLqPe8pxeK1Pu+P44NzalXAYMsOOsxGuixIrz3Jw8IrpH/mkP"
+			+ "tG/iX0NaLZ+Au9eokdLb+6NR/a51r2qL3E0ycFciJ61HzZKKHi6d0VQ7CHozCz+j"
+			+ "d5530Mh1qq/ZjYDDjfP+snpyNIZXcLtGR/3HzkBqNgDcvClLx3322AWKDa7pX8DX"
+			+ "qiLr8znWhPRpH9kCTnSpRzhYGT25FRcvdj4/q/oUIET/Tp+BWW3BxAc7WgpgqEfn"
+			+ "fa0Mv72Zbn91gf4JAwITijME9IlFBGAwH6YmBtWIlnDiRbsq/Pxozuhbnes831il"
+			+ "KmdpUKXkiIfHY0MqrEWl3Dfn6PMJGTnhgqXMrDxx3uHrq0Jl2swRnAWIIO8gID7j"
+			+ "uPetUqEviPiwAYeJAEwEGBECAAwFAkEcraYFGwwAAAAACgkQ9P5W+Cv/YhShrgCg"
+			+ "+JW8m5nF3R/oZGuG87bXQBszkjMAoLhGPncuGKowJXMRVc70/8qwXQJLsAFn");
+
+		private static readonly char[] sec8pass = "qwertyui".ToCharArray();
+
+		private static readonly byte[] sec9 = Base64.Decode(
+			"lQGqBEHCokERBAC9rh5SzC1sX1y1zoFuBB/v0SGhoKMEvLYf8Qv/j4deAMrc"
+			+ "w5dxasYoD9oxivIUfTbZKo8cqr+dKLgu8tycigTM5b/T2ms69SUAxSBtj2uR"
+			+ "LZrh4vjC/93kF+vzYJ4fNaBs9DGfCnsTouKjXqmfN3SlPMKNcGutO7FaUC3d"
+			+ "zcpYfwCg7qyONHvXPhS0Iw4QL3mJ/6wMl0UD/0PaonqW0lfGeSjJSM9Jx5Bt"
+			+ "fTSlwl6GmvYmI8HKvOBXAUSTZSbEkMsMVcIgf577iupzgWCgNF6WsNqQpKaq"
+			+ "QIq1Kjdd0Y00xU1AKflOkhl6eufTigjviM+RdDlRYsOO5rzgwDTRTu9giErs"
+			+ "XIyJAIZIdu2iaBHX1zHTfJ1r7nlAA/9H4T8JIhppUk/fLGsoPNZzypzVip8O"
+			+ "mFb9PgvLn5GmuIC2maiocT7ibbPa7XuXTO6+k+323v7PoOUaKD3uD93zHViY"
+			+ "Ma4Q5pL5Ajc7isnLXJgJb/hvvB1oo+wSDo9vJX8OCSq1eUPUERs4jm90/oqy"
+			+ "3UG2QVqs5gcKKR4o48jTiv4DZQJHTlUBtB1mb28ga2V5IDxmb28ua2V5QGlu"
+			+ "dmFsaWQuY29tPoheBBMRAgAeBQJBwqJCAhsDBgsJCAcDAgMVAgMDFgIBAh4B"
+			+ "AheAAAoJEOKcXvehtw4ajJMAoK9nLfsrRY6peq56l/KzmjzuaLacAKCXnmiU"
+			+ "waI7+uITZ0dihJ3puJgUz50BWARBwqJDEAQA0DPcNIn1BQ4CDEzIiQkegNPY"
+			+ "mkYyYWDQjb6QFUXkuk1WEB73TzMoemsA0UKXwNuwrUgVhdpkB1+K0OR/e5ik"
+			+ "GhlFdrDCqyT+mw6dRWbJ2i4AmFXZaRKO8AozZeWojsfP1/AMxQoIiBEteMFv"
+			+ "iuXnZ3pGxSfZYm2+33IuPAV8KKMAAwUD/0C2xZQXgVWTiVz70HUviOmeTQ+f"
+			+ "b1Hj0U9NMXWB383oQRBZCvQDM12cqGsvPZuZZ0fkGehGAIoyXtIjJ9lejzZN"
+			+ "1TE9fnXZ9okXI4yCl7XLSE26OAbNsis4EtKTNScNaU9Dk3CS5XD/pkRjrkPN"
+			+ "2hdUFtshuGmYkqhb9BIlrwE7/gMDAglbVSwecr9mYJcDYCH62U9TScWDTzsQ"
+			+ "NFEfhMez3hGnNHNfHe+7yN3+Q9/LIhbba3IJEN5LsE5BFvudLbArp56EusIn"
+			+ "JCxgiEkEGBECAAkFAkHCokMCGwwACgkQ4pxe96G3Dho2UQCeN3VPwx3dROZ+"
+			+ "4Od8Qj+cLrBndGEAn0vaQdy6eIGeDw2I9u3Quwy6JnROnQHhBEHCozMRBADH"
+			+ "ZBlB6xsAnqFYtYQOHr4pX6Q8TrqXCiHHc/q56G2iGbI9IlbfykQzaPHgWqZw"
+			+ "9P0QGgF/QZh8TitiED+imLlGDqj3nhzpazqDh5S6sg6LYkQPqhwG/wT5sZQQ"
+			+ "fzdeupxupjI5YN8RdIqkWF+ILOjk0+awZ4z0TSY/f6OSWpOXlwCgjIquR3KR"
+			+ "tlCLk+fBlPnOXaOjX+kEAJw7umykNIHNaoY/2sxNhQhjqHVxKyN44y6FCSv9"
+			+ "jRyW8Q/Qc8YhqBIHdmlcXoNWkDtlvErjdYMvOKFqKB1e2bGpjvhtIhNVQWdk"
+			+ "oHap9ZuM1nV0+fD/7g/NM6D9rOOVCahBG2fEEeIwxa2CQ7zHZYfg9Umn3vbh"
+			+ "TYi68R3AmgLOA/wKIVkfFKioI7iX4crQviQHJK3/A90SkrjdMQwLoiUjdgtk"
+			+ "s7hJsTP1OPb2RggS1wCsh4sv9nOyDULj0T0ySGv7cpyv5Nq0FY8gw2oogHs5"
+			+ "fjUnG4VeYW0zcIzI8KCaJT4UhR9An0A1jF6COrYCcjuzkflFbQLtQb9uNj8a"
+			+ "hCpU4/4DAwIUxXlRMYE8uWCranzPo83FnBPRnGJ2aC9SqZWJYVUKIn4Vf2nu"
+			+ "pVvCGFja0usl1WfV72hqlNKEONq7lohJBBgRAgAJBQJBwqMzAhsCAAoJEOKc"
+			+ "Xvehtw4afisAoME/t8xz/rj/N7QRN9p8Ji8VPGSqAJ9K8eFJ+V0mxR+octJr"
+			+ "6neEEX/i1Q==");
+
+		public char[] sec9pass = "foo".ToCharArray();
+
+		// version 4 keys with expiry dates
+		private static readonly byte[] pub10 = Base64.Decode(
+			"mQGiBEKqia0RBACc3hkufmscRSC4UvPZqMDsHm4+d/GXIr+3iNMSSEySJu8yk+k0"
+			+ "Xs11C/K+n+v1rnn2jGGknv+1lDY6w75TIcTE6o6HGKeIDxsAm8P3MhoGU1GNPamA"
+			+ "eTDeNybtrN/g6C65fCY9uI11hsUboYgQZ8ND22PB0VtvdOgq9D85qNUzxwCg1BbJ"
+			+ "ycAKd4VqEvQ2Zglp3dCSrFMD/Ambq1kZqYa69sp3b9BPKuAgUgUPoytOArEej3Bk"
+			+ "easAgAxNhWJy4GxigES3vk50rVi7w8XBuqbD1mQCzldF0HX0/A7PxLBv6od5uqqF"
+			+ "HFxIyxg/KBZLd9ZOrsSaoUWH58jZq98X/sFtJtRi5VuJagMxCIJD4mLgtMv7Unlb"
+			+ "/GrsA/9DEnObA/fNTgK70T+ZmPIS5tSt+bio30Aw4YGpPCGqpnm1u73b5kqX3U3B"
+			+ "P+vGDvFuqZYpqQA8byAueH0MbaDHI4CFugvShXvgysJxN7ov7/8qsZZUMfK1t2Nr"
+			+ "SAsPuKRbcY4gNKXIElKeXbyaET7vX7uAEKuxEwdYGFp/lNTkHLQgdGVzdCBrZXkg"
+			+ "KHRlc3QpIDx0ZXN0QHRlc3QudGVzdD6IZAQTEQIAJAUCQqqJrQIbAwUJACTqAAYL"
+			+ "CQgHAwIDFQIDAxYCAQIeAQIXgAAKCRDjDROQZRqIzDzLAJ42AeCRIBBjv8r8qw9y"
+			+ "laNj2GZ1sACgiWYHVXMA6B1H9I1kS3YsCd3Oq7qwAgAAuM0EQqqJrhADAKWkix8l"
+			+ "pJN7MMTXob4xFF1TvGll0UD1bDGOMMbes6aeXSbT9QXee/fH3GnijLY7wB+qTPv9"
+			+ "ohubrSpnv3yen3CEBW6Q2YK+NlCskma42Py8YMV2idmYjtJi1ckvHFWt5wADBQL/"
+			+ "fkB5Q5xSGgspMaTZmtmX3zG7ZDeZ0avP8e8mRL8UszCTpqs6vMZrXwyQLZPbtMYv"
+			+ "PQpuRGEeKj0ysimwYRA5rrLQjnRER3nyuuEUUgc4j+aeRxPf9WVsJ/a1FCHtaAP1"
+			+ "iE8EGBECAA8FAkKqia4CGwwFCQAk6gAACgkQ4w0TkGUaiMzdqgCfd66H7DL7kFGd"
+			+ "IoS+NIp8JO+noxAAn25si4QAF7og8+4T5YQUuhIhx/NesAIAAA==");
+
+		private static readonly byte[] sec10 = Base64.Decode(
+			"lQHhBEKqia0RBACc3hkufmscRSC4UvPZqMDsHm4+d/GXIr+3iNMSSEySJu8yk+k0"
+			+ "Xs11C/K+n+v1rnn2jGGknv+1lDY6w75TIcTE6o6HGKeIDxsAm8P3MhoGU1GNPamA"
+			+ "eTDeNybtrN/g6C65fCY9uI11hsUboYgQZ8ND22PB0VtvdOgq9D85qNUzxwCg1BbJ"
+			+ "ycAKd4VqEvQ2Zglp3dCSrFMD/Ambq1kZqYa69sp3b9BPKuAgUgUPoytOArEej3Bk"
+			+ "easAgAxNhWJy4GxigES3vk50rVi7w8XBuqbD1mQCzldF0HX0/A7PxLBv6od5uqqF"
+			+ "HFxIyxg/KBZLd9ZOrsSaoUWH58jZq98X/sFtJtRi5VuJagMxCIJD4mLgtMv7Unlb"
+			+ "/GrsA/9DEnObA/fNTgK70T+ZmPIS5tSt+bio30Aw4YGpPCGqpnm1u73b5kqX3U3B"
+			+ "P+vGDvFuqZYpqQA8byAueH0MbaDHI4CFugvShXvgysJxN7ov7/8qsZZUMfK1t2Nr"
+			+ "SAsPuKRbcY4gNKXIElKeXbyaET7vX7uAEKuxEwdYGFp/lNTkHP4DAwLssmOjVC+d"
+			+ "mWB783Lpzjb9evKzsxisTdx8/jHpUSS+r//6/Guyx3aA/zUw5bbftItW57mhuNNb"
+			+ "JTu7WrQgdGVzdCBrZXkgKHRlc3QpIDx0ZXN0QHRlc3QudGVzdD6IZAQTEQIAJAUC"
+			+ "QqqJrQIbAwUJACTqAAYLCQgHAwIDFQIDAxYCAQIeAQIXgAAKCRDjDROQZRqIzDzL"
+			+ "AJ0cYPwKeoSReY14LqJtAjnkX7URHACgsRZWfpbalrSyDnq3TtZeGPUqGX+wAgAA"
+			+ "nQEUBEKqia4QAwClpIsfJaSTezDE16G+MRRdU7xpZdFA9WwxjjDG3rOmnl0m0/UF"
+			+ "3nv3x9xp4oy2O8Afqkz7/aIbm60qZ798np9whAVukNmCvjZQrJJmuNj8vGDFdonZ"
+			+ "mI7SYtXJLxxVrecAAwUC/35AeUOcUhoLKTGk2ZrZl98xu2Q3mdGrz/HvJkS/FLMw"
+			+ "k6arOrzGa18MkC2T27TGLz0KbkRhHio9MrIpsGEQOa6y0I50REd58rrhFFIHOI/m"
+			+ "nkcT3/VlbCf2tRQh7WgD9f4DAwLssmOjVC+dmWDXVLRopzxbBGOvodp/LZoSDb56"
+			+ "gNJjDMJ1aXqWW9qTAg1CFjBq73J3oFpVzInXZ8+Q8inxv7bnWiHbiE8EGBECAA8F"
+			+ "AkKqia4CGwwFCQAk6gAACgkQ4w0TkGUaiMzdqgCgl2jw5hfk/JsyjulQqe1Nps1q"
+			+ "Lx0AoMdnFMZmTMLHn8scUW2j9XO312tmsAIAAA==");
+
+//		private static readonly char[] sec10pass = "test".ToCharArray();
+
+		private static readonly byte[] subKeyBindingKey = Base64.Decode(
+			"mQGiBDWagYwRBAD7UcH4TAIp7tmUoHBNxVxCVz2ZrNo79M6fV63riOiH2uDxfIpr"
+			+ "IrL0cM4ehEKoqlhngjDhX60eJrOw1nC5BpYZRnDnyDYT4wTWRguxObzGq9pqA1dM"
+			+ "oPTJhkFZVIBgFY99/ULRqaUYIhFGgBtnwS70J8/L/PGVc3DmWRLMkTDjSQCg/5Nh"
+			+ "MCjMK++MdYMcMl/ziaKRT6EEAOtw6PnU9afdohbpx9CK4UvCCEagfbnUtkSCQKSk"
+			+ "6cUp6VsqyzY0pai/BwJ3h4apFMMMpVrtBAtchVgqo4xTr0Sve2j0k+ase6FSImiB"
+			+ "g+AR7hvTUTcBjwtIExBc8TuCTqmn4GG8F7UMdl5Z0AZYj/FfAQYaRVZYP/pRVFNx"
+			+ "Lw65BAC/Fi3qgiGCJFvXnHIckTfcAmZnKSEXWY9NJ4YQb4+/nH7Vsw0wR/ZObUHR"
+			+ "bWgTc9Vw1uZIMe0XVj6Yk1dhGRehUnrm3mE7UJxu7pgkBCbFECFSlSSqP4MEJwZV"
+			+ "09YP/msu50kjoxyoTpt+16uX/8B4at24GF1aTHBxwDLd8X0QWrQsTWVycmlsbCBM"
+			+ "eW5jaCBDTEVBUiBzeXN0ZW0gREggPGNsZWFyQG1sLmNvbT6JAEsEEBECAAsFAjWa"
+			+ "gYwECwMBAgAKCRDyAGjiP47/XanfAKCs6BPURWVQlGh635VgL+pdkUVNUwCdFcNa"
+			+ "1isw+eAcopXPMj6ACOapepu5Ag0ENZqBlBAIAPZCV7cIfwgXcqK61qlC8wXo+VMR"
+			+ "OU+28W65Szgg2gGnVqMU6Y9AVfPQB8bLQ6mUrfdMZIZJ+AyDvWXpF9Sh01D49Vlf"
+			+ "3HZSTz09jdvOmeFXklnN/biudE/F/Ha8g8VHMGHOfMlm/xX5u/2RXscBqtNbno2g"
+			+ "pXI61Brwv0YAWCvl9Ij9WE5J280gtJ3kkQc2azNsOA1FHQ98iLMcfFstjvbzySPA"
+			+ "Q/ClWxiNjrtVjLhdONM0/XwXV0OjHRhs3jMhLLUq/zzhsSlAGBGNfISnCnLWhsQD"
+			+ "GcgHKXrKlQzZlp+r0ApQmwJG0wg9ZqRdQZ+cfL2JSyIZJrqrol7DVekyCzsAAgIH"
+			+ "/RYtVo+HROZ6jrNjrATEwQm1fUQrk6n5+2dniN881lF0CNkB4NkHw1Xxz4Ejnu/0"
+			+ "iLg8fkOAsmanOsKpOkRtqUnVpsVL5mLJpFEyCY5jbcfj+KY9/25bs0ga7kLHNZia"
+			+ "zbCxJdF+W179z3nudQxRaXG/0XISIH7ziZbSVni69sKc1osk1+OoOMbSuZ86z535"
+			+ "Pln4fXclkFE927HxfbWoO+60hkOLKh7x+8fC82b3x9vCETujEaxrscO2xS7/MYXP"
+			+ "8t1ffriTDmhuIuQS2q4fLgeWdqrODrMhrD8Dq7e558gzp30ZCqpiS7EmKGczL7B8"
+			+ "gXxbBCVSTxYMJheXt2xMXsuJAD8DBRg1moGU8gBo4j+O/10RAgWdAKCPhaFIXuC8"
+			+ "/cdiNMxTDw9ug3De5QCfYXmDzRSFUu/nrCi8yz/l09wsnxo=");
+
+//		private static readonly byte[] subKeyBindingCheckSum = Base64.Decode("3HU+");
+
+		//
+		// PGP8 with SHA1 checksum.
+		//
+		private static readonly byte[] rewrapKey = Base64.Decode(
+			"lQOWBEUPOQgBCADdjPTtl8oOwqJFA5WU8p7oDK5KRWfmXeXUZr+ZJipemY5RSvAM"
+			+ "rxqsM47LKYbmXOJznXCQ8+PPa+VxXAsI1CXFHIFqrXSwvB/DUmb4Ec9EuvNd18Zl"
+			+ "hJAybzmV2KMkaUp9oG/DUvxZJqkpUddNfwqZu0KKKZWF5gwW5Oy05VCpaJxQVXFS"
+			+ "whdbRfwEENJiNx4RB3OlWhIjY2p+TgZfgQjiGB9i15R+37sV7TqzBUZF4WWcnIRQ"
+			+ "DnpUfxHgxQ0wO/h/aooyRHSpIx5i4oNpMYq9FNIyakEx/Bomdbs5hW9dFxhrE8Es"
+			+ "UViAYITgTsyROxmgGatGG09dcmVDJVYF4i7JAAYpAAf/VnVyUDs8HrxYTOIt4rYY"
+			+ "jIHToBsV0IiLpA8fEA7k078L1MwSwERVVe6oHVTjeR4A9OxE52Vroh2eOLnF3ftf"
+			+ "6QThVVZr+gr5qeG3yvQ36N7PXNEVOlkyBzGmFQNe4oCA+NR2iqnAIspnekVmwJV6"
+			+ "xVvPCjWw/A7ZArDARpfthspwNcJAp4SWfoa2eKzvUTznTyqFu2PSS5fwQZUgOB0P"
+			+ "Y2FNaKeqV8vEZu4SUWwLOqXBQIZXiaLvdKNgwFvUe3kSHdCNsrVzW7SYxFwaEog2"
+			+ "o6YLKPVPqjlGX1cMOponGp+7n9nDYkQjtEsGSSMQkQRDAcBdSVJmLO07kFOQSOhL"
+			+ "WQQA49BcgTZyhyH6TnDBMBHsGCYj43FnBigypGT9FrQHoWybfX47yZaZFROAaaMa"
+			+ "U6man50YcYZPwzDzXHrK2MoGALY+DzB3mGeXVB45D/KYtlMHPLgntV9T5b14Scbc"
+			+ "w1ES2OUtsSIUs0zelkoXqjLuKnSIYK3mMb67Au7AEp6LXM8EAPj2NypvC86VEnn+"
+			+ "FH0QHvUwBpmDw0EZe25xQs0brvAG00uIbiZnTH66qsIfRhXV/gbKK9J5DTGIqQ15"
+			+ "DuPpz7lcxg/n2+SmjQLNfXCnG8hmtBjhTe+udXAUrmIcfafXyu68SAtebgm1ga56"
+			+ "zUfqsgN3FFuMUffLl3myjyGsg5DnA/oCFWL4WCNClOgL6A5VkNIUait8QtSdCACT"
+			+ "Y7jdSOguSNXfln0QT5lTv+q1AjU7zjRl/LsFNmIJ5g2qdDyK937FOXM44FEEjZty"
+			+ "/4P2dzYpThUI4QUohIj8Qi9f2pZQueC5ztH6rpqANv9geZKcciAeAbZ8Md0K2TEU"
+			+ "RD3Lh+RSBzILtBtUZXN0IEtleSA8dGVzdEBleGFtcGxlLmNvbT6JATYEEwECACAF"
+			+ "AkUPOQgCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRDYpknHeQaskD9NB/9W"
+			+ "EbFuLaqZAl3yjLU5+vb75BdvcfL1lUs44LZVwobNp3/0XbZdY76xVPNZURtU4u3L"
+			+ "sJfGlaF+EqZDE0Mqc+vs5SIb0OnCzNJ00KaUFraUtkByRV32T5ECHK0gMBjCs5RT"
+			+ "I0vVv+Qmzl4+X1Y2bJ2mlpBejHIrOzrBD5NTJimTAzyfnNfipmbqL8p/cxXKKzS+"
+			+ "OM++ZFNACj6lRM1W9GioXnivBRC88gFSQ4/GXc8yjcrMlKA27JxV+SZ9kRWwKH2f"
+			+ "6o6mojUQxnHr+ZFKUpo6ocvTgBDlC57d8IpwJeZ2TvqD6EdA8rZ0YriVjxGMDrX1"
+			+ "8esfw+iLchfEwXtBIRwS");
+
+		private static readonly char[] rewrapPass = "voltage123".ToCharArray();
+
+		private static readonly byte[] pubWithX509 = Base64.Decode(
+			  "mQENBERabjABCACtmfyo6Nph9MQjv4nmCWjZrRYnhXbivomAdIwYkLZUj1bjqE+j"
+			+ "uaLzjZV8xSI59odZvrmOiqlzOc4txitQ1OX7nRgbOJ7qku0dvwjtIn46+HQ+cAFn"
+			+ "2mTi81RyXEpO2uiZXfsNTxUtMi+ZuFLufiMc2kdk27GZYWEuasdAPOaPJnA+wW6i"
+			+ "ZHlt0NfXIGNz864gRwhD07fmBIr1dMFfATWxCbgMd/rH7Z/j4rvceHD2n9yrhPze"
+			+ "YN7W4Nuhsr2w/Ft5Cm9xO7vXT/cpto45uxn8f7jERep6bnUwNOhH8G+6xLQgTLD0"
+			+ "qFBGVSIneK3lobs6+xn6VaGN8W0tH3UOaxA1ABEBAAG0D0NOPXFhLWRlZXBzaWdo"
+			+ "dIkFDgQQZAIFAQUCRFpuMAUDCWdU0gMF/3gCGwPELGQBAQQwggTkMIIDzKADAgEC"
+			+ "AhBVUMV/M6rIiE+IzmnPheQWMA0GCSqGSIb3DQEBBQUAMG4xEzARBgoJkiaJk/Is"
+			+ "ZAEZFgNjb20xEjAQBgoJkiaJk/IsZAEZFgJxYTEVMBMGCgmSJomT8ixkARkWBXRt"
+			+ "czAxMRUwEwYKCZImiZPyLGQBGRYFV2ViZmUxFTATBgNVBAMTDHFhLWRlZXBzaWdo"
+			+ "dDAeFw0wNjA1MDQyMTEyMTZaFw0xMTA1MDQyMTIwMDJaMG4xEzARBgoJkiaJk/Is"
+			+ "ZAEZFgNjb20xEjAQBgoJkiaJk/IsZAEZFgJxYTEVMBMGCgmSJomT8ixkARkWBXRt"
+			+ "czAxMRUwEwYKCZImiZPyLGQBGRYFV2ViZmUxFTATBgNVBAMTDHFhLWRlZXBzaWdo"
+			+ "dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK2Z/Kjo2mH0xCO/ieYJ"
+			+ "aNmtFieFduK+iYB0jBiQtlSPVuOoT6O5ovONlXzFIjn2h1m+uY6KqXM5zi3GK1DU"
+			+ "5fudGBs4nuqS7R2/CO0ifjr4dD5wAWfaZOLzVHJcSk7a6Jld+w1PFS0yL5m4Uu5+"
+			+ "IxzaR2TbsZlhYS5qx0A85o8mcD7BbqJkeW3Q19cgY3PzriBHCEPTt+YEivV0wV8B"
+			+ "NbEJuAx3+sftn+Piu9x4cPaf3KuE/N5g3tbg26GyvbD8W3kKb3E7u9dP9ym2jjm7"
+			+ "Gfx/uMRF6npudTA06Efwb7rEtCBMsPSoUEZVIid4reWhuzr7GfpVoY3xbS0fdQ5r"
+			+ "EDUCAwEAAaOCAXwwggF4MAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0G"
+			+ "A1UdDgQWBBSmFTRv5y65DHtTYae48zl0ExNWZzCCASUGA1UdHwSCARwwggEYMIIB"
+			+ "FKCCARCgggEMhoHFbGRhcDovLy9DTj1xYS1kZWVwc2lnaHQsQ049cWEtd3VtYW4x"
+			+ "LWRjLENOPUNEUCxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxDTj1TZXJ2aWNl"
+			+ "cyxDTj1Db25maWd1cmF0aW9uLERDPVdlYmZlLERDPXRtczAxLERDPXFhLERDPWNv"
+			+ "bT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9Y1JM"
+			+ "RGlzdHJpYnV0aW9uUG9pbnSGQmh0dHA6Ly9xYS13dW1hbjEtZGMud2ViZmUudG1z"
+			+ "MDEucWEuY29tL0NlcnRFbnJvbGwvcWEtZGVlcHNpZ2h0LmNybDAQBgkrBgEEAYI3"
+			+ "FQEEAwIBADANBgkqhkiG9w0BAQUFAAOCAQEAfuZCW3XlB7Eok35zQbvYt9rhAndT"
+			+ "DNw3wPNI4ZzD1nXoYWnwhNNvWRpsOt4ExOSNdaHErfgDXAMyyg66Sro0TkAx8eAj"
+			+ "fPQsyRAh0nm0glzFmJN6TdOZbj7hqGZjc4opQ6nZo8h/ULnaEwMIUW4gcSkZt0ww"
+			+ "CuErl5NUrN3DpkREeCG/fVvQZ8ays3ibQ5ZCZnYBkLYq/i0r3NLW34WfYhjDY48J"
+			+ "oQWtvFSAxvRfz2NGmqnrCHPQZxqlfdta97kDa4VQ0zSeBaC70gZkLmD1GJMxWoXW"
+			+ "6tmEcgPY5SghInUf+L2u52V55MjyAFzVp7kTK2KY+p7qw35vzckrWkwu8AAAAAAA"
+			+ "AQE=");
+
+		private static readonly byte[] secWithPersonalCertificate = Base64.Decode(
+			"lQOYBEjGLGsBCACp1I1dZKsK4N/I0/4g02hDVNLdQkDZfefduJgyJUyBGo/I"
+			+ "/ZBpc4vT1YwVIdic4ADjtGB4+7WohN4v8siGzwRSeXardSdZVIw2va0JDsQC"
+			+ "yeoTnwVkUgn+w/MDgpL0BBhTpr9o3QYoo28/qKMni3eA8JevloZqlAbQ/sYq"
+			+ "rToMAqn0EIdeVVh6n2lRQhUJaNkH/kA5qWBpI+eI8ot/Gm9kAy3i4e0Xqr3J"
+			+ "Ff1lkGlZuV5H5p/ItZui9BDIRn4IDaeR511NQnKlxFalM/gP9R9yDVI1aXfy"
+			+ "STcp3ZcsTOTGNzACtpvMvl6LZyL42DyhlOKlJQJS81wp4dg0LNrhMFOtABEB"
+			+ "AAEAB/0QIH5UEg0pTqAG4r/3v1uKmUbKJVJ3KhJB5xeSG3dKWIqy3AaXR5ZN"
+			+ "mrJfXK7EfC5ZcSAqx5br1mzVl3PHVBKQVQxvIlmG4r/LKvPVhQYZUFyJWckZ"
+			+ "9QMR+EA0Dcran9Ds5fa4hH84jgcwalkj64XWRAKDdVh098g17HDw+IYnQanl"
+			+ "7IXbYvh+1Lr2HyPo//vHX8DxXIJBv+E4skvqGoNfCIfwcMeLsrI5EKo+D2pu"
+			+ "kAuBYI0VBiZkrJHFXWmQLW71Mc/Bj7wTG8Q1pCpu7YQ7acFSv+/IOCsB9l9S"
+			+ "vdB7pNhB3lEjYFGoTgr03VfeixA7/x8uDuSXjnBdTZqmGqkZBADNwCqlzdaQ"
+			+ "X6CjS5jc3vzwDSPgM7ovieypEL6NU3QDEUhuP6fVvD2NYOgVnAEbJzgOleZS"
+			+ "W2AFXKAf5NDxfqHnBmo/jlYb5yZV5Y+8/poLLj/m8t7sAfAmcZqGXfYMbSbe"
+			+ "tr6TGTUXcXgbRyU5oH1e4iq691LOwZ39QjL8lNQQywQA006XYEr/PS9uJkyM"
+			+ "Cg+M+nmm40goW4hU/HboFh9Ru6ataHj+CLF42O9sfMAV02UcD3Agj6w4kb5L"
+			+ "VswuwfmY+17IryT81d+dSmDLhpo6ufKoAp4qrdP+bzdlbfIim4Rdrw5vF/Yk"
+			+ "rC/Nfm3CLJxTimHJhqFx4MG7yEC89lxgdmcD/iJ3m41fwS+bPN2rrCAf7j1u"
+			+ "JNr/V/8GAnoXR8VV9150BcOneijftIIYKKyKkV5TGwcTfjaxRKp87LTeC3MV"
+			+ "szFDw04MhlIKRA6nBdU0Ay8Yu+EjXHK2VSpLG/Ny+KGuNiFzhqgBxM8KJwYA"
+			+ "ISa1UEqWjXoLU3qu1aD7cCvANPVCOASwAYe0GlBHUCBEZXNrdG9wIDxpbmZv"
+			+ "QHBncC5jb20+sAMD//+JAW4EEAECAFgFAkjGLGswFIAAAAAAIAAHcHJlZmVy"
+			+ "cmVkLWVtYWlsLWVuY29kaW5nQHBncC5jb21wZ3BtaW1lBwsJCAcDAgoCGQEF"
+			+ "GwMAAAADFgECBR4BAAAABRUCCAkKAAoJEHHHqp2m1tlWsx8H/icpHl1Nw17A"
+			+ "D6MJN6zJm+aGja+5BOFxOsntW+IV6JI+l5WwiIVE8xTDhoXW4zdH3IZTqoyY"
+			+ "frtkqLGpvsPtAQmV6eiPgE3+25ahL+MmjXKsceyhbZeCPDtM2M382VCHYCZK"
+			+ "DZ4vrHVgK/BpyTeP/mqoWra9+F5xErhody71/cLyIdImLqXgoAny6YywjuAD"
+			+ "2TrFnzPEBmZrkISHVEso+V9sge/8HsuDqSI03BAVWnxcg6aipHtxm907sdVo"
+			+ "jzl2yFbxCCCaDIKR7XVbmdX7VZgCYDvNSxX3WEOgFq9CYl4ZlXhyik6Vr4XP"
+			+ "7EgqadtfwfMcf4XrYoImSQs0gPOd4QqwAWedA5gESMYsawEIALiazFREqBfi"
+			+ "WouTjIdLuY09Ks7PCkn0eo/i40/8lEj1R6JKFQ5RlHNnabh+TLvjvb3nOSU0"
+			+ "sDg+IKK/JUc8/Fo7TBdZvARX6BmltEGakqToDC3eaF9EQgHLEhyE/4xXiE4H"
+			+ "EeIQeCHdC7k0pggEuWUn5lt6oeeiPUWhqdlUOvzjG+jqMPJL0bk9STbImHUR"
+			+ "EiugCPTekC0X0Zn0yrwyqlJQMWnh7wbSl/uo4q45K7qOhxcijo+hNNrkRAMi"
+			+ "fdNqD4s5qDERqqHdAAgpWqydo7zV5tx0YSz5fjh59Z7FxkUXpcu1WltT6uVn"
+			+ "hubiMTWpXzXOQI8wZL2fb12JmRY47BEAEQEAAQAH+wZBeanj4zne+fBHrWAS"
+			+ "2vx8LYiRV9EKg8I/PzKBVdGUnUs0vTqtXU1dXGXsAsPtu2r1bFh0TQH06gR1"
+			+ "24iq2obgwkr6x54yj+sZlE6SU0SbF/mQc0NCNAXtSKV2hNXvy+7P+sVJR1bn"
+			+ "b5ukuvkj1tgEln/0W4r20qJ60F+M5QxXg6kGh8GAlo2tetKEv1NunAyWY6iv"
+			+ "FTnSaIJ/YaKQNcudNvOJjeIakkIzfzBL+trUiI5n1LTBB6+u3CF/BdZBTxOy"
+			+ "QwjAh6epZr+GnQqeaomFxBc3mU00sjrsB1Loso84UIs6OKfjMkPoZWkQrQQW"
+			+ "+xvQ78D33YwqNfXk/5zQAxkEANZxJGNKaAeDpN2GST/tFZg0R5GPC7uWYC7T"
+			+ "pG100mir9ugRpdeIFvfAa7IX2jujxo9AJWo/b8hq0q0koUBdNAX3xxUaWy+q"
+			+ "KVCRxBifpYVBfEViD3lsbMy+vLYUrXde9087YD0c0/XUrj+oowWJavblmZtS"
+			+ "V9OjkQW9zoCigpf5BADcYV+6bkmJtstxJopJG4kD/lr1o35vOEgLkNsMLayc"
+			+ "NuzES084qP+8yXPehkzSsDB83kc7rKfQCQMZ54V7KCCz+Rr4wVG7FCrFAw4e"
+			+ "4YghfGVU/5whvbJohl/sXXCYGtVljvY/BSQrojRdP+/iZxFbeD4IKiTjV+XL"
+			+ "WKSS56Fq2QQAzeoKBJFUq8nqc8/OCmc52WHSOLnB4AuHL5tNfdE9tjqfzZAE"
+			+ "tx3QB7YGGP57tPQxPFDFJVRJDqw0YxI2tG9Pum8iriKGjHg+oEfFhxvCmPxf"
+			+ "zDKaGibkLeD7I6ATpXq9If+Nqb5QjzPjFbXBIz/q2nGjamZmp4pujKt/aZxF"
+			+ "+YRCebABh4kCQQQYAQIBKwUCSMYsbAUbDAAAAMBdIAQZAQgABgUCSMYsawAK"
+			+ "CRCrkqZshpdZSNAiB/9+5nAny2O9/lp2K2z5KVXqlNAHUmd4S/dpqtsZCbAo"
+			+ "8Lcr/VYayrNojga1U7cyhsvFky3N9wczzPHq3r9Z+R4WnRM1gpRWl+9+xxtd"
+			+ "ZxGfGzMRlxX1n5rCqltKKk6IKuBAr2DtTnxThaQiISO2hEw+P1MT2HnSzMXt"
+			+ "zse5CZ5OiOd/bm/rdvTRD/JmLqhXmOFaIwzdVP0dR9Ld4Dug2onOlIelIntC"
+			+ "cywY6AmnL0DThaTy5J8MiMSPamSmATl4Bicm8YRbHHz58gCYxI5UMLwtwR1+"
+			+ "rSEmrB6GwVHZt0/BzOpuGpvFZI5ZmC5yO/waR1hV+VYj025cIz+SNuDPyjy4"
+			+ "AAoJEHHHqp2m1tlW/w0H/3w38SkB5n9D9JL3chp+8fex03t7CQowVMdsBYNY"
+			+ "qI4QoVQkakkxzCz5eF7rijXt5eC3NE/quWhlMigT8LARiwBROBWgDRFW4WuX"
+			+ "6MwYtjKKUkZSkBKxP3lmaqZrJpF6jfhPEN76zr/NxWPC/nHRNldUdqkzSu/r"
+			+ "PeJyePMofJevzMkUzw7EVtbtWhZavCz+EZXRTZXub9M4mDMj64BG6JHMbVZI"
+			+ "1iDF2yka5RmhXz9tOhYgq80m7UQUb1ttNn86v1zVbe5lmB8NG4Ndv+JaaSuq"
+			+ "SBZOYQ0ZxtMAB3vVVLZCWxma1P5HdXloegh+hosqeu/bl0Wh90z5Bspt6eI4"
+			+ "imqwAWeVAdgESMYtmwEEAM9ZeMFxor7oSoXnhQAXD9lXLLfBky6IcIWISY4F"
+			+ "JWc8sK8+XiVzpOrefKro0QvmEGSYcDFQMHdScBLOTsiVJiqenA7fg1bkBr/M"
+			+ "bnD7vTKMJe0DARlU27tE5hsWCDYTluxIFjGcAcecY2UqHkqpctYKY0WY9EIm"
+			+ "dBA5TYaw3c0PABEBAAEAA/0Zg6318nC57cWLIp5dZiO/dRhTPZD0hI+BWZrg"
+			+ "zJtPT8rXVY+qK3Jwquig8z29/r+nppEE+xQWVWDlv4M28BDJAbGE+qWKAZqT"
+			+ "67lyKgc0c50W/lfbGvvs+F7ldCcNpFvlk79GODKxcEeTGDQKb9R6FnHFee/K"
+			+ "cZum71O3Ku3vUQIA3B3PNM+tKocIUNDHnInuLyqLORwQBNGfjU/pLMM0MkpP"
+			+ "lWeIfgUmn2zL/e0JrRoO0LQqX1LN/TlfcurDM0SEtwIA8Sba9OpDq99Yz360"
+			+ "FiePJiGNNlbj9EZsuGJyMVXL1mTLA6WHnz5XZOfYqJXHlmKvaKDbARW4+0U7"
+			+ "0/vPdYWSaQIAwYeo2Ce+b7M5ifbGMDWYBisEvGISg5xfvbe6qApmHS4QVQzE"
+			+ "Ym81rdJJ8OfvgSbHcgn37S3OBXIQvNdejF4BWqM9sAGHtCBIeW5lay1JbnRy"
+			+ "YW5ldCA8aHluZWtAYWxzb2Z0LmN6PrADA///iQDrBBABAgBVBQJIxi2bBQkB"
+			+ "mgKAMBSAAAAAACAAB3ByZWZlcnJlZC1lbWFpbC1lbmNvZGluZ0BwZ3AuY29t"
+			+ "cGdwbWltZQULBwgJAgIZAQUbAQAAAAUeAQAAAAIVAgAKCRDlTa3BE84gWVKW"
+			+ "BACcoCFKvph9r9QiHT1Z3N4wZH36Uxqu/059EFALnBkEdVudX/p6S9mynGRk"
+			+ "EfhmWFC1O6dMpnt+ZBEed/4XyFWVSLPwirML+6dxfXogdUsdFF1NCRHc3QGc"
+			+ "txnNUT/zcZ9IRIQjUhp6RkIvJPHcyfTXKSbLviI+PxzHU2Padq8pV7ABZ7kA"
+			+ "jQRIfg8tAQQAutJR/aRnfZYwlVv+KlUDYjG8YQUfHpTxpnmVu7W6N0tNg/Xr"
+			+ "5dg50wq3I4HOamRxUwHpdPkXyNF1szpDSRZmlM+VmiIvJDBnyH5YVlxT6+zO"
+			+ "8LUJ2VTbfPxoLFp539SQ0oJOm7IGMAGO7c0n/QV0N3hKUfWgCyJ+sENDa0Ft"
+			+ "JycAEQEAAbABj4kEzQQYAQIENwUCSMYtnAUJAeEzgMLFFAAAAAAAFwNleDUw"
+			+ "OWNlcnRpZmljYXRlQHBncC5jb20wggNhMIICyqADAgECAgkA1AoCoRKJCgsw"
+			+ "DQYJKoZIhvcNAQEFBQAwgakxCzAJBgNVBAYTAkNaMRcwFQYDVQQIEw5DemVj"
+			+ "aCBSZXB1YmxpYzESMBAGA1UEChQJQSYmTCBzb2Z0MSAwHgYDVQQLExdJbnRl"
+			+ "cm5hbCBEZXZlbG9wbWVudCBDQTEqMCgGA1UEAxQhQSYmTCBzb2Z0IEludGVy"
+			+ "bmFsIERldmVsb3BtZW50IENBMR8wHQYJKoZIhvcNAQkBFhBrYWRsZWNAYWxz"
+			+ "b2Z0LmN6MB4XDTA4MDcxNjE1MDkzM1oXDTA5MDcxNjE1MDkzM1owaTELMAkG"
+			+ "A1UEBhMCQ1oxFzAVBgNVBAgTDkN6ZWNoIFJlcHVibGljMRIwEAYDVQQKFAlB"
+			+ "JiZMIHNvZnQxFDASBgNVBAsTC0RldmVsb3BtZW50MRcwFQYDVQQDEw5IeW5l"
+			+ "ay1JbnRyYW5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAutJR/aRn"
+			+ "fZYwlVv+KlUDYjG8YQUfHpTxpnmVu7W6N0tNg/Xr5dg50wq3I4HOamRxUwHp"
+			+ "dPkXyNF1szpDSRZmlM+VmiIvJDBnyH5YVlxT6+zO8LUJ2VTbfPxoLFp539SQ"
+			+ "0oJOm7IGMAGO7c0n/QV0N3hKUfWgCyJ+sENDa0FtJycCAwEAAaOBzzCBzDAJ"
+			+ "BgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBD"
+			+ "ZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUNaw7A6r10PtYZzAvr9CrSKeRYJgwHwYD"
+			+ "VR0jBBgwFoAUmqSRM8rN3+T1+tkGiqef8S5suYgwGgYDVR0RBBMwEYEPaHlu"
+			+ "ZWtAYWxzb2Z0LmN6MCgGA1UdHwQhMB8wHaAboBmGF2h0dHA6Ly9wZXRyazIv"
+			+ "Y2EvY2EuY3JsMAsGA1UdDwQEAwIF4DANBgkqhkiG9w0BAQUFAAOBgQCUdOWd"
+			+ "7mBLWj1/GSiYgfwgdTrgk/VZOJvMKBiiFyy1iFEzldz6Xx+mAexnFJKfZXZb"
+			+ "EMEGWHfWPmgJzAtuTT0Jz6tUwDmeLH3MP4m8uOZtmyUJ2aq41kciV3rGxF0G"
+			+ "BVlZ/bWTaOzHdm6cjylt6xxLt6MJzpPBA/9ZfybSBh1DaAUbDgAAAJ0gBBkB"
+			+ "AgAGBQJIxi2bAAoJEAdYkEWLb2R2fJED/RK+JErZ98uGo3Z81cHkdP3rk8is"
+			+ "DUL/PR3odBPFH2SIA5wrzklteLK/ZXmBUzcvxqHEgI1F7goXbsBgeTuGgZdx"
+			+ "pINErxkNpcMl9FTldWKGiapKrhkZ+G8knDizF/Y7Lg6uGd2nKVxzutLXdHJZ"
+			+ "pU89Q5nzq6aJFAZo5TBIcchQAAoJEOVNrcETziBZXvQD/1mvFqBfWqwXxoj3"
+			+ "8fHUuFrE2pcp32y3ciO2i+uNVEkNDoaVVNw5eHQaXXWpllI/Pe6LnBl4vkyc"
+			+ "n3pjONa4PKrePkEsCUhRbIySqXIHuNwZumDOlKzZHDpCUw72LaC6S6zwuoEf"
+			+ "ucOcxTeGIUViANWXyTIKkHfo7HfigixJIL8nsAFn");
+
+		[Test]
+		public void PerformTest1()
+		{
+			PgpPublicKeyRingBundle pubRings = new PgpPublicKeyRingBundle(pub1);
+
+			int count = 0;
+
+			foreach (PgpPublicKeyRing pgpPub1 in pubRings.GetKeyRings())
+			{
+				count++;
+
+				int keyCount = 0;
+				byte[] bytes = pgpPub1.GetEncoded();
+
+				PgpPublicKeyRing pgpPub2 = new PgpPublicKeyRing(bytes);
+
+				foreach (PgpPublicKey pubKey in pgpPub2.GetPublicKeys())
+				{
+					keyCount++;
+
+					foreach (PgpSignature sig in pubKey.GetSignatures())
+					{
+						if (sig == null)
+							Fail("null signature found");
+					}
+				}
+
+				if (keyCount != 2)
+				{
+					Fail("wrong number of public keys");
+				}
+			}
+
+			if (count != 1)
+			{
+				Fail("wrong number of public keyrings");
+			}
+
+			//
+			// exact match
+			//
+			count = 0;
+			foreach (PgpPublicKeyRing pgpPub3 in pubRings.GetKeyRings("test (Test key) <test@ubicall.com>"))
+			{
+				if (pgpPub3 == null)
+					Fail("null keyring found");
+
+				count++;
+			}
+
+			if (count != 1)
+			{
+				Fail("wrong number of public keyrings on exact match");
+			}
+
+			//
+			// partial match 1 expected
+			//
+			count = 0;
+			foreach (PgpPublicKeyRing pgpPub4 in pubRings.GetKeyRings("test", true))
+			{
+				if (pgpPub4 == null)
+					Fail("null keyring found");
+
+				count++;
+			}
+
+			if (count != 1)
+			{
+				Fail("wrong number of public keyrings on partial match 1");
+			}
+
+			//
+			// partial match 0 expected
+			//
+			count = 0;
+			foreach (PgpPublicKeyRing pgpPub5 in pubRings.GetKeyRings("XXX", true))
+			{
+				if (pgpPub5 == null)
+					Fail("null keyring found");
+
+				count++;
+			}
+
+			if (count != 0)
+			{
+				Fail("wrong number of public keyrings on partial match 0");
+			}
+
+			//
+			// case-insensitive partial match
+			//
+			count = 0;
+			foreach (PgpPublicKeyRing pgpPub6 in pubRings.GetKeyRings("TEST@ubicall.com", true, true))
+			{
+				if (pgpPub6 == null)
+					Fail("null keyring found");
+
+				count++;
+			}
+
+			if (count != 1)
+			{
+				Fail("wrong number of public keyrings on case-insensitive partial match");
+			}
+
+			PgpSecretKeyRingBundle secretRings = new PgpSecretKeyRingBundle(sec1);
+			count = 0;
+
+			foreach (PgpSecretKeyRing pgpSec1 in secretRings.GetKeyRings())
+			{
+				count++;
+
+				int keyCount = 0;
+
+				byte[] bytes = pgpSec1.GetEncoded();
+
+				PgpSecretKeyRing pgpSec2 = new PgpSecretKeyRing(bytes);
+
+				foreach (PgpSecretKey k in pgpSec2.GetSecretKeys())
+				{
+					keyCount++;
+					PgpPublicKey pk = k.PublicKey;
+
+					pk.GetSignatures();
+
+					byte[] pkBytes = pk.GetEncoded();
+
+					PgpPublicKeyRing pkR = new PgpPublicKeyRing(pkBytes);
+				}
+
+				if (keyCount != 2)
+				{
+					Fail("wrong number of secret keys");
+				}
+			}
+
+			if (count != 1)
+			{
+				Fail("wrong number of secret keyrings");
+			}
+
+			//
+			// exact match
+			//
+			count = 0;
+			foreach (PgpSecretKeyRing o1 in secretRings.GetKeyRings("test (Test key) <test@ubicall.com>"))
+			{
+				if (o1 == null)
+					Fail("null keyring found");
+
+				count++;
+			}
+
+			if (count != 1)
+			{
+				Fail("wrong number of secret keyrings on exact match");
+			}
+
+			//
+			// partial match 1 expected
+			//
+			count = 0;
+			foreach (PgpSecretKeyRing o2 in secretRings.GetKeyRings("test", true))
+			{
+				if (o2 == null)
+					Fail("null keyring found");
+
+				count++;
+			}
+
+			if (count != 1)
+			{
+				Fail("wrong number of secret keyrings on partial match 1");
+			}
+
+			//
+			// exact match 0 expected
+			//
+			count = 0;
+			foreach (PgpSecretKeyRing o3 in secretRings.GetKeyRings("test", false))
+			{
+				if (o3 == null)
+					Fail("null keyring found");
+
+				count++;
+			}
+
+			if (count != 0)
+			{
+				Fail("wrong number of secret keyrings on partial match 0");
+			}
+
+			//
+			// case-insensitive partial match
+			//
+			count = 0;
+			foreach (PgpSecretKeyRing o4 in secretRings.GetKeyRings("TEST@ubicall.com", true, true))
+			{
+				if (o4 == null)
+					Fail("null keyring found");
+
+				count++;
+			}
+
+			if (count != 1)
+			{
+				Fail("wrong number of secret keyrings on case-insensitive partial match");
+			}
+		}
+
+		[Test]
+		public void PerformTest2()
+		{
+			PgpPublicKeyRingBundle pubRings = new PgpPublicKeyRingBundle(pub2);
+
+			int count = 0;
+
+			byte[] encRing = pubRings.GetEncoded();
+
+			pubRings = new PgpPublicKeyRingBundle(encRing);
+
+			foreach (PgpPublicKeyRing pgpPub1 in pubRings.GetKeyRings())
+			{
+				count++;
+
+				int keyCount = 0;
+
+				byte[] bytes = pgpPub1.GetEncoded();
+
+				PgpPublicKeyRing pgpPub2 = new PgpPublicKeyRing(bytes);
+
+				foreach (PgpPublicKey pk in pgpPub2.GetPublicKeys())
+				{
+					byte[] pkBytes = pk.GetEncoded();
+
+					PgpPublicKeyRing pkR = new PgpPublicKeyRing(pkBytes);
+
+					keyCount++;
+				}
+
+				if (keyCount != 2)
+				{
+					Fail("wrong number of public keys");
+				}
+			}
+
+			if (count != 2)
+			{
+				Fail("wrong number of public keyrings");
+			}
+
+			PgpSecretKeyRingBundle secretRings2 = new PgpSecretKeyRingBundle(sec2);
+
+			count = 0;
+
+
+			encRing = secretRings2.GetEncoded();
+			PgpSecretKeyRingBundle secretRings = new PgpSecretKeyRingBundle(encRing);
+
+			foreach (PgpSecretKeyRing pgpSec1 in secretRings2.GetKeyRings())
+			{
+				count++;
+
+				int keyCount = 0;
+
+				byte[] bytes = pgpSec1.GetEncoded();
+
+				PgpSecretKeyRing pgpSec2 = new PgpSecretKeyRing(bytes);
+
+				foreach (PgpSecretKey k in pgpSec2.GetSecretKeys())
+				{
+					keyCount++;
+					PgpPublicKey pk = k.PublicKey;
+
+					if (pk.KeyId == -1413891222336124627L)
+					{
+						int sCount = 0;
+
+						foreach (PgpSignature pgpSignature in pk.GetSignaturesOfType(PgpSignature.SubkeyBinding))
+						{
+							int type = pgpSignature.SignatureType;
+							if (type != PgpSignature.SubkeyBinding)
+							{
+								Fail("failed to return correct signature type");
+							}
+							sCount++;
+						}
+
+						if (sCount != 1)
+						{
+							Fail("failed to find binding signature");
+						}
+					}
+
+					pk.GetSignatures();
+
+					if (k.KeyId == -4049084404703773049L
+						|| k.KeyId == -1413891222336124627L)
+					{
+						k.ExtractPrivateKey(sec2pass1);
+					}
+					else if (k.KeyId == -6498553574938125416L
+						|| k.KeyId == 59034765524361024L)
+					{
+						k.ExtractPrivateKey(sec2pass2);
+					}
+				}
+
+				if (keyCount != 2)
+				{
+					Fail("wrong number of secret keys");
+				}
+			}
+
+			if (count != 2)
+			{
+				Fail("wrong number of secret keyrings");
+			}
+		}
+
+		[Test]
+		public void PerformTest3()
+		{
+			PgpPublicKeyRingBundle pubRings = new PgpPublicKeyRingBundle(pub3);
+
+			int count = 0;
+
+			byte[] encRing = pubRings.GetEncoded();
+
+			pubRings = new PgpPublicKeyRingBundle(encRing);
+
+			foreach (PgpPublicKeyRing pgpPub1 in pubRings.GetKeyRings())
+			{
+				count++;
+
+				int keyCount = 0;
+
+				byte[] bytes = pgpPub1.GetEncoded();
+
+				PgpPublicKeyRing pgpPub2 = new PgpPublicKeyRing(bytes);
+
+				foreach (PgpPublicKey pubK in pgpPub2.GetPublicKeys())
+				{
+					keyCount++;
+					pubK.GetSignatures();
+				}
+
+				if (keyCount != 2)
+				{
+					Fail("wrong number of public keys");
+				}
+			}
+
+			if (count != 1)
+			{
+				Fail("wrong number of public keyrings");
+			}
+
+			PgpSecretKeyRingBundle secretRings2 = new PgpSecretKeyRingBundle(sec3);
+
+			count = 0;
+
+			encRing = secretRings2.GetEncoded();
+
+			PgpSecretKeyRingBundle secretRings = new PgpSecretKeyRingBundle(encRing);
+
+			foreach (PgpSecretKeyRing pgpSec1 in secretRings2.GetKeyRings())
+			{
+				count++;
+
+				int keyCount = 0;
+
+				byte[] bytes = pgpSec1.GetEncoded();
+
+				PgpSecretKeyRing pgpSec2 = new PgpSecretKeyRing(bytes);
+
+				foreach (PgpSecretKey k in pgpSec2.GetSecretKeys())
+				{
+					keyCount++;
+					k.ExtractPrivateKey(sec3pass1);
+				}
+
+				if (keyCount != 2)
+				{
+					Fail("wrong number of secret keys");
+				}
+			}
+
+			if (count != 1)
+			{
+				Fail("wrong number of secret keyrings");
+			}
+		}
+
+		[Test]
+		public void PerformTest4()
+		{
+			PgpSecretKeyRingBundle secretRings1 = new PgpSecretKeyRingBundle(sec4);
+			int count = 0;
+
+
+			byte[] encRing = secretRings1.GetEncoded();
+
+			PgpSecretKeyRingBundle secretRings2 = new PgpSecretKeyRingBundle(encRing);
+
+			foreach (PgpSecretKeyRing pgpSec1 in secretRings1.GetKeyRings())
+			{
+				count++;
+
+				int keyCount = 0;
+
+				byte[] bytes = pgpSec1.GetEncoded();
+
+				PgpSecretKeyRing pgpSec2 = new PgpSecretKeyRing(bytes);
+
+				foreach (PgpSecretKey k in pgpSec2.GetSecretKeys())
+				{
+					keyCount++;
+					k.ExtractPrivateKey(sec3pass1);
+				}
+
+				if (keyCount != 2)
+				{
+					Fail("wrong number of secret keys");
+				}
+			}
+
+			if (count != 1)
+			{
+				Fail("wrong number of secret keyrings");
+			}
+		}
+
+		[Test]
+		public void PerformTest5()
+		{
+			PgpPublicKeyRingBundle pubRings = new PgpPublicKeyRingBundle(pub5);
+
+			int count = 0;
+
+			byte[] encRing = pubRings.GetEncoded();
+
+			pubRings = new PgpPublicKeyRingBundle(encRing);
+
+			foreach (PgpPublicKeyRing pgpPub1 in pubRings.GetKeyRings())
+			{
+				count++;
+
+				int keyCount = 0;
+
+				byte[] bytes = pgpPub1.GetEncoded();
+
+				PgpPublicKeyRing pgpPub2 = new PgpPublicKeyRing(bytes);
+
+				foreach (PgpPublicKey o in pgpPub2.GetPublicKeys())
+				{
+					if (o == null)
+						Fail("null keyring found");
+
+					keyCount++;
+				}
+
+				if (keyCount != 2)
+				{
+					Fail("wrong number of public keys");
+				}
+			}
+
+			if (count != 1)
+			{
+				Fail("wrong number of public keyrings");
+			}
+
+#if INCLUDE_IDEA
+			PgpSecretKeyRingBundle secretRings1 = new PgpSecretKeyRingBundle(sec5);
+
+			count = 0;
+
+			encRing = secretRings1.GetEncoded();
+
+			PgpSecretKeyRingBundle secretRings2 = new PgpSecretKeyRingBundle(encRing);
+
+			foreach (PgpSecretKeyRing pgpSec1 in secretRings1.GetKeyRings())
+			{
+				count++;
+
+				int keyCount = 0;
+
+				byte[] bytes = pgpSec1.GetEncoded();
+
+				PgpSecretKeyRing pgpSec2 = new PgpSecretKeyRing(bytes);
+
+				foreach (PgpSecretKey k in pgpSec2.GetSecretKeys())
+				{
+					keyCount++;
+					k.ExtractPrivateKey(sec5pass1);
+				}
+
+				if (keyCount != 2)
+				{
+					Fail("wrong number of secret keys");
+				}
+			}
+
+			if (count != 1)
+			{
+				Fail("wrong number of secret keyrings");
+			}
+#endif
+		}
+
+		[Test]
+		public void PerformTest6()
+		{
+			PgpPublicKeyRingBundle pubRings = new PgpPublicKeyRingBundle(pub6);
+
+			foreach (PgpPublicKeyRing pgpPub in pubRings.GetKeyRings())
+			{
+				foreach (PgpPublicKey k in pgpPub.GetPublicKeys())
+				{
+					if (k.KeyId == 0x5ce086b5b5a18ff4L)
+					{
+						int count = 0;
+
+						foreach (PgpSignature sig in k.GetSignaturesOfType(PgpSignature.SubkeyRevocation))
+						{
+							if (sig == null)
+								Fail("null signature found");
+
+							count++;
+						}
+
+						if (count != 1)
+						{
+							Fail("wrong number of revocations in test6.");
+						}
+					}
+				}
+			}
+
+			byte[] encRing = pubRings.GetEncoded();
+		}
+
+		[Test, Explicit]
+		public void PerformTest7()
+		{
+			PgpPublicKeyRing pgpPub = new PgpPublicKeyRing(pub7);
+			PgpPublicKey masterKey = null;
+
+			foreach (PgpPublicKey k in pgpPub.GetPublicKeys())
+			{
+				if (k.IsMasterKey)
+				{
+					masterKey = k;
+					continue;
+				}
+
+				int count = 0;
+				PgpSignature sig = null;
+
+				foreach (PgpSignature sigTemp in k.GetSignaturesOfType(PgpSignature.SubkeyRevocation))
+				{
+					sig = sigTemp;
+					count++;
+				}
+
+				if (count != 1)
+				{
+					Fail("wrong number of revocations in test7.");
+				}
+
+				sig.InitVerify(masterKey);
+
+				if (!sig.VerifyCertification(k))
+				{
+					Fail("failed to verify revocation certification");
+				}
+			}
+		}
+
+		[Test]
+		public void PerformTest8()
+		{
+			PgpPublicKeyRingBundle pubRings = new PgpPublicKeyRingBundle(pub8);
+
+			int count = 0;
+
+			byte[] encRing = pubRings.GetEncoded();
+
+			pubRings = new PgpPublicKeyRingBundle(encRing);
+
+			foreach (PgpPublicKeyRing pgpPub1 in pubRings.GetKeyRings())
+			{
+				count++;
+
+				int keyCount = 0;
+
+				byte[] bytes = pgpPub1.GetEncoded();
+
+				PgpPublicKeyRing pgpPub2 = new PgpPublicKeyRing(bytes);
+
+				foreach (PgpPublicKey o in pgpPub2.GetPublicKeys())
+				{
+					if (o == null)
+						Fail("null key found");
+
+					keyCount++;
+				}
+
+				if (keyCount != 2)
+				{
+					Fail("wrong number of public keys");
+				}
+			}
+
+			if (count != 2)
+			{
+				Fail("wrong number of public keyrings");
+			}
+
+			PgpSecretKeyRingBundle secretRings1 = new PgpSecretKeyRingBundle(sec8);
+
+			count = 0;
+
+			encRing = secretRings1.GetEncoded();
+
+			PgpSecretKeyRingBundle secretRings2 = new PgpSecretKeyRingBundle(encRing);
+
+			foreach (PgpSecretKeyRing pgpSec1 in secretRings1.GetKeyRings())
+			{
+				count++;
+
+				int keyCount = 0;
+
+				byte[] bytes = pgpSec1.GetEncoded();
+
+				PgpSecretKeyRing pgpSec2 = new PgpSecretKeyRing(bytes);
+
+				foreach (PgpSecretKey k in pgpSec2.GetSecretKeys())
+				{
+					keyCount++;
+					k.ExtractPrivateKey(sec8pass);
+				}
+
+				if (keyCount != 2)
+				{
+					Fail("wrong number of secret keys");
+				}
+			}
+
+			if (count != 1)
+			{
+				Fail("wrong number of secret keyrings");
+			}
+		}
+
+		[Test]
+		public void PerformTest9()
+		{
+			PgpSecretKeyRingBundle secretRings1 = new PgpSecretKeyRingBundle(sec9);
+
+			int count = 0;
+
+			byte[] encRing = secretRings1.GetEncoded();
+
+			PgpSecretKeyRingBundle secretRings2 = new PgpSecretKeyRingBundle(encRing);
+
+			foreach (PgpSecretKeyRing pgpSec1 in secretRings1.GetKeyRings())
+			{
+				count++;
+
+				int keyCount = 0;
+
+				byte[] bytes = pgpSec1.GetEncoded();
+
+				PgpSecretKeyRing pgpSec2 = new PgpSecretKeyRing(bytes);
+
+				foreach (PgpSecretKey k in pgpSec2.GetSecretKeys())
+				{
+					keyCount++;
+
+					PgpPrivateKey pKey = k.ExtractPrivateKey(sec9pass);
+					if (keyCount == 1 && pKey != null)
+					{
+						Fail("primary secret key found, null expected");
+					}
+				}
+
+				if (keyCount != 3)
+				{
+					Fail("wrong number of secret keys");
+				}
+			}
+
+			if (count != 1)
+			{
+				Fail("wrong number of secret keyrings");
+			}
+		}
+
+		[Test]
+		public void PerformTest10()
+		{
+			PgpSecretKeyRing secretRing = new PgpSecretKeyRing(sec10);
+
+			foreach (PgpSecretKey secretKey in secretRing.GetSecretKeys())
+			{
+				PgpPublicKey pubKey = secretKey.PublicKey;
+
+				if (pubKey.ValidDays != 28)
+				{
+					Fail("days wrong on secret key ring");
+				}
+
+				if (pubKey.GetValidSeconds() != 28 * 24 * 60 * 60)
+				{
+					Fail("seconds wrong on secret key ring");
+				}
+			}
+
+			PgpPublicKeyRing publicRing = new PgpPublicKeyRing(pub10);
+
+			foreach (PgpPublicKey pubKey in publicRing.GetPublicKeys())
+			{
+				if (pubKey.ValidDays != 28)
+				{
+					Fail("days wrong on public key ring");
+				}
+
+				if (pubKey.GetValidSeconds() != 28 * 24 * 60 * 60)
+				{
+					Fail("seconds wrong on public key ring");
+				}
+			}
+		}
+
+		[Test]
+		public void PerformTest11()
+		{
+			PgpPublicKeyRing pubRing = new PgpPublicKeyRing(subKeyBindingKey);
+
+			foreach (PgpPublicKey key in pubRing.GetPublicKeys())
+			{
+				if (key.GetValidSeconds() != 0)
+				{
+					Fail("expiration time non-zero");
+				}
+			}
+		}
+
+		[Test]
+		public void GenerateTest()
+		{
+			char[] passPhrase = "hello".ToCharArray();
+			DsaParametersGenerator pGen = new DsaParametersGenerator();
+			pGen.Init(512, 80, new SecureRandom());
+			DsaParameters dsaParams = pGen.GenerateParameters();
+			DsaKeyGenerationParameters dsaKgp = new DsaKeyGenerationParameters(new SecureRandom(), dsaParams);
+			IAsymmetricCipherKeyPairGenerator dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA");
+			dsaKpg.Init(dsaKgp);
+
+
+			//
+			// this takes a while as the key generator has to Generate some DSA parameters
+			// before it Generates the key.
+			//
+			AsymmetricCipherKeyPair dsaKp = dsaKpg.GenerateKeyPair();
+			IAsymmetricCipherKeyPairGenerator elgKpg = GeneratorUtilities.GetKeyPairGenerator("ELGAMAL");
+
+			BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
+			BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
+
+			ElGamalParameters elParams = new ElGamalParameters(p, g);
+			ElGamalKeyGenerationParameters elKgp = new ElGamalKeyGenerationParameters(new SecureRandom(), elParams);
+			elgKpg.Init(elKgp);
+
+			//
+			// this is quicker because we are using preGenerated parameters.
+			//
+			AsymmetricCipherKeyPair elgKp = elgKpg.GenerateKeyPair();
+			PgpKeyPair dsaKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa, dsaKp, DateTime.UtcNow);
+			PgpKeyPair elgKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ElGamalEncrypt, elgKp, DateTime.UtcNow);
+
+			PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, dsaKeyPair,
+				"test", SymmetricKeyAlgorithmTag.Aes256, passPhrase, null, null, new SecureRandom());
+
+			keyRingGen.AddSubKey(elgKeyPair);
+
+			PgpSecretKeyRing keyRing = keyRingGen.GenerateSecretKeyRing();
+
+			keyRing.GetSecretKey().ExtractPrivateKey(passPhrase);
+
+			PgpPublicKeyRing pubRing = keyRingGen.GeneratePublicKeyRing();
+
+			PgpPublicKey vKey = null;
+			PgpPublicKey sKey = null;
+
+			foreach (PgpPublicKey pk in pubRing.GetPublicKeys())
+			{
+				if (pk.IsMasterKey)
+				{
+					vKey = pk;
+				}
+				else
+				{
+					sKey = pk;
+				}
+			}
+
+			foreach (PgpSignature sig in sKey.GetSignatures())
+			{
+				if (sig.KeyId == vKey.KeyId
+					&& sig.SignatureType == PgpSignature.SubkeyBinding)
+				{
+					sig.InitVerify(vKey);
+
+					if (!sig.VerifyCertification(vKey, sKey))
+					{
+						Fail("failed to verify sub-key signature.");
+					}
+				}
+			}
+		}
+
+		[Test]
+		public void InsertMasterTest()
+		{
+			SecureRandom random = new SecureRandom();
+
+			char[] passPhrase = "hello".ToCharArray();
+			IAsymmetricCipherKeyPairGenerator rsaKpg = GeneratorUtilities.GetKeyPairGenerator("RSA");
+
+			rsaKpg.Init(new KeyGenerationParameters(random, 512));
+
+			//
+			// this is quicker because we are using pregenerated parameters.
+			//
+			AsymmetricCipherKeyPair rsaKp = rsaKpg.GenerateKeyPair();
+			PgpKeyPair rsaKeyPair1 = new PgpKeyPair(PublicKeyAlgorithmTag.RsaGeneral, rsaKp, DateTime.UtcNow);
+
+			rsaKp = rsaKpg.GenerateKeyPair();
+			PgpKeyPair rsaKeyPair2 = new PgpKeyPair(PublicKeyAlgorithmTag.RsaGeneral, rsaKp, DateTime.UtcNow);
+
+			PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification,
+				rsaKeyPair1, "test", SymmetricKeyAlgorithmTag.Aes256, passPhrase, null, null, random);
+			PgpSecretKeyRing secRing1 = keyRingGen.GenerateSecretKeyRing();
+			PgpPublicKeyRing pubRing1 = keyRingGen.GeneratePublicKeyRing();
+
+			keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification,
+				rsaKeyPair2, "test", SymmetricKeyAlgorithmTag.Aes256, passPhrase, null, null, random);
+			PgpSecretKeyRing secRing2 = keyRingGen.GenerateSecretKeyRing();
+			PgpPublicKeyRing pubRing2 = keyRingGen.GeneratePublicKeyRing();
+
+			try
+			{
+				PgpPublicKeyRing.InsertPublicKey(pubRing1, pubRing2.GetPublicKey());
+				Fail("adding second master key (public) should throw an ArgumentException");
+			}
+			catch (ArgumentException e)
+			{
+				if (!e.Message.Equals("cannot add a master key to a ring that already has one"))
+				{
+					Fail("wrong message in public test");
+				}
+			}
+
+			try
+			{
+				PgpSecretKeyRing.InsertSecretKey(secRing1, secRing2.GetSecretKey());
+				Fail("adding second master key (secret) should throw an ArgumentException");
+			}
+			catch (ArgumentException e)
+			{
+				if (!e.Message.Equals("cannot add a master key to a ring that already has one"))
+				{
+					Fail("wrong message in secret test");
+				}
+			}
+		}
+
+		[Test]
+		public void GenerateSha1Test()
+		{
+			char[] passPhrase = "hello".ToCharArray();
+
+			IAsymmetricCipherKeyPairGenerator dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA");
+			DsaParametersGenerator pGen = new DsaParametersGenerator();
+			pGen.Init(512, 80, new SecureRandom());
+			DsaParameters dsaParams = pGen.GenerateParameters();
+			DsaKeyGenerationParameters kgp = new DsaKeyGenerationParameters(new SecureRandom(), dsaParams);
+			dsaKpg.Init(kgp);
+
+			//
+			// this takes a while as the key generator has to generate some DSA params
+			// before it generates the key.
+			//
+			AsymmetricCipherKeyPair dsaKp = dsaKpg.GenerateKeyPair();
+
+
+			IAsymmetricCipherKeyPairGenerator elgKpg = GeneratorUtilities.GetKeyPairGenerator("ELGAMAL");
+
+			BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
+			BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
+
+			ElGamalParameters elParams = new ElGamalParameters(p, g);
+			ElGamalKeyGenerationParameters elKgp = new ElGamalKeyGenerationParameters(new SecureRandom(), elParams);
+			elgKpg.Init(elKgp);
+
+			//
+			// this is quicker because we are using preGenerated parameters.
+			//
+			AsymmetricCipherKeyPair elgKp = elgKpg.GenerateKeyPair();
+
+
+			PgpKeyPair dsaKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa, dsaKp, DateTime.UtcNow);
+			PgpKeyPair elgKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ElGamalEncrypt, elgKp, DateTime.UtcNow);
+
+			PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, dsaKeyPair,
+				"test", SymmetricKeyAlgorithmTag.Aes256, passPhrase, true, null, null, new SecureRandom());
+
+			keyRingGen.AddSubKey(elgKeyPair);
+
+			PgpSecretKeyRing keyRing = keyRingGen.GenerateSecretKeyRing();
+
+			keyRing.GetSecretKey().ExtractPrivateKey(passPhrase);
+
+			PgpPublicKeyRing pubRing = keyRingGen.GeneratePublicKeyRing();
+
+			PgpPublicKey vKey = null;
+			PgpPublicKey sKey = null;
+
+			foreach (PgpPublicKey pk in pubRing.GetPublicKeys())
+			{
+				if (pk.IsMasterKey)
+				{
+					vKey = pk;
+				}
+				else
+				{
+					sKey = pk;
+				}
+			}
+
+			foreach (PgpSignature sig in sKey.GetSignatures())
+			{
+				if (sig.KeyId == vKey.KeyId
+					&& sig.SignatureType == PgpSignature.SubkeyBinding)
+				{
+					sig.InitVerify(vKey);
+
+					if (!sig.VerifyCertification(vKey, sKey))
+					{
+						Fail("failed to verify sub-key signature.");
+					}
+				}
+			}
+		}
+
+		[Test]
+		public void RewrapTest()
+		{
+			SecureRandom rand = new SecureRandom();
+
+			// Read the secret key rings
+			PgpSecretKeyRingBundle privRings = new PgpSecretKeyRingBundle(
+				new MemoryStream(rewrapKey, false));
+
+			foreach (PgpSecretKeyRing pgpPrivEnum in privRings.GetKeyRings())
+			{
+				foreach (PgpSecretKey pgpKeyEnum in pgpPrivEnum.GetSecretKeys())
+				{
+					// re-encrypt the key with an empty password
+					PgpSecretKeyRing pgpPriv = PgpSecretKeyRing.RemoveSecretKey(pgpPrivEnum, pgpKeyEnum);
+					PgpSecretKey pgpKey = PgpSecretKey.CopyWithNewPassword(
+						pgpKeyEnum,
+						rewrapPass,
+						null,
+						SymmetricKeyAlgorithmTag.Null,
+						rand);
+					pgpPriv = PgpSecretKeyRing.InsertSecretKey(pgpPriv, pgpKey);
+
+					// this should succeed
+					PgpPrivateKey privTmp = pgpKey.ExtractPrivateKey(null);
+				}
+			}
+		}
+
+		[Test]
+		public void PublicKeyRingWithX509Test()
+		{
+			checkPublicKeyRingWithX509(pubWithX509);
+
+			PgpPublicKeyRing pubRing = new PgpPublicKeyRing(pubWithX509);
+
+			checkPublicKeyRingWithX509(pubRing.GetEncoded());
+		}
+
+		[Test]
+		public void SecretKeyRingWithPersonalCertificateTest()
+		{
+			checkSecretKeyRingWithPersonalCertificate(secWithPersonalCertificate);
+			PgpSecretKeyRingBundle secRing = new PgpSecretKeyRingBundle(secWithPersonalCertificate);
+			checkSecretKeyRingWithPersonalCertificate(secRing.GetEncoded());
+		}
+
+		private void checkSecretKeyRingWithPersonalCertificate(
+			byte[] keyRing)
+		{
+			PgpSecretKeyRingBundle secCol = new PgpSecretKeyRingBundle(keyRing);
+
+			int count = 0;
+
+			foreach (PgpSecretKeyRing ring in secCol.GetKeyRings())
+			{
+				IEnumerator e = ring.GetExtraPublicKeys().GetEnumerator();
+				while (e.MoveNext())
+				{
+					++count;
+				}
+			}
+
+			if (count != 1)
+			{
+				Fail("personal certificate data subkey not found - count = " + count);
+			}
+		}
+
+		private void checkPublicKeyRingWithX509(
+			byte[] keyRing)
+		{
+			PgpPublicKeyRing pubRing = new PgpPublicKeyRing(keyRing);
+			IEnumerator en = pubRing.GetPublicKeys().GetEnumerator();
+
+			if (en.MoveNext())
+			{
+				PgpPublicKey key = (PgpPublicKey) en.Current;
+
+				IEnumerator sEn = key.GetSignatures().GetEnumerator();
+
+				if (sEn.MoveNext())
+				{
+					PgpSignature sig = (PgpSignature) sEn.Current;
+					if (sig.KeyAlgorithm != PublicKeyAlgorithmTag.Experimental_1)
+					{
+						Fail("experimental signature not found");
+					}
+					if (!AreEqual(sig.GetSignature(), Hex.Decode("000101")))
+					{
+						Fail("experimental encoding check failed");
+					}
+				}
+				else
+				{
+					Fail("no signature found");
+				}
+			}
+			else
+			{
+				Fail("no key found");
+			}
+		}
+
+		public override void PerformTest()
+		{
+			PerformTest1();
+			PerformTest2();
+			PerformTest3();
+			PerformTest4();
+			PerformTest5();
+			PerformTest6();
+
+			// NB: This was commented out in the original Java source
+			//PerformTest7();
+
+			PerformTest8();
+			PerformTest9();
+			PerformTest10();
+			PerformTest11();
+
+			GenerateTest();
+			GenerateSha1Test();
+			RewrapTest();
+			PublicKeyRingWithX509Test();
+			SecretKeyRingWithPersonalCertificateTest();
+			InsertMasterTest();
+		}
+
+		public override string Name
+		{
+			get { return "PgpKeyRingTest"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new PgpKeyRingTest());
+		}
+	}
+}
diff --git a/crypto/test/src/openpgp/test/PgpMarkerTest.cs b/crypto/test/src/openpgp/test/PgpMarkerTest.cs
new file mode 100644
index 000000000..89be7cd52
--- /dev/null
+++ b/crypto/test/src/openpgp/test/PgpMarkerTest.cs
@@ -0,0 +1,102 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
+{
+    [TestFixture]
+    public class PgpMarkerTest
+        : SimpleTest
+    {
+        private static readonly byte[] message1 = Base64.Decode(
+            "qANQR1DBwU4DdrlXatQSHgoQCADWlhY3bWWaOTm4t2espRWPFQmETeinnieHce64"
+            + "lmEIFzaryEWeSdQc8XGfDzcb7sxq7b5b9Hm6OrACcCbSp2KGEJNG5kJmo2A16UPq"
+            + "JdK4xNelpJRh3KcJPv+N/9VJrMdj4C+DRnGNFg1hTQf3RKsX+ms2V0OBC5vGlOZY"
+            + "zX+XZz/7hl1PXVLN23u4npZI/1xETI2VtRoM76S6oykGXxMtT3+sGU1fAVEKVS45"
+            + "pyQHWbBqApkWrURq0xBqpVfDwOgGw09dJxt2igW9hjvNAd9tJiMGrMF5o2OLlub7"
+            + "c7FiK+dWLLcw+nx7Hl6FQmo9E8qyW8x1Cb78HjR/JXMgH/ngB/4gba6xX+s5TJkW"
+            + "H2Wpp5ePTw39EqHosUMrm05R+C0ha3EyyaJIvKj2WWmImKu5PWo1t37Pi6KHFNC3"
+            + "wsYJMRKnnNtd34luMTOgLpDcdgClzfp2p6EqHMoB7Uj3etlLmbN+vpGgz9qkLBRV"
+            + "7MpR1yE9qrZNeGgbkry6N31w5E7HoAHu5JNcwxgzbJoj2lI8uvs6Gf7fEoQOuAPE"
+            + "W/SGlfR2BdBPiJ1yErMElc2O8LVS0wTwwifHpEsMV+1ntl1EC5d052lo+6q7zNqD"
+            + "uYt1/2if6h9W9fe+S9mzr0ZAtxIN2ZGOFJJRnqzjDQ4siB9nnwr6YgvUVRSr/lQB"
+            + "hDTd0bmjyWacCt0PPMJWchO6A5tzqKUpTWSYibpdks80kLQogQHsJTZd/kpS0I6f"
+            + "gD0HYYlMssZwhg2J2TWwXDpDTgQ6mzFKbGSdOSk/deTJj2+EubzxaZcxZEocCJA8"
+            + "bppCj4kLBnCj1LjYx7A=");
+
+        private static readonly byte[] message2 = Base64.Decode(
+            "qANQR1DBwU4DZlTzKj+E4aMQCADruFAojUIlHGcnswLIekvhbVnaHnbCt6Kp"
+            + "IL2zppmEIYJ9n1xCO1k+3Y5j9vNATbqCVWs1HD0aAL3PRI1eZ1l8GkIBCd2z"
+            + "tcZpSI/uyI/JCzVW2stCH0gpP2V7zcjk8HaIuBz4ZsyU9m7v6LwCDPB4CTrb"
+            + "Z5nn5Jm3eowonQsRL/3TpJtG+IjTaw29NbCBNNX8quM5LwfIsfWovqNv28r1"
+            + "aX8FsqoTRsWEfQ7dMV/swVGqv0PgKxqErdnZVJ2yOJqjLk+lBJT6zhqPijGV"
+            + "10pc68hdZxxLU1KZq25DAjS12xcAgagjRkOmYE/H1oEjGZlXfS4y/xQ7skHa"
+            + "HI+b04vECACTpQPwCXhxYiNWnf4XhJPONIGyrsXVtsTNwzOShFPmeUvpipP4"
+            + "HknakBkBuUY49xcffQogW/NlGCZnQOulDLE6fCH/krkSmI8WVP5Vhf6bM1Qm"
+            + "92dHZFoTrrcQ9NVGaCNHHWf7KXkNfKdTkE23LdggoVrVAzO4WcdqVc6s/or7"
+            + "jQYP9zXLeu8+GGFMxe/9FCtoIWbujGQHsdDEkCK4h+D44EVDPzbvWj39ZB4w"
+            + "hHoab8RLHd7njcrPeoCPdYkFVCKOSuLdxxYZDbbmgpISaafrafwefkkESeGu"
+            + "JzbNhmyS8zfOiejWzndaLYWUSE/sqISK9Pg+xKundnFPk04+AhIRyYEoUjG3"
+            + "LgGVyM49mrM8E7QwAGU0m/VCJLoOu+N74Z1rp1wFdA5yCllFlONNM4Czhd1D"
+            + "ZMyLFqGXiKlyVCPlUTN2uVisYQGr6iNGYSPxpKjwiAzdeeQBPOETG0vd3nTO"
+            + "MN4BMKcG+kRJd5FU72SRfmbGwPPjd1gts9xFvtj4Tvpkam8=");
+
+		public override void PerformTest()
+        {
+            //
+            // test encrypted message
+            //
+            PgpObjectFactory pgpFact = new PgpObjectFactory(message1);
+
+            if (pgpFact.NextPgpObject() is PgpMarker)
+            {
+                if (pgpFact.NextPgpObject() is PgpEncryptedDataList)
+                {
+                    return;
+                }
+                else
+                {
+                    Fail("error processing after marker.");
+                }
+            }
+
+			// TODO Does this even get called?
+			pgpFact = new PgpObjectFactory(message2);
+
+            if (pgpFact.NextPgpObject() is PgpMarker)
+            {
+                if (!(pgpFact.NextPgpObject() is PgpEncryptedDataList))
+                {
+                    return;
+                }
+                else
+                {
+                    Fail("error processing after marker.");
+                }
+            }
+        }
+
+		public override string Name
+        {
+			get { return "PgpMarkerTest"; }
+        }
+
+		public static void Main(
+            string[] args)
+        {
+            RunTest(new PgpMarkerTest());
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/openpgp/test/RegressionTest.cs b/crypto/test/src/openpgp/test/RegressionTest.cs
new file mode 100644
index 000000000..d74c5d483
--- /dev/null
+++ b/crypto/test/src/openpgp/test/RegressionTest.cs
@@ -0,0 +1,34 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
+{
+    public class RegressionTest
+    {
+        public static ITest[] tests =
+		{
+            new PgpKeyRingTest(),
+            new PgpRsaTest(),
+            new PgpDsaTest(),
+            new PgpDsaElGamalTest(),
+            new PgpPbeTest(),
+            new PgpMarkerTest(),
+            new PgpPacketTest(),
+			new PgpArmoredTest(),
+			new PgpSignatureTest(),
+			new PgpClearSignedSignatureTest(),
+            new PgpCompressionTest()
+        };
+
+		public static void Main(
+			string[] args)
+        {
+			foreach (ITest test in tests)
+			{
+				ITestResult result = test.Perform();
+                Console.WriteLine(result);
+            }
+        }
+    }
+}
diff --git a/crypto/test/src/openssl/test/AllTests.cs b/crypto/test/src/openssl/test/AllTests.cs
new file mode 100644
index 000000000..921208179
--- /dev/null
+++ b/crypto/test/src/openssl/test/AllTests.cs
@@ -0,0 +1,133 @@
+using System;
+using System.IO;
+using System.Text;
+
+using NUnit.Core;
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.OpenSsl.Tests
+{
+	[TestFixture]
+	public class AllTests
+	{
+		private class Password
+			: IPasswordFinder
+		{
+			private readonly char[] password;
+
+			public Password(
+				char[] word)
+			{
+				this.password = (char[]) word.Clone();
+			}
+
+			public char[] GetPassword()
+			{
+				return (char[]) password.Clone();
+			}
+		}
+		
+		[Suite]
+		public static TestSuite Suite
+		{
+			get
+			{
+				TestSuite suite = new TestSuite("OpenSSL Tests");
+				suite.Add(new AllTests());
+				return suite;
+			}
+		}
+
+		[Test]
+		public void TestOpenSsl()
+		{
+			Org.BouncyCastle.Utilities.Test.ITest[] tests = new Org.BouncyCastle.Utilities.Test.ITest[]{
+				new ReaderTest(),
+				new WriterTest()
+			};
+
+			foreach (Org.BouncyCastle.Utilities.Test.ITest test in tests)
+			{
+				SimpleTestResult result = (SimpleTestResult)test.Perform();
+
+				if (!result.IsSuccessful())
+				{
+					Assert.Fail(result.ToString());
+				}
+			}
+		}
+
+		[Test]
+		public void TestPkcs8Encrypted()
+		{
+			IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
+			kpGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024));
+
+			AsymmetricKeyParameter privKey = kpGen.GenerateKeyPair().Private;
+
+			// FIXME see PbeUtilities and Pkcs8Generator
+//			EncryptedTest(privKey, Pkcs8Generator.Aes256Cbc);
+//			EncryptedTest(privKey, Pkcs8Generator.Des3Cbc);
+			EncryptedTest(privKey, Pkcs8Generator.PbeSha1_3DES);
+		}
+
+		private void EncryptedTest(AsymmetricKeyParameter privKey, string algorithm)
+		{
+			StringWriter sw = new StringWriter();
+			PemWriter pWrt = new PemWriter(sw);
+			Pkcs8Generator pkcs8 = new Pkcs8Generator(privKey, algorithm);
+			pkcs8.Password = "hello".ToCharArray();
+
+			pWrt.WriteObject(pkcs8);
+			pWrt.Writer.Close();
+
+			String result = sw.ToString();
+
+			PemReader pRd = new PemReader(new StringReader(result), new Password("hello".ToCharArray()));
+
+			AsymmetricKeyParameter rdKey = (AsymmetricKeyParameter)pRd.ReadObject();
+			pRd.Reader.Close();
+
+			Assert.AreEqual(privKey, rdKey);
+		}
+
+		[Test]
+		public void TestPkcs8Plain()
+		{
+			IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
+			kpGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024));
+
+			AsymmetricKeyParameter privKey = kpGen.GenerateKeyPair().Private;
+
+			StringWriter sw = new StringWriter();
+			PemWriter pWrt = new PemWriter(sw);
+
+			Pkcs8Generator pkcs8 = new Pkcs8Generator(privKey);
+			pWrt.WriteObject(pkcs8);
+			pWrt.Writer.Close();
+
+			string result = sw.ToString();
+
+			PemReader pRd = new PemReader(new StringReader(result), new Password("hello".ToCharArray()));
+
+			AsymmetricKeyParameter rdKey = (AsymmetricKeyParameter)pRd.ReadObject();
+			pRd.Reader.Close();
+
+			Assert.AreEqual(privKey, rdKey);
+		}
+
+        public static void Main(
+			string[] args)
+        {
+            //junit.textui.TestRunner.run(suite());
+            EventListener el = new NullListener();
+            Suite.Run(el);
+        }
+	}
+}
diff --git a/crypto/test/src/openssl/test/ReaderTest.cs b/crypto/test/src/openssl/test/ReaderTest.cs
new file mode 100644
index 000000000..d27ed742f
--- /dev/null
+++ b/crypto/test/src/openssl/test/ReaderTest.cs
@@ -0,0 +1,380 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.OpenSsl.Tests
+{
+	/**
+	* basic class for reading test.pem - the password is "secret"
+	*/
+	[TestFixture]
+	public class ReaderTest
+		: SimpleTest
+	{
+		private class Password
+			: IPasswordFinder
+		{
+			private readonly char[] password;
+
+			public Password(
+				char[] word)
+			{
+				this.password = (char[]) word.Clone();
+			}
+
+			public char[] GetPassword()
+			{
+				return (char[]) password.Clone();
+			}
+		}
+
+		public override string Name
+		{
+			get { return "PEMReaderTest"; }
+		}
+
+		public override void PerformTest()
+		{
+			IPasswordFinder pGet = new Password("secret".ToCharArray());
+			PemReader pemRd = OpenPemResource("test.pem", pGet);
+			AsymmetricCipherKeyPair pair;
+
+			object o;
+			while ((o = pemRd.ReadObject()) != null)
+			{
+//				if (o is AsymmetricCipherKeyPair)
+//				{
+//					ackp = (AsymmetricCipherKeyPair)o;
+//
+//					Console.WriteLine(ackp.Public);
+//					Console.WriteLine(ackp.Private);
+//				}
+//				else
+//				{
+//					Console.WriteLine(o.ToString());
+//				}
+			}
+
+			//
+			// pkcs 7 data
+			//
+			pemRd = OpenPemResource("pkcs7.pem", null);
+
+			ContentInfo d = (ContentInfo)pemRd.ReadObject();    
+	
+			if (!d.ContentType.Equals(CmsObjectIdentifiers.EnvelopedData))
+			{
+				Fail("failed envelopedData check");
+			}
+
+			/*
+			{
+				//
+				// ECKey
+				//
+				pemRd = OpenPemResource("eckey.pem", null);
+	
+				// TODO Resolve return type issue with EC keys and fix PemReader to return parameters
+//				ECNamedCurveParameterSpec spec = (ECNamedCurveParameterSpec)pemRd.ReadObject();
+	
+				pair = (AsymmetricCipherKeyPair)pemRd.ReadObject();
+				ISigner sgr = SignerUtilities.GetSigner("ECDSA");
+	
+				sgr.Init(true, pair.Private);
+	
+				byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
+	
+				sgr.BlockUpdate(message, 0, message.Length);
+	
+				byte[] sigBytes = sgr.GenerateSignature();
+	
+				sgr.Init(false, pair.Public);
+	
+				sgr.BlockUpdate(message, 0, message.Length);
+	
+				if (!sgr.VerifySignature(sigBytes))
+				{
+					Fail("EC verification failed");
+				}
+
+				// TODO Resolve this issue with the algorithm name, study Java version
+//				if (!((ECPublicKeyParameters) pair.Public).AlgorithmName.Equals("ECDSA"))
+//				{
+//					Fail("wrong algorithm name on public got: " + ((ECPublicKeyParameters) pair.Public).AlgorithmName);
+//				}
+//	
+//				if (!((ECPrivateKeyParameters) pair.Private).AlgorithmName.Equals("ECDSA"))
+//				{
+//					Fail("wrong algorithm name on private got: " + ((ECPrivateKeyParameters) pair.Private).AlgorithmName);
+//				}
+			}
+			*/
+
+			//
+			// writer/parser test
+			//
+			IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
+			kpGen.Init(
+				new RsaKeyGenerationParameters(
+				BigInteger.ValueOf(0x10001),
+				new SecureRandom(),
+				768,
+				25));
+
+			pair = kpGen.GenerateKeyPair();
+
+			keyPairTest("RSA", pair);
+
+//			kpGen = KeyPairGenerator.getInstance("DSA");
+//			kpGen.initialize(512, new SecureRandom());
+			DsaParametersGenerator pGen = new DsaParametersGenerator();
+			pGen.Init(512, 80, new SecureRandom());
+
+			kpGen = GeneratorUtilities.GetKeyPairGenerator("DSA");
+			kpGen.Init(
+				new DsaKeyGenerationParameters(
+					new SecureRandom(),
+					pGen.GenerateParameters()));
+
+			pair = kpGen.GenerateKeyPair();
+
+			keyPairTest("DSA", pair);
+
+			//
+			// PKCS7
+			//
+			MemoryStream bOut = new MemoryStream();
+			PemWriter pWrt = new PemWriter(new StreamWriter(bOut));
+
+			pWrt.WriteObject(d);
+			pWrt.Writer.Close();
+
+			pemRd = new PemReader(new StreamReader(new MemoryStream(bOut.ToArray(), false)));
+			d = (ContentInfo)pemRd.ReadObject();    
+
+			if (!d.ContentType.Equals(CmsObjectIdentifiers.EnvelopedData))
+			{
+				Fail("failed envelopedData recode check");
+			}
+
+
+			// OpenSSL test cases (as embedded resources)
+			doOpenSslDsaTest("unencrypted");
+			doOpenSslRsaTest("unencrypted");
+
+			doOpenSslTests("aes128");
+			doOpenSslTests("aes192");
+			doOpenSslTests("aes256");
+			doOpenSslTests("blowfish");
+			doOpenSslTests("des1");
+			doOpenSslTests("des2");
+			doOpenSslTests("des3");
+			doOpenSslTests("rc2_128");
+
+			doOpenSslDsaTest("rc2_40_cbc");
+			doOpenSslRsaTest("rc2_40_cbc");
+			doOpenSslDsaTest("rc2_64_cbc");
+			doOpenSslRsaTest("rc2_64_cbc");
+
+			// TODO Figure out why exceptions differ for commented out cases
+			doDudPasswordTest("7fd98", 0, "Corrupted stream - out of bounds length found");
+			doDudPasswordTest("ef677", 1, "Corrupted stream - out of bounds length found");
+//			doDudPasswordTest("800ce", 2, "cannot recognise object in stream");
+			doDudPasswordTest("b6cd8", 3, "DEF length 81 object truncated by 56");
+			doDudPasswordTest("28ce09", 4, "DEF length 110 object truncated by 28");
+			doDudPasswordTest("2ac3b9", 5, "DER length more than 4 bytes: 11");
+			doDudPasswordTest("2cba96", 6, "DEF length 100 object truncated by 35");
+			doDudPasswordTest("2e3354", 7, "DEF length 42 object truncated by 9");
+			doDudPasswordTest("2f4142", 8, "DER length more than 4 bytes: 14");
+			doDudPasswordTest("2fe9bb", 9, "DER length more than 4 bytes: 65");
+			doDudPasswordTest("3ee7a8", 10, "DER length more than 4 bytes: 57");
+			doDudPasswordTest("41af75", 11, "malformed sequence in DSA private key");
+			doDudPasswordTest("1704a5", 12, "corrupted stream detected");
+//			doDudPasswordTest("1c5822", 13, "corrupted stream detected");
+//			doDudPasswordTest("5a3d16", 14, "corrupted stream detected");
+			doDudPasswordTest("8d0c97", 15, "corrupted stream detected");
+			doDudPasswordTest("bc0daf", 16, "corrupted stream detected");
+			doDudPasswordTest("aaf9c4d",17, "Corrupted stream - out of bounds length found");
+
+			// encrypted private key test
+			pGet = new Password("password".ToCharArray());
+			pemRd = OpenPemResource("enckey.pem", pGet);
+
+			RsaPrivateCrtKeyParameters privKey = (RsaPrivateCrtKeyParameters)pemRd.ReadObject();
+
+			if (!privKey.PublicExponent.Equals(new BigInteger("10001", 16)))
+			{
+				Fail("decryption of private key data check failed");
+			}
+
+			// general PKCS8 test
+			pGet = new Password("password".ToCharArray());
+			pemRd = OpenPemResource("pkcs8test.pem", pGet);
+
+			while ((privKey = (RsaPrivateCrtKeyParameters)pemRd.ReadObject()) != null)
+			{
+				if (!privKey.PublicExponent.Equals(new BigInteger("10001", 16)))
+				{
+					Fail("decryption of private key data check failed");
+				}
+			}
+		}
+
+		private void keyPairTest(
+			string					name,
+			AsymmetricCipherKeyPair	pair) 
+		{
+			MemoryStream bOut = new MemoryStream();
+			PemWriter pWrt = new PemWriter(new StreamWriter(bOut));
+
+			pWrt.WriteObject(pair.Public);
+			pWrt.Writer.Close();
+
+			PemReader pemRd = new PemReader(new StreamReader(new MemoryStream(bOut.ToArray(), false)));
+
+			AsymmetricKeyParameter pubK = (AsymmetricKeyParameter) pemRd.ReadObject();
+			if (!pubK.Equals(pair.Public))
+			{
+				Fail("Failed public key read: " + name);
+			}
+
+			bOut = new MemoryStream();
+			pWrt = new PemWriter(new StreamWriter(bOut));
+
+			pWrt.WriteObject(pair.Private);
+			pWrt.Writer.Close();
+
+			pemRd = new PemReader(new StreamReader(new MemoryStream(bOut.ToArray(), false)));
+
+			AsymmetricCipherKeyPair kPair = (AsymmetricCipherKeyPair) pemRd.ReadObject();
+			if (!kPair.Private.Equals(pair.Private))
+			{
+				Fail("Failed private key read: " + name);
+			}
+	        
+			if (!kPair.Public.Equals(pair.Public))
+			{
+				Fail("Failed private key public read: " + name);
+			}
+		}
+
+		private void doOpenSslTests(
+			string baseName)
+		{
+			doOpenSslDsaModesTest(baseName);
+			doOpenSslRsaModesTest(baseName);
+		}
+
+		private void doOpenSslDsaModesTest(
+			string baseName)
+		{
+			doOpenSslDsaTest(baseName + "_cbc");
+			doOpenSslDsaTest(baseName + "_cfb");
+			doOpenSslDsaTest(baseName + "_ecb");
+			doOpenSslDsaTest(baseName + "_ofb");
+		}
+
+		private void doOpenSslRsaModesTest(
+			string baseName)
+		{
+			doOpenSslRsaTest(baseName + "_cbc");
+			doOpenSslRsaTest(baseName + "_cfb");
+			doOpenSslRsaTest(baseName + "_ecb");
+			doOpenSslRsaTest(baseName + "_ofb");
+		}
+
+		private void doOpenSslDsaTest(
+			string name)
+		{
+			string fileName = "dsa.openssl_dsa_" + name + ".pem";
+
+			doOpenSslTestFile(fileName, typeof(DsaPrivateKeyParameters));
+		}
+
+		private void doOpenSslRsaTest(
+			string name)
+		{
+			string fileName = "rsa.openssl_rsa_" + name + ".pem";
+
+			doOpenSslTestFile(fileName, typeof(RsaPrivateCrtKeyParameters));
+		}
+
+		private void doOpenSslTestFile(
+			string	fileName,
+			Type	expectedPrivKeyType)
+		{
+			PemReader pr = OpenPemResource(fileName, new Password("changeit".ToCharArray()));
+			AsymmetricCipherKeyPair kp = pr.ReadObject() as AsymmetricCipherKeyPair;
+			pr.Reader.Close();
+
+			if (kp == null)
+			{
+				Fail("Didn't find OpenSSL key");
+			}
+
+			if (!expectedPrivKeyType.IsInstanceOfType(kp.Private))
+			{
+				Fail("Returned key not of correct type");
+			}
+		}
+
+		private void doDudPasswordTest(string password, int index, string message)
+		{
+			// illegal state exception check - in this case the wrong password will
+			// cause an underlying class cast exception.
+			try
+			{
+				IPasswordFinder pGet = new Password(password.ToCharArray());
+				PemReader pemRd = OpenPemResource("test.pem", pGet);
+
+				Object o;
+				while ((o = pemRd.ReadObject()) != null)
+				{
+				}
+
+				Fail("issue not detected: " + index);
+			}
+			catch (IOException e)
+			{
+				if (e.Message.IndexOf(message) < 0)
+				{
+					Console.Error.WriteLine(message);
+					Console.Error.WriteLine(e.Message);
+					Fail("issue " + index + " exception thrown, but wrong message");
+				}
+			}
+		}
+
+		private static PemReader OpenPemResource(
+			string			fileName,
+			IPasswordFinder	pGet)
+		{
+			Stream data = GetTestDataAsStream("openssl." + fileName);
+			TextReader tr = new StreamReader(data);
+			return new PemReader(tr, pGet);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new ReaderTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/openssl/test/WriterTest.cs b/crypto/test/src/openssl/test/WriterTest.cs
new file mode 100644
index 000000000..41f371708
--- /dev/null
+++ b/crypto/test/src/openssl/test/WriterTest.cs
@@ -0,0 +1,185 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO.Pem;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.OpenSsl.Tests
+{
+	[TestFixture]
+	public class WriterTest
+		: SimpleTest
+	{
+		private static readonly SecureRandom random = new SecureRandom();
+
+		// TODO Replace with a randomly generated key each test run?
+		private static readonly RsaPrivateCrtKeyParameters testRsaKey = new RsaPrivateCrtKeyParameters(
+			new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+			new BigInteger("11", 16),
+			new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
+			new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
+			new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
+			new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
+			new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
+			new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
+
+		private static readonly DsaParameters testDsaParams = new DsaParameters(
+			new BigInteger("7434410770759874867539421675728577177024889699586189000788950934679315164676852047058354758883833299702695428196962057871264685291775577130504050839126673"),
+			new BigInteger("1138656671590261728308283492178581223478058193247"),
+			new BigInteger("4182906737723181805517018315469082619513954319976782448649747742951189003482834321192692620856488639629011570381138542789803819092529658402611668375788410"));
+
+//		private static readonly PKCS8EncodedKeySpec testEcDsaKeySpec = new PKCS8EncodedKeySpec(
+//			Base64.Decode("MIG/AgEAMBAGByqGSM49AgEGBSuBBAAiBIGnMIGkAgEBBDCSBU3vo7ieeKs0ABQamy/ynxlde7Ylr8HmyfLaNnMr" +
+//				"jAwPp9R+KMUEhB7zxSAXv9KgBwYFK4EEACKhZANiAQQyyolMpg+TyB4o9kPWqafHIOe8o9K1glus+w2sY8OIPQQWGb5i5LdAyi" +
+//				"/SscwU24rZM0yiL3BHodp9ccwyhLrFYgXJUOQcCN2dno1GMols5497in5gL5+zn0yMsRtyv5o=")
+//		);
+		private static readonly byte[] testEcDsaKeyBytes = Base64.Decode(
+			  "MIG/AgEAMBAGByqGSM49AgEGBSuBBAAiBIGnMIGkAgEBBDCSBU3vo7ieeKs0ABQamy/ynxlde7Ylr8HmyfLaNnMr"
+			+ "jAwPp9R+KMUEhB7zxSAXv9KgBwYFK4EEACKhZANiAQQyyolMpg+TyB4o9kPWqafHIOe8o9K1glus+w2sY8OIPQQWGb5i5LdAyi"
+			+ "/SscwU24rZM0yiL3BHodp9ccwyhLrFYgXJUOQcCN2dno1GMols5497in5gL5+zn0yMsRtyv5o=");
+
+		private static readonly char[] testPassword = "bouncy".ToCharArray();
+
+		private static readonly string[] algorithms = new string[]
+		{
+			"AES-128-CBC", "AES-128-CFB", "AES-128-ECB", "AES-128-OFB",
+			"AES-192-CBC", "AES-192-CFB", "AES-192-ECB", "AES-192-OFB",
+			"AES-256-CBC", "AES-256-CFB", "AES-256-ECB", "AES-256-OFB",
+			"BF-CBC", "BF-CFB", "BF-ECB", "BF-OFB",
+			"DES-CBC", "DES-CFB", "DES-ECB", "DES-OFB",
+			"DES-EDE", "DES-EDE-CBC", "DES-EDE-CFB", "DES-EDE-ECB", "DES-EDE-OFB",
+			"DES-EDE3", "DES-EDE3-CBC", "DES-EDE3-CFB", "DES-EDE3-ECB", "DES-EDE3-OFB",
+			"RC2-CBC", "RC2-CFB", "RC2-ECB", "RC2-OFB",
+			"RC2-40-CBC",
+			"RC2-64-CBC",
+		};
+
+		private class Password
+			: IPasswordFinder
+		{
+			private readonly char[] password;
+
+			public Password(
+				char[] word)
+			{
+				this.password = (char[]) word.Clone();
+			}
+
+			public char[] GetPassword()
+			{
+				return (char[]) password.Clone();
+			}
+		}
+
+		public override string Name
+		{
+			get { return "PEMWriterTest"; }
+		}
+
+		public override void PerformTest()
+		{
+			IAsymmetricCipherKeyPairGenerator dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA");
+			dsaKpg.Init(new DsaKeyGenerationParameters(random, testDsaParams));
+			AsymmetricCipherKeyPair testDsaKp = dsaKpg.GenerateKeyPair();
+			AsymmetricKeyParameter testDsaKey = testDsaKp.Private;
+
+			doWriteReadTest(testDsaKey);
+			doWriteReadTests(testDsaKey, algorithms);
+
+			doWriteReadTest(testRsaKey);
+			doWriteReadTests(testRsaKey, algorithms);
+
+			AsymmetricKeyParameter ecPriv = PrivateKeyFactory.CreateKey(testEcDsaKeyBytes);
+			doWriteReadTest(ecPriv);
+			doWriteReadTests(ecPriv, algorithms);
+
+			IAsymmetricCipherKeyPairGenerator ecKpg = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
+			ecKpg.Init(new KeyGenerationParameters(random, 239));
+			ecPriv = ecKpg.GenerateKeyPair().Private;
+			doWriteReadTest(ecPriv);
+			doWriteReadTests(ecPriv, algorithms);
+
+			// override test
+			PemWriter pWrt = new PemWriter(new StringWriter());
+
+			object o = new PemObject("FRED", new byte[100]);
+			pWrt.WriteObject(o);
+
+			pWrt.Writer.Close();
+		}
+
+		private void doWriteReadTests(
+			AsymmetricKeyParameter	akp,
+			string[]				algorithms)
+		{
+			foreach (string algorithm in algorithms)
+			{
+				doWriteReadTest(akp, algorithm);
+			}
+		}
+
+		private void doWriteReadTest(
+			AsymmetricKeyParameter	akp)
+		{
+			StringWriter sw = new StringWriter();
+			PemWriter pw = new PemWriter(sw);
+
+			pw.WriteObject(akp);
+			pw.Writer.Close();
+
+			string data = sw.ToString();
+
+			PemReader pr = new PemReader(new StringReader(data));
+
+			AsymmetricCipherKeyPair kp = pr.ReadObject() as AsymmetricCipherKeyPair;
+
+			if (kp == null || !kp.Private.Equals(akp))
+			{
+				Fail("Failed to read back test key");
+			}
+		}
+
+		private void doWriteReadTest(
+			AsymmetricKeyParameter	akp,
+			string					algorithm)
+		{
+			StringWriter sw = new StringWriter();
+			PemWriter pw = new PemWriter(sw);
+
+			pw.WriteObject(akp, algorithm, testPassword, random);
+			pw.Writer.Close();
+
+			string data = sw.ToString();
+
+			PemReader pr = new PemReader(new StringReader(data), new Password(testPassword));
+
+			AsymmetricCipherKeyPair kp = pr.ReadObject() as AsymmetricCipherKeyPair;
+
+			if (kp == null || !kp.Private.Equals(akp))
+			{
+				Fail("Failed to read back test key encoded with: " + algorithm);
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new WriterTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/pkcs/examples/PKCS12Example.cs b/crypto/test/src/pkcs/examples/PKCS12Example.cs
new file mode 100644
index 000000000..002e14c38
--- /dev/null
+++ b/crypto/test/src/pkcs/examples/PKCS12Example.cs
@@ -0,0 +1,386 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Extension;
+
+namespace Org.BouncyCastle.Pkcs.Examples
+{
+	/**
+	* Example of how to set up a certificate chain and a PKCS 12 store for
+	* a private individual - obviously you'll need to generate your own keys,
+	* and you may need to add a NetscapeCertType extension or add a key
+	* usage extension depending on your application, but you should get the
+	* idea! As always this is just an example...
+	*/
+	public class Pkcs12Example
+	{
+		private static readonly char[] passwd = "hello world".ToCharArray();
+
+		private static readonly X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator();
+		private static readonly X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
+
+		/**
+		* we generate the CA's certificate
+		*/
+		public static X509CertificateEntry CreateMasterCert(
+			AsymmetricKeyParameter	pubKey,
+			AsymmetricKeyParameter	privKey)
+		{
+			//
+			// signers name
+			//
+			string issuer = "C=AU, O=The Legion of the Bouncy Castle, OU=Bouncy Primary Certificate";
+
+			//
+			// subjects name - the same as we are self signed.
+			//
+			string subject = "C=AU, O=The Legion of the Bouncy Castle, OU=Bouncy Primary Certificate";
+
+			//
+			// create the certificate - version 1
+			//
+
+			v1CertGen.SetSerialNumber(BigInteger.One);
+			v1CertGen.SetIssuerDN(new X509Name(issuer));
+			v1CertGen.SetNotBefore(DateTime.UtcNow.AddMonths(-1));
+			v1CertGen.SetNotAfter(DateTime.UtcNow.AddMonths(1));
+			v1CertGen.SetSubjectDN(new X509Name(subject));
+			v1CertGen.SetPublicKey(pubKey);
+			v1CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
+
+			X509Certificate cert = v1CertGen.Generate(privKey);
+
+			cert.CheckValidity(DateTime.UtcNow);
+
+			cert.Verify(pubKey);
+
+//			PKCS12BagAttributeCarrier   bagAttr = (PKCS12BagAttributeCarrier)cert;
+			IDictionary bagAttr = new Hashtable();
+
+			//
+			// this is actually optional - but if you want to have control
+			// over setting the friendly name this is the way to do it...
+			//
+//			bagAttr.setBagAttribute(
+//				PKCSObjectIdentifiers.pkcs_9_at_friendlyName,
+//				new DERBMPString("Bouncy Primary Certificate"));
+			bagAttr.Add(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id,
+				new DerBmpString("Bouncy Primary Certificate"));
+
+			return new X509CertificateEntry(cert, bagAttr);
+		}
+
+		/**
+		* we generate an intermediate certificate signed by our CA
+		*/
+		public static X509CertificateEntry CreateIntermediateCert(
+			AsymmetricKeyParameter	pubKey,
+			AsymmetricKeyParameter	caPrivKey,
+			X509Certificate			caCert)
+		{
+			//
+			// subject name table.
+			//
+			IDictionary attrs = new Hashtable();
+			IList order = new ArrayList();
+
+			attrs.Add(X509Name.C, "AU");
+			attrs.Add(X509Name.O, "The Legion of the Bouncy Castle");
+			attrs.Add(X509Name.OU, "Bouncy Intermediate Certificate");
+			attrs.Add(X509Name.EmailAddress, "feedback-crypto@bouncycastle.org");
+
+			order.Add(X509Name.C);
+			order.Add(X509Name.O);
+			order.Add(X509Name.OU);
+			order.Add(X509Name.EmailAddress);
+
+			//
+			// create the certificate - version 3
+			//
+			v3CertGen.Reset();
+
+			v3CertGen.SetSerialNumber(BigInteger.Two);
+			v3CertGen.SetIssuerDN(PrincipalUtilities.GetSubjectX509Principal(caCert));
+			v3CertGen.SetNotBefore(DateTime.UtcNow.AddMonths(-1));
+			v3CertGen.SetNotAfter(DateTime.UtcNow.AddMonths(1));
+			v3CertGen.SetSubjectDN(new X509Name(order, attrs));
+			v3CertGen.SetPublicKey(pubKey);
+			v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
+
+			//
+			// extensions
+			//
+			v3CertGen.AddExtension(
+				X509Extensions.SubjectKeyIdentifier,
+				false,
+				new SubjectKeyIdentifierStructure(pubKey));
+
+			v3CertGen.AddExtension(
+				X509Extensions.AuthorityKeyIdentifier,
+				false,
+				new AuthorityKeyIdentifierStructure(caCert));
+
+			v3CertGen.AddExtension(
+				X509Extensions.BasicConstraints,
+				true,
+				new BasicConstraints(0));
+
+			X509Certificate cert = v3CertGen.Generate(caPrivKey);
+
+			cert.CheckValidity(DateTime.UtcNow);
+
+			cert.Verify(caCert.GetPublicKey());
+
+//			PKCS12BagAttributeCarrier   bagAttr = (PKCS12BagAttributeCarrier)cert;
+			IDictionary bagAttr = new Hashtable();
+
+			//
+			// this is actually optional - but if you want to have control
+			// over setting the friendly name this is the way to do it...
+			//
+//			bagAttr.setBagAttribute(
+//				PKCSObjectIdentifiers.pkcs_9_at_friendlyName,
+//				new DERBMPString("Bouncy Intermediate Certificate"));
+			bagAttr.Add(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id,
+				new DerBmpString("Bouncy Intermediate Certificate"));
+
+			return new X509CertificateEntry(cert, bagAttr);
+		}
+
+		/**
+		* we generate a certificate signed by our CA's intermediate certficate
+		*/
+		public static X509CertificateEntry CreateCert(
+			AsymmetricKeyParameter	pubKey,
+			AsymmetricKeyParameter	caPrivKey,
+			AsymmetricKeyParameter	caPubKey)
+		{
+			//
+			// signers name table.
+			//
+			IDictionary sAttrs = new Hashtable();
+			IList sOrder = new ArrayList();
+
+			sAttrs.Add(X509Name.C, "AU");
+			sAttrs.Add(X509Name.O, "The Legion of the Bouncy Castle");
+			sAttrs.Add(X509Name.OU, "Bouncy Intermediate Certificate");
+			sAttrs.Add(X509Name.EmailAddress, "feedback-crypto@bouncycastle.org");
+
+			sOrder.Add(X509Name.C);
+			sOrder.Add(X509Name.O);
+			sOrder.Add(X509Name.OU);
+			sOrder.Add(X509Name.EmailAddress);
+
+			//
+			// subjects name table.
+			//
+			IDictionary attrs = new Hashtable();
+			IList order = new ArrayList();
+
+			attrs.Add(X509Name.C, "AU");
+			attrs.Add(X509Name.O, "The Legion of the Bouncy Castle");
+			attrs.Add(X509Name.L, "Melbourne");
+			attrs.Add(X509Name.CN, "Eric H. Echidna");
+			attrs.Add(X509Name.EmailAddress, "feedback-crypto@bouncycastle.org");
+
+			order.Add(X509Name.C);
+			order.Add(X509Name.O);
+			order.Add(X509Name.L);
+			order.Add(X509Name.CN);
+			order.Add(X509Name.EmailAddress);
+
+			//
+			// create the certificate - version 3
+			//
+			v3CertGen.Reset();
+
+			v3CertGen.SetSerialNumber(BigInteger.Three);
+			v3CertGen.SetIssuerDN(new X509Name(sOrder, sAttrs));
+			v3CertGen.SetNotBefore(DateTime.UtcNow.AddMonths(-1));
+			v3CertGen.SetNotAfter(DateTime.UtcNow.AddMonths(1));
+			v3CertGen.SetSubjectDN(new X509Name(order, attrs));
+			v3CertGen.SetPublicKey(pubKey);
+			v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
+
+			//
+			// add the extensions
+			//
+			v3CertGen.AddExtension(
+				X509Extensions.SubjectKeyIdentifier,
+				false,
+				new SubjectKeyIdentifierStructure(pubKey));
+
+			v3CertGen.AddExtension(
+				X509Extensions.AuthorityKeyIdentifier,
+				false,
+				new AuthorityKeyIdentifierStructure(caPubKey));
+
+			X509Certificate cert = v3CertGen.Generate(caPrivKey);
+
+			cert.CheckValidity(DateTime.UtcNow);
+
+			cert.Verify(caPubKey);
+
+//			PKCS12BagAttributeCarrier   bagAttr = (PKCS12BagAttributeCarrier)cert;
+			IDictionary bagAttr = new Hashtable();
+
+			//
+			// this is also optional - in the sense that if you leave this
+			// out the keystore will add it automatically, note though that
+			// for the browser to recognise the associated private key this
+			// you should at least use the pkcs_9_localKeyId OID and set it
+			// to the same as you do for the private key's localKeyId.
+			//
+//			bagAttr.setBagAttribute(
+//				PKCSObjectIdentifiers.pkcs_9_at_friendlyName,
+//				new DERBMPString("Eric's Key"));
+//			bagAttr.setBagAttribute(
+//				PKCSObjectIdentifiers.pkcs_9_at_localKeyId,
+//				new SubjectKeyIdentifierStructure(pubKey));
+			bagAttr.Add(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id,
+				new DerBmpString("Eric's Key"));
+			bagAttr.Add(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id,
+				new SubjectKeyIdentifierStructure(pubKey));
+
+			return new X509CertificateEntry(cert, bagAttr);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+//			Security.addProvider(new BouncyCastleProvider());
+
+			//
+			// personal keys
+			//
+//			RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
+			RsaKeyParameters pubKey = new RsaKeyParameters(false,
+				new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+				new BigInteger("11", 16));
+
+//			RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
+			RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters(
+				new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+				new BigInteger("11", 16),
+				new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
+				new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
+				new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
+				new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
+				new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
+				new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
+
+			//
+			// intermediate keys.
+			//
+//			RSAPublicKeySpec intPubKeySpec = new RSAPublicKeySpec(
+			RsaKeyParameters intPubKey = new RsaKeyParameters(false,
+				new BigInteger("8de0d113c5e736969c8d2b047a243f8fe18edad64cde9e842d3669230ca486f7cfdde1f8eec54d1905fff04acc85e61093e180cadc6cea407f193d44bb0e9449b8dbb49784cd9e36260c39e06a947299978c6ed8300724e887198cfede20f3fbde658fa2bd078be946a392bd349f2b49c486e20c405588e306706c9017308e69", 16),
+				new BigInteger("ffff", 16));
+
+
+//			RSAPrivateCrtKeySpec intPrivKeySpec = new RSAPrivateCrtKeySpec(
+			RsaPrivateCrtKeyParameters intPrivKey = new RsaPrivateCrtKeyParameters(
+				new BigInteger("8de0d113c5e736969c8d2b047a243f8fe18edad64cde9e842d3669230ca486f7cfdde1f8eec54d1905fff04acc85e61093e180cadc6cea407f193d44bb0e9449b8dbb49784cd9e36260c39e06a947299978c6ed8300724e887198cfede20f3fbde658fa2bd078be946a392bd349f2b49c486e20c405588e306706c9017308e69", 16),
+				new BigInteger("ffff", 16),
+				new BigInteger("7deb1b194a85bcfd29cf871411468adbc987650903e3bacc8338c449ca7b32efd39ffc33bc84412fcd7df18d23ce9d7c25ea910b1ae9985373e0273b4dca7f2e0db3b7314056ac67fd277f8f89cf2fd73c34c6ca69f9ba477143d2b0e2445548aa0b4a8473095182631da46844c356f5e5c7522eb54b5a33f11d730ead9c0cff", 16),
+				new BigInteger("ef4cede573cea47f83699b814de4302edb60eefe426c52e17bd7870ec7c6b7a24fe55282ebb73775f369157726fcfb988def2b40350bdca9e5b418340288f649", 16),
+				new BigInteger("97c7737d1b9a0088c3c7b528539247fd2a1593e7e01cef18848755be82f4a45aa093276cb0cbf118cb41117540a78f3fc471ba5d69f0042274defc9161265721", 16),
+				new BigInteger("6c641094e24d172728b8da3c2777e69adfd0839085be7e38c7c4a2dd00b1ae969f2ec9d23e7e37090fcd449a40af0ed463fe1c612d6810d6b4f58b7bfa31eb5f", 16),
+				new BigInteger("70b7123e8e69dfa76feb1236d0a686144b00e9232ed52b73847e74ef3af71fb45ccb24261f40d27f98101e230cf27b977a5d5f1f15f6cf48d5cb1da2a3a3b87f", 16),
+				new BigInteger("e38f5750d97e270996a286df2e653fd26c242106436f5bab0f4c7a9e654ce02665d5a281f2c412456f2d1fa26586ef04a9adac9004ca7f913162cb28e13bf40d", 16));
+
+			//
+			// ca keys
+			//
+//			RSAPublicKeySpec caPubKeySpec = new RSAPublicKeySpec(
+			RsaKeyParameters caPubKey = new RsaKeyParameters(false,
+				new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16),
+				new BigInteger("11", 16));
+
+//			RSAPrivateCrtKeySpec   caPrivKeySpec = new RSAPrivateCrtKeySpec(
+			RsaPrivateCrtKeyParameters caPrivKey = new RsaPrivateCrtKeyParameters(
+				new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16),
+				new BigInteger("11", 16),
+				new BigInteger("92e08f83cc9920746989ca5034dcb384a094fb9c5a6288fcc4304424ab8f56388f72652d8fafc65a4b9020896f2cde297080f2a540e7b7ce5af0b3446e1258d1dd7f245cf54124b4c6e17da21b90a0ebd22605e6f45c9f136d7a13eaac1c0f7487de8bd6d924972408ebb58af71e76fd7b012a8d0e165f3ae2e5077a8648e619", 16),
+				new BigInteger("f75e80839b9b9379f1cf1128f321639757dba514642c206bbbd99f9a4846208b3e93fbbe5e0527cc59b1d4b929d9555853004c7c8b30ee6a213c3d1bb7415d03", 16),
+				new BigInteger("b892d9ebdbfc37e397256dd8a5d3123534d1f03726284743ddc6be3a709edb696fc40c7d902ed804c6eee730eee3d5b20bf6bd8d87a296813c87d3b3cc9d7947", 16),
+				new BigInteger("1d1a2d3ca8e52068b3094d501c9a842fec37f54db16e9a67070a8b3f53cc03d4257ad252a1a640eadd603724d7bf3737914b544ae332eedf4f34436cac25ceb5", 16),
+				new BigInteger("6c929e4e81672fef49d9c825163fec97c4b7ba7acb26c0824638ac22605d7201c94625770984f78a56e6e25904fe7db407099cad9b14588841b94f5ab498dded", 16),
+				new BigInteger("dae7651ee69ad1d081ec5e7188ae126f6004ff39556bde90e0b870962fa7b926d070686d8244fe5a9aa709a95686a104614834b0ada4b10f53197a5cb4c97339", 16));
+
+
+
+			//
+			// set up the keys
+			//
+//			KeyFactory          fact = KeyFactory.getInstance("RSA", "BC");
+//			PrivateKey          caPrivKey = fact.generatePrivate(caPrivKeySpec);
+//			PublicKey           caPubKey = fact.generatePublic(caPubKeySpec);
+//			PrivateKey          intPrivKey = fact.generatePrivate(intPrivKeySpec);
+//			PublicKey           intPubKey = fact.generatePublic(intPubKeySpec);
+//			PrivateKey          privKey = fact.generatePrivate(privKeySpec);
+//			PublicKey           pubKey = fact.generatePublic(pubKeySpec);
+
+			X509CertificateEntry[] chain = new X509CertificateEntry[3];
+
+			chain[2] = CreateMasterCert(caPubKey, caPrivKey);
+			chain[1] = CreateIntermediateCert(intPubKey, caPrivKey, chain[2].Certificate);
+			chain[0] = CreateCert(pubKey, intPrivKey, intPubKey);
+
+			//
+			// add the friendly name for the private key
+			//
+//			PKCS12BagAttributeCarrier   bagAttr = (PKCS12BagAttributeCarrier)privKey;
+			IDictionary bagAttr = new Hashtable();
+
+			//
+			// this is also optional - in the sense that if you leave this
+			// out the keystore will add it automatically, note though that
+			// for the browser to recognise which certificate the private key
+			// is associated with you should at least use the pkcs_9_localKeyId
+			// OID and set it to the same as you do for the private key's
+			// corresponding certificate.
+			//
+//			bagAttr.setBagAttribute(
+//				PKCSObjectIdentifiers.pkcs_9_at_friendlyName,
+//				new DERBMPString("Eric's Key"));
+//			bagAttr.setBagAttribute(
+//				PKCSObjectIdentifiers.pkcs_9_at_localKeyId,
+//				new SubjectKeyIdentifierStructure(pubKey));
+			bagAttr.Add(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id,
+				new DerBmpString("Eric's Key"));
+			bagAttr.Add(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id,
+				new SubjectKeyIdentifierStructure(pubKey));
+
+			//
+			// store the key and the certificate chain
+			//
+//			KeyStore store = KeyStore.getInstance("PKCS12", "BC");
+//			store.load(null, null);
+			Pkcs12Store store = new Pkcs12StoreBuilder().Build();
+
+			//
+			// if you haven't set the friendly name and local key id above
+			// the name below will be the name of the key
+			//
+			store.SetKeyEntry("Eric's Key", new AsymmetricKeyEntry(privKey, bagAttr), chain);
+
+//			FileOutputStream fOut = new FileOutputStream("id.p12");
+//
+//			store.store(fOut, passwd);
+			FileStream fOut = File.Create("id.p12");
+			store.Save(fOut, passwd, new SecureRandom());
+			fOut.Close();
+		}
+	}
+}
diff --git a/crypto/test/src/pkcs/test/EncryptedPrivateKeyInfoTest.cs b/crypto/test/src/pkcs/test/EncryptedPrivateKeyInfoTest.cs
new file mode 100644
index 000000000..a41c99266
--- /dev/null
+++ b/crypto/test/src/pkcs/test/EncryptedPrivateKeyInfoTest.cs
@@ -0,0 +1,92 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Pkcs.Tests
+{
+    [TestFixture]
+    public class EncryptedPrivateKeyInfoTest
+        : SimpleTest
+    {
+        private readonly string alg = PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc.Id; // 3 key triple DES with SHA-1
+
+		public override string Name
+        {
+			get { return "EncryptedPrivateKeyInfoTest"; }
+        }
+
+		public override void PerformTest()
+        {
+            IAsymmetricCipherKeyPairGenerator pGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
+            RsaKeyGenerationParameters genParam = new RsaKeyGenerationParameters(
+				BigInteger.ValueOf(0x10001), new SecureRandom(), 512, 25);
+
+			pGen.Init(genParam);
+
+			AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair();
+
+            //
+            // set up the parameters
+            //
+            byte[] salt = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 };
+            int iterationCount = 100;
+
+			//
+            // set up the key
+            //
+            char[] password1 = { 'h', 'e', 'l', 'l', 'o' };
+
+            EncryptedPrivateKeyInfo  encInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(alg, password1, salt, iterationCount, PrivateKeyInfoFactory.CreatePrivateKeyInfo(pair.Private));
+
+            PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(password1, encInfo);
+
+            AsymmetricKeyParameter key = PrivateKeyFactory.CreateKey(info);
+
+            if (!key.Equals(pair.Private))
+            {
+                Fail("Key corrupted");
+            }
+
+			doOpensslTestKeys();
+		}
+
+		private void doOpensslTestKeys()
+		{
+			string[] names = GetTestDataEntries("keys");
+			foreach (string name in names)
+			{
+//				Console.Write(name + " => ");
+				Stream data = GetTestDataAsStream(name);
+				AsymmetricKeyParameter key = PrivateKeyFactory.DecryptKey("12345678a".ToCharArray(), data);
+//				Console.WriteLine(key.GetType().Name);
+				if (!(key is RsaPrivateCrtKeyParameters))
+				{
+					Fail("Sample key could not be decrypted: " + name);
+				}
+			}
+		}
+
+		public static void Main(
+            string[] args)
+        {
+			RunTest(new EncryptedPrivateKeyInfoTest());
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/pkcs/test/PKCS10Test.cs b/crypto/test/src/pkcs/test/PKCS10Test.cs
new file mode 100644
index 000000000..d0227b9de
--- /dev/null
+++ b/crypto/test/src/pkcs/test/PKCS10Test.cs
@@ -0,0 +1,88 @@
+#region Using directives
+
+using System;
+using System.Collections;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.Security;
+
+#endregion
+
+namespace Org.BouncyCastle.Pkcs.Tests
+{
+    [TestFixture]
+    public class Pkcs10Test
+        : SimpleTest
+    {
+        public override string Name
+        {
+			get { return "Pkcs10"; }
+        }
+
+		public override void PerformTest()
+        {
+            IAsymmetricCipherKeyPairGenerator pGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
+            RsaKeyGenerationParameters genParam = new RsaKeyGenerationParameters(
+				BigInteger.ValueOf(0x10001), new SecureRandom(), 512, 25);
+
+            pGen.Init(genParam);
+
+            AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair();
+
+            IDictionary attrs = new Hashtable();
+
+            attrs.Add(X509Name.C, "AU");
+            attrs.Add(X509Name.O, "The Legion of the Bouncy Castle");
+            attrs.Add(X509Name.L, "Melbourne");
+            attrs.Add(X509Name.ST, "Victoria");
+            attrs.Add(X509Name.EmailAddress, "feedback-crypto@bouncycastle.org");
+
+            X509Name subject = new X509Name(new ArrayList(attrs.Keys), attrs);
+
+            Pkcs10CertificationRequest req1 = new Pkcs10CertificationRequest(
+				"SHA1withRSA",
+				subject,
+				pair.Public,
+				null,
+				pair.Private);
+
+			byte[] bytes = req1.GetEncoded();
+
+			Pkcs10CertificationRequest req2 = new Pkcs10CertificationRequest(bytes);
+
+			if (!req2.Verify())
+            {
+                Fail("Failed verify check.");
+            }
+
+            if (!req2.GetPublicKey().Equals(req1.GetPublicKey()))
+            {
+                Fail("Failed public key check.");
+            }
+        }
+
+        public static void Main(
+            string[] args)
+        {
+			RunTest(new Pkcs10Test());
+        }
+
+		[Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/pkcs/test/PKCS12StoreTest.cs b/crypto/test/src/pkcs/test/PKCS12StoreTest.cs
new file mode 100644
index 000000000..c6b39135e
--- /dev/null
+++ b/crypto/test/src/pkcs/test/PKCS12StoreTest.cs
@@ -0,0 +1,921 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Pkcs.Tests
+{
+	/**
+	* Exercise the various key stores, making sure we at least get back what we put in!
+	* <p>This tests both the PKCS12 key store.</p>
+	*/
+	[TestFixture]
+	public class Pkcs12StoreTest
+		: SimpleTest
+	{
+		private static readonly char[] passwd = "hello world".ToCharArray();
+
+		//
+		// pkcs-12 pfx-pdu
+		//
+		private static readonly byte[] pkcs12 = Base64.Decode(
+			"MIACAQMwgAYJKoZIhvcNAQcBoIAkgAQBMAQBgAQBMAQBgAQBBgQBCQQJKoZI"
+			+ "hvcNAQcBBAGgBAGABAEkBAGABAEEBAEBBAEwBAEEBAEDBAOCAzQEAQQEAQEE"
+			+ "ATAEAQQEAQMEA4IDMAQBBAQBAQQBBgQBBAQBAQQBCwQBBAQBCwQLKoZIhvcN"
+			+ "AQwKAQIEAQQEAQEEAaAEAQQEAQMEA4ICpQQBBAQBAQQBMAQBBAQBAwQDggKh"
+			+ "BAEEBAEBBAEwBAEEBAEBBAEbBAEEBAEBBAEGBAEEBAEBBAEKBAEEBAEKBAoq"
+			+ "hkiG9w0BDAEDBAEEBAEPBA8wDQQIoagiwNZPJR4CAQEEAQQEAQEEAQQEAQQE"
+			+ "AQMEA4ICgAQBBAQDggKABIICgEPG0XlhMFyrs4ZWDrvEzl51ICfXd6K2ql2l"
+			+ "nnxhszUbigtSj6x49VEx4PfOB9fQFeidc5L5An+nKp646NBMIY0UwXGs8BLQ"
+			+ "au59jtOs987+l7QYIvl6fdGUIuLPhVSnZZDyqD+HQjU/0/ccKFHRif4tlEQq"
+			+ "aErvZbFeH0pg4ijf1HfgX6gBJGRKdO+msa4qKGnZdHCSLZehyyxvxAmURetg"
+			+ "yhtEl7RmedTB+4TDs7atekqxkNlD9tfwDUX6sb0IH6qbEA6P/DlVMdaD54Cl"
+			+ "QDxRzOfIIjklZhv5OMFWtPK0aYPcqyxzLpw1qRAyoTVXpidkj/hpIpgCVBP/"
+			+ "k5s2+WdGbLgA/4/zSrF6feRCE5llzM2IGxiHVq4oPzzngl3R+Fi5VCPDMcuW"
+			+ "NRuIOzJA+RNV2NPOE/P3knThDnwiImq+rfxmvZ1u6T06s20RmWK6cxp7fTEw"
+			+ "lQ9BOsv+mmyV8dr6cYJq4IlRzHdFOyEUBDwfHThyribNKKobO50xh2f93xYj"
+			+ "Rn5UMOQBJIe3b7OKZt5HOIMrJSZO02IZgvImi9yQWi96PnWa419D1cAsLWvM"
+			+ "xiN0HqZMbDFfxVM2BZmsxiexLhkHWKwLqfQDzRjJfmVww8fnXpWZhFXKyut9"
+			+ "gMGEyCNoba4RU3QI/wHKWYaK74qtJpsucuLWBH6UcsHsCry6VZkwRxWwC0lb"
+			+ "/F3Bm5UKHax5n9JHJ2amQm9zW3WJ0S5stpPObfmg5ArhbPY+pVOsTqBRlop1"
+			+ "bYJLD/X8Qbs468Bwzej0FhoEU59ZxFrbjLSBsMUYrVrwD83JE9kEazMLVchc"
+			+ "uCB9WT1g0hxYb7VA0BhOrWhL8F5ZH72RMCYLPI0EAQQEAQEEATEEAQQEAQEE"
+			+ "AXgEAQQEAQEEATAEAQQEAQEEAVEEAQQEAQEEAQYEAQQEAQEEAQkEAQQEAQkE"
+			+ "CSqGSIb3DQEJFAQBBAQBAQQBMQQBBAQBAQQBRAQBBAQBAQQBHgQBBAQBAQQB"
+			+ "QgQBBAQBQgRCAEQAYQB2AGkAZAAgAEcALgAgAEgAbwBvAGsAJwBzACAAVgBl"
+			+ "AHIAaQBTAGkAZwBuACwAIABJAG4AYwAuACAASQBEBAEEBAEBBAEwBAEEBAEB"
+			+ "BAEjBAEEBAEBBAEGBAEEBAEBBAEJBAEEBAEJBAkqhkiG9w0BCRUEAQQEAQEE"
+			+ "ATEEAQQEAQEEARYEAQQEAQEEAQQEAQQEAQEEARQEAQQEARQEFKEcMJ798oZL"
+			+ "FkH0OnpbUBnrTLgWBAIAAAQCAAAEAgAABAEwBAGABAEGBAEJBAkqhkiG9w0B"
+			+ "BwYEAaAEAYAEATAEAYAEAQIEAQEEAQAEATAEAYAEAQYEAQkECSqGSIb3DQEH"
+			+ "AQQBMAQBGwQBBgQBCgQKKoZIhvcNAQwBBgQPMA0ECEE7euvmxxwYAgEBBAGg"
+			+ "BAGABAEEBAEIBAgQIWDGlBWxnwQBBAQBCAQI2WsMhavhSCcEAQQEAQgECPol"
+			+ "uHJy9bm/BAEEBAEQBBCiRxtllKXkJS2anKD2q3FHBAEEBAEIBAjKy6BRFysf"
+			+ "7gQBBAQDggMwBIIDMJWRGu2ZLZild3oz7UBdpBDUVMOA6eSoWiRIfVTo4++l"
+			+ "RUBm8TpmmGrVkV32PEoLkoV+reqlyWCvqqSjRzi3epQiVwPQ6PV+ccLqxDhV"
+			+ "pGWDRQ5UttDBC2+u4fUQVZi2Z1i1g2tsk6SzB3MKUCrjoWKvaDUUwXo5k9Vz"
+			+ "qSLWCLTZCjs3RaY+jg3NbLZYtfMDdYovhCU2jMYV9adJ8MxxmJRz+zPWAJph"
+			+ "LH8hhfkKG+wJOSszqk9BqGZUa/mnZyzeQSMTEFga1ZB/kt2e8SZFWrTZEBgJ"
+			+ "oszsL5MObbwMDowNurnZsnS+Mf7xi01LeG0VT1fjd6rn9BzVwuMwhoqyoCNo"
+			+ "ziUqSUyLEwnGTYYpvXLxzhNiYzW8546KdoEKDkEjhfYsc4XqSjm9NYy/BW/M"
+			+ "qR+aL92j8hqnkrWkrWyvocUe3mWaiqt7/oOzNZiMTcV2dgjjh9HfnjSHjFGe"
+			+ "CVhnEWzV7dQIVyc/qvNzOuND8X5IyJ28xb6a/i1vScwGuo/UDgPAaMjGw28f"
+			+ "siOZBShzde0Kj82y8NilfYLHHeIGRW+N/grUFWhW25mAcBReXDd5JwOqM/eF"
+			+ "y+4+zBzlO84ws88T1pkSifwtMldglN0APwr4hvUH0swfiqQOWtwyeM4t+bHd"
+			+ "5buAlXOkSeF5rrLzZ2/Lx+JJmI2pJ/CQx3ej3bxPlx/BmarUGAxaI4le5go4"
+			+ "KNfs4GV8U+dbEHQz+yDYL+ksYNs1eb+DjI2khbl28jhoeAFKBtu2gGOL5M9M"
+			+ "CIP/JDOCHimu1YZRuOTAf6WISnG/0Ri3pYZsgQ0i4cXj+WfYwYVjhKX5AcDj"
+			+ "UKnc4/Cxp+TbbgZqEKRcYVb2q0kOAxkeaNo3WCm+qvUYrwAmKp4nVB+/24rK"
+			+ "khHiyYJQsETxtOEyvJkVxAS01djY4amuJ4jL0sYnXIhW3Ag93eavbzksGT7W"
+			+ "Fg1ywpr1x1xpXWIIuVt1k4e+g9fy7Yx7rx0IK1qCSjNwU3QPWbaef1rp0Q/X"
+			+ "P9IVXYkqo1g/T3SyXqrbZLO+sDjiG4IT3z3fJJqt81sRSVT0QN1ND8l93BG4"
+			+ "QKzghYw8sZ4FwKPtLky1dDcVTgQBBAQBCAQIK/85VMKWDWYEAQQEAQgECGsO"
+			+ "Q85CcFwPBAEEBAEIBAhaup6ot9XnQAQBBAQCgaAEgaCeCMadSm5fkLfhErYQ"
+			+ "DgePZl/rrjP9FQ3VJZ13XrjTSjTRknAbXi0DEu2tvAbmCf0sdoVNuZIZ92W0"
+			+ "iyaa2/A3RHA2RLPNQz5meTi1RE2N361yR0q181dC3ztkkJ8PLyd74nCtgPUX"
+			+ "0JlsvLRrdSjPBpBQ14GiM8VjqeIY7EVFy3vte6IbPzodxaviuSc70iXM4Yko"
+			+ "fQq6oaSjNBFRqkHrBAEEBAEIBAjlIvOf8SnfugQBBAQBCAQIutCF3Jovvl0E"
+			+ "AQQEAQgECO7jxbucdp/3BAEEBAEIBAidxK3XDLj+BwQBBAQBCAQI3m/HMbd3"
+			+ "TwwEAQQEA4ICOASCAjgtoCiMfTkjpCRuMhF5gNLRBiNv+xjg6GvZftR12qiJ"
+			+ "dLeCERI5bvXbh9GD6U+DjTUfhEab/37TbiI7VOFzsI/R137sYy9Tbnu7qkSx"
+			+ "u0bTvyXSSmio6sMRiWIcakmDbv+TDWR/xgtj7+7C6p+1jfUGXn/RjB3vlyjL"
+			+ "Q9lFe5F84qkZjnADo66p9gor2a48fgGm/nkABIUeyzFWCiTp9v6FEzuBfeuP"
+			+ "T9qoKSnCitaXRCru5qekF6L5LJHLNXLtIMSrbO0bS3hZK58FZAUVMaqawesJ"
+			+ "e/sVfQip9x/aFQ6U3KlSpJkmZK4TAqp9jIfxBC8CclbuwmoXPMomiCH57ykr"
+			+ "vkFHOGcxRcCxax5HySCwSyPDr8I4+6Kocty61i/1Xr4xJjb+3oyFStIpB24x"
+			+ "+ALb0Mz6mUa1ls76o+iQv0VM2YFwnx+TC8KC1+O4cNOE/gKeh0ircenVX83h"
+			+ "GNez8C5Ltg81g6p9HqZPc2pkwsneX2sJ4jMsjDhewV7TyyS3x3Uy3vTpZPek"
+			+ "VdjYeVIcgAz8VLJOpsIjyHMB57AyT7Yj87hVVy//VODnE1T88tRXZb+D+fCg"
+			+ "lj2weQ/bZtFzDX0ReiEQP6+yklGah59omeklIy9wctGV1o9GNZnGBSLvQ5NI"
+			+ "61e9zmQTJD2iDjihvQA/6+edKswCjGRX6rMjRWXT5Jv436l75DVoUj09tgR9"
+			+ "ytXSathCjQUL9MNXzUMtr7mgEUPETjM/kYBR7CNrsc+gWTWHYaSWuqKVBAEE"
+			+ "BAEIBAh6slfZ6iqkqwQBBAQBCAQI9McJKl5a+UwEAQQEATgEOBelrmiYMay3"
+			+ "q0OW2x2a8QQodYqdUs1TCUU4JhfFGFRy+g3yU1cP/9ZSI8gcI4skdPc31cFG"
+			+ "grP7BAEEBAEIBAhzv/wSV+RBJQQBBAQBCAQI837ImVqqlr4EAQQEAQgECGeU"
+			+ "gjULLnylBAEEBAEIBAjD3P4hlSBCvQQBBAQBCAQISP/qivIzf50EAQQEAQgE"
+			+ "CKIDMX9PKxICBAEEBAOCBOgEggTocP5VVT1vWvpAV6koZupKN1btJ3C01dR6"
+			+ "16g1zJ5FK5xL1PTdA0r6iAwVtgYdxQYnU8tht3bkNXdPJC1BdsC9oTkBg9Nr"
+			+ "dqlF5cCzXWIezcR3ObjGLpXu49SAHvChH4emT5rytv81MYxZ7bGmlQfp8BNa"
+			+ "0cMZz05A56LXw//WWDEzZcbKSk4tCsfMXBdGk/ngs7aILZ4FGM620PBPtD92"
+			+ "pz2Ui/tUZqtQ0WKdLzwga1E/rl02a/x78/OdlVRNeaIYWJWLmLavX98w0PhY"
+			+ "ha3Tbj/fqq+H3ua6Vv2Ff4VeXazkXpp4tTiqUxhc6aAGiRYckwZaP7OPSbos"
+			+ "RKFlRLVofSGu1IVSKO+7faxV4IrVaAAzqRwLGkpJZLV7NkzkU1BwgvsAZAI4"
+			+ "WClPDF228ygbhLwrSN2NK0s+5bKhTCNAR/LCUf3k7uip3ZSe18IwEkUMWiaZ"
+			+ "ayktcTYn2ZjmfIfV7wIxHgWPkP1DeB+RMS7VZe9zEgJKOA16L+9SNBwJSSs9"
+			+ "5Sb1+nmhquZmnAltsXMgwOrR12JLIgdfyyqGcNq997U0/KuHybqBVDVu0Fyr"
+			+ "6O+q5oRmQZq6rju7h+Hb/ZUqRxRoTTSPjGD4Cu9vUqkoNVgwYOT+88FIMYun"
+			+ "g9eChhio2kwPYwU/9BNGGzh+hAvAKcUpO016mGLImYin+FpQxodJXfpNCFpG"
+			+ "4v4HhIwKh71OOfL6ocM/518dYwuU4Ds2/JrDhYYFsn+KprLftjrnTBnSsfYS"
+			+ "t68b+Xr16qv9r6sseEkXbsaNbrGiZAhfHEVBOxQ4lchHrMp4zpduxG4crmpc"
+			+ "+Jy4SadvS0uaJvADgI03DpsDYffUdriECUqAfOg/Hr7HHyr6Q9XMo1GfIarz"
+			+ "eUHBgi1Ny0nDTWkdb7I3bIajG+Unr3KfK6dZz5Lb3g5NeclU5zintB1045Jr"
+			+ "j9fvGGk0/2lG0n17QViBiOzGs2poTlhn7YxmiskwlkRKVafxPZNPxKILpN9s"
+			+ "YaWGz93qER/pGMJarGJxu8sFi3+yt6FZ4pVPkvKE8JZMEPBBrmH41batS3sw"
+			+ "sfnJ5CicAkwd8bluQpoc6qQd81HdNpS6u7djaRSDwPtYnZWu/8Hhj4DXisje"
+			+ "FJBAjQdn2nK4MV7WKVwr+mNcVgOdc5IuOZbRLOfc3Sff6kYVuQFfcCGgAFpd"
+			+ "nbprF/FnYXR/rghWE7fT1gfzSMNv+z5UjZ5Rtg1S/IQfUM/P7t0UqQ01/w58"
+			+ "bTlMGihTxHiJ4Qf3o5GUzNmAyryLvID+nOFqxpr5es6kqSN4GPRHsmUIpB9t"
+			+ "f9Nw952vhsXI9uVkhQap3JvmdAKJaIyDz6Qi7JBZvhxpghVIDh73BQTaAFP9"
+			+ "5GUcPbYOYJzKaU5MeYEsorGoanSqPDeKDeZxjxJD4xFsqJCoutyssqIxnXUN"
+			+ "Y3Uojbz26IJOhqIBLaUn6QVFX79buWYjJ5ZkDS7D8kq6DZeqZclt5711AO5U"
+			+ "uz/eDSrx3d4iVHR+kSeopxFKsrK+KCH3CbBUMIFGX/GE9WPhDWCtjjNKEe8W"
+			+ "PinQtxvv8MlqGXtv3v7ObJ2BmfIfLD0rh3EB5WuRNKL7Ssxaq14KZGEBvc7G"
+			+ "Fx7jXLOW6ZV3SH+C3deJGlKM2kVhDdIVjjODvQzD8qw8a/ZKqDO5hGGKUTGD"
+			+ "Psdd7O/k/Wfn+XdE+YuKIhcEAQQEAQgECJJCZNJdIshRBAEEBAEIBAiGGrlG"
+			+ "HlKwrAQBBAQBCAQIkdvKinJYjJcEAQQEAUAEQBGiIgN/s1bvPQr+p1aQNh/X"
+			+ "UQFmay6Vm5HIvPhoNrX86gmMjr6/sg28/WCRtSfyuYjwQkK91n7MwFLOBaU3"
+			+ "RrsEAQQEAQgECLRqESFR50+zBAEEBAEIBAguqbAEWMTiPwQBBAQBGAQYKzUv"
+			+ "EetQEAe3cXEGlSsY4a/MNTbzu1WbBAEEBAEIBAiVpOv1dOWZ1AQCAAAEAgAA"
+			+ "BAIAAAQCAAAEAgAABAIAAAAAAAAAADA1MCEwCQYFKw4DAhoFAAQUvMkeVqe6"
+			+ "D4UmMHGEQwcb8O7ZwhgEEGiX9DeqtRwQnVi+iY/6Re8AAA==");
+
+		private static readonly byte[] certUTF = Base64.Decode(
+			"MIIGVQIBAzCCBg8GCSqGSIb3DQEHAaCCBgAEggX8MIIF+DCCAsUGCSqGSIb3"
+			+ "DQEHAaCCArYEggKyMIICrjCCAqoGCyqGSIb3DQEMCgEDoIIChTCCAoEGCiqG"
+			+ "SIb3DQEJFgGgggJxBIICbTCCAmkwggHSoAMCAQICAQcwDQYJKoZIhvcNAQEF"
+			+ "BQAwOTEPMA0GA1UEBxMGTGV1dmVuMRkwFwYDVQQKExBVdGltYWNvIFN1YiBD"
+			+ "QSAyMQswCQYDVQQGEwJCRTAeFw05OTEyMzEyMzAwMDBaFw0xOTEyMzEyMzAw"
+			+ "MDBaMFcxCzAJBgNVBAYTAkJFMQ8wDQYDVQQHEwZIYWFjaHQxEDAOBgNVBAoT"
+			+ "B1V0aW1hY28xDDAKBgNVBAsMA1ImRDEXMBUGA1UEAxMOR2VlcnQgRGUgUHJp"
+			+ "bnMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANYGIyhTn/p0IA41ElLD"
+			+ "fZ44PS88AAcDCiOd2DIMLck56ea+5nhI0JLyz1XgPHecc8SLFdl7vSIBA0eb"
+			+ "tm/A7WIqIp0lcvgoyQ0qsak/dvzs+xw6r2xLCVogku4+/To6UebtfRsukXNI"
+			+ "ckP5lWV/Ui4l+XvGdmENlEE9/BvOZIvLAgMBAAGjYzBhMBEGA1UdIwQKMAiA"
+			+ "BlN1YkNBMjAQBgNVHQ4ECQQHVXNlcklEMjAOBgNVHQ8BAf8EBAMCBLAwGQYD"
+			+ "VR0RBBIwEIEOVXNlcklEMkB1dGkuYmUwDwYDVR0TAQH/BAUwAwEBADANBgkq"
+			+ "hkiG9w0BAQUFAAOBgQACS7iLLgMV4O5gFdriI7dqX55l7Qn6HiRNxlSH2kCX"
+			+ "41X82gae4MHFc41qqsC4qm6KZWi1yvTN9XgSBCXTaw1SXGTK7SuNdoYh6ufC"
+			+ "KuAwy5lsaetyARDksRiOIrNV9j+MRIjJMjPNg+S+ysIHTWZo2NTUuVuZ01D2"
+			+ "jDtYPhcDFDESMBAGCSqGSIb3DQEJFTEDBAE3MIIDKwYJKoZIhvcNAQcGoIID"
+			+ "HDCCAxgCAQAwggMRBgkqhkiG9w0BBwEwKAYKKoZIhvcNAQwBAzAaBBS5KxQC"
+			+ "BMuZ1To+yed2j/TT45td6gICCACAggLYxQS+fu7W2sLQTkslI0EoNxLoH/WO"
+			+ "L8NgiIgZ5temV3mgC2q0MxjVVq+SCvG89ZSTfptxOaSmYV772irFdzlrtotZ"
+			+ "wmYk1axuFDYQ1gH0M6i9FWuhOnbk7qHclmOroXqrrbP6g3IsjwztH0+iwBCg"
+			+ "39f63V0rr8DHiu7zZ2hBkU4/RHEsXLjaCBVNTUSssWhVLisLh2sqBJccPC2E"
+			+ "1lw4c4WrshGQ+syLGG38ttFgXT1c+xYNpUKqJiJTLVouOH9kK3nH1hPRHKMN"
+			+ "9CucBdUzibvkcRk1L53F3MfvjhCSNeWEmd9PKN+FtUtzRWQG3L84VGTM37Ws"
+			+ "YcxaDwDFGcw3u1W8WFsCCkjpZecKN8P2Kp/ai/iugcXY77bYwAwpETDvQFvD"
+			+ "nnL9oGi03HYdfeiXglC7x7dlojvnpkXDbE0nJiFwhe8Mxpx8GVlGHtP+siXg"
+			+ "tklubg1eTCSoG9m1rsBJM717ZHXUGf32HNun2dn4vOWGocgBmokZ46KKMb9v"
+			+ "reT39JTxi8Jlp+2cYb6Qr/oBzudR+D4iAiiVhhhEbJKPNHa61YyxF810fNI2"
+			+ "GWlNIyN3KcI8XU6WJutm/0H3X8Y+iCSWrJ2exUktj8GiqNQ6Yx0YgEk9HI7W"
+			+ "t9UVTIsPCgCqrV4SWCOPf6so1JqnpvlPvvNyNxSsAJ7DaJx1+oD2QQfhowk/"
+			+ "bygkKnRo5Y15ThrTsIyQKsJHTIVy+6K5uFZnlT1DGV3DcNpuk3AY26hrAzWO"
+			+ "TuWXsULZe7M6h6U2hTT/eplZ/mwHlXdF1VErIuusaCdkSI0doY4/Q223H40L"
+			+ "BNU3pTezl41PLceSll00WGVr2MunlNeXKnXDJW06lnfs9BmnpV2+Lkfmf30W"
+			+ "Pn4RKJQc+3D3SV4fCoQLIGrKiZLFfEdGJcMlySr+dJYcEtoZPuo6i/hb5xot"
+			+ "le63h65ihNtXlEDrNpYSQqnfhjOzk5/+ZvYEcOtDObEwPTAhMAkGBSsOAwIa"
+			+ "BQAEFMIeDI9l2Da24mtA1fbQIPc6+4dUBBQ8a4lD7j1CA1vRLhdEgPM+5hpD"
+			+ "RgICCAA=");
+
+		private static readonly byte[] pkcs12noFriendly = Base64.Decode(
+			"MIACAQMwgAYJKoZIhvcNAQcBoIAkgASCBAAwgDCABgkqhkiG9w0BBwGggCSA"
+			+ "BIICvjCCArowggK2BgsqhkiG9w0BDAoBAqCCAqUwggKhMBsGCiqGSIb3DQEM"
+			+ "AQMwDQQIyJDupEHvySECAQEEggKAupvM7RuZL3G4qNeJM3afElt03TVfynRT"
+			+ "xUxAZOfx+zekHJTlnEuHJ+a16cOV6dQUgYfyMw1xcq4E+l59rVeMX9V3Zr0K"
+			+ "tsMN9VYB/9zn62Kw6LQnY0rMlWYf4bt9Ut5ysq0hE5t9FL+NZ5FbFdWBOKsj"
+			+ "/3oC6eNXOkOFyrY2haPJtD1hVHUosrlC0ffecV0YxPDsReeyx0R4CiYZpAUy"
+			+ "ZD7rkxL+mSX7zTsShRiga2Q/NEhC1KZpbhO/qbyOgvH0r7CRumSMvijzDgaV"
+			+ "IGqtrIZ2E2k5kscjcuFTW0x3OZTLAW/UnAh4JXJzC6isbdiWuswbAEBHifUC"
+			+ "rk2f+bDJKe2gkH67J2K0yDQ3YSSibpjDX/bVfbtfmOoggK9MKQwqEeE0nbYE"
+			+ "jzInH2OK5jPtmwppjmVA7i3Uk25w2+z7b/suUbft9hPCNjxFvzdbyCcXK4Vv"
+			+ "xAgEbVWnIkvOQNbyaQi+DEF/4P26GwgJgXuJpMBn0zzsSZSIDLNl8eJHoKp2"
+			+ "ZXknTi0SZkLaYlBxZlNhFoyXLfvQd6TI2aR5aCVqg1aZMBXyOWfz5t0JTVX8"
+			+ "HTIcdXKis91iEsLB7vjcxIOASTAjKARr5tRp6OvaVterAyDOn2awYQJLLic5"
+			+ "pQfditRAlsLkTxlDdu0/QBMXSPptO8g3R+dS7ntvCjXgZZyxpOeKkssS2l5v"
+			+ "/B2EsfKmYA9hU4aBdW1S9o/PcF1wpVqABd8664TGJ77tCAkbdHe0VJ3Bop2X"
+			+ "lNxlWeEeD0v0QUZLqkJoMEwi5SUE6HAWjbqGhRuHyey9E+UsdCVnQ8AxXQzL"
+			+ "2UKOmIrXc6R25GsLPCysXuXPRFBB2Tul0V3re3hPcAAAAAAAADCABgkqhkiG"
+			+ "9w0BBwaggDCAAgEAMIAGCSqGSIb3DQEHATAbBgoqhkiG9w0BDAEGMA0ECDXn"
+			+ "UZu6xckzAgEBoIAEggTYQMbzAoGnRVJMbCaJJUYgaARJ4zMfxt2e12H4pX/e"
+			+ "vnZrR1eKAMck5c2vJoEasr0i2VUcAcK12AntVIEnBwuRBcA2WrZnC28WR+O7"
+			+ "rLdu9ymG2V3zmk66aTizaB6rcHAzs2lD74n+/zJhZNaDMBfu9LzAdWb/u6Rb"
+			+ "AThmbw764Zyv9802pET6xrB8ureffgyvQAdlcGHM+yxaOV3ZEtS0cp7i+pb/"
+			+ "NTiET4jAFoO1tbBrWGJSRrMKvx4ZREppMhG3e/pYglfMFl+1ejbDsOvEUKSt"
+			+ "H+MVrgDgAv4NsUtNmBu+BIIEAIOCjrBSK3brtV0NZOWsa6hZSSGBhflbEY8s"
+			+ "U1bDsgZIW4ZaJJvSYEXLmiWSBOgq9VxojMfjowY+zj6ePJJMyI3E7AcFa+on"
+			+ "zZjeKxkKypER+TtpBeraqUfgf01b6olH8L2i4+1yotCQ0PS+15qRYPK6D+d3"
+			+ "S+R4veOA6wEsNRijVcB3oQsBCi0FVdf+6MVDvjNzBCZXj0heVi+x0EE106Sz"
+			+ "B3HaDbB/KNHMPZvvs3J3z2lWLj5w7YZ9eVmrVJKsgG2HRKxtt2IQquRj4BkS"
+			+ "upFnMTBVgWxXgwXycauC9bgYZurs+DbijqhHfWpUrttDfavsP8aX6+i3gabK"
+			+ "DH4LQRL7xrTcKkcUHxOTcPHLgDPhi+RevkV+BX9tdajbk4tqw1d+0wOkf1pW"
+			+ "aTG8fUp0lUpra7EJ0lGy8t/MB3NEk/5tLk9qA2nsKKdNoEdZWiEBE0fMrH1o"
+			+ "tWJDew3VhspT+Lkor2dLN5ydjcr3wkb76OETPeMxS91onNj5mrAMUBt66vb6"
+			+ "Gx4CL8FTRNZ/l8Kzngzdv9PmmKPTIXbhYbn3XRGg3od2tC/oVfsqYlGAMgFO"
+			+ "STt+BZ1BR9Phyi4jsiy8R0seCEDRWYQLbwgwVj0V8Rx9VptqRoCnB4XhGJoJ"
+			+ "TdAz/MT7KOSxIh2F2FymTJpyImcV6X4Kcj9iY0AZQ4zj712g4yMR6xKGzRu6"
+			+ "oIBDkFW2bdA3Lb9ePpo5GFtNyA7IbggIko6VOeeOKxaq9nALS2gsZc1yaYtp"
+			+ "aKL8kB+dVTCXiLgQniO6eMzgonsuwFnG+42XM1vhEpAvFzeJRC0CYzebEK9n"
+			+ "nGXKCPoqPFuw3gcPMn57NCZJ8MjT/p0wANIEm6AsgqrdFKwTRVJ1ytB/X9Ri"
+			+ "ysmjMBs9zbFKjU9jVDg1vGBNtb7YnYg9IrYHa3e4yTu2wUJKGP2XWHVgjDR7"
+			+ "6RtzlO4ljw0kkSMMEDle2ZbGZ6lVXbFwV0wPNPmGA6+XGJRxcddTnrM6R/41"
+			+ "zqksFLgoNL2BdofMXwv7SzxGyvFhHdRRdBZ5dKj2K9OfXakEcm/asZGu87u8"
+			+ "y9m7Cckw8ilSNPMdvYiFRoThICx9NiwYl1IIKGcWlb9p6RAx6XNSkY6ZZ6pE"
+			+ "Vla1E26rbd7is1ssSeqxLXXV9anuG5HDwMIt+CIbD8fZmNTcWMzZRiaFajvR"
+			+ "gXdyTu/UhVdhiQPF+lrxp4odgF0cXrpcGaKvOtPq04F4ad3O5EkSGucI210Q"
+			+ "pR/jQs07Yp5xDPzsXAb8naHb84FvK1iONAEjWbfhDxqtH7KGrBbW4KEzJrv3"
+			+ "B8GLDp+wOAFjGEdGDPkOx3y2L2HuI1XiS9LwL+psCily/A96OiUyRU8yEz4A"
+			+ "AAAAAAAAAAAEAwAAAAAAAAAAADAtMCEwCQYFKw4DAhoFAAQU1NQjgVRH6Vg3"
+			+ "tTy3wnQisALy9aYECKiM2gZrLi+fAAA=");
+
+		private static readonly char[] noFriendlyPassword = "sschette12".ToCharArray();
+
+		private static readonly byte[] pkcs12StorageIssue = Base64.Decode(
+			"MIIO8QIBAzCCDrEGCSqGSIb3DQEHAaCCDqIEgg6eMIIOmjCCBBMGCSqGSIb3"
+			+ "DQEHAaCCBAQEggQAMIID/DCCA/gGCyqGSIb3DQEMCgECoIICtjCCArIwHAYK"
+			+ "KoZIhvcNAQwBAzAOBAgURJ+/5hA2pgICB9AEggKQYZ4POE8clgH9Bjd1XO8m"
+			+ "sr6NiRBiA08CllHSOn2RzyAgHTa+cKaWrEVVJ9mCd9XveSUCoBF9E1C3jSl0"
+			+ "XIqLNgYd6mWK9BpeMRImM/5crjy///K4ab9kymzkc5qc0pIpdCQCZ04YmtFP"
+			+ "B80VCgyaoh2xoxqgjBCIgdSg5XdepdA5nXkG9EsQ1oVUyCykv20lKgKKRseG"
+			+ "Jo23AX8YUYR7ANqP2gz9lvlX6RBczuoZ62ujopUexiQgt5SZx97sgo3o/b/C"
+			+ "px17A2L4wLdeAYCMCsZhC2UeaqnZCHSsvnPZfRGiuSEGbV5gHLmXszLDaEdQ"
+			+ "Bo873GTpKTTzBfRFzNCtYtZRqh2AUsInWZWQUcCeX6Ogwa0wTonkp18/tqsh"
+			+ "Fj1fVpnsRmjJTTXFxkPtUw5GPJnDAM0t1xqV7kOjN76XnZrMyk2azQ1Mf3Hn"
+			+ "sGpF+VRGH6JtxbM0Jm5zD9uHcmkSfNR3tP/+vHOB1mkIR9tD2cHvBg7pAlPD"
+			+ "RfDVWynhS+UBNlQ0SEM/pgR7PytRSUoKc/hhe3N8VerF7VL3BwWfBLlZFYZH"
+			+ "FvPQg4coxF7+We7nrSQfXvdVBP9Zf0PTdf3pbZelGCPVjOzbzY/o/cB23IwC"
+			+ "ONxlY8SC1nJDXrPZ5sY51cg/qUqor056YqipRlI6I+FoTMmMDKPAiV1V5ibo"
+			+ "DNQJkyv/CAbTX4+oFlxgddTwYcPZgd/GoGjiP9yBHHdRISatHwMcM06CzXJS"
+			+ "s3MhzXWD4aNxvvSpXAngDLdlB7cm4ja2klmMzL7IuxzLXFQFFvYf7IF5I1pC"
+			+ "YZOmTlJgp0efL9bHjuHFnh0S0lPtlGDOjJ/4YpWvSKDplcPiXhaFVjsUtclE"
+			+ "oxCC5xppRm8QWS8xggEtMA0GCSsGAQQBgjcRAjEAMBMGCSqGSIb3DQEJFTEG"
+			+ "BAQBAAAAMGkGCSsGAQQBgjcRATFcHloATQBpAGMAcgBvAHMAbwBmAHQAIABS"
+			+ "AFMAQQAgAFMAQwBoAGEAbgBuAGUAbAAgAEMAcgB5AHAAdABvAGcAcgBhAHAA"
+			+ "aABpAGMAIABQAHIAbwB2AGkAZABlAHIwgZsGCSqGSIb3DQEJFDGBjR6BigA3"
+			+ "AGQAZQBmADUAYgA0ADMANgBjAGEAYgBkADAAMAAyAGQAZAAyADkAMAAzAGIA"
+			+ "MQA2ADgANgBjADcAOQA0ADgAXwA0ADYAZgAyADYAZgBkADQALQA4ADEAMgBk"
+			+ "AC0ANABlAGYAYgAtADgAMAA4ADgALQA0ADUAYQBiADkAMQA5ADEAMAA3AGMA"
+			+ "YzCCCn8GCSqGSIb3DQEHBqCCCnAwggpsAgEAMIIKZQYJKoZIhvcNAQcBMBwG"
+			+ "CiqGSIb3DQEMAQYwDgQIbr2xdnQ9inMCAgfQgIIKOHg9VKz+jlM+3abi3cp6"
+			+ "/XMathxDSEJLrxJs6j5DAVX17S4sw1Q/1pptjdMdd8QtTfUB6JpfgJ5Kpn+h"
+			+ "gZMf6M8wWue0U/RZN0D9w7o+2n+X3ItdEXu80eJVDOm7I2p8qiXtijbMbXRL"
+			+ "Cup1lgfPM5uv2D63/hmWRXLeG8eySrJnKENngpM559V8TI2JcTUBy1ZP3kcH"
+			+ "KbcJ/tVPnIIe4qguxfsTmDtAQviGvWUohbt+RGFmtqfgntK7o6b+S8uRSwEs"
+			+ "fOU/pnVE9M1ugtNJZI/xeGJq6umZWXA/OrAcK7feWUwqRvfivDGQJEoggByd"
+			+ "4/g92PhK1JGkwlCb1HdfhOOKKChowQ4zVvSOm+uBxARGhk2i5uW9I20I0vSJ"
+			+ "px42O2VFVJweOchfp+wBtSHBKYP1ZXyXWMvOtULClosSeesbYMAwvyBfpYEz"
+			+ "3rQt/1iZkqDmEisXk8X1aEKG1KSWaSPyb/+6glWikDm+YdQw3Khu7IZt1l/H"
+			+ "qWGecccel+R9mT4YjRzHlahUYk4U+RNVasVpH1Kxz2j3CZqL+b3jQOwSAPd/"
+			+ "hKI+S/pjIpBPfiC4WxORAzGZzY2j+a79B70h1DO1D9jGur3vJDbdmGBNgs6d"
+			+ "nonE1B527SICcGeXY1MtnZCLOPvySih0AvOekbN9x2CJg+Hp9e7A3Fxni53/"
+			+ "oMLr9wGRRDki72eXCXW98mU8VJofoWYS1/VBLXGf/f+tJ9J02PpzxleqPH9T"
+			+ "4mE+YHnZId6cqjCXmwvMr2cMw2clDVfvkbAJRE3eZHzL7IWSO8+giXzzrTsl"
+			+ "VbMuXVkT4oniTN7TSRsBCT3zVVmCy1QL2hPBD6KsVc+bvLgAHRov84FPrI3f"
+			+ "kY/oJufT36VE34Eu+QjzULlvVsLE3lhjutOerVIGSP//FM4LE99hp214P0JF"
+			+ "DgBK+3J+ihmFdW8hUXOt6BU8/MBeiroiJMWo1/f/XcduekG2ZsdGv+GNPzXI"
+			+ "PyHRpCgAgmck1+qoUPXxHRJuNqv223OZ5MN14X7iLl5OZ+f8IWfxUnZeZ9gj"
+			+ "HNeceElwZ+YOup1CAi3haD9jxRWhZG4NDfB4IYi4Bc/TAkXE3jCPkYEvIbj9"
+			+ "ExaU1Ts0+lqOOcwRmBoYjVrz0xbtfR/OWlopyrDHbeL5iQcQCW/loYRapWCZ"
+			+ "E4ekHknpX9yoAwT355vtTkl0VKXeSZHE8jREhN95aY9zCoLYwbTQDTw7qUR5"
+			+ "UamabLew0oS0XALtuOrfX4OUOZZUstUsGBle/Pw1TE3Bhe1clhrikp0F+Xgb"
+			+ "Xx90KqxZX/36RMnCMAD7/q+57rV7WXp2Y5tT0AUgyUMjy1F1X/b1olUfqO1u"
+			+ "rlWIUTl2znmQ3D9uO3W4ytfgGd5DpKcl2w84MBAT9qGwKuQg/UYKbP4K/+4L"
+			+ "Y1DWCy3utmohQ28IJtlIUkPL1G7lHX1tfq/VA+bRNTJIhMrNn06ZJpuEJHDs"
+			+ "/ferdlMFt/d6MrwVivmPVYkb8mSbHSiI8jZOFE44sA974depsDyXafFaSsl0"
+			+ "bVzqOAu0C/n9dIednU0xxxgDF/djdZ/QhbaDIg2VJf11wx0nw9n76B0+eeyu"
+			+ "QLaapzxCpQNDVOAM9doBb5F1I5pXQHFQqzTNtLmqDC4x0g8IH7asyk5LCglT"
+			+ "b1pwMqPJOL2vGWKRLhPzT+9OfSpCmYGKytf593hmGmwIgEO13hQrw31F5TYt"
+			+ "btkbDr+Q5XilOKEczhEM+Ug7YHU7bxkckOAbxu0YeRp/57GdGLokeLJ0dRlQ"
+			+ "+V2CfQvWJoVC6PS4PUQtjwgK2p/LU10QsEFwM/S621fGq9zGrv7+FPBATRDb"
+			+ "k4E9D/WaRylnW11ZTrOlTchQkoHcOh0xztlFxU8jzuIuDrPQQWkoqdl6B+yf"
+			+ "lykRNJKKxwzFiPl40nLC3nEdIzCEvR4r/9QHiWQxAVSc/wQX+an5vakUmSXS"
+			+ "oLFjgVdY1jmvdsx2r5BQPuOR8ONGmw/muvVSMaHV85brA4uk0lxn00HD9/a0"
+			+ "A1LCeFkabNLn9wJT8RaJeOSNmFFllLR70OHaoPSb3GyzHpvd1e6aeaimdyVH"
+			+ "BQWJ6Ufx+HjbOGuOiN46WyE6Q27dnWxx8qF89dKB4T/J0mEXqueiUjAUnnnR"
+			+ "Cs4zPaX53hmNBdrZGaLs+xNG8xy+iyBUJIWWfQAQjCjfHYlT9nygiUWIbVQq"
+			+ "RHkGkAN62jsSNLgHvWVzQPNNsYq0U8TPhyyci/vc8MJytujjptcz8FPqUjg2"
+			+ "TPv34ef9buErsm4vsdEv/8Z+9aDaNex+O3Lo3N0Aw7M5NcntFBHjFY/nBFNZ"
+			+ "whH5YA4gQ8PLZ5qshlGvb0DFXHV/9zxnsdPkLwH47ERm5IlEAuoaWtZFxg27"
+			+ "BjLfwU1Opk+ybDSb5WZVZrs7ljsU85p3Vaf3a//yoyr9ITYj15tTXxSPoct0"
+			+ "fDUy1I6LjJH/+eZXKA1WSda9mDQlRocvJ0IIIlI4weJpTdm8aHIJ8OngCqOF"
+			+ "TufcSLDM41+nxEK1LqXeAScVy74kVvvqngj6mIrbylrINZOHheEgTXrUWEc0"
+			+ "uXS8l1YqY6K6Ru5km2jVyWi/ujrDGb6QGShC09oiDYUuUGy4gwJ3XLVX/dR3"
+			+ "pmMExohTGiVefFP400wVZaxB9g1BQmjSEZxIaW1U1K6fk8Yni8yWB3/L/PuD"
+			+ "0+OV+98i1sQGaPe35crIpEc7R2XJdngL0Ol1ZuvCIBfy5DQwGIawTtBnjPdi"
+			+ "hy//QTt/isdu7C5pGaJDkZFMrfxMibr6c3xXr7wwR75sTzPNmS8mquEdLsmG"
+			+ "h8gTUnB8/K6V11JtUExMqTimTbUw+j8PggpeBelG36breWJIz1O+dmCTGuLM"
+			+ "x/sK/i8eiUeRvWjqYpq5DYt4URWg2WlcpcKiUxQp07/NMx0svDC+mlQGwMnJ"
+			+ "8KOJMW1qr3TGEJ/VVKKVn6sXn/RxA+VPofYzhwZByRX87XmNdPeQKC2DHQsW"
+			+ "6v83dua5gcnv0cv/smXt7Yr/c12i0fbIaQvj3qjtUCDucjARoBey3eCyG5H6"
+			+ "5VHSsFnPZ2HCTum+jRSw/ENsu/77XU4BIM2fjAfswp7iIr2Xi4OZWKIj6o6q"
+			+ "+fNgnOJjemDYHAFK+hWxClrG8b+9Eaf21o4zcHkhCfBlYv4d+xcZOIDsDPwI"
+			+ "sf+4V+CfoBLALsa2K0pXlPplGom/a8h7CjlyaICbWpEDItqwu7NQwdMRCa7i"
+			+ "yAyM1sVjXUdcZByS1bjOFSeBe7ygAvEl78vApLxqt8Cw11XSsOtmwssecUN/"
+			+ "pb7iHE4OMyOgsYx9u7rZ2hMyl42n3c29IwDYMumiNqk9cwCBpQTJAQEv4VzO"
+			+ "QE5xYDBY9SEozni+4f7B7e2Wj/LOGb3vfNVYGNpDczBFxvr2FXTQla0lNYD/"
+			+ "aePuC++QW4KvwiGL1Zx4Jo0eoDKWYlYj0qiNlQbWfVw+raaaFnlrq+je0W6P"
+			+ "+BrKZCncho145y+CFKRLZrN5yl/cDxwsePMVhAIMr1DzVhgBXzA3MB8wBwYF"
+			+ "Kw4DAhoEFN4Cwj9AtArnRbOIAsRhaaoZlTNJBBTIVPqCrloqLns145CWXjb0"
+			+ "g141BQ==");
+
+		private static readonly char[] storagePassword = "pass".ToCharArray();
+
+		private static readonly byte[] pkcs12nopass = Base64.Decode(
+			"MIIMvgIBAzCCDIQGCSqGSIb3DQEHAaCCDHUEggxxMIIMbTCCCS8GCSqGSIb3"
+			+ "DQEHBqCCCSAwggkcAgEAMIIJFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYw"
+			+ "DgQIfnlhuZRR6/YCAggAgIII6DYgeRwq5n9kzvohZ3JuK+fB+9jZ7Or6EGBA"
+			+ "GDxtBfHmSNUBWJEV/I8wV1zrKKoW/CaoZfA61pyrVZRd/roaqBx/koTFoh/g"
+			+ "woyyWTRV9gYTXSVqPQgCH+e2dISAa6UGO+/YOWOOwG2X3t8tS+3FduFQFLt5"
+			+ "cvUP98zENdm57Aef5pKpBSZDLIAoTASfmqwszWABRh2p/wKOHcCQ9Aj2e2vs"
+			+ "pls/ntIv81MqPuxHttwX8e+3dKWGFrJRztLpCD2aua8VkSsHFsPxEHkezX4O"
+			+ "6/VCjMCRFGophTS4dgKKtQIhZ9i/ESlr6sGKgIpyG99ALFpNEhtTKe+T3boE"
+			+ "sEkhGDquSpu4PGz2m0W5sej1DyFkKX4zIbeMDAb1y3O7aP0F+Llo9QSeGsOA"
+			+ "aCwND3NUAKBMOHzwdyNQcuCGCqY8j5rrSt99A5FMs3UVW3XU6hRCx7JlzO05"
+			+ "PNCkcPRSnKSNzBhIR5W0qj4PAZnQTfX+wbtUaDLIqsObX4Muh2l3gl+JmdpO"
+			+ "53U7ILqN8PAPly1eT+fIrUmlMmFhvo6LbTB7B2K728wsA/5wROlud/mOQz4s"
+			+ "quS288YsnVc9ExSZKodWa3Pqcdb/cgKNJYDxrR6/eBHOj+0RLK/1yTK9ghj7"
+			+ "IPYHoEqQbw768WK92RjM+RFGlXASkQhR9y4weWj/388uAWMIbQ+R2Zi4nb31"
+			+ "knjqRPFThysG1bsRL04/9PgysaasfS9KYOeAlLqp+Ar4gJrof5fytBuY+6wm"
+			+ "/J8eEdNw7VPV1cz/4rhrd2sfJQwDEN/iZoy8rTwe7wozpwZI0lwH11BBbav+"
+			+ "1AMfI79jjxhqOeo7uxE2NzUmSd05JYI7a94tcRzGQyGEKpGxYCRamzFW23qb"
+			+ "vG5Hcqi7Tdd7eTxw4c60l/vQLSo38g6ST5yZrK3URLiAtpioPyjrq2jnVfie"
+			+ "QLsiAHhpHF01+t+OcKv3UjwdEyBmQ34h9klwiG7iwBFXZaPXFCF2Np1TqFVG"
+			+ "jjBzmB+hRddEiYwN+XGCKB2Cvgc5ZMQ8LG9jQmEKLmOjuumz1ciAVY2qtl1s"
+			+ "HYSvfNsIAV/gGzHshOVF19JmGtcQt3pMtupoRh+sh8jY2/x5eIKrj2Jx6HPd"
+			+ "p/6IPUr54j0xSd6j7gWuXMj/eKp/utMNuBzAhkydnhXYedvTDYIj7SyPPIHa"
+			+ "qtam8rxTDWn2AOxp7OXTgPmo1GU2zW1OLL1D3MFlS+oaRMfhgNrhW+QP5ay6"
+			+ "ge4QLijpnSM+p0CbFAOClwzgdJV56bBVV09sDqSBXnG9MeEv5nDaH3I+GpPA"
+			+ "UgDkaI4zT61kaGgk0uNMf3czy2ycoQzTx0iHDTXSdSqvUC1yFza8UG4AYaKz"
+			+ "14gtSL7StvZtK0Y8oI084BINI1LgrWyrOLj7vkds4WrKhXm21BtM1GbN/pFh"
+			+ "XI41h+XoD8KnEPqJ36rAgBo1uHqTNJCC7YikDE/dEvq6MkOx+Nug1YZRHEyi"
+			+ "3AHry5u1HJHtxT34HXBwRXvnstuFhvU6cjc1WY1dJhu1p82TGnx7OBo/QbcM"
+			+ "8MRrWmWuU5eW4jWbriGNGYfvZy+tHnGwy0bIeqrsHOG6/JwvfmYYXe64sryH"
+			+ "5Qo96SZtcTJZaNFwuBY+bFUuOWm8YrT1L7Gl2Muf3pEVtNHLeYARBo1jEAym"
+			+ "Cb4jw0oodZqbPKdyyzUZu69fdTJiQkMUcKDfHJEGK0Li9SvtdqJLiiJs57Tb"
+			+ "YfOvn+TIuC40ssJFtmtlGCVH/0vtKLWYeW1NYAMzgI/nlhQ7W6Aroh8sZnqv"
+			+ "SwxeQmRJaVLxiV6YveTKuVlCbqNVLeEtKYAujgnJtPemGCPbwZpwlBw6V+Dz"
+			+ "oXveOBcUqATztWJeNv7RbU0Mk7k057+DNxXBIU+eHRGquyHQSBXxBbA+OFuu"
+			+ "4SPfEAyoYed0HEaoKN9lIsBW1xTROI30MZvaJXvPdLsa8izXGPLnTGmoI+fv"
+			+ "tJ644HtBCCCr3Reu82ZsTSDMxspZ9aa4ro9Oza+R5eULXDhVXedbhJBYiPPo"
+			+ "J37El5lRqOgu2SEilhhVQq3ZCugsinCaY9P/RtWG4CFnH1IcIT5+/mivB48I"
+			+ "2XfH6Xq6ziJdj2/r86mhEnz9sKunNvYPBDGlOvI7xucEf9AiEQoTR1xyFDbW"
+			+ "ljL4BsJqgsHN02LyUzLwqMstwv+/JH1wUuXSK40Kik/N7+jEFW2C+/N8tN7l"
+			+ "RPKSLaTjxVuTfdv/BH1dkV4iGFgpQrdWkWgkb+VZP9xE2mLz715eIAg13x6+"
+			+ "n97tc9Hh375xZJqwr3QyYTXWpsK/vx04RThv8p0qMdqKvf3jVQWwnCnoeBv2"
+			+ "L4h/uisOLY18qka/Y48ttympG+6DpmzXTwD1LycoG2SOWckCMmJhZK40+zr3"
+			+ "NVmWf6iJtbLGMxI/kzTqbTaOfXc2MroertyM1rILRSpgnJFxJfai5Enspr9b"
+			+ "SCwlP718jG2lQsnYlw8CuxoZAiaNy4MmC5Y3qNl3hlcggcHeLodyGkSyRsBg"
+			+ "cEiKSL7JNvqr0X/nUeW28zVxkmQsWlp3KmST8agf+r+sQvw52fXNLdYznGZV"
+			+ "rJrwgNOoRj0Z70MwTns3s/tCqDEsy5Sv/5dZW2uQEe7/wvmsP2WLu73Rwplg"
+			+ "1dwi/Uo9lO9dkEzmoIK5wMPCDINxL1K+0Y79q0tIAEMDgaIxmtRpEh8/TEsA"
+			+ "UwyEErkDsQqgGviH+ePmawJ/yehYHTRfYUgdUflwApJxRx65pDeSYkiYboMU"
+			+ "8WSAQY2nh/p9hLlS4zbz9dCK2tzVyRkJgqNy/c4IpiHEx2l1iipW9vENglqx"
+			+ "dYP4uqD8e3OOLjDQKizWx2t1u7GRwoEVQ3d3QzzOvsRcv7h+6vNsmYqE6phe"
+			+ "wKFZLctpSn21zkyut444ij4sSr1OG68dEXLY0t0mATfTmXXy5GJBsdK/lLfk"
+			+ "YTIPYYeDMle9aEicDqaKqkZUuYPnVchGp8UFMJ3M0n48OMDdDvpzBLTxxZeW"
+			+ "cK5v/m3OEo3jgxy9wXfZdz//J3zXXqvX8LpMy1K9X0uCBTz6ERlawviMQhg1"
+			+ "1okD5zCCAzYGCSqGSIb3DQEHAaCCAycEggMjMIIDHzCCAxsGCyqGSIb3DQEM"
+			+ "CgECoIICpjCCAqIwHAYKKoZIhvcNAQwBAzAOBAj3QoojTSbZqgICCAAEggKA"
+			+ "YOSp5XGdnG1pdm9CfvlAaUSHRCOyNLndoUTqteTZjHTEM9bGwNXAx4/R5H2Q"
+			+ "PnPm5HB/ynVSXX0uKdW6YlbqUyAdV3eqE4X3Nl+K7ZoXmgAFnMr0tveBhT1b"
+			+ "7rTi0TN4twjJzBTkKcxT8XKjvpVizUxGo+Ss5Wk8FrWLHAiC5dZvgRemtGcM"
+			+ "w5S09Pwj+qXpjUhX1pB5/63qWPrjVf+Bfmlz4bWcqogGk0i7eg+OdTeWMrW0"
+			+ "KR9nD1+/uNEyc4FdGtdIPnM+ax0E+vcco0ExQpTXe0xoX4JW7O71d550Wp89"
+			+ "hAVPNrJA5eUbSWNsuz+38gjUJ+4XaAEhcA7HZIp6ZyxtzSJUoh7oqpRktoxu"
+			+ "3cSVqVxIqAEqlNn6j0vbKfW91Od5DI5L+BIxY4xqXS7fdwipj9r6qWA8t9QU"
+			+ "C2r1A+xXpZ4jEh6inHW9qlfACBBrYf8pSDakSR6yTbaA07LExw0IXz5oiQYt"
+			+ "s7yx231CZlOH88bBmruLOIZsJjeg/lf63zI7Gg4F85QG3RqEJnY2pinLUTP7"
+			+ "R62VErFZPc2a85r2dbFH1mSQIj/rT1IKe32zIW8xoHC4VwrPkT3bcLFAu2TH"
+			+ "5k5zSI/gZUKjPDxb2dwLM4pvsj3gJ9vcFZp6BCuLkZc5rd7CyD8HK9PrBLKd"
+			+ "H3Yngy4A08W4U3XUtIux95WE+5O/UEmSF7fr2vT//DwZArGUpBPq4Bikb8cv"
+			+ "0wpOwUv8r0DXveeaPsxdipXlt29Ayywcs6KIidLtCaCX6/0u/XtMsGNFS+ah"
+			+ "OlumTGBFpbLnagvIf0GKNhbg2lTjflACnxIj8d+QWsnrIU1uC1JRRKCnhpi2"
+			+ "veeWd1m8GUb3aTFiMCMGCSqGSIb3DQEJFTEWBBS9g+Xmq/8B462FWFfaLWd/"
+			+ "rlFxOTA7BgkqhkiG9w0BCRQxLh4sAEMAZQByAHQAeQBmAGkAawBhAHQAIAB1"
+			+ "AHoAeQB0AGsAbwB3AG4AaQBrAGEwMTAhMAkGBSsOAwIaBQAEFKJpUOIj0OtI"
+			+ "j2CPp38YIFBEqvjsBAi8G+yhJe3A/wICCAA=");
+
+		/**
+		* we generate a self signed certificate for the sake of testing - RSA
+		*/
+		public X509CertificateEntry CreateCert(
+			AsymmetricKeyParameter	pubKey,
+			AsymmetricKeyParameter	privKey,
+			string					issuerEmail,
+			string					subjectEmail)
+		{
+			//
+			// distinguished name table.
+			//
+            IDictionary issuerAttrs = new Hashtable();
+			issuerAttrs.Add(X509Name.C, "AU");
+			issuerAttrs.Add(X509Name.O, "The Legion of the Bouncy Castle");
+			issuerAttrs.Add(X509Name.L, "Melbourne");
+			issuerAttrs.Add(X509Name.ST, "Victoria");
+			issuerAttrs.Add(X509Name.EmailAddress, issuerEmail);
+
+			IDictionary subjectAttrs = new Hashtable();
+			subjectAttrs.Add(X509Name.C, "AU");
+			subjectAttrs.Add(X509Name.O, "The Legion of the Bouncy Castle");
+			subjectAttrs.Add(X509Name.L, "Melbourne");
+			subjectAttrs.Add(X509Name.ST, "Victoria");
+			subjectAttrs.Add(X509Name.EmailAddress, subjectEmail);
+
+			IList order = new ArrayList();
+			order.Add(X509Name.C);
+			order.Add(X509Name.O);
+			order.Add(X509Name.L);
+			order.Add(X509Name.ST);
+			order.Add(X509Name.EmailAddress);
+
+			//
+			// extensions
+			//
+
+			//
+			// create the certificate - version 3
+			//
+			X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
+
+			certGen.SetSerialNumber(BigInteger.One);
+			certGen.SetIssuerDN(new X509Name(order, issuerAttrs));
+			certGen.SetNotBefore(DateTime.UtcNow.AddDays(-30));
+			certGen.SetNotAfter(DateTime.UtcNow.AddDays(30));
+			certGen.SetSubjectDN(new X509Name(order, subjectAttrs));
+			certGen.SetPublicKey(pubKey);
+			certGen.SetSignatureAlgorithm("MD5WithRSAEncryption");
+
+			return new X509CertificateEntry(certGen.Generate(privKey));
+		}
+
+		public void doTestPkcs12Store()
+		{
+			BigInteger mod = new BigInteger("bb1be8074e4787a8d77967f1575ef72dd7582f9b3347724413c021beafad8f32dba5168e280cbf284df722283dad2fd4abc750e3d6487c2942064e2d8d80641aa5866d1f6f1f83eec26b9b46fecb3b1c9856a303148a5cc899c642fb16f3d9d72f52526c751dc81622c420c82e2cfda70fe8d13f16cc7d6a613a5b2a2b5894d1", 16);
+
+			MemoryStream stream = new MemoryStream(pkcs12, false);
+			Pkcs12Store store = new Pkcs12StoreBuilder().Build();
+			store.Load(stream, passwd);
+
+			string pName = null;
+			foreach (string n in store.Aliases)
+			{
+				if (store.IsKeyEntry(n))
+				{
+					pName = n;
+					//break;
+				}
+			}
+
+			AsymmetricKeyEntry key = store.GetKey(pName);
+
+			if (!((RsaKeyParameters) key.Key).Modulus.Equals(mod))
+			{
+				Fail("Modulus doesn't match.");
+			}
+
+			X509CertificateEntry[] ch = store.GetCertificateChain(pName);
+
+			if (ch.Length != 3)
+			{
+				Fail("chain was wrong length");
+			}
+
+			if (!ch[0].Certificate.SerialNumber.Equals(new BigInteger("96153094170511488342715101755496684211")))
+			{
+				Fail("chain[0] wrong certificate.");
+			}
+
+			if (!ch[1].Certificate.SerialNumber.Equals(new BigInteger("279751514312356623147411505294772931957")))
+			{
+				Fail("chain[1] wrong certificate.");
+			}
+
+			if (!ch[2].Certificate.SerialNumber.Equals(new BigInteger("11341398017")))
+			{
+				Fail("chain[2] wrong certificate.");
+			}
+
+			//
+			// save test
+			//
+			MemoryStream bOut = new MemoryStream();
+			store.Save(bOut, passwd, new SecureRandom());
+
+			stream = new MemoryStream(bOut.ToArray(), false);
+			store.Load(stream, passwd);
+
+			key = store.GetKey(pName);
+
+			if (!((RsaKeyParameters)key.Key).Modulus.Equals(mod))
+			{
+				Fail("Modulus doesn't match.");
+			}
+
+			store.DeleteEntry(pName);
+
+			if (store.GetKey(pName) != null)
+			{
+				Fail("Failed deletion test.");
+			}
+
+			//
+			// cert chain test
+			//
+			store.SetCertificateEntry("testCert", ch[2]);
+
+			if (store.GetCertificateChain("testCert") != null)
+			{
+				Fail("Failed null chain test.");
+			}
+
+			//
+			// UTF 8 single cert test
+			//
+			stream = new MemoryStream(certUTF, false);
+			store.Load(stream, "user".ToCharArray());
+
+			if (store.GetCertificate("37") == null)
+			{
+				Fail("Failed to find UTF cert.");
+			}
+
+			//
+			// try for a self generated certificate
+			//
+			RsaKeyParameters pubKey = new RsaKeyParameters(
+				false,
+				new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+				new BigInteger("11", 16));
+
+			RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters(
+				new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+				new BigInteger("11", 16),
+				new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
+				new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
+				new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
+				new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
+				new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
+				new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
+
+			X509CertificateEntry[] chain = new X509CertificateEntry[] {
+				CreateCert(pubKey, privKey, "issuer@bouncycastle.org", "subject@bouncycastle.org")
+			};
+
+			store = new Pkcs12StoreBuilder().Build();
+
+			store.SetKeyEntry("privateKey", new AsymmetricKeyEntry(privKey), chain);
+
+			if (!store.ContainsAlias("privateKey") || !store.ContainsAlias("PRIVATEKEY"))
+			{
+				Fail("couldn't find alias privateKey");
+			}
+
+			if (store.IsCertificateEntry("privateKey"))
+			{
+				Fail("key identified as certificate entry");
+			}
+
+			if (!store.IsKeyEntry("privateKey") || !store.IsKeyEntry("PRIVATEKEY"))
+			{
+				Fail("key not identified as key entry");
+			}
+
+			if (!"privateKey".Equals(store.GetCertificateAlias(chain[0].Certificate)))
+			{
+				Fail("Did not return alias for key certificate privateKey");
+			}
+
+			MemoryStream store1Stream = new MemoryStream();
+			store.Save(store1Stream, passwd, new SecureRandom());
+			testNoExtraLocalKeyID(store1Stream.ToArray());
+
+			//
+			// no friendly name test
+			//
+			stream = new MemoryStream(pkcs12noFriendly, false);
+			store.Load(stream, noFriendlyPassword);
+
+			pName = null;
+
+			foreach (string n in store.Aliases)
+			{
+				if (store.IsKeyEntry(n))
+				{
+					pName = n;
+					//break;
+				}
+			}
+
+			ch = store.GetCertificateChain(pName);
+
+			//for (int i = 0; i != ch.Length; i++)
+			//{
+			//	Console.WriteLine(ch[i]);
+			//}
+
+			if (ch.Length != 1)
+			{
+				Fail("no cert found in pkcs12noFriendly");
+			}
+
+			//
+			// failure tests
+			//
+			ch = store.GetCertificateChain("dummy");
+
+			store.GetCertificateChain("DUMMY");
+
+			store.GetCertificate("dummy");
+
+			store.GetCertificate("DUMMY");
+
+			//
+			// storage test
+			//
+			stream = new MemoryStream(pkcs12StorageIssue, false);
+			store.Load(stream, storagePassword);
+
+			pName = null;
+
+			foreach (string n in store.Aliases)
+			{
+				if (store.IsKeyEntry(n))
+				{
+					pName = n;
+					//break;
+				}
+			}
+
+			ch = store.GetCertificateChain(pName);
+			if (ch.Length != 2)
+			{
+				Fail("Certificate chain wrong length");
+			}
+
+			store.Save(new MemoryStream(), storagePassword, new SecureRandom());
+
+			//
+			// basic certificate check
+			//
+			store.SetCertificateEntry("cert", ch[1]);
+
+			if (!store.ContainsAlias("cert") || !store.ContainsAlias("CERT"))
+			{
+				Fail("couldn't find alias cert");
+			}
+
+			if (!store.IsCertificateEntry("cert") || !store.IsCertificateEntry("CERT"))
+			{
+				Fail("cert not identified as certificate entry");
+			}
+
+			if (store.IsKeyEntry("cert") || store.IsKeyEntry("CERT"))
+			{
+				Fail("cert identified as key entry");
+			}
+
+			if (!store.IsEntryOfType("cert", typeof(X509CertificateEntry)))
+			{
+				Fail("cert not identified as X509CertificateEntry");
+			}
+
+			if (!store.IsEntryOfType("CERT", typeof(X509CertificateEntry)))
+			{
+				Fail("CERT not identified as X509CertificateEntry");
+			}
+
+			if (store.IsEntryOfType("cert", typeof(AsymmetricKeyEntry)))
+			{
+				Fail("cert identified as key entry via AsymmetricKeyEntry");
+			}
+
+			if (!"cert".Equals(store.GetCertificateAlias(ch[1].Certificate)))
+			{
+				Fail("Did not return alias for certificate entry");
+			}
+
+			//
+			// test restoring of a certificate with private key originally as a ca certificate
+			//
+			store = new Pkcs12StoreBuilder().Build();
+
+			store.SetCertificateEntry("cert", ch[0]);
+
+			if (!store.ContainsAlias("cert") || !store.ContainsAlias("CERT"))
+			{
+				Fail("restore: couldn't find alias cert");
+			}
+
+			if (!store.IsCertificateEntry("cert") || !store.IsCertificateEntry("CERT"))
+			{
+				Fail("restore: cert not identified as certificate entry");
+			}
+
+			if (store.IsKeyEntry("cert") || store.IsKeyEntry("CERT"))
+			{
+				Fail("restore: cert identified as key entry");
+			}
+
+			if (store.IsEntryOfType("cert", typeof(AsymmetricKeyEntry)))
+			{
+				Fail("restore: cert identified as key entry via AsymmetricKeyEntry");
+			}
+
+			if (store.IsEntryOfType("CERT", typeof(AsymmetricKeyEntry)))
+			{
+				Fail("restore: cert identified as key entry via AsymmetricKeyEntry");
+			}
+
+			if (!store.IsEntryOfType("cert", typeof(X509CertificateEntry)))
+			{
+				Fail("restore: cert not identified as X509CertificateEntry");
+			}
+
+			//
+			// test of reading incorrect zero-length encoding
+			//
+			stream = new MemoryStream(pkcs12nopass, false);
+			store.Load(stream, "".ToCharArray());
+		}
+
+		private void testSupportedTypes(AsymmetricKeyEntry privKey, X509CertificateEntry[] chain)
+		{
+			basicStoreTest(privKey, chain,
+				PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc,
+				PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc );
+			basicStoreTest(privKey, chain,
+				PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc,
+				PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc );
+		}
+
+		private void basicStoreTest(AsymmetricKeyEntry privKey, X509CertificateEntry[] chain,
+			DerObjectIdentifier keyAlgorithm, DerObjectIdentifier certAlgorithm)
+		{
+			Pkcs12Store store = new Pkcs12StoreBuilder()
+				.SetKeyAlgorithm(keyAlgorithm)
+				.SetCertAlgorithm(certAlgorithm)
+				.Build();
+
+			store.SetKeyEntry("key", privKey, chain);
+
+			MemoryStream bOut = new MemoryStream();
+
+			store.Save(bOut, passwd, new SecureRandom());
+
+			store.Load(new MemoryStream(bOut.ToArray(), false), passwd);
+
+			AsymmetricKeyEntry k = store.GetKey("key");
+
+			if (!k.Equals(privKey))
+			{
+				Fail("private key didn't match");
+			}
+
+			X509CertificateEntry[] c = store.GetCertificateChain("key");
+
+			if (c.Length != chain.Length || !c[0].Equals(chain[0]))
+			{
+				Fail("certificates didn't match");
+			}
+
+			// check attributes
+			Pkcs12Entry b1 = k;
+			Pkcs12Entry b2 = chain[0];
+
+			if (b1[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] != null)
+			{
+				DerBmpString name = (DerBmpString)b1[PkcsObjectIdentifiers.Pkcs9AtFriendlyName];
+
+				if (!name.Equals(new DerBmpString("key")))
+				{
+					Fail("friendly name wrong");
+				}
+			}
+			else
+			{
+				Fail("no friendly name found on key");
+			}
+
+			if (b1[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] != null)
+			{
+				Asn1OctetString id = (Asn1OctetString)b1[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID];
+
+				if (!id.Equals(b2[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID]))
+				{
+					Fail("local key id mismatch");
+				}
+			}
+			else
+			{
+				Fail("no local key id found");
+			}
+
+			//
+			// check algorithm types.
+			//
+			Asn1InputStream aIn = new Asn1InputStream(bOut.ToArray());
+
+			Pfx pfx = new Pfx((Asn1Sequence)aIn.ReadObject());
+
+			ContentInfo cInfo = pfx.AuthSafe;
+
+			Asn1OctetString auth = (Asn1OctetString)cInfo.Content;
+
+			aIn = new Asn1InputStream(auth.GetOctets());
+			Asn1Sequence s1 = (Asn1Sequence)aIn.ReadObject();
+
+			ContentInfo c1 = ContentInfo.GetInstance(s1[0]);
+			ContentInfo c2 = ContentInfo.GetInstance(s1[1]);
+
+			aIn = new Asn1InputStream(((Asn1OctetString)c1.Content).GetOctets());
+
+			SafeBag sb = new SafeBag((Asn1Sequence)(((Asn1Sequence)aIn.ReadObject())[0]));
+
+			EncryptedPrivateKeyInfo encInfo = EncryptedPrivateKeyInfo.GetInstance(sb.BagValue);
+
+			// check the key encryption
+			if (!encInfo.EncryptionAlgorithm.ObjectID.Equals(keyAlgorithm))
+			{
+				Fail("key encryption algorithm wrong");
+			}
+
+			// check the certificate encryption
+			EncryptedData cb = EncryptedData.GetInstance(c2.Content);
+
+			if (!cb.EncryptionAlgorithm.ObjectID.Equals(certAlgorithm))
+			{
+				Fail("cert encryption algorithm wrong");
+			}
+		}
+
+		private void testNoExtraLocalKeyID(byte[] store1data)
+		{
+			IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("RSA");
+			kpg.Init(new RsaKeyGenerationParameters(
+				BigInteger.ValueOf(0x10001), new SecureRandom(), 512, 25));
+
+			AsymmetricCipherKeyPair newPair =  kpg.GenerateKeyPair();
+
+			Pkcs12Store store1 = new Pkcs12StoreBuilder().Build();
+			store1.Load(new MemoryStream(store1data, false), passwd);
+
+			Pkcs12Store store2 = new Pkcs12StoreBuilder().Build();
+
+			AsymmetricKeyEntry k1 = store1.GetKey("privatekey");
+			X509CertificateEntry[] chain1 = store1.GetCertificateChain("privatekey");
+
+			X509CertificateEntry[] chain2 = new X509CertificateEntry[chain1.Length + 1];
+
+			Array.Copy(chain1, 0, chain2, 1, chain1.Length);
+
+			chain2[0] = CreateCert(newPair.Public, k1.Key, "subject@bouncycastle.org", "extra@bouncycaste.org");
+
+			if (chain1[0][PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] == null)
+			{
+				Fail("localKeyID not found initially");
+			}
+
+			store2.SetKeyEntry("new", new AsymmetricKeyEntry(newPair.Private), chain2);
+
+			MemoryStream bOut = new MemoryStream();
+
+			store2.Save(bOut, passwd, new SecureRandom());
+
+			store2.Load(new MemoryStream(bOut.ToArray(), false), passwd);
+
+			chain2 = store2.GetCertificateChain("new");
+
+			if (chain2[1][PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] != null)
+			{
+				Fail("localKeyID found after save");
+			}
+		}
+
+		public override string Name
+		{
+			get { return "PKCS12Store"; }
+		}
+
+		public override void PerformTest()
+		{
+			doTestPkcs12Store();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new Pkcs12StoreTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/security/test/SecureRandomTest.cs b/crypto/test/src/security/test/SecureRandomTest.cs
new file mode 100644
index 000000000..12e4b9a47
--- /dev/null
+++ b/crypto/test/src/security/test/SecureRandomTest.cs
@@ -0,0 +1,150 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto.Prng;
+
+namespace Org.BouncyCastle.Security.Tests
+{
+	[TestFixture]
+	public class SecureRandomTest
+	{
+#if !NETCF_1_0
+		[Test]
+		public void TestCryptoApi()
+		{
+			SecureRandom random = new SecureRandom(
+				new CryptoApiRandomGenerator());
+
+			checkSecureRandom(random);
+		}
+#endif
+
+		[Test]
+		public void TestDefault()
+		{
+			SecureRandom random = new SecureRandom();
+
+			checkSecureRandom(random);
+		}
+
+		[Test]
+		public void TestSha1Prng()
+		{
+			SecureRandom random = SecureRandom.GetInstance("SHA1PRNG");
+			random.SetSeed(SecureRandom.GetSeed(20));
+
+			checkSecureRandom(random);
+		}
+
+		[Test]
+		public void TestSha256Prng()
+		{
+			SecureRandom random = SecureRandom.GetInstance("SHA256PRNG");
+			random.SetSeed(SecureRandom.GetSeed(32));
+
+			checkSecureRandom(random);
+		}
+
+		[Test]
+		public void TestThreadedSeed()
+		{
+			SecureRandom random = new SecureRandom(
+				new ThreadedSeedGenerator().GenerateSeed(20, false));
+
+			checkSecureRandom(random);
+		}
+
+		[Test]
+		public void TestVmpcPrng()
+		{
+			SecureRandom random = new SecureRandom(new VmpcRandomGenerator());
+			random.SetSeed(SecureRandom.GetSeed(32));
+
+			checkSecureRandom(random);
+		}
+
+
+		private static void checkSecureRandom(
+			SecureRandom random)
+		{
+			// Note: This will periodically (< 1e-6 probability) give a false alarm.
+			// That's randomness for you!
+			Assert.IsTrue(runChiSquaredTests(random), "Chi2 test detected possible non-randomness");
+		}
+
+		private static bool runChiSquaredTests(
+			SecureRandom random)
+		{
+			int passes = 0;
+
+			for (int tries = 0; tries < 100; ++tries)
+			{
+				double chi2 = measureChiSquared(random, 1000);
+				if (chi2 < 285.0) // 255 degrees of freedom in test => Q ~ 10.0% for 285
+					++passes;
+			}
+
+			return passes > 75;
+		}
+
+		private static double measureChiSquared(
+			SecureRandom	random,
+			int				rounds)
+		{
+			int[] counts = new int[256];
+
+			byte[] bs = new byte[256];
+			for (int i = 0; i < rounds; ++i)
+			{
+				random.NextBytes(bs);
+
+				for (int b = 0; b < 256; ++b)
+				{
+					++counts[bs[b]];
+				}
+			}
+
+			byte mask = SecureRandom.GetSeed(1)[0];
+			for (int i = 0; i < rounds; ++i)
+			{
+				random.NextBytes(bs);
+
+				for (int b = 0; b < 256; ++b)
+				{
+					++counts[bs[b] ^ mask];
+				}
+
+				++mask;
+			}
+
+			byte shift = SecureRandom.GetSeed(1)[0];
+			for (int i = 0; i < rounds; ++i)
+			{
+				random.NextBytes(bs);
+
+				for (int b = 0; b < 256; ++b)
+				{
+					++counts[(byte)(bs[b] + shift)];
+				}
+
+				++shift;
+			}
+
+			int total = 3 * rounds;
+
+			double chi2 = 0;
+			for (int k = 0; k < counts.Length; ++k)
+			{
+				double diff = ((double) counts[k]) - total;
+				double diff2 = diff * diff;
+
+				chi2 += diff2;
+			}
+
+			chi2 /= total;
+
+			return chi2;
+		}
+	}
+}
diff --git a/crypto/test/src/security/test/TestDigestUtil.cs b/crypto/test/src/security/test/TestDigestUtil.cs
new file mode 100644
index 000000000..0f169f931
--- /dev/null
+++ b/crypto/test/src/security/test/TestDigestUtil.cs
@@ -0,0 +1,63 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+
+namespace Org.BouncyCastle.Security.Tests
+{
+    [TestFixture]
+    public class TestDigestUtilities
+    {
+		private static readonly byte[] TestBytes = new byte[100];
+
+		static TestDigestUtilities()
+		{
+			new SecureRandom().NextBytes(TestBytes);
+		}
+
+		[Test]
+        public void TestAlgorithms()
+        {
+			CheckAlgorithm("GOST3411", new Gost3411Digest());
+			CheckAlgorithm("MD2", new MD2Digest());
+            CheckAlgorithm("MD4", new MD4Digest());
+            CheckAlgorithm("MD5", new MD5Digest());
+			CheckAlgorithm("RipeMD128", new RipeMD128Digest());
+			CheckAlgorithm("RipeMD160", new RipeMD160Digest());
+			CheckAlgorithm("RipeMD256", new RipeMD256Digest());
+			CheckAlgorithm("RipeMD320", new RipeMD320Digest());
+			CheckAlgorithm("SHA-1", new Sha1Digest());
+            CheckAlgorithm("SHA-224", new Sha224Digest());
+            CheckAlgorithm("SHA-256", new Sha256Digest());
+            CheckAlgorithm("SHA-384", new Sha384Digest());
+            CheckAlgorithm("SHA-512", new Sha512Digest());
+			CheckAlgorithm("Tiger", new TigerDigest());
+			CheckAlgorithm("Whirlpool", new WhirlpoolDigest());
+		}
+
+		private void CheckAlgorithm(
+            string	name,
+            IDigest	digest)
+        {
+            byte[] hash1 = MakeTestHash(digest);
+			byte[] hash2 = MakeTestHash(DigestUtilities.GetDigest(name));
+
+			Assert.AreEqual(hash1, hash2, name);
+        }
+
+		private byte[] MakeTestHash(
+			IDigest digest)
+		{
+			for (int i = 0; i < digest.GetDigestSize(); ++i)
+			{
+				digest.Update((byte) i);
+			}
+
+			digest.BlockUpdate(TestBytes, 0, TestBytes.Length);
+
+			return DigestUtilities.DoFinal(digest);
+		}
+    }
+}
diff --git a/crypto/test/src/security/test/TestDotNetUtil.cs b/crypto/test/src/security/test/TestDotNetUtil.cs
new file mode 100644
index 000000000..f880b388f
--- /dev/null
+++ b/crypto/test/src/security/test/TestDotNetUtil.cs
@@ -0,0 +1,88 @@
+#if !(NETCF_1_0 || SILVERLIGHT)
+
+using System;
+using System.Security.Cryptography;
+using SystemX509 = System.Security.Cryptography.X509Certificates;
+using System.Collections;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Security.Tests
+{
+	[TestFixture]
+	public class TestDotNetUtilities
+	{
+		[Test]
+		public void TestRsaInterop()
+		{
+			for (int i = 0; i < 100; ++i)
+			{
+				RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(512);
+				RSAParameters rp = rsa.ExportParameters(true);
+				AsymmetricCipherKeyPair kp = DotNetUtilities.GetRsaKeyPair(rp);
+
+				DotNetUtilities.ToRSA((RsaKeyParameters)kp.Public);
+				// TODO This method appears to not work for private keys (when no CRT info)
+				//DotNetUtilities.ToRSA((RsaKeyParameters)kp.Private);
+				DotNetUtilities.ToRSA((RsaPrivateCrtKeyParameters)kp.Private);
+			}
+		}
+
+		[Test]
+		public void TestX509CertificateConversion()
+		{
+			BigInteger DSAParaG = new BigInteger(Base64.Decode("AL0fxOTq10OHFbCf8YldyGembqEu08EDVzxyLL29Zn/t4It661YNol1rnhPIs+cirw+yf9zeCe+KL1IbZ/qIMZM="));
+			BigInteger DSAParaP = new BigInteger(Base64.Decode("AM2b/UeQA+ovv3dL05wlDHEKJ+qhnJBsRT5OB9WuyRC830G79y0R8wuq8jyIYWCYcTn1TeqVPWqiTv6oAoiEeOs="));
+			BigInteger DSAParaQ = new BigInteger(Base64.Decode("AIlJT7mcKL6SUBMmvm24zX1EvjNx"));
+			BigInteger DSAPublicY = new BigInteger(Base64.Decode("TtWy2GuT9yGBWOHi1/EpCDa/bWJCk2+yAdr56rAcqP0eHGkMnA9s9GJD2nGU8sFjNHm55swpn6JQb8q0agrCfw=="));
+			BigInteger DsaPrivateX = new BigInteger(Base64.Decode("MMpBAxNlv7eYfxLTZ2BItJeD31A="));
+
+			DsaParameters para = new DsaParameters(DSAParaP, DSAParaQ, DSAParaG);
+			DsaPrivateKeyParameters dsaPriv = new DsaPrivateKeyParameters(DsaPrivateX, para);
+			DsaPublicKeyParameters dsaPub = new DsaPublicKeyParameters(DSAPublicY, para);
+
+			IDictionary attrs = new Hashtable();
+			attrs[X509Name.C] = "AU";
+			attrs[X509Name.O] = "The Legion of the Bouncy Castle";
+			attrs[X509Name.L] = "Melbourne";
+			attrs[X509Name.ST] = "Victoria";
+			attrs[X509Name.E] = "feedback-crypto@bouncycastle.org";
+
+			IList ord = new ArrayList(attrs.Keys);
+
+			X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
+
+			certGen.SetSerialNumber(BigInteger.One);
+
+			certGen.SetIssuerDN(new X509Name(ord, attrs));
+			certGen.SetNotBefore(DateTime.UtcNow.AddDays(-1));
+			certGen.SetNotAfter(DateTime.UtcNow.AddDays(1));
+			certGen.SetSubjectDN(new X509Name(ord, attrs));
+			certGen.SetPublicKey(dsaPub);
+			certGen.SetSignatureAlgorithm("SHA1WITHDSA");
+
+			X509Certificate cert = certGen.Generate(dsaPriv);
+
+			cert.CheckValidity();
+			cert.Verify(dsaPub);
+
+			SystemX509.X509Certificate dotNetCert = DotNetUtilities.ToX509Certificate(cert);
+
+			X509Certificate certCopy = DotNetUtilities.FromX509Certificate(dotNetCert);
+
+			Assert.AreEqual(cert, certCopy);
+
+			certCopy.CheckValidity();
+			certCopy.Verify(dsaPub);
+		}
+	}
+}
+
+#endif
diff --git a/crypto/test/src/security/test/TestEncodings.cs b/crypto/test/src/security/test/TestEncodings.cs
new file mode 100644
index 000000000..557d2dc51
--- /dev/null
+++ b/crypto/test/src/security/test/TestEncodings.cs
@@ -0,0 +1,188 @@
+using System;
+using System.Collections;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Security.Tests
+{
+    [TestFixture]
+    public class TestEncodings
+    {
+		[Test]
+		public void TestEC()
+		{
+			BigInteger ECParraGX = new BigInteger(Base64.Decode("D/qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqv"));
+			BigInteger ECParraGY = new BigInteger(Base64.Decode("AhQXGxb1olGRv6s1LPRfuatMF+cx3ZTGgzSE/Q5R"));
+			BigInteger ECParraH = new BigInteger(Base64.Decode("AQ=="));
+			BigInteger ECParraN = new BigInteger(Base64.Decode("f///////////////f///nl6an12QcfvRUiaIkJ0L"));
+			BigInteger ECPubQX = new BigInteger(Base64.Decode("HWWi17Yb+Bm3PYr/DMjLOYNFhyOwX1QY7ZvqqM+l"));
+			BigInteger ECPubQY = new BigInteger(Base64.Decode("JrlJfxu3WGhqwtL/55BOs/wsUeiDFsvXcGhB8DGx"));
+			BigInteger ECPrivD = new BigInteger(Base64.Decode("GYQmd/NF1B+He1iMkWt3by2Az6Eu07t0ynJ4YCAo"));
+
+			FpCurve curve = new FpCurve(
+				new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
+				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+
+			ECDomainParameters ecDomain =
+				new ECDomainParameters(
+					curve,
+					new FpPoint(curve,
+						curve.FromBigInteger(ECParraGX),
+						curve.FromBigInteger(ECParraGY)),
+				ECParraN);
+
+			ECPublicKeyParameters ecPub = new ECPublicKeyParameters(
+				new FpPoint(
+					curve,
+					curve.FromBigInteger(ECPubQX),
+					curve.FromBigInteger(ECPubQY)),
+				ecDomain);
+
+			ECPrivateKeyParameters ecPriv = new ECPrivateKeyParameters(ECPrivD, ecDomain);
+
+			SubjectPublicKeyInfo subinfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(ecPub);
+			PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(ecPriv);
+
+			ECPublicKeyParameters tecPub = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(subinfo);
+			ECPrivateKeyParameters tecPriv = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(privInfo);
+
+			Assert.IsTrue(tecPub.Equals(ecPub), "EC: public key to info back to public key");
+			Assert.IsTrue(tecPriv.Equals(ecPriv), "EC: private key to info back to private key");
+		}
+
+        [Test]
+        public void TestDH()
+        {
+            BigInteger DHParraP = new BigInteger(Base64.Decode("ALJCm1CUL6mOnyVqWTSV6Z2+DVSGOvgboOhmbyyxCrym59uVnXMmPjIgQTrmniFg7PvdcN7NNFwFmcZleULso1s="));
+            BigInteger DHParraQ = new BigInteger(Base64.Decode("WSFNqEoX1MdPkrUsmkr0zt8GqkMdfA3QdDM3lliFXlNz7crOuZMfGRAgnXNPELB2fe64b2aaLgLM4zK8oXZRrQ=="));
+            BigInteger DHPubY = new BigInteger(Base64.Decode("AIki+8/zggCS2e488AsTNULI4LujdUeQQsZI949Dc9lKXZRmrPIC1h8NRoneHQEhpAe4Rhe0nhUOGZJekT5++SA="));
+            BigInteger DHPrivX = new BigInteger(Base64.Decode("Apo67noMRO5eDWo/TtpRiBmKGw7ywh25shIu0Rs03krQmWKRbDPvdygWdJ5IpW6ZbKlCTAMhSxpz03YSeSEDmw=="));
+
+
+            DHParameters dhPara = new DHParameters(DHParraP, DHParraQ);
+            DHPublicKeyParameters dhPublic = new DHPublicKeyParameters(DHPubY, dhPara);
+            DHPrivateKeyParameters dhPrivate = new DHPrivateKeyParameters(DHPrivX, dhPara);
+
+            SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(dhPublic);
+            PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(dhPrivate);
+
+            DHPublicKeyParameters testPubKey = (DHPublicKeyParameters) PublicKeyFactory.CreateKey(pubInfo);
+            DHPrivateKeyParameters testPrivKey = (DHPrivateKeyParameters) PrivateKeyFactory.CreateKey(privInfo);
+
+            Assert.IsFalse(!testPrivKey.Equals(dhPrivate), "DH: Private key to info back to key");
+            Assert.IsFalse(!testPubKey.Equals(dhPublic), "DH: Public key to info back to key");
+
+            Assert.IsTrue(true, "Diffe Helman Test worked.");
+
+        }
+
+        [Test]
+        public void TestElGamal()
+        {
+
+                BigInteger ELGamalParaG = new BigInteger(Base64.Decode("QAZPRcsH8kHVKS5065R1Xy6QtsPvDkmDZtPuq18EJkvLrCIZivE/m5puQp3/VKJrG7dKgz4NBGpONp3HT+Cn/g=="));
+                BigInteger ELGamalParaP = new BigInteger(Base64.Decode("AKXmAwgkudDLI/Yxk6wk3APn+mSjX5QSyDwpchmegSIi1ZNC0Jb+IbxjroKNhRTBKjtv4/JTXtJS6IqaZv9uKes="));
+                BigInteger ELGamalPubY = new BigInteger(Base64.Decode("AJ/gXuZuCA2X044otNkzs8FI36XuFu1L/YHg5cEmDvICTigycRN2E1DnhP+CTqxEqgEqX8rBe5tuGDlkTLwgNqM="));
+                BigInteger ELGamalPriv = new BigInteger(Base64.Decode("CqVr+K0TpuJKQnc76MjKhxrJzGr93jnuE3mTpth486Meymt8uWEVAQj1tGc9DTt14F9aV9WIT2oYYbvLJRcwow=="));
+
+
+
+                ElGamalParameters elPara = new ElGamalParameters(ELGamalParaP, ELGamalParaG);
+
+                ElGamalPrivateKeyParameters elPriv = new ElGamalPrivateKeyParameters(ELGamalPriv, elPara);
+                ElGamalPublicKeyParameters elPub = new ElGamalPublicKeyParameters(ELGamalPubY, elPara);
+
+                SubjectPublicKeyInfo subInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(elPub);
+                PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(elPriv);
+
+                ElGamalPrivateKeyParameters telPriv = (ElGamalPrivateKeyParameters)PrivateKeyFactory.CreateKey(privInfo);
+                ElGamalPublicKeyParameters telPub = (ElGamalPublicKeyParameters)PublicKeyFactory.CreateKey(subInfo);
+
+
+                             // Console.WriteLine(telPriv.Equals(elPriv));
+
+
+
+                Assert.IsTrue(telPriv.Equals(elPriv), "ELGamal Private key to into back to private key.");
+                Assert.IsTrue(telPub.Equals(elPub), "ELGamal Public key to into back to private key.");
+
+                Assert.IsTrue(true, "ELGamal Test worked.");
+
+            }
+
+        [Test]
+        public void TestRsa()
+        {
+
+            BigInteger rsaPubMod = new BigInteger(Base64.Decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt"));
+            BigInteger rsaPubExp = new BigInteger(Base64.Decode("EQ=="));
+            BigInteger rsaPrivMod = new BigInteger(Base64.Decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt"));
+            BigInteger rsaPrivDP = new BigInteger(Base64.Decode("JXzfzG5v+HtLJIZqYMUefJfFLu8DPuJGaLD6lI3cZ0babWZ/oPGoJa5iHpX4Ul/7l3s1PFsuy1GhzCdOdlfRcQ=="));
+            BigInteger rsaPrivDQ = new BigInteger(Base64.Decode("YNdJhw3cn0gBoVmMIFRZzflPDNthBiWy/dUMSRfJCxoZjSnr1gysZHK01HteV1YYNGcwPdr3j4FbOfri5c6DUQ=="));
+            BigInteger rsaPrivExp = new BigInteger(Base64.Decode("DxFAOhDajr00rBjqX+7nyZ/9sHWRCCp9WEN5wCsFiWVRPtdB+NeLcou7mWXwf1Y+8xNgmmh//fPV45G2dsyBeZbXeJwB7bzx9NMEAfedchyOwjR8PYdjK3NpTLKtZlEJ6Jkh4QihrXpZMO4fKZWUm9bid3+lmiq43FwW+Hof8/E="));
+            BigInteger rsaPrivP = new BigInteger(Base64.Decode("AJ9StyTVW+AL/1s7RBtFwZGFBgd3zctBqzzwKPda6LbtIFDznmwDCqAlIQH9X14X7UPLokCDhuAa76OnDXb1OiE="));
+            BigInteger rsaPrivQ = new BigInteger(Base64.Decode("AM3JfD79dNJ5A3beScSzPtWxx/tSLi0QHFtkuhtSizeXdkv5FSba7lVzwEOGKHmW829bRoNxThDy4ds1IihW1w0="));
+            BigInteger rsaPrivQinv = new BigInteger(Base64.Decode("Lt0g7wrsNsQxuDdB8q/rH8fSFeBXMGLtCIqfOec1j7FEIuYA/ACiRDgXkHa0WgN7nLXSjHoy630wC5Toq8vvUg=="));
+            RsaKeyParameters rsaPublic = new RsaKeyParameters(false, rsaPubMod, rsaPubExp);
+			RsaPrivateCrtKeyParameters rsaPrivate = new RsaPrivateCrtKeyParameters(rsaPrivMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv);
+
+			SubjectPublicKeyInfo subInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(rsaPublic);
+            RsaKeyParameters testResult = (RsaKeyParameters)PublicKeyFactory.CreateKey(subInfo);
+
+			// check RSA public key.
+
+            Assert.IsFalse(!testResult.Equals(rsaPublic), "RSA: test failed on public key to info and back to public key.");
+
+            PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(rsaPrivate);
+            testResult = (RsaPrivateCrtKeyParameters)PrivateKeyFactory.CreateKey(privInfo);
+
+            Assert.IsFalse(!testResult.Equals(rsaPrivate), "RSA: private key to info back to private key.");
+
+            Assert.IsTrue(true, "RSATest worked.");
+
+        }
+
+        [Test]
+        public void TestDSA()
+        {
+            BigInteger DSAParaG = new BigInteger(Base64.Decode("AL0fxOTq10OHFbCf8YldyGembqEu08EDVzxyLL29Zn/t4It661YNol1rnhPIs+cirw+yf9zeCe+KL1IbZ/qIMZM="));
+            BigInteger DSAParaP = new BigInteger(Base64.Decode("AM2b/UeQA+ovv3dL05wlDHEKJ+qhnJBsRT5OB9WuyRC830G79y0R8wuq8jyIYWCYcTn1TeqVPWqiTv6oAoiEeOs="));
+            BigInteger DSAParaQ = new BigInteger(Base64.Decode("AIlJT7mcKL6SUBMmvm24zX1EvjNx"));
+            BigInteger DSAPublicY = new BigInteger(Base64.Decode("TtWy2GuT9yGBWOHi1/EpCDa/bWJCk2+yAdr56rAcqP0eHGkMnA9s9GJD2nGU8sFjNHm55swpn6JQb8q0agrCfw=="));
+            BigInteger DsaPrivateX = new BigInteger(Base64.Decode("MMpBAxNlv7eYfxLTZ2BItJeD31A="));
+
+            DsaParameters para = new DsaParameters(DSAParaP, DSAParaQ, DSAParaG);
+            DsaPrivateKeyParameters dsaPriv = new DsaPrivateKeyParameters(DsaPrivateX, para);
+            DsaPublicKeyParameters dsaPub = new DsaPublicKeyParameters(DSAPublicY, para);
+
+            SubjectPublicKeyInfo subInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(dsaPub);
+            DsaKeyParameters testResult = (DsaKeyParameters)PublicKeyFactory.CreateKey(subInfo);
+
+            // check RSA public key.
+
+            Assert.IsFalse(!testResult.Equals(dsaPub), "DSA: test failed on public key to info and back to public key.");
+
+            PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(dsaPriv);
+            testResult = (DsaPrivateKeyParameters)PrivateKeyFactory.CreateKey(privInfo);
+
+            Assert.IsFalse(!testResult.Equals(dsaPriv), "DSA: private key to info back to private key.");
+
+            Assert.IsTrue(true, "DSATest worked.");
+
+        }
+    }
+}
diff --git a/crypto/test/src/security/test/TestParameterUtil.cs b/crypto/test/src/security/test/TestParameterUtil.cs
new file mode 100644
index 000000000..fe494212a
--- /dev/null
+++ b/crypto/test/src/security/test/TestParameterUtil.cs
@@ -0,0 +1,74 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Security.Tests
+{
+	[TestFixture]
+	public class TestParameterUtilities
+	{
+		[Test]
+		public void TestCreateKeyParameter()
+		{
+			SecureRandom random = new SecureRandom();
+
+			doTestCreateKeyParameter("AES", NistObjectIdentifiers.IdAes128Cbc,
+				128, typeof(KeyParameter), random);
+			doTestCreateKeyParameter("DES", OiwObjectIdentifiers.DesCbc,
+				64, typeof(DesParameters), random);
+			doTestCreateKeyParameter("DESEDE", PkcsObjectIdentifiers.DesEde3Cbc,
+				192, typeof(DesEdeParameters), random);
+			doTestCreateKeyParameter("RC2", PkcsObjectIdentifiers.RC2Cbc,
+				128, typeof(RC2Parameters), random);
+		}
+
+		private void doTestCreateKeyParameter(
+			string				algorithm,
+			DerObjectIdentifier	oid,
+			int					keyBits,
+			Type				expectedType,
+			SecureRandom		random)
+		{
+			int keyLength = keyBits / 8;
+			byte[] bytes = new byte[keyLength];
+			random.NextBytes(bytes);
+
+			KeyParameter key;
+
+			key = ParameterUtilities.CreateKeyParameter(algorithm, bytes);
+			checkKeyParameter(key, expectedType, bytes);
+
+			key = ParameterUtilities.CreateKeyParameter(oid, bytes);
+			checkKeyParameter(key, expectedType, bytes);
+
+			bytes = new byte[keyLength * 2];
+			random.NextBytes(bytes);
+
+			int offset = random.Next(1, keyLength);
+			byte[] expected = new byte[keyLength];
+			Array.Copy(bytes, offset, expected, 0, keyLength);
+
+			key = ParameterUtilities.CreateKeyParameter(algorithm, bytes, offset, keyLength);
+			checkKeyParameter(key, expectedType, expected);
+
+			key = ParameterUtilities.CreateKeyParameter(oid, bytes, offset, keyLength);
+			checkKeyParameter(key, expectedType, expected);
+		}
+
+		private void checkKeyParameter(
+			KeyParameter	key,
+			Type			expectedType,
+			byte[]			expectedBytes)
+		{
+			Assert.IsTrue(expectedType.IsInstanceOfType(key));
+			Assert.IsTrue(Arrays.AreEqual(expectedBytes, key.GetKey()));
+		}
+	}
+}
diff --git a/crypto/test/src/security/test/TestSignerUtil.cs b/crypto/test/src/security/test/TestSignerUtil.cs
new file mode 100644
index 000000000..c1140faf7
--- /dev/null
+++ b/crypto/test/src/security/test/TestSignerUtil.cs
@@ -0,0 +1,180 @@
+using System;
+using System.Collections;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Security.Tests
+{
+	[TestFixture]
+	public class TestSignerUtilities
+	{
+		[Test]
+		public void TestAlgorithms()
+		{
+			//
+			// RSA parameters
+			//
+			BigInteger rsaMod = new BigInteger("a7295693155b1813bb84877fb45343556e0568043de5910872a3a518cc11e23e2db74eaf4545068c4e3d258a2718fbacdcc3eafa457695b957e88fbf110aed049a992d9c430232d02f3529c67a3419935ea9b569f85b1bcd37de6b899cd62697e843130ff0529d09c97d813cb15f293751ff56f943fbdabb63971cc7f4f6d5bff1594416b1f5907bde5a84a44f9802ef29b43bda1960f948f8afb8766c1ab80d32eec88ed66d0b65aebe44a6d0b3c5e0ab051aaa1b912fbcc17b8e751ddecc5365b6db6dab0020c3057db4013a51213a5798a3aab67985b0f4d88627a54a0f3f0285fbcb4afdfeb65cb153af66825656d43238b75503231500753f4e421e3c57", 16);
+			BigInteger rsaPubExp = new BigInteger("10001", 16);
+
+			BigInteger rsaPrivExp = new BigInteger("65dad56ac7df7abb434e4cb5eeadb16093aa6da7f0033aad3815289b04757d32bfee6ade7749c8e4a323b5050a2fb9e2a99e23469e1ed4ba5bab54336af20a5bfccb8b3424cc6923db2ffca5787ed87aa87aa614cd04cedaebc8f623a2d2063017910f436dff18bb06f01758610787f8b258f0a8efd8bd7de30007c47b2a1031696c7d6523bc191d4d918927a7e0b09584ed205bd2ff4fc4382678df82353f7532b3bbb81d69e3f39070aed3fb64fce032a089e8e64955afa5213a6eb241231bd98d702fba725a9b205952fda186412d9e0d9344d2998c455ad8c2bae85ee672751466d5288304032b5b7e02f7e558c7af82c7fbf58eea0bb4ef0f001e6cd0a9", 16);
+			BigInteger rsaPrivP = new BigInteger("d4fd9ac3474fb83aaf832470643609659e511b322632b239b688f3cd2aad87527d6cf652fb9c9ca67940e84789444f2e99b0cb0cfabbd4de95396106c865f38e2fb7b82b231260a94df0e01756bf73ce0386868d9c41645560a81af2f53c18e4f7cdf3d51d80267372e6e0216afbf67f655c9450769cca494e4f6631b239ce1b", 16);
+			BigInteger rsaPrivQ = new BigInteger("c8eaa0e2a1b3a4412a702bccda93f4d150da60d736c99c7c566fdea4dd1b401cbc0d8c063daaf0b579953d36343aa18b33dbf8b9eae94452490cc905245f8f7b9e29b1a288bc66731a29e1dd1a45c9fd7f8238ff727adc49fff73991d0dc096206b9d3a08f61e7462e2b804d78cb8c5eccdb9b7fbd2ad6a8fea46c1053e1be75", 16);
+			BigInteger rsaPrivDP = new BigInteger("10edcb544421c0f9e123624d1099feeb35c72a8b34e008ac6fa6b90210a7543f293af4e5299c8c12eb464e70092805c7256e18e5823455ba0f504d36f5ccacac1b7cd5c58ff710f9c3f92646949d88fdd1e7ea5fed1081820bb9b0d2a8cd4b093fecfdb96dabd6e28c3a6f8c186dc86cddc89afd3e403e0fcf8a9e0bcb27af0b", 16);
+			BigInteger rsaPrivDQ = new BigInteger("97fc25484b5a415eaa63c03e6efa8dafe9a1c8b004d9ee6e80548fefd6f2ce44ee5cb117e77e70285798f57d137566ce8ea4503b13e0f1b5ed5ca6942537c4aa96b2a395782a4cb5b58d0936e0b0fa63b1192954d39ced176d71ef32c6f42c84e2e19f9d4dd999c2151b032b97bd22aa73fd8c5bcd15a2dca4046d5acc997021", 16);
+			BigInteger rsaPrivQinv = new BigInteger("4bb8064e1eff7e9efc3c4578fcedb59ca4aef0993a8312dfdcb1b3decf458aa6650d3d0866f143cbf0d3825e9381181170a0a1651eefcd7def786b8eb356555d9fa07c85b5f5cbdd74382f1129b5e36b4166b6cc9157923699708648212c484958351fdc9cf14f218dbe7fbf7cbd93a209a4681fe23ceb44bab67d66f45d1c9d", 16);
+
+			RsaKeyParameters rsaPublic = new RsaKeyParameters(false, rsaMod, rsaPubExp);
+			RsaPrivateCrtKeyParameters rsaPrivate = new RsaPrivateCrtKeyParameters(
+				rsaMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv);
+
+			//
+			// ECDSA parameters
+			//
+			BigInteger ECParraGX = new BigInteger(Base64.Decode("D/qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqv"));
+			BigInteger ECParraGY = new BigInteger(Base64.Decode("AhQXGxb1olGRv6s1LPRfuatMF+cx3ZTGgzSE/Q5R"));
+			BigInteger ECParraH = new BigInteger(Base64.Decode("AQ=="));
+			BigInteger ECParraN = new BigInteger(Base64.Decode("f///////////////f///nl6an12QcfvRUiaIkJ0L"));
+			BigInteger ECPubQX = new BigInteger(Base64.Decode("HWWi17Yb+Bm3PYr/DMjLOYNFhyOwX1QY7ZvqqM+l"));
+			BigInteger ECPubQY = new BigInteger(Base64.Decode("JrlJfxu3WGhqwtL/55BOs/wsUeiDFsvXcGhB8DGx"));
+			BigInteger ECPrivD = new BigInteger(Base64.Decode("GYQmd/NF1B+He1iMkWt3by2Az6Eu07t0ynJ4YCAo"));
+
+			FpCurve curve = new FpCurve(
+				new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
+				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+
+			ECDomainParameters ecDomain = new ECDomainParameters(curve,
+				new FpPoint(curve,
+					curve.FromBigInteger(ECParraGX),
+					curve.FromBigInteger(ECParraGY)),
+				ECParraN);
+
+			ECPublicKeyParameters ecPub = new ECPublicKeyParameters(
+				new FpPoint(curve,
+					curve.FromBigInteger(ECPubQX),
+					curve.FromBigInteger(ECPubQY)),
+				ecDomain);
+
+			ECPrivateKeyParameters ecPriv = new ECPrivateKeyParameters(ECPrivD, ecDomain);
+
+			//
+			// DSA parameters
+			//
+			BigInteger DSAParaG = new BigInteger(Base64.Decode("AL0fxOTq10OHFbCf8YldyGembqEu08EDVzxyLL29Zn/t4It661YNol1rnhPIs+cirw+yf9zeCe+KL1IbZ/qIMZM="));
+			BigInteger DSAParaP = new BigInteger(Base64.Decode("AM2b/UeQA+ovv3dL05wlDHEKJ+qhnJBsRT5OB9WuyRC830G79y0R8wuq8jyIYWCYcTn1TeqVPWqiTv6oAoiEeOs="));
+			BigInteger DSAParaQ = new BigInteger(Base64.Decode("AIlJT7mcKL6SUBMmvm24zX1EvjNx"));
+			BigInteger DSAPublicY = new BigInteger(Base64.Decode("TtWy2GuT9yGBWOHi1/EpCDa/bWJCk2+yAdr56rAcqP0eHGkMnA9s9GJD2nGU8sFjNHm55swpn6JQb8q0agrCfw=="));
+			BigInteger DsaPrivateX = new BigInteger(Base64.Decode("MMpBAxNlv7eYfxLTZ2BItJeD31A="));
+
+			DsaParameters para = new DsaParameters(DSAParaP, DSAParaQ, DSAParaG);
+			DsaPrivateKeyParameters dsaPriv = new DsaPrivateKeyParameters(DsaPrivateX, para);
+			DsaPublicKeyParameters dsaPub = new DsaPublicKeyParameters(DSAPublicY, para);
+
+			//
+			// ECGOST3410 parameters
+			//
+			IAsymmetricCipherKeyPairGenerator ecGostKpg = GeneratorUtilities.GetKeyPairGenerator("ECGOST3410");
+			ecGostKpg.Init(
+				new ECKeyGenerationParameters(
+					CryptoProObjectIdentifiers.GostR3410x2001CryptoProA,
+					new SecureRandom()));
+
+			AsymmetricCipherKeyPair ecGostPair = ecGostKpg.GenerateKeyPair();
+
+			//
+			// GOST3410 parameters
+			//
+			IAsymmetricCipherKeyPairGenerator gostKpg = GeneratorUtilities.GetKeyPairGenerator("GOST3410");
+			gostKpg.Init(
+				new Gost3410KeyGenerationParameters(
+					new SecureRandom(),
+					CryptoProObjectIdentifiers.GostR3410x94CryptoProA));
+
+			AsymmetricCipherKeyPair gostPair = gostKpg.GenerateKeyPair();
+
+
+
+			//
+			// signer loop
+			//
+			byte[] shortMsg = new byte[] { 1, 4, 5, 6, 8, 8, 4, 2, 1, 3 };
+			byte[] longMsg = new byte[100];
+			new SecureRandom().NextBytes(longMsg);
+
+			foreach (string algorithm in SignerUtilities.Algorithms)
+			{
+				ISigner signer = SignerUtilities.GetSigner(algorithm);
+
+				string upper = Platform.ToUpperInvariant(algorithm);
+				int withPos = upper.LastIndexOf("WITH");
+
+				string cipherName = withPos < 0
+					?	upper
+					:	upper.Substring(withPos + "WITH".Length);
+
+				ICipherParameters signParams = null, verifyParams = null;
+
+				if (cipherName == "RSA" || cipherName == "RSAANDMGF1")
+				{
+					signParams = rsaPrivate;
+					verifyParams = rsaPublic;
+				}
+				else if (cipherName == "ECDSA")
+				{
+					signParams = ecPriv;
+					verifyParams = ecPub;
+				}
+				else if (cipherName == "DSA")
+				{
+					signParams = dsaPriv;
+					verifyParams = dsaPub;
+				}
+				else if (cipherName == "ECGOST3410")
+				{
+					signParams = ecGostPair.Private;
+					verifyParams = ecGostPair.Public;
+				}
+				else if (cipherName == "GOST3410")
+				{
+					signParams = gostPair.Private;
+					verifyParams = gostPair.Public;
+				}
+				else
+				{
+					Assert.Fail("Unknown algorithm encountered: " + cipherName);
+				}
+
+				signer.Init(true, signParams);
+				foreach (byte b in shortMsg)
+				{
+					signer.Update(b);
+				}
+				signer.BlockUpdate(longMsg, 0, longMsg.Length);
+				byte[] sig = signer.GenerateSignature();
+
+				signer.Init(false, verifyParams);
+				foreach (byte b in shortMsg)
+				{
+					signer.Update(b);
+				}
+				signer.BlockUpdate(longMsg, 0, longMsg.Length);
+
+				Assert.IsTrue(signer.VerifySignature(sig), cipherName + " signer " + algorithm + " failed.");
+			}
+		}
+	}
+}
diff --git a/crypto/test/src/test/AESSICTest.cs b/crypto/test/src/test/AESSICTest.cs
new file mode 100644
index 000000000..f8de35efd
--- /dev/null
+++ b/crypto/test/src/test/AESSICTest.cs
@@ -0,0 +1,147 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	/// <remarks>
+	/// Test vectors based on NIST Special Publication 800-38A,
+	/// "Recommendation for Block Cipher Modes of Operation"
+	/// </remarks>
+	[TestFixture]
+	public class AesSicTest
+		: SimpleTest
+	{
+		private static readonly byte[][] keys =
+		{
+			Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c"),
+			Hex.Decode("8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b"),
+			Hex.Decode("603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4")
+		};
+
+		private static readonly byte[][] plain =
+		{
+			Hex.Decode("6bc1bee22e409f96e93d7e117393172a"),
+			Hex.Decode("ae2d8a571e03ac9c9eb76fac45af8e51"),
+			Hex.Decode("30c81c46a35ce411e5fbc1191a0a52ef"),
+			Hex.Decode("f69f2445df4f9b17ad2b417be66c3710")
+		};
+
+		private static readonly byte[,][] cipher =
+		{
+			{
+				Hex.Decode("874d6191b620e3261bef6864990db6ce"),
+				Hex.Decode("9806f66b7970fdff8617187bb9fffdff"),
+				Hex.Decode("5ae4df3edbd5d35e5b4f09020db03eab"),
+				Hex.Decode("1e031dda2fbe03d1792170a0f3009cee")
+			},
+			{
+				Hex.Decode("1abc932417521ca24f2b0459fe7e6e0b"),
+				Hex.Decode("090339ec0aa6faefd5ccc2c6f4ce8e94"),
+				Hex.Decode("1e36b26bd1ebc670d1bd1d665620abf7"),
+				Hex.Decode("4f78a7f6d29809585a97daec58c6b050")
+			},
+			{
+				Hex.Decode("601ec313775789a5b7a7f504bbf3d228"),
+				Hex.Decode("f443e3ca4d62b59aca84e990cacaf5c5"),
+				Hex.Decode("2b0930daa23de94ce87017ba2d84988d"),
+				Hex.Decode("dfc9c58db67aada613c2dd08457941a6")
+			}
+		};
+
+		public override string Name
+		{
+			get { return "AESSIC"; }
+		}
+
+		public override void PerformTest()
+		{
+			IBufferedCipher c = CipherUtilities.GetCipher("AES/SIC/NoPadding");
+
+			//
+			// NIST vectors
+			//
+			for (int i = 0; i != keys.Length; i++)
+			{
+				KeyParameter skey = ParameterUtilities.CreateKeyParameter("AES", keys[i]);
+				c.Init(true, new ParametersWithIV(skey, Hex.Decode("F0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF")));
+
+				for (int j = 0; j != plain.Length; j++)
+				{
+					byte[] enc = c.ProcessBytes(plain[j]);
+					if (!AreEqual(enc, cipher[i, j]))
+					{
+						Fail("AESSIC encrypt failed: key " + i + " block " + j);
+					}
+				}
+
+				c.Init(false, new ParametersWithIV(skey, Hex.Decode("F0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF")));
+
+				for (int j = 0; j != plain.Length; j++)
+				{
+					byte[] enc = c.ProcessBytes(cipher[i, j]);
+					if (!AreEqual(enc, plain[j]))
+					{
+						Fail("AESSIC decrypt failed: key " + i + " block " + j);
+					}
+				}
+			}
+
+			//
+			// check CTR also recognised.
+			//
+			c = CipherUtilities.GetCipher("AES/CTR/NoPadding");
+
+			KeyParameter sk = ParameterUtilities.CreateKeyParameter("AES", Hex.Decode("2B7E151628AED2A6ABF7158809CF4F3C"));
+
+			c.Init(true, new ParametersWithIV(sk, Hex.Decode("F0F1F2F3F4F5F6F7F8F9FAFBFCFD0001")));
+
+			byte[] crypt = c.DoFinal(Hex.Decode("00000000000000000000000000000000"));
+
+			if (!AreEqual(crypt, Hex.Decode("D23513162B02D0F72A43A2FE4A5F97AB")))
+			{
+				Fail("AESSIC failed test 2");
+			}
+
+			//
+			// check partial block processing
+			//
+			c = CipherUtilities.GetCipher("AES/CTR/NoPadding");
+
+			sk = ParameterUtilities.CreateKeyParameter("AES", Hex.Decode("2B7E151628AED2A6ABF7158809CF4F3C"));
+
+			c.Init(true, new ParametersWithIV(sk, Hex.Decode("F0F1F2F3F4F5F6F7F8F9FAFBFCFD0001")));
+
+			crypt = c.DoFinal(Hex.Decode("12345678"));
+
+			c.Init(false, new ParametersWithIV(sk, Hex.Decode("F0F1F2F3F4F5F6F7F8F9FAFBFCFD0001")));
+
+			crypt = c.DoFinal(crypt);
+
+			if (!AreEqual(crypt, Hex.Decode("12345678")))
+			{
+				Fail("AESSIC failed partial test");
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new AesSicTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/AESTest.cs b/crypto/test/src/test/AESTest.cs
new file mode 100644
index 000000000..5a1ce8046
--- /dev/null
+++ b/crypto/test/src/test/AESTest.cs
@@ -0,0 +1,363 @@
+using System;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Tests
+{
+	/// <remarks>Basic test class for the AES cipher vectors from FIPS-197</remarks>
+	[TestFixture]
+	public class AesTest
+		: BaseBlockCipherTest
+	{
+		internal static readonly string[] cipherTests =
+		{
+			"128",
+			"000102030405060708090a0b0c0d0e0f",
+			"00112233445566778899aabbccddeeff",
+			"69c4e0d86a7b0430d8cdb78070b4c55a",
+			"192",
+			"000102030405060708090a0b0c0d0e0f1011121314151617",
+			"00112233445566778899aabbccddeeff",
+			"dda97ca4864cdfe06eaf70a0ec0d7191",
+			"256",
+			"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
+			"00112233445566778899aabbccddeeff",
+			"8ea2b7ca516745bfeafc49904b496089",
+		};
+
+		public AesTest()
+			: base("AES")
+		{
+		}
+
+		[Test]
+		public void TestCiphers()
+		{
+			for (int i = 0; i != cipherTests.Length; i += 4)
+			{
+				doCipherTest(int.Parse(cipherTests[i]),
+					Hex.Decode(cipherTests[i + 1]),
+					Hex.Decode(cipherTests[i + 2]),
+					Hex.Decode(cipherTests[i + 3]));
+			}
+		}
+
+		[Test]
+		public void TestOids()
+		{
+			string[] oids = {
+				NistObjectIdentifiers.IdAes128Ecb.Id,
+				NistObjectIdentifiers.IdAes128Cbc.Id,
+				NistObjectIdentifiers.IdAes128Ofb.Id,
+				NistObjectIdentifiers.IdAes128Cfb.Id,
+				NistObjectIdentifiers.IdAes192Ecb.Id,
+				NistObjectIdentifiers.IdAes192Cbc.Id,
+				NistObjectIdentifiers.IdAes192Ofb.Id,
+				NistObjectIdentifiers.IdAes192Cfb.Id,
+				NistObjectIdentifiers.IdAes256Ecb.Id,
+				NistObjectIdentifiers.IdAes256Cbc.Id,
+				NistObjectIdentifiers.IdAes256Ofb.Id,
+				NistObjectIdentifiers.IdAes256Cfb.Id
+			};
+
+			string[] names = {
+				"AES/ECB/PKCS7Padding",
+				"AES/CBC/PKCS7Padding",
+				"AES/OFB/NoPadding",
+				"AES/CFB/NoPadding",
+				"AES/ECB/PKCS7Padding",
+				"AES/CBC/PKCS7Padding",
+				"AES/OFB/NoPadding",
+				"AES/CFB/NoPadding",
+				"AES/ECB/PKCS7Padding",
+				"AES/CBC/PKCS7Padding",
+				"AES/OFB/NoPadding",
+				"AES/CFB/NoPadding"
+			};
+
+			oidTest(oids, names, 4);
+		}
+
+		[Test]
+		public void TestWrap()
+		{
+			byte[] kek1 = Hex.Decode("000102030405060708090a0b0c0d0e0f");
+			byte[] in1 = Hex.Decode("00112233445566778899aabbccddeeff");
+			byte[] out1 = Hex.Decode("1fa68b0a8112b447aef34bd8fb5a7b829d3e862371d2cfe5");
+
+			wrapTest(1, "AESWrap", kek1, in1, out1);
+		}
+
+		[Test]
+		public void TestWrapOids()
+		{
+			string[] wrapOids =
+			{
+				NistObjectIdentifiers.IdAes128Wrap.Id,
+				NistObjectIdentifiers.IdAes192Wrap.Id,
+				NistObjectIdentifiers.IdAes256Wrap.Id
+			};
+
+			wrapOidTest(wrapOids, "AESWrap");
+		}
+
+		private void doCipherTest(
+			int		strength,
+			byte[]	keyBytes,
+			byte[]	input,
+			byte[]	output)
+		{
+			KeyParameter key = ParameterUtilities.CreateKeyParameter("AES", keyBytes);
+
+			IBufferedCipher inCipher = CipherUtilities.GetCipher("AES/ECB/NoPadding");
+			IBufferedCipher outCipher = CipherUtilities.GetCipher("AES/ECB/NoPadding");
+
+			try
+			{
+				outCipher.Init(true, key);
+			}
+			catch (Exception e)
+			{
+				Fail("AES failed initialisation - " + e, e);
+			}
+
+			try
+			{
+				inCipher.Init(false, key);
+			}
+			catch (Exception e)
+			{
+				Fail("AES failed initialisation - " + e, e);
+			}
+
+			//
+			// encryption pass
+			//
+			MemoryStream bOut = new MemoryStream();
+
+			CipherStream cOut = new CipherStream(bOut, null, outCipher);
+
+			try
+			{
+				for (int i = 0; i != input.Length / 2; i++)
+				{
+					cOut.WriteByte(input[i]);
+				}
+				cOut.Write(input, input.Length / 2, input.Length - input.Length / 2);
+				cOut.Close();
+			}
+			catch (IOException e)
+			{
+				Fail("AES failed encryption - " + e, e);
+			}
+
+			byte[] bytes = bOut.ToArray();
+
+			if (!AreEqual(bytes, output))
+			{
+				Fail("AES failed encryption - expected "
+					+ Hex.ToHexString(output) + " got "
+					+ Hex.ToHexString(bytes));
+			}
+
+			//
+			// decryption pass
+			//
+			MemoryStream bIn = new MemoryStream(bytes, false);
+
+			CipherStream cIn = new CipherStream(bIn, inCipher, null);
+
+			try
+			{
+//				DataInputStream dIn = new DataInputStream(cIn);
+				BinaryReader dIn = new BinaryReader(cIn);
+
+				bytes = new byte[input.Length];
+
+				for (int i = 0; i != input.Length / 2; i++)
+				{
+//					bytes[i] = (byte)dIn.read();
+					bytes[i] = dIn.ReadByte();
+				}
+
+				int remaining = bytes.Length - input.Length / 2;
+//				dIn.readFully(bytes, input.Length / 2, remaining);
+				byte[] extra = dIn.ReadBytes(remaining);
+				if (extra.Length < remaining)
+					throw new EndOfStreamException();
+				extra.CopyTo(bytes, input.Length / 2);
+			}
+			catch (Exception e)
+			{
+				Fail("AES failed encryption - " + e, e);
+			}
+
+			if (!AreEqual(bytes, input))
+			{
+				Fail("AES failed decryption - expected "
+					+ Hex.ToHexString(input) + " got "
+					+ Hex.ToHexString(bytes));
+			}
+		}
+
+		[Test]
+		public void TestEax()
+		{
+			byte[] K = Hex.Decode("233952DEE4D5ED5F9B9C6D6FF80FF478");
+			byte[] N = Hex.Decode("62EC67F9C3A4A407FCB2A8C49031A8B3");
+			byte[] P = Hex.Decode("68656c6c6f20776f726c642121");
+			byte[] C = Hex.Decode("2f9f76cb7659c70e4be11670a3e193ae1bc6b5762a");
+
+			KeyParameter key = ParameterUtilities.CreateKeyParameter("AES", K);
+			IBufferedCipher inCipher = CipherUtilities.GetCipher("AES/EAX/NoPadding");
+			IBufferedCipher outCipher = CipherUtilities.GetCipher("AES/EAX/NoPadding");
+
+			inCipher.Init(true, new ParametersWithIV(key, N));
+
+			byte[] enc = inCipher.DoFinal(P);
+			if (!AreEqual(enc, C))
+			{
+				Fail("ciphertext doesn't match in EAX");
+			}
+
+			outCipher.Init(false, new ParametersWithIV(key, N));
+
+			byte[] dec = outCipher.DoFinal(C);
+			if (!AreEqual(dec, P))
+			{
+				Fail("plaintext doesn't match in EAX");
+			}
+
+			try
+			{
+				inCipher = CipherUtilities.GetCipher("AES/EAX/PKCS5Padding");
+
+				Fail("bad padding missed in EAX");
+			}
+			catch (SecurityUtilityException)
+			{
+				// expected
+			}
+		}
+
+		[Test]
+		public void TestCcm()
+		{
+			byte[] K = Hex.Decode("404142434445464748494a4b4c4d4e4f");
+			byte[] N = Hex.Decode("10111213141516");
+			byte[] P = Hex.Decode("68656c6c6f20776f726c642121");
+			byte[] C = Hex.Decode("39264f148b54c456035de0a531c8344f46db12b388");
+
+			KeyParameter key = ParameterUtilities.CreateKeyParameter("AES", K);
+
+			IBufferedCipher inCipher = CipherUtilities.GetCipher("AES/CCM/NoPadding");
+			IBufferedCipher outCipher = CipherUtilities.GetCipher("AES/CCM/NoPadding");
+
+			inCipher.Init(true, new ParametersWithIV(key, N));
+
+			byte[] enc = inCipher.DoFinal(P);
+			if (!AreEqual(enc, C))
+			{
+				Fail("ciphertext doesn't match in CCM");
+			}
+
+			outCipher.Init(false, new ParametersWithIV(key, N));
+
+			byte[] dec = outCipher.DoFinal(C);
+			if (!AreEqual(dec, P))
+			{
+				Fail("plaintext doesn't match in CCM");
+			}
+
+			try
+			{
+				inCipher = CipherUtilities.GetCipher("AES/CCM/PKCS5Padding");
+
+				Fail("bad padding missed in CCM");
+			}
+			catch (SecurityUtilityException)
+			{
+				// expected
+			}
+		}
+
+		[Test]
+		public void TestGcm()
+		{
+			// Test Case 15 from McGrew/Viega
+			byte[] K = Hex.Decode(
+				  "feffe9928665731c6d6a8f9467308308"
+				+ "feffe9928665731c6d6a8f9467308308");
+			byte[] P = Hex.Decode(
+				  "d9313225f88406e5a55909c5aff5269a"
+				+ "86a7a9531534f7da2e4c303d8a318a72"
+				+ "1c3c0c95956809532fcf0e2449a6b525"
+				+ "b16aedf5aa0de657ba637b391aafd255");
+			byte[] N = Hex.Decode("cafebabefacedbaddecaf888");
+			string T = "b094dac5d93471bdec1a502270e3cc6c";
+			byte[] C = Hex.Decode(
+				  "522dc1f099567d07f47f37a32a84427d"
+				+ "643a8cdcbfe5c0c97598a2bd2555d1aa"
+				+ "8cb08e48590dbb3da7b08b1056828838"
+				+ "c5f61e6393ba7a0abcc9f662898015ad"
+				+ T);
+
+			KeyParameter key = ParameterUtilities.CreateKeyParameter("AES", K);
+			IBufferedCipher inCipher = CipherUtilities.GetCipher("AES/GCM/NoPadding");
+			IBufferedCipher outCipher = CipherUtilities.GetCipher("AES/GCM/NoPadding");
+
+			inCipher.Init(true, new ParametersWithIV(key, N));
+
+			byte[] enc = inCipher.DoFinal(P);
+			if (!AreEqual(enc, C))
+			{
+				Fail("ciphertext doesn't match in GCM");
+			}
+
+			outCipher.Init(false, new ParametersWithIV(key, N));
+
+			byte[] dec = outCipher.DoFinal(C);
+			if (!AreEqual(dec, P))
+			{
+				Fail("plaintext doesn't match in GCM");
+			}
+
+			try
+			{
+				inCipher = CipherUtilities.GetCipher("AES/GCM/PKCS5Padding");
+
+				Fail("bad padding missed in GCM");
+			}
+			catch (SecurityUtilityException)
+			{
+				// expected
+			}
+		}
+
+		public override void PerformTest()
+		{
+			TestCiphers();
+			TestWrap();
+			TestOids();
+			TestWrapOids();
+			TestEax();
+			TestCcm();
+			TestGcm();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new AesTest());
+		}
+	}
+}
diff --git a/crypto/test/src/test/AttrCertSelectorTest.cs b/crypto/test/src/test/AttrCertSelectorTest.cs
new file mode 100644
index 000000000..37c1e66d2
--- /dev/null
+++ b/crypto/test/src/test/AttrCertSelectorTest.cs
@@ -0,0 +1,214 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class AttrCertSelectorTest
+		: SimpleTest
+	{
+		private static readonly RsaPrivateCrtKeyParameters RsaPrivateKeySpec = new RsaPrivateCrtKeyParameters(
+			new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+			new BigInteger("11", 16),
+			new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
+			new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
+			new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
+			new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
+			new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
+			new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
+
+		private static readonly byte[] holderCert = Base64.Decode(
+			  "MIIGjTCCBXWgAwIBAgICAPswDQYJKoZIhvcNAQEEBQAwaTEdMBsGCSqGSIb3DQEJ"
+			+ "ARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZpcmdpbmlhIFRlY2ggQ2VydGlm"
+			+ "aWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0MQswCQYDVQQGEwJVUzAeFw0w"
+			+ "MzAxMzExMzUyMTRaFw0wNDAxMzExMzUyMTRaMIGDMRswGQYJKoZIhvcNAQkBFgxz"
+			+ "c2hhaEB2dC5lZHUxGzAZBgNVBAMTElN1bWl0IFNoYWggKHNzaGFoKTEbMBkGA1UE"
+			+ "CxMSVmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAxMQswCQYDVQQK"
+			+ "EwJ2dDELMAkGA1UEBhMCVVMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPDc"
+			+ "scgSKmsEp0VegFkuitD5j5PUkDuzLjlfaYONt2SN8WeqU4j2qtlCnsipa128cyKS"
+			+ "JzYe9duUdNxquh5BPIkMkHBw4jHoQA33tk0J/sydWdN74/AHPpPieK5GHwhU7GTG"
+			+ "rCCS1PJRxjXqse79ExAlul+gjQwHeldAC+d4A6oZAgMBAAGjggOmMIIDojAMBgNV"
+			+ "HRMBAf8EAjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAOBgNVHQ8BAf8EBAMCA/gwHQYD"
+			+ "VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBRUIoWAzlXbzBYE"
+			+ "yVTjQFWyMMKo1jCBkwYDVR0jBIGLMIGIgBTgc3Fm+TGqKDhen+oKfbl+xVbj2KFt"
+			+ "pGswaTEdMBsGCSqGSIb3DQEJARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZp"
+			+ "cmdpbmlhIFRlY2ggQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0"
+			+ "MQswCQYDVQQGEwJVU4IBADCBiwYJYIZIAYb4QgENBH4WfFZpcmdpbmlhIFRlY2gg"
+			+ "Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgZGlnaXRhbCBjZXJ0aWZpY2F0ZXMgYXJl"
+			+ "IHN1YmplY3QgdG8gcG9saWNpZXMgbG9jYXRlZCBhdCBodHRwOi8vd3d3LnBraS52"
+			+ "dC5lZHUvY2EvY3BzLy4wFwYDVR0RBBAwDoEMc3NoYWhAdnQuZWR1MBkGA1UdEgQS"
+			+ "MBCBDmlybWhlbHBAdnQuZWR1MEMGCCsGAQUFBwEBBDcwNTAzBggrBgEFBQcwAoYn"
+			+ "aHR0cDovL2JveDE3Ny5jYy52dC5lZHUvY2EvaXNzdWVycy5odG1sMEQGA1UdHwQ9"
+			+ "MDswOaA3oDWGM2h0dHA6Ly9ib3gxNzcuY2MudnQuZWR1L2h0ZG9jcy1wdWJsaWMv"
+			+ "Y3JsL2NhY3JsLmNybDBUBgNVHSAETTBLMA0GCysGAQQBtGgFAQEBMDoGCysGAQQB"
+			+ "tGgFAQEBMCswKQYIKwYBBQUHAgEWHWh0dHA6Ly93d3cucGtpLnZ0LmVkdS9jYS9j"
+			+ "cHMvMD8GCWCGSAGG+EIBBAQyFjBodHRwOi8vYm94MTc3LmNjLnZ0LmVkdS9jZ2kt"
+			+ "cHVibGljL2NoZWNrX3Jldl9jYT8wPAYJYIZIAYb4QgEDBC8WLWh0dHA6Ly9ib3gx"
+			+ "NzcuY2MudnQuZWR1L2NnaS1wdWJsaWMvY2hlY2tfcmV2PzBLBglghkgBhvhCAQcE"
+			+ "PhY8aHR0cHM6Ly9ib3gxNzcuY2MudnQuZWR1L35PcGVuQ0E4LjAxMDYzMC9jZ2kt"
+			+ "cHVibGljL3JlbmV3YWw/MCwGCWCGSAGG+EIBCAQfFh1odHRwOi8vd3d3LnBraS52"
+			+ "dC5lZHUvY2EvY3BzLzANBgkqhkiG9w0BAQQFAAOCAQEAHJ2ls9yjpZVcu5DqiE67"
+			+ "r7BfkdMnm7IOj2v8cd4EAlPp6OPBmjwDMwvKRBb/P733kLBqFNWXWKTpT008R0KB"
+			+ "8kehbx4h0UPz9vp31zhGv169+5iReQUUQSIwTGNWGLzrT8kPdvxiSAvdAJxcbRBm"
+			+ "KzDic5I8PoGe48kSCkPpT1oNmnivmcu5j1SMvlx0IS2BkFMksr0OHiAW1elSnE/N"
+			+ "RuX2k73b3FucwVxB3NRo3vgoHPCTnh9r4qItAHdxFlF+pPtbw2oHESKRfMRfOIHz"
+			+ "CLQWSIa6Tvg4NIV3RRJ0sbCObesyg08lymalQMdkXwtRn5eGE00SHWwEUjSXP2gR"
+			+ "3g==");
+
+		public override string Name
+		{
+			get { return "AttrCertSelector"; }
+		}
+
+		private IX509AttributeCertificate CreateAttrCert()
+		{
+//			CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
+//			X509Certificate iCert = (X509Certificate) fact
+//				.generateCertificate(new ByteArrayInputStream(holderCert));
+			X509Certificate iCert = new X509CertificateParser().ReadCertificate(holderCert);
+
+			//
+			// a sample key pair.
+			//
+			// RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
+			// new BigInteger(
+			// "b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7",
+			// 16), new BigInteger("11", 16));
+
+			//
+			// set up the keys
+			//
+//			KeyFactory kFact = KeyFactory.getInstance("RSA", "BC");
+//			PrivateKey privKey = kFact.generatePrivate(RsaPrivateKeySpec);
+			AsymmetricKeyParameter privKey = RsaPrivateKeySpec;
+
+			X509V2AttributeCertificateGenerator gen = new X509V2AttributeCertificateGenerator();
+
+			// the actual attributes
+			GeneralName roleName = new GeneralName(GeneralName.Rfc822Name, "DAU123456789@test.com");
+			Asn1EncodableVector roleSyntax = new Asn1EncodableVector(roleName);
+
+			// roleSyntax OID: 2.5.24.72
+			X509Attribute attributes = new X509Attribute("2.5.24.72",
+				new DerSequence(roleSyntax));
+
+			gen.AddAttribute(attributes);
+			gen.SetHolder(new AttributeCertificateHolder(PrincipalUtilities.GetSubjectX509Principal(iCert)));
+			gen.SetIssuer(new AttributeCertificateIssuer(new X509Name("cn=test")));
+			gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			gen.SetSerialNumber(BigInteger.One);
+			gen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
+
+			Target targetName = new Target(
+				Target.Choice.Name,
+				new GeneralName(GeneralName.DnsName, "www.test.com"));
+
+			Target targetGroup = new Target(
+				Target.Choice.Group,
+				new GeneralName(GeneralName.DirectoryName, "o=Test, ou=Test"));
+
+			Target[] targets = new Target[]{ targetName, targetGroup };
+
+			TargetInformation targetInformation = new TargetInformation(targets);
+			gen.AddExtension(X509Extensions.TargetInformation.Id, true, targetInformation);
+
+			return gen.Generate(privKey);
+		}
+
+		[Test]
+		public void TestSelector()
+		{
+			IX509AttributeCertificate aCert = CreateAttrCert();
+			X509AttrCertStoreSelector sel = new X509AttrCertStoreSelector();
+			sel.AttributeCert = aCert;
+			bool match = sel.Match(aCert);
+			if (!match)
+			{
+				Fail("Selector does not match attribute certificate.");
+			}
+			sel.AttributeCert = null;
+			match = sel.Match(aCert);
+			if (!match)
+			{
+				Fail("Selector does not match attribute certificate.");
+			}
+			sel.Holder = aCert.Holder;
+			match = sel.Match(aCert);
+			if (!match)
+			{
+				Fail("Selector does not match attribute certificate holder.");
+			}
+			sel.Holder = null;
+			sel.Issuer = aCert.Issuer;
+			match = sel.Match(aCert);
+			if (!match)
+			{
+				Fail("Selector does not match attribute certificate issuer.");
+			}
+			sel.Issuer = null;
+
+//			CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
+//			X509Certificate iCert = (X509Certificate) fact.generateCertificate(
+//				new ByteArrayInputStream(holderCert));
+			X509Certificate iCert = new X509CertificateParser().ReadCertificate(holderCert);
+			match = aCert.Holder.Match(iCert);
+			if (!match)
+			{
+				Fail("Issuer holder does not match signing certificate of attribute certificate.");
+			}
+
+			sel.SerialNumber = aCert.SerialNumber;
+			match = sel.Match(aCert);
+			if (!match)
+			{
+				Fail("Selector does not match attribute certificate serial number.");
+			}
+
+			sel.AttributeCertificateValid = new DateTimeObject(DateTime.UtcNow);
+			match = sel.Match(aCert);
+			if (!match)
+			{
+				Fail("Selector does not match attribute certificate time.");
+			}
+
+			sel.AddTargetName(new GeneralName(2, "www.test.com"));
+			match = sel.Match(aCert);
+			if (!match)
+			{
+				Fail("Selector does not match attribute certificate target name.");
+			}
+			sel.SetTargetNames(null);
+			sel.AddTargetGroup(new GeneralName(4, "o=Test, ou=Test"));
+			match = sel.Match(aCert);
+			if (!match)
+			{
+				Fail("Selector does not match attribute certificate target group.");
+			}
+			sel.SetTargetGroups(null);
+		}
+
+		public override void PerformTest()
+		{
+			TestSelector();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new AttrCertSelectorTest());
+		}
+	}
+}
diff --git a/crypto/test/src/test/AttrCertTest.cs b/crypto/test/src/test/AttrCertTest.cs
new file mode 100644
index 000000000..d701d007e
--- /dev/null
+++ b/crypto/test/src/test/AttrCertTest.cs
@@ -0,0 +1,621 @@
+using System;
+using System.Collections;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Extension;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class AttrCertTest
+		: SimpleTest
+	{
+		private static readonly RsaPrivateCrtKeyParameters RSA_PRIVATE_KEY_SPEC = new RsaPrivateCrtKeyParameters(
+			new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+			new BigInteger("11", 16),
+			new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
+			new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
+			new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
+			new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
+			new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
+			new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
+
+		internal static readonly byte[] attrCert = Base64.Decode(
+			"MIIHQDCCBqkCAQEwgZChgY2kgYowgYcxHDAaBgkqhkiG9w0BCQEWDW1sb3JjaEB2"
+			+ "dC5lZHUxHjAcBgNVBAMTFU1hcmt1cyBMb3JjaCAobWxvcmNoKTEbMBkGA1UECxMS"
+			+ "VmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAyMQswCQYDVQQKEwJ2"
+			+ "dDELMAkGA1UEBhMCVVMwgYmkgYYwgYMxGzAZBgkqhkiG9w0BCQEWDHNzaGFoQHZ0"
+			+ "LmVkdTEbMBkGA1UEAxMSU3VtaXQgU2hhaCAoc3NoYWgpMRswGQYDVQQLExJWaXJn"
+			+ "aW5pYSBUZWNoIFVzZXIxEDAOBgNVBAsTB0NsYXNzIDExCzAJBgNVBAoTAnZ0MQsw"
+			+ "CQYDVQQGEwJVUzANBgkqhkiG9w0BAQQFAAIBBTAiGA8yMDAzMDcxODE2MDgwMloY"
+			+ "DzIwMDMwNzI1MTYwODAyWjCCBU0wggVJBgorBgEEAbRoCAEBMYIFORaCBTU8UnVs"
+			+ "ZSBSdWxlSWQ9IkZpbGUtUHJpdmlsZWdlLVJ1bGUiIEVmZmVjdD0iUGVybWl0Ij4K"
+			+ "IDxUYXJnZXQ+CiAgPFN1YmplY3RzPgogICA8U3ViamVjdD4KICAgIDxTdWJqZWN0"
+			+ "TWF0Y2ggTWF0Y2hJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5j"
+			+ "dGlvbjpzdHJpbmctZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlw"
+			+ "ZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjc3RyaW5nIj4KICAg"
+			+ "ICAgIENOPU1hcmt1cyBMb3JjaDwvQXR0cmlidXRlVmFsdWU+CiAgICAgPFN1Ympl"
+			+ "Y3RBdHRyaWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFt"
+			+ "ZXM6dGM6eGFjbWw6MS4wOnN1YmplY3Q6c3ViamVjdC1pZCIgRGF0YVR5cGU9Imh0"
+			+ "dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hI3N0cmluZyIgLz4gCiAgICA8"
+			+ "L1N1YmplY3RNYXRjaD4KICAgPC9TdWJqZWN0PgogIDwvU3ViamVjdHM+CiAgPFJl"
+			+ "c291cmNlcz4KICAgPFJlc291cmNlPgogICAgPFJlc291cmNlTWF0Y2ggTWF0Y2hJ"
+			+ "ZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5jdGlvbjpzdHJpbmct"
+			+ "ZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlwZT0iaHR0cDovL3d3"
+			+ "dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIj4KICAgICAgaHR0cDovL3p1"
+			+ "bmkuY3MudnQuZWR1PC9BdHRyaWJ1dGVWYWx1ZT4KICAgICA8UmVzb3VyY2VBdHRy"
+			+ "aWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6"
+			+ "eGFjbWw6MS4wOnJlc291cmNlOnJlc291cmNlLWlkIiBEYXRhVHlwZT0iaHR0cDov"
+			+ "L3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIiAvPiAKICAgIDwvUmVz"
+			+ "b3VyY2VNYXRjaD4KICAgPC9SZXNvdXJjZT4KICA8L1Jlc291cmNlcz4KICA8QWN0"
+			+ "aW9ucz4KICAgPEFjdGlvbj4KICAgIDxBY3Rpb25NYXRjaCBNYXRjaElkPSJ1cm46"
+			+ "b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmZ1bmN0aW9uOnN0cmluZy1lcXVhbCI+"
+			+ "CiAgICAgPEF0dHJpYnV0ZVZhbHVlIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9y"
+			+ "Zy8yMDAxL1hNTFNjaGVtYSNzdHJpbmciPgpEZWxlZ2F0ZSBBY2Nlc3MgICAgIDwv"
+			+ "QXR0cmlidXRlVmFsdWU+CgkgIDxBY3Rpb25BdHRyaWJ1dGVEZXNpZ25hdG9yIEF0"
+			+ "dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmFjdGlvbjph"
+			+ "Y3Rpb24taWQiIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNj"
+			+ "aGVtYSNzdHJpbmciIC8+IAogICAgPC9BY3Rpb25NYXRjaD4KICAgPC9BY3Rpb24+"
+			+ "CiAgPC9BY3Rpb25zPgogPC9UYXJnZXQ+CjwvUnVsZT4KMA0GCSqGSIb3DQEBBAUA"
+			+ "A4GBAGiJSM48XsY90HlYxGmGVSmNR6ZW2As+bot3KAfiCIkUIOAqhcphBS23egTr"
+			+ "6asYwy151HshbPNYz+Cgeqs45KkVzh7bL/0e1r8sDVIaaGIkjHK3CqBABnfSayr3"
+			+ "Rd1yBoDdEv8Qb+3eEPH6ab9021AsLEnJ6LWTmybbOpMNZ3tv");
+
+		internal static readonly byte[] signCert = Base64.Decode(
+			"MIIGjTCCBXWgAwIBAgICAPswDQYJKoZIhvcNAQEEBQAwaTEdMBsGCSqGSIb3DQEJ"
+			+ "ARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZpcmdpbmlhIFRlY2ggQ2VydGlm"
+			+ "aWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0MQswCQYDVQQGEwJVUzAeFw0w"
+			+ "MzAxMzExMzUyMTRaFw0wNDAxMzExMzUyMTRaMIGDMRswGQYJKoZIhvcNAQkBFgxz"
+			+ "c2hhaEB2dC5lZHUxGzAZBgNVBAMTElN1bWl0IFNoYWggKHNzaGFoKTEbMBkGA1UE"
+			+ "CxMSVmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAxMQswCQYDVQQK"
+			+ "EwJ2dDELMAkGA1UEBhMCVVMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPDc"
+			+ "scgSKmsEp0VegFkuitD5j5PUkDuzLjlfaYONt2SN8WeqU4j2qtlCnsipa128cyKS"
+			+ "JzYe9duUdNxquh5BPIkMkHBw4jHoQA33tk0J/sydWdN74/AHPpPieK5GHwhU7GTG"
+			+ "rCCS1PJRxjXqse79ExAlul+gjQwHeldAC+d4A6oZAgMBAAGjggOmMIIDojAMBgNV"
+			+ "HRMBAf8EAjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAOBgNVHQ8BAf8EBAMCA/gwHQYD"
+			+ "VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBRUIoWAzlXbzBYE"
+			+ "yVTjQFWyMMKo1jCBkwYDVR0jBIGLMIGIgBTgc3Fm+TGqKDhen+oKfbl+xVbj2KFt"
+			+ "pGswaTEdMBsGCSqGSIb3DQEJARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZp"
+			+ "cmdpbmlhIFRlY2ggQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0"
+			+ "MQswCQYDVQQGEwJVU4IBADCBiwYJYIZIAYb4QgENBH4WfFZpcmdpbmlhIFRlY2gg"
+			+ "Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgZGlnaXRhbCBjZXJ0aWZpY2F0ZXMgYXJl"
+			+ "IHN1YmplY3QgdG8gcG9saWNpZXMgbG9jYXRlZCBhdCBodHRwOi8vd3d3LnBraS52"
+			+ "dC5lZHUvY2EvY3BzLy4wFwYDVR0RBBAwDoEMc3NoYWhAdnQuZWR1MBkGA1UdEgQS"
+			+ "MBCBDmlybWhlbHBAdnQuZWR1MEMGCCsGAQUFBwEBBDcwNTAzBggrBgEFBQcwAoYn"
+			+ "aHR0cDovL2JveDE3Ny5jYy52dC5lZHUvY2EvaXNzdWVycy5odG1sMEQGA1UdHwQ9"
+			+ "MDswOaA3oDWGM2h0dHA6Ly9ib3gxNzcuY2MudnQuZWR1L2h0ZG9jcy1wdWJsaWMv"
+			+ "Y3JsL2NhY3JsLmNybDBUBgNVHSAETTBLMA0GCysGAQQBtGgFAQEBMDoGCysGAQQB"
+			+ "tGgFAQEBMCswKQYIKwYBBQUHAgEWHWh0dHA6Ly93d3cucGtpLnZ0LmVkdS9jYS9j"
+			+ "cHMvMD8GCWCGSAGG+EIBBAQyFjBodHRwOi8vYm94MTc3LmNjLnZ0LmVkdS9jZ2kt"
+			+ "cHVibGljL2NoZWNrX3Jldl9jYT8wPAYJYIZIAYb4QgEDBC8WLWh0dHA6Ly9ib3gx"
+			+ "NzcuY2MudnQuZWR1L2NnaS1wdWJsaWMvY2hlY2tfcmV2PzBLBglghkgBhvhCAQcE"
+			+ "PhY8aHR0cHM6Ly9ib3gxNzcuY2MudnQuZWR1L35PcGVuQ0E4LjAxMDYzMC9jZ2kt"
+			+ "cHVibGljL3JlbmV3YWw/MCwGCWCGSAGG+EIBCAQfFh1odHRwOi8vd3d3LnBraS52"
+			+ "dC5lZHUvY2EvY3BzLzANBgkqhkiG9w0BAQQFAAOCAQEAHJ2ls9yjpZVcu5DqiE67"
+			+ "r7BfkdMnm7IOj2v8cd4EAlPp6OPBmjwDMwvKRBb/P733kLBqFNWXWKTpT008R0KB"
+			+ "8kehbx4h0UPz9vp31zhGv169+5iReQUUQSIwTGNWGLzrT8kPdvxiSAvdAJxcbRBm"
+			+ "KzDic5I8PoGe48kSCkPpT1oNmnivmcu5j1SMvlx0IS2BkFMksr0OHiAW1elSnE/N"
+			+ "RuX2k73b3FucwVxB3NRo3vgoHPCTnh9r4qItAHdxFlF+pPtbw2oHESKRfMRfOIHz"
+			+ "CLQWSIa6Tvg4NIV3RRJ0sbCObesyg08lymalQMdkXwtRn5eGE00SHWwEUjSXP2gR"
+			+ "3g==");
+
+		internal static readonly byte[] certWithBaseCertificateID = Base64.Decode(
+			"MIIBqzCCARQCAQEwSKBGMD6kPDA6MQswCQYDVQQGEwJJVDEOMAwGA1UEChMFVU5JVE4xDDAKBgNV"
+			+ "BAsTA0RJVDENMAsGA1UEAxMEcm9vdAIEAVMVjqB6MHikdjB0MQswCQYDVQQGEwJBVTEoMCYGA1UE"
+			+ "ChMfVGhlIExlZ2lvbiBvZiB0aGUgQm91bmN5IENhc3RsZTEjMCEGA1UECxMaQm91bmN5IFByaW1h"
+			+ "cnkgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUJvdW5jeSBDYXN0bGUwDQYJKoZIhvcNAQEFBQACBQKW"
+			+ "RhnHMCIYDzIwMDUxMjEyMTIwMDQyWhgPMjAwNTEyMTkxMjAxMzJaMA8wDQYDVRhIMQaBBGVWSVAw"
+			+ "DQYJKoZIhvcNAQEFBQADgYEAUAVin9StDaA+InxtXq/av6rUQLI9p1X6louBcj4kYJnxRvTrHpsr"
+			+ "N3+i9Uq/uk5lRdAqmPFvcmSbuE3TRAsjrXON5uFiBBKZ1AouLqcr8nHbwcdwjJ9TyUNO9I4hfpSH"
+			+ "UHHXMtBKgp4MOkhhX8xTGyWg3hp23d3GaUeg/IYlXBI=");
+
+		internal static readonly byte[] holderCertWithBaseCertificateID = Base64.Decode(
+			"MIIBwDCCASmgAwIBAgIEAVMVjjANBgkqhkiG9w0BAQUFADA6MQswCQYDVQQGEwJJVDEOMAwGA1UE"
+			+ "ChMFVU5JVE4xDDAKBgNVBAsTA0RJVDENMAsGA1UEAxMEcm9vdDAeFw0wNTExMTExMjAxMzJaFw0w"
+			+ "NjA2MTYxMjAxMzJaMD4xCzAJBgNVBAYTAklUMQ4wDAYDVQQKEwVVTklUTjEMMAoGA1UECxMDRElU"
+			+ "MREwDwYDVQQDEwhMdWNhQm9yejBaMA0GCSqGSIb3DQEBAQUAA0kAMEYCQQC0p+RhcFdPFqlwgrIr"
+			+ "5YtqKmKXmEGb4ShypL26Ymz66ZAPdqv7EhOdzl3lZWT6srZUMWWgQMYGiHQg4z2R7X7XAgERoxUw"
+			+ "EzARBglghkgBhvhCAQEEBAMCBDAwDQYJKoZIhvcNAQEFBQADgYEAsX50VPQQCWmHvPq9y9DeCpmS"
+			+ "4szcpFAhpZyn6gYRwY9CRZVtmZKH8713XhkGDWcIEMcG0u3oTz3tdKgPU5uyIPrDEWr6w8ClUj4x"
+			+ "5aVz5c2223+dVY7KES//JSB2bE/KCIchN3kAioQ4K8O3e0OL6oDVjsqKGw5bfahgKuSIk/Q=");
+
+
+		public override string Name
+		{
+			get { return "AttrCertTest"; }
+		}
+
+		private void doTestCertWithBaseCertificateID()
+		{
+			IX509AttributeCertificate attrCert = new X509V2AttributeCertificate(certWithBaseCertificateID);
+			X509CertificateParser fact = new X509CertificateParser();
+			X509Certificate cert = fact.ReadCertificate(holderCertWithBaseCertificateID);
+
+			AttributeCertificateHolder holder = attrCert.Holder;
+
+			if (holder.GetEntityNames() != null)
+			{
+				Fail("entity names set when none expected");
+			}
+
+			if (!holder.SerialNumber.Equals(cert.SerialNumber))
+			{
+				Fail("holder serial number doesn't Match");
+			}
+
+			if (!holder.GetIssuer()[0].Equivalent(cert.IssuerDN))
+			{
+				Fail("holder issuer doesn't Match");
+			}
+
+			if (!holder.Match(cert))
+			{
+				Fail("holder not matching holder certificate");
+			}
+
+			if (!holder.Equals(holder.Clone()))
+			{
+				Fail("holder clone test failed");
+			}
+
+			if (!attrCert.Issuer.Equals(attrCert.Issuer.Clone()))
+			{
+				Fail("issuer clone test failed");
+			}
+
+			equalityAndHashCodeTest(attrCert, certWithBaseCertificateID);
+		}
+
+		private void equalityAndHashCodeTest(
+			IX509AttributeCertificate	attrCert,
+			byte[]						encoding)
+		{
+			if (!attrCert.Equals(attrCert))
+			{
+				Fail("same certificate not equal");
+			}
+
+			if (!attrCert.Holder.Equals(attrCert.Holder))
+			{
+				Fail("same holder not equal");
+			}
+
+			if (!attrCert.Issuer.Equals(attrCert.Issuer))
+			{
+				Fail("same issuer not equal");
+			}
+
+			if (attrCert.Holder.Equals(attrCert.Issuer))
+			{
+				Fail("wrong holder equal");
+			}
+
+			if (attrCert.Issuer.Equals(attrCert.Holder))
+			{
+				Fail("wrong issuer equal");
+			}
+
+			IX509AttributeCertificate attrCert2 = new X509V2AttributeCertificate(encoding);
+
+			if (attrCert2.Holder.GetHashCode() != attrCert.Holder.GetHashCode())
+			{
+				Fail("holder hashCode test failed");
+			}
+
+			if (!attrCert2.Holder.Equals(attrCert.Holder))
+			{
+				Fail("holder Equals test failed");
+			}
+
+			if (attrCert2.Issuer.GetHashCode() != attrCert.Issuer.GetHashCode())
+			{
+				Fail("issuer hashCode test failed");
+			}
+
+			if (!attrCert2.Issuer.Equals(attrCert.Issuer))
+			{
+				Fail("issuer Equals test failed");
+			}
+		}
+
+		private void doTestGenerateWithCert()
+		{
+			X509CertificateParser fact = new X509CertificateParser();
+			X509Certificate iCert = fact.ReadCertificate(signCert);
+
+			//
+			// a sample key pair.
+			//
+			RsaKeyParameters pubKey = new RsaKeyParameters(
+				false,
+				new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+				new BigInteger("11", 16));
+
+			//
+			// set up the keys
+			//
+//			PrivateKey privKey;
+//			PublicKey pubKey;
+//
+//			KeyFactory  kFact = KeyFactory.getInstance("RSA");
+//
+//			privKey = kFact.generatePrivate(RSA_PRIVATE_KEY_SPEC);
+//			pubKey = kFact.generatePublic(pubKeySpec);
+			AsymmetricKeyParameter privKey = RSA_PRIVATE_KEY_SPEC;
+
+			X509V2AttributeCertificateGenerator gen = new X509V2AttributeCertificateGenerator();
+
+			// the actual attributes
+			GeneralName roleName = new GeneralName(GeneralName.Rfc822Name, "DAU123456789");
+
+			// roleSyntax OID: 2.5.24.72
+			X509Attribute attributes = new X509Attribute("2.5.24.72",
+				new DerSequence(roleName));
+
+			gen.AddAttribute(attributes);
+			gen.SetHolder(new AttributeCertificateHolder(iCert));
+			gen.SetIssuer(new AttributeCertificateIssuer(new X509Name("cn=test")));
+			gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			gen.SetSerialNumber(BigInteger.One);
+			gen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
+
+			IX509AttributeCertificate aCert = gen.Generate(privKey);
+
+			aCert.CheckValidity();
+
+			aCert.Verify(pubKey);
+
+			AttributeCertificateHolder holder = aCert.Holder;
+
+			if (holder.GetEntityNames() != null)
+			{
+				Fail("entity names set when none expected");
+			}
+
+			if (!holder.SerialNumber.Equals(iCert.SerialNumber))
+			{
+				Fail("holder serial number doesn't Match");
+			}
+
+			if (!holder.GetIssuer()[0].Equivalent(iCert.IssuerDN))
+			{
+				Fail("holder issuer doesn't Match");
+			}
+
+			if (!holder.Match(iCert))
+			{
+				Fail("generated holder not matching holder certificate");
+			}
+
+			X509Attribute[] attrs = aCert.GetAttributes("2.5.24.72");
+
+			if (attrs == null)
+			{
+				Fail("attributes related to 2.5.24.72 not found");
+			}
+
+			X509Attribute attr = attrs[0];
+
+			if (!attr.Oid.Equals("2.5.24.72"))
+			{
+				Fail("attribute oid mismatch");
+			}
+
+			Asn1Encodable[] values = attr.GetValues();
+
+			GeneralName role = GeneralNames.GetInstance(values[0]).GetNames()[0];
+
+			if (role.TagNo != GeneralName.Rfc822Name)
+			{
+				Fail("wrong general name type found in role");
+			}
+
+			if (!((IAsn1String)role.Name).GetString().Equals("DAU123456789"))
+			{
+				Fail("wrong general name value found in role");
+			}
+
+			X509Certificate sCert = fact.ReadCertificate(holderCertWithBaseCertificateID);
+
+			if (holder.Match(sCert))
+			{
+				Fail("generated holder matching wrong certificate");
+			}
+
+			equalityAndHashCodeTest(aCert, aCert.GetEncoded());
+		}
+
+		private void doTestGenerateWithPrincipal()
+		{
+			X509CertificateParser fact = new X509CertificateParser();
+			X509Certificate iCert = fact.ReadCertificate(signCert);
+
+			//
+			// a sample key pair.
+			//
+			RsaKeyParameters pubKey = new RsaKeyParameters(
+				false,
+				new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+				new BigInteger("11", 16));
+
+			//
+			// set up the keys
+			//
+//			PrivateKey          privKey;
+//			PublicKey           pubKey;
+//
+//			KeyFactory  kFact = KeyFactory.getInstance("RSA");
+//
+//			privKey = kFact.generatePrivate(RSA_PRIVATE_KEY_SPEC);
+//			pubKey = kFact.generatePublic(pubKeySpec);
+			AsymmetricKeyParameter privKey = RSA_PRIVATE_KEY_SPEC;
+
+			X509V2AttributeCertificateGenerator gen = new X509V2AttributeCertificateGenerator();
+
+			// the actual attributes
+			GeneralName roleName = new GeneralName(GeneralName.Rfc822Name, "DAU123456789");
+
+			// roleSyntax OID: 2.5.24.72
+			X509Attribute attributes = new X509Attribute("2.5.24.72",
+				new DerSequence(roleName));
+
+			gen.AddAttribute(attributes);
+			gen.SetHolder(new AttributeCertificateHolder(iCert.SubjectDN));
+			gen.SetIssuer(new AttributeCertificateIssuer(new X509Name("cn=test")));
+			gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			gen.SetSerialNumber(BigInteger.One);
+			gen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
+
+			IX509AttributeCertificate aCert = gen.Generate(privKey);
+
+			aCert.CheckValidity();
+
+			aCert.Verify(pubKey);
+
+			AttributeCertificateHolder holder = aCert.Holder;
+
+			if (holder.GetEntityNames() == null)
+			{
+				Fail("entity names not set when expected");
+			}
+
+			if (holder.SerialNumber != null)
+			{
+				Fail("holder serial number found when none expected");
+			}
+
+			if (holder.GetIssuer() != null)
+			{
+				Fail("holder issuer found when none expected");
+			}
+
+			if (!holder.Match(iCert))
+			{
+				Fail("generated holder not matching holder certificate");
+			}
+
+			X509Certificate sCert = fact.ReadCertificate(holderCertWithBaseCertificateID);
+
+			if (holder.Match(sCert))
+			{
+				Fail("principal generated holder matching wrong certificate");
+			}
+
+			equalityAndHashCodeTest(aCert, aCert.GetEncoded());
+		}
+
+		public override void PerformTest()
+		{
+			IX509AttributeCertificate aCert = new X509V2AttributeCertificate(attrCert);
+			X509CertificateParser fact = new X509CertificateParser();
+			X509Certificate sCert = fact.ReadCertificate(signCert);
+
+			aCert.Verify(sCert.GetPublicKey());
+
+			//
+			// search test
+			//
+			IList list = new ArrayList();
+
+			list.Add(sCert);
+
+//			CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
+//			CertStore store = CertStore.getInstance("Collection", ccsp);
+			IX509Store store = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(list));
+
+			ArrayList certs = new ArrayList(
+//				store.getCertificates(aCert.getIssuer()));
+				store.GetMatches(aCert.Issuer));
+
+			if (certs.Count != 1 || !certs.Contains(sCert))
+			{
+				Fail("sCert not found by issuer");
+			}
+
+			X509Attribute[] attrs = aCert.GetAttributes("1.3.6.1.4.1.6760.8.1.1");
+			if (attrs == null || attrs.Length != 1)
+			{
+				Fail("attribute not found");
+			}
+
+			//
+			// reencode test
+			//
+			aCert = new X509V2AttributeCertificate(aCert.GetEncoded());
+
+			aCert.Verify(sCert.GetPublicKey());
+
+			IX509AttributeCertificate saCert = new X509V2AttributeCertificate(aCert.GetEncoded());
+
+			if (!aCert.NotAfter.Equals(saCert.NotAfter))
+			{
+				Fail("failed date comparison");
+			}
+
+			// base generator test
+
+			//
+			// a sample key pair.
+			//
+			RsaKeyParameters pubKey = new RsaKeyParameters(
+				false,
+				new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+				new BigInteger("11", 16));
+
+			AsymmetricKeyParameter privKey = RSA_PRIVATE_KEY_SPEC;
+
+			//
+			// set up the keys
+			//
+//			PrivateKey          privKey;
+//			PublicKey           pubKey;
+//
+//			KeyFactory  kFact = KeyFactory.getInstance("RSA");
+//
+//			privKey = kFact.generatePrivate(privKeySpec);
+//			pubKey = kFact.generatePublic(pubKeySpec);
+
+			X509V2AttributeCertificateGenerator gen = new X509V2AttributeCertificateGenerator();
+
+			gen.AddAttribute(attrs[0]);
+			gen.SetHolder(aCert.Holder);
+			gen.SetIssuer(aCert.Issuer);
+			gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			gen.SetSerialNumber(aCert.SerialNumber);
+			gen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
+
+			aCert = gen.Generate(privKey);
+
+			aCert.CheckValidity();
+
+			aCert.Verify(pubKey);
+
+			// as the issuer is the same this should still work (even though it is not
+			// technically correct
+
+			certs = new ArrayList(
+//				store.getCertificates(aCert.Issuer));
+				store.GetMatches(aCert.Issuer));
+
+			if (certs.Count != 1 || !certs.Contains(sCert))
+			{
+				Fail("sCert not found by issuer");
+			}
+
+			attrs = aCert.GetAttributes("1.3.6.1.4.1.6760.8.1.1");
+			if (attrs == null || attrs.Length != 1)
+			{
+				Fail("attribute not found");
+			}
+
+			//
+			// reencode test
+			//
+			aCert = new X509V2AttributeCertificate(aCert.GetEncoded());
+
+			aCert.Verify(pubKey);
+
+			AttributeCertificateIssuer issuer = aCert.Issuer;
+
+			X509Name[] principals = issuer.GetPrincipals();
+
+			//
+			// test holder
+			//
+			AttributeCertificateHolder holder = aCert.Holder;
+
+			if (holder.GetEntityNames() == null)
+			{
+				Fail("entity names not set");
+			}
+
+			if (holder.SerialNumber != null)
+			{
+				Fail("holder serial number set when none expected");
+			}
+
+			if (holder.GetIssuer() != null)
+			{
+				Fail("holder issuer set when none expected");
+			}
+
+			principals = holder.GetEntityNames();
+
+			string ps = principals[0].ToString();
+
+			// TODO Check that this is a good enough test
+//			if (!ps.Equals("C=US, O=vt, OU=Class 2, OU=Virginia Tech User, CN=Markus Lorch (mlorch), EMAILADDRESS=mlorch@vt.edu"))
+			if (!principals[0].Equivalent(new X509Name("C=US, O=vt, OU=Class 2, OU=Virginia Tech User, CN=Markus Lorch (mlorch), EMAILADDRESS=mlorch@vt.edu")))
+			{
+				Fail("principal[0] for entity names don't Match");
+			}
+
+			//
+			// extension test
+			//
+
+			gen.AddExtension("1.1", true, new DerOctetString(new byte[10]));
+
+			gen.AddExtension("2.2", false, new DerOctetString(new byte[20]));
+
+			aCert = gen.Generate(privKey);
+
+			ISet exts = aCert.GetCriticalExtensionOids();
+
+			if (exts.Count != 1 || !exts.Contains("1.1"))
+			{
+				Fail("critical extension test failed");
+			}
+
+			exts = aCert.GetNonCriticalExtensionOids();
+
+			if (exts.Count != 1 || !exts.Contains("2.2"))
+			{
+				Fail("non-critical extension test failed");
+			}
+
+			Asn1OctetString extString = aCert.GetExtensionValue(new DerObjectIdentifier("1.1"));
+			Asn1Encodable extValue = X509ExtensionUtilities.FromExtensionValue(extString);
+
+			if (!extValue.Equals(new DerOctetString(new byte[10])))
+			{
+				Fail("wrong extension value found for 1.1");
+			}
+
+			doTestCertWithBaseCertificateID();
+			doTestGenerateWithCert();
+			doTestGenerateWithPrincipal();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new AttrCertTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/BaseBlockCipherTest.cs b/crypto/test/src/test/BaseBlockCipherTest.cs
new file mode 100644
index 000000000..87fb01056
--- /dev/null
+++ b/crypto/test/src/test/BaseBlockCipherTest.cs
@@ -0,0 +1,146 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	public abstract class BaseBlockCipherTest
+		: SimpleTest
+	{
+		string algorithm;
+
+		internal BaseBlockCipherTest(
+			string algorithm)
+		{
+			this.algorithm = algorithm;
+		}
+
+		public override string Name
+		{
+			get { return algorithm; }
+		}
+
+		protected void oidTest(
+			string[]	oids,
+			string[]	names,
+			int			groupSize)
+		{
+			byte[] data = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16};
+
+			for (int i = 0; i != oids.Length; i++)
+			{
+				IBufferedCipher c1 = CipherUtilities.GetCipher(oids[i]);
+				IBufferedCipher c2 = CipherUtilities.GetCipher(names[i]);
+				CipherKeyGenerator kg = GeneratorUtilities.GetKeyGenerator(oids[i]);
+
+				KeyParameter k = ParameterUtilities.CreateKeyParameter(oids[i], kg.GenerateKey());
+
+				ICipherParameters cp = k;
+				if (names[i].IndexOf("/ECB/") < 0)
+				{
+					cp = new ParametersWithIV(cp, new byte[16]);
+				}
+
+				c1.Init(true, cp);
+				c2.Init(false, cp);
+
+				byte[] result = c2.DoFinal(c1.DoFinal(data));
+
+				if (!AreEqual(data, result))
+				{
+					Fail("failed OID test");
+				}
+
+				if (k.GetKey().Length != (16 + ((i / groupSize) * 8)))
+				{
+					Fail("failed key length test");
+				}
+			}
+		}
+
+		protected void wrapOidTest(
+			string[]	oids,
+			string		name)
+		{
+			byte[] data = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16};
+
+			for (int i = 0; i != oids.Length; i++)
+			{
+				IWrapper c1 = WrapperUtilities.GetWrapper(oids[i]);
+				IWrapper c2 = WrapperUtilities.GetWrapper(name);
+				CipherKeyGenerator kg = GeneratorUtilities.GetKeyGenerator(oids[i]);
+
+				KeyParameter k = ParameterUtilities.CreateKeyParameter(oids[i], kg.GenerateKey());
+
+				c1.Init(true, k);
+				c2.Init(false, k);
+
+				byte[] wrapped = c1.Wrap(data, 0, data.Length);
+				byte[] wKeyBytes = c2.Unwrap(wrapped, 0, wrapped.Length);
+
+				if (!AreEqual(data, wKeyBytes))
+				{
+					Fail("failed wrap OID test");
+				}
+
+				if (k.GetKey().Length != (16 + (i * 8)))
+				{
+					Fail("failed key length test");
+				}
+			}
+		}
+
+		protected void wrapTest(
+			int		id,
+			string	wrappingAlgorithm,
+			byte[]	kek,
+			byte[]	inBytes,
+			byte[]	outBytes)
+		{
+			IWrapper wrapper = WrapperUtilities.GetWrapper(wrappingAlgorithm);
+
+			wrapper.Init(true, ParameterUtilities.CreateKeyParameter(algorithm, kek));
+
+			try
+			{
+				byte[] cText = wrapper.Wrap(inBytes, 0, inBytes.Length);
+				if (!AreEqual(cText, outBytes))
+				{
+					Fail("failed wrap test " + id  + " expected "
+						+ Hex.ToHexString(outBytes) + " got "
+						+ Hex.ToHexString(cText));
+				}
+			}
+			catch (TestFailedException e)
+			{
+				throw e;
+			}
+			catch (Exception e)
+			{
+				Fail("failed wrap test exception " + e.ToString(), e);
+			}
+
+			wrapper.Init(false, ParameterUtilities.CreateKeyParameter(algorithm, kek));
+
+			try
+			{
+				byte[] pTextBytes = wrapper.Unwrap(outBytes, 0, outBytes.Length);
+
+				if (!AreEqual(pTextBytes, inBytes))
+				{
+					Fail("failed unwrap test " + id  + " expected "
+						+ Hex.ToHexString(inBytes) + " got "
+						+ Hex.ToHexString(pTextBytes));
+				}
+			}
+			catch (Exception e)
+			{
+				Fail("failed unwrap test exception " + e.ToString(), e);
+			}
+		}
+	}
+}
diff --git a/crypto/test/src/test/BlockCipherTest.cs b/crypto/test/src/test/BlockCipherTest.cs
new file mode 100644
index 000000000..1e7e11ac9
--- /dev/null
+++ b/crypto/test/src/test/BlockCipherTest.cs
@@ -0,0 +1,978 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+    /**
+    * basic test class for a block cipher, basically this just exercises the provider, and makes sure we
+    * are behaving sensibly, correctness of the implementation is shown in the lightweight test classes.
+    */
+    [TestFixture]
+    public class BlockCipherTest
+        : SimpleTest
+    {
+        private static readonly ISet validModes = CollectionUtilities.ReadOnly(
+            new HashSet(new string[]{ "CBC", "CCM", "CFB", "CTR", "CTS", "EAX", "ECB", "GCM", "OCB", "OFB" }));
+
+        private static readonly string[] cipherTests1 =
+        {
+            "DES",
+            "466da00648ef0e1f9617b1f002e225251a3248d09172f46b9617b1f002e225250112ecb3da61bc99",
+            "DESede",
+            "2f4bc6b30c893fa549d82c560d61cf3eb088aed020603de249d82c560d61cf3e529e95ecd8e05394",
+            "SKIPJACK",
+            "d4de46d52274dbb029f33b076043f8c40089f906751623de29f33b076043f8c4ac99b90f9396cb04",
+            "Blowfish",
+            "7870ebe7f6a52803eb9396ba6c5198216ce81d76d8d4c74beb9396ba6c5198211212473b05214e9f",
+            "Twofish",
+            "70336d9c9718a8a2ced1b19deed973a3c58af7ea71a69e7efc4df082dca581c0839e31468661bcfc57a14899ceeb0253",
+            "RC2",
+            "eb5b889bbcced12eb6b1a3da6a3d965bba66a5edfdd4c8a6b6b1a3da6a3d965b994a5b859e765797",
+            "RC5",
+            "220053543e3eca3bc9503a091ca67b08372560d8a4fdbee8c9503a091ca67b08a796d53bb8a4b7e0",
+            "RC5-64",
+            "e0b4a526ba3bc5f09199c3b1fe3737fe6d248cde70e565b0feea59ebfda375ae1946c386a48d8d8a74d7b1947ff6a788",
+            "RC6",
+            "44c97b67ca8486067f8b6c5b97632f3049e5e52c1d61fdd527dc3da39616540f19a3db39aac1ffd713795cd886cce0c0",
+            "IDEA",
+            "8c9fd56823ffdc523f6ccf7f614aa6173553e594fc7a21b53f6ccf7f614aa61740c54f7a66e95108",
+            "TEA",
+            "fcf45062104fda7c35712368b56dd4216a6ca998dc297b5435712368b56dd421208027ed2923cd0c",
+            "XTEA",
+            "4b427893d3d6aaded2afafabe25f7b233fb5589faa2b6389d2afafabe25f7b239d12979ac67e1c07",
+            "Camellia",
+            "3a68b4ad145bc2c76010669d68f2826359887afce763a78d9994143266adfaec8ba7ee562a1688ef9dfd7f897e5c44dc",
+            "SEED",
+            "d53d4ce1f48b9879420949467bfcbfbe2c6a7d4a8770bee0c71211def898d7c5024ce2007dd85accb3f69d906ae2164d",
+            "Noekeon",
+            "7e68ceb33aad9db04af6b878a16dd6c6b4f880d6c89027ba581884c10690bb6b3dbfd6ed5513e2c4f5670c3528023121",
+            "DES/CBC/NoPadding",
+            "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122a",
+            "DESede/CBC/NoPadding",
+            "4d3d7931875cf25593dc402298add8b914761e4936c9585ae22b2c1441169231",
+            "SKIPJACK/CBC/NoPadding",
+            "ceebcc2e5e2b847f9ed797b4930b95f115b9e6cf49c457fc2ea0df79ad5c8334",
+            "Blowfish/CBC/NoPadding",
+            "80823abbabc109733e7ebf3ce3344d67fc387c306b782086b452f7fbe8e844ce",
+            "Twofish/CBC/NoPadding",
+            "f819694251a00bdd403928745cd1d8a094de61f49ddf8e7692e9d81a83812943",
+            "RC2/CBC/NoPadding",
+            "a51facdb3933c9676795cd38cc3146fd4694722b468b1a979a399c77606abf99",
+            "RC5/CBC/NoPadding",
+            "9ee7517eab0280445f3a7c60c90c0f75029d65bca8b1af83ace5399d388c83c3",
+            "RC6/CBC/NoPadding",
+            "c44695633c07010f3a0d8f7ea046a642d4a96bf4e44f89fd91b46830bc95b130",
+            "IDEA/CBC/NoPadding",
+            "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d9",
+            "DES/CBC/PKCS5Padding",
+            "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122afdc70484fb9c0232",
+            "DES/CBC/ISO10126Padding",
+            "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122a980639850a2cc3e8",
+            "DES/CBC/ISO7816-4Padding",
+            "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122a1f80b9b0f1be49ac",
+            "DES/CBC/X9.23Padding",
+            "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122a980639850a2cc3e8",
+            "DESede/CBC/PKCS7Padding",
+            "4d3d7931875cf25593dc402298add8b914761e4936c9585ae22b2c1441169231a41e40695f1cff84",
+            "SKIPJACK/CBC/PKCS7Padding",
+            "ceebcc2e5e2b847f9ed797b4930b95f115b9e6cf49c457fc2ea0df79ad5c8334df7042de5db89c96",
+            "Blowfish/CBC/PKCS7Padding",
+            "80823abbabc109733e7ebf3ce3344d67fc387c306b782086b452f7fbe8e844cef986562ab1a675e8",
+            "Twofish/CBC/PKCS7Padding",
+            "f819694251a00bdd403928745cd1d8a094de61f49ddf8e7692e9d81a838129433e5f1343d6cdb0b41838619da1541f04",
+            "RC2/CBC/PKCS7Padding",
+            "a51facdb3933c9676795cd38cc3146fd4694722b468b1a979a399c77606abf9958435525f770f137",
+            "RC5/CBC/PKCS7Padding",
+            "9ee7517eab0280445f3a7c60c90c0f75029d65bca8b1af83ace5399d388c83c3edd95ff49be76651",
+            "RC5-64/CBC/PKCS7Padding",
+            "e479fd11f89dab22d2f3dd062b1d2abd5b5962553421a5c562dc7214c3b23b8e21949fda87f2f820e5f032c552c6ec78",
+            "RC6/CBC/PKCS7Padding",
+            "c44695633c07010f3a0d8f7ea046a642d4a96bf4e44f89fd91b46830bc95b130824b972c9019a69d2dd05ef2d36b37ac",
+            "IDEA/CBC/PKCS7Padding",
+            "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d9e584751325ef7c32",
+            "IDEA/CBC/ISO10126Padding",
+            "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d978b3fd73135f033b",
+            "IDEA/CBC/X9.23Padding",
+            "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d978b3fd73135f033b",
+            "AES/CBC/PKCS7Padding",
+            "cf87f4d8bb9d1abb36cdd9f44ead7d046db2f802d99e1ef0a5940f306079e08389a44c4a8cc1a47cbaee1128da55bbb7",
+            "AES/CBC/ISO7816-4Padding",
+            "cf87f4d8bb9d1abb36cdd9f44ead7d046db2f802d99e1ef0a5940f306079e08306d84876508a33efec701118d8eeaf6d",
+            "Rijndael/CBC/PKCS7Padding",
+            "cf87f4d8bb9d1abb36cdd9f44ead7d046db2f802d99e1ef0a5940f306079e08389a44c4a8cc1a47cbaee1128da55bbb7",
+            "Serpent/CBC/PKCS7Padding",
+            "f8940ca31aba8ce1e0693b1ae0b1e08daef6de03c80f019774280052f824ac44540bb8dd74dfad47f83f9c7ec268ca68",
+            "CAST5/CBC/PKCS7Padding",
+            "87b6dc0c5a1d23d42fa740b0548be0b298112000544610d889d6361994cf8e670a19d6af72d7289f",
+            "CAST6/CBC/PKCS7Padding",
+            "943445569cfdda174118e433828f84e137faee38cac5c827d87a3c9a5a46a07dd64e7ad8accd921f248eea627cd6826f",
+            "IDEA/CBC/PKCS7Padding",
+            "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d9e584751325ef7c32",
+            "DES/CBC/ZeroBytePadding",
+            "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122ad3b3f002c927f1fd",
+            "DES/CTS/NoPadding", // official style
+            "60fa2f8fae5aa2a38e9ac77d0246726bcf99f75cc6e0122aeb7511e4515feb12",
+            "DESede/CTS/NoPadding",
+            "4d3d7931875cf25593dc402298add8b9e22b2c144116923114761e4936c9585a",
+            "SKIPJACK/CTS/NoPadding",
+            "ceebcc2e5e2b847f9ed797b4930b95f12ea0df79ad5c833415b9e6cf49c457fc",
+            "Blowfish/CTS/NoPadding",
+            "80823abbabc109733e7ebf3ce3344d67b452f7fbe8e844cefc387c306b782086",
+            "Twofish/CTS/NoPadding",
+            "94de61f49ddf8e7692e9d81a83812943f819694251a00bdd403928745cd1d8a0",
+            "AES/CTS/NoPadding",
+            "6db2f802d99e1ef0a5940f306079e083cf87f4d8bb9d1abb36cdd9f44ead7d04",
+            "Rijndael/CTS/NoPadding",
+            "6db2f802d99e1ef0a5940f306079e083cf87f4d8bb9d1abb36cdd9f44ead7d04",
+            "Serpent/CTS/NoPadding",
+            "aef6de03c80f019774280052f824ac44f8940ca31aba8ce1e0693b1ae0b1e08d",
+            "CAST5/CTS/NoPadding",
+            "87b6dc0c5a1d23d42fa740b0548be0b289d6361994cf8e6798112000544610d8",
+            "CAST6/CTS/NoPadding",
+            "37faee38cac5c827d87a3c9a5a46a07d943445569cfdda174118e433828f84e1",
+            "RC2/CTS/NoPadding",
+            "a51facdb3933c9676795cd38cc3146fd9a399c77606abf994694722b468b1a97",
+            "RC5/CTS/NoPadding",
+            "9ee7517eab0280445f3a7c60c90c0f75ace5399d388c83c3029d65bca8b1af83",
+            "RC6/CTS/NoPadding",
+            "d4a96bf4e44f89fd91b46830bc95b130c44695633c07010f3a0d8f7ea046a642",
+            "IDEA/CTS/NoPadding",
+            "30cd990ebdae80fe12b6c6e4fcd1c06497351c8684e4c4d9a27d985c276b3d70",
+            "DES/CBC/WithCTS",                  // older style
+            "60fa2f8fae5aa2a38e9ac77d0246726bcf99f75cc6e0122aeb7511e4515feb12",
+            "DESede/CBC/WithCTS",
+            "4d3d7931875cf25593dc402298add8b9e22b2c144116923114761e4936c9585a",
+            "SKIPJACK/CBC/WithCTS",
+            "ceebcc2e5e2b847f9ed797b4930b95f12ea0df79ad5c833415b9e6cf49c457fc",
+            "Blowfish/CBC/WithCTS",
+            "80823abbabc109733e7ebf3ce3344d67b452f7fbe8e844cefc387c306b782086",
+            "Twofish/CBC/WithCTS",
+            "94de61f49ddf8e7692e9d81a83812943f819694251a00bdd403928745cd1d8a0",
+            "AES/CBC/WithCTS",
+            "6db2f802d99e1ef0a5940f306079e083cf87f4d8bb9d1abb36cdd9f44ead7d04",
+            "Rijndael/CBC/WithCTS",
+            "6db2f802d99e1ef0a5940f306079e083cf87f4d8bb9d1abb36cdd9f44ead7d04",
+            "Serpent/CBC/WithCTS",
+            "aef6de03c80f019774280052f824ac44f8940ca31aba8ce1e0693b1ae0b1e08d",
+            "CAST5/CBC/WithCTS",
+            "87b6dc0c5a1d23d42fa740b0548be0b289d6361994cf8e6798112000544610d8",
+            "CAST6/CBC/WithCTS",
+            "37faee38cac5c827d87a3c9a5a46a07d943445569cfdda174118e433828f84e1",
+            "RC2/CBC/WithCTS",
+            "a51facdb3933c9676795cd38cc3146fd9a399c77606abf994694722b468b1a97",
+            "RC5/CBC/WithCTS",
+            "9ee7517eab0280445f3a7c60c90c0f75ace5399d388c83c3029d65bca8b1af83",
+            "RC6/CBC/WithCTS",
+            "d4a96bf4e44f89fd91b46830bc95b130c44695633c07010f3a0d8f7ea046a642",
+            "IDEA/CBC/WithCTS",
+            "30cd990ebdae80fe12b6c6e4fcd1c06497351c8684e4c4d9a27d985c276b3d70",
+            "DES/OFB/NoPadding",
+            "537572e480c1714f5c9a4f3b874df824dc6681b1fd6c11982debcad91e3f78b7",
+            "DESede/OFB/NoPadding",
+            "481e9872acea7fcf8e29a453242da774e5f6a28f15f7723659a73e4ff4939f80",
+            "SKIPJACK/OFB/NoPadding",
+            "71143a124e3a0cde753b60fe9b200e559018b6a0fe0682659f7c13feb9df995c",
+            "Blowfish/OFB/NoPadding",
+            "6cd6f7c5d2c655556d7a9e98a1696d1875e9f1b2fc991e28a2d55b56861e80bd",
+            "Twofish/OFB/NoPadding",
+            "821c54b1b54ae113cf74595eefe10c83b61c9682fc81f92c52f39a3a693f88b8",
+            "RC2/OFB/NoPadding",
+            "0a07cb78537cb04c0c74e28a7b86b80f80acadf87d6ef32792f1a8cf74b39f74",
+            "RC5/OFB/NoPadding",
+            "c62b233df296283b918a2b4cc53a54fbf061850e781b97332ed1bd78b88d9670",
+            "IDEA/OFB/NoPadding",
+            "dd447da3cbdcf81f4053fb446596261cb00a3c49a66085485af5f7c10ba20dad",
+            "DES/OFB8/NoPadding",
+            "53cb5010d189f94cf584e5ff1c4a9d86443c45ddb6fa3c2d1a5dadfcdf01db8a",
+            "DESede/OFB8/NoPadding",
+            "482c0c1ccd0e6d218e1cffb0a295352c2357ffaa673f2257ef5c77b6c04f03b5",
+            "SKIPJACK/OFB8/NoPadding",
+            "719ea1b432b3d2c8011e5aa873f95978420022b5e2c9c1a1c1082cd1f4999da2",
+            "Blowfish/OFB8/NoPadding",
+            "6ca6078755b263f09787d830b6fda7b7748494634bdc73ab68540cf9f6b7eccf",
+            "Twofish/OFB8/NoPadding",
+            "825dcec234ad52253d6e064b0d769bc04b1142435933f4a510ffc20d70095a88",
+            "RC2/OFB8/NoPadding",
+            "0aa26c6f6a820fe7d38da97085995ad62e2e293323a76300fcd4eb572810f7c6",
+            "RC5/OFB8/NoPadding",
+            "c601a9074dbd874f4d3293f6a32d93d9f0a4f5685d8597f0102fcc96d444f976",
+            "IDEA/OFB8/NoPadding",
+            "dd7897b6ced43d060a518bb38d570308b83b4de577eb208130daabf619e9b1fb",
+            "DES/CFB/NoPadding",
+            "537572e480c1714fec3c7424f88d4202219244c5ca8f5e4361d64f08fe747bb2",
+            "DESede/CFB/NoPadding",
+            "481e9872acea7fcfb75bb58670fe64c59123265139e357d161cd4ddb5eba042a",
+            "SKIPJACK/CFB/NoPadding",
+            "71143a124e3a0cde70a69ede4ceb14376b1e6a80bafde0a6330508dfa86a7c41",
+            "Blowfish/CFB/NoPadding",
+            "6cd6f7c5d2c6555561167fe9b10665102206869339122f1ed89efa4a985397f6",
+            "Twofish/CFB/NoPadding",
+            "821c54b1b54ae113cf74595eefe10c8308b7a438277de4f40948ac2d172d53d2",
+            "RC2/CFB/NoPadding",
+            "0a07cb78537cb04ca1401450d5cd411c7da7fa5b6baaa17bb2137bd95c9f26a5",
+            "RC5/CFB/NoPadding",
+            "c62b233df296283b989352bbebf616a19e11503ac737f9e0eaf19049cde05d34",
+            "IDEA/CFB/NoPadding",
+            "dd447da3cbdcf81fcbe4661dcbed88aed899f87585118384bd0565067fa6c13a",
+            "DES/CFB8/NoPadding",
+            "53cb0cdff712a825eb283b23c31e7323aa12495e7e751428b5c4eb89b28a25d4",
+            "DESede/CFB8/NoPadding",
+            "482cd5bf87ca4cee0b573d66a077231bfea93843ce2d1f948550a1d208e18279",
+            "SKIPJACK/CFB8/NoPadding",
+            "719eef3906bef23f7b63599285437d8e34183b165acf3e855b4e160d4f036508",
+            "Blowfish/CFB8/NoPadding",
+            "6ca63aaada9188d2410c07513cc0736b9888770768c25a5befc776beea5bdc4c",
+            "Twofish/CFB8/NoPadding",
+            "825d12af040721cf5ed4a4798647837ac5eb14d752aace28728aeb37b2010abd",
+            "RC2/CFB8/NoPadding",
+            "0aa227f94be3a32ff927c5d25647ea41d7c2a1e94012fc7f2ad6767b9664bce5",
+            "RC5/CFB8/NoPadding",
+            "c601cf88725411f119965b9cd38d6c313b91128ed7c98c7604cc62d9b210be79",
+            "IDEA/CFB8/NoPadding",
+            "dd7839d2525420d10f95eec23dbaf3463302c445972a28c563c2635191bc19af",
+            // TODO Check that PGPCFB modes are obsolete for C# build
+//			"IDEA/PGPCFB/NoPadding",
+//			"dd447da3cbdcf81fcbe4661dcbed88aed899f87585118384bd0565067fa6c13a",
+//			"IDEA/PGPCFBwithIv/NoPadding",
+//			"ed5adbac0e730cc0f00df7e4f6fef672ab042673106435faf3ecf3996a72a0e127b440ba9e5313501de3",
+            "Twofish/ECB/TBCPadding",
+            "70336d9c9718a8a2ced1b19deed973a3c58af7ea71a69e7efc4df082dca581c019d7daa58d02b89aab6e8c0d17202439",
+            "RC2/ECB/TBCPadding",
+            "eb5b889bbcced12eb6b1a3da6a3d965bba66a5edfdd4c8a6b6b1a3da6a3d965b6b5359ba5e69b179"
+        };
+
+        private static readonly string[] cipherTests2 =
+        {
+            "DES/OFB64/NoPadding",
+            "537572e480c1714f5c9a4f3b874df824dc6681b1fd6c11982debcad91e",
+            "DES/CFB64/NoPadding",
+            "537572e480c1714fec3c7424f88d4202219244c5ca8f5e4361d64f08fe",
+            "DES/CTR/NoPadding",
+            "537572e480c1714fb47081d35eb18eaca9e0a5aee982f105438a0db6ce",
+            "DES/CTS/NoPadding",
+            "60fa2f8fae5aa2a38e9ac77d0246726b32df660db51a710ceb7511e451"
+        };
+
+        private static readonly byte[] input1 = Hex.Decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f");
+        private static readonly byte[] input2 = Hex.Decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c");
+
+//		static RC2ParameterSpec rc2Spec = new RC2ParameterSpec(128, Hex.decode("0123456789abcdef"));
+        private static readonly byte[] rc2IV = Hex.Decode("0123456789abcdef");
+
+//		static RC5ParameterSpec rc5Spec = new RC5ParameterSpec(16, 16, 32, Hex.decode("0123456789abcdef"));
+//		static RC5ParameterSpec rc564Spec = new RC5ParameterSpec(16, 16, 64, Hex.decode("0123456789abcdef0123456789abcdef"));
+        private static readonly byte[] rc5IV = Hex.Decode("0123456789abcdef");
+        private static readonly byte[] rc564IV = Hex.Decode("0123456789abcdef0123456789abcdef");
+        private const int rc5Rounds = 16;
+
+        /**
+        * a fake random number generator - we just want to make sure the random numbers
+        * aren't random so that we get the same output, while still getting to test the
+        * key generation facilities.
+        */
+        private class FixedSecureRandom
+            : SecureRandom
+        {
+            byte[] seed = {
+                    (byte)0xaa, (byte)0xfd, (byte)0x12, (byte)0xf6, (byte)0x59,
+                    (byte)0xca, (byte)0xe6, (byte)0x34, (byte)0x89, (byte)0xb4,
+                    (byte)0x79, (byte)0xe5, (byte)0x07, (byte)0x6d, (byte)0xde,
+                    (byte)0xc2, (byte)0xf0, (byte)0x6c, (byte)0xb5, (byte)0x8f
+            };
+
+            public override void NextBytes(
+                byte[] bytes)
+            {
+                int offset = 0;
+
+                while ((offset + seed.Length) < bytes.Length)
+                {
+                    Array.Copy(seed, 0, bytes, offset, seed.Length);
+                    offset += seed.Length;
+                }
+
+                Array.Copy(seed, 0, bytes, offset, bytes.Length- offset);
+            }
+        }
+
+        public override string Name
+        {
+            get { return "BlockCipher"; }
+        }
+
+        private int GetIVLength(
+            string algorithm)
+        {
+            string[] parts = algorithm.Split('/');
+
+            if (parts.Length < 2)
+                return 0;
+
+            string mode = parts[1];
+
+            int pos = mode.IndexOfAny(new char[]{ '0', '1', '2', '3', '4', '5', '6', '7', '8', '9' });
+            string baseMode = pos < 0 ? mode : mode.Substring(0, pos);
+
+            if (!validModes.Contains(baseMode))
+                throw new Exception("Unhandled mode: " + mode);
+
+            if (baseMode == "ECB")
+                return 0;
+
+            string baseAlgorithm = parts[0];
+            IBufferedCipher baseCipher = CipherUtilities.GetCipher(baseAlgorithm);
+            return baseCipher.GetBlockSize();
+        }
+
+        private void doTest(
+            string	algorithm,
+            byte[]	input,
+            byte[]	output)
+        {
+            KeyParameter key = null;
+            CipherKeyGenerator keyGen;
+            SecureRandom rand;
+            IBufferedCipher inCipher = null, outCipher = null;
+            byte[] iv = null;
+            CipherStream cIn, cOut;
+            MemoryStream bIn, bOut;
+
+            rand = new FixedSecureRandom();
+
+            string[] parts = Platform.ToUpperInvariant(algorithm).Split('/');
+            string baseAlgorithm = parts[0];
+            string mode = parts.Length > 1 ? parts[1] : null;
+
+#if !INCLUDE_IDEA
+            if (baseAlgorithm.Equals("IDEA"))
+            {
+                return;
+            }
+#endif
+
+            try
+            {
+                keyGen = GeneratorUtilities.GetKeyGenerator(baseAlgorithm);
+
+                // TODO Add Algorithm property to CipherKeyGenerator?
+//				if (!keyGen.getAlgorithm().Equals(baseAlgorithm))
+//				{
+//					Fail("wrong key generator returned!");
+//				}
+
+                // TODO Add new Init method to CipherKeyGenerator?
+//				keyGen.Init(rand);
+                keyGen.Init(new KeyGenerationParameters(rand, keyGen.DefaultStrength));
+
+                byte[] keyBytes = keyGen.GenerateKey();
+
+                if (algorithm.StartsWith("RC5"))
+                {
+                    key = new RC5Parameters(keyBytes, rc5Rounds);
+                }
+                else
+                {
+                    key = ParameterUtilities.CreateKeyParameter(baseAlgorithm, keyBytes);
+                }
+
+                inCipher = CipherUtilities.GetCipher(algorithm);
+                outCipher = CipherUtilities.GetCipher(algorithm);
+
+                if (!Platform.ToUpperInvariant(inCipher.AlgorithmName).StartsWith(baseAlgorithm))
+                {
+                    Fail("wrong cipher returned!");
+                }
+
+                ICipherParameters parameters = key;
+
+                int ivLength = GetIVLength(algorithm);
+
+                if (ivLength > 0)
+                {
+                    if (baseAlgorithm == "RC2")
+                    {
+                        iv = rc2IV;
+                    }
+                    else if (baseAlgorithm == "RC5")
+                    {
+                        iv = rc5IV;
+                    }
+                    else if (baseAlgorithm == "RC5-64")
+                    {
+                        iv = rc564IV;
+                    }
+                    else
+                    {
+                        // NB: rand always generates same values each test run
+                        iv = rand.GenerateSeed(ivLength);
+                    }
+
+                    parameters = new ParametersWithIV(key, iv);
+                }
+
+                // NB: 'rand' still needed e.g. for some paddings
+                parameters = new ParametersWithRandom(parameters, rand);
+
+                outCipher.Init(true, parameters);
+            }
+            catch (Exception e)
+            {
+                Fail("" + algorithm + " failed initialisation - " + e.ToString(), e);
+            }
+
+            //
+            // grab the iv if there is one
+            //
+            try
+            {
+                // The Java version set this implicitly, but we set it explicity
+                //byte[] iv = outCipher.getIV();
+
+                if (iv != null)
+                {
+                    // TODO Examine short IV handling for these FIPS-compliant modes in Java build
+                    if (mode.StartsWith("CFB")
+                        || mode.StartsWith("GOFB")
+                        || mode.StartsWith("OFB")
+                        || mode.StartsWith("OPENPGPCFB"))
+                    {
+                        // These modes automatically pad out the IV if it is short
+                    }
+                    else
+                    {
+                        try
+                        {
+                            byte[] nIv = new byte[iv.Length- 1];
+                            inCipher.Init(false, new ParametersWithIV(key, nIv));
+                            Fail("failed to pick up short IV");
+                        }
+                        //catch (InvalidAlgorithmParameterException e)
+                        catch (ArgumentException)
+                        {
+                            // ignore - this is what we want...
+                        }
+                    }
+
+                    //IvParameterSpec spec = new IvParameterSpec(iv);
+                    inCipher.Init(false, new ParametersWithIV(key, iv));
+                }
+                else
+                {
+                    inCipher.Init(false, key);
+                }
+            }
+            catch (Exception e)
+            {
+                Fail("" + algorithm + " failed initialisation - " + e.ToString());
+            }
+
+            //
+            // encryption pass
+            //
+            bOut = new MemoryStream();
+            cOut = new CipherStream(bOut, null, outCipher);
+
+            try
+            {
+                for (int i = 0; i != input.Length/ 2; i++)
+                {
+                    cOut.WriteByte(input[i]);
+                }
+                cOut.Write(input, input.Length/ 2, input.Length- input.Length/ 2);
+                cOut.Close();
+            }
+            catch (IOException e)
+            {
+                Fail("" + algorithm + " failed encryption - " + e.ToString());
+            }
+
+            byte[] bytes = bOut.ToArray();
+
+            if (!AreEqual(bytes, output))
+            {
+                Fail("" + algorithm + " failed encryption - expected "
+                    + Hex.ToHexString(output) + " got "
+                    + Hex.ToHexString(bytes));
+            }
+
+            //
+            // decryption pass
+            //
+            bIn = new MemoryStream(bytes, false);
+            cIn = new CipherStream(bIn, inCipher, null);
+
+            try
+            {
+                BinaryReader dIn = new BinaryReader(cIn);
+
+                bytes = new byte[input.Length];
+
+                for (int i = 0; i != input.Length/ 2; i++)
+                {
+                    bytes[i] = dIn.ReadByte();
+                }
+
+                int remaining = bytes.Length - input.Length / 2;
+                byte[] extra = dIn.ReadBytes(remaining);
+                if (extra.Length < remaining)
+                    throw new EndOfStreamException();
+                extra.CopyTo(bytes, input.Length / 2);
+            }
+            catch (Exception e)
+            {
+                Fail("" + algorithm + " failed decryption - " + e.ToString());
+            }
+
+            if (!AreEqual(bytes, input))
+            {
+                Fail("" + algorithm + " failed decryption - expected "
+                    + Hex.ToHexString(input) + " got "
+                    + Hex.ToHexString(bytes));
+            }
+        }
+
+        // TODO Make private again and call from PerformTest
+        public void doTestExceptions()
+        {
+            // TODO Put back in
+//			SecretKeyFactory skF = null;
+//	        
+//			try
+//			{
+//				skF = SecretKeyFactory.getInstance("DESede");
+//			}
+//			catch (Exception e)
+//			{
+//				Fail("unexpected exception.", e);
+//			}
+//	        
+//			KeySpec ks = null;
+//			SecretKey secKey = null;
+//			byte[] bb = new byte[24];
+//
+//			try
+//			{
+//				skF.getKeySpec(null, null);
+//	            
+//				Fail("failed exception test - no exception thrown");
+//			}
+//			catch (InvalidKeySpecException e)
+//			{
+//				// ignore okay
+//			}
+//			catch (Exception e)
+//			{
+//				Fail("failed exception test.", e);
+//			}
+//			try
+//			{
+//				ks = (KeySpec)new DESedeKeySpec(bb);
+//				skF.getKeySpec(null, ks.getClass());
+//	            
+//				Fail("failed exception test - no exception thrown");
+//			}
+//			catch (InvalidKeySpecException e)
+//			{
+//				// ignore okay;
+//			}
+//			catch (Exception e)
+//			{
+//				Fail("failed exception test.", e);
+//			}
+//			try
+//			{
+//				skF.getKeySpec(secKey, null);
+//			}
+//			catch (InvalidKeySpecException e)
+//			{
+//				// ignore okay
+//			}
+//			catch (Exception e)
+//			{
+//				Fail("failed exception test.", e);
+//			}
+            
+            try
+            {
+                CipherKeyGenerator kg = GeneratorUtilities.GetKeyGenerator("DESede");
+
+                try
+                {
+                    kg.Init(new KeyGenerationParameters(new SecureRandom(), int.MinValue));
+
+                    Fail("failed exception test - no exception thrown");
+                }
+//				catch (InvalidParameterException)
+                catch (ArgumentException)
+                {
+                    // ignore okay
+                }
+                catch (Exception e)
+                {
+                    Fail("failed exception test.", e);
+                }
+            }
+            catch (Exception e)
+            {
+                Fail("unexpected exception.", e);
+            }
+
+            // TODO Put back in
+//			try
+//			{
+//				skF = SecretKeyFactory.getInstance("DESede");
+//
+//				try
+//				{
+//					skF.translateKey(null);
+//	                
+//					Fail("failed exception test - no exception thrown");
+//				}
+//				catch (InvalidKeyException)
+//				{
+//					// ignore okay
+//				}
+//				catch (Exception e)
+//				{
+//					Fail("failed exception test.", e);
+//				}
+//			}
+//			catch (Exception e)
+//			{
+//				Fail("unexpected exception.", e);
+//			}
+            
+//			try
+//			{
+//				byte[] rawDESKey = { (byte)128, (byte)131, (byte)133, (byte)134,
+//						(byte)137, (byte)138, (byte)140, (byte)143 };
+//
+////				SecretKeySpec cipherKey = new SecretKeySpec(rawDESKey, "DES");
+//				KeyParameter cipherKey = new DesParameters(rawDESKey);
+//
+//				IBufferedCipher cipher = CipherUtilities.GetCipher("DES/CBC/NoPadding");
+//
+//				try
+//				{
+//					// According specification engineInit(int opmode, Key key,
+//					// SecureRandom random) throws InvalidKeyException if this
+//					// cipher is being
+//					// initialized for decryption and requires algorithm parameters
+//					// that cannot be determined from the given key
+////					cipher.Init(false, cipherKey, (SecureRandom)null);
+//					cipher.Init(false, new ParametersWithRandom(cipherKey, new SecureRandom()));
+//
+//					Fail("failed exception test - no InvalidKeyException thrown");
+//				}
+//				catch (InvalidKeyException)
+//				{
+//					// ignore
+//				}
+//			}
+//			catch (Exception e)
+//			{
+//				Fail("unexpected exception.", e);
+//			}
+
+            try
+            {
+//				byte[] rawDESKey = { -128, -125, -123, -122, -119, -118 };
+                byte[] rawDESKey = { 128, 131, 133, 134, 137, 138 };
+
+//				SecretKeySpec cipherKey = new SecretKeySpec(rawDESKey, "DES");
+
+//				IBufferedCipher cipher = CipherUtilities.GetCipher("DES/ECB/NoPadding");
+                try
+                {
+                    KeyParameter cipherKey = new DesParameters(rawDESKey);
+
+                    // According specification engineInit(int opmode, Key key,
+                    // SecureRandom random) throws InvalidKeyException if the given
+                    // key is inappropriate for initializing this cipher
+//					cipher.Init(true, cipherKey);
+
+//					Fail("failed exception test - no InvalidKeyException thrown");
+                    Fail("failed exception test - no ArgumentException thrown");
+                }
+//				catch (InvalidKeyException)
+                catch (ArgumentException)
+                {
+                    // ignore
+                }
+            }
+            catch (Exception e)
+            {
+                Fail("unexpected exception.", e);
+            }
+
+//			try
+//			{
+////				byte[] rawDESKey = { -128, -125, -123, -122, -119, -118, -117, -115, -114 };
+//				byte[] rawDESKey = { 128, 131, 133, 134, 137, 138, 139, 141, 142 };
+//
+////				SecretKeySpec cipherKey = new SecretKeySpec(rawDESKey, "DES");
+//				KeyParameter cipherKey = new DesParameters(rawDESKey);
+//
+//				IBufferedCipher cipher = CipherUtilities.GetCipher("DES/ECB/NoPadding");
+//				try
+//				{
+//					// According specification engineInit(int opmode, Key key,
+//					// SecureRandom random) throws InvalidKeyException if the given
+//					// key is inappropriate for initializing this cipher
+//					cipher.Init(true, cipherKey);
+//	                
+//					Fail("failed exception test - no InvalidKeyException thrown");
+//				}
+//				catch (InvalidKeyException)
+//				{
+//					// ignore
+//				}
+//			}
+//			catch (Exception e)
+//			{
+//				Fail("unexpected exception.", e);
+//			}
+
+
+            try
+            {
+                byte[] rawDESKey = { (byte)128, (byte)131, (byte)133, (byte)134,
+                    (byte)137, (byte)138, (byte)140, (byte)143 };
+
+//				SecretKeySpec cipherKey = new SecretKeySpec(rawDESKey, "DES");
+                KeyParameter cipherKey = new DesParameters(rawDESKey);
+
+                IBufferedCipher ecipher = CipherUtilities.GetCipher("DES/ECB/PKCS5Padding");
+                ecipher.Init(true, cipherKey);
+
+                byte[] cipherText = new byte[0];
+                try
+                {
+                    // According specification Method engineUpdate(byte[] input,
+                    // int inputOffset, int inputLen, byte[] output, int
+                    // outputOffset)
+                    // throws ShortBufferException - if the given output buffer is
+                    // too
+                    // small to hold the result
+//					ecipher.update(new byte[20], 0, 20, cipherText);
+                    ecipher.ProcessBytes(new byte[20], 0, 20, cipherText, 0);
+
+//					Fail("failed exception test - no ShortBufferException thrown");
+                    Fail("failed exception test - no DataLengthException thrown");
+                }
+//				catch (ShortBufferException)
+                catch (DataLengthException)
+                {
+                    // ignore
+                }
+            }
+            catch (Exception e)
+            {
+                Fail("unexpected exception.", e);
+            }
+
+            // TODO Put back in
+//			try
+//			{
+//				KeyGenerator keyGen = KeyGenerator.getInstance("DES");
+//
+//				keyGen.init((SecureRandom)null);
+//
+//				// According specification engineGenerateKey() doesn't throw any exceptions.
+//
+//				SecretKey key = keyGen.generateKey();
+//				if (key == null)
+//				{
+//					Fail("key is null!");
+//				}
+//			}
+//			catch (Exception e)
+//			{
+//				Fail("unexpected exception.", e);
+//			}
+//
+//			try
+//			{
+//				AlgorithmParameters algParams = AlgorithmParameters.getInstance("DES");
+//	            
+//				algParams.init(new IvParameterSpec(new byte[8]));
+//
+//				// According specification engineGetEncoded() returns
+//				// the parameters in their primary encoding format. The primary
+//				// encoding
+//				// format for parameters is ASN.1, if an ASN.1 specification for
+//				// this type
+//				// of parameters exists.
+//				byte[] iv = algParams.getEncoded();
+//	            
+//				if (iv.Length!= 10)
+//				{
+//					Fail("parameters encoding wrong length - "  + iv.Length);
+//				}
+//			}
+//			catch (Exception e)
+//			{
+//				Fail("unexpected exception.", e);
+//			}
+
+            try
+            {
+                try
+                {
+//					AlgorithmParameters algParams = AlgorithmParameters.getInstance("DES");
+
+                    byte[] encoding = new byte[10];
+                    encoding[0] = 3;
+                    encoding[1] = 8;
+
+//					algParams.init(encoding, "ASN.1");
+                    ParameterUtilities.GetCipherParameters(
+                        "AES",
+                        ParameterUtilities.CreateKeyParameter("AES", new byte[16]),
+                        Asn1Object.FromByteArray(encoding));
+
+//					Fail("failed exception test - no IOException thrown");
+                    Fail("failed exception test - no Exception thrown");
+                }
+//				catch (IOException)
+                catch (ArgumentException)
+                {
+                    // okay
+                }
+
+//				try
+//				{
+//					IBufferedCipher c = CipherUtilities.GetCipher("DES");
+//
+//					Key k = new PublicKey()
+//					{
+//
+//						public string getAlgorithm()
+//						{
+//							return "STUB";
+//						}
+//
+//						public string getFormat()
+//						{
+//							return null;
+//						}
+//
+//						public byte[] getEncoded()
+//						{
+//							return null;
+//						}
+//	                    
+//					};
+//	    
+//					c.Init(true, k);
+//	    
+//					Fail("failed exception test - no InvalidKeyException thrown for public key");
+//				}
+//				catch (InvalidKeyException e)
+//				{
+//					// okay
+//				}
+//	            
+//				try
+//				{
+//					IBufferedCipher c = CipherUtilities.GetCipher("DES");
+//	    
+//					Key k = new PrivateKey()
+//					{
+//
+//						public string getAlgorithm()
+//						{
+//							return "STUB";
+//						}
+//
+//						public string getFormat()
+//						{
+//							return null;
+//						}
+//
+//						public byte[] getEncoded()
+//						{
+//							return null;
+//						}
+//	                    
+//					};
+//	    
+//					c.Init(false, k);
+//	    
+//					Fail("failed exception test - no InvalidKeyException thrown for private key");
+//				}
+//				catch (InvalidKeyException e)
+//				{
+//					// okay
+//				}
+            }
+            catch (Exception e)
+            {
+                Fail("unexpected exception.", e);
+            }
+        }
+
+        public override void PerformTest()
+        {
+            for (int i = 0; i != cipherTests1.Length; i += 2)
+            {
+                doTest(cipherTests1[i], input1, Hex.Decode(cipherTests1[i + 1]));
+            }
+
+            for (int i = 0; i != cipherTests2.Length; i += 2)
+            {
+                doTest(cipherTests2[i], input2, Hex.Decode(cipherTests2[i + 1]));
+            }
+
+            //
+            // check for less than a block
+            //
+            try
+            {
+                IBufferedCipher c = CipherUtilities.GetCipher("AES/CTS/NoPadding");
+
+                c.Init(true, ParameterUtilities.CreateKeyParameter("AES", new byte[16]));
+
+                c.DoFinal(new byte[4]);
+
+                Fail("CTS failed to throw exception");
+            }
+            catch (Exception e)
+            {
+//				if (!(e is IllegalBlockSizeException))
+                if (!(e is DataLengthException))
+                {
+                    Fail("CTS exception test - " + e, e);
+                }
+            }
+
+            doTestExceptions();
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new BlockCipherTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/test/CMacTest.cs b/crypto/test/src/test/CMacTest.cs
new file mode 100644
index 000000000..f80caca7d
--- /dev/null
+++ b/crypto/test/src/test/CMacTest.cs
@@ -0,0 +1,276 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	/**
+	 * CMAC tester - <a href="http://www.nuee.nagoya-u.ac.jp/labs/tiwata/omac/tv/omac1-tv.txt">AES Official Test Vectors</a>.
+	 */
+	[TestFixture]
+	public class CMacTest
+		:	SimpleTest
+	{
+		private static readonly byte[] keyBytes128 = Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c");
+		private static readonly byte[] keyBytes192 = Hex.Decode(
+			  "8e73b0f7da0e6452c810f32b809079e5"
+			+ "62f8ead2522c6b7b");
+		private static readonly byte[] keyBytes256 = Hex.Decode(
+			  "603deb1015ca71be2b73aef0857d7781"
+			+ "1f352c073b6108d72d9810a30914dff4");
+		
+		private static readonly byte[] input0 = Hex.Decode("");
+		private static readonly byte[] input16 = Hex.Decode("6bc1bee22e409f96e93d7e117393172a");
+		private static readonly byte[] input40 = Hex.Decode(
+			  "6bc1bee22e409f96e93d7e117393172a"
+			+ "ae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411");
+		private static readonly byte[] input64 = Hex.Decode(
+			  "6bc1bee22e409f96e93d7e117393172a"
+			+ "ae2d8a571e03ac9c9eb76fac45af8e51"
+			+ "30c81c46a35ce411e5fbc1191a0a52ef"
+			+ "f69f2445df4f9b17ad2b417be66c3710");
+
+		private static readonly byte[] output_k128_m0 = Hex.Decode("bb1d6929e95937287fa37d129b756746");
+		private static readonly byte[] output_k128_m16 = Hex.Decode("070a16b46b4d4144f79bdd9dd04a287c");
+		private static readonly byte[] output_k128_m40 = Hex.Decode("dfa66747de9ae63030ca32611497c827");
+		private static readonly byte[] output_k128_m64 = Hex.Decode("51f0bebf7e3b9d92fc49741779363cfe");
+
+		private static readonly byte[] output_k192_m0 = Hex.Decode("d17ddf46adaacde531cac483de7a9367");
+		private static readonly byte[] output_k192_m16 = Hex.Decode("9e99a7bf31e710900662f65e617c5184");
+		private static readonly byte[] output_k192_m40 = Hex.Decode("8a1de5be2eb31aad089a82e6ee908b0e");
+		private static readonly byte[] output_k192_m64 = Hex.Decode("a1d5df0eed790f794d77589659f39a11");
+
+		private static readonly byte[] output_k256_m0 = Hex.Decode("028962f61b7bf89efc6b551f4667d983");
+		private static readonly byte[] output_k256_m16 = Hex.Decode("28a7023f452e8f82bd4bf28d8c37c35c");
+		private static readonly byte[] output_k256_m40 = Hex.Decode("aaf3d8f1de5640c232f5b169b9c911e6");
+		private static readonly byte[] output_k256_m64 = Hex.Decode("e1992190549f6ed5696a2c056c315410");
+
+		private static readonly byte[] output_des_ede = Hex.Decode("1ca670dea381d37c");
+
+		public CMacTest()
+		{
+		}
+		
+		public override void PerformTest()
+		{
+//			Mac mac = Mac.getInstance("AESCMAC", "BC");
+			IMac mac = MacUtilities.GetMac("AESCMAC");
+
+			//128 bytes key
+
+//			SecretKeySpec key = new SecretKeySpec(keyBytes128, "AES");
+			KeyParameter key = new KeyParameter(keyBytes128);
+
+			// 0 bytes message - 128 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input0, 0, input0.Length);
+
+			byte[] output = MacUtilities.DoFinal(mac);
+
+			if (!AreEqual(output, output_k128_m0))
+			{
+				Fail("Failed - expected " + Hex.ToHexString(output_k128_m0)
+					+ " got " + Hex.ToHexString(output));
+			}
+
+			// 16 bytes message - 128 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input16, 0, input16.Length);
+
+			output = MacUtilities.DoFinal(mac);
+
+			if (!AreEqual(output, output_k128_m16))
+			{
+				Fail("Failed - expected " + Hex.ToHexString(output_k128_m16)
+					+ " got " + Hex.ToHexString(output));
+			}
+
+			// 40 bytes message - 128 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input40, 0, input40.Length);
+
+			output = MacUtilities.DoFinal(mac);
+
+			if (!AreEqual(output, output_k128_m40))
+			{
+				Fail("Failed - expected " + Hex.ToHexString(output_k128_m40)
+					+ " got " + Hex.ToHexString(output));
+			}
+
+			// 64 bytes message - 128 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input64, 0, input64.Length);
+
+			output = MacUtilities.DoFinal(mac);
+
+			if (!AreEqual(output, output_k128_m64))
+			{
+				Fail("Failed - expected " + Hex.ToHexString(output_k128_m64)
+					+ " got " + Hex.ToHexString(output));
+			}
+
+			//192 bytes key
+
+//			key = new SecretKeySpec(keyBytes192, "AES");
+			key = new KeyParameter(keyBytes192);
+
+			// 0 bytes message - 192 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input0, 0, input0.Length);
+
+			output = MacUtilities.DoFinal(mac);
+
+			if (!AreEqual(output, output_k192_m0))
+			{
+				Fail("Failed - expected " + Hex.ToHexString(output_k192_m0)
+					+ " got " + Hex.ToHexString(output));
+			}
+
+			// 16 bytes message - 192 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input16, 0, input16.Length);
+
+			output = MacUtilities.DoFinal(mac);
+
+			if (!AreEqual(output, output_k192_m16))
+			{
+				Fail("Failed - expected " + Hex.ToHexString(output_k192_m16)
+					+ " got " + Hex.ToHexString(output));
+			}
+
+			// 40 bytes message - 192 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input40, 0, input40.Length);
+
+			output = MacUtilities.DoFinal(mac);
+
+			if (!AreEqual(output, output_k192_m40))
+			{
+				Fail("Failed - expected " + Hex.ToHexString(output_k192_m40)
+					+ " got " + Hex.ToHexString(output));
+			}
+
+			// 64 bytes message - 192 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input64, 0, input64.Length);
+
+			output = MacUtilities.DoFinal(mac);
+
+			if (!AreEqual(output, output_k192_m64))
+			{
+				Fail("Failed - expected " + Hex.ToHexString(output_k192_m64)
+					+ " got " + Hex.ToHexString(output));
+			}
+
+			//256 bytes key
+
+//			key = new SecretKeySpec(keyBytes256, "AES");
+			key = new KeyParameter(keyBytes256);
+
+			// 0 bytes message - 256 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input0, 0, input0.Length);
+
+			output = MacUtilities.DoFinal(mac);
+
+			if (!AreEqual(output, output_k256_m0))
+			{
+				Fail("Failed - expected " + Hex.ToHexString(output_k256_m0)
+					+ " got " + Hex.ToHexString(output));
+			}
+
+			// 16 bytes message - 256 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input16, 0, input16.Length);
+
+			output = MacUtilities.DoFinal(mac);
+
+			if (!AreEqual(output, output_k256_m16))
+			{
+				Fail("Failed - expected " + Hex.ToHexString(output_k256_m16)
+					+ " got " + Hex.ToHexString(output));
+			}
+
+			// 40 bytes message - 256 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input40, 0, input40.Length);
+
+			output = MacUtilities.DoFinal(mac);
+
+			if (!AreEqual(output, output_k256_m40))
+			{
+				Fail("Failed - expected " + Hex.ToHexString(output_k256_m40)
+					+ " got " + Hex.ToHexString(output));
+			}
+
+			// 64 bytes message - 256 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input64, 0, input64.Length);
+
+			output = MacUtilities.DoFinal(mac);
+
+			if (!AreEqual(output, output_k256_m64))
+			{
+				Fail("Failed - expected " + Hex.ToHexString(output_k256_m64)
+					+ " got " + Hex.ToHexString(output));
+			}
+
+//			mac = Mac.getInstance("DESedeCMAC", "BC");
+			mac = MacUtilities.GetMac("DESedeCMAC");
+
+			//DESede
+			
+//			key = new SecretKeySpec(keyBytes128, "DESede");
+			key = new KeyParameter(keyBytes128);
+
+			// 0 bytes message - 128 bytes key
+			mac.Init(key);
+
+			mac.BlockUpdate(input0, 0, input0.Length);
+
+			output = MacUtilities.DoFinal(mac);
+
+			if (!AreEqual(output, output_des_ede))
+			{
+				Fail("Failed - expected " + Hex.ToHexString(output_des_ede)
+					+ " got " + Hex.ToHexString(output));
+			}
+		}
+
+		public override string Name
+		{
+			get { return "CMac"; }
+		}
+
+		public static void Main(string[] args)
+		{
+			RunTest(new CMacTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/CRL5Test.cs b/crypto/test/src/test/CRL5Test.cs
new file mode 100644
index 000000000..ebd74af69
--- /dev/null
+++ b/crypto/test/src/test/CRL5Test.cs
@@ -0,0 +1,257 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class Crl5Test
+		: SimpleTest
+	{
+		private static readonly byte[] indirectCrl = Base64.Decode(
+			"MIIdXjCCHMcCAQEwDQYJKoZIhvcNAQEFBQAwdDELMAkGA1UEBhMCREUxHDAaBgNV"
+			+"BAoUE0RldXRzY2hlIFRlbGVrb20gQUcxFzAVBgNVBAsUDlQtVGVsZVNlYyBUZXN0"
+			+"MS4wDAYHAoIGAQoHFBMBMTAeBgNVBAMUF1QtVGVsZVNlYyBUZXN0IERJUiA4OlBO"
+			+"Fw0wNjA4MDQwODQ1MTRaFw0wNjA4MDQxNDQ1MTRaMIIbfzB+AgQvrj/pFw0wMzA3"
+			+"MjIwNTQxMjhaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
+			+"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
+			+"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+oXDTAzMDcyMjA1NDEyOFowZzBlBgNV"
+			+"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
+			+"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
+			+"UE4wfgIEL64/5xcNMDQwNDA1MTMxODE3WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
+			+"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
+			+"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/oFw0wNDA0"
+			+"MDUxMzE4MTdaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
+			+"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
+			+"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+UXDTAzMDExMzExMTgxMVowZzBlBgNV"
+			+"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
+			+"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
+			+"UE4wfgIEL64/5hcNMDMwMTEzMTExODExWjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
+			+"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
+			+"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/jFw0wMzAx"
+			+"MTMxMTI2NTZaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
+			+"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
+			+"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+QXDTAzMDExMzExMjY1NlowZzBlBgNV"
+			+"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
+			+"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
+			+"UE4wfgIEL64/4hcNMDQwNzEzMDc1ODM4WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
+			+"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
+			+"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/eFw0wMzAy"
+			+"MTcwNjMzMjVaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
+			+"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
+			+"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP98XDTAzMDIxNzA2MzMyNVowZzBlBgNV"
+			+"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
+			+"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
+			+"UE4wfgIEL64/0xcNMDMwMjE3MDYzMzI1WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
+			+"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
+			+"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/dFw0wMzAx"
+			+"MTMxMTI4MTRaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
+			+"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
+			+"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP9cXDTAzMDExMzExMjcwN1owZzBlBgNV"
+			+"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
+			+"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
+			+"UE4wfgIEL64/2BcNMDMwMTEzMTEyNzA3WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
+			+"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
+			+"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/VFw0wMzA0"
+			+"MzAxMjI3NTNaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
+			+"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
+			+"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP9YXDTAzMDQzMDEyMjc1M1owZzBlBgNV"
+			+"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
+			+"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
+			+"UE4wfgIEL64/xhcNMDMwMjEyMTM0NTQwWjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
+			+"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
+			+"BgEKBxQTATEwGAYDVQQDFBFUVEMgVGVzdCBDQSAxMTpQTjCBkAIEL64/xRcNMDMw"
+			+"MjEyMTM0NTQwWjB5MHcGA1UdHQEB/wRtMGukaTBnMQswCQYDVQQGEwJERTEcMBoG"
+			+"A1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEQMA4GA1UECxQHVGVsZVNlYzEoMAwG"
+			+"BwKCBgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNTpQTjB+AgQvrj/CFw0w"
+			+"MzAyMTIxMzA5MTZaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRww"
+			+"GgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNV"
+			+"BAMUEVRUQyBUZXN0IENBIDExOlBOMIGQAgQvrj/BFw0wMzAyMTIxMzA4NDBaMHkw"
+			+"dwYDVR0dAQH/BG0wa6RpMGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2No"
+			+"ZSBUZWxla29tIEFHMRAwDgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAY"
+			+"BgNVBAMUEVNpZ0cgVGVzdCBDQSA1OlBOMH4CBC+uP74XDTAzMDIxNzA2MzcyNVow"
+			+"ZzBlBgNVHR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRz"
+			+"Y2hlIFRlbGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRVFRDIFRlc3Qg"
+			+"Q0EgMTE6UE4wgZACBC+uP70XDTAzMDIxNzA2MzcyNVoweTB3BgNVHR0BAf8EbTBr"
+			+"pGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcx"
+			+"EDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBU"
+			+"ZXN0IENBIDU6UE4wgZACBC+uP7AXDTAzMDIxMjEzMDg1OVoweTB3BgNVHR0BAf8E"
+			+"bTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g"
+			+"QUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2ln"
+			+"RyBUZXN0IENBIDU6UE4wgZACBC+uP68XDTAzMDIxNzA2MzcyNVoweTB3BgNVHR0B"
+			+"Af8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVr"
+			+"b20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQR"
+			+"U2lnRyBUZXN0IENBIDU6UE4wfgIEL64/kxcNMDMwNDEwMDUyNjI4WjBnMGUGA1Ud"
+			+"HQEB/wRbMFmkVzBVMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVs"
+			+"ZWtvbSBBRzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFUVEMgVGVzdCBDQSAxMTpQ"
+			+"TjCBkAIEL64/khcNMDMwNDEwMDUyNjI4WjB5MHcGA1UdHQEB/wRtMGukaTBnMQsw"
+			+"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEQMA4GA1UE"
+			+"CxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0Eg"
+			+"NTpQTjB+AgQvrj8/Fw0wMzAyMjYxMTA0NDRaMGcwZQYDVR0dAQH/BFswWaRXMFUx"
+			+"CzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYH"
+			+"AoIGAQoHFBMBMTAYBgNVBAMUEVRUQyBUZXN0IENBIDExOlBOMIGQAgQvrj8+Fw0w"
+			+"MzAyMjYxMTA0NDRaMHkwdwYDVR0dAQH/BG0wa6RpMGcxCzAJBgNVBAYTAkRFMRww"
+			+"GgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYDVQQLFAdUZWxlU2VjMSgw"
+			+"DAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBDQSA1OlBOMH4CBC+uPs0X"
+			+"DTAzMDUyMDA1MjczNlowZzBlBgNVHR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUx"
+			+"HDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgG"
+			+"A1UEAxQRVFRDIFRlc3QgQ0EgMTE6UE4wgZACBC+uPswXDTAzMDUyMDA1MjczNlow"
+			+"eTB3BgNVHR0BAf8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRz"
+			+"Y2hlIFRlbGVrb20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwEx"
+			+"MBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6UE4wfgIEL64+PBcNMDMwNjE3MTAzNDE2"
+			+"WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1"
+			+"dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFUVEMgVGVz"
+			+"dCBDQSAxMTpQTjCBkAIEL64+OxcNMDMwNjE3MTAzNDE2WjB5MHcGA1UdHQEB/wRt"
+			+"MGukaTBnMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBB"
+			+"RzEQMA4GA1UECxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFTaWdH"
+			+"IFRlc3QgQ0EgNjpQTjCBkAIEL64+OhcNMDMwNjE3MTAzNDE2WjB5MHcGA1UdHQEB"
+			+"/wRtMGukaTBnMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtv"
+			+"bSBBRzEQMA4GA1UECxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFT"
+			+"aWdHIFRlc3QgQ0EgNjpQTjB+AgQvrj45Fw0wMzA2MTcxMzAxMDBaMGcwZQYDVR0d"
+			+"AQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxl"
+			+"a29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVRUQyBUZXN0IENBIDExOlBO"
+			+"MIGQAgQvrj44Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6RpMGcxCzAJ"
+			+"BgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYDVQQL"
+			+"FAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBDQSA2"
+			+"OlBOMIGQAgQvrj43Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6RpMGcx"
+			+"CzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYD"
+			+"VQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBD"
+			+"QSA2OlBOMIGQAgQvrj42Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6Rp"
+			+"MGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAw"
+			+"DgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVz"
+			+"dCBDQSA2OlBOMIGQAgQvrj4zFw0wMzA2MTcxMDM3NDlaMHkwdwYDVR0dAQH/BG0w"
+			+"a6RpMGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFH"
+			+"MRAwDgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cg"
+			+"VGVzdCBDQSA2OlBOMH4CBC+uPjEXDTAzMDYxNzEwNDI1OFowZzBlBgNVHR0BAf8E"
+			+"WzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g"
+			+"QUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRVFRDIFRlc3QgQ0EgMTE6UE4wgZAC"
+			+"BC+uPjAXDTAzMDYxNzEwNDI1OFoweTB3BgNVHR0BAf8EbTBrpGkwZzELMAkGA1UE"
+			+"BhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNVBAsUB1Rl"
+			+"bGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6UE4w"
+			+"gZACBC+uPakXDTAzMTAyMjExMzIyNFoweTB3BgNVHR0BAf8EbTBrpGkwZzELMAkG"
+			+"A1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNVBAsU"
+			+"B1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6"
+			+"UE4wgZACBC+uPLIXDTA1MDMxMTA2NDQyNFoweTB3BgNVHR0BAf8EbTBrpGkwZzEL"
+			+"MAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNV"
+			+"BAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENB"
+			+"IDY6UE4wgZACBC+uPKsXDTA0MDQwMjA3NTQ1M1oweTB3BgNVHR0BAf8EbTBrpGkw"
+			+"ZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAO"
+			+"BgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0"
+			+"IENBIDY6UE4wgZACBC+uOugXDTA1MDEyNzEyMDMyNFoweTB3BgNVHR0BAf8EbTBr"
+			+"pGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcx"
+			+"EDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBU"
+			+"ZXN0IENBIDY6UE4wgZACBC+uOr4XDTA1MDIxNjA3NTcxNloweTB3BgNVHR0BAf8E"
+			+"bTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g"
+			+"QUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2ln"
+			+"RyBUZXN0IENBIDY6UE4wgZACBC+uOqcXDTA1MDMxMDA1NTkzNVoweTB3BgNVHR0B"
+			+"Af8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVr"
+			+"b20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQR"
+			+"U2lnRyBUZXN0IENBIDY6UE4wgZACBC+uOjwXDTA1MDUxMTEwNDk0NloweTB3BgNV"
+			+"HR0BAf8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
+			+"bGVrb20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UE"
+			+"AxQRU2lnRyBUZXN0IENBIDY6UE4wgaoCBC+sbdUXDTA1MTExMTEwMDMyMVowgZIw"
+			+"gY8GA1UdHQEB/wSBhDCBgaR/MH0xCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0"
+			+"c2NoZSBUZWxla29tIEFHMR8wHQYDVQQLFBZQcm9kdWt0emVudHJ1bSBUZWxlU2Vj"
+			+"MS8wDAYHAoIGAQoHFBMBMTAfBgNVBAMUGFRlbGVTZWMgUEtTIFNpZ0cgQ0EgMTpQ"
+			+"TjCBlQIEL64uaBcNMDYwMTIzMTAyNTU1WjB+MHwGA1UdHQEB/wRyMHCkbjBsMQsw"
+			+"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEWMBQGA1UE"
+			+"CxQNWmVudHJhbGUgQm9ubjEnMAwGBwKCBgEKBxQTATEwFwYDVQQDFBBUVEMgVGVz"
+			+"dCBDQSA5OlBOMIGVAgQvribHFw0wNjA4MDEwOTQ4NDRaMH4wfAYDVR0dAQH/BHIw"
+			+"cKRuMGwxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFH"
+			+"MRYwFAYDVQQLFA1aZW50cmFsZSBCb25uMScwDAYHAoIGAQoHFBMBMTAXBgNVBAMU"
+			+"EFRUQyBUZXN0IENBIDk6UE6ggZswgZgwCwYDVR0UBAQCAhEMMB8GA1UdIwQYMBaA"
+			+"FANbyNumDI9545HwlCF26NuOJC45MA8GA1UdHAEB/wQFMAOEAf8wVwYDVR0SBFAw"
+			+"ToZMbGRhcDovL3Brc2xkYXAudHR0Yy5kZS9vdT1ULVRlbGVTZWMgVGVzdCBESVIg"
+			+"ODpQTixvPURldXRzY2hlIFRlbGVrb20gQUcsYz1kZTANBgkqhkiG9w0BAQUFAAOB"
+			+"gQBewL5gLFHpeOWO07Vk3Gg7pRDuAlvaovBH4coCyCWpk5jEhUfFSYEDuaQB7do4"
+			+"IlJmeTHvkI0PIZWJ7bwQ2PVdipPWDx0NVwS/Cz5jUKiS3BbAmZQZOueiKLFpQq3A"
+			+"b8aOHA7WHU4078/1lM+bgeu33Ln1CGykEbmSjA/oKPi/JA==");
+
+		private static readonly byte[] directCrl = Base64.Decode(
+			"MIIGXTCCBckCAQEwCgYGKyQDAwECBQAwdDELMAkGA1UEBhMCREUxHDAaBgNVBAoU"
+			+"E0RldXRzY2hlIFRlbGVrb20gQUcxFzAVBgNVBAsUDlQtVGVsZVNlYyBUZXN0MS4w"
+			+"DAYHAoIGAQoHFBMBMTAeBgNVBAMUF1QtVGVsZVNlYyBUZXN0IERJUiA4OlBOFw0w"
+			+"NjA4MDQwODQ1MTRaFw0wNjA4MDQxNDQ1MTRaMIIElTAVAgQvrj/pFw0wMzA3MjIw"
+			+"NTQxMjhaMBUCBC+uP+oXDTAzMDcyMjA1NDEyOFowFQIEL64/5xcNMDQwNDA1MTMx"
+			+"ODE3WjAVAgQvrj/oFw0wNDA0MDUxMzE4MTdaMBUCBC+uP+UXDTAzMDExMzExMTgx"
+			+"MVowFQIEL64/5hcNMDMwMTEzMTExODExWjAVAgQvrj/jFw0wMzAxMTMxMTI2NTZa"
+			+"MBUCBC+uP+QXDTAzMDExMzExMjY1NlowFQIEL64/4hcNMDQwNzEzMDc1ODM4WjAV"
+			+"AgQvrj/eFw0wMzAyMTcwNjMzMjVaMBUCBC+uP98XDTAzMDIxNzA2MzMyNVowFQIE"
+			+"L64/0xcNMDMwMjE3MDYzMzI1WjAVAgQvrj/dFw0wMzAxMTMxMTI4MTRaMBUCBC+u"
+			+"P9cXDTAzMDExMzExMjcwN1owFQIEL64/2BcNMDMwMTEzMTEyNzA3WjAVAgQvrj/V"
+			+"Fw0wMzA0MzAxMjI3NTNaMBUCBC+uP9YXDTAzMDQzMDEyMjc1M1owFQIEL64/xhcN"
+			+"MDMwMjEyMTM0NTQwWjAVAgQvrj/FFw0wMzAyMTIxMzQ1NDBaMBUCBC+uP8IXDTAz"
+			+"MDIxMjEzMDkxNlowFQIEL64/wRcNMDMwMjEyMTMwODQwWjAVAgQvrj++Fw0wMzAy"
+			+"MTcwNjM3MjVaMBUCBC+uP70XDTAzMDIxNzA2MzcyNVowFQIEL64/sBcNMDMwMjEy"
+			+"MTMwODU5WjAVAgQvrj+vFw0wMzAyMTcwNjM3MjVaMBUCBC+uP5MXDTAzMDQxMDA1"
+			+"MjYyOFowFQIEL64/khcNMDMwNDEwMDUyNjI4WjAVAgQvrj8/Fw0wMzAyMjYxMTA0"
+			+"NDRaMBUCBC+uPz4XDTAzMDIyNjExMDQ0NFowFQIEL64+zRcNMDMwNTIwMDUyNzM2"
+			+"WjAVAgQvrj7MFw0wMzA1MjAwNTI3MzZaMBUCBC+uPjwXDTAzMDYxNzEwMzQxNlow"
+			+"FQIEL64+OxcNMDMwNjE3MTAzNDE2WjAVAgQvrj46Fw0wMzA2MTcxMDM0MTZaMBUC"
+			+"BC+uPjkXDTAzMDYxNzEzMDEwMFowFQIEL64+OBcNMDMwNjE3MTMwMTAwWjAVAgQv"
+			+"rj43Fw0wMzA2MTcxMzAxMDBaMBUCBC+uPjYXDTAzMDYxNzEzMDEwMFowFQIEL64+"
+			+"MxcNMDMwNjE3MTAzNzQ5WjAVAgQvrj4xFw0wMzA2MTcxMDQyNThaMBUCBC+uPjAX"
+			+"DTAzMDYxNzEwNDI1OFowFQIEL649qRcNMDMxMDIyMTEzMjI0WjAVAgQvrjyyFw0w"
+			+"NTAzMTEwNjQ0MjRaMBUCBC+uPKsXDTA0MDQwMjA3NTQ1M1owFQIEL6466BcNMDUw"
+			+"MTI3MTIwMzI0WjAVAgQvrjq+Fw0wNTAyMTYwNzU3MTZaMBUCBC+uOqcXDTA1MDMx"
+			+"MDA1NTkzNVowFQIEL646PBcNMDUwNTExMTA0OTQ2WjAVAgQvrG3VFw0wNTExMTEx"
+			+"MDAzMjFaMBUCBC+uLmgXDTA2MDEyMzEwMjU1NVowFQIEL64mxxcNMDYwODAxMDk0"
+			+"ODQ0WqCBijCBhzALBgNVHRQEBAICEQwwHwYDVR0jBBgwFoAUA1vI26YMj3njkfCU"
+			+"IXbo244kLjkwVwYDVR0SBFAwToZMbGRhcDovL3Brc2xkYXAudHR0Yy5kZS9vdT1U"
+			+"LVRlbGVTZWMgVGVzdCBESVIgODpQTixvPURldXRzY2hlIFRlbGVrb20gQUcsYz1k"
+			+"ZTAKBgYrJAMDAQIFAAOBgQArj4eMlbAwuA2aS5O4UUUHQMKKdK/dtZi60+LJMiMY"
+			+"ojrMIf4+ZCkgm1Ca0Cd5T15MJxVHhh167Ehn/Hd48pdnAP6Dfz/6LeqkIHGWMHR+"
+			+"z6TXpwWB+P4BdUec1ztz04LypsznrHcLRa91ixg9TZCb1MrOG+InNhleRs1ImXk8"
+			+"MQ==");
+
+		public override string Name
+		{
+			get { return "CRL5"; }
+		}
+
+		[Test]
+		public void TestIndirectCrl()
+		{
+			X509Crl crl = new X509CrlParser().ReadCrl(indirectCrl);
+
+			foreach (X509CrlEntry crlEntry in crl.GetRevokedCertificates())
+			{
+				if (crlEntry.GetCertificateIssuer() == null)
+				{
+					Fail("certificate issuer CRL entry extension is null");
+				}
+			}
+		}
+
+		[Test]
+		public void TestDirectCrl()
+		{
+			X509Crl crl = new X509CrlParser().ReadCrl(directCrl);
+
+			foreach (X509CrlEntry crlEntry in crl.GetRevokedCertificates())
+			{
+				if (crlEntry.GetCertificateIssuer() != null)
+				{
+					Fail("certificate issuer CRL entry extension is not null");
+				}
+			}
+		}
+
+		public override void PerformTest()
+		{
+			TestIndirectCrl();
+			TestDirectCrl();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new Crl5Test());
+		}
+	}
+}
diff --git a/crypto/test/src/test/CamelliaTest.cs b/crypto/test/src/test/CamelliaTest.cs
new file mode 100644
index 000000000..f8e3520a3
--- /dev/null
+++ b/crypto/test/src/test/CamelliaTest.cs
@@ -0,0 +1,204 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Ntt;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Tests
+{
+	/// <summary>Basic test class for Camellia</summary>
+	[TestFixture]
+	public class CamelliaTest
+		: BaseBlockCipherTest
+	{
+		internal static readonly string[] cipherTests =
+		{
+			"128",
+			"0123456789abcdeffedcba9876543210",
+			"0123456789abcdeffedcba9876543210",
+			"67673138549669730857065648eabe43",
+			"192",
+			"0123456789abcdeffedcba98765432100011223344556677",
+			"0123456789abcdeffedcba9876543210",
+			"b4993401b3e996f84ee5cee7d79b09b9",
+			"256",
+			"0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff",
+			"0123456789abcdeffedcba9876543210",
+			"9acc237dff16d76c20ef7c919e3a7509",
+		};
+
+		public CamelliaTest()
+			: base("Camellia")
+		{
+		}
+
+		[Test]
+		public void TestCiphers()
+		{
+			for (int i = 0; i != cipherTests.Length; i += 4)
+			{
+				doCipherTest(int.Parse(cipherTests[i]),
+					Hex.Decode(cipherTests[i + 1]),
+					Hex.Decode(cipherTests[i + 2]),
+					Hex.Decode(cipherTests[i + 3]));
+			}
+		}
+
+		[Test]
+		public void TestWrap()
+		{
+			byte[] kek1 = Hex.Decode("000102030405060708090a0b0c0d0e0f");
+			byte[] in1 = Hex.Decode("00112233445566778899aabbccddeeff");
+			byte[] out1 = Hex.Decode("635d6ac46eedebd3a7f4a06421a4cbd1746b24795ba2f708");
+
+			wrapTest(1, "CamelliaWrap", kek1, in1, out1);
+		}
+
+		[Test]
+		public void TestOids()
+		{
+			string[] oids = {
+				NttObjectIdentifiers.IdCamellia128Cbc.Id,
+				NttObjectIdentifiers.IdCamellia192Cbc.Id,
+				NttObjectIdentifiers.IdCamellia256Cbc.Id
+			};
+
+			string[] names = {
+				"Camellia/CBC/PKCS7Padding",
+				"Camellia/CBC/PKCS7Padding",
+				"Camellia/CBC/PKCS7Padding"
+			};
+
+			oidTest(oids, names, 1);
+		}
+
+		[Test]
+		public void TestWrapOids()
+		{
+			string[] wrapOids = {
+				NttObjectIdentifiers.IdCamellia128Wrap.Id,
+				NttObjectIdentifiers.IdCamellia192Wrap.Id,
+				NttObjectIdentifiers.IdCamellia256Wrap.Id
+			};
+
+			wrapOidTest(wrapOids, "CamelliaWrap");
+		}
+
+		public void doCipherTest(
+			int		strength,
+			byte[]	keyBytes,
+			byte[]	input,
+			byte[]	output)
+		{
+			KeyParameter key = ParameterUtilities.CreateKeyParameter("Camellia", keyBytes);
+
+			IBufferedCipher inCipher = CipherUtilities.GetCipher("Camellia/ECB/NoPadding");
+			IBufferedCipher outCipher = CipherUtilities.GetCipher("Camellia/ECB/NoPadding");
+
+			try
+			{
+				outCipher.Init(true, key);
+			}
+			catch (Exception e)
+			{
+				Fail("Camellia failed initialisation - " + e.ToString(), e);
+			}
+
+			try
+			{
+				inCipher.Init(false, key);
+			}
+			catch (Exception e)
+			{
+				Fail("Camellia failed initialisation - " + e.ToString(), e);
+			}
+
+			//
+			// encryption pass
+			//
+			MemoryStream bOut = new MemoryStream();
+			CipherStream cOut = new CipherStream(bOut, null, outCipher);
+
+			try
+			{
+				for (int i = 0; i != input.Length / 2; i++)
+				{
+					cOut.WriteByte(input[i]);
+				}
+				cOut.Write(input, input.Length / 2, input.Length - input.Length / 2);
+				cOut.Close();
+			}
+			catch (IOException e)
+			{
+				Fail("Camellia failed encryption - " + e.ToString(), e);
+			}
+
+			byte[] bytes = bOut.ToArray();
+
+			if (!AreEqual(bytes, output))
+			{
+				Fail("Camellia failed encryption - expected "
+					+ Hex.ToHexString(output) + " got "
+					+ Hex.ToHexString(bytes));
+			}
+
+			//
+			// decryption pass
+			//
+			MemoryStream bIn = new MemoryStream(bytes, false);
+			CipherStream cIn = new CipherStream(bIn, inCipher, null);
+
+			try
+			{
+//				DataInputStream dIn = new DataInputStream(cIn);
+				BinaryReader dIn = new BinaryReader(cIn);
+
+				bytes = new byte[input.Length];
+
+				for (int i = 0; i != input.Length / 2; i++)
+				{
+//					bytes[i] = (byte)dIn.read();
+					bytes[i] = dIn.ReadByte();
+				}
+
+				int remaining = bytes.Length - input.Length / 2;
+//				dIn.readFully(bytes, input.Length / 2, remaining);
+				byte[] extra = dIn.ReadBytes(remaining);
+				if (extra.Length < remaining)
+					throw new EndOfStreamException();
+				extra.CopyTo(bytes, input.Length / 2);
+			}
+			catch (Exception e)
+			{
+				Fail("Camellia failed encryption - " + e.ToString(), e);
+			}
+
+			if (!AreEqual(bytes, input))
+			{
+				Fail("Camellia failed decryption - expected "
+					+ Hex.ToHexString(input) + " got "
+					+ Hex.ToHexString(bytes));
+			}
+		}
+
+		public override void PerformTest()
+		{
+			TestCiphers();
+			TestWrap();
+			TestOids();
+			TestWrapOids();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new CamelliaTest());
+		}
+	}
+}
diff --git a/crypto/test/src/test/CertPathBuilderTest.cs b/crypto/test/src/test/CertPathBuilderTest.cs
new file mode 100644
index 000000000..e31bde866
--- /dev/null
+++ b/crypto/test/src/test/CertPathBuilderTest.cs
@@ -0,0 +1,163 @@
+using System;
+using System.Collections;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Pkix;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Tests
+{
+    [TestFixture]
+    public class CertPathBuilderTest
+        : SimpleTest
+    {
+        private void baseTest()
+        {
+//			CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
+            X509CertificateParser certParser = new X509CertificateParser();
+            X509CrlParser crlParser = new X509CrlParser();
+
+            // initialise CertStore
+            X509Certificate rootCert = certParser.ReadCertificate(CertPathTest.rootCertBin);
+            X509Certificate interCert = certParser.ReadCertificate(CertPathTest.interCertBin);
+            X509Certificate finalCert = certParser.ReadCertificate(CertPathTest.finalCertBin);
+            X509Crl rootCrl = crlParser.ReadCrl(CertPathTest.rootCrlBin);
+            X509Crl interCrl = crlParser.ReadCrl(CertPathTest.interCrlBin);
+
+            IList certList = new ArrayList();
+            certList.Add(rootCert);
+            certList.Add(interCert);
+            certList.Add(finalCert);
+
+            IList crlList = new ArrayList();
+            crlList.Add(rootCrl);
+            crlList.Add(interCrl);
+
+//			CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
+//			CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
+            IX509Store x509CertStore = X509StoreFactory.Create(
+                "Certificate/Collection",
+                new X509CollectionStoreParameters(certList));
+            IX509Store x509CrlStore = X509StoreFactory.Create(
+                "CRL/Collection",
+                new X509CollectionStoreParameters(crlList));
+
+            // NB: Month is 1-based in .NET
+            //DateTime validDate = new DateTime(2008, 9, 4, 14, 49, 10).ToUniversalTime();
+            DateTime validDate = new DateTime(2008, 9, 4, 5, 49, 10);
+
+            //Searching for rootCert by subjectDN without CRL
+            ISet trust = new HashSet();
+            trust.Add(new TrustAnchor(rootCert, null));
+
+//			CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX","BC");
+            PkixCertPathBuilder cpb = new PkixCertPathBuilder();
+            X509CertStoreSelector targetConstraints = new X509CertStoreSelector();
+            targetConstraints.Subject = finalCert.SubjectDN;
+            PkixBuilderParameters parameters = new PkixBuilderParameters(trust, targetConstraints);
+//			parameters.addCertStore(store);
+            parameters.AddStore(x509CertStore);
+            parameters.AddStore(x509CrlStore);
+            parameters.Date = new DateTimeObject(validDate);
+            PkixCertPathBuilderResult result = cpb.Build(parameters);
+            PkixCertPath path = result.CertPath;
+
+            if (path.Certificates.Count != 2)
+            {
+                Fail("wrong number of certs in baseTest path");
+            }
+        }
+
+        private void v0Test()
+        {
+            // create certificates and CRLs
+            AsymmetricCipherKeyPair rootPair = TestUtilities.GenerateRsaKeyPair();
+            AsymmetricCipherKeyPair interPair = TestUtilities.GenerateRsaKeyPair();
+            AsymmetricCipherKeyPair endPair = TestUtilities.GenerateRsaKeyPair();
+
+            X509Certificate rootCert = TestUtilities.GenerateRootCert(rootPair);
+            X509Certificate interCert = TestUtilities.GenerateIntermediateCert(interPair.Public, rootPair.Private, rootCert);
+            X509Certificate endCert = TestUtilities.GenerateEndEntityCert(endPair.Public, interPair.Private, interCert);
+
+            BigInteger revokedSerialNumber = BigInteger.Two;
+            X509Crl rootCRL = TestUtilities.CreateCrl(rootCert, rootPair.Private, revokedSerialNumber);
+            X509Crl interCRL = TestUtilities.CreateCrl(interCert, interPair.Private, revokedSerialNumber);
+
+            // create CertStore to support path building
+            IList certList = new ArrayList();
+            certList.Add(rootCert);
+            certList.Add(interCert);
+            certList.Add(endCert);
+
+            IList crlList = new ArrayList();
+            crlList.Add(rootCRL);
+            crlList.Add(interCRL);
+
+//			CollectionCertStoreParameters parameters = new CollectionCertStoreParameters(list);
+//			CertStore                     store = CertStore.getInstance("Collection", parameters);
+            IX509Store x509CertStore = X509StoreFactory.Create(
+                "Certificate/Collection",
+                new X509CollectionStoreParameters(certList));
+            IX509Store x509CrlStore = X509StoreFactory.Create(
+                "CRL/Collection",
+                new X509CollectionStoreParameters(crlList));
+
+            ISet trust = new HashSet();
+            trust.Add(new TrustAnchor(rootCert, null));
+
+            // build the path
+//			CertPathBuilder  builder = CertPathBuilder.getInstance("PKIX", "BC");
+            PkixCertPathBuilder builder = new PkixCertPathBuilder();
+            X509CertStoreSelector pathConstraints = new X509CertStoreSelector();
+
+            pathConstraints.Subject = endCert.SubjectDN;
+
+            PkixBuilderParameters buildParams = new PkixBuilderParameters(trust, pathConstraints);
+//			buildParams.addCertStore(store);
+            buildParams.AddStore(x509CertStore);
+            buildParams.AddStore(x509CrlStore);
+
+            buildParams.Date = new DateTimeObject(DateTime.UtcNow);
+
+            PkixCertPathBuilderResult result = builder.Build(buildParams);
+            PkixCertPath path = result.CertPath;
+
+            if (path.Certificates.Count != 2)
+            {
+                Fail("wrong number of certs in v0Test path");
+            }
+        }
+
+        public override void PerformTest()
+        {
+            baseTest();
+            v0Test();
+        }
+        
+        public override string Name
+        {
+            get { return "CertPathBuilder"; }
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new CertPathBuilderTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/test/CertPathTest.cs b/crypto/test/src/test/CertPathTest.cs
new file mode 100644
index 000000000..f1a7c94f6
--- /dev/null
+++ b/crypto/test/src/test/CertPathTest.cs
@@ -0,0 +1,359 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Pkix;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class CertPathTest
+		: SimpleTest
+	{
+		internal static readonly byte[] rootCertBin = Base64.Decode(
+			"MIIBqzCCARQCAQEwDQYJKoZIhvcNAQEFBQAwHjEcMBoGA1UEAxMTVGVzdCBDQSBDZXJ0aWZpY2F0ZTAeFw0wODA5MDQwNDQ1MDhaFw0wODA5MTEwNDQ1MDhaMB4xHDAaBgNVBAMTE1Rlc3QgQ0EgQ2VydGlmaWNhdGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMRLUjhPe4YUdLo6EcjKcWUOG7CydFTH53Pr1lWjOkbmszYDpkhCTT9LOsI+disk18nkBxSl8DAHTqV+VxtuTPt64iyi10YxyDeep+DwZG/f8cVQv97U3hA9cLurZ2CofkMLGr6JpSGCMZ9FcstcTdHB4lbErIJ54YqfF4pNOs4/AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAgyrTEFY7ALpeY59jL6xFOLpuPqoBOWrUWv6O+zy5BCU0qiX71r3BpigtxRj+DYcfLIM9FNERDoHu3TthD3nwYWUBtFX8N0QUJIdJabxqAMhLjSC744koiFpCYse5Ye3ZvEdFwDzgAQsJTp5eFGgTZPkPzcdhkFJ2p9+OWs+cb24=");
+		internal static readonly byte[] interCertBin = Base64.Decode(
+			"MIICSzCCAbSgAwIBAgIBATANBgkqhkiG9w0BAQUFADAeMRwwGgYDVQQDExNUZXN0IENBIENlcnRpZmljYXRlMB4XDTA4MDkwNDA0NDUwOFoXDTA4MDkxMTA0NDUwOFowKDEmMCQGA1UEAxMdVGVzdCBJbnRlcm1lZGlhdGUgQ2VydGlmaWNhdGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAISS9OOZ2wxzdWny9aVvk4Joq+dwSJ+oqvHUxX3PflZyuiLiCBUOUE4q59dGKdtNX5fIfwyK3cpV0e73Y/0fwfM3m9rOWFrCKOhfeswNTes0w/2PqPVVDDsF/nj7NApuqXwioeQlgTL251RDF4sVoxXqAU7lRkcqwZt3mwqS4KTJAgMBAAGjgY4wgYswRgYDVR0jBD8wPYAUhv8BOT27EB9JaCccJD4YASPP5XWhIqQgMB4xHDAaBgNVBAMTE1Rlc3QgQ0EgQ2VydGlmaWNhdGWCAQEwHQYDVR0OBBYEFL/IwAGOkHzaQyPZegy79CwM5oTFMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBBQUAA4GBAE4TRgUz4sUvZyVdZxqV+XyNRnqXAeLOOqFGYv2D96tQrS+zjd0elVlT6lFrtchZdOmmX7R6/H/tjMWMcTBICZyRYrvK8cCAmDOI+EIdq5p6lj2Oq6Pbw/wruojAqNrpaR6IkwNpWtdOSSupv4IJL+YU9q2YFTh4R1j3tOkPoFGr");
+		internal static readonly byte[] finalCertBin = Base64.Decode(
+			"MIICRjCCAa+gAwIBAgIBATANBgkqhkiG9w0BAQUFADAoMSYwJAYDVQQDEx1UZXN0IEludGVybWVkaWF0ZSBDZXJ0aWZpY2F0ZTAeFw0wODA5MDQwNDQ1MDhaFw0wODA5MTEwNDQ1MDhaMB8xHTAbBgNVBAMTFFRlc3QgRW5kIENlcnRpZmljYXRlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChpUeo0tPYywWKiLlbWKNJBcCpSaLSlaZ+4+yer1AxI5yJIVHP6SAlBghlbD5Qne5ImnN/15cz1xwYAiul6vGKJkVPlFEe2Mr+g/J/WJPQQPsjbZ1G+vxbAwXEDA4KaQrnpjRZFq+CdKHwOjuPLYS/MYQNgdIvDVEQcTbPQ8GaiQIDAQABo4GIMIGFMEYGA1UdIwQ/MD2AFL/IwAGOkHzaQyPZegy79CwM5oTFoSKkIDAeMRwwGgYDVQQDExNUZXN0IENBIENlcnRpZmljYXRlggEBMB0GA1UdDgQWBBSVkw+VpqBf3zsLc/9GdkK9TzHPwDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFoDANBgkqhkiG9w0BAQUFAAOBgQBLv/0bVDjzTs/y1vN3FUiZNknEbzupIZduTuXJjqv/vBX+LDPjUfu/+iOCXOSKoRn6nlOWhwB1z6taG2usQkFG8InMkRcPREi2uVgFdhJ/1C3dAWhsdlubjdL926bftXvxnx/koDzyrePW5U96RlOQM2qLvbaky2Giz6hrc3Wl+w==");
+		internal static readonly byte[] rootCrlBin = Base64.Decode(
+			"MIIBYjCBzAIBATANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNUZXN0IENBIENlcnRpZmljYXRlFw0wODA5MDQwNDQ1MDhaFw0wODA5MDQwNzMxNDhaMCIwIAIBAhcNMDgwOTA0MDQ0NTA4WjAMMAoGA1UdFQQDCgEJoFYwVDBGBgNVHSMEPzA9gBSG/wE5PbsQH0loJxwkPhgBI8/ldaEipCAwHjEcMBoGA1UEAxMTVGVzdCBDQSBDZXJ0aWZpY2F0ZYIBATAKBgNVHRQEAwIBATANBgkqhkiG9w0BAQsFAAOBgQCAbaFCo0BNG4AktVf6jjBLeawP1u0ELYkOCEGvYZE0mBpQ+OvFg7subZ6r3lRIj030nUli28sPFtu5ZQMBNcpE4nS1ziF44RfT3Lp5UgHx9x17Krz781iEyV+7zU8YxYMY9wULD+DCuK294kGKIssVNbmTYXZatBNoXQN5CLIocA==");
+		internal static readonly byte[] interCrlBin = Base64.Decode(
+			"MIIBbDCB1gIBATANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1UZXN0IEludGVybWVkaWF0ZSBDZXJ0aWZpY2F0ZRcNMDgwOTA0MDQ0NTA4WhcNMDgwOTA0MDczMTQ4WjAiMCACAQIXDTA4MDkwNDA0NDUwOFowDDAKBgNVHRUEAwoBCaBWMFQwRgYDVR0jBD8wPYAUv8jAAY6QfNpDI9l6DLv0LAzmhMWhIqQgMB4xHDAaBgNVBAMTE1Rlc3QgQ0EgQ2VydGlmaWNhdGWCAQEwCgYDVR0UBAMCAQEwDQYJKoZIhvcNAQELBQADgYEAEVCr5TKs5yguGgLH+dBzmSPoeSIWJFLsgWwJEit/iUDJH3dgYmaczOcGxIDtbYYHLWIHM+P2YRyQz3MEkCXEgm/cx4y7leAmux5l+xQWgmxFPz+197vaphPeCZo+B7V1CWtm518gcq4mrs9ovfgNqgyFj7KGjcBpWdJE32KMt50=");
+
+		/*
+		 * certpath with a circular reference
+		 */
+		internal static readonly byte[] certA = Base64.Decode(
+			"MIIC6jCCAlOgAwIBAgIBBTANBgkqhkiG9w0BAQUFADCBjTEPMA0GA1UEAxMGSW50"
+			+ "ZXIzMQswCQYDVQQGEwJDSDEPMA0GA1UEBxMGWnVyaWNoMQswCQYDVQQIEwJaSDEX"
+			+ "MBUGA1UEChMOUHJpdmFzcGhlcmUgQUcxEDAOBgNVBAsTB1Rlc3RpbmcxJDAiBgkq"
+			+ "hkiG9w0BCQEWFWFybWluQHByaXZhc3BoZXJlLmNvbTAeFw0wNzA0MDIwODQ2NTda"
+			+ "Fw0xNzAzMzAwODQ0MDBaMIGlMScwJQYDVQQDHh4AQQByAG0AaQBuACAASADkAGIA"
+			+ "ZQByAGwAaQBuAGcxCzAJBgNVBAYTAkNIMQ8wDQYDVQQHEwZadXJpY2gxCzAJBgNV"
+			+ "BAgTAlpIMRcwFQYDVQQKEw5Qcml2YXNwaGVyZSBBRzEQMA4GA1UECxMHVGVzdGlu"
+			+ "ZzEkMCIGCSqGSIb3DQEJARYVYXJtaW5AcHJpdmFzcGhlcmUuY29tMIGfMA0GCSqG"
+			+ "SIb3DQEBAQUAA4GNADCBiQKBgQCfHfyVs5dbxG35H/Thd29qR4NZU88taCu/OWA1"
+			+ "GdACI02lXWYpmLWiDgnU0ULP+GG8OnVp1IES9fz2zcrXKQ19xZzsen/To3h5sNte"
+			+ "cJpS00XMM24q/jDwy5NvkBP9YIfFKQ1E/0hFHXcqwlw+b/y/v6YGsZCU2h6QDzc4"
+			+ "5m0+BwIDAQABo0AwPjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIE8DAeBglg"
+			+ "hkgBhvhCAQ0EERYPeGNhIGNlcnRpZmljYXRlMA0GCSqGSIb3DQEBBQUAA4GBAJEu"
+			+ "KiSfIwsY7SfobMLrv2v/BtLhGLi4RnmjiwzBhuv5rn4rRfBpq1ppmqQMJ2pmA67v"
+			+ "UWCY+mNwuyjHyivpCCyJGsZ9d5H09g2vqxzkDBMz7X9VNMZYFH8j/R3/Cfvqks31"
+			+ "z0OFslJkeKLa1I0P/dfVHsRKNkLRT3Ws5LKksErQ");
+
+		internal static readonly byte[] certB = Base64.Decode(
+			"MIICtTCCAh6gAwIBAgIBBDANBgkqhkiG9w0BAQQFADCBjTEPMA0GA1UEAxMGSW50"
+			+ "ZXIyMQswCQYDVQQGEwJDSDEPMA0GA1UEBxMGWnVyaWNoMQswCQYDVQQIEwJaSDEX"
+			+ "MBUGA1UEChMOUHJpdmFzcGhlcmUgQUcxEDAOBgNVBAsTB1Rlc3RpbmcxJDAiBgkq"
+			+ "hkiG9w0BCQEWFWFybWluQHByaXZhc3BoZXJlLmNvbTAeFw0wNzA0MDIwODQ2Mzha"
+			+ "Fw0xNzAzMzAwODQ0MDBaMIGNMQ8wDQYDVQQDEwZJbnRlcjMxCzAJBgNVBAYTAkNI"
+			+ "MQ8wDQYDVQQHEwZadXJpY2gxCzAJBgNVBAgTAlpIMRcwFQYDVQQKEw5Qcml2YXNw"
+			+ "aGVyZSBBRzEQMA4GA1UECxMHVGVzdGluZzEkMCIGCSqGSIb3DQEJARYVYXJtaW5A"
+			+ "cHJpdmFzcGhlcmUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxCXIB"
+			+ "QRnmVvl2h7Q+0SsRxDLnyM1dJG9jMa+UCCmHy0k/ZHs5VirSbjEJSjkQ9BGeh9SC"
+			+ "7JwbMpXO7UE+gcVc2RnWUY+MA+fWIeTV4KtkYA8WPu8wVGCXbN8wwh/StOocszxb"
+			+ "g+iLvGeh8CYSRqg6QN3S/02etH3o8H4e7Z0PZwIDAQABoyMwITAPBgNVHRMBAf8E"
+			+ "BTADAQH/MA4GA1UdDwEB/wQEAwIB9jANBgkqhkiG9w0BAQQFAAOBgQCtWdirSsmt"
+			+ "+CBBCNn6ZnbU3QqQfiiQIomjenNEHESJgaS/+PvPE5i3xWFXsunTHLW321/Km16I"
+			+ "7+ZvT8Su1cqHg79NAT8QB0yke1saKSy2C0Pic4HwrNqVBWFNSxMU0hQzpx/ZXDbZ"
+			+ "DqIXAp5EfyRYBy2ul+jm6Rot6aFgzuopKg==");
+
+		internal static readonly byte[] certC = Base64.Decode(
+			"MIICtTCCAh6gAwIBAgIBAjANBgkqhkiG9w0BAQQFADCBjTEPMA0GA1UEAxMGSW50"
+			+ "ZXIxMQswCQYDVQQGEwJDSDEPMA0GA1UEBxMGWnVyaWNoMQswCQYDVQQIEwJaSDEX"
+			+ "MBUGA1UEChMOUHJpdmFzcGhlcmUgQUcxEDAOBgNVBAsTB1Rlc3RpbmcxJDAiBgkq"
+			+ "hkiG9w0BCQEWFWFybWluQHByaXZhc3BoZXJlLmNvbTAeFw0wNzA0MDIwODQ0Mzla"
+			+ "Fw0xNzAzMzAwODQ0MDBaMIGNMQ8wDQYDVQQDEwZJbnRlcjIxCzAJBgNVBAYTAkNI"
+			+ "MQ8wDQYDVQQHEwZadXJpY2gxCzAJBgNVBAgTAlpIMRcwFQYDVQQKEw5Qcml2YXNw"
+			+ "aGVyZSBBRzEQMA4GA1UECxMHVGVzdGluZzEkMCIGCSqGSIb3DQEJARYVYXJtaW5A"
+			+ "cHJpdmFzcGhlcmUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD0rLr6"
+			+ "f2/ONeJzTb0q9M/NNX+MnAFMSqiQGVBkT76u5nOH4KLkpHXkzI82JI7GuQMzoT3a"
+			+ "+RP1hO6FneO92ms2soC6xiOFb4EC69Dfhh87Nww5O35JxVF0bzmbmIAWd6P/7zGh"
+			+ "nd2S4tKkaZcubps+C0j9Fgi0hipVicAOUVVoDQIDAQABoyMwITAPBgNVHRMBAf8E"
+			+ "BTADAQH/MA4GA1UdDwEB/wQEAwIB9jANBgkqhkiG9w0BAQQFAAOBgQCLPvc1IMA4"
+			+ "YP+PmnEldyUoRWRnvPWjBGeu0WheBP7fdcnGBf93Nmc5j68ZN+eTZ5VMuZ99YdvH"
+			+ "CXGNX6oodONLU//LlFKdLl5xjLAS5X9p1RbOEGytnalqeiEpjk4+C/7rIBG1kllO"
+			+ "dItmI6LlEMV09Hkpg6ZRAUmRkb8KrM4X7A==");
+
+		internal static readonly byte[] certD = Base64.Decode(
+			"MIICtTCCAh6gAwIBAgIBBjANBgkqhkiG9w0BAQQFADCBjTEPMA0GA1UEAxMGSW50"
+			+ "ZXIzMQswCQYDVQQGEwJDSDEPMA0GA1UEBxMGWnVyaWNoMQswCQYDVQQIEwJaSDEX"
+			+ "MBUGA1UEChMOUHJpdmFzcGhlcmUgQUcxEDAOBgNVBAsTB1Rlc3RpbmcxJDAiBgkq"
+			+ "hkiG9w0BCQEWFWFybWluQHByaXZhc3BoZXJlLmNvbTAeFw0wNzA0MDIwODQ5NTNa"
+			+ "Fw0xNzAzMzAwODQ0MDBaMIGNMQ8wDQYDVQQDEwZJbnRlcjExCzAJBgNVBAYTAkNI"
+			+ "MQ8wDQYDVQQHEwZadXJpY2gxCzAJBgNVBAgTAlpIMRcwFQYDVQQKEw5Qcml2YXNw"
+			+ "aGVyZSBBRzEQMA4GA1UECxMHVGVzdGluZzEkMCIGCSqGSIb3DQEJARYVYXJtaW5A"
+			+ "cHJpdmFzcGhlcmUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCae3TP"
+			+ "jIVKeASqvNabaiUHAMGUgFxB7L0yUsIj39azLcLtUj4S7XkDf7SMGtYV0JY1XNaQ"
+			+ "sHJAsnJivDZc50oiYvqDYfgFZx5+AsN5l5X5rjRzs/OX+Jo+k1OgsIyu6+mf9Kfb"
+			+ "5IdWOVB2EcOg4f9tPjLM8CIj9Pp7RbKLyqUUgwIDAQABoyMwITAPBgNVHRMBAf8E"
+			+ "BTADAQH/MA4GA1UdDwEB/wQEAwIB9jANBgkqhkiG9w0BAQQFAAOBgQCgr9kUdWUT"
+			+ "Lt9UcztSzR3pnHRsyvS0E/z850OKQKS5/VxLEalpFvhj+3EcZ7Y6mFxaaS2B7vXg"
+			+ "2YWyqV1PRb6iF7/u9EXkpSTKGrJahwANirCa3V/HTUuPdCE2GITlnWI8h3eVA+xQ"
+			+ "D4LF0PXHOkXbwmhXRSb10lW1bSGkUxE9jg==");
+
+		private void doTestExceptions()
+		{
+			byte[] enc = { (byte)0, (byte)2, (byte)3, (byte)4, (byte)5 };
+//			MyCertPath mc = new MyCertPath(enc);
+			MemoryStream os = new MemoryStream();
+			MemoryStream ins;
+			byte[] arr;
+
+			// TODO Support serialization of cert paths?
+//			ObjectOutputStream oos = new ObjectOutputStream(os);
+//			oos.WriteObject(mc);
+//			oos.Flush();
+//			oos.Close();
+
+			try
+			{
+//				CertificateFactory cFac = CertificateFactory.GetInstance("X.509");
+				arr = os.ToArray();
+				ins = new MemoryStream(arr, false);
+//				cFac.generateCertPath(ins);
+				new PkixCertPath(ins);
+			}
+			catch (CertificateException)
+			{
+				// ignore okay
+			}
+
+//			CertificateFactory cf = CertificateFactory.GetInstance("X.509");
+			X509CertificateParser cf = new X509CertificateParser();
+			IList certCol = new ArrayList();
+
+			certCol.Add(cf.ReadCertificate(certA));
+			certCol.Add(cf.ReadCertificate(certB));
+			certCol.Add(cf.ReadCertificate(certC));
+			certCol.Add(cf.ReadCertificate(certD));
+
+//			CertPathBuilder pathBuilder = CertPathBuilder.GetInstance("PKIX");
+			PkixCertPathBuilder pathBuilder = new PkixCertPathBuilder();
+			X509CertStoreSelector select = new X509CertStoreSelector();
+			select.Subject = ((X509Certificate)certCol[0]).SubjectDN;
+
+			ISet trustanchors = new HashSet();
+			trustanchors.Add(new TrustAnchor(cf.ReadCertificate(rootCertBin), null));
+
+//			CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certCol));
+			IX509Store x509CertStore = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certCol));
+
+			PkixBuilderParameters parameters = new PkixBuilderParameters(trustanchors, select);
+			parameters.AddStore(x509CertStore);
+
+			try
+			{
+				PkixCertPathBuilderResult result = pathBuilder.Build(parameters);
+				PkixCertPath path = result.CertPath;
+				Fail("found cert path in circular set");
+			}
+			catch (PkixCertPathBuilderException)
+			{
+				// expected
+			}
+		}
+
+		public override void PerformTest()
+		{
+			X509CertificateParser cf = new X509CertificateParser();
+
+			X509Certificate rootCert = cf.ReadCertificate(rootCertBin);
+			X509Certificate interCert = cf.ReadCertificate(interCertBin);
+			X509Certificate finalCert = cf.ReadCertificate(finalCertBin);
+
+			//Testing CertPath generation from List
+			IList list = new ArrayList();
+			list.Add(interCert);
+//			CertPath certPath1 = cf.generateCertPath(list);
+			PkixCertPath certPath1 = new PkixCertPath(list);
+
+			//Testing CertPath encoding as PkiPath
+			byte[] encoded = certPath1.GetEncoded("PkiPath");
+
+			//Testing CertPath generation from InputStream
+			MemoryStream inStream = new MemoryStream(encoded, false);
+//			CertPath certPath2 = cf.generateCertPath(inStream, "PkiPath");
+			PkixCertPath certPath2 = new PkixCertPath(inStream, "PkiPath");
+
+			//Comparing both CertPathes
+			if (!certPath2.Equals(certPath1))
+			{
+				Fail("CertPath differ after encoding and decoding.");
+			}
+
+			encoded = certPath1.GetEncoded("PKCS7");
+
+			//Testing CertPath generation from InputStream
+			inStream = new MemoryStream(encoded, false);
+//			certPath2 = cf.generateCertPath(inStream, "PKCS7");
+			certPath2 = new PkixCertPath(inStream, "PKCS7");
+
+			//Comparing both CertPathes
+			if (!certPath2.Equals(certPath1))
+			{
+				Fail("CertPath differ after encoding and decoding.");
+			}
+
+			encoded = certPath1.GetEncoded("PEM");
+
+			//Testing CertPath generation from InputStream
+			inStream = new MemoryStream(encoded, false);
+//			certPath2 = cf.generateCertPath(inStream, "PEM");
+			certPath2 = new PkixCertPath(inStream, "PEM");
+
+			//Comparing both CertPathes
+			if (!certPath2.Equals(certPath1))
+			{
+				Fail("CertPath differ after encoding and decoding.");
+			}
+
+			//
+			// empty list test
+			//
+			list = new ArrayList();
+
+//			CertPath certPath = CertificateFactory.GetInstance("X.509","BC").generateCertPath(list);
+			PkixCertPath certPath = new PkixCertPath(list);
+			if (certPath.Certificates.Count != 0)
+			{
+				Fail("list wrong size.");
+			}
+
+			//
+			// exception tests
+			//
+			doTestExceptions();
+		}
+
+		public override string Name
+		{
+			get { return "CertPath"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new CertPathTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+
+//		private class MyCertificate : X509Certificate
+//		{
+//			private readonly string type;
+//			private readonly byte[] encoding;
+//
+//			public MyCertificate(string type, byte[] encoding)
+////				: base(type)
+//			{
+//				this.type = type;
+//
+//				// don't copy to allow null parameter in test
+//				this.encoding = encoding;
+//			}
+//
+//			public override byte[] GetEncoded()
+//			{
+//				// do copy to force NPE in test
+//				return (byte[])encoding.Clone();
+//			}
+//
+//			public override void Verify(AsymmetricKeyParameter publicKey)
+//			{
+//			}
+//
+//			public override string ToString()
+//			{
+//				return "[My test Certificate, type: " + type + "]";
+//			}
+//
+//			public override AsymmetricKeyParameter GetPublicKey()
+//			{
+//				throw new NotImplementedException();
+//
+////            return new PublicKey()
+////            {
+////                public string getAlgorithm()
+////                {
+////                    return "TEST";
+////                }
+////
+////                public byte[] getEncoded()
+////                {
+////                    return new byte[] { (byte)1, (byte)2, (byte)3 };
+////                }
+////
+////                public string getFormat()
+////                {
+////                    return "TEST_FORMAT";
+////                }
+////            };
+//			}
+//		}
+
+//		private class MyCertPath : PkixCertPath
+//		{
+//			private readonly ArrayList certificates;
+//
+//			private readonly ArrayList encodingNames;
+//
+//			private readonly byte[] encoding;
+//
+//			public MyCertPath(byte[] encoding)
+//				: base("MyEncoding")
+//			{
+//				this.encoding = encoding;
+//				certificates = new ArrayList();
+//				certificates.Add(new MyCertificate("MyEncoding", encoding));
+//				encodingNames = new ArrayList();
+//				encodingNames.Add("MyEncoding");
+//			}
+//
+//			public override IList Certificates
+//			{
+//				get { return CollectionUtilities.ReadOnly(certificates); }
+//			}
+//
+//			public override byte[] GetEncoded()
+//			{
+//				return (byte[])encoding.Clone();
+//			}
+//
+//			public override byte[] GetEncoded(
+//				string encoding)
+//			{
+//				if (Type.Equals(encoding))
+//				{
+//					return (byte[])this.encoding.Clone();
+//				}
+//				throw new CertificateEncodingException("Encoding not supported: "
+//					+ encoding);
+//			}
+//
+//			public override IEnumerable Encodings
+//			{
+//				get { return new EnumerableProxy(encodingNames); }
+//			}
+//		}
+	}
+}
diff --git a/crypto/test/src/test/CertPathValidatorTest.cs b/crypto/test/src/test/CertPathValidatorTest.cs
new file mode 100644
index 000000000..a92bb9b31
--- /dev/null
+++ b/crypto/test/src/test/CertPathValidatorTest.cs
@@ -0,0 +1,304 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Pkix;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Tests
+{
+    [TestFixture]
+    public class CertPathValidatorTest
+        : SimpleTest
+    {
+        private byte[] AC_PR = Base64.Decode(
+            "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlFU1RDQ0F6R2dBd0lC"
+            + "QWdJQkJUQU5CZ2txaGtpRzl3MEJBUVVGQURDQnRERUxNQWtHQTFVRUJoTUNR"
+            + "bEl4DQpFekFSQmdOVkJBb1RDa2xEVUMxQ2NtRnphV3d4UFRBN0JnTlZCQXNU"
+            + "TkVsdWMzUnBkSFYwYnlCT1lXTnBiMjVoDQpiQ0JrWlNCVVpXTnViMnh2WjJs"
+            + "aElHUmhJRWx1Wm05eWJXRmpZVzhnTFNCSlZFa3hFVEFQQmdOVkJBY1RDRUp5"
+            + "DQpZWE5wYkdsaE1Rc3dDUVlEVlFRSUV3SkVSakV4TUM4R0ExVUVBeE1vUVhW"
+            + "MGIzSnBaR0ZrWlNCRFpYSjBhV1pwDQpZMkZrYjNKaElGSmhhWG9nUW5KaGMy"
+            + "bHNaV2x5WVRBZUZ3MHdNakEwTURReE9UTTVNREJhRncwd05UQTBNRFF5DQpN"
+            + "elU1TURCYU1HRXhDekFKQmdOVkJBWVRBa0pTTVJNd0VRWURWUVFLRXdwSlEx"
+            + "QXRRbkpoYzJsc01UMHdPd1lEDQpWUVFERXpSQmRYUnZjbWxrWVdSbElFTmxj"
+            + "blJwWm1sallXUnZjbUVnWkdFZ1VISmxjMmxrWlc1amFXRWdaR0VnDQpVbVZ3"
+            + "ZFdKc2FXTmhNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJD"
+            + "Z0tDQVFFQXMwc0t5NGsrDQp6b016aldyMTQxeTVYQ045UGJMZERFQXN2cjZ4"
+            + "Z0NCN1l5bEhIQ1NBYmpGR3dOQ0R5NlVxN1h0VjZ6UHdIMXpGDQpFWENlS3Jm"
+            + "UUl5YXBXSEZ4V1VKajBMblFrY1RZM1FOR1huK0JuVk9EVTZDV3M1c3NoZktH"
+            + "RXZyVlQ1Z214V1NmDQp4OFlsdDgzY1dwUE1QZzg3VDlCaHVIbHQzazh2M2Ev"
+            + "NmRPbmF2dytOYTAyZExBaDBlNzZqcCtQUS9LK0pHZlBuDQphQjVVWURrZkd0"
+            + "em5uTTNBV01tY3VJK0o0ek5OMDZaa3ZnbDFsdEo2UU1qcnZEUFlSak9ndDlT"
+            + "cklpY1NmbEo4DQptVDdHWGRRaXJnQUNXc3g1QURBSklRK253TU1vNHlyTUtx"
+            + "SlFhNFFDMHhhT0QvdkdVcG9SaDQzT0FTZFp3c3YvDQpPWFlybmVJeVAwVCs4"
+            + "UUlEQVFBQm80RzNNSUcwTUQwR0ExVWRId1EyTURRd01xQXdvQzZHTEdoMGRI"
+            + "QTZMeTloDQpZM0poYVhvdWFXTndZbkpoYzJsc0xtZHZkaTVpY2k5TVExSmhZ"
+            + "M0poYVhvdVkzSnNNQklHQTFVZElBUUxNQWt3DQpCd1lGWUV3QkFRRXdIUVlE"
+            + "VlIwT0JCWUVGREpUVFlKNE9TWVB5T09KZkVMZXhDaHppK2hiTUI4R0ExVWRJ"
+            + "d1FZDQpNQmFBRklyNjhWZUVFUk0xa0VMNlYwbFVhUTJreFBBM01BNEdBMVVk"
+            + "RHdFQi93UUVBd0lCQmpBUEJnTlZIUk1CDQpBZjhFQlRBREFRSC9NQTBHQ1Nx"
+            + "R1NJYjNEUUVCQlFVQUE0SUJBUUJRUFNoZ1lidnFjaWV2SDVVb3ZMeXhkbkYr"
+            + "DQpFcjlOeXF1SWNkMnZ3Y0N1SnpKMkQ3WDBUcWhHQ0JmUEpVVkdBVWorS0NP"
+            + "SDFCVkgva1l1OUhsVHB1MGtKWFBwDQpBQlZkb2hJUERqRHhkbjhXcFFSL0Yr"
+            + "ejFDaWtVcldIMDR4eTd1N1p6UUpLSlBuR0loY1FpOElyRm1PYkllMEc3DQpY"
+            + "WTZPTjdPRUZxY21KTFFHWWdtRzFXMklXcytQd1JwWTdENGhLVEFoVjFSNkVv"
+            + "amE1L3BPcmVDL09kZXlQWmVxDQo1SUZTOUZZZk02U0Npd2hrK3l2Q1FHbVo0"
+            + "YzE5SjM0ZjVFYkRrK1NQR2tEK25EQ0E3L3VMUWNUMlJURE14SzBaDQpuZlo2"
+            + "Nm1Sc0ZjcXRGaWdScjVFcmtKZDdoUVV6eHNOV0VrNzJEVUFIcVgvNlNjeWtt"
+            + "SkR2V0plSUpqZlcNCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0NCg==");
+
+        private byte[] AC_RAIZ_ICPBRASIL = Base64.Decode(
+            "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlFdURDQ0E2Q2dBd0lC"
+            + "QWdJQkJEQU5CZ2txaGtpRzl3MEJBUVVGQURDQnRERUxNQWtHQTFVRUJoTUNR"
+            + "bEl4DQpFekFSQmdOVkJBb1RDa2xEVUMxQ2NtRnphV3d4UFRBN0JnTlZCQXNU"
+            + "TkVsdWMzUnBkSFYwYnlCT1lXTnBiMjVoDQpiQ0JrWlNCVVpXTnViMnh2WjJs"
+            + "aElHUmhJRWx1Wm05eWJXRmpZVzhnTFNCSlZFa3hFVEFQQmdOVkJBY1RDRUp5"
+            + "DQpZWE5wYkdsaE1Rc3dDUVlEVlFRSUV3SkVSakV4TUM4R0ExVUVBeE1vUVhW"
+            + "MGIzSnBaR0ZrWlNCRFpYSjBhV1pwDQpZMkZrYjNKaElGSmhhWG9nUW5KaGMy"
+            + "bHNaV2x5WVRBZUZ3MHdNVEV4TXpBeE1qVTRNREJhRncweE1URXhNekF5DQpN"
+            + "elU1TURCYU1JRzBNUXN3Q1FZRFZRUUdFd0pDVWpFVE1CRUdBMVVFQ2hNS1NV"
+            + "TlFMVUp5WVhOcGJERTlNRHNHDQpBMVVFQ3hNMFNXNXpkR2wwZFhSdklFNWhZ"
+            + "Mmx2Ym1Gc0lHUmxJRlJsWTI1dmJHOW5hV0VnWkdFZ1NXNW1iM0p0DQpZV05o"
+            + "YnlBdElFbFVTVEVSTUE4R0ExVUVCeE1JUW5KaGMybHNhV0V4Q3pBSkJnTlZC"
+            + "QWdUQWtSR01URXdMd1lEDQpWUVFERXloQmRYUnZjbWxrWVdSbElFTmxjblJw"
+            + "Wm1sallXUnZjbUVnVW1GcGVpQkNjbUZ6YVd4bGFYSmhNSUlCDQpJakFOQmdr"
+            + "cWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBd1BNdWR3WC9odm0r"
+            + "VWgyYi9sUUFjSFZBDQppc2FtYUxrV2Rrd1A5L1MvdE9LSWdSckw2T3krWklH"
+            + "bE9VZGQ2dVl0azlNYS8zcFVwZ2NmTkFqMHZZbTVnc3lqDQpRbzllbXNjK3g2"
+            + "bTRWV3drOWlxTVpTQ0s1RVFrQXEvVXQ0bjdLdUxFMStnZGZ0d2RJZ3hmVXNQ"
+            + "dDRDeU5yWTUwDQpRVjU3S00yVVQ4eDVycm16RWpyN1RJQ0dwU1VBbDJnVnFl"
+            + "NnhhaWkrYm1ZUjFRcm1XYUJTQUc1OUxya3Jqcll0DQpiUmhGYm9VRGUxREsr"
+            + "NlQ4czVMNms4Yzhva3BiSHBhOXZlTXp0RFZDOXNQSjYwTVdYaDZhblZLbzFV"
+            + "Y0xjYlVSDQp5RWVOdlpuZVZSS0FBVTZvdXdkakR2d2xzYUt5ZEZLd2VkMFRv"
+            + "UTQ3Ym1VS2djbSt3VjNlVFJrMzZVT25Ud0lEDQpBUUFCbzRIU01JSFBNRTRH"
+            + "QTFVZElBUkhNRVV3UXdZRllFd0JBUUF3T2pBNEJnZ3JCZ0VGQlFjQ0FSWXNh"
+            + "SFIwDQpjRG92TDJGamNtRnBlaTVwWTNCaWNtRnphV3d1WjI5MkxtSnlMMFJR"
+            + "UTJGamNtRnBlaTV3WkdZd1BRWURWUjBmDQpCRFl3TkRBeW9EQ2dMb1lzYUhS"
+            + "MGNEb3ZMMkZqY21GcGVpNXBZM0JpY21GemFXd3VaMjkyTG1KeUwweERVbUZq"
+            + "DQpjbUZwZWk1amNtd3dIUVlEVlIwT0JCWUVGSXI2OFZlRUVSTTFrRUw2VjBs"
+            + "VWFRMmt4UEEzTUE4R0ExVWRFd0VCDQovd1FGTUFNQkFmOHdEZ1lEVlIwUEFR"
+            + "SC9CQVFEQWdFR01BMEdDU3FHU0liM0RRRUJCUVVBQTRJQkFRQVpBNWMxDQpV"
+            + "L2hnSWg2T2NnTEFmaUpnRldwdm1EWldxbFYzMC9iSEZwajhpQm9iSlNtNXVE"
+            + "cHQ3VGlyWWgxVXhlM2ZRYUdsDQpZakplKzl6ZCtpelBSYkJxWFBWUUEzNEVY"
+            + "Y3drNHFwV3VmMWhIcmlXZmRyeDhBY3FTcXI2Q3VRRndTcjc1Rm9zDQpTemx3"
+            + "REFEYTcwbVQ3d1pqQW1RaG5aeDJ4SjZ3ZldsVDlWUWZTLy9KWWVJYzdGdWUy"
+            + "Sk5MZDAwVU9TTU1haUsvDQp0NzllbktOSEVBMmZ1cEgzdkVpZ2Y1RWg0YlZB"
+            + "TjVWb2hyVG02TVk1M3g3WFFaWnIxTUU3YTU1bEZFblNlVDB1DQptbE9BalIy"
+            + "bUFidlNNNVg1b1NaTnJtZXRkenlUajJmbENNOENDN01MYWIwa2tkbmdSSWxV"
+            + "QkdIRjEvUzVubVBiDQpLKzlBNDZzZDMzb3FLOG44DQotLS0tLUVORCBDRVJU"
+            + "SUZJQ0FURS0tLS0tDQo=");
+
+        private byte[] schefer = Base64.Decode(
+            "MIIEnDCCBAWgAwIBAgICIPAwDQYJKoZIhvcNAQEEBQAwgcAxCzAJBgNVBAYT"
+            + "AkRFMQ8wDQYDVQQIEwZIRVNTRU4xGDAWBgNVBAcTDzY1MDA4IFdpZXNiYWRl"
+            + "bjEaMBgGA1UEChMRU0NIVUZBIEhPTERJTkcgQUcxGjAYBgNVBAsTEVNDSFVG"
+            + "QSBIT0xESU5HIEFHMSIwIAYDVQQDExlJbnRlcm5ldCBCZW51dHplciBTZXJ2"
+            + "aWNlMSowKAYJKoZIhvcNAQkBFht6ZXJ0aWZpa2F0QHNjaHVmYS1vbmxpbmUu"
+            + "ZGUwHhcNMDQwMzMwMTEwODAzWhcNMDUwMzMwMTEwODAzWjCBnTELMAkGA1UE"
+            + "BhMCREUxCjAIBgNVBAcTASAxIzAhBgNVBAoTGlNIUyBJbmZvcm1hdGlvbnNz"
+            + "eXN0ZW1lIEFHMRwwGgYDVQQLExM2MDAvMDU5NDktNjAwLzA1OTQ5MRgwFgYD"
+            + "VQQDEw9TY2hldHRlciBTdGVmYW4xJTAjBgkqhkiG9w0BCQEWFlN0ZWZhbi5T"
+            + "Y2hldHRlckBzaHMuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJD0"
+            + "95Bi76fkAMjJNTGPDiLPHmZXNsmakngDeS0juzKMeJA+TjXFouhYh6QyE4Bl"
+            + "Nf18fT4mInlgLefwf4t6meIWbiseeTo7VQdM+YrbXERMx2uHsRcgZMsiMYHM"
+            + "kVfYMK3SMJ4nhCmZxrBkoTRed4gXzVA1AA8YjjTqMyyjvt4TAgMBAAGjggHE"
+            + "MIIBwDAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIEsDALBgNVHQ8EBAMC"
+            + "BNAwOQYJYIZIAYb4QgENBCwWKlplcnRpZmlrYXQgbnVyIGZ1ZXIgU0NIVUZB"
+            + "LU9ubGluZSBndWVsdGlnLjAdBgNVHQ4EFgQUXReirhBfg0Yhf6MsBWoo/nPa"
+            + "hGwwge0GA1UdIwSB5TCB4oAUf2UyCaBV9JUeG9lS1Yo6OFBUdEKhgcakgcMw"
+            + "gcAxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZIRVNTRU4xGDAWBgNVBAcTDzY1"
+            + "MDA4IFdpZXNiYWRlbjEaMBgGA1UEChMRU0NIVUZBIEhPTERJTkcgQUcxGjAY"
+            + "BgNVBAsTEVNDSFVGQSBIT0xESU5HIEFHMSIwIAYDVQQDExlJbnRlcm5ldCBC"
+            + "ZW51dHplciBTZXJ2aWNlMSowKAYJKoZIhvcNAQkBFht6ZXJ0aWZpa2F0QHNj"
+            + "aHVmYS1vbmxpbmUuZGWCAQAwIQYDVR0RBBowGIEWU3RlZmFuLlNjaGV0dGVy"
+            + "QHNocy5kZTAmBgNVHRIEHzAdgRt6ZXJ0aWZpa2F0QHNjaHVmYS1vbmxpbmUu"
+            + "ZGUwDQYJKoZIhvcNAQEEBQADgYEAWzZtN9XQ9uyrFXqSy3hViYwV751+XZr0"
+            + "YH5IFhIS+9ixNAu8orP3bxqTaMhpwoU7T/oSsyGGSkb3fhzclgUADbA2lrOI"
+            + "GkeB/m+FArTwRbwpqhCNTwZywOp0eDosgPjCX1t53BB/m/2EYkRiYdDGsot0"
+            + "kQPOVGSjQSQ4+/D+TM8=");
+
+        public override void PerformTest()
+        {
+            X509CertificateParser certParser = new X509CertificateParser();
+            X509CrlParser crlParser = new X509CrlParser();
+
+            // initialise CertStore
+            X509Certificate rootCert = certParser.ReadCertificate(CertPathTest.rootCertBin);
+            X509Certificate interCert = certParser.ReadCertificate(CertPathTest.interCertBin);
+            X509Certificate finalCert = certParser.ReadCertificate(CertPathTest.finalCertBin);
+            X509Crl rootCrl = crlParser.ReadCrl(CertPathTest.rootCrlBin);
+            X509Crl interCrl = crlParser.ReadCrl(CertPathTest.interCrlBin);
+
+            IList x509Certs = new ArrayList();
+            x509Certs.Add(rootCert);
+            x509Certs.Add(interCert);
+            x509Certs.Add(finalCert);
+
+            IList x509Crls = new ArrayList();
+            x509Crls.Add(rootCrl);
+            x509Crls.Add(interCrl);
+
+//			CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
+//			CertStore store = CertStore.GetInstance("Collection", ccsp);
+//			X509CollectionStoreParameters ccsp = new X509CollectionStoreParameters(list);
+            IX509Store x509CertStore = X509StoreFactory.Create(
+                "Certificate/Collection",
+                new X509CollectionStoreParameters(x509Certs));
+            IX509Store x509CrlStore = X509StoreFactory.Create(
+                "CRL/Collection",
+                new X509CollectionStoreParameters(x509Crls));
+
+            // NB: Month is 1-based in .NET
+            //DateTime validDate = new DateTime(2008,9,4,14,49,10).ToUniversalTime();
+            DateTime validDate = new DateTime(2008, 9, 4, 5, 49, 10);
+
+            //validating path
+            IList certchain = new ArrayList();
+            certchain.Add(finalCert);
+            certchain.Add(interCert);
+//			CertPath cp = CertificateFactory.GetInstance("X.509").GenerateCertPath(certchain);
+            PkixCertPath cp = new PkixCertPath(certchain);
+            ISet trust = new HashSet();
+            trust.Add(new TrustAnchor(rootCert, null));
+
+//			CertPathValidator cpv = CertPathValidator.GetInstance("PKIX");
+            PkixCertPathValidator cpv = new PkixCertPathValidator();
+            PkixParameters param = new PkixParameters(trust);
+            param.AddStore(x509CertStore);
+            param.AddStore(x509CrlStore);
+            param.Date = new DateTimeObject(validDate);
+            MyChecker checker = new MyChecker();
+            param.AddCertPathChecker(checker);
+
+            PkixCertPathValidatorResult result = (PkixCertPathValidatorResult) cpv.Validate(cp, param);
+            PkixPolicyNode policyTree = result.PolicyTree;
+            AsymmetricKeyParameter subjectPublicKey = result.SubjectPublicKey;
+
+            if (checker.GetCount() != 2)
+            {
+                Fail("checker not evaluated for each certificate");
+            }
+            
+            if (!subjectPublicKey.Equals(finalCert.GetPublicKey()))
+            {
+                Fail("wrong public key returned");
+            }
+
+            //
+            // invalid path containing a valid one test
+            //
+            try
+            {
+                // initialise CertStore
+                rootCert = certParser.ReadCertificate(AC_RAIZ_ICPBRASIL);
+                interCert = certParser.ReadCertificate(AC_PR);
+                finalCert = certParser.ReadCertificate(schefer);
+
+                x509Certs = new ArrayList();
+                x509Certs.Add(rootCert);
+                x509Certs.Add(interCert);
+                x509Certs.Add(finalCert);
+
+//				ccsp = new CollectionCertStoreParameters(list);
+//				store = CertStore.GetInstance("Collection", ccsp);
+//				ccsp = new X509CollectionStoreParameters(list);
+                x509CertStore = X509StoreFactory.Create(
+                    "Certificate/Collection",
+                    new X509CollectionStoreParameters(x509Certs));
+
+                // NB: Month is 1-based in .NET
+                //validDate = new DateTime(2004,3,21,2,21,10).ToUniversalTime();
+                validDate = new DateTime(2004, 3, 20, 19, 21, 10);
+
+                //validating path
+                certchain = new ArrayList();
+                certchain.Add(finalCert);
+                certchain.Add(interCert);
+//				cp = CertificateFactory.GetInstance("X.509").GenerateCertPath(certchain);
+                cp = new PkixCertPath(certchain);
+                trust = new HashSet();
+                trust.Add(new TrustAnchor(rootCert, null));
+
+//				cpv = CertPathValidator.GetInstance("PKIX");
+                cpv = new PkixCertPathValidator();
+                param = new PkixParameters(trust);
+                param.AddStore(x509CertStore);
+                param.IsRevocationEnabled = false;
+                param.Date = new DateTimeObject(validDate);
+
+                result =(PkixCertPathValidatorResult) cpv.Validate(cp, param);
+                policyTree = result.PolicyTree;
+                subjectPublicKey = result.SubjectPublicKey;
+
+                Fail("Invalid path validated");
+            }
+            catch (Exception e)
+            {
+                if (e is PkixCertPathValidatorException 
+                    && e.Message.StartsWith("Could not validate certificate signature."))
+                {
+                    return;
+                }
+                Fail("unexpected exception", e);
+            }
+        }
+
+        public override string Name
+        {
+            get { return "CertPathValidator"; }
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new CertPathValidatorTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+
+        private class MyChecker
+            : PkixCertPathChecker
+        {
+            private static int count;
+
+            public override void Init(bool forward)
+            {
+            }
+
+            public override bool IsForwardCheckingSupported()
+            {
+                return true;
+            }
+
+            public override ISet GetSupportedExtensions()
+            {
+                return null;
+            }
+
+            public override void Check(X509Certificate cert, ICollection unresolvedCritExts)
+            {
+                count++;
+            }
+
+            public int GetCount()
+            {
+                return count;
+            }
+        }
+    }
+}
diff --git a/crypto/test/src/test/CertTest.cs b/crypto/test/src/test/CertTest.cs
new file mode 100644
index 000000000..382ff326d
--- /dev/null
+++ b/crypto/test/src/test/CertTest.cs
@@ -0,0 +1,2544 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Extension;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class CertTest
+		: SimpleTest
+	{
+		//
+		// server.crt
+		//
+		private static readonly byte[] cert1 = Base64.Decode(
+			"MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx"
+			+ "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY"
+			+ "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB"
+			+ "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ"
+			+ "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2"
+			+ "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW"
+			+ "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM"
+			+ "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l"
+			+ "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv"
+			+ "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re"
+			+ "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO"
+			+ "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE"
+			+ "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy"
+			+ "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0"
+			+ "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw"
+			+ "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL"
+			+ "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4"
+			+ "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF"
+			+ "5/8=");
+
+		//
+		// ca.crt
+		//
+		private static readonly byte[] cert2 = Base64.Decode(
+			"MIIDbDCCAtWgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx"
+			+ "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY"
+			+ "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB"
+			+ "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ"
+			+ "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU1MzNaFw0wMTA2"
+			+ "MDIwNzU1MzNaMIG3MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW"
+			+ "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM"
+			+ "dGQxHjAcBgNVBAsTFUNlcnRpZmljYXRlIEF1dGhvcml0eTEVMBMGA1UEAxMMQ29u"
+			+ "bmVjdCA0IENBMSgwJgYJKoZIhvcNAQkBFhl3ZWJtYXN0ZXJAY29ubmVjdDQuY29t"
+			+ "LmF1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgs5ptNG6Qv1ZpCDuUNGmv"
+			+ "rhjqMDPd3ri8JzZNRiiFlBA4e6/ReaO1U8ASewDeQMH6i9R6degFdQRLngbuJP0s"
+			+ "xcEE+SksEWNvygfzLwV9J/q+TQDyJYK52utb++lS0b48A1KPLwEsyL6kOAgelbur"
+			+ "ukwxowprKUIV7Knf1ajetQIDAQABo4GFMIGCMCQGA1UdEQQdMBuBGXdlYm1hc3Rl"
+			+ "ckBjb25uZWN0NC5jb20uYXUwDwYDVR0TBAgwBgEB/wIBADA2BglghkgBhvhCAQ0E"
+			+ "KRYnbW9kX3NzbCBnZW5lcmF0ZWQgY3VzdG9tIENBIGNlcnRpZmljYXRlMBEGCWCG"
+			+ "SAGG+EIBAQQEAwICBDANBgkqhkiG9w0BAQQFAAOBgQCsGvfdghH8pPhlwm1r3pQk"
+			+ "msnLAVIBb01EhbXm2861iXZfWqGQjrGAaA0ZpXNk9oo110yxoqEoSJSzniZa7Xtz"
+			+ "soTwNUpE0SLHvWf/SlKdFWlzXA+vOZbzEv4UmjeelekTm7lc01EEa5QRVzOxHFtQ"
+			+ "DhkaJ8VqOMajkQFma2r9iA==");
+
+		//
+		// testx509.pem
+		//
+		private static readonly byte[] cert3 = Base64.Decode(
+			"MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV"
+			+ "BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz"
+			+ "MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM"
+			+ "RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF"
+			+ "AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO"
+			+ "/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE"
+			+ "Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ"
+			+ "zl9HYIMxATFyqSiD9jsx");
+
+		//
+		// v3-cert1.pem
+		//
+		private static readonly byte[] cert4 = Base64.Decode(
+			"MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx"
+			+ "NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz"
+			+ "dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw"
+			+ "ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu"
+			+ "ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2"
+			+ "ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp"
+			+ "miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C"
+			+ "AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK"
+			+ "Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x"
+			+ "DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR"
+			+ "MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB"
+			+ "AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21"
+			+ "X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3"
+			+ "WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO");
+
+		//
+		// v3-cert2.pem
+		//
+		private static readonly byte[] cert5 = Base64.Decode(
+			"MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD"
+			+ "YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0"
+			+ "ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu"
+			+ "dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1"
+			+ "WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV"
+			+ "BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx"
+			+ "FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA"
+			+ "6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT"
+			+ "G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ"
+			+ "YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm"
+			+ "b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc"
+			+ "F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz"
+			+ "lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap"
+			+ "jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=");
+
+		//
+		// pem encoded pkcs7
+		//
+		private static readonly byte[] cert6 = Base64.Decode(
+			"MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJbzCCAj0w"
+			+ "ggGmAhEAzbp/VvDf5LxU/iKss3KqVTANBgkqhkiG9w0BAQIFADBfMQswCQYDVQQGEwJVUzEXMBUG"
+			+ "A1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGljIFByaW1hcnkgQ2Vy"
+			+ "dGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTYwMTI5MDAwMDAwWhcNMjgwODAxMjM1OTU5WjBfMQsw"
+			+ "CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVi"
+			+ "bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwgZ8wDQYJKoZIhvcNAQEBBQADgY0A"
+			+ "MIGJAoGBAOUZv22jVmEtmUhx9mfeuY3rt56GgAqRDvo4Ja9GiILlc6igmyRdDR/MZW4MsNBWhBiH"
+			+ "mgabEKFz37RYOWtuwfYV1aioP6oSBo0xrH+wNNePNGeICc0UEeJORVZpH3gCgNrcR5EpuzbJY1zF"
+			+ "4Ncth3uhtzKwezC6Ki8xqu6jZ9rbAgMBAAEwDQYJKoZIhvcNAQECBQADgYEATD+4i8Zo3+5DMw5d"
+			+ "6abLB4RNejP/khv0Nq3YlSI2aBFsfELM85wuxAc/FLAPT/+Qknb54rxK6Y/NoIAK98Up8YIiXbix"
+			+ "3YEjo3slFUYweRb46gVLlH8dwhzI47f0EEA8E8NfH1PoSOSGtHuhNbB7Jbq4046rPzidADQAmPPR"
+			+ "cZQwggMuMIICl6ADAgECAhEA0nYujRQMPX2yqCVdr+4NdTANBgkqhkiG9w0BAQIFADBfMQswCQYD"
+			+ "VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGlj"
+			+ "IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTgwNTEyMDAwMDAwWhcNMDgwNTEy"
+			+ "MjM1OTU5WjCBzDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy"
+			+ "dXN0IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9SUEEgSW5j"
+			+ "b3JwLiBCeSBSZWYuLExJQUIuTFREKGMpOTgxSDBGBgNVBAMTP1ZlcmlTaWduIENsYXNzIDEgQ0Eg"
+			+ "SW5kaXZpZHVhbCBTdWJzY3JpYmVyLVBlcnNvbmEgTm90IFZhbGlkYXRlZDCBnzANBgkqhkiG9w0B"
+			+ "AQEFAAOBjQAwgYkCgYEAu1pEigQWu1X9A3qKLZRPFXg2uA1Ksm+cVL+86HcqnbnwaLuV2TFBcHqB"
+			+ "S7lIE1YtxwjhhEKrwKKSq0RcqkLwgg4C6S/7wju7vsknCl22sDZCM7VuVIhPh0q/Gdr5FegPh7Yc"
+			+ "48zGmo5/aiSS4/zgZbqnsX7vyds3ashKyAkG5JkCAwEAAaN8MHowEQYJYIZIAYb4QgEBBAQDAgEG"
+			+ "MEcGA1UdIARAMD4wPAYLYIZIAYb4RQEHAQEwLTArBggrBgEFBQcCARYfd3d3LnZlcmlzaWduLmNv"
+			+ "bS9yZXBvc2l0b3J5L1JQQTAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0B"
+			+ "AQIFAAOBgQCIuDc73dqUNwCtqp/hgQFxHpJqbS/28Z3TymQ43BuYDAeGW4UVag+5SYWklfEXfWe0"
+			+ "fy0s3ZpCnsM+tI6q5QsG3vJWKvozx74Z11NMw73I4xe1pElCY+zCphcPXVgaSTyQXFWjZSAA/Rgg"
+			+ "5V+CprGoksVYasGNAzzrw80FopCubjCCA/gwggNhoAMCAQICEBbbn/1G1zppD6KsP01bwywwDQYJ"
+			+ "KoZIhvcNAQEEBQAwgcwxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2ln"
+			+ "biBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvUlBB"
+			+ "IEluY29ycC4gQnkgUmVmLixMSUFCLkxURChjKTk4MUgwRgYDVQQDEz9WZXJpU2lnbiBDbGFzcyAx"
+			+ "IENBIEluZGl2aWR1YWwgU3Vic2NyaWJlci1QZXJzb25hIE5vdCBWYWxpZGF0ZWQwHhcNMDAxMDAy"
+			+ "MDAwMDAwWhcNMDAxMjAxMjM1OTU5WjCCAQcxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYD"
+			+ "VQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3Jl"
+			+ "cG9zaXRvcnkvUlBBIEluY29ycC4gYnkgUmVmLixMSUFCLkxURChjKTk4MR4wHAYDVQQLExVQZXJz"
+			+ "b25hIE5vdCBWYWxpZGF0ZWQxJzAlBgNVBAsTHkRpZ2l0YWwgSUQgQ2xhc3MgMSAtIE1pY3Jvc29m"
+			+ "dDETMBEGA1UEAxQKRGF2aWQgUnlhbjElMCMGCSqGSIb3DQEJARYWZGF2aWRAbGl2ZW1lZGlhLmNv"
+			+ "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqxBsdeNmSvFqhMNwhQgNzM8mdjX9eSXb"
+			+ "DawpHtQHjmh0AKJSa3IwUY0VIsyZHuXWktO/CgaMBVPt6OVf/n0R2sQigMP6Y+PhEiS0vCJBL9aK"
+			+ "0+pOo2qXrjVBmq+XuCyPTnc+BOSrU26tJsX0P9BYorwySiEGxGanBNATdVL4NdUCAwEAAaOBnDCB"
+			+ "mTAJBgNVHRMEAjAAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQgwKjAoBggrBgEFBQcCARYcaHR0"
+			+ "cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTARBglghkgBhvhCAQEEBAMCB4AwMwYDVR0fBCwwKjAo"
+			+ "oCagJIYiaHR0cDovL2NybC52ZXJpc2lnbi5jb20vY2xhc3MxLmNybDANBgkqhkiG9w0BAQQFAAOB"
+			+ "gQBC8yIIdVGpFTf8/YiL14cMzcmL0nIRm4kGR3U59z7UtcXlfNXXJ8MyaeI/BnXwG/gD5OKYqW6R"
+			+ "yca9vZOxf1uoTBl82gInk865ED3Tej6msCqFzZffnSUQvOIeqLxxDlqYRQ6PmW2nAnZeyjcnbI5Y"
+			+ "syQSM2fmo7n6qJFP+GbFezGCAkUwggJBAgEBMIHhMIHMMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5j"
+			+ "LjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWdu"
+			+ "LmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNvcnAuIEJ5IFJlZi4sTElBQi5MVEQoYyk5ODFIMEYGA1UE"
+			+ "AxM/VmVyaVNpZ24gQ2xhc3MgMSBDQSBJbmRpdmlkdWFsIFN1YnNjcmliZXItUGVyc29uYSBOb3Qg"
+			+ "VmFsaWRhdGVkAhAW25/9Rtc6aQ+irD9NW8MsMAkGBSsOAwIaBQCggbowGAYJKoZIhvcNAQkDMQsG"
+			+ "CSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDAxMDAyMTczNTE4WjAjBgkqhkiG9w0BCQQxFgQU"
+			+ "gZjSaBEY2oxGvlQUIMnxSXhivK8wWwYJKoZIhvcNAQkPMU4wTDAKBggqhkiG9w0DBzAOBggqhkiG"
+			+ "9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwBwYFKw4DAh0w"
+			+ "DQYJKoZIhvcNAQEBBQAEgYAzk+PU91/ZFfoiuKOECjxEh9fDYE2jfDCheBIgh5gdcCo+sS1WQs8O"
+			+ "HreQ9Nop/JdJv1DQMBK6weNBBDoP0EEkRm1XCC144XhXZC82jBZohYmi2WvDbbC//YN58kRMYMyy"
+			+ "srrfn4Z9I+6kTriGXkrpGk9Q0LSGjmG2BIsqiF0dvwAAAAAAAA==");
+
+		//
+		// dsaWithSHA1 cert
+		//
+		private static readonly byte[] cert7 = Base64.Decode(
+			"MIIEXAYJKoZIhvcNAQcCoIIETTCCBEkCAQExCzAJBgUrDgMCGgUAMAsGCSqG"
+			+ "SIb3DQEHAaCCAsMwggK/MIIB4AIBADCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7"
+			+ "d8miwTMN55CUSmo3TO8WGCxgY61TX5k+7NU4XPf1TULjw3GobwaJX13kquPh"
+			+ "fVXk+gVy46n4Iw3hAhUBSe/QF4BUj+pJOF9ROBM4u+FEWA8CQQD4mSJbrABj"
+			+ "TUWrlnAte8pS22Tq4/FPO7jHSqjijUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/z"
+			+ "m8Q12PFp/PjOhh+nMA4xDDAKBgNVBAMTA0lEMzAeFw05NzEwMDEwMDAwMDBa"
+			+ "Fw0zODAxMDEwMDAwMDBaMA4xDDAKBgNVBAMTA0lEMzCB8DCBpwYFKw4DAhsw"
+			+ "gZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxgY61TX5k+7NU4XPf1TULj"
+			+ "w3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/QF4BUj+pJOF9ROBM4u+FE"
+			+ "WA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jHSqjijUHfXKTrHL1OEqV3"
+			+ "SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nA0QAAkEAkYkXLYMtGVGWj9OnzjPn"
+			+ "sB9sefSRPrVegZJCZbpW+Iv0/1RP1u04pHG9vtRpIQLjzUiWvLMU9EKQTThc"
+			+ "eNMmWDCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxg"
+			+ "Y61TX5k+7NU4XPf1TULjw3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/Q"
+			+ "F4BUj+pJOF9ROBM4u+FEWA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jH"
+			+ "SqjijUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nAy8AMCwC"
+			+ "FBY3dBSdeprGcqpr6wr3xbG+6WW+AhRMm/facKJNxkT3iKgJbp7R8Xd3QTGC"
+			+ "AWEwggFdAgEBMBMwDjEMMAoGA1UEAxMDSUQzAgEAMAkGBSsOAwIaBQCgXTAY"
+			+ "BgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wMjA1"
+			+ "MjQyMzEzMDdaMCMGCSqGSIb3DQEJBDEWBBS4WMsoJhf7CVbZYCFcjoTRzPkJ"
+			+ "xjCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxgY61T"
+			+ "X5k+7NU4XPf1TULjw3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/QF4BU"
+			+ "j+pJOF9ROBM4u+FEWA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jHSqji"
+			+ "jUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nBC8wLQIVALID"
+			+ "dt+MHwawrDrwsO1Z6sXBaaJsAhRaKssrpevmLkbygKPV07XiAKBG02Zvb2Jh"
+			+ "cg==");
+
+		//
+		// testcrl.pem
+		//
+		private static readonly byte[] crl1 = Base64.Decode(
+			"MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT"
+			+ "F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy"
+			+ "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw"
+			+ "MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw"
+			+ "MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw"
+			+ "MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw"
+			+ "MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw"
+			+ "MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw"
+			+ "MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw"
+			+ "NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw"
+			+ "NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF"
+			+ "AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ"
+			+ "wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt"
+			+ "JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v");
+
+		//
+		// ecdsa cert with extra octet string.
+		//
+//		private static readonly byte[] oldEcdsa = Base64.Decode(
+//			"MIICljCCAkCgAwIBAgIBATALBgcqhkjOPQQBBQAwgY8xCzAJBgNVBAYTAkFVMSgwJ"
+//			+ "gYDVQQKEx9UaGUgTGVnaW9uIG9mIHRoZSBCb3VuY3kgQ2FzdGxlMRIwEAYDVQQHEw"
+//			+ "lNZWxib3VybmUxETAPBgNVBAgTCFZpY3RvcmlhMS8wLQYJKoZIhvcNAQkBFiBmZWV"
+//			+ "kYmFjay1jcnlwdG9AYm91bmN5Y2FzdGxlLm9yZzAeFw0wMTEyMDcwMTAwMDRaFw0w"
+//			+ "MTEyMDcwMTAxNDRaMIGPMQswCQYDVQQGEwJBVTEoMCYGA1UEChMfVGhlIExlZ2lvb"
+//			+ "iBvZiB0aGUgQm91bmN5IENhc3RsZTESMBAGA1UEBxMJTWVsYm91cm5lMREwDwYDVQ"
+//			+ "QIEwhWaWN0b3JpYTEvMC0GCSqGSIb3DQEJARYgZmVlZGJhY2stY3J5cHRvQGJvdW5"
+//			+ "jeWNhc3RsZS5vcmcwgeQwgb0GByqGSM49AgEwgbECAQEwKQYHKoZIzj0BAQIef///"
+//			+ "////////////f///////gAAAAAAAf///////MEAEHn///////////////3///////"
+//			+ "4AAAAAAAH///////AQeawFsO9zxiUHQ1lSSFHXKcanbL7J9HTd5YYXClCwKBB8CD/"
+//			+ "qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqvAh5///////////////9///+eXpq"
+//			+ "fXZBx+9FSJoiQnQsDIgAEHwJbbcU7xholSP+w9nFHLebJUhqdLSU05lq/y9X+DHAw"
+//			+ "CwYHKoZIzj0EAQUAA0MAMEACHnz6t4UNoVROp74ma4XNDjjGcjaqiIWPZLK8Bdw3G"
+//			+ "QIeLZ4j3a6ividZl344UH+UPUE7xJxlYGuy7ejTsqRR");
+
+		private static readonly byte[] uncompressedPtEC = Base64.Decode(
+			"MIIDKzCCAsGgAwIBAgICA+kwCwYHKoZIzj0EAQUAMGYxCzAJBgNVBAYTAkpQ"
+			+ "MRUwEwYDVQQKEwxuaXRlY2guYWMuanAxDjAMBgNVBAsTBWFpbGFiMQ8wDQYD"
+			+ "VQQDEwZ0ZXN0Y2ExHzAdBgkqhkiG9w0BCQEWEHRlc3RjYUBsb2NhbGhvc3Qw"
+			+ "HhcNMDExMDEzMTE1MzE3WhcNMjAxMjEyMTE1MzE3WjBmMQswCQYDVQQGEwJK"
+			+ "UDEVMBMGA1UEChMMbml0ZWNoLmFjLmpwMQ4wDAYDVQQLEwVhaWxhYjEPMA0G"
+			+ "A1UEAxMGdGVzdGNhMR8wHQYJKoZIhvcNAQkBFhB0ZXN0Y2FAbG9jYWxob3N0"
+			+ "MIIBczCCARsGByqGSM49AgEwggEOAgEBMDMGByqGSM49AQECKEdYWnajFmnZ"
+			+ "tzrukK2XWdle2v+GsD9l1ZiR6g7ozQDbhFH/bBiMDQcwVAQoJ5EQKrI54/CT"
+			+ "xOQ2pMsd/fsXD+EX8YREd8bKHWiLz8lIVdD5cBNeVwQoMKSc6HfI7vKZp8Q2"
+			+ "zWgIFOarx1GQoWJbMcSt188xsl30ncJuJT2OoARRBAqJ4fD+q6hbqgNSjTQ7"
+			+ "htle1KO3eiaZgcJ8rrnyN8P+5A8+5K+H9aQ/NbBR4Gs7yto5PXIUZEUgodHA"
+			+ "TZMSAcSq5ZYt4KbnSYaLY0TtH9CqAigEwZ+hglbT21B7ZTzYX2xj0x+qooJD"
+			+ "hVTLtIPaYJK2HrMPxTw6/zfrAgEPA1IABAnvfFcFDgD/JicwBGn6vR3N8MIn"
+			+ "mptZf/mnJ1y649uCF60zOgdwIyI7pVSxBFsJ7ohqXEHW0x7LrGVkdSEiipiH"
+			+ "LYslqh3xrqbAgPbl93GUo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB"
+			+ "/wQEAwIBxjAdBgNVHQ4EFgQUAEo62Xm9H6DcsE0zUDTza4BRG90wCwYHKoZI"
+			+ "zj0EAQUAA1cAMFQCKAQsCHHSNOqfJXLgt3bg5+k49hIBGVr/bfG0B9JU3rNt"
+			+ "Ycl9Y2zfRPUCKAK2ccOQXByAWfsasDu8zKHxkZv7LVDTFjAIffz3HaCQeVhD"
+			+ "z+fauEg=");
+
+		private static readonly byte[] keyUsage = Base64.Decode(
+			"MIIE7TCCBFagAwIBAgIEOAOR7jANBgkqhkiG9w0BAQQFADCByTELMAkGA1UE"
+			+ "BhMCVVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MUgwRgYDVQQLFD93d3cuZW50"
+			+ "cnVzdC5uZXQvQ2xpZW50X0NBX0luZm8vQ1BTIGluY29ycC4gYnkgcmVmLiBs"
+			+ "aW1pdHMgbGlhYi4xJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExp"
+			+ "bWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENsaWVudCBDZXJ0aWZpY2F0"
+			+ "aW9uIEF1dGhvcml0eTAeFw05OTEwMTIxOTI0MzBaFw0xOTEwMTIxOTU0MzBa"
+			+ "MIHJMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxSDBGBgNV"
+			+ "BAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0FfSW5mby9DUFMgaW5jb3Jw"
+			+ "LiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UECxMcKGMpIDE5OTkgRW50"
+			+ "cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5uZXQgQ2xpZW50"
+			+ "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUAA4GL"
+			+ "ADCBhwKBgQDIOpleMRffrCdvkHvkGf9FozTC28GoT/Bo6oT9n3V5z8GKUZSv"
+			+ "x1cDR2SerYIbWtp/N3hHuzeYEpbOxhN979IMMFGpOZ5V+Pux5zDeg7K6PvHV"
+			+ "iTs7hbqqdCz+PzFur5GVbgbUB01LLFZHGARS2g4Qk79jkJvh34zmAqTmT173"
+			+ "iwIBA6OCAeAwggHcMBEGCWCGSAGG+EIBAQQEAwIABzCCASIGA1UdHwSCARkw"
+			+ "ggEVMIHkoIHhoIHepIHbMIHYMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50"
+			+ "cnVzdC5uZXQxSDBGBgNVBAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0Ff"
+			+ "SW5mby9DUFMgaW5jb3JwLiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UE"
+			+ "CxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50"
+			+ "cnVzdC5uZXQgQ2xpZW50IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MQ0wCwYD"
+			+ "VQQDEwRDUkwxMCygKqAohiZodHRwOi8vd3d3LmVudHJ1c3QubmV0L0NSTC9D"
+			+ "bGllbnQxLmNybDArBgNVHRAEJDAigA8xOTk5MTAxMjE5MjQzMFqBDzIwMTkx"
+			+ "MDEyMTkyNDMwWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUxPucKXuXzUyW"
+			+ "/O5bs8qZdIuV6kwwHQYDVR0OBBYEFMT7nCl7l81MlvzuW7PKmXSLlepMMAwG"
+			+ "A1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EABAwwChsEVjQuMAMCBJAwDQYJKoZI"
+			+ "hvcNAQEEBQADgYEAP66K8ddmAwWePvrqHEa7pFuPeJoSSJn59DXeDDYHAmsQ"
+			+ "OokUgZwxpnyyQbJq5wcBoUv5nyU7lsqZwz6hURzzwy5E97BnRqqS5TvaHBkU"
+			+ "ODDV4qIxJS7x7EU47fgGWANzYrAQMY9Av2TgXD7FTx/aEkP/TOYGJqibGapE"
+			+ "PHayXOw=");
+
+		private static readonly byte[] nameCert = Base64.Decode(
+			"MIIEFjCCA3+gAwIBAgIEdS8BozANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJE"+
+			"RTERMA8GA1UEChQIREFURVYgZUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRQ0Eg"+
+			"REFURVYgRDAzIDE6UE4wIhgPMjAwMTA1MTAxMDIyNDhaGA8yMDA0MDUwOTEwMjI0"+
+			"OFowgYQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIFAZCYXllcm4xEjAQBgNVBAcUCU7I"+
+			"dXJuYmVyZzERMA8GA1UEChQIREFURVYgZUcxHTAbBgNVBAUTFDAwMDAwMDAwMDA4"+
+			"OTU3NDM2MDAxMR4wHAYDVQQDFBVEaWV0bWFyIFNlbmdlbmxlaXRuZXIwgaEwDQYJ"+
+			"KoZIhvcNAQEBBQADgY8AMIGLAoGBAJLI/LJLKaHoMk8fBECW/od8u5erZi6jI8Ug"+
+			"C0a/LZyQUO/R20vWJs6GrClQtXB+AtfiBSnyZOSYzOdfDI8yEKPEv8qSuUPpOHps"+
+			"uNCFdLZF1vavVYGEEWs2+y+uuPmg8q1oPRyRmUZ+x9HrDvCXJraaDfTEd9olmB/Z"+
+			"AuC/PqpjAgUAwAAAAaOCAcYwggHCMAwGA1UdEwEB/wQCMAAwDwYDVR0PAQH/BAUD"+
+			"AwdAADAxBgNVHSAEKjAoMCYGBSskCAEBMB0wGwYIKwYBBQUHAgEWD3d3dy56cy5k"+
+			"YXRldi5kZTApBgNVHREEIjAggR5kaWV0bWFyLnNlbmdlbmxlaXRuZXJAZGF0ZXYu"+
+			"ZGUwgYQGA1UdIwR9MHuhc6RxMG8xCzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1"+
+			"bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0"+
+			"MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjVSLUNBIDE6UE6CBACm8LkwDgYHAoIG"+
+			"AQoMAAQDAQEAMEcGA1UdHwRAMD4wPKAUoBKGEHd3dy5jcmwuZGF0ZXYuZGWiJKQi"+
+			"MCAxCzAJBgNVBAYTAkRFMREwDwYDVQQKFAhEQVRFViBlRzAWBgUrJAgDBAQNMAsT"+
+			"A0VVUgIBBQIBATAdBgNVHQ4EFgQUfv6xFP0xk7027folhy+ziZvBJiwwLAYIKwYB"+
+			"BQUHAQEEIDAeMBwGCCsGAQUFBzABhhB3d3cuZGlyLmRhdGV2LmRlMA0GCSqGSIb3"+
+			"DQEBBQUAA4GBAEOVX6uQxbgtKzdgbTi6YLffMftFr2mmNwch7qzpM5gxcynzgVkg"+
+			"pnQcDNlm5AIbS6pO8jTCLfCd5TZ5biQksBErqmesIl3QD+VqtB+RNghxectZ3VEs"+
+			"nCUtcE7tJ8O14qwCb3TxS9dvIUFiVi4DjbxX46TdcTbTaK8/qr6AIf+l");
+
+		private static readonly byte[] probSelfSignedCert = Base64.Decode(
+			"MIICxTCCAi6gAwIBAgIQAQAAAAAAAAAAAAAAAAAAATANBgkqhkiG9w0BAQUFADBF"
+			+ "MScwJQYDVQQKEx4gRElSRUNUSU9OIEdFTkVSQUxFIERFUyBJTVBPVFMxGjAYBgNV"
+			+ "BAMTESBBQyBNSU5FRkkgQiBURVNUMB4XDTA0MDUwNzEyMDAwMFoXDTE0MDUwNzEy"
+			+ "MDAwMFowRTEnMCUGA1UEChMeIERJUkVDVElPTiBHRU5FUkFMRSBERVMgSU1QT1RT"
+			+ "MRowGAYDVQQDExEgQUMgTUlORUZJIEIgVEVTVDCBnzANBgkqhkiG9w0BAQEFAAOB"
+			+ "jQAwgYkCgYEAveoCUOAukZdcFCs2qJk76vSqEX0ZFzHqQ6faBPZWjwkgUNwZ6m6m"
+			+ "qWvvyq1cuxhoDvpfC6NXILETawYc6MNwwxsOtVVIjuXlcF17NMejljJafbPximEt"
+			+ "DQ4LcQeSp4K7FyFlIAMLyt3BQ77emGzU5fjFTvHSUNb3jblx0sV28c0CAwEAAaOB"
+			+ "tTCBsjAfBgNVHSMEGDAWgBSEJ4bLbvEQY8cYMAFKPFD1/fFXlzAdBgNVHQ4EFgQU"
+			+ "hCeGy27xEGPHGDABSjxQ9f3xV5cwDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIB"
+			+ "AQQEAwIBBjA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vYWRvbmlzLnBrNy5jZXJ0"
+			+ "cGx1cy5uZXQvZGdpLXRlc3QuY3JsMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcN"
+			+ "AQEFBQADgYEAmToHJWjd3+4zknfsP09H6uMbolHNGG0zTS2lrLKpzcmkQfjhQpT9"
+			+ "LUTBvfs1jdjo9fGmQLvOG+Sm51Rbjglb8bcikVI5gLbclOlvqLkm77otjl4U4Z2/"
+			+ "Y0vP14Aov3Sn3k+17EfReYUZI4liuB95ncobC4e8ZM++LjQcIM0s+Vs=");
+
+
+		private static readonly byte[] gost34102001base = Base64.Decode(
+			"MIIB1DCCAYECEEjpVKXP6Wn1yVz3VeeDQa8wCgYGKoUDAgIDBQAwbTEfMB0G"
+			+ "A1UEAwwWR29zdFIzNDEwLTIwMDEgZXhhbXBsZTESMBAGA1UECgwJQ3J5cHRv"
+			+ "UHJvMQswCQYDVQQGEwJSVTEpMCcGCSqGSIb3DQEJARYaR29zdFIzNDEwLTIw"
+			+ "MDFAZXhhbXBsZS5jb20wHhcNMDUwMjAzMTUxNjQ2WhcNMTUwMjAzMTUxNjQ2"
+			+ "WjBtMR8wHQYDVQQDDBZHb3N0UjM0MTAtMjAwMSBleGFtcGxlMRIwEAYDVQQK"
+			+ "DAlDcnlwdG9Qcm8xCzAJBgNVBAYTAlJVMSkwJwYJKoZIhvcNAQkBFhpHb3N0"
+			+ "UjM0MTAtMjAwMUBleGFtcGxlLmNvbTBjMBwGBiqFAwICEzASBgcqhQMCAiQA"
+			+ "BgcqhQMCAh4BA0MABECElWh1YAIaQHUIzROMMYks/eUFA3pDXPRtKw/nTzJ+"
+			+ "V4/rzBa5lYgD0Jp8ha4P5I3qprt+VsfLsN8PZrzK6hpgMAoGBiqFAwICAwUA"
+			+ "A0EAHw5dw/aw/OiNvHyOE65kvyo4Hp0sfz3csM6UUkp10VO247ofNJK3tsLb"
+			+ "HOLjUaqzefrlGb11WpHYrvWFg+FcLA==");
+
+		private static readonly byte[] gost341094base = Base64.Decode(
+			"MIICDzCCAbwCEBcxKsIb0ghYvAQeUjfQdFAwCgYGKoUDAgIEBQAwaTEdMBsG"
+			+ "A1UEAwwUR29zdFIzNDEwLTk0IGV4YW1wbGUxEjAQBgNVBAoMCUNyeXB0b1By"
+			+ "bzELMAkGA1UEBhMCUlUxJzAlBgkqhkiG9w0BCQEWGEdvc3RSMzQxMC05NEBl"
+			+ "eGFtcGxlLmNvbTAeFw0wNTAyMDMxNTE2NTFaFw0xNTAyMDMxNTE2NTFaMGkx"
+			+ "HTAbBgNVBAMMFEdvc3RSMzQxMC05NCBleGFtcGxlMRIwEAYDVQQKDAlDcnlw"
+			+ "dG9Qcm8xCzAJBgNVBAYTAlJVMScwJQYJKoZIhvcNAQkBFhhHb3N0UjM0MTAt"
+			+ "OTRAZXhhbXBsZS5jb20wgaUwHAYGKoUDAgIUMBIGByqFAwICIAIGByqFAwIC"
+			+ "HgEDgYQABIGAu4Rm4XmeWzTYLIB/E6gZZnFX/oxUJSFHbzALJ3dGmMb7R1W+"
+			+ "t7Lzk2w5tUI3JoTiDRCKJA4fDEJNKzsRK6i/ZjkyXJSLwaj+G2MS9gklh8x1"
+			+ "G/TliYoJgmjTXHemD7aQEBON4z58nJHWrA0ILD54wbXCtrcaqCqLRYGTMjJ2"
+			+ "+nswCgYGKoUDAgIEBQADQQBxKNhOmjgz/i5CEgLOyKyz9pFGkDcaymsWYQWV"
+			+ "v7CZ0pTM8IzMzkUBW3GHsUjCFpanFZDfg2zuN+3kT+694n9B");
+
+		private static readonly byte[] gost341094A = Base64.Decode(
+			"MIICSDCCAfWgAwIBAgIBATAKBgYqhQMCAgQFADCBgTEXMBUGA1UEAxMOZGVmYXVsdDM0MTAtOTQx"
+			+ "DTALBgNVBAoTBERpZ3QxDzANBgNVBAsTBkNyeXB0bzEOMAwGA1UEBxMFWS1vbGExDDAKBgNVBAgT"
+			+ "A01FTDELMAkGA1UEBhMCcnUxGzAZBgkqhkiG9w0BCQEWDHRlc3RAdGVzdC5ydTAeFw0wNTAzMjkx"
+			+ "MzExNTdaFw0wNjAzMjkxMzExNTdaMIGBMRcwFQYDVQQDEw5kZWZhdWx0MzQxMC05NDENMAsGA1UE"
+			+ "ChMERGlndDEPMA0GA1UECxMGQ3J5cHRvMQ4wDAYDVQQHEwVZLW9sYTEMMAoGA1UECBMDTUVMMQsw"
+			+ "CQYDVQQGEwJydTEbMBkGCSqGSIb3DQEJARYMdGVzdEB0ZXN0LnJ1MIGlMBwGBiqFAwICFDASBgcq"
+			+ "hQMCAiACBgcqhQMCAh4BA4GEAASBgIQACDLEuxSdRDGgdZxHmy30g/DUYkRxO9Mi/uSHX5NjvZ31"
+			+ "b7JMEMFqBtyhql1HC5xZfUwZ0aT3UnEFDfFjLP+Bf54gA+LPkQXw4SNNGOj+klnqgKlPvoqMGlwa"
+			+ "+hLPKbS561WpvB2XSTgbV+pqqXR3j6j30STmybelEV3RdS2Now8wDTALBgNVHQ8EBAMCB4AwCgYG"
+			+ "KoUDAgIEBQADQQBCFy7xWRXtNVXflKvDs0pBdBuPzjCMeZAXVxK8vUxsxxKu76d9CsvhgIFknFRi"
+			+ "wWTPiZenvNoJ4R1uzeX+vREm");
+
+		private static readonly byte[] gost341094B = Base64.Decode(
+			"MIICSDCCAfWgAwIBAgIBATAKBgYqhQMCAgQFADCBgTEXMBUGA1UEAxMOcGFyYW0xLTM0MTAtOTQx"
+			+  "DTALBgNVBAoTBERpZ3QxDzANBgNVBAsTBkNyeXB0bzEOMAwGA1UEBxMFWS1PbGExDDAKBgNVBAgT"
+			+  "A01lbDELMAkGA1UEBhMCcnUxGzAZBgkqhkiG9w0BCQEWDHRlc3RAdGVzdC5ydTAeFw0wNTAzMjkx"
+			+  "MzEzNTZaFw0wNjAzMjkxMzEzNTZaMIGBMRcwFQYDVQQDEw5wYXJhbTEtMzQxMC05NDENMAsGA1UE"
+			+  "ChMERGlndDEPMA0GA1UECxMGQ3J5cHRvMQ4wDAYDVQQHEwVZLU9sYTEMMAoGA1UECBMDTWVsMQsw"
+			+  "CQYDVQQGEwJydTEbMBkGCSqGSIb3DQEJARYMdGVzdEB0ZXN0LnJ1MIGlMBwGBiqFAwICFDASBgcq"
+			+  "hQMCAiADBgcqhQMCAh4BA4GEAASBgEa+AAcZmijWs1M9x5Pn9efE8D9ztG1NMoIt0/hNZNqln3+j"
+			+  "lMZjyqPt+kTLIjtmvz9BRDmIDk6FZz+4LhG2OTL7yGpWfrMxMRr56nxomTN9aLWRqbyWmn3brz9Y"
+			+  "AUD3ifnwjjIuW7UM84JNlDTOdxx0XRUfLQIPMCXe9cO02Xskow8wDTALBgNVHQ8EBAMCB4AwCgYG"
+			+  "KoUDAgIEBQADQQBzFcnuYc/639OTW+L5Ecjw9KxGr+dwex7lsS9S1BUgKa3m1d5c+cqI0B2XUFi5"
+			+  "4iaHHJG0dCyjtQYLJr0OZjRw");
+
+		private static readonly byte[] gost34102001A = Base64.Decode(
+			"MIICCzCCAbigAwIBAgIBATAKBgYqhQMCAgMFADCBhDEaMBgGA1UEAxMRZGVmYXVsdC0zNDEwLTIw"
+			+ "MDExDTALBgNVBAoTBERpZ3QxDzANBgNVBAsTBkNyeXB0bzEOMAwGA1UEBxMFWS1PbGExDDAKBgNV"
+			+ "BAgTA01lbDELMAkGA1UEBhMCcnUxGzAZBgkqhkiG9w0BCQEWDHRlc3RAdGVzdC5ydTAeFw0wNTAz"
+			+ "MjkxMzE4MzFaFw0wNjAzMjkxMzE4MzFaMIGEMRowGAYDVQQDExFkZWZhdWx0LTM0MTAtMjAwMTEN"
+			+ "MAsGA1UEChMERGlndDEPMA0GA1UECxMGQ3J5cHRvMQ4wDAYDVQQHEwVZLU9sYTEMMAoGA1UECBMD"
+			+ "TWVsMQswCQYDVQQGEwJydTEbMBkGCSqGSIb3DQEJARYMdGVzdEB0ZXN0LnJ1MGMwHAYGKoUDAgIT"
+			+ "MBIGByqFAwICIwEGByqFAwICHgEDQwAEQG/4c+ZWb10IpeHfmR+vKcbpmSOClJioYmCVgnojw0Xn"
+			+ "ned0KTg7TJreRUc+VX7vca4hLQaZ1o/TxVtfEApK/O6jDzANMAsGA1UdDwQEAwIHgDAKBgYqhQMC"
+			+ "AgMFAANBAN8y2b6HuIdkD3aWujpfQbS1VIA/7hro4vLgDhjgVmev/PLzFB8oTh3gKhExpDo82IEs"
+			+ "ZftGNsbbyp1NFg7zda0=");
+
+		private static readonly byte[] gostCA1 = Base64.Decode(
+			"MIIDNDCCAuGgAwIBAgIQZLcKDcWcQopF+jp4p9jylDAKBgYqhQMCAgQFADBm"
+			+ "MQswCQYDVQQGEwJSVTEPMA0GA1UEBxMGTW9zY293MRcwFQYDVQQKEw5PT08g"
+			+ "Q3J5cHRvLVBybzEUMBIGA1UECxMLRGV2ZWxvcG1lbnQxFzAVBgNVBAMTDkNQ"
+			+ "IENTUCBUZXN0IENBMB4XDTAyMDYwOTE1NTIyM1oXDTA5MDYwOTE1NTkyOVow"
+			+ "ZjELMAkGA1UEBhMCUlUxDzANBgNVBAcTBk1vc2NvdzEXMBUGA1UEChMOT09P"
+			+ "IENyeXB0by1Qcm8xFDASBgNVBAsTC0RldmVsb3BtZW50MRcwFQYDVQQDEw5D"
+			+ "UCBDU1AgVGVzdCBDQTCBpTAcBgYqhQMCAhQwEgYHKoUDAgIgAgYHKoUDAgIe"
+			+ "AQOBhAAEgYAYglywKuz1nMc9UiBYOaulKy53jXnrqxZKbCCBSVaJ+aCKbsQm"
+			+ "glhRFrw6Mwu8Cdeabo/ojmea7UDMZd0U2xhZFRti5EQ7OP6YpqD0alllo7za"
+			+ "4dZNXdX+/ag6fOORSLFdMpVx5ganU0wHMPk67j+audnCPUj/plbeyccgcdcd"
+			+ "WaOCASIwggEeMAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud"
+			+ "DgQWBBTe840gTo4zt2twHilw3PD9wJaX0TCBygYDVR0fBIHCMIG/MDygOqA4"
+			+ "hjYtaHR0cDovL2ZpZXdhbGwvQ2VydEVucm9sbC9DUCUyMENTUCUyMFRlc3Ql"
+			+ "MjBDQSgzKS5jcmwwRKBCoECGPmh0dHA6Ly93d3cuY3J5cHRvcHJvLnJ1L0Nl"
+			+ "cnRFbnJvbGwvQ1AlMjBDU1AlMjBUZXN0JTIwQ0EoMykuY3JsMDmgN6A1hjMt"
+			+ "ZmlsZTovL1xcZmlld2FsbFxDZXJ0RW5yb2xsXENQIENTUCBUZXN0IENBKDMp"
+			+ "LmNybC8wEgYJKwYBBAGCNxUBBAUCAwMAAzAKBgYqhQMCAgQFAANBAIJi7ni7"
+			+ "9rwMR5rRGTFftt2k70GbqyUEfkZYOzrgdOoKiB4IIsIstyBX0/ne6GsL9Xan"
+			+ "G2IN96RB7KrowEHeW+k=");
+
+		private static readonly byte[] gostCA2 = Base64.Decode(
+			"MIIC2DCCAoWgAwIBAgIQe9ZCugm42pRKNcHD8466zTAKBgYqhQMCAgMFADB+"
+			+ "MRowGAYJKoZIhvcNAQkBFgtzYmFAZGlndC5ydTELMAkGA1UEBhMCUlUxDDAK"
+			+ "BgNVBAgTA01FTDEUMBIGA1UEBxMLWW9zaGthci1PbGExDTALBgNVBAoTBERp"
+			+ "Z3QxDzANBgNVBAsTBkNyeXB0bzEPMA0GA1UEAxMGc2JhLUNBMB4XDTA0MDgw"
+			+ "MzEzMzE1OVoXDTE0MDgwMzEzNDAxMVowfjEaMBgGCSqGSIb3DQEJARYLc2Jh"
+			+ "QGRpZ3QucnUxCzAJBgNVBAYTAlJVMQwwCgYDVQQIEwNNRUwxFDASBgNVBAcT"
+			+ "C1lvc2hrYXItT2xhMQ0wCwYDVQQKEwREaWd0MQ8wDQYDVQQLEwZDcnlwdG8x"
+			+ "DzANBgNVBAMTBnNiYS1DQTBjMBwGBiqFAwICEzASBgcqhQMCAiMBBgcqhQMC"
+			+ "Ah4BA0MABEDMSy10CuOH+i8QKG2UWA4XmCt6+BFrNTZQtS6bOalyDY8Lz+G7"
+			+ "HybyipE3PqdTB4OIKAAPsEEeZOCZd2UXGQm5o4HaMIHXMBMGCSsGAQQBgjcU"
+			+ "AgQGHgQAQwBBMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud"
+			+ "DgQWBBRJJl3LcNMxkZI818STfoi3ng1xoDBxBgNVHR8EajBoMDGgL6Athito"
+			+ "dHRwOi8vc2JhLmRpZ3QubG9jYWwvQ2VydEVucm9sbC9zYmEtQ0EuY3JsMDOg"
+			+ "MaAvhi1maWxlOi8vXFxzYmEuZGlndC5sb2NhbFxDZXJ0RW5yb2xsXHNiYS1D"
+			+ "QS5jcmwwEAYJKwYBBAGCNxUBBAMCAQAwCgYGKoUDAgIDBQADQQA+BRJHbc/p"
+			+ "q8EYl6iJqXCuR+ozRmH7hPAP3c4KqYSC38TClCgBloLapx/3/WdatctFJW/L"
+			+ "mcTovpq088927shE");
+
+		private static readonly byte[] inDirectCrl = Base64.Decode(
+			"MIIdXjCCHMcCAQEwDQYJKoZIhvcNAQEFBQAwdDELMAkGA1UEBhMCREUxHDAaBgNV"
+			+"BAoUE0RldXRzY2hlIFRlbGVrb20gQUcxFzAVBgNVBAsUDlQtVGVsZVNlYyBUZXN0"
+			+"MS4wDAYHAoIGAQoHFBMBMTAeBgNVBAMUF1QtVGVsZVNlYyBUZXN0IERJUiA4OlBO"
+			+"Fw0wNjA4MDQwODQ1MTRaFw0wNjA4MDQxNDQ1MTRaMIIbfzB+AgQvrj/pFw0wMzA3"
+			+"MjIwNTQxMjhaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
+			+"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
+			+"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+oXDTAzMDcyMjA1NDEyOFowZzBlBgNV"
+			+"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
+			+"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
+			+"UE4wfgIEL64/5xcNMDQwNDA1MTMxODE3WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
+			+"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
+			+"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/oFw0wNDA0"
+			+"MDUxMzE4MTdaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
+			+"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
+			+"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+UXDTAzMDExMzExMTgxMVowZzBlBgNV"
+			+"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
+			+"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
+			+"UE4wfgIEL64/5hcNMDMwMTEzMTExODExWjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
+			+"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
+			+"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/jFw0wMzAx"
+			+"MTMxMTI2NTZaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
+			+"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
+			+"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+QXDTAzMDExMzExMjY1NlowZzBlBgNV"
+			+"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
+			+"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
+			+"UE4wfgIEL64/4hcNMDQwNzEzMDc1ODM4WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
+			+"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
+			+"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/eFw0wMzAy"
+			+"MTcwNjMzMjVaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
+			+"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
+			+"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP98XDTAzMDIxNzA2MzMyNVowZzBlBgNV"
+			+"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
+			+"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
+			+"UE4wfgIEL64/0xcNMDMwMjE3MDYzMzI1WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
+			+"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
+			+"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/dFw0wMzAx"
+			+"MTMxMTI4MTRaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
+			+"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
+			+"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP9cXDTAzMDExMzExMjcwN1owZzBlBgNV"
+			+"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
+			+"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
+			+"UE4wfgIEL64/2BcNMDMwMTEzMTEyNzA3WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
+			+"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
+			+"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/VFw0wMzA0"
+			+"MzAxMjI3NTNaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
+			+"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
+			+"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP9YXDTAzMDQzMDEyMjc1M1owZzBlBgNV"
+			+"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
+			+"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
+			+"UE4wfgIEL64/xhcNMDMwMjEyMTM0NTQwWjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
+			+"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
+			+"BgEKBxQTATEwGAYDVQQDFBFUVEMgVGVzdCBDQSAxMTpQTjCBkAIEL64/xRcNMDMw"
+			+"MjEyMTM0NTQwWjB5MHcGA1UdHQEB/wRtMGukaTBnMQswCQYDVQQGEwJERTEcMBoG"
+			+"A1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEQMA4GA1UECxQHVGVsZVNlYzEoMAwG"
+			+"BwKCBgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNTpQTjB+AgQvrj/CFw0w"
+			+"MzAyMTIxMzA5MTZaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRww"
+			+"GgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNV"
+			+"BAMUEVRUQyBUZXN0IENBIDExOlBOMIGQAgQvrj/BFw0wMzAyMTIxMzA4NDBaMHkw"
+			+"dwYDVR0dAQH/BG0wa6RpMGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2No"
+			+"ZSBUZWxla29tIEFHMRAwDgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAY"
+			+"BgNVBAMUEVNpZ0cgVGVzdCBDQSA1OlBOMH4CBC+uP74XDTAzMDIxNzA2MzcyNVow"
+			+"ZzBlBgNVHR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRz"
+			+"Y2hlIFRlbGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRVFRDIFRlc3Qg"
+			+"Q0EgMTE6UE4wgZACBC+uP70XDTAzMDIxNzA2MzcyNVoweTB3BgNVHR0BAf8EbTBr"
+			+"pGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcx"
+			+"EDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBU"
+			+"ZXN0IENBIDU6UE4wgZACBC+uP7AXDTAzMDIxMjEzMDg1OVoweTB3BgNVHR0BAf8E"
+			+"bTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g"
+			+"QUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2ln"
+			+"RyBUZXN0IENBIDU6UE4wgZACBC+uP68XDTAzMDIxNzA2MzcyNVoweTB3BgNVHR0B"
+			+"Af8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVr"
+			+"b20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQR"
+			+"U2lnRyBUZXN0IENBIDU6UE4wfgIEL64/kxcNMDMwNDEwMDUyNjI4WjBnMGUGA1Ud"
+			+"HQEB/wRbMFmkVzBVMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVs"
+			+"ZWtvbSBBRzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFUVEMgVGVzdCBDQSAxMTpQ"
+			+"TjCBkAIEL64/khcNMDMwNDEwMDUyNjI4WjB5MHcGA1UdHQEB/wRtMGukaTBnMQsw"
+			+"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEQMA4GA1UE"
+			+"CxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0Eg"
+			+"NTpQTjB+AgQvrj8/Fw0wMzAyMjYxMTA0NDRaMGcwZQYDVR0dAQH/BFswWaRXMFUx"
+			+"CzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYH"
+			+"AoIGAQoHFBMBMTAYBgNVBAMUEVRUQyBUZXN0IENBIDExOlBOMIGQAgQvrj8+Fw0w"
+			+"MzAyMjYxMTA0NDRaMHkwdwYDVR0dAQH/BG0wa6RpMGcxCzAJBgNVBAYTAkRFMRww"
+			+"GgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYDVQQLFAdUZWxlU2VjMSgw"
+			+"DAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBDQSA1OlBOMH4CBC+uPs0X"
+			+"DTAzMDUyMDA1MjczNlowZzBlBgNVHR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUx"
+			+"HDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgG"
+			+"A1UEAxQRVFRDIFRlc3QgQ0EgMTE6UE4wgZACBC+uPswXDTAzMDUyMDA1MjczNlow"
+			+"eTB3BgNVHR0BAf8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRz"
+			+"Y2hlIFRlbGVrb20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwEx"
+			+"MBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6UE4wfgIEL64+PBcNMDMwNjE3MTAzNDE2"
+			+"WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1"
+			+"dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFUVEMgVGVz"
+			+"dCBDQSAxMTpQTjCBkAIEL64+OxcNMDMwNjE3MTAzNDE2WjB5MHcGA1UdHQEB/wRt"
+			+"MGukaTBnMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBB"
+			+"RzEQMA4GA1UECxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFTaWdH"
+			+"IFRlc3QgQ0EgNjpQTjCBkAIEL64+OhcNMDMwNjE3MTAzNDE2WjB5MHcGA1UdHQEB"
+			+"/wRtMGukaTBnMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtv"
+			+"bSBBRzEQMA4GA1UECxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFT"
+			+"aWdHIFRlc3QgQ0EgNjpQTjB+AgQvrj45Fw0wMzA2MTcxMzAxMDBaMGcwZQYDVR0d"
+			+"AQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxl"
+			+"a29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVRUQyBUZXN0IENBIDExOlBO"
+			+"MIGQAgQvrj44Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6RpMGcxCzAJ"
+			+"BgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYDVQQL"
+			+"FAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBDQSA2"
+			+"OlBOMIGQAgQvrj43Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6RpMGcx"
+			+"CzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYD"
+			+"VQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBD"
+			+"QSA2OlBOMIGQAgQvrj42Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6Rp"
+			+"MGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAw"
+			+"DgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVz"
+			+"dCBDQSA2OlBOMIGQAgQvrj4zFw0wMzA2MTcxMDM3NDlaMHkwdwYDVR0dAQH/BG0w"
+			+"a6RpMGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFH"
+			+"MRAwDgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cg"
+			+"VGVzdCBDQSA2OlBOMH4CBC+uPjEXDTAzMDYxNzEwNDI1OFowZzBlBgNVHR0BAf8E"
+			+"WzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g"
+			+"QUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRVFRDIFRlc3QgQ0EgMTE6UE4wgZAC"
+			+"BC+uPjAXDTAzMDYxNzEwNDI1OFoweTB3BgNVHR0BAf8EbTBrpGkwZzELMAkGA1UE"
+			+"BhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNVBAsUB1Rl"
+			+"bGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6UE4w"
+			+"gZACBC+uPakXDTAzMTAyMjExMzIyNFoweTB3BgNVHR0BAf8EbTBrpGkwZzELMAkG"
+			+"A1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNVBAsU"
+			+"B1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6"
+			+"UE4wgZACBC+uPLIXDTA1MDMxMTA2NDQyNFoweTB3BgNVHR0BAf8EbTBrpGkwZzEL"
+			+"MAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNV"
+			+"BAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENB"
+			+"IDY6UE4wgZACBC+uPKsXDTA0MDQwMjA3NTQ1M1oweTB3BgNVHR0BAf8EbTBrpGkw"
+			+"ZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAO"
+			+"BgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0"
+			+"IENBIDY6UE4wgZACBC+uOugXDTA1MDEyNzEyMDMyNFoweTB3BgNVHR0BAf8EbTBr"
+			+"pGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcx"
+			+"EDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBU"
+			+"ZXN0IENBIDY6UE4wgZACBC+uOr4XDTA1MDIxNjA3NTcxNloweTB3BgNVHR0BAf8E"
+			+"bTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g"
+			+"QUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2ln"
+			+"RyBUZXN0IENBIDY6UE4wgZACBC+uOqcXDTA1MDMxMDA1NTkzNVoweTB3BgNVHR0B"
+			+"Af8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVr"
+			+"b20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQR"
+			+"U2lnRyBUZXN0IENBIDY6UE4wgZACBC+uOjwXDTA1MDUxMTEwNDk0NloweTB3BgNV"
+			+"HR0BAf8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
+			+"bGVrb20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UE"
+			+"AxQRU2lnRyBUZXN0IENBIDY6UE4wgaoCBC+sbdUXDTA1MTExMTEwMDMyMVowgZIw"
+			+"gY8GA1UdHQEB/wSBhDCBgaR/MH0xCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0"
+			+"c2NoZSBUZWxla29tIEFHMR8wHQYDVQQLFBZQcm9kdWt0emVudHJ1bSBUZWxlU2Vj"
+			+"MS8wDAYHAoIGAQoHFBMBMTAfBgNVBAMUGFRlbGVTZWMgUEtTIFNpZ0cgQ0EgMTpQ"
+			+"TjCBlQIEL64uaBcNMDYwMTIzMTAyNTU1WjB+MHwGA1UdHQEB/wRyMHCkbjBsMQsw"
+			+"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEWMBQGA1UE"
+			+"CxQNWmVudHJhbGUgQm9ubjEnMAwGBwKCBgEKBxQTATEwFwYDVQQDFBBUVEMgVGVz"
+			+"dCBDQSA5OlBOMIGVAgQvribHFw0wNjA4MDEwOTQ4NDRaMH4wfAYDVR0dAQH/BHIw"
+			+"cKRuMGwxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFH"
+			+"MRYwFAYDVQQLFA1aZW50cmFsZSBCb25uMScwDAYHAoIGAQoHFBMBMTAXBgNVBAMU"
+			+"EFRUQyBUZXN0IENBIDk6UE6ggZswgZgwCwYDVR0UBAQCAhEMMB8GA1UdIwQYMBaA"
+			+"FANbyNumDI9545HwlCF26NuOJC45MA8GA1UdHAEB/wQFMAOEAf8wVwYDVR0SBFAw"
+			+"ToZMbGRhcDovL3Brc2xkYXAudHR0Yy5kZS9vdT1ULVRlbGVTZWMgVGVzdCBESVIg"
+			+"ODpQTixvPURldXRzY2hlIFRlbGVrb20gQUcsYz1kZTANBgkqhkiG9w0BAQUFAAOB"
+			+"gQBewL5gLFHpeOWO07Vk3Gg7pRDuAlvaovBH4coCyCWpk5jEhUfFSYEDuaQB7do4"
+			+"IlJmeTHvkI0PIZWJ7bwQ2PVdipPWDx0NVwS/Cz5jUKiS3BbAmZQZOueiKLFpQq3A"
+			+"b8aOHA7WHU4078/1lM+bgeu33Ln1CGykEbmSjA/oKPi/JA==");
+
+		private static readonly byte[] directCRL = Base64.Decode(
+			"MIIGXTCCBckCAQEwCgYGKyQDAwECBQAwdDELMAkGA1UEBhMCREUxHDAaBgNVBAoU"
+			+"E0RldXRzY2hlIFRlbGVrb20gQUcxFzAVBgNVBAsUDlQtVGVsZVNlYyBUZXN0MS4w"
+			+"DAYHAoIGAQoHFBMBMTAeBgNVBAMUF1QtVGVsZVNlYyBUZXN0IERJUiA4OlBOFw0w"
+			+"NjA4MDQwODQ1MTRaFw0wNjA4MDQxNDQ1MTRaMIIElTAVAgQvrj/pFw0wMzA3MjIw"
+			+"NTQxMjhaMBUCBC+uP+oXDTAzMDcyMjA1NDEyOFowFQIEL64/5xcNMDQwNDA1MTMx"
+			+"ODE3WjAVAgQvrj/oFw0wNDA0MDUxMzE4MTdaMBUCBC+uP+UXDTAzMDExMzExMTgx"
+			+"MVowFQIEL64/5hcNMDMwMTEzMTExODExWjAVAgQvrj/jFw0wMzAxMTMxMTI2NTZa"
+			+"MBUCBC+uP+QXDTAzMDExMzExMjY1NlowFQIEL64/4hcNMDQwNzEzMDc1ODM4WjAV"
+			+"AgQvrj/eFw0wMzAyMTcwNjMzMjVaMBUCBC+uP98XDTAzMDIxNzA2MzMyNVowFQIE"
+			+"L64/0xcNMDMwMjE3MDYzMzI1WjAVAgQvrj/dFw0wMzAxMTMxMTI4MTRaMBUCBC+u"
+			+"P9cXDTAzMDExMzExMjcwN1owFQIEL64/2BcNMDMwMTEzMTEyNzA3WjAVAgQvrj/V"
+			+"Fw0wMzA0MzAxMjI3NTNaMBUCBC+uP9YXDTAzMDQzMDEyMjc1M1owFQIEL64/xhcN"
+			+"MDMwMjEyMTM0NTQwWjAVAgQvrj/FFw0wMzAyMTIxMzQ1NDBaMBUCBC+uP8IXDTAz"
+			+"MDIxMjEzMDkxNlowFQIEL64/wRcNMDMwMjEyMTMwODQwWjAVAgQvrj++Fw0wMzAy"
+			+"MTcwNjM3MjVaMBUCBC+uP70XDTAzMDIxNzA2MzcyNVowFQIEL64/sBcNMDMwMjEy"
+			+"MTMwODU5WjAVAgQvrj+vFw0wMzAyMTcwNjM3MjVaMBUCBC+uP5MXDTAzMDQxMDA1"
+			+"MjYyOFowFQIEL64/khcNMDMwNDEwMDUyNjI4WjAVAgQvrj8/Fw0wMzAyMjYxMTA0"
+			+"NDRaMBUCBC+uPz4XDTAzMDIyNjExMDQ0NFowFQIEL64+zRcNMDMwNTIwMDUyNzM2"
+			+"WjAVAgQvrj7MFw0wMzA1MjAwNTI3MzZaMBUCBC+uPjwXDTAzMDYxNzEwMzQxNlow"
+			+"FQIEL64+OxcNMDMwNjE3MTAzNDE2WjAVAgQvrj46Fw0wMzA2MTcxMDM0MTZaMBUC"
+			+"BC+uPjkXDTAzMDYxNzEzMDEwMFowFQIEL64+OBcNMDMwNjE3MTMwMTAwWjAVAgQv"
+			+"rj43Fw0wMzA2MTcxMzAxMDBaMBUCBC+uPjYXDTAzMDYxNzEzMDEwMFowFQIEL64+"
+			+"MxcNMDMwNjE3MTAzNzQ5WjAVAgQvrj4xFw0wMzA2MTcxMDQyNThaMBUCBC+uPjAX"
+			+"DTAzMDYxNzEwNDI1OFowFQIEL649qRcNMDMxMDIyMTEzMjI0WjAVAgQvrjyyFw0w"
+			+"NTAzMTEwNjQ0MjRaMBUCBC+uPKsXDTA0MDQwMjA3NTQ1M1owFQIEL6466BcNMDUw"
+			+"MTI3MTIwMzI0WjAVAgQvrjq+Fw0wNTAyMTYwNzU3MTZaMBUCBC+uOqcXDTA1MDMx"
+			+"MDA1NTkzNVowFQIEL646PBcNMDUwNTExMTA0OTQ2WjAVAgQvrG3VFw0wNTExMTEx"
+			+"MDAzMjFaMBUCBC+uLmgXDTA2MDEyMzEwMjU1NVowFQIEL64mxxcNMDYwODAxMDk0"
+			+"ODQ0WqCBijCBhzALBgNVHRQEBAICEQwwHwYDVR0jBBgwFoAUA1vI26YMj3njkfCU"
+			+"IXbo244kLjkwVwYDVR0SBFAwToZMbGRhcDovL3Brc2xkYXAudHR0Yy5kZS9vdT1U"
+			+"LVRlbGVTZWMgVGVzdCBESVIgODpQTixvPURldXRzY2hlIFRlbGVrb20gQUcsYz1k"
+			+"ZTAKBgYrJAMDAQIFAAOBgQArj4eMlbAwuA2aS5O4UUUHQMKKdK/dtZi60+LJMiMY"
+			+"ojrMIf4+ZCkgm1Ca0Cd5T15MJxVHhh167Ehn/Hd48pdnAP6Dfz/6LeqkIHGWMHR+"
+			+"z6TXpwWB+P4BdUec1ztz04LypsznrHcLRa91ixg9TZCb1MrOG+InNhleRs1ImXk8"
+			+"MQ==");
+
+		private static readonly byte[] pkcs7CrlProblem = Base64.Decode(
+			  "MIIwSAYJKoZIhvcNAQcCoIIwOTCCMDUCAQExCzAJBgUrDgMCGgUAMAsGCSqG"
+			+ "SIb3DQEHAaCCEsAwggP4MIIC4KADAgECAgF1MA0GCSqGSIb3DQEBBQUAMEUx"
+			+ "CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR4wHAYDVQQD"
+			+ "ExVHZW9UcnVzdCBDQSBmb3IgQWRvYmUwHhcNMDQxMjAyMjEyNTM5WhcNMDYx"
+			+ "MjMwMjEyNTM5WjBMMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMR2VvVHJ1c3Qg"
+			+ "SW5jMSYwJAYDVQQDEx1HZW9UcnVzdCBBZG9iZSBPQ1NQIFJlc3BvbmRlcjCB"
+			+ "nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4gnNYhtw7U6QeVXZODnGhHMj"
+			+ "+OgZ0DB393rEk6a2q9kq129IA2e03yKBTfJfQR9aWKc2Qj90dsSqPjvTDHFG"
+			+ "Qsagm2FQuhnA3fb1UWhPzeEIdm6bxDsnQ8nWqKqxnWZzELZbdp3I9bBLizIq"
+			+ "obZovzt60LNMghn/unvvuhpeVSsCAwEAAaOCAW4wggFqMA4GA1UdDwEB/wQE"
+			+ "AwIE8DCB5QYDVR0gAQH/BIHaMIHXMIHUBgkqhkiG9y8BAgEwgcYwgZAGCCsG"
+			+ "AQUFBwICMIGDGoGAVGhpcyBjZXJ0aWZpY2F0ZSBoYXMgYmVlbiBpc3N1ZWQg"
+			+ "aW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBBY3JvYmF0IENyZWRlbnRpYWxzIENQ"
+			+ "UyBsb2NhdGVkIGF0IGh0dHA6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNl"
+			+ "cy9jcHMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jl"
+			+ "c291cmNlcy9jcHMwEwYDVR0lBAwwCgYIKwYBBQUHAwkwOgYDVR0fBDMwMTAv"
+			+ "oC2gK4YpaHR0cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9hZG9iZWNhMS5j"
+			+ "cmwwHwYDVR0jBBgwFoAUq4BZw2WDbR19E70Zw+wajw1HaqMwDQYJKoZIhvcN"
+			+ "AQEFBQADggEBAENJf1BD7PX5ivuaawt90q1OGzXpIQL/ClzEeFVmOIxqPc1E"
+			+ "TFRq92YuxG5b6+R+k+tGkmCwPLcY8ipg6ZcbJ/AirQhohzjlFuT6YAXsTfEj"
+			+ "CqEZfWM2sS7crK2EYxCMmKE3xDfPclYtrAoz7qZvxfQj0TuxHSstHZv39wu2"
+			+ "ZiG1BWiEcyDQyTgqTOXBoZmfJtshuAcXmTpgkrYSrS37zNlPTGh+pMYQ0yWD"
+			+ "c8OQRJR4OY5ZXfdna01mjtJTOmj6/6XPoLPYTq2gQrc2BCeNJ4bEhLb7sFVB"
+			+ "PbwPrpzTE/HRbQHDrzj0YimDxeOUV/UXctgvYwHNtEkcBLsOm/uytMYwggSh"
+			+ "MIIDiaADAgECAgQ+HL0oMA0GCSqGSIb3DQEBBQUAMGkxCzAJBgNVBAYTAlVT"
+			+ "MSMwIQYDVQQKExpBZG9iZSBTeXN0ZW1zIEluY29ycG9yYXRlZDEdMBsGA1UE"
+			+ "CxMUQWRvYmUgVHJ1c3QgU2VydmljZXMxFjAUBgNVBAMTDUFkb2JlIFJvb3Qg"
+			+ "Q0EwHhcNMDMwMTA4MjMzNzIzWhcNMjMwMTA5MDAwNzIzWjBpMQswCQYDVQQG"
+			+ "EwJVUzEjMCEGA1UEChMaQWRvYmUgU3lzdGVtcyBJbmNvcnBvcmF0ZWQxHTAb"
+			+ "BgNVBAsTFEFkb2JlIFRydXN0IFNlcnZpY2VzMRYwFAYDVQQDEw1BZG9iZSBS"
+			+ "b290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzE9UhPen"
+			+ "ouczU38/nBKIayyZR2d+Dx65rRSI+cMQ2B3w8NWfaQovWTWwzGypTJwVoJ/O"
+			+ "IL+gz1Ti4CBmRT85hjh+nMSOByLGJPYBErA131XqaZCw24U3HuJOB7JCoWoT"
+			+ "aaBm6oCREVkqmwh5WiBELcm9cziLPC/gQxtdswvwrzUaKf7vppLdgUydPVmO"
+			+ "rTE8QH6bkTYG/OJcjdGNJtVcRc+vZT+xqtJilvSoOOq6YEL09BxKNRXO+E4i"
+			+ "Vg+VGMX4lp+f+7C3eCXpgGu91grwxnSUnfMPUNuad85LcIMjjaDKeCBEXDxU"
+			+ "ZPHqojAZn+pMBk0GeEtekt8i0slns3rSAQIDAQABo4IBTzCCAUswEQYJYIZI"
+			+ "AYb4QgEBBAQDAgAHMIGOBgNVHR8EgYYwgYMwgYCgfqB8pHoweDELMAkGA1UE"
+			+ "BhMCVVMxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMgSW5jb3Jwb3JhdGVkMR0w"
+			+ "GwYDVQQLExRBZG9iZSBUcnVzdCBTZXJ2aWNlczEWMBQGA1UEAxMNQWRvYmUg"
+			+ "Um9vdCBDQTENMAsGA1UEAxMEQ1JMMTArBgNVHRAEJDAigA8yMDAzMDEwODIz"
+			+ "MzcyM1qBDzIwMjMwMTA5MDAwNzIzWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgw"
+			+ "FoAUgrc4SpOqmxDvgLvZVOLxD/uAnN4wHQYDVR0OBBYEFIK3OEqTqpsQ74C7"
+			+ "2VTi8Q/7gJzeMAwGA1UdEwQFMAMBAf8wHQYJKoZIhvZ9B0EABBAwDhsIVjYu"
+			+ "MDo0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4IBAQAy2p9DdcH6b8lv26sdNjc+"
+			+ "vGEZNrcCPB0jWZhsnu5NhedUyCAfp9S74r8Ad30ka3AvXME6dkm10+AjhCpx"
+			+ "aiLzwScpmBX2NZDkBEzDjbyfYRzn/SSM0URDjBa6m02l1DUvvBHOvfdRN42f"
+			+ "kOQU8Rg/vulZEjX5M5LznuDVa5pxm5lLyHHD4bFhCcTl+pHwQjo3fTT5cujN"
+			+ "qmIcIenV9IIQ43sFti1oVgt+fpIsb01yggztVnSynbmrLSsdEF/bJ3Vwj/0d"
+			+ "1+ICoHnlHOX/r2RAUS2em0fbQqV8H8KmSLDXvpJpTaT2KVfFeBEY3IdRyhOy"
+			+ "Yp1PKzK9MaXB+lKrBYjIMIIEyzCCA7OgAwIBAgIEPhy9tTANBgkqhkiG9w0B"
+			+ "AQUFADBpMQswCQYDVQQGEwJVUzEjMCEGA1UEChMaQWRvYmUgU3lzdGVtcyBJ"
+			+ "bmNvcnBvcmF0ZWQxHTAbBgNVBAsTFEFkb2JlIFRydXN0IFNlcnZpY2VzMRYw"
+			+ "FAYDVQQDEw1BZG9iZSBSb290IENBMB4XDTA0MDExNzAwMDMzOVoXDTE1MDEx"
+			+ "NTA4MDAwMFowRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IElu"
+			+ "Yy4xHjAcBgNVBAMTFUdlb1RydXN0IENBIGZvciBBZG9iZTCCASIwDQYJKoZI"
+			+ "hvcNAQEBBQADggEPADCCAQoCggEBAKfld+BkeFrnOYW8r9L1WygTDlTdSfrO"
+			+ "YvWS/Z6Ye5/l+HrBbOHqQCXBcSeCpz7kB2WdKMh1FOE4e9JlmICsHerBLdWk"
+			+ "emU+/PDb69zh8E0cLoDfxukF6oVPXj6WSThdSG7H9aXFzRr6S3XGCuvgl+Qw"
+			+ "DTLiLYW+ONF6DXwt3TQQtKReJjOJZk46ZZ0BvMStKyBaeB6DKZsmiIo89qso"
+			+ "13VDZINH2w1KvXg0ygDizoNtbvgAPFymwnsINS1klfQlcvn0x0RJm9bYQXK3"
+			+ "5GNZAgL3M7Lqrld0jMfIUaWvuHCLyivytRuzq1dJ7E8rmidjDEk/G+27pf13"
+			+ "fNZ7vR7M+IkCAwEAAaOCAZ0wggGZMBIGA1UdEwEB/wQIMAYBAf8CAQEwUAYD"
+			+ "VR0gBEkwRzBFBgkqhkiG9y8BAgEwODA2BggrBgEFBQcCARYqaHR0cHM6Ly93"
+			+ "d3cuYWRvYmUuY29tL21pc2MvcGtpL2Nkc19jcC5odG1sMBQGA1UdJQQNMAsG"
+			+ "CSqGSIb3LwEBBTCBsgYDVR0fBIGqMIGnMCKgIKAehhxodHRwOi8vY3JsLmFk"
+			+ "b2JlLmNvbS9jZHMuY3JsMIGAoH6gfKR6MHgxCzAJBgNVBAYTAlVTMSMwIQYD"
+			+ "VQQKExpBZG9iZSBTeXN0ZW1zIEluY29ycG9yYXRlZDEdMBsGA1UECxMUQWRv"
+			+ "YmUgVHJ1c3QgU2VydmljZXMxFjAUBgNVBAMTDUFkb2JlIFJvb3QgQ0ExDTAL"
+			+ "BgNVBAMTBENSTDEwCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFIK3OEqTqpsQ"
+			+ "74C72VTi8Q/7gJzeMB0GA1UdDgQWBBSrgFnDZYNtHX0TvRnD7BqPDUdqozAZ"
+			+ "BgkqhkiG9n0HQQAEDDAKGwRWNi4wAwIEkDANBgkqhkiG9w0BAQUFAAOCAQEA"
+			+ "PzlZLqIAjrFeEWEs0uC29YyJhkXOE9mf3YSaFGsITF+Gl1j0pajTjyH4R35Q"
+			+ "r3floW2q3HfNzTeZ90Jnr1DhVERD6zEMgJpCtJqVuk0sixuXJHghS/KicKf4"
+			+ "YXJJPx9epuIRF1siBRnznnF90svmOJMXApc0jGnYn3nQfk4kaShSnDaYaeYR"
+			+ "DJKcsiWhl6S5zfwS7Gg8hDeyckhMQKKWnlG1CQrwlSFisKCduoodwRtWgft8"
+			+ "kx13iyKK3sbalm6vnVc+5nufS4vI+TwMXoV63NqYaSroafBWk0nL53zGXPEy"
+			+ "+A69QhzEViJKn2Wgqt5gt++jMMNImbRObIqgfgF1VjCCBUwwggQ0oAMCAQIC"
+			+ "AgGDMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1H"
+			+ "ZW9UcnVzdCBJbmMuMR4wHAYDVQQDExVHZW9UcnVzdCBDQSBmb3IgQWRvYmUw"
+			+ "HhcNMDYwMzI0MTU0MjI5WhcNMDkwNDA2MTQ0MjI5WjBzMQswCQYDVQQGEwJV"
+			+ "UzELMAkGA1UECBMCTUExETAPBgNVBAoTCEdlb1RydXN0MR0wGwYDVQQDExRN"
+			+ "YXJrZXRpbmcgRGVwYXJ0bWVudDElMCMGCSqGSIb3DQEJARYWbWFya2V0aW5n"
+			+ "QGdlb3RydXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB"
+			+ "ANmvajTO4XJvAU2nVcLmXeCnAQX7RZt+7+ML3InmqQ3LCGo1weop09zV069/"
+			+ "1x/Nmieol7laEzeXxd2ghjGzwfXafqQEqHn6+vBCvqdNPoSi63fSWhnuDVWp"
+			+ "KVDOYgxOonrXl+Cc43lu4zRSq+Pi5phhrjDWcH74a3/rdljUt4c4GFezFXfa"
+			+ "w2oTzWkxj2cTSn0Szhpr17+p66UNt8uknlhmu4q44Speqql2HwmCEnpLYJrK"
+			+ "W3fOq5D4qdsvsLR2EABLhrBezamLI3iGV8cRHOUTsbTMhWhv/lKfHAyf4XjA"
+			+ "z9orzvPN5jthhIfICOFq/nStTgakyL4Ln+nFAB/SMPkCAwEAAaOCAhYwggIS"
+			+ "MA4GA1UdDwEB/wQEAwIF4DCB5QYDVR0gAQH/BIHaMIHXMIHUBgkqhkiG9y8B"
+			+ "AgEwgcYwgZAGCCsGAQUFBwICMIGDGoGAVGhpcyBjZXJ0aWZpY2F0ZSBoYXMg"
+			+ "YmVlbiBpc3N1ZWQgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBBY3JvYmF0IENy"
+			+ "ZWRlbnRpYWxzIENQUyBsb2NhdGVkIGF0IGh0dHA6Ly93d3cuZ2VvdHJ1c3Qu"
+			+ "Y29tL3Jlc291cmNlcy9jcHMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2Vv"
+			+ "dHJ1c3QuY29tL3Jlc291cmNlcy9jcHMwOgYDVR0fBDMwMTAvoC2gK4YpaHR0"
+			+ "cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9hZG9iZWNhMS5jcmwwHwYDVR0j"
+			+ "BBgwFoAUq4BZw2WDbR19E70Zw+wajw1HaqMwRAYIKwYBBQUHAQEEODA2MDQG"
+			+ "CCsGAQUFBzABhihodHRwOi8vYWRvYmUtb2NzcC5nZW90cnVzdC5jb20vcmVz"
+			+ "cG9uZGVyMBQGA1UdJQQNMAsGCSqGSIb3LwEBBTA8BgoqhkiG9y8BAQkBBC4w"
+			+ "LAIBAYYnaHR0cDovL2Fkb2JlLXRpbWVzdGFtcC5nZW90cnVzdC5jb20vdHNh"
+			+ "MBMGCiqGSIb3LwEBCQIEBTADAgEBMAwGA1UdEwQFMAMCAQAwDQYJKoZIhvcN"
+			+ "AQEFBQADggEBAAOhy6QxOo+i3h877fvDvTa0plGD2bIqK7wMdNqbMDoSWied"
+			+ "FIcgcBOIm2wLxOjZBAVj/3lDq59q2rnVeNnfXM0/N0MHI9TumHRjU7WNk9e4"
+			+ "+JfJ4M+c3anrWOG3NE5cICDVgles+UHjXetHWql/LlP04+K2ZOLb6LE2xGnI"
+			+ "YyLW9REzCYNAVF+/WkYdmyceHtaBZdbyVAJq0NAJPsfgY1pWcBo31Mr1fpX9"
+			+ "WrXNTYDCqMyxMImJTmN3iI68tkXlNrhweQoArKFqBysiBkXzG/sGKYY6tWKU"
+			+ "pzjLc3vIp/LrXC5zilROes8BSvwu1w9qQrJNcGwo7O4uijoNtyYil1Exgh1Q"
+			+ "MIIdTAIBATBLMEUxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJ"
+			+ "bmMuMR4wHAYDVQQDExVHZW9UcnVzdCBDQSBmb3IgQWRvYmUCAgGDMAkGBSsO"
+			+ "AwIaBQCgggxMMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwIwYJKoZIhvcN"
+			+ "AQkEMRYEFP4R6qIdpQJzWyzrqO8X1ZfJOgChMIIMCQYJKoZIhvcvAQEIMYIL"
+			+ "+jCCC/agggZ5MIIGdTCCA6gwggKQMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV"
+			+ "BAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR4wHAYDVQQDExVHZW9U"
+			+ "cnVzdCBDQSBmb3IgQWRvYmUXDTA2MDQwNDE3NDAxMFoXDTA2MDQwNTE3NDAx"
+			+ "MFowggIYMBMCAgC5Fw0wNTEwMTEyMDM2MzJaMBICAVsXDTA0MTEwNDE1MDk0"
+			+ "MVowEwICALgXDTA1MTIxMjIyMzgzOFowEgIBWhcNMDQxMTA0MTUwOTMzWjAT"
+			+ "AgIA5hcNMDUwODI3MDQwOTM4WjATAgIAtxcNMDYwMTE2MTc1NTEzWjATAgIA"
+			+ "hhcNMDUxMjEyMjIzODU1WjATAgIAtRcNMDUwNzA2MTgzODQwWjATAgIA4BcN"
+			+ "MDYwMzIwMDc0ODM0WjATAgIAgRcNMDUwODAyMjIzMTE1WjATAgIA3xcNMDUx"
+			+ "MjEyMjIzNjUwWjASAgFKFw0wNDExMDQxNTA5MTZaMBICAUQXDTA0MTEwNDE1"
+			+ "MDg1M1owEgIBQxcNMDQxMDAzMDEwMDQwWjASAgFsFw0wNDEyMDYxOTQ0MzFa"
+			+ "MBMCAgEoFw0wNjAzMDkxMjA3MTJaMBMCAgEkFw0wNjAxMTYxNzU1MzRaMBIC"
+			+ "AWcXDTA1MDMxODE3NTYxNFowEwICAVEXDTA2MDEzMTExMjcxMVowEgIBZBcN"
+			+ "MDQxMTExMjI0ODQxWjATAgIA8RcNMDUwOTE2MTg0ODAxWjATAgIBThcNMDYw"
+			+ "MjIxMjAxMDM2WjATAgIAwRcNMDUxMjEyMjIzODE2WjASAgFiFw0wNTAxMTAx"
+			+ "NjE5MzRaMBICAWAXDTA1MDExMDE5MDAwNFowEwICAL4XDTA1MDUxNzE0NTYx"
+			+ "MFowDQYJKoZIhvcNAQEFBQADggEBAEKhRMS3wVho1U3EvEQJZC8+JlUngmZQ"
+			+ "A78KQbHPWNZWFlNvPuf/b0s7Lu16GfNHXh1QAW6Y5Hi1YtYZ3YOPyMd4Xugt"
+			+ "gCdumbB6xtKsDyN5RvTht6ByXj+CYlYqsL7RX0izJZ6mJn4fjMkqzPKNOjb8"
+			+ "kSn5T6rn93BjlATtCE8tPVOM8dnqGccRE0OV59+nDBXc90UMt5LdEbwaUOap"
+			+ "snVB0oLcNm8d/HnlVH6RY5LnDjrT4vwfe/FApZtTecEWsllVUXDjSpwfcfD/"
+			+ "476/lpGySB2otALqzImlA9R8Ok3hJ8dnF6hhQ5Oe6OJMnGYgdhkKbxsKkdib"
+			+ "tTVl3qmH5QAwggLFMIIBrQIBATANBgkqhkiG9w0BAQUFADBpMQswCQYDVQQG"
+			+ "EwJVUzEjMCEGA1UEChMaQWRvYmUgU3lzdGVtcyBJbmNvcnBvcmF0ZWQxHTAb"
+			+ "BgNVBAsTFEFkb2JlIFRydXN0IFNlcnZpY2VzMRYwFAYDVQQDEw1BZG9iZSBS"
+			+ "b290IENBFw0wNjAxMjcxODMzMzFaFw0wNzAxMjcwMDAwMDBaMIHeMCMCBD4c"
+			+ "vUAXDTAzMDEyMTIzNDY1NlowDDAKBgNVHRUEAwoBBDAjAgQ+HL1BFw0wMzAx"
+			+ "MjEyMzQ3MjJaMAwwCgYDVR0VBAMKAQQwIwIEPhy9YhcNMDMwMTIxMjM0NzQy"
+			+ "WjAMMAoGA1UdFQQDCgEEMCMCBD4cvWEXDTA0MDExNzAxMDg0OFowDDAKBgNV"
+			+ "HRUEAwoBBDAjAgQ+HL2qFw0wNDAxMTcwMTA5MDVaMAwwCgYDVR0VBAMKAQQw"
+			+ "IwIEPhy9qBcNMDQwMTE3MDEzOTI5WjAMMAoGA1UdFQQDCgEEoC8wLTAKBgNV"
+			+ "HRQEAwIBDzAfBgNVHSMEGDAWgBSCtzhKk6qbEO+Au9lU4vEP+4Cc3jANBgkq"
+			+ "hkiG9w0BAQUFAAOCAQEAwtXF9042wG39icUlsotn5tpE3oCusLb/hBpEONhx"
+			+ "OdfEQOq0w5hf/vqaxkcf71etA+KpbEUeSVaHMHRPhx/CmPrO9odE139dJdbt"
+			+ "9iqbrC9iZokFK3h/es5kg73xujLKd7C/u5ngJ4mwBtvhMLjFjF2vJhPKHL4C"
+			+ "IgMwdaUAhrcNzy16v+mw/VGJy3Fvc6oCESW1K9tvFW58qZSNXrMlsuidgunM"
+			+ "hPKG+z0SXVyCqL7pnqKiaGddcgujYGOSY4S938oVcfZeZQEODtSYGlzldojX"
+			+ "C1U1hCK5+tHAH0Ox/WqRBIol5VCZQwJftf44oG8oviYq52aaqSejXwmfT6zb"
+			+ "76GCBXUwggVxMIIFbQoBAKCCBWYwggViBgkrBgEFBQcwAQEEggVTMIIFTzCB"
+			+ "taIWBBS+8EpykfXdl4h3z7m/NZfdkAQQERgPMjAwNjA0MDQyMDIwMTVaMGUw"
+			+ "YzA7MAkGBSsOAwIaBQAEFEb4BuZYkbjBjOjT6VeA/00fBvQaBBT3fTSQniOp"
+			+ "BbHBSkz4xridlX0bsAICAYOAABgPMjAwNjA0MDQyMDIwMTVaoBEYDzIwMDYw"
+			+ "NDA1MDgyMDE1WqEjMCEwHwYJKwYBBQUHMAECBBIEEFqooq/R2WltD7TposkT"
+			+ "BhMwDQYJKoZIhvcNAQEFBQADgYEAMig6lty4b0JDsT/oanfQG5x6jVKPACpp"
+			+ "1UA9SJ0apJJa7LeIdDFmu5C2S/CYiKZm4A4P9cAu0YzgLHxE4r6Op+HfVlAG"
+			+ "6bzUe1P/hi1KCJ8r8wxOZAktQFPSzs85RAZwkHMfB0lP2e/h666Oye+Zf8VH"
+			+ "RaE+/xZ7aswE89HXoumgggQAMIID/DCCA/gwggLgoAMCAQICAXUwDQYJKoZI"
+			+ "hvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IElu"
+			+ "Yy4xHjAcBgNVBAMTFUdlb1RydXN0IENBIGZvciBBZG9iZTAeFw0wNDEyMDIy"
+			+ "MTI1MzlaFw0wNjEyMzAyMTI1MzlaMEwxCzAJBgNVBAYTAlVTMRUwEwYDVQQK"
+			+ "EwxHZW9UcnVzdCBJbmMxJjAkBgNVBAMTHUdlb1RydXN0IEFkb2JlIE9DU1Ag"
+			+ "UmVzcG9uZGVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDiCc1iG3Dt"
+			+ "TpB5Vdk4OcaEcyP46BnQMHf3esSTprar2SrXb0gDZ7TfIoFN8l9BH1pYpzZC"
+			+ "P3R2xKo+O9MMcUZCxqCbYVC6GcDd9vVRaE/N4Qh2bpvEOydDydaoqrGdZnMQ"
+			+ "tlt2ncj1sEuLMiqhtmi/O3rQs0yCGf+6e++6Gl5VKwIDAQABo4IBbjCCAWow"
+			+ "DgYDVR0PAQH/BAQDAgTwMIHlBgNVHSABAf8EgdowgdcwgdQGCSqGSIb3LwEC"
+			+ "ATCBxjCBkAYIKwYBBQUHAgIwgYMagYBUaGlzIGNlcnRpZmljYXRlIGhhcyBi"
+			+ "ZWVuIGlzc3VlZCBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIEFjcm9iYXQgQ3Jl"
+			+ "ZGVudGlhbHMgQ1BTIGxvY2F0ZWQgYXQgaHR0cDovL3d3dy5nZW90cnVzdC5j"
+			+ "b20vcmVzb3VyY2VzL2NwczAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5nZW90"
+			+ "cnVzdC5jb20vcmVzb3VyY2VzL2NwczATBgNVHSUEDDAKBggrBgEFBQcDCTA6"
+			+ "BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9jcmxz"
+			+ "L2Fkb2JlY2ExLmNybDAfBgNVHSMEGDAWgBSrgFnDZYNtHX0TvRnD7BqPDUdq"
+			+ "ozANBgkqhkiG9w0BAQUFAAOCAQEAQ0l/UEPs9fmK+5prC33SrU4bNekhAv8K"
+			+ "XMR4VWY4jGo9zURMVGr3Zi7Eblvr5H6T60aSYLA8txjyKmDplxsn8CKtCGiH"
+			+ "OOUW5PpgBexN8SMKoRl9YzaxLtysrYRjEIyYoTfEN89yVi2sCjPupm/F9CPR"
+			+ "O7EdKy0dm/f3C7ZmIbUFaIRzINDJOCpM5cGhmZ8m2yG4BxeZOmCSthKtLfvM"
+			+ "2U9MaH6kxhDTJYNzw5BElHg5jlld92drTWaO0lM6aPr/pc+gs9hOraBCtzYE"
+			+ "J40nhsSEtvuwVUE9vA+unNMT8dFtAcOvOPRiKYPF45RX9Rdy2C9jAc20SRwE"
+			+ "uw6b+7K0xjANBgkqhkiG9w0BAQEFAASCAQC7a4yICFGCEMPlJbydK5qLG3rV"
+			+ "sip7Ojjz9TB4nLhC2DgsIHds8jjdq2zguInluH2nLaBCVS+qxDVlTjgbI2cB"
+			+ "TaWS8nglC7nNjzkKAsa8vThA8FZUVXTW0pb74jNJJU2AA27bb4g+4WgunCrj"
+			+ "fpYp+QjDyMmdrJVqRmt5eQN+dpVxMS9oq+NrhOSEhyIb4/rejgNg9wnVK1ms"
+			+ "l5PxQ4x7kpm7+Ua41//owkJVWykRo4T1jo4eHEz1DolPykAaKie2VKH/sMqR"
+			+ "Spjh4E5biKJLOV9fKivZWKAXByXfwUbbMsJvz4v/2yVHFy9xP+tqB5ZbRoDK"
+			+ "k8PzUyCprozn+/22oYIPijCCD4YGCyqGSIb3DQEJEAIOMYIPdTCCD3EGCSqG"
+			+ "SIb3DQEHAqCCD2Iwgg9eAgEDMQswCQYFKw4DAhoFADCB+gYLKoZIhvcNAQkQ"
+			+ "AQSggeoEgecwgeQCAQEGAikCMCEwCQYFKw4DAhoFAAQUoT97qeCv3FXYaEcS"
+			+ "gY8patCaCA8CAiMHGA8yMDA2MDQwNDIwMjA1N1owAwIBPAEB/wIIO0yRre3L"
+			+ "8/6ggZCkgY0wgYoxCzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1NYXNzYWNodXNl"
+			+ "dHRzMRAwDgYDVQQHEwdOZWVkaGFtMRUwEwYDVQQKEwxHZW9UcnVzdCBJbmMx"
+			+ "EzARBgNVBAsTClByb2R1Y3Rpb24xJTAjBgNVBAMTHGFkb2JlLXRpbWVzdGFt"
+			+ "cC5nZW90cnVzdC5jb22gggzJMIIDUTCCAjmgAwIBAgICAI8wDQYJKoZIhvcN"
+			+ "AQEFBQAwRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4x"
+			+ "HjAcBgNVBAMTFUdlb1RydXN0IENBIGZvciBBZG9iZTAeFw0wNTAxMTAwMTI5"
+			+ "MTBaFw0xNTAxMTUwODAwMDBaMIGKMQswCQYDVQQGEwJVUzEWMBQGA1UECBMN"
+			+ "TWFzc2FjaHVzZXR0czEQMA4GA1UEBxMHTmVlZGhhbTEVMBMGA1UEChMMR2Vv"
+			+ "VHJ1c3QgSW5jMRMwEQYDVQQLEwpQcm9kdWN0aW9uMSUwIwYDVQQDExxhZG9i"
+			+ "ZS10aW1lc3RhbXAuZ2VvdHJ1c3QuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GN"
+			+ "ADCBiQKBgQDRbxJotLFPWQuuEDhKtOMaBUJepGxIvWxeahMbq1DVmqnk88+j"
+			+ "w/5lfPICPzQZ1oHrcTLSAFM7Mrz3pyyQKQKMqUyiemzuG/77ESUNfBNSUfAF"
+			+ "PdtHuDMU8Is8ABVnFk63L+wdlvvDIlKkE08+VTKCRdjmuBVltMpQ6QcLFQzm"
+			+ "AQIDAQABo4GIMIGFMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuZ2Vv"
+			+ "dHJ1c3QuY29tL2NybHMvYWRvYmVjYTEuY3JsMB8GA1UdIwQYMBaAFKuAWcNl"
+			+ "g20dfRO9GcPsGo8NR2qjMA4GA1UdDwEB/wQEAwIGwDAWBgNVHSUBAf8EDDAK"
+			+ "BggrBgEFBQcDCDANBgkqhkiG9w0BAQUFAAOCAQEAmnyXjdtX+F79Nf0KggTd"
+			+ "6YC2MQD9s09IeXTd8TP3rBmizfM+7f3icggeCGakNfPRmIUMLoa0VM5Kt37T"
+			+ "2X0TqzBWusfbKx7HnX4v1t/G8NJJlT4SShSHv+8bjjU4lUoCmW2oEcC5vXwP"
+			+ "R5JfjCyois16npgcO05ZBT+LLDXyeBijE6qWmwLDfEpLyILzVRmyU4IE7jvm"
+			+ "rgb3GXwDUvd3yQXGRRHbPCh3nj9hBGbuzyt7GnlqnEie3wzIyMG2ET/wvTX5"
+			+ "4BFXKNe7lDLvZj/MXvd3V7gMTSVW0kAszKao56LfrVTgp1VX3UBQYwmQqaoA"
+			+ "UwFezih+jEvjW6cYJo/ErDCCBKEwggOJoAMCAQICBD4cvSgwDQYJKoZIhvcN"
+			+ "AQEFBQAwaTELMAkGA1UEBhMCVVMxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMg"
+			+ "SW5jb3Jwb3JhdGVkMR0wGwYDVQQLExRBZG9iZSBUcnVzdCBTZXJ2aWNlczEW"
+			+ "MBQGA1UEAxMNQWRvYmUgUm9vdCBDQTAeFw0wMzAxMDgyMzM3MjNaFw0yMzAx"
+			+ "MDkwMDA3MjNaMGkxCzAJBgNVBAYTAlVTMSMwIQYDVQQKExpBZG9iZSBTeXN0"
+			+ "ZW1zIEluY29ycG9yYXRlZDEdMBsGA1UECxMUQWRvYmUgVHJ1c3QgU2Vydmlj"
+			+ "ZXMxFjAUBgNVBAMTDUFkb2JlIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUA"
+			+ "A4IBDwAwggEKAoIBAQDMT1SE96ei5zNTfz+cEohrLJlHZ34PHrmtFIj5wxDY"
+			+ "HfDw1Z9pCi9ZNbDMbKlMnBWgn84gv6DPVOLgIGZFPzmGOH6cxI4HIsYk9gES"
+			+ "sDXfVeppkLDbhTce4k4HskKhahNpoGbqgJERWSqbCHlaIEQtyb1zOIs8L+BD"
+			+ "G12zC/CvNRop/u+mkt2BTJ09WY6tMTxAfpuRNgb84lyN0Y0m1VxFz69lP7Gq"
+			+ "0mKW9Kg46rpgQvT0HEo1Fc74TiJWD5UYxfiWn5/7sLd4JemAa73WCvDGdJSd"
+			+ "8w9Q25p3zktwgyONoMp4IERcPFRk8eqiMBmf6kwGTQZ4S16S3yLSyWezetIB"
+			+ "AgMBAAGjggFPMIIBSzARBglghkgBhvhCAQEEBAMCAAcwgY4GA1UdHwSBhjCB"
+			+ "gzCBgKB+oHykejB4MQswCQYDVQQGEwJVUzEjMCEGA1UEChMaQWRvYmUgU3lz"
+			+ "dGVtcyBJbmNvcnBvcmF0ZWQxHTAbBgNVBAsTFEFkb2JlIFRydXN0IFNlcnZp"
+			+ "Y2VzMRYwFAYDVQQDEw1BZG9iZSBSb290IENBMQ0wCwYDVQQDEwRDUkwxMCsG"
+			+ "A1UdEAQkMCKADzIwMDMwMTA4MjMzNzIzWoEPMjAyMzAxMDkwMDA3MjNaMAsG"
+			+ "A1UdDwQEAwIBBjAfBgNVHSMEGDAWgBSCtzhKk6qbEO+Au9lU4vEP+4Cc3jAd"
+			+ "BgNVHQ4EFgQUgrc4SpOqmxDvgLvZVOLxD/uAnN4wDAYDVR0TBAUwAwEB/zAd"
+			+ "BgkqhkiG9n0HQQAEEDAOGwhWNi4wOjQuMAMCBJAwDQYJKoZIhvcNAQEFBQAD"
+			+ "ggEBADLan0N1wfpvyW/bqx02Nz68YRk2twI8HSNZmGye7k2F51TIIB+n1Lvi"
+			+ "vwB3fSRrcC9cwTp2SbXT4COEKnFqIvPBJymYFfY1kOQETMONvJ9hHOf9JIzR"
+			+ "REOMFrqbTaXUNS+8Ec6991E3jZ+Q5BTxGD++6VkSNfkzkvOe4NVrmnGbmUvI"
+			+ "ccPhsWEJxOX6kfBCOjd9NPly6M2qYhwh6dX0ghDjewW2LWhWC35+kixvTXKC"
+			+ "DO1WdLKduastKx0QX9sndXCP/R3X4gKgeeUc5f+vZEBRLZ6bR9tCpXwfwqZI"
+			+ "sNe+kmlNpPYpV8V4ERjch1HKE7JinU8rMr0xpcH6UqsFiMgwggTLMIIDs6AD"
+			+ "AgECAgQ+HL21MA0GCSqGSIb3DQEBBQUAMGkxCzAJBgNVBAYTAlVTMSMwIQYD"
+			+ "VQQKExpBZG9iZSBTeXN0ZW1zIEluY29ycG9yYXRlZDEdMBsGA1UECxMUQWRv"
+			+ "YmUgVHJ1c3QgU2VydmljZXMxFjAUBgNVBAMTDUFkb2JlIFJvb3QgQ0EwHhcN"
+			+ "MDQwMTE3MDAwMzM5WhcNMTUwMTE1MDgwMDAwWjBFMQswCQYDVQQGEwJVUzEW"
+			+ "MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgQ0Eg"
+			+ "Zm9yIEFkb2JlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+V3"
+			+ "4GR4Wuc5hbyv0vVbKBMOVN1J+s5i9ZL9nph7n+X4esFs4epAJcFxJ4KnPuQH"
+			+ "ZZ0oyHUU4Th70mWYgKwd6sEt1aR6ZT788Nvr3OHwTRwugN/G6QXqhU9ePpZJ"
+			+ "OF1Ibsf1pcXNGvpLdcYK6+CX5DANMuIthb440XoNfC3dNBC0pF4mM4lmTjpl"
+			+ "nQG8xK0rIFp4HoMpmyaIijz2qyjXdUNkg0fbDUq9eDTKAOLOg21u+AA8XKbC"
+			+ "ewg1LWSV9CVy+fTHREmb1thBcrfkY1kCAvczsuquV3SMx8hRpa+4cIvKK/K1"
+			+ "G7OrV0nsTyuaJ2MMST8b7bul/Xd81nu9Hsz4iQIDAQABo4IBnTCCAZkwEgYD"
+			+ "VR0TAQH/BAgwBgEB/wIBATBQBgNVHSAESTBHMEUGCSqGSIb3LwECATA4MDYG"
+			+ "CCsGAQUFBwIBFipodHRwczovL3d3dy5hZG9iZS5jb20vbWlzYy9wa2kvY2Rz"
+			+ "X2NwLmh0bWwwFAYDVR0lBA0wCwYJKoZIhvcvAQEFMIGyBgNVHR8Egaowgacw"
+			+ "IqAgoB6GHGh0dHA6Ly9jcmwuYWRvYmUuY29tL2Nkcy5jcmwwgYCgfqB8pHow"
+			+ "eDELMAkGA1UEBhMCVVMxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMgSW5jb3Jw"
+			+ "b3JhdGVkMR0wGwYDVQQLExRBZG9iZSBUcnVzdCBTZXJ2aWNlczEWMBQGA1UE"
+			+ "AxMNQWRvYmUgUm9vdCBDQTENMAsGA1UEAxMEQ1JMMTALBgNVHQ8EBAMCAQYw"
+			+ "HwYDVR0jBBgwFoAUgrc4SpOqmxDvgLvZVOLxD/uAnN4wHQYDVR0OBBYEFKuA"
+			+ "WcNlg20dfRO9GcPsGo8NR2qjMBkGCSqGSIb2fQdBAAQMMAobBFY2LjADAgSQ"
+			+ "MA0GCSqGSIb3DQEBBQUAA4IBAQA/OVkuogCOsV4RYSzS4Lb1jImGRc4T2Z/d"
+			+ "hJoUawhMX4aXWPSlqNOPIfhHflCvd+Whbarcd83NN5n3QmevUOFUREPrMQyA"
+			+ "mkK0mpW6TSyLG5ckeCFL8qJwp/hhckk/H16m4hEXWyIFGfOecX3Sy+Y4kxcC"
+			+ "lzSMadifedB+TiRpKFKcNphp5hEMkpyyJaGXpLnN/BLsaDyEN7JySExAopae"
+			+ "UbUJCvCVIWKwoJ26ih3BG1aB+3yTHXeLIorextqWbq+dVz7me59Li8j5PAxe"
+			+ "hXrc2phpKuhp8FaTScvnfMZc8TL4Dr1CHMRWIkqfZaCq3mC376Mww0iZtE5s"
+			+ "iqB+AXVWMYIBgDCCAXwCAQEwSzBFMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN"
+			+ "R2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgQ0EgZm9yIEFkb2Jl"
+			+ "AgIAjzAJBgUrDgMCGgUAoIGMMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRAB"
+			+ "BDAcBgkqhkiG9w0BCQUxDxcNMDYwNDA0MjAyMDU3WjAjBgkqhkiG9w0BCQQx"
+			+ "FgQUp7AnXBqoNcarvO7fMJut1og2U5AwKwYLKoZIhvcNAQkQAgwxHDAaMBgw"
+			+ "FgQU1dH4eZTNhgxdiSABrat6zsPdth0wDQYJKoZIhvcNAQEBBQAEgYCinr/F"
+			+ "rMiQz/MRm9ZD5YGcC0Qo2dRTPd0Aop8mZ4g1xAhKFLnp7lLsjCbkSDpVLDBh"
+			+ "cnCk7CV+3FT5hlvt8OqZlR0CnkSnCswLFhrppiWle6cpxlwGqyAteC8uKtQu"
+			+ "wjE5GtBKLcCOAzQYyyuNZZeB6oCZ+3mPhZ62FxrvvEGJCgAAAAAAAAAAAAAA"
+			+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+			+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+			+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+			+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+			+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+			+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+			+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+			+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+			+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==");
+
+		private static readonly byte[] emptyDNCert = Base64.Decode(
+			  "MIICfTCCAeagAwIBAgIBajANBgkqhkiG9w0BAQQFADB8MQswCQYDVQQGEwJVUzEMMAoGA1UEChMD"
+			+ "Q0RXMQkwBwYDVQQLEwAxCTAHBgNVBAcTADEJMAcGA1UECBMAMRowGAYDVQQDExFUZW1wbGFyIFRl"
+			+ "c3QgMTAyNDEiMCAGCSqGSIb3DQEJARYTdGVtcGxhcnRlc3RAY2R3LmNvbTAeFw0wNjA1MjIwNTAw"
+			+ "MDBaFw0xMDA1MjIwNTAwMDBaMHwxCzAJBgNVBAYTAlVTMQwwCgYDVQQKEwNDRFcxCTAHBgNVBAsT"
+			+ "ADEJMAcGA1UEBxMAMQkwBwYDVQQIEwAxGjAYBgNVBAMTEVRlbXBsYXIgVGVzdCAxMDI0MSIwIAYJ"
+			+ "KoZIhvcNAQkBFhN0ZW1wbGFydGVzdEBjZHcuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB"
+			+ "gQDH3aJpJBfM+A3d84j5YcU6zEQaQ76u5xO9NSBmHjZykKS2kCcUqPpvVOPDA5WgV22dtKPh+lYV"
+			+ "iUp7wyCVwAKibq8HIbihHceFqMKzjwC639rMoDJ7bi/yzQWz1Zg+075a4FGPlUKn7Yfu89wKkjdW"
+			+ "wDpRPXc/agqBnrx5pJTXzQIDAQABow8wDTALBgNVHQ8EBAMCALEwDQYJKoZIhvcNAQEEBQADgYEA"
+			+ "RRsRsjse3i2/KClFVd6YLZ+7K1BE0WxFyY2bbytkwQJSxvv3vLSuweFUbhNxutb68wl/yW4GLy4b"
+			+ "1QdyswNxrNDXTuu5ILKhRDDuWeocz83aG2KGtr3JlFyr3biWGEyn5WUOE6tbONoQDJ0oPYgI6CAc"
+			+ "EHdUp0lioOCt6UOw7Cs=");
+
+	    private static readonly byte[] gostRFC4491_94 = Base64.Decode(
+	        "MIICCzCCAboCECMO42BGlSTOxwvklBgufuswCAYGKoUDAgIEMGkxHTAbBgNVBAMM" +
+            "FEdvc3RSMzQxMC05NCBleGFtcGxlMRIwEAYDVQQKDAlDcnlwdG9Qcm8xCzAJBgNV" +
+            "BAYTAlJVMScwJQYJKoZIhvcNAQkBFhhHb3N0UjM0MTAtOTRAZXhhbXBsZS5jb20w" +
+            "HhcNMDUwODE2MTIzMjUwWhcNMTUwODE2MTIzMjUwWjBpMR0wGwYDVQQDDBRHb3N0" +
+            "UjM0MTAtOTQgZXhhbXBsZTESMBAGA1UECgwJQ3J5cHRvUHJvMQswCQYDVQQGEwJS" +
+            "VTEnMCUGCSqGSIb3DQEJARYYR29zdFIzNDEwLTk0QGV4YW1wbGUuY29tMIGlMBwG" +
+            "BiqFAwICFDASBgcqhQMCAiACBgcqhQMCAh4BA4GEAASBgLuEZuF5nls02CyAfxOo" +
+            "GWZxV/6MVCUhR28wCyd3RpjG+0dVvrey85NsObVCNyaE4g0QiiQOHwxCTSs7ESuo" +
+            "v2Y5MlyUi8Go/htjEvYJJYfMdRv05YmKCYJo01x3pg+2kBATjeM+fJyR1qwNCCw+" +
+            "eMG1wra3Gqgqi0WBkzIydvp7MAgGBiqFAwICBANBABHHCH4S3ALxAiMpR3aPRyqB" +
+            "g1DjB8zy5DEjiULIc+HeIveF81W9lOxGkZxnrFjXBSqnjLeFKgF1hffXOAP7zUM=");
+
+	    private static readonly byte[] gostRFC4491_2001 = Base64.Decode(
+            "MIIB0DCCAX8CECv1xh7CEb0Xx9zUYma0LiEwCAYGKoUDAgIDMG0xHzAdBgNVBAMM" +
+            "Fkdvc3RSMzQxMC0yMDAxIGV4YW1wbGUxEjAQBgNVBAoMCUNyeXB0b1BybzELMAkG" +
+            "A1UEBhMCUlUxKTAnBgkqhkiG9w0BCQEWGkdvc3RSMzQxMC0yMDAxQGV4YW1wbGUu" +
+            "Y29tMB4XDTA1MDgxNjE0MTgyMFoXDTE1MDgxNjE0MTgyMFowbTEfMB0GA1UEAwwW" +
+            "R29zdFIzNDEwLTIwMDEgZXhhbXBsZTESMBAGA1UECgwJQ3J5cHRvUHJvMQswCQYD" +
+            "VQQGEwJSVTEpMCcGCSqGSIb3DQEJARYaR29zdFIzNDEwLTIwMDFAZXhhbXBsZS5j" +
+            "b20wYzAcBgYqhQMCAhMwEgYHKoUDAgIkAAYHKoUDAgIeAQNDAARAhJVodWACGkB1" +
+            "CM0TjDGJLP3lBQN6Q1z0bSsP508yfleP68wWuZWIA9CafIWuD+SN6qa7flbHy7Df" +
+            "D2a8yuoaYDAIBgYqhQMCAgMDQQA8L8kJRLcnqeyn1en7U23Sw6pkfEQu3u0xFkVP" +
+            "vFQ/3cHeF26NG+xxtZPz3TaTVXdoiYkXYiD02rEx1bUcM97i");
+
+		private class DudPublicKey
+			: AsymmetricKeyParameter
+		{
+			public DudPublicKey()
+				: base(false)
+			{
+			}
+
+			public string Algorithm
+			{
+				get { return null; }
+			}
+
+			public string Format
+			{
+				get { return null; }
+			}
+
+			public byte[] GetEncoded()
+			{
+				return null;
+			}
+		}
+
+		private AsymmetricKeyParameter dudPublicKey = new DudPublicKey();
+
+		public override string Name
+		{
+			get { return "CertTest"; }
+		}
+
+		internal void checkCertificate(
+			int		id,
+			byte[]	bytes)
+		{
+			string dump = "";
+
+			try
+			{
+				X509Certificate cert = new X509CertificateParser().ReadCertificate(bytes);
+
+				AsymmetricKeyParameter k = cert.GetPublicKey();
+				// Console.WriteLine(cert);
+			}
+			catch (Exception e)
+			{
+				Fail(dump + SimpleTest.NewLine + Name + ": "+ id + " failed - exception " + e.Message, e);
+			}
+		}
+
+		internal void checkNameCertificate(
+			int     id,
+			byte[]  bytes)
+		{
+			string dump = "";
+
+			try
+			{
+				X509Certificate cert = new X509CertificateParser().ReadCertificate(bytes);
+
+				AsymmetricKeyParameter k = cert.GetPublicKey();
+				if (!cert.IssuerDN.ToString().Equals("C=DE,O=DATEV eG,0.2.262.1.10.7.20=1+CN=CA DATEV D03 1:PN"))
+				{
+					Fail(id + " failed - name test.");
+				}
+				// Console.WriteLine(cert);
+			}
+			catch (Exception e)
+			{
+				Fail(dump + SimpleTest.NewLine + Name + ": "+ id + " failed - exception " + e.Message, e);
+			}
+
+		}
+
+		internal void checkKeyUsage(
+			int		id,
+			byte[]	bytes)
+		{
+			string dump = "";
+
+			try
+			{
+				X509Certificate cert = new X509CertificateParser().ReadCertificate(bytes);
+
+				AsymmetricKeyParameter k = cert.GetPublicKey();
+
+				if (cert.GetKeyUsage()[7])
+				{
+					Fail("error generating cert - key usage wrong.");
+				}
+
+				// Console.WriteLine(cert);
+			}
+			catch (Exception e)
+			{
+				Fail(dump + SimpleTest.NewLine + Name + ": "+ id + " failed - exception " + e.Message, e);
+			}
+
+		}
+
+		internal void checkSelfSignedCertificate(
+			int     id,
+			byte[]  bytes)
+		{
+			string dump = "";
+
+			try
+			{
+				X509Certificate cert = new X509CertificateParser().ReadCertificate(bytes);
+
+				AsymmetricKeyParameter k = cert.GetPublicKey();
+
+				cert.Verify(k);
+				// Console.WriteLine(cert);
+			}
+			catch (Exception e)
+			{
+				Fail(dump + SimpleTest.NewLine + Name + ": "+ id + " failed - exception " + e.Message, e);
+			}
+		}
+
+		/**
+		 * we Generate a self signed certificate for the sake of testing - RSA
+		 */
+		internal void checkCreation1()
+		{
+			//
+			// a sample key pair.
+			//
+			RsaKeyParameters pubKey = new RsaKeyParameters(
+				false,
+				new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+				new BigInteger("11", 16));
+
+			RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters(
+				new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+				new BigInteger("11", 16),
+				new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
+				new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
+				new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
+				new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
+				new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
+				new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
+
+			//
+			// set up the keys
+			//
+//			AsymmetricKeyParameter privKey;
+//			AsymmetricKeyParameter pubKey;
+
+//			KeyFactory  fact = KeyFactory.GetInstance("RSA");
+//
+//			privKey = fact.generatePrivate(privKeySpec);
+//			pubKey = fact.generatePublic(pubKeySpec);
+
+			//
+			// distinguished name table.
+			//
+			IList ord = new ArrayList();
+			ord.Add(X509Name.C);
+			ord.Add(X509Name.O);
+			ord.Add(X509Name.L);
+			ord.Add(X509Name.ST);
+			ord.Add(X509Name.E);
+
+			IList values = new ArrayList();
+			values.Add("AU");
+			values.Add("The Legion of the Bouncy Castle");
+			values.Add("Melbourne");
+			values.Add("Victoria");
+			values.Add("feedback-crypto@bouncycastle.org");
+
+			//
+			// extensions
+			//
+
+			//
+			// create the certificate - version 3 - without extensions
+			//
+			X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
+
+			certGen.SetSerialNumber(BigInteger.One);
+			certGen.SetIssuerDN(new X509Name(ord, values));
+			certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			certGen.SetSubjectDN(new X509Name(ord, values));
+			certGen.SetPublicKey(pubKey);
+			certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
+
+			X509Certificate cert = certGen.Generate(privKey);
+
+			cert.CheckValidity(DateTime.UtcNow);
+
+			cert.Verify(pubKey);
+
+			ISet dummySet = cert.GetNonCriticalExtensionOids();
+			if (dummySet != null)
+			{
+				Fail("non-critical oid set should be null");
+			}
+			dummySet = cert.GetCriticalExtensionOids();
+			if (dummySet != null)
+			{
+				Fail("critical oid set should be null");
+			}
+
+			//
+			// create the certificate - version 3 - with extensions
+			//
+			certGen = new X509V3CertificateGenerator();
+
+			certGen.SetSerialNumber(BigInteger.One);
+			certGen.SetIssuerDN(new X509Name(ord, values));
+			certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			certGen.SetSubjectDN(new X509Name(ord, values));
+			certGen.SetPublicKey(pubKey);
+			certGen.SetSignatureAlgorithm("MD5WithRSAEncryption");
+			certGen.AddExtension("2.5.29.15", true,
+				new X509KeyUsage(X509KeyUsage.EncipherOnly));
+			certGen.AddExtension("2.5.29.37", true,
+				new DerSequence(KeyPurposeID.AnyExtendedKeyUsage));
+			certGen.AddExtension("2.5.29.17", true,
+				new GeneralNames(new GeneralName(GeneralName.Rfc822Name, "test@test.test")));
+
+			cert = certGen.Generate(privKey);
+
+			cert.CheckValidity(DateTime.UtcNow);
+
+			cert.Verify(pubKey);
+
+			cert = new X509CertificateParser().ReadCertificate(cert.GetEncoded());
+
+			if (!cert.GetKeyUsage()[7])
+			{
+				Fail("error generating cert - key usage wrong.");
+			}
+
+			IList l = cert.GetExtendedKeyUsage();
+			if (!l[0].Equals(KeyPurposeID.AnyExtendedKeyUsage.Id))
+			{
+				Fail("failed extended key usage test");
+			}
+
+			foreach (IList gn in cert.GetSubjectAlternativeNames())
+			{
+				if (!gn[1].Equals("test@test.test"))
+				{
+					Fail("failed subject alternative names test");
+				}
+			}
+
+			// Console.WriteLine(cert);
+
+			//
+			// create the certificate - version 1
+			//
+			X509V1CertificateGenerator certGen1 = new X509V1CertificateGenerator();
+
+			certGen1.SetSerialNumber(BigInteger.One);
+			certGen1.SetIssuerDN(new X509Name(ord, values));
+			certGen1.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			certGen1.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			certGen1.SetSubjectDN(new X509Name(ord, values));
+			certGen1.SetPublicKey(pubKey);
+			certGen1.SetSignatureAlgorithm("MD5WithRSAEncryption");
+
+			cert = certGen1.Generate(privKey);
+
+			cert.CheckValidity(DateTime.UtcNow);
+
+			cert.Verify(pubKey);
+
+			cert = new X509CertificateParser().ReadCertificate(cert.GetEncoded());
+
+			// Console.WriteLine(cert);
+			if (!cert.IssuerDN.Equivalent(cert.SubjectDN))
+			{
+				Fail("name comparison fails");
+			}
+		}
+
+		/**
+		 * we Generate a self signed certificate for the sake of testing - DSA
+		 */
+		internal void checkCreation2()
+		{
+			//
+			// set up the keys
+			//
+			AsymmetricKeyParameter privKey;
+			AsymmetricKeyParameter pubKey;
+
+			try
+			{
+//				KeyPairGenerator g = KeyPairGenerator.GetInstance("DSA", "SUN");
+//				g.initialize(512, new SecureRandom());
+//				KeyPair p = g.generateKeyPair();
+				IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA");
+				DsaParametersGenerator dpg = new DsaParametersGenerator();
+				dpg.Init(512, 25, new SecureRandom());
+				g.Init(new DsaKeyGenerationParameters(new SecureRandom(), dpg.GenerateParameters()));
+				AsymmetricCipherKeyPair p = g.GenerateKeyPair();
+
+				privKey = p.Private;
+				pubKey = p.Public;
+			}
+			catch (Exception e)
+			{
+				Fail("error setting up keys - " + e.ToString());
+				return;
+			}
+
+			//
+			// distinguished name table.
+			//
+			IList ord = new ArrayList();
+			ord.Add(X509Name.C);
+			ord.Add(X509Name.O);
+			ord.Add(X509Name.L);
+			ord.Add(X509Name.ST);
+			ord.Add(X509Name.E);
+
+			IList values = new ArrayList();
+			values.Add("AU");
+			values.Add("The Legion of the Bouncy Castle");
+			values.Add("Melbourne");
+			values.Add("Victoria");
+			values.Add("feedback-crypto@bouncycastle.org");
+
+			//
+			// extensions
+			//
+
+			//
+			// create the certificate - version 3
+			//
+			X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();
+
+			certGen.SetSerialNumber(BigInteger.One);
+			certGen.SetIssuerDN(new X509Name(ord, values));
+			certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			certGen.SetSubjectDN(new X509Name(ord, values));
+			certGen.SetPublicKey(pubKey);
+			certGen.SetSignatureAlgorithm("SHA1withDSA");
+
+			try
+			{
+				X509Certificate cert = certGen.Generate(privKey);
+
+				cert.CheckValidity(DateTime.UtcNow);
+
+				cert.Verify(pubKey);
+
+				cert = new X509CertificateParser().ReadCertificate(cert.GetEncoded());
+
+				// Console.WriteLine(cert);
+			}
+			catch (Exception e)
+			{
+				Fail("error setting generating cert - " + e.ToString());
+			}
+
+			//
+			// create the certificate - version 1
+			//
+			X509V1CertificateGenerator certGen1 = new X509V1CertificateGenerator();
+
+			certGen1.SetSerialNumber(BigInteger.One);
+			certGen1.SetIssuerDN(new X509Name(ord, values));
+			certGen1.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			certGen1.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			certGen1.SetSubjectDN(new X509Name(ord, values));
+			certGen1.SetPublicKey(pubKey);
+			certGen1.SetSignatureAlgorithm("SHA1withDSA");
+
+			try
+			{
+				X509Certificate cert = certGen1.Generate(privKey);
+
+				cert.CheckValidity(DateTime.UtcNow);
+
+				cert.Verify(pubKey);
+
+				cert = new X509CertificateParser().ReadCertificate(cert.GetEncoded());
+
+				//Console.WriteLine(cert);
+			}
+			catch (Exception e)
+			{
+				Fail("error setting generating cert - " + e.ToString());
+			}
+
+			//
+			// exception test
+			//
+			try
+			{
+				certGen.SetPublicKey(dudPublicKey);
+
+				Fail("key without encoding not detected in v1");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		/**
+		 * we Generate a self signed certificate for the sake of testing - ECDSA
+		 */
+		internal void checkCreation3()
+		{
+			ECCurve curve = new FpCurve(
+				new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
+				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+
+			ECDomainParameters spec = new ECDomainParameters(
+				curve,
+				curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
+				new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n
+
+			ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(
+				"ECDSA",
+				new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d
+				spec);
+
+			ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+				"ECDSA",
+				curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
+				spec);
+
+			//
+			// set up the keys
+			//
+//			AsymmetricKeyParameter privKey;
+//			AsymmetricKeyParameter pubKey;
+//
+//			try
+//			{
+//				KeyFactory fact = KeyFactory.GetInstance("ECDSA");
+//
+//				privKey = fact.generatePrivate(privKeySpec);
+//				pubKey = fact.generatePublic(pubKeySpec);
+//			}
+//			catch (Exception e)
+//			{
+//				Fail("error setting up keys - " + e.ToString());
+//				return;
+//			}
+
+			//
+			// distinguished name table.
+			//
+			IDictionary attrs = new Hashtable();
+			IList order = new ArrayList();
+
+			attrs.Add(X509Name.C, "AU");
+			attrs.Add(X509Name.O, "The Legion of the Bouncy Castle");
+			attrs.Add(X509Name.L, "Melbourne");
+			attrs.Add(X509Name.ST, "Victoria");
+			attrs.Add(X509Name.E, "feedback-crypto@bouncycastle.org");
+
+			order.Add(X509Name.C);
+			order.Add(X509Name.O);
+			order.Add(X509Name.L);
+			order.Add(X509Name.ST);
+			order.Add(X509Name.E);
+
+
+			//
+			// ToString test
+			//
+			X509Name p = new X509Name(order, attrs);
+			string s = p.ToString();
+
+			if (!s.Equals("C=AU,O=The Legion of the Bouncy Castle,L=Melbourne,ST=Victoria,E=feedback-crypto@bouncycastle.org"))
+			{
+				Fail("ordered X509Principal test failed - s = " + s + ".");
+			}
+
+			//
+			// create the certificate - version 3
+			//
+			X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();
+
+			certGen.SetSerialNumber(BigInteger.One);
+			certGen.SetIssuerDN(new X509Name(order, attrs));
+			certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			certGen.SetSubjectDN(new X509Name(order, attrs));
+			certGen.SetPublicKey(pubKey);
+			certGen.SetSignatureAlgorithm("SHA1withECDSA");
+
+			try
+			{
+				X509Certificate cert = certGen.Generate(privKey);
+
+				cert.CheckValidity(DateTime.UtcNow);
+
+				cert.Verify(pubKey);
+
+				X509CertificateParser fact = new X509CertificateParser();
+				cert = fact.ReadCertificate(cert.GetEncoded());
+
+				//
+				// try with point compression turned off
+				//
+//				((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED");
+				FpPoint q = (FpPoint) pubKey.Q;
+				pubKey = new ECPublicKeyParameters(
+					pubKey.AlgorithmName,
+					new FpPoint(q.Curve, q.X, q.Y, false),
+					pubKey.Parameters);
+
+				certGen.SetPublicKey(pubKey);
+
+				cert = certGen.Generate(privKey);
+
+				cert.CheckValidity(DateTime.UtcNow);
+
+				cert.Verify(pubKey);
+
+				cert = fact.ReadCertificate(cert.GetEncoded());
+
+				// Console.WriteLine(cert);
+			}
+			catch (Exception e)
+			{
+				Fail("error setting generating cert - " + e.ToString());
+			}
+
+			X509Name pr = new X509Name("O=\"The Bouncy Castle, The Legion of\",E=feedback-crypto@bouncycastle.org,ST=Victoria,L=Melbourne,C=AU");
+
+			if (!pr.ToString().Equals("O=The Bouncy Castle\\, The Legion of,E=feedback-crypto@bouncycastle.org,ST=Victoria,L=Melbourne,C=AU"))
+			{
+				Fail("string based X509Principal test failed.");
+			}
+
+			pr = new X509Name("O=The Bouncy Castle\\, The Legion of,E=feedback-crypto@bouncycastle.org,ST=Victoria,L=Melbourne,C=AU");
+
+			if (!pr.ToString().Equals("O=The Bouncy Castle\\, The Legion of,E=feedback-crypto@bouncycastle.org,ST=Victoria,L=Melbourne,C=AU"))
+			{
+				Fail("string based X509Principal test failed.");
+			}
+		}
+
+		/**
+		 * we Generate a self signed certificate for the sake of testing - SHA224withECDSA
+		 */
+		private void createECCert(
+			string				algorithm,
+			DerObjectIdentifier	algOid)
+		{
+			FpCurve curve = new FpCurve(
+				new BigInteger("6864797660130609714981900799081393217269435300143305409394463459185543183397656052122559640661454554977296311391480858037121987999716643812574028291115057151"), // q (or p)
+				new BigInteger("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC", 16),   // a
+				new BigInteger("0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00", 16));  // b
+
+			ECDomainParameters spec = new ECDomainParameters(
+				curve,
+//				curve.DecodePoint(Hex.Decode("02C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66")), // G
+				curve.DecodePoint(Hex.Decode("0200C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66")), // G
+				new BigInteger("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", 16)); // n
+
+			ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(
+				"ECDSA",
+				new BigInteger("5769183828869504557786041598510887460263120754767955773309066354712783118202294874205844512909370791582896372147797293913785865682804434049019366394746072023"), // d
+				spec);
+
+			ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+				"ECDSA",
+//				curve.DecodePoint(Hex.Decode("026BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q
+				curve.DecodePoint(Hex.Decode("02006BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q
+				spec);
+
+//			//
+//			// set up the keys
+//			//
+//			AsymmetricKeyParameter privKey;
+//			AsymmetricKeyParameter pubKey;
+//
+//			KeyFactory fact = KeyFactory.GetInstance("ECDSA");
+//
+//			privKey = fact.generatePrivate(privKeySpec);
+//			pubKey = fact.generatePublic(pubKeySpec);
+
+
+			//
+			// distinguished name table.
+			//
+			IDictionary attrs = new Hashtable();
+			IList order = new ArrayList();
+
+			attrs.Add(X509Name.C, "AU");
+			attrs.Add(X509Name.O, "The Legion of the Bouncy Castle");
+			attrs.Add(X509Name.L, "Melbourne");
+			attrs.Add(X509Name.ST, "Victoria");
+			attrs.Add(X509Name.E, "feedback-crypto@bouncycastle.org");
+
+			order.Add(X509Name.C);
+			order.Add(X509Name.O);
+			order.Add(X509Name.L);
+			order.Add(X509Name.ST);
+			order.Add(X509Name.E);
+
+			//
+			// create the certificate - version 3
+			//
+			X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
+
+			certGen.SetSerialNumber(BigInteger.One);
+			certGen.SetIssuerDN(new X509Name(order, attrs));
+			certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			certGen.SetSubjectDN(new X509Name(order, attrs));
+			certGen.SetPublicKey(pubKey);
+			certGen.SetSignatureAlgorithm(algorithm);
+
+
+			X509Certificate cert = certGen.Generate(privKey);
+
+			cert.CheckValidity(DateTime.UtcNow);
+
+			cert.Verify(pubKey);
+
+			X509CertificateParser fact = new X509CertificateParser();
+			cert = fact.ReadCertificate(cert.GetEncoded());
+
+			//
+			// try with point compression turned off
+			//
+//			((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED");
+			FpPoint q = (FpPoint) pubKey.Q;
+			pubKey = new ECPublicKeyParameters(
+				pubKey.AlgorithmName,
+				new FpPoint(q.Curve, q.X, q.Y, false),
+				pubKey.Parameters);
+
+			certGen.SetPublicKey(pubKey);
+
+			cert = certGen.Generate(privKey);
+
+			cert.CheckValidity(DateTime.UtcNow);
+
+			cert.Verify(pubKey);
+
+			cert = fact.ReadCertificate(cert.GetEncoded());
+
+			if (!cert.SigAlgOid.Equals(algOid.ToString()))
+			{
+				Fail("ECDSA oid incorrect.");
+			}
+
+			if (cert.GetSigAlgParams() != null)
+			{
+				Fail("sig parameters present");
+			}
+
+			ISigner sig = SignerUtilities.GetSigner(algorithm);
+
+			sig.Init(false, pubKey);
+
+			byte[] b = cert.GetTbsCertificate();
+			sig.BlockUpdate(b, 0, b.Length);
+
+			if (!sig.VerifySignature(cert.GetSignature()))
+			{
+				Fail("EC certificate signature not mapped correctly.");
+			}
+			// Console.WriteLine(cert);
+		}
+
+		private void checkCrl(
+			int     id,
+			byte[]  bytes)
+		{
+			string dump = "";
+
+			try
+			{
+				X509Crl cert = new X509CrlParser().ReadCrl(bytes);
+
+				// Console.WriteLine(cert);
+			}
+			catch (Exception e)
+			{
+				Fail(dump + SimpleTest.NewLine + Name + ": "+ id + " failed - exception " + e.Message, e);
+			}
+
+		}
+
+		private void checkCrlCreation1()
+		{
+			IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
+			kpGen.Init(
+				new RsaKeyGenerationParameters(
+					BigInteger.ValueOf(0x10001), new SecureRandom(), 768, 25));
+
+			X509V2CrlGenerator crlGen = new X509V2CrlGenerator();
+			DateTime now = DateTime.UtcNow;
+			AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
+
+			crlGen.SetIssuerDN(new X509Name("CN=Test CA"));
+
+			crlGen.SetThisUpdate(now);
+			crlGen.SetNextUpdate(now.AddSeconds(100));
+			crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
+
+			crlGen.AddCrlEntry(BigInteger.One, now, CrlReason.PrivilegeWithdrawn);
+
+			crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false,
+				new AuthorityKeyIdentifierStructure(pair.Public));
+
+			X509Crl crl = crlGen.Generate(pair.Private);
+
+			if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true))
+			{
+				Fail("failed CRL issuer test");
+			}
+
+			Asn1OctetString authExt = crl.GetExtensionValue(X509Extensions.AuthorityKeyIdentifier);
+
+			if (authExt == null)
+			{
+				Fail("failed to find CRL extension");
+			}
+
+			AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt);
+
+			X509CrlEntry entry = crl.GetRevokedCertificate(BigInteger.One);
+
+			if (entry == null)
+			{
+				Fail("failed to find CRL entry");
+			}
+
+			if (!entry.SerialNumber.Equals(BigInteger.One))
+			{
+				Fail("CRL cert serial number does not match");
+			}
+
+			if (!entry.HasExtensions)
+			{
+				Fail("CRL entry extension not found");
+			}
+
+			Asn1OctetString ext = entry.GetExtensionValue(X509Extensions.ReasonCode);
+
+			if (ext != null)
+			{
+				DerEnumerated reasonCode = (DerEnumerated)X509ExtensionUtilities.FromExtensionValue(ext);
+
+				if (reasonCode.Value.IntValue != CrlReason.PrivilegeWithdrawn)
+				{
+					Fail("CRL entry reasonCode wrong");
+				}
+			}
+			else
+			{
+				Fail("CRL entry reasonCode not found");
+			}
+		}
+
+		private void checkCrlCreation2()
+		{
+			IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
+			kpGen.Init(
+				new RsaKeyGenerationParameters(
+					BigInteger.ValueOf(0x10001), new SecureRandom(), 768, 25));
+
+			X509V2CrlGenerator crlGen = new X509V2CrlGenerator();
+			DateTime now = DateTime.UtcNow;
+			AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
+
+			crlGen.SetIssuerDN(new X509Name("CN=Test CA"));
+
+			crlGen.SetThisUpdate(now);
+			crlGen.SetNextUpdate(now.AddSeconds(100));
+			crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
+
+			IList extOids = new ArrayList();
+			IList extValues = new ArrayList();
+
+			CrlReason crlReason = new CrlReason(CrlReason.PrivilegeWithdrawn);
+
+			try
+			{
+				extOids.Add(X509Extensions.ReasonCode);
+				extValues.Add(new X509Extension(false, new DerOctetString(crlReason.GetEncoded())));
+			}
+			catch (IOException e)
+			{
+				throw new ArgumentException("error encoding reason: " + e);
+			}
+
+			X509Extensions entryExtensions = new X509Extensions(extOids, extValues);
+
+			crlGen.AddCrlEntry(BigInteger.One, now, entryExtensions);
+
+			crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public));
+
+			X509Crl crl = crlGen.Generate(pair.Private);
+
+			if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true))
+			{
+				Fail("failed CRL issuer test");
+			}
+
+			Asn1OctetString authExt = crl.GetExtensionValue(X509Extensions.AuthorityKeyIdentifier);
+
+			if (authExt == null)
+			{
+				Fail("failed to find CRL extension");
+			}
+
+			AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt);
+
+			X509CrlEntry entry = crl.GetRevokedCertificate(BigInteger.One);
+
+			if (entry == null)
+			{
+				Fail("failed to find CRL entry");
+			}
+
+			if (!entry.SerialNumber.Equals(BigInteger.One))
+			{
+				Fail("CRL cert serial number does not match");
+			}
+
+			if (!entry.HasExtensions)
+			{
+				Fail("CRL entry extension not found");
+			}
+
+			Asn1OctetString ext = entry.GetExtensionValue(X509Extensions.ReasonCode);
+
+			if (ext != null)
+			{
+				DerEnumerated reasonCode = (DerEnumerated)X509ExtensionUtilities.FromExtensionValue(ext);
+
+				if (reasonCode.Value.IntValue != CrlReason.PrivilegeWithdrawn)
+				{
+					Fail("CRL entry reasonCode wrong");
+				}
+			}
+			else
+			{
+				Fail("CRL entry reasonCode not found");
+			}
+		}
+
+		private void checkCrlCreation3()
+		{
+			IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
+			kpGen.Init(
+				new RsaKeyGenerationParameters(
+					BigInteger.ValueOf(0x10001), new SecureRandom(), 768, 25));
+
+			X509V2CrlGenerator crlGen = new X509V2CrlGenerator();
+			DateTime now = DateTime.UtcNow;
+			AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
+
+			crlGen.SetIssuerDN(new X509Name("CN=Test CA"));
+
+			crlGen.SetThisUpdate(now);
+			crlGen.SetNextUpdate(now.AddSeconds(100));
+			crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
+
+			IList extOids = new ArrayList();
+			IList extValues = new ArrayList();
+
+			CrlReason crlReason = new CrlReason(CrlReason.PrivilegeWithdrawn);
+
+			try
+			{
+				extOids.Add(X509Extensions.ReasonCode);
+				extValues.Add(new X509Extension(false, new DerOctetString(crlReason.GetEncoded())));
+			}
+			catch (IOException e)
+			{
+				throw new ArgumentException("error encoding reason: " + e);
+			}
+
+			X509Extensions entryExtensions = new X509Extensions(extOids, extValues);
+
+			crlGen.AddCrlEntry(BigInteger.One, now, entryExtensions);
+
+			crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public));
+
+			X509Crl crl = crlGen.Generate(pair.Private);
+
+			if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true))
+			{
+				Fail("failed CRL issuer test");
+			}
+
+			Asn1OctetString authExt = crl.GetExtensionValue(X509Extensions.AuthorityKeyIdentifier);
+
+			if (authExt == null)
+			{
+				Fail("failed to find CRL extension");
+			}
+
+			AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt);
+
+			X509CrlEntry entry = crl.GetRevokedCertificate(BigInteger.One);
+
+			if (entry == null)
+			{
+				Fail("failed to find CRL entry");
+			}
+
+			if (!entry.SerialNumber.Equals(BigInteger.One))
+			{
+				Fail("CRL cert serial number does not match");
+			}
+
+			if (!entry.HasExtensions)
+			{
+				Fail("CRL entry extension not found");
+			}
+
+			Asn1OctetString ext = entry.GetExtensionValue(X509Extensions.ReasonCode);
+
+			if (ext != null)
+			{
+				DerEnumerated reasonCode = (DerEnumerated)X509ExtensionUtilities.FromExtensionValue(ext);
+
+				if (reasonCode.Value.IntValue != CrlReason.PrivilegeWithdrawn)
+				{
+					Fail("CRL entry reasonCode wrong");
+				}
+			}
+			else
+			{
+				Fail("CRL entry reasonCode not found");
+			}
+
+			//
+			// check loading of existing CRL
+			//
+			crlGen = new X509V2CrlGenerator();
+			now = DateTime.UtcNow;
+
+			crlGen.SetIssuerDN(new X509Name("CN=Test CA"));
+
+			crlGen.SetThisUpdate(now);
+			crlGen.SetNextUpdate(now.AddSeconds(100));
+			crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
+
+			crlGen.AddCrl(crl);
+
+			crlGen.AddCrlEntry(BigInteger.Two, now, entryExtensions);
+
+			crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public));
+
+			X509Crl newCrl = crlGen.Generate(pair.Private);
+
+			int count = 0;
+			bool oneFound = false;
+			bool twoFound = false;
+
+			foreach (X509CrlEntry crlEnt in newCrl.GetRevokedCertificates())
+			{
+				if (crlEnt.SerialNumber.IntValue == 1)
+				{
+					oneFound = true;
+				}
+				else if (crlEnt.SerialNumber.IntValue == 2)
+				{
+					twoFound = true;
+				}
+
+				count++;
+			}
+
+			if (count != 2)
+			{
+				Fail("wrong number of CRLs found");
+			}
+
+			if (!oneFound || !twoFound)
+			{
+				Fail("wrong CRLs found in copied list");
+			}
+
+			//
+			// check factory read back
+			//
+			X509Crl readCrl = new X509CrlParser().ReadCrl(newCrl.GetEncoded());
+
+			if (readCrl == null)
+			{
+				Fail("crl not returned!");
+			}
+
+//			ICollection col = cFact.generateCRLs(new ByteArrayInputStream(newCrl.getEncoded()));
+			ICollection col = new X509CrlParser().ReadCrls(newCrl.GetEncoded());
+
+			if (col.Count != 1)
+			{
+				Fail("wrong number of CRLs found in collection");
+			}
+		}
+
+		/**
+		 * we Generate a self signed certificate for the sake of testing - GOST3410
+		 */
+		internal void checkCreation4()
+		{
+			//
+			// set up the keys
+			//
+			AsymmetricKeyParameter privKey;
+			AsymmetricKeyParameter pubKey;
+
+//			GOST3410ParameterSpec gost3410P = new GOST3410ParameterSpec("GostR3410-94-CryptoPro-A");
+//			g.initialize(gost3410P, new SecureRandom());
+			IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("GOST3410");
+			g.Init(
+				new Gost3410KeyGenerationParameters(
+					new SecureRandom(),
+					CryptoProObjectIdentifiers.GostR3410x94CryptoProA));
+
+			AsymmetricCipherKeyPair p = g.GenerateKeyPair();
+
+			privKey = p.Private;
+			pubKey = p.Public;
+
+			//
+			// distinguished name table.
+			//
+			IDictionary attrs = new Hashtable();
+			attrs.Add(X509Name.C, "AU");
+			attrs.Add(X509Name.O, "The Legion of the Bouncy Castle");
+			attrs.Add(X509Name.L, "Melbourne");
+			attrs.Add(X509Name.ST, "Victoria");
+			attrs.Add(X509Name.E, "feedback-crypto@bouncycastle.org");
+
+			IList order = new ArrayList();
+			order.Add(X509Name.C);
+			order.Add(X509Name.O);
+			order.Add(X509Name.L);
+			order.Add(X509Name.ST);
+			order.Add(X509Name.E);
+
+			//
+			// extensions
+			//
+
+			//
+			// create the certificate - version 3
+			//
+			X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
+
+			certGen.SetSerialNumber(BigInteger.One);
+			certGen.SetIssuerDN(new X509Name(order, attrs));
+			certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			certGen.SetSubjectDN(new X509Name(order, attrs));
+			certGen.SetPublicKey(pubKey);
+			certGen.SetSignatureAlgorithm("GOST3411withGOST3410");
+
+			X509Certificate cert = certGen.Generate(privKey);
+
+			cert.CheckValidity(DateTime.UtcNow);
+
+			//
+			// check verifies in general
+			//
+			cert.Verify(pubKey);
+
+			//
+			// check verifies with contained key
+			//
+			cert.Verify(cert.GetPublicKey());
+
+			cert = new X509CertificateParser().ReadCertificate(cert.GetEncoded());
+
+			//Console.WriteLine(cert);
+
+			//check getEncoded()
+			byte[] bytesch = cert.GetEncoded();
+		}
+
+		internal void checkCreation5()
+		{
+			//
+			// a sample key pair.
+			//
+			RsaKeyParameters pubKey = new RsaKeyParameters(
+				false,
+				new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+				new BigInteger("11", 16));
+
+			RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters(
+				new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+				new BigInteger("11", 16),
+				new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
+				new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
+				new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
+				new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
+				new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
+				new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
+
+			//
+			// set up the keys
+			//
+			SecureRandom rand = new SecureRandom();
+//			AsymmetricKeyParameter privKey;
+//			AsymmetricKeyParameter pubKey;
+//
+//			KeyFactory  fact = KeyFactory.GetInstance("RSA");
+//
+//			privKey = fact.generatePrivate(privKeySpec);
+//			pubKey = fact.generatePublic(pubKeySpec);
+
+			//
+			// distinguished name table.
+			//
+			IList ord = new ArrayList();
+			ord.Add(X509Name.C);
+			ord.Add(X509Name.O);
+			ord.Add(X509Name.L);
+			ord.Add(X509Name.ST);
+			ord.Add(X509Name.E);
+
+			IList values = new ArrayList();
+			values.Add("AU");
+			values.Add("The Legion of the Bouncy Castle");
+			values.Add("Melbourne");
+			values.Add("Victoria");
+			values.Add("feedback-crypto@bouncycastle.org");
+
+			//
+			// create base certificate - version 3
+			//
+			X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
+
+			certGen.SetSerialNumber(BigInteger.One);
+			certGen.SetIssuerDN(new X509Name(ord, values));
+			certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			certGen.SetSubjectDN(new X509Name(ord, values));
+			certGen.SetPublicKey(pubKey);
+			certGen.SetSignatureAlgorithm("MD5WithRSAEncryption");
+			certGen.AddExtension("2.5.29.15", true,
+				new X509KeyUsage(X509KeyUsage.EncipherOnly));
+			certGen.AddExtension("2.5.29.37", true,
+				new DerSequence(KeyPurposeID.AnyExtendedKeyUsage));
+			certGen.AddExtension("2.5.29.17", true,
+				new GeneralNames(new GeneralName(GeneralName.Rfc822Name, "test@test.test")));
+
+			X509Certificate baseCert = certGen.Generate(privKey);
+
+			//
+			// copy certificate
+			//
+			certGen = new X509V3CertificateGenerator();
+
+			certGen.SetSerialNumber(BigInteger.One);
+			certGen.SetIssuerDN(new X509Name(ord, values));
+			certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			certGen.SetSubjectDN(new X509Name(ord, values));
+			certGen.SetPublicKey(pubKey);
+			certGen.SetSignatureAlgorithm("MD5WithRSAEncryption");
+
+			certGen.CopyAndAddExtension(new DerObjectIdentifier("2.5.29.15"), true, baseCert);
+			certGen.CopyAndAddExtension("2.5.29.37", false, baseCert);
+
+			X509Certificate cert = certGen.Generate(privKey);
+
+			cert.CheckValidity(DateTime.UtcNow);
+
+			cert.Verify(pubKey);
+
+			DerObjectIdentifier oid1 = new DerObjectIdentifier("2.5.29.15");
+			if (!baseCert.GetExtensionValue(oid1).Equals(cert.GetExtensionValue(oid1)))
+			{
+				Fail("2.5.29.15 differs");
+			}
+
+			DerObjectIdentifier oid2 = new DerObjectIdentifier("2.5.29.37");
+			if (!baseCert.GetExtensionValue(oid2).Equals(cert.GetExtensionValue(oid2)))
+			{
+				Fail("2.5.29.37 differs");
+			}
+
+			//
+			// exception test
+			//
+			try
+			{
+				certGen.CopyAndAddExtension("2.5.99.99", true, baseCert);
+
+				Fail("exception not thrown on dud extension copy");
+			}
+			catch (CertificateParsingException)
+			{
+				// expected
+			}
+
+			try
+			{
+				certGen.SetPublicKey(dudPublicKey);
+
+				certGen.Generate(privKey);
+
+				Fail("key without encoding not detected in v3");
+			}
+			catch (ArgumentException)
+			{
+				// expected
+			}
+		}
+
+		private void doTestForgedSignature()
+		{
+			string cert = "MIIBsDCCAVoCAQYwDQYJKoZIhvcNAQEFBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV"
+				+ "BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD"
+				+ "VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw0wNjA5MTEyMzU4NTVa"
+				+ "Fw0wNjEwMTEyMzU4NTVaMGMxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNs"
+				+ "YW5kMRowGAYDVQQKExFDcnlwdFNvZnQgUHR5IEx0ZDEjMCEGA1UEAxMaU2VydmVy"
+				+ "IHRlc3QgY2VydCAoNTEyIGJpdCkwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAn7PD"
+				+ "hCeV/xIxUg8V70YRxK2A5jZbD92A12GN4PxyRQk0/lVmRUNMaJdq/qigpd9feP/u"
+				+ "12S4PwTLb/8q/v657QIDAQABMA0GCSqGSIb3DQEBBQUAA0EAbynCRIlUQgaqyNgU"
+				+ "DF6P14yRKUtX8akOP2TwStaSiVf/akYqfLFm3UGka5XbPj4rifrZ0/sOoZEEBvHQ"
+				+ "e20sRA==";
+
+			X509Certificate x509 = new X509CertificateParser().ReadCertificate(Base64.Decode(cert));
+
+			try
+			{
+				x509.Verify(x509.GetPublicKey());
+
+				Fail("forged RSA signature passed");
+			}
+			catch (Exception)
+			{
+				// expected
+			}
+		}
+
+		private void pemTest()
+		{
+			X509Certificate cert = readPemCert(PemData.CERTIFICATE_1);
+			if (cert == null)
+			{
+				Fail("PEM cert not read");
+			}
+			cert = readPemCert("-----BEGIN CERTIFICATE-----" + PemData.CERTIFICATE_2);
+			if (cert == null)
+			{
+				Fail("PEM cert with extraneous header not read");
+			}
+			X509Crl crl = new X509CrlParser().ReadCrl(Encoding.ASCII.GetBytes(PemData.CRL_1));
+			if (crl == null)
+			{
+				Fail("PEM crl not read");
+			}
+			ArrayList col = new ArrayList(
+				new X509CertificateParser().ReadCertificates(Encoding.ASCII.GetBytes(PemData.CERTIFICATE_2)));
+			if (col.Count != 1 || !col.Contains(cert))
+			{
+				Fail("PEM cert collection not right");
+			}
+			col = new ArrayList(
+				new X509CrlParser().ReadCrls(Encoding.ASCII.GetBytes(PemData.CRL_2)));
+			if (col.Count != 1 || !col.Contains(crl))
+			{
+				Fail("PEM crl collection not right");
+			}
+		}
+
+		private static X509Certificate readPemCert(
+			string pemData)
+		{
+			return new X509CertificateParser().ReadCertificate(Encoding.ASCII.GetBytes(pemData));
+		}
+
+		private void pkcs7Test()
+		{
+			Asn1Encodable rootCert = Asn1Object.FromByteArray(CertPathTest.rootCertBin);
+			Asn1Encodable rootCrl = Asn1Object.FromByteArray(CertPathTest.rootCrlBin);
+
+			X509CertificateParser certParser = new X509CertificateParser();
+			X509CrlParser crlParser = new X509CrlParser();
+
+			SignedData sigData = new SignedData(
+				DerSet.Empty,
+				new ContentInfo(CmsObjectIdentifiers.Data, null),
+				new DerSet(
+					rootCert,
+					new DerTaggedObject(false, 2, Asn1Object.FromByteArray(AttrCertTest.attrCert))),
+				new DerSet(rootCrl),
+				DerSet.Empty);
+
+			ContentInfo info = new ContentInfo(CmsObjectIdentifiers.SignedData, sigData);
+
+			X509Certificate cert = certParser.ReadCertificate(info.GetEncoded());
+			if (cert == null || !AreEqual(cert.GetEncoded(), rootCert.ToAsn1Object().GetEncoded()))
+			{
+				Fail("PKCS7 cert not read");
+			}
+			X509Crl crl = crlParser.ReadCrl(info.GetEncoded());
+			if (crl == null || !AreEqual(crl.GetEncoded(), rootCrl.ToAsn1Object().GetEncoded()))
+			{
+				Fail("PKCS7 crl not read");
+			}
+			ArrayList col = new ArrayList(certParser.ReadCertificates(info.GetEncoded()));
+			if (col.Count != 1 || !col.Contains(cert))
+			{
+				Fail("PKCS7 cert collection not right");
+			}
+			col = new ArrayList(crlParser.ReadCrls(info.GetEncoded()));
+			if (col.Count != 1 || !col.Contains(crl))
+			{
+				Fail("PKCS7 crl collection not right");
+			}
+
+			// data with no certificates or CRLs
+
+			sigData = new SignedData(DerSet.Empty, new ContentInfo(CmsObjectIdentifiers.Data, null), DerSet.Empty, DerSet.Empty, DerSet.Empty);
+
+			info = new ContentInfo(CmsObjectIdentifiers.SignedData, sigData);
+
+			cert = certParser.ReadCertificate(info.GetEncoded());
+			if (cert != null)
+			{
+				Fail("PKCS7 cert present");
+			}
+			crl = crlParser.ReadCrl(info.GetEncoded());
+			if (crl != null)
+			{
+				Fail("PKCS7 crl present");
+			}
+
+			// data with absent certificates and CRLS
+
+			sigData = new SignedData(DerSet.Empty, new ContentInfo(CmsObjectIdentifiers.Data, null), null, null, DerSet.Empty);
+
+			info = new ContentInfo(CmsObjectIdentifiers.SignedData, sigData);
+
+			cert = certParser.ReadCertificate(info.GetEncoded());
+			if (cert != null)
+			{
+				Fail("PKCS7 cert present");
+			}
+			crl = crlParser.ReadCrl(info.GetEncoded());
+			if (crl != null)
+			{
+				Fail("PKCS7 crl present");
+			}
+
+			//
+			// sample message
+			//
+			ICollection certCol = certParser.ReadCertificates(pkcs7CrlProblem);
+			ICollection crlCol = crlParser.ReadCrls(pkcs7CrlProblem);
+
+			if (crlCol.Count != 0)
+			{
+				Fail("wrong number of CRLs: " + crlCol.Count);
+			}
+
+			if (certCol.Count != 4)
+			{
+				Fail("wrong number of Certs: " + certCol.Count);
+			}
+		}
+
+		private void createPssCert(
+			string algorithm)
+		{
+			AsymmetricCipherKeyPair keyPair = GenerateLongFixedKeys();
+
+			AsymmetricKeyParameter privKey = keyPair.Private;
+			AsymmetricKeyParameter pubKey = keyPair.Public;
+
+			//
+			// distinguished name table.
+			//
+			IList ord = new ArrayList();
+			ord.Add(X509Name.C);
+			ord.Add(X509Name.O);
+			ord.Add(X509Name.L);
+			ord.Add(X509Name.ST);
+			ord.Add(X509Name.E);
+
+			IList values = new ArrayList();
+			values.Add("AU");
+			values.Add("The Legion of the Bouncy Castle");
+			values.Add("Melbourne");
+			values.Add("Victoria");
+			values.Add("feedback-crypto@bouncycastle.org");
+
+			//
+			// create base certificate - version 3
+			//
+			X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();
+
+			certGen.SetSerialNumber(BigInteger.One);
+			certGen.SetIssuerDN(new X509Name(ord, values));
+			certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			certGen.SetSubjectDN(new X509Name(ord, values));
+			certGen.SetPublicKey(pubKey);
+			certGen.SetSignatureAlgorithm(algorithm);
+			certGen.AddExtension("2.5.29.15", true,
+			new X509KeyUsage(X509KeyUsage.EncipherOnly));
+			certGen.AddExtension("2.5.29.37", true,
+			new DerSequence(KeyPurposeID.AnyExtendedKeyUsage));
+			certGen.AddExtension("2.5.29.17", true,
+			new GeneralNames(new GeneralName(GeneralName.Rfc822Name, "test@test.test")));
+
+			X509Certificate baseCert = certGen.Generate(privKey);
+
+			baseCert.Verify(pubKey);
+		}
+
+		private static AsymmetricCipherKeyPair GenerateLongFixedKeys()
+		{
+//			RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
+			RsaKeyParameters pubKey = new RsaKeyParameters(false,
+				new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
+				new BigInteger("010001",16));
+
+//			RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
+			RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters(
+				new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
+				new BigInteger("010001",16),
+				new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16),
+				new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16),
+				new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16),
+				new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16),
+				new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16),
+				new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16));
+
+//			KeyFactory  fact = KeyFactory.getInstance("RSA", "BC");
+//
+//			PrivateKey privKey = fact.generatePrivate(privKeySpec);
+//			PublicKey pubKey = fact.generatePublic(pubKeySpec);
+
+			return new AsymmetricCipherKeyPair(pubKey, privKey);
+		}
+
+		private void doTestNullDerNullCert()
+		{
+			AsymmetricCipherKeyPair keyPair = GenerateLongFixedKeys();
+
+			AsymmetricKeyParameter pubKey = keyPair.Public;
+			AsymmetricKeyParameter privKey = keyPair.Private;
+
+			X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
+
+			certGen.SetSerialNumber(BigInteger.One);
+			certGen.SetIssuerDN(new X509Name("CN=Test"));
+			certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			certGen.SetSubjectDN(new X509Name("CN=Test"));
+			certGen.SetPublicKey(pubKey);
+			certGen.SetSignatureAlgorithm("MD5WithRSAEncryption");
+			X509Certificate cert = certGen.Generate(privKey);
+
+			X509CertificateStructure certStruct = X509CertificateStructure.GetInstance(
+				Asn1Object.FromByteArray(cert.GetEncoded()));
+
+			Asn1Encodable tbsCertificate = certStruct.TbsCertificate;
+			AlgorithmIdentifier sig = certStruct.SignatureAlgorithm;
+
+			DerSequence seq = new DerSequence(
+				tbsCertificate,
+				new AlgorithmIdentifier(sig.ObjectID),
+				certStruct.Signature);
+
+			try
+			{
+				// verify
+				byte[] encoded = seq.GetEncoded();
+				X509CertificateParser fact = new X509CertificateParser();
+				cert = fact.ReadCertificate(encoded);
+				cert.Verify(cert.GetPublicKey());
+			}
+			catch (Exception e)
+			{
+				Fail("doTestNullDerNull failed - exception " + e.ToString(), e);
+			}
+		}
+
+		public override void PerformTest()
+		{
+			checkCertificate(1, cert1);
+			checkCertificate(2, cert2);
+			checkCertificate(3, cert3);
+			checkCertificate(4, cert4);
+			checkCertificate(5, cert5);
+			// This cert uses an incorrect encoding (compressed wrapped in extra octet string)
+			// which the Java build supports backwards, but we choose not to for C# build
+//			checkCertificate(6, oldEcdsa);
+			checkCertificate(7, cert7);
+
+			checkKeyUsage(8, keyUsage);
+			checkSelfSignedCertificate(9, uncompressedPtEC);
+			checkNameCertificate(10, nameCert);
+
+			checkSelfSignedCertificate(11, probSelfSignedCert);
+			checkSelfSignedCertificate(12, gostCA1);
+			checkSelfSignedCertificate(13, gostCA2);
+			checkSelfSignedCertificate(14, gost341094base);
+			checkSelfSignedCertificate(15, gost34102001base);
+			checkSelfSignedCertificate(16, gost341094A);
+			checkSelfSignedCertificate(17, gost341094B);
+			checkSelfSignedCertificate(17, gost34102001A);
+
+			checkCrl(1, crl1);
+
+			checkCreation1();
+			checkCreation2();
+			checkCreation3();
+			checkCreation4();
+			checkCreation5();
+
+			createECCert("SHA1withECDSA", X9ObjectIdentifiers.ECDsaWithSha1);
+			createECCert("SHA224withECDSA", X9ObjectIdentifiers.ECDsaWithSha224);
+			createECCert("SHA256withECDSA", X9ObjectIdentifiers.ECDsaWithSha256);
+			createECCert("SHA384withECDSA", X9ObjectIdentifiers.ECDsaWithSha384);
+			createECCert("SHA512withECDSA", X9ObjectIdentifiers.ECDsaWithSha512);
+
+			createPssCert("SHA1withRSAandMGF1");
+			createPssCert("SHA224withRSAandMGF1");
+			createPssCert("SHA256withRSAandMGF1");
+			createPssCert("SHA384withRSAandMGF1");
+
+			checkCrlCreation1();
+			checkCrlCreation2();
+			checkCrlCreation3();
+
+			pemTest();
+			pkcs7Test();
+
+			doTestForgedSignature();
+
+			doTestNullDerNullCert();
+
+			checkCertificate(18, emptyDNCert);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new CertTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/CipherStreamTest.cs b/crypto/test/src/test/CipherStreamTest.cs
new file mode 100644
index 000000000..0809dfe80
--- /dev/null
+++ b/crypto/test/src/test/CipherStreamTest.cs
@@ -0,0 +1,449 @@
+using System;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	/// <remarks>Check that cipher input/output streams are working correctly</remarks>
+	[TestFixture]
+	public class CipherStreamTest
+		: SimpleTest
+	{
+		private static readonly byte[] RK = Hex.Decode("0123456789ABCDEF");
+		private static readonly byte[] RIN = Hex.Decode("4e6f772069732074");
+		private static readonly byte[] ROUT = Hex.Decode("3afbb5c77938280d");
+
+		private static byte[] SIN = Hex.Decode(
+			"00000000000000000000000000000000"
+			+ "00000000000000000000000000000000"
+			+ "00000000000000000000000000000000"
+			+ "00000000000000000000000000000000");
+		private static readonly byte[] SK = Hex.Decode("80000000000000000000000000000000");
+		private static readonly byte[] SIV = Hex.Decode("0000000000000000");
+		private static readonly byte[] SOUT = Hex.Decode(
+			  "4DFA5E481DA23EA09A31022050859936"
+			+ "DA52FCEE218005164F267CB65F5CFD7F"
+			+ "2B4F97E0FF16924A52DF269515110A07"
+			+ "F9E460BC65EF95DA58F740B7D1DBB0AA");
+
+		private static readonly byte[] HCIN = new byte[64];
+		private static readonly byte[] HCIV = new byte[32];
+
+		private static readonly byte[] HCK256A = new byte[32];
+		private static readonly byte[] HC256A = Hex.Decode(
+			  "5B078985D8F6F30D42C5C02FA6B67951"
+			+ "53F06534801F89F24E74248B720B4818"
+			+ "CD9227ECEBCF4DBF8DBF6977E4AE14FA"
+			+ "E8504C7BC8A9F3EA6C0106F5327E6981");
+
+		private static readonly byte[] HCK128A = new byte[16];
+		private static readonly byte[] HC128A = Hex.Decode(
+			  "82001573A003FD3B7FD72FFB0EAF63AA"
+			+ "C62F12DEB629DCA72785A66268EC758B"
+			+ "1EDB36900560898178E0AD009ABF1F49"
+			+ "1330DC1C246E3D6CB264F6900271D59C");
+
+		private void doRunTest(
+			string	name,
+			int		ivLength)
+		{
+			string lCode = "ABCDEFGHIJKLMNOPQRSTUVWXY0123456789";
+
+			string baseName = name;
+			if (name.IndexOf('/') >= 0)
+			{
+				baseName = name.Substring(0, name.IndexOf('/'));
+			}
+
+			CipherKeyGenerator kGen = GeneratorUtilities.GetKeyGenerator(baseName);
+
+			IBufferedCipher inCipher = CipherUtilities.GetCipher(name);
+			IBufferedCipher outCipher = CipherUtilities.GetCipher(name);
+			KeyParameter key = ParameterUtilities.CreateKeyParameter(baseName, kGen.GenerateKey());
+			MemoryStream bIn = new MemoryStream(Encoding.ASCII.GetBytes(lCode), false);
+			MemoryStream bOut = new MemoryStream();
+
+			// In the Java build, this IV would be implicitly created and then retrieved with getIV()
+			ICipherParameters cipherParams = key;
+			if (ivLength > 0)
+			{
+				cipherParams = new ParametersWithIV(cipherParams, new byte[ivLength]);
+			}
+
+			inCipher.Init(true, cipherParams);
+
+			// TODO Should we provide GetIV() method on IBufferedCipher?
+			//if (inCipher.getIV() != null)
+			//{
+			//	outCipher.Init(false, new ParametersWithIV(key, inCipher.getIV()));
+			//}
+			//else
+			//{
+			//	outCipher.Init(false, key);
+			//}
+			outCipher.Init(false, cipherParams);
+
+			CipherStream cIn = new CipherStream(bIn, inCipher, null);
+			CipherStream cOut = new CipherStream(bOut, null, outCipher);
+
+			int c;
+
+			while ((c = cIn.ReadByte()) >= 0)
+			{
+				cOut.WriteByte((byte)c);
+			}
+
+			cIn.Close();
+
+			cOut.Flush();
+			cOut.Close();
+
+			byte[] bs = bOut.ToArray();
+			string res = Encoding.ASCII.GetString(bs, 0, bs.Length);
+
+			if (!res.Equals(lCode))
+			{
+				Fail("Failed - decrypted data doesn't match.");
+			}
+		}
+
+		private void doTestAlgorithm(
+			string	name,
+			byte[]	keyBytes,
+			byte[]	iv,
+			byte[]	plainText,
+			byte[]	cipherText)
+		{
+			KeyParameter key = ParameterUtilities.CreateKeyParameter(name, keyBytes);
+
+			IBufferedCipher inCipher = CipherUtilities.GetCipher(name);
+			IBufferedCipher outCipher = CipherUtilities.GetCipher(name);
+
+			if (iv != null)
+			{
+				inCipher.Init(true, new ParametersWithIV(key, iv));
+				outCipher.Init(false, new ParametersWithIV(key, iv));
+			}
+			else
+			{
+				inCipher.Init(true, key);
+				outCipher.Init(false, key);
+			}
+
+			byte[] enc = inCipher.DoFinal(plainText);
+			if (!AreEqual(enc, cipherText))
+			{
+				Fail(name + ": cipher text doesn't match");
+			}
+
+			byte[] dec = outCipher.DoFinal(enc);
+
+			if (!AreEqual(dec, plainText))
+			{
+				Fail(name + ": plain text doesn't match");
+			}
+		}
+
+		private void doTestException(
+			string	name,
+			int		ivLength)
+		{
+			try
+			{
+				byte[] key128 = {
+					(byte)128, (byte)131, (byte)133, (byte)134,
+					(byte)137, (byte)138, (byte)140, (byte)143,
+					(byte)128, (byte)131, (byte)133, (byte)134,
+					(byte)137, (byte)138, (byte)140, (byte)143
+				};
+
+				byte[] key256 = {
+					(byte)128, (byte)131, (byte)133, (byte)134,
+					(byte)137, (byte)138, (byte)140, (byte)143,
+					(byte)128, (byte)131, (byte)133, (byte)134,
+					(byte)137, (byte)138, (byte)140, (byte)143,
+					(byte)128, (byte)131, (byte)133, (byte)134,
+					(byte)137, (byte)138, (byte)140, (byte)143,
+					(byte)128, (byte)131, (byte)133, (byte)134,
+					(byte)137, (byte)138, (byte)140, (byte)143 };
+
+				byte[] keyBytes;
+				if (name.Equals("HC256"))
+				{
+					keyBytes = key256;
+				}
+				else
+				{
+					keyBytes = key128;
+				}
+
+				KeyParameter cipherKey = ParameterUtilities.CreateKeyParameter(name, keyBytes);
+
+				ICipherParameters cipherParams = cipherKey;
+				if (ivLength > 0)
+				{
+					cipherParams = new ParametersWithIV(cipherParams, new byte[ivLength]);
+				}
+
+				IBufferedCipher ecipher = CipherUtilities.GetCipher(name);
+				ecipher.Init(true, cipherParams);
+
+				byte[] cipherText = new byte[0];
+				try
+				{
+					// According specification Method engineUpdate(byte[] input,
+					// int inputOffset, int inputLen, byte[] output, int
+					// outputOffset)
+					// throws ShortBufferException - if the given output buffer is
+					// too
+					// small to hold the result
+					ecipher.ProcessBytes(new byte[20], 0, 20, cipherText, 0);
+
+//					Fail("failed exception test - no ShortBufferException thrown");
+					Fail("failed exception test - no DataLengthException thrown");
+				}
+//				catch (ShortBufferException e)
+				catch (DataLengthException)
+				{
+					// ignore
+				}
+
+				// NB: The lightweight engine doesn't take public/private keys
+//				try
+//				{
+//					IBufferedCipher c = CipherUtilities.GetCipher(name);
+//
+//					//                Key k = new PublicKey()
+//					//                {
+//					//
+//					//                    public string getAlgorithm()
+//					//                    {
+//					//                        return "STUB";
+//					//                    }
+//					//
+//					//                    public string getFormat()
+//					//                    {
+//					//                        return null;
+//					//                    }
+//					//
+//					//                    public byte[] getEncoded()
+//					//                    {
+//					//                        return null;
+//					//                    }
+//					//
+//					//                };
+//					AsymmetricKeyParameter k = new AsymmetricKeyParameter(false);
+//					c.Init(true, k);
+//
+//					Fail("failed exception test - no InvalidKeyException thrown for public key");
+//				}
+//				catch (InvalidKeyException)
+//				{
+//					// okay
+//				}
+//
+//				try
+//				{
+//					IBufferedCipher c = CipherUtilities.GetCipher(name);
+//
+//					//				Key k = new PrivateKey()
+//					//                {
+//					//
+//					//                    public string getAlgorithm()
+//					//                    {
+//					//                        return "STUB";
+//					//                    }
+//					//
+//					//                    public string getFormat()
+//					//                    {
+//					//                        return null;
+//					//                    }
+//					//
+//					//                    public byte[] getEncoded()
+//					//                    {
+//					//                        return null;
+//					//                    }
+//					//
+//					//                };
+//
+//					AsymmetricKeyParameter k = new AsymmetricKeyParameter(true);
+//					c.Init(false, k);
+//
+//					Fail("failed exception test - no InvalidKeyException thrown for private key");
+//				}
+//				catch (InvalidKeyException)
+//				{
+//					// okay
+//				}
+			}
+			catch (Exception e)
+			{
+				Fail("unexpected exception.", e);
+			}
+		}
+
+		[Test]
+		public void TestRC4()
+		{
+			doRunTest("RC4", 0);
+		}
+
+		[Test]
+		public void TestRC4Exception()
+		{
+			doTestException("RC4", 0);
+		}
+
+		[Test]
+		public void TestRC4Algorithm()
+		{
+			doTestAlgorithm("RC4", RK, null, RIN, ROUT);
+		}
+
+		[Test]
+		public void TestSalsa20()
+		{
+			doRunTest("Salsa20", 8);
+		}
+
+		[Test]
+		public void TestSalsa20Exception()
+		{
+			doTestException("Salsa20", 8);
+		}
+
+		[Test]
+		public void TestSalsa20Algorithm()
+		{
+			doTestAlgorithm("Salsa20", SK, SIV, SIN, SOUT);
+		}
+
+		[Test]
+		public void TestHC128()
+		{
+			doRunTest("HC128", 16);
+		}
+
+		[Test]
+		public void TestHC128Exception()
+		{
+			doTestException("HC128", 16);
+		}
+
+		[Test]
+		public void TestHC128Algorithm()
+		{
+			doTestAlgorithm("HC128", HCK128A, HCIV, HCIN, HC128A);
+		}
+
+		[Test]
+		public void TestHC256()
+		{
+			doRunTest("HC256", 32);
+		}
+
+		[Test]
+		public void TestHC256Exception()
+		{
+			doTestException("HC256", 32);
+		}
+
+		[Test]
+		public void TestHC256Algorithm()
+		{
+			doTestAlgorithm("HC256", HCK256A, HCIV, HCIN, HC256A);
+		}
+
+		[Test]
+		public void TestVmpc()
+		{
+			doRunTest("VMPC", 16);
+		}
+
+		[Test]
+		public void TestVmpcException()
+		{
+			doTestException("VMPC", 16);
+		}
+
+//		[Test]
+//		public void TestVmpcAlgorithm()
+//		{
+//			doTestAlgorithm("VMPC", a, iv, in, a);
+//		}
+
+		[Test]
+		public void TestVmpcKsa3()
+		{
+			doRunTest("VMPC-KSA3", 16);
+		}
+
+		[Test]
+		public void TestVmpcKsa3Exception()
+		{
+			doTestException("VMPC-KSA3", 16);
+		}
+
+//		[Test]
+//		public void TestVmpcKsa3Algorithm()
+//		{
+//			doTestAlgorithm("VMPC-KSA3", a, iv, in, a);
+//		}
+
+		[Test]
+		public void TestDesEcbPkcs7()
+		{
+			doRunTest("DES/ECB/PKCS7Padding", 0);
+		}
+
+		[Test]
+		public void TestDesCfbNoPadding()
+		{
+			doRunTest("DES/CFB8/NoPadding", 0);
+		}
+
+		public override void PerformTest()
+		{
+			TestRC4();
+			TestRC4Exception();
+			TestRC4Algorithm();
+			TestSalsa20();
+			TestSalsa20Exception();
+			TestSalsa20Algorithm();
+			TestHC128();
+			TestHC128Exception();
+			TestHC128Algorithm();
+			TestHC256();
+			TestHC256Exception();
+			TestHC256Algorithm();
+			TestVmpc();
+			TestVmpcException();
+//			TestVmpcAlgorithm();
+			TestVmpcKsa3();
+			TestVmpcKsa3Exception();
+//			TestVmpcKsa3Algorithm();
+			TestDesEcbPkcs7();
+			TestDesCfbNoPadding();
+		}
+
+		public override string Name
+		{
+			get { return "CipherStreamTest"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new CipherStreamTest());
+		}
+	}
+}
diff --git a/crypto/test/src/test/DESedeTest.cs b/crypto/test/src/test/DESedeTest.cs
new file mode 100644
index 000000000..d84b994f0
--- /dev/null
+++ b/crypto/test/src/test/DESedeTest.cs
@@ -0,0 +1,298 @@
+using System;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+    /// <remarks>
+    /// Basic test class for key generation for a DES-EDE block cipher, basically
+    /// this just exercises the provider, and makes sure we are behaving sensibly,
+    /// correctness of the implementation is shown in the lightweight test classes.
+    /// </remarks>
+    [TestFixture]
+    public class DesEdeTest
+        : SimpleTest
+    {
+        private static string[] cipherTests1 =
+    {
+        "112",
+        "2f4bc6b30c893fa549d82c560d61cf3eb088aed020603de249d82c560d61cf3e529e95ecd8e05394",
+        "128",
+        "2f4bc6b30c893fa549d82c560d61cf3eb088aed020603de249d82c560d61cf3e529e95ecd8e05394",
+        "168",
+        "50ddb583a25c21e6c9233f8e57a86d40bb034af421c03096c9233f8e57a86d402fce91e8eb639f89",
+        "192",
+        "50ddb583a25c21e6c9233f8e57a86d40bb034af421c03096c9233f8e57a86d402fce91e8eb639f89",
+        };
+
+        private static byte[] input1 = Hex.Decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f");
+
+        /**
+         * a fake random number generator - we just want to make sure the random numbers
+         * aren't random so that we get the same output, while still getting to test the
+         * key generation facilities.
+         */
+        private class FixedSecureRandom
+            : SecureRandom
+        {
+            private byte[] seed =
+        {
+            (byte)0xaa, (byte)0xfd, (byte)0x12, (byte)0xf6, (byte)0x59,
+            (byte)0xca, (byte)0xe6, (byte)0x34, (byte)0x89, (byte)0xb4,
+            (byte)0x79, (byte)0xe5, (byte)0x07, (byte)0x6d, (byte)0xde,
+            (byte)0xc2, (byte)0xf0, (byte)0x6c, (byte)0xb5, (byte)0x8f
+        };
+
+            public override void NextBytes(
+                byte[] bytes)
+            {
+                int offset = 0;
+
+                while ((offset + seed.Length) < bytes.Length)
+                {
+                    Array.Copy(seed, 0, bytes, offset, seed.Length);
+                    offset += seed.Length;
+                }
+
+                Array.Copy(seed, 0, bytes, offset, bytes.Length - offset);
+            }
+        }
+
+        public override string Name
+        {
+            get { return "DESEDE"; }
+        }
+
+        private void wrapTest(
+            string  alg,
+            int     id,
+            byte[]  kek,
+            byte[]  iv,
+            byte[]  input,
+            byte[]  output)
+        {
+            try
+            {
+                IWrapper wrapper = WrapperUtilities.GetWrapper(alg + "Wrap");
+
+                KeyParameter desEdeKey = new DesEdeParameters(kek);
+                wrapper.Init(true, new ParametersWithIV(desEdeKey, iv));
+
+                try
+                {
+//					byte[] cText = wrapper.Wrap(new SecretKeySpec(input, alg));
+                    byte[] cText = wrapper.Wrap(input, 0, input.Length);
+
+                    if (!Arrays.AreEqual(cText, output))
+                    {
+                        Fail("failed wrap test " + id  + " expected "
+                            + Hex.ToHexString(output) + " got " + Hex.ToHexString(cText));
+                    }
+                }
+                catch (Exception e)
+                {
+                    Fail("failed wrap test exception " + e.ToString());
+                }
+
+                wrapper.Init(false, desEdeKey);
+
+                try
+                {
+//					Key pText = wrapper.unwrap(output, alg, IBufferedCipher.SECRET_KEY);
+                    byte[] pText = wrapper.Unwrap(output, 0, output.Length);
+//					if (!Arrays.AreEqual(pText.getEncoded(), input))
+                    if (!Arrays.AreEqual(pText, input))
+                    {
+                        Fail("failed unwrap test " + id  + " expected "
+                            + Hex.ToHexString(input) + " got "
+                            + Hex.ToHexString(pText));
+                    }
+                }
+                catch (Exception e)
+                {
+                    Fail("failed unwrap test exception " + e.ToString());
+                }
+            }
+            catch (Exception ex)
+            {
+                Fail("failed exception " + ex.ToString());
+            }
+        }
+
+        private void doTest(
+            string  alg,
+            int     strength,
+            byte[]  input,
+            byte[]  output)
+        {
+            KeyParameter		key = null;
+            CipherKeyGenerator	keyGen;
+            SecureRandom		rand;
+            IBufferedCipher		inCipher = null;
+            IBufferedCipher		outCipher = null;
+            CipherStream		cIn;
+            CipherStream		cOut;
+            MemoryStream		bIn;
+            MemoryStream		bOut;
+
+            rand = new FixedSecureRandom();
+
+            try
+            {
+                keyGen = GeneratorUtilities.GetKeyGenerator(alg);
+                keyGen.Init(new KeyGenerationParameters(rand, strength));
+
+                key = new DesEdeParameters(keyGen.GenerateKey());
+
+                inCipher = CipherUtilities.GetCipher(alg + "/ECB/PKCS7Padding");
+                outCipher = CipherUtilities.GetCipher(alg + "/ECB/PKCS7Padding");
+
+                outCipher.Init(true, new ParametersWithRandom(key, rand));
+            }
+            catch (Exception e)
+            {
+                Fail(alg + " failed initialisation - " + e.ToString());
+            }
+
+            try
+            {
+                inCipher.Init(false, key);
+            }
+            catch (Exception e)
+            {
+                Fail(alg + " failed initialisation - " + e.ToString());
+            }
+
+            //
+            // encryption pass
+            //
+            bOut = new MemoryStream();
+
+            cOut = new CipherStream(bOut, null, outCipher);
+
+            try
+            {
+                for (int i = 0; i != input.Length / 2; i++)
+                {
+                    cOut.WriteByte(input[i]);
+                }
+                cOut.Write(input, input.Length / 2, input.Length - input.Length / 2);
+                cOut.Close();
+            }
+            catch (IOException e)
+            {
+                Fail(alg + " failed encryption - " + e.ToString());
+            }
+
+            byte[] bytes = bOut.ToArray();
+
+            if (!Arrays.AreEqual(bytes, output))
+            {
+                Fail(alg + " failed encryption - expected "
+                    + Hex.ToHexString(output) + " got "
+                    + Hex.ToHexString(bytes));
+            }
+
+            //
+            // decryption pass
+            //
+            bIn = new MemoryStream(bytes, false);
+
+            cIn = new CipherStream(bIn, inCipher, null);
+
+            try
+            {
+//				DataInputStream dIn = new DataInputStream(cIn);
+                BinaryReader dIn = new BinaryReader(cIn);
+
+                bytes = new byte[input.Length];
+
+                for (int i = 0; i != input.Length / 2; i++)
+                {
+                    bytes[i] = (byte)dIn.ReadByte();
+                }
+//				dIn.readFully(bytes, input.Length / 2, bytes.Length - input.Length / 2);
+                int remaining = bytes.Length - input.Length / 2;
+                byte[] rest = dIn.ReadBytes(remaining);
+                if (rest.Length != remaining)
+                    throw new Exception("IO problem with BinaryReader");
+                rest.CopyTo(bytes, input.Length / 2);
+            }
+            catch (Exception e)
+            {
+                Fail(alg + " failed encryption - " + e.ToString());
+            }
+
+            if (!Arrays.AreEqual(bytes, input))
+            {
+                Fail(alg + " failed decryption - expected "
+                    + Hex.ToHexString(input) + " got "
+                    + Hex.ToHexString(bytes));
+            }
+
+            // TODO Put back in
+//			//
+//			// keyspec test
+//			//
+//			try
+//			{
+//				SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(alg);
+//				DESedeKeySpec keySpec = (DESedeKeySpec)keyFactory.getKeySpec((SecretKey)key, DESedeKeySpec.class);
+//
+//				if (!equalArray(key.getEncoded(), keySpec.getKey(), 16))
+//				{
+//					Fail(alg + " KeySpec does not match key.");
+//				}
+//			}
+//			catch (Exception e)
+//			{
+//				Fail(alg + " failed keyspec - " + e.ToString());
+//			}
+        }
+
+        public override void PerformTest()
+        {
+            for (int i = 0; i != cipherTests1.Length; i += 2)
+            {
+                doTest("DESEDE", int.Parse(cipherTests1[i]), input1, Hex.Decode(cipherTests1[i + 1]));
+            }
+
+            for (int i = 0; i != cipherTests1.Length; i += 2)
+            {
+                doTest("TDEA", int.Parse(cipherTests1[i]), input1, Hex.Decode(cipherTests1[i + 1]));
+            }
+
+            byte[] kek1 = Hex.Decode("255e0d1c07b646dfb3134cc843ba8aa71f025b7c0838251f");
+            byte[] iv1 = Hex.Decode("5dd4cbfc96f5453b");
+            byte[] in1 = Hex.Decode("2923bf85e06dd6ae529149f1f1bae9eab3a7da3d860d3e98");
+            byte[] out1 = Hex.Decode("690107618ef092b3b48ca1796b234ae9fa33ebb4159604037db5d6a84eb3aac2768c632775a467d4");
+
+            wrapTest("DESEDE", 1, kek1, iv1, in1, out1);
+            wrapTest("TDEA", 1, kek1, iv1, in1, out1);
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new DesEdeTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/test/DHTest.cs b/crypto/test/src/test/DHTest.cs
new file mode 100644
index 000000000..9a3610c18
--- /dev/null
+++ b/crypto/test/src/test/DHTest.cs
@@ -0,0 +1,650 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class DHTest
+		: SimpleTest
+	{
+		private static readonly BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
+		private static readonly BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
+
+		private static readonly BigInteger g768 = new BigInteger("7c240073c1316c621df461b71ebb0cdcc90a6e5527e5e126633d131f87461c4dc4afc60c2cb0f053b6758871489a69613e2a8b4c8acde23954c08c81cbd36132cfd64d69e4ed9f8e51ed6e516297206672d5c0a69135df0a5dcf010d289a9ca1", 16);
+		private static readonly BigInteger p768 = new BigInteger("8c9dd223debed1b80103b8b309715be009d48860ed5ae9b9d5d8159508efd802e3ad4501a7f7e1cfec78844489148cd72da24b21eddd01aa624291c48393e277cfc529e37075eccef957f3616f962d15b44aeab4039d01b817fde9eaa12fd73f", 16);
+
+		private static readonly BigInteger g1024 = new BigInteger("1db17639cdf96bc4eabba19454f0b7e5bd4e14862889a725c96eb61048dcd676ceb303d586e30f060dbafd8a571a39c4d823982117da5cc4e0f89c77388b7a08896362429b94a18a327604eb7ff227bffbc83459ade299e57b5f77b50fb045250934938efa145511166e3197373e1b5b1e52de713eb49792bedde722c6717abf", 16);
+		private static readonly BigInteger p1024 = new BigInteger("a00e283b3c624e5b2b4d9fbc2653b5185d99499b00fd1bf244c6f0bb817b4d1c451b2958d62a0f8a38caef059fb5ecd25d75ed9af403f5b5bdab97a642902f824e3c13789fed95fa106ddfe0ff4a707c85e2eb77d49e68f2808bcea18ce128b178cd287c6bc00efa9a1ad2a673fe0dceace53166f75b81d6709d5f8af7c66bb7", 16);
+
+		// public key with mismatched oid/parameters
+		private byte[] oldPubEnc = Base64.Decode(
+			"MIIBnzCCARQGByqGSM4+AgEwggEHAoGBAPxSrN417g43VAM9sZRf1dt6AocAf7D6" +
+			"WVCtqEDcBJrMzt63+g+BNJzhXVtbZ9kp9vw8L/0PHgzv0Ot/kOLX7Khn+JalOECW" +
+			"YlkyBhmOVbjR79TY5u2GAlvG6pqpizieQNBCEMlUuYuK1Iwseil6VoRuA13Zm7uw" +
+			"WO1eZmaJtY7LAoGAQaPRCFKM5rEdkMrV9FNzeSsYRs8m3DqPnnJHpuySpyO9wUcX" +
+			"OOJcJY5qvHbDO5SxHXu/+bMgXmVT6dXI5o0UeYqJR7fj6pR4E6T0FwG55RFr5Ok4" +
+			"3C4cpXmaOu176SyWuoDqGs1RDGmYQjwbZUi23DjaaTFUly9LCYXMliKrQfEDgYQA" +
+			"AoGAQUGCBN4TaBw1BpdBXdTvTfCU69XDB3eyU2FOBE3UWhpx9D8XJlx4f5DpA4Y6" +
+			"6sQMuCbhfmjEph8W7/sbMurM/awR+PSR8tTY7jeQV0OkmAYdGK2nzh0ZSifMO1oE" +
+			"NNhN2O62TLs67msxT28S4/S89+LMtc98mevQ2SX+JF3wEVU=");
+
+		// bogus key with full PKCS parameter set
+		private byte[] oldFullParams = Base64.Decode(
+			"MIIBIzCCARgGByqGSM4+AgEwggELAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9E" +
+			"AMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f" +
+			"6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv" +
+			"8iIDGZ3RSAHHAoGBAPfhoIXWmz3ey7yrXDa4V7l5lK+7+jrqgvlXTAs9B4JnUVlX" +
+			"jrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyNKOCjrh4rs6Z1kW6j" +
+			"fwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQBTDv+z0kqAgFk" +
+			"AwUAAgIH0A==");
+
+		private byte[] samplePubEnc = Base64.Decode(
+			"MIIBpjCCARsGCSqGSIb3DQEDATCCAQwCgYEA/X9TgR11EilS30qcLuzk5/YRt1I8" +
+			"70QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZUKWk" +
+			"n5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOuK2HX" +
+			"Ku/yIgMZndFIAccCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdR" +
+			"WVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWR" +
+			"bqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7PSSoC" +
+			"AgIAA4GEAAKBgEIiqxoUW6E6GChoOgcfNbVFclW91ITf5MFSUGQwt2R0RHoOhxvO" +
+			"lZhNs++d0VPATLAyXovjfgENT9SGCbuZttYcqqLdKTbMXBWPek+rfnAl9E4iEMED" +
+			"IDd83FJTKs9hQcPAm7zmp0Xm1bGF9CbUFjP5G02265z7eBmHDaT0SNlB");
+
+		private byte[] samplePrivEnc = Base64.Decode(
+			"MIIBZgIBADCCARsGCSqGSIb3DQEDATCCAQwCgYEA/X9TgR11EilS30qcLuzk5/YR" +
+			"t1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZ" +
+			"UKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu" +
+			"K2HXKu/yIgMZndFIAccCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0H" +
+			"gmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuz" +
+			"pnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7P" +
+			"SSoCAgIABEICQAZYXnBHazxXUUdFP4NIf2Ipu7du0suJPZQKKff81wymi2zfCfHh" +
+			"uhe9gQ9xdm4GpzeNtrQ8/MzpTy+ZVrtd29Q=");
+
+		public override string Name
+		{
+			get { return "DH"; }
+		}
+
+		private void doTestGP(
+			string		algName,
+			int         size,
+			int         privateValueSize,
+			BigInteger  g,
+			BigInteger  p)
+		{
+			IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator(algName);
+
+			DHParameters dhParams = new DHParameters(p, g, null, privateValueSize);
+			KeyGenerationParameters kgp = new DHKeyGenerationParameters(new SecureRandom(), dhParams);
+
+			keyGen.Init(kgp);
+
+			//
+			// a side
+			//
+			AsymmetricCipherKeyPair aKeyPair = keyGen.GenerateKeyPair();
+
+			IBasicAgreement aKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algName);
+
+			checkKeySize(privateValueSize, aKeyPair);
+
+			aKeyAgreeBasic.Init(aKeyPair.Private);
+
+			//
+			// b side
+			//
+			AsymmetricCipherKeyPair bKeyPair = keyGen.GenerateKeyPair();
+
+			IBasicAgreement bKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algName);
+
+			checkKeySize(privateValueSize, bKeyPair);
+
+			bKeyAgreeBasic.Init(bKeyPair.Private);
+
+			//
+			// agreement
+			//
+//			aKeyAgreeBasic.doPhase(bKeyPair.Public, true);
+//			bKeyAgreeBasic.doPhase(aKeyPair.Public, true);
+//
+//			BigInteger  k1 = new BigInteger(aKeyAgreeBasic.generateSecret());
+//			BigInteger  k2 = new BigInteger(bKeyAgreeBasic.generateSecret());
+			BigInteger k1 = aKeyAgreeBasic.CalculateAgreement(bKeyPair.Public);
+			BigInteger k2 = bKeyAgreeBasic.CalculateAgreement(aKeyPair.Public);
+
+			if (!k1.Equals(k2))
+			{
+				Fail(size + " bit 2-way test failed");
+			}
+
+			//
+			// public key encoding test
+			//
+//			byte[]              pubEnc = aKeyPair.Public.GetEncoded();
+			byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(aKeyPair.Public).GetDerEncoded();
+
+//			KeyFactory          keyFac = KeyFactory.getInstance(algName);
+//			X509EncodedKeySpec  pubX509 = new X509EncodedKeySpec(pubEnc);
+//			DHPublicKey         pubKey = (DHPublicKey)keyFac.generatePublic(pubX509);
+			DHPublicKeyParameters pubKey = (DHPublicKeyParameters) PublicKeyFactory.CreateKey(pubEnc);
+//			DHParameterSpec     spec = pubKey.Parameters;
+			DHParameters spec = pubKey.Parameters;
+
+			if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P))
+			{
+				Fail(size + " bit public key encoding/decoding test failed on parameters");
+			}
+
+			if (!((DHPublicKeyParameters)aKeyPair.Public).Y.Equals(pubKey.Y))
+			{
+				Fail(size + " bit public key encoding/decoding test failed on y value");
+			}
+
+			//
+			// public key serialisation test
+			//
+			// TODO Put back in
+//			MemoryStream bOut = new MemoryStream();
+//			ObjectOutputStream oOut = new ObjectOutputStream(bOut);
+//
+//			oOut.WriteObject(aKeyPair.Public);
+//
+//			MemoryStream bIn = new MemoryStream(bOut.ToArray(), false);
+//			ObjectInputStream oIn = new ObjectInputStream(bIn);
+//
+//			pubKey = (DHPublicKeyParameters)oIn.ReadObject();
+			spec = pubKey.Parameters;
+
+			if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P))
+			{
+				Fail(size + " bit public key serialisation test failed on parameters");
+			}
+
+			if (!((DHPublicKeyParameters)aKeyPair.Public).Y.Equals(pubKey.Y))
+			{
+				Fail(size + " bit public key serialisation test failed on y value");
+			}
+
+			//
+			// private key encoding test
+			//
+//			byte[] privEnc = aKeyPair.Private.GetEncoded();
+			byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(aKeyPair.Private).GetDerEncoded();
+//			PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
+//			DHPrivateKeyParameters privKey = (DHPrivateKey)keyFac.generatePrivate(privPKCS8);
+			DHPrivateKeyParameters privKey = (DHPrivateKeyParameters) PrivateKeyFactory.CreateKey(privEnc);
+
+			spec = privKey.Parameters;
+
+			if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P))
+			{
+				Fail(size + " bit private key encoding/decoding test failed on parameters");
+			}
+
+			if (!((DHPrivateKeyParameters)aKeyPair.Private).X.Equals(privKey.X))
+			{
+				Fail(size + " bit private key encoding/decoding test failed on y value");
+			}
+
+			//
+			// private key serialisation test
+			//
+			// TODO Put back in
+//			bOut = new MemoryStream();
+//			oOut = new ObjectOutputStream(bOut);
+//
+//			oOut.WriteObject(aKeyPair.Private);
+//
+//			bIn = new MemoryStream(bOut.ToArray(), false);
+//			oIn = new ObjectInputStream(bIn);
+//
+//			privKey = (DHPrivateKeyParameters)oIn.ReadObject();
+			spec = privKey.Parameters;
+
+			if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P))
+			{
+				Fail(size + " bit private key serialisation test failed on parameters");
+			}
+
+			if (!((DHPrivateKeyParameters)aKeyPair.Private).X.Equals(privKey.X))
+			{
+				Fail(size + " bit private key serialisation test failed on y value");
+			}
+
+			//
+			// three party test
+			//
+			IAsymmetricCipherKeyPairGenerator aPairGen = GeneratorUtilities.GetKeyPairGenerator(algName);
+			aPairGen.Init(new DHKeyGenerationParameters(new SecureRandom(), spec));
+			AsymmetricCipherKeyPair aPair = aPairGen.GenerateKeyPair();
+
+			IAsymmetricCipherKeyPairGenerator bPairGen = GeneratorUtilities.GetKeyPairGenerator(algName);
+			bPairGen.Init(new DHKeyGenerationParameters(new SecureRandom(), spec));
+			AsymmetricCipherKeyPair bPair = bPairGen.GenerateKeyPair();
+
+			IAsymmetricCipherKeyPairGenerator cPairGen = GeneratorUtilities.GetKeyPairGenerator(algName);
+			cPairGen.Init(new DHKeyGenerationParameters(new SecureRandom(), spec));
+			AsymmetricCipherKeyPair cPair = cPairGen.GenerateKeyPair();
+
+
+			IBasicAgreement aKeyAgree = AgreementUtilities.GetBasicAgreement(algName);
+			aKeyAgree.Init(aPair.Private);
+
+			IBasicAgreement bKeyAgree = AgreementUtilities.GetBasicAgreement(algName);
+			bKeyAgree.Init(bPair.Private);
+
+			IBasicAgreement cKeyAgree = AgreementUtilities.GetBasicAgreement(algName);
+			cKeyAgree.Init(cPair.Private);
+
+//			Key ac = aKeyAgree.doPhase(cPair.Public, false);
+//			Key ba = bKeyAgree.doPhase(aPair.Public, false);
+//			Key cb = cKeyAgree.doPhase(bPair.Public, false);
+//
+//			aKeyAgree.doPhase(cb, true);
+//			bKeyAgree.doPhase(ac, true);
+//			cKeyAgree.doPhase(ba, true);
+//
+//			BigInteger aShared = new BigInteger(aKeyAgree.generateSecret());
+//			BigInteger bShared = new BigInteger(bKeyAgree.generateSecret());
+//			BigInteger cShared = new BigInteger(cKeyAgree.generateSecret());
+
+			DHPublicKeyParameters ac = new DHPublicKeyParameters(aKeyAgree.CalculateAgreement(cPair.Public), spec);
+			DHPublicKeyParameters ba = new DHPublicKeyParameters(bKeyAgree.CalculateAgreement(aPair.Public), spec);
+			DHPublicKeyParameters cb = new DHPublicKeyParameters(cKeyAgree.CalculateAgreement(bPair.Public), spec);
+
+			BigInteger aShared = aKeyAgree.CalculateAgreement(cb);
+			BigInteger bShared = bKeyAgree.CalculateAgreement(ac);
+			BigInteger cShared = cKeyAgree.CalculateAgreement(ba);
+
+			if (!aShared.Equals(bShared))
+			{
+				Fail(size + " bit 3-way test failed (a and b differ)");
+			}
+
+			if (!cShared.Equals(bShared))
+			{
+				Fail(size + " bit 3-way test failed (c and b differ)");
+			}
+		}
+
+		private void doTestExplicitWrapping(
+			int			size,
+			int			privateValueSize,
+			BigInteger	g,
+			BigInteger	p)
+		{
+			DHParameters dhParams = new DHParameters(p, g, null, privateValueSize);
+
+			IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("DH");
+
+			keyGen.Init(new DHKeyGenerationParameters(new SecureRandom(), dhParams));
+
+			//
+			// a side
+			//
+			AsymmetricCipherKeyPair aKeyPair = keyGen.GenerateKeyPair();
+
+			IBasicAgreement aKeyAgree = AgreementUtilities.GetBasicAgreement("DH");
+
+			checkKeySize(privateValueSize, aKeyPair);
+
+			aKeyAgree.Init(aKeyPair.Private);
+
+			//
+			// b side
+			//
+			AsymmetricCipherKeyPair bKeyPair = keyGen.GenerateKeyPair();
+
+			IBasicAgreement bKeyAgree = AgreementUtilities.GetBasicAgreement("DH");
+
+			checkKeySize(privateValueSize, bKeyPair);
+
+			bKeyAgree.Init(bKeyPair.Private);
+
+			//
+			// agreement
+			//
+//			aKeyAgree.doPhase(bKeyPair.Public, true);
+//			bKeyAgree.doPhase(aKeyPair.Public, true);
+//
+//			SecretKey k1 = aKeyAgree.generateSecret(PkcsObjectIdentifiers.IdAlgCms3DesWrap.Id);
+//			SecretKey k2 = bKeyAgree.generateSecret(PkcsObjectIdentifiers.IdAlgCms3DesWrap.Id);
+
+			// TODO Does this really test the same thing as the above code?
+			BigInteger b1 = aKeyAgree.CalculateAgreement(bKeyPair.Public);
+			BigInteger b2 = bKeyAgree.CalculateAgreement(aKeyPair.Public);
+
+			if (!b1.Equals(b2))
+			{
+				Fail("Explicit wrapping test failed");
+			}
+		}
+
+		private void checkKeySize(
+			int						privateValueSize,
+			AsymmetricCipherKeyPair	aKeyPair)
+		{
+			if (privateValueSize != 0)
+			{
+				DHPrivateKeyParameters key = (DHPrivateKeyParameters)aKeyPair.Private;
+
+				if (key.X.BitLength != privateValueSize)
+				{
+					Fail("limited key check failed for key size " + privateValueSize);
+				}
+			}
+		}
+
+// TODO Put back in
+//    private void doTestRandom(
+//        int         size)
+//    {
+//        AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("DH");
+//        a.init(size, new SecureRandom());
+//        AlgorithmParameters parameters = a.generateParameters();
+//
+//        byte[] encodeParams = parameters.GetEncoded();
+//
+//        AlgorithmParameters a2 = AlgorithmParameters.getInstance("DH");
+//        a2.init(encodeParams);
+//
+//        // a and a2 should be equivalent!
+//        byte[] encodeParams_2 = a2.GetEncoded();
+//
+//        if (!areEqual(encodeParams, encodeParams_2))
+//        {
+//            Fail("encode/Decode parameters failed");
+//        }
+//
+//        DHParameterSpec dhP = (DHParameterSpec)parameters.getParameterSpec(DHParameterSpec.class);
+//
+//        doTestGP("DH", size, 0, dhP.G, dhP.P);
+//    }
+
+		[Test]
+		public void TestECDH()
+		{
+			doTestECDH("ECDH");
+		}
+
+		[Test]
+		public void TestECDHC()
+		{
+			doTestECDH("ECDHC");
+		}
+
+		private void doTestECDH(
+			string algorithm)
+		{
+			IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator(algorithm);
+
+//			EllipticCurve curve = new EllipticCurve(
+//				new ECFieldFp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839")), // q
+//				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+//				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+			ECCurve curve = new FpCurve(
+				new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
+				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+
+			ECDomainParameters ecSpec = new ECDomainParameters(
+				curve,
+//				ECPointUtil.DecodePoint(curve, Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
+				curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
+				new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"), // n
+				BigInteger.One); //1); // h
+
+//			g.initialize(ecSpec, new SecureRandom());
+			g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom()));
+
+			//
+			// a side
+			//
+			AsymmetricCipherKeyPair aKeyPair = g.GenerateKeyPair();
+
+			IBasicAgreement aKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algorithm);
+
+			aKeyAgreeBasic.Init(aKeyPair.Private);
+
+			//
+			// b side
+			//
+			AsymmetricCipherKeyPair bKeyPair = g.GenerateKeyPair();
+
+			IBasicAgreement bKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algorithm);
+
+			bKeyAgreeBasic.Init(bKeyPair.Private);
+
+			//
+			// agreement
+			//
+//			aKeyAgreeBasic.doPhase(bKeyPair.Public, true);
+//			bKeyAgreeBasic.doPhase(aKeyPair.Public, true);
+//
+//			BigInteger k1 = new BigInteger(aKeyAgreeBasic.generateSecret());
+//			BigInteger k2 = new BigInteger(bKeyAgreeBasic.generateSecret());
+			BigInteger k1 = aKeyAgreeBasic.CalculateAgreement(bKeyPair.Public);
+			BigInteger k2 = bKeyAgreeBasic.CalculateAgreement(aKeyPair.Public);
+
+			if (!k1.Equals(k2))
+			{
+				Fail(algorithm + " 2-way test failed");
+			}
+
+			//
+			// public key encoding test
+			//
+//			byte[] pubEnc = aKeyPair.Public.GetEncoded();
+			byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(aKeyPair.Public).GetDerEncoded();
+
+//			KeyFactory keyFac = KeyFactory.getInstance(algorithm);
+//			X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc);
+//			ECPublicKey pubKey = (ECPublicKey)keyFac.generatePublic(pubX509);
+			ECPublicKeyParameters pubKey = (ECPublicKeyParameters) PublicKeyFactory.CreateKey(pubEnc);
+
+			ECDomainParameters ecDP = pubKey.Parameters;
+
+//			if (!pubKey.getW().Equals(((ECPublicKeyParameters)aKeyPair.Public).getW()))
+			if (!pubKey.Q.Equals(((ECPublicKeyParameters)aKeyPair.Public).Q))
+			{
+//				Console.WriteLine(" expected " + pubKey.getW().getAffineX() + " got " + ((ECPublicKey)aKeyPair.Public).getW().getAffineX());
+//				Console.WriteLine(" expected " + pubKey.getW().getAffineY() + " got " + ((ECPublicKey)aKeyPair.Public).getW().getAffineY());
+//				Fail(algorithm + " public key encoding (W test) failed");
+				Console.WriteLine(" expected " + pubKey.Q.X.ToBigInteger()
+					+ " got " + ((ECPublicKeyParameters)aKeyPair.Public).Q.X.ToBigInteger());
+				Console.WriteLine(" expected " + pubKey.Q.Y.ToBigInteger()
+					+ " got " + ((ECPublicKeyParameters)aKeyPair.Public).Q.Y.ToBigInteger());
+				Fail(algorithm + " public key encoding (Q test) failed");
+			}
+
+//			if (!pubKey.Parameters.getGenerator().Equals(((ECPublicKeyParameters)aKeyPair.Public).Parameters.getGenerator()))
+			if (!pubKey.Parameters.G.Equals(((ECPublicKeyParameters)aKeyPair.Public).Parameters.G))
+			{
+				Fail(algorithm + " public key encoding (G test) failed");
+			}
+
+			//
+			// private key encoding test
+			//
+//			byte[] privEnc = aKeyPair.Private.GetEncoded();
+			byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(aKeyPair.Private).GetDerEncoded();
+
+//			PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
+//			ECPrivateKey        privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8);
+			ECPrivateKeyParameters privKey = (ECPrivateKeyParameters) PrivateKeyFactory.CreateKey(privEnc);
+
+//			if (!privKey.getS().Equals(((ECPrivateKey)aKeyPair.Private).getS()))
+			if (!privKey.D.Equals(((ECPrivateKeyParameters)aKeyPair.Private).D))
+			{
+//				Fail(algorithm + " private key encoding (S test) failed");
+				Fail(algorithm + " private key encoding (D test) failed");
+			}
+
+//			if (!privKey.Parameters.getGenerator().Equals(((ECPrivateKey)aKeyPair.Private).Parameters.getGenerator()))
+			if (!privKey.Parameters.G.Equals(((ECPrivateKeyParameters)aKeyPair.Private).Parameters.G))
+			{
+				Fail(algorithm + " private key encoding (G test) failed");
+			}
+		}
+
+		[Test]
+		public void TestExceptions()
+		{
+			DHParameters dhParams = new DHParameters(p512, g512);
+
+			try
+			{
+				IBasicAgreement aKeyAgreeBasic = AgreementUtilities.GetBasicAgreement("DH");
+
+//				aKeyAgreeBasic.generateSecret("DES");
+				aKeyAgreeBasic.CalculateAgreement(null);
+			}
+			catch (InvalidOperationException)
+			{
+				// okay
+			}
+			catch (Exception e)
+			{
+				Fail("Unexpected exception: " + e, e);
+			}
+		}
+
+		private void doTestDesAndDesEde(
+			BigInteger	g,
+			BigInteger	p)
+		{
+			DHParameters dhParams = new DHParameters(p, g, null, 256);
+
+			IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("DH");
+
+			keyGen.Init(new DHKeyGenerationParameters(new SecureRandom(), dhParams));
+
+			AsymmetricCipherKeyPair kp = keyGen.GenerateKeyPair();
+
+			IBasicAgreement keyAgreement = AgreementUtilities.GetBasicAgreement("DH");
+
+			keyAgreement.Init(kp.Private);
+			BigInteger agreed = keyAgreement.CalculateAgreement(kp.Public);
+			byte[] agreedBytes = agreed.ToByteArrayUnsigned();
+
+			// TODO Figure out where the magic happens of choosing the right
+			// bytes from 'agreedBytes' for each key type - need C# equivalent?
+			// (see JCEDHKeyAgreement.engineGenerateSecret)
+
+//			SecretKey key = keyAgreement.generateSecret("DES");
+//
+//			if (key.getEncoded().length != 8)
+//			{
+//				Fail("DES length wrong");
+//			}
+//
+//			if (!DESKeySpec.isParityAdjusted(key.getEncoded(), 0))
+//			{
+//				Fail("DES parity wrong");
+//			}
+//
+//			key = keyAgreement.generateSecret("DESEDE");
+//
+//			if (key.getEncoded().length != 24)
+//			{
+//				Fail("DESEDE length wrong");
+//			}
+//
+//			if (!DESedeKeySpec.isParityAdjusted(key.getEncoded(), 0))
+//			{
+//				Fail("DESEDE parity wrong");
+//			}
+//
+//			key = keyAgreement.generateSecret("Blowfish");
+//
+//			if (key.getEncoded().length != 16)
+//			{
+//				Fail("Blowfish length wrong");
+//			}
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			doTestGP("DH", 512, 0, g512, p512);
+			doTestGP("DiffieHellman", 768, 0, g768, p768);
+			doTestGP("DIFFIEHELLMAN", 1024, 0, g1024, p1024);
+			doTestGP("DH", 512, 64, g512, p512);
+			doTestGP("DiffieHellman", 768, 128, g768, p768);
+			doTestGP("DIFFIEHELLMAN", 1024, 256, g1024, p1024);
+			doTestExplicitWrapping(512, 0, g512, p512);
+			doTestDesAndDesEde(g768, p768);
+
+			// TODO Put back in
+			//doTestRandom(256);
+		}
+
+		[Test]
+		public void TestEnc()
+		{
+//			KeyFactory kFact = KeyFactory.getInstance("DH", "BC");
+//			
+//			Key k = kFact.generatePrivate(new PKCS8EncodedKeySpec(samplePrivEnc));
+			AsymmetricKeyParameter k = PrivateKeyFactory.CreateKey(samplePrivEnc);
+			byte[] encoded = PrivateKeyInfoFactory.CreatePrivateKeyInfo(k).GetEncoded();
+
+			if (!Arrays.AreEqual(samplePrivEnc, encoded))
+			{
+				Fail("private key re-encode failed");
+			}
+
+//			k = kFact.generatePublic(new X509EncodedKeySpec(samplePubEnc));
+			k = PublicKeyFactory.CreateKey(samplePubEnc);
+			encoded = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(k).GetEncoded();
+
+			if (!Arrays.AreEqual(samplePubEnc, encoded))
+			{
+				Fail("public key re-encode failed");
+			}
+
+//			k = kFact.generatePublic(new X509EncodedKeySpec(oldPubEnc));
+			k = PublicKeyFactory.CreateKey(oldPubEnc);
+			encoded = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(k).GetEncoded();
+
+			if (!Arrays.AreEqual(oldPubEnc, encoded))
+			{
+				Fail("old public key re-encode failed");
+			}
+
+//			k = kFact.generatePublic(new X509EncodedKeySpec(oldFullParams));
+			k = PublicKeyFactory.CreateKey(oldFullParams);
+			encoded = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(k).GetEncoded();
+
+			if (!Arrays.AreEqual(oldFullParams, encoded))
+			{
+				Fail("old full public key re-encode failed");
+			}
+		}
+
+		public override void PerformTest()
+		{
+			TestEnc();
+			TestFunction();
+			TestECDH();
+			TestECDHC();
+			TestExceptions();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new DHTest());
+		}
+	}
+}
diff --git a/crypto/test/src/test/DSATest.cs b/crypto/test/src/test/DSATest.cs
new file mode 100644
index 000000000..a8b8bec3b
--- /dev/null
+++ b/crypto/test/src/test/DSATest.cs
@@ -0,0 +1,888 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+    [TestFixture]
+    public class DsaTest
+        : SimpleTest
+    {
+        private static readonly byte[] k1 = Hex.Decode("d5014e4b60ef2ba8b6211b4062ba3224e0427dd3");
+        private static readonly byte[] k2 = Hex.Decode("345e8d05c075c3a508df729a1685690e68fcfb8c8117847e89063bca1f85d968fd281540b6e13bd1af989a1fbf17e06462bf511f9d0b140fb48ac1b1baa5bded");
+
+        private static readonly SecureRandom random = FixedSecureRandom.From(k1, k2);
+
+        // TODO How shall we satisfy this compatibility test?
+//		[Test]
+//		public void TestCompat()
+//		{
+//			if (Security.getProvider("SUN") == null)
+//				return;
+//			ISigner s = SignerUtilities.GetSigner("DSA", "SUN");
+//			KeyPairGenerator g = KeyPairGenerator.GetInstance("DSA", "SUN");
+//			byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
+//
+//			g.initialize(512, new SecureRandom());
+//
+//			KeyPair p = g.generateKeyPair();
+//
+//			PrivateKey sKey = p.Private;
+//			PublicKey vKey = p.Public;
+//
+//			//
+//			// sign SUN - verify with BC
+//			//
+//			s.Init(true, sKey);
+//
+//			s.update(data);
+//
+//			byte[] sigBytes = s.GenerateSignature();
+//
+//			s = SignerUtilities.GetSigner("DSA");
+//
+//			s.Init(false, vKey);
+//
+//			s.update(data);
+//
+//			if (!s.VerifySignature(sigBytes))
+//			{
+//				Fail("SUN -> BC verification failed");
+//			}
+//
+//			//
+//			// sign BC - verify with SUN
+//			//
+//
+//			s.Init(true, sKey);
+//
+//			s.update(data);
+//
+//			sigBytes = s.GenerateSignature();
+//
+//			s = SignerUtilities.GetSigner("DSA", "SUN");
+//
+//			s.Init(false, vKey);
+//
+//			s.update(data);
+//
+//			if (!s.VerifySignature(sigBytes))
+//			{
+//				Fail("BC -> SUN verification failed");
+//			}
+//
+//			//
+//			// key encoding test - BC decoding Sun keys
+//			//
+//			KeyFactory f = KeyFactory.GetInstance("DSA");
+//			X509EncodedKeySpec x509s = new X509EncodedKeySpec(vKey.GetEncoded());
+//			DSAPublicKey k1 = (DSAPublicKey)f.generatePublic(x509s);
+//
+//			if (!k1.Y.Equals(((DSAPublicKey)vKey).Y))
+//			{
+//				Fail("public number not decoded properly");
+//			}
+//
+//			if (!k1.Parameters.G.Equals(((DSAPublicKey)vKey).Parameters.G))
+//			{
+//				Fail("public generator not decoded properly");
+//			}
+//
+//			if (!k1.Parameters.P.Equals(((DSAPublicKey)vKey).Parameters.P))
+//			{
+//				Fail("public p value not decoded properly");
+//			}
+//
+//			if (!k1.Parameters.Q.Equals(((DSAPublicKey)vKey).Parameters.Q))
+//			{
+//				Fail("public q value not decoded properly");
+//			}
+//
+//			PKCS8EncodedKeySpec pkcs8 = new PKCS8EncodedKeySpec(sKey.GetEncoded());
+//			DSAPrivateKey k2 = (DSAPrivateKey)f.generatePrivate(pkcs8);
+//
+//			if (!k2.X.Equals(((DSAPrivateKey)sKey).X))
+//			{
+//				Fail("private number not decoded properly");
+//			}
+//
+//			if (!k2.Parameters.G.Equals(((DSAPrivateKey)sKey).Parameters.G))
+//			{
+//				Fail("private generator not decoded properly");
+//			}
+//
+//			if (!k2.Parameters.P.Equals(((DSAPrivateKey)sKey).Parameters.P))
+//			{
+//				Fail("private p value not decoded properly");
+//			}
+//
+//			if (!k2.Parameters.Q.Equals(((DSAPrivateKey)sKey).Parameters.Q))
+//			{
+//				Fail("private q value not decoded properly");
+//			}
+//
+//			//
+//			// key decoding test - SUN decoding BC keys
+//			//
+//			f = KeyFactory.GetInstance("DSA", "SUN");
+//			x509s = new X509EncodedKeySpec(k1.GetEncoded());
+//
+//			vKey = (DSAPublicKey)f.generatePublic(x509s);
+//
+//			if (!k1.Y.Equals(((DSAPublicKey)vKey).Y))
+//			{
+//				Fail("public number not decoded properly");
+//			}
+//
+//			if (!k1.Parameters.G.Equals(((DSAPublicKey)vKey).Parameters.G))
+//			{
+//				Fail("public generator not decoded properly");
+//			}
+//
+//			if (!k1.Parameters.P.Equals(((DSAPublicKey)vKey).Parameters.P))
+//			{
+//				Fail("public p value not decoded properly");
+//			}
+//
+//			if (!k1.Parameters.Q.Equals(((DSAPublicKey)vKey).Parameters.Q))
+//			{
+//				Fail("public q value not decoded properly");
+//			}
+//
+//			pkcs8 = new PKCS8EncodedKeySpec(k2.GetEncoded());
+//			sKey = (DSAPrivateKey)f.generatePrivate(pkcs8);
+//
+//			if (!k2.X.Equals(((DSAPrivateKey)sKey).X))
+//			{
+//				Fail("private number not decoded properly");
+//			}
+//
+//			if (!k2.Parameters.G.Equals(((DSAPrivateKey)sKey).Parameters.G))
+//			{
+//				Fail("private generator not decoded properly");
+//			}
+//
+//			if (!k2.Parameters.P.Equals(((DSAPrivateKey)sKey).Parameters.P))
+//			{
+//				Fail("private p value not decoded properly");
+//			}
+//
+//			if (!k2.Parameters.Q.Equals(((DSAPrivateKey)sKey).Parameters.Q))
+//			{
+//				Fail("private q value not decoded properly");
+//			}
+//		}
+
+        [Test]
+        public void TestNONEwithDSA()
+        {
+            byte[] dummySha1 = Hex.Decode("01020304050607080910111213141516");
+
+            SecureRandom rand = new SecureRandom();
+
+            DsaParametersGenerator pGen = new DsaParametersGenerator();
+            pGen.Init(512, 80, rand);
+
+            IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA");
+            g.Init(new DsaKeyGenerationParameters(rand, pGen.GenerateParameters()));
+
+            AsymmetricCipherKeyPair kp = g.GenerateKeyPair();
+
+            ISigner sig = SignerUtilities.GetSigner("NONEwithDSA");
+            sig.Init(true, kp.Private);
+            sig.BlockUpdate(dummySha1, 0, dummySha1.Length);
+            byte[] sigBytes = sig.GenerateSignature();
+
+            sig.Init(false, kp.Public);
+            sig.BlockUpdate(dummySha1, 0, dummySha1.Length);
+            sig.VerifySignature(sigBytes);
+
+            // reset test
+
+            sig.BlockUpdate(dummySha1, 0, dummySha1.Length);
+
+            if (!sig.VerifySignature(sigBytes))
+            {
+                Fail("NONEwithDSA failed to reset");
+            }
+
+            // lightweight test
+            DsaSigner signer = new DsaSigner();
+            Asn1Sequence derSig = Asn1Sequence.GetInstance(Asn1Object.FromByteArray(sigBytes));
+
+            signer.Init(false, kp.Public);
+
+            if (!signer.VerifySignature(dummySha1,
+                DerInteger.GetInstance(derSig[0]).Value, DerInteger.GetInstance(derSig[1]).Value))
+            {
+                Fail("NONEwithDSA not really NONE!");
+            }
+        }
+
+        /**
+        * X9.62 - 1998,<br/>
+        * J.3.2, Page 155, ECDSA over the field Fp<br/>
+        * an example with 239 bit prime
+        */
+        [Test]
+        public void TestECDsa239BitPrime()
+        {
+            BigInteger r = new BigInteger("308636143175167811492622547300668018854959378758531778147462058306432176");
+            BigInteger s = new BigInteger("323813553209797357708078776831250505931891051755007842781978505179448783");
+
+            byte[] kData = BigIntegers.AsUnsignedByteArray(
+                new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655"));
+
+            SecureRandom k = FixedSecureRandom.From(kData);
+
+            ECCurve curve = new FpCurve(
+                new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
+                new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+                new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+
+            ECDomainParameters spec = new ECDomainParameters(
+                curve,
+                curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
+                new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n
+
+            ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
+                "ECDSA",
+                new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d
+                spec);
+
+            ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+                "ECDSA",
+                curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
+                spec);
+
+            ISigner sgr = SignerUtilities.GetSigner("ECDSA");
+
+//			KeyFactory f = KeyFactory.GetInstance("ECDSA");
+//			PrivateKey sKey = f.generatePrivate(priKey);
+//			PublicKey vKey = f.generatePublic(pubKey);
+            AsymmetricKeyParameter sKey = priKey;
+            AsymmetricKeyParameter vKey = pubKey;
+
+            sgr.Init(true, new ParametersWithRandom(sKey, k));
+
+            byte[] message = Encoding.ASCII.GetBytes("abc");
+
+            sgr.BlockUpdate(message, 0, message.Length);
+
+            byte[] sigBytes = sgr.GenerateSignature();
+
+            sgr.Init(false, vKey);
+
+            sgr.BlockUpdate(message, 0, message.Length);
+
+            if (!sgr.VerifySignature(sigBytes))
+            {
+                Fail("239 Bit EC verification failed");
+            }
+
+            BigInteger[] sig = DerDecode(sigBytes);
+
+            if (!r.Equals(sig[0]))
+            {
+                Fail("r component wrong." + SimpleTest.NewLine
+                        + " expecting: " + r + SimpleTest.NewLine
+                        + " got      : " + sig[0]);
+            }
+
+            if (!s.Equals(sig[1]))
+            {
+                Fail("s component wrong." + SimpleTest.NewLine
+                        + " expecting: " + s + SimpleTest.NewLine
+                        + " got      : " + sig[1]);
+            }
+        }
+
+        /**
+        * X9.62 - 1998,<br/>
+        * J.2.1, Page 100, ECDSA over the field F2m<br/>
+        * an example with 191 bit binary field
+        */
+        [Test]
+        public void TestECDsa239BitBinary()
+        {
+            BigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552");
+            BigInteger s = new BigInteger("197030374000731686738334997654997227052849804072198819102649413465737174");
+
+            byte[] kData = BigIntegers.AsUnsignedByteArray(
+                new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363"));
+
+            SecureRandom k = FixedSecureRandom.From(kData);
+
+            ECCurve curve = new F2mCurve(
+                239, // m
+                36, // k
+                new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a
+                new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b
+
+            ECDomainParameters parameters = new ECDomainParameters(
+                curve,
+                curve.DecodePoint(Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G
+                new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783"), // n
+                BigInteger.ValueOf(4)); // h
+
+            ECPrivateKeyParameters sKey = new ECPrivateKeyParameters(
+                "ECDSA",
+                new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d
+                parameters);
+
+            ECPublicKeyParameters vKey = new ECPublicKeyParameters(
+                "ECDSA",
+                curve.DecodePoint(Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q
+                parameters);
+
+            ISigner sgr = SignerUtilities.GetSigner("ECDSA");
+            byte[] message = Encoding.ASCII.GetBytes("abc");
+
+            sgr.Init(true, new ParametersWithRandom(sKey, k));
+
+            sgr.BlockUpdate(message, 0, message.Length);
+
+            byte[] sigBytes = sgr.GenerateSignature();
+
+            sgr.Init(false, vKey);
+
+            sgr.BlockUpdate(message, 0, message.Length);
+
+            if (!sgr.VerifySignature(sigBytes))
+            {
+                Fail("239 Bit EC verification failed");
+            }
+
+            BigInteger[] sig = DerDecode(sigBytes);
+
+            if (!r.Equals(sig[0]))
+            {
+                Fail("r component wrong." + SimpleTest.NewLine
+                    + " expecting: " + r + SimpleTest.NewLine
+                    + " got      : " + sig[0]);
+            }
+
+            if (!s.Equals(sig[1]))
+            {
+                Fail("s component wrong." + SimpleTest.NewLine
+                    + " expecting: " + s + SimpleTest.NewLine
+                    + " got      : " + sig[1]);
+            }
+        }
+
+        [Test]
+        public void TestECDsa239BitBinaryRipeMD160()
+        {
+            DoTestECDsa239BitBinary("RIPEMD160withECDSA", TeleTrusTObjectIdentifiers.ECSignWithRipeMD160);
+        }
+
+        [Test]
+        public void TestECDsa239BitBinarySha1()
+        {
+            DoTestECDsa239BitBinary("SHA1withECDSA", TeleTrusTObjectIdentifiers.ECSignWithSha1);
+        }
+
+        [Test]
+        public void TestECDsa239BitBinarySha224()
+        {
+            DoTestECDsa239BitBinary("SHA224withECDSA", X9ObjectIdentifiers.ECDsaWithSha224);
+        }
+
+        [Test]
+        public void TestECDsa239BitBinarySha256()
+        {
+            DoTestECDsa239BitBinary("SHA256withECDSA", X9ObjectIdentifiers.ECDsaWithSha256);
+        }
+
+        [Test]
+        public void TestECDsa239BitBinarySha384()
+        {
+            DoTestECDsa239BitBinary("SHA384withECDSA", X9ObjectIdentifiers.ECDsaWithSha384);
+        }
+
+        [Test]
+        public void TestECDsa239BitBinarySha512()
+        {
+            DoTestECDsa239BitBinary("SHA512withECDSA", X9ObjectIdentifiers.ECDsaWithSha512);
+        }
+
+        private void DoTestECDsa239BitBinary(
+            string				algorithm,
+            DerObjectIdentifier	oid)
+        {
+            BigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552");
+            BigInteger s = new BigInteger("197030374000731686738334997654997227052849804072198819102649413465737174");
+
+            byte[] kData = BigIntegers.AsUnsignedByteArray(
+                new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363"));
+
+            SecureRandom k = FixedSecureRandom.From(kData);
+
+            ECCurve curve = new F2mCurve(
+                239, // m
+                36, // k
+                new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a
+                new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b
+
+            ECDomainParameters parameters = new ECDomainParameters(
+                curve,
+                curve.DecodePoint(Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G
+                new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783"), // n
+                BigInteger.ValueOf(4)); // h
+
+            ECPrivateKeyParameters sKey = new ECPrivateKeyParameters(
+                new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d
+                parameters);
+
+            ECPublicKeyParameters vKey = new ECPublicKeyParameters(
+                curve.DecodePoint(Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q
+                parameters);
+
+            ISigner sgr = SignerUtilities.GetSigner(algorithm);
+            byte[] message = Encoding.ASCII.GetBytes("abc");
+
+            sgr.Init(true, new ParametersWithRandom(sKey, k));
+
+            sgr.BlockUpdate(message, 0, message.Length);
+
+            byte[] sigBytes = sgr.GenerateSignature();
+
+            sgr = SignerUtilities.GetSigner(oid.Id);
+
+            sgr.Init(false, vKey);
+
+            sgr.BlockUpdate(message, 0, message.Length);
+
+            if (!sgr.VerifySignature(sigBytes))
+            {
+                Fail("239 Bit EC RIPEMD160 verification failed");
+            }
+        }
+
+        private void doTestBadStrength(
+            int strength)
+        {
+//			IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA");
+
+            // test exception
+            //
+            try
+            {
+                SecureRandom rand = new SecureRandom();
+
+                DsaParametersGenerator pGen = new DsaParametersGenerator();
+                pGen.Init(strength, 80, rand);
+
+//				g.Init(new DsaKeyGenerationParameters(rand, pGen.GenerateParameters()));
+
+                Fail("illegal parameter " + strength + " check failed.");
+            }
+            catch (ArgumentException)
+            {
+                // expected
+            }
+        }
+
+        [Test]
+        public void TestGeneration()
+        {
+            ISigner s = SignerUtilities.GetSigner("DSA");
+            byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
+            SecureRandom rand = new SecureRandom();
+
+            // KeyPairGenerator g = KeyPairGenerator.GetInstance("DSA");
+            IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA");
+
+            // test exception
+            //
+
+            doTestBadStrength(513);
+            doTestBadStrength(510);
+            doTestBadStrength(1025);
+
+            //g.initialize(512, rand);
+            {
+                DsaParametersGenerator pGen = new DsaParametersGenerator();
+                pGen.Init(512, 80, rand);
+
+                g.Init(new DsaKeyGenerationParameters(rand, pGen.GenerateParameters()));
+            }
+
+            AsymmetricCipherKeyPair p = g.GenerateKeyPair();
+
+            AsymmetricKeyParameter sKey = p.Private;
+            AsymmetricKeyParameter vKey = p.Public;
+
+            s.Init(true, sKey);
+
+            s.BlockUpdate(data, 0, data.Length);
+
+            byte[] sigBytes = s.GenerateSignature();
+
+            s = SignerUtilities.GetSigner("DSA");
+
+            s.Init(false, vKey);
+
+            s.BlockUpdate(data, 0, data.Length);
+
+            if (!s.VerifySignature(sigBytes))
+            {
+                Fail("DSA verification failed");
+            }
+
+
+
+            //
+            // ECDSA Fp generation test
+            //
+            s = SignerUtilities.GetSigner("ECDSA");
+
+            ECCurve curve = new FpCurve(
+                new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
+                new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+                new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+
+            ECDomainParameters ecSpec = new ECDomainParameters(
+                curve,
+                curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
+                new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n
+
+            g = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
+            g.Init(new ECKeyGenerationParameters(ecSpec, rand));
+
+            p = g.GenerateKeyPair();
+
+            sKey = p.Private;
+            vKey = p.Public;
+
+            s.Init(true, sKey);
+
+            s.BlockUpdate(data, 0, data.Length);
+
+            sigBytes = s.GenerateSignature();
+
+            s = SignerUtilities.GetSigner("ECDSA");
+
+            s.Init(false, vKey);
+
+            s.BlockUpdate(data, 0, data.Length);
+
+            if (!s.VerifySignature(sigBytes))
+            {
+                Fail("ECDSA verification failed");
+            }
+
+            //
+            // ECDSA F2m generation test
+            //
+            s = SignerUtilities.GetSigner("ECDSA");
+
+            curve = new F2mCurve(
+                    239, // m
+                    36, // k
+                    new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a
+                    new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b
+
+            ecSpec = new ECDomainParameters(
+                curve,
+                curve.DecodePoint(Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G
+                new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783"), // n
+                BigInteger.ValueOf(4)); // h
+
+            g = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
+            g.Init(new ECKeyGenerationParameters(ecSpec, rand));
+
+            p = g.GenerateKeyPair();
+
+            sKey = p.Private;
+            vKey = p.Public;
+
+            s.Init(true, sKey);
+
+            s.BlockUpdate(data, 0, data.Length);
+
+            sigBytes = s.GenerateSignature();
+
+            s = SignerUtilities.GetSigner("ECDSA");
+
+            s.Init(false, vKey);
+
+            s.BlockUpdate(data, 0, data.Length);
+
+            if (!s.VerifySignature(sigBytes))
+            {
+                Fail("ECDSA verification failed");
+            }
+        }
+
+        [Test]
+        public void TestParameters()
+        {
+//			AlgorithmParameterGenerator a = AlgorithmParameterGenerator.GetInstance("DSA");
+//			a.init(512, random);
+            DsaParametersGenerator a = new DsaParametersGenerator();
+            a.Init(512, 20, random);
+
+//			AlgorithmParameters parameters = a.generateParameters();
+            DsaParameters p = a.GenerateParameters();
+
+//			byte[] encodeParams = parameters.GetEncoded();
+            byte[] encodeParams = new DsaParameter(p.P, p.Q, p.G).GetDerEncoded();
+
+//			AlgorithmParameters a2 = AlgorithmParameters.GetInstance("DSA");
+//			a2.init(encodeParams);
+            DsaParameter dsaP = DsaParameter.GetInstance(Asn1Object.FromByteArray(encodeParams));
+            DsaParameters p2 = new DsaParameters(dsaP.P, dsaP.Q, dsaP.G);
+
+            // a and a2 should be equivalent!
+//			byte[] encodeParams_2 = a2.GetEncoded();
+            byte[] encodeParams_2 = new DsaParameter(p2.P, p2.Q, p2.G).GetDerEncoded();
+
+            if (!AreEqual(encodeParams, encodeParams_2))
+            {
+                Fail("encode/Decode parameters failed");
+            }
+
+//			DSAParameterSpec dsaP = (DSAParameterSpec)parameters.getParameterSpec(typeof(DSAParameterSpec));
+
+//			KeyPairGenerator g = KeyPairGenerator.GetInstance("DSA");
+            IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA");
+//			g.initialize(dsaP, new SecureRandom());
+            g.Init(new DsaKeyGenerationParameters(new SecureRandom(), p));
+//			KeyPair p = g.generateKeyPair();
+            AsymmetricCipherKeyPair pair = g.GenerateKeyPair();
+
+//			PrivateKey sKey = p.Private;
+//			PublicKey vKey = p.Public;
+            AsymmetricKeyParameter sKey = pair.Private;
+            AsymmetricKeyParameter vKey = pair.Public;
+
+            ISigner s = SignerUtilities.GetSigner("DSA");
+            byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
+
+            s.Init(true, sKey);
+
+            s.BlockUpdate(data, 0, data.Length);
+
+            byte[] sigBytes = s.GenerateSignature();
+
+            s = SignerUtilities.GetSigner("DSA");
+
+            s.Init(false, vKey);
+
+            s.BlockUpdate(data, 0, data.Length);
+
+            if (!s.VerifySignature(sigBytes))
+            {
+                Fail("DSA verification failed");
+            }
+        }
+
+        [Test]
+        public void TestDsa2Parameters()
+        {
+            byte[] seed = Hex.Decode("4783081972865EA95D43318AB2EAF9C61A2FC7BBF1B772A09017BDF5A58F4FF0");
+
+            //AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("DSA", "BC");
+            //a.init(2048, new DSATestSecureRandom(seed));
+            DsaParametersGenerator a = new DsaParametersGenerator(new Sha256Digest());
+            a.Init(new DsaParameterGenerationParameters(2048, 256, 80, new DsaTestSecureRandom(seed)));
+
+            //AlgorithmParameters parameters = a.generateParameters();
+
+            //DSAParameterSpec dsaP = (DSAParameterSpec)parameters.getParameterSpec(DSAParameterSpec.class);
+            DsaParameters dsaP = a.GenerateParameters();
+
+            if (!dsaP.Q.Equals(new BigInteger("C24ED361870B61E0D367F008F99F8A1F75525889C89DB1B673C45AF5867CB467", 16)))
+            {
+                Fail("Q incorrect");
+            }
+
+            if (!dsaP.P.Equals(new BigInteger(
+                "F56C2A7D366E3EBDEAA1891FD2A0D099" +
+                "436438A673FED4D75F594959CFFEBCA7BE0FC72E4FE67D91" +
+                "D801CBA0693AC4ED9E411B41D19E2FD1699C4390AD27D94C" +
+                "69C0B143F1DC88932CFE2310C886412047BD9B1C7A67F8A2" +
+                "5909132627F51A0C866877E672E555342BDF9355347DBD43" +
+                "B47156B2C20BAD9D2B071BC2FDCF9757F75C168C5D9FC431" +
+                "31BE162A0756D1BDEC2CA0EB0E3B018A8B38D3EF2487782A" +
+                "EB9FBF99D8B30499C55E4F61E5C7DCEE2A2BB55BD7F75FCD" +
+                "F00E48F2E8356BDB59D86114028F67B8E07B127744778AFF" +
+                "1CF1399A4D679D92FDE7D941C5C85C5D7BFF91BA69F9489D" +
+                "531D1EBFA727CFDA651390F8021719FA9F7216CEB177BD75", 16)))
+            {
+                Fail("P incorrect");
+            }
+
+            if (!dsaP.G.Equals(new BigInteger(
+                "8DC6CC814CAE4A1C05A3E186A6FE27EA" +
+                "BA8CDB133FDCE14A963A92E809790CBA096EAA26140550C1" +
+                "29FA2B98C16E84236AA33BF919CD6F587E048C52666576DB" +
+                "6E925C6CBE9B9EC5C16020F9A44C9F1C8F7A8E611C1F6EC2" +
+                "513EA6AA0B8D0F72FED73CA37DF240DB57BBB27431D61869" +
+                "7B9E771B0B301D5DF05955425061A30DC6D33BB6D2A32BD0" +
+                "A75A0A71D2184F506372ABF84A56AEEEA8EB693BF29A6403" +
+                "45FA1298A16E85421B2208D00068A5A42915F82CF0B858C8" +
+                "FA39D43D704B6927E0B2F916304E86FB6A1B487F07D8139E" +
+                "428BB096C6D67A76EC0B8D4EF274B8A2CF556D279AD267CC" +
+                "EF5AF477AFED029F485B5597739F5D0240F67C2D948A6279", 16)))
+            {
+                Fail("G incorrect");
+            }
+
+            //KeyPairGenerator    g = KeyPairGenerator.getInstance("DSA", "BC");
+            IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA");
+            //g.initialize(dsaP, FixedSecureRandom.From(Hex.Decode("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C")));
+            g.Init(new DsaKeyGenerationParameters(FixedSecureRandom.From(Hex.Decode("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C")), dsaP));
+            //KeyPair p = g.generateKeyPair();
+            AsymmetricCipherKeyPair p = g.GenerateKeyPair();
+
+            //DSAPrivateKey  sKey = (DSAPrivateKey)p.getPrivate();
+            //DSAPublicKey   vKey = (DSAPublicKey)p.getPublic();
+            DsaPrivateKeyParameters sKey = (DsaPrivateKeyParameters)p.Private;
+            DsaPublicKeyParameters vKey = (DsaPublicKeyParameters)p.Public;
+
+            if (!vKey.Y.Equals(new BigInteger(
+                "2828003D7C747199143C370FDD07A286" +
+                "1524514ACC57F63F80C38C2087C6B795B62DE1C224BF8D1D" +
+                "1424E60CE3F5AE3F76C754A2464AF292286D873A7A30B7EA" +
+                "CBBC75AAFDE7191D9157598CDB0B60E0C5AA3F6EBE425500" +
+                "C611957DBF5ED35490714A42811FDCDEB19AF2AB30BEADFF" +
+                "2907931CEE7F3B55532CFFAEB371F84F01347630EB227A41" +
+                "9B1F3F558BC8A509D64A765D8987D493B007C4412C297CAF" +
+                "41566E26FAEE475137EC781A0DC088A26C8804A98C23140E" +
+                "7C936281864B99571EE95C416AA38CEEBB41FDBFF1EB1D1D" +
+                "C97B63CE1355257627C8B0FD840DDB20ED35BE92F08C49AE" +
+                "A5613957D7E5C7A6D5A5834B4CB069E0831753ECF65BA02B", 16)))
+            {
+                Fail("Y value incorrect");
+            }
+
+            if (!sKey.X.Equals(
+                new BigInteger("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C", 16)))
+            {
+                Fail("X value incorrect");
+            }
+
+            //byte[] encodeParams = parameters.getEncoded();
+            byte[] encodeParams = new DsaParameter(dsaP.P, dsaP.Q, dsaP.G).GetDerEncoded();
+
+            //AlgorithmParameters a2 = AlgorithmParameters.getInstance("DSA", "BC");
+            //a2.init(encodeParams);
+            DsaParameter dsaP2 = DsaParameter.GetInstance(Asn1Object.FromByteArray(encodeParams));
+            DsaParameters p2 = new DsaParameters(dsaP.P, dsaP.Q, dsaP.G);
+
+            // a and a2 should be equivalent!
+            //byte[] encodeParams_2 = a2.GetEncoded();
+            byte[] encodeParams_2 = new DsaParameter(p2.P, p2.Q, p2.G).GetDerEncoded();
+
+            if (!AreEqual(encodeParams, encodeParams_2))
+            {
+                Fail("encode/decode parameters failed");
+            }
+
+            ISigner s = SignerUtilities.GetSigner("DSA");
+            byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
+
+            s.Init(true, sKey);
+
+            s.BlockUpdate(data, 0, data.Length);
+
+            byte[] sigBytes = s.GenerateSignature();
+
+            s = SignerUtilities.GetSigner("DSA");
+
+            s.Init(false, vKey);
+
+            s.BlockUpdate(data, 0, data.Length);
+
+            if (!s.VerifySignature(sigBytes))
+            {
+                Fail("DSA verification failed");
+            }
+        }
+
+        public override void PerformTest()
+        {
+            // TODO
+//			TestCompat();
+            TestNONEwithDSA();
+            TestECDsa239BitPrime();
+            TestECDsa239BitBinary();
+            TestECDsa239BitBinaryRipeMD160();
+            TestECDsa239BitBinarySha1();
+            TestECDsa239BitBinarySha224();
+            TestECDsa239BitBinarySha256();
+            TestECDsa239BitBinarySha384();
+            TestECDsa239BitBinarySha512();
+
+            TestGeneration();
+            TestParameters();
+            TestDsa2Parameters();
+        }
+
+        protected BigInteger[] DerDecode(
+            byte[] encoding)
+        {
+            Asn1Sequence s = (Asn1Sequence) Asn1Object.FromByteArray(encoding);
+
+            return new BigInteger[]
+            {
+                ((DerInteger)s[0]).Value,
+                ((DerInteger)s[1]).Value
+            };
+        }
+
+        public override string Name
+        {
+            get { return "DSA/ECDSA"; }
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new DsaTest());
+        }
+
+        private class DsaTestSecureRandom
+            : FixedSecureRandom
+        {
+            private bool first = true;
+
+            public DsaTestSecureRandom(byte[] value)
+                : base(Arrays.Clone(value))
+            {
+            }
+
+            public override void NextBytes(byte[] bytes)
+            {
+                if (first)
+                {
+                    base.NextBytes(bytes);
+                    first = false;
+                }
+                else
+                {
+                    bytes[bytes.Length - 1] = 2;
+                }
+            }
+        }
+    }
+}
diff --git a/crypto/test/src/test/DigestTest.cs b/crypto/test/src/test/DigestTest.cs
new file mode 100644
index 000000000..5d840ee66
--- /dev/null
+++ b/crypto/test/src/test/DigestTest.cs
@@ -0,0 +1,175 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+    [TestFixture]
+    public class DigestTest
+        : SimpleTest
+    {
+        private static string[,] abcVectors =
+        {
+            { "MD2", "da853b0d3f88d99b30283a69e6ded6bb" },
+            { "MD4", "a448017aaf21d8525fc10ae87aa6729d" },
+            { "MD5", "900150983cd24fb0d6963f7d28e17f72"},
+            { "SHA-1", "a9993e364706816aba3e25717850c26c9cd0d89d" },
+            { "SHA-224", "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7" },
+            { "SHA-256", "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" },
+            { "SHA-384", "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7" },
+            { "SHA-512", "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f" },
+            { "SHA-512/224", "4634270F707B6A54DAAE7530460842E20E37ED265CEEE9A43E8924AA" },
+            { "SHA-512/256", "53048E2681941EF99B2E29B76B4C7DABE4C2D0C634FC6D46E0E2F13107E7AF23" },
+            { "RIPEMD128", "c14a12199c66e4ba84636b0f69144c77" },
+            { "RIPEMD160", "8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" },
+            { "RIPEMD256", "afbd6e228b9d8cbbcef5ca2d03e6dba10ac0bc7dcbe4680e1e42d2e975459b65" },
+            { "RIPEMD320", "de4c01b3054f8930a79d09ae738e92301e5a17085beffdc1b8d116713e74f82fa942d64cdbc4682d" },
+            { "Tiger", "2AAB1484E8C158F2BFB8C5FF41B57A525129131C957B5F93" },
+            { "GOST3411", "b285056dbf18d7392d7677369524dd14747459ed8143997e163b2986f92fd42c" },
+            { "WHIRLPOOL", "4E2448A4C6F486BB16B6562C73B4020BF3043E3A731BCE721AE1B303D97E6D4C7181EEBDB6C57E277D0E34957114CBD6C797FC9D95D8B582D225292076D4EEF5" }
+        };
+
+        public override string Name
+        {
+            get { return "Digest"; }
+        }
+
+        void doTest(
+            string algorithm)
+        {
+            byte[] message = Encoding.ASCII.GetBytes("hello world");
+
+            IDigest digest = DigestUtilities.GetDigest(algorithm);
+
+//			byte[] result = digest.digest(message);
+            digest.BlockUpdate(message, 0, message.Length);
+            byte[] result = DigestUtilities.DoFinal(digest);
+
+//			byte[] result2 = digest.digest(message);
+            digest.BlockUpdate(message, 0, message.Length);
+            byte[] result2 = DigestUtilities.DoFinal(digest);
+
+            // test one digest the same message with the same instance
+            if (!AreEqual(result, result2))
+            {
+                Fail("Result object 1 not equal");
+            }
+
+            // test two, single byte updates
+            for (int i = 0; i < message.Length; i++)
+            {
+                digest.Update(message[i]);
+            }
+//			result2 = digest.digest();
+            result2 = DigestUtilities.DoFinal(digest);
+
+            if (!AreEqual(result, result2))
+            {
+                Fail("Result object 2 not equal");
+            }
+
+            // test three, two half updates
+            digest.BlockUpdate(message, 0, message.Length/2);
+            digest.BlockUpdate(message, message.Length/2, message.Length-message.Length/2);
+//			result2 = digest.digest();
+            result2 = DigestUtilities.DoFinal(digest);
+
+            if (!AreEqual(result, result2))
+            {
+                Fail("Result object 3 not equal");
+            }
+
+            // TODO Should we support Clone'ing of digests?
+//			// test four, clone test
+//			digest.BlockUpdate(message, 0, message.Length/2);
+//			IDigest d = (IDigest)digest.Clone();
+//			digest.BlockUpdate(message, message.Length/2, message.Length-message.Length/2);
+////			result2 = digest.digest();
+//			result2 = new byte[digest.GetDigestSize()];
+//			digest.DoFinal(result2, 0);
+//
+//			if (!AreEqual(result, result2))
+//			{
+//				Fail("Result object 4(a) not equal");
+//			}
+//
+//			d.BlockUpdate(message, message.Length/2, message.Length-message.Length/2);
+////			result2 = d.digest();
+//			result2 = new byte[d.GetDigestSize()];
+//			d.DoFinal(result2, 0);
+//
+//			if (!AreEqual(result, result2))
+//			{
+//				Fail("Result object 4(b) not equal");
+//			}
+
+            // test five, check reset() method
+            digest.BlockUpdate(message, 0, message.Length/2);
+            digest.Reset();
+            digest.BlockUpdate(message, 0, message.Length/2);
+            digest.BlockUpdate(message, message.Length/2, message.Length-message.Length/2);
+//			result2 = digest.digest();
+            result2 = DigestUtilities.DoFinal(digest);
+
+            if (!AreEqual(result, result2))
+            {
+                Fail("Result object 5 not equal");
+            }
+        }
+
+        /**
+         * Test the hash against a standard value for the string "abc"
+         *
+         * @param algorithm algorithm to test
+         * @param hash expected value
+         * @return the test result.
+         */
+        void doAbcTest(
+            string algorithm,
+            string hash)
+        {
+            byte[] abc = { (byte)0x61, (byte)0x62, (byte)0x63 };
+
+            IDigest digest = DigestUtilities.GetDigest(algorithm);
+
+//			byte[] result = digest.digest(abc);
+            digest.BlockUpdate(abc, 0, abc.Length);
+            byte[] result = DigestUtilities.DoFinal(digest);
+
+            if (!AreEqual(result, Hex.Decode(hash)))
+            {
+                Fail("abc result not equal for " + algorithm);
+            }
+        }
+
+        public override void PerformTest()
+        {
+            for (int i = 0; i != abcVectors.GetLength(0); i++)
+            {
+                doTest(abcVectors[i, 0]);
+
+                doAbcTest(abcVectors[i, 0], abcVectors[i, 1]);
+            }
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new DigestTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/test/ECDSA5Test.cs b/crypto/test/src/test/ECDSA5Test.cs
new file mode 100644
index 000000000..bbde6b446
--- /dev/null
+++ b/crypto/test/src/test/ECDSA5Test.cs
@@ -0,0 +1,300 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class ECDsa5Test
+		: SimpleTest
+	{
+//		private static readonly byte[] k1 = Hex.Decode("d5014e4b60ef2ba8b6211b4062ba3224e0427dd3");
+//		private static readonly byte[] k2 = Hex.Decode("345e8d05c075c3a508df729a1685690e68fcfb8c8117847e89063bca1f85d968fd281540b6e13bd1af989a1fbf17e06462bf511f9d0b140fb48ac1b1baa5bded");
+//
+//		private SecureRandom random = FixedSecureRandom.From(k1, k2);
+
+		[Test]
+		public void DecodeTest()
+		{
+//			EllipticCurve curve = new EllipticCurve(
+//				new ECFieldFp(new BigInteger("6277101735386680763835789423207666416083908700390324961279")), // q
+//				new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a
+//				new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b
+			ECCurve curve = new FpCurve(
+				new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q
+				new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a
+				new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b
+
+//			ECPoint p = ECPointUtil.DecodePoint(curve, Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012"));
+			ECPoint p = curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012"));
+
+			BigInteger x = p.X.ToBigInteger(); //p.getAffineX();
+
+			if (!x.Equals(new BigInteger("188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", 16)))
+			{
+				Fail("x uncompressed incorrectly");
+			}
+
+			BigInteger y = p.Y.ToBigInteger(); //p.getAffineX();
+			if (!y.Equals(new BigInteger("7192b95ffc8da78631011ed6b24cdd573f977a11e794811", 16)))
+			{
+				Fail("y uncompressed incorrectly");
+			}
+		}
+
+		/**
+		* X9.62 - 1998,<br/>
+		* J.3.2, Page 155, ECDSA over the field Fp<br/>
+		* an example with 239 bit prime
+		*/
+		[Test]
+		public void TestECDsa239BitPrime()
+		{
+			BigInteger r = new BigInteger("308636143175167811492622547300668018854959378758531778147462058306432176");
+			BigInteger s = new BigInteger("323813553209797357708078776831250505931891051755007842781978505179448783");
+
+			byte[] kData = new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655").ToByteArrayUnsigned();
+
+			SecureRandom k = FixedSecureRandom.From(kData);
+
+//			EllipticCurve curve = new EllipticCurve(
+//				new ECFieldFp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839")), // q
+//				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+//				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+			ECCurve curve = new FpCurve(
+				new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
+				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+
+			ECDomainParameters spec = new ECDomainParameters(
+				curve,
+//				ECPointUtil.DecodePoint(curve, Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
+				curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
+				new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"), // n
+				BigInteger.One); //1); // h
+
+			ECPrivateKeyParameters sKey = new ECPrivateKeyParameters(
+				"ECDSA",
+				new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d
+				spec);
+
+			ECPublicKeyParameters vKey = new ECPublicKeyParameters(
+				"ECDSA",
+//				ECPointUtil.DecodePoint(curve, Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
+				curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
+				spec);
+
+			ISigner sgr = SignerUtilities.GetSigner("ECDSA");
+//			KeyFactory f = KeyFactory.getInstance("ECDSA");
+//			AsymmetricKeyParameter sKey = f.generatePrivate(priKey);
+//			AsymmetricKeyParameter vKey = f.generatePublic(pubKey);
+
+			sgr.Init(true, new ParametersWithRandom(sKey, k));
+
+			byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
+
+			sgr.BlockUpdate(message, 0, message.Length);
+
+			byte[] sigBytes = sgr.GenerateSignature();
+
+			sgr.Init(false, vKey);
+
+			sgr.BlockUpdate(message, 0, message.Length);
+
+			if (!sgr.VerifySignature(sigBytes))
+			{
+				Fail("239 Bit EC verification failed");
+			}
+
+			BigInteger[] sig = derDecode(sigBytes);
+
+			if (!r.Equals(sig[0]))
+			{
+				Fail("r component wrong." + SimpleTest.NewLine
+					+ " expecting: " + r + SimpleTest.NewLine
+					+ " got      : " + sig[0]);
+			}
+
+			if (!s.Equals(sig[1]))
+			{
+				Fail("s component wrong." + SimpleTest.NewLine
+					+ " expecting: " + s + SimpleTest.NewLine
+					+ " got      : " + sig[1]);
+			}
+		}
+
+		/**
+		* X9.62 - 1998,<br/>
+		* J.2.1, Page 100, ECDSA over the field F2m<br/>
+		* an example with 191 bit binary field
+		*/
+		[Test]
+		public void TestECDsa239BitBinary()
+		{
+			BigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552");
+			BigInteger s = new BigInteger("197030374000731686738334997654997227052849804072198819102649413465737174");
+	    
+			byte[] kData = new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363").ToByteArrayUnsigned();
+
+			SecureRandom k = FixedSecureRandom.From(kData);
+
+//			EllipticCurve curve = new EllipticCurve(
+//				new ECFieldF2m(239, // m
+//							new int[] { 36 }), // k
+//				new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a
+//				new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b
+			ECCurve curve = new F2mCurve(
+				239, // m
+				36, // k
+				new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a
+				new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b
+
+			ECDomainParameters parameters = new ECDomainParameters(
+				curve,
+//				ECPointUtil.DecodePoint(curve, Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G
+				curve.DecodePoint(Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G
+				new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783"), // n
+				BigInteger.ValueOf(4)); //4); // h
+
+			ECPrivateKeyParameters sKey = new ECPrivateKeyParameters(
+				"ECDSA",
+				new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d
+				parameters);
+
+			ECPublicKeyParameters vKey = new ECPublicKeyParameters(
+				"ECDSA",
+//				ECPointUtil.DecodePoint(curve, Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q
+				curve.DecodePoint(Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q
+				parameters);
+
+			ISigner sgr = SignerUtilities.GetSigner("ECDSA");
+//			KeyFactory f = KeyFactory.getInstance("ECDSA");
+//			AsymmetricKeyParameter sKey = f.generatePrivate(priKeySpec);
+//			AsymmetricKeyParameter vKey = f.generatePublic(pubKeySpec);
+			byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
+
+			sgr.Init(true, new ParametersWithRandom(sKey, k));
+
+			sgr.BlockUpdate(message, 0, message.Length);
+
+			byte[] sigBytes = sgr.GenerateSignature();
+
+			sgr.Init(false, vKey);
+
+			sgr.BlockUpdate(message, 0, message.Length);
+
+			if (!sgr.VerifySignature(sigBytes))
+			{
+				Fail("239 Bit EC verification failed");
+			}
+
+			BigInteger[] sig = derDecode(sigBytes);
+
+			if (!r.Equals(sig[0]))
+			{
+				Fail("r component wrong." + SimpleTest.NewLine
+					+ " expecting: " + r + SimpleTest.NewLine
+					+ " got      : " + sig[0]);
+			}
+
+			if (!s.Equals(sig[1]))
+			{
+				Fail("s component wrong." + SimpleTest.NewLine
+					+ " expecting: " + s + SimpleTest.NewLine
+					+ " got      : " + sig[1]);
+			}
+		}
+
+		[Test]
+		public void TestGeneration()
+		{
+			//
+			// ECDSA generation test
+			//
+			byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
+			ISigner s = SignerUtilities.GetSigner("ECDSA");
+			IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
+
+//			EllipticCurve curve = new EllipticCurve(
+//				new ECFieldFp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839")), // q
+//				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+//				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+			ECCurve curve = new FpCurve(
+				new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
+				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+
+			ECDomainParameters ecSpec = new ECDomainParameters(
+				curve,
+//				ECPointUtil.DecodePoint(curve,
+				curve.DecodePoint(
+					Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
+				new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"), // n
+				BigInteger.One); //1); // h
+
+			g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom()));
+
+			AsymmetricCipherKeyPair p = g.GenerateKeyPair();
+
+			AsymmetricKeyParameter sKey = p.Private;
+			AsymmetricKeyParameter vKey = p.Public;
+
+			s.Init(true, sKey);
+
+			s.BlockUpdate(data, 0, data.Length);
+
+			byte[] sigBytes = s.GenerateSignature();
+
+			s = SignerUtilities.GetSigner("ECDSA");
+
+			s.Init(false, vKey);
+
+			s.BlockUpdate(data, 0, data.Length);
+
+			if (!s.VerifySignature(sigBytes))
+			{
+				Fail("ECDSA verification failed");
+			}
+		}
+
+		protected BigInteger[] derDecode(
+			byte[] encoding)
+		{
+			Asn1Sequence s = (Asn1Sequence) Asn1Object.FromByteArray(encoding);
+
+			return new BigInteger[]
+			{
+				((DerInteger)s[0]).Value,
+				((DerInteger)s[1]).Value
+			};
+		}
+
+		public override string Name
+		{
+			get { return "ECDSA5"; }
+		}
+
+		public override void PerformTest()
+		{
+			DecodeTest();
+			TestECDsa239BitPrime();
+			TestECDsa239BitBinary();
+			TestGeneration();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new ECDsa5Test());
+		}
+	}
+}
diff --git a/crypto/test/src/test/ECEncodingTest.cs b/crypto/test/src/test/ECEncodingTest.cs
new file mode 100644
index 000000000..0e80d611a
--- /dev/null
+++ b/crypto/test/src/test/ECEncodingTest.cs
@@ -0,0 +1,243 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class ECEncodingTest
+		: SimpleTest
+	{
+		public override string Name
+		{
+			get { return "ECEncodingTest"; }
+		}
+
+		/** J.4.7 An Example with m = 304 */
+		private int m = 304;
+
+		/** f = 010000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000807 */
+		private int k1 = 1;
+		private int k2 = 2;
+		private int k3 = 11;
+		private static readonly byte[] hexa = {(byte)0xFD, 0x0D, 0x69, 0x31, 0x49, (byte)0xA1, 0x18, (byte)0xF6, 0x51
+			, (byte)0xE6, (byte)0xDC, (byte)0xE6, (byte)0x80, 0x20, (byte)0x85, 0x37, 0x7E, 0x5F, (byte)0x88, 0x2D, 0x1B, 0x51
+			, 0x0B, 0x44, 0x16, 0x00, 0x74, (byte)0xC1, 0x28, (byte)0x80, 0x78, 0x36, 0x5A, 0x03
+			, (byte)0x96, (byte)0xC8, (byte)0xE6, (byte)0x81};
+		private static readonly byte[] hexb = {(byte)0xBD, (byte)0xDB, (byte)0x97, (byte)0xE5, (byte)0x55
+			, (byte)0xA5, (byte)0x0A, (byte)0x90, (byte)0x8E, (byte)0x43, (byte)0xB0
+			, (byte)0x1C, (byte)0x79, (byte)0x8E, (byte)0xA5, (byte)0xDA, (byte)0xA6
+			, (byte)0x78, (byte)0x8F, (byte)0x1E, (byte)0xA2, (byte)0x79
+			, (byte)0x4E, (byte)0xFC, (byte)0xF5, (byte)0x71, (byte)0x66, (byte)0xB8
+			, (byte)0xC1, (byte)0x40, (byte)0x39, (byte)0x60, (byte)0x1E
+			, (byte)0x55, (byte)0x82, (byte)0x73, (byte)0x40, (byte)0xBE};
+		private static readonly BigInteger a = new BigInteger(1, hexa);
+		private static readonly BigInteger b = new BigInteger(1, hexb);
+
+		/** Base point G (with point compression) */
+		private byte[] enc = {0x02, 0x19, 0x7B, 0x07, (byte)0x84, 0x5E, (byte)0x9B, (byte)0xE2, (byte)0xD9, 0x6A, (byte)0xDB, 0x0F
+				, 0x5F, 0x3C, 0x7F, 0x2C, (byte)0xFF, (byte)0xBD, 0x7A, 0x3E, (byte)0xB8, (byte)0xB6, (byte)0xFE, 
+				(byte)0xC3, 0x5C, 0x7F, (byte)0xD6, 0x7F, 0x26, (byte)0xDD, (byte)0xF6
+				, 0x28, 0x5A, 0x64, 0x4F, 0x74, 0x0A, 0x26, 0x14};
+
+		private void doTestPointCompression() 
+		{
+			ECCurve curve = new F2mCurve(m, k1, k2, k3, a, b);
+			curve.DecodePoint(enc);
+
+			int[] ks = new int[3];
+			ks[0] = k3;
+			ks[1] = k2;
+			ks[2] = k1;
+		}
+	    
+		public override void PerformTest()
+		{
+			byte[] ecParams = Hex.Decode("3081C8020101302806072A8648CE3D0101021D00D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF303C041C68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43041C2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B0439040D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD021D00D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F020101");
+			doTestParams(ecParams, true);
+
+			doTestParams(ecParams, false);
+
+			ecParams = Hex.Decode("3081C8020101302806072A8648CE3D0101021D00D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF303C041C56E6C7E4F11A7B4B961A4DCB5BD282EB22E42E9BCBE3E7B361F18012041C4BE3E7B361F18012F2353D22975E02D8D05D2C6F3342DD8F57D4C76F0439048D127A0C27E0DE207ED3B7FB98F83C8BD5A2A57C827F4B97874DEB2C1BAEB0C006958CE61BB1FC81F5389E288CB3E86E2ED91FB47B08FCCA021D00D7C134AA264366862A18302575D11A5F7AABFBA3D897FF5CA727AF53020101");
+			doTestParams(ecParams, true);
+
+			doTestParams(ecParams, false);
+
+			ecParams = Hex.Decode("30820142020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff3066043100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc043100b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973020101");
+			doTestParams(ecParams, true);
+
+			doTestParams(ecParams, false);
+
+			doTestPointCompression();
+		}
+
+		private void doTestParams(
+			byte[]	ecParameterEncoded,
+			bool	compress)
+		{
+//			string keyStorePass = "myPass";
+			Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray(ecParameterEncoded);
+			X9ECParameters x9 = new X9ECParameters(seq);
+			AsymmetricCipherKeyPair kp = null;
+			bool success = false;
+			while (!success)
+			{
+				IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
+//				kpg.Init(new ECParameterSpec(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed()));
+				ECDomainParameters ecParams = new ECDomainParameters(
+					x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed());
+				kpg.Init(new ECKeyGenerationParameters(ecParams, new SecureRandom()));
+				kp = kpg.GenerateKeyPair();
+				// The very old Problem... we need a certificate chain to
+				// save a private key...
+				ECPublicKeyParameters pubKey = (ECPublicKeyParameters) kp.Public;
+
+				if (!compress)
+				{
+					//pubKey.setPointFormat("UNCOMPRESSED");
+					pubKey = SetPublicUncompressed(pubKey, false);
+				}
+
+				byte[] x = pubKey.Q.X.ToBigInteger().ToByteArrayUnsigned();
+				byte[] y = pubKey.Q.Y.ToBigInteger().ToByteArrayUnsigned();
+				if (x.Length == y.Length)
+				{
+					success = true;
+				}
+			}
+
+			// The very old Problem... we need a certificate chain to
+			// save a private key...
+
+			X509CertificateEntry[] chain = new X509CertificateEntry[] {
+				new X509CertificateEntry(GenerateSelfSignedSoftECCert(kp, compress))
+			};
+
+//			KeyStore keyStore = KeyStore.getInstance("BKS");
+//			keyStore.load(null, keyStorePass.ToCharArray());
+			Pkcs12Store keyStore = new Pkcs12StoreBuilder().Build();
+
+			keyStore.SetCertificateEntry("ECCert", chain[0]);
+
+			ECPrivateKeyParameters privateECKey = (ECPrivateKeyParameters) kp.Private;
+			keyStore.SetKeyEntry("ECPrivKey", new AsymmetricKeyEntry(privateECKey), chain);
+
+			// Test ec sign / verify
+			ECPublicKeyParameters pub = (ECPublicKeyParameters) kp.Public;
+//			string oldPrivateKey = new string(Hex.encode(privateECKey.getEncoded()));
+			byte[] oldPrivateKeyBytes = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateECKey).GetDerEncoded();
+			string oldPrivateKey = Hex.ToHexString(oldPrivateKeyBytes);
+//			string oldPublicKey = new string(Hex.encode(pub.getEncoded()));
+			byte[] oldPublicKeyBytes = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pub).GetDerEncoded();
+			string oldPublicKey = Hex.ToHexString(oldPublicKeyBytes);
+			ECPrivateKeyParameters newKey = (ECPrivateKeyParameters)
+				keyStore.GetKey("ECPrivKey").Key;
+			ECPublicKeyParameters newPubKey = (ECPublicKeyParameters)
+				keyStore.GetCertificate("ECCert").Certificate.GetPublicKey();
+
+			if (!compress)
+			{
+				// TODO Private key compression?
+				//newKey.setPointFormat("UNCOMPRESSED");
+				//newPubKey.setPointFormat("UNCOMPRESSED");
+				newPubKey = SetPublicUncompressed(newPubKey, false);
+			}
+
+//			string newPrivateKey = new string(Hex.encode(newKey.getEncoded()));
+			byte[] newPrivateKeyBytes = PrivateKeyInfoFactory.CreatePrivateKeyInfo(newKey).GetDerEncoded();
+			string newPrivateKey = Hex.ToHexString(newPrivateKeyBytes);
+//			string newPublicKey = new string(Hex.encode(newPubKey.getEncoded()));
+			byte[] newPublicKeyBytes = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(newPubKey).GetDerEncoded();
+			string newPublicKey = Hex.ToHexString(newPublicKeyBytes);
+
+			if (!oldPrivateKey.Equals(newPrivateKey))
+//			if (!privateECKey.Equals(newKey))
+			{
+				Fail("failed private key comparison");
+			}
+
+			if (!oldPublicKey.Equals(newPublicKey))
+//			if (!pub.Equals(newPubKey))
+			{
+				Fail("failed public key comparison");
+			}
+		}
+
+		/**
+		* Create a self signed cert for our software emulation
+		* 
+		* @param kp
+		*            is the keypair for our certificate
+		* @return a self signed cert for our software emulation
+		* @throws InvalidKeyException
+		*             on error
+		* @throws SignatureException
+		*             on error
+		*/
+		private X509Certificate GenerateSelfSignedSoftECCert(
+			AsymmetricCipherKeyPair	kp,
+			bool					compress)
+		{
+			X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
+			ECPrivateKeyParameters privECKey = (ECPrivateKeyParameters) kp.Private;
+			ECPublicKeyParameters pubECKey = (ECPublicKeyParameters) kp.Public;
+
+			if (!compress)
+			{
+				// TODO Private key compression?
+				//privECKey.setPointFormat("UNCOMPRESSED");
+				//pubECKey.setPointFormat("UNCOMPRESSED");
+				pubECKey = SetPublicUncompressed(pubECKey, false);
+			}
+
+			certGen.SetSignatureAlgorithm("ECDSAwithSHA1");
+			certGen.SetSerialNumber(BigInteger.One);
+			certGen.SetIssuerDN(new X509Name("CN=Software emul (EC Cert)"));
+			certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50000));
+			certGen.SetSubjectDN(new X509Name("CN=Software emul (EC Cert)"));
+			certGen.SetPublicKey(pubECKey);
+
+			return certGen.Generate(privECKey);
+		}
+
+		private ECPublicKeyParameters SetPublicUncompressed(
+			ECPublicKeyParameters	key,
+			bool					withCompression)
+		{
+			ECPoint p = key.Q;
+			return new ECPublicKeyParameters(
+				key.AlgorithmName,
+				p.Curve.CreatePoint(p.X.ToBigInteger(), p.Y.ToBigInteger(), withCompression),
+				key.Parameters);
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new ECEncodingTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/ECNRTest.cs b/crypto/test/src/test/ECNRTest.cs
new file mode 100644
index 000000000..8a24443c2
--- /dev/null
+++ b/crypto/test/src/test/ECNRTest.cs
@@ -0,0 +1,204 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+    [TestFixture]
+    public class ECNRTest
+        : SimpleTest
+    {
+        private static readonly byte[] k1 = Hex.Decode("d5014e4b60ef2ba8b6211b4062ba3224e0427dd3");
+        private static readonly byte[] k2 = Hex.Decode("345e8d05c075c3a508df729a1685690e68fcfb8c8117847e89063bca1f85d968fd281540b6e13bd1af989a1fbf17e06462bf511f9d0b140fb48ac1b1baa5bded");
+
+        private readonly SecureRandom random = FixedSecureRandom.From(k1, k2);
+
+        /**
+         * X9.62 - 1998,<br/>
+         * J.3.2, Page 155, ECDSA over the field Fp<br/>
+         * an example with 239 bit prime
+         */
+        [Test]
+        public void TestECNR239bitPrime()
+        {
+            BigInteger r = new BigInteger("308636143175167811492623515537541734843573549327605293463169625072911693");
+            BigInteger s = new BigInteger("852401710738814635664888632022555967400445256405412579597015412971797143");
+
+            byte[] kData = new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655").ToByteArrayUnsigned();
+
+            SecureRandom k = FixedSecureRandom.From(kData);
+
+            X9ECParameters p = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime239v1);
+            ECDomainParameters spec = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
+            ECCurve curve = spec.Curve;
+
+            ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
+                new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d
+                spec);
+
+            ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+                curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
+                spec);
+
+            ISigner sgr = SignerUtilities.GetSigner("SHA1withECNR");
+            byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
+
+            checkSignature(239, priKey, pubKey, sgr, k, message, r, s);
+        }
+
+        // -------------------------------------------------------------------------
+
+        /**
+         * X9.62 - 1998,<br/>
+         * Page 104-105, ECDSA over the field Fp<br/>
+         * an example with 192 bit prime
+         */
+        [Test]
+        public void TestECNR192bitPrime()
+        {
+            BigInteger r  = new BigInteger("2474388605162950674935076940284692598330235697454145648371");
+            BigInteger s  = new BigInteger("2997192822503471356158280167065034437828486078932532073836");
+
+            byte[] kData = new BigInteger("dcc5d1f1020906df2782360d36b2de7a17ece37d503784af", 16).ToByteArrayUnsigned();
+
+            SecureRandom k = FixedSecureRandom.From(kData);
+
+            X9ECParameters p = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime192v1);
+            ECDomainParameters spec = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
+            ECCurve curve = spec.Curve;
+
+            ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
+                new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d
+                spec);
+
+            ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+                curve.DecodePoint(Hex.Decode("0262B12D60690CDCF330BABAB6E69763B471F994DD702D16A5")), // Q
+                spec);
+
+            ISigner sgr = SignerUtilities.GetSigner("SHA1withECNR");
+            byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
+
+            checkSignature(192, priKey, pubKey, sgr, k, message, r, s);
+        }
+
+        // -------------------------------------------------------------------------
+
+        /**
+         * SEC 2: Recommended Elliptic Curve Domain Parameters - September 2000,<br/>
+         * Page 17-19, Recommended 521-bit Elliptic Curve Domain Parameters over Fp<br/>
+         * an ECC example with a 521 bit prime and a 512 bit hash
+         */
+        [Test]
+        public void TestECNR521bitPrime()
+        {
+            BigInteger r  = new BigInteger("1820641608112320695747745915744708800944302281118541146383656165330049339564439316345159057453301092391897040509935100825960342573871340486684575368150970954");
+            BigInteger s  = new BigInteger("6358277176448326821136601602749690343031826490505780896013143436153111780706227024847359990383467115737705919410755190867632280059161174165591324242446800763");
+
+            byte[] kData = new BigInteger("cdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef", 16).ToByteArrayUnsigned();
+
+            SecureRandom k = FixedSecureRandom.From(kData);
+
+            X9ECParameters p = SecNamedCurves.GetByOid(SecObjectIdentifiers.SecP521r1);
+            ECDomainParameters spec = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
+            ECCurve curve = spec.Curve;
+
+            ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
+                new BigInteger("5769183828869504557786041598510887460263120754767955773309066354712783118202294874205844512909370791582896372147797293913785865682804434049019366394746072023"), // d
+                spec);
+
+            ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+                curve.DecodePoint(Hex.Decode("02006BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q
+                spec);
+
+            ISigner sgr = SignerUtilities.GetSigner("SHA512withECNR");
+            byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
+
+            checkSignature(521, priKey, pubKey, sgr, k, message, r, s);
+        }
+
+        private void checkSignature(
+            int						size,
+            ECPrivateKeyParameters	sKey,
+            ECPublicKeyParameters	vKey,
+            ISigner					sgr,
+            SecureRandom			k,
+            byte[]					message,
+            BigInteger				r,
+            BigInteger				s)
+        {
+            sgr.Init(true, new ParametersWithRandom(sKey, k));
+
+            sgr.BlockUpdate(message, 0, message.Length);
+
+            byte[] sigBytes = sgr.GenerateSignature();
+
+            sgr.Init(false, vKey);
+
+            sgr.BlockUpdate(message, 0, message.Length);
+
+            if (!sgr.VerifySignature(sigBytes))
+            {
+                Fail(size + " bit EC verification failed");
+            }
+
+            BigInteger[] sig = derDecode(sigBytes);
+
+            if (!r.Equals(sig[0]))
+            {
+                Fail(size + "bit"
+                    + ": r component wrong." + SimpleTest.NewLine
+                    + " expecting: " + r + SimpleTest.NewLine
+                    + " got      : " + sig[0]);
+            }
+
+            if (!s.Equals(sig[1]))
+            {
+                Fail(size + "bit"
+                    + ": s component wrong." + SimpleTest.NewLine
+                    + " expecting: " + s + SimpleTest.NewLine
+                    + " got      : " + sig[1]);
+            }
+        }
+
+        protected BigInteger[] derDecode(
+            byte[] encoding)
+        {
+            Asn1Sequence s = (Asn1Sequence) Asn1Object.FromByteArray(encoding);
+
+            return new BigInteger[]
+            {
+                ((DerInteger)s[0]).Value,
+                ((DerInteger)s[1]).Value
+            };
+        }
+
+        public override string Name
+        {
+            get { return "ECNR"; }
+        }
+
+        public override void PerformTest()
+        {
+            TestECNR192bitPrime();
+            TestECNR239bitPrime();
+            TestECNR521bitPrime();
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new ECNRTest());
+        }
+    }
+}
diff --git a/crypto/test/src/test/ElGamalTest.cs b/crypto/test/src/test/ElGamalTest.cs
new file mode 100644
index 000000000..9a87ea9b1
--- /dev/null
+++ b/crypto/test/src/test/ElGamalTest.cs
@@ -0,0 +1,334 @@
+using System;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class ElGamalTest
+		: SimpleTest
+	{
+		private static readonly BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
+		private static readonly BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
+
+		private static readonly BigInteger g768 = new BigInteger("7c240073c1316c621df461b71ebb0cdcc90a6e5527e5e126633d131f87461c4dc4afc60c2cb0f053b6758871489a69613e2a8b4c8acde23954c08c81cbd36132cfd64d69e4ed9f8e51ed6e516297206672d5c0a69135df0a5dcf010d289a9ca1", 16);
+		private static readonly BigInteger p768 = new BigInteger("8c9dd223debed1b80103b8b309715be009d48860ed5ae9b9d5d8159508efd802e3ad4501a7f7e1cfec78844489148cd72da24b21eddd01aa624291c48393e277cfc529e37075eccef957f3616f962d15b44aeab4039d01b817fde9eaa12fd73f", 16);
+
+		private static readonly BigInteger g1024 = new BigInteger("1db17639cdf96bc4eabba19454f0b7e5bd4e14862889a725c96eb61048dcd676ceb303d586e30f060dbafd8a571a39c4d823982117da5cc4e0f89c77388b7a08896362429b94a18a327604eb7ff227bffbc83459ade299e57b5f77b50fb045250934938efa145511166e3197373e1b5b1e52de713eb49792bedde722c6717abf", 16);
+		private static readonly BigInteger p1024 = new BigInteger("a00e283b3c624e5b2b4d9fbc2653b5185d99499b00fd1bf244c6f0bb817b4d1c451b2958d62a0f8a38caef059fb5ecd25d75ed9af403f5b5bdab97a642902f824e3c13789fed95fa106ddfe0ff4a707c85e2eb77d49e68f2808bcea18ce128b178cd287c6bc00efa9a1ad2a673fe0dceace53166f75b81d6709d5f8af7c66bb7", 16);
+
+		public override string Name
+		{
+			get { return "ElGamal"; }
+		}
+
+		[Test]
+		public void TestGP512()
+		{
+			doTestGP(512, 0, g512, p512);
+			doTestGP(512, 64, g512, p512);
+		}
+
+		[Test]
+		public void TestGP768()
+		{
+			doTestGP(768, 0, g768, p768);
+			doTestGP(768, 128, g768, p768);
+		}
+
+		[Test]
+		public void TestGP1024()
+		{
+			doTestGP(1024, 0, g1024, p1024);
+			doTestGP(1024, 256, g1024, p1024);
+		}
+
+		[Test]
+		public void TestRandom256()
+		{
+			doTestRandom(256);
+		}
+
+		private void doTestGP(
+			int			size,
+			int         privateValueSize,
+			BigInteger	g,
+			BigInteger	p)
+		{
+			IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("ElGamal");
+
+//			DHParameterSpec elParams = new DHParameterSpec(p, g);
+//			keyGen.initialize(elParams);
+			ElGamalParameters elParams = new ElGamalParameters(p, g, privateValueSize);
+			ElGamalKeyGenerationParameters elKgp = new ElGamalKeyGenerationParameters(
+				new SecureRandom(), elParams);
+			keyGen.Init(elKgp);
+
+			AsymmetricCipherKeyPair keyPair = keyGen.GenerateKeyPair();
+			SecureRandom rand = new SecureRandom();
+
+			checkKeySize(privateValueSize, keyPair);
+
+			IBufferedCipher cipher = CipherUtilities.GetCipher("ElGamal");
+
+			cipher.Init(true, new ParametersWithRandom(keyPair.Public, rand));
+
+			byte[] inBytes = Encoding.ASCII.GetBytes("This is a test");
+
+			if (cipher.GetOutputSize(inBytes.Length) != (size / 8) * 2)
+			{
+				Fail("getOutputSize wrong on encryption");
+			}
+
+			byte[] outBytes = cipher.DoFinal(inBytes);
+
+			cipher.Init(false, keyPair.Private);
+
+			if (cipher.GetOutputSize(outBytes.Length) != (size / 8) - 1)
+			{
+				Fail("GetOutputSize wrong on decryption");
+			}
+
+
+			//
+			// No Padding - maximum length
+			//
+			byte[] modBytes = ((ElGamalPublicKeyParameters)keyPair.Public).Parameters.P.ToByteArray();
+			byte[] maxInput = new byte[modBytes.Length - 1];
+
+			maxInput[0] |= 0x7f;
+
+			cipher.Init(true, new ParametersWithRandom(keyPair.Public, rand));
+
+			outBytes = cipher.DoFinal(maxInput);
+
+			cipher.Init(false, keyPair.Private);
+
+			outBytes = cipher.DoFinal(outBytes);
+
+			if (!AreEqual(outBytes, maxInput))
+			{
+				Fail("NoPadding test failed on decrypt expected "
+					+ Hex.ToHexString(maxInput) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+
+			//
+			// encrypt/decrypt
+			//
+			IBufferedCipher c1 = CipherUtilities.GetCipher("ElGamal");
+			IBufferedCipher c2 = CipherUtilities.GetCipher("ElGamal");
+
+			c1.Init(true, new ParametersWithRandom(keyPair.Public, rand));
+
+			byte[] out1 = c1.DoFinal(inBytes);
+
+			c2.Init(false, keyPair.Private);
+
+			byte[] out2 = c2.DoFinal(out1);
+
+			if (!AreEqual(inBytes, out2))
+			{
+				Fail(size + " encrypt test failed");
+			}
+
+
+			//
+			// encrypt/decrypt with update
+			//
+			int outLen = c1.ProcessBytes(inBytes, 0, 2, out1, 0);
+
+			outLen += c1.DoFinal(inBytes, 2, inBytes.Length - 2, out1, outLen);
+
+			outLen = c2.ProcessBytes(out1, 0, 2, out2, 0);
+
+			outLen += c2.DoFinal(out1, 2, out1.Length - 2, out2, outLen);
+
+			if (!AreEqual(inBytes, out2))
+			{
+				Fail(size + " encrypt with update test failed");
+			}
+
+
+
+			//
+			// public key encoding test
+			//
+//			byte[] pubEnc = keyPair.Public.GetEncoded();
+			byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyPair.Public).GetDerEncoded();
+
+//			KeyFactory keyFac = KeyFactory.GetInstance("ElGamal");
+//			X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc);
+//			DHPublicKeyParameters pubKey = (DHPublicKeyParameters)keyFac.generatePublic(pubX509);
+			ElGamalPublicKeyParameters pubKey = (ElGamalPublicKeyParameters)
+				PublicKeyFactory.CreateKey(pubEnc);
+			ElGamalParameters spec = pubKey.Parameters;
+
+			if (!spec.G.Equals(elParams.G) || !spec.P.Equals(elParams.P))
+			{
+				Fail(size + " bit public key encoding/decoding test failed on parameters");
+			}
+
+			if (!((ElGamalPublicKeyParameters)keyPair.Public).Y.Equals(pubKey.Y))
+			{
+				Fail(size + " bit public key encoding/decoding test failed on y value");
+			}
+
+/*
+			//
+			// public key serialisation test
+			//
+			// TODO Is there some standard this serialization must conform to?
+			BinaryFormatter formatter = new BinaryFormatter();
+
+			MemoryStream bOut = new MemoryStream();
+//			ObjectOutputStream oOut = new ObjectOutputStream(bOut);
+//			oOut.writeObject(keyPair.Public);
+			formatter.Serialize(bOut, keyPair.Public);
+
+			MemoryStream bIn = new MemoryStream(bOut.ToArray(), false);
+//			ObjectInputStream oIn = new ObjectInputStream(bIn);
+//			pubKey = (DHPublicKeyParameters)oIn.readObject();
+			pubKey = (ElGamalPublicKeyParameters) formatter.Deserialize(bIn);
+			spec = pubKey.Parameters;
+
+			if (!spec.G.Equals(elParams.G) || !spec.P.Equals(elParams.P))
+			{
+				Fail(size + " bit public key serialisation test failed on parameters");
+			}
+
+			if (!((ElGamalPublicKeyParameters )keyPair.Public).Y.Equals(pubKey.Y))
+			{
+				Fail(size + " bit public key serialisation test failed on y value");
+			}
+*/
+
+			//
+			// private key encoding test
+			//
+			// TODO Keys don't support GetEncoded
+//			byte[] privEnc = keyPair.Private.GetEncoded();
+			byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(keyPair.Private).GetDerEncoded();
+
+//			PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
+//			DHPrivateKeyParameters privKey = (DHPrivateKeyParameters)keyFac.generatePrivate(privPKCS8);
+			ElGamalPrivateKeyParameters privKey = (ElGamalPrivateKeyParameters)
+				PrivateKeyFactory.CreateKey(privEnc);
+
+			spec = privKey.Parameters;
+
+			if (!spec.G.Equals(elParams.G) || !spec.P.Equals(elParams.P))
+			{
+				Fail(size + " bit private key encoding/decoding test failed on parameters");
+			}
+
+			if (!((ElGamalPrivateKeyParameters)keyPair.Private).X.Equals(privKey.X))
+			{
+				Fail(size + " bit private key encoding/decoding test failed on y value");
+			}
+
+/*
+			//
+			// private key serialisation test
+			//
+			bOut = new MemoryStream();
+//			oOut = new ObjectOutputStream(bOut);
+//			oOut.writeObject(keyPair.Private);
+			formatter.Serialize(bOut, keyPair.Private);
+
+			bIn = new MemoryStream(bOut.ToArray(), false);
+//			oIn = new ObjectInputStream(bIn);
+//			privKey = (DHPrivateKeyParameters)oIn.readObject();
+			privKey = (ElGamalPrivateKeyParameters) formatter.Deserialize(bIn);
+			spec = privKey.Parameters;
+
+			if (!spec.G.Equals(elParams.G) || !spec.P.Equals(elParams.P))
+			{
+				Fail(size + " bit private key serialisation test failed on parameters");
+			}
+
+			if (!((ElGamalPrivateKeyParameters) keyPair.Private).X.Equals(privKey.X))
+			{
+				Fail(size + " bit private key serialisation test failed on y value");
+			}
+*/
+		}
+
+		private void checkKeySize(int privateValueSize, AsymmetricCipherKeyPair aKeyPair)
+		{
+			if (privateValueSize != 0)
+			{
+//				DHPrivateKey key = (DHPrivateKey)aKeyPair.getPrivate();
+				ElGamalPrivateKeyParameters key = (ElGamalPrivateKeyParameters) aKeyPair.Private;
+
+				if (key.X.BitLength != privateValueSize)
+				{
+					Fail("limited key check failed for key size " + privateValueSize);
+				}
+			}
+		}
+
+		private void doTestRandom(
+			int size)
+		{
+//			AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("ElGamal");
+//			a.init(size, new SecureRandom());
+			ElGamalParametersGenerator a = new ElGamalParametersGenerator();
+			a.Init(size, 20, new SecureRandom());
+
+//			AlgorithmParameters parameters = a.generateParameters();
+			ElGamalParameters p = a.GenerateParameters();
+
+//			byte[] encodeParams = parameters.GetEncoded();
+			byte[] encodeParams = new ElGamalParameter(p.P, p.G).GetDerEncoded(); 
+
+//			AlgorithmParameters a2 = AlgorithmParameters.getInstance("ElGamal");
+//			a2.init(encodeParams);
+			ElGamalParameter elP = new ElGamalParameter((Asn1Sequence) Asn1Object.FromByteArray(encodeParams));
+			ElGamalParameters p2 = new ElGamalParameters(elP.P, elP.G);
+
+			// a and a2 should be equivalent!
+//			byte[] encodeParams_2 = a2.GetEncoded();
+			byte[] encodeParams_2 = new ElGamalParameter(p2.P, p2.G).GetDerEncoded(); 
+
+			if (!AreEqual(encodeParams, encodeParams_2))
+			{
+				Fail(this.Name + ": encode/decode parameters failed");
+			}
+
+//			DHParameters elP = (DHParameters)parameters.getParameterSpec(typeof(DHParameters));
+
+			doTestGP(size, 0, elP.G, elP.P);
+		}
+
+		public override void PerformTest()
+		{
+			TestGP512();
+			TestGP768();
+			TestGP1024();
+			TestRandom256();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new ElGamalTest());
+		}
+	}
+}
diff --git a/crypto/test/src/test/EncryptedPrivateKeyInfoTest.cs b/crypto/test/src/test/EncryptedPrivateKeyInfoTest.cs
new file mode 100644
index 000000000..baac5ff7f
--- /dev/null
+++ b/crypto/test/src/test/EncryptedPrivateKeyInfoTest.cs
@@ -0,0 +1,154 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class EncryptedPrivateKeyInfoTest
+		: SimpleTest
+	{
+		private const string alg = "1.2.840.113549.1.12.1.3"; // 3 key triple DES with SHA-1
+
+		public override void PerformTest()
+		{
+			IAsymmetricCipherKeyPairGenerator fact = GeneratorUtilities.GetKeyPairGenerator("RSA");
+			fact.Init(new KeyGenerationParameters(new SecureRandom(), 512));
+
+			AsymmetricCipherKeyPair keyPair = fact.GenerateKeyPair();
+
+			AsymmetricKeyParameter priKey = keyPair.Private;
+			AsymmetricKeyParameter pubKey = keyPair.Public;
+
+			//
+			// set up the parameters
+			//
+			byte[] salt = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 };
+			int iterationCount = 100;
+			Asn1Encodable defParams = PbeUtilities.GenerateAlgorithmParameters(alg, salt, iterationCount);
+			char[] password1 = { 'h', 'e', 'l', 'l', 'o' };
+
+//				AlgorithmParameters parameters = AlgorithmParameters.getInstance(alg);
+//
+//				parameters.init(defParams);
+
+			//
+			// set up the key
+			//
+//				PBEKeySpec pbeSpec = new PBEKeySpec(password1);
+//				SecretKeyFactory keyFact = SecretKeyFactory.getInstance(alg);
+
+//				IBufferedCipher cipher = CipherUtilities.GetCipher(alg);
+			IWrapper wrapper = WrapperUtilities.GetWrapper(alg);
+
+			ICipherParameters parameters = PbeUtilities.GenerateCipherParameters(
+				alg, password1, defParams);
+
+//				cipher.Init(IBufferedCipher.WRAP_MODE, keyFact.generateSecret(pbeSpec), parameters);
+			wrapper.Init(true, parameters);
+
+//				byte[] wrappedKey = cipher.Wrap(priKey);
+			byte[] pkb = PrivateKeyInfoFactory.CreatePrivateKeyInfo(priKey).GetDerEncoded();
+			byte[] wrappedKey = wrapper.Wrap(pkb, 0, pkb.Length);
+
+			//
+			// create encrypted object
+			//
+
+			// TODO Figure out what this was supposed to do
+//				EncryptedPrivateKeyInfo pInfo = new EncryptedPrivateKeyInfo(parameters, wrappedKey);
+			PrivateKeyInfo plain = PrivateKeyInfoFactory.CreatePrivateKeyInfo(priKey);
+			EncryptedPrivateKeyInfo pInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(
+				alg, password1, salt, iterationCount,  plain);
+
+
+			//
+			// decryption step
+			//
+			char[] password2 = { 'h', 'e', 'l', 'l', 'o' };
+
+//				pbeSpec = new PBEKeySpec(password2);
+//
+//				cipher = CipherUtilities.GetCipher(pInfo.EncryptionAlgorithm);
+//
+//				cipher.Init(false, keyFact.generateSecret(pbeSpec), pInfo.getAlgParameters());
+//
+//				PKCS8EncodedKeySpec keySpec = pInfo.getKeySpec(cipher);
+			PrivateKeyInfo decrypted = PrivateKeyInfoFactory.CreatePrivateKeyInfo(password2, pInfo);
+
+//				if (!MessageDigest.isEqual(priKey.GetEncoded(), keySpec.GetEncoded()))
+			if (!decrypted.Equals(plain))
+			{
+				Fail("Private key does not match");
+			}
+
+			//
+			// using ICipherParameters test
+			//
+//			pbeSpec = new PBEKeySpec(password1);
+//			keyFact = SecretKeyFactory.getInstance(alg);
+//			cipher = CipherUtilities.GetCipher(alg);
+			wrapper = WrapperUtilities.GetWrapper(alg);
+
+//			cipher.init(IBufferedCipher.WRAP_MODE, keyFact.generateSecret(pbeSpec), parameters);
+			wrapper.Init(true, parameters);
+
+//			wrappedKey = cipher.wrap(priKey);
+			wrappedKey = wrapper.Wrap(pkb, 0, pkb.Length);
+
+			//
+			// create encrypted object
+			//
+
+			// TODO Figure out what this was supposed to do
+//			pInfo = new EncryptedPrivateKeyInfo(cipher.getParameters(), wrappedKey);
+			plain = PrivateKeyInfoFactory.CreatePrivateKeyInfo(priKey);
+			pInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(
+				alg, password1, salt, iterationCount,  plain);
+
+			//
+			// decryption step
+			//
+//			pbeSpec = new PBEKeySpec(password2);
+//
+//			cipher = CipherUtilities.GetCipher(pInfo.getAlgName());
+//
+//			cipher.init(IBufferedCipher.DECRYPT_MODE, keyFact.generateSecret(pbeSpec), pInfo.getAlgParameters());
+//
+//			keySpec = pInfo.getKeySpec(cipher);
+			decrypted = PrivateKeyInfoFactory.CreatePrivateKeyInfo(password2, pInfo);
+
+//			if (!MessageDigest.isEqual(priKey.GetEncoded(), keySpec.GetEncoded()))
+			if (!decrypted.Equals(plain))
+			{
+				Fail("Private key does not match");
+			}
+		}
+
+		public override string Name
+		{
+			get { return "EncryptedPrivateKeyInfoTest"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new EncryptedPrivateKeyInfoTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/FIPSDESTest.cs b/crypto/test/src/test/FIPSDESTest.cs
new file mode 100644
index 000000000..1f40e1591
--- /dev/null
+++ b/crypto/test/src/test/FIPSDESTest.cs
@@ -0,0 +1,205 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	/// <remarks>
+	/// Basic FIPS test class for a block cipher, just to make sure ECB/CBC/OFB/CFB are behaving
+	/// correctly. Tests from <a href="http://www.itl.nist.gov/fipspubs/fip81.htm">FIPS 81</a>.
+	/// </remarks>
+	[TestFixture]
+	public class FipsDesTest
+		: ITest
+	{
+		private static readonly string[] fips1Tests =
+		{
+			"DES/ECB/NoPadding",
+			"3fa40e8a984d48156a271787ab8883f9893d51ec4b563b53",
+			"DES/CBC/NoPadding",
+			"e5c7cdde872bf27c43e934008c389c0f683788499a7c05f6",
+			"DES/CFB/NoPadding",
+			"f3096249c7f46e51a69e839b1a92f78403467133898ea622"
+		};
+
+		private static readonly string[] fips2Tests =
+		{
+			"DES/CFB8/NoPadding",
+			"f31fda07011462ee187f",
+			"DES/OFB8/NoPadding",
+			"f34a2850c9c64985d684"
+		};
+
+		private static readonly byte[] input1 = Hex.Decode("4e6f77206973207468652074696d6520666f7220616c6c20");
+		private static readonly byte[] input2 = Hex.Decode("4e6f7720697320746865");
+
+		public string Name
+		{
+			get { return "FIPSDES"; }
+		}
+
+		public ITestResult doTest(
+			string	algorithm,
+			byte[]	input,
+			byte[]	output)
+		{
+			KeyParameter key;
+			IBufferedCipher inCipher, outCipher;
+			CipherStream cIn, cOut;
+			MemoryStream bIn, bOut;
+
+//			IvParameterSpec spec = new IvParameterSpec();
+			byte[] spec = Hex.Decode("1234567890abcdef");
+
+			try
+			{
+				key = new DesParameters(Hex.Decode("0123456789abcdef"));
+
+				inCipher = CipherUtilities.GetCipher(algorithm);
+				outCipher = CipherUtilities.GetCipher(algorithm);
+
+				if (algorithm.StartsWith("DES/ECB"))
+				{
+					outCipher.Init(true, key);
+				}
+				else
+				{
+					outCipher.Init(true, new ParametersWithIV(key, spec));
+				}
+			}
+			catch (Exception e)
+			{
+				return new SimpleTestResult(false, Name + ": " + algorithm + " failed initialisation - " + e.ToString(), e);
+			}
+
+			try
+			{
+				if (algorithm.StartsWith("DES/ECB"))
+				{
+					inCipher.Init(false, key);
+				}
+				else
+				{
+					inCipher.Init(false, new ParametersWithIV(key, spec));
+				}
+			}
+			catch (Exception e)
+			{
+				return new SimpleTestResult(false, Name + ": " + algorithm + " failed initialisation - " + e.ToString(), e);
+			}
+
+			//
+			// encryption pass
+			//
+			bOut = new MemoryStream();
+			cOut = new CipherStream(bOut, null, outCipher);
+
+			try
+			{
+				for (int i = 0; i != input.Length / 2; i++)
+				{
+					cOut.WriteByte(input[i]);
+				}
+				cOut.Write(input, input.Length / 2, input.Length - input.Length / 2);
+				cOut.Close();
+			}
+			catch (IOException e)
+			{
+				return new SimpleTestResult(false, Name + ": " + algorithm + " failed encryption - " + e.ToString());
+			}
+
+			byte[] bytes = bOut.ToArray();
+
+			if (!Arrays.AreEqual(bytes, output))
+			{
+				return new SimpleTestResult(false, Name + ": " + algorithm + " failed encryption - expected "
+					+ Hex.ToHexString(output) + " got " + Hex.ToHexString(bytes));
+			}
+
+			//
+			// decryption pass
+			//
+			bIn = new MemoryStream(bytes, false);
+			cIn = new CipherStream(bIn, inCipher, null);
+
+			try
+			{
+				BinaryReader dIn = new BinaryReader(cIn);
+
+				bytes = new byte[input.Length];
+
+				for (int i = 0; i != input.Length / 2; i++)
+				{
+					bytes[i] = dIn.ReadByte();
+				}
+
+				int remaining = bytes.Length - input.Length / 2;
+				byte[] extra = dIn.ReadBytes(remaining);
+				if (extra.Length < remaining)
+					throw new EndOfStreamException();
+				extra.CopyTo(bytes, input.Length / 2);
+			}
+			catch (Exception e)
+			{
+				return new SimpleTestResult(false, Name + ": " + algorithm + " failed encryption - " + e.ToString());
+			}
+
+			if (!Arrays.AreEqual(bytes, input))
+			{
+				return new SimpleTestResult(false, Name + ": " + algorithm + " failed decryption - expected "
+					+ Hex.ToHexString(input) + " got " + Hex.ToHexString(bytes));
+			}
+
+			return new SimpleTestResult(true, Name + ": " + algorithm + " Okay");
+		}
+
+		public ITestResult Perform()
+		{
+			for (int i = 0; i != fips1Tests.Length; i += 2)
+			{
+				ITestResult result = doTest(fips1Tests[i], input1, Hex.Decode(fips1Tests[i + 1]));
+				if (!result.IsSuccessful())
+				{
+					return result;
+				}
+			}
+
+			for (int i = 0; i != fips2Tests.Length; i += 2)
+			{
+				ITestResult result = doTest(fips2Tests[i], input2, Hex.Decode(fips2Tests[i + 1]));
+				if (!result.IsSuccessful())
+				{
+					return result;
+				}
+			}
+
+			return new SimpleTestResult(true, Name + ": Okay");
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new FipsDesTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/GOST28147Test.cs b/crypto/test/src/test/GOST28147Test.cs
new file mode 100644
index 000000000..0adfad334
--- /dev/null
+++ b/crypto/test/src/test/GOST28147Test.cs
@@ -0,0 +1,245 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	/// <remarks>Basic test class for the GOST28147 cipher</remarks>
+	[TestFixture]
+	public class Gost28147Test
+		: SimpleTest
+	{
+		private static string[] cipherTests =
+		{
+			"256",
+			"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
+			"4e6f77206973207468652074696d6520666f7220616c6c20",
+			"281630d0d5770030068c252d841e84149ccc1912052dbc02",
+
+			"256",
+			"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
+			"4e6f77206973207468652074696d65208a920c6ed1a804f5",
+			"88e543dfc04dc4f764fa7b624741cec07de49b007bf36065"
+		};
+
+		public override string Name
+		{
+			get { return "GOST28147"; }
+		}
+
+		private void doTestEcb(
+			int		strength,
+			byte[]	keyBytes,
+			byte[]	input,
+			byte[]	output)
+		{
+			IBufferedCipher inCipher, outCipher;
+			CipherStream cIn, cOut;
+			MemoryStream bIn, bOut;
+
+			KeyParameter key = ParameterUtilities.CreateKeyParameter("GOST28147", keyBytes);
+
+			inCipher = CipherUtilities.GetCipher("GOST28147/ECB/NoPadding");
+			outCipher = CipherUtilities.GetCipher("GOST28147/ECB/NoPadding");
+			outCipher.Init(true, key);
+			inCipher.Init(false, key);
+
+			//
+			// encryption pass
+			//
+			bOut = new MemoryStream();
+			cOut = new CipherStream(bOut, null, outCipher);
+
+			for (int i = 0; i != input.Length / 2; i++)
+			{
+				cOut.WriteByte(input[i]);
+			}
+			cOut.Write(input, input.Length / 2, input.Length - input.Length / 2);
+			cOut.Close();
+
+			byte[] bytes = bOut.ToArray();
+
+			if (!AreEqual(bytes, output))
+			{
+				Fail("GOST28147 failed encryption - expected "
+					+ Hex.ToHexString(output) + " got " + Hex.ToHexString(bytes));
+			}
+
+			//
+			// decryption pass
+			//
+			bIn = new MemoryStream(bytes, false);
+			cIn = new CipherStream(bIn, inCipher, null);
+
+			BinaryReader dIn = new BinaryReader(cIn);
+
+			bytes = new byte[input.Length];
+
+			for (int i = 0; i != input.Length / 2; i++)
+			{
+				bytes[i] = dIn.ReadByte();
+			}
+
+			int remaining = bytes.Length - input.Length / 2;
+			byte[] extra = dIn.ReadBytes(remaining);
+			if (extra.Length < remaining)
+				throw new EndOfStreamException();
+			extra.CopyTo(bytes, input.Length / 2);
+
+			if (!AreEqual(bytes, input))
+			{
+				Fail("GOST28147 failed decryption - expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(bytes));
+			}
+		}
+
+		private void doTestCfb(
+			int         strength,
+			byte[]      keyBytes,
+			byte[]      input,
+			byte[]      output)
+		{
+			IBufferedCipher inCipher, outCipher;
+			CipherStream cIn, cOut;
+			MemoryStream bIn, bOut;
+
+			KeyParameter key = ParameterUtilities.CreateKeyParameter("GOST28147", keyBytes);
+
+			inCipher = CipherUtilities.GetCipher("GOST28147/CFB8/NoPadding");
+			outCipher = CipherUtilities.GetCipher("GOST28147/CFB8/NoPadding");
+			byte[] iv = {1,2,3,4,5,6,7,8};
+
+			outCipher.Init(true, new ParametersWithIV(key, iv));
+			inCipher.Init(false, new ParametersWithIV(key, iv));
+
+			//
+			// encryption pass
+			//
+			bOut = new MemoryStream();
+			cOut = new CipherStream(bOut, null, outCipher);
+
+			for (int i = 0; i != input.Length / 2; i++)
+			{
+				cOut.WriteByte(input[i]);
+			}
+			cOut.Write(input, input.Length / 2, input.Length - input.Length / 2);
+			cOut.Close();
+
+			byte[] bytes = bOut.ToArray();
+
+			if (!AreEqual(bytes, output))
+			{
+				Fail("GOST28147 failed encryption - expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(bytes));
+			}
+
+			//
+			// decryption pass
+			//
+			bIn = new MemoryStream(bytes, false);
+			cIn = new CipherStream(bIn, inCipher, null);
+
+			BinaryReader dIn = new BinaryReader(cIn);
+
+			bytes = new byte[input.Length];
+
+			for (int i = 0; i != input.Length / 2; i++)
+			{
+				bytes[i] = dIn.ReadByte();
+			}
+
+			int remaining = bytes.Length - input.Length / 2;
+			byte[] extra = dIn.ReadBytes(remaining);
+			if (extra.Length < remaining)
+				throw new EndOfStreamException();
+			extra.CopyTo(bytes, input.Length / 2);
+
+			if (!AreEqual(bytes, input))
+			{
+				Fail("GOST28147 failed decryption - expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(bytes));
+			}
+		}
+
+		private void doOidTest()
+		{
+			string[] oids = {
+					CryptoProObjectIdentifiers.GostR28147Cbc.Id,
+			};
+
+			string[] names = {
+				"GOST28147/CBC/PKCS7Padding"
+			};
+
+			try
+			{
+				byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 };
+//				IvParameterSpec ivSpec = new IvParameterSpec(new byte[8]);
+				byte[] iv = new byte[8];
+			    
+				for (int i = 0; i != oids.Length; i++)
+				{
+					IBufferedCipher c1 = CipherUtilities.GetCipher(oids[i]);
+					IBufferedCipher c2 = CipherUtilities.GetCipher(names[i]);
+
+//					KeyGenerator kg = KeyGenerator.getInstance(oids[i]);
+//					SecretKey k = kg.generateKey();
+					CipherKeyGenerator kg = GeneratorUtilities.GetKeyGenerator(oids[i]);
+					KeyParameter k = ParameterUtilities.CreateKeyParameter(oids[i], kg.GenerateKey());
+
+					c1.Init(true, new ParametersWithIV(k, iv));
+					c2.Init(false, new ParametersWithIV(k, iv));
+
+					byte[] result = c2.DoFinal(c1.DoFinal(data));
+
+					if (!AreEqual(data, result))
+					{
+						Fail("failed OID test");
+					}
+				}
+			}
+			catch (Exception ex)
+			{
+				Fail("failed exception " + ex.ToString(), ex);
+			}
+		}
+
+		public override void PerformTest() 
+		{
+			for (int i = 0; i != cipherTests.Length; i += 8)
+			{
+				doTestEcb(int.Parse(cipherTests[i]),
+					Hex.Decode(cipherTests[i + 1]),
+					Hex.Decode(cipherTests[i + 2]),
+					Hex.Decode(cipherTests[i + 3]));
+
+				doTestCfb(int.Parse(cipherTests[i + 4]),
+					Hex.Decode(cipherTests[i + 4 + 1]),
+					Hex.Decode(cipherTests[i + 4 + 2]),
+					Hex.Decode(cipherTests[i + 4 + 3]));
+
+				doOidTest();
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new Gost28147Test());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
\ No newline at end of file
diff --git a/crypto/test/src/test/GOST3410Test.cs b/crypto/test/src/test/GOST3410Test.cs
new file mode 100644
index 000000000..e8c2c1c76
--- /dev/null
+++ b/crypto/test/src/test/GOST3410Test.cs
@@ -0,0 +1,383 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class Gost3410Test
+		: SimpleTest
+	{
+		private void ecGOST3410Test()
+		{
+			BigInteger r = new BigInteger("29700980915817952874371204983938256990422752107994319651632687982059210933395");
+			BigInteger s = new BigInteger("46959264877825372965922731380059061821746083849389763294914877353246631700866");
+
+			byte[] kData = new BigInteger("53854137677348463731403841147996619241504003434302020712960838528893196233395").ToByteArrayUnsigned();
+
+			SecureRandom k = FixedSecureRandom.From(kData);
+
+			BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); //p
+
+			ECCurve curve = new FpCurve(
+				mod_p, // p
+				new BigInteger("7"), // a
+				new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414")); // b
+
+			ECDomainParameters spec = new ECDomainParameters(
+				curve,
+				curve.CreatePoint(
+					new BigInteger("2"),
+					new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280"),
+					false),
+				new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619")); // q
+
+			ECPrivateKeyParameters sKey = new ECPrivateKeyParameters(
+				"ECGOST3410",
+				new BigInteger("55441196065363246126355624130324183196576709222340016572108097750006097525544"), // d
+				spec);
+
+			ECPublicKeyParameters vKey = new ECPublicKeyParameters(
+				"ECGOST3410",
+				curve.CreatePoint(
+					new BigInteger("57520216126176808443631405023338071176630104906313632182896741342206604859403"),
+					new BigInteger("17614944419213781543809391949654080031942662045363639260709847859438286763994"),
+					false),	
+				spec);
+
+			ISigner sgr = SignerUtilities.GetSigner("ECGOST3410");
+
+			sgr.Init(true, new ParametersWithRandom(sKey, k));
+
+			byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
+
+			sgr.BlockUpdate(message, 0, message.Length);
+
+			byte[] sigBytes = sgr.GenerateSignature();
+
+			sgr.Init(false, vKey);
+
+			sgr.BlockUpdate(message, 0, message.Length);
+
+			if (!sgr.VerifySignature(sigBytes))
+			{
+				Fail("ECGOST3410 verification failed");
+			}
+
+			BigInteger[] sig = decode(sigBytes);
+
+			if (!r.Equals(sig[0]))
+			{
+				Fail(
+					": r component wrong." + SimpleTest.NewLine
+					+ " expecting: " + r + SimpleTest.NewLine
+					+ " got      : " + sig[0]);
+			}
+
+			if (!s.Equals(sig[1]))
+			{
+				Fail(
+					": s component wrong." + SimpleTest.NewLine
+					+ " expecting: " + s + SimpleTest.NewLine
+					+ " got      : " + sig[1]);
+			}
+		}
+
+		private void generationTest()
+		{
+			byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
+			ISigner s = SignerUtilities.GetSigner("GOST3410");
+
+			IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("GOST3410");
+			g.Init(
+				new Gost3410KeyGenerationParameters(
+					new SecureRandom(),
+					CryptoProObjectIdentifiers.GostR3410x94CryptoProA));
+
+			AsymmetricCipherKeyPair p = g.GenerateKeyPair();
+
+			AsymmetricKeyParameter sKey = p.Private;
+			AsymmetricKeyParameter vKey = p.Public;
+
+			s.Init(true, sKey);
+
+			s.BlockUpdate(data, 0, data.Length);
+
+			byte[] sigBytes = s.GenerateSignature();
+
+			s = SignerUtilities.GetSigner("GOST3410");
+
+			s.Init(false, vKey);
+
+			s.BlockUpdate(data, 0, data.Length);
+
+			if (!s.VerifySignature(sigBytes))
+			{
+				Fail("GOST3410 verification failed");
+			}
+
+			//
+			// default initialisation test
+			//
+			s = SignerUtilities.GetSigner("GOST3410");
+			g = GeneratorUtilities.GetKeyPairGenerator("GOST3410");
+
+			// TODO This is supposed to be a 'default initialisation' test, but don't have a factory
+			// These values are defaults from JCE provider
+			g.Init(
+				new Gost3410KeyGenerationParameters(
+					new SecureRandom(),
+					CryptoProObjectIdentifiers.GostR3410x94CryptoProA));
+
+			p = g.GenerateKeyPair();
+
+			sKey = p.Private;
+			vKey = p.Public;
+
+			s.Init(true, sKey);
+
+			s.BlockUpdate(data, 0, data.Length);
+
+			sigBytes = s.GenerateSignature();
+
+			s = SignerUtilities.GetSigner("GOST3410");
+
+			s.Init(false, vKey);
+
+			s.BlockUpdate(data, 0, data.Length);
+
+			if (!s.VerifySignature(sigBytes))
+			{
+				Fail("GOST3410 verification failed");
+			}
+
+			//
+			// encoded test
+			//
+			//KeyFactory f = KeyFactory.getInstance("GOST3410");
+			//X509EncodedKeySpec  x509s = new X509EncodedKeySpec(vKey.GetEncoded());
+			//Gost3410PublicKeyParameters k1 = (Gost3410PublicKeyParameters)f.generatePublic(x509s);
+			byte[] vKeyEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(vKey).GetDerEncoded();
+			Gost3410PublicKeyParameters k1 = (Gost3410PublicKeyParameters)
+				PublicKeyFactory.CreateKey(vKeyEnc);
+
+			if (!k1.Y.Equals(((Gost3410PublicKeyParameters)vKey).Y))
+			{
+				Fail("public number not decoded properly");
+			}
+
+			//PKCS8EncodedKeySpec  pkcs8 = new PKCS8EncodedKeySpec(sKey.GetEncoded());
+			//Gost3410PrivateKeyParameters k2 = (Gost3410PrivateKeyParameters)f.generatePrivate(pkcs8);
+			byte[] sKeyEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(sKey).GetDerEncoded();
+			Gost3410PrivateKeyParameters k2 = (Gost3410PrivateKeyParameters)
+				PrivateKeyFactory.CreateKey(sKeyEnc);
+
+			if (!k2.X.Equals(((Gost3410PrivateKeyParameters)sKey).X))
+			{
+				Fail("private number not decoded properly");
+			}
+
+			//
+			// ECGOST3410 generation test
+			//
+			s = SignerUtilities.GetSigner("ECGOST3410");
+			g = GeneratorUtilities.GetKeyPairGenerator("ECGOST3410");
+
+			BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); //p
+
+			ECCurve curve = new FpCurve(
+				mod_p, // p
+				new BigInteger("7"), // a
+				new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414")); // b
+
+			ECDomainParameters ecSpec = new ECDomainParameters(
+				curve,
+				curve.CreatePoint(
+					new BigInteger("2"),
+					new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280"),
+					false),
+				new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619")); // q
+
+			g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom()));
+
+			p = g.GenerateKeyPair();
+
+			sKey = p.Private;
+			vKey = p.Public;
+
+			s.Init(true, sKey);
+
+			s.BlockUpdate(data, 0, data.Length);
+
+			sigBytes = s.GenerateSignature();
+
+			s = SignerUtilities.GetSigner("ECGOST3410");
+
+			s.Init(false, vKey);
+
+			s.BlockUpdate(data, 0, data.Length);
+
+			if (!s.VerifySignature(sigBytes))
+			{
+				Fail("ECGOST3410 verification failed");
+			}
+		}
+
+	    private void keyStoreTest(
+			AsymmetricKeyParameter	sKey,
+			AsymmetricKeyParameter	vKey)
+//	        throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, NoSuchProviderException, SignatureException, InvalidKeyException, UnrecoverableKeyException
+	    {
+	        //
+	        // keystore test
+	        //
+//			KeyStore ks = KeyStore.GetInstance("JKS");
+//			ks.Load(null, null);
+	        Pkcs12StoreBuilder ksBuilder = new Pkcs12StoreBuilder();
+			Pkcs12Store ks = ksBuilder.Build();
+	
+	        //
+	        // create the certificate - version 3
+	        //
+	        X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
+	
+	        certGen.SetSerialNumber(BigInteger.One);
+	        certGen.SetIssuerDN(new X509Name("CN=Test"));
+	        certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+	        certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+	        certGen.SetSubjectDN(new X509Name("CN=Test"));
+	        certGen.SetPublicKey(vKey);
+	        certGen.SetSignatureAlgorithm("GOST3411withGOST3410");
+	
+	        X509Certificate cert = certGen.Generate(sKey);
+			X509CertificateEntry certEntry = new X509CertificateEntry(cert);
+
+//	        ks.SetKeyEntry("gost", sKey, "gost".ToCharArray(), new X509Certificate[] { cert });
+	        ks.SetKeyEntry("gost", new AsymmetricKeyEntry(sKey), new X509CertificateEntry[] { certEntry });
+	
+	        MemoryStream bOut = new MemoryStream();
+	
+	        ks.Save(bOut, "gost".ToCharArray(), new SecureRandom());
+	
+//	        ks = KeyStore.getInstance("JKS");
+			ks = ksBuilder.Build();
+
+	        ks.Load(new MemoryStream(bOut.ToArray(), false), "gost".ToCharArray());
+
+//	        AsymmetricKeyParameter gKey = (AsymmetricKeyParameter)ks.GetKey("gost", "gost".ToCharArray());
+//	        AsymmetricKeyEntry gKeyEntry = (AsymmetricKeyEntry)
+				ks.GetKey("gost");
+	    }
+		
+		private void parametersTest()
+		{
+//	        AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("GOST3410");
+//	        a.init(512, random);
+//	        AlgorithmParameters params = a.generateParameters();
+//
+//	        byte[] encodeParams = params.getEncoded();
+//
+//	        AlgorithmParameters a2 = AlgorithmParameters.getInstance("GOST3410");
+//	        a2.init(encodeParams);
+//
+//	        // a and a2 should be equivalent!
+//	        byte[] encodeParams_2 = a2.getEncoded();
+//
+//	        if (!arrayEquals(encodeParams, encodeParams_2))
+//	        {
+//	            Fail("encode/decode parameters failed");
+//	        }
+
+//			GOST3410ParameterSpec gost3410P = new GOST3410ParameterSpec(
+//				CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_B.getId());
+//			g.initialize(gost3410P, new SecureRandom());
+			IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("GOST3410");
+			g.Init(
+				new Gost3410KeyGenerationParameters(
+					new SecureRandom(),
+					CryptoProObjectIdentifiers.GostR3410x94CryptoProB));
+
+			AsymmetricCipherKeyPair p = g.GenerateKeyPair();
+
+			AsymmetricKeyParameter sKey = p.Private;
+			AsymmetricKeyParameter vKey = p.Public;
+
+			ISigner s = SignerUtilities.GetSigner("GOST3410");
+			byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
+
+			s.Init(true, sKey);
+
+			s.BlockUpdate(data, 0, data.Length);
+
+			byte[] sigBytes = s.GenerateSignature();
+
+			s = SignerUtilities.GetSigner("GOST3410");
+
+			s.Init(false, vKey);
+
+			s.BlockUpdate(data, 0, data.Length);
+
+			if (!s.VerifySignature(sigBytes))
+			{
+				Fail("GOST3410 verification failed");
+			}
+
+        	keyStoreTest(sKey, vKey);
+		}
+
+		private BigInteger[] decode(
+			byte[]  encoding)
+		{
+			byte[] r = new byte[32];
+			byte[] s = new byte[32];
+
+			Array.Copy(encoding, 0, s, 0, 32);
+			Array.Copy(encoding, 32, r, 0, 32);
+
+			BigInteger[] sig = new BigInteger[2];
+
+			sig[0] = new BigInteger(1, r);
+			sig[1] = new BigInteger(1, s);
+
+			return sig;
+		}
+
+		public override string Name
+		{
+			get { return "GOST3410/ECGOST3410"; }
+		}
+
+		public override void PerformTest()
+		{
+			ecGOST3410Test();
+			generationTest();
+			parametersTest();
+		}
+
+		public static void Main(
+			string[]	args)
+		{
+			RunTest(new Gost3410Test());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/HMacTest.cs b/crypto/test/src/test/HMacTest.cs
new file mode 100644
index 000000000..e4f5cb9c1
--- /dev/null
+++ b/crypto/test/src/test/HMacTest.cs
@@ -0,0 +1,189 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Iana;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+    /// <remarks>HMAC tester</remarks>
+    [TestFixture]
+    public class HMacTest
+        : SimpleTest
+    {
+        private static byte[] keyBytes = Hex.Decode("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b");
+        private static byte[] message = Encoding.ASCII.GetBytes("Hi There");
+        private static byte[] output1 = Hex.Decode("b617318655057264e28bc0b6fb378c8ef146be00");
+        private static byte[] outputMD5 = Hex.Decode("5ccec34ea9656392457fa1ac27f08fbc");
+        private static byte[] outputMD2 = Hex.Decode("dc1923ef5f161d35bef839ca8c807808");
+        private static byte[] outputMD4 = Hex.Decode("5570ce964ba8c11756cdc3970278ff5a");
+        private static byte[] output224 = Hex.Decode("896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22");
+        private static byte[] output256 = Hex.Decode("b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7");
+        private static byte[] output384 = Hex.Decode("afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6");
+        private static byte[] output512 = Hex.Decode("87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854");
+        private static byte[] output512_224 = Hex.Decode("b244ba01307c0e7a8ccaad13b1067a4cf6b961fe0c6a20bda3d92039");
+        private static byte[] output512_256 = Hex.Decode("9f9126c3d9c3c330d760425ca8a217e31feae31bfe70196ff81642b868402eab");
+        private static byte[] outputRipeMD128 = Hex.Decode("fda5717fb7e20cf05d30bb286a44b05d");
+        private static byte[] outputRipeMD160 = Hex.Decode("24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668");
+        private static byte[] outputTiger = Hex.Decode("1d7a658c75f8f004916e7b07e2a2e10aec7de2ae124d3647");
+        private static byte[] outputOld384 = Hex.Decode("0a046aaa0255e432912228f8ccda437c8a8363fb160afb0570ab5b1fd5ddc20eb1888b9ed4e5b6cb5bc034cd9ef70e40");
+        private static byte[] outputOld512 = Hex.Decode("9656975ee5de55e75f2976ecce9a04501060b9dc22a6eda2eaef638966280182477fe09f080b2bf564649cad42af8607a2bd8d02979df3a980f15e2326a0a22a");
+
+        public void doTestHMac(
+            string  hmacName,
+            byte[]  output)
+        {
+            KeyParameter key = new KeyParameter(keyBytes); //, hmacName);
+
+            IMac mac = MacUtilities.GetMac(hmacName);
+
+            mac.Init(key);
+
+            mac.Reset();
+
+            mac.BlockUpdate(message, 0, message.Length);
+
+//			byte[] outBytes = mac.DoFinal();
+            byte[] outBytes = new byte[mac.GetMacSize()];
+            mac.DoFinal(outBytes, 0);
+
+            if (!AreEqual(outBytes, output))
+            {
+                Fail("Failed - expected "
+                    + Hex.ToHexString(output) + " got "
+                    + Hex.ToHexString(outBytes));
+            }
+
+            // no key generator for the old algorithms
+            if (hmacName.StartsWith("Old"))
+            {
+                return;
+            }
+
+            CipherKeyGenerator kGen = GeneratorUtilities.GetKeyGenerator(hmacName);
+
+            mac.Init(new KeyParameter(kGen.GenerateKey())); // hmacName
+
+            mac.BlockUpdate(message, 0, message.Length);
+
+//			outBytes = mac.DoFinal();
+            outBytes = new byte[mac.GetMacSize()];
+            mac.DoFinal(outBytes, 0);
+        }
+
+        private void doTestExceptions()
+        {
+            IMac mac = MacUtilities.GetMac("HmacSHA1");
+
+            byte [] b = {(byte)1, (byte)2, (byte)3, (byte)4, (byte)5};
+//			KeyParameter sks = new KeyParameter(b); //, "HmacSHA1");
+//			RC5ParameterSpec algPS = new RC5ParameterSpec(100, 100, 100);
+            RC5Parameters rc5Parameters = new RC5Parameters(b, 100);
+
+            try
+            {
+//				mac.Init(sks, algPS);
+                mac.Init(rc5Parameters);
+            }
+//			catch (InvalidAlgorithmParameterException e)
+            catch (Exception)
+            {
+                // ignore okay
+            }
+
+            try
+            {
+                mac.Init(null); //, null);
+            }
+//			catch (InvalidKeyException)
+//			{
+//				// ignore okay
+//			}
+//			catch (InvalidAlgorithmParameterException e)
+            catch (Exception)
+            {
+                // ignore okay
+            }
+
+//			try
+//			{
+//				mac.Init(null);
+//			}
+//			catch (InvalidKeyException)
+//			{
+//				// ignore okay
+//			}
+        }
+
+        public override void PerformTest()
+        {
+            doTestHMac("HMac-SHA1", output1);
+            doTestHMac("HMac-MD5", outputMD5);
+            doTestHMac("HMac-MD4", outputMD4);
+            doTestHMac("HMac-MD2", outputMD2);
+            doTestHMac("HMac-SHA224", output224);
+            doTestHMac("HMac-SHA256", output256);
+            doTestHMac("HMac-SHA384", output384);
+            doTestHMac("HMac-SHA512", output512);
+            doTestHMac("HMac-SHA512/224", output512_224);
+            doTestHMac("HMac-SHA512/256", output512_256);
+            doTestHMac("HMac-RIPEMD128", outputRipeMD128);
+            doTestHMac("HMac-RIPEMD160", outputRipeMD160);
+            doTestHMac("HMac-TIGER", outputTiger);
+
+            doTestHMac("HMac/SHA1", output1);
+            doTestHMac("HMac/MD5", outputMD5);
+            doTestHMac("HMac/MD4", outputMD4);
+            doTestHMac("HMac/MD2", outputMD2);
+            doTestHMac("HMac/SHA224", output224);
+            doTestHMac("HMac/SHA256", output256);
+            doTestHMac("HMac/SHA384", output384);
+            doTestHMac("HMac/SHA512", output512);
+            doTestHMac("HMac/RIPEMD128", outputRipeMD128);
+            doTestHMac("HMac/RIPEMD160", outputRipeMD160);
+            doTestHMac("HMac/TIGER", outputTiger);
+
+            doTestHMac(PkcsObjectIdentifiers.IdHmacWithSha1.Id, output1);
+            doTestHMac(PkcsObjectIdentifiers.IdHmacWithSha224.Id, output224);
+            doTestHMac(PkcsObjectIdentifiers.IdHmacWithSha256.Id, output256);
+            doTestHMac(PkcsObjectIdentifiers.IdHmacWithSha384.Id, output384);
+            doTestHMac(PkcsObjectIdentifiers.IdHmacWithSha512.Id, output512);
+            doTestHMac(IanaObjectIdentifiers.HmacSha1.Id, output1);
+            doTestHMac(IanaObjectIdentifiers.HmacMD5.Id, outputMD5);
+            doTestHMac(IanaObjectIdentifiers.HmacRipeMD160.Id, outputRipeMD160);
+            doTestHMac(IanaObjectIdentifiers.HmacTiger.Id, outputTiger);
+
+//			// test for compatibility with broken HMac.
+//			doTestHMac("OldHMacSHA384", outputOld384);
+//			doTestHMac("OldHMacSHA512", outputOld512);
+
+            doTestExceptions();
+        }
+
+        public override string Name
+        {
+            get { return "HMac"; }
+        }
+
+        public static void Main(
+            string[] args)
+        {
+            RunTest(new HMacTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
+    }
+}
diff --git a/crypto/test/src/test/IESTest.cs b/crypto/test/src/test/IESTest.cs
new file mode 100644
index 000000000..193fe1ae9
--- /dev/null
+++ b/crypto/test/src/test/IESTest.cs
@@ -0,0 +1,245 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	/**
+	 * test for ECIES - Elliptic Curve Integrated Encryption Scheme
+	 */
+	[TestFixture]
+	public class IesTest
+		: SimpleTest
+	{
+		private static readonly BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
+		private static readonly BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
+
+		public override string Name
+		{
+			get { return "IES"; }
+		}
+
+		public override void PerformTest()
+		{
+			IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECIES");
+
+			ECCurve curve = new FpCurve(
+				new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
+				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+
+			ECDomainParameters ecSpec = new ECDomainParameters(
+				curve,
+				curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
+				new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n
+
+			g.Init(
+				new ECKeyGenerationParameters(
+					ecSpec,
+					new SecureRandom()));
+
+			IBufferedCipher c1 = CipherUtilities.GetCipher("ECIES");
+			IBufferedCipher c2 = CipherUtilities.GetCipher("ECIES");
+
+			doTest(g, c1, c2);
+
+			g = GeneratorUtilities.GetKeyPairGenerator("ECIES");
+
+			g.Init(new KeyGenerationParameters(new SecureRandom(), 192));
+
+			doTest(g, c1, c2);
+
+			g = GeneratorUtilities.GetKeyPairGenerator("ECIES");
+
+			g.Init(new KeyGenerationParameters(new SecureRandom(), 239));
+
+			doTest(g, c1, c2);
+
+			g = GeneratorUtilities.GetKeyPairGenerator("ECIES");
+
+			g.Init(new KeyGenerationParameters(new SecureRandom(), 256));
+
+			doTest(g, c1, c2);
+
+			doDefTest(g, c1, c2);
+
+			c1 = CipherUtilities.GetCipher("IES");
+			c2 = CipherUtilities.GetCipher("IES");
+
+			g = GeneratorUtilities.GetKeyPairGenerator("DH");
+
+//			DHParameterSpec dhParams = new DHParameterSpec(p512, g512);
+//			g.initialize(dhParams);
+			g.Init(
+				new DHKeyGenerationParameters(
+					new SecureRandom(),
+					new DHParameters(p512, g512)));
+
+			doTest(g, c1, c2);
+
+			doDefTest(g, c1, c2);
+		}
+
+		public void doTest(
+			IAsymmetricCipherKeyPairGenerator	g,
+			IBufferedCipher						c1,
+			IBufferedCipher						c2)
+		{
+			//
+			// a side
+			//
+			AsymmetricCipherKeyPair aKeyPair = g.GenerateKeyPair();
+			AsymmetricKeyParameter aPub = aKeyPair.Public;
+			AsymmetricKeyParameter  aPriv = aKeyPair.Private;
+
+			//
+			// b side
+			//
+			AsymmetricCipherKeyPair bKeyPair = g.GenerateKeyPair();
+			AsymmetricKeyParameter bPub = bKeyPair.Public;
+			AsymmetricKeyParameter bPriv = bKeyPair.Private;
+
+			// TODO Put back in
+//			//
+//			// stream test
+//			//
+//			IEKeySpec c1Key = new IEKeySpec(aPriv, bPub);
+//			IEKeySpec c2Key = new IEKeySpec(bPriv, aPub);
+//
+//			byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
+//			byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
+//
+//			IESParameterSpec param = new IESParameterSpec(d, e, 128);
+//
+//			c1.Init(true, c1Key, param);
+//
+//			c2.Init(false, c2Key, param);
+//
+//			byte[] message = Hex.Decode("1234567890abcdef");
+//
+//			byte[] out1 = c1.DoFinal(message, 0, message.Length);
+//
+//			byte[] out2 = c2.DoFinal(out1, 0, out1.Length);
+//
+//			if (!AreEqual(out2, message))
+//			{
+//				Fail("stream cipher test failed");
+//			}
+		}
+
+		public void doDefTest(
+			IAsymmetricCipherKeyPairGenerator	g,
+			IBufferedCipher						c1,
+			IBufferedCipher						c2)
+		{
+			//
+			// a side
+			//
+			AsymmetricCipherKeyPair aKeyPair = g.GenerateKeyPair();
+			AsymmetricKeyParameter aPub = aKeyPair.Public;
+			AsymmetricKeyParameter aPriv = aKeyPair.Private;
+
+			//
+			// b side
+			//
+			AsymmetricCipherKeyPair bKeyPair = g.GenerateKeyPair();
+			AsymmetricKeyParameter bPub = bKeyPair.Public;
+			AsymmetricKeyParameter bPriv = bKeyPair.Private;
+
+			// TODO Put back in
+//			//
+//			// stream test
+//			//
+//			IEKeySpec c1Key = new IEKeySpec(aPriv, bPub);
+//			IEKeySpec c2Key = new IEKeySpec(bPriv, aPub);
+//
+//			c1.Init(true, c1Key);
+//
+//			AlgorithmParameters param = c1.getParameters();
+//
+//			c2.Init(false, c2Key, param);
+//
+//			byte[] message = Hex.Decode("1234567890abcdef");
+//
+//			byte[] out1 = c1.DoFinal(message, 0, message.Length);
+//
+//			byte[] out2 = c2.DoFinal(out1, 0, out1.Length);
+//
+//			if (!AreEqual(out2, message))
+//			{
+//				Fail("stream cipher test failed");
+//			}
+//
+//			//
+//			// int DoFinal
+//			//
+//			int len1 = c1.DoFinal(message, 0, message.Length, out1, 0);
+//
+//			if (len1 != out1.Length)
+//			{
+//				Fail("encryption length wrong");
+//			}
+//
+//			int len2 = c2.DoFinal(out1, 0, out1.Length, out2, 0);
+//
+//			if (len2 != out2.Length)
+//			{
+//				Fail("decryption length wrong");
+//			}
+//        
+//			if (!AreEqual(out2, message))
+//			{
+//				Fail("stream cipher test failed");
+//			}
+//        
+//			//
+//			// int DoFinal with update
+//			//
+//			len1 = c1.ProcessBytes(message, 0, 2, out1, 0);
+//
+//			len1 += c1.DoFinal(message, 2, message.Length - 2, out1, len1);
+//
+//			if (len1 != out1.Length)
+//			{
+//				Fail("update encryption length wrong");
+//			}
+//
+//			len2 = c2.ProcessBytes(out1, 0, 2, out2, 0);
+//
+//			len2 += c2.DoFinal(out1, 2, out1.Length - 2, out2, len2);
+//
+//			if (len2 != out2.Length)
+//			{
+//				Fail("update decryption length wrong");
+//			}
+//
+//			if (!AreEqual(out2, message))
+//			{
+//				Fail("update stream cipher test failed");
+//			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new IesTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/MacTest.cs b/crypto/test/src/test/MacTest.cs
new file mode 100644
index 000000000..d4b3188bd
--- /dev/null
+++ b/crypto/test/src/test/MacTest.cs
@@ -0,0 +1,216 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	/// <remarks>
+	/// MAC tester - vectors from
+	/// <a href="http://www.itl.nist.gov/fipspubs/fip81.htm">FIP 81</a> and
+	/// <a href="http://www.itl.nist.gov/fipspubs/fip113.htm">FIP 113</a>.
+	/// </remarks>
+	[TestFixture]
+	public class MacTest
+		: SimpleTest
+	{
+		private static readonly byte[] keyBytes = Hex.Decode("0123456789abcdef");
+		private static readonly byte[] ivBytes = Hex.Decode("1234567890abcdef");
+
+		private static readonly byte[] input = Hex.Decode("37363534333231204e6f77206973207468652074696d6520666f7220");
+
+		private static readonly byte[] output1 = Hex.Decode("f1d30f68");
+		private static readonly byte[] output2 = Hex.Decode("58d2e77e");
+		private static readonly byte[] output3 = Hex.Decode("cd647403");
+
+		private static readonly byte[] keyBytesISO9797 = Hex.Decode("7CA110454A1A6E570131D9619DC1376E");
+
+		private static readonly byte[] inputISO9797 = Encoding.ASCII.GetBytes("Hello World !!!!");
+
+		private static readonly byte[] outputISO9797 = Hex.Decode("F09B856213BAB83B");
+
+		private static readonly byte[] inputDesEDE64 = Encoding.ASCII.GetBytes("Hello World !!!!");
+
+		private static readonly byte[] outputDesEDE64 = Hex.Decode("862304d33af01096");
+
+		private void aliasTest(
+			KeyParameter	key,
+			string			primary,
+			params string[]	aliases)
+		{
+			IMac mac = MacUtilities.GetMac(primary);
+
+			//
+			// standard DAC - zero IV
+			//
+			mac.Init(key);
+
+			mac.BlockUpdate(input, 0, input.Length);
+
+			byte[] refBytes = new byte[mac.GetMacSize()];
+			mac.DoFinal(refBytes, 0);
+
+			for (int i = 0; i != aliases.Length; i++)
+			{
+				mac = MacUtilities.GetMac(aliases[i]);
+
+				mac.Init(key);
+
+				mac.BlockUpdate(input, 0, input.Length);
+
+				byte[] outBytes = new byte[mac.GetMacSize()];
+				mac.DoFinal(outBytes, 0);
+
+				if (!AreEqual(outBytes, refBytes))
+				{
+					Fail("Failed - expected "
+						+ Hex.ToHexString(refBytes) + " got "
+						+ Hex.ToHexString(outBytes));
+				}
+			}
+		}
+
+		public override void PerformTest()
+		{
+			KeyParameter key = new DesParameters(keyBytes);
+			IMac mac = MacUtilities.GetMac("DESMac");
+
+			//
+			// standard DAC - zero IV
+			//
+			mac.Init(key);
+
+			mac.BlockUpdate(input, 0, input.Length);
+
+			//byte[] outBytes = mac.DoFinal();
+			byte[] outBytes = new byte[mac.GetMacSize()];
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output1))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(output1) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			//
+			// mac with IV.
+			//
+			mac.Init(new ParametersWithIV(key, ivBytes));
+
+			mac.BlockUpdate(input, 0, input.Length);
+
+			//outBytes = mac.DoFinal();
+			outBytes = new byte[mac.GetMacSize()];
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output2))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(output2) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			//
+			// CFB mac with IV - 8 bit CFB mode
+			//
+			mac = MacUtilities.GetMac("DESMac/CFB8");
+
+			mac.Init(new ParametersWithIV(key, ivBytes));
+
+			mac.BlockUpdate(input, 0, input.Length);
+
+			//outBytes = mac.DoFinal();
+			outBytes = new byte[mac.GetMacSize()];
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output3))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(output3) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			//
+			// ISO9797 algorithm 3 using DESEDE
+			//
+			key = new DesEdeParameters(keyBytesISO9797);
+
+			mac = MacUtilities.GetMac("ISO9797ALG3");
+
+			mac.Init(key);
+
+			mac.BlockUpdate(inputISO9797, 0, inputISO9797.Length);
+
+			//outBytes = mac.DoFinal();
+			outBytes = new byte[mac.GetMacSize()];
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, outputISO9797))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(outputISO9797) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			//
+			// 64bit DESede Mac
+			//
+			key = new DesEdeParameters(keyBytesISO9797);
+
+			mac = MacUtilities.GetMac("DESEDE64");
+
+			mac.Init(key);
+
+			mac.BlockUpdate(inputDesEDE64, 0, inputDesEDE64.Length);
+
+			//outBytes = mac.DoFinal();
+			outBytes = new byte[mac.GetMacSize()];
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, outputDesEDE64))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(outputDesEDE64) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			aliasTest(
+				ParameterUtilities.CreateKeyParameter("DESede", keyBytesISO9797),
+				"DESedeMac64withISO7816-4Padding",
+				"DESEDE64WITHISO7816-4PADDING",
+				"DESEDEISO9797ALG1MACWITHISO7816-4PADDING",
+				"DESEDEISO9797ALG1WITHISO7816-4PADDING");
+
+			aliasTest(
+				ParameterUtilities.CreateKeyParameter("DESede", keyBytesISO9797),
+				"ISO9797ALG3WITHISO7816-4PADDING",
+				"ISO9797ALG3MACWITHISO7816-4PADDING");
+		}
+
+		public override string Name
+		{
+			get { return "Mac"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new MacTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/MqvTest.cs b/crypto/test/src/test/MqvTest.cs
new file mode 100644
index 000000000..ef36e1a23
--- /dev/null
+++ b/crypto/test/src/test/MqvTest.cs
@@ -0,0 +1,99 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class MqvTest
+		: SimpleTest
+	{
+		public override string Name
+		{
+			get { return "MQV"; }
+		}
+
+		public override void PerformTest()
+		{
+			TestECMqv();
+		}
+
+		[Test]
+		public void TestECMqv()
+		{
+			IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECMQV");
+
+//			EllipticCurve curve = new EllipticCurve(
+//				new ECFieldFp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839")), // q
+//				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+//				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+			ECCurve curve = new FpCurve(
+				new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
+				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+
+			ECDomainParameters ecSpec = new ECDomainParameters(
+				curve,
+//				ECPointUtil.DecodePoint(curve, Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
+				curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
+				new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"), // n
+				BigInteger.One); //1); // h
+
+//			g.initialize(ecSpec, new SecureRandom());
+			g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom()));
+			
+			//
+			// U side
+			//
+			AsymmetricCipherKeyPair U1 = g.GenerateKeyPair();
+			AsymmetricCipherKeyPair U2 = g.GenerateKeyPair();
+			
+			IBasicAgreement uAgree = AgreementUtilities.GetBasicAgreement("ECMQV");
+			uAgree.Init(new MqvPrivateParameters(
+				(ECPrivateKeyParameters)U1.Private,
+				(ECPrivateKeyParameters)U2.Private,
+				(ECPublicKeyParameters)U2.Public));
+			
+			//
+			// V side
+			//
+			AsymmetricCipherKeyPair V1 = g.GenerateKeyPair();
+			AsymmetricCipherKeyPair V2 = g.GenerateKeyPair();
+
+			IBasicAgreement vAgree = AgreementUtilities.GetBasicAgreement("ECMQV");
+			vAgree.Init(new MqvPrivateParameters(
+				(ECPrivateKeyParameters)V1.Private,
+				(ECPrivateKeyParameters)V2.Private,
+				(ECPublicKeyParameters)V2.Public));
+			
+			//
+			// agreement
+			//
+			BigInteger ux = uAgree.CalculateAgreement(new MqvPublicParameters(
+				(ECPublicKeyParameters)V1.Public,
+				(ECPublicKeyParameters)V2.Public));
+			BigInteger vx = vAgree.CalculateAgreement(new MqvPublicParameters(
+				(ECPublicKeyParameters)U1.Public,
+				(ECPublicKeyParameters)U2.Public));
+
+			if (!ux.Equals(vx))
+			{
+				Fail("Agreement failed");
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new MqvTest());
+		}
+	}
+}
diff --git a/crypto/test/src/test/NamedCurveTest.cs b/crypto/test/src/test/NamedCurveTest.cs
new file mode 100644
index 000000000..e90c049cf
--- /dev/null
+++ b/crypto/test/src/test/NamedCurveTest.cs
@@ -0,0 +1,394 @@
+using System;
+using System.Collections;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class NamedCurveTest
+		: SimpleTest
+	{
+//		private static readonly Hashtable CurveNames = new Hashtable();
+//		private static readonly Hashtable CurveAliases = new Hashtable();
+//
+//		static NamedCurveTest()
+//		{
+//			CurveNames.Add("prime192v1", "prime192v1"); // X9.62
+//			CurveNames.Add("sect571r1", "sect571r1"); // sec
+//			CurveNames.Add("secp224r1", "secp224r1");
+//			CurveNames.Add("B-409", SecNamedCurves.GetName(NistNamedCurves.GetOid("B-409")));   // nist
+//			CurveNames.Add("P-521", SecNamedCurves.GetName(NistNamedCurves.GetOid("P-521")));
+//			CurveNames.Add("brainpoolp160r1", "brainpoolp160r1");         // TeleTrusT
+//
+//			CurveAliases.Add("secp192r1", "prime192v1");
+//			CurveAliases.Add("secp256r1", "prime256v1");
+//		}
+
+		private static ECDomainParameters GetCurveParameters(
+			string name)
+		{
+			ECDomainParameters ecdp = ECGost3410NamedCurves.GetByName(name);
+
+			if (ecdp != null)
+				return ecdp;
+
+            X9ECParameters ecP = X962NamedCurves.GetByName(name);
+
+			if (ecP == null)
+            {
+                ecP = SecNamedCurves.GetByName(name);
+                if (ecP == null)
+                {
+					ecP = NistNamedCurves.GetByName(name);
+					if (ecP == null)
+					{
+						ecP = TeleTrusTNamedCurves.GetByName(name);
+
+						if (ecP == null)
+							throw new Exception("unknown curve name: " + name);
+					}
+				}
+            }
+
+			return new ECDomainParameters(ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed());
+		}
+
+		public void doTestCurve(
+			string name)
+		{
+//			ECGenParameterSpec ecSpec = new ECGenParameterSpec(name);
+			ECDomainParameters ecSpec = GetCurveParameters(name);
+
+			IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECDH");
+
+//			g.initialize(ecSpec, new SecureRandom());
+			g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom())); 
+
+			//
+			// a side
+			//
+			AsymmetricCipherKeyPair aKeyPair = g.GenerateKeyPair();
+
+//			KeyAgreement aKeyAgree = KeyAgreement.getInstance("ECDHC");
+			IBasicAgreement aKeyAgree = AgreementUtilities.GetBasicAgreement("ECDHC");
+
+			aKeyAgree.Init(aKeyPair.Private);
+
+			//
+			// b side
+			//
+			AsymmetricCipherKeyPair bKeyPair = g.GenerateKeyPair();
+
+//			KeyAgreement bKeyAgree = KeyAgreement.getInstance("ECDHC");
+			IBasicAgreement bKeyAgree = AgreementUtilities.GetBasicAgreement("ECDHC");
+
+			bKeyAgree.Init(bKeyPair.Private);
+
+			//
+			// agreement
+			//
+//			aKeyAgree.doPhase(bKeyPair.Public, true);
+//			bKeyAgree.doPhase(aKeyPair.Public, true);
+//
+//			BigInteger k1 = new BigInteger(aKeyAgree.generateSecret());
+//			BigInteger k2 = new BigInteger(bKeyAgree.generateSecret());
+			BigInteger k1 = aKeyAgree.CalculateAgreement(bKeyPair.Public);
+			BigInteger k2 = bKeyAgree.CalculateAgreement(aKeyPair.Public);
+
+			if (!k1.Equals(k2))
+			{
+				Fail("2-way test failed");
+			}
+
+			//
+			// public key encoding test
+			//
+//			byte[]              pubEnc = aKeyPair.Public.getEncoded();
+			byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(aKeyPair.Public).GetDerEncoded();
+
+//			KeyFactory          keyFac = KeyFactory.getInstance("ECDH");
+//			X509EncodedKeySpec  pubX509 = new X509EncodedKeySpec(pubEnc);
+//			ECPublicKey         pubKey = (ECPublicKey)keyFac.generatePublic(pubX509);
+			ECPublicKeyParameters pubKey = (ECPublicKeyParameters) PublicKeyFactory.CreateKey(pubEnc);
+
+//			if (!pubKey.getW().Equals(((ECPublicKey)aKeyPair.Public).getW()))
+			if (!pubKey.Q.Equals(((ECPublicKeyParameters)aKeyPair.Public).Q))
+			{
+				Fail("public key encoding (Q test) failed");
+			}
+
+			// TODO Put back in?
+//			if (!(pubKey.getParams() is ECNamedCurveSpec))
+//			{
+//				Fail("public key encoding not named curve");
+//			}
+
+			//
+			// private key encoding test
+			//
+//			byte[]              privEnc = aKeyPair.Private.getEncoded();
+			byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(aKeyPair.Private).GetDerEncoded();
+
+//			PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
+//			ECPrivateKey        privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8);
+			ECPrivateKeyParameters privKey = (ECPrivateKeyParameters) PrivateKeyFactory.CreateKey(privEnc);
+
+//			if (!privKey.getS().Equals(((ECPrivateKey)aKeyPair.Private).getS()))
+			if (!privKey.D.Equals(((ECPrivateKeyParameters)aKeyPair.Private).D))
+			{
+				Fail("private key encoding (S test) failed");
+			}
+
+			// TODO Put back in?
+//			if (!(privKey.getParams() is ECNamedCurveSpec))
+//			{
+//				Fail("private key encoding not named curve");
+//			}
+//
+//			ECNamedCurveSpec privSpec = (ECNamedCurveSpec)privKey.getParams();
+//			if (!(privSpec.GetName().Equals(name) || privSpec.GetName().Equals(CurveNames.get(name))))
+//			{
+//				Fail("private key encoding wrong named curve. Expected: "
+//					+ CurveNames[name] + " got " + privSpec.GetName());
+//			}
+		}
+
+		public void doTestECDsa(
+			string name)
+		{
+//			ECGenParameterSpec ecSpec = new ECGenParameterSpec(name);
+			ECDomainParameters ecSpec = GetCurveParameters(name);
+
+			IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
+
+//			g.initialize(ecSpec, new SecureRandom());
+			g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom())); 
+
+			ISigner sgr = SignerUtilities.GetSigner("ECDSA");
+			AsymmetricCipherKeyPair pair = g.GenerateKeyPair();
+			AsymmetricKeyParameter sKey = pair.Private;
+			AsymmetricKeyParameter vKey = pair.Public;
+
+			sgr.Init(true, sKey);
+
+			byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
+
+			sgr.BlockUpdate(message, 0, message.Length);
+
+			byte[] sigBytes = sgr.GenerateSignature();
+
+			sgr.Init(false, vKey);
+
+			sgr.BlockUpdate(message, 0, message.Length);
+
+			if (!sgr.VerifySignature(sigBytes))
+			{
+				Fail(name + " verification failed");
+			}
+
+			//
+			// public key encoding test
+			//
+//			byte[]              pubEnc = vKey.getEncoded();
+			byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(vKey).GetDerEncoded();
+
+//			KeyFactory          keyFac = KeyFactory.getInstance("ECDH");
+//			X509EncodedKeySpec  pubX509 = new X509EncodedKeySpec(pubEnc);
+//			ECPublicKey         pubKey = (ECPublicKey)keyFac.generatePublic(pubX509);
+			ECPublicKeyParameters pubKey = (ECPublicKeyParameters) PublicKeyFactory.CreateKey(pubEnc);
+
+//			if (!pubKey.getW().Equals(((ECPublicKey)vKey).getW()))
+			if (!pubKey.Q.Equals(((ECPublicKeyParameters)vKey).Q))
+			{
+				Fail("public key encoding (Q test) failed");
+			}
+
+			// TODO Put back in?
+//			if (!(pubKey.Parameters is ECNamedCurveSpec))
+//			{
+//				Fail("public key encoding not named curve");
+//			}
+
+			//
+			// private key encoding test
+			//
+//			byte[]              privEnc = sKey.getEncoded();
+			byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(sKey).GetDerEncoded();
+
+//			PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
+//			ECPrivateKey        privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8);
+			ECPrivateKeyParameters privKey = (ECPrivateKeyParameters) PrivateKeyFactory.CreateKey(privEnc);
+
+//			if (!privKey.getS().Equals(((ECPrivateKey)sKey).getS()))
+			if (!privKey.D.Equals(((ECPrivateKeyParameters)sKey).D))
+			{
+				Fail("private key encoding (D test) failed");
+			}
+
+			// TODO Put back in?
+//			if (!(privKey.Parameters is ECNamedCurveSpec))
+//			{
+//				Fail("private key encoding not named curve");
+//			}
+//
+//			ECNamedCurveSpec privSpec = (ECNamedCurveSpec)privKey.getParams();
+//			if (!privSpec.GetName().EqualsIgnoreCase(name)
+//				&& !privSpec.GetName().EqualsIgnoreCase((string) CurveAliases[name]))
+//			{
+//				Fail("private key encoding wrong named curve. Expected: " + name + " got " + privSpec.GetName());
+//			}
+		}
+
+		public void doTestECGost(
+			string name)
+		{
+//			ECGenParameterSpec ecSpec = new ECGenParameterSpec(name);
+			ECDomainParameters ecSpec = GetCurveParameters(name);
+
+			IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECGOST3410");
+
+//			g.initialize(ecSpec, new SecureRandom());
+			g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom())); 
+
+			ISigner sgr = SignerUtilities.GetSigner("ECGOST3410");
+			AsymmetricCipherKeyPair pair = g.GenerateKeyPair();
+			AsymmetricKeyParameter sKey = pair.Private;
+			AsymmetricKeyParameter vKey = pair.Public;
+
+			sgr.Init(true, sKey);
+
+			byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
+
+			sgr.BlockUpdate(message, 0, message.Length);
+
+			byte[] sigBytes = sgr.GenerateSignature();
+
+			sgr.Init(false, vKey);
+
+			sgr.BlockUpdate(message, 0, message.Length);
+
+			if (!sgr.VerifySignature(sigBytes))
+			{
+				Fail(name + " verification failed");
+			}
+
+			// TODO Get this working?
+//			//
+//			// public key encoding test
+//			//
+////			byte[]              pubEnc = vKey.getEncoded();
+//			byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(vKey).GetDerEncoded();
+//
+////			KeyFactory          keyFac = KeyFactory.getInstance("ECGOST3410");
+////			X509EncodedKeySpec  pubX509 = new X509EncodedKeySpec(pubEnc);
+////			ECPublicKey         pubKey = (ECPublicKey)keyFac.generatePublic(pubX509);
+//			ECPublicKeyParameters pubKey = (ECPublicKeyParameters) PublicKeyFactory.CreateKey(pubEnc);
+//
+////			if (!pubKey.getW().equals(((ECPublicKey)vKey).getW()))
+//			if (!pubKey.Q.Equals(((ECPublicKeyParameters)vKey).Q))
+//			{
+//				Fail("public key encoding (Q test) failed");
+//			}
+
+			// TODO Put back in?
+//			if (!(pubKey.Parameters is ECNamedCurveSpec))
+//			{
+//				Fail("public key encoding not named curve");
+//			}
+
+			// TODO Get this working?
+//			//
+//			// private key encoding test
+//			//
+////			byte[]              privEnc = sKey.getEncoded();
+//			byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(sKey).GetDerEncoded();
+//
+////			PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
+////			ECPrivateKey        privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8);
+//			ECPrivateKeyParameters privKey = (ECPrivateKeyParameters) PrivateKeyFactory.CreateKey(privEnc);
+//
+////			if (!privKey.getS().Equals(((ECPrivateKey)sKey).getS()))
+//			if (!privKey.D.Equals(((ECPrivateKeyParameters)sKey).D))
+//			{
+//				Fail("GOST private key encoding (D test) failed");
+//			}
+
+			// TODO Put back in?
+//			if (!(privKey.Parameters is ECNamedCurveSpec))
+//			{
+//				Fail("GOST private key encoding not named curve");
+//			}
+//
+//			ECNamedCurveSpec privSpec = (ECNamedCurveSpec)privKey.getParams();
+//			if (!privSpec.getName().equalsIgnoreCase(name)
+//				&& !privSpec.getName().equalsIgnoreCase((String)CURVE_ALIASES[name]))
+//			{
+//				Fail("GOST private key encoding wrong named curve. Expected: " + name + " got " + privSpec.getName());
+//			}
+		}
+
+		public override string Name
+		{
+			get { return "NamedCurve"; }
+		}
+	    
+		public override void PerformTest()
+		{
+			doTestCurve("prime192v1"); // X9.62
+			doTestCurve("sect571r1"); // sec
+			doTestCurve("secp224r1");
+			doTestCurve("B-409");   // nist
+			doTestCurve("P-521");
+			doTestCurve("brainpoolp160r1");    // TeleTrusT
+
+			foreach (string name in X962NamedCurves.Names)
+			{
+				doTestECDsa(name);
+			}
+
+			foreach (string name in SecNamedCurves.Names)
+			{
+				doTestECDsa(name);
+			}
+
+			foreach (string name in TeleTrusTNamedCurves.Names)
+			{
+				doTestECDsa(name);
+			}
+
+			foreach (string name in ECGost3410NamedCurves.Names)
+			{
+				doTestECGost(name);
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new NamedCurveTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/NistCertPathTest.cs b/crypto/test/src/test/NistCertPathTest.cs
new file mode 100644
index 000000000..0f42e24d0
--- /dev/null
+++ b/crypto/test/src/test/NistCertPathTest.cs
@@ -0,0 +1,5192 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Pkix;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class NistCertPathTest
+		: SimpleTest
+	{
+		/*
+		* These tests are taken from the NIST X.509 Validation Test Suite
+		* available at: http://csrc.nist.gov/pki/testing/x509paths.html
+		*
+		* Only the relevant certificate and crl data has been kept, in order
+		* to keep the class size to a minimum.
+		*
+		*/
+		private const string TEST_POLICY_1 = "2.16.840.1.101.3.1.48.1";
+		private const string TEST_POLICY_2 = "2.16.840.1.101.3.1.48.2";
+		private const string TEST_POLICY_3 = "2.16.840.1.101.3.1.48.3";
+		private const string TEST_POLICY_4 = "2.16.840.1.101.3.1.48.4";
+		private const string TEST_POLICY_5 = "2.16.840.1.101.3.1.48.5";
+
+		private static ISet ANY;
+		private static ISet TP1;
+		private static ISet TP2;
+		private static ISet TP3;
+		private static ISet TP4;
+		private static ISet TP1_TP2;
+
+		static NistCertPathTest()
+		{
+			ANY = new HashSet();
+
+			TP1 = new HashSet();
+			TP1.Add(TEST_POLICY_1);
+
+			TP2 = new HashSet();
+			TP2.Add(TEST_POLICY_2);
+
+			TP3 = new HashSet();
+			TP3.Add(TEST_POLICY_3);
+
+			TP4 = new HashSet();
+			TP4.Add(TEST_POLICY_4);
+
+			TP1_TP2 = new HashSet();
+			TP1_TP2.Add(TEST_POLICY_1);
+			TP1_TP2.Add(TEST_POLICY_2);
+		}
+
+		/*
+		 *  FIELDS
+		 */
+		private X509CertificateParser certParser = new X509CertificateParser();
+		private X509CrlParser crlParser = new X509CrlParser();
+
+		private X509Certificate trustedCert;
+		private X509Crl trustedCRL;
+		private ISet trustedSet;
+		private int testCount;
+		private IList testFail;
+		private StringBuilder resultBuf;
+
+		public override string Name
+		{
+			get { return "NistCertPathTest"; }
+		}
+
+		public override void PerformTest()
+		{
+			Init();
+
+			Test(" 1", TEST_1_DATA, true, false);
+			Test(" 2", TEST_2_DATA, false, false);
+			Test(" 3", TEST_3_DATA, false, false);
+			Test(" 4", TEST_4_DATA, true, false);
+			Test(" 5", TEST_5_DATA, false, false);
+			Test(" 6", TEST_6_DATA, false, false);
+			Test(" 7", TEST_7_DATA, true, false);
+			Test(" 8", TEST_8_DATA, false, false);
+			Test(" 9", TEST_9_DATA, false, false);
+
+			Test("10", TEST_10_DATA, false, false);
+			Test("11", TEST_11_DATA, false, false);
+			Test("12", TEST_12_DATA, true, false);
+			Test("13", TEST_13_DATA, false, false);
+			Test("14", TEST_14_DATA, false, false);
+			Test("15", TEST_15_DATA, true, false);
+			Test("16", TEST_16_DATA, true, false);
+			Test("17", TEST_17_DATA, true, false);
+			Test("18", TEST_18_DATA, true, false);
+			Test("19", TEST_19_DATA, false, false);
+
+			Test("20", TEST_20_DATA, false, false);
+			Test("21", TEST_21_DATA, false, false);
+			Test("22", TEST_22_DATA, false, false);
+			Test("23", TEST_23_DATA, false, false);
+			Test("24", TEST_24_DATA, true, false);
+			Test("25", TEST_25_DATA, false, false);
+			Test("26", TEST_26_DATA, true, false);
+			Test("27", TEST_27_DATA, true, false);
+			Test("28", TEST_28_DATA, false, false);
+			Test("29", TEST_29_DATA, false, false);
+
+			Test("30", TEST_30_DATA, true, false);
+			Test("31", TEST_31_DATA, false, false);
+			Test("32", TEST_32_DATA, false, false);
+			Test("33", TEST_33_DATA, true, false);
+
+			Test("34a", TEST_34_DATA, ANY, true, true, false);
+			Test("34b", TEST_34_DATA, ANY, false, true, false);
+			Test("34c", TEST_34_DATA, TP1, true, true, false);
+			Test("34d", TEST_34_DATA, TP1, false, true, false);
+			Test("34e", TEST_34_DATA, TP2, true, false, false);
+			Test("34f", TEST_34_DATA, TP2, false, true, false);
+
+			Test("35a", TEST_35_DATA, false, true, false);
+			Test("35b", TEST_35_DATA, true, false, false);
+
+			Test("36a", TEST_36_DATA, false, true, false);
+			Test("36b", TEST_36_DATA, true, false, false);
+
+			Test("37a", TEST_37_DATA, false, true, false);
+			Test("37b", TEST_37_DATA, true, false, false);
+
+			Test("38a", TEST_38_DATA, false, true, false);
+			Test("38b", TEST_38_DATA, true, false, false);
+
+			Test("39a", TEST_39_DATA, ANY, true, true, false);
+			Test("39b", TEST_39_DATA, ANY, false, true, false);
+			Test("39c", TEST_39_DATA, TP1, true, true, false);
+			Test("39d", TEST_39_DATA, TP1, false, true, false);
+			Test("39e", TEST_39_DATA, TP2, true, false, false);
+			Test("39f", TEST_39_DATA, TP2, false, true, false);
+
+			Test("40a", TEST_40_DATA, false, true, false);
+			Test("40b", TEST_40_DATA, true, false, false);
+
+			Test("41a", TEST_41_DATA, false, true, false);
+			Test("41b", TEST_41_DATA, true, false, false);
+
+			Test("42a", TEST_42_DATA, false, true, false);
+			Test("42b", TEST_42_DATA, true, false, false);
+
+			Test("43a", TEST_43_DATA, false, true, false);
+			Test("43b", TEST_43_DATA, true, false, false);
+
+			Test("44a", TEST_44_DATA, false, true, false);
+			Test("44b", TEST_44_DATA, true, false, false);
+
+			Test("45a", TEST_45_DATA, false, false, false);
+			Test("45b", TEST_45_DATA, true, false, false);
+
+			Test("46a", TEST_46_DATA, ANY, false, true, false);
+			Test("46b", TEST_46_DATA, ANY, true, true, false);
+			Test("46c", TEST_46_DATA, TP1, true, true, false);
+			Test("46d", TEST_46_DATA, TP1, false, true, false);
+			Test("46e", TEST_46_DATA, TP2, true, false, false);
+			Test("46f", TEST_46_DATA, TP2, false, false, false);
+
+			Test("47a", TEST_47_DATA, false, false, false);
+			Test("47b", TEST_47_DATA, true, false, false);
+
+			Test("48a", TEST_48_DATA, TP1, false, true, false);
+			Test("48b", TEST_48_DATA, TP1, true, true, false);
+			Test("48c", TEST_48_DATA, ANY, false, true, false);
+			Test("48d", TEST_48_DATA, ANY, true, true, false);
+			Test("48e", TEST_48_DATA, TP2, false, true, false);
+			Test("48f", TEST_48_DATA, TP2, true, false, false);
+
+			Test("49a", TEST_49_DATA, TP1, false, true, false);
+			Test("49b", TEST_49_DATA, TP1, true, true, false);
+			Test("49c", TEST_49_DATA, TP3, false, true, false);
+			Test("49d", TEST_49_DATA, TP3, true, false, false);
+			Test("49e", TEST_49_DATA, ANY, false, true, false);
+			Test("49f", TEST_49_DATA, ANY, true, true, false);
+
+			Test("50a", TEST_50_DATA, TP1, false, true, false);
+			Test("50b", TEST_50_DATA, TP1, true, true, false);
+			Test("50c", TEST_50_DATA, TP1_TP2, false, true, false);
+			Test("50d", TEST_50_DATA, TP1_TP2, true, true, false);
+			Test("50e", TEST_50_DATA, ANY, false, true, false);
+			Test("50f", TEST_50_DATA, ANY, true, true, false);
+
+			Test("51a", TEST_51_DATA, false, true, false);
+			Test("51b", TEST_51_DATA, true, false, false);
+
+			Test("52a", TEST_52_DATA, TP1, false, true, false);
+			Test("52b", TEST_52_DATA, TP1, true, false, false);
+			Test("52c", TEST_52_DATA, TP1_TP2, false, true, false);
+			Test("52d", TEST_52_DATA, TP1_TP2, true, false, false);
+			Test("52e", TEST_52_DATA, ANY, false, true, false);
+			Test("52f", TEST_52_DATA, ANY, true, true, false);
+
+			Test("53a", TEST_53_DATA, TP1, false, true, false);
+			Test("53b", TEST_53_DATA, TP1, true, true, false);
+			Test("53c", TEST_53_DATA, TP1_TP2, false, true, false);
+			Test("53d", TEST_53_DATA, TP1_TP2, true, true, false);
+			Test("53e", TEST_53_DATA, TP4, false, true, false);
+			Test("53f", TEST_53_DATA, TP4, true, false, false);
+			Test("53g", TEST_53_DATA, ANY, false, true, false);
+			Test("53h", TEST_53_DATA, ANY, true, true, false);
+
+			Test("54", TEST_54_DATA, false, false);
+			Test("55", TEST_55_DATA, false, false);
+			Test("56", TEST_56_DATA, true, false);
+			Test("57", TEST_57_DATA, true, false);
+			Test("58", TEST_58_DATA, false, false);
+			Test("59", TEST_59_DATA, false, false);
+
+			Test("60", TEST_60_DATA, false, false);
+			Test("61", TEST_61_DATA, false, false);
+			Test("62", TEST_62_DATA, true, false);
+			Test("63", TEST_63_DATA, true, false);
+			Test("64", TEST_64_DATA, false, false);
+			Test("65", TEST_65_DATA, false, false);
+			Test("66", TEST_66_DATA, false, false);
+			Test("67", TEST_67_DATA, true, false);
+			Test("68", TEST_68_DATA, false, false);
+			Test("69", TEST_69_DATA, false, false);
+
+			Test("70", TEST_70_DATA, false, false);
+			Test("71", TEST_71_DATA, false, false);
+			Test("72", TEST_72_DATA, false, false);
+			Test("73", TEST_73_DATA, false, false);
+			Test("74", TEST_74_DATA, true, false);
+			Test("75", TEST_75_DATA, false, false);
+			Test("76", TEST_76_DATA, false, false);
+
+			resultBuf.Append("NISTCertPathTest -- Failed: ");
+			resultBuf.Append(testFail.Count).Append('/').Append(testCount).Append("\n");
+
+			if (testFail.Count != 0)
+			{
+				resultBuf.Append("\n");
+				Fail(resultBuf.ToString());
+			}
+		}
+
+		private void Init()
+		{
+			try
+			{
+				trustedCert = certParser.ReadCertificate(Base64.Decode(Trust_Anchor_CP_01_01_crt));
+				trustedCRL = crlParser.ReadCrl(Base64.Decode(Trust_Anchor_CRL_CP_01_01_crl));
+				trustedSet = new HashSet();
+
+				byte[] _ncBytes = null;
+				Asn1OctetString _oct = trustedCert.GetExtensionValue(X509Extensions.NameConstraints);
+				if (_oct != null)
+				{
+					_ncBytes = _oct.GetOctets();
+				}
+
+				trustedSet.Add(new TrustAnchor(trustedCert, _ncBytes));
+				testCount = 0;
+				testFail = new ArrayList();
+				resultBuf = new StringBuilder("\n");
+			}
+			catch (Exception ex)
+			{
+				throw new Exception(ex.Message);
+			}
+		}
+
+		private X509Certificate DecodeCertificate(string _str)
+		{
+			return certParser.ReadCertificate(Base64.Decode(_str));
+		}
+
+		private X509Crl DecodeCRL(string _str)
+		{
+			return crlParser.ReadCrl(Base64.Decode(_str));
+		}
+
+		private void MakeCertStore(string[] _strs, out IX509Store certStore, out IX509Store crlStore)
+		{
+			ArrayList certs = new ArrayList();
+			ArrayList crls = new ArrayList();
+			crls.Add(trustedCRL);
+
+			for (int i = 0; i < _strs.Length; i++)
+			{
+				if (_strs[i].StartsWith("MIIC"))
+				{
+					certs.Add(certParser.ReadCertificate(Base64.Decode(_strs[i])));
+				}
+				else if (_strs[i].StartsWith("MIIB"))
+				{
+					crls.Add(crlParser.ReadCrl(Base64.Decode(_strs[i])));
+				}
+				else
+				{
+					throw new ArgumentException("Invalid certificate or crl");
+				}
+			}
+
+			// Insert elements backwards to muck up forward ordering dependency
+//            IList _vec2 = new ArrayList();
+//            for (int i = _vec.Count - 1; i >= 0; i--)
+//            {
+//                _vec2.Add(_vec[i]);
+//            }
+			certs.Reverse();
+			crls.Reverse();
+
+			certStore = X509StoreFactory.Create("Certificate/Collection",
+				new X509CollectionStoreParameters(certs));
+			crlStore = X509StoreFactory.Create("CRL/Collection",
+				new X509CollectionStoreParameters(crls));
+		}
+
+		private void Test(string _name, string[] _data, bool _accept,
+			bool _debug)
+		{
+			Test(_name, _data, null, false, _accept, _debug);
+		}
+
+		private void Test(string _name, string[] _data, bool _explicit,
+			bool _accept, bool _debug)
+		{
+			Test(_name, _data, null, _explicit, _accept, _debug);
+		}
+
+		private void Test(string _name, string[] _data, ISet _ipolset,
+			bool _explicit, bool _accept, bool _debug)
+		{
+			testCount++;
+			bool _pass = true;
+
+			try
+			{
+//				CertPathBuilder _cpb = CertPathBuilder.GetInstance("PKIX");
+				PkixCertPathBuilder _cpb = new PkixCertPathBuilder();
+
+				X509Certificate _ee = DecodeCertificate(_data[_data.Length - 1]);
+				X509CertStoreSelector _select = new X509CertStoreSelector();
+				_select.Subject = _ee.SubjectDN;
+
+				IX509Store certStore, crlStore;
+				MakeCertStore(_data, out certStore, out crlStore);
+
+				PkixBuilderParameters _param = new PkixBuilderParameters(
+					trustedSet, _select);
+				_param.IsExplicitPolicyRequired = _explicit;
+				_param.AddStore(certStore);
+				_param.AddStore(crlStore);
+				_param.IsRevocationEnabled = true;
+
+				if (_ipolset != null)
+				{
+					_param.SetInitialPolicies(_ipolset);
+				}
+
+				PkixCertPathBuilderResult _result = _cpb.Build(_param);
+
+				if (!_accept)
+				{
+					_pass = false;
+					testFail.Add(_name);
+				}
+			}
+			catch (Exception)
+			{
+				if (_accept)
+				{
+					_pass = false;
+					testFail.Add(_name);
+				}
+			}
+
+			resultBuf.Append("NISTCertPathTest -- ").Append(_name).Append(": ")
+				.Append(_pass ? "\n" : "Failed.\n");
+		}
+
+		/*
+		 *  Trust Anchor
+		 *
+		 */
+		public const string Trust_Anchor_CP_01_01_crt =
+			"MIICbDCCAdWgAwIBAgIDAYafMA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNVBAYTAlVTMRgwFg" +
+			"YDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEQMA4GA1UECxMHVGVzdGlu" +
+			"ZzEVMBMGA1UEAxMMVHJ1c3QgQW5jaG9yMB4XDTk5MDEwMTEyMDEwMFoXDTQ4MDEwMTEyMD" +
+			"EwMFowXjELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UE" +
+			"CxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5nMRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANPzucEztz+nJ/ZBHVyceZ2q0pUQt4TO2qPlWAw+" +
+			"TotWvz6qIS1QE/7zGS56yxHP89O4X1efnZeArx2VVxLfNNS9865N53ymINQETtpjYT49Ko" +
+			"03z8U8yfn68DlIBHi9sN31JEYzoUafF58Eu883lAwTQ6qQrJF4HbrzGIQqgitHAgMBAAGj" +
+			"ODA2MBEGA1UdDgQKBAirmuv5wudUjzAMBgNVHRMEBTADAQH/MBMGA1UdIwQMMAqACKua6/" +
+			"nC51SPMA0GCSqGSIb3DQEBBQUAA4GBABZWD2Gsh4tP62QSG8OFWUpo4TulIcFZLpGsaP4T" +
+			"/2Nt7lXUoIJMN7wWjqkmYf5/Rvo4HxNcimq3EkeYcrm1VoDueJUYGvRjcCY5mxkghI27Yl" +
+			"/fLKE9/BvQOrvYzBs2EqKrrT7m4VK0dRMR7CeVpmPP08z0Tti6uK2tzBplp1pF";
+		public const string Trust_Anchor_CRL_CP_01_01_crl =
+			"MIIBbzCB2QIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDFRydXN0IEFuY2hvchcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAiMCACAS" +
+			"cXDTk5MDEwMTEyMDAwMFowDDAKBgNVHRUEAwoBAaAjMCEwCgYDVR0UBAMCAQEwEwYDVR0j" +
+			"BAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEFBQADgYEAC7lqZwejJRW7QvzH11/7cYcL3r" +
+			"acgMxH3PSU/ufvyLk7ahR++RtHary/WeCvRdyznLiIOA8ZBiguWtVPqsNysNn7WLofQIVa" +
+			"+/TD3T+lece4e1NwGQvj5Q+e2wRtGXg+gCuTjTKUFfKRnWz7O7RyiJKKim0jtAF4RkCpLe" +
+			"bNChY=";
+
+
+		/*
+		 *  test1
+		 *
+		 */
+
+		public const string End_Certificate_CP_01_01_crt =
+			"MIIChjCCAe+gAwIBAgIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDEuMDEwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMY07G8M4FkOvF+6LpO7BKcDuXCKudfl1+bKSowj" +
+			"2GCza8uIiMfYSH5k+fYb43lGQeRh9yVHcfNQlE7yfGo3tgxGv5yWpeKvDMqL8Iy6Q0oIjm" +
+			"qH80ZOz21dUkermcckzTEOfe/R2fNpJPv8M24pq29SdYAqu+CpLDHFtws9O+q1AgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIrNv88bwFLtIwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEFBQADgYEAK4hP" +
+			"goWtZbHf6qWfRfmrPrz9hDH1644NrJop2Y7MXzuTtpo1zp4NCG4+ii0CSOfvhugc8yOmq3" +
+			"I6olgE0V16VtC5br2892UHYZ55Q4oQ9BWouVVlOyY9rogOB160BnsqBELFhT0Wf6mnbsdD" +
+			"G+BB5fFyeK61aYDWV84kS7cSX5w=";
+		public readonly string[] TEST_1_DATA = new string[]
+		{
+			End_Certificate_CP_01_01_crt,
+		};
+
+		/*
+		 *  test2
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_01_02_crt =
+			"MIIClTCCAf6gAwIBAgIBAjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAxLjAyMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDWOZ4hk+K6NX/l+OiHC4pfKCWFt+XM2n/TxwkqY+mt" +
+			"j9Co77rPPPtVA7mDKU4OiYT74mIWH52HQBZr+PRmOFh0Z9S1oTpLbxNLCDc6OmQKBo6iex" +
+			"SIt/jOatFFmzmTZ78Kq9s3nfrOVA83ggmPDTPkuG5GwcxPgFq0vRmAJ0CESQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQI5o5Am09NlOYwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEA3C7Ye5/Te14LIwo/LK2fnpobbQA3dhOn5UgqZ8lKbQ/HV1D8/eU9dK" +
+			"2v5gW43XvFq4whK0WKLBvBFchKtp9T1QX3CI2WCqdJRyqla6TkQsS36T17/ww2nzy1853Y" +
+			"hfDYNsge5XW8YZNfNjjVxcR3RnyFxPax1YIlISiGdI0dnag=";
+		public const string Intermediate_CRL_CP_01_02_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1DUC4wMS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI5o5Am09NlOYwDQYJKoZIhvcNAQEFBQADgYEAl26W" +
+			"g1Gqq3R93XPjghABVocfeIi8zcSJ0YAKqbifh5V3JCC8Piy19GzZdL244GqBDls44IAhKj" +
+			"YuXN2mSohdqwULbye4agAgfl37XhhwsBDTYwaJiv3njFQ6Ml7KJ3STmoIpmlLvrXibDuHX" +
+			"ocuNGo72ckhOdBpXd+PhgGuoTis=";
+		public const string End_Certificate_CP_01_02_crt =
+			"MIIChjCCAe+gAwIBAgIBAzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1DUC4wMS4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDEuMDIwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALwJrZT6bJXQnZzc3socZ/mNsEag4BTdym99ZCP2" +
+			"3PGsTCfV2z7+p4DehIFrn/N/a1d1nvyqRqpQGPU86tl1CWgFtXS+zCctDR71P76bjd6yef" +
+			"5vxxdO/SBIRHfQTjM8F3BTLkrC+PVl5wbaLcEXRORXrFvBvsj0oqwZ4C8ZObh/AgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIf5mSjuNhs/gwEwYDVR0jBAwwCoAI5o5Am09NlOYwDQYJKoZIhvcNAQEFBQADgYEAK7wd" +
+			"MyLlIZ/Qsqj3/A3Gat0d5BORtFTZH0VdlVVOWN1JCZxrnjeIFB92NNzUROemxgBxzneuWN" +
+			"SlYlcpTk25pAbs6RMdbT8dovKQkQkF2TXeQ+4qktFaLQntVT8UsEzHR4Diw0/gH8tseGqF" +
+			"F7FyiW8ni6zInSO+embUKiibj9I=";
+		public readonly string[] TEST_2_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_01_02_crt,
+			Intermediate_CRL_CP_01_02_crl,
+			End_Certificate_CP_01_02_crt
+		};
+
+		/*
+		 *  test3
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_01_03_crt =
+			"MIIClTCCAf6gAwIBAgIBBDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAxLjAzMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC4RZ0R82sA+BfyynFeoIDG7c5IlZ8HorEv+O4Ij3Oy" +
+			"7FR1MB4no8hDEBPBf5fCrAR/8PVxCZjVj2HOwnSAqUQgxo6WPcmkabux12k8kK6yeKq3b7" +
+			"u5fL6tb7eKElQzsz8Je4z4rCDkI10vV+X0VZ5Ip/Es428dw2KoN8eyGmw3+QIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIz08WhMpG2JswEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAQ+iqlFvbvDejO/m+RCHh2UuUau1FuABObkPOu2Tv9yTWvTSWDRygdO" +
+			"LQRiOLsjgrdXPdbDutVGjllBoTN8cdz3SWjCpampg5TBikArxmNEYMDQvL6n2lkUcetRJR" +
+			"gQ7TYLvFj9+SycKXfM5CUXAyCfcU/QwDghhZgc99AuDZtJc=";
+		public const string Intermediate_CRL_CP_01_03_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1DUC4wMS4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIz08WhMpG2JswDQYJKoZIhvcNAQEFBQADgYEAoyO/" +
+			"xcpJ0Obj4rTXhHFd7XMzslt79njkEgdwnon9BaYB3xSmkEXCMwLMurrjVYKaB6SWAiPeUv" +
+			"G7ScDHJE6UFVJwIt4vP/M7gTOJ7uak33aWi9e5DeIuLqE6pFqTGu+uoBkkd82SHg2GhJhZ" +
+			"VXDtJ3UcO/3JQPbslc02s9HiRBg=";
+		public const string End_Certificate_CP_01_03_crt =
+			"MIIChjCCAe+gAwIBAgIBBTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1DUC4wMS4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDEuMDMwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANAD1vQj//4BGEXW1Q7HX/AUyFJFyHoYcvg5y4u/" +
+			"8Sj6okriXj3knnBKDiJLpKfcsO5p5MQS5QzAc+lxErXD+duiw8lm61hj0StsRzhDFsaC1g" +
+			"akjzU70R2Tmz/djUnqO3aa2wICc4NVAXnIMMsH/b6XXFZpC0/C32TPTv9aa9mrAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIPw2wltiRqz4wEwYDVR0jBAwwCoAIz08WhMpG2JswDQYJKoZIhvcNAQEFBQADgYEAln42" +
+			"iR3eHyazF8CRjS9Jnas/26MaBtjUyDtcSjTVDWFlccwrQ7TgtzjkNm9fCmgSyvryDnUYGM" +
+			"DoEjwYNLIgtCAkVIEBTmJvlqiPHH+tV5oJvIav+Fn8okHpuuK44umDcdKiFWlOyxrShxzV" +
+			"3Bez/eHklaPTw/VsVhyh+Uru5zM=";
+		public readonly string[] TEST_3_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_01_03_crt,
+			Intermediate_CRL_CP_01_03_crl,
+			End_Certificate_CP_01_03_crt
+		};
+
+		/*
+		 *  test4
+		 *
+		 */
+		public const string Intermediate_Certificate_1_CP_02_01_crt =
+			"MIIClTCCAf6gAwIBAgIBBjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05OTAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAyLjAxMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC/lQLtWKzklgYuzhjMiK2CzFmzODsEY/JIVNdn9T8M" +
+			"W4ufpGwnfIV62EUHCFeMYydKBm8Hyjbjrz1otINJmrGL5WSAX1/UPtHy1chgXOsFYD6nAH" +
+			"jZAJJGw74nUbKw5+L1wUHU8qXABaaTrRpS1UdKSq4TCZ18NCjC4Oxcf/yDdQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQINsJcxaBqdugwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAOQP3iUX7FtJlL9nvu4F+8o/N5vr+OB28OsbYtW+Q1FzEfjkUGtT9Ri" +
+			"teradpN/xUnS/oj3BfqFtNANkYKrBeqRtm2VeOC3kdCVFnWFME2aoRAQZbWvOwCFc3yLA7" +
+			"JBdENtDNI54yYHMHPA4/2CuNQq1Iu1ektAS95DIe7ddxL18=";
+		public const string Intermediate_Certificate_2_CP_02_01_crt =
+			"MIIClTCCAf6gAwIBAgIBBzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1DUC4wMi4wMTAeFw05OTAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLUNQLjAyLjAxMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCx/mIo1Ma/IN8OR7KOjclvIwsv0JFXD/T258DruDZU" +
+			"uGoYiEbAc/ZN7R8OHI7dnv9pBfsvyEl7m2DVoLZnP0eXJTHjdZxb1TwPHoSIysi9u3xWlP" +
+			"Rg+v+GGfKLB9pL0m8SZh97SngerZI14w7vQy0kkXziGatSpBoXtWNmsHJNuQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIoI0mSmDmzZUwEwYDVR0jBAwwCoAINsJcxaBqdugwDQYJKoZI" +
+			"hvcNAQEFBQADgYEAcfs1pH12Qwdhv4NOJO2xxgMZZo8+A9Zl9c7RxsvuoZOOyCxoE9wT/l" +
+			"PdUpGoGxtIPoWQs1qXEXnAlXJCXjLCJUHIG1/E6gQUXW0Ty6Ztpc5Dz06pPTN2gt+41B3J" +
+			"sL/Klqc4iyCaWr8sYgEPQ8nColWRmIwk9gAasPNkNhyxA3Y=";
+		public const string Intermediate_CRL_1_CP_02_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1DUC4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAINsJcxaBqdugwDQYJKoZIhvcNAQEFBQADgYEAlBaV" +
+			"VfrZqvyRhGXNYFik169nBHiNfKpw8k1YgFAQeNYdmfScq1KHmKzDhsx9kQteczBL7ltviK" +
+			"TN3CKlZW82c16mfd4yYx0l5tkU80lwKCHSUzx92+qrvYjSMup+bqSsi8JhqByBf6b0JbKf" +
+			"yx53Vpw1OCzjxrVHcfHPx8Q/vR4=";
+		public const string Intermediate_CRL_2_CP_02_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1DUC4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIoI0mSmDmzZUwDQYJKoZIhvcNAQEFBQADgYEAhAHP" +
+			"QxpcrTTN0GXeOwoMXuQUoHMvezEpM0BYOVLzI3KbRXWa9iWZINr99cRQvonMtOGkhIH3iS" +
+			"wSNbsjmF9HX5UvNzrofOWataVP+macpCuNlK0NS3xxJjKRWOB9C1Ib7tiSSrQqIPcchlF6" +
+			"vofy2ALEL6Usa1UTVYMhzGYnVZU=";
+		public const string End_Certificate_CP_02_01_crt =
+			"MIIChjCCAe+gAwIBAgIBCDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMi1DUC4wMi4wMTAeFw05OTAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDIuMDEwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOzYq2murB5ZjQd4wReI51Lc1F5VwK90OMGRfi71" +
+			"YvwdRjgCudeDXZGW5ayid82y+eTDKFSzo1Li/BPTUXMpeqHHMCmLeefqxAWmz3aDoilF8I" +
+			"Q53PlejnXJdntsal44w6WdP6ssiXlwzcZDnobAfuDTPgsnWWfzAkr1/LqEw/QZAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIP5tVdEyxotcwEwYDVR0jBAwwCoAIoI0mSmDmzZUwDQYJKoZIhvcNAQEFBQADgYEAkVx9" +
+			"S/20Hir8qMnfMpMGTgMKoVeWoljxim83IkNs1Xqe1oLGHdyDUA66uF8wPkoTqGrfDYvgBa" +
+			"5Mi0iJREnMWoiWvCe467+L1b2gtvRBMl9bcRj40bvelk0Wn4lBl3VuKXarP5M0PKT5OWvN" +
+			"2cPLNeXHvV6ZIrC4rmK2ISpIXX4=";
+		public readonly string[] TEST_4_DATA = new string[]
+		{
+			Intermediate_Certificate_1_CP_02_01_crt,
+			Intermediate_Certificate_2_CP_02_01_crt,
+			Intermediate_CRL_1_CP_02_01_crl,
+			Intermediate_CRL_2_CP_02_01_crl,
+			End_Certificate_CP_02_01_crt
+		};
+
+		/*
+		 *  test5
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_02_02_crt =
+			"MIIClTCCAf6gAwIBAgIBCTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw00NzAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAyLjAyMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDHJmlRKb+mjc61iiqGe9gx/VUMLNmGrXGRYKMmYSxO" +
+			"Q5sGLoztd2XtEgtZEPwvzd9KLKGP3XmgTrc4BGohqoFoG9Qb+w2ZGFwVC22GpeSoXc+J2u" +
+			"2t3uRKYgboHpB0Jk42XLy+2wSEtS+/er7cFu2ufdPsvT4J1AqiuZSco96vtQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIBvoP1E6PGiMwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAmOyFq2vZrUNDVWRcyzYvZhs1uQ4zgXtfqnPE0V19RgaYffCrSCI86z" +
+			"5kyDUyZwbGABMxBaVxEw536MesyDTdZdEVw6lN5RRtxr8/WEiSH6oI6t0xNxuNOkSNpz4d" +
+			"28HA4UfUvtXK8RK2YZnPAd6UXsRUPBPXKEpzy4v/9RyihSg=";
+		public const string Intermediate_CRL_CP_02_02_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1DUC4wMi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIBvoP1E6PGiMwDQYJKoZIhvcNAQEFBQADgYEAALlA" +
+			"f3IDWexcdkMQHWTdGeFe+bG5dBvVPL5ZyQUw9DWbLwrjw/Jm4v9t+HLjETLSymsFT4bW21" +
+			"OwnEiAAdaKT96k5t+sTyU5QQ6HL/jRXLHLGdCQgMFCglm5iNqaCLIFoMAVCaFkYtFUE3m/" +
+			"iVt+319JOh5UyshMuWrAEW0IGGQ=";
+		public const string End_Certificate_CP_02_02_crt =
+			"MIIChjCCAe+gAwIBAgIBCjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1DUC4wMi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDIuMDIwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL/Src6e8qXwL+KJs5+v+JsakZdSDqMAFJUMfA2O" +
+			"OO2TIqcvDFHzqesX+G+28MUwy6++ux07CD3FCaapgzBN4zO4RfKcamxFReKMKcEvNVVCOO" +
+			"wO4Lvku1Sad14oYyGLOMzZwZFjRp8paaz5g87k70EOPBLeDlFMcch36czw53sLAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIPoHc2Sfk6XUwEwYDVR0jBAwwCoAIBvoP1E6PGiMwDQYJKoZIhvcNAQEFBQADgYEAFHhm" +
+			"o6QRFdO1x1wp7Jb1QQAlChFfP8MrGVNK04Ur8f+wfkwIypTDifJ0AoFpjcM3Ohu9Ixvb9q" +
+			"3kCSIWKDnWtDWw1/dN8mPL5If5gGqPA0+wRbUKVKvduOg7hKr4mWjKw7oYiaJuIIoN9RRZ" +
+			"ejzltd0NEaODNPW/JaKeQUVgZbY=";
+		public readonly string[] TEST_5_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_02_02_crt,
+			Intermediate_CRL_CP_02_02_crl,
+			End_Certificate_CP_02_02_crt
+		};
+
+		/*
+		 *  test6
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_02_03_crt =
+			"MIIClTCCAf6gAwIBAgIBCzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAyLjAzMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCaJ7NcOvb22F6HjMF1R/AORa4+pKFfFfd9teXPpVWC" +
+			"9InTq+alY11QaSj27Qg0znOIItmf2W/8Dub9sjnbg+SgAkoV5+CAkplodRNC8AbD4x8rh/" +
+			"fioQ8lb0Qb4Dn9I0n2wjOgitmMRdE2uW4uwVpH52vsMyenbDVxVI7jA4NS/wIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIC2T+/BkG93AwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEApr6kDXVY5jYt23wC9n3LmhoxDoWh8cBQxcWmr1wpVxIrCbaP0/y00a" +
+			"29wbewKfucUoh/W2OfjNcohjpKRrnVmOpi5vN7SmbZIHaxbKLzyQ7JwF17aznyCSZVrGpF" +
+			"A/S49T5rlCm8KDBcc2ym7gRJzwUApbC0Wws4Pg46czrpQlg=";
+		public const string Intermediate_CRL_CP_02_03_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1DUC4wMi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIC2T+/BkG93AwDQYJKoZIhvcNAQEFBQADgYEAlBFY" +
+			"vPxhFYsjFOIfQkd7MwKIi7vgPgoWTP5f+QlI0ison5n4N3rYJv31hTZRRRP99JZce1hY6J" +
+			"Qiv1OtkpG7VfQIhr0FAGxTNaJD6F6rLbGjG8cap4+VibFQf5gZv0XQcyW4akYiRqSXImYn" +
+			"NVlNyaxiJja+5GA9XVqvWOjjz4o=";
+		public const string End_Certificate_CP_02_03_crt =
+			"MIIChjCCAe+gAwIBAgIBDDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1DUC4wMi4wMzAeFw00NzAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDIuMDMwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMlW6FOLwhRsKZM6p0ww4QEWjQzjpjYhKnz3BnLw" +
+			"SdGZqMe4wzZnDWc/0eyDOMCSYXIWQhlDMqQn2zCVPbDKzMRkdEeRSvE6ghhYP/hn3ipjSw" +
+			"D8QwaqofCp0sFkbDPke+xD2tMhLdUyNKynPjpSQmYtfoA98PD7so3cSAtrYuSDAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIc/X6kp7teCQwEwYDVR0jBAwwCoAIC2T+/BkG93AwDQYJKoZIhvcNAQEFBQADgYEAStub" +
+			"g3DzhJgzYO+ZmRc0acldZGwZFm6F1Ckc1JzQDgVHU0bnCANgBcJj49UV2MwbNKPQdVzdwo" +
+			"c91rfwrSY/PrvVQ9tUonZ28y/esFRBAdJTLf4u++p/gI3vfCvEXa5xVTIz1Hc+iKzAGKrI" +
+			"cveDHy3ZZluQ3J6tbHs2BhnQFXM=";
+		public readonly string[] TEST_6_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_02_03_crt,
+			Intermediate_CRL_CP_02_03_crl,
+			End_Certificate_CP_02_03_crt
+		};
+
+		/*
+		 *  test7
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_02_04_crt =
+			"MIIClTCCAf6gAwIBAgIBDTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAyLjA0MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDgZy2Xs5pIoJrT7GuagmKLrn8F9rj8p8w2wELorGhM" +
+			"1HJMVOurH+o+y6RXd0oMGJkKNrhjEnbHKm3PBYiLgpCjVEcFNhQF1OOxJ7RdahvA9ifsuw" +
+			"jV1TxTGq35jeaJYASRXb2TiNfzuPWSVm0MWr5zz+YB6NNuvjxwEBgZvNiV8QIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIWAOnkHkwSVkwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAMiHozz92EOhSXU/krwQVs0GNEWoAUH3LHt70Zr01dFzEF6QhA/wUa4" +
+			"+V4XwbMob+q4zGnTHj+tL9ChGWi3NDGELQ4cN64OMPsToGKkepLy+sDwdm9LaUP1bDvPxd" +
+			"v2hjlskJ7TEu4+6ltXSG/k36Jk8C0/I/ayNGbYcEcLyes3s=";
+		public const string Intermediate_CRL_CP_02_04_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1DUC4wMi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIWAOnkHkwSVkwDQYJKoZIhvcNAQEFBQADgYEAVtCi" +
+			"IocktnWOwWiaOc7tTUJvvH5+IYVyB/XhmMhF7cDbL292gyrnuh1+3+lHwZQBPoF9kzF0vt" +
+			"WaweG7mDvYKxENQODdph/VcnypgUiFTWRTIPB1ZXfCTMWYf2QSalpHRDR4vVsqF748QbcG" +
+			"E9mbzvLUz6NDA+Vf8wEwZehqSDM=";
+		public const string End_Certificate_CP_02_04_crt =
+			"MIIChjCCAe+gAwIBAgIBDjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1DUC4wMi4wNDAeFw01MDAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDIuMDQwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALBX5GIQtvwswWwMDDPnphIk1rJSbcq7iClXLM2E" +
+			"kgvBu+hbOzb0v9mtl0KJB71TWJCfwceVQiXc3Gk+YduujAbZRVTkROf9UOWD9bfrI7g+52" +
+			"g4ms2n7evCO33b+kGEf4I014xl8dJDWtHK9Bhr+569RW9TzO06IeVeTD7whxMXAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIuKXv5WkUTWAwEwYDVR0jBAwwCoAIWAOnkHkwSVkwDQYJKoZIhvcNAQEFBQADgYEAiu0B" +
+			"yR5Ru8qVsgRqkOpCvrJnkqBAImbbR6+BUYH0juRxxKzKnbFOjU6a9WvkKpEBB8Q2xLynPN" +
+			"68ecLpnOynx3xj2sWWSVbsRKPy0iOesQblKrq3yHAm4lhzoWA8t1Xz29Ko1WxylDhyxGpR" +
+			"QAWsyGVCfJFlsZE0ibw3erlWTnA=";
+		public readonly string[] TEST_7_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_02_04_crt,
+			Intermediate_CRL_CP_02_04_crl,
+			End_Certificate_CP_02_04_crt
+		};
+
+		/*
+		 *  test8
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_02_05_crt =
+			"MIIClTCCAf6gAwIBAgIBDzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAyLjA1MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC2d80bD1RounqjKizkZJYPFUuVWZQ8W2nZDkEp8qR9" +
+			"fRWCAGOZGs84tgHj5gasmxy1mxJc9ogyQ2mcZhJRitRm5LVNuGevO6JmfqYtJxbW54aZGE" +
+			"5AWSRXqjJKJEih4VmPjA3vjQaSZSZJnu0DSnO82qWfu1ZUDlvIG6dfKJWRQQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQI3uNhI+QuI4owEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAG/+Rpk8dYrSFdaEO8Ch5tuvvKTOMi7W/DRA4B4xR7WyRJmosPB+37c" +
+			"teGKVzqFND22Xc8xQH/b/nxYW08sCSLAfN0cRusoSWwWSRtPO2f9fyC/BqCy2B2kQLFNPM" +
+			"Bk22jNFwLqPUeZn1UHN05RFAqVx325kpl2m1V7tw/mrXATI=";
+		public const string Intermediate_CRL_CP_02_05_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1DUC4wMi4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI3uNhI+QuI4owDQYJKoZIhvcNAQEFBQADgYEAWZUI" +
+			"2VGY4pak0kICONP/CKvamYFs5txJfR69AC5tEJ+Fy3PmSeHkLUZf/oc9d8EEyr0MsIjRHj" +
+			"N4X4MquMlk4FflZcc8GblQK8LdXBK4Dy1SiXHA5GB3U1AmgzAzEQGwGRZnzWP5+rJ65upX" +
+			"vksAYyPQmruRM0O5sElctPn6B+Y=";
+		public const string End_Certificate_CP_02_05_crt =
+			"MIICiDCCAfGgAwIBAgIBEDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1DUC4wMi4wNTAgGA8yMDUwMDEwMTEyMDEwMFoXDTQ4MDEwMTEyMD" +
+			"EwMFowYDELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UE" +
+			"CxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5nMRcwFQYDVQQDEw5Vc2VyMS1DUC4wMi4wNTCBnz" +
+			"ANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAviLKpW4iblWNLQfmBJJ+ruMgygmjRWfoFGya" +
+			"Ndv2ma0Ugqm5xXq8c0orbnezwSp+tnzZZhG5KDNZr5+z3krCkqOGGzuUvVLqeJxPOLu7Js" +
+			"y472nAA7+FhwfZrXUI+Vg9F4qF+Ye81ivDrYVAEmalCpCyHOAKdvwkwQjRucifu90CAwEA" +
+			"AaNSMFAwDgYDVR0PAQH/BAQDAgXgMBYGA1UdIAQPMA0wCwYJYIZIAWUDATABMBEGA1UdDg" +
+			"QKBAjgph7BA5L7dzATBgNVHSMEDDAKgAje42Ej5C4jijANBgkqhkiG9w0BAQUFAAOBgQBr" +
+			"MDMv9NWCTIQ3blMEqPiEyjiBhSJl88Cu797P4lIn+gc6E+0vZp61X7B2k5CHgsnxyVLK5e" +
+			"bwl0bYAPKwRI9yzHLrj71RNw8HA7PCRPn1GNrtBBbIpLE0/sqLo51UPu/377+CnzYhIycL" +
+			"tvS0KDLUTDSY/OowDcplF6Xwnt8cUQ==";
+		public readonly string[] TEST_8_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_02_05_crt,
+			Intermediate_CRL_CP_02_05_crl,
+			End_Certificate_CP_02_05_crt
+		};
+
+		/*
+		 *  test9
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_03_01_crt =
+			"MIIClTCCAf6gAwIBAgIBETANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw0wMDAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAzLjAxMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCuF8mub5cgUYZytrRjJ5Rhc2fgazGxWIj6EIKzeSpo" +
+			"FwScItRX9KxnTIXEBTguBk7eQUsbN8yu49/Mlq45EAnemyZRBWzLFLYLPCco7pyTsWm7Ps" +
+			"2FAGJ3vE9pC9xaZC+KrwF3Ho+DZNDwhj5InXTP8pChAIPfB8/7V/2mk0lN0wIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQI4mI6Ojs0onswEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAMVGzU6f4YOHpHla+YuGCjHOUZYrA9J25G3UFFoPr2JZEG+Fb5hRQUh" +
+			"4S1qUQKXn6dpVua+qTJDk3Tg2N8OdIHG/gy0hvYHsxhLCSDQBsfPN7p3FClM7r/VHOqgAN" +
+			"vzT+KYvxx6gwn6O+n7ERkrBIfkyrGFhnmjx3+VOCc9P4SDE=";
+		public const string Intermediate_CRL_CP_03_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1DUC4wMy4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI4mI6Ojs0onswDQYJKoZIhvcNAQEFBQADgYEAfwYf" +
+			"4kAG4srB2VxWimJs1HwXTaPDooellQclZ5hP/EluT7oe03+ReFef6uXbHt/xRdeaoQhJGy" +
+			"SP8dWf6UIbL82oaSYqChIvAZD6zTMavEgSET0PlUsK1aEMTpMEtKPvedFSOTNBaMNvMzSW" +
+			"t5xwurn63qyXTOxHf4m2L4w8+i0=";
+		public const string End_Certificate_CP_03_01_crt =
+			"MIIChjCCAe+gAwIBAgIBEjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1DUC4wMy4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDMuMDEwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ/ALaZ+MdNxKDH49+7jUm+17DII5QQEfjk8IaEU" +
+			"syApOhsByOG06HPItiBEnnfDDxU5kjsZDtw/9LlouBocNXAJt+ZmL3QYyOgeH4SQ4f21rw" +
+			"7j8fw57gUkP5oWhEc0loXr/hB92hoKbsBoRpv8F1zPZcPNLUnyUzqLH5+CeIibAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QI822isg/wPCowEwYDVR0jBAwwCoAI4mI6Ojs0onswDQYJKoZIhvcNAQEFBQADgYEAilIn" +
+			"OD0iQrLrHRkO4zr9S9VXAJXJV3l9wfbLBweXM3q/zt4HGKBw4Wq1Yn+AfDxXrBtJA5hP5e" +
+			"d7CDd4eM93yeKozdZCLNZfUM8sJ2/MRh07tvwJ19e2STklED8b/ndmr5my8H8jjJDaaYww" +
+			"qTSnXqpcqsUsj+kV4Mk0DvVWT3w=";
+		public readonly string[] TEST_9_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_03_01_crt,
+			Intermediate_CRL_CP_03_01_crl,
+			End_Certificate_CP_03_01_crt
+		};
+
+		/*
+		 *  test10
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_03_02_crt =
+			"MIIClTCCAf6gAwIBAgIBEzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAzLjAyMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC4AbP8gDUUcIa8w4pEsGgbYH2sz08QMUXd4xwx691i" +
+			"9QCcyWSovQO4Jozeb9JwtyN2+f3T+JqZL/gwUHuLO2IEXpzE2C8FzQg6Ma+TiSrlvGJfec" +
+			"TlSooFmEtD3Xh6I6N5PM1fpyyY2sOOhARN5S6qR9BOuxkBAqrAT0fgqD2TswIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQI97nJCqq6+kIwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAWwpfh9oOOvj9xHS0zcczaUIHTkpjgk09I+pERlu0Z0+rHvpZGge4Ov" +
+			"NDFtMc4TgthGcydbIwiKogjtGBM2/sNHIO2jcpNeOtNKLxrzD4Y0Ve164kXBu9Mmsxx4sG" +
+			"7XUXZWgiOPfu/HmyPVdzbIReJdQO515SNx7JdgVyUkyhBxM=";
+		public const string Intermediate_CRL_CP_03_02_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1DUC4wMy4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI97nJCqq6+kIwDQYJKoZIhvcNAQEFBQADgYEAC9Hv" +
+			"NevV6/Oz3wcgEbDgZYRKJRdr4OW4Es7R4ahjz3sH6GXZ1HiEjx2+frmp8LMshQ4D+hpjRk" +
+			"drSPko1M4a/fQCYxbonZ0xjpYw067dwLmr56+GPJAxkzcSmFKXx+ejyQpG+9+qCR+zm98V" +
+			"lop6besAaGUjZKnYShIQOfNzDZk=";
+		public const string End_Certificate_CP_03_02_crt =
+			"MIIChjCCAe+gAwIBAgIBFDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1DUC4wMy4wMjAeFw05ODAxMDExMjAxMDBaFw0wMDAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDMuMDIwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMJMiW+G4bgoRaYz2OUu/+PQ/yp4JgFOB3Vegf5/" +
+			"vIrF4gsnoQxOCCsO5JTLrbS5fi3COjvM5w9/SZpNHtSfyWb9afmx4DdrT1bNjma7I6PCid" +
+			"yxMzX4iTLeaMRnqBk4A+/0Wf2+4VzCqr8aViIiQ7u2JfZiTQ4dZxDoUW6G8lrbAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIEjny2GzFXGQwEwYDVR0jBAwwCoAI97nJCqq6+kIwDQYJKoZIhvcNAQEFBQADgYEAJw3T" +
+			"3aL3pYbZhswgshOvJ9Y1qv65R6rClSxB5lqBw6+Qki4ZpW57NK8LwaGS03XzDUPaDi4/9R" +
+			"hGCHpP24fIskS4n4jNZgKpGtt6VEVorUH7cOLNCw2cuwMlKbkyZnNdx2JqTMMlHzNJ3cmy" +
+			"aX3F70IY0OZbwCKdUo/uMVC6hss=";
+		public readonly string[] TEST_10_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_03_02_crt,
+			Intermediate_CRL_CP_03_02_crl,
+			End_Certificate_CP_03_02_crt
+		};
+
+		/*
+		 *  test11
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_03_03_crt =
+			"MIIClTCCAf6gAwIBAgIBFTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAzLjAzMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCjLYKGKEMJgC/r0NH7vubQZ5qPEFEEN6QdLUWWqf/O" +
+			"Yqo9hboQq6S8dFHp3DVR5x/4NOdNRjsTABbXsnz8U+L7+4CorhDhXj29weGMYIIfJ3XSIb" +
+			"T7sE/GOPmXeGhrTv2zucI1j80sN5nTEoiGFm10LQqAgoyV46BxDltf3/D7wwIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIhCIOyzfScpAwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAA18kQijoJebmTQS7n/q/fQx2iblOJaJAWQLHeGCCGqKxCjUpOxuD+y" +
+			"xMspmTKdQqEkqQ5vpHdFYQ5MYuecqAdp6woWUNQGVd4HHPmHsAW3Oppwb0yLggYs8IVHjm" +
+			"dNO1pYb+YYciCKBtX8D1OnedIRcrQmDMJUjbfmAEv/4b0EM=";
+		public const string Intermediate_CRL_CP_03_03_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1DUC4wMy4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIhCIOyzfScpAwDQYJKoZIhvcNAQEFBQADgYEAk34j" +
+			"SxMr8p1h1qJWlfoh4er9pu1AkkHujovan6Ctx89VwFdOS5Kw82OCvD+nmJAHrFuncNlClf" +
+			"51G8FCEAFLhMNwic4WAxrBX15hcUTaWk8Wj00dfUFwjG8/Kv3QUCDBN8f3KC8/oBeORRX9" +
+			"dHW5ei2IUKuD1ITCeIoyRDBxQIg=";
+		public const string End_Certificate_CP_03_03_crt =
+			"MIIChjCCAe+gAwIBAgIBFjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1DUC4wMy4wMzAeFw05ODAxMDExMjAxMDBaFw01MDA3MDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDMuMDMwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALSw1Ey7kzFzzjMS4oTSrZH/95NMHLxtUSaVGMCy" +
+			"0q2iLfGZ79eTS9megQUranYlIuK411yvFtskbFKf0idMKBtM8nX3Rxubm5EnbnpgvNrBEg" +
+			"0FbOPqpSaR+8pxZ6lweB45tkzLU3OZeAZSpGOY1UvT/htn6Ae8JQAVajSvYyfNAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIF014kOHikvcwEwYDVR0jBAwwCoAIhCIOyzfScpAwDQYJKoZIhvcNAQEFBQADgYEAdLMM" +
+			"zGPPvBLgPbhn2tba/7HiaZaayHIxTXmpW0KAhP+8hwapOitrtLGPwqVtxQ3GoSMZJPMDCV" +
+			"WsrT3OZm27G6ytqqNZ2ZO49UC7WwQ49TVlN79Ui9RZIBnRzlMIDNKsyuohfSRhFZTkWdoH" +
+			"/y8ulY8k4xBThV8e8IRgtYj3nhc=";
+		public readonly string[] TEST_11_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_03_03_crt,
+			Intermediate_CRL_CP_03_03_crl,
+			End_Certificate_CP_03_03_crt
+		};
+
+		/*
+		 *  test12
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_03_04_crt =
+			"MIIClTCCAf6gAwIBAgIBFzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAzLjA0MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDbUii3czeUQ2zNlxvrhnJ0LcBGxCDHFr3xx+plDg3f" +
+			"uasDKCY/VjCLEfQ5a2oqcovvGKsd2CPXbCFJtimW1R7Dvt+a0y95fppsdseorYDikiBlOj" +
+			"ja6LR3Cz3bslYc133C+W/MKHMJ0tdvtTk+SJrq7lqs+iv/b/xHC3k/gDjIswIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIFNw3o1kc4XkwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAn/pr7/noYyjXSKEe/eLk3l4Rb6PEhNAnzySmxGkjIjWKAgh5IVYSGV" +
+			"KFO/FaNOiYkRFHwXZFNj71q7gbM+HwALurN0Mr/MUA1TSpPy7YhFL0SWq3C3XsC/dVJ50b" +
+			"HmTW+dGcxboX0h9HeKFxp3VyOY/dUut2oc+s/TnmqQII1CU=";
+		public const string Intermediate_CRL_CP_03_04_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1DUC4wMy4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIFNw3o1kc4XkwDQYJKoZIhvcNAQEFBQADgYEAMoJ5" +
+			"jGE1AxxfluixG8Sk7H4W2rqSEkQyNHfnlKSMbh9KZA3evI8HGKGGfkbBNoe4/HauZ4NVFw" +
+			"FXgllCp+TI8Qd+HafFoDv6ff1K7T86p6r7tE3AEM1XmbnfohP3/ivpIzustv/f2rqjxILK" +
+			"Ldvrth2/OlNygwY+D54lcWH1DX8=";
+		public const string End_Certificate_CP_03_04_crt =
+			"MIICiDCCAfGgAwIBAgIBGDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1DUC4wMy4wNDAgFw05ODAxMDExMjAxMDBaGA8yMDUwMDEwMTEyMD" +
+			"EwMFowYDELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UE" +
+			"CxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5nMRcwFQYDVQQDEw5Vc2VyMS1DUC4wMy4wNDCBnz" +
+			"ANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuSL9tB1JW6JPUO2Xw6TMYkPX41lru3EPyYko" +
+			"YgXy4giy6LGoqbgtskHehD22v3rfWjqOd9iV2PBio/vYE4zEz0H0n84dpnBvog6A1AlE19" +
+			"PkQ1txjzIA52FQIRwRfZ38LaulQEfJ0a+fiRHQiM960O3YvHXV+GEbNcw4jo8b0sUCAwEA" +
+			"AaNSMFAwDgYDVR0PAQH/BAQDAgXgMBYGA1UdIAQPMA0wCwYJYIZIAWUDATABMBEGA1UdDg" +
+			"QKBAh9/WgM+UT6bTATBgNVHSMEDDAKgAgU3DejWRzheTANBgkqhkiG9w0BAQUFAAOBgQDR" +
+			"I6PKUGg876/fSljtqxXCR4CoGAAurNFOcM4EWeoc6ZvuDOi3P7rNYiYAXXlmp7epOAgvZP" +
+			"EV4vS16ODaJO6qIMR1YsaGEPo0ecT2pEStvP37X6pb5TdyjyKYF3586IN6TJdFMFsW/Lqg" +
+			"tucl9bGlWmfTVwxTexq6+D8diK48KQ==";
+		public readonly string[] TEST_12_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_03_04_crt,
+			Intermediate_CRL_CP_03_04_crl,
+			End_Certificate_CP_03_04_crt
+		};
+
+		/*
+		 *  test13
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_04_01_crt =
+			"MIIClTCCAf6gAwIBAgIBGTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA0LjAxMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC5UJ+KMj8tAmzr3OGYL2gSFcNTf8ik+ZVxlaPVGHyS" +
+			"KjYQBAEbefhfg5Ps2aIuqBwYkbtFXuHif5GEhgObA4InCyESeRjYLGcVMqwSZzAOFAR0dP" +
+			"1LzgzQs3ZgG9JX5MO5wEZ8IMnVN4Otu4XIlWSgIpUNS2vyet8Zi7t9fX+JewIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIOZvfph4Uu9YwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAXMyscmGpKSLG3hQltMQLegy0+g5wzgOrbFOWxZmiVNR+zSsHDD3UAH" +
+			"H4SyTozlooC0jAY4yAhZ5RX6SSJKx9fHsOZD9ldCmst14qLk3pkI+M0QiPBZkVTx5/7dR2" +
+			"wGkuNKSVWH6woOq7BbEzpO7xMlrUr6tgHt4Dc6Evt1pVZls=";
+		public const string Intermediate_CRL_CP_04_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1DUC4wNC4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIOZvfph4Uu9YwDQYJKoZIhvcNAQEFBQADgYEAe79z" +
+			"iEUgP/mvouJ9ufit1y4SjnHQWik75W65eGn/XGArRrBqJ8jZVJE4/rpDBbzm2V0hQoWU8z" +
+			"zchZFlesUyqQZ9KUlT0YGR0YPcNw/V+58RonWWfmU3M2DvWDrXgCOXPm61+AYq4+kTowsG" +
+			"0stmeML6NxjDzWpfAgI/MpXqe80=";
+		public const string End_Certificate_CP_04_01_crt =
+			"MIIChjCCAe+gAwIBAgIBGjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1DUC45OS45OTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDQuMDEwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPiAZKXPjK8jvaNj34VynyKPK7dQtFysBPKFW5Y1" +
+			"Bc+OMsyd2pPpQoJYcQTMMomlAqoBvSXUJCMNly/BxVuvn7l6I9crtx6PjBBUlEzdcsscaa" +
+			"EaHuCCVl+Msnr66cSV3GqVGAhujun81+lyurcTEog3ftsohwbQnfA76qNU/N3/AgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIJZPDbf2xNv8wEwYDVR0jBAwwCoAIOZvfph4Uu9YwDQYJKoZIhvcNAQEFBQADgYEAZf4L" +
+			"1RDHDXwwA2CgcIhM4CAfZ72CR2zOan0at38VVFB3u9vs4VLwFcrOQCIjDbdLijc0XWLima" +
+			"4vCD1qrsv6Hk5+6113HfFNmD8mp6X5jAwoNPa/I4kmFOA8iIm4TTk7M75vQyCQTPG0VzbU" +
+			"Nu3uwTbXKm5ME9C5MFMf7z347CM=";
+		public readonly string[] TEST_13_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_04_01_crt,
+			Intermediate_CRL_CP_04_01_crl,
+			End_Certificate_CP_04_01_crt
+		};
+
+		/*
+		 *  test14
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_04_02_crt =
+			"MIIClTCCAf6gAwIBAgIBGzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA0LjAyMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCteErspc5ekSOel/wmjn/XQ0HUy4XzxB5Zj0nGn9FD" +
+			"PbjF2LERCHOn5aBnIMHYhyr7PDynwbvSx2egzGC6wGe9Zrri1MteirQ9Ppw7062IIleloy" +
+			"UAiuwvD+s0npKsvboarQsCMfOB1hOB1tGG1bjXP6B5B187SZXuR3KawggyJwIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIUjnGp96itUMwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAR6fmN+9p5AWy/asEAiVBnbY9q7EQXyB8WuZK9FtFmupe3hlfcTq84E" +
+			"A+TGvXOlNr05/1iLRv82GsWXDif7DlGVPN8CS1+0kb5Ve8Pmv2ziiWVREqWx916ioPjDRp" +
+			"wvdGcCNC26+fyvv5TrP8uzojurl1ZlVRRqi2sIbopVX5r8w=";
+		public const string Intermediate_CRL_CP_04_02_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1DUC4wNC4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIUjnGp96itUMwDQYJKoZIhvcNAQEFBQADgYEAZkXJ" +
+			"aJG4QDE02wFURwaxWuv2VyD7m+N/2B0/9KR+6UKVpsMd2XHq+G3SlFOa6dA/fHUdhtUs2D" +
+			"gpx3SfQYbcgKFrryZHqJDK230eP3F41S9g5XJTRaNR5iZvxvh4bmSf4l6a5MXsKEoBoJoT" +
+			"j8cU4qg6j7Xk4NpIR1JbWiSIYQc=";
+		public const string End_Certificate_CP_04_02_crt =
+			"MIIChjCCAe+gAwIBAgIBHDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MRAwDgYDVQQLEwdUZXN0aW5nMQwwCgYDVQQLEwNEb0Qx" +
+			"FTATBgNVBAMTDENBMS1DUC4wNC4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDQuMDIwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALM7mfq+hpLfvQdqZUJfIx/2gFcgHS2AsgZn0An+" +
+			"Yn61WtG8K2+lt/a8aypa/q+J93RVkRYKWKFQcJHiRgx7DMlXElVnfQbSFuLX46ng4hqmQL" +
+			"sSOKmXDld2BlyMZ41B3rfdhJT8P12RMR6uAwvc9CH3b0UTcsc498Kj+JeaRbzxAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIo7S64S6t5nswEwYDVR0jBAwwCoAIUjnGp96itUMwDQYJKoZIhvcNAQEFBQADgYEApNT5" +
+			"Y+9Jc28m5Qwjm+/8SKk83iCPnIW3BsAvQUB9Wmd1+kMZvqLySQjm1tBBbcGYuSERMJ2Et5" +
+			"eoTdL9B6EG2CZYnPqu1vk0TVugRxs7IJm4h5z4MCInf2g1KTt0AMEasQW6ZTj7DIkkU48Z" +
+			"EKLPoBGXfD9t9Y9cmdj1e1RQbog=";
+		public readonly string[] TEST_14_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_04_02_crt,
+			Intermediate_CRL_CP_04_02_crl,
+			End_Certificate_CP_04_02_crt
+		};
+
+		/*
+		 *  test15
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_04_03_crt =
+			"MIICmzCCAgSgAwIBAgIBHTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGQxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEbMBkGA1UEAxMSICBDQTEgLSAgIENQLjA0LjAzMI" +
+			"GfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD11QBcw4P2rTUfPmbVNYqdo0AMmcB3Yxsx" +
+			"Iz5me/S1I2PJLtRh9KP7lUV20SMEFsFKtE1C+9O7ODtOUCJA/6ECeXbyj20SbG1E2oQrZe" +
+			"gkcn7IQDUgnuedzdFj4kTevok6ao9hycg+qeZrL6oeBD2XQCd9nqMmzhihNu/QOSnp5wID" +
+			"AQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMA" +
+			"sGCWCGSAFlAwEwATARBgNVHQ4ECgQInx+ELo31rJMwEwYDVR0jBAwwCoAIq5rr+cLnVI8w" +
+			"DQYJKoZIhvcNAQEFBQADgYEAriYMoRDpSPI4HWrxN1rjqWIzggz8p1wpbEFgK5o/Fi2KT3" +
+			"jCd6bfCcIFDpoXNqlsc+dvzc4XB1Eg/Qbcror8HP8LSxrbFw/y7VhC+wCaDCmhcqQn3rp/" +
+			"WaOWnR7/H7HlKM9m1u7MBtwlxHINnLKwPHIA1XwmAnItAXIL2yHRJhU=";
+		public const string Intermediate_CRL_CP_04_03_crl =
+			"MIIBUTCBuwIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxGzAZBgNV" +
+			"BAMTEiAgQ0ExIC0gICBDUC4wNC4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWq" +
+			"AjMCEwCgYDVR0UBAMCAQEwEwYDVR0jBAwwCoAInx+ELo31rJMwDQYJKoZIhvcNAQEFBQAD" +
+			"gYEAvJgOX6tewnRbC9Ch+Fe4KjkB9IAhe5anQKGfnDHuLfga6JEjOzyfhonWZeppJwvYpl" +
+			"1rZbsKICNphMDkd/eaWnn8Q9w02ah4kzIb0LuzrNBrxpFv9AAidfGU2VeF0gRi02jtAZsh" +
+			"gUNbrdC+ovA8mAsBigy+HMzCi61+wrumwvo=";
+		public const string End_Certificate_CP_04_03_crt =
+			"MIICijCCAfOgAwIBAgIBHjANBgkqhkiG9w0BAQUFADBiMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"GTAXBgNVBAMTEGNhMSAtIENQLjA0LjAzICAwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMT" +
+			"IwMTAwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYD" +
+			"VQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLUNQLjA0LjAzMI" +
+			"GfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2Rd0VKnTIrME7hzpnpIPGXGXZCjpf5lSO" +
+			"19zvB3WdZumLGdwUBXpIQTrl5teYgL62PpOwNC93URZDEUt+rqoqvs8E7MpF3IulStp2+H" +
+			"/xa6Ihf4OmkgKjpHNTWOIFXeRJ4sVgWuH6cqQ+6GL+0fa1sed1crsEgTTAGYNhFi6ebwID" +
+			"AQABo1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR" +
+			"0OBAoECBNwCFdDgPCqMBMGA1UdIwQMMAqACJ8fhC6N9ayTMA0GCSqGSIb3DQEBBQUAA4GB" +
+			"ABAjSPg794yiVz9RqdNxic8TGnApNrZui/vwr1U8ZkETZfx8W1fWgQ0z7KjryML5IOmvps" +
+			"zycM7by6jb2kMmxI1SQCwjiNQ1fb1osrNAj2bRfpp2YgjjbHx1XkddommtVc0V8kvyQBcb" +
+			"7NdxfbwKr8AtpiWTWIajc2uqUlELsLzr";
+		public readonly string[] TEST_15_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_04_03_crt,
+			Intermediate_CRL_CP_04_03_crl,
+			End_Certificate_CP_04_03_crt
+		};
+
+		/*
+		 *  test16
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_04_04_crt =
+			"MIIClzCCAgCgAwIBAgIBHzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOQ0ExIC0gQ1AuMDQuMDQwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOFf5hr4R8IqTp53qQSiBEjOFQ3Q3ICcafl+FLzm" +
+			"K3xIFqERjyXARsTM4gDQ9yntFeNp2TiIi98xBrz7D8TlrbTAmxO/PUfAQ68tXpz9Id/XrU" +
+			"WeAKxMZULPL9nPFcGQoh0qq3JKpFRSb3Iobryfysblm7cCDDCJOI7uK14XZtTFAgMBAAGj" +
+			"YzBhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMBYGA1UdIAQPMA0wCwYJYI" +
+			"ZIAWUDATABMBEGA1UdDgQKBAjior7qCuLBljATBgNVHSMEDDAKgAirmuv5wudUjzANBgkq" +
+			"hkiG9w0BAQUFAAOBgQBhh55gTy5htqjxW1Ch2hRrRikhBH7LJz1PmDuzwiIOtnWL+EiQOY" +
+			"T6h3NV1j8Kn5S4KhUOrhnvrPXRi22HdqRzEPl7y/wXm6G0XcgYlyy2ofZKdYVWCVStKAMW" +
+			"5SwV2wC5RPK2KphdhnlEqss6QVRUsliDDjnf9Saiey9nzJAfNw==";
+		public const string Intermediate_CRL_CP_04_04_crl =
+			"MIIBTTCBtwIBATANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNV" +
+			"BAMTDkNBMSAtIENQLjA0LjA0Fw05OTAxMDExMjAxMDBaFw00ODAxMDExMjAxMDBaoCMwIT" +
+			"AKBgNVHRQEAwIBATATBgNVHSMEDDAKgAjior7qCuLBljANBgkqhkiG9w0BAQUFAAOBgQBI" +
+			"VlXD5FnIiO8tavLJ8qo/qRhbBNgUbFBdAgAY6yVnFNP6YN4qPineYPN6NV1XdqNDrZh2Nz" +
+			"GHzX3YDo1Uv9yABVR0NvXCaMIW5/raqZp/on6bPuQLgJe9UisOPKunzehTm/NmO1RW9dwU" +
+			"37UzC0XnVHyVipDVh07DrTKBUtQJQw==";
+		public const string End_Certificate_CP_04_04_crt =
+			"MIICjTCCAfagAwIBAgIBIDANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJVUzEZMBcGA1" +
+			"UEChMQVS5TLiAgR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRswGQYDVQQDExJDQTEgICAgLSAgQ1AuMDQuMDQwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMT" +
+			"AxMTIwMTAwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQww" +
+			"CgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLUNQLjA0Lj" +
+			"A0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCegy6qOnM14CS7+enBElgh2DLtF5bn" +
+			"ah0yfA18/hbqnmUaWOWJQllyXa8QFawnvdXOOEXJm1ErIm3rDYihkbUTP+ybOBH9dprWtl" +
+			"1cSGL9CkoxwzkJRLQTu5xG72EhET3S3kwqZsmYbgy4MduGKv9VGFbv75Wr17Vo9K4Lz6QK" +
+			"vQIDAQABo1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQ" +
+			"YDVR0OBAoECEc4b3BP059HMBMGA1UdIwQMMAqACOKivuoK4sGWMA0GCSqGSIb3DQEBBQUA" +
+			"A4GBADj73jXpPLev5crwZIoXCJd/nXXp1fJzEEbByWggsR9cFHN4wnp7N6gpIxQbLQwjmo" +
+			"cLPC1pHQ3A5VHVrCbxAk6nifmSvnKFWHTBftZGpfTGkrXbURFF64T/CB4O+JXr1eBUGheN" +
+			"Q0T8L17UNgi3oBENKjASWnpjxvD2QrOnH0rb";
+		public readonly string[] TEST_16_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_04_04_crt,
+			Intermediate_CRL_CP_04_04_crl,
+			End_Certificate_CP_04_04_crt
+		};
+
+		/*
+		 *  test17
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_04_05_crt =
+			"MIIClzCCAgCgAwIBAgIBITANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOICBDQTEtQ1AuMDQuMDUwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMBsWmrcKH0J9bkI3zHthZ0S3904f3fMUSasY5qp" +
+			"7CSQ0sbXTwP947sfAPK4Dso6Bpwl0WExRCdFHd6qfY9wR+NtfuI/DkFEY8WveoqM4Vskpi" +
+			"cutWghCx14PiPY5YGFn8VvXu7wbuHp4TnHtUCMEUt3EfYO5oqm+/I8y0eTKMNHAgMBAAGj" +
+			"YzBhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMBYGA1UdIAQPMA0wCwYJYI" +
+			"ZIAWUDATABMBEGA1UdDgQKBAjOoKlp+BfGqTATBgNVHSMEDDAKgAirmuv5wudUjzANBgkq" +
+			"hkiG9w0BAQUFAAOBgQDLhQ/RJFqMDNRonAHZ30DYyphf8do4q6ARikhhXSSa6G2G/PzbpS" +
+			"x3T+3G8ot+NnFhtf9ZWo7KfwmFEbUA/B/X2vJaJbNImkMDT1aTY5sPXtA69B3QKQVz7HST" +
+			"f5XH6DjuoV0/m1M153A4vf1Z783dOPw1MzOq19t+6tYFeELEHQ==";
+		public const string Intermediate_CRL_CP_04_05_crl =
+			"MIIBTTCBtwIBATANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNV" +
+			"BAMTDiAgQ0ExLUNQLjA0LjA1Fw05OTAxMDExMjAxMDBaFw00ODAxMDExMjAxMDBaoCMwIT" +
+			"AKBgNVHRQEAwIBATATBgNVHSMEDDAKgAjOoKlp+BfGqTANBgkqhkiG9w0BAQUFAAOBgQAp" +
+			"6gLCdPQw7Hisnr1i3QbD7GybqfD6b1s10GQ3c/j59RYDe1Fk47Srs9ol/baleasWjcdt8M" +
+			"SlTc66KvK9YPFAqIdYoOW4FidpJBF/1cvSc2hGYwVsxLnXKr9CJ5Py5vBCCjovIRiLdzoL" +
+			"ZoteOKFIEHkV7V8V2OTFawxpW9hkiA==";
+		public const string End_Certificate_CP_04_05_crt =
+			"MIICiDCCAfGgAwIBAgIBIjANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FzAVBgNVBAMTDkNBMS1DUC4wNC4wNSAgMB4XDTk4MDEwMTEyMDEwMFoXDTQ4MDEwMTEyMD" +
+			"EwMFowYDELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UE" +
+			"CxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5nMRcwFQYDVQQDEw5Vc2VyMS1DUC4wNC4wNTCBnz" +
+			"ANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwZsiUhXiFHN9dfJb0Yyy+rYtV8gx+d0+8WkW" +
+			"5C68nQgSqqk2uSTpvZbx0bpHF+s+LKppj2M2tt/AfZgVQHTsp5rO0IftZE2iLwqejj0rYU" +
+			"Poprq1PE3vVhs818ZlDS0PTUP97YxLysQjq2jS/d/9lF5pS3sMlP4Usp24gXX0vG0CAwEA" +
+			"AaNSMFAwDgYDVR0PAQH/BAQDAgXgMBYGA1UdIAQPMA0wCwYJYIZIAWUDATABMBEGA1UdDg" +
+			"QKBAjpC0ZvCXrvBTATBgNVHSMEDDAKgAjOoKlp+BfGqTANBgkqhkiG9w0BAQUFAAOBgQB7" +
+			"YwJWcx+PU1sUZUOVleoB5amHFu0GT+Hy7cRa82UJMHFkz0bmnyEV8CBNcnn0xa5iVfwe2y" +
+			"5ZKwy61DLR3MPTar9eKITL67uZag9w+1tnIf594XRbEiUzn20uxuDFX3oPoZCemtWdVanj" +
+			"2T+9TVQKfrp15+qzOCObNNRHZw29EA==";
+		public readonly string[] TEST_17_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_04_05_crt,
+			Intermediate_CRL_CP_04_05_crl,
+			End_Certificate_CP_04_05_crt
+		};
+
+		/*
+		 *  test18
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_04_06_crt =
+			"MIIClTCCAf6gAwIBAgIBIzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA0LjA2MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQD0t0dfe82Su58bJdn4dh7E3OCam1AUPTzPnt7DwT2w" +
+			"1XwD76OCUYP7SBBjsLYDDfUCb2ek96pSK4jpzyE6/4IOtfObe7OW+iBT9YAB5WeW+SmvEO" +
+			"TIX+xo13sbz6rG6j9svcOxtth98yv7mxzV/ZwTNBSO72CcfDXIIq20TVunlwIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQI0AufZEn1f9AwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAbfhxuNBYizxfMZNcyiN61j+7LXZZo3SmMU21UmOhPBTmdTbIkuVCI+" +
+			"F1jSWdu3eGShVNJ3jmkidDvojMm+E8ZZ1YGHYfgeG16dDQudaGUjGmOfYzzlkFmsaf0paG" +
+			"4y4sBerPsZCmhN7BanGh3qYPFvadSmp3OapGfEmDtS+BbVQ=";
+		public const string Intermediate_CRL_CP_04_06_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1DUC4wNC4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI0AufZEn1f9AwDQYJKoZIhvcNAQEFBQADgYEAIAI7" +
+			"W6K69twJZnHx6CoIMs5+P9DrJ2yKHptmntlOCTSJirC/xdj0Zv2k5FW84VrTtdCSZDT1Ce" +
+			"4Dh69fT2sUUexJb/4IcDtzloiuASSJzKWCeVIj9A8e6+coNUJVKtRKRX8bHJ5Un7xpFrY6" +
+			"t1hdxt8gUecAAdXEFGuZ3QEHHN0=";
+		public const string End_Certificate_CP_04_06_crt =
+			"MIIChjCCAe+gAwIBAgIBJDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPdS5zLiBHT1ZFUk5NRU5UMQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1RFU1RJTkcx" +
+			"FTATBgNVBAMTDGNhMS1DUC4wNC4wNjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDQuMDYwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKq8rAPXsu1RVm3vT7od7CDLn8k/C3x3wvfzoWrm" +
+			"W0cmlhp9xRy5a3HWiJATD8yCKY1psBgnrOpv37sdtUX4P2kf668HrYOaGo365fKPeT5Wjm" +
+			"gp0pL3sXKNNsCuJPd3wKAXGHAi1R9arZFYPsKJlfQl1774dwAvzxSOMr5+pbnzAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QI33MEYdo5YX4wEwYDVR0jBAwwCoAI0AufZEn1f9AwDQYJKoZIhvcNAQEFBQADgYEAo8Ge" +
+			"ADBoJFEIRzdO37uasuyIBhClTUgyFhEKemMBN6aelYeiJMX6FZIL3DgZOce4dg7Zg3Ak/w" +
+			"B5m8XlGQLW9xIbpEzY/Iq9kr+qK6k9YmvtcOiHFbnudCFNZngTQZpxjiDaj4eA48uqKIxs" +
+			"51taC5gOv9LYWPnugN8TsUUFZ1s=";
+		public readonly string[] TEST_18_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_04_06_crt,
+			Intermediate_CRL_CP_04_06_crl,
+			End_Certificate_CP_04_06_crt
+		};
+
+		/*
+		 *  test19
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_05_01_crt =
+			"MIIClTCCAf6gAwIBAgIBJTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA1LjAxMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCshocJtyGsxeEd2ouVTVKp+HuhDjnDk9eXtaLQIKaB" +
+			"7aTODHYbq1mC+1LO5DmRV5PBVd8NuuCA+1DmzFrfYl+nMCjjgOkC0//Gf9O85Hi/n21q0T" +
+			"F+oVa1j9fc7nAgLIziexaXrflYSbaeNWkwHHftGUninKPuNGM2re0krEeurQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIaUi/P20o4LcwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAWBLeJl4qlAPKxmBM5QZ2JYsbCV3VBeYGAKQ+4L7ehS63VQMCwIjBCI" +
+			"LaHGIFfCqecDNd6cpYIArdx4tY7X2/Zxm3j5ocngpI1Tv8zydQcFeraILglsHf2UZUuK/N" +
+			"6jKGjwL68C8YwmA+u6ZhcQFD2Xg4wSMC/xxzAs9zEAQGBPo=";
+		public const string End_Certificate_CP_05_01_crt =
+			"MIIChjCCAe+gAwIBAgIBJjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1DUC4wNS4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDUuMDEwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAO9ODA12Fky/Md5AELkaOvOwB31UlfZq3SHAOvs0" +
+			"Y4NYoA7Q5KDIwW8RNzMSKD30z51VlgOAaBVR6HLo6rkcWB4wGiV7EPelewdSOdk72IrnYR" +
+			"npJEm2KEuLkHB+gejgk+paw8CejxMsrvT6loN8Pz0btBKxWaCfknTIyXVyQsolAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QI5LtSKs/inGMwEwYDVR0jBAwwCoAIaUi/P20o4LcwDQYJKoZIhvcNAQEFBQADgYEAOMrC" +
+			"38uzHckKMkiawXhPUHtDQfyR7bLweS2qro7GyndfxPpeMJwjzVxqvQBtMuHON+al8jyXpy" +
+			"BsEryV6qvdFC1vczLzJHAJZmLe5np27zQIXOObsyYcOG+aPq727/pKoD90DAlBvrxNW0ox" +
+			"x7citflEYpmOEv9Do5xiO3MuCFw=";
+		public readonly string[] TEST_19_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_05_01_crt,
+			End_Certificate_CP_05_01_crt
+		};
+
+		/*
+		 *  test20
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_06_01_crt =
+			"MIIClTCCAf6gAwIBAgIBJzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA2LjAxMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDI4MXZB08BfUHxo//4Re7Ax0qWkHgy6nb+/XaLQ2Fw" +
+			"Pbvpb5mkhLhqDZBSX3KQL0YiJ8p81tmdvRQH/LbFzX/3OKBTUfV5imYy979A2NEb4otFp6" +
+			"EDSskZhttY3d2IzUICoCWUXhObnmkHJ2jEc81bggFkK5Lir1m/tKq2IOPFJQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQICIAmlz6+Cc0wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEA0ZvIG2cnk32p6uxqGw8Bu40NrfHu9gNkJL5MhDHJXA6OxU5BX5bWZp" +
+			"LnKXLoHiqSdtEdmy5cLZw3kggxndxjsnRFMyCawaYupJBhlgquFbuvBtA8rMtkc5H4zudP" +
+			"ZcOcvXu7Xw58K+1caSGURL+A6uXFPnMUBd1+k+ejbtO8Pto=";
+		public const string Intermediate_CRL_CP_06_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1DUC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAICIAmlz6+Cc0wDQYJKoZIhvcNAQEFBQADgYEAbkJe" +
+			"jfc1rztCbtC6xJZ3iZEDDMW2CxFvOvSwhmCjPqVY3lrCPNSQzdjmqepioCnu7ongP+HAA7" +
+			"hM7bm+SoN7KzXKufQ7C2ONoAwvoPZgnoidg7RVECxUByD6AJu04yd2wCLYRpCfS2tDtXLh" +
+			"HEDpe+ELwv35pbkCMlCO2u7J+Tc=";
+		public const string End_Certificate_CP_06_01_crt =
+			"MIIChjCCAe+gAwIBAgIBKDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1DUC4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDYuMDEwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOh7lUwMRet7t/ABI6mo27CsnRzQ64Xx7f1dqxrJ" +
+			"NuuSRslVShaWnwiGHjc+5/TS7Urfj9VO0dseBCzPsyYFoIX1q7Q5zlArwy24qpXTGMmlpE" +
+			"GByzi7jkXO8w5+wqh3+8RFrQQzr71zLtAVV/qPUyleuF8M8jzkwfPvawunmwdLAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIayC0PPU9zyswEwYDVR0jBAwwCoAICIAmlz6+Cc0wDQYJKoZIhvcNAQEFBQADgYEAPz7b" +
+			"UvaEV7Myjhe8LJO/soj84X71rvVPtBPrhYjWTJ6p69GCfJRyho3vAUIt8RFal1GFb72c45" +
+			"DQGkcVzLLJw8cDP3ajtWac5HZ9dNPJkW+Kh12l9gqjn061XAjQ4XnbbwQDYCuXhguPE9v3" +
+			"kzDbimwVwIEOB/4SARX37y7TUWk=";
+		public readonly string[] TEST_20_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_06_01_crt,
+			Intermediate_CRL_CP_06_01_crl,
+			End_Certificate_CP_06_01_crt
+		};
+
+		/*
+		 *  test21
+		 *
+		 */
+		public const string Intermediate_Certificate_CP_06_02_crt =
+			"MIIClTCCAf6gAwIBAgIBKTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA2LjAyMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC/IejV3DmeaLW8OwMfAGyr5+8NOxM1C+UBYslbOfWj" +
+			"KUGdhlX6TxFc5AOJVJBpS/QjeA+RWoUCxnxKb9QSlOrBmADrcnGz8zV0/c0JDLaU3oSgsV" +
+			"EWZE0SexBVWrKcl1j7wN0RuxMeAp342/YoyvBwea3VeqJkmSCc7Y2TjruWEQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIaHxWOdHsLbUwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAuzeq/lqp0qs62krK6EA81Silhy42l/KmynE3mVu9GPBgQS0BUDi7+r" +
+			"QQ+m0UxYElzj2SNO4J5aBYeC98lVJFCHX7QE8yVOoPBQd5rA+rrz4HD9QoP7glxTqLU6Tc" +
+			"9VFd+iaFpqsVtSh2bxH2BtUB2ARgebTklaNl5VPbu0+yc2I=";
+		public const string Intermediate_CRL_CP_06_02_crl =
+			"MIIBbzCB2QIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1DUC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAiMCACAS" +
+			"oXDTk5MDEwMTEyMDAwMFowDDAKBgNVHRUEAwoBAaAjMCEwCgYDVR0UBAMCAQEwEwYDVR0j" +
+			"BAwwCoAIaHxWOdHsLbUwDQYJKoZIhvcNAQEFBQADgYEAYGaAzVoUdlSZ3uGKiRPfHAFIoK" +
+			"T79hNOvtOxaGA0aIek9OypDrDqYAh/s2jsXSheL0pr/v9WRIHvtCt7ytXDxVyn4Nxjpfv7" +
+			"BkAMMiccdUx1OH1VElTRkmmtMe7ROzUeHUGzXJNPex1Bc9BvSChH18bWYckyOZdYJBjctC" +
+			"KJFgw=";
+		public const string End_Certificate_CP_06_02_crt =
+			"MIIChjCCAe+gAwIBAgIBKjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1DUC4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDYuMDIwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK4D9H8JxeIrFuOmx0cSkIYNS0p7cDSBlcc57Na3" +
+			"+1k7lJD7mE9ZP6/47YsDVK2bwe4aTKCTXtPk/kGQ6bsLswJXbyW4k4+f5LeAYoXgbmZXjA" +
+			"WF+BKIl8uKetsqC3HkCeqhBaY1AGUqef4oOAkakEP+1jYFumNYtMaB+9x/0ncBAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIC9MiJNI71RMwEwYDVR0jBAwwCoAIaHxWOdHsLbUwDQYJKoZIhvcNAQEFBQADgYEAo/ib" +
+			"mIxteityjZlszjCc/s7yM/0snL78pYpMOZ3P2TPKkYh2Th4+Bw8JqX10+M/zwFBj5Bw7Im" +
+			"zCIRfS3GFuKmcVcyHB4OZLMcQZtXWA8GOZ94YvWq5TBINlVtThQtusQj15KBq2TJNNFUyD" +
+			"pBdvyo05AnEsRY0HbIQu6ZhNQ40=";
+		public readonly string[] TEST_21_DATA = new string[]
+		{
+			Intermediate_Certificate_CP_06_02_crt,
+			Intermediate_CRL_CP_06_02_crl,
+			End_Certificate_CP_06_02_crt
+		};
+
+		/*
+		 *  test22
+		 *
+		 */
+		public const string Intermediate_Certificate_IC_01_01_crt =
+			"MIIChDCCAe2gAwIBAgIBKzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjAxLjAxMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDDOu1J/VIzbB4VcS2Dwf2fsHOmIj3iatM8y61V7CrN" +
+			"RCxCWTJ1Os8e/mFWOi/zN+0afizA0UzJDTe8L++/RlP68IFg5Ju2OhXqQC3HbUZmQ7ve9g" +
+			"QdWTfur3oEJV6/XoVE4WG0Ic7D1p7BENb3LUT+8MJdSboTvAggA1CiOI6zRQIDAQABo1Iw" +
+			"UDAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBAoECP" +
+			"RyRiSV+4XrMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqGSIb3DQEBBQUAA4GBAJlmJ9EW" +
+			"9ujUosqHZyZkniu2vX8VOL52OnxtLxw3LqxLyuxivjyYCaMAaJNr7/xfm3C2ozh9mQyZTQ" +
+			"6TpBapLFUH8QsEKUhy57MDUgIvZsyOvvjJh3AXfSkXDaMZ3ncLg6x0wwjN/Hxu9i+IhX1W" +
+			"1E7/5foGx7AEVfwY7Fo9S82d";
+		public const string Intermediate_CRL_IC_01_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1JQy4wMS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI9HJGJJX7heswDQYJKoZIhvcNAQEFBQADgYEAV4DM" +
+			"F5gU8MZ6E/mnjAWS+dIRKUBJV1GZJ+hOysdbmK1hD0mj5Pd5qTzlcvLjuatIoIsB5DCpYd" +
+			"AcNRLVvF5EJFhVjqsPzRlfUZth0Xqa+U/DeHjVxHxYsLEOSt+v2bLkbGh88SmOAk6F8xj1" +
+			"l7YIfPX5cIkUBTVZlsUt51slMXc=";
+		public const string End_Certificate_IC_01_01_crt =
+			"MIIChjCCAe+gAwIBAgIBLDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1JQy4wMS4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDEuMDEwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPrk1fosBu0hemIKgTDCeV/RoFbbsm02X4LfZonX" +
+			"KeGRGYZXz4tpWgbNpjKBq1e/2bOO1DCn9I8I2kjvZdOkabk4MLeuRDo/sqlNndu4Ar5502" +
+			"pAo4A2V0QLR4IDHAJoDpxtSFrqELOiiyCx9O9V19ywe5pcBFrxVEWDqTnBUeDJAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIbI6BhABrmQ8wEwYDVR0jBAwwCoAI9HJGJJX7heswDQYJKoZIhvcNAQEFBQADgYEAYzYy" +
+			"M0wbzNhZftAWz7TfFi64uA9WmTmd4MeK9vga4ChswT4H1zlaV1Sr+3hqpGmOoP5AUd9XIq" +
+			"O/ui+/gFaeuOLI+ATmK+V2KHGAneMwzcw9qbXRc+xZqGGjbXMb3Bowe3qrj3mhyowfa1n7" +
+			"x5xB7XEOqO6sfWxLdDjLVo4sn88=";
+		public readonly string[] TEST_22_DATA = new string[]
+		{
+			Intermediate_Certificate_IC_01_01_crt,
+			Intermediate_CRL_IC_01_01_crl,
+			End_Certificate_IC_01_01_crt
+		};
+
+		/*
+		 *  test23
+		 *
+		 */
+		public const string Intermediate_Certificate_IC_02_01_crt =
+			"MIICkjCCAfugAwIBAgIBLTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjAyLjAxMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDemJgZnOzXOwNGqRA3Xq9aMrAWQU4oFuhSELsEYfLZ" +
+			"GO3ntBjJLqCn+rs3FjR9N94cu63TduOAgqlXqrNbvyO1+SF9m35JXreqn/OS6KrK6c8W2I" +
+			"pDAWJcr89nGyyCXMoJeaOOtj8m2NjZblmCZvtAl5UMOew73GE7Z5fE+jtA2wIDAQABo2Aw" +
+			"XjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAw" +
+			"EwATARBgNVHQ4ECgQIhT9GjaaHj68wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" +
+			"AQEFBQADgYEAWhKJUujLapxpz/DoD/w48HMzkL6UQCxQPOAjwwHicX8wFcKmcrWLVBdVC3" +
+			"0+ywrzMraWhaq+QCOqsgtxCwTZrfUxbCNqhKS0lZijCMgNN4Jht+PAZ22tzEsw7nCwiMM2" +
+			"n1jeKF/3btoDEUvZn9SuzhkIyxy7Q8l2tbNOsANqpxE=";
+		public const string Intermediate_CRL_IC_02_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1JQy4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIhT9GjaaHj68wDQYJKoZIhvcNAQEFBQADgYEAJsjf" +
+			"oS3F1KMpcVBOC1Z6P5N20TYLCCHG6KETlBA3Rjf8ehNxJKJW0lGd7qHpVHp4BGvkSfaOAa" +
+			"OrC0G59wjDEY+Ci4QS46OYzBcHXMFX5HF2xMq+y5SfQnyV6MQUVVkxJRjgsTLrYwP2JaYm" +
+			"BK/zExhqQgPfgcR+56swBPXqogo=";
+		public const string End_Certificate_IC_02_01_crt =
+			"MIIChjCCAe+gAwIBAgIBLjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1JQy4wMi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDIuMDEwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANbTVeAxOibAO3KGqxxY3VqKXDr9tKJN+igpKb4w" +
+			"goR0ZnWGDusSVm4pvneZ9qfmi8A0sM0E91+B2hAwsU6Y9RoA7nPsTkFYi5F+hHGIF46Op6" +
+			"8blGrZraGf9bsWXCZFoLoxcgltwjGPQqyZ5mnnm8cxUbtaWmgo28MK1yBH/sS5AgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QI3gkBNo/SISMwEwYDVR0jBAwwCoAIhT9GjaaHj68wDQYJKoZIhvcNAQEFBQADgYEAQGl1" +
+			"7uT2xxYDks6HolrQIpesIoPqEiZ8TkizEBuLG3sUKsC7klHwy2iyVvA6nRUDwf/XzDLpGW" +
+			"/Gn0KTW6ZYIX6snOC1+7HX5OJglQx8tDpDvcAgyocK8PvCrHfu9o33J49aSeLAVpoCHwne" +
+			"tTtJxVfTMmjYWKeDbHHHi8a2YTI=";
+		public readonly string[] TEST_23_DATA = new string[]
+		{
+			Intermediate_Certificate_IC_02_01_crt,
+			Intermediate_CRL_IC_02_01_crl,
+			End_Certificate_IC_02_01_crt
+		};
+
+		/*
+		 *  test24
+		 *
+		 */
+		public const string Intermediate_Certificate_IC_02_02_crt =
+			"MIIClTCCAf6gAwIBAgIBLzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjAyLjAyMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDoeA32BPwgq8pLJoR/tbOSjHtAz6fmzvzJrhJMvl64" +
+			"ccVuIzGxzOneYsO/ZYWy3ZGtlCoMZJRnS83tw0ikU9vQUwBw7DEcfRlLKYkY68rp25N1V5" +
+			"JEjnlHw+RvubdGkonWzUNJFbY1GA24J3no2GZHiLPgWmGb1jsA8Ag32MUrCQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIKx4Ybzu2PaYwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAotGeNFzmktvcxpCRcpuARHkv1lW+LegvbDBnSPvGnr1+Cn9rZcuLup" +
+			"u8ex6VJ7KWtgWBtzdOelerO6ytfWQ67uNpTOuc0SDdk/f3tCagdx44LBVQywuq/Kj57ZuN" +
+			"jpe4J8UPZSBFFK+P3gTX3S/lIKsDi6xjRnqFLSQYGX2XiIE=";
+		public const string Intermediate_CRL_IC_02_02_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1JQy4wMi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIKx4Ybzu2PaYwDQYJKoZIhvcNAQEFBQADgYEAOfuX" +
+			"wRv4skbPZAbOH/LVXdc/cA7vCSTAnWecN3ZKm/eCsxbyRxqn7fcDyHmqg5H3Ac5UOlMHR4" +
+			"FMe0Dp+Yu4Xg8xg3zRvE/3M/5jyRILGGi7olh4ikkOMD+UlreysvYvUX2MVP1iM9qAkXh8" +
+			"E8n/LZIlABN2GGkFEMRMJA6KTXg=";
+		public const string End_Certificate_IC_02_02_crt =
+			"MIIChjCCAe+gAwIBAgIBMDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1JQy4wMi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDIuMDIwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKogqWGx9EpJ/0G7ORopyIQ4IZXYKKTE48WqOJbu" +
+			"nLD3txGjMUb5Xefl/QyTfd6J758ddGzPiKs1zWO6riffJLIBoOFDmt8tchPBJuIM3gKgXe" +
+			"VcZMyF5mebm5/GZekMOjbs8P/zbLdrlu1D9CZWZMXONYitdluSg2moMGbewS2NAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIP8N7OmNGshEwEwYDVR0jBAwwCoAIKx4Ybzu2PaYwDQYJKoZIhvcNAQEFBQADgYEAwkpF" +
+			"j6Kv+OcKrUtOgnH9QddB0Ej0oU6B5/5Hhhf3liAPKtllDHnhUj6nqfh4APNq/iqYFOkKMR" +
+			"RUZoaj6kakJNSOlgvRIiQfuFIgv3CqLZnhr85YFRnKgoluZE1pq3TvunoiKyJbCjbmyCos" +
+			"Rd32gVcJq024xvY2eVBTl6tfn5A=";
+		public readonly string[] TEST_24_DATA = new string[]
+		{
+			Intermediate_Certificate_IC_02_02_crt,
+			Intermediate_CRL_IC_02_02_crl,
+			End_Certificate_IC_02_02_crt
+		};
+
+		/*
+		 *  test25
+		 *
+		 */
+		public const string Intermediate_Certificate_IC_02_03_crt =
+			"MIICjzCCAfigAwIBAgIBMTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjAyLjAzMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC7LFt+yGItQFqSEPi03ICIr5ydWnFPQHZdEMNu2tRU" +
+			"3XiOpfam1wl0xgAPGBkQK768OfidpP/i1hgYOU/isOB5dyALscvIQ9XJG1OWQXBBLgKuCb" +
+			"MS5fuDhBNa4KiFuGMbJ3/UjluRsD9qaXwGUavc436JwbRHvW8FomaBYYY1hQIDAQABo10w" +
+			"WzAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAwEwAT" +
+			"ARBgNVHQ4ECgQIPsBg9tMABhAwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEF" +
+			"BQADgYEANZcayTTX+FGhtRUJ+XuYA7jR14CJL6qTHPvdSMgHNw9mGXI/7sO5I4v1vayOCI" +
+			"YQ9luBvrTYlMPmuej8+bhM8YTYpiiOjVFANwvSKArI9U2CAGBcoBMXydykkm8qYw4gtYQT" +
+			"neiOz7VqI9plLWA111IRMgayD3CAt4Ntpzd1VSE=";
+		public const string Intermediate_CRL_IC_02_03_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1JQy4wMi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIPsBg9tMABhAwDQYJKoZIhvcNAQEFBQADgYEAVeQi" +
+			"tT1FRUaJlhfpkfjZr6VHmvGnqYapdo4DRT/pm8tsp1LbZZXpYW638ztwgZNgeBRPFlcb+x" +
+			"8naQjEkoaYzLbCYfdY+PPVDv7ym15PE48Kve8ImvANY0YnTGS8pcKdK1dpNKBnYYMOG9JN" +
+			"+H5K/4cSm/WMCKIuKdsiAWFYauE=";
+		public const string End_Certificate_IC_02_03_crt =
+			"MIIChjCCAe+gAwIBAgIBMjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1JQy4wMi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDIuMDMwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALGbo9yEujZ9RFU+Vmxb5+Rx1VdIG/3E/5hXV/xI" +
+			"OFu4mEfYh2tBhP2qIMH2KbrR1tiW5t4DvTCBM3NKKqp75wpiuu7E3q6imt1pLbGW13NVL+" +
+			"81gYWXnCnzHpxYjMTIqqCkPIAeOG+SBJ1MgERbL+NBl+AK3WG4TeQ8vw7r2CGrAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIS/HbII+ki/kwEwYDVR0jBAwwCoAIPsBg9tMABhAwDQYJKoZIhvcNAQEFBQADgYEAWHy4" +
+			"sHrTkqY1XjDBY5XpNEyhP6htcnjYD9bos4wjxPlJUyxdIWACWrLDE+R5iRCOYsh/nDAJEt" +
+			"CUcVASukvP6VLJaFjyxUOaCp6JCVV+txk7Fh0S/Ur3Zyysfp5LllP1plOA3N/k1Hliljp0" +
+			"+bnSiDhA1+3hJh0gDMjWUdRq9yM=";
+		public readonly string[] TEST_25_DATA = new string[]
+		{
+			Intermediate_Certificate_IC_02_03_crt,
+			Intermediate_CRL_IC_02_03_crl,
+			End_Certificate_IC_02_03_crt
+		};
+
+		/*
+		 *  test26
+		 *
+		 */
+		public const string Intermediate_Certificate_IC_02_04_crt =
+			"MIICkjCCAfugAwIBAgIBMzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjAyLjA0MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDf5u5ouGQlQmdNfc4ell3RXKWmtq+ar9VKMme3kp8D" +
+			"cbDbUaVwlvhWTkOKxb9I208wfGG2nQiArezIwutlASf7sWo16EPapmGdCF+rp1dpjAPBUu" +
+			"fruEyCZ8nu2ITD52wuPY9OAcKHQE2/bBpCJWkw97fYX6Q9PPW5uobWoUJtOwIDAQABo2Aw" +
+			"XjAMBgNVHRMEBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAw" +
+			"EwATARBgNVHQ4ECgQIjDm8K5YcGakwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" +
+			"AQEFBQADgYEAEQIJeZj/HE3HvjjJV7PdU+2Ze8OeCYeeWDocxrA647xpeOksVXBXKmq2OV" +
+			"NqoFk7YNtlSUqiS2TlqjGqLtKYetk7a17qS/8EIQct+H5KWdvkLkYMkfIAAMJvJZHPGxEv" +
+			"j+oVPAi9FITRbFdN8Jvdo9MAuU2q8d2x8MF236RmEds=";
+		public const string Intermediate_CRL_IC_02_04_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1JQy4wMi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIjDm8K5YcGakwDQYJKoZIhvcNAQEFBQADgYEAV5bX" +
+			"7WsT8sWeA0iQ7V/+ZQESDzvyHA7Ziju0iRsvTL7qOVF/Nl5v+zND+ZNPhdJDKEM/Q0lEaA" +
+			"ybe0E73NMmM1qRX1daAwE++jHukF9TMeNl750HJaS667H6jcjeRrHUJDD0+AgqrZY52dL6" +
+			"CPM3V4QSvdfc1/xtKmNIZWSSoqY=";
+		public const string End_Certificate_IC_02_04_crt =
+			"MIIChjCCAe+gAwIBAgIBNDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1JQy4wMi4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDIuMDQwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMW45d5dPrzUJbuRIDeQ5gIJRYxi80PxPvxSmJe8" +
+			"ScG1A+l75SAtgLGWAxBqxPSzL+teBBUsnmf2Xsc8/qQHHev74uat0lxq9YrZ3npLW2YNo2" +
+			"CfxLK0M7F1/bhkHK2f9ttIvOrrKI67BeEjfACULdJEhl431uWINWV0pY+fHq+pAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QII61NnUvgvjYwEwYDVR0jBAwwCoAIjDm8K5YcGakwDQYJKoZIhvcNAQEFBQADgYEAjwgL" +
+			"6qMnnqUvNspsDaYpPQzTCqXkqshZhsy5G/nLk621H/YbNGlnZ6asHGljYVYMzjmcny16y6" +
+			"ntiv9QPB7YorAx27WT7pQPFla96s+nM/rfwWHPWI6QGDsquPriwJm/MwQC+1oDXEFKvdIL" +
+			"0urejfd5hgiXYbRRwMI7km97iHg=";
+		public readonly string[] TEST_26_DATA = new string[]
+		{
+			Intermediate_Certificate_IC_02_04_crt,
+			Intermediate_CRL_IC_02_04_crl,
+			End_Certificate_IC_02_04_crt
+		};
+
+		/*
+		 *  test27
+		 *
+		 */
+		public const string Intermediate_Certificate_IC_04_01_crt =
+			"MIICjzCCAfigAwIBAgIBNTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA0LjAxMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDBtNwpr9LZBF2LRtAp9Tb1FZnfM3b/Jv2sdO5zc/Bk" +
+			"sO4ByUgY+Mux9dEvFrkVWBK110TvXn+dj+85TuboILv4MDKlu+tI/rtuadXGwwDIg8TQnz" +
+			"uyC7LWhxM5JZs1/Is+sPKUY4PTCHs3+EHPBWf2tFiP3l6ZftkySEiL6+2LSQIDAQABo10w" +
+			"WzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAwEwAT" +
+			"ARBgNVHQ4ECgQIbMuZ73onuZswEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEF" +
+			"BQADgYEAhaTSc2xafdP/QceMm9YJ/rZJ5gTgBR/SlmKQwd2BclHabG+Fozdg4delDjtRXS" +
+			"FKY3sFWBFZHVeprh4T93Oj6IVA5X4DIuUeBpprtS+psCnWZxdtcUWmbyYQwZNCifG5C5D0" +
+			"lRwxlMlv40xT2oCM1zPZpfmqemBDUPJ2OhkCjvo=";
+		public const string Intermediate_CRL_IC_04_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1JQy4wNC4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIbMuZ73onuZswDQYJKoZIhvcNAQEFBQADgYEAMk6D" +
+			"Rztz1AyFnFr1KAlbjLLwxtQplf2eIc//zUkDFVUHtX5TrEC/ijUaItjdkOoPGQfpnL0w8x" +
+			"wyqWndMh593QPCqIJTtv/iACoiJNZ90ZJS0adcdZ+AEmQpa0Zv0e1JOqRrPoAfTq4HrOfR" +
+			"vhBwhvKQNtTExupW/EBudznKC6Q=";
+		public const string End_Certificate_IC_04_01_crt =
+			"MIIChjCCAe+gAwIBAgIBNjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1JQy4wNC4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDQuMDEwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM2dGkraKGdIi6EXxAu6/ekMqDloX5YSVBGh4Hp2" +
+			"faujr1u4j8Lp8afqjngRxFUpTqGbqH0ETgm4cVPXmc9rUvUzYTMdxTUmIZ+iW+ULZEvzNB" +
+			"712kxRPCD2kDFN2fH2ai8miXr434w+weLm8VQN4jJGo4nswhSs2w1gsUmWyn/ZAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QITsLx/sO1edwwEwYDVR0jBAwwCoAIbMuZ73onuZswDQYJKoZIhvcNAQEFBQADgYEAeKft" +
+			"0RM8/b3zQodaKrTdWiFyLg5fzoOsTecSfdFPXoqz9J5ejLVkvJevSmfXJrIUhKXySzsQi+" +
+			"GazuTh/hvWjwUTIvmupi+EiFudnMpXCro8bgi48+NkepNjXvjsSmOfzlrK3SxtpH5dqonL" +
+			"6LHjGyg+Xp0Nor1m5g1rLHyrcEk=";
+		public readonly string[] TEST_27_DATA = new string[]
+		{
+			Intermediate_Certificate_IC_04_01_crt,
+			Intermediate_CRL_IC_04_01_crl,
+			End_Certificate_IC_04_01_crt
+		};
+
+		/*
+		 *  test28
+		 *
+		 */
+		public const string Intermediate_Certificate_IC_05_01_crt =
+			"MIIClTCCAf6gAwIBAgIBNzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA1LjAxMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDM3aWmgX3OzAaBg6lnWjpFQ9ufeTOia3+lIUqn+Ypf" +
+			"5OH/s9dLRqg1ZynV3YIUyzaJPP/YlUEmrhheJn3Bjw25bHeIKdge73pfEbuBAugbUMS75D" +
+			"csBV7Ze9D+sVw8w/LtT3ZPcvM3Vju4d+c14Ip/8pC15jlgQPhwVQSf0x3V2QIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBAjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIJ2DFtxoQnXkwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEASvdcfBOh2d1dC10pGLZLI3T+oSPCup/U9riynIR3RxZsIaS/+Q2s81" +
+			"oeg++WQV6pyYvCLneZIp0efvqh5DThNV9lhBcJjlYwm/T8Hi2IaRGsSMwIvzrFN7zxA/zu" +
+			"tW98wigAKM2myk/nlYxmholgbQkQ7ZxYM3lD1TDRl69N66Q=";
+		public const string Intermediate_CRL_IC_05_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1JQy4wNS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIJ2DFtxoQnXkwDQYJKoZIhvcNAQEFBQADgYEAK7Ym" +
+			"Y9PjX5CpVewe2E9PNxj3dLYElghaQyapYoVtNq3jDqLMWspdmHdNdeaQoXsjlSJe0Zy8xH" +
+			"ZvpimwifnFZ5hq4yByzHjzNMpcA2yFtg2MtPWGEia+BmaZYZi3X0lR+OShKpNLFc4CfVM/" +
+			"aWG6W2BulHjIAThZhTg3uRekDzs=";
+		public const string End_Certificate_IC_05_01_crt =
+			"MIIChjCCAe+gAwIBAgIBODANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1JQy4wNS4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDUuMDEwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALlcUtceuxDznvI3pVM7YddPcBOrNvrOtpuLOa1L" +
+			"Lj9LeNH6+8CzRZnMsUtt+bRGqCKMEJLUIIstWwGg4SskXWk2m+nDKm5Ai6Kyx4nldpgtgQ" +
+			"xZSEwNcwRhpy7TtmLkxDVM9DoTbIbK0dZ7aWw4bXVHPK/lnOMtOaJbFDq0sLfxAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIiXgrRBVcDf0wEwYDVR0jBAwwCoAIJ2DFtxoQnXkwDQYJKoZIhvcNAQEFBQADgYEAhyO6" +
+			"SP6brWDDKZwdQGULno4Om5+DuilJKamyEcvSqE666z1KhvOCdLicqwVa6tQiAL6akrt5Kv" +
+			"R+TT0xqHR4JGosGLGolvK4DLrMeD+PRK7m1a+nJl44luo5Mn48HrKI7jn7n8Lp9bNdCHvr" +
+			"NHaQksCIR/Q8xoucPa+8sCTVSj4=";
+		public readonly string[] TEST_28_DATA = new string[]
+		{
+			Intermediate_Certificate_IC_05_01_crt,
+			Intermediate_CRL_IC_05_01_crl,
+			End_Certificate_IC_05_01_crt
+		};
+
+		/*
+		 *  test29
+		 *
+		 */
+		public const string Intermediate_Certificate_IC_05_02_crt =
+			"MIICkjCCAfugAwIBAgIBOTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA1LjAyMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCrtIYqo2Is8Cd6Ld+fyWC755oA6hQiiruooaR/6O4z" +
+			"ikyhOUztnHkOGMF5H4CKWafwwVrfFtqe7iop3N6AToEIpNlJLVy3cj14A/IASVYSSNFeHd" +
+			"O44Id1NWhPiKx3paPTWslMEdKQV9BlXb7gu8pQpvqTa/38hNQ9vdil/4QZbQIDAQABo2Aw" +
+			"XjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBAjAWBgNVHSAEDzANMAsGCWCGSAFlAw" +
+			"EwATARBgNVHQ4ECgQI9P78RavuWW8wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" +
+			"AQEFBQADgYEA0sAEmWBYSazUav6RtuNFtZgNrlQ2i5i138VzRHoF/kq/CxeR/lINQqgJhC" +
+			"ZlUnlslUuM86g8OQGlR8SS0Wsi0MdCQCtPCKA2hStlTx9MMux2IZAGoyHy6P95UE9qINHE" +
+			"fYZUYjO9rh96fzNyJ5Oy2kJdJWdhFXtSh3BSOe0ZD+Y=";
+		public const string Intermediate_CRL_IC_05_02_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1JQy4wNS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI9P78RavuWW8wDQYJKoZIhvcNAQEFBQADgYEAlPLh" +
+			"+CMqRcbLgUKEAL2UlSY5tjsF8At0hf000kec93TnBf7f1NKYVJ5eyeoh/WK4s+k4paAA5E" +
+			"/P2C8JMlGXNTrqKZXMy2zIlufE1ymXAZCKLOLC5ezXRSpwIsBWxko2nfw8Bz/mZO/bCSCT" +
+			"nDwkH8BJIbFV51vJFlyyOmZnCz4=";
+		public const string End_Certificate_IC_05_02_crt =
+			"MIIChjCCAe+gAwIBAgIBOjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1JQy4wNS4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDUuMDIwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMPsWBfT8HqaiLnoUCPAFniq502odL4uVqzOOxkx" +
+			"evZtjh7NaFlRjuYjTofdkj/IAgg7lkkBEW3auK47Td3TvqnHO401PqvOFNTlbhr5wDLmXS" +
+			"WWcR6XrvgYL3Z3wx15/z6eojcSgu07kdvKqzuLzcDs+noG8lbcruokX0A186pVAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QImgomUTkzwbEwEwYDVR0jBAwwCoAI9P78RavuWW8wDQYJKoZIhvcNAQEFBQADgYEATAEq" +
+			"YVV0iYdYomPqxbTapSCJFAMQO/WZhN9brCXP88+jRfk6cAHzTodQOYTOAVe8YXa904505e" +
+			"RA11NNTViP3s/AseGWuqbWjsom9mbR+tVkvufGqPQtm1JhfLgR/68e29AI7tj7zIJyFVYD" +
+			"nLRXGwMGnosqSHDle+WYyfok6a8=";
+		public readonly string[] TEST_29_DATA = new string[]
+		{
+			Intermediate_Certificate_IC_05_02_crt,
+			Intermediate_CRL_IC_05_02_crl,
+			End_Certificate_IC_05_02_crt
+		};
+
+		/*
+		 *  test30
+		 *
+		 */
+		public const string Intermediate_Certificate_IC_05_03_crt =
+			"MIICkjCCAfugAwIBAgIBOzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA1LjAzMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCajRjoRNL9HFTytLLx7C8WYouW0uONGsrtGS5tKMiW" +
+			"oLlQUkohqB2a2PhA1InNGQqnbDtNdqKbR1k6EzD6MyegvXK1sXs0ZE8gt0LZYio7Xp3k+Q" +
+			"7i4Rk5iTruAUrV8bFMYmeIXHXL/9rl5LQV8YRp/Ut3Bg3VECzfhQG4EavMlwIDAQABo2Aw" +
+			"XjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAw" +
+			"EwATARBgNVHQ4ECgQI9041oiwvHsgwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" +
+			"AQEFBQADgYEAYwGYwLsA/kxYZG/RM+kvoH+mUebrBVZRBxjovYsYzNznD26fssjBFfiTmg" +
+			"zwZJfG7MZRsgDSRsS+bxuTlXMVeGRKH8fVj7PNq05sS18QZQOF0CCKzg9DLkCzkzkEWBxc" +
+			"5ersciPrL90UarOIPIJWUxQ/5sdMS/wZtYTU34rNNWE=";
+		public const string Intermediate_CRL_IC_05_03_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1JQy4wNS4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI9041oiwvHsgwDQYJKoZIhvcNAQEFBQADgYEAJHTp" +
+			"k+RRsD0dUv59J1GQMWjQTjVz39Xaonx2sk38WHcrHBB78L0W6Skjvt082PwZg32sb7FQBt" +
+			"boAQ3PIKpXMnFnkjnkyaFihrnMdfa0abCPtQhFl3yra+w+1a2RDjQBZOOdq3xlFcLi9unT" +
+			"YYome7eS93wchIvNWFpgwF5A5XY=";
+		public const string End_Certificate_IC_05_03_crt =
+			"MIIChjCCAe+gAwIBAgIBPDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1JQy4wNS4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDUuMDMwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMYxdSZq7qRBdPOz6H+l0GGAtymAWTshfZZCubHK" +
+			"lQjbVq98qudORfhCOZgOy83j/mo2KAecBhxaxB9YA5ggWNAgaKtFvknvjFemtBCZwt6cVK" +
+			"8LCyUGKzStwAV1+HSDlHxdWo7pRwP0beXFvFECrX418osGt6E/v7Cz++ZtvaDhAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIgTuCLfTVa+QwEwYDVR0jBAwwCoAI9041oiwvHsgwDQYJKoZIhvcNAQEFBQADgYEAQRuC" +
+			"rAx9zzu9QwOq9weNit9PNgFHBpo3Gh9jPVYGJjOQxeSqqou503xi82H3W30FT/3ESCO7IF" +
+			"hfpr/uQZVEmUQnvDsVwbKvED1QF9qkTp6ILk38ITJJgfb+sdSL3bsUeNqVXd0C9wzVoErc" +
+			"OuoCulwkZzfoIOlO2YAjAnR1nUc=";
+		public readonly string[] TEST_30_DATA = new string[]
+		{
+			Intermediate_Certificate_IC_05_03_crt,
+			Intermediate_CRL_IC_05_03_crl,
+			End_Certificate_IC_05_03_crt
+		};
+
+		/*
+		 *  test31
+		 *
+		 */
+		public const string Intermediate_Certificate_IC_06_01_crt =
+			"MIIClTCCAf6gAwIBAgIBPTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA2LjAxMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDmutL9PY/BLXvXMEDQLQnWE7dCOsrLNvJiuSjDdznF" +
+			"vBz6WS/RqUr9zsDFknpOWB3Epo2syV4ZFto+v4VWNo61uaClIEsw5x1y0saG19px34KVpQ" +
+			"wkpvLeRZySdCydKdE1rptYR/JbHvPo5TU4mxOo6L7JeEwAvjSI4tK4rwJ4MwIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICBDAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQI1BB9j6Jyny4wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAajWMbY8zL8jS2VUjCPBMuIjUvBfy55+92EXg5pZnyNNwN1diZfJFiB" +
+			"rrPWEg3Fa4NMLgaDKWZsYkOcDDo8I+Qb9FsU9LphCzQ1ubIEuxu6KPX9X29BscFOxUnZCz" +
+			"yuzVfadACxi5Y7Bz5pN5LfC/jEb2iXjkdN5Rm8AqT81syIo=";
+		public const string Intermediate_CRL_IC_06_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1JQy4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI1BB9j6Jyny4wDQYJKoZIhvcNAQEFBQADgYEAxH4/" +
+			"mgACT847PyufmF1nob9TSqBj+cM5ye2bgv83gTVd3B1Gopr75Tnu4iP10d0PpSXjySWCjB" +
+			"0HPJ7BdxzkKxSrcM5vcb/jLdk9PqMUS30ohexsx1xK+E38pDJdLX4kbJ3E62AgyXm9WQlD" +
+			"9xsDk7TMXwuxHT4fX070HL6lWGI=";
+		public const string End_Certificate_IC_06_01_crt =
+			"MIIChjCCAe+gAwIBAgIBPjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1JQy4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDYuMDEwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAO1VOl25MTf068LOgzmQOmyh8MXunBrQ4t6UYuEj" +
+			"H7v+owR9JTDXpfzLPcYfkR+BH2jjISSHIJsUDesKVhpmhABNXcOI5tiRNkeDlV2zKCBXKC" +
+			"wFi5qkhrE8FUCP0hL8YzbybOrYZYSVEP8GgIgMSQcTvhN/Tor0o1jdJvRLmevXAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIFJA9XGd9UZUwEwYDVR0jBAwwCoAI1BB9j6Jyny4wDQYJKoZIhvcNAQEFBQADgYEApRQC" +
+			"OTU9cp16BHM2n0TdZThgj9kSAQ4wHk/dKNOjYNEWu6n/GQ0alxy1dyRzpsr058FOvft23Z" +
+			"Kp0YhdKG/7F1hkcoNvC2yN+Re44n7S+F/jcEPTWnOX6h1Nkw8OS7Uz2fZ8t61iHjqjX4sv" +
+			"M/cKP+AkC8g7p2tfdkP1fQ6ww5E=";
+		public readonly string[] TEST_31_DATA = new string[]
+		{
+			Intermediate_Certificate_IC_06_01_crt,
+			Intermediate_CRL_IC_06_01_crl,
+			End_Certificate_IC_06_01_crt
+		};
+
+		/*
+		 *  test32
+		 *
+		 */
+		public const string Intermediate_Certificate_IC_06_02_crt =
+			"MIICkjCCAfugAwIBAgIBPzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA2LjAyMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC0JoTnPaI/HT2eAqCW1204nRNjcA8EQSp87tvHLpWy" +
+			"5aafmxeJxvk5V9Ba7Ye8eY8yX9losbNUpHJFNdE46fD5qp/oS7Cn3NXA0dwIDQEn1X9vaz" +
+			"nqtZtMjt1S/yGv2xDOb2LKT9zRrqSvxGszCHFUBcJ4HDFJMAdhXPUZiLyXVQIDAQABo2Aw" +
+			"XjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwICBDAWBgNVHSAEDzANMAsGCWCGSAFlAw" +
+			"EwATARBgNVHQ4ECgQI7j2LO1CcsE4wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" +
+			"AQEFBQADgYEAfXIh0oYlM2pagAWzTuYqTl0NavtfqibPgolvhgIG/XmmjswHOg/JVCLb7O" +
+			"jIYtEG2MAD0xQXwu0mc9Deufed2embP/wc0qVG7rj7lxUq6p0aMQJNndBw4m9KlSnjdzyG" +
+			"lwE9pNd2BgEeD516J2k7dspCZHDw3qLer4i2JYoCo2Y=";
+		public const string Intermediate_CRL_IC_06_02_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1JQy4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI7j2LO1CcsE4wDQYJKoZIhvcNAQEFBQADgYEAJej7" +
+			"23qVtwkcvCTPb6afTosYMnVppPXWbtvqn0N5mAFHQfE27x1YPOXOQHBrpQuTyiUdUmPXiH" +
+			"xMKbuR5o2lfdQgew9hbYVk6GegSu+DBC1JKv2YSTgzgRAlJfyByDZ7mbJwZWHVHys08oGk" +
+			"adG6zstavg5EkEeRuAp47T+7cZc=";
+		public const string End_Certificate_IC_06_02_crt =
+			"MIIChjCCAe+gAwIBAgIBQDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1JQy4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDYuMDIwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMkIzl9+NRTZf/xaA8noiHRt65Zo6Zp57YvCKUe+" +
+			"YfoC8koMq12MBgrc0IyIfJoqEDEMfD1WbitZdGZMQZ7D9BP2Bk09NXLEAAuj+waFhYk0bW" +
+			"vHBH90O7HpMGmxwHmzOjDV3JHYsU8hq77/5gRFDNRkSCJe2A1Maj8Gcqi6tYf5AgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIYDfThEjNL28wEwYDVR0jBAwwCoAI7j2LO1CcsE4wDQYJKoZIhvcNAQEFBQADgYEAJiHT" +
+			"CjLGZK5Lyw+7ICDHs3eS1OGJH/wfsLcBP5sLER41qJfrXGTl2XdKvBMIpriUmJYzjkjof4" +
+			"bvS/VPDNlhI9AJadicW8LM4L3qpy7/YV4Dd/C/BJphJ6cZcT+hjaRKeC7gQVjMeC/npu/p" +
+			"jLgIgzf7HC4WYnaS3h9oYl0cMJk=";
+		public readonly string[] TEST_32_DATA = new string[]
+		{
+			Intermediate_Certificate_IC_06_02_crt,
+			Intermediate_CRL_IC_06_02_crl,
+			End_Certificate_IC_06_02_crt
+		};
+
+		/*
+		 *  test33
+		 *
+		 */
+		public const string Intermediate_Certificate_IC_06_03_crt =
+			"MIICkjCCAfugAwIBAgIBQTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA2LjAzMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCuUtIYFbVjg8VLLUqIEQ6r7hjTaqYVs8DJnJPHUWPA" +
+			"JW9HEIV+d6hj/so76Bff4KJRX7MgoXbvq4ivmn8656N7YSGk9GPuJ25SXK7RJyoqzG/x2R" +
+			"AVUCx/wG99VXVDZhd5ZAVBG2JCkHImsWAei6/Tz8UgXmmLBM8rZNJ/hNtTBwIDAQABo2Aw" +
+			"XjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAw" +
+			"EwATARBgNVHQ4ECgQIpwUlwG1W+sMwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" +
+			"AQEFBQADgYEAqJhUfgar10fl5qG+oH34s/JS3ku0dRm4cTQvqUNOWA9ALnBhSkmOpoMMzH" +
+			"sE9FXXcZ072a8/ecpviP04X5mt5QSLreh3hPVvgWv1LiZ9YkS4Z2kcr+3Gx7zj4gQgT5vG" +
+			"QPpbIBAtBRH5xNHIYQsk6kOe2+t7b0Q82Wnj8UoznmQ=";
+		public const string Intermediate_CRL_IC_06_03_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1JQy4wNi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIpwUlwG1W+sMwDQYJKoZIhvcNAQEFBQADgYEAKCp7" +
+			"ViY1cajXpbjCIqe8yo/98SQRIxoTNgp7EUaaV17FeHZ59nJhRtsF1XnLP4cK0lPBkKFhHK" +
+			"2XyDEWx2hK3X7Z3lSAtn12WFJHOP5T5i0DmYfMJYAFbuPD0JQEWCM3aYsgbXKbbFH1BURh" +
+			"L/uy3arVBP4FaJB8gH678K4J1p4=";
+		public const string End_Certificate_IC_06_03_crt =
+			"MIIChjCCAe+gAwIBAgIBQjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1JQy4wNi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDYuMDMwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALZw+GpvdleGlmdqZ/zEO2DUGhwgrsselBUNnEzR" +
+			"bcuzr5O1WwiG6aLjrPxIXeL1wLS1/u9AD9p3CQU0XFhi+bEI9+LLnt2y3707O+AQxy1PnQ" +
+			"6qmYE4jMwqDGHn8WVanN2joFT3isLH5wJD0Jh74eoG0tqCHUyOiXaZNo78qgB3AgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIJOeyCnvfJtAwEwYDVR0jBAwwCoAIpwUlwG1W+sMwDQYJKoZIhvcNAQEFBQADgYEAJbz1" +
+			"RipbW6uu7B+f2Ol1iq4AVOUuET2S9vi9ojReyAIka3q1XUceZCm5Et0KqpOoOLiu8IRuNB" +
+			"bvKwRcZ4hcVEXv5bRMqaPEK2B0VrRAV/Llj5A+RGn6yc1ZdkJeBRhoSsaHn5whfICaiJX6" +
+			"j3lMpo/CiMRViL+gZLU3SdKqvdY=";
+		public readonly string[] TEST_33_DATA = new string[]
+		{
+			Intermediate_Certificate_IC_06_03_crt,
+			Intermediate_CRL_IC_06_03_crl,
+			End_Certificate_IC_06_03_crt
+		};
+
+		/*
+		 *  test34
+		 *
+		 */
+
+		public const string Intermediate_Certificate_PP_01_01_crt =
+			"MIIClTCCAf6gAwIBAgIBQzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjAxMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDRkBhJJVgOXHjydAHAnokd/XfEiW+bnWd2ZPJrMBmP" +
+			"7TlvVpxOGqLd6lGdbelbSyAzut1i8lyYn9NSDR0PcyehCSS+MsKS2uNKsTEuH3mlMK/7C5" +
+			"B1qggKqE8f7opyl9+U+Qyi1WQj01gY6XYXaCxksCB0Oqx2737d7QWMvl15dQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIO1U69B4DBHQwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAcHWV4Q4z7C+IC4bWgIf1+BzkszCN+LSb4JquR7GgICESbwF2JzR+xL" +
+			"7yoKvB/NBcCqtMY4Hi1DHACbIGJwRe68vVHzz4CmYEK50UUCbAtiAiy9Od6wwrTyFyacBd" +
+			"CBjiO6mkFEp6jOsoIgXRfxK4kDNcMkGUUwMbSR/wZKFuImc=";
+		public const string Intermediate_CRL_PP_01_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wMS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIO1U69B4DBHQwDQYJKoZIhvcNAQEFBQADgYEAHtbX" +
+			"MUofQlCnbJhgLQw96jsBRu0Kdx/Rk4LWxEbZQOWNaD7aukASjEv63d1qZIDgpefuUNTz5s" +
+			"3eascdtI6iyWFtBO3r6tihtkkSbxocN2Rz7OlR4rW9VwuUirxP0145nMd5CEL03/CNABP5" +
+			"zUo1bNgswHW3z/RaH6h0j0yTkbo=";
+		public const string End_Certificate_PP_01_01_crt =
+			"MIIChjCCAe+gAwIBAgIBRDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1QUC4wMS4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDEwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALQaTS1wvv551g3BP9JYBMM+KXXLzxtOwPlO5NR4" +
+			"LwuJJB2WuO4vmbn8AG35in/0JqwjZeroLQvbCPxZseXsyA0+7cMO0qcjRJ5l5WdFsahT6g" +
+			"z1YW8pYYY5i2eDUkIRsM7roHMiNjt3zpkuUGX0xZQfAxhuWnRIvlGg5J4r7UOdAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIeyLSANVaTpQwEwYDVR0jBAwwCoAIO1U69B4DBHQwDQYJKoZIhvcNAQEFBQADgYEAvZ4a" +
+			"SQMNl+Q++D9yVaGr+37XJyxs4yow5e5YM9LXn1qBASQ+GNfqPWoe2cPCPYKj32yulxyFEu" +
+			"RHrbhpEQe+nrKWJgO9W1bmfwgQDin29ne/JCQPlznhd3EPFvCkmPLnTyJmSLR6B2VxvndM" +
+			"GO8JEbj3KCf51uf3VnC/Qj11mX8=";
+		public readonly string[] TEST_34_DATA = new string[]
+		{
+			Intermediate_Certificate_PP_01_01_crt,
+			Intermediate_CRL_PP_01_01_crl,
+			End_Certificate_PP_01_01_crt
+		};
+
+		/*
+		 *  test35
+		 *
+		 */
+
+		public const string Intermediate_Certificate_PP_01_02_crt =
+			"MIICfTCCAeagAwIBAgIBRTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjAyMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCkQQXRO+dnU2v7EbaqQNmfPD8v0s5Wa50hl9M1Gfr5" +
+			"5nuVUZs/RI//1VksTNrW10MVh11nsxpA/XRPntEIbHiH1OoECd4dnZBiA/2xEueM02fTjj" +
+			"fb/t7g+pr9dSU/TzCVZDVWFBcPn4VNz7BBqIrTAOXaJkyBZ8hh7vyiE1Y2VQIDAQABo0sw" +
+			"STAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjARBgNVHQ4ECgQIoTKVlZ8YCR" +
+			"AwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEFBQADgYEADhtnd6ifr6kyfC5D" +
+			"UWuAXLtoccMj8Jaur/1YT1DgnH1XbBsEeZwm9Jkzr1a3cXPIHgaHYgXvBeGUtZ3XhbCSGp" +
+			"8U6clJz3lm3qKPKkb5rdDrpdTaPnEJJjS3C4ZK1L7UZtQga2Enlelm5vIkhjsF3Sexe1kY" +
+			"mzqiLZZ8yLxJ/Tg=";
+		public const string Intermediate_CRL_PP_01_02_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wMS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIoTKVlZ8YCRAwDQYJKoZIhvcNAQEFBQADgYEAn94u" +
+			"sT8ZYNzfHIdnx0+fV0jglL0Kn1duz+ehKHow+RGqH+J9opMYuXVD+rVQnLdZl5LbFBcv+5" +
+			"TSP9WR9QtyoXar4/jmY2FFdBjfgO9w7p7OHD4WxblJmfPVOvrzFm/slZE39Oe5Qn4KlS03" +
+			"9tttEFTKDH3qREQbT6g4k4ExxYM=";
+		public const string End_Certificate_PP_01_02_crt =
+			"MIICbjCCAdegAwIBAgIBRjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1QUC4wMS4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDIwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANBwkwTWdZ977UAx6CCpXc9T4MX9T3/Tt6LbtY9I" +
+			"eXxI9W15eXm/aqrKiXhULB+oF9/qNeUi2fAtrURZ7hgHbTaswr8CZ3Uwc6Rbkyj2GGiM6Z" +
+			"8sKFztYZfFyGBiNEwfTT0yaUUQ6etIFqPuL/6qLvqXmvNPxFb9gjTH/azs/MdNAgMBAAGj" +
+			"OjA4MA4GA1UdDwEB/wQEAwIF4DARBgNVHQ4ECgQIW1/BRCbe3c0wEwYDVR0jBAwwCoAIoT" +
+			"KVlZ8YCRAwDQYJKoZIhvcNAQEFBQADgYEAPJg24q7wCU8CVlxFLchoe7txhkzApkVMIJ9G" +
+			"+QTnraHDn0CZS6undCsJw8mrTNBQPHFn2Ixa5lrPfJvwW4Med1bcJKbwR4TveL1WeYYq6+" +
+			"9k1kS/7KmqyKAKC/s504jAc7qgMd4b08oLxbGVfFVjWG/ZMbO770FrsyRHHs2rTOU=";
+		public readonly string[] TEST_35_DATA = new string[]
+		{
+			Intermediate_Certificate_PP_01_02_crt,
+			Intermediate_CRL_PP_01_02_crl,
+			End_Certificate_PP_01_02_crt
+		};
+
+		/*
+		 *  test36
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PP_01_03_crt =
+			"MIIClTCCAf6gAwIBAgIBRzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjAzMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDL/XgMvoeszcAzZqMYnv1At5u83Gb/CEX3fv6O1jL4" +
+			"W3XbdvBNIZpuTwQhTH4Iofk9rIuQdkR7xOmbk4AqZINuas3Y1CPdzss7teraK0CNralNl1" +
+			"jPYK+ClDBHt32Iw3bAl7RqWX73hl3YH6/7cvG4XCo1HqeeFFHUGa7HXGXq9QIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwAjARBgNVHQ4ECgQITMu5Qbn1Cm4wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAuCnzXbHg87PIYYRbCCiXKDKA3MOcEKuxpNaSbtm12DQWpnvzmaK5nB" +
+			"D/Ebko97CS7u9Tpwa7TmTyi39bYzY0dmVaotCDzfSTpzw6qHZl/w8riS+cKr0mimnjW1cq" +
+			"kGPyHf0zBBqh0liGbd7EOLIBln0ASrn8V+G4Tj0Q6aQVcko=";
+		public const string Intermediate_Certificate_2_PP_01_03_crt =
+			"MIIClTCCAf6gAwIBAgIBSDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1QUC4wMS4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjAzMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCu1Fq+gBJsBf5EjKKtNIxgdtgPMObby7tKH7fTJxYE" +
+			"5LPyPi/IiWQ5Mi/8BCG3zmQhu9ZdBbpal350qCGVTbaMlnpi98D4WwXSw7e8oHIJIK689p" +
+			"Q6Z5cf8hgwPnwDpYLeEaqxwhd4bu0x1lG1fUISA0ZZIQaEeNSJfdh15IkAswIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQILRhQwULcyPYwEwYDVR0jBAwwCoAITMu5Qbn1Cm4wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAlEVOqXcdeTU7wT0l+/BJhlG5iaAcanAsOaJFZsXPjLMSjhldQe11/z" +
+			"BsrrqjcpdctcmBarKO4MnwqVU9DN2RZ/v5Gps6OcPxj3T8wlrCGe4l6s9d1FncBMJ0RAUe" +
+			"QEn2JLkQW5JWRBQ00+RXJYFuIM6Ger2MipWj1oOciv9MMoc=";
+		public const string Intermediate_CRL_1_PP_01_03_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wMS4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAITMu5Qbn1Cm4wDQYJKoZIhvcNAQEFBQADgYEAycux" +
+			"rzvy2IiYfFkTw7QgGuBhxIQPbSIbfudqyUumuviHJkIMZpPwYj2wltjyiRaozrDAWq8mlc" +
+			"PsFYNr2lUYN5Cj4BhNQCNZlyBw7LLdzRgza55zVjmYkHWedyZm3kPWe7Y0w8xc/XIvi3iC" +
+			"qlwV+X85cgHNJarx3GEYdb7Yos4=";
+		public const string Intermediate_CRL_2_PP_01_03_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QUC4wMS4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAILRhQwULcyPYwDQYJKoZIhvcNAQEFBQADgYEAbcjU" +
+			"+8l6pSik8PcuIzWndAg/w8uRfAgR5W9hPSXZChlx7uM+48wK98DGEXuTkJcbeclZia+Mpi" +
+			"J5u3qG1zhoL1aHr+RqyJrjiWKC4/rDBuiUk/ftU54mrYn0qev3aSjf/GLtpcC8kC3gpqD+" +
+			"20bvxLjBG3Vc9ZrxDvzfj8cD9K4=";
+		public const string End_Certificate_PP_01_03_crt =
+			"MIIChjCCAe+gAwIBAgIBSTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMi1QUC4wMS4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDMwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMO0l0+X6jfT8cY4DumtseTryyIJ7h+nraogXmYo" +
+			"uhFGvMUWEAZVGD4x9QTTVEL/UCqNfzpI//Pp/uZpDudSgOX0ZdAbykObqCAEO85msK+eie" +
+			"8baS1cW1XGjCuWDqNZko3Uo3c5lLPlRMbZ3hjvA1zmYh3prYnOh032GZAArVcVAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIMh2aWvtm0mgwEwYDVR0jBAwwCoAILRhQwULcyPYwDQYJKoZIhvcNAQEFBQADgYEAigVE" +
+			"FlCgbgKLR9FWIiwnz1bZ0MKsfhytllCI+jGx0Q3o3CxCGXs9PvL6BPDdMOxNIT/oU2uG64" +
+			"EhZEjcZCnUknGx9OkkSSVq44P/pGuUx1g4Kx4i8gsJ/UPrPpYv/3heuMcKWCr92l33cxPT" +
+			"IU+kmAtqy0MBvBKL4p635+MSIVA=";
+		public readonly string[] TEST_36_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PP_01_03_crt,
+			Intermediate_Certificate_2_PP_01_03_crt,
+			Intermediate_CRL_1_PP_01_03_crl,
+			Intermediate_CRL_2_PP_01_03_crl,
+			End_Certificate_PP_01_03_crt
+		};
+
+		/*
+		 *  test37
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PP_01_04_crt =
+			"MIIClTCCAf6gAwIBAgIBSjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA0MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC9gxMP8j4L+ISffY9wkislQ/V5sO9LzZOncYK93lZf" +
+			"HXJG1MPSQzFPNzDLSc2zsilA03v6q+zr4NRrRWwWGmB34NGM4aqkoxox/7ngTn0MIq5gZ2" +
+			"eOx0FbjA9W9DHEceVDS6kgs9lFcN2W+muCG2/fGqQUED9Fzl9JSM/tE8XAKwIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIgdUt9H4i6kwwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAxPe0vM0BvormJLF5HxkyFcTtoombfDGANoLoyj+PTWRD6z1/AcAx5K" +
+			"rn/0J1sZo13M2ezaZUABbbpNH9X0OS225IJF4mXNpfkYhsz/+jNPGjRpN2p0K+DhMSawUw" +
+			"QfGv2x6f31k6WCdy/769i1mwKP6Rpph2nkRyYW8MwO0N5HU=";
+		public const string Intermediate_Certificate_2_PP_01_04_crt =
+			"MIIClTCCAf6gAwIBAgIBSzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1QUC4wMS4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA0MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC7YCtN67S/ItOzaSGqTvfEE483HoQGiQZ0ob3+0beK" +
+			"kmbSGADBQVBKe/sLJEKddyV2Gl8S4x+cKaKBWUI8lMZViJwWqVnyAFd8ZiAB/BpXaKKgP5" +
+			"pFsg10Yo/EtsxGlLSTLurst0azNnFv7ca5Hb8te3T91eaI6y59IjbsRgilSQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIGazrt+QRNCkwEwYDVR0jBAwwCoAIgdUt9H4i6kwwDQYJKoZI" +
+			"hvcNAQEFBQADgYEAUIz/MSc6K5eaIAg8skaAgm6rSPvcU/711b9G0qsIs6YqvEz4zhGi5X" +
+			"nalYYXfaSQzomuRuABNvuR1Ydaw/B9OdPMro0DhX8VpY6NzCL5Qj60/I4is5a+Hzgk82ck" +
+			"eAC3okPHbVMd7R9kdFsWNE3Capnv7rriqXO3vwFw8b9vXD4=";
+		public const string Intermediate_CRL_1_PP_01_04_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wMS4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIgdUt9H4i6kwwDQYJKoZIhvcNAQEFBQADgYEAkR24" +
+			"ebKfvEhDA0C7sawukQbv/q8mjSS3CrhA/oqeb8bML1IlW8rjHSXuRU/n3oeyAZuxLCAQMU" +
+			"TPG6Vq4dOu8XC1RY74xIm8ps4mE0xB8/nI5kadHUSDPtUZhNzc8tv+z7fUGRaVGL7CBEpq" +
+			"ICyQKYytCwxyf4xu2Ip71Uy2tuo=";
+		public const string Intermediate_CRL_2_PP_01_04_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QUC4wMS4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIGazrt+QRNCkwDQYJKoZIhvcNAQEFBQADgYEAjpUo" +
+			"XSj0HX7Wm4w1FiRBBazInGOhSQX9VP2GcGb5lfr3GKt75Y+C+C9qd5X25DVkA4M1gPBK+u" +
+			"XjSMQoHAmFJychQG23rcGcuDJlzRMyfvPCF9dOGLFdmkuHSo5hQUyYsxnXV8cWLIkR1AUz" +
+			"PtUbTJL9g98R/OJFsCBiPi+By6w=";
+		public const string End_Certificate_PP_01_04_crt =
+			"MIIChjCCAe+gAwIBAgIBTDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMi1QUC4wMS4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDQwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOtf65MaydWM3bmMT8tAGCX8gZkx1JlgQyBlJT67" +
+			"2APIkfmKRFK/dBtSwwCVGHZG4JYBrrwMpzUPrkGKYI6ZVIvvPnPfadZns9i5SM5LZFS+a5" +
+			"JfbRnSJd8dXhZsKHxqkxIWwG6+VgnRKXE/Uc4m8TePQJZEOra5ezna5yhvqUwPAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwAjARBgNVHQ4ECg" +
+			"QI4iNoMjKiXMkwEwYDVR0jBAwwCoAIGazrt+QRNCkwDQYJKoZIhvcNAQEFBQADgYEAmOjp" +
+			"2EupE1AmgjGfiGK1fk9kf39yQXK1EDsyO6KLdWL/bmWeYi/G7ZE57/+yVVADJuHI8xVIDZ" +
+			"LAC0u5p35OLgbcmmA5bs52KWJJfa0nbgGpVaUSMg9SkEGS997OsgExWMvYhdFIKXlq4Rwc" +
+			"ca89Hg1GlXdrpfD2OCDNBvcWB5Y=";
+		public readonly string[] TEST_37_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PP_01_04_crt,
+			Intermediate_Certificate_2_PP_01_04_crt,
+			Intermediate_CRL_1_PP_01_04_crl,
+			Intermediate_CRL_2_PP_01_04_crl,
+			End_Certificate_PP_01_04_crt
+		};
+
+		/*
+		 *  test38
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PP_01_05_crt =
+			"MIIClTCCAf6gAwIBAgIBTTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA1MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDFzEEzV/yUEORIOufyqpZzKpYz5aPyBbcDf8AMMCM5" +
+			"tEz7j39cf1f227cbrTcAaUfYFwkrb07RU4bTS2X+U2Ak7Q5OROz5rrZBbsfwF3yHhwHxCg" +
+			"KLjbwz7D+OJdNfv7x2HRckwfMUkmP4cEuJIIPwj1ieBbsnUi9dkWZePwl80QIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIjsCjmszYCHMwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAWMUBdOdHMB/SV5kPUk+zut9g/1v/GyxyB60mq9jGqjrIsk4a9JRqa5" +
+			"MWju+6kVfSLelAOCR24EQsXnZM/5Qqg3Wb/SFJXWDcBnfWQWgh8UmJfmPhD7jViG5QVIxn" +
+			"iALNCYtz373L+IDECLMO6S3wcTPsHdYv14jl6BKtabwIpE4=";
+		public const string Intermediate_Certificate_2_PP_01_05_crt =
+			"MIIClTCCAf6gAwIBAgIBTjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1QUC4wMS4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA1MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCZzdj+ixWCuxJGMjcoHUwSNqI9Wt9gYwXUTl+dWg/E" +
+			"lg2SPJP7lrBOibAhSmaTorhunUSEf2adhdxhuGrd5Ucp6G0oZAa6ZDWaID4rKYWsI7d5kv" +
+			"mrUhDEEdzk2s4PCoPiQm4dKwRg2rIvA5Dv+W1ldqSVSG376zVrQ5xdjDUX5QIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwAjARBgNVHQ4ECgQIUASviIKBmJgwEwYDVR0jBAwwCoAIjsCjmszYCHMwDQYJKoZI" +
+			"hvcNAQEFBQADgYEAa3c+0Drcq7iWP7K+gE6Mz/0ATQoiG87irXWfWBUGWtYnsh6K+1THMl" +
+			"ibmZjYhsztK1P5rm6qL6HAyw0PhrRE9imqZ16cgiMomh65BWQImOeiXx9YWIPvjXWsE6iV" +
+			"E31XShr9b9OZBA2+Zpydc3ID/SQzy9PiTAfL5yJiW/JZvFw=";
+		public const string Intermediate_CRL_1_PP_01_05_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wMS4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIjsCjmszYCHMwDQYJKoZIhvcNAQEFBQADgYEAZIzN" +
+			"pXT89MplQgcXcA/K7YKlf62QCbw3rE+bUQiumJMlNGiVdaNJ8T66ObyoOWE+s+KN/Oetlu" +
+			"HglQ7r6RG68gHYtZZiO6kmxq+wor65dFGQyRggpD+D47yioEgR12wUUksL/8oBW1pfGW2B" +
+			"dR4sNWjzV5k5EWbLYu7wxj2/ubo=";
+		public const string Intermediate_CRL_2_PP_01_05_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QUC4wMS4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIUASviIKBmJgwDQYJKoZIhvcNAQEFBQADgYEAlZ06" +
+			"h2L/89GvCtU1K1VtbHPMN/LAUYJrWFID1Eo+Cf/5wKEGBr8hxRtvshTK436zqVQRQN/XTq" +
+			"7u0SLxvIixNRErlmUlGByi5vumN2OA77SxOyqYLCnBXTd5tWbFGz/udjaNk1MxOK0MQxPV" +
+			"9R+HHUUVojRnAIQvlcqx/sMzU5o=";
+		public const string End_Certificate_PP_01_05_crt =
+			"MIIChjCCAe+gAwIBAgIBTzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMi1QUC4wMS4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDUwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALyBn2GKvoKNHcu3AEJRCbWOyUpCc/onvRoQgWRr" +
+			"wE7vMI7vjqnoR8mXdWDW5u9DFu9V5pb/yHBWn1zpgFGNnLrqn8irwR9i6Q+qlu4lXL5WSr" +
+			"DqBqEKxrOBDPgkVz8Ldjt/Hy57qEukBarvpAwTc4XEJPAmxNrboMeGCEn2UShbAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIaV3Cd/83r08wEwYDVR0jBAwwCoAIUASviIKBmJgwDQYJKoZIhvcNAQEFBQADgYEAVJXz" +
+			"gooT1qd6rdehnLxJMf1HZ6JuqpyoQjzWF1jA3SkJmBDMXvAkMmIcQ7r5CZHaVF0iMQl5JW" +
+			"fxPtM9Bws6jZhVL0TkwJHmbnSvbzUkJYeXPCP7ags4bu5I32co1nFVF6wf3aQDZeLFj/TU" +
+			"1GCQ4rh80T5oknuazD4xXAYx9sE=";
+		public readonly string[] TEST_38_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PP_01_05_crt,
+			Intermediate_Certificate_2_PP_01_05_crt,
+			Intermediate_CRL_1_PP_01_05_crl,
+			Intermediate_CRL_2_PP_01_05_crl,
+			End_Certificate_PP_01_05_crt
+		};
+
+		/*
+		 *  test39
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PP_01_06_crt =
+			"MIICvjCCAiegAwIBAgIBUDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA2MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCjeJAwaZ0cw6O76hu15XadwJiTsIJcXZxGAETq8H9p" +
+			"VJs7kJh57oLpO/lG8zG89QS9g1ozxaaGDWsSyXsDzv1eqDVZg3ISQu6XcKdDu8EwgQDY3S" +
+			"EGkJ2AidFue3l0kEwR9+rtsuVKd/P+ULF1hWcoyLB/sQD5z8GvIiDKyRBiFwIDAQABo4GL" +
+			"MIGIMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMD0GA1UdIAQ2MDQwCwYJYI" +
+			"ZIAWUDATABMAsGCWCGSAFlAwEwAjALBglghkgBZQMBMAMwCwYJYIZIAWUDATAEMBEGA1Ud" +
+			"DgQKBAh9i6tKUsPTgTATBgNVHSMEDDAKgAirmuv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQ" +
+			"B/Gxsb5lxSTN21CrjBp2aE+U1oTP2MpIFWUD1q8KWhZZF1iCQ7orcDVITqJPdPxDu1YwKk" +
+			"zOegc4YBSJzHZqF/W4Kw4wisMfnWLTsUAeP/Ucz4vXk5rsf7IRssFG6PLxVmtRZizoxl9a" +
+			"DO9abTM/jV8Mgi1IB6LdWgmtosBGBzbQ==";
+		public const string Intermediate_Certificate_2_PP_01_06_crt =
+			"MIICrzCCAhigAwIBAgIBUTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1QUC4wMS4wNjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA2MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC8DbqYUf437toWlRkOQA5PloqYQjWYpiR67yGSjQHp" +
+			"j/HlduTYFS4qfUbLCjH4qsNUH8yQDvogImQw5M1IQOsUAqO6mYFxjqUWccuOaHT6XfUaOs" +
+			"DDHr/tQUvhz3LJryaILiPlNcQF8QiYpujM1utVRyFpmUrMAlOvWUB93c/xUQIDAQABo30w" +
+			"ezAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAwBgNVHSAEKTAnMAsGCWCGSA" +
+			"FlAwEwATALBglghkgBZQMBMAIwCwYJYIZIAWUDATADMBEGA1UdDgQKBAgQxGVMTJml1TAT" +
+			"BgNVHSMEDDAKgAh9i6tKUsPTgTANBgkqhkiG9w0BAQUFAAOBgQALJtPqY5uROJ+2QYTekn" +
+			"fSUc0gC7j3/cngIvxGT385xDLTrd6TjYSi+12+vU7RNd3MIZoz1o7RpWQV6C751WtOFuZi" +
+			"iXeQ758aLqfhjYSVW/NHkO8vjrAMUzUbgjqb03k7q5JgtT6udB+9ySmou2/RxYW5p/IT17" +
+			"euMVGmQb/RFg==";
+		public const string Intermediate_Certificate_3_PP_01_06_crt =
+			"MIICojCCAgugAwIBAgIBUjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMi1QUC4wMS4wNjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjAxLjA2MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCsQqIx0ayxpIE8NduclvK1ubbNkXyvr0RDqnGOoyTj" +
+			"yMtnfnwRbclkFCNBdalZYofuTWP0reqvqGqsBj+RS3uazvDBqVmn0J0AGRiLILummgEFRJ" +
+			"ow8IB1hduDYJpDMrHRpfXpbG2H3fzN1XeX/B0hUZgdQ86GyK2qrmyIcyqZXwIDAQABo3Aw" +
+			"bjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAjBgNVHSAEHDAaMAsGCWCGSA" +
+			"FlAwEwATALBglghkgBZQMBMAIwEQYDVR0OBAoECNKJMmEWCA+jMBMGA1UdIwQMMAqACBDE" +
+			"ZUxMmaXVMA0GCSqGSIb3DQEBBQUAA4GBAKv9F3+Y4N8RX4bRZ4fFTKri2rrB4BsVrBFpOr" +
+			"SLzKnuyO1O5gg45d70pSHUAVBn3pz0f/6WwWLECq9tB7/Fphi0TyqeFmkRnysygZGlvLgs" +
+			"L19bpIgVPkjFFziMGuzdAFIGy8vnV19yJ2euMygEHr20yiGBUaHHnKyuOGbDg4i7";
+		public const string Intermediate_CRL_1_PP_01_06_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIfYurSlLD04EwDQYJKoZIhvcNAQEFBQADgYEARL4u" +
+			"DZvfcQDYanTfwU/hWAJDdDO7m7oQZLy3o0PTqXkk2Jd2v3+M2U8UN2PcuqZXT1lwS/piiW" +
+			"Sc1x1YndD0qUtV4bOZ9SESPhCeOc1lQTk5mMf/zqFxQqYv8rfDB5O3QY4bjS7QQzSsvmal" +
+			"TGCnoHmUJ4skmZJrQAzYnXyD9G4=";
+		public const string Intermediate_CRL_2_PP_01_06_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QUC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIEMRlTEyZpdUwDQYJKoZIhvcNAQEFBQADgYEAcEyr" +
+			"sgLhVq0L6N5fww/U6TW4lqaVAEtjqxluWRyZnL3AJLEHfwh1lllCG5dNM5fahGDOW/53fV" +
+			"+gW5l92bsi2D/lAkDfNUdQdi5ZpQG9y2zhTArUlx9z1+KXklCi2Gg1X22gi+cYbK2hfzk6" +
+			"kNGP1v42bjrkF/ECczpy3e41rEg=";
+		public const string Intermediate_CRL_3_PP_01_06_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMy1QUC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI0okyYRYID6MwDQYJKoZIhvcNAQEFBQADgYEAp3uQ" +
+			"Tn2HC65TFmSjzvjuStIJwJcVahNcTWiGdtfTalZrMtuC9vUgQq0K1QIa7QNC9C3hQlzb5e" +
+			"bO7JhJDs+5GZnnsqHN3pvdKEoueRfWBjUGpPnSGFD61ysf9aDFY2j9Amf3zcBFsXZs4+DM" +
+			"dIENndbjkwqCV4zRTajAqCsIy20=";
+		public const string End_Certificate_PP_01_06_crt =
+			"MIIClTCCAf6gAwIBAgIBUzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMy1QUC4wMS4wNjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjAxLjA2MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC+IxiNJMOQG2gx1xd9ELNuzs9LrVJVRLvgP0lpWrx2" +
+			"2HTEXPDB6YmrEg/YgyptmQ5Z4K6CEgJz3EdDOarCSGcL7DmcSEwEw46MV3piS5DrHwQ4GH" +
+			"a2/ENSh3lF+6dliBwbQR2necmQ5g8ekqkWNb65pLl6RCNGkntJpdu8w5GWbwIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIMf/eRyakKwgwEwYDVR0jBAwwCoAI0okyYRYID6MwDQYJKoZI" +
+			"hvcNAQEFBQADgYEADgpHRDgyPuK4dc+m2p0IELHUAK3qsdTZzBXsaA0rkkk1aRjI6DQ2qg" +
+			"b4crRU3spQgYwBC7KQYd/hp8Lk17iX6fdV/9wol0DxTGhamOJA0uRl768awRArf4cEUElF" +
+			"uWPN8D3wJEfL6BWgReUJWg8V9HEtdvXZZgzFN/CgHRkQ2RM=";
+		public readonly string[] TEST_39_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PP_01_06_crt,
+			Intermediate_Certificate_2_PP_01_06_crt,
+			Intermediate_Certificate_3_PP_01_06_crt,
+			Intermediate_CRL_1_PP_01_06_crl,
+			Intermediate_CRL_2_PP_01_06_crl,
+			Intermediate_CRL_3_PP_01_06_crl,
+			End_Certificate_PP_01_06_crt
+		};
+
+		/*
+		 *  test40
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PP_01_07_crt =
+			"MIICrzCCAhigAwIBAgIBVDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA3MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDs3Z/FfgJOyKp+Ds8xiQBM053cWylYbD+g+zuWDz3d" +
+			"nD0eF77TLPITL7hwI058Pn3tXHlveuKMFqbvzWUgFXaBoHmmRohIj1eqfJQhlmKLjlSYyC" +
+			"N4xhLVi7vg71ZjFdRk1k8ME1HDfpb2WXqXh9LyRYY8b/aqL+NHe1PUDbT6FQIDAQABo30w" +
+			"ezAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAwBgNVHSAEKTAnMAsGCWCGSA" +
+			"FlAwEwATALBglghkgBZQMBMAIwCwYJYIZIAWUDATADMBEGA1UdDgQKBAgvehPxsTfSBDAT" +
+			"BgNVHSMEDDAKgAirmuv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQBpdMBEONGcpFitMN1ihf" +
+			"W441E4HVTQwtF+h56aagVFndUF1gQsVEdDNmvvN/jdlzXotcfdEj1lOahmcwWbPOlNx3PB" +
+			"LUPAcaNM9SCrXWi1gKJK3gXC2OAxj0mT5XhfPlAdfhZXTBZLqMqebmk6kVwa+VyPPZFHGy" +
+			"BW0fV2ClJ69Q==";
+		public const string Intermediate_Certificate_2_PP_01_07_crt =
+			"MIICojCCAgugAwIBAgIBVTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1QUC4wMS4wNzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA3MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCrO/98w96Bg5YTTmtdc9sL8AOABGcYx5J8E1Y7/GhU" +
+			"2sInc/j0dtBbE0Tj4KFIKpVLD0m2mTyHVCUA0/QGiS1Tq6DzmZW/V36Clya3CoX9rDTJyU" +
+			"cKHpgntV19fFAK58aksyKCdP9jjLpbSspzOlIc+mVW+hkjgw3NcuY6fAOQvQIDAQABo3Aw" +
+			"bjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAjBgNVHSAEHDAaMAsGCWCGSA" +
+			"FlAwEwATALBglghkgBZQMBMAIwEQYDVR0OBAoECEmeATXRkM5EMBMGA1UdIwQMMAqACC96" +
+			"E/GxN9IEMA0GCSqGSIb3DQEBBQUAA4GBAG/Qv60jyImedUXtCYl0QpQ1Ne2ZLxvUHRLms8" +
+			"B1nXC/Rze7zfz5cwiyQn+6XN2rhuYFdTMDEFZDIjeeCLNllfan4GUAdRGtoJnfoLOGLlQf" +
+			"RW1ONc80cxd1NTxHqxOtqpWdoJQEn8070WLqQPACEs88XYKBZ00sF9ZdSg5vhHUu";
+		public const string Intermediate_Certificate_3_PP_01_07_crt =
+			"MIIClTCCAf6gAwIBAgIBVjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMi1QUC4wMS4wNzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjAxLjA3MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC+5b7o4iWl80ntDMKGcnquLQDTGlf6Gy/8y34Vw08/" +
+			"8ij+nuHMiKpo6UCF0OpDcnkJ2ovvMsY5dAb5ErhH64UbnMlKbghnGv0sVidtipoC8u7ey1" +
+			"YUIzDCdmbNvTfho6IXKzH8ev//K+FJd3qBuKHl9u2Kk5+igsyb+bPSid7d/QIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIUDKu7h5EQ70wEwYDVR0jBAwwCoAISZ4BNdGQzkQwDQYJKoZI" +
+			"hvcNAQEFBQADgYEAnKhR3OvdgtVtmio7ikCvjxlSoKVbUleazxONOxHUAKdXEv0/mSOTwp" +
+			"hPPIoE2xAqPOOHvXPmzmJpPADjrfhU6afJ7ThDRFTMk4ZLOkT1SvRlymK7uWhj5bhUgi6S" +
+			"UQ2LUmrY2hIN4cTrrzZvDw2Q/6UIuqpmySXEOHDL5T5MXEo=";
+		public const string Intermediate_CRL_1_PP_01_07_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIL3oT8bE30gQwDQYJKoZIhvcNAQEFBQADgYEA4gZR" +
+			"71wRXNdxWe7kaQPAw44UUw+cN1bDBU0RV7nwYAFDYxDIaDGOfjhUVTMBq4rb51S7uqIqYS" +
+			"F6j7BdLXl9WVRJobfkRH0t0cBnuSeQRz3ckrZrCuvyxb3PEL3pbf0UH1i/BfoG+EHJAY7R" +
+			"OVOL/dyoXeX6ehH6ImGhucDixS0=";
+		public const string Intermediate_CRL_2_PP_01_07_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QUC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAISZ4BNdGQzkQwDQYJKoZIhvcNAQEFBQADgYEAfzKw" +
+			"NHrl10PJDHa3olBYXYzXi94zxDsEQSIb+W4pPXUfDZijPqL1NzapLqc/uL1Sl28GmLDrbm" +
+			"nCrlMn1Kt/gI6XndOnSyC9Sg6WDxAI3HTHxlG5MHLBn9Lb36CHobnwep1BMo8zl2clh0Kz" +
+			"PIxQSGXM1BDpHkwF5eoFAolDih4=";
+		public const string Intermediate_CRL_3_PP_01_07_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMy1QUC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIUDKu7h5EQ70wDQYJKoZIhvcNAQEFBQADgYEAj7+M" +
+			"EeIe1GmJpbRUFqbNrDvT5tHjKQMNdbe5Y8F920U5t0ig1Up60kc7hs7LH57i6R/quPOpym" +
+			"a9Eo9Bql+P2Bg9FELih5/a4B021TZBmmdSI5fwQZ6Q5PjgG58Zl2cJitNYvGi7tVUBojA5" +
+			"CSN7KBMyipia9ivxm9a/llJPrQY=";
+		public const string End_Certificate_PP_01_07_crt =
+			"MIIClTCCAf6gAwIBAgIBVzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMy1QUC4wMS4wNzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjAxLjA3MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC/RmUcYHxgQRHCUh5cMug/J2o8DzYbT+2pIehJkNCr" +
+			"zfqemV3qshLdMct5GV73oEkG5b6n7tj3/hI1TLh/A3LQpKROAGZybdo9fk4Pa0+6V6ql/U" +
+			"NnSpcAKct/f3IvchGo9nBGdi9aE+j+xKhMM6E8xj1+Jc7Z0xz7zE4+qRbeZQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwAjARBgNVHQ4ECgQI/y572lfRyH4wEwYDVR0jBAwwCoAIUDKu7h5EQ70wDQYJKoZI" +
+			"hvcNAQEFBQADgYEANl9zdMKbaq14OP45PeK9D4ftOSuliW2di1qAX38FQoWPYLLoaDU0Q1" +
+			"9I54PDY/UYRR9jKDl1WPhV6cD+65eadtiOZVr/h1CaW/HxTloouzN4z1zCXMC7AxZKo+EI" +
+			"XLN8f4w7hKLFYgf6gP9+iVi+T2gKfH5Ch2zjRhlmGFRgsBQ=";
+		public readonly string[] TEST_40_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PP_01_07_crt,
+			Intermediate_Certificate_2_PP_01_07_crt,
+			Intermediate_Certificate_3_PP_01_07_crt,
+			Intermediate_CRL_1_PP_01_07_crl,
+			Intermediate_CRL_2_PP_01_07_crl,
+			Intermediate_CRL_3_PP_01_07_crl,
+			End_Certificate_PP_01_07_crt
+		};
+
+		/*
+		 *  test41
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PP_01_08_crt =
+			"MIICojCCAgugAwIBAgIBWDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA4MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDDe20HLq7R8b0fWTsEiNV3Z5IbQseZ8QCW+1cb6yM+" +
+			"ArKLJDnXx8zmTHSHQCpw3G7xhGsxA1btm0cSC5P/1bw/kFWsSLRe2NFF6oKU+7c+cgIUMB" +
+			"kzyXk+kpWAQRb7hcb50iKdKFtO8gMNGMAxlHRI05/1tThyAs9suI4TrxTS9QIDAQABo3Aw" +
+			"bjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAjBgNVHSAEHDAaMAsGCWCGSA" +
+			"FlAwEwATALBglghkgBZQMBMAIwEQYDVR0OBAoECFxr9vgF31fKMBMGA1UdIwQMMAqACKua" +
+			"6/nC51SPMA0GCSqGSIb3DQEBBQUAA4GBABaX7TYfmSyVmzGCVbTFweUuPilo4wzy7z/w0x" +
+			"y4uSaM/YMtixUdDPpTHOJNYDdeV85v+w9oezdL2ZYAaGn7tldC6k8ouq/6hOGGST+ziHJS" +
+			"gTOD8UVBQPRPvWEwgmDIprnzrVRz8rG6uqslXNiBDnO9BMGpRo4dy8YpOmV6BPCD";
+		public const string Intermediate_Certificate_2_PP_01_08_crt =
+			"MIIClTCCAf6gAwIBAgIBWTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1QUC4wMS4wODAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA4MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC8nLZcMLHYKxVqbhwJiqQbAYhf7S6ck2O9AhNor935" +
+			"Bfm7/8qVZbBAotQy1PoCjSW0UYdknDolWvi8aAtO0f9XVrAv6BZVVW9j3osIGN/XUThaN+" +
+			"9dZ83kGpyjeoitpGK4wbFNDteuBFYp+8gFNupnX7JQwUK3aGwBUucbe7puRQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIL0xyFYBk4OcwEwYDVR0jBAwwCoAIXGv2+AXfV8owDQYJKoZI" +
+			"hvcNAQEFBQADgYEAPk+Lys0Ueoyhp544EH9Hqy9+gY+l/+N99v7KvBlZWKuhkwZDE+qAYT" +
+			"P/SOPsWe8ADZE2iQ4pOlpK8jSqtJSdK69RgGL9omLnR04L9c/zKLArBE+VmoV7mohcQp8x" +
+			"aB4q/g3QnAqwfFYDjIWW3H6gRAeQ5MOtKdz/4042fJxc5L8=";
+		public const string Intermediate_Certificate_3_PP_01_08_crt =
+			"MIIClTCCAf6gAwIBAgIBWjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMi1QUC4wMS4wODAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjAxLjA4MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCvy6bNOyVaP8JTwiySFa3Sj+rdSqzkalK5gA7DLk4q" +
+			"AyvnAK64HgbCsb8dpnSi94WBDsocrQ4C1Ltoahc/AZyRVLA/REsAh1r3/0FALZgYiIxvSF" +
+			"m3ihKb3P9URBbotzhl1ahRZPSrcxKwNXEmxB0gjixGW7GZTARq3Il5ressRwIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwAjARBgNVHQ4ECgQIwFtfZBe/KqUwEwYDVR0jBAwwCoAIL0xyFYBk4OcwDQYJKoZI" +
+			"hvcNAQEFBQADgYEAeZhpIDEYyV/LkOtUf1TryemJExQ1jdfirJ3AUtoFIoWz1p9aqnV6Po" +
+			"GAMozjtdyotfSA2O8c065DwD+CvUXPmdD+2vWpX/2hJPj+x++UvvntAokD2UE9HCeEvBHK" +
+			"rr59hvKKd6GChyhAjLris202eTLIiMEoyZy9X/Wt1nXF8/g=";
+		public const string Intermediate_CRL_1_PP_01_08_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIXGv2+AXfV8owDQYJKoZIhvcNAQEFBQADgYEAhkwT" +
+			"E/EGAe32J883qVrh1wG5xQzO/GGfp/zuDYGL2k1zZ2zq7MajKfzBoXXQ3WPh5dTK1sy5o5" +
+			"boPHG0pge0B4/2JvuDVS539+9HAPansUNsrMXzOblg1acjdKtuk4oS8PIYkM/lbA6yJl6F" +
+			"QMbdIthWqa2gjaWKll3R8fVUjxI=";
+		public const string Intermediate_CRL_2_PP_01_08_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QUC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIL0xyFYBk4OcwDQYJKoZIhvcNAQEFBQADgYEAN6BQ" +
+			"sEQT5YCvs9vlUSdG4gjTgNkyQTCdmSIcufpK4MG/AoW/Fn5zJXxiMyHmvT/dkk/UOf82/s" +
+			"41YI/Inz4qRmGF4IL7jo+l7V+OI1n+Vf4ClgZU6ocb9d1dFoBkJu3xI9dcWK6ExpzaBUXw" +
+			"rPJilV4M5luGbszdDCs9cLjmiRA=";
+		public const string Intermediate_CRL_3_PP_01_08_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMy1QUC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIwFtfZBe/KqUwDQYJKoZIhvcNAQEFBQADgYEAkmDx" +
+			"t+r59llppKmm9mSTof9/BX2rNyG9LfIH7wweoDi9be2vYOLy0NU1kJ8f3/muEw2v7hWDri" +
+			"k9ROLDFnb/S8MYVT0l4rymRhpshPF1uMTOZmfJUCfTX9jIaShztSScqcGSP0a3EUfDD14R" +
+			"1yMu2pdlMM35llE0lV3uf/eUNr0=";
+		public const string End_Certificate_PP_01_08_crt =
+			"MIIClTCCAf6gAwIBAgIBWzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMy1QUC4wMS4wODAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjAxLjA4MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDTWNp6Oz39wwU8AFDzYVs3UfVvXg+t6j/qFavnvllI" +
+			"NO6aU1o4Hnk1wfmTPZPErc00/MfizMSumTYYRl21hEZWhjNO5uQIHrF9V/4OToo2iOfsPd" +
+			"gxwpSokwxcl7CJyadwUxhRDYCLhSORXoCK1CPQZjwb+uQz799O5ozb0WVNYQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwAjARBgNVHQ4ECgQIO1TNJtWwaiIwEwYDVR0jBAwwCoAIwFtfZBe/KqUwDQYJKoZI" +
+			"hvcNAQEFBQADgYEANmP9hyFnYvi8gdtRe8ERoEG90NwoyPTsB8sXd40f+Sm1QxKqMPzKPL" +
+			"7bOtY12JGwZ55a6HFVgpw4PnU+0iOcCMHS5OQQLtyirxX2HfioiXEmcmRJT6FvLHrGIHGv" +
+			"KNcfc3rUiksdOb6+j2k8x4IwQ6pBEHQwY8U4Y4DgqALlqM0=";
+		public readonly string[] TEST_41_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PP_01_08_crt,
+			Intermediate_Certificate_2_PP_01_08_crt,
+			Intermediate_Certificate_3_PP_01_08_crt,
+			Intermediate_CRL_1_PP_01_08_crl,
+			Intermediate_CRL_2_PP_01_08_crl,
+			Intermediate_CRL_3_PP_01_08_crl,
+			End_Certificate_PP_01_08_crt
+		};
+
+		/*
+		 *  test42
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PP_01_09_crt =
+			"MIICrzCCAhigAwIBAgIBXDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA5MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDJqSSqGjgI3JUJfA/XkloAOg2QtZeAGp2nCq1Oiply" +
+			"MTjJpMpEOSRYrEIgKMGnBPq33seP7X/obCT2jgexmbFT2TmPirM+h1aqbGQ7QAqsx80BdE" +
+			"ofdcfiNosLbbzli9qFrbarO7fJfBhzraBFGDJj3N8nLi2YtP9IieFYJ/MhKwIDAQABo30w" +
+			"ezAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAwBgNVHSAEKTAnMAsGCWCGSA" +
+			"FlAwEwATALBglghkgBZQMBMAIwCwYJYIZIAWUDATADMBEGA1UdDgQKBAiVRMrZuHQ7VjAT" +
+			"BgNVHSMEDDAKgAirmuv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQCetZy9JMzUVveSPE2fQY" +
+			"4fRVChyvIc9nCE4wbzhnRl3zduBGmAwTFr7dRWSFTnEq1c2b6B5nJtCzmt4Ovapf69sIlM" +
+			"s3iV16eBB1WTNCY8YlAsnmZ7q/AR0t0vX+hh6QV6zN5xqulOM4Y8csZEx3RWJzV/LjE5w7" +
+			"mKvofBEUoqQA==";
+		public const string Intermediate_Certificate_2_PP_01_09_crt =
+			"MIICojCCAgugAwIBAgIBXTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1QUC4wMS4wOTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA5MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDWUTlTieoi7aLGUYOAgqUC2J/6JarOWfv4vobpwjAA" +
+			"DjvQGqg/GCZP7FgD/72Z4YefZKJEFZTDnYfmy2qh6iBYxcvLsJ+PJGzPCObNSmyq8gpeXy" +
+			"KKEeCZtEev1tSywTT6E5Dhee4dX0QHE4ydZEliMMXGRW/8ffT6x54CPwVylQIDAQABo3Aw" +
+			"bjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAjBgNVHSAEHDAaMAsGCWCGSA" +
+			"FlAwEwATALBglghkgBZQMBMAIwEQYDVR0OBAoECAMhmGN8+qXoMBMGA1UdIwQMMAqACJVE" +
+			"ytm4dDtWMA0GCSqGSIb3DQEBBQUAA4GBALNjokGrTnWsPn5KrlO+g3R8tAGM90JQDjfrap" +
+			"xWM+nN+dUVVdGU6w2pAOAq2UhfySiP42qiFChnPK9oOqPF2Or7/kcmXZzBfZkE/FnJGNUA" +
+			"gs9je1nZvTPQYsF094OqE7QdJi2k3seA1tqejA1kihMHpwQNmIp8bFpqn4dPO6ys";
+		public const string Intermediate_Certificate_3_PP_01_09_crt =
+			"MIIClTCCAf6gAwIBAgIBXjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMi1QUC4wMS4wOTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjAxLjA5MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDHUpHhF4ANNLOywnvpqyDgzLMtatW3ZxgLBBRYk6TE" +
+			"jMgTVKmRasVRTA9uatGG4b2f70YWs9cOd4ylQDqPEDdKNZ47bqZdX6RAU3j1dO9LBwWDbp" +
+			"NvZ3zuDBRDoCZClIcBESDYweaZ9nUgKl/WxTeCnMwqkfSJGYBBcHIonRPnGwIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwAjARBgNVHQ4ECgQIyppef22OmjEwEwYDVR0jBAwwCoAIAyGYY3z6pegwDQYJKoZI" +
+			"hvcNAQEFBQADgYEAOySUCY+PZxomhWgTRSKRodOIe/QSfCMSC+0iw24a2TuJzFLjN9pSm9" +
+			"0C2PqWbfwD1uDjrteO1NK+1yhtIDySiptR9GmR/fhL7NJ+z7M4fEJBjjeeI9/aEIuHuBFT" +
+			"TVHfwsJxnZtjujtOdl56B825LsKW8Otumd2A43N9wIgSyBg=";
+		public const string Intermediate_Certificate_4_PP_01_09_crt =
+			"MIIClTCCAf6gAwIBAgIBXzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMy1QUC4wMS4wOTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjAxLjA5MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDR8/c35YqAswoRMgQswlTbKB9oYEzrFSC0G4dt8ydP" +
+			"O4PyQs+J8wUVrRVMiVDTLO9rUnzR1T3iA0dqM+SvWMIA8pMWKyNV58f73ZPJIejhxMmOZa" +
+			"sSLHceMmmMRy1zyk38i3ZJP3YhvxffTjWyTZ9k2xSDX+6KNnkiKkJSKpl6nwIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIpcWcVIIu63kwEwYDVR0jBAwwCoAIyppef22OmjEwDQYJKoZI" +
+			"hvcNAQEFBQADgYEAckgV11ND/D1vfPEMUbDGUvtmsziHiSuEoDLJqSAhOmcX+evKWOfoVo" +
+			"f7og+0ajuul7yuB+7YX1AakOw+33k++Rsgg4o+ImZq3+VScpgnIQ037OOhgH3umwFRC0r3" +
+			"NpWqhmQuz+mHnKiK3X+IDsQOFkhnpNs06CQSZzmrzbYlQU0=";
+		public const string Intermediate_CRL_1_PP_01_09_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIlUTK2bh0O1YwDQYJKoZIhvcNAQEFBQADgYEAkEc6" +
+			"qHGOWZXYTQ5fsWyJgEtuJyl8uJ+gMcikcMut5SIJTTtOz+q3wclYDevT8z1MM25kNdgwyg" +
+			"b1bwHNAG8I72eIDtGfLrChFwU3qpvVMTG9gPYJb05Q8On56nsBu/PnnzJervzxjViaeOuv" +
+			"kjwwfmWqGkyiK433WxzgPqE48eA=";
+		public const string Intermediate_CRL_2_PP_01_09_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QUC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIAyGYY3z6pegwDQYJKoZIhvcNAQEFBQADgYEAV9Md" +
+			"8PaNoIlT7WIwnelqrbwsR66vAaT8w3gu8XDYXu+MOYThfyERUvtH6AUrHWfiRvWEzKljHH" +
+			"3BQB0Zsa9Zz3U5cLzJcqtqDc1lH53aIA8MflrfMVrYSF684s28FikcukmA5Fw3+7S3TJ18" +
+			"Hq7plHwTCidVD6yG35hsPwcjTrE=";
+		public const string Intermediate_CRL_3_PP_01_09_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMy1QUC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIyppef22OmjEwDQYJKoZIhvcNAQEFBQADgYEAjBaP" +
+			"V/TFQtDLxQFIBCbfqhlgpOfvJBatjNuvB0TuD2rsGS1eaLNfTfyVKlOLpxoKwKYMu36kIO" +
+			"l/+KEPDq+ofy7uDZ6GLK3KZ/WiJyriqBQjFCvlhNTW1cjA7Ejk2lOM/A46mrUS9xC+aITh" +
+			"d+/UYGt6O/e256cOwQCUaF2z328=";
+		public const string Intermediate_CRL_4_PP_01_09_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBNC1QUC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIpcWcVIIu63kwDQYJKoZIhvcNAQEFBQADgYEApZ1l" +
+			"w5SJoU8zeKwX5jpVWiFFFomDgKsNlkkX5mF88l0B6MiYbGqJIowJRfeIlxvPOf20imN7Z8" +
+			"l38DRXFacDQP4y5kxM420dp+ljQL5q9RsrC1+OS7I7TGgGwPoZTO4mHVk8nx9MyT+kW1OU" +
+			"x9qRYWN0CLmP22kutYBndny222Y=";
+		public const string End_Certificate_PP_01_09_crt =
+			"MIIChjCCAe+gAwIBAgIBYDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBNC1QUC4wMS4wOTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDkwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALiOjwwwUk1HNwf2rdzPL2okKTgL+lMdzhC7cbq3" +
+			"6A409EY7iipPCcsDsheo9EaTNOHV9xjWDqOhqjA38h4hGNkRUVOlTW2r8SoHISn3gDXfrh" +
+			"aHbU3owscAmt1nuA7rzo7L1eBPsisIIxAY16uAmVN5RdiAAaP8VUdshcNI4/1jAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIGZIY3nffEXowEwYDVR0jBAwwCoAIpcWcVIIu63kwDQYJKoZIhvcNAQEFBQADgYEA0Svm" +
+			"aqjaeQx/lnF223xlCTsU7XzOxbHetRWfeCTw0QrWQaTrKjWTS/TNyzLhGuPBFg+NTTvWML" +
+			"gzteo/WWdF8+d2rOis9FVRCe/Euok6ZCL/xgzaE86ZSQg0jj6458TpuC2cszSaifRSlhL5" +
+			"ogy4ADWgJxdVcBrgADo6QZXkXXw=";
+		public readonly string[] TEST_42_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PP_01_09_crt,
+			Intermediate_Certificate_2_PP_01_09_crt,
+			Intermediate_Certificate_3_PP_01_09_crt,
+			Intermediate_Certificate_4_PP_01_09_crt,
+			Intermediate_CRL_1_PP_01_09_crl,
+			Intermediate_CRL_2_PP_01_09_crl,
+			Intermediate_CRL_3_PP_01_09_crl,
+			Intermediate_CRL_4_PP_01_09_crl,
+			End_Certificate_PP_01_09_crt
+		};
+
+		/*
+		 *  test43
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PP_06_01_crt =
+			"MIICozCCAgygAwIBAgIBYTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA2LjAxMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC4mu1oBHB9BeorCFJIuSw5tszmmYBD4bjTklsAfjrz" +
+			"OknQsYxEoHfifpdgivh1fMUk+mK5YWUz0G8/edquKbJhPBTTWp8opsGzTATsTLSEzkKbVM" +
+			"DQ84ttxrhJWlrVRlouZTnD5HoLUvujY4EdydmKsjj6UBt/tGL5EKodymcEtwIDAQABo3Ew" +
+			"bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATAMBgNVHSQEBTADgAEKMBEGA1UdDgQKBAiGRi8YRte8PzATBgNVHSMEDDAKgAir" +
+			"muv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQDHOaIki9TogVJn54FRPl+7FyzBJ2DnR4RTM/" +
+			"q1K3COWRdtvmGqtBBtAccxWziQJ5TnAQn1XA0cFPoCgymGPRcUz+0+C+3VhJ/m9LggVP3/" +
+			"pjJEG0fsmJtUYPyphUlXeUzf4qSj34SlJws3DIHTR8ozAR75HZmlMRnxyZBLl+jAng==";
+		public const string Intermediate_Certificate_2_PP_06_01_crt =
+			"MIIClTCCAf6gAwIBAgIBYjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1QUC4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjA2LjAxMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC2rptuREzhGfEJ3U8ILPBq+z0s+aafMvBRHpqkipDq" +
+			"bC7v9zpwg1K18F4MYiATpPAEfdEeprKs0mWfdusF93BoMBVm1y0zRgDRUNdyB5GFO8g8+2" +
+			"yNEO6L37c1PwrMLnvJakaqwbbnwlcMcKtLHoX19fyveQQg5DNj8WcKZj397wIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIJPt6qKdFeYEwEwYDVR0jBAwwCoAIhkYvGEbXvD8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAkFJGNze9/6YX7Rv8FR9obFGACIJ7Om4YQQRW9WM9pEDgKls7g9b9El" +
+			"dJxLKOlWoRoYZIrbEam19traE2O3dxqRevPoYvfAqkR089BkxH/cFYyfqw64IpjDG84dsY" +
+			"XieajI/Ov/HjgF0VQKF3+Y1ZiDjb2OHNgMkqs9VmUHaE+94=";
+		public const string Intermediate_Certificate_3_PP_06_01_crt =
+			"MIIClTCCAf6gAwIBAgIBYzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMi1QUC4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjA2LjAxMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCzxfyi52gw/5tt6/9aNAXdY3wZYH1GifzGoN4cg8Mt" +
+			"++5xmTdrc2A9/5biaTUVC0x/Ml6mm940NA9mM/EoEu4SdnP2crNCIFHWNlYz3cJtYJ68rE" +
+			"rEU+S0gnYaYRiwNGhVpAjV+FPDr0Ghgp5rYQ61evAhmRuNAFwYocUw80G6JQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIZ9yMlboxCIEwEwYDVR0jBAwwCoAIJPt6qKdFeYEwDQYJKoZI" +
+			"hvcNAQEFBQADgYEATNnRMQmvTxRcSMUL4pa5bejuX2Ixy/OfZIAlJWt9AfLW2tHmdAaGpD" +
+			"GhTHKfyQQ+HrIMQ+lXau8Yu6nzWXAY8pKpKD1Hbd355VE4dYZ7aPvcAulZHeV0F2EFn09x" +
+			"qQ1frHDRoCOc11B5qV5hnwgDE/ByZh1+OWUcR4tBQKyEF4g=";
+		public const string Intermediate_Certificate_4_PP_06_01_crt =
+			"MIIClTCCAf6gAwIBAgIBZDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMy1QUC4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjA2LjAxMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDB66hLZx1WGcCqmOxHK/rotXOpccJQOB2L3kpWP1M2" +
+			"ZiWufUguLw45XShdqu31OgmGw0/w9ugwy96aRL+Tiluj4xjIAxJCav5cXF8Dt2Ex7hjIHm" +
+			"XV0rHbJUiduHEh3fQphgtzlR4QxG6i/i4SbcsoJzsws8x3qOqRPaWDtyWs0QIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIyZsLNvyyIZEwEwYDVR0jBAwwCoAIZ9yMlboxCIEwDQYJKoZI" +
+			"hvcNAQEFBQADgYEAc7G4BAUsQeqNp/Kv8TKJckfxWygz54PrkBICNw/eGuGamVJMRkYCP3" +
+			"yJ8NW4jY/rfxzKKyjVB09XuNBLDwYdR5Z5UHSg6Ijes3j8tehZ+9DwEQrR+WQf/adHIsxn" +
+			"/347MHrSQF7CJzE9tAu6AOu53lKxLeH6C/5YI611or2Ql1I=";
+		public const string Intermediate_CRL_1_PP_06_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIhkYvGEbXvD8wDQYJKoZIhvcNAQEFBQADgYEAC7ev" +
+			"Pqe0veUX+zF51d/NiG6VwgEwOP1HlzD/saDn/FYXStTQDwoIyFjmZ9z0yLGIaVI1O9BWVD" +
+			"CTU3bCU1dBg61Blo3rI3TlNqmGrYRUSJ857QM9c/G+/+V0XJ/HgId39Pufd9Tob150XNMs" +
+			"9h0PvqjhYjG1bARMRa8JB4KTBU4=";
+		public const string Intermediate_CRL_2_PP_06_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QUC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIJPt6qKdFeYEwDQYJKoZIhvcNAQEFBQADgYEAiUbi" +
+			"qQ3X/hTgjhpQGDZi/7EnZcqSgiAFMreV30/mav2NtXDITE9DqZzCS9x1vHBp4BBsQwYVvp" +
+			"XvLVSgns4pFwR+0Whc+tPo2j9ScePq3sICsqleWTN1DvuoP9rBe8w7pDN4guA59Kbeku75" +
+			"5CMA5YjiTUomK4UaqI3htwkBlWo=";
+		public const string Intermediate_CRL_3_PP_06_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMy1QUC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIZ9yMlboxCIEwDQYJKoZIhvcNAQEFBQADgYEANowv" +
+			"f/scWT6FFT393XEpWcTnA18hBT5Nkddw6mHjKBq7ndtBQkydMO8Wym1IeQ2qYbAqu3ifNZ" +
+			"SKF3PfgJjYPBKImzJdHTKfcclMC5H8Y9JDN0voeyONr9NiXcoj+p24YNYjb+PFI6avRYo7" +
+			"Xyrqvwnvng/IY9zLtc7SYYUIODk=";
+		public const string Intermediate_CRL_4_PP_06_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBNC1QUC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIyZsLNvyyIZEwDQYJKoZIhvcNAQEFBQADgYEAsnA9" +
+			"ERwsi2mK540oPL45mLdOjGnet7+HhNk14q0hvALTYGB1vEjijc+Yvf6mHJGRbiG207BpJ1" +
+			"DWeWBY8TLe4YJXlSrWwx1jD46rCt7gdqXAdLpMo+i35yfQ19ZqeWcRLkspmczoUJLJaJza" +
+			"eLRrnjv62GLJ09KVKpZBGhV3SUM=";
+		public const string End_Certificate_PP_06_01_crt =
+			"MIICbjCCAdegAwIBAgIBZTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBNC1QUC4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDYuMDEwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKrLB7XA0PKY0qtSC5lMBvvIvbyjBM8XmANrN9Wx" +
+			"66QxEuloRAz0D5uAu7TnJBv6qNuIPGFl74yusKCSkjEkBMdVpBCfDvpG1/Tz3sALSlxmnz" +
+			"xbK2ytOncbYuYrzvXttx6wkhLrBLlnfuwpZwGZOr/Pt6WwQJWjXxgTNJ6dcgXbAgMBAAGj" +
+			"OjA4MA4GA1UdDwEB/wQEAwIF4DARBgNVHQ4ECgQIv0gg7LxDM+swEwYDVR0jBAwwCoAIyZ" +
+			"sLNvyyIZEwDQYJKoZIhvcNAQEFBQADgYEAgzlxBGGOBvHw20eOzSswMqrHopNMcvwuEO+Z" +
+			"Mr0h8U2/HIiRqKWQaxMyM8A0oULGJny3B/0WtkfVQ2EIibZGiKIjC1RPAB3QmL0vgSyUmF" +
+			"s/LZbzugpJW6jvfov7N4O+u0J5rYniRxa4bgrXa89TY9kwDMbr6/z4oiI8bq3gEsw=";
+		public readonly string[] TEST_43_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PP_06_01_crt,
+			Intermediate_Certificate_2_PP_06_01_crt,
+			Intermediate_Certificate_3_PP_06_01_crt,
+			Intermediate_Certificate_4_PP_06_01_crt,
+			Intermediate_CRL_1_PP_06_01_crl,
+			Intermediate_CRL_2_PP_06_01_crl,
+			Intermediate_CRL_3_PP_06_01_crl,
+			Intermediate_CRL_4_PP_06_01_crl,
+			End_Certificate_PP_06_01_crt
+		};
+
+		/*
+		 *  test44
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PP_06_02_crt =
+			"MIICozCCAgygAwIBAgIBZjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA2LjAyMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDjg5+XWZwW1gLAOldsRshbCXmUCmt1Vs+oZsvyH+6d" +
+			"2PwKs8ydrz+oD0/D8V7cRXucj7q7cJSLhEY1wJoTTgrWeRg1hQioAXzPW3ZkaZuzhpi+cC" +
+			"qeZzN5nPvqK18GWvpffNbUUVfOuaHzzHmhmhgQyZaNG7JHwpWM10UMzMawOwIDAQABo3Ew" +
+			"bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATAMBgNVHSQEBTADgAEFMBEGA1UdDgQKBAh5am+tkndt5zATBgNVHSMEDDAKgAir" +
+			"muv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQAF0h1iaxxZUp43AjP5gSvbW6JfFRW/ugH9SU" +
+			"n3e1B29LMH3F/ML0joVhPx5CIVpX4nfaYzdeje9+E2/bHMBGSCFeHz9S/KoBLLiI0GNhzh" +
+			"I6MytvPMPRx7hkuROouQ69TnslJiGCcoo+MD0fA2YwO1bCtyLdeVHYhJZWQ2Sg8PHQ==";
+		public const string Intermediate_Certificate_2_PP_06_02_crt =
+			"MIIClTCCAf6gAwIBAgIBZzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1QUC4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjA2LjAyMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDF4KSKxo8HvQ59E77LcuLpZ7ujNDjb30KB+EbIuRmy" +
+			"khXAkhq2Rp2Iqd3OhC0AXmhSF+enJq3h0dqyxNWP08SIuK5ia3OIeatl1UgEyukuAnrLuI" +
+			"A7PFUQAGZmDG4OuHv28zza4n/SwfCaKfi8qatIwpwF/29ycB8wYBrHThQD0wIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIKFZV4vjfOOQwEwYDVR0jBAwwCoAIeWpvrZJ3becwDQYJKoZI" +
+			"hvcNAQEFBQADgYEAuj8P5ga8Xv9eFjk4AdRMx/Fj/doRAOLZfs+OnrduRXPLe7CFKDxhFx" +
+			"xYOma8In08cgXVVnRR+2nZ54h5qjCYpskGNx+yZRY8+HW3XXE3KpS7QgTnc/1XshUy9VGm" +
+			"2qX0k661f2d3KnSKiKVKtM/y/j/nNyxPugDz1Yy50NtzQOE=";
+		public const string Intermediate_Certificate_3_PP_06_02_crt =
+			"MIIClTCCAf6gAwIBAgIBaDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMi1QUC4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjA2LjAyMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCitrzXkbO4hAQpBRQE880MFBPq84umX9pyKbV3iMqK" +
+			"Z7HBYwZOvEwGQxG+TX1PIj0Jz27oyvoqpLeMkbn9L3K0BuS0AZKlWIOGPPHWpYTDoQCCs9" +
+			"Mba1evVT/1CMxESsv2kgf49YHMs/6TtxQX0qj5TQzXrkM6CMBc5zyPBDWORQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIxLES0WIVZQYwEwYDVR0jBAwwCoAIKFZV4vjfOOQwDQYJKoZI" +
+			"hvcNAQEFBQADgYEAdQeDAOFys//2xUFwBilhqr32/jh4gT/ijxRjG0msKTYXmWcCQv9Tms" +
+			"smtIMtiwwnByhjTdQAtOmEyDm/CFW0/NBnxlRvqZKt+PRtscpExVy7xnnm2MBITTa+9xkC" +
+			"A361jSDPnRPEOZoKdMRRzNnW4f59m0huibeFNRYJ7y8BnHs=";
+		public const string Intermediate_Certificate_4_PP_06_02_crt =
+			"MIIClTCCAf6gAwIBAgIBaTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMy1QUC4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjA2LjAyMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCg0yQG7oewLD2eFfPuj2DPBgT47iEri2IVeS/r5hUD" +
+			"nZhxzT2/+UsQfiS+ufdC2Xq+QAcXFcAifPbvRs9xo2q0uLz26mwSq1TH8ilHLKatKwJ/Yf" +
+			"hcRAfEWDwhLJGRhZ7YrKu8xczZgyxwaeu5m38lEaLIRyaVfVSrw8WhN4z4ewIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQI/dKmuI1u6I0wEwYDVR0jBAwwCoAIxLES0WIVZQYwDQYJKoZI" +
+			"hvcNAQEFBQADgYEAOEcMpdSAVKUzQ1A7LJnWOh5Tul6yXw6qMsdZNGOZ3vYBXH3vHnSHvp" +
+			"MqJQ1JIX/4XSiKF8En5dVI/ooNabgyORpPnLGDvrshvO/09iaDlQXxWRsoGAFhcIe7Ibp+" +
+			"3g6hnBO5U+0pbInioKVYf/1VyZSUK1QQMutshMIye/8gyZw=";
+		public const string Intermediate_CRL_1_PP_06_02_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIeWpvrZJ3becwDQYJKoZIhvcNAQEFBQADgYEAEJ28" +
+			"g5iyw3ZOqs5ly7O2X0YWtgKK3BnPztxygCUWO1xVy/QbMM5ybAU/UPbJC2pUnkOZMX+h30" +
+			"RYp/kV9w2o15V1hxj2M0tR8fQ0WXudwi20pZO56uHb+WSaETOmPVoNH5efeXsTvtbHQR5w" +
+			"95L2vNeEzJEy1l7S/sasUUoQvqY=";
+		public const string Intermediate_CRL_2_PP_06_02_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QUC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIKFZV4vjfOOQwDQYJKoZIhvcNAQEFBQADgYEApLIK" +
+			"X/YJYhSfn7yLTAlKjnhpH1QDlFeaE6/+uj6j7ZgpK6HBjHOvfwbrjurl+L3ZTLrY1FCL4/" +
+			"SUgXrJxbAyMANlg4Z8u6o73F9cur2gi3sgv5d6FjJ8VwuKYWY2dwZNeXwlWE/W0h01Vd9H" +
+			"QVuctFxzQaJQdQBadw/XqzvLlyw=";
+		public const string Intermediate_CRL_3_PP_06_02_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMy1QUC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIxLES0WIVZQYwDQYJKoZIhvcNAQEFBQADgYEAE5J9" +
+			"wJKAb3veF4GhHeoIgy6JvMsrjv7d7dhT+ZIKq+wPNk1909X/Zo1GXxJSjMaMgkLlXa0QN6" +
+			"LtSJxbyMRCKSJfqTKOezFXirZ7MEQ04FT0z6Hp0m+E2Q7dGs52ZOV3YZBhQUlH+aQ8WNu2" +
+			"6clf4VqBiUYgGhkE95PhN5AAnOU=";
+		public const string Intermediate_CRL_4_PP_06_02_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBNC1QUC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI/dKmuI1u6I0wDQYJKoZIhvcNAQEFBQADgYEAKgk1" +
+			"HJ7OW203z9H7jNGxoLCN9bGDKOFcWlWuruzXWOAn+AomjSZpqZkZU1qyKrFaKM320sfn8C" +
+			"ZJPnVWaVMLBLNddDRWUjJrUHtNdnnZEuYPYlRVb0MmwaxHHR0ZBUIaniqoLuvtQIB9N++T" +
+			"bu4cjx33mN6MX0oWr4Bbq7ovPnE=";
+		public const string End_Certificate_PP_06_02_crt =
+			"MIICbjCCAdegAwIBAgIBajANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBNC1QUC4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDYuMDIwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANAr4hFku3Y6jI+vD6JTRFc7ZLL9tIxT7Mq+QcDd" +
+			"rRHgSEXhPL3MM//3ZFXca3w4rXOUVQyANQncywNM3uwl7T9jC0MD2kJ9PsNGQL2bQcSajX" +
+			"jrxT403PVFsa6ZrLMU0hwomSO4nJBLCJj3i1rlX9esYbRNCqzep2OMWgAWRUsrAgMBAAGj" +
+			"OjA4MA4GA1UdDwEB/wQEAwIF4DARBgNVHQ4ECgQIMBvQP4Q8w2UwEwYDVR0jBAwwCoAI/d" +
+			"KmuI1u6I0wDQYJKoZIhvcNAQEFBQADgYEAnmNf+3jJp4mo4YDznASTMnrBBdXuskhnRXSQ" +
+			"Gj5dNq6PxEXM+CmBhaNlnFYcr7UCtcD8XwampfyO52tvAZW5kWQKsxyowVtsxtwkAtj6/f" +
+			"trIeulIM0B1xjyXJshmVST5u6gZ3OegsAyuqyAbo9B1IvkNFOldt624aEG43jq7ho=";
+		public readonly string[] TEST_44_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PP_06_02_crt,
+			Intermediate_Certificate_2_PP_06_02_crt,
+			Intermediate_Certificate_3_PP_06_02_crt,
+			Intermediate_Certificate_4_PP_06_02_crt,
+			Intermediate_CRL_1_PP_06_02_crl,
+			Intermediate_CRL_2_PP_06_02_crl,
+			Intermediate_CRL_3_PP_06_02_crl,
+			Intermediate_CRL_4_PP_06_02_crl,
+			End_Certificate_PP_06_02_crt
+		};
+
+		/*
+		 *  test45
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PP_06_03_crt =
+			"MIICozCCAgygAwIBAgIBazANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA2LjAzMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCrUMqMxZ4sSrH6sKv2y6nYKagLvUHaforCnf4z/5O1" +
+			"PeldaW4ANtNPA8SkVBES/zoKgvrLJUmqRi4b+BGhCVqLU77PvWyiPOS40tpJfw7m9pPK53" +
+			"aeaLC9M6rarjdOvF8MkdtytCMU/Ef1NsuJULwEP+XB90k4lHr9EzbgKhXvoQIDAQABo3Ew" +
+			"bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATAMBgNVHSQEBTADgAEEMBEGA1UdDgQKBAhF0iXZmlIKsTATBgNVHSMEDDAKgAir" +
+			"muv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQCmab7noekyx5TzxAqWoQiC9S/aZJtvLkuH1p" +
+			"KiZnclMpRvIL1CVOukkzLTZXY0EcCHnXuVGjw+9vmiQWGGw8t6TGCXo/CtCo934HGBxOfQ" +
+			"MVysEjst7L7TDQsqxk4j9O8cU/TFWsghW9Ihu7SVIn8RJmknKMB2xkIhcDe8S8dmxw==";
+		public const string Intermediate_Certificate_2_PP_06_03_crt =
+			"MIIClTCCAf6gAwIBAgIBbDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1QUC4wNi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjA2LjAzMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCmT7wL9WwWBr1oY9bHIq4IrJOkbOARK3zOeyZSbBBB" +
+			"zxcky5kjC9pamMpyZjga+q0CGd2rq9eUjQ2FXZsBSgf/X9B0/g9trNMebYgGnYmHHX2JK+" +
+			"doyAX+h3afDbZzZ696S0Hw7yRx00+teQe/Gx4h4qKPwbJIW5Bep9SBysikJQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQInXHgY/+onu4wEwYDVR0jBAwwCoAIRdIl2ZpSCrEwDQYJKoZI" +
+			"hvcNAQEFBQADgYEAhlboR5gzYWluWIaFM5R1Ko0/rprrv5BHONRiXjLfAPkzZmd7FLDE2j" +
+			"BlU7s7IenICeST4c7HG5zqBigK1814GG75nq5htCGUnM6pn8/gvc58+ckKeWgbJxC5I/0u" +
+			"olCCs8ORbWIEGWmghGg1USxeI1RQwXGgE8XwtabVibJOVBk=";
+		public const string Intermediate_Certificate_3_PP_06_03_crt =
+			"MIIClTCCAf6gAwIBAgIBbTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMi1QUC4wNi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjA2LjAzMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDEouRlqTFQiJQSwc+yhjpvA0dUIbRrNwLF+EPfUWq0" +
+			"FV1UV0a5lb5BGPW4RGUEbFwsgGCHsfLiY7WmUpC1e6332PZPnrnoJbf28paeiZ8KqcAKZE" +
+			"pGPWKCmFBwBW23q1w/v/CxcXJoBx5OC1yxG3fGH7CZSzc+4Z/+PxLk9yoASwIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIc24GzUM6/LswEwYDVR0jBAwwCoAInXHgY/+onu4wDQYJKoZI" +
+			"hvcNAQEFBQADgYEANLxcLvJqjyu94HN+X6tTxGcN1s43kQh8yRGotW2ptuA2jmGlAhI8QQ" +
+			"sXHO0o0bFLBC/Uv0L0YlEJhK1w0ct7Awwn4UYgqupxug2f84yamcvFa1es3osIMJoi0GPz" +
+			"1WDBM711efRtbzvK6t/4fJ01nG2BlMeEbctVqrehuAip4p4=";
+		public const string Intermediate_Certificate_4_PP_06_03_crt =
+			"MIIClTCCAf6gAwIBAgIBbjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMy1QUC4wNi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjA2LjAzMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDNuzSN3BiT84M3Dy6KeTQkMqWNuYGTENWPP8WvQ0Ot" +
+			"ggue/lemC+IqYBtIEYtk3A30eKKnF28WIbPlB3oSykrPVV5dMhYGF9ysOtp4wyETHtzdv0" +
+			"7HyqlMHOCPiFplbwjUSo0uEIRVgS3luBJi9onTpcn97/i0S7VsM2nooooaowIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIDjpr8w0dRq0wEwYDVR0jBAwwCoAIc24GzUM6/LswDQYJKoZI" +
+			"hvcNAQEFBQADgYEArE6qUMnjXiB5eKiAFc9Elw1dYsQArtnDQAfFGtShDulxYKq9+pxory" +
+			"4kTMUZZCJc7awEC11tdJp7xJGcpjCJl4I2wBcHiCcVcnwQijqM719PqoQKydXB9MSrXqmU" +
+			"2CyakSzBpb82VooVNx0IZ3h0nXQSE3V0qSXXCaImJcOIGMo=";
+		public const string Intermediate_CRL_1_PP_06_03_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wNi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIRdIl2ZpSCrEwDQYJKoZIhvcNAQEFBQADgYEAQrHK" +
+			"VV2MJPJLNdPoEuqFXRTEclSmYhUWC5lthK0JnKUbCUj2cMAku2UdN5sRgVG0475dXV2nvn" +
+			"huxy+IQVt5OJ+PNZ9MYZlC2CfYsBiW9DEYMA603XhVvX/bxx80MwxNby18oyo/V9ycSyJw" +
+			"XzUmzYRUtohHk39r3eUSAt5H7zM=";
+		public const string Intermediate_CRL_2_PP_06_03_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QUC4wNi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAInXHgY/+onu4wDQYJKoZIhvcNAQEFBQADgYEADOEh" +
+			"jV8V8y17mFstkVwigOAKURbi7sD24RkLd1QG0Bn21JiwpkGY8Z4vetQps+VX586xKzz6v6" +
+			"Sj+TJk3jfHCiEAk6a7PLxRcVCCi6y70mzEBCwn6fS5NDfxzxYYLgq+dlUiVwqXsHksEvUz" +
+			"2Z5dpuLhbUGxHiqazNE9iq9pEEE=";
+		public const string Intermediate_CRL_3_PP_06_03_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMy1QUC4wNi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIc24GzUM6/LswDQYJKoZIhvcNAQEFBQADgYEAK/zi" +
+			"r7ASgtWA0xGQVrqhHsXH9bdaj+FceW6ivoXo3z6xCFLvzu2uenEu5g849+YI0KMomHsDAY" +
+			"tX8qO3XEaLGchbhIfywgRVDlSF8ytMKhJTS05R/vZSZAl+eoT3mC92Grihsd3wublyNZ7a" +
+			"d925Py/oFp3J+geUkKJQK+RVu4M=";
+		public const string Intermediate_CRL_4_PP_06_03_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBNC1QUC4wNi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIDjpr8w0dRq0wDQYJKoZIhvcNAQEFBQADgYEAcBag" +
+			"81RFYMBAf8aRP5VXPcfu0OxgJvVE25ZHGLCkLD4TPKAXMjZMHWrf34+5FW7aigDO1YhGA+" +
+			"2zVtVj8k71DichiCCGXQvH50AqFgeNXNQwn9WcpQ8rRkfmyhlccfeM+MzHI1giRw/RjvCN" +
+			"0dfJL9g3c7peW+VCKn85REZ1ne4=";
+		public const string End_Certificate_PP_06_03_crt =
+			"MIICbjCCAdegAwIBAgIBbzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBNC1QUC4wNi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDYuMDMwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKBSOacrUg5H5yuISkqmJuQcK2ao+Ib0FmIKCuek" +
+			"8mm2HEiux+K5/yIAYsQnz9eDKzKWaS73exPniKOXABHaL6dxsptbdBqWB6II2kIl0BFz9P" +
+			"82qjz6DMwpUhj5Pwfy5q0Bz8grTe31ZYP19y8AHgcWna+eiY4fNVXVkIEJOJ6tAgMBAAGj" +
+			"OjA4MA4GA1UdDwEB/wQEAwIF4DARBgNVHQ4ECgQIaZQ3Q55so58wEwYDVR0jBAwwCoAIDj" +
+			"pr8w0dRq0wDQYJKoZIhvcNAQEFBQADgYEAnNYKc2pSFZ9PtR4gQyVI3j+gQ97tcWu6Alxm" +
+			"4T48fSb2KtFGuozJyCv0aYjtuZ9ava9r4v04lyFPoAjWYbALHC9F+vz7JLNr4VstuMdy5O" +
+			"ax+PvJjKGACSXD7QjXJ48qvm+v8OnMbkzf8+rY3LoTJ2KhXo9Ey4+UmU/YuZ0PXuY=";
+		public readonly string[] TEST_45_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PP_06_03_crt,
+			Intermediate_Certificate_2_PP_06_03_crt,
+			Intermediate_Certificate_3_PP_06_03_crt,
+			Intermediate_Certificate_4_PP_06_03_crt,
+			Intermediate_CRL_1_PP_06_03_crl,
+			Intermediate_CRL_2_PP_06_03_crl,
+			Intermediate_CRL_3_PP_06_03_crl,
+			Intermediate_CRL_4_PP_06_03_crl,
+			End_Certificate_PP_06_03_crt
+		};
+
+		/*
+		 *  test46
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PP_06_04_crt =
+			"MIICozCCAgygAwIBAgIBcDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA2LjA0MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDFoR/YTJlGYenu2IRsTiT6jwIA7yOnFbM9JXcqYIP5" +
+			"jSgtn/wVztPHgVWP+582foXJ+oEcThQVZ+RBXYt6VU5o7eVCsGJjqMd0DbRzTO+poelVoY" +
+			"1UEJMrKG0xSEex0T6XLQ+jPU9o5tlXoLYsXvpvbIrCJ0o8kuk4MWTzenDKJwIDAQABo3Ew" +
+			"bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATAMBgNVHSQEBTADgAEAMBEGA1UdDgQKBAgVwXynYDSYEDATBgNVHSMEDDAKgAir" +
+			"muv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQC6MnYM9cY3CNb7/KKZvoaSwF/Se5iZYnbdPn" +
+			"WCnKydnN1AhlDN3kEw0gjTmZo/MkvPqku2aPzg5EiZ0eyeJaR6a4aiICU9z/Hiet19mBF6" +
+			"BtAUdt0fJ7aL5WPAc4BKXUbONd6vkQNv8uLcBmsqZ4wXDj7ZVBMGKcuDq7uClb0xYw==";
+		public const string Intermediate_Certificate_2_PP_06_04_crt =
+			"MIIClTCCAf6gAwIBAgIBcTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1QUC4wNi4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjA2LjA0MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDHqX/4IZpOCsHWgdJ6mICN94nXz/KqsXPNymadVdZA" +
+			"nVU0fHdMcxehAvsBKju5d791Psly1Xyyda8KQ0BKPgGed6jNKb89JzuEtPBov0VMzskqwR" +
+			"irjaDCwYKtibiDe+T/kEN9Sq5pbexHcaTbAIeQrAIoSUmGdQ/Up6PYplb0jwIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQISKcQDqdBecUwEwYDVR0jBAwwCoAIFcF8p2A0mBAwDQYJKoZI" +
+			"hvcNAQEFBQADgYEAkAQaOoZYAZOCk881Ro+SIclAj2lp+arAkWPP/gwN4/0lpH62eWqlmY" +
+			"okWRBjk6+iwCgRxQ56uUjJhE08p5juZ5V32ie3RW+S1ZBPtL/T/+Tqp9HNQQ3GjW1yc/yI" +
+			"sWQxrd7QKzTER37HBiOr5WjEjn+dzuWlJtClcQetqMLtMgM=";
+		public const string Intermediate_Certificate_3_PP_06_04_crt =
+			"MIIClTCCAf6gAwIBAgIBcjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMi1QUC4wNi4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjA2LjA0MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC2tnVj8KHGCm8XBPvDYWZMp3yOKQxuORze6a764qIC" +
+			"hkdO7hQbgJ9YiuAF/y62W17FnbhKPX6ninaZG0N77bznKvivSC3+T1jIVhw+kpxRh9MRya" +
+			"L2p+zHJEyO/9JaKWzJZiVi4kebW+hwNgSZc7FSYsAbW7lr4ujDei/yn/AJEwIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIaAEiWf4JpfQwEwYDVR0jBAwwCoAISKcQDqdBecUwDQYJKoZI" +
+			"hvcNAQEFBQADgYEAHNsZDCWtOqt741IJNA9OwpymTA4ES1BRJquEvGj5+4RH2pxi67bYd1" +
+			"kWTPF1qFC2R1sugSNhbU0wOBMdKUJtKWNacPsK0HbD7CPqt4THOcMXFO36b/2gqHqy9rc/" +
+			"slWuIwbtT/tEC+Mk67GEATWNPifoPT7TjWHM3RhsDnagZXw=";
+		public const string Intermediate_Certificate_4_PP_06_04_crt =
+			"MIIClTCCAf6gAwIBAgIBczANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMy1QUC4wNi4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjA2LjA0MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDgdk/smDJ5yZYJDH4SG7pIDCzGNZeLO9RI3ybOx4/B" +
+			"M3YQu3DDFSOv8kq6PgL8ThC8Dk6t1jSbT8QVzaGgx0KMV3p6pIMdaVNkOjVjUb+L0nXVfr" +
+			"XYpFLON6tZLgh8oIbiz4KznKmsxo6VdYwyUeHmkpGcL5y+8qLspCNdRJnDGwIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIgSY376EamQowEwYDVR0jBAwwCoAIaAEiWf4JpfQwDQYJKoZI" +
+			"hvcNAQEFBQADgYEAEztvmGSVnDGGeNlIoR+wfRM8ndJogvUxLBZm4N96mDZ9Y+Nr99Dqvw" +
+			"+mMI3BU0miA5kDO9aFrKIgow3cpruoedhnBUsxTfhrNaFEwp+ORUb3tWn7sSxLfnTim4Vq" +
+			"y6j/EfUK2CS4ZAy7J5BADWSqDezPnrb5UaY1JFKMuLyGRac=";
+		public const string Intermediate_CRL_1_PP_06_04_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wNi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIFcF8p2A0mBAwDQYJKoZIhvcNAQEFBQADgYEAPlIW" +
+			"SxwW2LE8qxeD+M+HypNwai7j9XxUA2MhBbGVnsrhH+DKX5VeyP/nyZn2hBoGWhs05IpG2P" +
+			"S0odnyhbgGSXSj+IOfkZkVT0BmuEJmqv75R15LBzeyONks+eSEhoOIGAaIN4WgJ5mzjSrI" +
+			"ddDu3c4s6QO/OFVrNF1F6e4laSU=";
+		public const string Intermediate_CRL_2_PP_06_04_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QUC4wNi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAISKcQDqdBecUwDQYJKoZIhvcNAQEFBQADgYEAE5wt" +
+			"y3+jVnr8de/Yi0LV70v3JDHimwG2pQcuDRhR1NLPr4oC+2uxMqwxVzdHITDb3yI2ZT9pVh" +
+			"PV3UvX85avMdA0/JyaMWSKNpbSah1eNfMwMBY2vzh1Q7f5n+7HYYM+I2kz7HARPvwsLP9d" +
+			"j4mY7Kq7uiOFdnQzJ6LWjm8qEMs=";
+		public const string Intermediate_CRL_3_PP_06_04_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMy1QUC4wNi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIaAEiWf4JpfQwDQYJKoZIhvcNAQEFBQADgYEAOm2f" +
+			"m3IdcDnIS915tEZzDmIbTFPBkIn0wjUreZKb9uNxE2a8Jixq+UP2uiyYWiWmXnRdVB1Gsb" +
+			"ofc5f8ctNgSPVTSYB0U5apIauXjV0y7WMUrLNrDFa5m9lxLRhF9kvXVL8zPhVfMpujnXre" +
+			"A8WS4UjDMuveyQL6yASGoZvB+Ps=";
+		public const string Intermediate_CRL_4_PP_06_04_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBNC1QUC4wNi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIgSY376EamQowDQYJKoZIhvcNAQEFBQADgYEAznK9" +
+			"ekskl4uWU+2Xqp3Pj14wvXuzfPAqFlHR0jl5By7T82JRiRa6LGX6T953vcwwJBsYG1hMqH" +
+			"pgbnUGB8APQ6YNXN+7ZkudaG6fMVX6bCr8zT+nVSj7PHIK2VFsC1Jpm5SoQMHH6DFit/oH" +
+			"tm4tdV8+nupMBQn1ZtxQHgUUF14=";
+		public const string End_Certificate_PP_06_04_crt =
+			"MIIChjCCAe+gAwIBAgIBdDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBNC1QUC4wNi4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDYuMDQwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOCVJmtrW8Z2WGGRNjEgyp2NJn1xaIVDwlxL4C0n" +
+			"UAPpo1WM/rarQTYejT2Yo8H39TdRfiAlggF0Qsce0W//atey8WewGsFlUem6a4OFwg1X2h" +
+			"CN/COL0eC4a6lwkdOKmqgxSyWNWeKxXRTM8+EYQIem78uY7A8XuzVUmOpzYWoLAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QION6UOZ2Eky4wEwYDVR0jBAwwCoAIgSY376EamQowDQYJKoZIhvcNAQEFBQADgYEAXota" +
+			"1N1UrMxj2a/vdII92Wi8uEetcHo9vmiJVYxwPFkp+qo1q93Ww8Qnfp7xzaZwLgVoUOAF8U" +
+			"TRUVnzqoSwmRrfyEMfrgej3eiBjcU+zS9mNlx9mUUSLmlY+xMeejyVDCntRn6YJWWLesVq" +
+			"eFOjyNux97/XnGT3T1w0J+wShu4=";
+		public readonly string[] TEST_46_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PP_06_04_crt,
+			Intermediate_Certificate_2_PP_06_04_crt,
+			Intermediate_Certificate_3_PP_06_04_crt,
+			Intermediate_Certificate_4_PP_06_04_crt,
+			Intermediate_CRL_1_PP_06_04_crl,
+			Intermediate_CRL_2_PP_06_04_crl,
+			Intermediate_CRL_3_PP_06_04_crl,
+			Intermediate_CRL_4_PP_06_04_crl,
+			End_Certificate_PP_06_04_crt
+		};
+
+		/*
+		 *  test47
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PP_06_05_crt =
+			"MIICozCCAgygAwIBAgIBdTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA2LjA1MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDMIUtQ/CgudxHAwAAn8jUsdAY8u7WDslOC4nNbWn5C" +
+			"tILgZ2hGIZhEnhzP+VCV8ke8zLo1DX0hCRYAgzk5XTGAimExHFv/yDdhpJWEnqMRljkCHx" +
+			"Hg3XE1439qutBdmWvGUlRF0hQrd9Q/Ubr+PjEzP3a0EUmXo7LYuQKMcFsC4wIDAQABo3Ew" +
+			"bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATAMBgNVHSQEBTADgAEHMBEGA1UdDgQKBAgha8GqGbO1nDATBgNVHSMEDDAKgAir" +
+			"muv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQAEG5C3P1A/MYpNJ0qvi26v04GGUWDQWRW1q9" +
+			"1392XpAxDdv7kODf1FUMpfBpcUblagxrX7Npthv6/6W8poBTjvJuq5BfnnOMQrCwnsNfRy" +
+			"Y7b1mAZIvcOBhWe+bFVqRLUqZ+JseWkw0YgZIGtX41Znwl0VcFQKJ4lNkuaBgXXdGw==";
+		public const string Intermediate_Certificate_2_PP_06_05_crt =
+			"MIICozCCAgygAwIBAgIBdjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1QUC4wNi4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjA2LjA1MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQC36j0YkXZZSw3qQaxD0g2BfrKYperkGjVAfLwOtOxB" +
+			"0A3Ufx2ECl/MqNOvi/QWlTkKwnrqw0aEnD25iS1DFM4jMZBmdfJg80oa+y6TJoZcIb+3bv" +
+			"SK5o3ArCFWkhTHHggIIY3H9dQOgAeYQF57Vb0iu59GPfnYJO8y8ZpxGIYcjQIDAQABo3Ew" +
+			"bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATAMBgNVHSQEBTADgAECMBEGA1UdDgQKBAhUpoGZzfV7EjATBgNVHSMEDDAKgAgh" +
+			"a8GqGbO1nDANBgkqhkiG9w0BAQUFAAOBgQAjrFHzC1FLvssJTfV5YsGfw7Luj4EqLDQd6b" +
+			"MgtBSwPnXqMTUAZpDETyeYvcgM+L2tasB26MSy6IttSKsaJpHPCP+BIs0jji5xosuCX6Cs" +
+			"wI2gE/LjF85rjZnldrlDShw01DlcmWlWwudit/ieO71Xc8i0F4EhSaTUJX12po5Xkg==";
+		public const string Intermediate_Certificate_3_PP_06_05_crt =
+			"MIICozCCAgygAwIBAgIBdzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMi1QUC4wNi4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjA2LjA1MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDFWhChPQNFYQpLBmVmXSGF2py1wcfhZgZurv0E5AgE" +
+			"BZwBo2bxSeC36lBQyR3OABGI4nQoEegSQWwuS2Pk3+emG2MZ8R5QINAkMlAKTp5Gj7KTlm" +
+			"3VVJRx7/VduoFx8sZPjkpvF1bSL+KOH4UZny1xqqTj4bJ+oGu58INeSNVa+wIDAQABo3Ew" +
+			"bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATAMBgNVHSQEBTADgAEEMBEGA1UdDgQKBAjN4PvsHY9+YzATBgNVHSMEDDAKgAhU" +
+			"poGZzfV7EjANBgkqhkiG9w0BAQUFAAOBgQA8KmWbAQOnM59zry9TNtLbA2P5y8R/sO771S" +
+			"yQYcu6undt9t7UEiOepDp/z3CGsITm9RdtXAobZ5ZqhW+3Ll+UnML1itiCytOPbfC7iiUO" +
+			"S5jviQnpgJncZD2Lp65yNAB7lMmMleFO15Bsk8VNmzMDMsFtzo508Bs6T33ZW69/vg==";
+		public const string Intermediate_Certificate_4_PP_06_05_crt =
+			"MIIClTCCAf6gAwIBAgIBeDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMy1QUC4wNi4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjA2LjA1MIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDxx57R4j64xdbjpTl7reLby/T2ym4rESC90aBkC2/E" +
+			"/YUSjsuGG9GiHEVgoGzoQGQNQV0v9ZMIvuoI6q7Fd6VZhIVGE0MGzTFNA9QEEDGPc10ZxC" +
+			"Gyh9mZYp77PMuhQ12Iv3aDW9KNTr09+HyhK7d3Se7toXLwjE5pKt+A4ZvBFQIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIwmq0fugIX0kwEwYDVR0jBAwwCoAIzeD77B2PfmMwDQYJKoZI" +
+			"hvcNAQEFBQADgYEAbAbRorTyh6zfAmdg0lfeZyCyW9k4NWfhUs46iSOl6lkZH8c1eoAF5/" +
+			"q0pOF+CtI3F9VMhfUXChEbVj7QENctU7kDiFe8300OWD5h1VUi+WTK4CG7B36/BjkrVOuG" +
+			"Os76P9l1WaC+/WRZdcqgFMfPjpn3R179dImBDwZiCMMbVqc=";
+		public const string Intermediate_CRL_1_PP_06_05_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wNi4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIIWvBqhmztZwwDQYJKoZIhvcNAQEFBQADgYEADX3u" +
+			"wxpN+p8N2HqmhFw8w9LCeoR3Xa/uaqgqh4i/VkDuAC4Bi7VbIO6rcxDO2uAdZgNhb/hnRq" +
+			"cvKLcy0vrovCa2EPHcFo7dJl7si2q09EeuHT4+lZt/Ek/VOkwHhvh2o6yEvKOGXCnF9hZr" +
+			"8YbOIknboEz+tRfxoJArRBwpJkE=";
+		public const string Intermediate_CRL_2_PP_06_05_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QUC4wNi4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIVKaBmc31exIwDQYJKoZIhvcNAQEFBQADgYEAQz7u" +
+			"dfU4yAHFLH5BgeZkYh0l2lZ95af+E/67MSCjQSF7RWWWTffbDMc4HmiRlZLvQdltyGCKmi" +
+			"kuzcPP8vyYOBQmoIKQ6c2LItBjXVavLdpe91yCOhCWXVVlnMFq5ztrvBEpfO0GVUOnPWfG" +
+			"1Ugit3SEd4DbhYFTBYHbbOKRWsU=";
+		public const string Intermediate_CRL_3_PP_06_05_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMy1QUC4wNi4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIzeD77B2PfmMwDQYJKoZIhvcNAQEFBQADgYEAkiW6" +
+			"h9a8v+IITd+p0jxukj2FYfmED59ZXAlYhQdQAGlPE71rOXn6ZPURYoGf7qlmBwQffpksOb" +
+			"Byb+PX+CBTUNXzhgTzD7ifM9xOhCEKVKai9acQfvokU56OHwfq5AnkRykLZ7IdvdYCP57k" +
+			"ynrNNV35dsMZXg23/PpreumlOkE=";
+		public const string Intermediate_CRL_4_PP_06_05_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBNC1QUC4wNi4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIwmq0fugIX0kwDQYJKoZIhvcNAQEFBQADgYEAnTbS" +
+			"MBWyoPaslaLpAMmJ+D6kmmKAdRYurA0okU/QP+0W+YNPV4DducAQUDy8Cg3RkpRK2ze0ad" +
+			"l6TUW8g83hj9TXSBp+XZuVvzerMCjOeBqhskZN4Ly8101ZZmMmdYdSc3PEhqkme6iZzjwB" +
+			"ZooAN2dIYjuBj1c1/t5qH80CMAI=";
+		public const string End_Certificate_PP_06_05_crt =
+			"MIICbjCCAdegAwIBAgIBeTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBNC1QUC4wNi4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDYuMDUwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALyVMklPv3uwTPzLG70sXIwKSEt65yiU71ibHyhH" +
+			"wJ/6dXy3HK2UETkRBK7UVSOYq005EbO9s/3oR3zt7QTFifvRTsIjl1L4TCLC2a8ApBr3BH" +
+			"xmBWcJDf427Pk1fm5qDdEmZnpyIlpKaKIiBcdtwZfjr0lROL8RNcvgtJPdu/ndAgMBAAGj" +
+			"OjA4MA4GA1UdDwEB/wQEAwIF4DARBgNVHQ4ECgQISjAUfyAwSA0wEwYDVR0jBAwwCoAIwm" +
+			"q0fugIX0kwDQYJKoZIhvcNAQEFBQADgYEAC6Af3cJUh/IQgWdbC2Vmk96sYjDlAsbA2keY" +
+			"J0bgBcNaIVoJ/W0B3rSawqSU+Vv64p7kcuAl6cbvIXPB++19V23jj6HUs1JxtPJZ9IWkS/" +
+			"FRakv6lD7+j1OdzJvDR8AMZWmPFHJdQnJwQ+I1YOU/O/ShawOnGCmihpIULUINFhk=";
+		public readonly string[] TEST_47_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PP_06_05_crt,
+			Intermediate_Certificate_2_PP_06_05_crt,
+			Intermediate_Certificate_3_PP_06_05_crt,
+			Intermediate_Certificate_4_PP_06_05_crt,
+			Intermediate_CRL_1_PP_06_05_crl,
+			Intermediate_CRL_2_PP_06_05_crl,
+			Intermediate_CRL_3_PP_06_05_crl,
+			Intermediate_CRL_4_PP_06_05_crl,
+			End_Certificate_PP_06_05_crt
+		};
+
+		/*
+		 *  test48
+		 *
+		 */
+
+		public const string Intermediate_Certificate_PP_08_01_crt =
+			"MIIClTCCAf6gAwIBAgIBejANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA4LjAxMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCp2vHVX08nyKe+S8NPkNJOZ9Xng22TbYXhUHtXw9yv" +
+			"ZmPkRhwDrZfBLXZcdZFixidkky3kCzv8Q3aPyPByM2ozH+AHJzEMbwifhyvUbANcS+Jts3" +
+			"lsZHarN7VyiXO+8J2OtYqX9qzmrAOHGleB2cJopEcmAMdrzgt1JIo98SUs4wIDAQABo2Mw" +
+			"YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
+			"FlAwEwATARBgNVHQ4ECgQIoRYqHNcbLacwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
+			"hvcNAQEFBQADgYEAXchRFC94Pl25d3Kl4wBcueQLyWPRuH9zS0ZPLAqKLcWVdcg3fYMuJ5" +
+			"SypMMpxLaVjN7xq0KjML1gLiPQPk18iA2TOAUMblvjUl1uFzDdD6SqQidEZh2h3wxFtbLP" +
+			"U7qBBki7i1+Xn072Bpn2paw/vlh4K+ut0tFQ2BAhqVnQGJ8=";
+		public const string Intermediate_CRL_PP_08_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wOC4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIoRYqHNcbLacwDQYJKoZIhvcNAQEFBQADgYEARyX9" +
+			"2+LoXD2fIAACBMPDgds6m3Equ+Aawlr0kuppPO4ydCU4kiEgtVGK+kY5GzP6fUpAKjC8mh" +
+			"BrozojhAbkJekDoN0BIJ42Iab70VmdWXRQhPsUDhQwEt+9eSgy+HfiFfpcL1VJx8uY4XMh" +
+			"VB3hmapIe99P/T2QkZ+Pl8j0MgY=";
+		public const string End_Certificate_PP_08_01_crt =
+			"MIIChjCCAe+gAwIBAgIBezANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1QUC4wOC4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDguMDEwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANYtrtpgxNl+9jF3TN1B9bSEGQci+cQOKpFsmrtF" +
+			"AyiGBxKONgGSgSFFuFIhyBKZF5ROaKX1P8lsQkrpnuybUi+Z9ADdyoaLUDD/z/kp5sebAZ" +
+			"ujmF8HVlqHYj5Ls2smS9EdSN1zgPTXIOTeZd/lv1iFppRZv6cBqlaoapQJsb1JAgMBAAGj" +
+			"UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
+			"QIZjcOdw0ZTCYwEwYDVR0jBAwwCoAIoRYqHNcbLacwDQYJKoZIhvcNAQEFBQADgYEAarsn" +
+			"13/g0vOKxy0okOp2JXEsPdsP7aWnCfR8N4+7gFD6dVnkgCIyc5Kbs7MbhB9gtIxYhHOV9W" +
+			"MaW9QAcBH+eXciFDfQBfaMBkL34ssE/TsZ92r/bhBwKRcH54f96G0QWUnoNMt4U/1j2mKn" +
+			"faFirltqEPUu9mv4FiQ0pNT9yH0=";
+		public readonly string[] TEST_48_DATA = new string[]
+		{
+			Intermediate_Certificate_PP_08_01_crt,
+			Intermediate_CRL_PP_08_01_crl,
+			End_Certificate_PP_08_01_crt
+		};
+
+		/*
+		 *  test49
+		 *
+		 */
+
+		public const string Intermediate_Certificate_PP_08_02_crt =
+			"MIICojCCAgugAwIBAgIBfDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA4LjAyMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQCmAgNA68ABUEppM9Oo3guiGvguvtrWQzsQIJfMBrE4" +
+			"/Scwc4SPK4PiJD+kVwtXinXpVclBMQge10uZ48lSJTihfZscJw3RSHt70H4CpPQm44QS7P" +
+			"7fQqpcZKZvMWmY6A8jju3Phbuq2WgJCIxxVw886GNIAXW8C4ZFmXCjwiGGHwIDAQABo3Aw" +
+			"bjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAjBgNVHSAEHDAaMAsGCWCGSA" +
+			"FlAwEwATALBglghkgBZQMBMAIwEQYDVR0OBAoECOhZ4RAlqGGcMBMGA1UdIwQMMAqACKua" +
+			"6/nC51SPMA0GCSqGSIb3DQEBBQUAA4GBAGEVSOcNaUu50f6AgGBtz1MDdRiHe08W/nzCNn" +
+			"0K1/UqrIXVJ7IYgbOLkL3cdHy4PdngCyEblzl5Cwp9chh2zL0PTUbV1uJIBW32ks1HuAVQ" +
+			"FTZqx0iuopY5AqRCJVDJt4HB5PKObwnmLPNWicI4Juap13j/Tcnw1EP7E7n6OejC";
+		public const string Intermediate_CRL_PP_08_02_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wOC4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI6FnhECWoYZwwDQYJKoZIhvcNAQEFBQADgYEACLHw" +
+			"iDARFoF4GauIHnoZlfj6nlOHAFfNSXq06Vvl713bsoAiOSV+2goZjRG62uxhampE+gCdXx" +
+			"1nwhKQ5R5jOGGOxgLtBFNZwKmD0KiDOSvfIVJ0kYCcaB4mSm0a/7pcCPrrE5ofvkmTW6Wx" +
+			"k/YIuBZdDoqZC91v4tnu0fSch9Q=";
+		public const string End_Certificate_PP_08_02_crt =
+			"MIICkzCCAfygAwIBAgIBfTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1QUC4wOC4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDguMDIwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOJsz8ys71e8UB+VDTBAocVQvADiqh0LjdML3pET" +
+			"B6VvikiHgbB1PJufxDses+v0WD74ChZEa/octNcMFqMgBlhVBEfvbyGTjiN97LzdZ7SPyd" +
+			"DsDulqwBG9sACryUGHqwHYnUbjOqsThOXFB8Sg/CGGawpZAosm2AuH2gqNvNuJAgMBAAGj" +
+			"XzBdMA4GA1UdDwEB/wQEAwIF4DAjBgNVHSAEHDAaMAsGCWCGSAFlAwEwATALBglghkgBZQ" +
+			"MBMAIwEQYDVR0OBAoECOiMLE2l5u16MBMGA1UdIwQMMAqACOhZ4RAlqGGcMA0GCSqGSIb3" +
+			"DQEBBQUAA4GBAFf4BCbNtduwn5InkfdtFbQOqhPLAn/5eIhxhVhUu7TekWT7ktdaVQFzGF" +
+			"G2h1+gXgFP+YKjJy7kGzEVQjlWtuC0l74EwybNHnYAoDg4itKe+0OSNNXdyOmn+i0tE0nx" +
+			"sWN19VvhLGFC8p38gd0oDr1ziYdg0z2Mx4IlMDxl7QhT";
+		public readonly string[] TEST_49_DATA = new string[]
+		{
+			Intermediate_Certificate_PP_08_02_crt,
+			Intermediate_CRL_PP_08_02_crl,
+			End_Certificate_PP_08_02_crt
+		};
+
+		/*
+		 *  test50
+		 *
+		 */
+
+		public const string Intermediate_Certificate_PP_08_03_crt =
+			"MIICkDCCAfmgAwIBAgIBfjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA4LjAzMIGfMA0GCS" +
+			"qGSIb3DQEBAQUAA4GNADCBiQKBgQDKZDgBum5Ud5i8HWlCKInJ1x9goZ7TQJ+LdfA9iGU1" +
+			"47xJL5eFcERWy4dr5wM5GNRW/DHXlnA/qsRVE29EuRh6qAVgcPGAfmJxz7s5yhmErfmiQ3" +
+			"0rh6+pma/EhcjntXqwIqnk1qt6mEk7x9UKO3ksFCVsDEA67/dvownjcZB59wIDAQABo14w" +
+			"XDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjARBgNVHSAECjAIMAYGBFUdIA" +
+			"AwEQYDVR0OBAoECGtTrZIwYYHbMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqGSIb3DQEB" +
+			"BQUAA4GBAM3t13xJJraRiJDAwZFxhTNR570wMdSRiF3yWSRtOjEv8NTVFj/T1oJJ8h9Gqh" +
+			"hMpTTHU7uGCyVB9S1HCelmS+1zteKr0B+WVzBl9yuhvku3farz6zgIVK3v5hQ6xC4H4Lac" +
+			"NDhTTKBkRfDf9KskFoxJ/AGxPdZtIEC92DFSblQB";
+		public const string Intermediate_CRL_PP_08_03_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wOC4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIa1OtkjBhgdswDQYJKoZIhvcNAQEFBQADgYEAcUHo" +
+			"D00X/pd3D5KGa5C6dY18RsnUovkjUkegGTpbhQfmYZIdBatj7Kv75FeUJ9UpqCUjxHgdiE" +
+			"EVy60NLVGP2VRuJ1m8vfDz8hu5PaiVjneQoRw2M9ieBnz3PjSETDdBGJLWHyCBZbp/W2+0" +
+			"iqcZK7Fm9O5EL4PUO6QIwuH76q0=";
+		public const string End_Certificate_PP_08_03_crt =
+			"MIICgTCCAeqgAwIBAgIBfzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
+			"UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
+			"FTATBgNVBAMTDENBMS1QUC4wOC4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
+			"BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
+			"A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDguMDMwgZ8wDQ" +
+			"YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALsXEPrCg91CObTl5OrHIB5GshIDXgqBmjzxfWPK" +
+			"ih4STWeBe2eIFO9pONXcM5lstEu2XLBPP6QBMUMWOrphJejrJ3eDQHs404bBnt95O/x17i" +
+			"665CZtg1jUqoO1kOBOComx2AJGZ46RdBExbfd0tTtdHWtRhMsnQchI+WtEyotdAgMBAAGj" +
+			"TTBLMA4GA1UdDwEB/wQEAwIF4DARBgNVHSAECjAIMAYGBFUdIAAwEQYDVR0OBAoECEWZkJ" +
+			"TYQ3z5MBMGA1UdIwQMMAqACGtTrZIwYYHbMA0GCSqGSIb3DQEBBQUAA4GBAHki/TrpHiKW" +
+			"gvERhguQ/uOqHHZNXsog+fgGVFFMOWwJ9bq4aHKd1fDZpyZF4vBxW7llbhuSt+ob2TNlkR" +
+			"wkqzfGL+3xOTKNRgzDwJcil8akC1N5uBftrQk+eL7rM1PezWRM7fIbpmv5ZieIVswtTPF5" +
+			"1Rl3G+JXUBy9E95espls";
+		public readonly string[] TEST_50_DATA = new string[]
+		{
+			Intermediate_Certificate_PP_08_03_crt,
+			Intermediate_CRL_PP_08_03_crl,
+			End_Certificate_PP_08_03_crt
+		};
+
+		/*
+		 *  test51
+		 *
+		 */
+
+		public const string Intermediate_Certificate_PP_08_04_crt =
+			"MIICljCCAf+gAwIBAgICAIAwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QUC4wOC4wNDCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsrM3A06j1zDz6VuZh+O2UrAPcKtwSA6KxTShUpgr" +
+			"t9UB5iIAEvxcDTwDlubEv/cJjDcFj9N57otzW4ppnuT2ztE4ROmkNb0xL6u00deS1yGjXB" +
+			"wy1G9g8bYDdAXOJlv0tjHOBqXlyKoMny82BOBL2vsCstiqxl14Q3/wBD1w29MCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAMwEQYDVR0OBAoECJiAkexK6/c7MBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAL4xwcpXZQPTTPYIQ8CMoVla/5P1x6BPmPqSkvh1D/o4ds9Ll9kHBz" +
+			"//X1ZM8SzYcEO+1r75JUzoHsvDw9yYAk2oclLsCORAPqD8Owhv3jv0QQtYSmf0Sxt5FLx0" +
+			"MRP9keY/DURRf9KitO4glOawtRtYMq2BeeJk1xusY0KqEnQr";
+		public const string Intermediate_CRL_PP_08_04_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wOC4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAImICR7Err9zswDQYJKoZIhvcNAQEFBQADgYEAcN3a" +
+			"jIEcXsQatb0fvVcFnO7d7lzNtgbqL3MtaqJ/PjkRJ/rO7JAXQRwdajUZF4ECHylZKE2HUG" +
+			"Dk+vidV98T8mNmb0TEuuLV+J1G0q8ezMXRJtDt/2m3y1VBireXlEMd1DdgpsDdCQ4va+XJ" +
+			"qv0TvVhfxWry+LrVb6Bf5ItexXg=";
+		public const string End_Certificate_PP_08_04_crt =
+			"MIIChzCCAfCgAwIBAgICAIEwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUFAuMDguMDQwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBQLjA4LjA0MIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPJWa/cB7WW7tkGxFhcwxqE+BycXe3Ru2qGbun" +
+			"NPQZ/j44UT2C6rl1wZwugCY0sR6mXR/P/NR7czZvg4Tt6lwcNtc8PeafFMUeu0u0Kg9uWn" +
+			"fzQQKeIgRVcEzGTGMPGWXS0ed6X/1+Dj8A+T/tqXKUtM3Jpe0pCmm9CIrYCXLPRQIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAQwEQYDVR0OBA" +
+			"oECKm9IOyOM1h+MBMGA1UdIwQMMAqACJiAkexK6/c7MA0GCSqGSIb3DQEBBQUAA4GBAEXy" +
+			"dlTkkZaYK6sUJCiPeCPxfj5cdo/G4RGBImMJbTeDyVTvXSH9G2yWUMqBGnYLrwdJJeXjF3" +
+			"89miJgnJ+1r/r3r2/NeAUuJDsOHRMFh0KXFmgubyw/kGsZBe3279hDnND8ZjfQBmKQD17f" +
+			"PycWTTAC5p6GM8tGERiDSnMc5rmm";
+		public readonly string[] TEST_51_DATA = new string[]
+		{
+			Intermediate_Certificate_PP_08_04_crt,
+			Intermediate_CRL_PP_08_04_crl,
+			End_Certificate_PP_08_04_crt
+		};
+
+		/*
+		 *  test52
+		 *
+		 */
+
+		public const string Intermediate_Certificate_PP_08_05_crt =
+			"MIICljCCAf+gAwIBAgICAIIwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QUC4wOC4wNTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwH2d+D0pH8y4QJAPpE0s2oWucV1jlE4pBMGNNPJ5" +
+			"FIRmyRCt90IpzmK/EuqT6iSZYd9hIB9wa180ByN67PK1z4loLFMUL2RmbWeAFlGy5eEFOy" +
+			"4d479qfy6JCOzt0TKhYzhukLUqGLa4DDTzvnnUx0o86aLvGq0K5s6DRlNyc08CAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAMwEQYDVR0OBAoECDSeuxr4EVgaMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAKoGi6qlODB8Lc86PtGXfBhW769jB8xzgmENE59sqNBEvYa/oK9Xxm" +
+			"1JX1OGEQMq/mqwZXg6hSczpexCIO4tUH8QKTU68yvqcZoZCDV8FLM8aEUPtUoPIpluhAtN" +
+			"scGfb3uXoV9fg7q1Pi5YlKMnNrDIq1tH1CAGKMDRrjW63Q8C";
+		public const string Intermediate_CRL_PP_08_05_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wOC4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAINJ67GvgRWBowDQYJKoZIhvcNAQEFBQADgYEAv5Hs" +
+			"nYPZO1fGC/Z2lIbbUKjIv0+BrR9HbG+b76wXeJTVxfXMlZe0cpOR/KD29DyxI3G4IedHRy" +
+			"zL8iCDWYbA86arJzl5GZJ1MC2A586vNn/6wiiT6nP3iMj2z/nyvan8L30KNBm9IDXQExOu" +
+			"PNE/wOWYBxxCjg551fpXfJKqDIo=";
+		public const string End_Certificate_PP_08_05_crt =
+			"MIIChzCCAfCgAwIBAgICAIMwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUFAuMDguMDUwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBQLjA4LjA1MIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4BZFTwOqI+71v8CdiYbe7x0qYveN524h6+iLh" +
+			"oEqvzuVKVqvQgVSaSLPcMhoCGDv3nqyP57Znl/3I09vLU6F4HKLtjO9E0PZu8EXOKLjeWP" +
+			"XmJQkdHfODj/TrrWSsrdorl7s7gdWEUFlbiWvUVUtkqLNbGLJZ5Q1xZvBRLS7loQIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAMwEQYDVR0OBA" +
+			"oECBDaTXbN11BBMBMGA1UdIwQMMAqACDSeuxr4EVgaMA0GCSqGSIb3DQEBBQUAA4GBAGVa" +
+			"QNtd4LgoVZQ+Uy1lSr6sog4fsGaoQJCZcvrMJwGpMF0FJsGtOb0R2mfwHi1YXqPF5qZY2I" +
+			"7cVbwVtRQzbXunk1z12k0iIesMtYUncxb/SBstC7VNS8HNZm9ese+YM6Ac8mGT+IUZsPcP" +
+			"gI9fQ1L/2u+/3L4fweca1R45xm5M";
+		public readonly string[] TEST_52_DATA = new string[]
+		{
+			Intermediate_Certificate_PP_08_05_crt,
+			Intermediate_CRL_PP_08_05_crl,
+			End_Certificate_PP_08_05_crt
+		};
+
+		/*
+		 *  test53
+		 *
+		 */
+
+		public const string Intermediate_Certificate_PP_08_06_crt =
+			"MIICsDCCAhmgAwIBAgICAIQwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QUC4wOC4wNjCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAlSIH/+6DEL1P9tkgbsI2PcW0w9dmqMTLP3jKYPsr" +
+			"sSWI5bcv55sk6RItVr3hGgkaskZoHeamUBAiGPksVyrqmRwSCJzQDLnLdMnjjudvPjp1ZZ" +
+			"9UCufTtMPFvnEuVBx5e8A13AQ4OyHqaJgWRVoRJd6vwTa5jzfYCCMJZHHKpcUCAwEAAaN9" +
+			"MHswDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwMAYDVR0gBCkwJzALBglghk" +
+			"gBZQMBMAEwCwYJYIZIAWUDATACMAsGCWCGSAFlAwEwAzARBgNVHQ4ECgQI8837JGF7vMAw" +
+			"EwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEFBQADgYEAKmgbxzWI6V2twYDp65" +
+			"Gu8zn883CnI08s2FEVupvrKduxYmg+ZDkTBE3ZJFxcOuxJf58MRfDWy8C4jJhLnT3JSSSg" +
+			"sY3n93jzc0s2h5y2wd1bUTDLqhqWCshisDG/88rpv938O8luiUEwltolzKTa+ScA6nXSQt" +
+			"LT4I6O3vbTx2g=";
+		public const string Intermediate_CRL_PP_08_06_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QUC4wOC4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI8837JGF7vMAwDQYJKoZIhvcNAQEFBQADgYEAHua+" +
+			"lC3wP4G6796jjr6wuu7xEQqY1azsLVsGtL7YL8fm42rl7hgU40SuFIc7Kc+A7oEEkKgvmu" +
+			"SLMIv7q5O8J26fQOuduGWQAncPYB8w7sNWjCZbdjVbjp1XIApcAL3djCbLZ8/NYsCoOuwx" +
+			"hRQKX1hIn+rNDi1DMD4H99QdDGE=";
+		public const string End_Certificate_PP_08_06_crt =
+			"MIICoTCCAgqgAwIBAgICAIUwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUFAuMDguMDYwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBQLjA4LjA2MIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDnaYU/lu+u+LmLQwyACSsRyxQEEvgriE7ApmHj" +
+			"sNBcd3lovFQMfw9MyOOMsInOgQZU8p/invnhx11/pwi77ViQQ780unhHt5H/tteaYwcsDR" +
+			"cUxR/8jK0DBnbVWvm8S/NGb8BxfbRmDHBTWGZ70hDSCJypWRfHQj0I/SAqAW/VuwIDAQAB" +
+			"o2wwajAOBgNVHQ8BAf8EBAMCBeAwMAYDVR0gBCkwJzALBglghkgBZQMBMAEwCwYJYIZIAW" +
+			"UDATACMAsGCWCGSAFlAwEwAzARBgNVHQ4ECgQIhh/KikcKA7EwEwYDVR0jBAwwCoAI8837" +
+			"JGF7vMAwDQYJKoZIhvcNAQEFBQADgYEAbHK3lkqbGy61lu9d22uO2H3hzwvjmlccZo8pro" +
+			"ord45d2nRIxw2ag4dS1YRFrefVdxZtKeR9+5o+tQtvmTcDOer4u6NZ/sVVElTb1d6axtL0" +
+			"i4cmqv6bGWYECEwtwmPGqAavp9pPZjNRbkBGy9qhVNTXfDQYpA8yzXWO/xUrwNU=";
+		public readonly string[] TEST_53_DATA = new string[]
+		{
+			Intermediate_Certificate_PP_08_06_crt,
+			Intermediate_CRL_PP_08_06_crl,
+			End_Certificate_PP_08_06_crt
+		};
+
+		/*
+		 *  test54
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PL_01_01_crt =
+			"MIICmTCCAgKgAwIBAgICAIYwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wMTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxDV2d7qXbpCvOzBimskBLsgexpEYaHv0s7gOaqhC" +
+			"4A3K8sxdjyW6QdGZhKX8tCMqnlPp9CNbpY4tQQ5oTSk5pj6HwAsTfGcDwXJnjKWx1FJ7rD" +
+			"meZZ8c2K7a8voBl6FoPGn8CMhO0WmM9Eyb/vDUPdCZzScb+z/BxTcV1BPFdq0CAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECBpj0+Gcq32oMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBAB/9veHrkLeu8jkwXggJtwqPTmkrIBcX+pz85BTSETYeLOzF46" +
+			"onk+qt+IHptlrm3D7ny2Y5M0dQQ6tPzhGZxCEg9RoDibZGtsx+qeAh1ZjeEpEcQyp/idWY" +
+			"asH+EIuEIOZA9c1ySxI/3v3ZfzaSGS8jsgSDkLB4JumrE9ZkLNd1";
+		public const string Intermediate_Certificate_2_PL_01_01_crt =
+			"MIICljCCAf+gAwIBAgICAIcwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wMTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3B3UKG3tEL6FQz6dL6iqSvzgGsm1Fg5uzK8npkEq" +
+			"g2caUM7huYFfXeur1mu6iKiROcGX8ZYxrPi9Orh39YVrSu2EUWvqQui4QScf4dIlzAOunv" +
+			"0gAa/lIVTHgZhIomKND6/tZLU251dJiFhoV6bXx2tor83vWFVPx2oVd5LL5S0CAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECJmK3jFTIl6lMBMGA1UdIwQMMAqACBpj0+Gcq32oMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBADkYLTg4RncTpAFmpUy7WGOMvoFV15nDoi91OMxhxVkbGSE0DJFxi3" +
+			"hPKcfUNvzy0bEUUTaqOXdbIkoLTG77NTckJxurSRyam0jA0+6SUYZ6F9fVotwMul2EiVl9" +
+			"XP5oCt7LkgqVgMASuwfzMnQozB6Oi/YP2OdSPXLipI6rl2dx";
+		public const string Intermediate_CRL_1_PL_01_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QTC4wMS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIGmPT4ZyrfagwDQYJKoZIhvcNAQEFBQADgYEAd8YZ" +
+			"8jibr8yjcGYSDicJuyUvHBZntTVQ1sP5XVmtCZcYcQCVjbC0auYTEP5snXbGPW5qeEaaXB" +
+			"MhekMr776hP4Kl3g4AjguFl3XQGcURlgNd8LsTpMMdNWC7XwooOF2FzFjD1ru0BSEWabzW" +
+			"NNaVeuMMbu2N0lc6NDJvRC8LkhA=";
+		public const string Intermediate_CRL_2_PL_01_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QTC4wMS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAImYreMVMiXqUwDQYJKoZIhvcNAQEFBQADgYEAZFec" +
+			"GtjOfp8pT0n1dMF/x9n8y5tM+G3LLnZvDJspLc/sqP3E3B/sHBiis81caEkQQAOTBU5goJ" +
+			"0KOFAUOfEq+IX5uvNhuPuinx0OsSak+2Annvi12zodMQKPNm1uMVt2bMHHHZVEVTqcv36g" +
+			"xgdbp0YKTmuvSy6s8NtGFpkNmnU=";
+		public const string End_Certificate_PL_01_01_crt =
+			"MIIChzCCAfCgAwIBAgICAIgwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTItUEwuMDEuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBMLjAxLjAxMIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCAUPp5j4V5XTA44Ra1EWkp9HgS4w3uXJ7/Vhi" +
+			"K5bARFrDOOxjV8nmr5hoUYr4jwdi2Rl+60TQK/F08gdcGxdyc9p/yiU5HyAP6i+4iqmvaW" +
+			"9b2egNyZ5tOmpl/Q9FSFWa9d/PYBKM5Sj/r73RtA+/chc4uq3uyLekSRQGh1MieQIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECAiL3A4CkaFyMBMGA1UdIwQMMAqACJmK3jFTIl6lMA0GCSqGSIb3DQEBBQUAA4GBAJtH" +
+			"mNNvCt/0uFbHdvUvCuBeZ9cggfpTyUS4X8zgcLDPFbw6VvX65umOZpceZI6hwcre+LZahi" +
+			"gUEPvXppncEObkeVTcYdOTSDoxh5tZyee1P4sbD9H+suGWeewqUDvFs2ymHtxlkpOttitR" +
+			"xQc2U6VlCuZ4XU8SwucyhW0z51e4";
+		public readonly string[] TEST_54_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PL_01_01_crt,
+			Intermediate_Certificate_2_PL_01_01_crt,
+			Intermediate_CRL_1_PL_01_01_crl,
+			Intermediate_CRL_2_PL_01_01_crl,
+			End_Certificate_PL_01_01_crt
+		};
+
+		/*
+		 *  test55
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PL_01_02_crt =
+			"MIICmTCCAgKgAwIBAgICAIkwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wMjCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4QmGXEeVKCn1aQx27r+EBuQqfi8fP7gyV5JLkaSu" +
+			"DOUrqXg8dQxHsBNCf3XilGIvjNFZjVUPdS8FNqC+if9D164VyGQlv/JUor/GlvwVfyotUO" +
+			"U1PqSzFrAALYTmfm/ZqhMvGYloStSDxlzjDmyKadskzOxZZDNSe5s8dvUpYn0CAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECGk7qDbbBgRbMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBAD+eI+jg4jmeC3pJRGEF/hbPPYvL6aocjqqbZyNKN5FWItccQo" +
+			"PWg/GK1GpusDZadesZBDo6fLIUJzL+OumrIYJLB3HxQsmyOXB1gRg1hcva71RWFJYzx01U" +
+			"eB8lCbk8Zu24HzLzqjfVuwKOFFELWDEq7bd6Re/aKSHtNnDbsgSE";
+		public const string Intermediate_Certificate_2_PL_01_02_crt =
+			"MIICljCCAf+gAwIBAgICAIowDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wMjCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAl/HiHoos7eHaDIFhMmvIPk63UT33Z+0iiCIuKLW7" +
+			"tgkT8ia1Yg++np1pC3oqYVeKkXqMcjgonPGQhcek12vLt3/+2PYyYirOTVZaiO9pKQ5An8" +
+			"ZMWXIJmCEAMHabPO1RnetvRv5JZFxZY9jIUnD2fUADzzUh/eHN6Pur0DDrI6sCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECPk0C10KQLZuMBMGA1UdIwQMMAqACGk7qDbbBgRbMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAMJ4+BZQxpxWhNbo8bpGkbbcKT3kfKYrHjHsZADC+/gAJSVL854b1W" +
+			"VKsGr1YcCX10V1Gcqb6Jgziy+AzRLhcJngszcz0A7LxrMH+FIyWEPgZnOyQCa8B/9bnsh9" +
+			"bC1gEmXGOVtWboIFOEdGghEbm/ENnQyj+HbIk3jhF3QYbXhw";
+		public const string Intermediate_CRL_1_PL_01_02_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QTC4wMS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIaTuoNtsGBFswDQYJKoZIhvcNAQEFBQADgYEAZEt+" +
+			"FjRuXgnOZg70geqS4hVsF1VWWawlAVGmjPsbRH7rADXPUE2bYL54wLdwt/6QYwHqy2KwCf" +
+			"d4OkWkwn9xwGS4j+XBCw9Y4nbWI+wrsZ9W7vgbeIaVUUUZu6hoin1GxrGDcfbM+bhYzQAA" +
+			"gNmKIWdlJ4tKD2KNgg0KmZPoj/k=";
+		public const string Intermediate_CRL_2_PL_01_02_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QTC4wMS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI+TQLXQpAtm4wDQYJKoZIhvcNAQEFBQADgYEAXwZO" +
+			"wr9mrO6yUOoopNjcIcDssCUksYco1PFgWx9O/hGq9ktdoGoGcECGhdkHTLe2ab3WFl9jzW" +
+			"1/lkysD9Jl3VjbnbRB3dPQlrSfiv7cYBLnfKvyF/CxQg/wCtWo46GJJQgOx/WHzi9aF08m" +
+			"tQuJEtl7RgoByUSvLtmvKjQWEnc=";
+		public const string End_Certificate_PL_01_02_crt =
+			"MIICljCCAf+gAwIBAgICAIswDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTItUEwuMDEuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wMjCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0/rXOZwUebRaHcPPFeKTB2OWIzIAgavqb5HerPAe" +
+			"c3sJCdNOSLc0OX0dFblso97WR8uueF9I7QeGg3ayQjzDVqm5Tu77ZaCuyb6UU8+fY2eqwD" +
+			"5lCVuLfJr9U2JD5b2TcdvAD9RqfhefclVjDj9rObLjvzLg3AefO3drsfBtAIMCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAeYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECDBWCFTOp3evMBMGA1UdIwQMMAqACPk0C10KQLZuMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAI/JpU3gHo8Izsbjlx6bkQo/e/hD634N5lSMtVHIGnoVLu99dvroRu" +
+			"2DO8Fhnv6VZpMvYoAc5oEgUqx9hw3bfS/XN9GXaeMssjwN/qM6lzCsvMG7DA9sf59xjf4Y" +
+			"2+u4KTye4PdpmWaseDDJ1wAihTHEaofnQdaoUffxQgw5UcAf";
+		public readonly string[] TEST_55_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PL_01_02_crt,
+			Intermediate_Certificate_2_PL_01_02_crt,
+			Intermediate_CRL_1_PL_01_02_crl,
+			Intermediate_CRL_2_PL_01_02_crl,
+			End_Certificate_PL_01_02_crt
+		};
+
+		/*
+		 *  test56
+		 *
+		 */
+
+		public const string Intermediate_Certificate_PL_01_03_crt =
+			"MIICmTCCAgKgAwIBAgICAIwwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wMzCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA60y6V2WkNCB34dcGfu+Jo3YHQZXzgp76+HgnyFmP" +
+			"DLj9DjZHqifD3gW8Zk7L+yK4PfLDSHjbrXM9GY1ser6XwhaJQDPUBBYW5X3XTOmDWmV63J" +
+			"YeRF5r7cfF2h3eEZ460GRLK5tt0Zr8V+hA9oOvwqynrIhDYC/tCzE28ciqA+sCAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECPE2FCetVerZMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBABUOUWwyfyrRIw7dRIVfLlWyp5R1I+Kmq5e8st0AEMVpPAmLoy" +
+			"0s+46Xf+THXZy5em1P3bSVTSUhTs+XD6tbFFUcTrX0mQJlshR7yD/A0siMDUNzzt9LJQvP" +
+			"dwNjQSA2keOrV9q/2CAGce4daL4Wz54jfh33YVqJ8sHT4E8CxQb7";
+		public const string Intermediate_CRL_PL_01_03_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QTC4wMS4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI8TYUJ61V6tkwDQYJKoZIhvcNAQEFBQADgYEA6FnB" +
+			"LXWt4B/3oP0PXERYh7ZV39yu/tm9DHBQGcGDF8JIspU7F+mH/+37U/lT6BQxpKOpgOgGeP" +
+			"nTQeQzN9sRsXxFO22SkHbdPCao84qvv485epgzqFcVsCRBwBBLcnNLMg891q0EYsTW9vSw" +
+			"Dx7V4CawyYAYGz1MqYuY6SSs6Q0=";
+		public const string End_Certificate_PL_01_03_crt =
+			"MIIChzCCAfCgAwIBAgICAI0wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDMwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBMLjAxLjAzMIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwt6B9gpDz/x/vnowXf1MdkAPeaCWZ3pYikgxE" +
+			"ZLrMuulFaI1UDnAzgSuSvoHE80VKGKjSkrzIX9OFfeilW5rNZAXoZrjtkaJd1Q8l5AtjFn" +
+			"0tlLytDzIMYo5Tiq/n3IiTdbEzGYzEOCcSyVaQdB7K1WgYI/z/UAaWV/GbqCX1zQIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECMQHLiufEm0IMBMGA1UdIwQMMAqACPE2FCetVerZMA0GCSqGSIb3DQEBBQUAA4GBAD5/" +
+			"vGn/rpoHvny/mfh6n2zVNNQLTEBiddfAdCWpeBFcwxS5lpxfm4dAWgHhprZTMirF9yS+wO" +
+			"wWQ4G9/wiqfAtoaNN1qkHMlUMOAPsOSff6ClgP+1uzKVqQa9NTd5HAeMdYfYjMa/fcF/37" +
+			"plCs5ZsJjb9lhEjNd/tq4/aALQmt";
+		public readonly string[] TEST_56_DATA = new string[]
+		{
+			Intermediate_Certificate_PL_01_03_crt,
+			Intermediate_CRL_PL_01_03_crl,
+			End_Certificate_PL_01_03_crt
+		};
+
+		/*
+		 *  test57
+		 *
+		 */
+
+		public const string Intermediate_Certificate_PL_01_04_crt =
+			"MIICmTCCAgKgAwIBAgICAI4wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wNDCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA06yd2NQEAgpv0kQQEOzhHHU4YqHgtvJgkdLYxb2W" +
+			"Zordrm4b/43UDnLmsI0790V76y9Aa+Y8SIMBBRBJgnlppFJrFsPaOMO98M3/mXkQotVbY1" +
+			"59P/AjWMxpzP9h8Bs8KuoPqnl5jN0UZAF4kRoNXHzyS445VBp4DtWz/jcCPm8CAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECHxLORDZ1KKNMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBACHmDOaoC0Hr2cmfuQvdyGDF7/RlvTUJ7cvGypCa724SwAZGZk" +
+			"Tf5GwxgjVcLHY5RlX2kDm9vjneDzP88U3587qA2ZRwxhheK0RGp1kudNQ5y2gAGKZ7YSc0" +
+			"SENMDxUAa6HUkn9Rfo4rf5ULuGNJZXQZ3DtP+lZSwzkUeCVjKhyQ";
+		public const string Intermediate_CRL_PL_01_04_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QTC4wMS4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIfEs5ENnUoo0wDQYJKoZIhvcNAQEFBQADgYEAb8lX" +
+			"19SlVNRkc9SKNpRLZQom67djZfMSIPIDkBALfMepdevbquzgO7AufTuiDn5Zqe6J6odTv6" +
+			"RrQReo64XB4+Lx2pXOe8bZEbzZk0HvzLl9DjN7zxyNglNK+Hd2xS4yT4ps4fBdvXvWAXEx" +
+			"6DfvWHbGFDoH2auomCKJtCVXxCI=";
+		public const string End_Certificate_PL_01_04_crt =
+			"MIICljCCAf+gAwIBAgICAI8wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDQwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wNDCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA14bXc39XiWvb4r1jzbADzrpfbg2Y9sGBkefSQHsM" +
+			"QZ1SRLR7uexWD7MuDYh4ZYBL+WPhaJJr3a1jnAIp54h68m8mwS13DgrxBF2/hrVKEm9IRG" +
+			"s13hoM4Mjjogn/Lvc1xLvB5lctHjZrNRZjyrt+PqDDmqZqgCOmcD61PhrfAoECAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAeYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECB9hXgJfzBvTMBMGA1UdIwQMMAqACHxLORDZ1KKNMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAB0HgiURRd/REVfc5DenIPhMu8riVcwVgTUwatsCWragUhXpCtvJmf" +
+			"z4vGo1rKYai2dltVX6am+NDvN5tROcM0bvC8lOCc/iPfI5eWTy9SJ2nxvs1+q809Rj0rno" +
+			"zS77TIE8rD7Q8ZUd3qNUiBwdjBoc9misgyN7zUulg4Ueebvv";
+		public readonly string[] TEST_57_DATA = new string[]
+		{
+			Intermediate_Certificate_PL_01_04_crt,
+			Intermediate_CRL_PL_01_04_crl,
+			End_Certificate_PL_01_04_crt
+		};
+
+		/*
+		 *  test58
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PL_01_05_crt =
+			"MIICmTCCAgKgAwIBAgICAJAwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wNTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA/rVBEGZ4jibDhREeRGV3jPnv05esRL8/En1Bu35y" +
+			"QrAHi32+kBu42vwwDbeuiTZd/B90bn5srJZoW83rxXxNnpxqbnjN3GgIcRiUVyaVRTp9/U" +
+			"IT8B9h09b9yT8gpQ5qR0+JDcOHCfJwpogAsyJJa6AM5p/q3TeF39ugfVOWt/cCAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECJ7/mkuLuEIGMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBADC0A2KMMSSmGI9p85WG7XZVMBX/xdDYOHO0e3ORTRFS3kj9rK" +
+			"a0yUjc1X+p22AA8kUyOLpYIulfDjPrLKN2E/hWSf3+XWMiC7JfX01F+BBl/avEZoymaZB4" +
+			"dkH1Hym4IMJoSaEOgf5HFKBnFEA6aUcr+oDYGUP+Sc1dmJMjBW72";
+		public const string Intermediate_Certificate_2_PL_01_05_crt =
+			"MIICmTCCAgKgAwIBAgICAJEwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDUwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wNTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEArir4GaS6r0Tv9PMbaOXYdPKADNpVbJe79G5t/F6x" +
+			"7Tz1rwUR+m10E+Jq9RsV+fU/nUzzjJXHbPLZnfodUVVmrXgzvQ8+B2N4jJtdNLG66j2PZG" +
+			"+P8GQzVK9drDh54VHXdvxAYCXs7GaIprWmCQsxZOKjhFU3YDiRRK8qJGpBG/cCAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECMmrFr30fUzZMBMGA1UdIwQMMAqACJ7/mkuLuEIGMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBAI4qJF6STCi+elUbpZIP7YmcaQsS0PE4G3+LJoMg1LT3rSeobK" +
+			"Aj/yUetmA7y0B5i0svKjRChLOpfClNPVPCx/+mc75+LG+dh1eVG/qk2UH/lrqLN0XLl8tA" +
+			"IwZeoPaegBQAIp9oEjhDN1fWtKIkOe6A6wYdH2VPvsqC8g02VcwD";
+		public const string Intermediate_Certificate_3_PL_01_05_crt =
+			"MIICmTCCAgKgAwIBAgICAJIwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTItUEwuMDEuMDUwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wNTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtRC2/PDG3kx8LpzfWC0yJph5h3LXZJZW0W2voss1" +
+			"HYPP1/MBoQY067dfbALilVRh9asCNL4F45uu0lT24qS9vjW8SzBOLA18GsVYRmWO7EP+Cd" +
+			"9f3mgPIMJ5n+UjW+yhBwh0Z2pzVElkX9CxECrs1Mt2ulyuwWA1lR8nRMaTUeMCAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECAlV3mzXYPyuMBMGA1UdIwQMMAqACMmrFr30fUzZMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBAG28iHdlA+nTs/b9pi+m9eMy7niELjIWL9fMgn1r4iXQ0TsPYi" +
+			"tgpoip+BB4G/jz7MPx/N4nwyAPV+C9wN8cAHALf/ka2MxAORYFVFI+5PDgXzm78ILqj91f" +
+			"vOFN4jemizTES4/dHxfmdctnsTRpU9ALQgfJLhxEQISOPwuemKB0";
+		public const string Intermediate_CRL_1_PL_01_05_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QTC4wMS4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAInv+aS4u4QgYwDQYJKoZIhvcNAQEFBQADgYEA5i45" +
+			"gETFAw6l9Awex9IAVIqYTA1dnbDyrUYDRdzd0x6OxSPODvNfQCwqwlTJXrHidCPO8jRhMS" +
+			"Zcdn/MTlIeHa6OERFcjOiwOpeTgtchvpTdDchs5ve8Ik+myue+cfgpEVKOE+ZQ2T2tcyz/" +
+			"+DbeMptECfJ0lVfCKIY7ZOzBPaQ=";
+		public const string Intermediate_CRL_2_PL_01_05_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QTC4wMS4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIyasWvfR9TNkwDQYJKoZIhvcNAQEFBQADgYEAdsNe" +
+			"ugM8sd8bmIDkYXce2WmS5Zx6QUQ0yT6Ij4OR5/F4CG4Vl+k3JkNPuAiNSs2Z9HeML+F/W8" +
+			"3yEPe/mdLV4nLw4B/b1/8DmgZN4r1ojaWuHAg+KrA3Zz3Rc/hwQfvBy49mf4NGtY4ArbeB" +
+			"DYKz5sVlrwR+gOCR5jm4IC7WEDs=";
+		public const string Intermediate_CRL_3_PL_01_05_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMy1QTC4wMS4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAICVXebNdg/K4wDQYJKoZIhvcNAQEFBQADgYEAqYex" +
+			"FaIykZo17O2URpofe8x04L/VsfA9jV28zUgNFruAGld/kUh4rYvgwrdbNZ8NmEFDp9J9aL" +
+			"93af3bzoNvWCik2VrQLd5nccCFiC04B+LUH9Y2p+7vV2ojrtBks5SMW0q4HaNyPSQu8Fst" +
+			"4mYVf+QIYZC3iVAF4rsKnaxwzIU=";
+		public const string End_Certificate_PL_01_05_crt =
+			"MIIChzCCAfCgAwIBAgICAJMwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTMtUEwuMDEuMDUwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBMLjAxLjA1MIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCXJjzKGcLyONTyOa6sQHvIKZIAh0pWdteUiXf" +
+			"b7yjCn6Z52SCHxB9GZERHwR7fbJpoE3oDcYUY+8pH65bIVm1p3zr5deo4v85DEZQ50cU9a" +
+			"WEUAO/5X57P7pYb9/47abu0cdsLIWeE+O94HpZS8vz8mxRQKLj27gPY1KzzTbrZQIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECG8ILlM9oqZwMBMGA1UdIwQMMAqACAlV3mzXYPyuMA0GCSqGSIb3DQEBBQUAA4GBAF6S" +
+			"x3aunfgnDmo42aPOzDh536WSkTTbX9bmUNyg3IQHl/3xhVqjS76bMqreYhx5nh4VNx/Z3N" +
+			"LD0W75XmASCk0wtW9S1MoxzJMFIozRruaE3oykrbyMMOt0Br5CV12ofUd0WybDkXfNAIze" +
+			"IRgps3nORHWjV1GwXe8uNoUn6/z7";
+		public readonly string[] TEST_58_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PL_01_05_crt,
+			Intermediate_Certificate_2_PL_01_05_crt,
+			Intermediate_Certificate_3_PL_01_05_crt,
+			Intermediate_CRL_1_PL_01_05_crl,
+			Intermediate_CRL_2_PL_01_05_crl,
+			Intermediate_CRL_3_PL_01_05_crl,
+			End_Certificate_PL_01_05_crt
+		};
+
+		/*
+		 *  test59
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PL_01_06_crt =
+			"MIICmTCCAgKgAwIBAgICAJQwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wNjCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAweCAiEGMLycmodjrUMIWEEFshkvhX2r90wGl+/pU" +
+			"Ia9NSdT23zYzE4Uo8Is1ywyV+YfvgR22j/RXF6j8OK+XZ8jlgfjVTAhjCnTWY9LDR7qAyk" +
+			"8zuuITxJrYpiPoxqZs9BXLfGkDbye5VpVJXvQdbJNxgKO0hkBBDfe+T9+qw6ECAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECG1DiuoAwV6aMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBAMFvtFiMDMP6n3CrqQLSzhpK5Qu0uxa56ARXIKSIqi0OUZAu9v" +
+			"sCXxMvaG/R5bElwi7ybYZ5KUSN+PnDmlUxWWL5Ib5RZdXgj7L83oyLTQmbDMvka6rSWHgw" +
+			"Jq8qHVslhh+l+YNOb4fzs8x9ctCrs/BgjX8wkORpQbigU0BUJ9sX";
+		public const string Intermediate_Certificate_2_PL_01_06_crt =
+			"MIICmTCCAgKgAwIBAgICAJUwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDYwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wNjCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwf6Nf0+r7JvE6BO4MbDbS1T1SCzn78haBAmqGZLS" +
+			"Ac4xQTydvmzr9PwiWlU0xjFfKItqRMt7rfzTTPfvvnwxsAfQNPtxKzi30yCNq/VotMA7j5" +
+			"iQYaVe2OWVHu13agbXLEZ0pL/ZkmQ3Gvo6UhF4dRmCnjFbd5cMTxQVHUrwgyECAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECE3tS4AYmwZDMBMGA1UdIwQMMAqACG1DiuoAwV6aMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBADcBTKbhx8PCunjRVJkcLBCcVGHs9HfkChDafwBO51fe5uhHE2" +
+			"QBpW3J8ZsevuFQiEZvuy2RVFktE6ZoKD8wxwBFhs+OIxe2mergQPy6jHuxoSUiPzr3CVXZ" +
+			"UsNxe7j3IcJLqbJ15UqGFH5yph7Sa4Ym6x747miF6W9knNkjcx3K";
+		public const string Intermediate_Certificate_3_PL_01_06_crt =
+			"MIICmTCCAgKgAwIBAgICAJYwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTItUEwuMDEuMDYwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wNjCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwq2YlDLHX4KktKnzLCYjnk079IDgXENrkRBuZHTB" +
+			"IQyZoiBH4ZWHreZKs3LvznP8uSd8eEL8keNw4PwZ6aT1LF/Jr/UlrFQNnpLzQVXwGGAuzh" +
+			"tFJYRlOfI5cCZYAcpjnyUV4GW+MuwBdoqDycMjmqIv/8A8vupjahffcmBAassCAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECB+qYFJjEkJ5MBMGA1UdIwQMMAqACE3tS4AYmwZDMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBADiXredACtRQTV2TKgu5SDdPlczj7cZZUARJiJKiRfjmxHCc1q" +
+			"m/Oh7sHkqRvlHqjoX8qp4iSchoZWdOAE5O/q4Ef6rViejDFVyN2ZmlhP6KIiRxznrvYfF1" +
+			"n08K7CHgHWvDaumm4pNmWeF03nuasHrY0W9h1uk5poVuzaWDpx3A";
+		public const string Intermediate_CRL_1_PL_01_06_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QTC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIbUOK6gDBXpowDQYJKoZIhvcNAQEFBQADgYEAiHM1" +
+			"xFuYt6tDscqzwj0mLHPHULnR44/vNyPUg0KnV03Dd4XbFHz0FtwDKgVTBZ8x7ybp83ubJH" +
+			"tE/p8nPW5kN25WQOlYkZoAcMpEXjTzlo9evU0W3nyzJjmlT8YEI7vnmWFz/ahzy6WFwPue" +
+			"h862EKh2zVO4hoqZYEuDQI33fOc=";
+		public const string Intermediate_CRL_2_PL_01_06_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QTC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAITe1LgBibBkMwDQYJKoZIhvcNAQEFBQADgYEAuDSF" +
+			"W1KOc4x41HGvdRaw/NtipD2y6zSh3mtRoo7Q6J2BvJvunymZNEziozBOiUgT8zMgbdbm4a" +
+			"PEwlHRaoJP8+yxJIlKaHa9Hc7Yz4SOwSrLicf7EnBSct3Mze0b48UYqbn1q+lf/zKaUGrP" +
+			"M6oqtE8Fam06T+WUfutU53zTtSs=";
+		public const string Intermediate_CRL_3_PL_01_06_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMy1QTC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIH6pgUmMSQnkwDQYJKoZIhvcNAQEFBQADgYEAcPfO" +
+			"+Rj2KmO1CxjuKLEiOUAIq5YmR4U06IcCBGMxlrdHVXHM3vepBKUlMDaT4UGcleABMPX9Iz" +
+			"/31ofyXlZ/fQJOoTZt0CI7SOPQE5ZkUsR3BDuUqf1+sWwBYyBHkrC95JhJkM4LfGS5K19p" +
+			"fp0j0bguzNCXSBRTfjSZhy80tcs=";
+		public const string End_Certificate_PL_01_06_crt =
+			"MIICljCCAf+gAwIBAgICAJcwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTMtUEwuMDEuMDYwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNC1QTC4wMS4wNjCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3asAqJcjXngEuyM/W3+TAE+Qr4JtNUdwBtmrpGlo" +
+			"fAvJdmXHARyiN/Zn6Si8bGI8Wz8J4Y+Ll7zLdaMU4MCZo6hwZiaQwkh9a+ZecCpLpjs4mz" +
+			"MSf5zHSwTYiXKMazlmnGEITVyKLmAiLSyGeeJvOJVqVo/NZXRGVlmnPxZFfgsCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAeYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECLZuS770NcDsMBMGA1UdIwQMMAqACB+qYFJjEkJ5MA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAGM18aR2i8vSywsWhcLrRN1Xckl/HiBPNphobfKoER4NG29cFjUPQX" +
+			"zukjQcJl2clAXNCVtcsKCoYRP3YUyAB6At+yskuuJXtES7FIzM3rt/UpDS5ktVC3gh+jgE" +
+			"pPhMILYIXFzYY1hifkpagfO+mkcr7RqHU3tHAr6LCWjqrB9g";
+		public readonly string[] TEST_59_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PL_01_06_crt,
+			Intermediate_Certificate_2_PL_01_06_crt,
+			Intermediate_Certificate_3_PL_01_06_crt,
+			Intermediate_CRL_1_PL_01_06_crl,
+			Intermediate_CRL_2_PL_01_06_crl,
+			Intermediate_CRL_3_PL_01_06_crl,
+			End_Certificate_PL_01_06_crt
+		};
+
+		/*
+		 *  test60
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PL_01_07_crt =
+			"MIICmTCCAgKgAwIBAgICAJgwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wNzCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5HkS45NLuqq9ZwF79+pTGtQnGWO7DFdetYeQTbeD" +
+			"sisjZMsK0sCCR5xAKYQsJSS4v/8LQUdxlQR30LMV0SQUKFMJyFsMiSsO8subb6sVINWn8A" +
+			"tL4zcQK0WiASUZOEkybAFJtP31PahzI5wfD1cikE1M4BlDij5WeaIjt/RTHKUCAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECLSUEn5d8YywMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBANLO+kEiswkGzEh4ZcF5LtfnPZlnG4gTPSNugeWJc+Xedqmttp" +
+			"jZ35fr1hiRe2Q1UcyTd4ThkPknawwZednbsZVPqw8u1mo7kuAeL9KrCk199vL4bV8Ag/kj" +
+			"HJ8TAy40UDB6hMm7l4j8mEKwV03THVrz1Vvz59CQXj+iseH6yUNO";
+		public const string Intermediate_Certificate_2_PL_01_07_crt =
+			"MIICmTCCAgKgAwIBAgICAJkwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDcwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wNzCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAu78gmT5HwmBHEe+K8fLLgGaPpcv13ZjrgL4twTBS" +
+			"OkZn5LL9GcfkPuA5WIAZkVYfCWSDPqcAGoOWUIDADfBfdcyLteUH+xI01rHKiLDVexMvU9" +
+			"vqCmcBKhxK3S6wraW5YhOO0bx4oPrZXVIjyG8fh4e5WTEykzvUWJ8ZbzSJ9JsCAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECCT+fDEaN7GaMBMGA1UdIwQMMAqACLSUEn5d8YywMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBANpKr98PiXAdcXlbgSgif0213H+tg3WwUNKZTw8MpqPyrN2/DZ" +
+			"HBi6e2KWXLTxttV9AZBRvcKwsveS6oc31eulMe8nHxRNRfadvF6dL3Tsig6HAQkartcJMI" +
+			"yfW4V3EhXbCdziQkre7XcR9WK5bpQoX04HWeew6YTxjG/cL9MIJR";
+		public const string Intermediate_Certificate_3_PL_01_07_crt =
+			"MIICmTCCAgKgAwIBAgICAJowDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTItUEwuMDEuMDcwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wNzCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAr7YezMXvnkSuNCdXch2HRAEVuCqfzpVRCj6laJI9" +
+			"Q+NxgXwzaOwnImvwER3Hblh1l0MAt5/I/9hhqCN+918ueME50MkoM1wPbcmrRIlwWLGSVZ" +
+			"yBKeyPHrLbdPqVIexUlQk7PasLm/Qx4SvRGVe9IMLrEzPV3MFJtrJoWaMobQkCAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECKw8JlHMvVfuMBMGA1UdIwQMMAqACCT+fDEaN7GaMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBAA5JEDEDyqfZzTGzOoMV+8RVke+a4qgOo7rnOEdletgGFEwz8A" +
+			"tiMHBxR+UMxuHS82Hz3+F8XlyYIwlrG9wWVcB/tOyzgVyA28Yux9Q/meU7T6dco/AnmOdr" +
+			"2XL6Xm5iLnARG+PkUPHOsxuweyB/sSUSA8ZJPowNRWTik57ul/bO";
+		public const string Intermediate_Certificate_4_PL_01_07_crt =
+			"MIICljCCAf+gAwIBAgICAJswDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTMtUEwuMDEuMDcwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNC1QTC4wMS4wNzCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA7mNS8dGz0gkXDbBRzP2ypdNMahJbM3cSMHO0hYpn" +
+			"uRsiXGUhIB0K4WVbnz6tr7Hch3yltK4H1Y12Lf8cXEETR2sE9lCY2A3r8/VM5OUbou5Y8k" +
+			"wIf03VhP7cGKonaFtlj/WD77fidDePVp1Nk28gV0T2F/l4pM5TEJrq5C9PSUcCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECJBEcZsMRq6CMBMGA1UdIwQMMAqACKw8JlHMvVfuMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBACfbHKpuRJnZ5UU0sih8RuywhUo6Getwl/p6fsi87wYI61pvYru+hm" +
+			"4R4eAMZvg7MrAarS3Iu3zKBU1HKeq1i+hpwTIXrngR8eL2fU/X6GPzdte3+3tjhah38bqF" +
+			"zDon+N6ap4MKWRk033SsFYo1K88Mena2tGuFForJlV9DOF1l";
+		public const string Intermediate_CRL_1_PL_01_07_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QTC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAItJQSfl3xjLAwDQYJKoZIhvcNAQEFBQADgYEAJtaE" +
+			"I1+PCNL1/bgEVKWUIwvh58ugnWhxzbFW6hNJwNEz9/yt+FLZfNrT/Ezort4VVQFLQg7+Gj" +
+			"KrkIujqfRJG4LXrXAV8ZsvSPuwyQ+hM1GdHGDPhj9x6DkjFusxJYUEs5BzlX7ovpnaIPSW" +
+			"RPsatheSzu48pMOCmyTKE3MpuZg=";
+		public const string Intermediate_CRL_2_PL_01_07_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QTC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIJP58MRo3sZowDQYJKoZIhvcNAQEFBQADgYEALiV+" +
+			"BFpXhgTjiMZBYLVuc/fqhHcXeXOGOmJZoKUnIXjETH3rzkkt5k4tMN00ycZVgpRwn3ZyQs" +
+			"cFLcW8taau1J7iQOmGY/7qIT0eFx2OlgNmxqirmwx4OM5VSH5mEpnp9NOr1rfut1GDRzw0" +
+			"tZ+nhD/PGDXYPu+QPX6jii0vdHo=";
+		public const string Intermediate_CRL_3_PL_01_07_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMy1QTC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIrDwmUcy9V+4wDQYJKoZIhvcNAQEFBQADgYEASY47" +
+			"p94jEh9FZ1TrPS82nWC3Z6ZKdaD9pUbaJpRnAId59QdBaD2Cxq+SfM3HTlz8grCAPKwulv" +
+			"jDDhXhp4H/m63Q/pJbyl3bbMxnphMOoDwB9wwKIUQPM5wagMovF/UYtC8MoC++m2kuZ1eb" +
+			"fR/OIJuQr+k/kD5Axhw/xolKPdE=";
+		public const string Intermediate_CRL_4_PL_01_07_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBNC1QTC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIkERxmwxGroIwDQYJKoZIhvcNAQEFBQADgYEAMhIQ" +
+			"lE+BdCO6NBz+YgcH+tjP0n4OCdQ+7uxUxUYmPtPbsLwbDDEEZUjykgwiA6P47Cqh5fXB6G" +
+			"tfInh1cmQi3y2IEHK+bRSx321qczOh34Yx2hw5vp+JFttbQAEl/BHixklrFBrXjN0UsWGC" +
+			"ibXcZy0YjerWTp/yceoABz9p94U=";
+		public const string End_Certificate_PL_01_07_crt =
+			"MIIChzCCAfCgAwIBAgICAJwwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTQtUEwuMDEuMDcwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBMLjAxLjA3MIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdH60mBM1eInACvOB83zLrtiebq9B5UBlAAVS8" +
+			"9ucDwGx1HOJwhwk2AmvhN7pYuDc+BFzuNtgHojqZSDpRMA3rVsGlgOkZ3sOQzvxB73w+/X" +
+			"XmCYpwcEGLpK4egl8r1aOYm0Zm4OxqWhNu9+Do7nrJczDLi8k/qh8/+Rfdtvt4kwIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECEmVurZ+7UXFMBMGA1UdIwQMMAqACJBEcZsMRq6CMA0GCSqGSIb3DQEBBQUAA4GBAANe" +
+			"AbvpAHwBu9+FlI4DOb65Z+h5f2Ok59FVbVqAj3zkMRkawppngK3CMY/1BQlGXOlHvE+CGz" +
+			"x/7DsiV0O3rxOUjutt00PNxCyIM2pcOZeGUaAu5DJWn0SRwzTMJa4M5K+7wh/4sSPWyxKi" +
+			"ueDq2VXvIgAfEVC8Lv44sxcOduSZ";
+		public readonly string[] TEST_60_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PL_01_07_crt,
+			Intermediate_Certificate_2_PL_01_07_crt,
+			Intermediate_Certificate_3_PL_01_07_crt,
+			Intermediate_Certificate_4_PL_01_07_crt,
+			Intermediate_CRL_1_PL_01_07_crl,
+			Intermediate_CRL_2_PL_01_07_crl,
+			Intermediate_CRL_3_PL_01_07_crl,
+			Intermediate_CRL_4_PL_01_07_crl,
+			End_Certificate_PL_01_07_crt
+		};
+
+		/*
+		 *  test61
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PL_01_08_crt =
+			"MIICmTCCAgKgAwIBAgICAJ0wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wODCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsr+i9HxgO6LnOa6xOHfe9BeLVTo4iZd8rp6UTc02" +
+			"C0MmsSjvIgn3UiayU7aoHcTH8tAXSV5bn0CIH4B46qLym//oE69hUFImy6d1kKgNoaUKWB" +
+			"HztKVtswSSPjIUf7pbyp0wasYMN6fIKYyLpLXUxzA2DrD0kP2Y8ElQJKl2HocCAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECPMW3WMPtaowMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBAH2N6S9ggfmRJkzhs82uOPXaHF62YEg1pbNxaCyJJbSt2iIIyy" +
+			"NPSlE1OufPPH3pO7p5xcYi90LCI//0tlUL8y7aULFNygbshFY3B8MSgCz3KPA3UKdtIZYe" +
+			"7lqP9/ob5wmkjtLpx6oZ4/38jxqe37pH1IwVjaUnoeElSo3EkCI5";
+		public const string Intermediate_Certificate_2_PL_01_08_crt =
+			"MIICmTCCAgKgAwIBAgICAJ4wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDgwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wODCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqZZolrig33i1rEwdP1pin8a5PgzSk7fT+qhrJRCg" +
+			"UTOW5WyPtakrLTUipDcR07t8tIe0NsjRoph7+fAwbjWBfbJdydndHHGx5BqWg8Xi4zFhFd" +
+			"6Mc5O6KO7Yqxs8lmthv/RAdL4Eiir9d9hqskKOtQKbLWz+Bz3+9NwfLGzwzPcCAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECFjxM3RkbbhNMBMGA1UdIwQMMAqACPMW3WMPtaowMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBAJOJKBubTS/kLnfXN5YbQfggxbO2c7DTxx2LhrnPiyVDEow+Xf" +
+			"lMv4YK5olH6UUm02D8cv6Wxg4NeTtBBnwKQG/GV4Ssgc/rrpEzM7jFRQcUzPu0jfya2fX8" +
+			"ZNBnSDjovlN6vmZHtiksjh66h3a0aVusEuOQXD29ogMR8qAGYQaZ";
+		public const string Intermediate_Certificate_3_PL_01_08_crt =
+			"MIICmTCCAgKgAwIBAgICAJ8wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTItUEwuMDEuMDgwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wODCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAogLtEcWxzzkkIYe+KrwKhaQjjGQqy2KDsW00U5lx" +
+			"+XJoT8eKd5pxFdCa0SPn/jkNILVeh07mIHec1WF8SOeveVT4Ewd3nG/6ZGoVVq6l0j+3RM" +
+			"jpJbp26BPR69nFn6rmFUMoSNq0VG8Zl+UBqnjq83G3umJCJMMRekUTULSFEGUCAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECGAFYeJIhrRzMBMGA1UdIwQMMAqACFjxM3RkbbhNMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBABHamiW7sPLQ83nXt3LZemcAp4QaDB8X94EuJGBwshEcKLoOHb" +
+			"/3cZkPRbOiRQUh/YdpfyApndGFSi0DtwM2Z7yup+MzdrR0wzQoNS95A51nHE7XdCuVFemc" +
+			"LTJ5rdd2BLK3OB5lQagVLzAY9Bs1vaeXKT2Cy+gSUkTIekWcsH3K";
+		public const string Intermediate_Certificate_4_PL_01_08_crt =
+			"MIICljCCAf+gAwIBAgICAKAwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTMtUEwuMDEuMDgwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNC1QTC4wMS4wODCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxVjjKlLlZzeZhamPO2NDnRtWM1oWZ3/kdwdBRn50" +
+			"o1NRXb60Ir2HjniK1dRdbijAvR5uItLe9tmj4nusBiaPUGM0HNlEdQWSzble8rvUsP0apw" +
+			"uJusV7zLvzwwbgLbMYT+8lMhxWXM34xszP+dgjWASQOVao1Uqs/MLLibOuueUCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECFMFrvh2hQ18MBMGA1UdIwQMMAqACGAFYeJIhrRzMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAFsCOJ4DzuMOKti5PvF71ZKOtcTHSv123ZNdPIbK6OatT9YhVuUOYB" +
+			"AjMavggywrb+QOXOFfJMctQlS3y/JE9YyoNNt/4UTdx1jQ3I2ablonmzjt8eN5GJ9jUXth" +
+			"fHjxnmGUeWlAvwMjEdzdigkyuWCi9LJfjyHtTjSf9n7w2rU+";
+		public const string Intermediate_CRL_1_PL_01_08_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QTC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI8xbdYw+1qjAwDQYJKoZIhvcNAQEFBQADgYEAG2Aq" +
+			"R1oelnrTgh56m6Mm+Lsm0Sf+Ot1W7LzZmMDwoZgmGLcTduVktx+XrtiDDWsf58hmneT1q0" +
+			"5wl4yNH8y/VCAA3SM/gOq4ddOEiS8GbuEYo5P/julH/U3g6M0vfPUZ5y+7V0s35jIbTkjX" +
+			"76n3Rhf88nvTscYvMdqrYyUhAmg=";
+		public const string Intermediate_CRL_2_PL_01_08_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QTC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIWPEzdGRtuE0wDQYJKoZIhvcNAQEFBQADgYEAX/+I" +
+			"DkAx7PLTi2x6aYbLacPRaUSjMne84MDaEkYiA64Vo3eL6FbKe14z2mBsM2W7x8xDnxjZ0N" +
+			"RbhcFZ2E6A1ct6HMunuKxjoROIsdWhrYMqJfKKMTWMviz1UjtupsGUWS0dVQCquAr6DJmr" +
+			"W88P8wgiVH2VZsc+edDmCGDunrI=";
+		public const string Intermediate_CRL_3_PL_01_08_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMy1QTC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIYAVh4kiGtHMwDQYJKoZIhvcNAQEFBQADgYEASw1+" +
+			"6rGDKgpUtXcCziQCjy8mHFD2zV6x/Ppxm2Gj0U+5eFnIbMPmr4TUYwfSOROUycsiJX/Wa8" +
+			"HEuqWJhIdcsHMA7TYf0iSXK597Bljjg4F/1Rgz0wqLjgMuA59eFbKjJ6zP1E6Sv2Ck0Ea9" +
+			"HJsv5zFA1ljVnNWoQwoHsuLk/wk=";
+		public const string Intermediate_CRL_4_PL_01_08_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBNC1QTC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIUwWu+HaFDXwwDQYJKoZIhvcNAQEFBQADgYEAHHKd" +
+			"U1SccTsK99BUDrvF930ejNRAvHQM9xv80wcUAy18x+TLwBH8vDTmP210/C5Zk9pQs+rLDd" +
+			"doQQbWJrQkznyB1OSK0T41KZ9L0UE+YmFGJjz0PEzYHV0Kc57j5uc7Fsi8Xu20Y8JeTaJs" +
+			"FUXVsvnCuoSxYmwY1futFWHJG7Q=";
+		public const string End_Certificate_PL_01_08_crt =
+			"MIICljCCAf+gAwIBAgICAKEwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTQtUEwuMDEuMDgwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNS1QTC4wMS4wODCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwgNkhQrcqmjhkES6DNAW3uQLKILcFlrFvOlWfDPo" +
+			"ngXzCKeed85npqL+Enxo4sLarEiywuDLrDgPf0gKnZXQWBmzWViZhvTsiAemH7iNsNS68s" +
+			"hhb0vnLzlPpDUJDv7KVKW8VbM7nvplKptlEE6g5kmj3iEmM4l2u8Z/pmQoTsMCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAeYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECLfApJ09y/ZNMBMGA1UdIwQMMAqACFMFrvh2hQ18MA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAG2ANLc/ib9ayz0B0L6/XQf/xuwETEq8kb5vWml/PbcFD1b/uwRHI8" +
+			"vTvM559nZgtzkhS5ZAvNBTh1CB9Ox/nugHc4srbH6/Wcd94pMQx/sfCB/C6zZ5Tbm7Y4jp" +
+			"hkjnxwGUYTvgNzxmaAPLyCfqY7KwhCSzns2M+yuncEKqlzuT";
+		public readonly string[] TEST_61_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PL_01_08_crt,
+			Intermediate_Certificate_2_PL_01_08_crt,
+			Intermediate_Certificate_3_PL_01_08_crt,
+			Intermediate_Certificate_4_PL_01_08_crt,
+			Intermediate_CRL_1_PL_01_08_crl,
+			Intermediate_CRL_2_PL_01_08_crl,
+			Intermediate_CRL_3_PL_01_08_crl,
+			Intermediate_CRL_4_PL_01_08_crl,
+			End_Certificate_PL_01_08_crt
+		};
+
+		/*
+		 *  test62
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PL_01_09_crt =
+			"MIICmTCCAgKgAwIBAgICAKIwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wOTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4slldx8rhfz5l2i0rwib2McrCyQkadTjJRoEGQCV" +
+			"xT0dmw7GhDa6wJg2ozXLLk5y7ZCwlmBOTEoNbigHvcKSnJT8R/S+F4KqBz5d5dbRMNEKYz" +
+			"jdbD7Sm7id+eyfq1s5cpmta2lBJ5gTaC9YPSOY2mucGcJ1muYzdOc6h+PCCNMCAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECO7tq4dJC8OgMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBAHbth0HjAygIoWVrz59ZBPntOn5nzgUGpH60aSDOS6i9ZOKSoC" +
+			"7wCOEt6IpKO7M7SNznxaX2uhFTYotneyq3qENvqZVXKhE6wQRsdK4kG10cxSB5AXPHJRgk" +
+			"W9+p+Nb0iYVKwHdDCW8KHYIroGhSkKxuflwxhK6DcwQuA7y5q7r7";
+		public const string Intermediate_Certificate_2_PL_01_09_crt =
+			"MIICmTCCAgKgAwIBAgICAKMwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDkwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wOTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA70v7BFxmToZHF5M29JK6N0Ha6n729cv1U912mH9O" +
+			"NTz9tafa+jv4W7njScv21CJbNlUO5rlAFcTlXY0U9vbqHEufhtwRQqi7+pkfa+Ig8bwl26" +
+			"4U8L5rgmSvZJpEiiKfkmF2Rz9+zPPhHjk58ZcKoAcyhOdZ60KqmaaU/TVtEq8CAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECKOwR13+P/BlMBMGA1UdIwQMMAqACO7tq4dJC8OgMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBAN71oLHr0+uf6zCOC5L7oeCOGMUwvZyROu8eTztZrPYGjaamSm" +
+			"Z0ZmUPOJP3g5nO6tHf34Tb9CTkwPdPicEaXuxflkSbJBV3mUFQ1BUDlyYTuaL8uT2N61dg" +
+			"xt5RgYTIGsW3/2XrRvXsH91gSiEkccoUyjKnQcX3oZmEeITb6H8m";
+		public const string Intermediate_Certificate_3_PL_01_09_crt =
+			"MIICmTCCAgKgAwIBAgICAKQwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTItUEwuMDEuMDkwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wOTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwMLmDs63ai7i4xC/1ufMFWeigJAlbKWMti/PeEKi" +
+			"7LBfNJDRaO+1kde6QIo1vhkhKtokNu9ue3Rfo1+xGuZVohjRbHnmamEm5G3jihegPQgGCR" +
+			"fDZoJDI9HMbwBa0RWw1Nes5igIVjdSHQKO/XTul1yyF2Dt03K2qeLwes+2FyECAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECPEAjG80q0FoMBMGA1UdIwQMMAqACKOwR13+P/BlMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBAN9eiZXma2n0XgzdvYrlV/IEqBIhpcZ7gycjDumVBVITZJD2sJ" +
+			"bkBi+N8dg7uovgxGxWGsyxqgAboLhMgbpbFzGh+HyIhQu/CeAx93PWYc5rP2l2Y8d7KJvk" +
+			"p1GZEcG/nTakpjxTQ5MQYFsOHVsnDDOyaZYvqPuMrwGYsfoUa1wq";
+		public const string Intermediate_Certificate_4_PL_01_09_crt =
+			"MIICljCCAf+gAwIBAgICAKUwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTMtUEwuMDEuMDkwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNC1QTC4wMS4wOTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo4L9QEqzq2VXzkZI3cvUWR5v6vreKKQPfJPfEwNH" +
+			"nMS0cgDjC4Fnw9ySI7Eb4A/OJGLIyg84mzTl6JX3kGoYr9/bJ8jOD7pN6CljXuHpwwmd7L" +
+			"6Nf5Hy0ltjAIr5s67e33OWdPi4gApS4FN6nPSDkZotY73d1xqJYQQZWuNEsGUCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECLfU7BuxzXeCMBMGA1UdIwQMMAqACPEAjG80q0FoMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBABmQZOvwRpVsTD8uazfQpLJUZkuTap4OOPHie5xJsvOhGend2k+LiP" +
+			"7btGoFrqmkyVV/+dNA8+45SRsnoOtgctiF2ubeqIvd7xf/J5C9Cmo+T89Mt7WEBEuDmEZm" +
+			"JPXvOvyh6lRcYVSBnvVW5ZSstNAQKa/8xuyN0OrE1hJWbucn";
+		public const string Intermediate_CRL_1_PL_01_09_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QTC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI7u2rh0kLw6AwDQYJKoZIhvcNAQEFBQADgYEAbXc1" +
+			"QgR2TAvOPqJmRFFrDQkPVIVyEEDTwZy5aNnoAKK+AmJ5FZkBtbPJ8qt9UeYRh8lbX8+EIk" +
+			"tyrAKw/1Kc3h7RDqAQ/p8t8kFwVQh2l4KTIukV8hYcj5sMKlt5f49ZwzWPyoOaLDomiUfI" +
+			"OY/jaDMw293AjQXxGCDtnaTvh0o=";
+		public const string Intermediate_CRL_2_PL_01_09_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QTC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIo7BHXf4/8GUwDQYJKoZIhvcNAQEFBQADgYEAq6en" +
+			"XtvIdh/DifGzWn11hqJIZxLQDGJZPoMmwSOLyB6OzsPrIg1xkOWZYEOELTR8+qP6emmx+D" +
+			"CaEbUDLj60rso0gRQCBwTgHgjeMRpv8fGnV8MJgMv5BdzsGAGQbLSSY9FxtqeCPfZ6olHC" +
+			"iUIopdZJZP8ZvGKQ6QGaMnLpJ78=";
+		public const string Intermediate_CRL_3_PL_01_09_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMy1QTC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI8QCMbzSrQWgwDQYJKoZIhvcNAQEFBQADgYEAraCx" +
+			"ruxopFbKvxOx/CIF4niG27ABB2ZwU6n4NBGYHo1Y9NjuytjjMZvQjMHyoayqpnF5TA1vXL" +
+			"jXjI3VgQcK7A4ah/0FNLFGtczyY8kXXrpbmdg8+xdNJEG3/e5rDW5VSf7OY1XqU85ySUJQ" +
+			"ZR5uiy8LxlDdaIT4WT7X5ezs3wk=";
+		public const string Intermediate_CRL_4_PL_01_09_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBNC1QTC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIt9TsG7HNd4IwDQYJKoZIhvcNAQEFBQADgYEATtjA" +
+			"BdSZYnIbv1bCL+aSiioJg9S9yWGD1mjsA/CDzvkzSffeSpvqaSy+Zwwf+NDMMG6Cs+SgU+" +
+			"sxQdJALAbb4sYGEyXj/Exh9BYHvgoVahH4NWuhm6LIN8RTcMDAtGoGYFNGXGuT8XRBUJZ/" +
+			"tH9re3gpWaE1rjWeB/2ZBR5ONcM=";
+		public const string End_Certificate_PL_01_09_crt =
+			"MIIChzCCAfCgAwIBAgICAKYwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTQtUEwuMDEuMDkwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBMLjAxLjA5MIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+g1Puqjn+/Of35mqVVUricIV5x+bpZRCAgBDh" +
+			"VYcmZFXLB/XnRd/mYTu0RR4ISEerC1km5tjGeCN2k3NGdZwz/wEh9kEL8WikSqpxUSUD/N" +
+			"vQbliz4f3YECLcpNXKzkCvszeB5ZGHa0sLYDg3r62wy+1y2rtcrHzFEoMFgnnruwIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECANGcL2klYf7MBMGA1UdIwQMMAqACLfU7BuxzXeCMA0GCSqGSIb3DQEBBQUAA4GBAHm+" +
+			"/vQ7VxDry3VqiqKnNoOhAHTTIUphNWF4jddRqVc32IsjVaeTbcGwCIRflRm/lUplRvXXxb" +
+			"JEbW9mP3nfTCREUdm49hjmo/szsPjgosFoEmuEKXThC81/y2vQkb4/jqRoOHEknU++38EU" +
+			"Juv6Y6psZNa37x8Yn3i7S+b3TM2q";
+		public readonly string[] TEST_62_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PL_01_09_crt,
+			Intermediate_Certificate_2_PL_01_09_crt,
+			Intermediate_Certificate_3_PL_01_09_crt,
+			Intermediate_Certificate_4_PL_01_09_crt,
+			Intermediate_CRL_1_PL_01_09_crl,
+			Intermediate_CRL_2_PL_01_09_crl,
+			Intermediate_CRL_3_PL_01_09_crl,
+			Intermediate_CRL_4_PL_01_09_crl,
+			End_Certificate_PL_01_09_crt
+		};
+
+		/*
+		 *  test63
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_PL_01_10_crt =
+			"MIICmTCCAgKgAwIBAgICAKcwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4xMDCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAr4LmuvhSms70CnuAHIHwz45csKvBPVtcDjA1tWNb" +
+			"NIvvNHBzyt6G8U4CTVKmsFAZOzrWJem3b/ZywM1WlDarGJAAa/SRIYZ/jQwaOIoPW4OUfK" +
+			"ZQI6MO7uAPcIQ4ugtPth10viVqZYLZn/6O26Q905YsFltuPFl64KrJVJJBlLECAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECGRn9ckrcsEdMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBANK+1qalm7Nl+PJHT9nQLVJ3ruQNAoMlH9fN52Q9BZCr30iWCd" +
+			"+GhQIPRjxZ4GWojMnqbWzYQsxIR2PLdFc6SwjQrq+i2ES/LePDtaLQddS44/+GP/+qDpM9" +
+			"Mqp3/Nbe1MfOKRBT57qgrxa8eUVieysoKeYX6yQpa8bab3qDwOTH";
+		public const string Intermediate_Certificate_2_PL_01_10_crt =
+			"MIICmTCCAgKgAwIBAgICAKgwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUEwuMDEuMTAwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4xMDCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAx5tMLJ3LRxi9jAzCSNkj8zyrSO0cImNGf6ZCIzEU" +
+			"V8LrmXjgiZboPTh9LWQ3msWDLpzaxVxDLBXG3eMO8ys46TfJKciyeoiB8wfuNGMKAccm8u" +
+			"43XjWs1KAdNikWEZupYPgdmA92oRlVcHshG9PqP4+xA6sydpu3V18Nyfa0n3MCAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECDE3dDXkS7TxMBMGA1UdIwQMMAqACGRn9ckrcsEdMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBAE+8cyOUQ7y4atc4BlZNZvGNRZ63dbGDCM2AItTEAf4ETM9v7j" +
+			"biUWTirJyoWsGxm2eIUk1V+EKxcuO3FotFUe7lS6thmVd6OYOSW+02RXMNklmptzK9I3AK" +
+			"DZNh82ugLNyrrd06BSiED+0MoGVVI4gi3wdFtRiai+MgQVeWIB4i";
+		public const string Intermediate_Certificate_3_PL_01_10_crt =
+			"MIICmTCCAgKgAwIBAgICAKkwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTItUEwuMDEuMTAwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4xMDCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsmSUL/UZBYMdqU0PecjCd+9U+1Ld3mKkH303Fido" +
+			"K6k5S4ZObxVHKhYDJyp3CcVT2+nENjzIfQQQaA11UK7Uf/jmVs0IC8e2scWzq0W2BeOLef" +
+			"jVgNgXGsXyfLi9T4KJPPyGsKlIU2R2xKxgHmAOt/tw6OYX/OaEfM1jiQza5lkCAwEAAaNm" +
+			"MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
+			"lghkgBZQMBMAEwEQYDVR0OBAoECHYI07i4owpIMBMGA1UdIwQMMAqACDE3dDXkS7TxMA0G" +
+			"CSqGSIb3DQEBBQUAA4GBAK23Kx99Y9HtFBVnHWW/NfvNro7I5Wx/ZCko6ulHm84FPAjhnL" +
+			"tvc4jmfAZd0wYPKQKWwUKUDWNEwIU1qkxyJYACckue35GLzj8aLY/z+h037vGonFmNutMM" +
+			"rcRdiV7gVD17dYLVTt0RgxsDVDtut+twqHgIaKtKyJnl9dSgFFv1";
+		public const string Intermediate_Certificate_4_PL_01_10_crt =
+			"MIICljCCAf+gAwIBAgICAKowDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTMtUEwuMDEuMTAwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNC1QTC4wMS4xMDCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEArgBnLCnqI6Sa7gXkZOvIKH4EL5i3CoG6eGG2R8aA" +
+			"kjBs78IKGYj9gY7rRajAKSpf19zvfcW8+2gBDDj5AoCy6uDnBICmqdu+hkdokVi8dJHiTU" +
+			"9LdS2TeuvFv47eiXoEBjMEAquCuSyHvW3lNrA+ESTnK3s7V4lBoO+o5mZD6dsCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECLTgYziQC9zmMBMGA1UdIwQMMAqACHYI07i4owpIMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAEx8wgBjBglU98rocddKAEKXkt4MNzrpUMq75C9HtnuOtFgM2oY/OC" +
+			"x67aZSTEph9ag6Hc+MyxWB5rzGD9j0y7OLsasE9AX8vjplUq50wq1xAFkGi1GnqRK/Oe7D" +
+			"S6R66+UFHW/3KAeNe96aaJuMcx0TRbfkGbW1ASSi/ixMd9Gi";
+		public const string Intermediate_CRL_1_PL_01_10_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1QTC4wMS4xMBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIZGf1yStywR0wDQYJKoZIhvcNAQEFBQADgYEAjkY5" +
+			"nXjLst8CMz0fyEM7Ft2d9TOOJXV4TMAfSAP9QCnit8qzrdVdJ6TJIsJNZYBz9Ryr5K/iSw" +
+			"KbYk0g6y/pskcMoHG3vJwNAxBbkf+fV7Eyve+90Z6oWDXHKLGCQQpdZ0a0wAqYeiScok8+" +
+			"YHypEVLfbjWARR9fsci2Ps3tdvA=";
+		public const string Intermediate_CRL_2_PL_01_10_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1QTC4wMS4xMBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIMTd0NeRLtPEwDQYJKoZIhvcNAQEFBQADgYEAdpTU" +
+			"xcywBjX2rD8Gu6zkDqlDmZfRXHDPtnf2RB4bHDx77kDEib6nH6DGoJdx8WnRTZsTjly3MG" +
+			"62LfVmjp/bJyKHUQqBDrilv21EWsaI9JOr673Nk5iTZa/645GdgyLzSmxvcVDN40BAH0py" +
+			"/2gvBQTPNzp2W1IR2mebuLdHwTI=";
+		public const string Intermediate_CRL_3_PL_01_10_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMy1QTC4wMS4xMBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIdgjTuLijCkgwDQYJKoZIhvcNAQEFBQADgYEATVf2" +
+			"cEEGphsIe0AsqNJ5rENLe8DeDAV8R4XCKdeP5qmHmLMm9Z4pX8bIfU7bCoXiNIwGvIU6ag" +
+			"FmHPNHEj70cQFVqCX/ZESc02hit+Os9g7pcl7s9QgwVUCMZdCiF/+pSEp3eCL5tFoKmAZe" +
+			"nxkL0KOSuKmBzuqRtZufbhDvmbw=";
+		public const string Intermediate_CRL_4_PL_01_10_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBNC1QTC4wMS4xMBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAItOBjOJAL3OYwDQYJKoZIhvcNAQEFBQADgYEAbG2B" +
+			"BhvRQ1pY/8VFeiCRFD8mBzq5iW5hWv2P7Zdp9zEbQo0fI4Kbis3OGemEttCxvAc/UPfogr" +
+			"UudImf3s8sLV9BS59xQUGQlxZ5XBNlripY8EjHNWrwgy7/x4hzlZ9yYBbqoNOqnHLy/gbM" +
+			"XZWoCbIK0co70lh1soOQ6eqLDKM=";
+		public const string End_Certificate_PL_01_10_crt =
+			"MIICljCCAf+gAwIBAgICAKswDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTQtUEwuMDEuMTAwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNS1QTC4wMS4xMDCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3bx0qx8s4Zse6Ri6NqkLEKUPLIOhTFj/9Dh7sxvE" +
+			"HpemBlTjbp2in08WTxEb9n8iAIWuGs3Vqm82ttBQmayjIaWD5oE/BE0oV/e91NAv/aRLsl" +
+			"f7VtOb6vi8Ef6muOAjI2dUaUD6QONkqkJhnZ353uR3LZnsAEAW+InePGFNEGkCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAeYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECIokB8m8Vi4QMBMGA1UdIwQMMAqACLTgYziQC9zmMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAKBGQwZQLQFXb+/kjP5xAtq+1rRtrblytjpv3ujJrKH1v2VB2+9boB" +
+			"0YYYGJTy2Wuj0ZBEMeTzMO8Hol4Mq9pnYv5DCmfnZN3FuDidgnRsCjM3ZL7NcXXG9YwlKF" +
+			"G2SXj0YfkSwN9gnyN11W8i+F/OSjlm+TDKHB3ePMcY8EnnXy";
+		public readonly string[] TEST_63_DATA = new string[]
+		{
+			Intermediate_Certificate_1_PL_01_10_crt,
+			Intermediate_Certificate_2_PL_01_10_crt,
+			Intermediate_Certificate_3_PL_01_10_crt,
+			Intermediate_Certificate_4_PL_01_10_crt,
+			Intermediate_CRL_1_PL_01_10_crl,
+			Intermediate_CRL_2_PL_01_10_crl,
+			Intermediate_CRL_3_PL_01_10_crl,
+			Intermediate_CRL_4_PL_01_10_crl,
+			End_Certificate_PL_01_10_crt
+		};
+
+		/*
+		 *  test64
+		 *
+		 */
+
+		public const string Intermediate_Certificate_RL_02_01_crt =
+			"MIICljCCAf+gAwIBAgICAKwwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wMi4wMTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3AN+Y3Hl/9V0nKXHQotb/cA2VfZc5vrRu+ZjwKgK" +
+			"6KasGegAorKSTybYX/fTbnaPwykDPfSscAnzAW5WdF9+wTLmvYc+6pkcx1ryKkGmofFMXi" +
+			"bZ5LUO/oK0iuNjBKfLdWoi+hpciKyPb9Bs8SO/svKSNqTEbn9ts3q6tpbngoECAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECGXQ07qiAqv2MBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBADKtN3OOaRdte0X4xLC6nTGaK/u7IEKQ0DjduDHwJR5w27zefrx48Z" +
+			"dlq8t5lAfQJqWmfk7iCIW1QJPLcZOouWDP2S9Cb0YooGQRIEkMjpBn3Xufx0XUphtCDs3W" +
+			"9LAMVXqfuce1tpZ6Dvrh6/H2X8rJMU29Czsz949bh6tcsHJi";
+		public const string Intermediate_CRL_RL_02_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1STC4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIZdDTuqICq/YwDQYJKoZIhvcNAQEFBQADgYEAxrDH" +
+			"zKno1mkJqPTub0c9To6jC3CGTilV1E12oD0kFjkXqL40+W251qQ2wMC+G7ZrzBIc5dRuJ9" +
+			"3feHZ7cc03/s3TziXDvSyfNOYpHzkPwT48HuSgBYgJ3uswwk+tDiA64NzbOJqssxxhFRok" +
+			"9OpwC8eQkzgpA3a6816v2I3XL9s=";
+		public const string End_Certificate_RL_02_01_crt =
+			"MIIChzCCAfCgAwIBAgICAK0wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUkwuMDIuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjAyLjAxMIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCykRGcIKuxia47yRmJT8XpNNi2LTTbUUTteIBp" +
+			"DZBfz2ExeWLruO9Rn1/oB/EP+4apx4r9rQ2tGsvr/7qQYeQK8W7eJzZgvxFadY57IMfUNq" +
+			"1nEnj0ZvuWrOSf+K9v6FWX5Y2uyZS5Uvb1VVQv0Ev890+yXTtthPTjepk3JkkouwIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECFIkVrx7NRAdMBMGA1UdIwQMMAqACGXQ07qiAqv2MA0GCSqGSIb3DQEBBQUAA4GBAI+B" +
+			"T6bFZruoeFHXsYVjkQ42jSdYB9JuQkG7JLKte5gGlhyR+jMlJBzxBgNIfvlmYSnbRFPbE8" +
+			"eqsGm90hJJoUuVMkm0i03H13uddlS494O6HhTGpaKcYwp3hbLhVcaY3wFTqTCuZk1T7Oxq" +
+			"ggTrCDYvNH+/ZpQuy6nB/FH3SAHS";
+		public readonly string[] TEST_64_DATA = new string[]
+		{
+			Intermediate_Certificate_RL_02_01_crt,
+			Intermediate_CRL_RL_02_01_crl,
+			End_Certificate_RL_02_01_crt
+		};
+
+		/*
+		 *  test65
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_RL_03_01_crt =
+			"MIICljCCAf+gAwIBAgICAK4wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wMy4wMTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsZG8wsV3Kuo+jtnKxLYGBuAqQwUh6Cs7ioDTNUFI" +
+			"UDDJ0lOP1HVTMBA7DEcyTCGvnQ02dEVVuCddBTQvG5RvW7G7cCEW37cS56/3yPsU1bD/cp" +
+			"3C1pPJpoun04va91Sxtgcmx7jnz69QPVrucu6aI1sZyeOlvzb8K7DceaAfR98CAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECMNzJ3SpyOLxMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBABo7oKmQilgji3w1tGz1cMrWxZxqGJqOAKcHywli+oxFo2oxSfEuFS" +
+			"tN2aEd2Ja5HU5a0ySztvByXF1TTNurGez7ARxmcS2kpoQtQXTloywza4A5N7iQwk0yyo/E" +
+			"J4lrXUfVRwZHr7FwA7qMODtFb0+Zivv9JLaq19GhnRhzZyWp";
+		public const string Intermediate_Certificate_2_RL_03_01_crt =
+			"MIICljCCAf+gAwIBAgICAK8wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1STC4wMy4wMTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAt7yNq1QZsV3p7OR8rgPuY7x7Bvs+nPhcLR7zFOgR" +
+			"+plQUwpWQ2PhuzReVV4jNasKtNK9MIWoeV+eV3pEiso5obb9+Byvha1F6gkYNZMPs9Iv86" +
+			"cJSMtownNJVGVAL9FEpof1QKLp7kfn08EjkoGmGy85xy9uFytd2S8n5TlrBqcCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECAVwoCPFqMtqMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAL9GufFieduzBJaMtsXtKHMf64O/KAGLSh1YDXS+a7Ku+EFw+WteKU" +
+			"Ob6+c1m7VH9P711eATQoACotCdKusPECqeYDEmT9keqA4f7cP4VcvGwhvSVQJsPuB3LL3S" +
+			"LIILE4zhT+O9G+5v+mkG/pEDirRYk6ZkdM91bsUuzsX40uyn";
+		public const string Intermediate_CRL_RL_03_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1STC4wMy4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIBXCgI8Woy2owDQYJKoZIhvcNAQEFBQADgYEAkwyA" +
+			"I1rrz6tOmEpBHDzuJfqY2nbXCIXFN6dVuaKNZWHJ4ZNIc4/t29Wa5GgXYrVXyXRcXP/u5k" +
+			"NEhOX2/NwCm6vL8+tclYP5qPLrh/Dk4v3nvcTFLKCvclAbf4Il0zfMQx+RRnO5PPqPDu5i" +
+			"1tHHwOtA8Q+oO71lZEwPE+pX1Sc=";
+		public const string End_Certificate_RL_03_01_crt =
+			"MIIChzCCAfCgAwIBAgICALAwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUkwuMDMuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjAzLjAxMIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPGLfi8/T5p63cbGE98mqO5VzkeI1r2/2TLgvY" +
+			"RpL1h8i+CVYKoX37yYwNXf+HkHhj1OXJSNrm7853ctmDf2h1fv3f1+qJLg4VRVzlEgErNq" +
+			"74OR7XLXV77kGOmhip2g5BF5VKeqAdj0pCo1E5ZFHpRPFq/0DDmSda6GKJ6Dl8hwIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECOHM3uWxFmcrMBMGA1UdIwQMMAqACMNzJ3SpyOLxMA0GCSqGSIb3DQEBBQUAA4GBAFBu" +
+			"doX0TZK/yoUcrSkP8AtFiv5c7QvyEtigFZTT+lbW/g4RX/oJGNZCu78yAxCczl+Z6ft+0V" +
+			"wInwahjyyAgw4QXxtw3b9CfqvT7HH7hcQ6r9ZA/NA9XpzNtxKfmXjzCZWdfmLJrd8KCnU/" +
+			"utKRAObRBKiaTGa178SEWvtkoIXd";
+		public readonly string[] TEST_65_DATA = new string[]
+		{
+			Intermediate_Certificate_1_RL_03_01_crt,
+			Intermediate_Certificate_2_RL_03_01_crt,
+			Intermediate_CRL_RL_03_01_crl,
+			End_Certificate_RL_03_01_crt
+		};
+
+		/*
+		 *  test66
+		 *
+		 */
+
+		public const string Intermediate_Certificate_RL_03_02_crt =
+			"MIICljCCAf+gAwIBAgICALEwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wMy4wMjCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvoTuc2LYBOhziBe02f6F8l9MwX74O1lknBcJjGvq" +
+			"JcirQx/6hQgBQT4hz4RRXNy7DSBr3swEw4eDNSeyd6kvG0h9oI3+SVmVyPPVi5eKDL1roI" +
+			"OBzmfx1+Nn/CnwOf8VroKDutBBQ0gJ24IEjwp6er/8hEAVN/yIjIi/MTFeoRkCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECKtCUOlmMPu6MBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAI9x8O/JgJuZV/s4OBUy3AvcW9QP3HWWBQSdxUdjSosT2schjn7wrR" +
+			"gttL7vWjT1djsbATAHa5C3inG+VjGIq/NqWaPoHAucRNMs4oZX2ACZFuBLOb/qhywsKh5+" +
+			"bjv4QgtqkUedzEratY6yQiJSiMSJVJSMzHosTVMX7oOp+cll";
+		public const string Intermediate_CRL_RL_03_02_crl =
+			"MIIBcDCB2gIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1STC4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAjMCECAg" +
+			"CyFw05OTAxMDExMjAwMDBaMAwwCgYDVR0VBAMKAQGgIzAhMAoGA1UdFAQDAgEBMBMGA1Ud" +
+			"IwQMMAqACKtCUOlmMPu6MA0GCSqGSIb3DQEBBQUAA4GBAAEZ0Hg6sKiVXIeK6zbQrKtMMz" +
+			"Vz2K68+SqN1LAjlNW6u+HSTlAvhRIFO1Hv5Zj7qbO226rLxas/X2XWXpMlm84NHN8T4dZU" +
+			"4Yo5rhhpCHckRxNYn3AFcfcV4ra1rrTtdx8e7e7/m0Ghog9Ny52ZuQThasL9caF0JxUx6d" +
+			"zbBHPm";
+		public const string End_Certificate_RL_03_02_crt =
+			"MIIChzCCAfCgAwIBAgICALIwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUkwuMDMuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjAzLjAyMIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNb6HGPRDulLMCCyCq6w2X8rHPtm1gN68JXFkX" +
+			"j/BZsHhu29Z9hXj76hO//7O775EPVMSLyRy8t15yzYpXfZRHFaGB5bs8U2R5ClvsD2FR0H" +
+			"t0JVfU6Ggn1lhO+jOiguJtXVRjofsfvHuiOe75ctaJ9lBpgwiV8tk4VRKz2e5xVwIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECI3Gy0TgXMrwMBMGA1UdIwQMMAqACKtCUOlmMPu6MA0GCSqGSIb3DQEBBQUAA4GBAISQ" +
+			"Qh9+7D6nk3FL5YQOzyZ0BSHQYjpbIVykJ+Lr4jBPKyGgCqW6jqWNg7X4waB77J2z/OkavY" +
+			"A6qtpsk8r2wmG9thi8JyZZNhYMxAszHzFbBmSoxGRMvI0XarxgIu8Ky6V7jKVDLz12C3o9" +
+			"H0yd+nZXilCD+p9BTjjg5bGUogJS";
+		public readonly string[] TEST_66_DATA = new string[]
+		{
+			Intermediate_Certificate_RL_03_02_crt,
+			Intermediate_CRL_RL_03_02_crl,
+			End_Certificate_RL_03_02_crt
+		};
+
+		/*
+		 *  test67
+		 *
+		 */
+
+		public const string Intermediate_Certificate_RL_03_03_crt =
+			"MIICljCCAf+gAwIBAgICALMwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wMy4wMzCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAu/o0uxgTrAvNDrMNuG2eTla+AmkLVCIXBbsIo0gs" +
+			"tLm29tLwfBh/8l5OC0y6Xeh5lx+NLdelsiZGRNaaWmWHj9Ji5V6rclr8sXRDUjxe12zLeh" +
+			"0G+a0TfpL380cx9RItqQyA1ZRiUNymmJHnm13hwrf7LPirR9BMrtyTT2EI3cMCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECHYt39LYdEn0MBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAIoSGa7MxnOuHoWM/BoJKsCeBmBHYCYDKmQ19JfsDHW8z8oAFiikFb" +
+			"Gtw1Qpc0GFfJgN0cppaXfe5lDS6BWL2dPorhu3URfXKu84ATLwGmNhqLDY7zh/zPvLtG2m" +
+			"izaMLC6ZwZL5KELpYpcP15EHPDquyP1xpV3fT17GjpG9IH8k";
+		public const string Intermediate_CRL_1_RL_03_03_crl =
+			"MIIBcDCB2gIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1STC4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAjMCECAg" +
+			"C0Fw05OTAxMDExMjAwMDBaMAwwCgYDVR0VBAMKAQGgIzAhMAoGA1UdFAQDAgEBMBMGA1Ud" +
+			"IwQMMAqACHYt39LYdEn0MA0GCSqGSIb3DQEBBQUAA4GBAI3HsXanos/N6uO3QVUaBZzmCt" +
+			"w1HCHMrLVG614YlUQiEedQ/oEc7dwCeD1rUbGNVkFPIRvMkmUQo1klhKAlEUmrtW+aH+If" +
+			"6oqumifqxvaycWidacbgNLIAMQtlQmniPF6Pq0dv8sNeKq4CE0gjRHOPJ2zIqy3kJ3tZYB" +
+			"pTguwO";
+		public const string Intermediate_CRL_2_RL_03_03_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1STC4wMy4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIdi3f0th0SfQwDQYJKoZIhvcNAQEFBQADgYEAXZSZ" +
+			"ySsD7U6ETy9ZRmiKUCJMUV9CIhCY0mEihHjW0DhFTyV1Hr01yN5zUr/IFVuP/Xcx36IX4l" +
+			"dVv6/MgR1GeM/BUGZhm4z6YwfAosZ1N3zayIy/pP3fa1rVRl8cgCxc/8qxg9nH9p6yPpxM" +
+			"AOOu6TLYquk/dA7wJPEW7MPixXY=";
+		public const string End_Certificate_RL_03_03_crt =
+			"MIIChzCCAfCgAwIBAgICALQwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUkwuMDMuMDMwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjAzLjAzMIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5LNxAB+lm514Hk2ykrFUb7fCX0ryIEMg0mgeT" +
+			"/z8Iw7xisht57koK4PTXY863aunfNNh+8oFTHZnoLB5dbkROj1nFRgcWPezzv1wNkZEpxn" +
+			"NINtTPBogW22NPznoZ/rSk9JRFe0sCOVazkW9tZbY2ARqyJsYU1ez5tQIkDS47kQIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECMWddsi+qmxKMBMGA1UdIwQMMAqACHYt39LYdEn0MA0GCSqGSIb3DQEBBQUAA4GBAAv8" +
+			"nrJaqEycAyIKdPBYTUqaxjkv4SmonDDJG9OqvD78/o9hUKKteoMkNUp8eexTkWk0L72L4N" +
+			"/eXB30+m65E841V+Dy8L4bXh15n4qz4cyMt8Kvm7nbCqcgpiyBJmBxzfaXDLSthlmhcJ4X" +
+			"zDFnav1LEw5fZklt7cnMl4YvLD8d";
+		public readonly string[] TEST_67_DATA = new string[]
+		{
+			Intermediate_Certificate_RL_03_03_crt,
+			Intermediate_CRL_1_RL_03_03_crl,
+			Intermediate_CRL_2_RL_03_03_crl,
+			End_Certificate_RL_03_03_crt
+		};
+
+		/*
+		 *  test68
+		 *
+		 */
+
+		public const string Intermediate_Certificate_1_RL_05_01_crt =
+			"MIICljCCAf+gAwIBAgICALUwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNS4wMTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA59vHTe5A9AcT237mW7HdSfh8Pu4P2wJNLT7RXczN" +
+			"7DD/P6mAkugSgPTXwwlE1oSB/hCxAtEPhwONYZFYlRClFJidHDdVApalB7UbosTghsUzAg" +
+			"Lqw7NL+w9i3Un2G7JM2oWwugozQn/1hzr2Cii2TIB6K0RWKoPBJvaWUURS/G8CAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECP55Cc4eBca8MBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBALX594y5uF4Rt7CoRHeKZ5h8QiG7mc+kQDMjaSU4KJwNVVL0mJatQG" +
+			"w90yFfhvprlgDt9UIAvpF6z5gysbrjHXJaEhVlXeg9D5mcxsL4THEc8f6oU1GjfT/SOD9l" +
+			"QrT/keX3D9lcFEaTOgi0HIZ7aFIJgoWjXF/9kNNMEAs8sJNI";
+		public const string Intermediate_Certificate_2_RL_05_01_crt =
+			"MIICljCCAf+gAwIBAgICALYwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUkwuMDUuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1STC4wNS4wMTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtl4hX6HlF0M+lSBTG8jHiB06hOy87LL81yAE2JQt" +
+			"/6F+LZjuOBTCIc2yO2bVM3XzUnjyYDBYGnBFp/7XpRoiADuPJSfmkzmezpyJc+hm96UR1g" +
+			"Bpo+pPKbRTWuM+FYy+vPtaDk5wKOrmyNx440PwbzxTN3JeWz17xeYE98bXMc0CAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECJOjtwEYV9VSMBMGA1UdIwQMMAqACP55Cc4eBca8MA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAFbkOffoIjWSfxEuKszoK7Fj27Hf5jlV92xqXtBLURjNGi9jCLUIUd" +
+			"QLnONZLJYo70Z6XaGjpAK1EtZKVWsz11JDq5egE1zNES//9Tz8xDtJ7Lcq0mwneVFxmBuL" +
+			"gxkw4GKbBFKz10FoSP7VJWaeW080WwKnp96Me5GtZRe260N1";
+		public const string Intermediate_CRL_1_RL_05_01_crl =
+			"MIIBhTCB7wIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1STC4wNS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjA4MDYCAg" +
+			"C2Fw05OTAxMDExMjAwMDBaMCEwCgYDVR0VBAMKAQEwEwYJYIZIAWUCAQwCAQH/BAMCAQCg" +
+			"IzAhMAoGA1UdFAQDAgEBMBMGA1UdIwQMMAqACP55Cc4eBca8MA0GCSqGSIb3DQEBBQUAA4" +
+			"GBAIdOaBfpAEKWLrSvepVjk3UTfEfsSP6y+kFMl33YXy18xUvVpLarGu6YjQIpXiL+ulkP" +
+			"eF8TAc9AarUjvDf0kcslIOt3NhdMxR4/F614Ds/rPEXs4c7n4kCkvAlFg/19iIFeCaynx3" +
+			"X0s/v1SwzgAUHi3P+OwAGDApDTyKbnmzvt";
+		public const string Intermediate_CRL_2_RL_05_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1STC4wNS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIk6O3ARhX1VIwDQYJKoZIhvcNAQEFBQADgYEAfOOd" +
+			"JiLUCFSurAafQEBfxE9KVrgFC+W9m64cmERicO1QL9aDVIDGJAIY1pdvWVdhLBIKwSugwB" +
+			"ZH3ToptY+VizvFN1gkKGL2OuvDsXPHn1+QgmqvxYFPmvwDcwuxZ/3zD1VeHgEIKo9ugRnW" +
+			"F8G2Ph6SWUxJCjJQpB7WIbydowI=";
+		public const string End_Certificate_RL_05_01_crt =
+			"MIIChzCCAfCgAwIBAgICALcwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTItUkwuMDUuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA1LjAxMIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9NWkW/mia20c5gM3DpcTsBWTNC/d/Cob+OVrS" +
+			"lYytMjK4htO3MavavMZNTLAYFCXWhZ+Uo/uiAF0ddE4HaFI418eKJMSSbQyed0TG5Udw/t" +
+			"3dhYeLzLEmVc0r00q5v+CLINsCNQAKaPV71UvoHrE092zZjmtacuAetBS1Q2ufpwIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECGNPOXdCLpZ3MBMGA1UdIwQMMAqACJOjtwEYV9VSMA0GCSqGSIb3DQEBBQUAA4GBALTo" +
+			"hfBEPdzZ6A9QNStakOhmhHYox70xOPuWqzSbIugZv4chKXNQGiUAoOGImTw1mcun/uPNtd" +
+			"0bT+O+a9yX5gzW55CSmR/teHkTkND1mJhOMuYOmaCaBHnqgIIe1iEhMZQgag70+/tSmmQm" +
+			"UpWGpxeK2c02tBK6gEmnqk75bKRT";
+		public readonly string[] TEST_68_DATA = new string[]
+		{
+			Intermediate_Certificate_1_RL_05_01_crt,
+			Intermediate_Certificate_2_RL_05_01_crt,
+			Intermediate_CRL_1_RL_05_01_crl,
+			Intermediate_CRL_2_RL_05_01_crl,
+			End_Certificate_RL_05_01_crt
+		};
+
+		/*
+		 *  test69
+		 *
+		 */
+		public const string Intermediate_Certificate_RL_05_02_crt =
+			"MIICljCCAf+gAwIBAgICALgwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNS4wMjCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAouNcO1wHvKHPR15L7Fohr/QbTkPWGr9QYp2MXEDy" +
+			"BRGHt63Ob+yNvsP/C74GJA+PzvcRELSnJxmBVbdRN5y/u4S6Zt4yTTcrvp4vl//luoGLOX" +
+			"NHhCXbrGavyoP/iKpbfP7fy948AN34i95HuZENoGPjG5stX0uk12P087S2tPcCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECFi86MGPmMsXMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAFVZVMZEsaVuL0qX5Ls94+x8gBklxPfxgfG5LeBR2/YcqW+7BhsVA1" +
+			"GQhjBtwqCU9SOL16oTrqgw2+YeWBjaYuNYVlxfdifd0pQydpE1iDQWxmoKLzSDmtWgRYhz" +
+			"v0TB6j8q+0x5Q0OOrHX0jdIiBnHrLmReCK8dY1x6fb6I0tTH";
+		public const string Intermediate_CRL_RL_05_02_crl =
+			"MIIBhTCB7wIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1STC4wNS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjA4MDYCAg" +
+			"C5Fw05OTAxMDExMjAwMDBaMCEwCgYDVR0VBAMKAQEwEwYJYIZIAWUCAQwCAQH/BAMCAQCg" +
+			"IzAhMAoGA1UdFAQDAgEBMBMGA1UdIwQMMAqACFi86MGPmMsXMA0GCSqGSIb3DQEBBQUAA4" +
+			"GBAFMN6PWjz2bA1RRySYNXde2rKiYkZYghbtT4ig2yDJBKOiPnjdx+jriFJxGYpt7BvcNx" +
+			"cDfijmDZ1clzprIvz0lFO6IwsQiWtLxOz4Doj6K2AD+7IxuGLceaXmubvi4e6VVC3xXGsu" +
+			"OYsNgFzsdUXIazi74+eOcj4dqrHAepbhXT";
+		public const string End_Certificate_RL_05_02_crt =
+			"MIIChzCCAfCgAwIBAgICALkwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUkwuMDUuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA1LjAyMIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCuWE1aFx3Zjk6gM0Wy6ijcUegbiGvhjBgqIGwv" +
+			"YissT0v3KGAKoh5wGeKC+rePQNbZ91j4XDLvUNUdNw8HVNdNG/igIwsuaJ9teKSbqrAw9X" +
+			"aD2YjJz/I6X6WXFd/eQ+g9lY3eidOXJkglYSwWMxUV62RUZbGyqjR1so+XpmYxCQIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECLLbuNyVkkK9MBMGA1UdIwQMMAqACFi86MGPmMsXMA0GCSqGSIb3DQEBBQUAA4GBACKt" +
+			"GgxIRXYHZGZgwYHjNzquM1pUJTbxxm3qYA4U6r44oAo1UzQTDpHOalflreGFvG05l1BCnQ" +
+			"olQ8rcXU25v/CDfyww7cl8l7IxjYz7PNht7R97vjfMVqqButbn+BmU6D5kR9YXDCDPzaQ5" +
+			"DrKNk+3tIjJNj6YhxhqC2tPG9RIN";
+		public readonly string[] TEST_69_DATA = new string[]
+		{
+			Intermediate_Certificate_RL_05_02_crt,
+			Intermediate_CRL_RL_05_02_crl,
+			End_Certificate_RL_05_02_crt
+		};
+
+		/*
+		 *  test70
+		 *
+		 */
+		public const string Intermediate_Certificate_1_RL_06_01_crt =
+			"MIICljCCAf+gAwIBAgICALowDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNi4wMTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAmhxr4ckU5C3E57odZjgcxl46ZF2QVy+K86YoLOGT" +
+			"mq34NSHTFxP93mrNqMYdFKFedUTNI68HkecFVvVKoXsDNBnhyyCTQ3xXhBcMUXFByB+55k" +
+			"W5LeQ8l1G2ugsyZ7Z+P8uylrpeGJt4RjOTilhcI2mnfZ7S+arFGe4KYgnsaFUCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECOS4X3XqhyJYMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBALCPtNwXGxVSUNGErkBHSYCHyqlA55jKQQvZ4P0PznWEQ/gBJx34hq" +
+			"LxiBO2G+iDomzHszeM77TXkQBpNxCUw26Jxv2HuvyBXuSprgjw5F1tvLqwsBAnD5vsb0uD" +
+			"NrkKIzJSIBFQ1SRhuCObaXnamfPJHBmkP25t4QqEvoXMtVHB";
+		public const string Intermediate_Certificate_2_RL_06_01_crt =
+			"MIICljCCAf+gAwIBAgICALswDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUkwuMDYuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1STC4wNi4wMTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2IKrW6HDZJVFw3e4cC7v/jPGXAexI4B88707NhAc" +
+			"qxSVfGTPJBdfWo5pkptZKN5/L5n6+rixLItHnei/uwBCHvhwzeEIGo1yVCgz6R2MoNB966" +
+			"Q5CHWfT43BUjp0rZLJkK4hVKNyXB78NVv2Fly+XWBDEnzQvgVPWbGOvzE3zh0CAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECK/1z9Xbu2jGMBMGA1UdIwQMMAqACOS4X3XqhyJYMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAAa/MVC+8ozm9py40a4o/kHbkkmFNQr4s9yi3KXXuVxsNvquFMXm4a" +
+			"gC8GPoNjvV+RPRmU8wOM6I2/PPl2JEQRb7NDM8LkY/m/Au4GHVeln6FKlldiRm0A+YIr19" +
+			"ip2RHOldikAjUUYv7JT3SP34sjtq2e8bsXfWEPG5BA/wxtm7";
+		public const string Intermediate_CRL_1_RL_06_01_crl =
+			"MIIBhTCB7wIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1STC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAjMCECAg" +
+			"C7Fw05OTAxMDExMjAwMDBaMAwwCgYDVR0VBAMKAQGgODA2MAoGA1UdFAQDAgEBMBMGCWCG" +
+			"SAFlAgEMAgEB/wQDAgEAMBMGA1UdIwQMMAqACOS4X3XqhyJYMA0GCSqGSIb3DQEBBQUAA4" +
+			"GBAJSexboWDaqLVY6iiWt8ZX5GwuNwDBN1R2TgM95H7JqjMgoWML887dKk24p4eKACFMWI" +
+			"Ji9nwsqdZ/h1FtPhYpSoJ8l8vo4imMKr+tTnMngDNpMMZPQyRY1AK1jSrLhEtUdjiEtrTY" +
+			"rG56RNt4YyUtNxxfkEymvwJxmO/4YcAz/l";
+		public const string Intermediate_CRL_2_RL_06_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMi1STC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIr/XP1du7aMYwDQYJKoZIhvcNAQEFBQADgYEAImRg" +
+			"n9A7px9exOJL4Se9jsSHzZ3sAd3y16LdAb+HLtYLl1swNB4KPE+OebtzEoYiSzVVwezdlm" +
+			"5WseZjfbd0q01srZI4FeACZe99iBSpKymdKxw2gRvfYZ8ZMwFpK2mQq9cmygFn53iOwP7j" +
+			"3KE+lllielu7sYyEnkliF9wsaG0=";
+		public const string End_Certificate_RL_06_01_crt =
+			"MIIChzCCAfCgAwIBAgICALwwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTItUkwuMDYuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA2LjAxMIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZVBNzD7LZW6mC2GSbVPjpcJ7sWISYsL2eHqXb" +
+			"/PuxtbOneOjYqx0GeL9pxDGSSNl2NrlG0G1HTU2MaEOVA6h96W9e5ADV/pzGPMr97z+3BV" +
+			"unxLX+ciM3T7rUQm/LueQTEC2Ww19T6QOg2i8rEadYT0OoW6OcvyuomemspxgClQIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECK5pHDrhL7xjMBMGA1UdIwQMMAqACK/1z9Xbu2jGMA0GCSqGSIb3DQEBBQUAA4GBAF3J" +
+			"Kskjs4jp+BBoei9YWYtmOupn9w3oGyhknNh2jz7api5Gtgk2SyKfYFvN6EhWZJEab0hPFe" +
+			"WuYwO7zNCLGHw0cFXT/R48ogd6JkH6xDwj4afZDkWVTu8oaVD4h1rTYS6WPRzizAozOzhi" +
+			"tmIo+MV/lCG8+jdVtFgeKycI8aX7";
+		public readonly string[] TEST_70_DATA = new string[]
+		{
+			Intermediate_Certificate_1_RL_06_01_crt,
+			Intermediate_Certificate_2_RL_06_01_crt,
+			Intermediate_CRL_1_RL_06_01_crl,
+			Intermediate_CRL_2_RL_06_01_crl,
+			End_Certificate_RL_06_01_crt
+		};
+
+		/*
+		 *  test71
+		 *
+		 */
+		public const string Intermediate_Certificate_RL_06_02_crt =
+			"MIICljCCAf+gAwIBAgICAL0wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNi4wMjCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxMlJ0vbkMRGzuEDTDGuPmwDzU1xn3dFDZ1Tx6ONP" +
+			"fwNN5gk6r9kYl5TZ8f5TbkQSnOzyhDSqX8dGumCSgukETXtYBU2+KiIAtliu5NJRbXe3La" +
+			"vn102HxaHDLGsR0FFLiFM9GVhOOXryJoXoGZqUwvqbWyaQQEzrV4RWmuOv7xMCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECFNaMo88Vb5MMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAJsjJG4/U1OWCJPB1u7UD3TPKRgOR9hT5l3LzFw5s0CEGt2Beg25LP" +
+			"GEGcr0sEdosVQI5m5CuPolpmlQv0FkZv5M1W+uXX+F/6edtMDEquDpdR97ihQSLZjFFqjE" +
+			"ytuaD4gqtL/BKBbz3e93mOmR9Wi+kWlXOYl0j8wpU9ePSjDV";
+		public const string Intermediate_CRL_RL_06_02_crl =
+			"MIIBhTCB7wIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1STC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAjMCECAg" +
+			"C+Fw05OTAxMDExMjAwMDBaMAwwCgYDVR0VBAMKAQGgODA2MAoGA1UdFAQDAgEBMBMGCWCG" +
+			"SAFlAgEMAgEB/wQDAgEAMBMGA1UdIwQMMAqACFNaMo88Vb5MMA0GCSqGSIb3DQEBBQUAA4" +
+			"GBAAKNj5xmtE7wzO1p5igiAmCDV6KuYsiPAQPHPEBlmo85vzvWv2hpEtmk4nDhehogl0QX" +
+			"rhvRRqR+cPE5vBLB8mAStW+ZR6FXQPnmU5qGHqCQ4Wh6TWZesd7oyftoS7bJD5Xdf5ErA9" +
+			"qijWoz8FgxZHVnAFmjA0rUINkdQ5JfE5oj";
+		public const string End_Certificate_RL_06_02_crt =
+			"MIIChzCCAfCgAwIBAgICAL4wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUkwuMDYuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA2LjAyMIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD3UzwrnwKRlP00Pn49iI35S0wLn7c1I3rsmzdm" +
+			"YFicetxHNeOKXLg1CN1bqkbAJ+N39fKjrkusqb2T+R3zhAV5LeLT4fzbHYdU7f4r6xgW2/" +
+			"b2WLv+QVR+ldTsVxgPp/ZUgYi4/vAow4Q/6IT+zWtlawMBob/nLjVl+jQ9N4coFwIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECPhq75noL+9WMBMGA1UdIwQMMAqACFNaMo88Vb5MMA0GCSqGSIb3DQEBBQUAA4GBAIU2" +
+			"5bLX/NyDC8dKUxRwVn8oc3YPQjK0zXGdUr15Ib+cLdRyFVCuAyxVdpTf/csuga6tDhGuTL" +
+			"B18mTE/fAjhUOiKiOLD6m4P77Nj67l2NTi86RimsI/Z6r5+bU31ahrls/7kr788+f4oEIY" +
+			"TyOJecojsJUOG3qzK9J50iszclxg";
+		public readonly string[] TEST_71_DATA = new string[]
+		{
+			Intermediate_Certificate_RL_06_02_crt,
+			Intermediate_CRL_RL_06_02_crl,
+			End_Certificate_RL_06_02_crt
+		};
+
+		/*
+		 *  test72
+		 *
+		 */
+		public const string Intermediate_Certificate_RL_07_01_crt =
+			"MIICljCCAf+gAwIBAgICAL8wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNy4wMTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxjHxSRwJjEkLG9Al5uSQ22QI8N/hJ8hhkhh9qlaJ" +
+			"mHusM8sWpAp2vnuumlThTA2zZbptXZ8Krb7i/Kpym4wo3ZkEThwi/ijsM5QCunQJmESRGD" +
+			"yPZJjfhWjoC+lCjbmzsOGLMETpgSEMy+EyoXkRCnKmXcmCMS8HjLrqdnwiWBUCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECHPEkeIs8GuwMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBABCmgEnb8dfnG9lWQKT5BmQm459WqRQAiqdfqf9w0qRMuVrdfLMwqx" +
+			"oq4uh10A3d+auHohgT2fT9RzNaWnRoNaH9K6qLQsdCUZdqjbEGdyiIFzvWP9MkV9nhDlo2" +
+			"GgiU68HfnpKO/WA9EaRHyEzwT9o4SA7hAbz+3L12hB2WLSOg";
+		public const string Intermediate_CRL_RL_07_01_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1STC4wNy4wMRcNOTgwMTAxMDYwMTAwWhcNOTgwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIc8SR4izwa7AwDQYJKoZIhvcNAQEFBQADgYEAOyZr" +
+			"f1tRnuzoq7dgQo+eOYhb5JyRyrNaSwNnRy82wOP+/G3NH8V3NGonDFOOcd9SoLTbeW4o71" +
+			"vdOrKZgom5H2MZK5M4wTdfPAfXB1wBxOMzW5jXzsRtaha4l6EPI+GVL0eXN+aW3k/pscdA" +
+			"ToI+OxTmRRnCYS6yW3qL9RoTIXQ=";
+		public const string End_Certificate_RL_07_01_crt =
+			"MIIChzCCAfCgAwIBAgICAMAwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUkwuMDcuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA3LjAxMIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrm/Zem9Tt2UJFUKdAhTNwvhLo03uOax74ZgbV" +
+			"YNTCpKeEWkV5d5d7DRC4mCTX1yjIlg6K4l7T+sRGI4XAcDRgYLuoyG1X958XCXSdIPTdbK" +
+			"Hxs/tFv4mrCwi1kU+zjyzDoqgjT6kUxgM39rfcvDMH6qSzHQKgTFp7Tj/DHiELqwIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECGFR8c6rRbhcMBMGA1UdIwQMMAqACHPEkeIs8GuwMA0GCSqGSIb3DQEBBQUAA4GBAANZ" +
+			"TVR288mKpDDzm9XZMZ9+K1kPZ+eQYX+vUul11luVw27AIJGR8Fb4PIGl4+ALvqU3NQP/6v" +
+			"d+zvS7IfiR6q7aLS3w111BUCgDhTJAp3oSo12qfcp+2DB1M9QfjrM9nKgmh5bBJigdJwJM" +
+			"W8HHKStUMLdxg+qkZJgZpnyowCFM";
+		public readonly string[] TEST_72_DATA = new string[]
+		{
+			Intermediate_Certificate_RL_07_01_crt,
+			Intermediate_CRL_RL_07_01_crl,
+			End_Certificate_RL_07_01_crt
+		};
+
+		/*
+		 *  test73
+		 *
+		 */
+		public const string Intermediate_Certificate_RL_07_02_crt =
+			"MIICljCCAf+gAwIBAgICAMEwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNNTAwMTAxMDYwMDMwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNy4wMjCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0CvEneaAPtxZOTqlh/TXBM6V0bQgKbO58yEyURcO" +
+			"Zi7jzYsmNtN9Tsr0wAlD41/ZONsW4MMzZ13UCc0aGa+eE8XRULBe5cgaGxJKwVnEqz3W8z" +
+			"v1MjOk7Anb8TkxMSlWlptC6V3eRA85p5Id9gXbIrP3E3NuSfyx6246oLjNnbECAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECIb5Ia6wKcHtMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAAYEHQY+Z4qv4bYLmd+sz4aNGwZF7FT6ZIQ43OSeb+t+ibL7rZ0X0y" +
+			"4SCTMs1mAB44IA6RFurmeCFk0ladRCn3A1xaVI1HlHen13ovzDA9ogL4CWbYXvCUv/znQY" +
+			"yVSQCTKwT8iVam8xS1MsNCe408iVjhRfR6u9Hi31M+Pf+AUe";
+		public const string Intermediate_CRL_RL_07_02_crl =
+			"MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1STC4wNy4wMhcNNTAwMTAxMDYwMTAwWhcNNTAwMTAxMTIwMTAwWqAjMCEwCg" +
+			"YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIhvkhrrApwe0wDQYJKoZIhvcNAQEFBQADgYEALVUq" +
+			"3Wq/Opvp9ifmQ4VXz4dgLNR+5Nz3muJ4RZt5R5b4R3RYllhgXNYw2EbEVCFjnfm97z73Ke" +
+			"wzVV+fo/u5GbqJHN2cAVEHarOpasLxySktNA1Cwq5OTzUF0dYISqYbyBvVcaOQBvU/Lwj7" +
+			"MQJJVVq96iDKnAJYBX03EHKbBeg=";
+		public const string End_Certificate_RL_07_02_crt =
+			"MIIChzCCAfCgAwIBAgICAMIwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUkwuMDcuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA3LjAyMIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD6YgsbjW9IL7/SBORKssFUZBUxmluOpxJK/7d7" +
+			"JA2pxbg7L96xHFPWN36CYDJzTscNpbGrD3G2MPkg4GqoTo0rU28NYVzj4SwqYoSLIbXB+r" +
+			"SVgWcxNgbJ+4x9bK3YccNLR1PWEFxz1NckhCLBmb5pI4E34MCxQ6PvFO02I19FwQIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECIutV9ItCIbZMBMGA1UdIwQMMAqACIb5Ia6wKcHtMA0GCSqGSIb3DQEBBQUAA4GBALQE" +
+			"cBr31h3jKUHcuf3yztr9NWUkGMDM0NCXHOpQl7JbV3P5BjvaiRYWlUrN7+92G8EaUFORto" +
+			"zp8GG+d/MvFooVQOvpOzyhautYWyqq3AWpZLppnxNk1mRAdjUAvJaONtv37eLsma0bhtLM" +
+			"j62sQQ6CdoKbMtIEGuJgpwWqHYwY";
+		public readonly string[] TEST_73_DATA = new string[]
+		{
+			Intermediate_Certificate_RL_07_02_crt,
+			Intermediate_CRL_RL_07_02_crl,
+			End_Certificate_RL_07_02_crt
+		};
+
+		/*
+		 *  test74
+		 *
+		 */
+		public const string Intermediate_Certificate_RL_07_03_crt =
+			"MIICljCCAf+gAwIBAgICAMMwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNy4wMzCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA8QzGjV0NVTNrOgkeqTkQFCOvl7M0qmjmYJjuw4R3" +
+			"YfQIXDN0m9HR2JKp5WKTSUedmWviGS7NbGSzLR7+6OkLwSoxN9PkA/fMko7O0KWBfduhvn" +
+			"jymlDMb2GPb1hBjScbq8fVJHwzqUm+BtEO2MXwXKYY2hZr+OEyEGhSEThp90MCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECFwl2XphEZRSMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAAb5GERgYVGuOb62gVZAAnhuk5K7CCkWZucOv6iI7pAgI6S7pvool/" +
+			"dXHC0tzgQ+/MkuWcr+22k/ya7f+iSfiYokjnQkgoYFYk3PkjyOXA3mzs5qhF0nOP6Gvmz4" +
+			"asONA+qZSqa4pjxF9Kn8L64f9yeyEXnckmbzdmbjAFCveQIP";
+		public const string Intermediate_CRL_RL_07_03_crl =
+			"MIIBTTCBtwIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1STC4wNy4wMxcNOTkwMTAxMDYwMTAwWhgPMjA1MDAxMDExMjAxMDBaoCMwIT" +
+			"AKBgNVHRQEAwIBATATBgNVHSMEDDAKgAhcJdl6YRGUUjANBgkqhkiG9w0BAQUFAAOBgQAz" +
+			"DMl8P16hylNkUEw4z9//PJFObNPZCYdmzBfp0K3tNRrOAouUVegyX0gDHi8O+bmmJNgcnC" +
+			"tMRXx+D4qP7bx5fDS2MVQhSsncf6u4UZ8pxbRc0JmwR5oGZLPQabrctgmEmg8ZKGApKtsf" +
+			"pGyvvTwaAzM+GaWXD68bBEN3VfVdeQ==";
+		public const string End_Certificate_RL_07_03_crt =
+			"MIIChzCCAfCgAwIBAgICAMQwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUkwuMDcuMDMwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA3LjAzMIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDU6mec24uBaVip7fFWHas+o/lpZBOfj/IPHXQ9" +
+			"QaRZwmJZBB81AX3BJ60DD12o/+RXdHl7B2Eh9kYv/QEXOKmyhJFSPa0Lv7MQ/hCIcL4m1U" +
+			"FDGtJ3SUixZMqVBP0xjwXoNS88zzaCBL+co2TxhBrYMzeNQOX1eEkXMT4pvULmAwIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECBBgFdYLuvk9MBMGA1UdIwQMMAqACFwl2XphEZRSMA0GCSqGSIb3DQEBBQUAA4GBAAof" +
+			"dPOGa4ZxRPcLw6zWM/NLzF3XYDqXAsZBsC75r0GRrogqEYn07tVUDNaQczDtjRLBRNmxWE" +
+			"+qCkJwc+wOBJqOFUxcuhK9oag6OE94+UIHdh3Td9i2ELZXj9RSNchnjyFohj5gk1dJSO41" +
+			"86Ls3mCT9JcssR0dSxxkF0ENfZCG";
+		public readonly string[] TEST_74_DATA = new string[]
+		{
+			Intermediate_Certificate_RL_07_03_crt,
+			Intermediate_CRL_RL_07_03_crl,
+			End_Certificate_RL_07_03_crt
+		};
+
+		/*
+		 *  test75
+		 *
+		 */
+		public const string Intermediate_Certificate_RL_08_01_crt =
+			"MIICljCCAf+gAwIBAgICAMUwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wOC4wMTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAs2YRTEl3C1TmmneJ6K110nSACn+KXxSOTGAGN5xv" +
+			"XW751StpE2iEQIbRVPQdMzmcQX0bcg/WpdrewPQld9NRjFj7it+9YNQh7vMKhZwoAPoDmv" +
+			"TnTdTEuV0c1FLVDVhiaAD9KMBa4fBLRfTKVzgzAr+oNqLhm3YBd2JWRHg+fA8CAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECB4we8+hIrkKMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBABTQI82uCMwQ4bgUWr9lawSI5DyWg3KY13F45rAlmKyckgne9SHbCH" +
+			"+Lvm3XkkIqKmeHfJ3QTf7bpz6eErn3CxRrGm5JWblcYbVT+smjboJ9A0BXifqINYLy3qGc" +
+			"AnNRkPq8OUREj2sU1qWKagUIgA/Vk2WyZhcUiApJPHI4fwv9";
+		public const string Intermediate_CRL_RL_08_01_crl =
+			"MIIBWjCBxAIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1STC4wOC4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAyMDAwCg" +
+			"YDVR0UBAMCAQEwDQYDVR0bAQH/BAMCAQEwEwYDVR0jBAwwCoAIHjB7z6EiuQowDQYJKoZI" +
+			"hvcNAQEFBQADgYEAkjF0oERt5XW2i70gyspkEYIHyGCHnqngky5yuwQSRrlW7t0vGdKV7W" +
+			"50evTeSVV41uhi1MBcccpx1MdRcB5vsatFSSKcKx4NF3PuHXxXCm2HkfXQy4K5zftE3jOZ" +
+			"5s+yTHiw3s/QSErtHRca+TQcEZwamI+p402TEa6e82l6xHI=";
+		public const string End_Certificate_RL_08_01_crt =
+			"MIIChzCCAfCgAwIBAgICAMYwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUkwuMDguMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA4LjAxMIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfEMqWMqk3Rre5m4ILtQIz45JImvU379Al/S6t" +
+			"2y/TzimJc4nhIKQp80VaZA/gwu/DcvMgJPM+FFz5U5rRkDaYASsc34tZUESF5LC6ZbtGqf" +
+			"J96IKdajvkGLsHyI7dseuwaQ0FlOwcmKMSR898MGNNbKxaQNLEXsIFypRDsN6JhwIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECMT22ARjB1ABMBMGA1UdIwQMMAqACB4we8+hIrkKMA0GCSqGSIb3DQEBBQUAA4GBAIaP" +
+			"EqI7oHl/+h3MszG4VB1Va9NTN0kaysTyjQSVBi9jhOlPkzuXc2wI1bymBhatHEn6OrgP13" +
+			"vsOiH2BiyudYcYjKpwI4FUiyKLIc0CXzM0VYFoMzb91QtsK1EnvAPDKNYVVFXrL7ABVIK4" +
+			"hU6HfMMUbnpKWBxT5274iHScX8tL";
+		public readonly string[] TEST_75_DATA = new string[]
+		{
+			Intermediate_Certificate_RL_08_01_crt,
+			Intermediate_CRL_RL_08_01_crl,
+			End_Certificate_RL_08_01_crt
+		};
+
+		/*
+		 *  test76
+		 *
+		 */
+		public const string Intermediate_Certificate_RL_09_01_crt =
+			"MIICljCCAf+gAwIBAgICAMcwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wOS4wMTCBnzANBg" +
+			"kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsvkvLv5fMFYvohaXO8a7GgU4rDHe9iL7LP1VeNUg" +
+			"GIdJGqPEnuggQ/guhrBHafGh1NtmlEbmPJ4WQ99dBbPHHeO8sfCgkmWC0SqPODoI+t3qJE" +
+			"kf2z9dWoAij15RXPliywZz+S6bTtcEQAREyBQ6M8/HJ83wRXp/uCpdPOSxVPkCAwEAAaNj" +
+			"MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
+			"gBZQMBMAEwEQYDVR0OBAoECISY4bvGMEBTMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
+			"SIb3DQEBBQUAA4GBAAd7g+dWso4V/Vr+QIoNLueCBAYWdOF+Yz3VeomcsDAs2V8E+xcZaq" +
+			"jo2LrMygYCeMxVfXx/ZdhLPOaZ+ahNAbk+nWRwj35JdTNAAbMMWFdZUgR6N+uzx1v7i86p" +
+			"AWUpRJ9IYPgUoQ5pmjdf3Ru1nrLfRt4yp+kNHWp6IL/+MwcM";
+		public const string Intermediate_CRL_RL_09_01_crl =
+			"MIIBXDCBxgIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
+			"5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
+			"BAMTDENBMS1STC4wOS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqA0MDIwCg" +
+			"YDVR0UBAMCAQEwDwYDVR0cAQH/BAUwA4IB/zATBgNVHSMEDDAKgAiEmOG7xjBAUzANBgkq" +
+			"hkiG9w0BAQUFAAOBgQAKTXYgqlP+upFIwOSpdaVKDT8aqFzY9nSIsxHg5Wdl43U7p44LvQ" +
+			"lW8XKhw74oQl1ExU5s7mDaEqB0JIozGzmoNyKsErgWKNW+lpKSxR5+1EHOB6Oo2KijpTsv" +
+			"GFrHFCnF09f9JaTaMRIXOljx3rMO1UZsftKy/L9z3aUz8hQRnQ==";
+		public const string End_Certificate_RL_09_01_crt =
+			"MIIChzCCAfCgAwIBAgICAMgwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
+			"NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
+			"MRUwEwYDVQQDEwxDQTEtUkwuMDkuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
+			"AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
+			"EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA5LjAxMIGfMA" +
+			"0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDpz09VCXzAhH4/ifMk0RAzaBqJCXaHHqAdO/TW" +
+			"6uvOVtl+fGvWXhXmSSCUfzg5xBqdUXrqcyxOME3vdgF1uOFZ4q2K6+Zuxmm+GCOCIpe+Gl" +
+			"Jzqz4WKXG0iaXXQOYa56itNc/6Z6D/aAjNJavI19w0lmb9l6U2WBfn3LywxHp4dwIDAQAB" +
+			"o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
+			"oECOri1JgnJfLjMBMGA1UdIwQMMAqACISY4bvGMEBTMA0GCSqGSIb3DQEBBQUAA4GBADmV" +
+			"Ee0xy25Z0HtmWwprKPjJDr/p7TgzbmNC58pUPkgtxnJFP4yrzNB9FQBWSfnjZpzQkLSU7i" +
+			"7O6cf5HkqjQqoPErDnJLWgGzjbF80v2IIyZk7rEpAAM4MwjIk7hFvJK8QkTht9F4N1zj2X" +
+			"0TQkmlbo9Z4SFj/3fsbl9h2GdKuU";
+
+		public readonly string[] TEST_76_DATA = new string[]
+		{
+			Intermediate_Certificate_RL_09_01_crt,
+			Intermediate_CRL_RL_09_01_crl,
+			End_Certificate_RL_09_01_crt
+		};
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new NistCertPathTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/NoekeonTest.cs b/crypto/test/src/test/NoekeonTest.cs
new file mode 100644
index 000000000..c3745da1c
--- /dev/null
+++ b/crypto/test/src/test/NoekeonTest.cs
@@ -0,0 +1,157 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Tests
+{
+	/**
+	* basic test class for SEED
+	*/
+	[TestFixture]
+	public class NoekeonTest
+		: BaseBlockCipherTest
+	{
+		private static readonly string[] cipherTests =
+		{
+			"128",
+			"b1656851699e29fa24b70148503d2dfc",
+			"2a78421b87c7d0924f26113f1d1349b2",
+			"e2f687e07b75660ffc372233bc47532c"
+		};
+
+		public NoekeonTest()
+			: base("Noekeon")
+		{
+		}
+
+		public void DoTest(
+			int		strength,
+			byte[]	keyBytes,
+			byte[]	input,
+			byte[]	output)
+		{
+			KeyParameter key = ParameterUtilities.CreateKeyParameter("Noekeon", keyBytes);
+
+			IBufferedCipher inCipher = CipherUtilities.GetCipher("Noekeon/ECB/NoPadding");
+			IBufferedCipher outCipher = CipherUtilities.GetCipher("Noekeon/ECB/NoPadding");
+
+			try
+			{
+				outCipher.Init(true, key);
+			}
+			catch (Exception e)
+			{
+				Fail("Noekeon failed initialisation - " + e.Message, e);
+			}
+
+			try
+			{
+				inCipher.Init(false, key);
+			}
+			catch (Exception e)
+			{
+				Fail("Noekeoen failed initialisation - " + e.Message, e);
+			}
+
+			//
+			// encryption pass
+			//
+			MemoryStream bOut = new MemoryStream();
+
+			CipherStream cOut = new CipherStream(bOut, null, outCipher);
+
+			try
+			{
+				for (int i = 0; i != input.Length / 2; i++)
+				{
+					cOut.WriteByte(input[i]);
+				}
+				cOut.Write(input, input.Length / 2, input.Length - input.Length / 2);
+				cOut.Close();
+			}
+			catch (IOException e)
+			{
+				Fail("Noekeon failed encryption - " + e.Message, e);
+			}
+
+			byte[] bytes = bOut.ToArray();
+
+			if (!AreEqual(bytes, output))
+			{
+				Fail("Noekeon failed encryption - expected "
+					+ Hex.ToHexString(output) + " got "
+					+ Hex.ToHexString(bytes));
+			}
+
+			//
+			// decryption pass
+			//
+			MemoryStream bIn = new MemoryStream(bytes, false);
+
+			CipherStream cIn = new CipherStream(bIn, inCipher, null);
+
+			try
+			{
+//				DataInputStream dIn = new DataInputStream(cIn);
+				BinaryReader dIn = new BinaryReader(cIn);
+
+				bytes = new byte[input.Length];
+
+				for (int i = 0; i != input.Length / 2; i++)
+				{
+//					bytes[i] = (byte)dIn.read();
+					bytes[i] = dIn.ReadByte();
+				}
+				int remaining = bytes.Length - input.Length / 2;
+//				dIn.readFully(bytes, input.Length / 2, remaining);
+				byte[] extra = dIn.ReadBytes(remaining);
+				if (extra.Length < remaining)
+					throw new EndOfStreamException();
+				extra.CopyTo(bytes, input.Length / 2);
+			}
+			catch (Exception e)
+			{
+				Fail("Noekeon failed encryption - " + e.Message, e);
+			}
+
+			if (!AreEqual(bytes, input))
+			{
+				Fail("Noekeon failed decryption - expected "
+					+ Hex.ToHexString(input) + " got "
+					+ Hex.ToHexString(bytes));
+			}
+		}
+
+		public override void PerformTest()
+		{
+			for (int i = 0; i != cipherTests.Length; i += 4)
+			{
+				DoTest(int.Parse(cipherTests[i]),
+					Hex.Decode(cipherTests[i + 1]),
+					Hex.Decode(cipherTests[i + 2]),
+					Hex.Decode(cipherTests[i + 3]));
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new NoekeonTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/PBETest.cs b/crypto/test/src/test/PBETest.cs
new file mode 100644
index 000000000..ee61a027c
--- /dev/null
+++ b/crypto/test/src/test/PBETest.cs
@@ -0,0 +1,527 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	/**
+	* test out the various PBE modes, making sure the JCE implementations
+	* are compatible woth the light weight ones.
+	*/
+	[TestFixture]
+	public class PbeTest
+		: SimpleTest
+	{
+		private class OpenSslTest
+			: SimpleTest
+		{
+			private char[] password;
+			private string baseAlgorithm;
+			private string algorithm;
+			private int keySize;
+			private int ivSize;
+
+			public OpenSslTest(
+				string	baseAlgorithm,
+				string	algorithm,
+				int		keySize,
+				int		ivSize)
+			{
+				this.password = algorithm.ToCharArray();
+				this.baseAlgorithm = baseAlgorithm;
+				this.algorithm = algorithm;
+				this.keySize = keySize;
+				this.ivSize = ivSize;
+			}
+
+			public override string Name
+			{
+				get { return "OpenSSLPBE"; }
+			}
+
+			public override void PerformTest()
+			{
+				byte[] salt = new byte[16];
+				int iCount = 100;
+
+				for (int i = 0; i != salt.Length; i++)
+				{
+					salt[i] = (byte)i;
+				}
+
+				PbeParametersGenerator pGen = new OpenSslPbeParametersGenerator();
+
+				pGen.Init(
+					PbeParametersGenerator.Pkcs5PasswordToBytes(password),
+					salt,
+					iCount);
+
+				ParametersWithIV parameters = (ParametersWithIV)
+					pGen.GenerateDerivedParameters(baseAlgorithm, keySize, ivSize);
+
+				KeyParameter encKey = (KeyParameter) parameters.Parameters;
+
+				IBufferedCipher c;
+				if (baseAlgorithm.Equals("RC4"))
+				{
+					c = CipherUtilities.GetCipher(baseAlgorithm);
+
+					c.Init(true, encKey);
+				}
+				else
+				{
+					c = CipherUtilities.GetCipher(baseAlgorithm + "/CBC/PKCS7Padding");
+
+					c.Init(true, parameters);
+				}
+
+				byte[] enc = c.DoFinal(salt);
+
+				c = CipherUtilities.GetCipher(algorithm);
+
+//					PBEKeySpec keySpec = new PBEKeySpec(password, salt, iCount);
+//					SecretKeyFactory fact = SecretKeyFactory.getInstance(algorithm);
+//
+//					c.Init(false, fact.generateSecret(keySpec));
+
+				Asn1Encodable algParams = PbeUtilities.GenerateAlgorithmParameters(
+					algorithm, salt, iCount);
+				ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters(
+					algorithm, password, algParams);
+				c.Init(false, cipherParams);
+
+				byte[] dec = c.DoFinal(enc);
+
+				if (!AreEqual(salt, dec))
+				{
+					Fail("" + algorithm + "failed encryption/decryption test");
+				}
+			}
+		}
+
+		private class Pkcs12Test
+			: SimpleTest
+		{
+			private char[] password;
+			private string baseAlgorithm;
+			private string algorithm;
+			private IDigest digest;
+			private int keySize;
+			private int ivSize;
+
+			public Pkcs12Test(
+				string		baseAlgorithm,
+				string		algorithm,
+				IDigest		digest,
+				int			keySize,
+				int			ivSize)
+			{
+				this.password = algorithm.ToCharArray();
+				this.baseAlgorithm = baseAlgorithm;
+				this.algorithm = algorithm;
+				this.digest = digest;
+				this.keySize = keySize;
+				this.ivSize = ivSize;
+			}
+
+			public override string Name
+			{
+				get { return "PKCS12PBE"; }
+			}
+
+			public override void PerformTest()
+			{
+				int iCount = 100;
+				byte[] salt = DigestUtilities.DoFinal(digest);
+
+				PbeParametersGenerator pGen = new Pkcs12ParametersGenerator(digest);
+
+				pGen.Init(
+					PbeParametersGenerator.Pkcs12PasswordToBytes(password),
+					salt,
+					iCount);
+
+				ParametersWithIV parameters = (ParametersWithIV)
+					pGen.GenerateDerivedParameters(baseAlgorithm, keySize, ivSize);
+
+				KeyParameter encKey = (KeyParameter) parameters.Parameters;
+
+				IBufferedCipher c;
+				if (baseAlgorithm.Equals("RC4"))
+				{
+					c = CipherUtilities.GetCipher(baseAlgorithm);
+	                
+					c.Init(true, encKey);
+				}
+				else
+				{
+					c = CipherUtilities.GetCipher(baseAlgorithm + "/CBC/PKCS7Padding");
+	                
+					c.Init(true, parameters);
+				}
+
+				byte[] enc = c.DoFinal(salt);
+
+				c = CipherUtilities.GetCipher(algorithm);
+
+//					PBEKeySpec keySpec = new PBEKeySpec(password, salt, iCount);
+//					SecretKeyFactory fact = SecretKeyFactory.getInstance(algorithm);
+//
+//					c.Init(false, fact.generateSecret(keySpec));
+
+				Asn1Encodable algParams = PbeUtilities.GenerateAlgorithmParameters(
+					algorithm, salt, iCount);
+				ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters(
+					algorithm, password, algParams);
+				c.Init(false, cipherParams);
+
+				byte[] dec = c.DoFinal(enc);
+
+				if (!AreEqual(salt, dec))
+				{
+					Fail("" + algorithm + "failed encryption/decryption test");
+				}
+
+				// NB: We don't support retrieving parameters from cipher
+//				//
+//				// get the parameters
+//				//
+//				AlgorithmParameters param = c.getParameters();
+//				PBEParameterSpec spec = (PBEParameterSpec)param.getParameterSpec(PBEParameterSpec.class);
+//
+//				if (!AreEqual(salt, spec.getSalt()))
+//				{
+//					Fail("" + algorithm + "failed salt test");
+//				}
+//	            
+//				if (iCount != spec.getIterationCount())
+//				{
+//					Fail("" + algorithm + "failed count test");
+//				}
+
+	            // NB: This section just repeats earlier test passing 'param' separately
+//				//
+//				// try using parameters
+//				//
+//				keySpec = new PBEKeySpec(password);
+//	            
+//				c.Init(false, fact.generateSecret(keySpec), param);
+//	            
+//				dec = c.DoFinal(enc);
+//	            
+//				if (!AreEqual(salt, dec))
+//				{
+//					Fail("" + algorithm + "failed encryption/decryption test");
+//				}
+			}
+		}
+
+		private Pkcs12Test[] pkcs12Tests = {
+			new Pkcs12Test("DESede", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC",  new Sha1Digest(),   192,  64),
+			new Pkcs12Test("DESede", "PBEWITHSHAAND2-KEYTRIPLEDES-CBC",  new Sha1Digest(),   128,  64),
+			new Pkcs12Test("RC4",    "PBEWITHSHAAND128BITRC4",           new Sha1Digest(),   128,   0),
+			new Pkcs12Test("RC4",    "PBEWITHSHAAND40BITRC4",            new Sha1Digest(),    40,   0),
+			new Pkcs12Test("RC2",    "PBEWITHSHAAND128BITRC2-CBC",       new Sha1Digest(),   128,  64),
+			new Pkcs12Test("RC2",    "PBEWITHSHAAND40BITRC2-CBC",        new Sha1Digest(),    40,  64),
+			new Pkcs12Test("AES",    "PBEWithSHA1And128BitAES-CBC-BC",   new Sha1Digest(),   128, 128),
+			new Pkcs12Test("AES",    "PBEWithSHA1And192BitAES-CBC-BC",   new Sha1Digest(),   192, 128),
+			new Pkcs12Test("AES",    "PBEWithSHA1And256BitAES-CBC-BC",   new Sha1Digest(),   256, 128),
+			new Pkcs12Test("AES",    "PBEWithSHA256And128BitAES-CBC-BC", new Sha256Digest(), 128, 128),
+			new Pkcs12Test("AES",    "PBEWithSHA256And192BitAES-CBC-BC", new Sha256Digest(), 192, 128),   
+			new Pkcs12Test("AES",    "PBEWithSHA256And256BitAES-CBC-BC", new Sha256Digest(), 256, 128)
+		};
+
+		private OpenSslTest[] openSSLTests = {
+			new OpenSslTest("AES", "PBEWITHMD5AND128BITAES-CBC-OPENSSL", 128, 128),
+			new OpenSslTest("AES", "PBEWITHMD5AND192BITAES-CBC-OPENSSL", 192, 128),
+			new OpenSslTest("AES", "PBEWITHMD5AND256BITAES-CBC-OPENSSL", 256, 128)
+		};
+
+		static byte[] message = Hex.Decode("4869205468657265");
+
+		private byte[] hMac1 = Hex.Decode("bcc42174ccb04f425d9a5c8c4a95d6fd7c372911");
+		private byte[] hMac2 = Hex.Decode("cb1d8bdb6aca9e3fa8980d6eb41ab28a7eb2cfd6");
+
+		// NB: These two makePbeCipher... methods are same in .NET
+		private IBufferedCipher makePbeCipherUsingParam(
+			string  algorithm,
+			bool	forEncryption,
+			char[]  password,
+			byte[]  salt,
+			int     iterationCount)
+		{
+//			PBEKeySpec pbeSpec = new PBEKeySpec(password);
+//			SecretKeyFactory keyFact = SecretKeyFactory.getInstance(algorithm);
+//			PBEParameterSpec defParams = new PBEParameterSpec(salt, iterationCount);
+
+			Asn1Encodable algParams = PbeUtilities.GenerateAlgorithmParameters(
+				algorithm, salt, iterationCount);
+			ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters(
+				algorithm, password, algParams);
+			
+			IBufferedCipher cipher = CipherUtilities.GetCipher(algorithm);
+
+//			cipher.Init(forEncryption, keyFact.generateSecret(pbeSpec), defParams);
+			cipher.Init(forEncryption, cipherParams);
+
+			return cipher;
+		}
+
+		// NB: These two makePbeCipher... methods are same in .NET
+		private IBufferedCipher makePbeCipherWithoutParam(
+			string  algorithm,
+			bool	forEncryption,
+			char[]  password,
+			byte[]  salt,
+			int     iterationCount)
+		{
+//			PBEKeySpec pbeSpec = new PBEKeySpec(password, salt, iterationCount);
+//			SecretKeyFactory keyFact = SecretKeyFactory.getInstance(algorithm);
+
+			Asn1Encodable algParams = PbeUtilities.GenerateAlgorithmParameters(
+				algorithm, salt, iterationCount);
+			ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters(
+				algorithm, password, algParams);
+			
+			IBufferedCipher cipher = CipherUtilities.GetCipher(algorithm);
+
+//			cipher.Init(forEncryption, keyFact.generateSecret(pbeSpec));
+			cipher.Init(forEncryption, cipherParams);
+
+			return cipher;
+		}
+
+		private void doTestPbeHMac(
+			string	hmacName,
+			byte[]	output)
+		{
+			ICipherParameters key = null;
+			byte[] outBytes;
+			IMac mac = null;
+
+			try
+			{
+//				SecretKeyFactory fact = SecretKeyFactory.getInstance(hmacName);
+//
+//				key = fact.generateSecret(new PBEKeySpec("hello".ToCharArray()));
+
+				Asn1Encodable algParams = PbeUtilities.GenerateAlgorithmParameters(
+					hmacName, new byte[20], 100);
+				key = PbeUtilities.GenerateCipherParameters(
+					hmacName, "hello".ToCharArray(), algParams);
+				mac = MacUtilities.GetMac(hmacName);
+			}
+			catch (Exception e)
+			{
+				Fail("Failed - exception " + e.ToString(), e);
+			}
+
+			try
+			{
+//				mac.Init(key, new PBEParameterSpec(new byte[20], 100));
+				mac.Init(key);
+			}
+			catch (Exception e)
+			{
+				Fail("Failed - exception " + e.ToString(), e);
+			}
+
+			mac.Reset();
+
+			mac.BlockUpdate(message, 0, message.Length);
+
+//			outBytes = mac.DoFinal();
+			outBytes = new byte[mac.GetMacSize()];
+			mac.DoFinal(outBytes, 0);
+
+			if (!AreEqual(outBytes, output))
+			{
+				Fail("Failed - expected "
+					+ Hex.ToHexString(output) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+		}
+
+		public override void PerformTest()
+		{
+			byte[] input = Hex.Decode("1234567890abcdefabcdef1234567890fedbca098765");
+
+			//
+			// DES
+			//
+			IBufferedCipher cEnc = CipherUtilities.GetCipher("DES/CBC/PKCS7Padding");
+
+			cEnc.Init(
+				true,
+				new ParametersWithIV(
+					new DesParameters(Hex.Decode("30e69252758e5346")),
+					Hex.Decode("7c1c1ab9c454a688")));
+
+			byte[] outBytes = cEnc.DoFinal(input);
+			char[] password = "password".ToCharArray();
+
+			IBufferedCipher cDec = makePbeCipherUsingParam(
+				"PBEWithSHA1AndDES",
+				false,
+				password,
+				Hex.Decode("7d60435f02e9e0ae"),
+				2048);
+
+			byte[] inBytes = cDec.DoFinal(outBytes);
+
+			if (!AreEqual(input, inBytes))
+			{
+				Fail("DES failed");
+			}
+
+			cDec = makePbeCipherWithoutParam(
+				"PBEWithSHA1AndDES",
+				false,
+				password,
+				Hex.Decode("7d60435f02e9e0ae"),
+				2048);
+
+			inBytes = cDec.DoFinal(outBytes);
+
+			if (!AreEqual(input, inBytes))
+			{
+				Fail("DES failed without param");
+			}
+
+			//
+			// DESede
+			//
+			cEnc = CipherUtilities.GetCipher("DESede/CBC/PKCS7Padding");
+
+			cEnc.Init(
+				true,
+				new ParametersWithIV(
+					new DesParameters(Hex.Decode("732f2d33c801732b7206756cbd44f9c1c103ddd97c7cbe8e")),
+					Hex.Decode("b07bf522c8d608b8")));
+
+			outBytes = cEnc.DoFinal(input);
+
+			cDec = makePbeCipherUsingParam(
+				"PBEWithSHAAnd3-KeyTripleDES-CBC",
+				false,
+				password,
+				Hex.Decode("7d60435f02e9e0ae"),
+				2048);
+
+			inBytes = cDec.DoFinal(outBytes);
+
+			if (!AreEqual(input, inBytes))
+			{
+				Fail("DESede failed");
+			}
+
+			//
+			// 40Bit RC2
+			//
+			cEnc = CipherUtilities.GetCipher("RC2/CBC/PKCS7Padding");
+
+			cEnc.Init(
+				true,
+				new ParametersWithIV(
+					new RC2Parameters(Hex.Decode("732f2d33c8")),
+					Hex.Decode("b07bf522c8d608b8")));
+
+			outBytes = cEnc.DoFinal(input);
+
+			cDec = makePbeCipherUsingParam(
+				"PBEWithSHAAnd40BitRC2-CBC",
+				false,
+				password,
+				Hex.Decode("7d60435f02e9e0ae"),
+				2048);
+
+			inBytes = cDec.DoFinal(outBytes);
+
+			if (!AreEqual(input, inBytes))
+			{
+				Fail("RC2 failed");
+			}
+
+			//
+			// 128bit RC4
+			//
+			cEnc = CipherUtilities.GetCipher("RC4");
+
+			cEnc.Init(
+				true,
+				ParameterUtilities.CreateKeyParameter("RC4", Hex.Decode("732f2d33c801732b7206756cbd44f9c1")));
+
+			outBytes = cEnc.DoFinal(input);
+
+			cDec = makePbeCipherUsingParam(
+				"PBEWithSHAAnd128BitRC4",
+				false,
+				password,
+				Hex.Decode("7d60435f02e9e0ae"),
+				2048);
+
+			inBytes = cDec.DoFinal(outBytes);
+
+			if (!AreEqual(input, inBytes))
+			{
+				Fail("RC4 failed");
+			}
+
+			cDec = makePbeCipherWithoutParam(
+				"PBEWithSHAAnd128BitRC4",
+				false,
+				password,
+				Hex.Decode("7d60435f02e9e0ae"),
+				2048);
+
+			inBytes = cDec.DoFinal(outBytes);
+	        
+			if (!AreEqual(input, inBytes))
+			{
+				Fail("RC4 failed without param");
+			}
+
+			for (int i = 0; i != pkcs12Tests.Length; i++)
+			{
+				pkcs12Tests[i].PerformTest();
+			}
+
+			for (int i = 0; i != openSSLTests.Length; i++)
+			{
+				openSSLTests[i].PerformTest();
+			}
+
+			doTestPbeHMac("PBEWithHMacSHA1", hMac1);
+			doTestPbeHMac("PBEWithHMacRIPEMD160", hMac2);
+		}
+
+		public override string Name
+		{
+			get { return "PbeTest"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new PbeTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/PEMData.cs b/crypto/test/src/test/PEMData.cs
new file mode 100644
index 000000000..ea783c88c
--- /dev/null
+++ b/crypto/test/src/test/PEMData.cs
@@ -0,0 +1,117 @@
+using System;
+
+namespace Org.BouncyCastle.Tests
+{
+	class PemData
+	{
+		internal static readonly string CERTIFICATE_1 =
+			"-----BEGIN X509 CERTIFICATE-----\r"
+			+ "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx\r"
+			+ "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY\r"
+			+ "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB\r"
+			+ "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ\r"
+			+ "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2\r"
+			+ "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW\r"
+			+ "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM\r"
+			+ "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l\r"
+			+ "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv\r"
+			+ "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re\r"
+			+ "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO\r"
+			+ "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE\r"
+			+ "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy\r"
+			+ "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0\r"
+			+ "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw\r"
+			+ "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL\r"
+			+ "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4\r"
+			+ "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF\r"
+			+ "5/8=\r"
+			+ "-----END X509 CERTIFICATE-----\r";
+
+		internal static readonly string CERTIFICATE_2 =
+			"-----BEGIN CERTIFICATE-----\n"
+			+ "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx\n"
+			+ "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY\n"
+			+ "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB\n"
+			+ "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ\n"
+			+ "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2\n"
+			+ "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW\n"
+			+ "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM\n"
+			+ "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l\n"
+			+ "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv\n"
+			+ "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re\n"
+			+ "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO\n"
+			+ "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE\n"
+			+ "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy\n"
+			+ "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0\n"
+			+ "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw\n"
+			+ "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL\n"
+			+ "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4\n"
+			+ "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF\n"
+			+ "5/8=\n"
+			+ "-----END CERTIFICATE-----\n";
+
+		internal static readonly string CRL_1 =
+			"-----BEGIN X509 CRL-----\r\n"
+			+ "MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT\r\n"
+			+ "F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy\r\n"
+			+ "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw\r\n"
+			+ "MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw\r\n"
+			+ "MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw\r\n"
+			+ "MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw\r\n"
+			+ "MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw\r\n"
+			+ "MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw\r\n"
+			+ "MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw\r\n"
+			+ "NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw\r\n"
+			+ "NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF\r\n"
+			+ "AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ\r\n"
+			+ "wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt\r\n"
+			+ "JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v\r\n"
+			+ "-----END X509 CRL-----\r\n";
+
+		internal static readonly string CRL_2 =
+			"-----BEGIN CRL-----\r\n"
+			+ "MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT\r\n"
+			+ "F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy\r\n"
+			+ "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw\r\n"
+			+ "MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw\r\n"
+			+ "MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw\r\n"
+			+ "MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw\r\n"
+			+ "MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw\r\n"
+			+ "MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw\r\n"
+			+ "MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw\r\n"
+			+ "NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw\r\n"
+			+ "NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF\r\n"
+			+ "AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ\r\n"
+			+ "wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt\r\n"
+			+ "JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v\r\n"
+			+ "-----END CRL-----\r\n";
+
+		internal static readonly string ATTRIBUTE_CERTIFICATE_1 =
+			"-----BEGIN X509 ATTRIBUTE CERTIFICATE-----\r\n"
+			+ "MIIBuDCCASECAQEwZ6BlMGCkXjBcMQswCQYDVQQGEwJBVTEoMCYGA1UEChMfVGhl\r\n"
+			+ "IExlZ2lvbiBvZiB0aGUgQm91bmN5IENhc3RsZTEjMCEGA1UECxMaQm91bmN5IFBy\r\n"
+			+ "aW1hcnkgQ2VydGlmaWNhdGUCARSgYjBgpF4wXDELMAkGA1UEBhMCQVUxKDAmBgNV\r\n"
+			+ "BAoTH1RoZSBMZWdpb24gb2YgdGhlIEJvdW5jeSBDYXN0bGUxIzAhBgNVBAsTGkJv\r\n"
+			+ "dW5jeSBQcmltYXJ5IENlcnRpZmljYXRlMA0GCSqGSIb3DQEBBQUAAgEBMCIYDzIw\r\n"
+			+ "MDUwNjEwMDI0MTMzWhgPMjAwNTA2MTAwMjQzMTNaMBkwFwYDVRhIMRAwDoEMREFV\r\n"
+			+ "MTIzNDU2Nzg5MA0GCSqGSIb3DQEBBQUAA4GBALAYXT9zdxSR5zdPLAon1xIPehgI\r\n"
+			+ "NZhjM7w0uu3OdzSV5sC31X1Kx9vi5RIWiM9VimRTwbQIod9POttD5QMXCwQb/fm7\r\n"
+			+ "eiJqL2YBIXOeClB19VrQe8xQtMFbyuFpDiM7QdvIam9ShZZMEMGjv9QHI64M4b0G\r\n"
+			+ "odUBlSsJwPPQjZSU\r\n"
+			+ "-----END X509 ATTRIBUTE CERTIFICATE-----\r\n";
+
+		internal static readonly string ATTRIBUTE_CERTIFICATE_2 =
+			"-----BEGIN ATTRIBUTE CERTIFICATE-----\r\n"
+			+ "MIIBuDCCASECAQEwZ6BlMGCkXjBcMQswCQYDVQQGEwJBVTEoMCYGA1UEChMfVGhl\r\n"
+			+ "IExlZ2lvbiBvZiB0aGUgQm91bmN5IENhc3RsZTEjMCEGA1UECxMaQm91bmN5IFBy\r\n"
+			+ "aW1hcnkgQ2VydGlmaWNhdGUCARSgYjBgpF4wXDELMAkGA1UEBhMCQVUxKDAmBgNV\r\n"
+			+ "BAoTH1RoZSBMZWdpb24gb2YgdGhlIEJvdW5jeSBDYXN0bGUxIzAhBgNVBAsTGkJv\r\n"
+			+ "dW5jeSBQcmltYXJ5IENlcnRpZmljYXRlMA0GCSqGSIb3DQEBBQUAAgEBMCIYDzIw\r\n"
+			+ "MDUwNjEwMDI0MTMzWhgPMjAwNTA2MTAwMjQzMTNaMBkwFwYDVRhIMRAwDoEMREFV\r\n"
+			+ "MTIzNDU2Nzg5MA0GCSqGSIb3DQEBBQUAA4GBALAYXT9zdxSR5zdPLAon1xIPehgI\r\n"
+			+ "NZhjM7w0uu3OdzSV5sC31X1Kx9vi5RIWiM9VimRTwbQIod9POttD5QMXCwQb/fm7\r\n"
+			+ "eiJqL2YBIXOeClB19VrQe8xQtMFbyuFpDiM7QdvIam9ShZZMEMGjv9QHI64M4b0G\r\n"
+			+ "odUBlSsJwPPQjZSU\r\n"
+			+ "-----END ATTRIBUTE CERTIFICATE-----\r\n";
+	}
+}
diff --git a/crypto/test/src/test/PKCS10CertRequestTest.cs b/crypto/test/src/test/PKCS10CertRequestTest.cs
new file mode 100644
index 000000000..b1fe4f50f
--- /dev/null
+++ b/crypto/test/src/test/PKCS10CertRequestTest.cs
@@ -0,0 +1,470 @@
+using System;
+using System.Collections;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509.Extension;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class Pkcs10CertRequestTest
+		: SimpleTest
+	{
+		private static readonly byte[] gost3410EC_A = Base64.Decode(
+			  "MIIBOzCB6wIBADB/MQ0wCwYDVQQDEwR0ZXN0MRUwEwYDVQQKEwxEZW1vcyBDbyBMdGQxHjAcBgNV"
+			+"BAsTFUNyeXB0b2dyYXBoeSBkaXZpc2lvbjEPMA0GA1UEBxMGTW9zY293MQswCQYDVQQGEwJydTEZ"
+			+"MBcGCSqGSIb3DQEJARYKc2RiQGRvbC5ydTBjMBwGBiqFAwICEzASBgcqhQMCAiMBBgcqhQMCAh4B"
+			+"A0MABEBYx0P2D7YuuZo5HgdIAUKAXcLBDZ+4LYFgbKjrfStVfH59lc40BQ2FZ7M703hLpXK8GiBQ"
+			+"GEYpKaAuQZnMIpByoAAwCAYGKoUDAgIDA0EAgXMcTrhdOY2Er2tHOSAgnMezqrYxocZTWhxmW5Rl"
+			+"JY6lbXH5rndCn4swFzXU+YhgAsJv1wQBaoZEWRl5WV4/nA==");
+
+		private static readonly byte[] gost3410EC_B = Base64.Decode(
+			  "MIIBPTCB7QIBADCBgDENMAsGA1UEAxMEdGVzdDEWMBQGA1UEChMNRGVtb3MgQ28gTHRkLjEeMBwG"
+			+"A1UECxMVQ3J5cHRvZ3JhcGh5IGRpdmlzaW9uMQ8wDQYDVQQHEwZNb3Njb3cxCzAJBgNVBAYTAnJ1"
+			+"MRkwFwYJKoZIhvcNAQkBFgpzZGJAZG9sLnJ1MGMwHAYGKoUDAgITMBIGByqFAwICIwIGByqFAwIC"
+			+"HgEDQwAEQI5SLoWT7dZVilbV9j5B/fyIDuDs6x4pjqNC2TtFYbpRHrk/Wc5g/mcHvD80tsm5o1C7"
+			+"7cizNzkvAVUM4VT4Dz6gADAIBgYqhQMCAgMDQQAoT5TwJ8o+bSrxckymyo3diwG7ZbSytX4sRiKy"
+			+"wXPWRS9LlBvPO2NqwpS2HUnxSU8rzfL9fJcybATf7Yt1OEVq");
+
+		private static readonly byte[] gost3410EC_C = Base64.Decode(
+			  "MIIBRDCB9AIBADCBhzEVMBMGA1UEAxMMdGVzdCByZXF1ZXN0MRUwEwYDVQQKEwxEZW1vcyBDbyBM"
+			+"dGQxHjAcBgNVBAsTFUNyeXB0b2dyYXBoeSBkaXZpc2lvbjEPMA0GA1UEBxMGTW9zY293MQswCQYD"
+			+"VQQGEwJydTEZMBcGCSqGSIb3DQEJARYKc2RiQGRvbC5ydTBjMBwGBiqFAwICEzASBgcqhQMCAiMD"
+			+"BgcqhQMCAh4BA0MABEBcmGh7OmR4iqqj+ycYo1S1fS7r5PhisSQU2Ezuz8wmmmR2zeTZkdMYCOBa"
+			+"UTMNms0msW3wuYDho7nTDNscHTB5oAAwCAYGKoUDAgIDA0EAVoOMbfyo1Un4Ss7WQrUjHJoiaYW8"
+			+"Ime5LeGGU2iW3ieAv6es/FdMrwTKkqn5dhd3aL/itFg5oQbhyfXw5yw/QQ==");
+
+		private static readonly byte[] gost3410EC_ExA = Base64.Decode(
+			  "MIIBOzCB6wIBADB/MQ0wCwYDVQQDEwR0ZXN0MRUwEwYDVQQKEwxEZW1vcyBDbyBMdGQxHjAcBgNV"
+			+ "BAsTFUNyeXB0b2dyYXBoeSBkaXZpc2lvbjEPMA0GA1UEBxMGTW9zY293MQswCQYDVQQGEwJydTEZ"
+			+ "MBcGCSqGSIb3DQEJARYKc2RiQGRvbC5ydTBjMBwGBiqFAwICEzASBgcqhQMCAiQABgcqhQMCAh4B"
+			+ "A0MABEDkqNT/3f8NHj6EUiWnK4JbVZBh31bEpkwq9z3jf0u8ZndG56Vt+K1ZB6EpFxLT7hSIos0w"
+			+ "weZ2YuTZ4w43OgodoAAwCAYGKoUDAgIDA0EASk/IUXWxoi6NtcUGVF23VRV1L3undB4sRZLp4Vho"
+			+ "gQ7m3CMbZFfJ2cPu6QyarseXGYHmazoirH5lGjEo535c1g==");
+
+		private static readonly byte[] gost3410EC_ExB = Base64.Decode(
+			  "MIIBPTCB7QIBADCBgDENMAsGA1UEAxMEdGVzdDEWMBQGA1UEChMNRGVtb3MgQ28gTHRkLjEeMBwG"
+			+ "A1UECxMVQ3J5cHRvZ3JhcGh5IGRpdmlzaW9uMQ8wDQYDVQQHEwZNb3Njb3cxCzAJBgNVBAYTAnJ1"
+			+ "MRkwFwYJKoZIhvcNAQkBFgpzZGJAZG9sLnJ1MGMwHAYGKoUDAgITMBIGByqFAwICJAEGByqFAwIC"
+			+ "HgEDQwAEQMBWYUKPy/1Kxad9ChAmgoSWSYOQxRnXo7KEGLU5RNSXA4qMUvArWzvhav+EYUfTbWLh"
+			+ "09nELDyHt2XQcvgQHnSgADAIBgYqhQMCAgMDQQAdaNhgH/ElHp64mbMaEo1tPCg9Q22McxpH8rCz"
+			+ "E0QBpF4H5mSSQVGI5OAXHToetnNuh7gHHSynyCupYDEHTbkZ");
+
+		public override string Name
+		{
+			get { return "PKCS10CertRequest"; }
+		}
+
+		private void generationTest(
+			int		keySize,
+			string	keyName,
+			string	sigName)
+		{
+			IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator(keyName);
+
+//			kpg.initialize(keySize);
+			kpg.Init(new KeyGenerationParameters(new SecureRandom(), keySize));
+
+			AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
+
+			IDictionary attrs = new Hashtable();
+			attrs.Add(X509Name.C, "AU");
+			attrs.Add(X509Name.O, "The Legion of the Bouncy Castle");
+			attrs.Add(X509Name.L, "Melbourne");
+			attrs.Add(X509Name.ST, "Victoria");
+			attrs.Add(X509Name.EmailAddress, "feedback-crypto@bouncycastle.org");
+
+			IList order = new ArrayList();
+			order.Add(X509Name.C);
+			order.Add(X509Name.O);
+			order.Add(X509Name.L);
+			order.Add(X509Name.ST);
+			order.Add(X509Name.EmailAddress);
+
+			X509Name subject = new X509Name(order, attrs);
+
+			Pkcs10CertificationRequest req1 = new Pkcs10CertificationRequest(
+				sigName,
+				subject,
+				kp.Public,
+				null,
+				kp.Private);
+
+			byte[] bytes = req1.GetEncoded();
+
+			Pkcs10CertificationRequest req2 = new Pkcs10CertificationRequest(bytes);
+
+			if (!req2.Verify())
+			{
+				Fail(sigName + ": Failed Verify check.");
+			}
+
+			if (!req2.GetPublicKey().Equals(req1.GetPublicKey()))
+			{
+				Fail(keyName + ": Failed public key check.");
+			}
+		}
+
+		/*
+		 * we generate a self signed certificate for the sake of testing - SHA224withECDSA
+		 */
+		private void createECRequest(
+			string				algorithm,
+			DerObjectIdentifier	algOid)
+		{
+			FpCurve curve = new FpCurve(
+				new BigInteger("6864797660130609714981900799081393217269435300143305409394463459185543183397656052122559640661454554977296311391480858037121987999716643812574028291115057151"), // q (or p)
+				new BigInteger("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC", 16),   // a
+				new BigInteger("0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00", 16));  // b
+
+			ECDomainParameters spec = new ECDomainParameters(
+				curve,
+//				curve.DecodePoint(Hex.Decode("02C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66")), // G
+				curve.DecodePoint(Hex.Decode("0200C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66")), // G
+				new BigInteger("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", 16)); // n
+
+			ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(
+				new BigInteger("5769183828869504557786041598510887460263120754767955773309066354712783118202294874205844512909370791582896372147797293913785865682804434049019366394746072023"), // d
+				spec);
+
+			ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
+//				curve.DecodePoint(Hex.Decode("026BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q
+				curve.DecodePoint(Hex.Decode("02006BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q
+				spec);
+
+//			//
+//			// set up the keys
+//			//
+//			AsymmetricKeyParameter privKey;
+//			AsymmetricKeyParameter pubKey;
+//
+//			KeyFactory fact = KeyFactory.getInstance("ECDSA");
+//
+//			privKey = fact.generatePrivate(privKeySpec);
+//			pubKey = fact.generatePublic(pubKeySpec);
+
+			Pkcs10CertificationRequest req = new Pkcs10CertificationRequest(
+				algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
+			if (!req.Verify())
+			{
+				Fail("Failed Verify check EC.");
+			}
+
+			req = new Pkcs10CertificationRequest(req.GetEncoded());
+			if (!req.Verify())
+			{
+				Fail("Failed Verify check EC encoded.");
+			}
+
+			//
+			// try with point compression turned off
+			//
+//			((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED");
+			FpPoint q = (FpPoint) pubKey.Q;
+			pubKey = new ECPublicKeyParameters(
+				pubKey.AlgorithmName,
+				new FpPoint(q.Curve, q.X, q.Y, false),
+				pubKey.Parameters);
+
+			req = new Pkcs10CertificationRequest(
+				algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
+			if (!req.Verify())
+			{
+				Fail("Failed Verify check EC uncompressed.");
+			}
+
+			req = new Pkcs10CertificationRequest(req.GetEncoded());
+			if (!req.Verify())
+			{
+				Fail("Failed Verify check EC uncompressed encoded.");
+			}
+
+			if (!req.SignatureAlgorithm.ObjectID.Equals(algOid))
+			{
+				Fail("ECDSA oid incorrect.");
+			}
+
+			if (req.SignatureAlgorithm.Parameters != null)
+			{
+				Fail("ECDSA parameters incorrect.");
+			}
+
+			ISigner sig = SignerUtilities.GetSigner(algorithm);
+
+			sig.Init(false, pubKey);
+
+			byte[] b = req.GetCertificationRequestInfo().GetEncoded();
+			sig.BlockUpdate(b, 0, b.Length);
+
+			if (!sig.VerifySignature(req.Signature.GetBytes()))
+			{
+				Fail("signature not mapped correctly.");
+			}
+		}
+
+		private void createECGostRequest()
+		{
+			string algorithm = "GOST3411withECGOST3410";
+			IAsymmetricCipherKeyPairGenerator ecGostKpg = GeneratorUtilities.GetKeyPairGenerator("ECGOST3410");
+
+			ecGostKpg.Init(
+				new ECKeyGenerationParameters(
+					CryptoProObjectIdentifiers.GostR3410x2001CryptoProA,
+					new SecureRandom()));
+
+			//
+			// set up the keys
+			//
+			AsymmetricCipherKeyPair pair = ecGostKpg.GenerateKeyPair();
+			AsymmetricKeyParameter privKey = pair.Private;
+			AsymmetricKeyParameter pubKey = pair.Public;
+
+			Pkcs10CertificationRequest req = new Pkcs10CertificationRequest(
+				algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
+
+			if (!req.Verify())
+			{
+				Fail("Failed Verify check EC.");
+			}
+
+			req = new Pkcs10CertificationRequest(req.GetEncoded());
+			if (!req.Verify())
+			{
+				Fail("Failed Verify check EC encoded.");
+			}
+
+			if (!req.SignatureAlgorithm.ObjectID.Equals(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001))
+			{
+				Fail("ECGOST oid incorrect.");
+			}
+
+			if (req.SignatureAlgorithm.Parameters != null)
+			{
+				Fail("ECGOST parameters incorrect.");
+			}
+
+			ISigner sig = SignerUtilities.GetSigner(algorithm);
+
+			sig.Init(false, pubKey);
+
+			byte[] b = req.GetCertificationRequestInfo().GetEncoded();
+			sig.BlockUpdate(b, 0, b.Length);
+
+			if (!sig.VerifySignature(req.Signature.GetBytes()))
+			{
+				Fail("signature not mapped correctly.");
+			}
+		}
+
+		private void createPssTest(
+			string algorithm)
+		{
+//			RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
+			RsaKeyParameters pubKey = new RsaKeyParameters(false,
+				new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
+				new BigInteger("010001",16));
+
+//			RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
+			RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters(
+				new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
+				new BigInteger("010001",16),
+				new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16),
+				new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16),
+				new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16),
+				new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16),
+				new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16),
+				new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16));
+
+//			KeyFactory  fact = KeyFactory.getInstance("RSA", "BC");
+//
+//			PrivateKey privKey = fact.generatePrivate(privKeySpec);
+//			PublicKey pubKey = fact.generatePublic(pubKeySpec);
+
+			Pkcs10CertificationRequest req = new Pkcs10CertificationRequest(
+				algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
+
+			if (!req.Verify())
+			{
+				Fail("Failed verify check PSS.");
+			}
+
+			req = new Pkcs10CertificationRequest(req.GetEncoded());
+			if (!req.Verify())
+			{
+				Fail("Failed verify check PSS encoded.");
+			}
+
+			if (!req.SignatureAlgorithm.ObjectID.Equals(PkcsObjectIdentifiers.IdRsassaPss))
+			{
+				Fail("PSS oid incorrect.");
+			}
+
+			if (req.SignatureAlgorithm.Parameters == null)
+			{
+				Fail("PSS parameters incorrect.");
+			}
+
+			ISigner sig = SignerUtilities.GetSigner(algorithm);
+
+			sig.Init(false, pubKey);
+
+			byte[] encoded = req.GetCertificationRequestInfo().GetEncoded();
+			sig.BlockUpdate(encoded, 0, encoded.Length);
+
+			if (!sig.VerifySignature(req.Signature.GetBytes()))
+			{
+				Fail("signature not mapped correctly.");
+			}
+		}
+
+		// previous code found to cause a NullPointerException
+		private void nullPointerTest()
+		{
+			IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
+			keyGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024));
+
+			AsymmetricCipherKeyPair pair = keyGen.GenerateKeyPair();
+
+			IList oids = new ArrayList();
+			IList values = new ArrayList();
+			oids.Add(X509Extensions.BasicConstraints);
+			values.Add(new X509Extension(true, new DerOctetString(new BasicConstraints(true))));
+			oids.Add(X509Extensions.KeyUsage);
+			values.Add(new X509Extension(true, new DerOctetString(
+				new KeyUsage(KeyUsage.KeyCertSign | KeyUsage.CrlSign))));
+			SubjectKeyIdentifier subjectKeyIdentifier = new SubjectKeyIdentifierStructure(pair.Public);
+			X509Extension ski = new X509Extension(false, new DerOctetString(subjectKeyIdentifier));
+			oids.Add(X509Extensions.SubjectKeyIdentifier);
+			values.Add(ski);
+
+			AttributePkcs attribute = new AttributePkcs(PkcsObjectIdentifiers.Pkcs9AtExtensionRequest,
+				new DerSet(new X509Extensions(oids, values)));
+
+			Pkcs10CertificationRequest p1 = new Pkcs10CertificationRequest(
+				"SHA1WithRSA", new X509Name("cn=csr"), pair.Public, new DerSet(attribute), pair.Private);
+			Pkcs10CertificationRequest p2 = new Pkcs10CertificationRequest(
+				"SHA1WithRSA", new X509Name("cn=csr"), pair.Public, new DerSet(attribute), pair.Private);
+
+			if (!p1.Equals(p2))
+			{
+				Fail("cert request comparison failed");
+			}
+		}
+
+		public override void PerformTest()
+		{
+			generationTest(512, "RSA", "SHA1withRSA");
+			generationTest(512, "GOST3410", "GOST3411withGOST3410");
+
+			//		if (Security.getProvider("SunRsaSign") != null)
+			//        {
+			//            generationTest(512, "RSA", "SHA1withRSA", "SunRsaSign");
+			//        }
+
+			// elliptic curve GOST A parameter set
+			Pkcs10CertificationRequest req = new Pkcs10CertificationRequest(gost3410EC_A);
+			if (!req.Verify())
+			{
+				Fail("Failed Verify check gost3410EC_A.");
+			}
+
+			// elliptic curve GOST B parameter set
+			req = new Pkcs10CertificationRequest(gost3410EC_B);
+			if (!req.Verify())
+			{
+				Fail("Failed Verify check gost3410EC_B.");
+			}
+
+			// elliptic curve GOST C parameter set
+			req = new Pkcs10CertificationRequest(gost3410EC_C);
+			if (!req.Verify())
+			{
+				Fail("Failed Verify check gost3410EC_C.");
+			}
+
+			// elliptic curve GOST ExA parameter set
+			req = new Pkcs10CertificationRequest(gost3410EC_ExA);
+			if (!req.Verify())
+			{
+				Fail("Failed Verify check gost3410EC_ExA.");
+			}
+
+			// elliptic curve GOST ExB parameter set
+			req = new Pkcs10CertificationRequest(gost3410EC_ExB);
+			if (!req.Verify())
+			{
+				Fail("Failed Verify check gost3410EC_ExA.");
+			}
+
+			// elliptic curve openSSL
+			IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
+
+			ECCurve curve = new FpCurve(
+				new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
+				new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+				new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+
+			ECDomainParameters ecSpec = new ECDomainParameters(
+				curve,
+				curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
+				new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n
+
+//			g.initialize(ecSpec, new SecureRandom());
+			g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom()));
+
+			AsymmetricCipherKeyPair kp = g.GenerateKeyPair();
+
+			req = new Pkcs10CertificationRequest(
+				"ECDSAWITHSHA1", new X509Name("CN=XXX"), kp.Public, null, kp.Private);
+
+			if (!req.Verify())
+			{
+				Fail("Failed Verify check EC.");
+			}
+
+			createECRequest("SHA1withECDSA", X9ObjectIdentifiers.ECDsaWithSha1);
+			createECRequest("SHA224withECDSA", X9ObjectIdentifiers.ECDsaWithSha224);
+			createECRequest("SHA256withECDSA", X9ObjectIdentifiers.ECDsaWithSha256);
+			createECRequest("SHA384withECDSA", X9ObjectIdentifiers.ECDsaWithSha384);
+			createECRequest("SHA512withECDSA", X9ObjectIdentifiers.ECDsaWithSha512);
+
+			createECGostRequest();
+
+			// TODO The setting of parameters for MGF algorithms is not implemented
+//			createPssTest("SHA1withRSAandMGF1");
+//			createPssTest("SHA224withRSAandMGF1");
+//			createPssTest("SHA256withRSAandMGF1");
+//			createPssTest("SHA384withRSAandMGF1");
+
+			nullPointerTest();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new Pkcs10CertRequestTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/PSSTest.cs b/crypto/test/src/test/PSSTest.cs
new file mode 100644
index 000000000..677289e7c
--- /dev/null
+++ b/crypto/test/src/test/PSSTest.cs
@@ -0,0 +1,253 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class PssTest
+		: SimpleTest
+	{
+		private class FixedRandom
+			: SecureRandom
+		{
+			private readonly byte[] vals;
+
+			public FixedRandom(
+				byte[] vals)
+			{
+				this.vals = vals;
+			}
+
+			public override void NextBytes(
+				byte[] bytes)
+			{
+				vals.CopyTo(bytes, 0);
+			}
+		}
+
+		private RsaKeyParameters pubKey = new RsaKeyParameters(false,
+			new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
+			new BigInteger("010001",16));
+
+		private RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters(
+			new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
+			new BigInteger("010001",16),
+			new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16),
+			new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16),
+			new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16),
+			new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16),
+			new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16),
+			new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16));
+
+		// PSSExample1.1
+
+		private static readonly byte[] msg1a = Hex.Decode("cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0");
+
+		private static readonly byte[] slt1a = Hex.Decode("dee959c7e06411361420ff80185ed57f3e6776af");
+
+		private static readonly byte[] sig1a = Hex.Decode("9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c");
+
+		private static readonly byte[] sig1b = Hex.Decode("96ea348db4db2947aee807bd687411a880913706f21b383a1002b97e43656e5450a9d1812efbedd1ed159f8307986adf48bada66a8efd14bd9e2f6f6f458e73b50c8ce6e3079011c5b4bd1600a2601a66198a1582574a43f13e0966c6c2337e6ca0886cd9e1b1037aeadef1382117d22b35e7e4403f90531c8cfccdf223f98e4");
+
+		private static readonly byte[] sig1c = Hex.Decode("9e64cc1062c537b142480bc5af407b55904ead970e20e0f8f6664279c96c6da6b03522160f224a85cc413dfe6bd00621485b665abac6d90ff38c9af06f4ddd6c7c81540439e5795601a1343d9feb465712ff8a5f5150391522fb5a9b8e2225a555f4efaa5e5c0ed7a19b27074c2d9f6dbbd0c893ba02c4a35b115d337bccd7a2");
+
+		public override void PerformTest()
+		{
+			ISigner s = SignerUtilities.GetSigner("SHA1withRSA/PSS");
+
+			s.Init(true, new ParametersWithRandom(privKey, new FixedRandom(slt1a)));
+			s.BlockUpdate(msg1a, 0, msg1a.Length);
+			byte[] sig = s.GenerateSignature();
+
+			if (!Arrays.AreEqual(sig1a, sig))
+			{
+				Fail("PSS Sign test expected "
+					+ Hex.ToHexString(sig1a) + " got "
+					+ Hex.ToHexString(sig));
+			}
+
+			s = SignerUtilities.GetSigner("SHA1withRSAandMGF1");
+
+			s.Init(false, pubKey);
+			s.BlockUpdate(msg1a, 0, msg1a.Length);
+			if (!s.VerifySignature(sig1a))
+			{
+				Fail("SHA1 signature verification failed");
+			}
+
+			s = SignerUtilities.GetSigner("SHA1withRSAandMGF1");
+
+			s.Init(false, pubKey);
+			s.BlockUpdate(msg1a, 0, msg1a.Length);
+			if (!s.VerifySignature(sig1a))
+			{
+				Fail("SHA1 signature verification with default parameters failed");
+			}
+
+//				AlgorithmParameters pss = s.getParameters();
+			// TODO Can we do some equivalent check?
+//				if (!Arrays.AreEqual(pss.getEncoded(), new byte[] { 0x30, 0x00 }))
+//				{
+//					Fail("failed default encoding test.");
+//				}
+
+			s = SignerUtilities.GetSigner("SHA256withRSA/PSS");
+
+			s.Init(true, new ParametersWithRandom(privKey, new FixedRandom(slt1a)));
+			s.BlockUpdate(msg1a, 0, msg1a.Length);
+			sig = s.GenerateSignature();
+
+			if (!Arrays.AreEqual(sig1b, sig))
+			{
+				Fail("PSS Sign test expected "
+					+ Hex.ToHexString(sig1b) + " got "
+					+ Hex.ToHexString(sig));
+			}
+
+			s = SignerUtilities.GetSigner("SHA256withRSAandMGF1");
+
+			s.Init(false, pubKey);
+			s.BlockUpdate(msg1a, 0, msg1a.Length);
+			if (!s.VerifySignature(sig1b))
+			{
+				Fail("SHA256 signature verification failed");
+			}
+
+			//
+			// 512 test -with zero salt length
+			//
+			//s = SignerUtilities.GetSigner("SHA512withRSAandMGF1");
+//				s.setParameter(
+//					new PSSParameterSpec("SHA-512", "MGF1", new MGF1ParameterSpec("SHA-512"), 0, 1));
+
+			// TODO How to do this via SignerUtilities/Init
+			// trailerField=1 above means use default/implicit trailer?)
+			s = new PssSigner(new RsaEngine(), new Sha512Digest(), 0, PssSigner.TrailerImplicit);
+			s.Init(true, privKey);
+
+			s.BlockUpdate(msg1a, 0, msg1a.Length);
+			sig = s.GenerateSignature();
+
+//				pss = s.getParameters();
+
+			if (!Arrays.AreEqual(sig1c, sig))
+			{
+				Fail("PSS Sign test expected "
+					+ Hex.ToHexString(sig1c) + " got "
+					+ Hex.ToHexString(sig));
+			}
+
+
+
+//				s = SignerUtilities.GetSigner("SHA512withRSAandMGF1");
+
+			// TODO How to do this via SignerUtilities/Init
+			// trailerField=1 above means use default/implicit trailer?)
+			s = new PssSigner(new RsaEngine(), new Sha512Digest(), 0, PssSigner.TrailerImplicit);
+			s.Init(false, pubKey);
+
+			s.BlockUpdate(msg1a, 0, msg1a.Length);
+			if (!s.VerifySignature(sig1c))
+			{
+				Fail("SHA512 signature verification failed");
+			}
+
+			SecureRandom random = new SecureRandom();
+
+			// Note: PSS minimum key size determined by hash/salt lengths
+//			PrivateKey priv2048Key = fact.generatePrivate(RSATest.priv2048KeySpec);
+//			PublicKey pub2048Key = fact.generatePublic(RSATest.pub2048KeySpec);
+			AsymmetricKeyParameter priv2048Key = RsaTest.priv2048KeySpec;
+			AsymmetricKeyParameter pub2048Key = RsaTest.pub2048KeySpec;
+
+			rawModeTest("SHA1withRSA/PSS", X509ObjectIdentifiers.IdSha1, priv2048Key, pub2048Key, random);
+			// FIXME
+//			rawModeTest("SHA224withRSA/PSS", NistObjectIdentifiers.IdSha224, priv2048Key, pub2048Key, random);
+//			rawModeTest("SHA256withRSA/PSS", NistObjectIdentifiers.IdSha256, priv2048Key, pub2048Key, random);
+//			rawModeTest("SHA384withRSA/PSS", NistObjectIdentifiers.IdSha384, priv2048Key, pub2048Key, random);
+//			rawModeTest("SHA512withRSA/PSS", NistObjectIdentifiers.IdSha512, priv2048Key, pub2048Key, random);
+		}
+
+		private void rawModeTest(string sigName, DerObjectIdentifier digestOID,
+			AsymmetricKeyParameter privKey, AsymmetricKeyParameter pubKey, SecureRandom random)
+		{
+			byte[] sampleMessage = new byte[1000 + random.Next() % 100];
+			random.NextBytes(sampleMessage);
+
+			ISigner normalSig = SignerUtilities.GetSigner(sigName);
+
+			// FIXME
+//			PSSParameterSpec spec = (PSSParameterSpec)normalSig.getParameters().getParameterSpec(PSSParameterSpec.class);
+
+			// Make sure we generate the same 'random' salt for both normal and raw signers
+			// FIXME
+//			int saltLen = spec.getSaltLength();
+//			byte[] fixedRandomBytes = new byte[saltLen];
+			byte[] fixedRandomBytes = new byte[128];
+			random.NextBytes(fixedRandomBytes);
+
+			normalSig.Init(true, new ParametersWithRandom(privKey, FixedSecureRandom.From(fixedRandomBytes)));
+			normalSig.BlockUpdate(sampleMessage, 0, sampleMessage.Length);
+			byte[] normalResult = normalSig.GenerateSignature();
+
+			byte[] hash = DigestUtilities.CalculateDigest(digestOID.Id, sampleMessage);
+		
+			ISigner rawSig = SignerUtilities.GetSigner("RAWRSASSA-PSS");
+
+			// Need to init the params explicitly to avoid having a 'raw' variety of every PSS algorithm
+			// FIXME
+//			rawSig.setParameter(spec);
+
+			rawSig.Init(true, new ParametersWithRandom(privKey, FixedSecureRandom.From(fixedRandomBytes)));
+			rawSig.BlockUpdate(hash, 0, hash.Length);
+			byte[] rawResult = rawSig.GenerateSignature();
+
+			if (!Arrays.AreEqual(normalResult, rawResult))
+			{
+				Fail("raw mode signature differs from normal one");
+			}
+
+			rawSig.Init(false, pubKey);
+			rawSig.BlockUpdate(hash, 0, hash.Length);
+
+			if (!rawSig.VerifySignature(rawResult))
+			{
+				Fail("raw mode signature verification failed");
+			}
+		}
+
+		public override string Name
+		{
+			get { return "PSS"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new PssTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/PkixNameConstraintsTest.cs b/crypto/test/src/test/PkixNameConstraintsTest.cs
new file mode 100644
index 000000000..a20fc33c4
--- /dev/null
+++ b/crypto/test/src/test/PkixNameConstraintsTest.cs
@@ -0,0 +1,433 @@
+using System;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Pkix;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	/// <summary>
+	/// Test class for {@link PkixNameConstraintValidator}.
+	/// The field testXYZ is the name to test.
+	/// The field testXYZIsConstraint must be tested if it is permitted and excluded.
+	/// The field testXYZIsNotConstraint must be tested if it is not permitted and
+	/// not excluded.
+	/// Furthermore there are tests for the intersection and union of test names.
+	/// </summary>
+	[TestFixture]
+	public class PkixNameConstraintsTest
+		: SimpleTest
+	{
+		private readonly string testEmail = "test@abc.test.com";
+
+		private readonly string[] testEmailIsConstraint = { "test@abc.test.com", "abc.test.com", ".test.com" };
+
+		private readonly string[] testEmailIsNotConstraint = { ".abc.test.com", "www.test.com", "test1@abc.test.com", "bc.test.com" };
+
+		private readonly string[] email1 = {
+			"test@test.com", "test@test.com", "test@test.com", "test@abc.test.com",
+			"test@test.com", "test@test.com", ".test.com", ".test.com",
+			".test.com", ".test.com", "test.com", "abc.test.com",
+			"abc.test1.com", "test.com", "test.com", ".test.com" };
+
+		private readonly string[] email2 = {
+			"test@test.abc.com", "test@test.com", ".test.com", ".test.com",
+			"test.com", "test1.com", "test@test.com", ".test.com",
+			".test1.com", "test.com", "test.com", ".test.com", ".test.com",
+			"test1.com", ".test.com", "abc.test.com" };
+
+		private readonly string[] emailintersect = {
+			null, "test@test.com", null, "test@abc.test.com", "test@test.com", null,
+			null, ".test.com", null, null, "test.com", "abc.test.com", null,
+			null, null, "abc.test.com" };
+
+		private readonly string[][] emailunion = new string[16][] {
+			new string[] { "test@test.com", "test@test.abc.com" },
+			new string[] { "test@test.com" },
+			new string[] { "test@test.com", ".test.com" },
+			new string[] { ".test.com" },
+			new string[] { "test.com" },
+			new string[] { "test@test.com", "test1.com" },
+			new string[] { ".test.com", "test@test.com" },
+			new string[] { ".test.com" },
+			new string[] { ".test.com", ".test1.com" },
+			new string[] { ".test.com", "test.com" },
+			new string[] { "test.com" },
+			new string[] { ".test.com" },
+			new string[] { ".test.com", "abc.test1.com" },
+			new string[] { "test1.com", "test.com" },
+			new string[] { ".test.com", "test.com" },
+			new string[] { ".test.com" } };
+
+		private readonly string[] dn1 = { "O=test org, OU=test org unit, CN=John Doe" };
+
+		private readonly string[] dn2 = { "O=test org, OU=test org unit" };
+
+		private readonly string[][] dnUnion = new string[1][] {
+			new string[] { "O=test org, OU=test org unit" } };
+
+		private readonly string[] dnIntersection = { "O=test org, OU=test org unit, CN=John Doe" };
+
+		private readonly string testDN = "O=test org, OU=test org unit, CN=John Doe";
+
+		private readonly string[] testDNIsConstraint = {
+			"O=test org, OU=test org unit",
+			"O=test org, OU=test org unit, CN=John Doe" };
+
+		private readonly string[] testDNIsNotConstraint = {
+			"O=test org, OU=test org unit, CN=John Doe2",
+			"O=test org, OU=test org unit2",
+			"OU=test org unit, O=test org, CN=John Doe",
+			"O=test org, OU=test org unit, CN=John Doe, L=USA" };
+
+		private readonly string testDNS = "abc.test.com";
+
+		private readonly string[] testDNSIsConstraint = { "test.com", "abc.test.com", "test.com" };
+
+		private readonly string[] testDNSIsNotConstraint = { "wwww.test.com", "ww.test.com", "www.test.com" };
+
+		private readonly string[] dns1 = { "www.test.de", "www.test1.de", "www.test.de" };
+
+		private readonly string[] dns2 = { "test.de", "www.test.de", "www.test.de" };
+
+		private readonly string[] dnsintersect = { "www.test.de", null, null };
+
+		private readonly string[][] dnsunion = new string[3][] {
+			new string[] { "test.de" },
+			new string[] { "www.test1.de", "www.test.de" },
+			new string[] { "www.test.de" } };
+
+		private readonly string testURI = "http://karsten:password@abc.test.com:8080";
+
+		private readonly string[] testURIIsConstraint = { "abc.test.com", ".test.com" };
+
+		private readonly string[] testURIIsNotConstraint = { "xyz.test.com", ".abc.test.com" };
+
+		private readonly string[] uri1 = { "www.test.de", ".test.de", "test1.de", ".test.de" };
+
+		private readonly string[] uri2 = { "test.de", "www.test.de", "test1.de", ".test.de" };
+
+		private readonly string[] uriintersect = { null, "www.test.de", "test1.de", ".test.de" };
+
+		private readonly string[][] uriunion = new string[4][] {
+			new string[] { "www.test.de", "test.de" },
+			new string[] { ".test.de" },
+			new string[] { "test1.de" },
+			new string[] { ".test.de" } };
+
+		private readonly byte[] testIP = { (byte)192, (byte)168, 1, 2 };
+
+		private readonly byte[][] testIPIsConstraint = new byte[2][] {
+			new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 0 },
+			new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 4 } };
+
+		private readonly byte[][] testIPIsNotConstraint = new byte[2][] {
+			new byte[] { (byte) 192, (byte) 168, 3, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 2 },
+			new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 3 } };
+
+		private readonly byte[][] ip1 = new byte[3][] {
+			new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
+						(byte) 0xFE, (byte) 0xFF },
+			new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
+						(byte) 0xFF, (byte) 0xFF },
+			new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
+						(byte) 0xFF, (byte) 0x00 } };
+
+		private readonly byte[][] ip2 = new byte[3][] {
+			new byte[] { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF,
+						(byte) 0xFC, 3 },
+			new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
+						(byte) 0xFF, (byte) 0xFF },
+			new byte[] { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF,
+						(byte) 0xFF, (byte) 0x00 } };
+
+		private readonly byte[][] ipintersect = new byte[3][] {
+			new byte[] { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF,
+						(byte) 0xFE, (byte) 0xFF },
+			new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
+						(byte) 0xFF, (byte) 0xFF }, null };
+
+		private readonly byte[][][] ipunion = new byte[3][][] {
+			new byte[2][] {
+							new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
+											(byte) 0xFE, (byte) 0xFF },
+							new byte[] { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF,
+											(byte) 0xFC, 3 } },
+			new byte[1][] {
+							new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
+											(byte) 0xFF, (byte) 0xFF } },
+			new byte[2][] {
+							new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
+											(byte) 0xFF, (byte) 0x00 },
+							new byte[] { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF,
+											(byte) 0xFF, (byte) 0x00 } } };
+
+		public override string Name
+		{
+			get { return "PkixNameConstraintsTest"; }
+		}
+
+		public override void PerformTest()
+		{
+			TestConstraints(GeneralName.Rfc822Name, testEmail,
+				testEmailIsConstraint, testEmailIsNotConstraint, email1, email2,
+				emailunion, emailintersect);
+			TestConstraints(GeneralName.DnsName, testDNS, testDNSIsConstraint,
+				testDNSIsNotConstraint, dns1, dns2, dnsunion, dnsintersect);
+			TestConstraints(GeneralName.DirectoryName, testDN, testDNIsConstraint,
+				testDNIsNotConstraint, dn1, dn2, dnUnion, dnIntersection);
+			TestConstraints(GeneralName.UniformResourceIdentifier, testURI,
+				testURIIsConstraint, testURIIsNotConstraint, uri1, uri2, uriunion,
+				uriintersect);
+			TestConstraints(GeneralName.IPAddress, testIP, testIPIsConstraint,
+				testIPIsNotConstraint, ip1, ip2, ipunion, ipintersect);
+		}
+
+		/**
+		 * Tests string based GeneralNames for inclusion or exclusion.
+		 * 
+		 * @param nameType The {@link GeneralName} type to test.
+		 * @param testName The name to test.
+		 * @param testNameIsConstraint The names where <code>testName</code> must
+		 *            be included and excluded.
+		 * @param testNameIsNotConstraint The names where <code>testName</code>
+		 *            must not be excluded and included.
+		 * @param testNames1 Operand 1 of test names to use for union and
+		 *            intersection testing.
+		 * @param testNames2 Operand 2 of test names to use for union and
+		 *            intersection testing.
+		 * @param testUnion The union results.
+		 * @param testInterSection The intersection results.
+		 * @throws Exception If an unexpected exception occurs.
+		 */
+		private void TestConstraints(
+			int			nameType,
+			string		testName,
+			string[]	testNameIsConstraint,
+			string[]	testNameIsNotConstraint,
+			string[]	testNames1,
+			string[]	testNames2,
+			string[][]	testUnion,
+			string[]	testInterSection)
+		{
+			for (int i = 0; i < testNameIsConstraint.Length; i++)
+			{
+				PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator();
+				constraintValidator.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree(
+					new GeneralName(nameType, testNameIsConstraint[i]))));
+				constraintValidator.checkPermitted(new GeneralName(nameType, testName));
+			}
+			for (int i = 0; i < testNameIsNotConstraint.Length; i++)
+			{
+				PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator();
+				constraintValidator.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree(
+					new GeneralName(nameType, testNameIsNotConstraint[i]))));
+				try
+				{
+					constraintValidator.checkPermitted(new GeneralName(nameType, testName));
+					Fail("not permitted name allowed: " + nameType);
+				}
+				catch (PkixNameConstraintValidatorException)
+				{
+					// expected
+				}
+			}
+			for (int i = 0; i < testNameIsConstraint.Length; i++)
+			{
+				PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator();
+				constraintValidator.AddExcludedSubtree(new GeneralSubtree(new GeneralName(
+					nameType, testNameIsConstraint[i])));
+				try
+				{
+					constraintValidator.checkExcluded(new GeneralName(nameType, testName));
+					Fail("excluded name missed: " + nameType);
+				}
+				catch (PkixNameConstraintValidatorException)
+				{
+					// expected
+				}
+			}
+			for (int i = 0; i < testNameIsNotConstraint.Length; i++)
+			{
+				PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator();
+				constraintValidator.AddExcludedSubtree(new GeneralSubtree(new GeneralName(
+					nameType, testNameIsNotConstraint[i])));
+				constraintValidator.checkExcluded(new GeneralName(nameType, testName));
+			}
+			for (int i = 0; i < testNames1.Length; i++)
+			{
+				PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator();
+				constraintValidator.AddExcludedSubtree(new GeneralSubtree(new GeneralName(
+					nameType, testNames1[i])));
+				constraintValidator.AddExcludedSubtree(new GeneralSubtree(new GeneralName(
+					nameType, testNames2[i])));
+				PkixNameConstraintValidator constraints2 = new PkixNameConstraintValidator();
+				for (int j = 0; j < testUnion[i].Length; j++)
+				{
+					constraints2.AddExcludedSubtree(new GeneralSubtree(
+						new GeneralName(nameType, testUnion[i][j])));
+				}
+				if (!constraints2.Equals(constraintValidator))
+				{
+					Fail("union wrong: " + nameType);
+				}
+				constraintValidator = new PkixNameConstraintValidator();
+				constraintValidator.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree(
+					new GeneralName(nameType, testNames1[i]))));
+				constraintValidator.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree(
+					new GeneralName(nameType, testNames2[i]))));
+				constraints2 = new PkixNameConstraintValidator();
+				if (testInterSection[i] != null)
+				{
+					constraints2.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree(
+						new GeneralName(nameType, testInterSection[i]))));
+				}
+				else
+				{
+					constraints2.IntersectEmptyPermittedSubtree(nameType);
+				}
+				if (!constraints2.Equals(constraintValidator))
+				{
+					Fail("intersection wrong: " + nameType);
+				}
+			}
+		}
+
+		/**
+		 * Tests byte array based GeneralNames for inclusion or exclusion.
+		 * 
+		 * @param nameType The {@link GeneralName} type to test.
+		 * @param testName The name to test.
+		 * @param testNameIsConstraint The names where <code>testName</code> must
+		 *            be included and excluded.
+		 * @param testNameIsNotConstraint The names where <code>testName</code>
+		 *            must not be excluded and included.
+		 * @param testNames1 Operand 1 of test names to use for union and
+		 *            intersection testing.
+		 * @param testNames2 Operand 2 of test names to use for union and
+		 *            intersection testing.
+		 * @param testUnion The union results.
+		 * @param testInterSection The intersection results.
+		 * @throws Exception If an unexpected exception occurs.
+		 */
+		private void TestConstraints(
+			int nameType,
+			byte[] testName,
+			byte[][] testNameIsConstraint,
+			byte[][] testNameIsNotConstraint,
+			byte[][] testNames1,
+			byte[][] testNames2,
+			byte[][][] testUnion,
+			byte[][] testInterSection)
+		{
+			for (int i = 0; i < testNameIsConstraint.Length; i++)
+			{
+				PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator();
+				constraintValidator.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree(
+					new GeneralName(nameType, new DerOctetString(
+					testNameIsConstraint[i])))));
+				constraintValidator.checkPermitted(new GeneralName(nameType,
+					new DerOctetString(testName)));
+			}
+			for (int i = 0; i < testNameIsNotConstraint.Length; i++)
+			{
+				PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator();
+				constraintValidator.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree(
+					new GeneralName(nameType, new DerOctetString(
+					testNameIsNotConstraint[i])))));
+				try
+				{
+					constraintValidator.checkPermitted(new GeneralName(nameType,
+						new DerOctetString(testName)));
+					Fail("not permitted name allowed: " + nameType);
+				}
+				catch (PkixNameConstraintValidatorException)
+				{
+					// expected
+				}
+			}
+			for (int i = 0; i < testNameIsConstraint.Length; i++)
+			{
+				PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator();
+				constraintValidator.AddExcludedSubtree(new GeneralSubtree(new GeneralName(
+					nameType, new DerOctetString(testNameIsConstraint[i]))));
+				try
+				{
+					constraintValidator.checkExcluded(new GeneralName(nameType,
+						new DerOctetString(testName)));
+					Fail("excluded name missed: " + nameType);
+				}
+				catch (PkixNameConstraintValidatorException)
+				{
+					// expected
+				}
+			}
+			for (int i = 0; i < testNameIsNotConstraint.Length; i++)
+			{
+				PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator();
+				constraintValidator.AddExcludedSubtree(new GeneralSubtree(new GeneralName(
+					nameType, new DerOctetString(testNameIsNotConstraint[i]))));
+				constraintValidator.checkExcluded(new GeneralName(nameType,
+					new DerOctetString(testName)));
+			}
+			for (int i = 0; i < testNames1.Length; i++)
+			{
+				PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator();
+				constraintValidator.AddExcludedSubtree(new GeneralSubtree(new GeneralName(
+					nameType, new DerOctetString(testNames1[i]))));
+				constraintValidator.AddExcludedSubtree(new GeneralSubtree(new GeneralName(
+					nameType, new DerOctetString(testNames2[i]))));
+				PkixNameConstraintValidator constraints2 = new PkixNameConstraintValidator();
+				for (int j = 0; j < testUnion[i].Length; j++)
+				{
+					constraints2.AddExcludedSubtree(new GeneralSubtree(
+						new GeneralName(nameType, new DerOctetString(
+						testUnion[i][j]))));
+				}
+				if (!constraints2.Equals(constraintValidator))
+				{
+					Fail("union wrong: " + nameType);
+				}
+				constraintValidator = new PkixNameConstraintValidator();
+				constraintValidator.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree(
+					new GeneralName(nameType, new DerOctetString(testNames1[i])))));
+				constraintValidator.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree(
+					new GeneralName(nameType, new DerOctetString(testNames2[i])))));
+				constraints2 = new PkixNameConstraintValidator();
+				if (testInterSection[i] != null)
+				{
+					constraints2.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree(
+						new GeneralName(nameType, new DerOctetString(
+						testInterSection[i])))));
+				}
+				else
+				{
+					constraints2.IntersectEmptyPermittedSubtree(nameType);
+				}
+
+				if (!constraints2.Equals(constraintValidator))
+				{
+					Fail("intersection wrong: " + nameType);
+				}
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new PkixNameConstraintsTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/PkixPolicyMappingTest.cs b/crypto/test/src/test/PkixPolicyMappingTest.cs
new file mode 100644
index 000000000..47e2c3120
--- /dev/null
+++ b/crypto/test/src/test/PkixPolicyMappingTest.cs
@@ -0,0 +1,419 @@
+using System;
+using System.Collections;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Pkix;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class PkixPolicyMappingTest : SimpleTest
+	{
+		static X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
+
+		public override string Name
+		{
+			get { return "PkixPolicyMapping"; }
+		}
+
+		/**
+		 * TrustAnchor's Cert
+		 */
+		private X509Certificate CreateTrustCert(
+			AsymmetricKeyParameter pubKey,
+			AsymmetricKeyParameter privKey)
+		{
+			string issuer = "C=JP, O=policyMappingAdditionalTest, OU=trustAnchor";
+			string subject = "C=JP, O=policyMappingAdditionalTest, OU=trustAnchor";
+			v3CertGen.SetSerialNumber(BigInteger.ValueOf(10));
+			v3CertGen.SetIssuerDN(new X509Name(issuer));
+			v3CertGen.SetNotBefore(DateTime.UtcNow.AddDays(-30));
+			v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(30));
+			v3CertGen.SetSubjectDN(new X509Name(subject));
+			v3CertGen.SetPublicKey(pubKey);
+			v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
+			X509Certificate cert = v3CertGen.Generate(privKey);
+			return cert;
+		}
+
+		/**
+		 * intermediate cert
+		 */
+		private X509Certificate CreateIntmedCert(
+			AsymmetricKeyParameter pubKey,
+			AsymmetricKeyParameter caPrivKey,
+			AsymmetricKeyParameter caPubKey,
+			Asn1EncodableVector policies,
+			Hashtable policyMap)
+		{
+			string issuer = "C=JP, O=policyMappingAdditionalTest, OU=trustAnchor";
+			string subject = "C=JP, O=policyMappingAdditionalTest, OU=intmedCA";
+			v3CertGen.Reset();
+			v3CertGen.SetSerialNumber(BigInteger.ValueOf(20));
+			v3CertGen.SetIssuerDN(new X509Name(issuer));
+			v3CertGen.SetNotBefore(DateTime.UtcNow.AddDays(-30));
+			v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(30));
+			v3CertGen.SetSubjectDN(new X509Name(subject));
+			v3CertGen.SetPublicKey(pubKey);
+			v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
+			v3CertGen.AddExtension(X509Extensions.CertificatePolicies, true, new DerSequence(policies));
+			v3CertGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(true));
+			v3CertGen.AddExtension(X509Extensions.PolicyMappings, true, new PolicyMappings(policyMap));
+			X509Certificate cert = v3CertGen.Generate(caPrivKey);
+			return cert;
+		}
+
+		/**
+		 * endEntity cert
+		 */
+		private X509Certificate CreateEndEntityCert(
+			AsymmetricKeyParameter pubKey,
+			AsymmetricKeyParameter caPrivKey,
+			AsymmetricKeyParameter caPubKey,
+			Asn1EncodableVector policies)
+		{
+			string issuer = "C=JP, O=policyMappingAdditionalTest, OU=intMedCA";
+			string subject = "C=JP, O=policyMappingAdditionalTest, OU=endEntity";
+			v3CertGen.Reset();
+			v3CertGen.SetSerialNumber(BigInteger.ValueOf(20));
+			v3CertGen.SetIssuerDN(new X509Name(issuer));
+			v3CertGen.SetNotBefore(DateTime.UtcNow.AddDays(-30));
+			v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(30));
+			v3CertGen.SetSubjectDN(new X509Name(subject));
+			v3CertGen.SetPublicKey(pubKey);
+			v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
+			v3CertGen.AddExtension(X509Extensions.CertificatePolicies, true, new DerSequence(policies));
+			X509Certificate cert = v3CertGen.Generate(caPrivKey);
+			return cert;
+		}
+
+		private string TestPolicies(
+			int index,
+			X509Certificate trustCert,
+			X509Certificate intCert,
+			X509Certificate endCert,
+			ISet requirePolicies,
+			bool okay)
+		{
+			ISet trust = new HashSet();
+			trust.Add(new TrustAnchor(trustCert, null));
+			X509CertStoreSelector targetConstraints = new X509CertStoreSelector();
+			targetConstraints.Subject = endCert.SubjectDN;
+			PkixBuilderParameters pbParams = new PkixBuilderParameters(trust, targetConstraints);
+
+			ISet certs = new HashSet();
+			certs.Add(intCert);
+			certs.Add(endCert);
+
+			IX509Store store = X509StoreFactory.Create(
+				"CERTIFICATE/COLLECTION",
+				new X509CollectionStoreParameters(certs));
+			pbParams.AddStore(store);
+
+			pbParams.IsRevocationEnabled = false;
+			if (requirePolicies != null)
+			{
+				pbParams.IsExplicitPolicyRequired = true;
+				pbParams.SetInitialPolicies(requirePolicies);
+			}
+
+//			CertPathBuilder cpb = CertPathBuilder.GetInstance("PKIX");
+			PkixCertPathBuilder cpb = new PkixCertPathBuilder();
+			PkixCertPathBuilderResult result = null;
+
+			try
+			{
+				result = (PkixCertPathBuilderResult)cpb.Build(pbParams);
+
+				if (!okay)
+				{
+					Fail(index + ": path validated when failure expected.");
+				}
+
+//				if (result.getPolicyTree() != null)
+//				{
+//					Console.WriteLine("OK");
+//					Console.WriteLine("policy: " + result.getPolicyTree());
+//				}
+//				else
+//				{
+//					Console.WriteLine("OK: policy tree = null");
+//				}
+
+				return "";
+			}
+			catch (TestFailedException e)
+			{
+				throw e;
+			}
+			catch (Exception e)
+			{
+				if (okay)
+				{
+					Fail(index + ": path failed to validate when success expected.");
+				}
+
+				Exception ee = e.InnerException;
+				if (ee != null)
+				{
+					return ee.Message;
+				}
+
+				return e.Message;
+			}
+		}
+
+		public override void PerformTest()
+		{
+			//
+			// personal keys
+			//
+			RsaPublicKeyStructure pubKeySpec = new RsaPublicKeyStructure(
+				new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+				new BigInteger("11", 16));
+
+			RsaPrivateCrtKeyParameters privKeySpec = new RsaPrivateCrtKeyParameters(
+				new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+				new BigInteger("11", 16),
+				new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
+				new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
+				new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
+				new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
+				new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
+				new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
+
+			//
+			// intermediate keys.
+			//
+			RsaPublicKeyStructure intPubKeySpec = new RsaPublicKeyStructure(
+				new BigInteger("8de0d113c5e736969c8d2b047a243f8fe18edad64cde9e842d3669230ca486f7cfdde1f8eec54d1905fff04acc85e61093e180cadc6cea407f193d44bb0e9449b8dbb49784cd9e36260c39e06a947299978c6ed8300724e887198cfede20f3fbde658fa2bd078be946a392bd349f2b49c486e20c405588e306706c9017308e69", 16),
+				new BigInteger("ffff", 16));
+
+
+			RsaPrivateCrtKeyParameters intPrivKeySpec = new RsaPrivateCrtKeyParameters(
+				new BigInteger("8de0d113c5e736969c8d2b047a243f8fe18edad64cde9e842d3669230ca486f7cfdde1f8eec54d1905fff04acc85e61093e180cadc6cea407f193d44bb0e9449b8dbb49784cd9e36260c39e06a947299978c6ed8300724e887198cfede20f3fbde658fa2bd078be946a392bd349f2b49c486e20c405588e306706c9017308e69", 16),
+				new BigInteger("ffff", 16),
+				new BigInteger("7deb1b194a85bcfd29cf871411468adbc987650903e3bacc8338c449ca7b32efd39ffc33bc84412fcd7df18d23ce9d7c25ea910b1ae9985373e0273b4dca7f2e0db3b7314056ac67fd277f8f89cf2fd73c34c6ca69f9ba477143d2b0e2445548aa0b4a8473095182631da46844c356f5e5c7522eb54b5a33f11d730ead9c0cff", 16),
+				new BigInteger("ef4cede573cea47f83699b814de4302edb60eefe426c52e17bd7870ec7c6b7a24fe55282ebb73775f369157726fcfb988def2b40350bdca9e5b418340288f649", 16),
+				new BigInteger("97c7737d1b9a0088c3c7b528539247fd2a1593e7e01cef18848755be82f4a45aa093276cb0cbf118cb41117540a78f3fc471ba5d69f0042274defc9161265721", 16),
+				new BigInteger("6c641094e24d172728b8da3c2777e69adfd0839085be7e38c7c4a2dd00b1ae969f2ec9d23e7e37090fcd449a40af0ed463fe1c612d6810d6b4f58b7bfa31eb5f", 16),
+				new BigInteger("70b7123e8e69dfa76feb1236d0a686144b00e9232ed52b73847e74ef3af71fb45ccb24261f40d27f98101e230cf27b977a5d5f1f15f6cf48d5cb1da2a3a3b87f", 16),
+				new BigInteger("e38f5750d97e270996a286df2e653fd26c242106436f5bab0f4c7a9e654ce02665d5a281f2c412456f2d1fa26586ef04a9adac9004ca7f913162cb28e13bf40d", 16));
+
+			//
+			// ca keys
+			//
+			RsaPublicKeyStructure caPubKeySpec = new RsaPublicKeyStructure(
+				new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16),
+				new BigInteger("11", 16));
+
+			RsaPrivateCrtKeyParameters caPrivKeySpec = new RsaPrivateCrtKeyParameters(
+				new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16),
+				new BigInteger("11", 16),
+				new BigInteger("92e08f83cc9920746989ca5034dcb384a094fb9c5a6288fcc4304424ab8f56388f72652d8fafc65a4b9020896f2cde297080f2a540e7b7ce5af0b3446e1258d1dd7f245cf54124b4c6e17da21b90a0ebd22605e6f45c9f136d7a13eaac1c0f7487de8bd6d924972408ebb58af71e76fd7b012a8d0e165f3ae2e5077a8648e619", 16),
+				new BigInteger("f75e80839b9b9379f1cf1128f321639757dba514642c206bbbd99f9a4846208b3e93fbbe5e0527cc59b1d4b929d9555853004c7c8b30ee6a213c3d1bb7415d03", 16),
+				new BigInteger("b892d9ebdbfc37e397256dd8a5d3123534d1f03726284743ddc6be3a709edb696fc40c7d902ed804c6eee730eee3d5b20bf6bd8d87a296813c87d3b3cc9d7947", 16),
+				new BigInteger("1d1a2d3ca8e52068b3094d501c9a842fec37f54db16e9a67070a8b3f53cc03d4257ad252a1a640eadd603724d7bf3737914b544ae332eedf4f34436cac25ceb5", 16),
+				new BigInteger("6c929e4e81672fef49d9c825163fec97c4b7ba7acb26c0824638ac22605d7201c94625770984f78a56e6e25904fe7db407099cad9b14588841b94f5ab498dded", 16),
+				new BigInteger("dae7651ee69ad1d081ec5e7188ae126f6004ff39556bde90e0b870962fa7b926d070686d8244fe5a9aa709a95686a104614834b0ada4b10f53197a5cb4c97339", 16));
+
+			//
+			// set up the keys
+			//
+			AsymmetricKeyParameter caPrivKey = caPrivKeySpec;
+			RsaKeyParameters caPubKey = new RsaKeyParameters(false, caPubKeySpec.Modulus, caPubKeySpec.PublicExponent);
+			AsymmetricKeyParameter intPrivKey = intPrivKeySpec;
+			RsaKeyParameters intPubKey = new RsaKeyParameters(false, intPubKeySpec.Modulus, intPubKeySpec.PublicExponent);
+			AsymmetricKeyParameter privKey = privKeySpec;
+			RsaKeyParameters pubKey = new RsaKeyParameters(false, pubKeySpec.Modulus, intPubKeySpec.PublicExponent);
+
+			X509Certificate trustCert = CreateTrustCert(caPubKey, caPrivKeySpec);
+			Asn1EncodableVector intPolicies = null;
+			Hashtable map = null;
+			Asn1EncodableVector policies = null;
+			ISet requirePolicies = null;
+			X509Certificate intCert = null;
+			X509Certificate endCert = null;
+
+			// valid test_00
+			intPolicies = new Asn1EncodableVector();
+			intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0")));
+			map = new Hashtable();
+			map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2";
+			intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
+
+			policies = new Asn1EncodableVector();
+			policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.2")));
+			endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
+
+			requirePolicies = null;
+			string msg = TestPolicies(0, trustCert, intCert, endCert, requirePolicies, true);
+			CheckMessage(0, msg, "");
+
+			// test_01
+			intPolicies = new Asn1EncodableVector();
+			intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0")));
+			map = new Hashtable();
+			map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2";
+			intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
+
+			policies = new Asn1EncodableVector();
+			policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.2")));
+			endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
+
+			requirePolicies = new HashSet();
+			requirePolicies.Add("2.16.840.1.101.3.2.1.48.1");
+			msg = TestPolicies(1, trustCert, intCert, endCert, requirePolicies, true);
+			CheckMessage(1, msg, "");
+
+			// test_02
+			intPolicies = new Asn1EncodableVector();
+			intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0")));
+			map = new Hashtable();
+			map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2";
+			intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
+
+			policies = new Asn1EncodableVector();
+			policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.2")));
+			endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
+
+			requirePolicies = new HashSet();
+			requirePolicies.Add("2.5.29.32.0");
+			msg = TestPolicies(2, trustCert, intCert, endCert, requirePolicies, true);
+			CheckMessage(2, msg, "");
+
+			// test_03
+			intPolicies = new Asn1EncodableVector();
+			intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.3")));
+			intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0")));
+			map = new Hashtable();
+			map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2";
+			intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
+
+			policies = new Asn1EncodableVector();
+			policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.2")));
+			endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
+
+			requirePolicies = new HashSet();
+			requirePolicies.Add("2.16.840.1.101.3.2.1.48.1");
+			msg = TestPolicies(3, trustCert, intCert, endCert, requirePolicies, true);
+			CheckMessage(3, msg, "");
+
+			// test_04
+			intPolicies = new Asn1EncodableVector();
+			intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.3")));
+			intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0")));
+			map = new Hashtable();
+			map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2";
+			intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
+
+			policies = new Asn1EncodableVector();
+			policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.3")));
+			endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
+
+			requirePolicies = new HashSet();
+			requirePolicies.Add("2.16.840.1.101.3.2.1.48.3");
+			msg = TestPolicies(4, trustCert, intCert, endCert, requirePolicies, true);
+			CheckMessage(4, msg, "");
+
+			// test_05
+			intPolicies = new Asn1EncodableVector();
+			intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0")));
+			map = new Hashtable();
+			map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2";
+			intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
+
+			policies = new Asn1EncodableVector();
+			policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.2")));
+			endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
+
+			requirePolicies = new HashSet();
+			requirePolicies.Add("2.16.840.1.101.3.2.1.48.2");
+			msg = TestPolicies(5, trustCert, intCert, endCert, requirePolicies, false);
+			CheckMessage(5, msg, "Path processing failed on policy.");
+
+			// test_06
+			intPolicies = new Asn1EncodableVector();
+			intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0")));
+			map = new Hashtable();
+			map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2";
+			intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
+
+			policies = new Asn1EncodableVector();
+			policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.1")));
+			endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
+
+			requirePolicies = new HashSet();
+			requirePolicies.Add("2.16.840.1.101.3.2.1.48.1");
+			msg = TestPolicies(6, trustCert, intCert, endCert, requirePolicies, true);
+			CheckMessage(6, msg, "");
+
+			// test_07
+			intPolicies = new Asn1EncodableVector();
+			intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0")));
+			map = new Hashtable();
+			map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2";
+			intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
+
+			policies = new Asn1EncodableVector();
+			policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.2")));
+			endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
+
+			requirePolicies = new HashSet();
+			requirePolicies.Add("2.16.840.1.101.3.2.1.48.3");
+			msg = TestPolicies(7, trustCert, intCert, endCert, requirePolicies, false);
+			CheckMessage(7, msg, "Path processing failed on policy.");
+
+			// test_08
+			intPolicies = new Asn1EncodableVector();
+			intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0")));
+			map = new Hashtable();
+			map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2";
+			intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
+
+			policies = new Asn1EncodableVector();
+			policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.3")));
+			endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
+
+			requirePolicies = new HashSet();
+			requirePolicies.Add("2.16.840.1.101.3.2.1.48.1");
+			msg = TestPolicies(8, trustCert, intCert, endCert, requirePolicies, false);
+			CheckMessage(8, msg, "Path processing failed on policy.");
+		}
+
+		private void CheckMessage(
+			int		index,
+			string	msg,
+			string	expected)
+		{
+			if (!msg.Equals(expected))
+			{
+				Fail("test " + index + " failed got: " + msg + " expected: " + expected);
+			}
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new PkixPolicyMappingTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/PkixTest.cs b/crypto/test/src/test/PkixTest.cs
new file mode 100644
index 000000000..882319610
--- /dev/null
+++ b/crypto/test/src/test/PkixTest.cs
@@ -0,0 +1,248 @@
+using System;
+using System.IO;
+using System.Collections;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+    public class PkixTest
+		: SimpleTest
+    {
+        /*
+         * The following certs and crls are described in:
+         * http://www.ietf.org/internet-drafts/draft-ietf-pkix-new-part1-08.txt
+         *
+         *   This section contains four examples: three certificates and a CRL.
+         *   The first two certificates and the CRL comprise a minimal
+         *   certification path.
+         *
+         *   Section C.1 contains an annotated hex dump of a "self-signed"
+         *   certificate issued by a CA whose distinguished name is
+         *   cn=us,o=gov,ou=nist.  The certificate contains a DSA public key with
+         *   parameters, and is signed by the corresponding DSA private key.
+         *
+         *   Section C.2 contains an annotated hex dump of an end entity
+         *   certificate.  The end entity certificate contains a DSA public key,
+         *   and is signed by the private key corresponding to the "self-signed"
+         *   certificate in section C.1.
+         *
+         *   Section C.3 contains a dump of an end entity certificate which
+         *   contains an RSA public key and is signed with RSA and MD5.  This
+         *   certificate is not part of the minimal certification path.
+         *
+         *   Section C.4 contains an annotated hex dump of a CRL.  The CRL is
+         *   issued by the CA whose distinguished name is cn=us,o=gov,ou=nist and
+         *   the list of revoked certificates includes the end entity certificate
+         *   presented in C.2.
+         */
+
+        /**
+         * C.1  Certificate
+         * 
+            * This section contains an annotated hex dump of a 699 byte version 3
+            * certificate.  The certificate contains the following information:
+            * (a)  the serial number is 23 (17 hex);
+            * (b)  the certificate is signed with DSA and the SHA-1 hash algorithm;
+            * (c)  the issuer's distinguished name is OU=NIST; O=gov; C=US
+            * (d)  and the subject's distinguished name is OU=NIST; O=gov; C=US
+            * (e)  the certificate was issued on June 30, 1997 and will expire on
+            * December 31, 1997;
+            * (f)  the certificate contains a 1024 bit DSA public key with
+            * parameters;
+            * (g)  the certificate contains a subject key identifier extension
+            * generated using method (1) of section 4.2.1.2; and
+            * (h)  the certificate is a CA certificate (as indicated through the
+            * basic constraints extension.)
+         */
+        static byte[] rootCertBin = Hex.Decode(
+            "308202bb3082027ba003020102020111300906072a8648ce380403302a310b30"
+            + "09060355040613025553310c300a060355040a1303676f76310d300b06035504"
+            + "0b13044e495354301e170d3937303633303030303030305a170d393731323331"
+            + "3030303030305a302a310b3009060355040613025553310c300a060355040a13"
+            + "03676f76310d300b060355040b13044e495354308201b83082012c06072a8648"
+            + "ce3804013082011f02818100b68b0f942b9acea525c6f2edfcfb9532ac011233"
+            + "b9e01cad909bbc48549ef394773c2c713555e6fe4f22cbd5d83e8993334dfcbd"
+            + "4f41643ea29870ec31b450deebf198280ac93e44b3fd22979683d018a3e3bd35"
+            + "5bffeea321726a7b96dab93f1e5a90af24d620f00d21a7d402b91afcac21fb9e"
+            + "949e4b42459e6ab24863fe43021500b20db0b101df0c6624fc1392ba55f77d57"
+            + "7481e5028181009abf46b1f53f443dc9a565fb91c08e47f10ac30147c2444236"
+            + "a99281de57c5e0688658007b1ff99b77a1c510a580917851513cf6fcfccc46c6"
+            + "817892843df4933d0c387e1a5b994eab1464f60c21224e28089c92b9669f40e8"
+            + "95f6d5312aef39a262c7b26d9e58c43aa81181846daff8b419b4c211aed0223b"
+            + "aa207fee1e57180381850002818100b59e1f490447d1dbf53addca0475e8dd75"
+            + "f69b8ab197d6596982d3034dfd3b365f4af2d14ec107f5d12ad378776356ea96"
+            + "614d420b7a1dfbab91a4cedeef77c8e5ef20aea62848afbe69c36aa530f2c2b9"
+            + "d9822b7dd9c4841fde0de854d71b992eb3d088f6d6639ba7e20e82d43b8a681b"
+            + "065631590b49eb99a5d581417bc955a3323030301d0603551d0e0416041486ca"
+            + "a5228162efad0a89bcad72412c2949f48656300f0603551d130101ff04053003"
+            + "0101ff300906072a8648ce380403032f00302c0214431bcf292545c04e52e77d"
+            + "d6fcb1664c83cf2d7702140b5b9a241198e8f3869004f608a9e18da5cc3ad4");
+
+
+        /**
+         * C.2  Certificate
+         * 
+            * This section contains an annotated hex dump of a 730 byte version 3
+            * certificate.  The certificate contains the following information:
+            * (a the serial number is 18 (12 hex);
+            * (b)  the certificate is signed with DSA and the SHA-1 hash algorithm;
+            * (c)  the issuer's distinguished name is OU=nist; O=gov; C=US
+            * (d)  and the subject's distinguished name is CN=Tim Polk; OU=nist;
+            * O=gov; C=US
+            * (e)  the certificate was valid from July 30, 1997 through December 1,
+            * 1997;
+            * (f)  the certificate contains a 1024 bit DSA public key;
+            * (g)  the certificate is an end entity certificate, as the basic
+            * constraints extension is not present;
+            * (h)  the certificate contains an authority key identifier extension
+            * matching the subject key identifier of the certificate in Appendix
+            * C.1; and
+            * (i)  the certificate includes one alternative name - an RFC 822
+            * address of "wpolk@nist.gov".
+         */
+        static byte[] userCert1Bin = Hex.Decode(
+            "308202da30820299a003020102020112300906072a8648ce380403302a310b30"
+            + "09060355040613025553310c300a060355040a1303676f76310d300b06035504"
+            + "0b13044e495354301e170d3937303733303030303030305a170d393731323031"
+            + "3030303030305a303d310b3009060355040613025553310c300a060355040a13"
+            + "03676f76310d300b060355040b13044e4953543111300f060355040313085469"
+            + "6d20506f6c6b308201b73082012c06072a8648ce3804013082011f02818100b6"
+            + "8b0f942b9acea525c6f2edfcfb9532ac011233b9e01cad909bbc48549ef39477"
+            + "3c2c713555e6fe4f22cbd5d83e8993334dfcbd4f41643ea29870ec31b450deeb"
+            + "f198280ac93e44b3fd22979683d018a3e3bd355bffeea321726a7b96dab93f1e"
+            + "5a90af24d620f00d21a7d402b91afcac21fb9e949e4b42459e6ab24863fe4302"
+            + "1500b20db0b101df0c6624fc1392ba55f77d577481e5028181009abf46b1f53f"
+            + "443dc9a565fb91c08e47f10ac30147c2444236a99281de57c5e0688658007b1f"
+            + "f99b77a1c510a580917851513cf6fcfccc46c6817892843df4933d0c387e1a5b"
+            + "994eab1464f60c21224e28089c92b9669f40e895f6d5312aef39a262c7b26d9e"
+            + "58c43aa81181846daff8b419b4c211aed0223baa207fee1e5718038184000281"
+            + "8030b675f77c2031ae38bb7e0d2baba09c4bdf20d524133ccd98e55f6cb7c1ba"
+            + "4abaa9958053f00d72dc3337f4010bf5041f9d2e1f62d8843a9b25095a2dc846"
+            + "8e2bd4f50d3bc72dc66cb998c1253a444e8eca9561357cce15315c23131ea205"
+            + "d17a241ccbd3720990ff9b9d28c0a10aec469f0db8d0dcd018a62b5ef98fb595"
+            + "bea33e303c30190603551d1104123010810e77706f6c6b406e6973742e676f76"
+            + "301f0603551d2304183016801486caa5228162efad0a89bcad72412c2949f486"
+            + "56300906072a8648ce380403033000302d02143697cbe3b42ce1bb61a9d3cc24"
+            + "cc22929ff4f587021500abc979afd2161ca9e368a91410b4a02eff225a73");
+
+		/**
+		* C.3  End Entity Certificate Using RSA
+		* 
+		* This section contains an annotated hex dump of a 654 byte version 3
+		* certificate.  The certificate contains the following information:
+		* (a)  the serial number is 256;
+		* (b)  the certificate is signed with RSA and the SHA-1 hash algorithm;
+		* (c)  the issuer's distinguished name is OU=NIST; O=gov; C=US
+		* (d)  and the subject's distinguished name is CN=Tim Polk; OU=NIST;
+		* O=gov; C=US
+		* (e)  the certificate was issued on May 21, 1996 at 09:58:26 and
+		* expired on May 21, 1997 at 09:58:26;
+		* (f)  the certificate contains a 1024 bit RSA public key;
+		* (g)  the certificate is an end entity certificate (not a CA
+		* certificate);
+		* (h)  the certificate includes an alternative subject name of
+		*    "&lt;http://www.itl.nist.gov/div893/staff/polk/index.html&gt;" and an
+		* alternative issuer name of "&lt;http://www.nist.gov/&gt;" - both are URLs;
+		* (i)  the certificate include an authority key identifier extension
+		* and a certificate policies extension psecifying the policy OID
+		* 2.16.840.1.101.3.2.1.48.9; and
+		* (j)  the certificate includes a critical key usage extension
+		* specifying that the public key is intended for verification of
+		* digital signatures.
+		*/
+        static byte[] userCert2Bin = Hex.Decode(
+            "3082028e308201f7a00302010202020100300d06092a864886f70d0101050500"
+            + "302a310b3009060355040613025553310c300a060355040b1303676f76310d30"
+            + "0b060355040a13044e495354301e170d3936303532313039353832365a170d39"
+            + "37303532313039353832365a303d310b3009060355040613025553310c300a06"
+            + "0355040b1303676f76310d300b060355040a13044e4953543111300f06035504"
+            + "03130854696d20506f6c6b30819f300d06092a864886f70d010101050003818d"
+            + "0030818902818100e16ae4033097023cf410f3b51e4d7f147bf6f5d078e9a48a"
+            + "f0a375ecedb656967f8899859af23e687787eb9ed19fc0b417dcab8923a41d7e"
+            + "16234c4fa84df531b87caae31a4909f44b26db2767308212014ae91ab6c10c53"
+            + "8b6cfc2f7a43ec33367e32b27bd5aacf0114c612ec13f22d147a8b215814134c"
+            + "46a39af21695ff230203010001a381af3081ac303f0603551d11043830368634"
+            + "687474703a2f2f7777772e69746c2e6e6973742e676f762f6469763839332f73"
+            + "746166662f706f6c6b2f696e6465782e68746d6c301f0603551d120418301686"
+            + "14687474703a2f2f7777772e6e6973742e676f762f301f0603551d2304183016"
+            + "80140868af8533c8394a7af882938e706a4a20842c3230170603551d20041030"
+            + "0e300c060a60864801650302013009300e0603551d0f0101ff04040302078030"
+            + "0d06092a864886f70d0101050500038181008e8e3656788bbfa13975172ee310"
+            + "dc832b6834521cf66c1d525e5420105e4ca940f94b729e82b961dceb32a5bdb1"
+            + "b148f99b01bbebaf9b83f6528cb06d7cd09a39543e6d206fcdd0debe275f204f"
+            + "b6ab0df5b7e1bab4dfdf3dd4f6ed01fb6ecb9859ac41fb489c1ff65b46e029e2"
+            + "76ecc43a0afc92c5c0d2a9c9d32952876533");
+
+        /**
+         * This section contains an annotated hex dump of a version 2 CRL with
+         * one extension (cRLNumber). The CRL was issued by OU=NIST; O=gov; C=US
+         * on August 7, 1997; the next scheduled issuance was September 7, 1997.
+         * The CRL includes one revoked certificates: serial number 18 (12 hex),
+         * which was revoked on July 31, 1997 due to keyCompromise.  The CRL
+         * itself is number 18, and it was signed with DSA and SHA-1.
+         */
+        static byte[] crlBin = Hex.Decode(
+            "3081cb30818c020101300906072a8648ce380403302a310b3009060355040613025553310c300a060355040a1303676f76310d300b060355040b13044e495354170d3937303830373030303030305a170d3937303930373030303030305a30223020020112170d3937303733313030303030305a300c300a0603551d1504030a0101a00e300c300a0603551d14040302010c300906072a8648ce380403032f00302c0214224e9f43ba950634f2bb5e65dba68005c03a29470214591a57c982d7022114c3d40b321b9616b11f465a");
+
+        public override void PerformTest()
+        {
+            try
+            {
+                X509CertificateParser certParser = new X509CertificateParser();
+                X509CrlParser crlParser = new X509CrlParser();
+
+                X509Certificate rootCert = certParser.ReadCertificate(rootCertBin);
+                X509Certificate userCert1 = certParser.ReadCertificate(userCert1Bin);
+                X509Certificate userCert2 = certParser.ReadCertificate(userCert2Bin);
+
+                X509Crl crl = crlParser.ReadCrl(crlBin);
+
+                rootCert.Verify(rootCert.GetPublicKey());
+                userCert1.Verify(rootCert.GetPublicKey());
+
+                crl.Verify(rootCert.GetPublicKey());
+
+                if (!crl.IsRevoked(userCert1))
+                {
+                    Fail(this.Name + ": usercert1 not revoked.");
+                }
+
+                if (crl.IsRevoked(userCert2))
+                {
+                    Fail(this.Name + ": usercert2 revoked.");
+                }
+
+            }
+            catch (Exception e)
+            {
+                Fail(this.Name + ": exception - " + e.ToString());
+            }
+        }
+
+		public override String Name
+		{
+			get { return "PkixTest"; }
+        }
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new PkixTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/RSATest.cs b/crypto/test/src/test/RSATest.cs
new file mode 100644
index 000000000..a765ff138
--- /dev/null
+++ b/crypto/test/src/test/RSATest.cs
@@ -0,0 +1,685 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class RsaTest
+		: SimpleTest
+	{
+		/**
+		* a fake random number generator - we just want to make sure the random numbers
+		* aren't random so that we get the same output, while still getting to test the
+		* key generation facilities.
+		*/
+		// TODO Use FixedSecureRandom instead?
+		private class MyFixedSecureRandom
+			: SecureRandom
+		{
+			byte[] seed =
+			{
+				(byte)0xaa, (byte)0xfd, (byte)0x12, (byte)0xf6, (byte)0x59,
+				(byte)0xca, (byte)0xe6, (byte)0x34, (byte)0x89, (byte)0xb4,
+				(byte)0x79, (byte)0xe5, (byte)0x07, (byte)0x6d, (byte)0xde,
+				(byte)0xc2, (byte)0xf0, (byte)0x6c, (byte)0xb5, (byte)0x8f
+			};
+
+			public override void NextBytes(
+				byte[] bytes)
+			{
+				int offset = 0;
+
+				while ((offset + seed.Length) < bytes.Length)
+				{
+					seed.CopyTo(bytes, offset);
+					offset += seed.Length;
+				}
+
+				Array.Copy(seed, 0, bytes, offset, bytes.Length - offset);
+			}
+		}
+
+		private static readonly byte[] seed =
+		{
+			(byte)0xaa, (byte)0xfd, (byte)0x12, (byte)0xf6, (byte)0x59,
+			(byte)0xca, (byte)0xe6, (byte)0x34, (byte)0x89, (byte)0xb4,
+			(byte)0x79, (byte)0xe5, (byte)0x07, (byte)0x6d, (byte)0xde,
+			(byte)0xc2, (byte)0xf0, (byte)0x6c, (byte)0xb5, (byte)0x8f
+		};
+
+		private RsaKeyParameters pubKeySpec = new RsaKeyParameters(
+			false,
+			new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+			new BigInteger("11", 16));
+
+		private RsaPrivateCrtKeyParameters privKeySpec = new RsaPrivateCrtKeyParameters(
+			new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+			new BigInteger("11", 16),
+			new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
+			new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
+			new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
+			new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
+			new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
+			new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
+
+		private RsaKeyParameters isoPubKeySpec = new RsaKeyParameters(
+			false,
+			new BigInteger("0100000000000000000000000000000000bba2d15dbb303c8a21c5ebbcbae52b7125087920dd7cdf358ea119fd66fb064012ec8ce692f0a0b8e8321b041acd40b7", 16),
+			new BigInteger("03", 16));
+
+		private RsaKeyParameters isoPrivKeySpec = new RsaKeyParameters(
+			true,
+			new BigInteger("0100000000000000000000000000000000bba2d15dbb303c8a21c5ebbcbae52b7125087920dd7cdf358ea119fd66fb064012ec8ce692f0a0b8e8321b041acd40b7", 16),
+			new BigInteger("2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaac9f0783a49dd5f6c5af651f4c9d0dc9281c96a3f16a85f9572d7cc3f2d0f25a9dbf1149e4cdc32273faadd3fda5dcda7", 16));
+
+		internal static RsaKeyParameters pub2048KeySpec = new RsaKeyParameters(
+			false,
+			new BigInteger("a7295693155b1813bb84877fb45343556e0568043de5910872a3a518cc11e23e2db74eaf4545068c4e3d258a2718fbacdcc3eafa457695b957e88fbf110aed049a992d9c430232d02f3529c67a3419935ea9b569f85b1bcd37de6b899cd62697e843130ff0529d09c97d813cb15f293751ff56f943fbdabb63971cc7f4f6d5bff1594416b1f5907bde5a84a44f9802ef29b43bda1960f948f8afb8766c1ab80d32eec88ed66d0b65aebe44a6d0b3c5e0ab051aaa1b912fbcc17b8e751ddecc5365b6db6dab0020c3057db4013a51213a5798a3aab67985b0f4d88627a54a0f3f0285fbcb4afdfeb65cb153af66825656d43238b75503231500753f4e421e3c57", 16),
+			new BigInteger("10001", 16));
+
+		internal static RsaPrivateCrtKeyParameters priv2048KeySpec = new RsaPrivateCrtKeyParameters(
+			new BigInteger("a7295693155b1813bb84877fb45343556e0568043de5910872a3a518cc11e23e2db74eaf4545068c4e3d258a2718fbacdcc3eafa457695b957e88fbf110aed049a992d9c430232d02f3529c67a3419935ea9b569f85b1bcd37de6b899cd62697e843130ff0529d09c97d813cb15f293751ff56f943fbdabb63971cc7f4f6d5bff1594416b1f5907bde5a84a44f9802ef29b43bda1960f948f8afb8766c1ab80d32eec88ed66d0b65aebe44a6d0b3c5e0ab051aaa1b912fbcc17b8e751ddecc5365b6db6dab0020c3057db4013a51213a5798a3aab67985b0f4d88627a54a0f3f0285fbcb4afdfeb65cb153af66825656d43238b75503231500753f4e421e3c57", 16),
+			new BigInteger("10001", 16),
+			new BigInteger("65dad56ac7df7abb434e4cb5eeadb16093aa6da7f0033aad3815289b04757d32bfee6ade7749c8e4a323b5050a2fb9e2a99e23469e1ed4ba5bab54336af20a5bfccb8b3424cc6923db2ffca5787ed87aa87aa614cd04cedaebc8f623a2d2063017910f436dff18bb06f01758610787f8b258f0a8efd8bd7de30007c47b2a1031696c7d6523bc191d4d918927a7e0b09584ed205bd2ff4fc4382678df82353f7532b3bbb81d69e3f39070aed3fb64fce032a089e8e64955afa5213a6eb241231bd98d702fba725a9b205952fda186412d9e0d9344d2998c455ad8c2bae85ee672751466d5288304032b5b7e02f7e558c7af82c7fbf58eea0bb4ef0f001e6cd0a9", 16),
+			new BigInteger("d4fd9ac3474fb83aaf832470643609659e511b322632b239b688f3cd2aad87527d6cf652fb9c9ca67940e84789444f2e99b0cb0cfabbd4de95396106c865f38e2fb7b82b231260a94df0e01756bf73ce0386868d9c41645560a81af2f53c18e4f7cdf3d51d80267372e6e0216afbf67f655c9450769cca494e4f6631b239ce1b", 16),
+			new BigInteger("c8eaa0e2a1b3a4412a702bccda93f4d150da60d736c99c7c566fdea4dd1b401cbc0d8c063daaf0b579953d36343aa18b33dbf8b9eae94452490cc905245f8f7b9e29b1a288bc66731a29e1dd1a45c9fd7f8238ff727adc49fff73991d0dc096206b9d3a08f61e7462e2b804d78cb8c5eccdb9b7fbd2ad6a8fea46c1053e1be75", 16),
+			new BigInteger("10edcb544421c0f9e123624d1099feeb35c72a8b34e008ac6fa6b90210a7543f293af4e5299c8c12eb464e70092805c7256e18e5823455ba0f504d36f5ccacac1b7cd5c58ff710f9c3f92646949d88fdd1e7ea5fed1081820bb9b0d2a8cd4b093fecfdb96dabd6e28c3a6f8c186dc86cddc89afd3e403e0fcf8a9e0bcb27af0b", 16),
+			new BigInteger("97fc25484b5a415eaa63c03e6efa8dafe9a1c8b004d9ee6e80548fefd6f2ce44ee5cb117e77e70285798f57d137566ce8ea4503b13e0f1b5ed5ca6942537c4aa96b2a395782a4cb5b58d0936e0b0fa63b1192954d39ced176d71ef32c6f42c84e2e19f9d4dd999c2151b032b97bd22aa73fd8c5bcd15a2dca4046d5acc997021", 16),
+			new BigInteger("4bb8064e1eff7e9efc3c4578fcedb59ca4aef0993a8312dfdcb1b3decf458aa6650d3d0866f143cbf0d3825e9381181170a0a1651eefcd7def786b8eb356555d9fa07c85b5f5cbdd74382f1129b5e36b4166b6cc9157923699708648212c484958351fdc9cf14f218dbe7fbf7cbd93a209a4681fe23ceb44bab67d66f45d1c9d", 16));
+
+		public override void PerformTest()
+		{
+			byte[] input = new byte[]
+			{ (byte)0x54, (byte)0x85, (byte)0x9b, (byte)0x34, (byte)0x2c, (byte)0x49, (byte)0xea, (byte)0x2a };
+			byte[][] output = new byte[][]
+			{
+				Hex.Decode("8b427f781a2e59dd9def386f1956b996ee07f48c96880e65a368055ed8c0a8831669ef7250b40918b2b1d488547e72c84540e42bd07b03f14e226f04fbc2d929"),
+				Hex.Decode("2ec6e1a1711b6c7b8cd3f6a25db21ab8bb0a5f1d6df2ef375fa708a43997730ffc7c98856dbbe36edddcdd1b2d2a53867d8355af94fea3aeec128da908e08f4c"),
+				Hex.Decode("0850ac4e5a8118323200c8ed1e5aaa3d5e635172553ccac66a8e4153d35c79305c4440f11034ab147fccce21f18a50cf1c0099c08a577eb68237a91042278965"),
+				Hex.Decode("1c9649bdccb51056751fe43837f4eb43bada472accf26f65231666d5de7d11950d8379b3596dfdf75c6234274896fa8d18ad0865d3be2ac4d6687151abdf01e93941dcef18fa63186c9351d1506c89d09733c5ff4304208c812bdd21a50f56fde115e629e0e973721c9fcc87e89295a79853dee613962a0b2f2fc57163fd99057a3c776f13c20c26407eb8863998d7e53b543ba8d0a295a9a68d1a149833078c9809ad6a6dad7fc22a95ad615a73138c54c018f40d99bf8eeecd45f5be526f2d6b01aeb56381991c1ab31a2e756f15e052b9cd5638b2eff799795c5bae493307d5eb9f8c21d438de131fe505a4e7432547ab19224094f9e4be1968bd0793b79d"),
+				Hex.Decode("4c4afc0c24dddaedd4f9a3b23be30d35d8e005ffd36b3defc5d18acc830c3ed388ce20f43a00e614fd087c814197bc9fc2eff9ad4cc474a7a2ef3ed9c0f0a55eb23371e41ee8f2e2ed93ea3a06ca482589ab87e0d61dcffda5eea1241408e43ea1108726cdb87cc3aa5e9eaaa9f72507ca1352ac54a53920c94dccc768147933d8c50aefd9d1da10522a40133cd33dbc0524669e70f771a88d65c4716d471cd22b08b9f01f24e4e9fc7ffbcfa0e0a7aed47b345826399b26a73be112eb9c5e06fc6742fc3d0ef53d43896403c5105109cfc12e6deeaf4a48ba308e039774b9bdb31a9b9e133c81c321630cf0b4b2d1f90717b24c3268e1fea681ea9cdc709342"),
+				Hex.Decode("06b5b26bd13515f799e5e37ca43cace15cd82fd4bf36b25d285a6f0998d97c8cb0755a28f0ae66618b1cd03e27ac95eaaa4882bc6dc0078cd457d4f7de4154173a9c7a838cfc2ac2f74875df462aae0cfd341645dc51d9a01da9bdb01507f140fa8a016534379d838cc3b2a53ac33150af1b242fc88013cb8d914e66c8182864ee6de88ce2879d4c05dd125409620a96797c55c832fb2fb31d4310c190b8ed2c95fdfda2ed87f785002faaec3f35ec05cf70a3774ce185e4882df35719d582dd55ac31257344a9cba95189dcbea16e8c6cb7a235a0384bc83b6183ca8547e670fe33b1b91725ae0c250c9eca7b5ba78bd77145b70270bf8ac31653006c02ca9c"),
+				Hex.Decode("135f1be3d045526235bf9d5e43499d4ee1bfdf93370769ae56e85dbc339bc5b7ea3bee49717497ee8ac3f7cd6adb6fc0f17812390dcd65ac7b87fef7970d9ff9"),
+				Hex.Decode("03c05add1e030178c352face07cafc9447c8f369b8f95125c0d311c16b6da48ca2067104cce6cd21ae7b163cd18ffc13001aecebdc2eb02b9e92681f84033a98"),
+				Hex.Decode("00319bb9becb49f3ed1bca26d0fcf09b0b0a508e4d0bd43b350f959b72cd25b3af47d608fdcd248eada74fbe19990dbeb9bf0da4b4e1200243a14e5cab3f7e610c")
+			};
+			SecureRandom rand = new MyFixedSecureRandom();
+
+//			KeyFactory fact = KeyFactory.GetInstance("RSA");
+//
+//			PrivateKey  privKey = fact.generatePrivate(privKeySpec);
+//			PublicKey   pubKey = fact.generatePublic(pubKeySpec);
+			AsymmetricKeyParameter privKey = privKeySpec;
+			AsymmetricKeyParameter pubKey = pubKeySpec;
+
+//			PrivateKey  priv2048Key = fact.generatePrivate(priv2048KeySpec);
+//			PublicKey   pub2048Key = fact.generatePublic(pub2048KeySpec);
+			AsymmetricKeyParameter priv2048Key = priv2048KeySpec;
+			AsymmetricKeyParameter pub2048Key = pub2048KeySpec;
+
+			//
+			// No Padding
+			//
+//			Cipher c = Cipher.GetInstance("RSA");
+			IBufferedCipher c = CipherUtilities.GetCipher("RSA");
+
+//			c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
+			c.Init(true, pubKey);// new ParametersWithRandom(pubKey, rand));
+
+			byte[] outBytes = c.DoFinal(input);
+
+			if (!AreEqual(outBytes, output[0]))
+			{
+				Fail("NoPadding test failed on encrypt expected " + Hex.ToHexString(output[0]) + " got " + Hex.ToHexString(outBytes));
+			}
+
+//			c.init(Cipher.DECRYPT_MODE, privKey);
+			c.Init(false, privKey);
+
+			outBytes = c.DoFinal(outBytes);
+
+			if (!AreEqual(outBytes, input))
+			{
+				Fail("NoPadding test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
+			}
+
+			//
+			// No Padding - incremental
+			//
+//			c = Cipher.GetInstance("RSA");
+			c = CipherUtilities.GetCipher("RSA");
+
+//			c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
+			c.Init(true, pubKey);// new ParametersWithRandom(pubKey, rand));
+
+			c.ProcessBytes(input);
+
+			outBytes = c.DoFinal();
+
+			if (!AreEqual(outBytes, output[0]))
+			{
+				Fail("NoPadding test failed on encrypt expected " + Hex.ToHexString(output[0]) + " got " + Hex.ToHexString(outBytes));
+			}
+
+//			c.init(Cipher.DECRYPT_MODE, privKey);
+			c.Init(false, privKey);
+
+			outBytes = c.DoFinal(outBytes);
+
+			if (!AreEqual(outBytes, input))
+			{
+				Fail("NoPadding test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
+			}
+
+			//
+			// No Padding - incremental - explicit use of NONE in mode.
+			//
+			c = CipherUtilities.GetCipher("RSA/NONE/NoPadding");
+
+//			c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
+			c.Init(true, pubKey);// new ParametersWithRandom(pubKey, rand));
+			
+			c.ProcessBytes(input);
+
+			outBytes = c.DoFinal();
+
+			if (!AreEqual(outBytes, output[0]))
+			{
+				Fail("NoPadding test failed on encrypt expected " + Hex.ToHexString(output[0]) + " got " + Hex.ToHexString(outBytes));
+			}
+			
+//			c.init(Cipher.DECRYPT_MODE, privKey);
+			c.Init(false, privKey);
+			
+			outBytes = c.DoFinal(outBytes);
+
+			if (!AreEqual(outBytes, input))
+			{
+				Fail("NoPadding test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
+			}
+
+			//
+			// No Padding - maximum.Length
+			//
+			c = CipherUtilities.GetCipher("RSA");
+
+			byte[] modBytes = ((RsaKeyParameters) pubKey).Modulus.ToByteArray();
+
+			byte[] maxInput = new byte[modBytes.Length - 1];
+
+			maxInput[0] |= 0x7f;
+
+			c.Init(true, pubKey);// new ParametersWithRandom(pubKey, rand));
+
+			outBytes = c.DoFinal(maxInput);
+
+			c.Init(false, privKey);
+
+			outBytes = c.DoFinal(outBytes);
+
+			if (!AreEqual(outBytes, maxInput))
+			{
+				Fail("NoPadding test failed on decrypt expected "
+					+ Hex.ToHexString(maxInput) + " got "
+					+ Hex.ToHexString(outBytes));
+			}
+
+			//
+			// PKCS1 V 1.5
+			//
+			c = CipherUtilities.GetCipher("RSA//PKCS1Padding");
+
+			c.Init(true, new ParametersWithRandom(pubKey, rand));
+
+			outBytes = c.DoFinal(input);
+
+			if (!AreEqual(outBytes, output[1]))
+			{
+				Fail("PKCS1 test failed on encrypt expected " + Hex.ToHexString(output[1]) + " got " + Hex.ToHexString(outBytes));
+			}
+
+			c.Init(false, privKey);
+
+			outBytes = c.DoFinal(outBytes);
+
+			if (!AreEqual(outBytes, input))
+			{
+				Fail("PKCS1 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
+			}
+
+			//
+			// PKCS1 V 1.5 - NONE
+			//
+			c = CipherUtilities.GetCipher("RSA/NONE/PKCS1Padding");
+
+			c.Init(true, new ParametersWithRandom(pubKey, rand));
+
+			outBytes = c.DoFinal(input);
+
+			if (!AreEqual(outBytes, output[1]))
+			{
+				Fail("PKCS1 test failed on encrypt expected " + Hex.ToHexString(output[1]) + " got " + Hex.ToHexString(outBytes));
+			}
+
+			c.Init(false, privKey);
+
+			outBytes = c.DoFinal(outBytes);
+
+			if (!AreEqual(outBytes, input))
+			{
+				Fail("PKCS1 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
+			}
+			
+			//
+			// OAEP - SHA1
+			//
+			c = CipherUtilities.GetCipher("RSA/NONE/OAEPPadding");
+
+			c.Init(true, new ParametersWithRandom(pubKey, rand));
+
+			outBytes = c.DoFinal(input);
+
+			if (!AreEqual(outBytes, output[2]))
+			{
+				Fail("OAEP test failed on encrypt expected " + Hex.ToHexString(output[2]) + " got " + Hex.ToHexString(outBytes));
+			}
+
+			c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA1AndMGF1Padding");
+
+			c.Init(false, privKey);
+
+			outBytes = c.DoFinal(outBytes);
+
+			if (!AreEqual(outBytes, input))
+			{
+				Fail("OAEP test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
+			}
+
+	        // TODO
+//			AlgorithmParameters oaepP = c.getParameters();
+	        byte[] rop = new RsaesOaepParameters(
+					new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance),
+					new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance)),
+					new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[0]))).GetEncoded();
+
+//			if (!AreEqual(oaepP.getEncoded(), rop.getEncoded()))
+//			{
+//				Fail("OAEP test failed default sha-1 parameters");
+//			}
+
+			//
+			// OAEP - SHA224
+			//
+			c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA224AndMGF1Padding");
+
+			c.Init(true, new ParametersWithRandom(pub2048Key, rand));
+
+			outBytes = c.DoFinal(input);
+
+			if (!AreEqual(outBytes, output[3]))
+			{
+				Fail("OAEP SHA-224 test failed on encrypt expected " + Hex.ToHexString(output[2]) + " got " + Hex.ToHexString(outBytes));
+			}
+
+			c.Init(false, priv2048Key);
+
+			outBytes = c.DoFinal(outBytes);
+
+			if (!AreEqual(outBytes, input))
+			{
+				Fail("OAEP SHA-224 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
+			}
+
+//			oaepP = c.getParameters();
+			rop = new RsaesOaepParameters(
+				new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance),
+				new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance)),
+				new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[0]))).GetEncoded();
+
+//			if (!AreEqual(oaepP.getEncoded(), rop.getEncoded())
+//			{
+//				Fail("OAEP test failed default sha-224 parameters");
+//			}
+
+			//
+			// OAEP - SHA 256
+			//
+			c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA256AndMGF1Padding");
+
+			c.Init(true, new ParametersWithRandom(pub2048Key, rand));
+
+			outBytes = c.DoFinal(input);
+
+			if (!AreEqual(outBytes, output[4]))
+			{
+				Fail("OAEP SHA-256 test failed on encrypt expected " + Hex.ToHexString(output[2]) + " got " + Hex.ToHexString(outBytes));
+			}
+
+			c.Init(false, priv2048Key);
+
+			outBytes = c.DoFinal(outBytes);
+
+			if (!AreEqual(outBytes, input))
+			{
+				Fail("OAEP SHA-256 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
+			}
+
+//			oaepP = c.getParameters();
+			rop = new RsaesOaepParameters(
+				new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance),
+				new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance)),
+				new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[0]))).GetEncoded();
+
+//			if (!AreEqual(oaepP.getEncoded(), rop.getEncoded())
+//			{
+//				Fail("OAEP test failed default sha-256 parameters");
+//			}
+
+			//
+			// OAEP - SHA 384
+			//
+			c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA384AndMGF1Padding");
+
+			c.Init(true, new ParametersWithRandom(pub2048Key, rand));
+
+			outBytes = c.DoFinal(input);
+
+			if (!AreEqual(outBytes, output[5]))
+			{
+				Fail("OAEP SHA-384 test failed on encrypt expected " + Hex.ToHexString(output[2]) + " got " + Hex.ToHexString(outBytes));
+			}
+
+			c.Init(false, priv2048Key);
+
+			outBytes = c.DoFinal(outBytes);
+
+			if (!AreEqual(outBytes, input))
+			{
+				Fail("OAEP SHA-384 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
+			}
+
+//			oaepP = c.getParameters();
+			rop = new RsaesOaepParameters(
+				new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance),
+				new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance)),
+				new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[0]))).GetEncoded();
+
+//			if (!AreEqual(oaepP.getEncoded(), rop.getEncoded())
+//			{
+//				Fail("OAEP test failed default sha-384 parameters");
+//			}
+
+			//
+			// OAEP - MD5
+			//
+			c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithMD5AndMGF1Padding");
+
+			c.Init(true, new ParametersWithRandom(pubKey, rand));
+
+			outBytes = c.DoFinal(input);
+
+			if (!AreEqual(outBytes, output[6]))
+			{
+				Fail("OAEP MD5 test failed on encrypt expected " + Hex.ToHexString(output[2]) + " got " + Hex.ToHexString(outBytes));
+			}
+
+			c.Init(false, privKey);
+
+			outBytes = c.DoFinal(outBytes);
+
+			if (!AreEqual(outBytes, input))
+			{
+				Fail("OAEP MD5 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
+			}
+
+//			oaepP = c.getParameters();
+			rop = new RsaesOaepParameters(
+				new AlgorithmIdentifier(PkcsObjectIdentifiers.MD5, DerNull.Instance),
+				new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(PkcsObjectIdentifiers.MD5, DerNull.Instance)),
+				new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[0]))).GetEncoded();
+
+//			if (!AreEqual(oaepP.getEncoded(), rop.getEncoded())
+//			{
+//				Fail("OAEP test failed default md5 parameters");
+//			}
+
+			//
+			// OAEP - SHA1 with default parameters
+			//
+			c = CipherUtilities.GetCipher("RSA/NONE/OAEPPadding");
+
+			// TODO
+//			c.init(Cipher.ENCRYPT_MODE, pubKey, OAEPParameterSpec.DEFAULT, rand);
+//
+//			outBytes = c.DoFinal(input);
+//
+//			if (!AreEqual(outBytes, output[2]))
+//			{
+//				Fail("OAEP test failed on encrypt expected " + Encoding.ASCII.GetString(Hex.Encode(output[2])) + " got " + Encoding.ASCII.GetString(Hex.Encode(outBytes)));
+//			}
+//
+//			c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA1AndMGF1Padding");
+//
+//			c.Init(false, privKey);
+//
+//			outBytes = c.DoFinal(outBytes);
+//
+//			if (!AreEqual(outBytes, input))
+//			{
+//				Fail("OAEP test failed on decrypt expected " + Encoding.ASCII.GetString(Hex.Encode(input)) + " got " + Encoding.ASCII.GetString(Hex.Encode(outBytes)));
+//			}
+//
+//			oaepP = c.getParameters();
+//
+//			if (!AreEqual(oaepP.getEncoded(), new byte[] { 0x30, 0x00 }))
+//			{
+//				Fail("OAEP test failed default parameters");
+//			}
+
+			//
+			// OAEP - SHA1 with specified string
+			//
+			c = CipherUtilities.GetCipher("RSA/NONE/OAEPPadding");
+
+			// TODO
+//			c.init(Cipher.ENCRYPT_MODE, pubKey, new OAEPParameterSpec("SHA1", "MGF1", new MGF1ParameterSpec("SHA1"), new PSource.PSpecified(new byte[] { 1, 2, 3, 4, 5 })), rand);
+//
+//			outBytes = c.DoFinal(input);
+//
+//			oaepP = c.getParameters();
+			rop = new RsaesOaepParameters(
+				new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance),
+				new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance)),
+				new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[] { 1, 2, 3, 4, 5 }))).GetEncoded();
+
+//			if (!AreEqual(oaepP.getEncoded())
+//			{
+//				Fail("OAEP test failed changed sha-1 parameters");
+//			}
+//
+//			if (!AreEqual(outBytes, output[7]))
+//			{
+//				Fail("OAEP test failed on encrypt expected " + Encoding.ASCII.GetString(Hex.Encode(output[2])) + " got " + Encoding.ASCII.GetString(Hex.Encode(outBytes)));
+//			}
+
+			c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA1AndMGF1Padding");
+
+	        // TODO
+//			c.init(Cipher.DECRYPT_MODE, privKey, oaepP);
+//
+//			outBytes = c.DoFinal(outBytes);
+//
+//			if (!AreEqual(outBytes, input))
+//			{
+//				Fail("OAEP test failed on decrypt expected " + Encoding.ASCII.GetString(Hex.Encode(input)) + " got " + Encoding.ASCII.GetString(Hex.Encode(outBytes)));
+//			}
+
+			//
+			// iso9796-1
+			//
+			byte[] isoInput =  Hex.Decode("fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210");
+//			PrivateKey  isoPrivKey = fact.generatePrivate(isoPrivKeySpec);
+//			PublicKey   isoPubKey = fact.generatePublic(isoPubKeySpec);
+			AsymmetricKeyParameter isoPrivKey = isoPrivKeySpec;
+			AsymmetricKeyParameter isoPubKey = isoPubKeySpec;
+
+			c = CipherUtilities.GetCipher("RSA/NONE/ISO9796-1Padding");
+
+			c.Init(true, isoPrivKey);
+
+			outBytes = c.DoFinal(isoInput);
+
+			if (!AreEqual(outBytes, output[8]))
+			{
+				Fail("ISO9796-1 test failed on encrypt expected " + Hex.ToHexString(output[3]) + " got " + Hex.ToHexString(outBytes));
+			}
+
+			c.Init(false, isoPubKey);
+
+			outBytes = c.DoFinal(outBytes);
+
+			if (!AreEqual(outBytes, isoInput))
+			{
+				Fail("ISO9796-1 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
+			}
+
+			//
+			//
+			// generation with parameters test.
+			//
+			IAsymmetricCipherKeyPairGenerator keyPairGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
+
+			//
+			// 768 bit RSA with e = 2^16-1
+			//
+			keyPairGen.Init(
+				new RsaKeyGenerationParameters(
+					BigInteger.ValueOf(0x10001),
+					new SecureRandom(),
+					768,
+					25));
+
+			AsymmetricCipherKeyPair kp = keyPairGen.GenerateKeyPair();
+
+			pubKey = kp.Public;
+			privKey = kp.Private;
+
+			c.Init(true, new ParametersWithRandom(pubKey, rand));
+
+			outBytes = c.DoFinal(input);
+
+			c.Init(false, privKey);
+
+			outBytes = c.DoFinal(outBytes);
+
+			if (!AreEqual(outBytes, input))
+			{
+				Fail("key generation test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes));
+			}
+
+			//
+			// comparison check
+			//
+//			KeyFactory keyFact = KeyFactory.GetInstance("RSA");
+//
+//			RSAPrivateCrtKey crtKey = (RSAPrivateCrtKey)keyFact.translateKey(privKey);
+			RsaPrivateCrtKeyParameters crtKey = (RsaPrivateCrtKeyParameters) privKey;
+
+			if (!privKey.Equals(crtKey))
+			{
+				Fail("private key equality check failed");
+			}
+
+//			RSAPublicKey copyKey = (RSAPublicKey)keyFact.translateKey(pubKey);
+			RsaKeyParameters copyKey = (RsaKeyParameters) pubKey;
+
+			if (!pubKey.Equals(copyKey))
+			{
+				Fail("public key equality check failed");
+			}
+
+			SecureRandom random = new SecureRandom();
+			rawModeTest("SHA1withRSA", X509ObjectIdentifiers.IdSha1, priv2048Key, pub2048Key, random);
+			rawModeTest("MD5withRSA", PkcsObjectIdentifiers.MD5, priv2048Key, pub2048Key, random);
+			rawModeTest("RIPEMD128withRSA", TeleTrusTObjectIdentifiers.RipeMD128, priv2048Key, pub2048Key, random);
+		}
+		
+		private void rawModeTest(string sigName, DerObjectIdentifier digestOID,
+			AsymmetricKeyParameter privKey, AsymmetricKeyParameter pubKey, SecureRandom random)
+		{
+			byte[] sampleMessage = new byte[1000 + random.Next() % 100];
+			random.NextBytes(sampleMessage);
+
+			ISigner normalSig = SignerUtilities.GetSigner(sigName);
+			normalSig.Init(true, privKey);
+			normalSig.BlockUpdate(sampleMessage, 0, sampleMessage.Length);
+			byte[] normalResult = normalSig.GenerateSignature();
+			
+			byte[] hash = DigestUtilities.CalculateDigest(digestOID.Id, sampleMessage);
+			byte[] digInfo = derEncode(digestOID, hash);
+			
+			ISigner rawSig = SignerUtilities.GetSigner("RSA");
+			rawSig.Init(true, privKey);
+			rawSig.BlockUpdate(digInfo, 0, digInfo.Length);
+			byte[] rawResult = rawSig.GenerateSignature();
+			
+			if (!Arrays.AreEqual(normalResult, rawResult))
+			{
+				Fail("raw mode signature differs from normal one");
+			}
+
+			rawSig.Init(false, pubKey);
+			rawSig.BlockUpdate(digInfo, 0, digInfo.Length);
+
+			if (!rawSig.VerifySignature(rawResult))
+			{
+				Fail("raw mode signature verification failed");
+			}
+		}
+
+		private byte[] derEncode(DerObjectIdentifier oid, byte[] hash)
+		{
+			AlgorithmIdentifier algId = new AlgorithmIdentifier(oid, DerNull.Instance);
+			DigestInfo dInfo = new DigestInfo(algId, hash);
+
+			return dInfo.GetEncoded(Asn1Encodable.Der);
+		}
+		
+		public override string Name
+		{
+			get { return "RSATest"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new RsaTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/RegressionTest.cs b/crypto/test/src/test/RegressionTest.cs
new file mode 100644
index 000000000..0ffde72e4
--- /dev/null
+++ b/crypto/test/src/test/RegressionTest.cs
@@ -0,0 +1,80 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+    public class RegressionTest
+    {
+		// These tests were ported from org.bouncycastle.jce.provider.test in Java build
+        public static ITest[] tests = new ITest[]
+		{
+			new FipsDesTest(),
+			new DesEdeTest(),
+			new AesTest(),
+			new CamelliaTest(),
+			new SeedTest(),
+			new AesSicTest(),
+			new Gost28147Test(),
+			new PbeTest(),
+			new BlockCipherTest(),
+			new MacTest(),
+			new HMacTest(),
+//			new SealedTest(),
+			new RsaTest(),
+			new DHTest(),
+			new DsaTest(),
+//			new ImplicitlyCaTest(),
+			new ECNRTest(),
+			new ECDsa5Test(),
+			new Gost3410Test(),
+			new ElGamalTest(),
+			new IesTest(),
+			new SigTest(),
+			new AttrCertTest(),
+			new CertTest(),
+			new Pkcs10CertRequestTest(),
+			new EncryptedPrivateKeyInfoTest(),  // Also in Org.BouncyCastle.Pkcs.Tests
+//			new KeyStoreTest(),
+//			new Pkcs12StoreTest(), // Already in Org.BouncyCastle.Pkcs.Tests
+			new DigestTest(),
+			new PssTest(),
+			new WrapTest(),
+//			new DoFinalTest(),
+			new CipherStreamTest(),
+			new NamedCurveTest(),
+			new PkixTest(),
+//			new NetscapeCertRequestTest(),
+			new X509StoreTest(),
+//			new X509StreamParserTest(),
+			new X509CertificatePairTest(),
+			new CertPathTest(),
+//			new CertStoreTest(),
+			new CertPathValidatorTest(),
+			new CertPathBuilderTest(),
+			new ECEncodingTest(),
+//			new AlgorithmParametersTest(),
+			new NistCertPathTest(),
+			new PkixPolicyMappingTest(),
+//			new SlotTwoTest(),
+			new PkixNameConstraintsTest(),
+			new NoekeonTest(),
+			new AttrCertSelectorTest(),
+//			new SerialisationTest(),
+			new MqvTest(),
+			new CMacTest(),
+			new Crl5Test(),
+		};
+
+		public static void Main(
+            string[] args)
+        {
+            for (int i = 0; i != tests.Length; i++)
+            {
+                ITestResult result = tests[i].Perform();
+
+				Console.WriteLine(result);
+            }
+		}
+    }
+}
diff --git a/crypto/test/src/test/SEEDTest.cs b/crypto/test/src/test/SEEDTest.cs
new file mode 100644
index 000000000..2b380d5b7
--- /dev/null
+++ b/crypto/test/src/test/SEEDTest.cs
@@ -0,0 +1,190 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Kisa;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Tests
+{
+	/// <summary>Basic test class for SEED</summary>
+	[TestFixture]
+	public class SeedTest
+		: BaseBlockCipherTest
+	{
+		internal static readonly string[] cipherTests =
+		{
+			"128",
+			"28DBC3BC49FFD87DCFA509B11D422BE7",
+			"B41E6BE2EBA84A148E2EED84593C5EC7",
+			"9B9B7BFCD1813CB95D0B3618F40F5122"
+		};
+
+		public SeedTest()
+			: base("SEED")
+		{
+		}
+
+		[Test]
+		public void TestCiphers()
+		{
+			for (int i = 0; i != cipherTests.Length; i += 4)
+			{
+				doCipherTest(int.Parse(cipherTests[i]),
+					Hex.Decode(cipherTests[i + 1]),
+					Hex.Decode(cipherTests[i + 2]),
+					Hex.Decode(cipherTests[i + 3]));
+			}
+		}
+
+		[Test]
+		public void TestWrap()
+		{
+			byte[] kek1 = Hex.Decode("000102030405060708090a0b0c0d0e0f");
+			byte[] in1 = Hex.Decode("00112233445566778899aabbccddeeff");
+			byte[] out1 = Hex.Decode("bf71f77138b5afea05232a8dad54024e812dc8dd7d132559");
+
+			wrapTest(1, "SEEDWrap", kek1, in1, out1);
+		}
+
+		[Test]
+		public void TestOids()
+		{
+			string[] oids = {
+				KisaObjectIdentifiers.IdSeedCbc.Id
+			};
+
+			string[] names = {
+				"SEED/CBC/PKCS7Padding"
+			};
+
+			oidTest(oids, names, 1);
+		}
+
+		[Test]
+		public void TestWrapOids()
+		{
+			string[] wrapOids = {
+				KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap.Id
+			};
+
+			wrapOidTest(wrapOids, "SEEDWrap");
+		}
+
+		public void doCipherTest(
+			int		strength,
+			byte[]	keyBytes,
+			byte[]	input,
+			byte[]	output)
+		{
+			KeyParameter key = ParameterUtilities.CreateKeyParameter("SEED", keyBytes);
+
+			IBufferedCipher inCipher = CipherUtilities.GetCipher("SEED/ECB/NoPadding");
+			IBufferedCipher outCipher = CipherUtilities.GetCipher("SEED/ECB/NoPadding");
+
+			try
+			{
+				outCipher.Init(true, key);
+			}
+			catch (Exception e)
+			{
+				Fail("SEED failed initialisation - " + e.ToString(), e);
+			}
+
+			try
+			{
+				inCipher.Init(false, key);
+			}
+			catch (Exception e)
+			{
+				Fail("SEED failed initialisation - " + e.ToString(), e);
+			}
+
+			//
+			// encryption pass
+			//
+			MemoryStream bOut = new MemoryStream();
+			CipherStream cOut = new CipherStream(bOut, null, outCipher);
+
+			try
+			{
+				for (int i = 0; i != input.Length / 2; i++)
+				{
+					cOut.WriteByte(input[i]);
+				}
+				cOut.Write(input, input.Length / 2, input.Length - input.Length / 2);
+				cOut.Close();
+			}
+			catch (IOException e)
+			{
+				Fail("SEED failed encryption - " + e.ToString(), e);
+			}
+
+			byte[] bytes = bOut.ToArray();
+
+			if (!AreEqual(bytes, output))
+			{
+				Fail("SEED failed encryption - expected "
+					+ Hex.ToHexString(output) + " got "
+					+ Hex.ToHexString(bytes));
+			}
+
+			//
+			// decryption pass
+			//
+			MemoryStream bIn = new MemoryStream(bytes, false);
+			CipherStream cIn = new CipherStream(bIn, inCipher, null);
+
+			try
+			{
+//				DataInputStream dIn = new DataInputStream(cIn);
+				BinaryReader dIn = new BinaryReader(cIn);
+
+				bytes = new byte[input.Length];
+
+				for (int i = 0; i != input.Length / 2; i++)
+				{
+//					bytes[i] = (byte)dIn.read();
+					bytes[i] = dIn.ReadByte();
+				}
+
+				int remaining = bytes.Length - input.Length / 2;
+//				dIn.readFully(bytes, input.Length / 2, remaining);
+				byte[] extra = dIn.ReadBytes(remaining);
+				if (extra.Length < remaining)
+					throw new EndOfStreamException();
+				extra.CopyTo(bytes, input.Length / 2);
+			}
+			catch (Exception e)
+			{
+				Fail("SEED failed encryption - " + e.ToString(), e);
+			}
+
+			if (!AreEqual(bytes, input))
+			{
+				Fail("SEED failed decryption - expected "
+					+ Hex.ToHexString(input) + " got "
+					+ Hex.ToHexString(bytes));
+			}
+		}
+
+		public override void PerformTest()
+		{
+			TestCiphers();
+			TestWrap();
+			TestOids();
+			TestWrapOids();
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new SeedTest());
+		}
+	}
+}
diff --git a/crypto/test/src/test/SigTest.cs b/crypto/test/src/test/SigTest.cs
new file mode 100644
index 000000000..803a24493
--- /dev/null
+++ b/crypto/test/src/test/SigTest.cs
@@ -0,0 +1,378 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class SigTest
+		: SimpleTest
+	{
+		/**
+		 * signature with a "forged signature" (sig block not at end of plain text)
+		 */
+		private void doTestBadSig(
+			AsymmetricKeyParameter	priv,
+			AsymmetricKeyParameter	pub)
+		{
+			IDigest sha1 = DigestUtilities.GetDigest("SHA1");
+			IBufferedCipher signer = CipherUtilities.GetCipher("RSA//PKCS1Padding");
+
+			signer.Init(true, priv);
+
+			byte[] block = new byte[signer.GetBlockSize()];
+
+			sha1.Update((byte)0);
+
+			byte[] sigHeader = Hex.Decode("3021300906052b0e03021a05000414");
+			Array.Copy(sigHeader, 0, block, 0, sigHeader.Length);
+
+//			byte[] dig = sha1.digest();
+			byte[] dig = DigestUtilities.DoFinal(sha1);
+
+			Array.Copy(dig, 0, block, sigHeader.Length, dig.Length);
+
+			Array.Copy(sigHeader, 0, block,
+				sigHeader.Length + dig.Length, sigHeader.Length);
+
+			byte[] sig = signer.DoFinal(block);
+
+			ISigner verifier = SignerUtilities.GetSigner("SHA1WithRSA");
+
+			verifier.Init(false, pub);
+
+			verifier.Update((byte)0);
+
+			if (verifier.VerifySignature(sig))
+			{
+				Fail("bad signature passed");
+			}
+		}
+
+		public override void PerformTest()
+		{
+			ISigner sig = SignerUtilities.GetSigner("SHA1WithRSAEncryption");
+
+			byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
+
+			IAsymmetricCipherKeyPairGenerator fact = GeneratorUtilities.GetKeyPairGenerator("RSA");
+			fact.Init(
+				new RsaKeyGenerationParameters(
+					BigInteger.ValueOf(0x10001),
+					new SecureRandom(),
+					768,
+					25));
+
+			AsymmetricCipherKeyPair keyPair = fact.GenerateKeyPair();
+
+			AsymmetricKeyParameter signingKey = keyPair.Private;
+			AsymmetricKeyParameter verifyKey = keyPair.Public;
+
+			doTestBadSig(signingKey, verifyKey);
+
+			sig.Init(true, signingKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			byte[] sigBytes = sig.GenerateSignature();
+
+			sig.Init(false, verifyKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			if (!sig.VerifySignature(sigBytes))
+			{
+				Fail("SHA1 verification failed");
+			}
+
+			sig = SignerUtilities.GetSigner("MD2WithRSAEncryption");
+
+			sig.Init(true, signingKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			sigBytes = sig.GenerateSignature();
+
+			sig.Init(false, verifyKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			if (!sig.VerifySignature(sigBytes))
+			{
+				Fail("MD2 verification failed");
+			}
+
+			sig = SignerUtilities.GetSigner("MD5WithRSAEncryption");
+
+			sig.Init(true, signingKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			sigBytes = sig.GenerateSignature();
+
+			sig.Init(false, verifyKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			if (!sig.VerifySignature(sigBytes))
+			{
+				Fail("MD5 verification failed");
+			}
+
+			sig = SignerUtilities.GetSigner("RIPEMD160WithRSAEncryption");
+
+			sig.Init(true, signingKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			sigBytes = sig.GenerateSignature();
+
+			sig.Init(false, verifyKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			if (!sig.VerifySignature(sigBytes))
+			{
+				Fail("RIPEMD160 verification failed");
+			}
+
+			//
+			// RIPEMD-128
+			//
+			sig = SignerUtilities.GetSigner("RIPEMD128WithRSAEncryption");
+
+			sig.Init(true, signingKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			sigBytes = sig.GenerateSignature();
+
+			sig.Init(false, verifyKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			if (!sig.VerifySignature(sigBytes))
+			{
+				Fail("RIPEMD128 verification failed");
+			}
+
+			//
+			// RIPEMD256
+			//
+			sig = SignerUtilities.GetSigner("RIPEMD256WithRSAEncryption");
+
+			sig.Init(true, signingKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			sigBytes = sig.GenerateSignature();
+
+			sig.Init(false, verifyKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			if (!sig.VerifySignature(sigBytes))
+			{
+				Fail("RIPEMD256 verification failed");
+			}
+
+			//
+			// SHA-224
+			//
+			sig = SignerUtilities.GetSigner("SHA224WithRSAEncryption");
+
+			sig.Init(true, signingKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			sigBytes = sig.GenerateSignature();
+
+			sig.Init(false, verifyKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			if (!sig.VerifySignature(sigBytes))
+			{
+				Fail("SHA224 verification failed");
+			}
+
+			//
+			// SHA-256
+			//
+			sig = SignerUtilities.GetSigner("SHA256WithRSAEncryption");
+
+			sig.Init(true, signingKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			sigBytes = sig.GenerateSignature();
+
+			sig.Init(false, verifyKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			if (!sig.VerifySignature(sigBytes))
+			{
+				Fail("SHA256 verification failed");
+			}
+
+			//
+			// SHA-384
+			//
+			sig = SignerUtilities.GetSigner("SHA384WithRSAEncryption");
+
+			sig.Init(true, signingKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			sigBytes = sig.GenerateSignature();
+
+			sig.Init(false, verifyKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			if (!sig.VerifySignature(sigBytes))
+			{
+				Fail("SHA384 verification failed");
+			}
+
+			//
+			// SHA-512
+			//
+			sig = SignerUtilities.GetSigner("SHA512WithRSAEncryption");
+
+			sig.Init(true, signingKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			sigBytes = sig.GenerateSignature();
+
+			sig.Init(false, verifyKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			if (!sig.VerifySignature(sigBytes))
+			{
+				Fail("SHA512 verification failed");
+			}
+
+			//
+			// ISO Sigs.
+			//
+			sig = SignerUtilities.GetSigner("MD5WithRSA/ISO9796-2");
+
+			sig.Init(true, signingKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			sigBytes = sig.GenerateSignature();
+
+			sig.Init(false, verifyKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			if (!sig.VerifySignature(sigBytes))
+			{
+				Fail("MD5/ISO verification failed");
+			}
+
+			sig = SignerUtilities.GetSigner("SHA1WithRSA/ISO9796-2");
+
+			sig.Init(true, signingKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			sigBytes = sig.GenerateSignature();
+
+			sig.Init(false, verifyKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			if (!sig.VerifySignature(sigBytes))
+			{
+				Fail("SHA1/ISO verification failed");
+			}
+
+			sig = SignerUtilities.GetSigner("RIPEMD160WithRSA/ISO9796-2");
+
+			sig.Init(true, signingKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			sigBytes = sig.GenerateSignature();
+
+			sig.Init(false, verifyKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			if (!sig.VerifySignature(sigBytes))
+			{
+				Fail("RIPEMD160/ISO verification failed");
+			}
+
+			//
+			// standard vector test - B.1.3 RIPEMD160, implicit.
+			//
+			BigInteger  mod = new BigInteger("ffffffff78f6c55506c59785e871211ee120b0b5dd644aa796d82413a47b24573f1be5745b5cd9950f6b389b52350d4e01e90009669a8720bf265a2865994190a661dea3c7828e2e7ca1b19651adc2d5", 16);
+			BigInteger  pub = new BigInteger("03", 16);
+			BigInteger  pri = new BigInteger("2aaaaaaa942920e38120ee965168302fd0301d73a4e60c7143ceb0adf0bf30b9352f50e8b9e4ceedd65343b2179005b2f099915e4b0c37e41314bb0821ad8330d23cba7f589e0f129b04c46b67dfce9d", 16);
+
+//			KeyFactory  f = KeyFactory.getInstance("RSA");
+//			AsymmetricKeyParameter privKey = f.generatePrivate(new RSAPrivateKeySpec(mod, pri));
+//			AsymmetricKeyParameter pubKey = f.generatePublic(new RSAPublicKeySpec(mod, pub));
+			AsymmetricKeyParameter privKey = new RsaKeyParameters(true, mod, pri);
+			AsymmetricKeyParameter pubKey = new RsaKeyParameters(false, mod, pub);
+			byte[] testSig = Hex.Decode("5cf9a01854dbacaec83aae8efc563d74538192e95466babacd361d7c86000fe42dcb4581e48e4feb862d04698da9203b1803b262105104d510b365ee9c660857ba1c001aa57abfd1c8de92e47c275cae");
+
+			data = Hex.Decode("fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210");
+
+			sig = SignerUtilities.GetSigner("RIPEMD160WithRSA/ISO9796-2");
+
+			sig.Init(true, privKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			sigBytes = sig.GenerateSignature();
+
+			if (!AreEqual(testSig, sigBytes))
+			{
+				Fail("SigTest: failed ISO9796-2 generation Test");
+			}
+
+			sig.Init(false, pubKey);
+
+			sig.BlockUpdate(data, 0, data.Length);
+
+			if (!sig.VerifySignature(sigBytes))
+			{
+				Fail("RIPEMD160/ISO verification failed");
+			}
+		}
+
+		public override string Name
+		{
+			get { return "SigTest"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new SigTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/TestUtilities.cs b/crypto/test/src/test/TestUtilities.cs
new file mode 100644
index 000000000..a79421207
--- /dev/null
+++ b/crypto/test/src/test/TestUtilities.cs
@@ -0,0 +1,264 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Extension;
+
+namespace Org.BouncyCastle.Tests
+{
+	/**
+	 * Test Utils
+	 */
+	internal class TestUtilities
+	{
+		/**
+		 * Create a random 1024 bit RSA key pair
+		 */
+		public static AsymmetricCipherKeyPair GenerateRsaKeyPair()
+		{
+			IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
+
+			kpGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024));
+
+			return kpGen.GenerateKeyPair();
+		}
+
+		public static X509Certificate GenerateRootCert(
+			AsymmetricCipherKeyPair pair)
+		{
+			X509V1CertificateGenerator  certGen = new X509V1CertificateGenerator();
+
+			certGen.SetSerialNumber(BigInteger.One);
+			certGen.SetIssuerDN(new X509Name("CN=Test CA Certificate"));
+			certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			certGen.SetSubjectDN(new X509Name("CN=Test CA Certificate"));
+			certGen.SetPublicKey(pair.Public);
+			certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
+
+			return certGen.Generate(pair.Private);
+		}
+
+		public static X509Certificate GenerateIntermediateCert(
+			AsymmetricKeyParameter	intKey,
+			AsymmetricKeyParameter	caKey,
+			X509Certificate			caCert)
+		{
+			X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
+
+			certGen.SetSerialNumber(BigInteger.One);
+			certGen.SetIssuerDN(PrincipalUtilities.GetSubjectX509Principal(caCert));
+			certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			certGen.SetSubjectDN(new X509Name("CN=Test Intermediate Certificate"));
+			certGen.SetPublicKey(intKey);
+			certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
+
+			certGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert));
+			certGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(intKey));
+			certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(0));
+			certGen.AddExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.DigitalSignature | KeyUsage.KeyCertSign | KeyUsage.CrlSign));
+
+			return certGen.Generate(caKey);
+		}
+
+		public static X509Certificate GenerateEndEntityCert(
+			AsymmetricKeyParameter entityKey,
+			AsymmetricKeyParameter caKey,
+			X509Certificate caCert)
+		{
+			X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
+
+			certGen.SetSerialNumber(BigInteger.One);
+			certGen.SetIssuerDN(PrincipalUtilities.GetSubjectX509Principal(caCert));
+			certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+			certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+			certGen.SetSubjectDN(new X509Name("CN=Test End Certificate"));
+			certGen.SetPublicKey(entityKey);
+			certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
+
+			certGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert));
+			certGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(entityKey));
+			certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false));
+			certGen.AddExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.DigitalSignature | KeyUsage.KeyEncipherment));
+
+			return certGen.Generate(caKey);
+		}
+
+		public static X509Crl CreateCrl(
+			X509Certificate			caCert, 
+			AsymmetricKeyParameter	caKey, 
+			BigInteger				serialNumber)
+		{
+			X509V2CrlGenerator	crlGen = new X509V2CrlGenerator();
+			DateTime			now = DateTime.UtcNow;
+//			BigInteger			revokedSerialNumber = BigInteger.Two;
+
+			crlGen.SetIssuerDN(PrincipalUtilities.GetSubjectX509Principal(caCert));
+
+			crlGen.SetThisUpdate(now);
+			crlGen.SetNextUpdate(now.AddSeconds(100));
+			crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
+
+			crlGen.AddCrlEntry(serialNumber, now, CrlReason.PrivilegeWithdrawn);
+
+			crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert));
+			crlGen.AddExtension(X509Extensions.CrlNumber, false, new CrlNumber(BigInteger.One));
+
+			return crlGen.Generate(caKey);
+		}
+
+		public static X509Certificate CreateExceptionCertificate(
+			bool exceptionOnEncode)
+		{
+			return new ExceptionCertificate(exceptionOnEncode);
+		}
+
+		private class ExceptionCertificate
+			: X509Certificate
+		{
+			private bool _exceptionOnEncode;
+
+			public ExceptionCertificate(
+				bool exceptionOnEncode)
+			{
+				_exceptionOnEncode = exceptionOnEncode;
+			}
+
+			public override void CheckValidity()
+			{
+				throw new CertificateNotYetValidException();
+			}
+
+			public override void CheckValidity(
+				DateTime date)
+			{
+				throw new CertificateExpiredException();
+			}
+
+			public override int Version
+			{
+				get { return 0; }
+			}
+
+			public override BigInteger SerialNumber
+			{
+				get { return null; }
+			}
+
+			public override X509Name IssuerDN
+			{
+				get { return null; }
+			}
+
+			public override X509Name SubjectDN
+			{
+				get { return null; }
+			}
+
+			public override DateTime NotBefore
+			{
+				get { return DateTime.MaxValue; }
+			}
+
+			public override DateTime NotAfter
+			{
+				get { return DateTime.MinValue; }
+			}
+
+			public override byte[] GetTbsCertificate()
+			{
+				throw new CertificateEncodingException();
+			}
+
+			public override byte[] GetSignature()
+			{
+				return new byte[0];
+			}
+
+			public override string SigAlgName
+			{
+				get { return null; }
+			}
+
+			public override string SigAlgOid
+			{
+				get { return null; }
+			}
+
+			public override byte[] GetSigAlgParams()
+			{
+				return new byte[0];
+			}
+
+			public override DerBitString IssuerUniqueID
+			{
+				get { return null; }
+			}
+
+			public override DerBitString SubjectUniqueID
+			{
+				get { return null; }
+			}
+
+			public override bool[] GetKeyUsage()
+			{
+				return new bool[0];
+			}
+
+			public override int GetBasicConstraints()
+			{
+				return 0;
+			}
+
+			public override byte[] GetEncoded()
+			{
+				if (_exceptionOnEncode)
+				{
+					throw new CertificateEncodingException();
+				}
+
+				return new byte[0];
+			}
+
+			public override void Verify(
+				AsymmetricKeyParameter key)
+			{
+				throw new CertificateException();
+			}
+
+			public override string ToString()
+			{
+				return null;
+			}
+
+			public override AsymmetricKeyParameter GetPublicKey()
+			{
+				return null;
+			}
+
+			public override ISet GetCriticalExtensionOids()
+			{
+				return null;
+			}
+
+			public override ISet GetNonCriticalExtensionOids()
+			{
+				return null;
+			}
+
+			public override Asn1OctetString GetExtensionValue(
+				DerObjectIdentifier oid)
+			{
+				return null;
+			}
+		}
+	}
+}
diff --git a/crypto/test/src/test/WrapTest.cs b/crypto/test/src/test/WrapTest.cs
new file mode 100644
index 000000000..bb49446e7
--- /dev/null
+++ b/crypto/test/src/test/WrapTest.cs
@@ -0,0 +1,94 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class WrapTest
+		: ITest
+	{
+		public ITestResult Perform()
+		{
+			try
+			{
+//				IBufferedCipher cipher = CipherUtilities.GetCipher("DES/ECB/PKCS5Padding");
+				IWrapper cipher = WrapperUtilities.GetWrapper("DES/ECB/PKCS5Padding");
+
+				IAsymmetricCipherKeyPairGenerator fact = GeneratorUtilities.GetKeyPairGenerator("RSA");
+				fact.Init(
+					new RsaKeyGenerationParameters(
+						BigInteger.ValueOf(0x10001),
+						new SecureRandom(),
+						512,
+						25));
+
+				AsymmetricCipherKeyPair keyPair = fact.GenerateKeyPair();
+
+				AsymmetricKeyParameter priKey = keyPair.Private;
+				AsymmetricKeyParameter pubKey = keyPair.Public;
+
+				byte[] priKeyBytes = PrivateKeyInfoFactory.CreatePrivateKeyInfo(priKey).GetDerEncoded();
+
+				CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator("DES");
+
+//				Key wrapKey = keyGen.generateKey();
+				byte[] wrapKeyBytes = keyGen.GenerateKey();
+				KeyParameter wrapKey = new DesParameters(wrapKeyBytes);
+
+//				cipher.Init(IBufferedCipher.WRAP_MODE, wrapKey);
+				cipher.Init(true, wrapKey);
+//				byte[] wrappedKey = cipher.Wrap(priKey);
+				byte[] wrappedKey = cipher.Wrap(priKeyBytes, 0, priKeyBytes.Length);
+
+//				cipher.Init(IBufferedCipher.UNWRAP_MODE, wrapKey);
+				cipher.Init(false, wrapKey);
+
+//				Key key = cipher.unwrap(wrappedKey, "RSA", IBufferedCipher.PRIVATE_KEY);
+				byte[] unwrapped = cipher.Unwrap(wrappedKey, 0, wrappedKey.Length);
+
+				//if (!Arrays.AreEqual(priKey.getEncoded(), key.getEncoded()))
+				if (!Arrays.AreEqual(priKeyBytes, unwrapped))
+				{
+					return new SimpleTestResult(false, "Unwrapped key does not match");
+				}
+
+				return new SimpleTestResult(true, Name + ": Okay");
+			}
+			catch (Exception e)
+			{
+				return new SimpleTestResult(false, Name + ": exception - " + e.ToString());
+			}
+		}
+
+		public string Name
+		{
+			get { return "WrapTest"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			ITest test = new WrapTest();
+			ITestResult result = test.Perform();
+
+			Console.WriteLine(result);
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/X509CertificatePairTest.cs b/crypto/test/src/test/X509CertificatePairTest.cs
new file mode 100644
index 000000000..a83de4cf0
--- /dev/null
+++ b/crypto/test/src/test/X509CertificatePairTest.cs
@@ -0,0 +1,149 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class X509CertificatePairTest
+		: SimpleTest
+	{
+		public override void PerformTest()
+		{
+			//CertificateFactory cf = CertificateFactory.getInstance("X.509");
+			X509CertificateParser cf = new X509CertificateParser();
+
+			X509Certificate rootCert = (X509Certificate) cf.ReadCertificate(CertPathTest.rootCertBin);
+			X509Certificate interCert = (X509Certificate) cf.ReadCertificate(CertPathTest.interCertBin);
+			X509Certificate finalCert = (X509Certificate) cf.ReadCertificate(CertPathTest.finalCertBin);
+
+			X509CertificatePair pair1 = new X509CertificatePair(rootCert, interCert);
+			X509CertificatePair pair2 = new X509CertificatePair(rootCert, interCert);
+			X509CertificatePair pair3 = new X509CertificatePair(interCert, finalCert);
+			X509CertificatePair pair4 = new X509CertificatePair(rootCert, finalCert);
+			X509CertificatePair pair5 = new X509CertificatePair(rootCert, null);
+			X509CertificatePair pair6 = new X509CertificatePair(rootCert, null);
+			X509CertificatePair pair7 = new X509CertificatePair(null, rootCert);
+			X509CertificatePair pair8 = new X509CertificatePair(null, rootCert);
+
+			if (!pair1.Equals(pair2))
+			{
+				Fail("pair1 pair2 equality test");
+			}
+
+			if (!pair5.Equals(pair6))
+			{
+				Fail("pair1 pair2 equality test");
+			}
+
+			if (!pair7.Equals(pair8))
+			{
+				Fail("pair1 pair2 equality test");
+			}
+
+			if (pair1.Equals(null))
+			{
+				Fail("pair1 null equality test");
+			}
+
+			if (pair1.GetHashCode() != pair2.GetHashCode())
+			{
+				Fail("pair1 pair2 hashCode equality test");
+			}
+
+			if (pair1.Equals(pair3))
+			{
+				Fail("pair1 pair3 inequality test");
+			}
+
+			if (pair1.Equals(pair4))
+			{
+				Fail("pair1 pair4 inequality test");
+			}
+
+			if (pair1.Equals(pair5))
+			{
+				Fail("pair1 pair5 inequality test");
+			}
+
+			if (pair1.Equals(pair7))
+			{
+				Fail("pair1 pair7 inequality test");
+			}
+
+			if (pair5.Equals(pair1))
+			{
+				Fail("pair5 pair1 inequality test");
+			}
+
+			if (pair7.Equals(pair1))
+			{
+				Fail("pair7 pair1 inequality test");
+			}
+
+			if (pair1.Forward != rootCert)
+			{
+				Fail("pair1 forward test");
+			}
+
+			if (pair1.Reverse != interCert)
+			{
+				Fail("pair1 reverse test");
+			}
+
+			if (!AreEqual(pair1.GetEncoded(), pair2.GetEncoded()))
+			{
+				Fail("encoding check");
+			}
+
+			pair4 = new X509CertificatePair(rootCert, TestUtilities.CreateExceptionCertificate(false));
+
+			try
+			{
+				pair4.GetEncoded();
+
+				Fail("no exception on bad GetEncoded()");
+			}
+			catch (CertificateEncodingException)
+			{
+				// expected
+			}
+
+			pair4 = new X509CertificatePair(rootCert, TestUtilities.CreateExceptionCertificate(true));
+
+			try
+			{
+				pair4.GetEncoded();
+
+				Fail("no exception on exception GetEncoded()");
+			}
+			catch (CertificateEncodingException)
+			{
+				// expected
+			}
+		}
+
+		public override string Name
+		{
+			get { return "X509CertificatePair"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new X509CertificatePairTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/X509StoreTest.cs b/crypto/test/src/test/X509StoreTest.cs
new file mode 100644
index 000000000..37673b8b4
--- /dev/null
+++ b/crypto/test/src/test/X509StoreTest.cs
@@ -0,0 +1,335 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Tests
+{
+	[TestFixture]
+	public class X509StoreTest
+		: SimpleTest
+	{
+		private void certPairTest()
+		{
+			X509CertificateParser certParser = new X509CertificateParser();
+
+			X509Certificate rootCert = certParser.ReadCertificate(CertPathTest.rootCertBin);
+			X509Certificate interCert = certParser.ReadCertificate(CertPathTest.interCertBin);
+			X509Certificate finalCert = certParser.ReadCertificate(CertPathTest.finalCertBin);
+
+			// Testing CollectionCertStore generation from List
+			X509CertificatePair pair1 = new X509CertificatePair(rootCert, interCert);
+
+			IList certList = new ArrayList();
+			certList.Add(pair1);
+			certList.Add(new X509CertificatePair(interCert, finalCert));
+
+			IX509Store certStore = X509StoreFactory.Create(
+				"CertificatePair/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			X509CertPairStoreSelector selector = new X509CertPairStoreSelector();
+			X509CertStoreSelector fwSelector = new X509CertStoreSelector();
+
+			fwSelector.SerialNumber = rootCert.SerialNumber;
+			fwSelector.Subject = rootCert.IssuerDN;
+
+			selector.ForwardSelector = fwSelector;
+
+			IList col = new ArrayList(certStore.GetMatches(selector));
+
+			if (col.Count != 1 || !col.Contains(pair1))
+			{
+				Fail("failed pair1 test");
+			}
+
+			col = new ArrayList(certStore.GetMatches(null));
+
+			if (col.Count != 2)
+			{
+				Fail("failed null test");
+			}
+		}
+
+		public override void PerformTest()
+		{
+			X509CertificateParser certParser = new X509CertificateParser();
+			X509CrlParser crlParser = new X509CrlParser();
+
+			X509Certificate rootCert = certParser.ReadCertificate(CertPathTest.rootCertBin);
+			X509Certificate interCert = certParser.ReadCertificate(CertPathTest.interCertBin);
+			X509Certificate finalCert = certParser.ReadCertificate(CertPathTest.finalCertBin);
+			X509Crl rootCrl = crlParser.ReadCrl(CertPathTest.rootCrlBin);
+			X509Crl interCrl = crlParser.ReadCrl(CertPathTest.interCrlBin);
+
+			// Testing CollectionCertStore generation from List
+			IList certList = new ArrayList();
+			certList.Add(rootCert);
+			certList.Add(interCert);
+			certList.Add(finalCert);
+
+			IX509Store certStore = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+
+			// set default to be the same as for SUN X500 name
+			X509Name.DefaultReverse = true;
+
+			// Searching for rootCert by subjectDN
+
+			X509CertStoreSelector targetConstraints = new X509CertStoreSelector();
+			targetConstraints.Subject = PrincipalUtilities.GetSubjectX509Principal(rootCert);
+			IList certs = new ArrayList(certStore.GetMatches(targetConstraints));
+			if (certs.Count != 1 || !certs.Contains(rootCert))
+			{
+				Fail("rootCert not found by subjectDN");
+			}
+
+			// Searching for rootCert by subjectDN encoded as byte
+			targetConstraints = new X509CertStoreSelector();
+			targetConstraints.Subject = PrincipalUtilities.GetSubjectX509Principal(rootCert);
+			certs = new ArrayList(certStore.GetMatches(targetConstraints));
+			if (certs.Count != 1 || !certs.Contains(rootCert))
+			{
+				Fail("rootCert not found by encoded subjectDN");
+			}
+
+			X509Name.DefaultReverse = false;
+
+			// Searching for rootCert by public key encoded as byte
+			targetConstraints = new X509CertStoreSelector();
+			targetConstraints.SubjectPublicKey =
+				SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(rootCert.GetPublicKey());
+			certs = new ArrayList(certStore.GetMatches(targetConstraints));
+			if (certs.Count != 1 || !certs.Contains(rootCert))
+			{
+				Fail("rootCert not found by encoded public key");
+			}
+
+			// Searching for interCert by issuerDN
+			targetConstraints = new X509CertStoreSelector();
+			targetConstraints.Issuer = PrincipalUtilities.GetSubjectX509Principal(rootCert);
+			certs = new ArrayList(certStore.GetMatches(targetConstraints));
+			if (certs.Count != 2)
+			{
+				Fail("did not found 2 certs");
+			}
+			if (!certs.Contains(rootCert))
+			{
+				Fail("rootCert not found");
+			}
+			if (!certs.Contains(interCert))
+			{
+				Fail("interCert not found");
+			}
+
+			// Searching for rootCrl by issuerDN
+			IList crlList = new ArrayList();
+			crlList.Add(rootCrl);
+			crlList.Add(interCrl);
+			IX509Store store = X509StoreFactory.Create(
+				"CRL/Collection",
+				new X509CollectionStoreParameters(crlList));
+
+			X509CrlStoreSelector targetConstraintsCRL = new X509CrlStoreSelector();
+
+			ArrayList issuers = new ArrayList();
+			issuers.Add(rootCrl.IssuerDN);
+			targetConstraintsCRL.Issuers = issuers;
+
+			IList crls = new ArrayList(store.GetMatches(targetConstraintsCRL));
+			if (crls.Count != 1 || !crls.Contains(rootCrl))
+			{
+				Fail("rootCrl not found");
+			}
+
+			crls = new ArrayList(certStore.GetMatches(targetConstraintsCRL));
+			if (crls.Count != 0)
+			{
+				Fail("error using wrong selector (CRL)");
+			}
+			certs = new ArrayList(store.GetMatches(targetConstraints));
+			if (certs.Count != 0)
+			{
+				Fail("error using wrong selector (certs)");
+			}
+			// Searching for attribute certificates
+			X509V2AttributeCertificate attrCert = new X509V2AttributeCertificate(AttrCertTest.attrCert);
+			IX509AttributeCertificate attrCert2 = new X509V2AttributeCertificate(AttrCertTest.certWithBaseCertificateID);
+
+			IList attrList = new ArrayList();
+			attrList.Add(attrCert);
+			attrList.Add(attrCert2);
+			store = X509StoreFactory.Create(
+				"AttributeCertificate/Collection",
+				new X509CollectionStoreParameters(attrList));
+
+			X509AttrCertStoreSelector attrSelector = new X509AttrCertStoreSelector();
+			attrSelector.Holder = attrCert.Holder;
+			if (!attrSelector.Holder.Equals(attrCert.Holder))
+			{
+				Fail("holder get not correct");
+			}
+			IList attrs = new ArrayList(store.GetMatches(attrSelector));
+			if (attrs.Count != 1 || !attrs.Contains(attrCert))
+			{
+				Fail("attrCert not found on holder");
+			}
+			attrSelector.Holder = attrCert2.Holder;
+			if (attrSelector.Holder.Equals(attrCert.Holder))
+			{
+				Fail("holder get not correct");
+			}
+			attrs = new ArrayList(store.GetMatches(attrSelector));
+			if (attrs.Count != 1 || !attrs.Contains(attrCert2))
+			{
+				Fail("attrCert2 not found on holder");
+			}
+			attrSelector = new X509AttrCertStoreSelector();
+			attrSelector.Issuer = attrCert.Issuer;
+			if (!attrSelector.Issuer.Equals(attrCert.Issuer))
+			{
+				Fail("issuer get not correct");
+			}
+			attrs = new ArrayList(store.GetMatches(attrSelector));
+			if (attrs.Count != 1 || !attrs.Contains(attrCert))
+			{
+				Fail("attrCert not found on issuer");
+			}
+			attrSelector.Issuer = attrCert2.Issuer;
+			if (attrSelector.Issuer.Equals(attrCert.Issuer))
+			{
+				Fail("issuer get not correct");
+			}
+			attrs = new ArrayList(store.GetMatches(attrSelector));
+			if (attrs.Count != 1 || !attrs.Contains(attrCert2))
+			{
+				Fail("attrCert2 not found on issuer");
+			}
+			attrSelector = new X509AttrCertStoreSelector();
+			attrSelector.AttributeCert = attrCert;
+			if (!attrSelector.AttributeCert.Equals(attrCert))
+			{
+				Fail("attrCert get not correct");
+			}
+			attrs = new ArrayList(store.GetMatches(attrSelector));
+			if (attrs.Count != 1 || !attrs.Contains(attrCert))
+			{
+				Fail("attrCert not found on attrCert");
+			}
+			attrSelector = new X509AttrCertStoreSelector();
+			attrSelector.SerialNumber = attrCert.SerialNumber;
+			if (!attrSelector.SerialNumber.Equals(attrCert.SerialNumber))
+			{
+				Fail("serial number get not correct");
+			}
+			attrs = new ArrayList(store.GetMatches(attrSelector));
+			if (attrs.Count != 1 || !attrs.Contains(attrCert))
+			{
+				Fail("attrCert not found on serial number");
+			}
+			attrSelector = (X509AttrCertStoreSelector)attrSelector.Clone();
+			if (!attrSelector.SerialNumber.Equals(attrCert.SerialNumber))
+			{
+				Fail("serial number get not correct");
+			}
+			attrs = new ArrayList(store.GetMatches(attrSelector));
+			if (attrs.Count != 1 || !attrs.Contains(attrCert))
+			{
+				Fail("attrCert not found on serial number");
+			}
+
+			attrSelector = new X509AttrCertStoreSelector();
+			attrSelector.AttributeCertificateValid = new DateTimeObject(attrCert.NotBefore);
+			if (attrSelector.AttributeCertificateValid.Value != attrCert.NotBefore)
+			{
+				Fail("valid get not correct");
+			}
+			attrs = new ArrayList(store.GetMatches(attrSelector));
+			if (attrs.Count != 1 || !attrs.Contains(attrCert))
+			{
+				Fail("attrCert not found on valid");
+			}
+			attrSelector = new X509AttrCertStoreSelector();
+			attrSelector.AttributeCertificateValid = new DateTimeObject(attrCert.NotBefore.AddMilliseconds(-100));
+			attrs = new ArrayList(store.GetMatches(attrSelector));
+			if (attrs.Count != 0)
+			{
+				Fail("attrCert found on before");
+			}
+			attrSelector.AttributeCertificateValid = new DateTimeObject(attrCert.NotAfter.AddMilliseconds(100));
+			attrs = new ArrayList(store.GetMatches(attrSelector));
+			if (attrs.Count != 0)
+			{
+				Fail("attrCert found on after");
+			}
+			attrSelector.SerialNumber = BigInteger.ValueOf(10000);
+			attrs = new ArrayList(store.GetMatches(attrSelector));
+			if (attrs.Count != 0)
+			{
+				Fail("attrCert found on wrong serial number");
+			}
+
+			attrSelector.AttributeCert = null;
+			attrSelector.AttributeCertificateValid = null;
+			attrSelector.Holder = null;
+			attrSelector.Issuer = null;
+			attrSelector.SerialNumber = null;
+			if (attrSelector.AttributeCert != null)
+			{
+				Fail("null attrCert");
+			}
+			if (attrSelector.AttributeCertificateValid != null)
+			{
+				Fail("null attrCertValid");
+			}
+			if (attrSelector.Holder != null)
+			{
+				Fail("null attrCert holder");
+			}
+			if (attrSelector.Issuer != null)
+			{
+				Fail("null attrCert issuer");
+			}
+			if (attrSelector.SerialNumber != null)
+			{
+				Fail("null attrCert serial");
+			}
+
+			attrs = new ArrayList(certStore.GetMatches(attrSelector));
+			if (attrs.Count != 0)
+			{
+				Fail("error using wrong selector (attrs)");
+			}
+
+			certPairTest();
+		}
+
+		public override string Name
+		{
+			get { return "IX509Store"; }
+		}
+
+		public static void Main(
+			string[] args)
+		{
+			RunTest(new X509StoreTest());
+		}
+
+		[Test]
+		public void TestFunction()
+		{
+			string resultText = Perform().ToString();
+
+			Assert.AreEqual(Name + ": Okay", resultText);
+		}
+	}
+}
diff --git a/crypto/test/src/test/nist/NistCertPathTest.cs b/crypto/test/src/test/nist/NistCertPathTest.cs
new file mode 100644
index 000000000..f42f64ca2
--- /dev/null
+++ b/crypto/test/src/test/nist/NistCertPathTest.cs
@@ -0,0 +1,847 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Reflection;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Pkix;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Extension;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Tests.Nist
+{
+	[TestFixture]
+	public class NistCertPathTest
+	{
+		private static readonly string GOOD_CA_CERT = "GoodCACert";
+
+		private static readonly string GOOD_CA_CRL = "GoodCACRL";
+
+		private static readonly string TRUST_ANCHOR_ROOT_CRL = "TrustAnchorRootCRL";
+
+		private static readonly string TRUST_ANCHOR_ROOT_CERTIFICATE = "TrustAnchorRootCertificate";
+
+		private static readonly char[] PKCS12_PASSWORD = "password".ToCharArray();
+
+		private static readonly string ANY_POLICY = "2.5.29.32.0";
+		private static readonly string NIST_TEST_POLICY_1 = "2.16.840.1.101.3.2.1.48.1";
+		private static readonly string NIST_TEST_POLICY_2 = "2.16.840.1.101.3.2.1.48.2";
+		private static readonly string NIST_TEST_POLICY_3 = "2.16.840.1.101.3.2.1.48.3";
+
+		private static IDictionary certs = new Hashtable();
+		private static IDictionary crls = new Hashtable();
+
+		private static ISet noPolicies = new HashSet();
+		private static ISet anyPolicy = new HashSet();
+		private static ISet nistTestPolicy1 = new HashSet();
+		private static ISet nistTestPolicy2 = new HashSet();
+		private static ISet nistTestPolicy3 = new HashSet();
+		private static ISet nistTestPolicy1And2 = new HashSet();
+
+		static NistCertPathTest()
+		{
+			anyPolicy.Add(ANY_POLICY);
+
+			nistTestPolicy1.Add(NIST_TEST_POLICY_1);
+			nistTestPolicy2.Add(NIST_TEST_POLICY_2);
+			nistTestPolicy3.Add(NIST_TEST_POLICY_3);
+			nistTestPolicy1And2.Add(NIST_TEST_POLICY_1);
+			nistTestPolicy1And2.Add(NIST_TEST_POLICY_2);
+
+		}
+
+		[Test]
+		public void TestValidSignaturesTest1()
+		{
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { "ValidCertificatePathTest1EE", GOOD_CA_CERT },
+				new string[] { GOOD_CA_CRL, TRUST_ANCHOR_ROOT_CRL });
+		}
+
+		[Test]
+		public void TestInvalidCASignatureTest2()
+		{
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { "ValidCertificatePathTest1EE", "BadSignedCACert" },
+				new string[] { "BadSignedCACRL", TRUST_ANCHOR_ROOT_CRL },
+				1,
+				"TrustAnchor found but certificate validation failed.");
+		}
+
+		[Test]
+		public void TestInvalidEESignatureTest3()
+		{
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { GOOD_CA_CERT, "InvalidEESignatureTest3EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL },
+				0,
+				"Could not validate certificate signature.");
+		}
+        
+		[Test]
+		public void TestValidDSASignaturesTest4()
+		{
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { "DSACACert", "ValidDSASignaturesTest4EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, "DSACACRL" });
+		}
+
+		[Test]
+		// 4.1.5
+		public void TestValidDSAParameterInheritanceTest5()
+		{
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { "DSACACert", "DSAParametersInheritedCACert", "ValidDSAParameterInheritanceTest5EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, "DSACACRL", "DSAParametersInheritedCACRL" });
+		}
+
+		[Test]
+		public void TestInvalidDSASignaturesTest6()
+		{
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { "DSACACert", "InvalidDSASignatureTest6EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, "DSACACRL" },
+				0,
+				"Could not validate certificate signature.");
+		}
+
+		[Test]
+		public void TestCANotBeforeDateTest1()
+		{
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { "BadnotBeforeDateCACert", "InvalidCAnotBeforeDateTest1EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, "BadnotBeforeDateCACRL" },
+				1,
+				"Could not validate certificate: certificate not valid until 20470101120100GMT+00:00");
+		}
+        
+		[Test]
+		public void TestInvalidEENotBeforeDateTest2()
+		{
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { GOOD_CA_CERT, "InvalidEEnotBeforeDateTest2EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL },
+				0,
+				"Could not validate certificate: certificate not valid until 20470101120100GMT+00:00");
+		}
+
+		[Test]
+		public void TestValidPre2000UTCNotBeforeDateTest3()
+		{
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { GOOD_CA_CERT, "Validpre2000UTCnotBeforeDateTest3EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL });
+		}
+
+		[Test]
+		public void TestValidGeneralizedTimeNotBeforeDateTest4()
+		{
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { GOOD_CA_CERT, "ValidGeneralizedTimenotBeforeDateTest4EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL });
+		}
+
+		[Test]
+		public void TestInvalidCANotAfterDateTest5()
+		{
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { "BadnotAfterDateCACert", "InvalidCAnotAfterDateTest5EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, "BadnotAfterDateCACRL" },
+				1,
+				"Could not validate certificate: certificate expired on 20020101120100GMT+00:00");
+		}
+
+		[Test]
+		public void TestInvalidEENotAfterDateTest6()
+		{
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { GOOD_CA_CERT, "InvalidEEnotAfterDateTest6EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL },
+				0,
+				"Could not validate certificate: certificate expired on 20020101120100GMT+00:00");
+		}
+
+		[Test]
+		public void TestInvalidValidPre2000UTCNotAfterDateTest7()
+		{
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { GOOD_CA_CERT, "Invalidpre2000UTCEEnotAfterDateTest7EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL },
+				0,
+				"Could not validate certificate: certificate expired on 19990101120100GMT+00:00");
+		}
+
+		[Test]
+		public void TestInvalidNegativeSerialNumberTest15()
+		{
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { "NegativeSerialNumberCACert", "InvalidNegativeSerialNumberTest15EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, "NegativeSerialNumberCACRL" },
+				0,
+				"Certificate revocation after 4/19/2001 2:57:20 PM",
+				"reason: keyCompromise");
+		}
+
+		//
+		// 4.8 Certificate Policies
+		//
+		[Test]
+		public void TestAllCertificatesSamePolicyTest1()
+		{
+			string[] certList = new string[] { GOOD_CA_CERT, "ValidCertificatePathTest1EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL };
+
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				certList,
+				crlList,
+				noPolicies);
+
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				certList,
+				crlList,
+				nistTestPolicy1);
+
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				certList,
+				crlList,
+				nistTestPolicy2,
+				-1,
+				"Path processing failed on policy.");
+
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				certList,
+				crlList,
+				nistTestPolicy1And2);
+		}
+
+		[Test]
+		public void TestAllCertificatesNoPoliciesTest2()
+		{
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { "NoPoliciesCACert", "AllCertificatesNoPoliciesTest2EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, "NoPoliciesCACRL" });
+
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { "NoPoliciesCACert", "AllCertificatesNoPoliciesTest2EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, "NoPoliciesCACRL" },
+				noPolicies,
+				1,
+				"No valid policy tree found when one expected.");
+		}
+
+		[Test]
+		public void TestDifferentPoliciesTest3()
+		{
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { GOOD_CA_CERT, "PoliciesP2subCACert", "DifferentPoliciesTest3EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "PoliciesP2subCACRL" });
+
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { GOOD_CA_CERT, "PoliciesP2subCACert", "DifferentPoliciesTest3EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "PoliciesP2subCACRL" },
+				noPolicies,
+				1,
+				"No valid policy tree found when one expected.");
+
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { GOOD_CA_CERT, "PoliciesP2subCACert", "DifferentPoliciesTest3EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "PoliciesP2subCACRL" },
+				nistTestPolicy1And2,
+				1,
+				"No valid policy tree found when one expected.");
+		}
+
+		[Test]
+		public void TestDifferentPoliciesTest4()
+		{
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { GOOD_CA_CERT, "GoodsubCACert", "DifferentPoliciesTest4EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "GoodsubCACRL" },
+				0,
+				"No valid policy tree found when one expected.");
+		}
+
+		[Test]
+		public void TestDifferentPoliciesTest5()
+		{
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE,
+				new string[] { GOOD_CA_CERT, "PoliciesP2subCA2Cert", "DifferentPoliciesTest5EE" },
+				new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "PoliciesP2subCA2CRL" },
+				0,
+				"No valid policy tree found when one expected.");
+		}
+
+		[Test]
+		public void TestOverlappingPoliciesTest6()
+		{
+			string[] certList = new string[] { "PoliciesP1234CACert", "PoliciesP1234subCAP123Cert", "PoliciesP1234subsubCAP123P12Cert", "OverlappingPoliciesTest6EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP1234CACRL", "PoliciesP1234subCAP123CRL", "PoliciesP1234subsubCAP123P12CRL" };
+
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
+
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
+
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
+				-1,
+				"Path processing failed on policy.");
+		}
+
+		[Test]
+		public void TestDifferentPoliciesTest7()
+		{
+			string[] certList = new string[] { "PoliciesP123CACert", "PoliciesP123subCAP12Cert", "PoliciesP123subsubCAP12P1Cert", "DifferentPoliciesTest7EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP123CACRL", "PoliciesP123subCAP12CRL", "PoliciesP123subsubCAP12P1CRL" };
+
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList,
+				0,
+				"No valid policy tree found when one expected.");
+		}
+
+		[Test]
+		public void TestDifferentPoliciesTest8()
+		{
+			string[] certList = new string[] { "PoliciesP12CACert", "PoliciesP12subCAP1Cert", "PoliciesP12subsubCAP1P2Cert", "DifferentPoliciesTest8EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP12CACRL", "PoliciesP12subCAP1CRL", "PoliciesP12subsubCAP1P2CRL" };
+
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList,
+				1,
+				"No valid policy tree found when one expected.");
+		}
+
+		[Test]
+		public void TestDifferentPoliciesTest9()
+		{
+			string[] certList = new string[] { "PoliciesP123CACert", "PoliciesP123subCAP12Cert", "PoliciesP123subsubCAP12P2Cert", "PoliciesP123subsubsubCAP12P2P1Cert", "DifferentPoliciesTest9EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP123CACRL", "PoliciesP123subCAP12CRL", "PoliciesP123subsubCAP2P2CRL", "PoliciesP123subsubsubCAP12P2P1CRL" };
+
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList,
+				1,
+				"No valid policy tree found when one expected.");
+		}
+
+		[Test]
+		public void TestAllCertificatesSamePoliciesTest10()
+		{
+			string[] certList = new string[] { "PoliciesP12CACert", "AllCertificatesSamePoliciesTest10EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP12CACRL" };
+
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2);
+		}
+
+		[Test]
+		public void TestAllCertificatesAnyPolicyTest11()
+		{
+			string[] certList = new string[] { "anyPolicyCACert", "AllCertificatesanyPolicyTest11EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "anyPolicyCACRL" };
+
+			PkixCertPathValidatorResult result = DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
+
+			result = DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
+		}
+
+		[Test]
+		public void TestDifferentPoliciesTest12()
+		{
+			string[] certList = new string[] { "PoliciesP3CACert", "DifferentPoliciesTest12EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP3CACRL" };
+
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList,
+				0,
+				"No valid policy tree found when one expected.");
+		}
+
+		[Test]
+		public void TestAllCertificatesSamePoliciesTest13()
+		{
+			string[] certList = new string[] { "PoliciesP123CACert", "AllCertificatesSamePoliciesTest13EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP123CACRL" };
+
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2);
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy3);
+		}
+
+		[Test]
+		public void TestAnyPolicyTest14()
+		{
+			string[] certList = new string[] { "anyPolicyCACert", "AnyPolicyTest14EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "anyPolicyCACRL" };
+
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
+				-1,
+				"Path processing failed on policy.");
+		}
+
+		[Test]
+		public void TestUserNoticeQualifierTest15()
+		{
+			string[] certList = new string[] { "UserNoticeQualifierTest15EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL };
+
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
+				-1,
+				"Path processing failed on policy.");
+		}
+
+		[Test]
+		public void TestUserNoticeQualifierTest16()
+		{
+			string[] certList = new string[] { GOOD_CA_CERT, "UserNoticeQualifierTest16EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL };
+
+			PkixCertPathValidatorResult result = DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
+
+			result = DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
+
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
+				-1,
+				"Path processing failed on policy.");
+		}
+
+		[Test] 
+		public void TestUserNoticeQualifierTest17()
+		{
+			string[] certList = new string[] { GOOD_CA_CERT, "UserNoticeQualifierTest17EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL };
+
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
+				-1,
+				"Path processing failed on policy.");
+		}
+
+		[Test]
+		public void TestUserNoticeQualifierTest18()
+		{
+			string[] certList = new string[] { "PoliciesP12CACert", "UserNoticeQualifierTest18EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP12CACRL" };
+
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2);
+		}
+
+		[Test]
+		public void TestUserNoticeQualifierTest19()
+		{
+			string[] certList = new string[] { "UserNoticeQualifierTest19EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL };
+
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
+				-1,
+				"Path processing failed on policy.");
+		}
+
+		[Test]
+		public void TestInvalidInhibitPolicyMappingTest1()
+		{
+			string[] certList = new string[] { "inhibitPolicyMapping0CACert", "inhibitPolicyMapping0subCACert", "InvalidinhibitPolicyMappingTest1EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "inhibitPolicyMapping0CACRL", "inhibitPolicyMapping0subCACRL" };
+
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null,
+				0,
+				"No valid policy tree found when one expected.");
+		}
+
+		[Test]
+		public void TestValidInhibitPolicyMappingTest2()
+		{
+			string[] certList = new string[] { "inhibitPolicyMapping1P12CACert", "inhibitPolicyMapping1P12subCACert", "ValidinhibitPolicyMappingTest2EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "inhibitPolicyMapping1P12CACRL", "inhibitPolicyMapping1P12subCACRL" };
+
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
+		}
+
+		// 4.12.7
+		[Test]
+		public void TestValidSelfIssuedInhibitAnyPolicyTest7()
+		{
+			string[] certList = new string[] { "inhibitAnyPolicy1CACert", "inhibitAnyPolicy1SelfIssuedCACert", "inhibitAnyPolicy1subCA2Cert", "ValidSelfIssuedinhibitAnyPolicyTest7EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "inhibitAnyPolicy1CACRL", "inhibitAnyPolicy1subCA2CRL" };
+
+			doBuilderTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null, false, false);
+		}
+
+		// 4.4.19
+		[Test]
+		public void TestValidSeparateCertificateandCRLKeysTest19()
+		{
+			string[] certList = new string[] { "SeparateCertificateandCRLKeysCertificateSigningCACert", "SeparateCertificateandCRLKeysCRLSigningCert", "ValidSeparateCertificateandCRLKeysTest19EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "SeparateCertificateandCRLKeysCRL" };
+
+			doBuilderTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null, false, false);
+		}
+
+		[Test]
+		public void TestValidpathLenConstraintTest13()
+		{
+			string[] certList = new string[] { "pathLenConstraint6CACert", "pathLenConstraint6subCA4Cert", "pathLenConstraint6subsubCA41Cert", "pathLenConstraint6subsubsubCA41XCert", "ValidpathLenConstraintTest13EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "pathLenConstraint6CACRL", "pathLenConstraint6subCA4CRL", "pathLenConstraint6subsubCA41CRL", "pathLenConstraint6subsubsubCA41XCRL" };
+
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null);
+		}
+
+		// 4.4.10
+		[Test]
+		public void TestInvalidUnknownCRLExtensionTest10()
+		{
+			string[] certList = new string[] { "UnknownCRLExtensionCACert", "InvalidUnknownCRLExtensionTest10EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "UnknownCRLExtensionCACRL" };
+
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null,
+				0,
+				"CRL contains unsupported critical extensions.");
+		}
+
+		// 4.14.3
+		[Test]
+		public void TestInvaliddistributionPointTest3()
+		{
+			string[] certList = new string[] { "distributionPoint1CACert", "InvaliddistributionPointTest3EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "distributionPoint1CACRL" };
+
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null,
+				0,
+				"No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.");
+		}
+
+		// 4.14.5
+		[Test]
+		public void TestValiddistributionPointTest5()
+		{
+			string[] certList = new string[] { "distributionPoint2CACert", "ValiddistributionPointTest5EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "distributionPoint2CACRL" };
+
+			DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null);
+		}
+
+		// 4.14.8
+		[Test]
+		public void TestInvaliddistributionPointTest8()
+		{
+			string[] certList = new string[] { "distributionPoint2CACert", "InvaliddistributionPointTest8EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "distributionPoint2CACRL" };
+
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null,
+				0,
+				"No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.");
+		}
+
+		// 4.14.9
+		[Test]
+		public void TestInvaliddistributionPointTest9()
+		{
+			string[] certList = new string[] { "distributionPoint2CACert", "InvaliddistributionPointTest9EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "distributionPoint2CACRL" };
+
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null,
+				0,
+				"No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.");
+		}
+
+		// 4.14.17
+		[Test]
+		public void TestInvalidonlySomeReasonsTest17()
+		{
+			string[] certList = new string[] { "onlySomeReasonsCA2Cert", "InvalidonlySomeReasonsTest17EE" };
+			string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "onlySomeReasonsCA2CRL1", "onlySomeReasonsCA2CRL2" };
+
+			DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null,
+				0,
+				"Certificate status could not be determined.");
+		}
+
+		// section 4.14: tests 17, 24, 25, 30, 31, 32, 33, 35
+
+		// section 4.15: tests 5, 7
+		private void DoExceptionTest(
+			string		trustAnchor,
+			string[]	certs,
+			string[]	crls,
+			int			index,
+			string		message)
+		{
+			try
+			{
+				DoTest(trustAnchor, certs, crls);
+
+				Assert.Fail("path accepted when should be rejected");
+			}
+			catch (PkixCertPathValidatorException e)
+			{
+				Assert.AreEqual(index, e.Index);
+				Assert.AreEqual(message, e.Message);
+			}
+		}
+
+		private void DoExceptionTest(
+			string		trustAnchor,
+			string[]	certs,
+			string[]	crls,
+			ISet		policies,
+			int			index,
+			string		message)
+		{
+			try
+			{
+				DoTest(trustAnchor, certs, crls, policies);
+				Assert.Fail("path accepted when should be rejected");
+			}
+			catch (PkixCertPathValidatorException e)
+			{
+				Assert.AreEqual(index, e.Index);
+				Assert.AreEqual(message, e.Message);
+			}
+		}
+
+		private void DoExceptionTest(
+			string		trustAnchor,
+			string[]	certs,
+			string[]	crls,
+			int			index,
+			string		mesStart,
+			string		mesEnd)
+		{
+			try
+			{
+				DoTest(trustAnchor, certs, crls);
+
+				Assert.Fail("path accepted when should be rejected");
+			}
+			catch (PkixCertPathValidatorException e)
+			{
+				Assert.AreEqual(index, e.Index);
+				Assert.IsTrue(e.Message.StartsWith(mesStart));
+				Assert.IsTrue(e.Message.EndsWith(mesEnd));
+			}
+		}
+
+		private PkixCertPathValidatorResult DoTest(
+			string trustAnchor,
+			string[] certs,
+			string[] crls)
+		{
+			return DoTest(trustAnchor, certs, crls, null);
+		}
+
+		private PkixCertPathValidatorResult DoTest(
+			string trustAnchor,
+			string[] certs,
+			string[] crls,
+			ISet policies)
+		{
+			ISet trustedSet = new HashSet();
+			trustedSet.Add(GetTrustAnchor(trustAnchor));
+
+			IList x509Certs = new ArrayList();
+			IList x509Crls = new ArrayList();
+			X509Certificate endCert = LoadCert(certs[certs.Length - 1]);
+
+			for (int i = 0; i != certs.Length - 1; i++)
+			{
+				x509Certs.Add(LoadCert(certs[i]));
+			}
+
+			x509Certs.Add(endCert);
+
+			PkixCertPath certPath = new PkixCertPath(x509Certs);
+
+			for (int i = 0; i != crls.Length; i++)
+			{
+				x509Crls.Add(LoadCrl(crls[i]));
+			}
+
+			IX509Store x509CertStore = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(x509Certs));
+			IX509Store x509CrlStore = X509StoreFactory.Create(
+				"CRL/Collection",
+				new X509CollectionStoreParameters(x509Crls));
+
+//			CertPathValidator validator = CertPathValidator.GetInstance("PKIX");
+			PkixCertPathValidator validator = new PkixCertPathValidator();
+			PkixParameters parameters = new PkixParameters(trustedSet);
+
+			parameters.AddStore(x509CertStore);
+			parameters.AddStore(x509CrlStore);
+			parameters.IsRevocationEnabled = true;
+
+			if (policies != null)
+			{
+				parameters.IsExplicitPolicyRequired = true;
+				parameters.SetInitialPolicies(policies);
+			}
+
+			// Perform validation as of this date since test certs expired
+			parameters.Date = new DateTimeObject(DateTime.Parse("1/1/2011"));
+
+			return validator.Validate(certPath, parameters);
+		}
+
+		private PkixCertPathBuilderResult doBuilderTest(
+			string		trustAnchor,
+			string[]	certs,
+			string[]	crls,
+			ISet		initialPolicies,
+			bool		policyMappingInhibited,
+			bool		anyPolicyInhibited)
+		{
+			ISet trustedSet = new HashSet();
+			trustedSet.Add(GetTrustAnchor(trustAnchor));
+
+			IList x509Certs = new ArrayList();
+			IList x509Crls = new ArrayList();
+			X509Certificate endCert = LoadCert(certs[certs.Length - 1]);
+
+			for (int i = 0; i != certs.Length - 1; i++)
+			{
+				x509Certs.Add(LoadCert(certs[i]));
+			}
+
+			x509Certs.Add(endCert);
+
+			for (int i = 0; i != crls.Length; i++)
+			{
+				x509Crls.Add(LoadCrl(crls[i]));
+			}
+
+			IX509Store x509CertStore = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(x509Certs));
+			IX509Store x509CrlStore = X509StoreFactory.Create(
+				"CRL/Collection",
+				new X509CollectionStoreParameters(x509Crls));
+
+//			CertPathBuilder builder = CertPathBuilder.GetInstance("PKIX");   
+			PkixCertPathBuilder builder = new PkixCertPathBuilder();
+
+			X509CertStoreSelector endSelector = new X509CertStoreSelector();
+
+			endSelector.Certificate = endCert;
+
+			PkixBuilderParameters builderParams = new PkixBuilderParameters(trustedSet, endSelector);
+
+			if (initialPolicies != null)
+			{
+				builderParams.SetInitialPolicies(initialPolicies);
+				builderParams.IsExplicitPolicyRequired = true;
+			}
+			if (policyMappingInhibited)
+			{
+				builderParams.IsPolicyMappingInhibited = policyMappingInhibited;
+			}
+			if (anyPolicyInhibited)
+			{
+				builderParams.IsAnyPolicyInhibited = anyPolicyInhibited;
+			}
+
+			builderParams.AddStore(x509CertStore);
+			builderParams.AddStore(x509CrlStore);
+
+			// Perform validation as of this date since test certs expired
+			builderParams.Date = new DateTimeObject(DateTime.Parse("1/1/2011"));
+
+			try
+			{
+				return (PkixCertPathBuilderResult) builder.Build(builderParams);
+			}
+			catch (PkixCertPathBuilderException e)
+			{               
+				throw e.InnerException;
+			}
+		}
+
+		private X509Certificate LoadCert(
+			string certName)
+		{
+			X509Certificate cert = (X509Certificate)certs[certName];
+
+			if (cert != null)
+			{
+				return cert;
+			}
+
+			Stream fs = null;
+
+			try
+			{
+				fs = SimpleTest.GetTestDataAsStream("PKITS.certs." + certName + ".crt");
+
+				cert = new X509CertificateParser().ReadCertificate(fs);
+
+				certs[certName] = cert;
+
+				return cert;
+			}
+			catch (Exception e)
+			{
+				throw new InvalidOperationException("exception loading certificate " + certName + ": " + e);
+			}
+			finally
+			{
+				fs.Close();
+			}
+		}
+
+		private X509Crl LoadCrl(
+			string crlName)
+			//throws Exception
+		{
+			X509Crl crl = (X509Crl)certs[crlName];
+        
+			if (crl != null)
+			{
+				return crl;
+			}
+
+			Stream fs = null;
+
+			try
+			{
+				fs = SimpleTest.GetTestDataAsStream("PKITS.crls." + crlName + ".crl");
+
+				crl = new X509CrlParser().ReadCrl(fs);
+
+				crls[crlName] = crl;
+
+				return crl;
+			}
+			catch (Exception)
+			{
+				throw new InvalidOperationException("exception loading CRL: " + crlName);
+			}
+			finally
+			{
+				fs.Close();
+			}
+		}
+
+		private TrustAnchor GetTrustAnchor(string trustAnchorName)
+		{
+			X509Certificate cert = LoadCert(trustAnchorName);
+			Asn1OctetString extBytes = cert.GetExtensionValue(X509Extensions.NameConstraints);
+
+			if (extBytes != null)
+			{
+				Asn1Encodable extValue = X509ExtensionUtilities.FromExtensionValue(extBytes);
+
+				return new TrustAnchor(cert, extValue.GetDerEncoded());
+			}
+
+			return new TrustAnchor(cert, null);
+		}
+	}
+}
diff --git a/crypto/test/src/test/rsa3/RSA3CertTest.cs b/crypto/test/src/test/rsa3/RSA3CertTest.cs
new file mode 100644
index 000000000..913f4f015
--- /dev/null
+++ b/crypto/test/src/test/rsa3/RSA3CertTest.cs
@@ -0,0 +1,127 @@
+using System;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.OpenSsl;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Test;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Tests.Rsa3
+{
+	/**
+	* Marius Schilder's Bleichenbacher's Forgery Attack Tests
+	*/
+	[TestFixture]
+	public class RSA3CertTest
+		//extends TestCase
+	{
+		[Test]
+		public void TestA()
+		{
+			doTest("self-testcase-A.pem");
+		}
+
+		[Test]
+		public void TestB()
+		{
+			doTest("self-testcase-B.pem");
+		}
+
+		[Test]
+		public void TestC()
+		{
+			doTest("self-testcase-C.pem");
+		}
+
+		[Test]
+		public void TestD()
+		{
+			doTest("self-testcase-D.pem");
+		}
+
+		[Test]
+		public void TestE()
+		{
+			doTest("self-testcase-E.pem");
+		}
+
+		[Test]
+		public void TestF()
+		{
+			doTest("self-testcase-F.pem");
+		}
+
+		[Test]
+		public void TestG()
+		{
+			doTest("self-testcase-G.pem");
+		}
+
+		[Test]
+		public void TestH()
+		{
+			doTest("self-testcase-H.pem");
+		}
+
+		[Test]
+		public void TestI()
+		{
+			doTest("self-testcase-I.pem");
+		}
+
+		[Test]
+		public void TestJ()
+		{
+			doTest("self-testcase-J.pem");
+		}
+
+		[Test]
+		public void TestL()
+		{
+			doTest("self-testcase-L.pem");
+		}
+
+		private void doTest(
+			string certName)
+		{
+			X509Certificate cert = loadCert(certName);
+			byte[] tbs = cert.GetTbsCertificate();
+			ISigner sig = SignerUtilities.GetSigner(cert.SigAlgName);
+
+			sig.Init(false, cert.GetPublicKey());
+
+			sig.BlockUpdate(tbs, 0, tbs.Length);
+
+			Assert.IsFalse(sig.VerifySignature(cert.GetSignature()));
+		}
+
+		private X509Certificate loadCert(
+			string certName)
+		{
+			Stream s = SimpleTest.GetTestDataAsStream("rsa3." + certName);
+			TextReader tr = new StreamReader(s);
+			PemReader rd = new PemReader(tr);
+
+			return (X509Certificate) rd.ReadObject();
+		}
+
+//		public static void main (string[] args) 
+//			throws Exception
+//		{
+//			junit.textui.TestRunner.run(suite());
+//		}
+//	    
+//		public static Test suite() 
+//			throws Exception
+//		{   
+//			TestSuite suite = new TestSuite("Bleichenbacher's Forgery Attack Tests");
+//	        
+//			suite.addTestSuite(RSA3CertTest.class);
+//	        
+//			return suite;
+//		}
+	}
+}
diff --git a/crypto/test/src/tsp/test/AllTests.cs b/crypto/test/src/tsp/test/AllTests.cs
new file mode 100644
index 000000000..66dc9c480
--- /dev/null
+++ b/crypto/test/src/tsp/test/AllTests.cs
@@ -0,0 +1,32 @@
+using System;
+
+using NUnit.Core;
+using NUnit.Framework;
+
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Tsp.Tests
+{
+    public class AllTests
+    {
+        public static void Main(
+			string[] args)
+        {
+            //junit.textui.TestRunner.run(suite());
+            EventListener el = new NullListener();
+            suite().Run(el);
+        }
+
+		public static TestSuite suite()
+        {
+            TestSuite suite = new TestSuite("TSP Tests");
+
+			suite.Add(new GenTimeAccuracyUnitTest());
+			suite.Add(new ParseTest());
+			suite.Add(new TimeStampTokenInfoUnitTest());
+			suite.Add(new TspTest());
+
+			return suite;
+        }
+    }
+}
diff --git a/crypto/test/src/tsp/test/GenTimeAccuracyTest.cs b/crypto/test/src/tsp/test/GenTimeAccuracyTest.cs
new file mode 100644
index 000000000..01cc83d53
--- /dev/null
+++ b/crypto/test/src/tsp/test/GenTimeAccuracyTest.cs
@@ -0,0 +1,116 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Tsp;
+
+namespace Org.BouncyCastle.Tsp.Tests
+{
+	[TestFixture]
+	public class GenTimeAccuracyUnitTest
+	{
+		private static readonly DerInteger ZERO_VALUE = new DerInteger(0);
+		private static readonly DerInteger ONE_VALUE = new DerInteger(1);
+		private static readonly DerInteger TWO_VALUE = new DerInteger(2);
+		private static readonly DerInteger THREE_VALUE = new DerInteger(3);
+
+		[Test]
+		public void TestOneTwoThree()
+		{
+			GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(ONE_VALUE, TWO_VALUE, THREE_VALUE));
+
+			checkValues(accuracy, ONE_VALUE, TWO_VALUE, THREE_VALUE);
+
+			checkTostring(accuracy, "1.002003");
+		}
+
+		[Test]
+		public void TestThreeTwoOne()
+		{
+			GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(THREE_VALUE, TWO_VALUE, ONE_VALUE));
+
+			checkValues(accuracy, THREE_VALUE, TWO_VALUE, ONE_VALUE);
+
+			checkTostring(accuracy, "3.002001");
+		}
+
+		[Test]
+		public void TestTwoThreeTwo()
+		{
+			GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(TWO_VALUE, THREE_VALUE, TWO_VALUE));
+
+			checkValues(accuracy, TWO_VALUE, THREE_VALUE, TWO_VALUE);
+
+			checkTostring(accuracy, "2.003002");
+		}
+
+		[Test]
+		public void TestZeroTwoThree()
+		{
+			GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(ZERO_VALUE, TWO_VALUE, THREE_VALUE));
+
+			checkValues(accuracy, ZERO_VALUE, TWO_VALUE, THREE_VALUE);
+
+			checkTostring(accuracy, "0.002003");
+		}
+
+		[Test]
+		public void TestThreeTwoNull()
+		{
+			GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(THREE_VALUE, TWO_VALUE, null));
+
+			checkValues(accuracy, THREE_VALUE, TWO_VALUE, ZERO_VALUE);
+
+			checkTostring(accuracy, "3.002000");
+		}
+
+		[Test]
+		public void TestOneNullOne()
+		{
+			GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(ONE_VALUE, null, ONE_VALUE));
+
+			checkValues(accuracy, ONE_VALUE, ZERO_VALUE, ONE_VALUE);
+
+			checkTostring(accuracy, "1.000001");
+		}
+
+		[Test]
+		public void TestZeroNullNull()
+		{
+			GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(ZERO_VALUE, null, null));
+
+			checkValues(accuracy, ZERO_VALUE, ZERO_VALUE, ZERO_VALUE);
+
+			checkTostring(accuracy, "0.000000");
+		}
+
+		[Test]
+		public void TestNullNullNull()
+		{
+			GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(null, null, null));
+
+			checkValues(accuracy, ZERO_VALUE, ZERO_VALUE, ZERO_VALUE);
+
+			checkTostring(accuracy, "0.000000");
+		}
+
+		private void checkValues(
+			GenTimeAccuracy accuracy,
+			DerInteger      secs,
+			DerInteger      millis,
+			DerInteger      micros)
+		{
+			Assert.AreEqual(secs.Value.IntValue, accuracy.Seconds);
+			Assert.AreEqual(millis.Value.IntValue, accuracy.Millis);
+			Assert.AreEqual(micros.Value.IntValue, accuracy.Micros);
+		}
+
+		private void checkTostring(
+			GenTimeAccuracy	accuracy,
+			string			expected)
+		{
+			Assert.AreEqual(expected, accuracy.ToString());
+		}
+	}
+}
diff --git a/crypto/test/src/tsp/test/ParseTest.cs b/crypto/test/src/tsp/test/ParseTest.cs
new file mode 100644
index 000000000..ec9ba72f6
--- /dev/null
+++ b/crypto/test/src/tsp/test/ParseTest.cs
@@ -0,0 +1,396 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Cmp;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Tsp.Tests
+{
+	[TestFixture]
+	public class ParseTest
+	{
+		private static readonly byte[] sha1Request = Base64.Decode("MDACAQEwITAJBgUrDgMCGgUABBT5UbEBmJssO3RxcQtOePxNvfoMpgIIC+GvYW2mtZQ=");
+		private static readonly byte[] sha1noNonse = Base64.Decode("MCYCAQEwITAJBgUrDgMCGgUABBT5UbEBmJssO3RxcQtOePxNvfoMpg==");
+		private static readonly byte[] md5Request = Base64.Decode("MDoCAQEwIDAMBggqhkiG9w0CBQUABBDIl9FBCvjyx0+6EbHbUR6eBgkrBgEEAakHBQECCDQluayIxIzn");
+		private static readonly byte[] ripemd160Request = Base64.Decode("MD8CAQEwITAJBgUrJAMCAQUABBSq03a/mk50Yd9lMF+BSqOp/RHGQQYJKwYBBAGpBwUBAgkA4SZs9NfqISMBAf8=");
+
+		private static readonly byte[] sha1Response = Base64.Decode(
+			  "MIICbDADAgEAMIICYwYJKoZIhvcNAQcCoIICVDCCAlACAQMxCzAJBgUrDgMC"
+			+ "GgUAMIHaBgsqhkiG9w0BCRABBKCBygSBxzCBxAIBAQYEKgMEATAhMAkGBSsO"
+			+ "AwIaBQAEFPlRsQGYmyw7dHFxC054/E29+gymAgEEGA8yMDA0MTIwOTA3NTIw"
+			+ "NVowCgIBAYACAfSBAWQBAf8CCAvhr2FtprWUoGmkZzBlMRgwFgYDVQQDEw9F"
+			+ "cmljIEguIEVjaGlkbmExJDAiBgkqhkiG9w0BCQEWFWVyaWNAYm91bmN5Y2Fz"
+			+ "dGxlLm9yZzEWMBQGA1UEChMNQm91bmN5IENhc3RsZTELMAkGA1UEBhMCQVUx"
+			+ "ggFfMIIBWwIBATAqMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJBgNV"
+			+ "BAYTAkFVAgECMAkGBSsOAwIaBQCggYwwGgYJKoZIhvcNAQkDMQ0GCyqGSIb3"
+			+ "DQEJEAEEMBwGCSqGSIb3DQEJBTEPFw0wNDEyMDkwNzUyMDVaMCMGCSqGSIb3"
+			+ "DQEJBDEWBBTGR1cbm94tWbcpDWrH+bD8UYePsTArBgsqhkiG9w0BCRACDDEc"
+			+ "MBowGDAWBBS37aLzFcheqeJ5cla0gjNWHGKbRzANBgkqhkiG9w0BAQEFAASB"
+			+ "gBrc9CJ3xlcTQuWQXJUqPEn6f6vfJAINKsn22z8LIfS/2p/CTFU6+W/bz8j8"
+			+ "j+8uWEJe8okTsI0FflljIsspqOPTB/RrnXteajbkuk/rLmz1B2g/qWBGAzPI"
+			+ "D214raBc1a7Bpd76PkvSSdjqrEaaskd+7JJiPr9l9yeSoh1AIt0N");
+
+		private static readonly byte[] sha1noNonseResponse = Base64.Decode(
+			  "MIICYjADAgEAMIICWQYJKoZIhvcNAQcCoIICSjCCAkYCAQMxCzAJBgUrDgMC"
+			+ "GgUAMIHQBgsqhkiG9w0BCRABBKCBwASBvTCBugIBAQYEKgMEATAhMAkGBSsO"
+			+ "AwIaBQAEFPlRsQGYmyw7dHFxC054/E29+gymAgECGA8yMDA0MTIwOTA3MzQx"
+			+ "MlowCgIBAYACAfSBAWQBAf+gaaRnMGUxGDAWBgNVBAMTD0VyaWMgSC4gRWNo"
+			+ "aWRuYTEkMCIGCSqGSIb3DQEJARYVZXJpY0Bib3VuY3ljYXN0bGUub3JnMRYw"
+			+ "FAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVTGCAV8wggFbAgEB"
+			+ "MCowJTEWMBQGA1UEChMNQm91bmN5IENhc3RsZTELMAkGA1UEBhMCQVUCAQIw"
+			+ "CQYFKw4DAhoFAKCBjDAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQAQQwHAYJ"
+			+ "KoZIhvcNAQkFMQ8XDTA0MTIwOTA3MzQxMlowIwYJKoZIhvcNAQkEMRYEFMNA"
+			+ "xlscHYiByHL9DIEh3FewIhgSMCsGCyqGSIb3DQEJEAIMMRwwGjAYMBYEFLft"
+			+ "ovMVyF6p4nlyVrSCM1YcYptHMA0GCSqGSIb3DQEBAQUABIGAaj46Tarrg7V7"
+			+ "z13bbetrGv+xy159eE8kmIW9nPegru3DuK/GmbMx9W3l0ydx0zdXRwYi6NZc"
+			+ "nNqbEZQZ2L1biJVTflgWq4Nxu4gPGjH/BGHKdH/LyW4eDcXZR39AkNBMnDAK"
+			+ "EmhhJo1/Tc+S/WkV9lnHJCPIn+TAijBUO6EiTik=");
+
+		private static readonly byte[] md5Response = Base64.Decode(
+			  "MIICcDADAgEAMIICZwYJKoZIhvcNAQcCoIICWDCCAlQCAQMxCzAJBgUrDgMC"
+			+ "GgUAMIHeBgsqhkiG9w0BCRABBKCBzgSByzCByAIBAQYJKwYBBAGpBwUBMCAw"
+			+ "DAYIKoZIhvcNAgUFAAQQyJfRQQr48sdPuhGx21EengIBAxgPMjAwNDEyMDkw"
+			+ "NzQ2MTZaMAoCAQGAAgH0gQFkAQH/Agg0JbmsiMSM56BppGcwZTEYMBYGA1UE"
+			+ "AxMPRXJpYyBILiBFY2hpZG5hMSQwIgYJKoZIhvcNAQkBFhVlcmljQGJvdW5j"
+			+ "eWNhc3RsZS5vcmcxFjAUBgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJBgNVBAYT"
+			+ "AkFVMYIBXzCCAVsCAQEwKjAlMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQsw"
+			+ "CQYDVQQGEwJBVQIBAjAJBgUrDgMCGgUAoIGMMBoGCSqGSIb3DQEJAzENBgsq"
+			+ "hkiG9w0BCRABBDAcBgkqhkiG9w0BCQUxDxcNMDQxMjA5MDc0NjE2WjAjBgkq"
+			+ "hkiG9w0BCQQxFgQUFpRpaiRUUjiY7EbefbWLKDIY0XMwKwYLKoZIhvcNAQkQ"
+			+ "AgwxHDAaMBgwFgQUt+2i8xXIXqnieXJWtIIzVhxim0cwDQYJKoZIhvcNAQEB"
+			+ "BQAEgYBTwKsLLrQm+bvKV7Jwto/cMQh0KsVB5RoEeGn5CI9XyF2Bm+JRcvQL"
+			+ "Nm7SgSOBVt4A90TqujxirNeyQnXRiSnFvXd09Wet9WIQNpwpiGlE7lCrAhuq"
+			+ "/TAUe79VIpoQZDtyhbh0Vzxl24yRoechabC0zuPpOWOzrA4YC3Hv1J2tAA==");
+
+		private static readonly byte[] signingCert = Base64.Decode(
+			  "MIICWjCCAcOgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAlMRYwFAYDVQQKEw1Cb3Vu"
+			+ "Y3kgQ2FzdGxlMQswCQYDVQQGEwJBVTAeFw0wNDEyMDkwNzEzMTRaFw0wNTAzMTkw"
+			+ "NzEzMTRaMGUxGDAWBgNVBAMTD0VyaWMgSC4gRWNoaWRuYTEkMCIGCSqGSIb3DQEJ"
+			+ "ARYVZXJpY0Bib3VuY3ljYXN0bGUub3JnMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxl"
+			+ "MQswCQYDVQQGEwJBVTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqGAFO3dK"
+			+ "jB7Ca7u5Z3CabsbGr2Exg+3sztSPiRCIba03es4295EhtDF5bXQvrW2R1Bg72vED"
+			+ "5tWaQjVDetvDfCzVC3ErHLTVk3OgpLIP1gf2T0LcOH2pTh2LP9c5Ceta+uggK8zK"
+			+ "9sYUUnzGPSAZxrqHIIAlPIgqk0BMV+KApyECAwEAAaNaMFgwHQYDVR0OBBYEFO4F"
+			+ "YoqogtB9MjD0NB5x5HN3TrGUMB8GA1UdIwQYMBaAFPXAecuwLqNkCxYVLE/ngFQR"
+			+ "7RLIMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMIMA0GCSqGSIb3DQEBBAUAA4GBADGi"
+			+ "D5/qmGvcBgswEM/z2dF4lOxbTNKUW31ZHiU8CXlN0IkFtNbBLBTbJOQIAUnNEabL"
+			+ "T7aYgj813OZKUbJTx4MuGChhot/TEP7hKo/xz9OnXLsqYDKbqbo8iLOode+SI7II"
+			+ "+yYghOtqvx32cL2Qmffi1LaMbhJP+8NbsIxowdRC");
+
+		private static readonly byte[] unacceptablePolicy = Base64.Decode(
+			"MDAwLgIBAjAkDCJSZXF1ZXN0ZWQgcG9saWN5IGlzIG5vdCBzdXBwb3J0ZWQuAwMAAAE=");
+
+		private static readonly byte[] generalizedTime = Base64.Decode(
+			  "MIIKPTADAgEAMIIKNAYJKoZIhvcNAQcCoIIKJTCCCiECAQMxCzAJBgUrDgMC"
+			+ "GgUAMIIBGwYLKoZIhvcNAQkQAQSgggEKBIIBBjCCAQICAQEGCisGAQQBhFkK"
+			+ "AwEwITAJBgUrDgMCGgUABBQAAAAAAAAAAAAAAAAAAAAAAAAAAAICUC8YEzIw"
+			+ "MDUwMzEwMTA1ODQzLjkzM1owBIACAfQBAf8CAWSggaikgaUwgaIxCzAJBgNV"
+			+ "BAYTAkdCMRcwFQYDVQQIEw5DYW1icmlkZ2VzaGlyZTESMBAGA1UEBxMJQ2Ft"
+			+ "YnJpZGdlMSQwIgYDVQQKExtuQ2lwaGVyIENvcnBvcmF0aW9uIExpbWl0ZWQx"
+			+ "JzAlBgNVBAsTHm5DaXBoZXIgRFNFIEVTTjozMjJBLUI1REQtNzI1QjEXMBUG"
+			+ "A1UEAxMOZGVtby1kc2UyMDAtMDGgggaFMIID2TCCA0KgAwIBAgICAIswDQYJ"
+			+ "KoZIhvcNAQEFBQAwgYwxCzAJBgNVBAYTAkdCMRcwFQYDVQQIEw5DYW1icmlk"
+			+ "Z2VzaGlyZTESMBAGA1UEBxMJQ2FtYnJpZGdlMSQwIgYDVQQKExtuQ2lwaGVy"
+			+ "IENvcnBvcmF0aW9uIExpbWl0ZWQxGDAWBgNVBAsTD1Byb2R1Y3Rpb24gVEVT"
+			+ "VDEQMA4GA1UEAxMHVEVTVCBDQTAeFw0wNDA2MTQxNDIzNTlaFw0wNTA2MTQx"
+			+ "NDIzNTlaMIGiMQswCQYDVQQGEwJHQjEXMBUGA1UECBMOQ2FtYnJpZGdlc2hp"
+			+ "cmUxEjAQBgNVBAcTCUNhbWJyaWRnZTEkMCIGA1UEChMbbkNpcGhlciBDb3Jw"
+			+ "b3JhdGlvbiBMaW1pdGVkMScwJQYDVQQLEx5uQ2lwaGVyIERTRSBFU046MzIy"
+			+ "QS1CNURELTcyNUIxFzAVBgNVBAMTDmRlbW8tZHNlMjAwLTAxMIGfMA0GCSqG"
+			+ "SIb3DQEBAQUAA4GNADCBiQKBgQC7zUamCeLIApddx1etW5YEFrL1WXnlCd7j"
+			+ "mMFI6RpSq056LBkF1z5LgucLY+e/c3u2Nw+XJuS3a2fKuBD7I1s/6IkVtIb/"
+			+ "KLDjjafOnottKhprH8K41siJUeuK3PRzfZ5kF0vwB3rNvWPCBJmp7kHtUQw3"
+			+ "RhIsJTYs7Wy8oVFHVwIDAQABo4IBMDCCASwwCQYDVR0TBAIwADAWBgNVHSUB"
+			+ "Af8EDDAKBggrBgEFBQcDCDAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5l"
+			+ "cmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFDlEe9Pd0WwQrtnEmFRI2Vmt"
+			+ "b+lCMIG5BgNVHSMEgbEwga6AFNy1VPweOQLC65bs6/0RcUYB19vJoYGSpIGP"
+			+ "MIGMMQswCQYDVQQGEwJHQjEXMBUGA1UECBMOQ2FtYnJpZGdlc2hpcmUxEjAQ"
+			+ "BgNVBAcTCUNhbWJyaWRnZTEkMCIGA1UEChMbbkNpcGhlciBDb3Jwb3JhdGlv"
+			+ "biBMaW1pdGVkMRgwFgYDVQQLEw9Qcm9kdWN0aW9uIFRFU1QxEDAOBgNVBAMT"
+			+ "B1RFU1QgQ0GCAQAwDQYJKoZIhvcNAQEFBQADgYEASEMlrpRE1RYZPxP3530e"
+			+ "hOYUDjgQbw0dwpPjQtLWkeJrePMzDBAbuWwpRI8dOzKP3Rnrm5rxJ7oLY2S0"
+			+ "A9ZfV+iwFKagEHFytfnPm2Y9AeNR7a3ladKd7NFMw+5Tbk7Asbetbb+NJfCl"
+			+ "9YzHwxLGiQbpKxgc+zYOjq74eGLKtcKhggKkMIICDQIBATCB0qGBqKSBpTCB"
+			+ "ojELMAkGA1UEBhMCR0IxFzAVBgNVBAgTDkNhbWJyaWRnZXNoaXJlMRIwEAYD"
+			+ "VQQHEwlDYW1icmlkZ2UxJDAiBgNVBAoTG25DaXBoZXIgQ29ycG9yYXRpb24g"
+			+ "TGltaXRlZDEnMCUGA1UECxMebkNpcGhlciBEU0UgRVNOOjMyMkEtQjVERC03"
+			+ "MjVCMRcwFQYDVQQDEw5kZW1vLWRzZTIwMC0wMaIlCgEBMAkGBSsOAwIaBQAD"
+			+ "FQDaLe88TQvM+iMKmIXMmDSyPCZ/+KBmMGSkYjBgMQswCQYDVQQGEwJVUzEk"
+			+ "MCIGA1UEChMbbkNpcGhlciBDb3Jwb3JhdGlvbiBMaW1pdGVkMRgwFgYDVQQL"
+			+ "Ew9Qcm9kdWN0aW9uIFRlc3QxETAPBgNVBAMTCFRlc3QgVE1DMA0GCSqGSIb3"
+			+ "DQEBBQUAAgjF2jVbAAAAADAiGA8yMDA1MDMxMDAyNTQxOVoYDzIwMDUwMzEz"
+			+ "MDI1NDE5WjCBjTBLBgorBgEEAYRZCgQBMT0wOzAMAgTF2jVbAgQAAAAAMA8C"
+			+ "BAAAAAACBAAAaLkCAf8wDAIEAAAAAAIEAAKV/DAMAgTF3inbAgQAAAAAMD4G"
+			+ "CisGAQQBhFkKBAIxMDAuMAwGCisGAQQBhFkKAwGgDjAMAgQAAAAAAgQAB6Eg"
+			+ "oQ4wDAIEAAAAAAIEAAPQkDANBgkqhkiG9w0BAQUFAAOBgQB1q4d3GNWk7oAT"
+			+ "WkpYmZaTFvapMhTwAmAtSGgFmNOZhs21iHWl/X990/HEBsduwxohfrd8Pz64"
+			+ "hV/a76rpeJCVUfUNmbRIrsurFx6uKwe2HUHKW8grZWeCD1L8Y1pKQdrD41gu"
+			+ "v0msfOXzLWW+xe5BcJguKclN8HmT7s2odtgiMTGCAmUwggJhAgEBMIGTMIGM"
+			+ "MQswCQYDVQQGEwJHQjEXMBUGA1UECBMOQ2FtYnJpZGdlc2hpcmUxEjAQBgNV"
+			+ "BAcTCUNhbWJyaWRnZTEkMCIGA1UEChMbbkNpcGhlciBDb3Jwb3JhdGlvbiBM"
+			+ "aW1pdGVkMRgwFgYDVQQLEw9Qcm9kdWN0aW9uIFRFU1QxEDAOBgNVBAMTB1RF"
+			+ "U1QgQ0ECAgCLMAkGBSsOAwIaBQCgggEnMBoGCSqGSIb3DQEJAzENBgsqhkiG"
+			+ "9w0BCRABBDAjBgkqhkiG9w0BCQQxFgQUi1iYx5H3ACnvngWZTPfdxGswkSkw"
+			+ "geMGCyqGSIb3DQEJEAIMMYHTMIHQMIHNMIGyBBTaLe88TQvM+iMKmIXMmDSy"
+			+ "PCZ/+DCBmTCBkqSBjzCBjDELMAkGA1UEBhMCR0IxFzAVBgNVBAgTDkNhbWJy"
+			+ "aWRnZXNoaXJlMRIwEAYDVQQHEwlDYW1icmlkZ2UxJDAiBgNVBAoTG25DaXBo"
+			+ "ZXIgQ29ycG9yYXRpb24gTGltaXRlZDEYMBYGA1UECxMPUHJvZHVjdGlvbiBU"
+			+ "RVNUMRAwDgYDVQQDEwdURVNUIENBAgIAizAWBBSpS/lH6bN/wf3E2z2X29vF"
+			+ "2U7YHTANBgkqhkiG9w0BAQUFAASBgGvDVsgsG5I5WKjEDVHvdRwUx+8Cp10l"
+			+ "zGF8o1h7aK5O3zQ4jLayYHea54E5+df35gG7Z3eoOy8E350J7BvHiwDLTqe8"
+			+ "SoRlGs9VhL6LMmCcERfGSlSn61Aa15iXZ8eHMSc5JTeJl+kqy4I3FPP4m2ai"
+			+ "8wy2fQhn7hUM8Ntg7Y2s");
+
+		private static readonly byte[] v2SigningCertResponse = Base64.Decode(
+			  "MIIPPTADAgEAMIIPNAYJKoZIhvcNAQcCoIIPJTCCDyECAQMxDzANBglghkgBZQMEAgEFADCB6QYL"
+			+ "KoZIhvcNAQkQAQSggdkEgdYwgdMCAQEGBgQAj2cBATAxMA0GCWCGSAFlAwQCAQUABCBcU0GN08TA"
+			+ "LUFi7AAwQwVkSXqGu9tAzvJ7EXW7SMXHHQIRAM7Fa7g6tMvZI3dgllwMfpcYDzIwMDcxMjExMTAy"
+			+ "MTU5WjADAgEBAgYBFsi5OlmgYqRgMF4xCzAJBgNVBAYTAkRFMSQwIgYDVQQKDBtEZXV0c2NoZSBS"
+			+ "ZW50ZW52ZXJzaWNoZXJ1bmcxEzARBgNVBAsMClFDIFJvb3QgQ0ExFDASBgNVBAMMC1FDIFJvb3Qg"
+			+ "VFNQoIILQjCCBwkwggXxoAMCAQICAwN1pjANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJERTEk"
+			+ "MCIGA1UECgwbRGV1dHNjaGUgUmVudGVudmVyc2ljaGVydW5nMRMwEQYDVQQLDApRQyBSb290IENB"
+			+ "MB4XDTA3MTEyMDE2MDcyMFoXDTEyMDcyNzIwMjExMVowXjELMAkGA1UEBhMCREUxJDAiBgNVBAoM"
+			+ "G0RldXRzY2hlIFJlbnRlbnZlcnNpY2hlcnVuZzETMBEGA1UECwwKUUMgUm9vdCBDQTEUMBIGA1UE"
+			+ "AwwLUUMgUm9vdCBUU1AwggEkMA0GCSqGSIb3DQEBAQUAA4IBEQAwggEMAoIBAQCv1vO+EtGnJNs0"
+			+ "atv76BAJXs4bmO8yzVwe3RUtgeu5z9iefh8P46i1g3EL2CD15NcTfoHksr5KudNY30olfjHG7lIu"
+			+ "MO3R5sAcrGDPP7riZJnaI6VD/e6kVR569VBid5z105fJAB7mID7+Bn7pdRwDW3Fy2CzfofXGuvrO"
+			+ "GPNEWq8x8kqqf75DB5nAs5QP8H41obkdkap2ttHkkPZCiMghTs8iHfpJ0STn47MKq+QrUmuATMZi"
+			+ "XrdEfb7f3TBMjO0UVJF64Mh+kC9GtUEHlcm0Tq2Pk5XIUxWEyL94rZ4UWcVdSVE7IjggV2MifMNx"
+			+ "geZO3SwsDZk71AhDBy30CSzBAgUAx3HB5aOCA+IwggPeMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMI"
+			+ "MBMGA1UdIwQMMAqACECefuBmflfeMBgGCCsGAQUFBwEDBAwwCjAIBgYEAI5GAQEwUAYIKwYBBQUH"
+			+ "AQEERDBCMEAGCCsGAQUFBzABhjRodHRwOi8vb2NzcC1yb290cWMudGMuZGV1dHNjaGUtcmVudGVu"
+			+ "dmVyc2ljaGVydW5nLmRlMHcGA1UdIARwMG4wbAYNKwYBBAGBrTwBCAEBAzBbMFkGCCsGAQUFBwIB"
+			+ "Fk1odHRwOi8vd3d3LmRldXRzY2hlLXJlbnRlbnZlcnNpY2hlcnVuZy1idW5kLmRlL3N0YXRpYy90"
+			+ "cnVzdGNlbnRlci9wb2xpY3kuaHRtbDCCATwGA1UdHwSCATMwggEvMHygeqB4hnZsZGFwOi8vZGly"
+			+ "LnRjLmRldXRzY2hlLXJlbnRlbnZlcnNpY2hlcnVuZy5kZS9vdT1RQyUyMFJvb3QlMjBDQSxjbj1Q"
+			+ "dWJsaWMsbz1EUlYsYz1ERT9hdHRybmFtZT1jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0MIGuoIGr"
+			+ "oIGohoGlaHR0cDovL2Rpci50Yy5kZXV0c2NoZS1yZW50ZW52ZXJzaWNoZXJ1bmcuZGU6ODA4OS9z"
+			+ "ZXJ2bGV0L0Rpclh3ZWIvQ2EveC5jcmw/ZG49b3UlM0RRQyUyMFJvb3QlMjBDQSUyQ2NuJTNEUHVi"
+			+ "bGljJTJDbyUzRERSViUyQ2MlM0RERSZhdHRybmFtZT1jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0"
+			+ "MIIBLQYDVR0SBIIBJDCCASCGdGxkYXA6Ly9kaXIudGMuZGV1dHNjaGUtcmVudGVudmVyc2ljaGVy"
+			+ "dW5nLmRlL2NuPTE0NTUxOCxvdT1RQyUyMFJvb3QlMjBDQSxjbj1QdWJsaWMsbz1EUlYsYz1ERT9h"
+			+ "dHRybmFtZT1jQUNlcnRpZmljYXRlhoGnaHR0cDovL2Rpci50Yy5kZXV0c2NoZS1yZW50ZW52ZXJz"
+			+ "aWNoZXJ1bmcuZGU6ODA4OS9zZXJ2bGV0L0Rpclh3ZWIvQ2EveC5jZXI/ZG49Y24lM0QxNDU1MTgl"
+			+ "MkNvdSUzRFFDJTIwUm9vdCUyMENBJTJDY24lM0RQdWJsaWMlMkNvJTNERFJWJTJDYyUzRERFJmF0"
+			+ "dHJuYW1lPWNBQ2VydGlmaWNhdGUwDgYDVR0PAQH/BAQDAgZAMDsGA1UdCQQ0MDIwMAYDVQQDMSkT"
+			+ "J1FDIFRTUCBEZXV0c2NoZSBSZW50ZW52ZXJzaWNoZXJ1bmcgMTpQTjAMBgNVHRMBAf8EAjAAMA0G"
+			+ "CSqGSIb3DQEBCwUAA4IBAQCCrWe3Pd3ioX7d8phXvVAa859Rvgf0k3pZ6R4GMj8h/k6MNjNIrdAs"
+			+ "wgUVkBbXMLLBk0smsvTdFIVtTBdp1urb9l7vXjDA4MckXBOXPcz4fN8Oswk92d+fM9XU1jKVPsFG"
+			+ "PV6j8lAqfq5jwaRxOnS96UBGLKG+NdcrEyiMp/ZkpqnEQZZfu2mkeq6CPahnbBTZqsE0jgY351gU"
+			+ "9T6SFVvLIFH7cOxJqsoxPqv5YEcgiXPpOyyu2rpQqKYBYcnerF6/zx5hmWHxTd7MWaTHm0gJI/Im"
+			+ "d8esbW+xyaJuAVUcBA+sDmSe8AAoRVxwBRY+xi9ApaJHpmwT+0n2K2GsL3wIMIIEMTCCAxmgAwIB"
+			+ "AgIDAjhuMA0GCSqGSIb3DQEBCwUAMEgxCzAJBgNVBAYTAkRFMSQwIgYDVQQKDBtEZXV0c2NoZSBS"
+			+ "ZW50ZW52ZXJzaWNoZXJ1bmcxEzARBgNVBAsMClFDIFJvb3QgQ0EwHhcNMDcwNzI3MjAyMTExWhcN"
+			+ "MTIwNzI3MjAyMTExWjBIMQswCQYDVQQGEwJERTEkMCIGA1UECgwbRGV1dHNjaGUgUmVudGVudmVy"
+			+ "c2ljaGVydW5nMRMwEQYDVQQLDApRQyBSb290IENBMIIBJDANBgkqhkiG9w0BAQEFAAOCAREAMIIB"
+			+ "DAKCAQEAzuhBdo9c84DdzsggjWOgfC4jJ2jYqpsOpBo3DVyem+5R26QK4feZdyFnaGvyG+TLcdLO"
+			+ "iCecGmrRGD+ey4IhjCONb7hsQQhJWTyDEtBblzYB0yjY8+9fnNeR61W+M/KlMgC6Rw/w+zwzklTM"
+			+ "MWwIbxLHm8l9jTSKFjAWTwjE8bCzpUCwN8+4JbFTwjwOJ5lsVA5Xa34wpgr6lgL3WrVTV1NSprqR"
+			+ "ZYDWg477tht0KkyOJt3guF3RONKBBuTO2qCbpUeI8m4v3tznoopYbV5Gp5wu5gqd6lTfgju3ldql"
+			+ "bxtuCLZd0nAI5rLEOPItDKl4vPXllmmtGIrtDZlwr86cbwIFAJvMJpGjggEgMIIBHDAPBgNVHRMB"
+			+ "Af8EBTADAQH/MBEGA1UdDgQKBAhAnn7gZn5X3jB3BgNVHSAEcDBuMGwGDSsGAQQBga08AQgBAQEw"
+			+ "WzBZBggrBgEFBQcCARZNaHR0cDovL3d3dy5kZXV0c2NoZS1yZW50ZW52ZXJzaWNoZXJ1bmctYnVu"
+			+ "ZC5kZS9zdGF0aWMvdHJ1c3RjZW50ZXIvcG9saWN5Lmh0bWwwUwYDVR0JBEwwSjBIBgNVBAMxQRM/"
+			+ "UUMgV3VyemVsemVydGlmaXppZXJ1bmdzc3RlbGxlIERldXRzY2hlIFJlbnRlbnZlcnNpY2hlcnVu"
+			+ "ZyAxOlBOMBgGCCsGAQUFBwEDBAwwCjAIBgYEAI5GAQEwDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3"
+			+ "DQEBCwUAA4IBAQBNGs7Dnc1yzzpZrkuC+oLv+NhbORTEYNgpaOetB1JQ1EbUBoPuNN4ih0ngy/uJ"
+			+ "D2O+h4JsNkmELgaehLWyFwATqCYZY4cTAGVoEwgn93x3aW8JbMDQf+YEJDSDsXcm4oIDFPqv5M6o"
+			+ "HZUWfsPka3mxKivfKtWhooTz1/+BEGReVQ2oOAvlwXlkEab9e3GOqXQUcLPYDTl8BQxiYhtQtf3d"
+			+ "kORiUkuGiGX1YJ5JnZnG3ElMjPgOl8rOiYU7oj9uv1HVb5sdAwuVw0BR/eiMVDBT8DNyfoJmPeQQ"
+			+ "A9pXtoAYO0Ya7wNNmCY2Y63YfBlRCF+9VQv2RZ4TdO1KGWwxR98OMYIC1zCCAtMCAQEwTzBIMQsw"
+			+ "CQYDVQQGEwJERTEkMCIGA1UECgwbRGV1dHNjaGUgUmVudGVudmVyc2ljaGVydW5nMRMwEQYDVQQL"
+			+ "DApRQyBSb290IENBAgMDdaYwDQYJYIZIAWUDBAIBBQCgggFZMBoGCSqGSIb3DQEJAzENBgsqhkiG"
+			+ "9w0BCRABBDAvBgkqhkiG9w0BCQQxIgQgO7FFODWWwF5RUjo6wjIkgkD5u7dH+NICiCpSgRRqd/Aw"
+			+ "ggEIBgsqhkiG9w0BCRACLzGB+DCB9TCB8jB3BCAMMZqK/5pZxOb3ruCbcgxStaTDwDHaf2glEo6P"
+			+ "+89t8TBTMEykSjBIMQswCQYDVQQGEwJERTEkMCIGA1UECgwbRGV1dHNjaGUgUmVudGVudmVyc2lj"
+			+ "aGVydW5nMRMwEQYDVQQLDApRQyBSb290IENBAgMDdaYwdwQgl7vwI+P47kpxhWLoIdEco7UfGwZ2"
+			+ "X4el3jaZ67q5/9IwUzBMpEowSDELMAkGA1UEBhMCREUxJDAiBgNVBAoMG0RldXRzY2hlIFJlbnRl"
+			+ "bnZlcnNpY2hlcnVuZzETMBEGA1UECwwKUUMgUm9vdCBDQQIDAjhuMA0GCSqGSIb3DQEBCwUABIIB"
+			+ "AIOYgpDI0BaeG4RF/EB5QzkUqAZ9nX6w895+m2hHyRKrAKdj3913j5QI+aEVIG3DVbFaAfdKeKfn"
+			+ "xsTW48aWs6aARtPAc+1OXwoGUSYElOFqqVpSeTaXe+kjY5bsLSQeETB+EPvXl8EcKTaxTRCNOqJU"
+			+ "XbnyYRgWTI55A2jH6IsQQVHc5DaIcmbdI8iATaRTHY5eUeVuI+Q/3RMVBFAb5qRhM61Ddcrjq058"
+			+ "C0uiH9G2IB5QRyu6RsCUgrkeMTMBqlIBlnDBy+EgLouDU4Dehxy5uzEl5DBKZEewZpQZOTO/kAgL"
+			+ "WruAAg/Lj4r0f9vN12wRlHoS2UKDjrE1DnUBbrM=");
+
+		public string Name
+		{
+			get { return "ParseTest"; }
+		}
+
+		private static void requestParse(
+			byte[]	request,
+			string	algorithm)
+		{
+			TimeStampRequest req = new TimeStampRequest(request);
+
+			if (!req.MessageImprintAlgOid.Equals(algorithm))
+			{
+				Assert.Fail("failed to get expected algorithm - got "
+					+ req.MessageImprintAlgOid + " not " + algorithm);
+			}
+
+			if (request != sha1Request && request != sha1noNonse)
+			{
+				if (!req.ReqPolicy.Equals(TspTestUtil.EuroPkiTsaTestPolicy.Id))
+				{
+					Assert.Fail("" + algorithm + " failed policy check.");
+				}
+
+				if (request == ripemd160Request)
+				{
+					if (!req.CertReq)
+					{
+						Assert.Fail("" + algorithm + " failed certReq check.");
+					}
+				}
+			}
+
+			Assert.AreEqual(1, req.Version, "version not 1");
+
+			Assert.IsNull(req.GetCriticalExtensionOids(), "critical extensions found when none expected");
+
+			Assert.IsNull(req.GetNonCriticalExtensionOids(), "non-critical extensions found when none expected");
+
+			if (request != sha1noNonse)
+			{
+				if (req.Nonce == null)
+				{
+					Assert.Fail("" + algorithm + " nonse not found when one expected.");
+				}
+			}
+			else
+			{
+				if (req.Nonce != null)
+				{
+					Assert.Fail("" + algorithm + " nonse not found when one not expected.");
+				}
+			}
+
+			try
+			{
+				req.Validate(TspAlgorithms.Allowed, null, null);
+			}
+			catch (Exception)
+			{
+				Assert.Fail("validation exception.");
+			}
+
+			if (!Arrays.AreEqual(req.GetEncoded(), request))
+			{
+				Assert.Fail("" + algorithm + " failed encode check.");
+			}
+		}
+
+		private static void responseParse(
+			byte[]	request,
+			byte[]	response,
+			string	algorithm)
+		{
+			TimeStampRequest req = new TimeStampRequest(request);
+			TimeStampResponse resp = new TimeStampResponse(response);
+
+			resp.Validate(req);
+
+			X509Certificate cert = new X509CertificateParser().ReadCertificate(signingCert);
+
+			resp.TimeStampToken.Validate(cert);
+		}
+
+		private static void unacceptableResponseParse(
+			byte[] response)
+		{
+			TimeStampResponse resp = new TimeStampResponse(response);
+
+			if (resp.Status != (int) PkiStatus.Rejection)
+			{
+				Assert.Fail("request not rejected.");
+			}
+
+			if (resp.GetFailInfo().IntValue != PkiFailureInfo.UnacceptedPolicy)
+			{
+				Assert.Fail("request not rejected.");
+			}
+		}
+
+		private static void generalizedTimeParse(
+			byte[] response)
+		{
+			TimeStampResponse resp = new TimeStampResponse(response);
+
+			if (resp.Status != (int) PkiStatus.Granted)
+			{
+				Assert.Fail("request not rejected.");
+			}
+		}
+
+		[Test]
+		public void TestSha1()
+		{
+			requestParse(sha1Request, TspAlgorithms.Sha1);
+			requestParse(sha1noNonse, TspAlgorithms.Sha1);
+			responseParse(sha1Request, sha1Response, TspAlgorithms.Sha1);
+			responseParse(sha1noNonse, sha1noNonseResponse, TspAlgorithms.Sha1);
+		}
+
+		[Test]
+		public void TestMD5()
+		{
+			requestParse(md5Request, TspAlgorithms.MD5);
+			responseParse(md5Request, md5Response, TspAlgorithms.MD5);
+		}
+
+		[Test]
+		public void TestRipeMD160()
+		{
+			requestParse(ripemd160Request, TspAlgorithms.RipeMD160);
+		}
+
+		[Test]
+		public void TestUnacceptable()
+		{
+			unacceptableResponseParse(unacceptablePolicy);
+		}
+
+		[Test]
+		public void TestGeneralizedTime()
+		{
+			generalizedTimeParse(generalizedTime);
+		}
+
+		[Test]
+		public void TestV2SigningResponseParse()
+		{
+			v2SigningResponseParse(v2SigningCertResponse);
+		}
+
+		private void v2SigningResponseParse(
+			byte[] encoded)
+		{
+			TimeStampResponse response = new TimeStampResponse(encoded);
+
+			IX509Store store = response.TimeStampToken.GetCertificates("Collection");
+			X509Certificate cert = (X509Certificate)
+				new ArrayList(store.GetMatches(response.TimeStampToken.SignerID))[0];
+
+			response.TimeStampToken.Validate(cert);
+		}
+
+//		public static void parse(
+//			byte[]	encoded,
+//			bool	tokenPresent)
+//		{
+//			TimeStampResponse response = new TimeStampResponse(encoded);
+//
+//			if (tokenPresent && response.TimeStampToken == null)
+//			{
+//				Assert.Fail("token not found when expected.");
+//			}
+//		}
+	}
+}
diff --git a/crypto/test/src/tsp/test/TSPTest.cs b/crypto/test/src/tsp/test/TSPTest.cs
new file mode 100644
index 000000000..e56d4ec9f
--- /dev/null
+++ b/crypto/test/src/tsp/test/TSPTest.cs
@@ -0,0 +1,548 @@
+using System;
+using System.Collections;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.Cmp;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Tsp.Tests
+{
+	[TestFixture]
+	public class TspTest
+	{
+		private static AsymmetricKeyParameter privateKey;
+		private static X509Certificate cert;
+		private static IX509Store certs;
+
+		static TspTest()
+		{
+			string signDN = "O=Bouncy Castle, C=AU";
+			AsymmetricCipherKeyPair signKP = TspTestUtil.MakeKeyPair();
+			X509Certificate signCert = TspTestUtil.MakeCACertificate(signKP, signDN, signKP, signDN);
+
+			string origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU";
+			AsymmetricCipherKeyPair origKP = TspTestUtil.MakeKeyPair();
+			privateKey = origKP.Private;
+
+			cert = TspTestUtil.MakeCertificate(origKP, origDN, signKP, signDN);
+
+			IList certList = new ArrayList();
+			certList.Add(cert);
+			certList.Add(signCert);
+
+			certs = X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(certList));
+		}
+
+		[Test]
+		public void TestBasic()
+		{
+			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
+				privateKey, cert, TspAlgorithms.Sha1, "1.2");
+
+			tsTokenGen.SetCertificates(certs);
+
+			TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
+			TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100));
+
+			TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed);
+
+			TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow);
+
+			tsResp = new TimeStampResponse(tsResp.GetEncoded());
+
+			TimeStampToken  tsToken = tsResp.TimeStampToken;
+
+			tsToken.Validate(cert);
+
+			AttributeTable table = tsToken.SignedAttributes;
+
+			Assert.IsNotNull(table[PkcsObjectIdentifiers.IdAASigningCertificate], "no signingCertificate attribute found");
+		}
+
+		[Test]
+		public void TestResponseValidation()
+		{
+			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
+				privateKey, cert, TspAlgorithms.MD5, "1.2");
+
+			tsTokenGen.SetCertificates(certs);
+
+			TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
+			TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100));
+
+			TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed);
+
+			TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow);
+
+			tsResp = new TimeStampResponse(tsResp.GetEncoded());
+
+			TimeStampToken tsToken = tsResp.TimeStampToken;
+
+			tsToken.Validate(cert);
+
+			//
+			// check validation
+			//
+			tsResp.Validate(request);
+
+			try
+			{
+				request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(101));
+
+				tsResp.Validate(request);
+
+				Assert.Fail("response validation failed on invalid nonce.");
+			}
+			catch (TspValidationException)
+			{
+				// ignore
+			}
+
+			try
+			{
+				request = reqGen.Generate(TspAlgorithms.Sha1, new byte[22], BigInteger.ValueOf(100));
+
+				tsResp.Validate(request);
+
+				Assert.Fail("response validation failed on wrong digest.");
+			}
+			catch (TspValidationException)
+			{
+				// ignore
+			}
+
+			try
+			{
+				request = reqGen.Generate(TspAlgorithms.MD5, new byte[20], BigInteger.ValueOf(100));
+
+				tsResp.Validate(request);
+
+				Assert.Fail("response validation failed on wrong digest.");
+			}
+			catch (TspValidationException)
+			{
+				// ignore
+			}
+		}
+
+		[Test]
+		public void TestIncorrectHash()
+		{
+			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
+				privateKey, cert, TspAlgorithms.Sha1, "1.2");
+
+			tsTokenGen.SetCertificates(certs);
+
+			TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
+			TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[16]);
+
+			TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed);
+
+			TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow);
+
+			tsResp = new TimeStampResponse(tsResp.GetEncoded());
+
+			TimeStampToken tsToken = tsResp.TimeStampToken;
+
+			if (tsToken != null)
+			{
+				Assert.Fail("incorrectHash - token not null.");
+			}
+
+			PkiFailureInfo failInfo = tsResp.GetFailInfo();
+
+			if (failInfo == null)
+			{
+				Assert.Fail("incorrectHash - failInfo set to null.");
+			}
+
+			if (failInfo.IntValue != PkiFailureInfo.BadDataFormat)
+			{
+				Assert.Fail("incorrectHash - wrong failure info returned.");
+			}
+		}
+
+		[Test]
+		public void TestBadAlgorithm()
+		{
+			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
+				privateKey, cert, TspAlgorithms.Sha1, "1.2");
+
+			tsTokenGen.SetCertificates(certs);
+
+			TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
+			TimeStampRequest request = reqGen.Generate("1.2.3.4.5", new byte[20]);
+
+			TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed);
+
+			TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow);
+
+			tsResp = new TimeStampResponse(tsResp.GetEncoded());
+
+			TimeStampToken  tsToken = tsResp.TimeStampToken;
+
+			if (tsToken != null)
+			{
+				Assert.Fail("badAlgorithm - token not null.");
+			}
+
+			PkiFailureInfo failInfo = tsResp.GetFailInfo();
+
+			if (failInfo == null)
+			{
+				Assert.Fail("badAlgorithm - failInfo set to null.");
+			}
+
+			if (failInfo.IntValue != PkiFailureInfo.BadAlg)
+			{
+				Assert.Fail("badAlgorithm - wrong failure info returned.");
+			}
+		}
+
+		[Test]
+		public void TestTimeNotAvailable()
+		{
+			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
+				privateKey, cert, TspAlgorithms.Sha1, "1.2");
+
+			tsTokenGen.SetCertificates(certs);
+
+			TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
+			TimeStampRequest request = reqGen.Generate("1.2.3.4.5", new byte[20]);
+
+			TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(
+				tsTokenGen, TspAlgorithms.Allowed);
+
+			TimeStampResponse tsResp = tsRespGen.Generate(request, new BigInteger("23"), null);
+
+			tsResp = new TimeStampResponse(tsResp.GetEncoded());
+
+			TimeStampToken tsToken = tsResp.TimeStampToken;
+
+			if (tsToken != null)
+			{
+				Assert.Fail("timeNotAvailable - token not null.");
+			}
+
+			PkiFailureInfo failInfo = tsResp.GetFailInfo();
+
+			if (failInfo == null)
+			{
+				Assert.Fail("timeNotAvailable - failInfo set to null.");
+			}
+
+			if (failInfo.IntValue != PkiFailureInfo.TimeNotAvailable)
+			{
+				Assert.Fail("timeNotAvailable - wrong failure info returned.");
+			}
+		}
+
+		[Test]
+		public void TestBadPolicy()
+		{
+			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
+				privateKey, cert, TspAlgorithms.Sha1, "1.2");
+
+			tsTokenGen.SetCertificates(certs);
+
+			TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
+
+			reqGen.SetReqPolicy("1.1");
+
+			TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20]);
+
+			TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed, new ArrayList());
+
+			TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow);
+
+			tsResp = new TimeStampResponse(tsResp.GetEncoded());
+
+			TimeStampToken tsToken = tsResp.TimeStampToken;
+
+			if (tsToken != null)
+			{
+				Assert.Fail("badPolicy - token not null.");
+			}
+
+			PkiFailureInfo  failInfo = tsResp.GetFailInfo();
+
+			if (failInfo == null)
+			{
+				Assert.Fail("badPolicy - failInfo set to null.");
+			}
+
+			if (failInfo.IntValue != PkiFailureInfo.UnacceptedPolicy)
+			{
+				Assert.Fail("badPolicy - wrong failure info returned.");
+			}
+		}
+
+		[Test]
+		public void TestCertReq()
+		{
+			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
+				privateKey, cert, TspAlgorithms.MD5, "1.2");
+
+			tsTokenGen.SetCertificates(certs);
+
+			TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
+
+			//
+			// request with certReq false
+			//
+			reqGen.SetCertReq(false);
+
+			TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100));
+
+			TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed);
+
+			TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow);
+
+			tsResp = new TimeStampResponse(tsResp.GetEncoded());
+
+			TimeStampToken tsToken = tsResp.TimeStampToken;
+
+			Assert.IsNull(tsToken.TimeStampInfo.GenTimeAccuracy); // check for abscence of accuracy
+
+			Assert.AreEqual("1.2", tsToken.TimeStampInfo.Policy);
+
+			try
+			{
+				tsToken.Validate(cert);
+			}
+			catch (TspValidationException)
+			{
+				Assert.Fail("certReq(false) verification of token failed.");
+			}
+
+			IX509Store respCerts = tsToken.GetCertificates("Collection");
+
+			ICollection certsColl = respCerts.GetMatches(null);
+
+			if (certsColl.Count != 0)
+			{
+				Assert.Fail("certReq(false) found certificates in response.");
+			}
+		}
+
+		[Test]
+		public void TestTokenEncoding()
+		{
+			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
+				privateKey, cert, TspAlgorithms.Sha1, "1.2.3.4.5.6");
+
+			tsTokenGen.SetCertificates(certs);
+
+			TimeStampRequestGenerator  reqGen = new TimeStampRequestGenerator();
+			TimeStampRequest           request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100));
+			TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed);
+			TimeStampResponse          tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow);
+
+			tsResp = new TimeStampResponse(tsResp.GetEncoded());
+
+			TimeStampResponse tsResponse = new TimeStampResponse(tsResp.GetEncoded());
+
+			if (!Arrays.AreEqual(tsResponse.GetEncoded(), tsResp.GetEncoded())
+				|| !Arrays.AreEqual(tsResponse.TimeStampToken.GetEncoded(),
+							tsResp.TimeStampToken.GetEncoded()))
+			{
+				Assert.Fail();
+			}
+		}
+
+		[Test]
+		public void TestAccuracyZeroCerts()
+		{
+			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
+				privateKey, cert, TspAlgorithms.MD5, "1.2");
+
+			tsTokenGen.SetCertificates(certs);
+
+			tsTokenGen.SetAccuracySeconds(1);
+			tsTokenGen.SetAccuracyMillis(2);
+			tsTokenGen.SetAccuracyMicros(3);
+
+			TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
+			TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100));
+
+			TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed);
+
+			TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow);
+
+			tsResp = new TimeStampResponse(tsResp.GetEncoded());
+
+			TimeStampToken  tsToken = tsResp.TimeStampToken;
+
+			tsToken.Validate(cert);
+
+			//
+			// check validation
+			//
+			tsResp.Validate(request);
+
+			//
+			// check tstInfo
+			//
+			TimeStampTokenInfo tstInfo = tsToken.TimeStampInfo;
+
+			//
+			// check accuracy
+			//
+			GenTimeAccuracy accuracy = tstInfo.GenTimeAccuracy;
+
+			Assert.AreEqual(1, accuracy.Seconds);
+			Assert.AreEqual(2, accuracy.Millis);
+			Assert.AreEqual(3, accuracy.Micros);
+
+			Assert.AreEqual(BigInteger.ValueOf(23), tstInfo.SerialNumber);
+
+			Assert.AreEqual("1.2", tstInfo.Policy);
+
+			//
+			// test certReq
+			//
+			IX509Store store = tsToken.GetCertificates("Collection");
+
+			ICollection certificates = store.GetMatches(null);
+
+			Assert.AreEqual(0, certificates.Count);
+		}
+
+		[Test]
+		public void TestAccuracyWithCertsAndOrdering()
+		{
+			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
+				privateKey, cert, TspAlgorithms.MD5, "1.2.3");
+
+			tsTokenGen.SetCertificates(certs);
+
+			tsTokenGen.SetAccuracySeconds(3);
+			tsTokenGen.SetAccuracyMillis(1);
+			tsTokenGen.SetAccuracyMicros(2);
+
+			tsTokenGen.SetOrdering(true);
+
+			TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
+
+			reqGen.SetCertReq(true);
+
+			TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100));
+
+			Assert.IsTrue(request.CertReq);
+
+			TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed);
+
+			TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow);
+
+			tsResp = new TimeStampResponse(tsResp.GetEncoded());
+
+			TimeStampToken tsToken = tsResp.TimeStampToken;
+
+			tsToken.Validate(cert);
+
+			//
+			// check validation
+			//
+			tsResp.Validate(request);
+
+			//
+			// check tstInfo
+			//
+			TimeStampTokenInfo tstInfo = tsToken.TimeStampInfo;
+
+			//
+			// check accuracy
+			//
+			GenTimeAccuracy accuracy = tstInfo.GenTimeAccuracy;
+
+			Assert.AreEqual(3, accuracy.Seconds);
+			Assert.AreEqual(1, accuracy.Millis);
+			Assert.AreEqual(2, accuracy.Micros);
+
+			Assert.AreEqual(BigInteger.ValueOf(23), tstInfo.SerialNumber);
+
+			Assert.AreEqual("1.2.3", tstInfo.Policy);
+
+			Assert.AreEqual(true, tstInfo.IsOrdered);
+
+			Assert.AreEqual(tstInfo.Nonce, BigInteger.ValueOf(100));
+
+			//
+			// test certReq
+			//
+			IX509Store store = tsToken.GetCertificates("Collection");
+
+			ICollection certificates = store.GetMatches(null);
+
+			Assert.AreEqual(2, certificates.Count);
+		}
+
+		[Test]
+		public void TestNoNonce()
+		{
+			TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
+				privateKey, cert, TspAlgorithms.MD5, "1.2.3");
+
+			tsTokenGen.SetCertificates(certs);
+
+			TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
+			TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20]);
+
+			Assert.IsFalse(request.CertReq);
+
+			TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed);
+
+			TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(24), DateTime.UtcNow);
+
+			tsResp = new TimeStampResponse(tsResp.GetEncoded());
+
+			TimeStampToken tsToken = tsResp.TimeStampToken;
+
+			tsToken.Validate(cert);
+
+			//
+			// check validation
+			//
+			tsResp.Validate(request);
+
+			//
+			// check tstInfo
+			//
+			TimeStampTokenInfo tstInfo = tsToken.TimeStampInfo;
+
+			//
+			// check accuracy
+			//
+			GenTimeAccuracy accuracy = tstInfo.GenTimeAccuracy;
+
+			Assert.IsNull(accuracy);
+
+			Assert.AreEqual(BigInteger.ValueOf(24), tstInfo.SerialNumber);
+
+			Assert.AreEqual("1.2.3", tstInfo.Policy);
+
+			Assert.IsFalse(tstInfo.IsOrdered);
+
+			Assert.IsNull(tstInfo.Nonce);
+
+			//
+			// test certReq
+			//
+			IX509Store store = tsToken.GetCertificates("Collection");
+
+			ICollection certificates = store.GetMatches(null);
+
+			Assert.AreEqual(0, certificates.Count);
+		}
+	}
+}
diff --git a/crypto/test/src/tsp/test/TSPTestUtil.cs b/crypto/test/src/tsp/test/TSPTestUtil.cs
new file mode 100644
index 000000000..f7b0c833a
--- /dev/null
+++ b/crypto/test/src/tsp/test/TSPTestUtil.cs
@@ -0,0 +1,200 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Tsp.Tests
+{
+	public class TspTestUtil
+	{
+		public static SecureRandom rand = new SecureRandom();
+		public static IAsymmetricCipherKeyPairGenerator kpg;
+		public static CipherKeyGenerator desede128kg;
+		public static CipherKeyGenerator desede192kg;
+		public static CipherKeyGenerator rc240kg;
+		public static CipherKeyGenerator rc264kg;
+		public static CipherKeyGenerator rc2128kg;
+		public static BigInteger serialNumber = BigInteger.One;
+		public static readonly bool Debug = true;
+		public static DerObjectIdentifier EuroPkiTsaTestPolicy = new DerObjectIdentifier("1.3.6.1.4.1.5255.5.1");
+
+		static TspTestUtil()
+		{
+			rand = new SecureRandom();
+
+			kpg = GeneratorUtilities.GetKeyPairGenerator("RSA");
+			kpg.Init(new RsaKeyGenerationParameters(
+				BigInteger.ValueOf(0x10001), rand, 1024, 25));
+
+			desede128kg = GeneratorUtilities.GetKeyGenerator("DESEDE");
+			desede128kg.Init(new KeyGenerationParameters(rand, 112));
+
+			desede192kg = GeneratorUtilities.GetKeyGenerator("DESEDE");
+			desede192kg.Init(new KeyGenerationParameters(rand, 168));
+
+			rc240kg = GeneratorUtilities.GetKeyGenerator("RC2");
+			rc240kg.Init(new KeyGenerationParameters(rand, 40));
+
+			rc264kg = GeneratorUtilities.GetKeyGenerator("RC2");
+			rc264kg.Init(new KeyGenerationParameters(rand, 64));
+
+			rc2128kg = GeneratorUtilities.GetKeyGenerator("RC2");
+			rc2128kg.Init(new KeyGenerationParameters(rand, 128));
+
+			serialNumber = BigInteger.One;
+		}
+
+		public static string DumpBase64(
+			byte[] data)
+		{
+			StringBuilder buf = new StringBuilder();
+
+			data = Base64.Encode(data);
+
+			for (int i = 0; i < data.Length; i += 64)
+			{
+				if (i + 64 < data.Length)
+				{
+					buf.Append(Encoding.ASCII.GetString(data, i, 64));
+				}
+				else
+				{
+					buf.Append(Encoding.ASCII.GetString(data, i, data.Length - i));
+				}
+				buf.Append('\n');
+			}
+
+			return buf.ToString();
+		}
+
+		public static AsymmetricCipherKeyPair MakeKeyPair()
+		{
+			return kpg.GenerateKeyPair();
+		}
+
+		public static KeyParameter MakeDesede128Key()
+		{
+			return new DesEdeParameters(desede128kg.GenerateKey());
+		}
+
+		public static KeyParameter MakeDesede192Key()
+		{
+			return new DesEdeParameters(desede192kg.GenerateKey());
+		}
+
+		public static KeyParameter MakeRC240Key()
+		{
+			return new RC2Parameters(rc240kg.GenerateKey());
+		}
+
+		public static KeyParameter MakeRC264Key()
+		{
+			return new RC2Parameters(rc264kg.GenerateKey());
+		}
+
+		public static KeyParameter MakeRC2128Key()
+		{
+			return new RC2Parameters(rc2128kg.GenerateKey());
+		}
+
+		public static X509Certificate MakeCertificate(AsymmetricCipherKeyPair _subKP,
+			string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN)
+		{
+			return MakeCertificate(_subKP, _subDN, _issKP, _issDN, false);
+		}
+
+		public static X509Certificate MakeCACertificate(AsymmetricCipherKeyPair _subKP,
+			string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN)
+		{
+			return MakeCertificate(_subKP, _subDN, _issKP, _issDN, true);
+		}
+
+		public static X509Certificate MakeCertificate(AsymmetricCipherKeyPair _subKP,
+			string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN, bool _ca)
+		{
+			AsymmetricKeyParameter _subPub = _subKP.Public;
+			AsymmetricKeyParameter _issPriv = _issKP.Private;
+			AsymmetricKeyParameter _issPub = _issKP.Public;
+
+			X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator();
+
+			_v3CertGen.Reset();
+			_v3CertGen.SetSerialNumber(allocateSerialNumber());
+			_v3CertGen.SetIssuerDN(new X509Name(_issDN));
+			_v3CertGen.SetNotBefore(DateTime.UtcNow);
+			_v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100));
+			_v3CertGen.SetSubjectDN(new X509Name(_subDN));
+			_v3CertGen.SetPublicKey(_subPub);
+			_v3CertGen.SetSignatureAlgorithm("MD5WithRSAEncryption");
+
+			_v3CertGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false,
+					createSubjectKeyId(_subPub));
+
+			_v3CertGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false,
+					createAuthorityKeyId(_issPub));
+
+			if (_ca)
+			{
+				_v3CertGen.AddExtension(X509Extensions.BasicConstraints, false,
+						new BasicConstraints(_ca));
+			}
+			else
+			{
+				_v3CertGen.AddExtension(X509Extensions.ExtendedKeyUsage, true,
+					ExtendedKeyUsage.GetInstance(new DerSequence(KeyPurposeID.IdKPTimeStamping)));
+			}
+
+			X509Certificate _cert = _v3CertGen.Generate(_issPriv);
+
+			_cert.CheckValidity(DateTime.UtcNow);
+			_cert.Verify(_issPub);
+
+			return _cert;
+		}
+
+		/*
+		*
+		*  INTERNAL METHODS
+		*
+		*/
+		private static AuthorityKeyIdentifier createAuthorityKeyId(
+			AsymmetricKeyParameter _pubKey)
+		{
+			return new AuthorityKeyIdentifier(
+				SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(_pubKey));
+		}
+
+//		private static AuthorityKeyIdentifier createAuthorityKeyId(
+//			AsymmetricKeyParameter _pubKey, X509Name _name, int _sNumber)
+//		{
+//			SubjectPublicKeyInfo _info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(_pubKey);
+//
+//			GeneralName _genName = new GeneralName(_name);
+//
+//			return new AuthorityKeyIdentifier(_info, GeneralNames.GetInstance(
+//				new DerSequence(_genName)), BigInteger.ValueOf(_sNumber));
+//		}
+
+		private static SubjectKeyIdentifier createSubjectKeyId(
+			AsymmetricKeyParameter _pubKey)
+		{
+			return new SubjectKeyIdentifier(
+				SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(_pubKey));
+		}
+
+		private static BigInteger allocateSerialNumber()
+		{
+			BigInteger _tmp = serialNumber;
+			serialNumber = serialNumber.Add(BigInteger.One);
+			return _tmp;
+		}
+	}
+}
\ No newline at end of file
diff --git a/crypto/test/src/tsp/test/TimeStampTokenInfoTest.cs b/crypto/test/src/tsp/test/TimeStampTokenInfoTest.cs
new file mode 100644
index 000000000..5a26f5ef6
--- /dev/null
+++ b/crypto/test/src/tsp/test/TimeStampTokenInfoTest.cs
@@ -0,0 +1,145 @@
+using System;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Tsp;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Tsp.Tests
+{
+	[TestFixture]
+	public class TimeStampTokenInfoUnitTest
+	{
+		private static readonly byte[] tstInfo1 = Hex.Decode(
+			  "303e02010106022a033021300906052b0e03021a050004140000000000000000000000000000000000000000"
+			+ "020118180f32303035313130313038313732315a");
+
+		private static readonly byte[] tstInfo2 = Hex.Decode(
+			  "304c02010106022a033021300906052b0e03021a05000414ffffffffffffffffffffffffffffffffffffffff"
+			+ "020117180f32303035313130313038323934355a3009020103800101810102020164");
+
+		private static readonly byte[] tstInfo3 = Hex.Decode(
+			  "304f02010106022a033021300906052b0e03021a050004140000000000000000000000000000000000000000"
+			+ "020117180f32303035313130313038343733355a30090201038001018101020101ff020164");
+
+		private static readonly byte[] tstInfoDudDate = Hex.Decode(
+			  "303e02010106022a033021300906052b0e03021a050004140000000000000000000000000000000000000000"
+			+ "020118180f32303056313130313038313732315a");
+
+		[Test]
+		public void TestTstInfo1()
+		{
+			TimeStampTokenInfo tstInfo = getTimeStampTokenInfo(tstInfo1);
+
+			//
+			// verify
+			//
+			GenTimeAccuracy accuracy = tstInfo.GenTimeAccuracy;
+
+			Assert.IsNull(accuracy);
+
+			Assert.AreEqual(new BigInteger("24"), tstInfo.SerialNumber);
+
+			Assert.AreEqual(1130833041000L, DateTimeUtilities.DateTimeToUnixMs(tstInfo.GenTime));
+
+			Assert.AreEqual("1.2.3", tstInfo.Policy);
+
+			Assert.AreEqual(false, tstInfo.IsOrdered);
+
+			Assert.IsNull(tstInfo.Nonce);
+
+			Assert.AreEqual(TspAlgorithms.Sha1, tstInfo.MessageImprintAlgOid);
+
+			Assert.IsTrue(Arrays.AreEqual(new byte[20], tstInfo.GetMessageImprintDigest()));
+
+			Assert.IsTrue(Arrays.AreEqual(tstInfo1, tstInfo.GetEncoded()));
+		}
+
+	    [Test]
+		public void TestTstInfo2()
+		{
+			TimeStampTokenInfo tstInfo = getTimeStampTokenInfo(tstInfo2);
+
+			//
+			// verify
+			//
+			GenTimeAccuracy accuracy = tstInfo.GenTimeAccuracy;
+
+			Assert.AreEqual(3, accuracy.Seconds);
+			Assert.AreEqual(1, accuracy.Millis);
+			Assert.AreEqual(2, accuracy.Micros);
+
+			Assert.AreEqual(new BigInteger("23"), tstInfo.SerialNumber);
+
+			Assert.AreEqual(1130833785000L, DateTimeUtilities.DateTimeToUnixMs(tstInfo.GenTime));
+
+			Assert.AreEqual("1.2.3", tstInfo.Policy);
+
+			Assert.AreEqual(false, tstInfo.IsOrdered);
+
+			Assert.AreEqual(tstInfo.Nonce, BigInteger.ValueOf(100));
+
+			Assert.IsTrue(Arrays.AreEqual(Hex.Decode("ffffffffffffffffffffffffffffffffffffffff"), tstInfo.GetMessageImprintDigest()));
+
+			Assert.IsTrue(Arrays.AreEqual(tstInfo2, tstInfo.GetEncoded()));
+		}
+
+	    [Test]
+		public void TestTstInfo3()
+		{
+			TimeStampTokenInfo tstInfo = getTimeStampTokenInfo(tstInfo3);
+
+			//
+			// verify
+			//
+			GenTimeAccuracy accuracy = tstInfo.GenTimeAccuracy;
+
+			Assert.AreEqual(3, accuracy.Seconds);
+			Assert.AreEqual(1, accuracy.Millis);
+			Assert.AreEqual(2, accuracy.Micros);
+
+			Assert.AreEqual(new BigInteger("23"), tstInfo.SerialNumber);
+
+			Assert.AreEqual(1130834855000L, DateTimeUtilities.DateTimeToUnixMs(tstInfo.GenTime));
+
+			Assert.AreEqual("1.2.3", tstInfo.Policy);
+
+			Assert.AreEqual(true, tstInfo.IsOrdered);
+
+			Assert.AreEqual(tstInfo.Nonce, BigInteger.ValueOf(100));
+
+			Assert.AreEqual(TspAlgorithms.Sha1, tstInfo.MessageImprintAlgOid);
+
+			Assert.IsTrue(Arrays.AreEqual(new byte[20], tstInfo.GetMessageImprintDigest()));
+
+			Assert.IsTrue(Arrays.AreEqual(tstInfo3, tstInfo.GetEncoded()));
+		}
+
+		[Test]
+		public void TestTstInfoDudDate()
+		{
+			try
+			{
+				getTimeStampTokenInfo(tstInfoDudDate);
+
+				Assert.Fail("dud date not detected.");
+			}
+			catch (TspException)
+			{
+				// expected
+			}
+		}
+
+		private TimeStampTokenInfo getTimeStampTokenInfo(
+			byte[] tstInfo)
+		{
+			return new TimeStampTokenInfo(
+				TstInfo.GetInstance(
+					Asn1Object.FromByteArray(tstInfo)));
+		}
+	}
+}
diff --git a/crypto/test/src/util/io/pem/test/AllTests.cs b/crypto/test/src/util/io/pem/test/AllTests.cs
new file mode 100644
index 000000000..b44949383
--- /dev/null
+++ b/crypto/test/src/util/io/pem/test/AllTests.cs
@@ -0,0 +1,77 @@
+using System;
+using System.Collections;
+using System.Collections.Specialized;
+using System.IO;
+using System.Text;
+
+using NUnit.Core;
+using NUnit.Framework;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Test;
+
+namespace Org.BouncyCastle.Utilities.IO.Pem.Tests
+{
+	[TestFixture]
+	public class AllTests
+	{
+		[Suite]
+		public static TestSuite Suite
+		{
+			get
+			{
+				TestSuite suite = new TestSuite("PEM Utilities Tests");
+				suite.Add(new AllTests());
+				return suite;
+			}
+		}
+
+		[Test]
+		public void TestPemLength()
+		{
+			for (int i = 1; i != 60; i++)
+			{
+				lengthTest("CERTIFICATE", new ArrayList(), new byte[i]);
+			}
+
+			lengthTest("CERTIFICATE", new ArrayList(), new byte[100]);
+			lengthTest("CERTIFICATE", new ArrayList(), new byte[101]);
+			lengthTest("CERTIFICATE", new ArrayList(), new byte[102]);
+			lengthTest("CERTIFICATE", new ArrayList(), new byte[103]);
+
+			lengthTest("CERTIFICATE", new ArrayList(), new byte[1000]);
+			lengthTest("CERTIFICATE", new ArrayList(), new byte[1001]);
+			lengthTest("CERTIFICATE", new ArrayList(), new byte[1002]);
+			lengthTest("CERTIFICATE", new ArrayList(), new byte[1003]);
+
+			IList headers = new ArrayList();
+			headers.Add(new PemHeader("Proc-Type", "4,ENCRYPTED"));
+			headers.Add(new PemHeader("DEK-Info", "DES3,0001020304050607"));
+			lengthTest("RSA PRIVATE KEY", headers, new byte[103]);
+		}
+
+		private void lengthTest(string type, IList headers, byte[] data)
+		{
+			StringWriter sw = new StringWriter();
+			PemWriter pWrt = new PemWriter(sw);
+
+			PemObject pemObj = new PemObject(type, headers, data);
+			pWrt.WriteObject(pemObj);
+			pWrt.Writer.Close();
+
+			Assert.AreEqual(sw.ToString().Length, pWrt.GetOutputSize(pemObj));
+		}
+
+		public static void Main(
+			string[] args)
+        {
+            //junit.textui.TestRunner.run(suite());
+            EventListener el = new NullListener();
+            Suite.Run(el);
+        }
+	}
+}
diff --git a/crypto/test/src/util/net/test/IPAddressTest.cs b/crypto/test/src/util/net/test/IPAddressTest.cs
new file mode 100644
index 000000000..ec40c528a
--- /dev/null
+++ b/crypto/test/src/util/net/test/IPAddressTest.cs
@@ -0,0 +1,61 @@
+using System;
+
+using NUnit.Framework;
+
+namespace Org.BouncyCastle.Utilities.Net.Tests
+{
+	[TestFixture]
+	public class IPTest
+	{
+		private static readonly string[] validIP4v = new string[]
+		{ "0.0.0.0", "255.255.255.255", "192.168.0.0" };
+
+		private static readonly string[] invalidIP4v = new string[]
+		{ "0.0.0.0.1", "256.255.255.255", "1", "A.B.C", "1:.4.6.5" };
+
+		private static readonly string[] validIP6v = new string[]
+		{ "0:0:0:0:0:0:0:0", "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF",
+				"0:1:2:3:FFFF:5:FFFF:1" };
+
+		private static readonly string[] invalidIP6v = new string[]
+		{ "0.0.0.0:1", "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFFF" };
+
+		private void doTestIP(
+			string[]	valid,
+			string[]	invalid)
+		{
+			for (int i = 0; i < valid.Length; i++)
+			{
+				if (!IPAddress.IsValid(valid[i]))
+				{
+					Assert.Fail("Valid input string not accepted: " + valid[i] + ".");
+				}
+			}
+
+			for (int i = 0; i < invalid.Length; i++)
+			{
+				if (IPAddress.IsValid(invalid[i]))
+				{
+					Assert.Fail("Invalid input string accepted: " + invalid[i] + ".");
+				}
+			}
+		}
+
+		public string Name
+		{
+			get { return "IPTest"; }
+		}
+
+		[Test]
+		public void TestIPv4()
+		{
+			doTestIP(validIP4v, invalidIP4v);
+		}
+
+		[Test]
+		public void TestIPv6()
+		{
+			doTestIP(validIP6v, invalidIP6v);
+		}
+	}
+}
diff --git a/crypto/test/src/util/test/FixedSecureRandom.cs b/crypto/test/src/util/test/FixedSecureRandom.cs
new file mode 100644
index 000000000..15a2e9bb3
--- /dev/null
+++ b/crypto/test/src/util/test/FixedSecureRandom.cs
@@ -0,0 +1,64 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Utilities.Test
+{
+	public class FixedSecureRandom
+		: SecureRandom
+	{
+		private byte[]       _data;
+		private int          _index;
+
+		protected FixedSecureRandom(
+			byte[] data)
+		{
+			_data = data;
+		}
+
+		public static FixedSecureRandom From(
+			params byte[][] values)
+		{
+			MemoryStream bOut = new MemoryStream();
+
+			for (int i = 0; i != values.Length; i++)
+			{
+				try
+				{
+					byte[] v = values[i];
+					bOut.Write(v, 0, v.Length);
+				}
+				catch (IOException)
+				{
+					throw new ArgumentException("can't save value array.");
+				}
+			}
+
+			return new FixedSecureRandom(bOut.ToArray());
+		}
+
+		public override void NextBytes(
+			byte[] buf)
+		{
+			Array.Copy(_data, _index, buf, 0, buf.Length);
+
+			_index += buf.Length;
+		}
+
+		public override void NextBytes(
+			byte[]	buf,
+			int		off,
+			int		len)
+		{
+			Array.Copy(_data, _index, buf, off, len);
+
+			_index += len;
+		}
+
+		public bool IsExhausted
+		{
+			get { return _index == _data.Length; }
+		}
+	}
+}
diff --git a/crypto/test/src/util/test/ITest.cs b/crypto/test/src/util/test/ITest.cs
new file mode 100644
index 000000000..30ad82780
--- /dev/null
+++ b/crypto/test/src/util/test/ITest.cs
@@ -0,0 +1,17 @@
+using System;
+
+using NUnit.Framework;
+
+/*
+ Basic test interface
+ */
+namespace Org.BouncyCastle.Utilities.Test
+{
+    public interface ITest
+    {
+        string Name { get; }
+
+		[Test]
+        ITestResult Perform();
+    }
+}
diff --git a/crypto/test/src/util/test/ITestResult.cs b/crypto/test/src/util/test/ITestResult.cs
new file mode 100644
index 000000000..25f0442de
--- /dev/null
+++ b/crypto/test/src/util/test/ITestResult.cs
@@ -0,0 +1,13 @@
+using System;
+
+namespace Org.BouncyCastle.Utilities.Test
+{
+    public interface ITestResult
+    {
+        bool IsSuccessful();
+
+        Exception GetException();
+
+        string ToString();
+    }
+}
diff --git a/crypto/test/src/util/test/NumberParsing.cs b/crypto/test/src/util/test/NumberParsing.cs
new file mode 100644
index 000000000..f9624ef0a
--- /dev/null
+++ b/crypto/test/src/util/test/NumberParsing.cs
@@ -0,0 +1,40 @@
+using System;
+using System.Globalization;
+
+namespace Org.BouncyCastle.Utilities.Test
+{
+    /**
+    * Parsing
+    */
+    public sealed class NumberParsing
+    {
+        private NumberParsing()
+        {
+            // Hide constructor
+        }
+
+		public static long DecodeLongFromHex(
+			string longAsString)
+        {
+            if ((longAsString[1] == 'x')
+                || (longAsString[1] == 'X'))
+            {
+                longAsString = longAsString.Substring(2);
+            }
+
+			return long.Parse(longAsString, NumberStyles.HexNumber);
+        }
+
+		public static int DecodeIntFromHex(
+			string intAsString)
+        {
+            if ((intAsString[1] == 'x')
+                || (intAsString[1] == 'X'))
+            {
+                intAsString = intAsString.Substring(2);
+            }
+
+			return int.Parse(intAsString, NumberStyles.HexNumber);
+        }
+    }
+}
diff --git a/crypto/test/src/util/test/SimpleTest.cs b/crypto/test/src/util/test/SimpleTest.cs
new file mode 100644
index 000000000..be846e20f
--- /dev/null
+++ b/crypto/test/src/util/test/SimpleTest.cs
@@ -0,0 +1,164 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Reflection;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Utilities.Test
+{
+    public abstract class SimpleTest
+        : ITest
+    {
+		public abstract string Name
+		{
+			get;
+		}
+
+		private ITestResult Success()
+        {
+            return SimpleTestResult.Successful(this, "Okay");
+        }
+
+        internal void Fail(
+            string message)
+        {
+            throw new TestFailedException(SimpleTestResult.Failed(this, message));
+        }
+
+        internal void Fail(
+            string		message,
+            Exception	throwable)
+        {
+            throw new TestFailedException(SimpleTestResult.Failed(this, message, throwable));
+        }
+
+		internal void Fail(
+            string message,
+            object expected,
+            object found)
+        {
+            throw new TestFailedException(SimpleTestResult.Failed(this, message, expected, found));
+        }
+
+		internal bool AreEqual(
+            byte[] a,
+            byte[] b)
+        {
+			return Arrays.AreEqual(a, b);
+		}
+
+		public virtual ITestResult Perform()
+        {
+            try
+            {
+                PerformTest();
+
+				return Success();
+            }
+            catch (TestFailedException e)
+            {
+                return e.GetResult();
+            }
+            catch (Exception e)
+            {
+                return SimpleTestResult.Failed(this, "Exception: " +  e, e);
+            }
+        }
+
+		internal static void RunTest(
+            ITest test)
+        {
+            RunTest(test, Console.Out);
+        }
+
+		internal static void RunTest(
+            ITest		test,
+            TextWriter	outStream)
+        {
+            ITestResult result = test.Perform();
+
+			outStream.WriteLine(result.ToString());
+            if (result.GetException() != null)
+            {
+                outStream.WriteLine(result.GetException().StackTrace);
+            }
+        }
+
+		internal static Stream GetTestDataAsStream(
+			string name)
+		{
+			string fullName = GetFullName(name);
+
+			return Assembly.GetExecutingAssembly().GetManifestResourceStream(fullName);
+		}
+
+		internal static string[] GetTestDataEntries(
+			string prefix)
+		{
+			string fullPrefix = GetFullName(prefix);
+
+			ArrayList result = new ArrayList();
+			string[] fullNames = Assembly.GetExecutingAssembly().GetManifestResourceNames();
+			foreach (string fullName in fullNames)
+			{
+				if (fullName.StartsWith(fullPrefix))
+				{
+					string name = GetShortName(fullName);
+					result.Add(name);
+				}
+			}
+			return (string[])result.ToArray(typeof(String));
+		}
+
+		private static string GetFullName(
+			string name)
+		{
+// TODO MonoDevelop/Visual Studio embedded resource ids still inconsistent
+#if BC_BUILD_MONODEVELOP
+			return "test.data." + name;
+#else
+			return "crypto.test.data." + name;
+#endif
+		}
+
+		private static string GetShortName(
+			string fullName)
+		{
+// TODO MonoDevelop/Visual Studio embedded resource ids still inconsistent
+#if BC_BUILD_MONODEVELOP
+			return fullName.Substring("test.data.".Length);
+#else
+			return fullName.Substring("crypto.test.data.".Length);
+#endif
+		}
+
+#if NETCF_1_0 || NETCF_2_0
+		private static string GetNewLine()
+		{
+			MemoryStream buf = new MemoryStream();
+			StreamWriter w = new StreamWriter(buf, Encoding.ASCII);
+			w.WriteLine();
+			w.Close();
+			byte[] bs = buf.ToArray();
+			return Encoding.ASCII.GetString(bs, 0, bs.Length);
+		}
+
+		internal static string GetEnvironmentVariable(
+			string variable)
+		{
+			return null;
+		}
+#else
+		private static string GetNewLine()
+		{
+			return Environment.NewLine;
+		}
+#endif
+
+		internal static readonly string NewLine = GetNewLine();
+
+		public abstract void PerformTest();
+    }
+}
diff --git a/crypto/test/src/util/test/SimpleTestResult.cs b/crypto/test/src/util/test/SimpleTestResult.cs
new file mode 100644
index 000000000..294f575b7
--- /dev/null
+++ b/crypto/test/src/util/test/SimpleTestResult.cs
@@ -0,0 +1,91 @@
+using System;
+using System.Text;
+
+namespace Org.BouncyCastle.Utilities.Test
+{
+    public class SimpleTestResult : ITestResult
+    {
+        private static readonly string Separator = SimpleTest.NewLine;
+
+        private bool success;
+        private string message;
+        private Exception exception;
+
+        public SimpleTestResult(
+			bool	success,
+			string	message)
+        {
+            this.success = success;
+            this.message = message;
+        }
+
+        public SimpleTestResult(
+			bool		success,
+			string		message,
+			Exception	exception)
+        {
+            this.success = success;
+            this.message = message;
+            this.exception = exception;
+        }
+
+		public static ITestResult Successful(
+            ITest	test,
+            string	message)
+        {
+            return new SimpleTestResult(true, test.Name + ": " + message);
+        }
+
+        public static ITestResult Failed(
+            ITest	test,
+            string	message)
+        {
+            return new SimpleTestResult(false, test.Name + ": " + message);
+        }
+
+        public static ITestResult Failed(
+            ITest		test,
+            string		message,
+            Exception	t)
+        {
+            return new SimpleTestResult(false, test.Name + ": " + message, t);
+        }
+
+        public static ITestResult Failed(
+            ITest	test,
+            string	message,
+            object	expected,
+            object	found)
+        {
+            return Failed(test, message + Separator + "Expected: " + expected + Separator + "Found   : " + found);
+        }
+
+        public static string FailedMessage(
+			string	algorithm,
+			string	testName,
+			string	expected,
+            string	actual)
+        {
+            StringBuilder sb = new StringBuilder(algorithm);
+            sb.Append(" failing ").Append(testName);
+            sb.Append(Separator).Append("    expected: ").Append(expected);
+            sb.Append(Separator).Append("    got     : ").Append(actual);
+            return sb.ToString();
+        }
+
+		public bool IsSuccessful()
+        {
+            return success;
+        }
+
+        public override string ToString()
+        {
+            return message;
+        }
+
+		public Exception GetException()
+        {
+            return exception;
+        }
+    }
+}
diff --git a/crypto/test/src/util/test/TestFailedException.cs b/crypto/test/src/util/test/TestFailedException.cs
new file mode 100644
index 000000000..ecd7e7d7a
--- /dev/null
+++ b/crypto/test/src/util/test/TestFailedException.cs
@@ -0,0 +1,24 @@
+using System;
+
+namespace Org.BouncyCastle.Utilities.Test
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT)
+    [Serializable]
+#endif
+    public class TestFailedException
+        : Exception
+    {
+        private ITestResult _result;
+
+        public TestFailedException(
+            ITestResult result)
+        {
+            _result = result;
+        }
+
+        public ITestResult GetResult()
+        {
+            return _result;
+        }
+    }
+}
diff --git a/crypto/test/src/util/test/UncloseableStream.cs b/crypto/test/src/util/test/UncloseableStream.cs
new file mode 100644
index 000000000..8b592cdd4
--- /dev/null
+++ b/crypto/test/src/util/test/UncloseableStream.cs
@@ -0,0 +1,22 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.Utilities;
+
+namespace Org.BouncyCastle.Utilities.Test
+{
+	public class UncloseableStream
+		: FilterStream
+	{
+		public UncloseableStream(
+			Stream s)
+			: base(s)
+		{
+		}
+
+		public override void Close()
+		{
+			throw new Exception("Close() called on UncloseableStream");
+		}
+	}
+}
diff --git a/crypto/test/src/x509/test/TestCertificateGen.cs b/crypto/test/src/x509/test/TestCertificateGen.cs
new file mode 100644
index 000000000..8ec5929c7
--- /dev/null
+++ b/crypto/test/src/x509/test/TestCertificateGen.cs
@@ -0,0 +1,715 @@
+using System;
+using System.Collections;
+using System.Text;
+
+using NUnit.Framework;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.X509.Tests
+{
+    [TestFixture]
+    public class TestCertificateGen
+    {
+        public TestCertificateGen()
+        {
+        }
+
+		[Test]
+        public void TestRsaDigestSigner()
+        {
+            BigInteger rsaPubMod = new BigInteger(Base64.Decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt"));
+            BigInteger rsaPubExp = new BigInteger(Base64.Decode("EQ=="));
+            BigInteger rsaPrivMod = new BigInteger(Base64.Decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt"));
+            BigInteger rsaPrivDP = new BigInteger(Base64.Decode("JXzfzG5v+HtLJIZqYMUefJfFLu8DPuJGaLD6lI3cZ0babWZ/oPGoJa5iHpX4Ul/7l3s1PFsuy1GhzCdOdlfRcQ=="));
+            BigInteger rsaPrivDQ = new BigInteger(Base64.Decode("YNdJhw3cn0gBoVmMIFRZzflPDNthBiWy/dUMSRfJCxoZjSnr1gysZHK01HteV1YYNGcwPdr3j4FbOfri5c6DUQ=="));
+            BigInteger rsaPrivExp = new BigInteger(Base64.Decode("DxFAOhDajr00rBjqX+7nyZ/9sHWRCCp9WEN5wCsFiWVRPtdB+NeLcou7mWXwf1Y+8xNgmmh//fPV45G2dsyBeZbXeJwB7bzx9NMEAfedchyOwjR8PYdjK3NpTLKtZlEJ6Jkh4QihrXpZMO4fKZWUm9bid3+lmiq43FwW+Hof8/E="));
+            BigInteger rsaPrivP = new BigInteger(Base64.Decode("AJ9StyTVW+AL/1s7RBtFwZGFBgd3zctBqzzwKPda6LbtIFDznmwDCqAlIQH9X14X7UPLokCDhuAa76OnDXb1OiE="));
+            BigInteger rsaPrivQ = new BigInteger(Base64.Decode("AM3JfD79dNJ5A3beScSzPtWxx/tSLi0QHFtkuhtSizeXdkv5FSba7lVzwEOGKHmW829bRoNxThDy4ds1IihW1w0="));
+            BigInteger rsaPrivQinv = new BigInteger(Base64.Decode("Lt0g7wrsNsQxuDdB8q/rH8fSFeBXMGLtCIqfOec1j7FEIuYA/ACiRDgXkHa0WgN7nLXSjHoy630wC5Toq8vvUg=="));
+            RsaKeyParameters rsaPublic = new RsaKeyParameters(false, rsaPubMod, rsaPubExp);
+			RsaPrivateCrtKeyParameters rsaPrivate = new RsaPrivateCrtKeyParameters(rsaPrivMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv);
+
+            byte[] msg = new byte[] { 1, 6, 3, 32, 7, 43, 2, 5, 7, 78, 4, 23 };
+
+            RsaDigestSigner signer = new RsaDigestSigner(new Sha1Digest());
+            signer.Init(true, rsaPrivate);
+            signer.BlockUpdate(msg, 0, msg.Length);
+            byte[] sig = signer.GenerateSignature();
+
+            signer.Init(false,rsaPublic);
+            signer.BlockUpdate(msg, 0, msg.Length);
+            Assert.IsTrue(signer.VerifySignature(sig), "RSA IDigest Signer failed.");
+        }
+
+        [Test]
+        public void TestCreationRSA()
+        {
+            BigInteger rsaPubMod = new BigInteger(Base64.Decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt"));
+            BigInteger rsaPubExp = new BigInteger(Base64.Decode("EQ=="));
+            BigInteger rsaPrivMod = new BigInteger(Base64.Decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt"));
+            BigInteger rsaPrivDP = new BigInteger(Base64.Decode("JXzfzG5v+HtLJIZqYMUefJfFLu8DPuJGaLD6lI3cZ0babWZ/oPGoJa5iHpX4Ul/7l3s1PFsuy1GhzCdOdlfRcQ=="));
+            BigInteger rsaPrivDQ = new BigInteger(Base64.Decode("YNdJhw3cn0gBoVmMIFRZzflPDNthBiWy/dUMSRfJCxoZjSnr1gysZHK01HteV1YYNGcwPdr3j4FbOfri5c6DUQ=="));
+            BigInteger rsaPrivExp = new BigInteger(Base64.Decode("DxFAOhDajr00rBjqX+7nyZ/9sHWRCCp9WEN5wCsFiWVRPtdB+NeLcou7mWXwf1Y+8xNgmmh//fPV45G2dsyBeZbXeJwB7bzx9NMEAfedchyOwjR8PYdjK3NpTLKtZlEJ6Jkh4QihrXpZMO4fKZWUm9bid3+lmiq43FwW+Hof8/E="));
+            BigInteger rsaPrivP = new BigInteger(Base64.Decode("AJ9StyTVW+AL/1s7RBtFwZGFBgd3zctBqzzwKPda6LbtIFDznmwDCqAlIQH9X14X7UPLokCDhuAa76OnDXb1OiE="));
+            BigInteger rsaPrivQ = new BigInteger(Base64.Decode("AM3JfD79dNJ5A3beScSzPtWxx/tSLi0QHFtkuhtSizeXdkv5FSba7lVzwEOGKHmW829bRoNxThDy4ds1IihW1w0="));
+            BigInteger rsaPrivQinv = new BigInteger(Base64.Decode("Lt0g7wrsNsQxuDdB8q/rH8fSFeBXMGLtCIqfOec1j7FEIuYA/ACiRDgXkHa0WgN7nLXSjHoy630wC5Toq8vvUg=="));
+            RsaKeyParameters rsaPublic = new RsaKeyParameters(false, rsaPubMod, rsaPubExp);
+			RsaPrivateCrtKeyParameters rsaPrivate = new RsaPrivateCrtKeyParameters(rsaPrivMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv);
+
+			IDictionary attrs = new Hashtable();
+            attrs[X509Name.C] = "AU";
+            attrs[X509Name.O] = "The Legion of the Bouncy Castle";
+            attrs[X509Name.L] = "Melbourne";
+            attrs[X509Name.ST] = "Victoria";
+            attrs[X509Name.E] = "feedback-crypto@bouncycastle.org";
+
+            IList ord = new ArrayList();
+            ord.Add(X509Name.C);
+            ord.Add(X509Name.O);
+            ord.Add(X509Name.L);
+            ord.Add(X509Name.ST);
+            ord.Add(X509Name.E);
+
+			IList values = new ArrayList();
+			values.Add("AU");
+            values.Add("The Legion of the Bouncy Castle");
+            values.Add("Melbourne");
+            values.Add("Victoria");
+            values.Add("feedback-crypto@bouncycastle.org");
+
+            X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
+
+            certGen.SetSerialNumber(BigInteger.One);
+
+            certGen.SetIssuerDN(new X509Name(ord, attrs));
+			certGen.SetNotBefore(DateTime.UtcNow.AddDays(-1));
+			certGen.SetNotAfter(DateTime.UtcNow.AddDays(1));
+            certGen.SetSubjectDN(new X509Name(ord, attrs));
+            certGen.SetPublicKey(rsaPublic);
+            certGen.SetSignatureAlgorithm("MD5WithRSAEncryption");
+
+			X509Certificate cert = certGen.Generate(rsaPrivate);
+
+//			Assert.IsTrue((cert.IsValidNow && cert.Verify(rsaPublic)),"Certificate failed to be valid (RSA)");
+			cert.CheckValidity();
+			cert.Verify(rsaPublic);
+
+			//Console.WriteLine(ASN1Dump.DumpAsString(cert.ToAsn1Object()));
+
+            //ISet dummySet = cert.GetNonCriticalExtensionOids();
+
+            //if (dummySet != null)
+            //{
+            //    foreach (string key in dummySet)
+            //    {
+            //        Console.WriteLine("\t{0}:\t{1}", key);
+            //    }
+            //}
+
+            //Console.WriteLine();
+
+            //dummySet = cert.GetNonCriticalExtensionOids();
+            //if (dummySet != null)
+            //{
+            //    foreach (string key in dummySet)
+            //    {
+            //        Console.WriteLine("\t{0}:\t{1}", key);
+            //    }
+            //}
+
+            //Console.WriteLine();
+        }
+
+		[Test]
+        public void TestCreationDSA()
+        {
+            BigInteger DSAParaG = new BigInteger(Base64.Decode("AL0fxOTq10OHFbCf8YldyGembqEu08EDVzxyLL29Zn/t4It661YNol1rnhPIs+cirw+yf9zeCe+KL1IbZ/qIMZM="));
+            BigInteger DSAParaP = new BigInteger(Base64.Decode("AM2b/UeQA+ovv3dL05wlDHEKJ+qhnJBsRT5OB9WuyRC830G79y0R8wuq8jyIYWCYcTn1TeqVPWqiTv6oAoiEeOs="));
+            BigInteger DSAParaQ = new BigInteger(Base64.Decode("AIlJT7mcKL6SUBMmvm24zX1EvjNx"));
+            BigInteger DSAPublicY = new BigInteger(Base64.Decode("TtWy2GuT9yGBWOHi1/EpCDa/bWJCk2+yAdr56rAcqP0eHGkMnA9s9GJD2nGU8sFjNHm55swpn6JQb8q0agrCfw=="));
+            BigInteger DsaPrivateX = new BigInteger(Base64.Decode("MMpBAxNlv7eYfxLTZ2BItJeD31A="));
+
+            DsaParameters para = new DsaParameters(DSAParaP, DSAParaQ, DSAParaG);
+            DsaPrivateKeyParameters dsaPriv = new DsaPrivateKeyParameters(DsaPrivateX, para);
+            DsaPublicKeyParameters dsaPub = new DsaPublicKeyParameters(DSAPublicY, para);
+
+            IDictionary attrs = new Hashtable();
+            attrs[X509Name.C] = "AU";
+            attrs[X509Name.O] = "The Legion of the Bouncy Castle";
+            attrs[X509Name.L] = "Melbourne";
+            attrs[X509Name.ST] = "Victoria";
+            attrs[X509Name.E] = "feedback-crypto@bouncycastle.org";
+
+            IList ord = new ArrayList();
+            ord.Add(X509Name.C);
+            ord.Add(X509Name.O);
+            ord.Add(X509Name.L);
+            ord.Add(X509Name.ST);
+            ord.Add(X509Name.E);
+
+            IList values = new ArrayList();
+			values.Add("AU");
+            values.Add("The Legion of the Bouncy Castle");
+            values.Add("Melbourne");
+            values.Add("Victoria");
+            values.Add("feedback-crypto@bouncycastle.org");
+
+            X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
+
+			certGen.SetSerialNumber(BigInteger.One);
+
+            certGen.SetIssuerDN(new X509Name(ord, attrs));
+			certGen.SetNotBefore(DateTime.UtcNow.AddDays(-1));
+			certGen.SetNotAfter(DateTime.UtcNow.AddDays(1));
+            certGen.SetSubjectDN(new X509Name(ord, attrs));
+            certGen.SetPublicKey(dsaPub);
+            certGen.SetSignatureAlgorithm("SHA1WITHDSA");
+
+            X509Certificate cert = certGen.Generate(dsaPriv);
+
+//			Assert.IsTrue((cert.IsValidNow && cert.Verify(dsaPub)), "Certificate failed to be valid (DSA Test)");
+			cert.CheckValidity();
+			cert.Verify(dsaPub);
+
+            //ISet dummySet = cert.GetNonCriticalExtensionOids();
+
+            //if (dummySet != null)
+            //{
+            //    foreach (string key in dummySet)
+            //    {
+            //        Console.WriteLine("\t{0}:\t{1}", key);
+            //    }
+            //}
+
+            //Console.WriteLine();
+
+            //dummySet = cert.GetNonCriticalExtensionOids();
+            //if (dummySet != null)
+            //{
+            //    foreach (string key in dummySet)
+            //    {
+            //        Console.WriteLine("\t{0}:\t{1}", key);
+            //    }
+            //}
+
+            //Console.WriteLine();
+        }
+
+		[Test]
+        public void TestCreationECDSA()
+        {
+            BigInteger ECParraGX = new BigInteger(Base64.Decode("D/qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqv"));
+            BigInteger ECParraGY = new BigInteger(Base64.Decode("AhQXGxb1olGRv6s1LPRfuatMF+cx3ZTGgzSE/Q5R"));
+            BigInteger ECParraH = new BigInteger(Base64.Decode("AQ=="));
+            BigInteger ECParraN = new BigInteger(Base64.Decode("f///////////////f///nl6an12QcfvRUiaIkJ0L"));
+            BigInteger ECPubQX = new BigInteger(Base64.Decode("HWWi17Yb+Bm3PYr/DMjLOYNFhyOwX1QY7ZvqqM+l"));
+            BigInteger ECPubQY = new BigInteger(Base64.Decode("JrlJfxu3WGhqwtL/55BOs/wsUeiDFsvXcGhB8DGx"));
+            BigInteger ECPrivD = new BigInteger(Base64.Decode("GYQmd/NF1B+He1iMkWt3by2Az6Eu07t0ynJ4YCAo"));
+            FpCurve curve = new FpCurve(
+               new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
+                new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
+                new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
+            ECDomainParameters ecDomain =
+                new ECDomainParameters(curve, new FpPoint(curve, curve.FromBigInteger(ECParraGX), curve.FromBigInteger(ECParraGY)), ECParraN);
+            ECPublicKeyParameters ecPub = new ECPublicKeyParameters(
+				"ECDSA",
+				new FpPoint(curve,
+					curve.FromBigInteger(ECPubQX),
+					curve.FromBigInteger(ECPubQY)),
+				ecDomain);
+            ECPrivateKeyParameters ecPriv = new ECPrivateKeyParameters("ECDSA", ECPrivD, ecDomain);
+
+
+            IDictionary attrs = new Hashtable();
+			attrs[X509Name.C] = "AU";
+            attrs[X509Name.O] = "The Legion of the Bouncy Castle";
+            attrs[X509Name.L] = "Melbourne";
+            attrs[X509Name.ST] = "Victoria";
+            attrs[X509Name.E] = "feedback-crypto@bouncycastle.org";
+
+            IList ord = new ArrayList();
+            ord.Add(X509Name.C);
+            ord.Add(X509Name.O);
+            ord.Add(X509Name.L);
+            ord.Add(X509Name.ST);
+            ord.Add(X509Name.E);
+
+			IList values = new ArrayList();
+			values.Add("AU");
+            values.Add("The Legion of the Bouncy Castle");
+            values.Add("Melbourne");
+            values.Add("Victoria");
+            values.Add("feedback-crypto@bouncycastle.org");
+
+            X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
+
+            certGen.SetSerialNumber(BigInteger.One);
+
+            certGen.SetIssuerDN(new X509Name(ord, attrs));
+            certGen.SetNotBefore(DateTime.Today.Subtract(new TimeSpan(1, 0, 0, 0)));
+            certGen.SetNotAfter(DateTime.Today.AddDays(1));
+            certGen.SetSubjectDN(new X509Name(ord, attrs));
+            certGen.SetPublicKey(ecPub);
+            certGen.SetSignatureAlgorithm("SHA1WITHECDSA");
+
+
+            X509Certificate cert = certGen.Generate(ecPriv);
+
+//            Assert.IsTrue((cert.IsValidNow && cert.Verify(ecPub)), "Certificate failed to be valid (ECDSA)");
+			cert.CheckValidity();
+			cert.Verify(ecPub);
+
+            //ISet dummySet = cert.GetNonCriticalExtensionOids();
+
+            //if (dummySet != null)
+            //{
+            //    foreach (string key in dummySet)
+            //    {
+            //        Console.WriteLine("\t{0}:\t{1}", key);
+            //    }
+            //}
+
+            //Console.WriteLine();
+
+            //dummySet = cert.GetNonCriticalExtensionOids();
+
+            //if (dummySet != null)
+            //{
+            //    foreach (string key in dummySet)
+            //    {
+            //        Console.WriteLine("\t{0}:\t{1}", key);
+            //    }
+            //}
+
+            //Console.WriteLine();
+        }
+
+		[Test]
+		public void TestCertLoading()
+        {
+            byte[] cert1 = Base64.Decode(
+                   "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx"
+                 + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY"
+                 + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB"
+                 + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ"
+                 + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2"
+                 + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW"
+                 + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM"
+                 + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l"
+                 + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv"
+                 + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re"
+                 + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO"
+                 + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE"
+                 + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy"
+                 + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0"
+                 + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw"
+                 + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL"
+                 + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4"
+                 + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF"
+                 + "5/8=");
+
+			try
+			{
+                Assert.IsNotNull(new X509CertificateParser().ReadCertificate(cert1));
+            }
+			catch (Exception)
+            {
+                Assert.Fail("Reading first test certificate.");
+            }
+
+
+			// ca.crt
+            //
+            byte[] cert2 = Base64.Decode(
+                   "MIIDbDCCAtWgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx"
+                 + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY"
+                 + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB"
+                 + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ"
+                 + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU1MzNaFw0wMTA2"
+                 + "MDIwNzU1MzNaMIG3MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW"
+                 + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM"
+                 + "dGQxHjAcBgNVBAsTFUNlcnRpZmljYXRlIEF1dGhvcml0eTEVMBMGA1UEAxMMQ29u"
+                 + "bmVjdCA0IENBMSgwJgYJKoZIhvcNAQkBFhl3ZWJtYXN0ZXJAY29ubmVjdDQuY29t"
+                 + "LmF1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgs5ptNG6Qv1ZpCDuUNGmv"
+                 + "rhjqMDPd3ri8JzZNRiiFlBA4e6/ReaO1U8ASewDeQMH6i9R6degFdQRLngbuJP0s"
+                 + "xcEE+SksEWNvygfzLwV9J/q+TQDyJYK52utb++lS0b48A1KPLwEsyL6kOAgelbur"
+                 + "ukwxowprKUIV7Knf1ajetQIDAQABo4GFMIGCMCQGA1UdEQQdMBuBGXdlYm1hc3Rl"
+                 + "ckBjb25uZWN0NC5jb20uYXUwDwYDVR0TBAgwBgEB/wIBADA2BglghkgBhvhCAQ0E"
+                 + "KRYnbW9kX3NzbCBnZW5lcmF0ZWQgY3VzdG9tIENBIGNlcnRpZmljYXRlMBEGCWCG"
+                 + "SAGG+EIBAQQEAwICBDANBgkqhkiG9w0BAQQFAAOBgQCsGvfdghH8pPhlwm1r3pQk"
+                 + "msnLAVIBb01EhbXm2861iXZfWqGQjrGAaA0ZpXNk9oo110yxoqEoSJSzniZa7Xtz"
+                 + "soTwNUpE0SLHvWf/SlKdFWlzXA+vOZbzEv4UmjeelekTm7lc01EEa5QRVzOxHFtQ"
+                 + "DhkaJ8VqOMajkQFma2r9iA==");
+
+			try
+			{
+				Assert.IsNotNull(new X509CertificateParser().ReadCertificate(cert2));
+			}
+			catch (Exception)
+			{
+				Assert.Fail("Reading second test certificate.");
+			}
+
+
+            //
+            // testx509.pem
+            //
+            byte[] cert3 = Base64.Decode(
+                   "MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV"
+                 + "BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz"
+                 + "MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM"
+                 + "RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF"
+                 + "AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO"
+                 + "/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE"
+                 + "Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ"
+                 + "zl9HYIMxATFyqSiD9jsx");
+
+			try
+			{
+				Assert.IsNotNull(new X509CertificateParser().ReadCertificate(cert3));
+			}
+			catch (Exception)
+			{
+				Assert.Fail("Reading third test certificate. (X509.pem)");
+			}
+
+
+			//
+            // v3-cert1.pem
+            //
+            byte[] cert4 = Base64.Decode(
+                   "MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx"
+                 + "NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz"
+                 + "dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw"
+                 + "ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu"
+                 + "ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2"
+                 + "ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp"
+                 + "miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C"
+                 + "AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK"
+                 + "Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x"
+                 + "DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR"
+                 + "MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB"
+                 + "AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21"
+                 + "X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3"
+                 + "WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO");
+
+			try
+			{
+				Assert.IsNotNull(new X509CertificateParser().ReadCertificate(cert4));
+			}
+			catch (Exception)
+			{
+				Assert.Fail("Reading fourth test certificate. (X509 V3 Pem)");
+			}
+
+
+			//
+            // v3-cert2.pem
+            //
+            byte[] cert5 = Base64.Decode(
+                   "MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD"
+                 + "YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0"
+                 + "ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu"
+                 + "dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1"
+                 + "WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV"
+                 + "BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx"
+                 + "FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA"
+                 + "6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT"
+                 + "G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ"
+                 + "YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm"
+                 + "b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc"
+                 + "F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz"
+                 + "lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap"
+                 + "jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=");
+
+			try
+			{
+				Assert.IsNotNull(new X509CertificateParser().ReadCertificate(cert5));
+			}
+			catch (Exception)
+			{
+				Assert.Fail("Reading fifth test certificate. (X509 V3 Pem)");
+			}
+
+
+            //
+            // pem encoded pkcs7
+            //
+            byte[] cert6 = Base64.Decode(
+                  "MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJbzCCAj0w"
+                + "ggGmAhEAzbp/VvDf5LxU/iKss3KqVTANBgkqhkiG9w0BAQIFADBfMQswCQYDVQQGEwJVUzEXMBUG"
+                + "A1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGljIFByaW1hcnkgQ2Vy"
+                + "dGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTYwMTI5MDAwMDAwWhcNMjgwODAxMjM1OTU5WjBfMQsw"
+                + "CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVi"
+                + "bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwgZ8wDQYJKoZIhvcNAQEBBQADgY0A"
+                + "MIGJAoGBAOUZv22jVmEtmUhx9mfeuY3rt56GgAqRDvo4Ja9GiILlc6igmyRdDR/MZW4MsNBWhBiH"
+                + "mgabEKFz37RYOWtuwfYV1aioP6oSBo0xrH+wNNePNGeICc0UEeJORVZpH3gCgNrcR5EpuzbJY1zF"
+                + "4Ncth3uhtzKwezC6Ki8xqu6jZ9rbAgMBAAEwDQYJKoZIhvcNAQECBQADgYEATD+4i8Zo3+5DMw5d"
+                + "6abLB4RNejP/khv0Nq3YlSI2aBFsfELM85wuxAc/FLAPT/+Qknb54rxK6Y/NoIAK98Up8YIiXbix"
+                + "3YEjo3slFUYweRb46gVLlH8dwhzI47f0EEA8E8NfH1PoSOSGtHuhNbB7Jbq4046rPzidADQAmPPR"
+                + "cZQwggMuMIICl6ADAgECAhEA0nYujRQMPX2yqCVdr+4NdTANBgkqhkiG9w0BAQIFADBfMQswCQYD"
+                + "VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGlj"
+                + "IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTgwNTEyMDAwMDAwWhcNMDgwNTEy"
+                + "MjM1OTU5WjCBzDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy"
+                + "dXN0IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9SUEEgSW5j"
+                + "b3JwLiBCeSBSZWYuLExJQUIuTFREKGMpOTgxSDBGBgNVBAMTP1ZlcmlTaWduIENsYXNzIDEgQ0Eg"
+                + "SW5kaXZpZHVhbCBTdWJzY3JpYmVyLVBlcnNvbmEgTm90IFZhbGlkYXRlZDCBnzANBgkqhkiG9w0B"
+                + "AQEFAAOBjQAwgYkCgYEAu1pEigQWu1X9A3qKLZRPFXg2uA1Ksm+cVL+86HcqnbnwaLuV2TFBcHqB"
+                + "S7lIE1YtxwjhhEKrwKKSq0RcqkLwgg4C6S/7wju7vsknCl22sDZCM7VuVIhPh0q/Gdr5FegPh7Yc"
+                + "48zGmo5/aiSS4/zgZbqnsX7vyds3ashKyAkG5JkCAwEAAaN8MHowEQYJYIZIAYb4QgEBBAQDAgEG"
+                + "MEcGA1UdIARAMD4wPAYLYIZIAYb4RQEHAQEwLTArBggrBgEFBQcCARYfd3d3LnZlcmlzaWduLmNv"
+                + "bS9yZXBvc2l0b3J5L1JQQTAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0B"
+                + "AQIFAAOBgQCIuDc73dqUNwCtqp/hgQFxHpJqbS/28Z3TymQ43BuYDAeGW4UVag+5SYWklfEXfWe0"
+                + "fy0s3ZpCnsM+tI6q5QsG3vJWKvozx74Z11NMw73I4xe1pElCY+zCphcPXVgaSTyQXFWjZSAA/Rgg"
+                + "5V+CprGoksVYasGNAzzrw80FopCubjCCA/gwggNhoAMCAQICEBbbn/1G1zppD6KsP01bwywwDQYJ"
+                + "KoZIhvcNAQEEBQAwgcwxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2ln"
+                + "biBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvUlBB"
+                + "IEluY29ycC4gQnkgUmVmLixMSUFCLkxURChjKTk4MUgwRgYDVQQDEz9WZXJpU2lnbiBDbGFzcyAx"
+                + "IENBIEluZGl2aWR1YWwgU3Vic2NyaWJlci1QZXJzb25hIE5vdCBWYWxpZGF0ZWQwHhcNMDAxMDAy"
+                + "MDAwMDAwWhcNMDAxMjAxMjM1OTU5WjCCAQcxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYD"
+                + "VQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3Jl"
+                + "cG9zaXRvcnkvUlBBIEluY29ycC4gYnkgUmVmLixMSUFCLkxURChjKTk4MR4wHAYDVQQLExVQZXJz"
+                + "b25hIE5vdCBWYWxpZGF0ZWQxJzAlBgNVBAsTHkRpZ2l0YWwgSUQgQ2xhc3MgMSAtIE1pY3Jvc29m"
+                + "dDETMBEGA1UEAxQKRGF2aWQgUnlhbjElMCMGCSqGSIb3DQEJARYWZGF2aWRAbGl2ZW1lZGlhLmNv"
+                + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqxBsdeNmSvFqhMNwhQgNzM8mdjX9eSXb"
+                + "DawpHtQHjmh0AKJSa3IwUY0VIsyZHuXWktO/CgaMBVPt6OVf/n0R2sQigMP6Y+PhEiS0vCJBL9aK"
+                + "0+pOo2qXrjVBmq+XuCyPTnc+BOSrU26tJsX0P9BYorwySiEGxGanBNATdVL4NdUCAwEAAaOBnDCB"
+                + "mTAJBgNVHRMEAjAAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQgwKjAoBggrBgEFBQcCARYcaHR0"
+                + "cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTARBglghkgBhvhCAQEEBAMCB4AwMwYDVR0fBCwwKjAo"
+                + "oCagJIYiaHR0cDovL2NybC52ZXJpc2lnbi5jb20vY2xhc3MxLmNybDANBgkqhkiG9w0BAQQFAAOB"
+                + "gQBC8yIIdVGpFTf8/YiL14cMzcmL0nIRm4kGR3U59z7UtcXlfNXXJ8MyaeI/BnXwG/gD5OKYqW6R"
+                + "yca9vZOxf1uoTBl82gInk865ED3Tej6msCqFzZffnSUQvOIeqLxxDlqYRQ6PmW2nAnZeyjcnbI5Y"
+                + "syQSM2fmo7n6qJFP+GbFezGCAkUwggJBAgEBMIHhMIHMMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5j"
+                + "LjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWdu"
+                + "LmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNvcnAuIEJ5IFJlZi4sTElBQi5MVEQoYyk5ODFIMEYGA1UE"
+                + "AxM/VmVyaVNpZ24gQ2xhc3MgMSBDQSBJbmRpdmlkdWFsIFN1YnNjcmliZXItUGVyc29uYSBOb3Qg"
+                + "VmFsaWRhdGVkAhAW25/9Rtc6aQ+irD9NW8MsMAkGBSsOAwIaBQCggbowGAYJKoZIhvcNAQkDMQsG"
+                + "CSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDAxMDAyMTczNTE4WjAjBgkqhkiG9w0BCQQxFgQU"
+                + "gZjSaBEY2oxGvlQUIMnxSXhivK8wWwYJKoZIhvcNAQkPMU4wTDAKBggqhkiG9w0DBzAOBggqhkiG"
+                + "9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwBwYFKw4DAh0w"
+                + "DQYJKoZIhvcNAQEBBQAEgYAzk+PU91/ZFfoiuKOECjxEh9fDYE2jfDCheBIgh5gdcCo+sS1WQs8O"
+                + "HreQ9Nop/JdJv1DQMBK6weNBBDoP0EEkRm1XCC144XhXZC82jBZohYmi2WvDbbC//YN58kRMYMyy"
+                + "srrfn4Z9I+6kTriGXkrpGk9Q0LSGjmG2BIsqiF0dvwAAAAAAAA==");
+
+			try
+			{
+				Assert.IsNotNull(new X509CertificateParser().ReadCertificate(cert6));
+			}
+			catch (Exception)
+			{
+				Assert.Fail("Reading sixth test certificate. (Pkcs7)");
+			}
+
+
+            //
+            // dsaWithSHA1 cert
+            //
+            byte[] cert7 = Base64.Decode(
+                  "MIIEXAYJKoZIhvcNAQcCoIIETTCCBEkCAQExCzAJBgUrDgMCGgUAMAsGCSqG"
+                + "SIb3DQEHAaCCAsMwggK/MIIB4AIBADCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7"
+                + "d8miwTMN55CUSmo3TO8WGCxgY61TX5k+7NU4XPf1TULjw3GobwaJX13kquPh"
+                + "fVXk+gVy46n4Iw3hAhUBSe/QF4BUj+pJOF9ROBM4u+FEWA8CQQD4mSJbrABj"
+                + "TUWrlnAte8pS22Tq4/FPO7jHSqjijUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/z"
+                + "m8Q12PFp/PjOhh+nMA4xDDAKBgNVBAMTA0lEMzAeFw05NzEwMDEwMDAwMDBa"
+                + "Fw0zODAxMDEwMDAwMDBaMA4xDDAKBgNVBAMTA0lEMzCB8DCBpwYFKw4DAhsw"
+                + "gZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxgY61TX5k+7NU4XPf1TULj"
+                + "w3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/QF4BUj+pJOF9ROBM4u+FE"
+                + "WA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jHSqjijUHfXKTrHL1OEqV3"
+                + "SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nA0QAAkEAkYkXLYMtGVGWj9OnzjPn"
+                + "sB9sefSRPrVegZJCZbpW+Iv0/1RP1u04pHG9vtRpIQLjzUiWvLMU9EKQTThc"
+                + "eNMmWDCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxg"
+                + "Y61TX5k+7NU4XPf1TULjw3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/Q"
+                + "F4BUj+pJOF9ROBM4u+FEWA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jH"
+                + "SqjijUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nAy8AMCwC"
+                + "FBY3dBSdeprGcqpr6wr3xbG+6WW+AhRMm/facKJNxkT3iKgJbp7R8Xd3QTGC"
+                + "AWEwggFdAgEBMBMwDjEMMAoGA1UEAxMDSUQzAgEAMAkGBSsOAwIaBQCgXTAY"
+                + "BgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wMjA1"
+                + "MjQyMzEzMDdaMCMGCSqGSIb3DQEJBDEWBBS4WMsoJhf7CVbZYCFcjoTRzPkJ"
+                + "xjCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxgY61T"
+                + "X5k+7NU4XPf1TULjw3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/QF4BU"
+                + "j+pJOF9ROBM4u+FEWA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jHSqji"
+                + "jUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nBC8wLQIVALID"
+                + "dt+MHwawrDrwsO1Z6sXBaaJsAhRaKssrpevmLkbygKPV07XiAKBG02Zvb2Jh"
+                + "cg==");
+
+			try
+			{
+				Assert.IsNotNull(new X509CertificateParser().ReadCertificate(cert7));
+			}
+			catch (Exception)
+			{
+				Assert.Fail("Reading seventh test certificate. (DSAWITHSHA1)");
+			}
+
+
+            //
+            // ecdsa cert with extra octet string.
+            //
+            byte[] oldEcdsa = Base64.Decode(
+                  "MIICljCCAkCgAwIBAgIBATALBgcqhkjOPQQBBQAwgY8xCzAJBgNVBAYTAkFVMSgwJ"
+                + "gYDVQQKEx9UaGUgTGVnaW9uIG9mIHRoZSBCb3VuY3kgQ2FzdGxlMRIwEAYDVQQHEw"
+                + "lNZWxib3VybmUxETAPBgNVBAgTCFZpY3RvcmlhMS8wLQYJKoZIhvcNAQkBFiBmZWV"
+                + "kYmFjay1jcnlwdG9AYm91bmN5Y2FzdGxlLm9yZzAeFw0wMTEyMDcwMTAwMDRaFw0w"
+                + "MTEyMDcwMTAxNDRaMIGPMQswCQYDVQQGEwJBVTEoMCYGA1UEChMfVGhlIExlZ2lvb"
+                + "iBvZiB0aGUgQm91bmN5IENhc3RsZTESMBAGA1UEBxMJTWVsYm91cm5lMREwDwYDVQ"
+                + "QIEwhWaWN0b3JpYTEvMC0GCSqGSIb3DQEJARYgZmVlZGJhY2stY3J5cHRvQGJvdW5"
+                + "jeWNhc3RsZS5vcmcwgeQwgb0GByqGSM49AgEwgbECAQEwKQYHKoZIzj0BAQIef///"
+                + "////////////f///////gAAAAAAAf///////MEAEHn///////////////3///////"
+                + "4AAAAAAAH///////AQeawFsO9zxiUHQ1lSSFHXKcanbL7J9HTd5YYXClCwKBB8CD/"
+                + "qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqvAh5///////////////9///+eXpq"
+                + "fXZBx+9FSJoiQnQsDIgAEHwJbbcU7xholSP+w9nFHLebJUhqdLSU05lq/y9X+DHAw"
+                + "CwYHKoZIzj0EAQUAA0MAMEACHnz6t4UNoVROp74ma4XNDjjGcjaqiIWPZLK8Bdw3G"
+                + "QIeLZ4j3a6ividZl344UH+UPUE7xJxlYGuy7ejTsqRR");
+
+			try
+			{
+				Assert.IsNotNull(new X509CertificateParser().ReadCertificate(oldEcdsa));
+			}
+			catch (Exception)
+			{
+				Assert.Fail("Reading old ECDSA Certificate.");
+			}
+
+
+            byte[] uncompressedPtEC = Base64.Decode(
+                  "MIIDKzCCAsGgAwIBAgICA+kwCwYHKoZIzj0EAQUAMGYxCzAJBgNVBAYTAkpQ"
+                + "MRUwEwYDVQQKEwxuaXRlY2guYWMuanAxDjAMBgNVBAsTBWFpbGFiMQ8wDQYD"
+                + "VQQDEwZ0ZXN0Y2ExHzAdBgkqhkiG9w0BCQEWEHRlc3RjYUBsb2NhbGhvc3Qw"
+                + "HhcNMDExMDEzMTE1MzE3WhcNMjAxMjEyMTE1MzE3WjBmMQswCQYDVQQGEwJK"
+                + "UDEVMBMGA1UEChMMbml0ZWNoLmFjLmpwMQ4wDAYDVQQLEwVhaWxhYjEPMA0G"
+                + "A1UEAxMGdGVzdGNhMR8wHQYJKoZIhvcNAQkBFhB0ZXN0Y2FAbG9jYWxob3N0"
+                + "MIIBczCCARsGByqGSM49AgEwggEOAgEBMDMGByqGSM49AQECKEdYWnajFmnZ"
+                + "tzrukK2XWdle2v+GsD9l1ZiR6g7ozQDbhFH/bBiMDQcwVAQoJ5EQKrI54/CT"
+                + "xOQ2pMsd/fsXD+EX8YREd8bKHWiLz8lIVdD5cBNeVwQoMKSc6HfI7vKZp8Q2"
+                + "zWgIFOarx1GQoWJbMcSt188xsl30ncJuJT2OoARRBAqJ4fD+q6hbqgNSjTQ7"
+                + "htle1KO3eiaZgcJ8rrnyN8P+5A8+5K+H9aQ/NbBR4Gs7yto5PXIUZEUgodHA"
+                + "TZMSAcSq5ZYt4KbnSYaLY0TtH9CqAigEwZ+hglbT21B7ZTzYX2xj0x+qooJD"
+                + "hVTLtIPaYJK2HrMPxTw6/zfrAgEPA1IABAnvfFcFDgD/JicwBGn6vR3N8MIn"
+                + "mptZf/mnJ1y649uCF60zOgdwIyI7pVSxBFsJ7ohqXEHW0x7LrGVkdSEiipiH"
+                + "LYslqh3xrqbAgPbl93GUo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB"
+                + "/wQEAwIBxjAdBgNVHQ4EFgQUAEo62Xm9H6DcsE0zUDTza4BRG90wCwYHKoZI"
+                + "zj0EAQUAA1cAMFQCKAQsCHHSNOqfJXLgt3bg5+k49hIBGVr/bfG0B9JU3rNt"
+                + "Ycl9Y2zfRPUCKAK2ccOQXByAWfsasDu8zKHxkZv7LVDTFjAIffz3HaCQeVhD"
+                + "z+fauEg=");
+
+			try
+			{
+				Assert.IsNotNull(new X509CertificateParser().ReadCertificate(uncompressedPtEC));
+			}
+			catch (Exception)
+			{
+				Assert.Fail("Reading uncompressed ECPoint Certificate.");
+			}
+
+
+			byte[] keyUsage = Base64.Decode(
+                  "MIIE7TCCBFagAwIBAgIEOAOR7jANBgkqhkiG9w0BAQQFADCByTELMAkGA1UE"
+                + "BhMCVVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MUgwRgYDVQQLFD93d3cuZW50"
+                + "cnVzdC5uZXQvQ2xpZW50X0NBX0luZm8vQ1BTIGluY29ycC4gYnkgcmVmLiBs"
+                + "aW1pdHMgbGlhYi4xJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExp"
+                + "bWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENsaWVudCBDZXJ0aWZpY2F0"
+                + "aW9uIEF1dGhvcml0eTAeFw05OTEwMTIxOTI0MzBaFw0xOTEwMTIxOTU0MzBa"
+                + "MIHJMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxSDBGBgNV"
+                + "BAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0FfSW5mby9DUFMgaW5jb3Jw"
+                + "LiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UECxMcKGMpIDE5OTkgRW50"
+                + "cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5uZXQgQ2xpZW50"
+                + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUAA4GL"
+                + "ADCBhwKBgQDIOpleMRffrCdvkHvkGf9FozTC28GoT/Bo6oT9n3V5z8GKUZSv"
+                + "x1cDR2SerYIbWtp/N3hHuzeYEpbOxhN979IMMFGpOZ5V+Pux5zDeg7K6PvHV"
+                + "iTs7hbqqdCz+PzFur5GVbgbUB01LLFZHGARS2g4Qk79jkJvh34zmAqTmT173"
+                + "iwIBA6OCAeAwggHcMBEGCWCGSAGG+EIBAQQEAwIABzCCASIGA1UdHwSCARkw"
+                + "ggEVMIHkoIHhoIHepIHbMIHYMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50"
+                + "cnVzdC5uZXQxSDBGBgNVBAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0Ff"
+                + "SW5mby9DUFMgaW5jb3JwLiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UE"
+                + "CxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50"
+                + "cnVzdC5uZXQgQ2xpZW50IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MQ0wCwYD"
+                + "VQQDEwRDUkwxMCygKqAohiZodHRwOi8vd3d3LmVudHJ1c3QubmV0L0NSTC9D"
+                + "bGllbnQxLmNybDArBgNVHRAEJDAigA8xOTk5MTAxMjE5MjQzMFqBDzIwMTkx"
+                + "MDEyMTkyNDMwWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUxPucKXuXzUyW"
+                + "/O5bs8qZdIuV6kwwHQYDVR0OBBYEFMT7nCl7l81MlvzuW7PKmXSLlepMMAwG"
+                + "A1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EABAwwChsEVjQuMAMCBJAwDQYJKoZI"
+                + "hvcNAQEEBQADgYEAP66K8ddmAwWePvrqHEa7pFuPeJoSSJn59DXeDDYHAmsQ"
+                + "OokUgZwxpnyyQbJq5wcBoUv5nyU7lsqZwz6hURzzwy5E97BnRqqS5TvaHBkU"
+                + "ODDV4qIxJS7x7EU47fgGWANzYrAQMY9Av2TgXD7FTx/aEkP/TOYGJqibGapE"
+                + "PHayXOw=");
+
+			try
+			{
+				Assert.IsNotNull(new X509CertificateParser().ReadCertificate(keyUsage));
+			}
+			catch (Exception)
+			{
+				Assert.Fail("Reading Cert with Key Usage.");
+			}
+
+
+            byte[] nameCert = Base64.Decode(
+                "MIIEFjCCA3+gAwIBAgIEdS8BozANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJE" +
+                "RTERMA8GA1UEChQIREFURVYgZUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRQ0Eg" +
+                "REFURVYgRDAzIDE6UE4wIhgPMjAwMTA1MTAxMDIyNDhaGA8yMDA0MDUwOTEwMjI0" +
+                "OFowgYQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIFAZCYXllcm4xEjAQBgNVBAcUCU7I" +
+                "dXJuYmVyZzERMA8GA1UEChQIREFURVYgZUcxHTAbBgNVBAUTFDAwMDAwMDAwMDA4" +
+                "OTU3NDM2MDAxMR4wHAYDVQQDFBVEaWV0bWFyIFNlbmdlbmxlaXRuZXIwgaEwDQYJ" +
+                "KoZIhvcNAQEBBQADgY8AMIGLAoGBAJLI/LJLKaHoMk8fBECW/od8u5erZi6jI8Ug" +
+                "C0a/LZyQUO/R20vWJs6GrClQtXB+AtfiBSnyZOSYzOdfDI8yEKPEv8qSuUPpOHps" +
+                "uNCFdLZF1vavVYGEEWs2+y+uuPmg8q1oPRyRmUZ+x9HrDvCXJraaDfTEd9olmB/Z" +
+                "AuC/PqpjAgUAwAAAAaOCAcYwggHCMAwGA1UdEwEB/wQCMAAwDwYDVR0PAQH/BAUD" +
+                "AwdAADAxBgNVHSAEKjAoMCYGBSskCAEBMB0wGwYIKwYBBQUHAgEWD3d3dy56cy5k" +
+                "YXRldi5kZTApBgNVHREEIjAggR5kaWV0bWFyLnNlbmdlbmxlaXRuZXJAZGF0ZXYu" +
+                "ZGUwgYQGA1UdIwR9MHuhc6RxMG8xCzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1" +
+                "bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0" +
+                "MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjVSLUNBIDE6UE6CBACm8LkwDgYHAoIG" +
+                "AQoMAAQDAQEAMEcGA1UdHwRAMD4wPKAUoBKGEHd3dy5jcmwuZGF0ZXYuZGWiJKQi" +
+                "MCAxCzAJBgNVBAYTAkRFMREwDwYDVQQKFAhEQVRFViBlRzAWBgUrJAgDBAQNMAsT" +
+                "A0VVUgIBBQIBATAdBgNVHQ4EFgQUfv6xFP0xk7027folhy+ziZvBJiwwLAYIKwYB" +
+                "BQUHAQEEIDAeMBwGCCsGAQUFBzABhhB3d3cuZGlyLmRhdGV2LmRlMA0GCSqGSIb3" +
+                "DQEBBQUAA4GBAEOVX6uQxbgtKzdgbTi6YLffMftFr2mmNwch7qzpM5gxcynzgVkg" +
+                "pnQcDNlm5AIbS6pO8jTCLfCd5TZ5biQksBErqmesIl3QD+VqtB+RNghxectZ3VEs" +
+                "nCUtcE7tJ8O14qwCb3TxS9dvIUFiVi4DjbxX46TdcTbTaK8/qr6AIf+l");
+
+			try
+			{
+				Assert.IsNotNull(new X509CertificateParser().ReadCertificate(nameCert));
+			}
+			catch (Exception)
+			{
+				Assert.Fail("Reading Named Certificate.");
+			}
+
+
+			byte[] probSelfSignedCert = Base64.Decode(
+                   "MIICxTCCAi6gAwIBAgIQAQAAAAAAAAAAAAAAAAAAATANBgkqhkiG9w0BAQUFADBF"
+                 + "MScwJQYDVQQKEx4gRElSRUNUSU9OIEdFTkVSQUxFIERFUyBJTVBPVFMxGjAYBgNV"
+                 + "BAMTESBBQyBNSU5FRkkgQiBURVNUMB4XDTA0MDUwNzEyMDAwMFoXDTE0MDUwNzEy"
+                 + "MDAwMFowRTEnMCUGA1UEChMeIERJUkVDVElPTiBHRU5FUkFMRSBERVMgSU1QT1RT"
+                 + "MRowGAYDVQQDExEgQUMgTUlORUZJIEIgVEVTVDCBnzANBgkqhkiG9w0BAQEFAAOB"
+                 + "jQAwgYkCgYEAveoCUOAukZdcFCs2qJk76vSqEX0ZFzHqQ6faBPZWjwkgUNwZ6m6m"
+                 + "qWvvyq1cuxhoDvpfC6NXILETawYc6MNwwxsOtVVIjuXlcF17NMejljJafbPximEt"
+                 + "DQ4LcQeSp4K7FyFlIAMLyt3BQ77emGzU5fjFTvHSUNb3jblx0sV28c0CAwEAAaOB"
+                 + "tTCBsjAfBgNVHSMEGDAWgBSEJ4bLbvEQY8cYMAFKPFD1/fFXlzAdBgNVHQ4EFgQU"
+                 + "hCeGy27xEGPHGDABSjxQ9f3xV5cwDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIB"
+                 + "AQQEAwIBBjA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vYWRvbmlzLnBrNy5jZXJ0"
+                 + "cGx1cy5uZXQvZGdpLXRlc3QuY3JsMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcN"
+                 + "AQEFBQADgYEAmToHJWjd3+4zknfsP09H6uMbolHNGG0zTS2lrLKpzcmkQfjhQpT9"
+                 + "LUTBvfs1jdjo9fGmQLvOG+Sm51Rbjglb8bcikVI5gLbclOlvqLkm77otjl4U4Z2/"
+                 + "Y0vP14Aov3Sn3k+17EfReYUZI4liuB95ncobC4e8ZM++LjQcIM0s+Vs=");
+
+			try
+			{
+				Assert.IsNotNull(new X509CertificateParser().ReadCertificate(probSelfSignedCert));
+			}
+			catch (Exception)
+			{
+				Assert.Fail("Reading busted Certificate.");
+			}
+		}
+	}
+}
author	Peter Dettman <peter.dettman@bouncycastle.org>	2013-06-28 15:26:06 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2013-06-28 15:26:06 +0700
commit	44288db4414158ac9b98a507b15e81d0d3c66ca6 (patch)
tree	aa5ef88948ebb68ed6c8df81eb5da889641a9b50 /crypto/test/src
parent	Set up text/binary handling for existing file types (diff)
download	BouncyCastle.NET-ed25519-44288db4414158ac9b98a507b15e81d0d3c66ca6.tar.xz